created user rights search

adminarea_admins.php

@@ -14,6 +14,57 @@ if($_SESSION['isadmin'] == 0) {
 echo '<div class="alert alert-danger" role="alert">heres the admin world</div>';
 echo '<a href="adminarea_admins_give.php"><button class="btn btn-success">GIVE</button></a>';
 echo '<a href="adminarea_admins_take.php"><button class="btn btn-danger">TAKE</button></a>';
+echo '<br />';
+
+$showForm = true;
+ 
+if(isset($_GET['user']) ) {
+ if(!isset($_POST['username']) || empty($_POST['username'])) {
+ $error = "<b>Enter the username</b>";
+ } else {
+ $statement = $pdo->prepare("SELECT * FROM users WHERE username = :username");
+ $result = $statement->execute(array('username' => $_POST['username']));
+ $user = $statement->fetch(); 
+ 
+ if($user === false) {
+ $error = "<b>no user found</b>";
+ } else {
+ $showForm = false;
+ echo 'The User '.$user['username'].' with the ID '.$user['id'].' has:';
+ if($user['isadmin'] == "0"){
+     echo "<br>no admin rights";
+ } if($user['isadmin'] == "1"){
+     echo "<br> ADMIN RIGHTS!";
+ } else {
+     echo "<br><i>A faulty user.</i>";
+ }
+ }
+ }
+}
+ 
+if($showForm):
+?>
+ 
+<h1>Search for Admin Rights!</h1>
+Please enter the username below.<br><br>
+ 
+<?php
+if(isset($error) && !empty($error)) {
+ echo $error;
+}
+?>
+ <script src="ressources/js/bootstrap.min.js"></script>
+<form action="?user=1" method="post">
+<div class="form-group">
+<label for="username">Username</label>
+<input type="text" name="username" id="username" class="form-control" value="<?php echo isset($_POST['username']) ? htmlentities($_POST['username']) : ''; ?>"><br>
+</div>
+<button type="submit" class="btn btn-primary">Search User Rights</button>
+</form>
+ 
+<?php
+endif; 
+?>
 echo '<br /> <br />';
 echo '<a href="adminarea.php"><button class="btn btn-info">Back</button></a>';
 ?>