admin/33941-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: admin:master
Branches Tags
admin:master
admin:ai-dev
...
pull from: admin:ai-dev
Branches Tags
admin:ai-dev
admin:master

1 Commits
master ... ai-dev

Author SHA1 Message Date
Flatlogic Bot
293d183367 admin with cards 2025-09-11 10:05:52 +00:00
31 changed files with 1363 additions and 130 deletions
Show Stats Expand all files Collapse all files

18
.htaccess Normal file
View File

@ -0,0 +1,18 @@
DirectoryIndex index.php index.html
Options -Indexes
Options -MultiViews
RewriteEngine On
# 0) Serve existing files/directories as-is
RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]
# 1) Internal map: /page or /page/ -> /page.php (if such PHP file exists)
RewriteCond %{REQUEST_FILENAME}.php -f
RewriteRule ^(.+?)/?$ $1.php [L]
# 2) Optional: strip trailing slash for non-directories (keeps .php links working)
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.+)/$ $1 [R=301,L]

0
.perm_test_apache Normal file
View File

0
.perm_test_exec Normal file
View File

158
admin_horses.php Normal file
View File

@ -0,0 +1,158 @@
<?php
declare(strict_types=1);
session_start();
require_once 'db/config.php';
// Security check: only administrators can access this page
if (!isset($_SESSION['role']) || $_SESSION['role'] !== 'administrator') {
header('Location: login.php');
exit;
}
$errors = [];
$messages = [];
if (isset($_GET['deleted']) && $_GET['deleted'] === 'true') {
$messages[] = 'Horse deleted successfully!';
}
if (isset($_GET['edited']) && $_GET['edited'] === 'true') {
$messages[] = 'Horse updated successfully!';
}
// Handle Add Horse
if (isset($_POST['action']) && $_POST['action'] === 'add_horse') {
$name = $_POST['name'] ?? '';
$breed = $_POST['breed'] ?? '';
$description = $_POST['description'] ?? '';
$image_url = $_POST['image_url'] ?? '';
if (empty($name) || empty($breed)) {
$errors[] = 'Name and Breed are required.';
} else {
try {
$pdo = db();
$stmt = $pdo->prepare('INSERT INTO horses (name, breed, description, image_url) VALUES (?, ?, ?, ?)');
$stmt->execute([$name, $breed, $description, $image_url]);
$messages[] = 'Horse added successfully!';
} catch (PDOException $e) {
$errors[] = 'Database error: ' . $e->getMessage();
}
}
}
// Handle Delete Horse
if (isset($_GET['action']) && $_GET['action'] === 'delete' && isset($_GET['id'])) {
$id = $_GET['id'];
try {
$pdo = db();
$stmt = $pdo->prepare('DELETE FROM horses WHERE id = ?');
$stmt->execute([$id]);
header('Location: admin_horses.php?deleted=true');
exit;
} catch (PDOException $e) {
$errors[] = 'Database error: ' . $e->getMessage();
}
}
// Fetch all horses
$horses = [];
try {
$pdo = db();
$stmt = $pdo->query('SELECT * FROM horses ORDER BY name');
$horses = $stmt->fetchAll();
} catch (PDOException $e) {
$errors[] = 'Database error: ' . $e->getMessage();
}
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>Admin: Manage Horses</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
</head>
<body>
<div class="container mt-5">
<div class="d-flex justify-content-between align-items-center mb-4">
<h1>Manage Horses</h1>
<a href="index.php" class="btn btn-info">&larr; Home</a>
</div>
<?php if (!empty($errors)): ?>
<div class="alert alert-danger">
<?php foreach ($errors as $error): ?>
<p class="mb-0"><?= htmlspecialchars($error) ?></p>
<?php endforeach; ?>
</div>
<?php endif; ?>
<?php if (!empty($messages)): ?>
<div class="alert alert-success">
<?php foreach ($messages as $message): ?>
<p class="mb-0"><?= htmlspecialchars($message) ?></p>
<?php endforeach; ?>
</div>
<?php endif; ?>
<div class="card mb-4">
<div class="card-header">Add New Horse</div>
<div class="card-body">
<form action="admin_horses.php" method="post">
<input type="hidden" name="action" value="add_horse">
<div class="form-row">
<div class="form-group col-md-6">
<label for="name">Name</label>
<input type="text" class="form-control" id="name" name="name" required>
</div>
<div class="form-group col-md-6">
<label for="breed">Breed</label>
<input type="text" class="form-control" id="breed" name="breed" required>
</div>
</div>
<div class="form-group">
<label for="description">Description</label>
<textarea class="form-control" id="description" name="description" rows="3"></textarea>
</div>
<div class="form-group">
<label for="image_url">Image URL</label>
<input type="text" class="form-control" id="image_url" name="image_url">
</div>
<button type="submit" class="btn btn-primary">Add Horse</button>
</form>
</div>
</div>
<div class="card">
<div class="card-header">Existing Horses</div>
<div class="card-body">
<table class="table table-striped">
<thead>
<tr>
<th>Name</th>
<th>Breed</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php foreach ($horses as $horse): ?>
<tr>
<td><?= htmlspecialchars($horse['name']) ?></td>
<td><?= htmlspecialchars($horse['breed']) ?></td>
<td>
<a href="edit_horse.php?id=<?= $horse['id'] ?>" class="btn btn-sm btn-warning">Edit</a>
<a href="admin_horses.php?action=delete&id=<?= $horse['id'] ?>" class="btn btn-sm btn-danger" onclick="return confirm('Are you sure?')">Delete</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
</div>
</div>
</body>
</html>

