AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-21 13:05:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

The start of client logins has begun, now can link a user with a client to allow client logins, clients can only view client.php there is more work to be done

Browse Source
This commit is contained in:
root
2019-05-27 12:28:41 -04:00
parent 889a749d88
commit e0e723bb9f
8 changed files with 48 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
add_user_modal.php
View File

@@ -16,8 +16,8 @@
<div class="input-group-prepend"> <div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-user"></i></span> <span class="input-group-text"><i class="fa fa-fw fa-user"></i></span>
</div> </div>
<select class="form-control" name="client" <?php if(isset($_GET['client_id'])){ echo "disabled"; } ?>> <select class="form-control" name="client">
<option value="">- Client -</option> <option value="0">No Client Assignment</option>
<?php <?php
$sql = mysqli_query($mysqli,"SELECT * FROM clients"); $sql = mysqli_query($mysqli,"SELECT * FROM clients");
@@ -25,7 +25,7 @@
$client_id = $row['client_id']; $client_id = $row['client_id'];
$client_name = $row['client_name']; $client_name = $row['client_name'];
?> ?>
<option <?php if($_GET['client_id'] == $client_id) { echo "selected"; } ?> value="<?php echo "$client_id"; ?>"><?php echo "$client_name"; ?></option> <option value="<?php echo $client_id; ?>"><?php echo $client_name; ?></option>
<?php <?php
} }

10
check_login.php
View File

@@ -3,16 +3,23 @@
session_start(); session_start();
if(!$_SESSION['logged']){ if(!$_SESSION['logged']){
header("Location: login.php"); header("Location: logout.php");
die; die;
} }
//Check to see if its a client if so sandbox them to just post.php or client.php.
if($_SESSION['client_id'] > 0 AND basename($_SERVER['PHP_SELF']) !== 'client.php' AND basename($_SERVER['PHP_SELF']) !== 'post.php'){
header("Location: logout.php");
die;
}
$session_user_id = $_SESSION['user_id']; $session_user_id = $_SESSION['user_id'];
$sql = mysqli_query($mysqli,"SELECT * FROM users WHERE user_id = $session_user_id"); $sql = mysqli_query($mysqli,"SELECT * FROM users WHERE user_id = $session_user_id");
$row = mysqli_fetch_array($sql); $row = mysqli_fetch_array($sql);
$session_name = $row['name']; $session_name = $row['name'];
$session_avatar = $row['avatar']; $session_avatar = $row['avatar'];
$session_client_id = $row['client_id'];
//Detects if using an apple device and uses apple maps instead of google //Detects if using an apple device and uses apple maps instead of google
$iPod = stripos($_SERVER['HTTP_USER_AGENT'],"iPod"); $iPod = stripos($_SERVER['HTTP_USER_AGENT'],"iPod");
@@ -26,7 +33,6 @@
} }
//Get unAcked Alert Count for the badge on the top nav //Get unAcked Alert Count for the badge on the top nav
$row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('alert_id') AS num FROM alerts WHERE alert_ack_date = 0")); $row = mysqli_fetch_assoc(mysqli_query($mysqli,"SELECT COUNT('alert_id') AS num FROM alerts WHERE alert_ack_date = 0"));
$num_alerts = $row['num']; $num_alerts = $row['num'];

2
client_side_nav.php
View File

@@ -7,6 +7,7 @@
<h6 class="text-secondary text-center"><?php echo $client_type; ?></h6> <h6 class="text-secondary text-center"><?php echo $client_type; ?></h6>
</li> </li>
<?php if($session_client_id > 0){ ?>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link" href="clients.php"> <a class="nav-link" href="clients.php">
<button class="btn btn-outline-light btn-block"> <button class="btn btn-outline-light btn-block">
@@ -15,6 +16,7 @@
</button> </button>
</a> </a>
</li> </li>
<?php } ?>
<li class="nav-item <?php if($_GET['tab'] == "overview") { echo "active"; } ?>"> <li class="nav-item <?php if($_GET['tab'] == "overview") { echo "active"; } ?>">
<a class="nav-link" <a class="nav-link"

