userrole = array( "0" => "superuser", "1" => "analyst", "2" => "phlebotomist" ); } public function index(): string { $db = \Config\Database::connect(); $sql = "select u.USERID, u.USERNAME, u1.USERROLEID from cmod.dbo.CM_USERS u1 full join USERS u on u.USERID=u1.USERID where ( u.LOCKEDACCOUNT is null or u.LOCKEDACCOUNT=0 )"; $query = $db->query($sql); $results = $query->getResultArray(); $data['users'] = $results; return view('users_index', $data); } public function editRole($userid) { if ($this->request->getMethod() == 'POST') { $request = service('request'); $jsonData = $request->getJSON(); $userroleid = $jsonData->userroleid; $db = \Config\Database::connect(); $sql = "if (not exists (select * from cmod.dbo.CM_USERS where USERID='$userid')) BEGIN INSERT INTO cmod.dbo.CM_USERS(USERID, USERROLEID, CREATEDATE) VALUES ('$userid','$userroleid', GETDATE()) END ELSE BEGIN UPDATE cmod.dbo.CM_USERS set USERROLEID='$userroleid' where USERID='$userid' END"; $query = $db->query($sql); } else { $db = \Config\Database::connect(); $sql = "select u.USERID, u.USERNAME, u1.USERROLEID from cmod.dbo.CM_USERS u1 full join USERS u on u.USERID=u1.USERID where u.USERID='$userid'"; $query = $db->query($sql); $results = $query->getResultArray(); $data['users'] = $results; $data['userroles'] = $this->userrole; return view('users_editRole', $data); } } public function comment($access, $sample) { $userid = session()->userid; $request = service('request'); $jsonData = $request->getJSON(); $db = \Config\Database::connect(); $comment = $jsonData->comment; $sql = "if (not exists (select * from cmod.dbo.CM_TUBES where ACCESSNUMBER='$access' AND SAMPLETYPE='$sample')) BEGIN INSERT INTO cmod.dbo.CM_TUBES(ACCESSNUMBER, SAMPLETYPE, COLL_USERID, TUBECOMMENT, CREATEDATE) VALUES ('$access','$sample', '$userid', '$comment', GETDATE()) END ELSE BEGIN UPDATE cmod.dbo.CM_TUBES set TUBECOMMENT='$comment' where ACCESSNUMBER='$access' and SAMPLETYPE='$sample' END"; echo "$sql"; $query = $db->query($sql); } }