diff --git a/public/include/classes/user.class.php b/public/include/classes/user.class.php
index d6582676..daa4a6a0 100644
--- a/public/include/classes/user.class.php
+++ b/public/include/classes/user.class.php
@@ -26,26 +26,28 @@ class User {
public function getError() {
return $this->sError;
}
-
public function getUserName($id) {
return $this->getSingle($id, 'username', 'id');
}
-
public function getUserId($username) {
return $this->getSingle($username, 'id', 'username', 's');
}
-
public function getUserEmail($username) {
return $this->getSingle($username, 'email', 'username', 's');
}
-
+ public function getUserAdmin($id) {
+ return $this->getSingle($id, 'admin', 'id');
+ }
public function getUserToken($id) {
return $this->getSingle($id, 'token', 'id');
}
-
public function getIdFromToken($token) {
return $this->getSingle($token, 'id', 'token', 's');
}
+ public function isAdmin($id) {
+ if ($this->getUserAdmin($id) == 1) return true;
+ return false;
+ }
public function setUserToken($id) {
$field = array(
@@ -266,15 +268,15 @@ class User {
private function checkUserPassword($username, $password) {
$this->debug->append("STA " . __METHOD__, 4);
$user = array();
- $stmt = $this->mysqli->prepare("SELECT username, id FROM $this->table WHERE username=? AND pass=? LIMIT 1");
+ $stmt = $this->mysqli->prepare("SELECT username, id, admin FROM $this->table WHERE username=? AND pass=? LIMIT 1");
if ($this->checkStmt($stmt)) {
$stmt->bind_param('ss', $username, hash('sha256', $password.$this->salt));
$stmt->execute();
- $stmt->bind_result($row_username, $row_id);
+ $stmt->bind_result($row_username, $row_id, $row_admin);
$stmt->fetch();
$stmt->close();
// Store the basic login information
- $this->user = array('username' => $row_username, 'id' => $row_id);
+ $this->user = array('username' => $row_username, 'id' => $row_id, 'admin' => $row_admin);
return $username === $row_username;
}
return false;
diff --git a/public/include/pages/admin.inc.php b/public/include/pages/admin.inc.php
new file mode 100644
index 00000000..4409a769
--- /dev/null
+++ b/public/include/pages/admin.inc.php
@@ -0,0 +1,15 @@
+isAdmin($_SESSION['USERDATA']['id'])) {
+ header("HTTP/1.1 404 Page not found");
+ die();
+}
+
+// Tempalte specifics
+$smarty->assign("CONTENT", "default.tpl");
+?>
diff --git a/public/include/pages/admin/user.inc.php b/public/include/pages/admin/user.inc.php
new file mode 100644
index 00000000..6706e547
--- /dev/null
+++ b/public/include/pages/admin/user.inc.php
@@ -0,0 +1,19 @@
+isAdmin($_SESSION['USERDATA']['id'])) {
+ header("HTTP/1.1 404 Page not found");
+ die();
+}
+
+if ($_POST['query']) {
+ // Fetch all users from DB cross referencing all stats
+}
+
+// Tempalte specifics
+$smarty->assign("CONTENT", "default.tpl");
+?>
diff --git a/public/templates/mmcFE/admin/default.tpl b/public/templates/mmcFE/admin/default.tpl
new file mode 100644
index 00000000..60cdf352
--- /dev/null
+++ b/public/templates/mmcFE/admin/default.tpl
@@ -0,0 +1,3 @@
+{include file="global/block_header.tpl" BLOCK_HEADER="Admin Panel"}
+Welcome to the admin panel. Please select an option from the drop-down menu.
+{include file="global/block_footer.tpl"}
diff --git a/public/templates/mmcFE/admin/user/default.tpl b/public/templates/mmcFE/admin/user/default.tpl
new file mode 100644
index 00000000..8077c4a7
--- /dev/null
+++ b/public/templates/mmcFE/admin/user/default.tpl
@@ -0,0 +1,8 @@
+{include file="global/block_header.tpl" BLOCK_HEADER="Query User Database"}
+
+{include file="global/block_footer.tpl"}
diff --git a/public/templates/mmcFE/global/navigation.tpl b/public/templates/mmcFE/global/navigation.tpl
index 3830006b..828ed68a 100644
--- a/public/templates/mmcFE/global/navigation.tpl
+++ b/public/templates/mmcFE/global/navigation.tpl
@@ -11,6 +11,12 @@
{/if}
{if $smarty.session.AUTHENTICATED|default:"0" == 1 && $GLOBAL.userdata.admin == 1}Admin Panel{/if}
+ Admin Panel
+
+
+ {/if}
Statistics