diff --git a/server/list.php b/server/list.php index a5ac1f4..5f11001 100644 --- a/server/list.php +++ b/server/list.php @@ -1,10 +1,33 @@ online_time_update(); + if(isset($_POST["action"]) && isset($_POST["user_id"]) && isset($_POST["token_list"]) && $_POST["token_list"] == $_SESSION["token_list"]){ + if(!$user->hasRole(Role::FULL_VIEWER) && $_POST["user_id"] !== $user->auth->getUserId()){ + http_response_code(401); + t("You are not authorized to perform this action."); + exit(); + } + if($_POST["action"] == "activate"){ + $db->update( + DB_PREFIX."_profiles", + ["available" => 1, "availability_last_change" => "manual"], + ["id" => $_POST["user_id"]] + ); + $user->log("Status changed to 'available'", $_POST["user_id"], $user->auth->getUserId()); + } else if($_POST["action"] == "deactivate"){ + $db->update( + DB_PREFIX."_profiles", + ["available" => 0, "availability_last_change" => "manual"], + ["id" => $_POST["user_id"]] + ); + $user->log("Status changed to 'not available'", $_POST["user_id"], $user->auth->getUserId()); + } + } $query_results = $db->select("SELECT * FROM `".DB_PREFIX."_profiles` ORDER BY available DESC, chief DESC, services ASC, availability_minutes ASC, name ASC"); } else { $query_results = null; } +$_SESSION["token_list"] = bin2hex(random_bytes(64)); loadtemplate('list.html', ['title' => t("Availability List", false), 'token_list' => $_SESSION['token_list'], 'query_results' => $query_results]); bdump($_SESSION); diff --git a/server/log.php b/server/log.php index 9bde2c6..883e823 100644 --- a/server/log.php +++ b/server/log.php @@ -1,6 +1,7 @@ online_time_update(); $query_results = $db->select("SELECT * FROM `".DB_PREFIX."_log` ORDER BY `timestamp` DESC"); } else { $query_results = null; diff --git a/server/services.php b/server/services.php index 49adf41..99ad2b6 100644 --- a/server/services.php +++ b/server/services.php @@ -1,6 +1,7 @@ online_time_update(); $query_results = $db->select("SELECT * FROM `".DB_PREFIX."_services` ORDER BY date DESC, beginning DESC"); } else { $query_results = null; diff --git a/server/templates/JSless/base.html b/server/templates/JSless/base.html index cde0eef..315c1cb 100644 --- a/server/templates/JSless/base.html +++ b/server/templates/JSless/base.html @@ -38,6 +38,10 @@ } .topnav .icon { display: none; +} +table, th, tr { + border: 1px solid black; + border-collapse: collapse; }
{% endif %} diff --git a/server/templates/JSless/list.html b/server/templates/JSless/list.html index 27f884b..b3b57b8 100644 --- a/server/templates/JSless/list.html +++ b/server/templates/JSless/list.html @@ -4,8 +4,18 @@{{ 'Are you available in case of alert?'|t }}
- - + +