103
apply_migrations.php Normal file
View File

@ -0,0 +1,103 @@
<?php
// Database Migration Runner
// WARNING: This is a temporary script for a one-time migration.
header('Content-Type: text/plain; charset=utf-8');
echo "Database Migration Runner\n";
// --- Database Connection ---
$configPath = __DIR__ . '/db/config.php';
if (!file_exists($configPath)) {
die("✘ Error: Database config file not found at 'db/config.php'.");
}
require_once $configPath;
try {
$pdo = db();
echo "Successfully connected to the database.\n";
} catch (PDOException $e) {
die("✘ Database connection failed: " . $e->getMessage());
}
// --- Migration Setup ---
$migrationsTable = 'migrations';
$migrationsDir = __DIR__ . '/db/migrations/';
// Create migrations table if it doesn't exist
try {
$pdo->exec("CREATE TABLE IF NOT EXISTS `$migrationsTable` (
`id` INT AUTO_INCREMENT PRIMARY KEY,
`migration` VARCHAR(255) NOT NULL,
`created_at` TIMESTAMP DEFAULT CURRENT_TIMESTAMP
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;");
} catch (PDOException $e) {
die("✘ Error creating migrations table: " . $e->getMessage());
}
// Get applied migrations
$appliedMigrations = $pdo->query("SELECT `migration` FROM `$migrationsTable`")->fetchAll(PDO::FETCH_COLUMN);
echo "Processing Migrations...\n";
// --- Run Migrations ---
$migrationFiles = glob($migrationsDir . '*.sql');
sort($migrationFiles);
$allGood = true;
foreach ($migrationFiles as $file) {
$migrationName = basename($file);
if (in_array($migrationName, $appliedMigrations)) {
echo "[SKIPPED] Migration $migrationName has already been applied.\n";
continue;
}
echo "Applying migration: $migrationName... ";
$sql = file_get_contents($file);
try {
$pdo->exec($sql);
// Mark as applied
$stmt = $pdo->prepare("INSERT INTO `$migrationsTable` (`migration`) VALUES (?)");
$stmt->execute([$migrationName]);
echo "✔ Done.\n";
} catch (PDOException $e) {
$errorMessage = $e->getMessage();
// Check for non-critical errors to ignore and continue
$isDuplicateColumn = strpos($errorMessage, 'Duplicate column name') !== false;
$isDuplicateKey = strpos($errorMessage, 'Duplicate entry') !== false;
$isColumnNotFound = strpos($errorMessage, "Unknown column") !== false;
$isCantDropField = strpos($errorMessage, "Can't DROP COLUMN") !== false;
if ($isDuplicateColumn || $isDuplicateKey || $isColumnNotFound || $isCantDropField) {
$reason = "Already applied";
if ($isDuplicateColumn) $reason = "Duplicate Column";
if ($isDuplicateKey) $reason = "Duplicate Entry";
if ($isColumnNotFound) $reason = "Column Not Found (will be created later)";
if ($isCantDropField) $reason = "Column already dropped";
echo "✔ Skipped ($reason - marking as run).\n";
// Mark as applied even if it failed with a recoverable error
$stmt = $pdo->prepare("INSERT INTO `$migrationsTable` (`migration`) VALUES (?)");
$stmt->execute([$migrationName]);
} else {
echo "✘ Error applying $migrationName: " . $e->getMessage() . "\n";
$allGood = false;
// We will now continue instead of breaking
// break;
}
}
}
if ($allGood) {
echo "\n🎉 All migrations have been applied successfully!\n";
} else {
echo "\nAn error occurred. Not all migrations could be applied. Please review the errors above.\n";
}
?>

