Subscription management #63
@@ -1,4 +1,17 @@
|
||||
<?php
|
||||
function get_all_users($db) {
|
||||
try {
|
||||
$stmt = "SELECT * FROM users";
|
||||
$sql = $db->prepare($stmt);
|
||||
$sql->execute();
|
||||
$sql->setFetchMode(PDO::FETCH_ASSOC);
|
||||
$result = $sql->fetchAll();
|
||||
} catch (PDOException $e) {
|
||||
echo("Error: " . $e->getMessage());
|
||||
}
|
||||
return $result;
|
||||
}
|
||||
|
||||
function get_user_name($db, $user_uuid) {
|
||||
try {
|
||||
$stmt = "SELECT given_name, family_name FROM users WHERE uuid=:uuid";
|
||||
|
||||
30
app/public/actions/addsub.php
Normal file
30
app/public/actions/addsub.php
Normal file
@@ -0,0 +1,30 @@
|
||||
<?php
|
||||
$PAGE_NAME = "Add subscriber";
|
||||
require_once __DIR__ . "/../../includes/prereqs.php";
|
||||
|
||||
$request = get_request($db, $_POST['rid']);
|
||||
$authorised_users = get_subscribers($db, $request);
|
||||
$is_authorised = isAuthorised($_SESSION['uuid'], $authorised_users, $request);
|
||||
|
||||
// Add subscriber
|
||||
if ($is_authorised == true) {
|
||||
if($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||
try {
|
||||
$stmt = "INSERT INTO ticket_subscribers (ticket_uuid, user_uuid) VALUES (:tktuuid, :usruuid)";
|
||||
$sql = $db->prepare($stmt);
|
||||
$sql->bindParam(':tktuuid', $request['uuid']);
|
||||
$sql->bindParam(':usruuid', $POST['addSubSelector']);
|
||||
$sql->execute();
|
||||
} catch (PDOException $e) {
|
||||
$alert = array("danger", "Failed to add subscriber: " . $e->getMessage());
|
||||
}
|
||||
}
|
||||
$newURL = "/managesub?rid=" . $request['uuid'];
|
||||
echo("<script>window.location = '$newURL'</script>");
|
||||
} else {
|
||||
$alert = array("danger", "You are not authorised to manage subscribers on this request.");
|
||||
$newURL = "/managesub?rid=" . $request['uuid'];
|
||||
echo("<script>window.location = '$newURL'</script>");
|
||||
}
|
||||
|
||||
?>
|
||||
32
app/public/actions/delsub.php
Normal file
32
app/public/actions/delsub.php
Normal file
@@ -0,0 +1,32 @@
|
||||
<?php
|
||||
$PAGE_NAME = "Delete subscribers";
|
||||
require_once __DIR__ . "/../../includes/prereqs.php";
|
||||
|
||||
$request = get_request($db, $_POST['rid']);
|
||||
$authorised_users = get_subscribers($db, $request);
|
||||
$is_authorised = isAuthorised($_SESSION['uuid'], $authorised_users, $request);
|
||||
|
||||
// Add subscriber
|
||||
if ($is_authorised == true) {
|
||||
if($_SERVER['REQUEST_METHOD'] == 'POST') {
|
||||
foreach ($_POST['addSubSelector'] as $sub) {
|
||||
try {
|
||||
$stmt = "DELETE FROM ticket_subscribers WHERE ticket_uuid=:tktuuid AND user_uuid=:usruuid";
|
||||
$sql = $db->prepare($stmt);
|
||||
$sql->bindParam(':tktuuid', $request['uuid']);
|
||||
$sql->bindParam(':usruuid', $sub);
|
||||
$sql->execute();
|
||||
} catch (PDOException $e) {
|
||||
$alert = array("danger", "Failed to remove subscriber(s): " . $e->getMessage());
|
||||
}
|
||||
}
|
||||
}
|
||||
$newURL = "/managesub?rid=" . $request['uuid'];
|
||||
echo("<script>window.location = '$newURL'</script>");
|
||||
} else {
|
||||
$alert = array("danger", "You are not authorised to manage subscribers on this request.");
|
||||
$newURL = "/managesub?rid=" . $request['uuid'];
|
||||
echo("<script>window.location = '$newURL'</script>");
|
||||
}
|
||||
|
||||
?>
|
||||
159
app/public/editsub.php
Normal file
159
app/public/editsub.php
Normal file
@@ -0,0 +1,159 @@
|
||||
<?php
|
||||
$PAGE_NAME = "Manage request subscribers";
|
||||
require_once __DIR__ . "/../includes/header.php";
|
||||
|
||||
$request = get_request($db, $_GET['rid']);
|
||||
$authorised_users = get_subscribers($db, $request);
|
||||
$is_authorised = isAuthorised($_SESSION['uuid'], $authorised_users, $request);
|
||||
|
||||
$all_users = get_all_users($db);
|
||||
?>
|
||||
|
||||
|
||||
|
||||
<!-- Begin page content -->
|
||||
<main role="main" class="flex-shrink-0">
|
||||
|
||||
<?php if (!is_signed_in()) { ?>
|
||||
<section>
|
||||
<div class="container">
|
||||
<div class='alert alert-danger alert-dismissible fade show' role='alert'>
|
||||
You need to log in to access this page.