8
login.php
View File

@@ -16,8 +16,14 @@ if(isset($_POST['login'])){
$_SESSION['logged'] = TRUE; $_SESSION['logged'] = TRUE;
$_SESSION['user_id'] = $row['user_id']; $_SESSION['user_id'] = $row['user_id'];
$_SESSION['name'] = $row['name']; $_SESSION['name'] = $row['name'];
$_SESSION['client_id'] = $row['client_id'];
$client_id = $row['client_id'];
header("Location: $config_start_page"); if($client_id > 0){
header("Location: client.php?client_id=$client_id");
}else{
header("Location: $config_start_page");
}
}else{ }else{
$response = " $response = "
<div class='alert alert-danger'> <div class='alert alert-danger'>

3
logout.php
View File

@@ -1,8 +1,5 @@
<?php <?php
include("config.php");
include("check_login.php");
session_start(); session_start();
session_destroy(); session_destroy();
header('Location: login.php'); header('Location: login.php');

3
post.php
View File

@@ -151,8 +151,9 @@ if(isset($_POST['add_user'])){
$name = strip_tags(mysqli_real_escape_string($mysqli,$_POST['name'])); $name = strip_tags(mysqli_real_escape_string($mysqli,$_POST['name']));
$email = strip_tags(mysqli_real_escape_string($mysqli,$_POST['email'])); $email = strip_tags(mysqli_real_escape_string($mysqli,$_POST['email']));
$password = md5(mysqli_real_escape_string($mysqli,$_POST['password'])); $password = md5(mysqli_real_escape_string($mysqli,$_POST['password']));
$client_id = intval($_POST['client']);
mysqli_query($mysqli,"INSERT INTO users SET name = '$name', email = '$email', password = '$password', created_at = NOW()"); mysqli_query($mysqli,"INSERT INTO users SET name = '$name', email = '$email', password = '$password', created_at = NOW(), client_id = $client_id");
$user_id = mysqli_insert_id($mysqli); $user_id = mysqli_insert_id($mysqli);

19
test.php Normal file
View File

@@ -0,0 +1,19 @@
<?php include("header.php"); ?>
<!-- Breadcrumbs-->
<ol class="breadcrumb">
<li class="breadcrumb-item">
<a href="index.html">Dashboard</a>
</li>
<li class="breadcrumb-item active">Blank Page</li>
</ol>
<!-- Page Content -->
<h1>PHP SELF: <?php echo basename($_SERVER['PHP_SELF']); ?></h1>
<hr>
<h3>PHP URI: <?php echo $_SERVER['REQUEST_URI']; ?></h1>
<h1>basename _FILE_ : <?php echo basename(__FILE__); ?></h1>
<h1>User Agent: <?php echo $_SERVER['HTTP_USER_AGENT']; ?>
<p>This is a great starting point for new custom pages.</p>
<?php include("footer.php"); ?>

5
users.php
View File

@@ -15,6 +15,8 @@
<tr> <tr>
<th class="text-center">Name</th> <th class="text-center">Name</th>
<th>Email</th> <th>Email</th>
<th>Type</th>
<th>Status</th>
<th class="text-center">Actions</th> <th class="text-center">Actions</th>
</tr> </tr>
</thead> </thead>
@@ -27,6 +29,7 @@
$email = $row['email']; $email = $row['email'];
$password = $row['password']; $password = $row['password'];
$avatar = $row['avatar']; $avatar = $row['avatar'];
$client_id = $row['client_id'];
$initials = initials($name); $initials = initials($name);
?> ?>
@@ -45,6 +48,8 @@
<div class="text-secondary"><?php echo $name; ?></div> <div class="text-secondary"><?php echo $name; ?></div>
</td> </td>
<td><a href="mailto:<?php echo $email; ?>"><?php echo $email; ?></a></td> <td><a href="mailto:<?php echo $email; ?>"><?php echo $email; ?></a></td>
<td>Client</td>
<td>Status</td>
<td> <td>
<div class="dropdown dropleft text-center"> <div class="dropdown dropleft text-center">
<button class="btn btn-secondary btn-sm" type="button" id="dropdownMenuButton" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> <button class="btn btn-secondary btn-sm" type="button" id="dropdownMenuButton" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">