79 lines
2.3 KiB
PHP
Executable File
79 lines
2.3 KiB
PHP
Executable File
<?php
|
|
include('inc/check_login.php');
|
|
require_once('inc/db.php');
|
|
|
|
// Zugriff nur für eingeloggte Admins
|
|
if ($_SESSION['role'] !== 'admin') {
|
|
die("Zugriff nur für Admins");
|
|
}
|
|
|
|
// Datenbankverbindung einbinden
|
|
|
|
|
|
// Benutzer hinzufügen
|
|
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['username'], $_POST['password'], $_POST['role'])) {
|
|
$username = mysqli_real_escape_string($conn, $_POST['username']);
|
|
$password = password_hash($_POST['password'], PASSWORD_DEFAULT);
|
|
$role = $_POST['role'] === 'admin' ? 'admin' : 'member';
|
|
|
|
$sql = "INSERT INTO users (username, password, role) VALUES ('$username', '$password', '$role')";
|
|
if (mysqli_query($conn, $sql)) {
|
|
$message = "Benutzer erfolgreich hinzugefügt.";
|
|
} else {
|
|
$message = "Fehler beim Hinzufügen: " . mysqli_error($conn);
|
|
}
|
|
}
|
|
|
|
// Benutzerübersicht abrufen
|
|
$users = [];
|
|
$result = mysqli_query($conn, "SELECT id, username, role FROM users ORDER BY username ASC");
|
|
if ($result) {
|
|
while ($row = mysqli_fetch_assoc($result)) {
|
|
$users[] = $row;
|
|
}
|
|
}
|
|
?>
|
|
|
|
<!DOCTYPE html>
|
|
<html>
|
|
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<title>Benutzerverwaltung</title>
|
|
<link rel="stylesheet" href="style.css">
|
|
</head>
|
|
|
|
<body>
|
|
<h1>Benutzerverwaltung</h1>
|
|
|
|
<?php if (isset($message)) echo "<p><strong>$message</strong></p>"; ?>
|
|
|
|
<form method="post">
|
|
<label>Benutzername: <input type="text" name="username" required></label><br>
|
|
<label>Passwort: <input type="password" name="password" required></label><br>
|
|
<label>Rolle:
|
|
<select name="role">
|
|
<option value="member">Mitglied</option>
|
|
<option value="admin">Admin</option>
|
|
</select>
|
|
</label><br>
|
|
<button type="submit">Benutzer hinzufügen</button>
|
|
</form>
|
|
|
|
<h2>Benutzerübersicht</h2>
|
|
<table border="1" cellpadding="5">
|
|
<tr>
|
|
<th>ID</th>
|
|
<th>Benutzername</th>
|
|
<th>Rolle</th>
|
|
</tr>
|
|
<?php foreach ($users as $user): ?>
|
|
<tr>
|
|
<td><?= htmlspecialchars($user['id']) ?></td>
|
|
<td><?= htmlspecialchars($user['username']) ?></td>
|
|
<td><?= htmlspecialchars($user['role']) ?></td>
|
|
</tr>
|
|
<?php endforeach; ?>
|
|
</table>
|
|
|
|
<?php include('inc/footer.php'); ?>
|