|
||||
<button type='button' class='close' data-dismiss='alert' aria-label='Close'>
|
||||
<span aria-hidden='true'>×</span>
|
||||
</button>
|
||||
</div>
|
||||
</div>
|
||||
</section>
|
||||
<?php } else {
|
||||
if ($is_authorised == true) { ?>
|
||||
<section class="jumbotron text-center">
|
||||
<div class="container">
|
||||
<h1><?php echo($request['title']); ?></h1>
|
||||
<p style="color: gray; font-style: italic;"><?php echo("#" . sprintf("%'.05d\n", $request["id"])); ?></p>
|
||||
<p class="lead text-muted"><?php echo($request['description']); ?></p>
|
||||
</div>
|
||||
</section>
|
||||
<section>
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<div class="col-4">
|
||||
<div class="card mx-auto">
|
||||
<div class="card-header"><span class="mdi mdi-information-outline">
|
||||
</span> Information
|
||||
</div>
|
||||
<ul class="list-group list-group-flush">
|
||||
<li class="list-group-item">
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<span style="display: inline;"><b>Status:</b></span>
|
||||
<span style="display: inline; margin-left: 1%;"><?php echo($request['status']); ?></span>
|
||||
</div>
|
||||
</div>
|
||||
</li>
|
||||
<li class="list-group-item">
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<span style="display: inline;"><b>Created by:</b></span>
|
||||
<span style="display: inline; margin-left: 1%;"><?php echo(get_user_name($db, $request['created_by'])); ?></span>
|
||||
</div>
|
||||
</div>
|
||||
</li>
|
||||
<li class="list-group-item">
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<span style="display: inline;"><b>Assigned to:</b></span>
|
||||
<?php if ($request['assignee'] != null) {
|
||||
echo("<span style='display: inline; margin-left: 1%;'>" . get_user_name($db, $request['assignee']) . "</span>");
|
||||
} else {
|
||||
echo("<span class='text-muted' style='display: inline; margin-left: 1%;'>None</span>");
|
||||
} ?>
|
||||
</div>
|
||||
</div>
|
||||
</li>
|
||||
<li class="list-group-item">
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<span style="display: inline;"><b>Created:</b></span>
|
||||
<span style="display: inline; margin-left: 1%;"><?php echo($request['created_on']); ?></span>
|
||||
</div>
|
||||
</div>
|
||||
</li>
|
||||
<li class="list-group-item">
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<span style="display: inline;"><b>Last updated:</b></span>
|
||||
<span style="display: inline; margin-left: 1%;"><?php echo($request['last_updated']); ?></span>
|
||||
</div>
|
||||
</div>
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="col-8">
|
||||
<div class="card mx-auto">
|
||||
<div class="card-header">
|
||||
<span class="mdi mdi-rss"></span> Manage Subscribers
|
||||
</div>
|
||||
<ul class="list-group list-group-flush">
|
||||
<li class="list-group-item">
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<form method="post" action="/actions/delsub">
|
||||
<div class="form-group">
|
||||
<input type="hidden" id="rid" name="rid" value="<?php echo($request['uuid']); ?>">
|
||||
<label for="delSubSelector">Remove subscribers:</label>
|
||||
<select multiple class="form-control" id="delSubSelector" name="delSubSelector">
|
||||
<?php foreach($authorised_users as $usr) {
|
||||
$usr_name = get_user_name($db, $usr['uuid']) . " (" . $usr['uid'] . ")";
|
||||
echo("<option value='" . $usr['uuid'] . "'>" . $usr_name . "</option>");
|
||||
} ?>
|
||||
</select>
|
||||
</div>
|
||||
<button type="submit" class="btn btn-danger">Submit</button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</li>
|
||||
<li class="list-group-item">
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<form method="post" action="/actions/addsub">
