Compare commits
No commits in common. "cb587ba2762e136bd9e660e0029649b2203d02c0" and "de9d9e2965c57e3a7d7bcd789485d87d7265ac22" have entirely different histories.
cb587ba276
...
de9d9e2965
@ -116,9 +116,6 @@ include 'header.php';
|
|||||||
<a href="productAdder.php" class="auth__submit account__action-link">
|
<a href="productAdder.php" class="auth__submit account__action-link">
|
||||||
Produkt hinzufügen
|
Produkt hinzufügen
|
||||||
</a>
|
</a>
|
||||||
<a href="admin_users.php" class="auth__submit account__action-link" style="margin-top: 10px; background-color: #3b82f6;">
|
|
||||||
Benutzerverwaltung
|
|
||||||
</a>
|
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
<a href="wunschliste.php"
|
<a href="wunschliste.php"
|
||||||
class="auth__submit account__action-link account__action-link--secondary">
|
class="auth__submit account__action-link account__action-link--secondary">
|
||||||
|
|||||||
@ -1,93 +0,0 @@
|
|||||||
<?php
|
|
||||||
// admin_users.php
|
|
||||||
|
|
||||||
require_once __DIR__ . '/lib/bootstrap.php';
|
|
||||||
|
|
||||||
// 1) Zugriffskontrolle – nur ADMIN
|
|
||||||
if (empty($_SESSION['user_id']) || empty($_SESSION['user_roles']) || !in_array('ADMIN', $_SESSION['user_roles'], true)) {
|
|
||||||
die("Zugriff verweigert. Nur Administratoren dürfen diese Seite sehen.");
|
|
||||||
}
|
|
||||||
|
|
||||||
$conn = db_connect();
|
|
||||||
|
|
||||||
// 2) Aktion: Benutzer löschen
|
|
||||||
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['delete_user_id'])) {
|
|
||||||
$deleteId = (int)$_POST['delete_user_id'];
|
|
||||||
|
|
||||||
// Vermeide Selbstlöschung zur Sicherheit
|
|
||||||
if ($deleteId !== (int)$_SESSION['user_id']) {
|
|
||||||
$delStmt = $conn->prepare("DELETE FROM users WHERE userID = ?");
|
|
||||||
$delStmt->bind_param("i", $deleteId);
|
|
||||||
$delStmt->execute();
|
|
||||||
$delStmt->close();
|
|
||||||
|
|
||||||
$successMsg = "Benutzer erfolgreich gelöscht.";
|
|
||||||
} else {
|
|
||||||
$errorMsg = "Du kannst dich nicht selbst löschen.";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// 3) Alle Benutzer laden
|
|
||||||
$usersResult = $conn->query("SELECT userID, email, displayname, profilePicture, isActive FROM users ORDER BY userID ASC");
|
|
||||||
|
|
||||||
?>
|
|
||||||
|
|
||||||
<?php include 'header.php'; ?>
|
|
||||||
|
|
||||||
<main class="auth auth--admin">
|
|
||||||
<div class="auth__wrapper" style="max-width: 800px;">
|
|
||||||
<h1 class="auth__title">Benutzerverwaltung</h1>
|
|
||||||
<p class="auth__subtitle">Hier siehst du alle registrierten Benutzer.</p>
|
|
||||||
|
|
||||||
<?php if (!empty($successMsg)): ?>
|
|
||||||
<div class="auth__message auth__message--success"><?= htmlspecialchars($successMsg) ?></div>
|
|
||||||
<?php endif; ?>
|
|
||||||
<?php if (!empty($errorMsg)): ?>
|
|
||||||
<div class="auth__message auth__message--error"><?= htmlspecialchars($errorMsg) ?></div>
|
|
||||||
<?php endif; ?>
|
|
||||||
|
|
||||||
<div class="auth__card" style="padding: 20px;">
|
|
||||||
<table style="width: 100%; border-collapse: collapse; text-align: left;">
|
|
||||||
<thead>
|
|
||||||
<tr style="border-bottom: 2px solid #334155;">
|
|
||||||
<th style="padding: 10px;">ID</th>
|
|
||||||
<th style="padding: 10px;">Profil</th>
|
|
||||||
<th style="padding: 10px;">Name</th>
|
|
||||||
<th style="padding: 10px;">E-Mail</th>
|
|
||||||
<th style="padding: 10px;">Aktionen</th>
|
|
||||||
</tr>
|
|
||||||
</thead>
|
|
||||||
<tbody>
|
|
||||||
<?php while ($user = $usersResult->fetch_assoc()): ?>
|
|
||||||
<tr style="border-bottom: 1px solid #1e293b;">
|
|
||||||
<td style="padding: 10px;"><?= $user['userID'] ?></td>
|
|
||||||
<td style="padding: 10px;">
|
|
||||||
<img src="<?= !empty($user['profilePicture']) ? htmlspecialchars($user['profilePicture']) : 'assets/images/placeholder.png' ?>"
|
|
||||||
alt="Profil" style="width: 40px; height: 40px; border-radius: 50%; object-fit: cover;">
|
|
||||||
</td>
|
|
||||||
<td style="padding: 10px;"><?= htmlspecialchars($user['displayname']) ?></td>
|
|
||||||
<td style="padding: 10px;"><?= htmlspecialchars($user['email']) ?></td>
|
|
||||||
<td style="padding: 10px;">
|
|
||||||
<?php if ((int)$user['userID'] !== (int)$_SESSION['user_id']): ?>
|
|
||||||
<form method="post" action="admin_users.php" onsubmit="return confirm('Benutzer wirklich löschen?');" style="margin: 0;">
|
|
||||||
<input type="hidden" name="delete_user_id" value="<?= $user['userID'] ?>">
|
|
||||||
<button type="submit" style="background-color: #ef4444; color: white; border: none; padding: 5px 10px; border-radius: 4px; cursor: pointer; font-size: 0.8rem;">Löschen</button>
|
|
||||||
</form>
|
|
||||||
<?php else: ?>
|
|
||||||
<span style="color: #94a3b8; font-size: 0.8rem;">Das bist du</span>
|
|
||||||
<?php endif; ?>
|
|
||||||
</td>
|
|
||||||
</tr>
|
|
||||||
<?php endwhile; ?>
|
|
||||||
</tbody>
|
|
||||||
</table>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
<div class="auth__actions" style="margin-top: 20px;">
|
|
||||||
<a href="account.php" style="color: #cbd5e1; text-decoration: none;">← Zurück zum Profil</a>
|
|
||||||
</div>
|
|
||||||
</div>
|
|
||||||
</main>
|
|
||||||
|
|
||||||
<?php include 'footer.php'; ?>
|
|
||||||
|
|
||||||
Loading…
Reference in New Issue
Block a user