FSST/Geizkragen
FSST/Geizkragen
2
0
Fork 0
Code Issues Projects 1 Releases 1 Wiki Activity

Update role management to allow bulk role updates for users in admin panel

Browse Source
This commit is contained in:
Fabian Schieder 2026-03-30 22:33:47 +02:00
parent f404ca305e
commit c693574575
1 changed files with 93 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

165
admin_users.php
View File

@ -31,29 +31,33 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['delete_user_id'])) {
}
// 2b) Aktion: Rollen aktualisieren
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['update_roles_user_id'])) {
$updateId = (int)$_POST['update_roles_user_id'];
$selectedRoles = isset($_POST['roles']) && is_array($_POST['roles']) ? $_POST['roles'] : [];
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['update_all_roles'])) {
$usersRolesData = isset($_POST['user_roles']) && is_array($_POST['user_roles']) ? $_POST['user_roles'] : [];
$submittedUsers = isset($_POST['submitted_users']) && is_array($_POST['submitted_users']) ? $_POST['submitted_users'] : [];
foreach ($submittedUsers as $uId) {
$updateId = (int)$uId;
if ($updateId === (int)$_SESSION['user_id']) {
continue;
}
$selectedRole = isset($usersRolesData[$updateId]) ? $usersRolesData[$updateId] : '';
if ($updateId === (int)$_SESSION['user_id']) {
$errorMsg = "Du kannst deine eigenen Rollen nicht ändern.";
} else {
$delStmt = $conn->prepare("DELETE FROM userRoles WHERE userID = ?");
$delStmt->bind_param("i", $updateId);
$delStmt->execute();
$delStmt->close();
if (!empty($selectedRoles)) {
if (!empty($selectedRole)) {
$insStmt = $conn->prepare("INSERT INTO userRoles (userID, roleID) VALUES (?, ?)");
foreach ($selectedRoles as $roleId) {
$roleIdInt = (int)$roleId;
$insStmt->bind_param("ii", $updateId, $roleIdInt);
$insStmt->execute();
}
$roleIdInt = (int)$selectedRole;
$insStmt->bind_param("ii", $updateId, $roleIdInt);
$insStmt->execute();
$insStmt->close();
}
$successMsg = "Rollen erfolgreich gespeichert.";
}
$successMsg = "Rollen erfolgreich aktualisiert.";
}
// 2c) Alle verfügbaren Rollen laden
@ -94,71 +98,88 @@ $usersResult = $conn->query("
<div class="auth__message auth__message--error" style="color: #f87171; background: #7f1d1d; padding: 10px; border-radius: 4px; margin-bottom: 15px; text-align: center;"><?= htmlspecialchars($errorMsg) ?></div>
<?php endif; ?>
<div style="overflow-x: auto; margin-top: 20px;">
<table style="width: 100%; border-collapse: collapse; text-align: left; color: #f8fafc;">
<thead>
<tr style="border-bottom: 2px solid #334155;">
<th style="padding: 12px 10px;">ID</th>
<th style="padding: 12px 10px;">Profil</th>
<th style="padding: 12px 10px;">Name</th>
<th style="padding: 12px 10px;">E-Mail</th>
<th style="padding: 12px 10px;">Rollen</th>
<th style="padding: 12px 10px;">Aktionen</th>
</tr>
</thead>
<tbody>
<?php while ($user = $usersResult->fetch_assoc()): ?>
<?php
$userRoles = !empty($user['roleIDs']) ? explode(',', $user['roleIDs']) : [];
$isSelf = (int)$user['userID'] === (int)$_SESSION['user_id'];
?>
<tr style="border-bottom: 1px solid #1e293b;">
<td style="padding: 12px 10px;"><?= $user['userID'] ?></td>
<td style="padding: 12px 10px;">
<img src="<?= !empty($user['profilePicture']) ? htmlspecialchars($user['profilePicture']) : 'assets/images/placeholder.png' ?>"
alt="Profil" style="width: 40px; height: 40px; border-radius: 50%; object-fit: cover; display: block;">
</td>
<td style="padding: 12px 10px;"><?= htmlspecialchars($user['displayname']) ?></td>
<td style="padding: 12px 10px; word-break: break-all;"><?= htmlspecialchars($user['email']) ?></td>
<td style="padding: 12px 10px; min-width: 150px;">
<?php if (!$isSelf): ?>
<form method="post" action="admin_users.php" style="margin: 0; display: flex; flex-direction: column; gap: 5px;">
<input type="hidden" name="update_roles_user_id" value="<?= $user['userID'] ?>">
<select name="roles[]" multiple size="3" style="background: #0f172a; color: #f8fafc; border: 1px solid #334155; padding: 5px; border-radius: 4px; font-size: 0.85rem; width: 100%;">
<form method="post" action="admin_users.php">
<div style="display: flex; justify-content: flex-end; margin-top: 10px;">
<button type="submit" name="update_all_roles" value="1" style="background-color: #3b82f6; color: white; border: none; padding: 10px 16px; border-radius: 4px; cursor: pointer; font-weight: bold; font-size: 0.9rem;">
<svg width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" style="vertical-align: middle; margin-right: 5px;">
<path d="M19 21H5a2 2 0 0 1-2-2V5a2 2 0 0 1 2-2h11l5 5v11a2 2 0 0 1-2 2z"></path>
<polyline points="17 21 17 13 7 13 7 21"></polyline>
<polyline points="7 3 7 8 15 8"></polyline>
</svg>
Alle Rollen speichern
</button>
</div>
<div style="overflow-x: auto; margin-top: 20px;">