|
||||
<div class="form-group">
|
||||
<input type="hidden" id="rid" name="rid" value="<?php echo($request['uuid']); ?>">
|
||||
<label for="addSubSelector">Add subscriber:</label>
|
||||
<select class="form-control" id="addSubSelector" name="addSubSelector">
|
||||
<?php foreach($all_users as $usr) {
|
||||
if (!in_array($usr['uuid'], $authorised_users)) {
|
||||
$usr_name = get_user_name($db, $usr['uuid']) . " (" . $usr['uid'] . ")";
|
||||
echo("<option value='" . $usr['uuid'] . "'>" . $usr_name . "</option>");
|
||||
}
|
||||
} ?>
|
||||
</select>
|
||||
</div>
|
||||
<button type="submit" class="btn btn-primary">Submit</button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</section>
|
||||
|
||||
<?php } else if ($is_authorised == false) { ?>
|
||||
<section class="jumbotron text-center">
|
||||
<div class="container">
|
||||
<h1>You are not authorised to see this page.</h1>
|
||||
</div>
|
||||
</section>
|
||||
<?php } } ?>
|
||||
|
||||
</main>
|
||||
|
||||
<?php
|
||||
require_once __DIR__ . "/../includes/footer.php";
|
||||
?>
|
||||
154
app/public/editsub.php.old
Normal file
154
app/public/editsub.php.old
Normal file
@@ -0,0 +1,154 @@
|
||||
<?php
|
||||
$PAGE_NAME = "Upload file";
|
||||
require_once __DIR__ . "/../includes/header.php";
|
||||
|
||||
$request = get_request($db, $_GET['rid']);
|
||||
$updates = get_updates($db, $request);
|
||||
$authorised_users = get_subscribers($db, $request);
|
||||
$is_authorised = isAuthorised($_SESSION['uuid'], $authorised_users, $request);
|
||||
?>
|
||||
|
||||
|
||||
|
||||
<!-- Begin page content -->
|
||||
<main role="main" class="flex-shrink-0">
|
||||
|
||||
<?php if (!is_signed_in()) { ?>
|
||||
<section>
|
||||
<div class="container">
|
||||
<div class='alert alert-danger alert-dismissible fade show' role='alert'>
|
||||
You need to log in to access this page.
|
||||
<button type='button' class='close' data-dismiss='alert' aria-label='Close'>
|
||||
<span aria-hidden='true'>×</span>
|
||||
</button>
|
||||
</div>
|
||||
</div>
|
||||
</section>
|
||||
<?php } else {
|
||||
if ($is_authorised == true) { ?>
|
||||
<section class="jumbotron text-center">
|
||||
<div class="container">
|
||||
<h1><?php echo($request['title']); ?></h1>
|
||||
<p style="color: gray; font-style: italic;"><?php echo("#" . sprintf("%'.05d\n", $request["id"])); ?></p>
|
||||
<p class="lead text-muted"><?php echo($request['description']); ?></p>
|
||||
</div>
|
||||
</section>
|
||||
<section>
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<div class="col-4">
|
||||
<div class="card mx-auto">
|
||||
<div class="card-header"><span class="mdi mdi-information-outline"></span> Information</div>
|
||||
<ul class="list-group list-group-flush">
|
||||
<li class="list-group-item">
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<span style="display: inline;"><b>Status:</b></span>
|
||||
<span style="display: inline; margin-left: 1%;"><?php echo($request['status']); ?></span>
|
||||
</div>
|
||||
</div>
|
||||
</li>
|
||||
<li class="list-group-item">
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<span style="display: inline;"><b>Created by:</b></span>
|
||||
<span style="display: inline; margin-left: 1%;"><?php echo(get_user_name($db, $request['created_by'])); ?></span>
|
||||
</div>
|
||||
</div>
|
||||
</li>
|
||||
<li class="list-group-item">
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<span style="display: inline;"><b>Assigned to:</b></span>
|
||||
<?php if ($request['assignee'] != null) {
|
||||
echo("<span style='display: inline; margin-left: 1%;'>" . get_user_name($db, $request['assignee']) . "</span>");
|
||||
} else {
|
||||