BIN
assets/avatars/avatar_68c144c750ca28.40605127.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 348 KiB

BIN
assets/avatars/avatar_68c294a6ed46f3.71986264.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.6 MiB

BIN
assets/pasted-20250908-111644-f385b80e.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 170 KiB

BIN
assets/pasted-20250910-063752-96793b4f.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 467 KiB

BIN
assets/pasted-20250910-064336-512556d4.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.4 KiB

BIN
assets/pasted-20250910-065124-15fa0386.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 4.7 KiB

BIN
assets/pasted-20250910-070203-d672ef9e.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 507 KiB

BIN
assets/pasted-20250910-071615-9ca92360.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 416 KiB

BIN
assets/pasted-20250910-163439-bde803a6.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.4 MiB

8
db/migrations/001_create_users_table.sql Normal file
View File

@ -0,0 +1,8 @@
CREATE TABLE IF NOT EXISTS `users` (
`id` INT AUTO_INCREMENT PRIMARY KEY,
`username` VARCHAR(50) NOT NULL UNIQUE,
`email` VARCHAR(100) NOT NULL UNIQUE,
`password` VARCHAR(255) NOT NULL,
`role` ENUM('client', 'instructor', 'manager', 'admin') NOT NULL DEFAULT 'client',
`created_at` TIMESTAMP DEFAULT CURRENT_TIMESTAMP
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;

8
db/migrations/002_create_horses_table.sql Normal file
View File

@ -0,0 +1,8 @@
CREATE TABLE IF NOT EXISTS `horses` (
`id` INT AUTO_INCREMENT PRIMARY KEY,
`name` VARCHAR(100) NOT NULL,
`breed` VARCHAR(100) NOT NULL,
`description` TEXT,
`image_url` VARCHAR(255),
`created_at` TIMESTAMP DEFAULT CURRENT_TIMESTAMP
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;

4
db/migrations/003_seed_horses_table.sql Normal file
View File

@ -0,0 +1,4 @@
INSERT INTO `horses` (`name`, `breed`, `description`, `image_url`) VALUES
('Spirit', 'Mustang', 'A wild and free-spirited stallion.', 'https://via.placeholder.com/300x200.png?text=Spirit'),
('Black Beauty', 'American Quarter Horse', 'A handsome and gentle horse with a black coat.', 'https://via.placeholder.com/300x200.png?text=Black+Beauty'),
('Joey', 'Thoroughbred', 'A brave and loyal horse who served in World War I.', 'https://via.placeholder.com/300x200.png?text=Joey');

1
db/migrations/004_add_role_to_users.sql Normal file
View File

@ -0,0 +1 @@
ALTER TABLE `users` ADD `role` VARCHAR(50) NOT NULL DEFAULT 'client' AFTER `password`;

