-
Notifications
You must be signed in to change notification settings - Fork 0
/
employeeDelete.php
119 lines (101 loc) · 4.26 KB
/
employeeDelete.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
<!DOCTYPE html>
<html lang="en">
<?php
require('connect-db.php');
?>
<?php include "./navbar.php"; ?>
<?php
//checks that the user is logged in
if (isset($_SESSION['user'])){
//checks that there is a course set to edit
if (!isset($_SESSION['id']))
{
echo "<script>
alert('Nothing to delete, returning home');
window.location.href='home.php';
</script>";
}
//checks for post
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
if (!empty($_POST['action']) && ($_POST['action'] == 'Cancel'))
{
unset($_SESSION['id']);
header("Location: employees.php");
}
else
{
$query = "SELECT * FROM users WHERE username = :username";
$statement = $db->prepare($query);
$statement->bindParam(':username', $_SESSION['id']);
$statement->execute();
$user_info = $statement->fetchAll();
$statement->closecursor();
if($user_info[0]['role'] == 'manager' || $user_info[0]['role'] == 'employee')
{
$query = "UPDATE users SET role=:role WHERE username=:username";
$statement = $db->prepare($query);
$statement->bindValue(':role', 'guest');
$statement->bindValue(':username', $_SESSION['id']);
$statement->execute();
$statement->closeCursor();
}
$query = "DELETE FROM employees WHERE username=:username";
$statement = $db->prepare($query);
$statement->bindValue(':username', $_SESSION['id']);
$statement->execute();
$statement->closeCursor();
unset($_SESSION['id']);
echo "<script>
alert('User removed from employees');
window.location.href='employees.php';
</script>";
}
}
?>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge"> <!-- required to handle IE -->
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css"
integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
<script src="https://code.jquery.com/jquery-3.3.1.slim.min.js"
integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo"
crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js"
integrity="sha384-UO2eT0CpHqdSJQ6hJty5KVphtPhzWj9WO1clHTMGa3JDZwrnQq4sF86dIHNDz0W1"
crossorigin="anonymous"></script>
<script src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js"
integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM"
crossorigin="anonymous"></script>
<!-- ICON -->
<link rel="shortcut icon" href="https://pngimg.com/uploads/paw/paw_PNG21.png" type="image/ico" />
<!-- EXTERNAL CSS -->
<link href="./styles/style.css" rel="stylesheet" type="text/css" />
</head>
<div class="container" style="text-align: center;">
</br>
<!-- a form -->
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" name="editForm" method="post">
<h4>Are you sure you want to remove <?php echo "User: "; echo $_SESSION['id'];?> as an employee?</h4>
<div class="row">
<div class="form-group col-md">
<button type="submit" class="btn btn-primary">Submit</button>
</div>
</br>
<div class="form-group col-md">
<input type="submit" value="Cancel" name="action" class="btn btn-secondary" />
</div>
</div>
</form>
</div>
<?php
}
else
{
echo "<script>
alert('Permission Denied');
window.location.href='home.php';
</script>";
}
?>