echo("<span class='text-muted' style='display: inline; margin-left: 1%;'>None</span>");
|
||||
} ?>
|
||||
</div>
|
||||
</div>
|
||||
</li>
|
||||
<li class="list-group-item">
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<span style="display: inline;"><b>Created:</b></span>
|
||||
<span style="display: inline; margin-left: 1%;"><?php echo($request['created_on']); ?></span>
|
||||
</div>
|
||||
</div>
|
||||
</li>
|
||||
<li class="list-group-item">
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<span style="display: inline;"><b>Last updated:</b></span>
|
||||
<span style="display: inline; margin-left: 1%;"><?php echo($request['last_updated']); ?></span>
|
||||
</div>
|
||||
</div>
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="col-8">
|
||||
<div class="card mx-auto">
|
||||
<div class="card-header"><span class="mdi mdi-update"></span> Updates</div>
|
||||
<ul class="list-group list-group-flush">
|
||||
<?php
|
||||
if (count($updates) == 0) {
|
||||
echo("<center><b>No updates</b></center>");
|
||||
} else {
|
||||
foreach($updates as $update) {
|
||||
?>
|
||||
<li class="list-group-item">
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<span style="display: inline;"><b><?php echo(get_user_name($db, $update['user'])); ?></b></span><span class="text-muted"><i><?php echo(" " . $update['created']); ?></i></span>
|
||||
</div>
|
||||
<div class="row">
|
||||
<span><?php echo($update['msg']); ?></span>
|
||||
</div>
|
||||
</div>
|
||||
</li>
|
||||
<?php } } ?>
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
</section>
|
||||
|
||||
<section style="margin-top: 2%;">
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<div class="col-12">
|
||||
<div class="card mx-auto">
|
||||
<div class="card-header"><span class="mdi mdi-send-outline"></span> Edit Subscriber</div>
|
||||
<form action="/actions/update" method="post" enctype="multipart/form-data">
|
||||
<div class="form-group">
|
||||
<input type="hidden" id="rid" name="rid" value="<?php echo($request['uuid']); ?>">
|
||||
</div>
|
||||
<div class="form-group" style="margin: 2%;">
|
||||
<textarea type="text" class="form-control" id="msg" name="msg" rows="3"></textarea>
|
||||
<button type="submit" class="btn btn-primary" style="margin-top: 2%;">Submit</button>
|
||||
<a href="/view?rid=<?php echo($_GET['rid']); ?>" class="btn btn-danger" style="margin-top: 2%;">Cancel</a>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</section>
|
||||
|
||||
<?php } else if ($is_authorised == false) { ?>
|
||||
<section class="jumbotron text-center">
|
||||
<div class="container">
|
||||
<h1>You are not authorised to see this page.</h1>
|
||||
</div>
|
||||
</section>
|
||||
<?php } } ?>
|
||||
|
||||
</main>
|
||||
|
||||
<?php
|
||||
require_once __DIR__ . "/../includes/footer.php";
|
||||
?>
|
||||
@@ -53,8 +53,9 @@
|
||||
<?php if ($request['status'] != 'Closed') { ?>
|
||||
<p>
|
||||
<a href='/update?rid=<?php echo($request["uuid"]); ?>' class='btn btn-primary my-2'>Update the request</a>
|
||||
<a href='/upload?rid=<?php echo($request["uuid"]); ?>' class='btn btn-secondary my-2'>Add attachment(s)</a>
|
||||
<button type="button" class="btn btn-primary" data-toggle="modal" data-target="#closeModal">Close the request</button>
|
||||
<a href='/upload?rid=<?php echo($request["uuid"]); ?>' class='btn btn-primary my-2'>Add attachment(s)</a>
|
||||
<a href='/editsub?rid=<?php echo($request["uuid"]); ?>' class='btn btn-secondary my-2'>Manage subscribers</a>
|
||||
<button type="button" class="btn btn-danger" data-toggle="modal" data-target="#closeModal">Close the request</button>
|
||||
</p>
|
||||
<?php } ?>
|
||||
</div>
|
||||
|
||||
Reference in New Issue
Block a user