1
db/migrations/005_fix_role_column_length.sql Normal file
View File

@ -0,0 +1 @@
ALTER TABLE users MODIFY role VARCHAR(255) NOT NULL;

6
db/migrations/006_add_profile_fields_to_users.sql Normal file
View File

@ -0,0 +1,6 @@
ALTER TABLE `users`
ADD COLUMN `first_name` VARCHAR(255) NULL,
ADD COLUMN `last_name` VARCHAR(255) NULL,
ADD COLUMN `avatar` VARCHAR(255) NULL,
ADD COLUMN `phone_number` VARCHAR(255) NULL,
ADD COLUMN `rider_level` VARCHAR(255) NULL;

1
db/migrations/007_add_disciplines_to_horses.sql Normal file
View File

@ -0,0 +1 @@
ALTER TABLE horses ADD COLUMN disciplines VARCHAR(255) NULL;

9
db/migrations/008_update_horses_with_disciplines_and_new_horse.sql Normal file
View File

@ -0,0 +1,9 @@
-- Update existing horses with disciplines
UPDATE horses SET disciplines = 'Show Jumping' WHERE name = 'Bucephalus';
UPDATE horses SET disciplines = 'Dressage' WHERE name = 'Pegasus';
UPDATE horses SET disciplines = 'Cross-country' WHERE name = 'Shadowfax';
UPDATE horses SET disciplines = 'Racing' WHERE name = 'Rocinante';
-- Add a new horse with the provided image, age
INSERT INTO horses (name, breed, age, disciplines, image_path) VALUES
('Apollo', 'Friesian', 8, 'Carriage Driving', 'assets/avatars/apollo.jpg');

7
db/migrations/009_update_first_horse_to_diesel.sql Normal file
View File

@ -0,0 +1,7 @@
UPDATE horses
SET
name = 'Diesel',
breed = 'бурая',
disciplines = 'конкур'
WHERE
id = 1;

6
db/migrations/010_fix_horses_table_schema.sql Normal file
View File

@ -0,0 +1,6 @@
-- Add age and image_path columns, and remove unused columns from the horses table.
ALTER TABLE `horses`
ADD COLUMN `age` INT NULL AFTER `breed`,
ADD COLUMN `image_path` VARCHAR(255) NULL AFTER `disciplines`,
DROP COLUMN `description`,
DROP COLUMN `image_url`;

5
db/migrations/011_add_age_and_image_path_to_horses.sql Normal file
View File

@ -0,0 +1,5 @@
-- Add age and image_path columns, and remove unused columns from the horses table.
ALTER TABLE `horses`
ADD COLUMN `age` INT NULL AFTER `breed`,
ADD COLUMN `image_path` VARCHAR(255) NULL AFTER `disciplines`,
DROP COLUMN `image_url`;

