block.php - survey_seahorse - Software Engineering Project

block.php (1525B)
      1 <?php
      2 
      3 include_once 'session.php';
      4 include_once '../config.php';
      5 $username = mysqli_real_escape_string($connect, $_POST['username']);
      6 
      7 if (empty($username)) {
      8     header("Location: ../controlpanel.php?username=error");
      9     exit();
     10 } elseif (isset($_POST['revoke-creation'])) {
     11     $sql = "UPDATE user SET blocked=b'01' WHERE username='$username';";
     12     mysqli_query($connect, $sql) or die(mysqli_error($connect));
     13     echo $username, " can no longer create surveys <br>";
     14     echo "<a href = '../controlpanel.php'> Return to control panel </a>";
     15     exit();
     16 } elseif (isset($_POST['revoke-access'])) {
     17     $sql = "UPDATE user SET blocked=b'10' WHERE username='$username';";
     18     mysqli_query($connect, $sql) or die(mysqli_error($connect));
     19     echo $username, " can no longer create or take surveys <br>";
     20     echo "<a href = '../controlpanel.php'> Return to control panel </a>";
     21     exit();
     22 } elseif (isset($_POST['ban'])) {
     23     $sql = "UPDATE user SET blocked=b'11' WHERE username='$username';";
     24     mysqli_query($connect, $sql) or die(mysqli_error($connect));
     25     echo $username, " has been banned from Survey Seahorse";
     26     echo "<a href = '../controlpanel.php'> Return to control panel </a>";
     27     exit();
     28 } elseif (isset($_POST['unban'])) {
     29     $sql = "UPDATE user SET blocked=b'00' WHERE username='$username';";
     30     mysqli_query($connect, $sql) or die(mysqli_error($connect));
     31     echo $username, " now has full user privileges";
     32     echo "<a href = '../controlpanel.php'> Return to control panel </a>";
     33     exit();
     34 }
     35 
     36
	survey_seahorse Software Engineering Project - Fall 2018
	Log \| Files \| Refs \| README