-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathadmin.php
48 lines (39 loc) · 1.02 KB
/
admin.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
<?php
/**
* Created by PhpStorm.
* User: element
* Date: 24.07.2017
* Time: 16:27
*/
require 'config.php';
if (!$loggedUser['isAdmin'])
die('baba senin yetkin yok ya');
controlCsrfToken();
$query = $db->prepare("select * from users");
$query->execute();
$results = $query->fetchAll(PDO::FETCH_ASSOC);
if (isset($_POST['user_id']) && isset($_POST['price'])) {
$user_id = $_POST['user_id'];
$price = $_POST['price'];
$date = date('Y-m-d');
$query2 = $db->prepare("insert into actions (`user_id`, `date`, `price`) VALUES (?, ?, ?)");
$query2->execute([$user_id, $date, $price]);
echo '
<script>
alert("borc kitlendi");
</script>
';
}
?>
<form action="" method="post">
<?php printTokenInput(); ?>
<select name="user_id" id="">
<?php
foreach ($results as $result) {
echo '<option value="' . $result['id'] . '">' . $result['username'] . '</option>';
}
?>
</select>
<input type="number" name="price">
<input type="submit"/>
</form>