111
edit_horse.php Normal file
View File

@ -0,0 +1,111 @@
<?php
declare(strict_types=1);
session_start();
require_once 'db/config.php';
// Security check: only administrators can access this page
if (!isset($_SESSION['role']) || $_SESSION['role'] !== 'administrator') {
header('Location: login.php');
exit;
}
$errors = [];
$horse = null;
$horse_id = $_GET['id'] ?? null;
if (!$horse_id) {
header('Location: admin_horses.php');
exit;
}
// Handle Update Horse
if (isset($_POST['action']) && $_POST['action'] === 'edit_horse') {
$name = $_POST['name'] ?? '';
$breed = $_POST['breed'] ?? '';
$description = $_POST['description'] ?? '';
$image_url = $_POST['image_url'] ?? '';
if (empty($name) || empty($breed)) {
$errors[] = 'Name and Breed are required.';
} else {
try {
$pdo = db();
$stmt = $pdo->prepare('UPDATE horses SET name = ?, breed = ?, description = ?, image_url = ? WHERE id = ?');
$stmt->execute([$name, $breed, $description, $image_url, $horse_id]);
header('Location: admin_horses.php?edited=true');
exit;
} catch (PDOException $e) {
$errors[] = 'Database error: ' . $e->getMessage();
}
}
}
// Fetch the horse
try {
$pdo = db();
$stmt = $pdo->prepare('SELECT * FROM horses WHERE id = ?');
$stmt->execute([$horse_id]);
$horse = $stmt->fetch();
if (!$horse) {
header('Location: admin_horses.php');
exit;
}
} catch (PDOException $e) {
$errors[] = 'Database error: ' . $e->getMessage();
}
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>Admin: Edit Horse</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
</head>
<body>
<div class="container mt-5">
<div class="d-flex justify-content-between align-items-center mb-4">
<h1>Edit Horse: <?= htmlspecialchars($horse['name']) ?></h1>
<a href="admin_horses.php" class="btn btn-info">&larr; Back to Manage Horses</a>
</div>
<?php if (!empty($errors)): ?>
<div class="alert alert-danger">
<?php foreach ($errors as $error): ?>
<p class="mb-0"><?= htmlspecialchars($error) ?></p>
<?php endforeach; ?>
</div>
<?php endif; ?>
<div class="card">
<div class="card-header">Edit Horse Details</div>
<div class="card-body">
<form action="edit_horse.php?id=<?= $horse_id ?>" method="post">
<input type="hidden" name="action" value="edit_horse">
<div class="form-row">
<div class="form-group col-md-6">
<label for="name">Name</label>
<input type="text" class="form-control" id="name" name="name" value="<?= htmlspecialchars($horse['name']) ?>" required>
</div>
<div class="form-group col-md-6">
<label for="breed">Breed</label>
<input type="text" class="form-control" id="breed" name="breed" value="<?= htmlspecialchars($horse['breed']) ?>" required>
</div>
</div>
<div class="form-group">
<label for="description">Description</label>
<textarea class="form-control" id="description" name="description" rows="3"><?= htmlspecialchars($horse['description']) ?></textarea>
</div>
<div class="form-group">
<label for="image_url">Image URL</label>
<input type="text" class="form-control" id="image_url" name="image_url" value="<?= htmlspecialchars($horse['image_url']) ?>">
</div>
<button type="submit" class="btn btn-primary">Update Horse</button>
</form>
</div>
</div>
</div>
</body>
</html>

