This repository has been archived by the owner on Sep 24, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
admin.php
executable file
·91 lines (72 loc) · 2.43 KB
/
admin.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
<?php
//connect to database
require_once('connect/dbconnect.php');
session_start();
$myusername = $_SESSION['myusername'];
session_start();
if(! isset( $_SESSION['myusername'] ) ){
header("location:index2.php");
}
$sql = "select * from user_accounts";
$result = mysql_query($sql);
while($rows = mysql_fetch_array($result)){
if($rows['username']==$_SESSION['myusername']){
if($rows['user_type'] != 'admin'){
header("location:index2.php");
}
}
}
?>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Home | BankSys: Simple. Secure. Sure.</title>
<link rel="stylesheet" type="text/css" href="style.css" />
<script type="text/javascript" src="jquery-1.4.2.min.js"></script>
</head>
<body>
<a name="top"></a>
<? @include('parts/header.php');?>
<?@include('parts/adminnavmenu.php');?>
<div id="bodydiv">
<h2>Welcome, Administrator (<?echo $_SESSION['myusername']?>)! Age: <?echo $_SESSION['age']?></h2>
<!-- list applications for approval -->
<?php
$count = 0;
$sql = "SELECT * FROM savings_accounts WHERE approved = 'FALSE'";
$results = mysql_query($sql) or die('Error: '.mysql_error());
echo '<h3>Pending Applications:</h3><table style="width: 650px;"><tr><th></th>
<th>Name</th>
<th>Email Address</th>
<th>Action</th>
</tr>';
while($rows = mysql_fetch_array($results)){
echo '<tr>';
echo '<td>'.++$count.'</td>';
echo '<td>'.$rows[title]." ".$rows[fname]." ".$rows[minitial].". ".$rows[lname]." ".$rows[suffix].'</td>';
echo '<td>'.$rows[email].'</td>';
echo '<td><a href="viewdetails.php?id='.$rows[id].'">View</a> | <a href="approve.php?id='.$rows[id].'">Approve</a> | <a href="disapprove.php?id='.$rows[id].'">Disapprove</a></td>';
echo '</tr>';
}
echo '</table>';
$count = 0;
$sql = "SELECT * FROM savings_accounts WHERE approved = 'APPROVED'";
$results = mysql_query($sql) or die('Error: '.mysql_error());
echo '<h3>Approved Applications:</h3><table style="width: 650px;"><tr><th></th>
<th>Name</th>
<th>Email Address</th>
<th>Actions</th>
</tr>';
while($rows = mysql_fetch_array($results)){
echo '<tr>';
echo '<td>'.++$count.'</td>';
echo '<td>'.$rows[title]." ".$rows[fname]." ".$rows[minitial].". ".$rows[lname]." ".$rows[suffix].'</td>';
echo '<td>'.$rows[email].'</td>';
echo '<td><a href="viewdetails.php?id='.$rows[id].'">View</a> | <a href="backtopending.php?id='.$rows[id].'">Move back to Pending</a></td>';
echo '</tr>';
}
echo '</table>';
?>
</div>
<?@include('parts/footer.php');?>
</body>
</html>