<table style="width: 100%; border-collapse: collapse; text-align: left; color: #f8fafc;">
<thead>
<tr style="border-bottom: 2px solid #334155;">
<th style="padding: 12px 10px;">ID</th>
<th style="padding: 12px 10px;">Profil</th>
<th style="padding: 12px 10px;">Name</th>
<th style="padding: 12px 10px;">E-Mail</th>
<th style="padding: 12px 10px; width: 15%;">Aktuelle Rollen</th>
<th style="padding: 12px 10px; width: 25%;">Rollen zuweisen</th>
<th style="padding: 12px 10px;">Aktionen</th>
</tr>
</thead>
<tbody>
<?php while ($user = $usersResult->fetch_assoc()): ?>
<?php
$userRoles = !empty($user['roleIDs']) ? explode(',', $user['roleIDs']) : [];
$isSelf = (int)$user['userID'] === (int)$_SESSION['user_id'];
?>
<tr style="border-bottom: 1px solid #1e293b;">
<td style="padding: 12px 10px;"><?= $user['userID'] ?></td>
<td style="padding: 12px 10px;">
<img src="<?= !empty($user['profilePicture']) ? htmlspecialchars($user['profilePicture']) : 'assets/images/placeholder.png' ?>"
alt="Profil" style="width: 40px; height: 40px; border-radius: 50%; object-fit: cover; display: block;">
</td>
<td style="padding: 12px 10px;"><?= htmlspecialchars($user['displayname']) ?></td>
<td style="padding: 12px 10px; word-break: break-all;"><?= htmlspecialchars($user['email']) ?></td>
<td style="padding: 12px 10px;">
<div style="display: flex; flex-wrap: wrap; gap: 5px;">
<?php foreach ($allRoles as $role): ?>
<?php if (in_array($role['roleID'], $userRoles)): ?>
<span style="background-color: #065f46; border: 1px solid #10b981; color: #a7f3d0; padding: 2px 8px; border-radius: 9999px; font-size: 0.75rem; font-weight: bold;"><?= htmlspecialchars($role['name']) ?></span>
<?php endif; ?>
<?php endforeach; ?>
<?php if (empty($userRoles)): ?>
<span style="color: #64748b; font-size: 0.75rem; font-style: italic;">Keine</span>
<?php endif; ?>
</div>
</td>
<td style="padding: 12px 10px; min-width: 150px;">
<?php if (!$isSelf): ?>
<input type="hidden" name="submitted_users[]" value="<?= $user['userID'] ?>">
<select name="user_roles[<?= $user['userID'] ?>]" style="background: #0f172a; color: #f8fafc; border: 1px solid #334155; padding: 5px; border-radius: 4px; font-size: 0.85rem; width: 100%;">
<option value="">Keine</option>
<?php foreach ($allRoles as $role): ?>
<option value="<?= $role['roleID'] ?>" <?= in_array($role['roleID'], $userRoles) ? 'selected' : '' ?>>
<?= htmlspecialchars($role['name']) ?>
</option>
<?php endforeach; ?>
</select>
<p style="font-size: 0.7rem; color: #94a3b8; margin: 0;">Strg/Cmd für Mehrfachauswahl</p>
<button type="submit" style="background-color: #3b82f6; color: white; border: none; padding: 4px 8px; border-radius: 4px; cursor: pointer; font-size: 0.75rem; width: fit-content; margin-top: 5px;">Speichern</button>
</form>
<?php else: ?>
<div style="display: flex; flex-wrap: wrap; gap: 5px;">
<?php foreach ($allRoles as $role): ?>
<?php if (in_array($role['roleID'], $userRoles)): ?>
<span style="background-color: #3b82f6; color: white; padding: 2px 6px; border-radius: 4px; font-size: 0.75rem;"><?= htmlspecialchars($role['name']) ?></span>
<?php endif; ?>
<?php endforeach; ?>
</div>
<?php endif; ?>
</td>
<td style="padding: 12px 10px;">
<?php if (!$isSelf): ?>
<form method="post" action="admin_users.php" onsubmit="return confirm('Benutzer wirklich löschen?');" style="margin: 0;">
<input type="hidden" name="delete_user_id" value="<?= $user['userID'] ?>">
<button type="submit" class="auth__submit" style="background-color: #ef4444; color: white; border: none; padding: 6px 12px; border-radius: 4px; cursor: pointer; font-size: 0.85rem; width: auto; margin: 0;">Löschen</button>
</form>
<?php else: ?>
<span style="color: #94a3b8; font-size: 0.85rem; padding: 6px 0; display: inline-block;">Das bist du</span>
<?php endif; ?>
</td>
</tr>
<?php endwhile; ?>
</tbody>
</table>
</div>
<?php else: ?>
<span style="color: #94a3b8; font-size: 0.85rem; font-style: italic;">Du (Gesperrt)</span>
<?php endif; ?>
</td>
<td style="padding: 12px 10px;">
<?php if (!$isSelf): ?>
<button type="submit" name="delete_user_id" value="<?= $user['userID'] ?>" class="auth__submit" style="background-color: #ef4444; color: white; border: none; padding: 6px 12px; border-radius: 4px; cursor: pointer; font-size: 0.85rem; width: auto; margin: 0;" onclick="return confirm('Benutzer wirklich löschen? Dies kann nicht rückgängig gemacht werden!');">Löschen</button>
<?php else: ?>
<span style="color: #94a3b8; font-size: 0.85rem; padding: 6px 0; display: inline-block;">Das bist du</span>
<?php endif; ?>
</td>
</tr>
<?php endwhile; ?>
</tbody>
</table>
</div>
</form>
<div class="auth__actions" style="margin-top: 30px; text-align: center;">
<a href="account.php" style="color: #64748b; text-decoration: none; font-size: 0.95rem;">&larr; Zurück zum Profil</a>