FSST/Geizkragen
FSST/Geizkragen
2
0
Fork 0
Code Issues Projects 1 Releases 1 Wiki Activity

Add role filtering to user search in admin panel

Browse Source
This commit is contained in:
Fabian Schieder 2026-03-30 22:40:53 +02:00
parent cb4df57993
commit 6132472b62
1 changed files with 47 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
admin_users.php
View File

@ -72,6 +72,7 @@ if ($rolesQuery) {
// 3) Alle Benutzer laden (mit Suche)
$searchQuery = isset($_GET['search']) ? trim($_GET['search']) : '';
$searchParam = '%' . $searchQuery . '%';
$filterRole = isset($_GET['role']) ? (int)$_GET['role'] : 0;
$sql = "
SELECT u.userID, u.email, u.displayname, u.profilePicture, u.isActive,
@ -80,20 +81,48 @@ $sql = "
LEFT JOIN userRoles ur ON u.userID = ur.userID
";
$whereClauses = [];
$types = "";
$params = [];
if ($searchQuery !== '') {
$sql .= " WHERE u.displayname LIKE ? OR u.email LIKE ?";
$whereClauses[] = "(u.displayname LIKE ? OR u.email LIKE ?)";
$types .= "ss";
$params[] = $searchParam;
$params[] = $searchParam;
}
if ($filterRole > 0) {
// Da wir einen LEFT JOIN mit GROUP_CONCAT haben und auf Rollen filtern wollen,
// können wir als einfache Lösung einen Subselect für EXISTS machen, damit
// alle Rollen des Benutzers in GROUP_CONCAT erhalten bleiben,
// aber nur Nutzer gezeigt werden, die auch die geforderte Rolle haben.
$whereClauses[] = "EXISTS (SELECT 1 FROM userRoles sub_ur WHERE sub_ur.userID = u.userID AND sub_ur.roleID = ?)";
$types .= "i";
$params[] = $filterRole;
}
if (!empty($whereClauses)) {
$sql .= " WHERE " . implode(" AND ", $whereClauses);
}
$sql .= " GROUP BY u.userID ORDER BY u.userID ASC";
$stmtUsers = $conn->prepare($sql);
if ($searchQuery !== '') {
$stmtUsers->bind_param("ss", $searchParam, $searchParam);
if (!empty($params)) {
$stmtUsers->bind_param($types, ...$params);
}
$stmtUsers->execute();
$usersResult = $stmtUsers->get_result();
$formActionUrl = "admin_users.php" . ($searchQuery !== '' ? "?search=" . urlencode($searchQuery) : "");
$formActionParams = [];
if ($searchQuery !== '') $formActionParams['search'] = $searchQuery;
if ($filterRole > 0) $formActionParams['role'] = $filterRole;
$formActionUrl = "admin_users.php";
if (!empty($formActionParams)) {
$formActionUrl .= "?" . http_build_query($formActionParams);
}
?>
@ -114,10 +143,20 @@ $formActionUrl = "admin_users.php" . ($searchQuery !== '' ? "?search=" . urlenco
<div class="auth__message auth__message--error" style="color: #f87171; background: #7f1d1d; padding: 10px; border-radius: 4px; margin-bottom: 15px; text-align: center;"><?= htmlspecialchars($errorMsg) ?></div>
<?php endif; ?>
<form method="get" action="admin_users.php" style="margin-bottom: 20px; display: flex; gap: 10px; align-items: center;">
<input type="text" name="search" placeholder="Suche nach Name oder E-Mail..." value="<?= htmlspecialchars($searchQuery) ?>" style="flex: 1; background: #0f172a; color: #f8fafc; border: 1px solid #334155; padding: 10px; border-radius: 4px; font-size: 0.95rem;">
<button type="submit" class="auth__submit" style="width: auto; padding: 10px 16px; margin: 0; background-color: #3b82f6;">Suchen</button>
<?php if ($searchQuery !== ''): ?>
<form method="get" action="admin_users.php" style="margin-bottom: 20px; display: flex; gap: 10px; align-items: center; flex-wrap: wrap;">
<input type="text" name="search" placeholder="Suche nach Name oder E-Mail..." value="<?= htmlspecialchars($searchQuery) ?>" style="flex: 1; min-width: 200px; background: #0f172a; color: #f8fafc; border: 1px solid #334155; padding: 10px; border-radius: 4px; font-size: 0.95rem;">
<select name="role" style="background: #0f172a; color: #f8fafc; border: 1px solid #334155; padding: 10px; border-radius: 4px; font-size: 0.95rem;">
<option value="0">Alle Rollen</option>
<?php foreach ($allRoles as $role): ?>
<option value="<?= $role['roleID'] ?>" <?= $filterRole === (int)$role['roleID'] ? 'selected' : '' ?>>
<?= htmlspecialchars($role['name']) ?>
</option>
<?php endforeach; ?>
</select>
<button type="submit" class="auth__submit" style="width: auto; padding: 10px 16px; margin: 0; background-color: #3b82f6;">Filtern</button>
<?php if ($searchQuery !== '' || $filterRole > 0): ?>
<a href="admin_users.php" style="color: #94a3b8; text-decoration: none; padding: 10px; font-size: 0.9rem;">Zurücksetzen</a>
<?php endif; ?>
</form>