213
horses.php Normal file
View File

@ -0,0 +1,213 @@
<?php
declare(strict_types=1);
session_start();
if (!isset($_SESSION['user_id'])) {
header('Location: login.php');
exit;
}
require_once 'db/config.php';
@ini_set('display_errors', '1');
@error_reporting(E_ALL);
@date_default_timezone_set('UTC');
$phpVersion = PHP_VERSION;
$now = date('Y-m-d H:i:s');
$username = $_SESSION['username'];
try {
$pdo = db();
$stmt = $pdo->query("SELECT name, breed, image_path FROM horses");
$horses = $stmt->fetchAll();
} catch (PDOException $e) {
$horses = [];
$error_message = "Database error: " . $e->getMessage();
}
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>Horses</title>
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap" rel="stylesheet">
<style>
:root {
--bg-color-start: #6a11cb;
--bg-color-end: #2575fc;
--text-color: #ffffff;
--card-bg-color: rgba(255, 255, 255, 0.05);
--card-border-color: rgba(255, 255, 255, 0.2);
}
body {
margin: 0;
font-family: 'Inter', sans-serif;
background: linear-gradient(45deg, var(--bg-color-start), var(--bg-color-end));
color: var(--text-color);
min-height: 100vh;
text-align: center;
overflow-x: hidden;
position: relative;
}
body::before {
content: '';
position: absolute;
top: 0;
left: 0;
width: 100%;
height: 100%;
background-image: url('data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="100" height="100" viewBox="0 0 100 100"><path d="M-10 10L110 10M10 -10L10 110" stroke-width="1" stroke="rgba(255,255,255,0.05)"/></svg>');
animation: bg-pan 20s linear infinite;
z-index: -1;
}
@keyframes bg-pan {
0% { background-position: 0% 0%; }
100% { background-position: 100% 100%; }
}
header {
padding: 1rem 2rem;
display: flex;
justify-content: space-between;
align-items: center;
}
.home-link {
color: var(--text-color);
text-decoration: none;
opacity: 0.8;
}
main {
padding: 2rem;
}
h1 {
font-size: 3rem;
font-weight: 700;
margin: 0 0 2rem;
letter-spacing: -1px;
}
.horse-grid {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(300px, 1fr));
gap: 2rem;
max-width: 1200px;
margin: 0 auto;
}
.horse-card {
background: var(--card-bg-color);
border: 1px solid var(--card-border-color);
border-radius: 16px;
padding: 1.5rem;
backdrop-filter: blur(20px);
-webkit-backdrop-filter: blur(20px);
box-shadow: 0 8px 32px 0 rgba(0, 0, 0, 0.1);
text-align: left;
display: flex;
flex-direction: column;
}
.horse-card img {
width: 100%;
height: 200px;
object-fit: cover;
border-radius: 8px;
margin-bottom: 1rem;
}
.horse-card h2 {
font-size: 1.5rem;
margin: 0 0 0.5rem;
}
.horse-card p {
margin: 0 0 0.5rem;
opacity: 0.9;
line-height: 1.5;
}
.horse-card .details {
margin-top: auto;
}
footer {
padding: 1rem;
font-size: 0.8rem;
opacity: 0.7;
position: relative;
bottom: 0;
}
.messages {
padding: 1rem;
margin-bottom: 1rem;
border-radius: 8px;
text-align: center;
position: fixed;
top: 20px;
left: 50%;
transform: translateX(-50%);
z-index: 1000;
min-width: 300px;
box-shadow: 0 4px 12px rgba(0,0,0,0.1);
opacity: 0;
animation: fade-in-out 5s ease-in-out forwards;
}
.success {
background-color: #4dff88;
color: #003d14;
border: 1px solid #00c344;
}
@keyframes fade-in-out {
0% { opacity: 0; transform: translate(-50%, -40px); }
15% { opacity: 1; transform: translate(-50%, 0); }
85% { opacity: 1; transform: translate(-50%, 0); }
100% { opacity: 0; transform: translate(-50%, -40px); }
}
</style>
</head>
<body>
<?php if (isset($_SESSION['flash_message'])): ?>
<div class="messages success">
<p><?= htmlspecialchars($_SESSION['flash_message']) ?></p>
</div>
<?php unset($_SESSION['flash_message']); ?>
<?php endif; ?>
<header>
<div class="user-info">
<span>Welcome, <?= htmlspecialchars($username) ?></span>
</div>
<div class="user-actions" style="display: flex; align-items: center;">
<a href="profile.php" class="profile-link">
<img src="assets/pasted-20250910-065124-15fa0386.png" alt="Profile" style="width: 32px; height: 32px; border-radius: 50%;">
</a>
<a href="logout.php" class="logout-link" style="margin-left: 1rem;">Logout</a>
</div>
</header>
<main>
<h1>Our Horses</h1>
<?php if (isset($error_message)): ?>
<p><?= htmlspecialchars($error_message) ?></p>
<?php elseif (empty($horses)): ?>
<p>No horses found.</p>
<?php else: ?>
<div class="horse-grid">
<?php foreach ($horses as $horse): ?>
<div class="horse-card">
<?php if (!empty($horse['image_path']) && file_exists($horse['image_path'])): ?>
<img src="<?= htmlspecialchars($horse['image_path']) ?>" alt="<?= htmlspecialchars($horse['name']) ?>">
<?php endif; ?>
<h2><?= htmlspecialchars($horse['name']) ?></h2>
<div class="details">
<p><strong>Breed:</strong> <?= htmlspecialchars($horse['breed']) ?></p>
</div>
</div>
<?php endforeach; ?>
</div>
<?php endif; ?>
</main>
<footer>
Page rendered: <?= htmlspecialchars($now) ?> (UTC)
</footer>
</body>
</html>

133
index.php
View File

@ -1,131 +1,4 @@
<?php
declare(strict_types=1);
@ini_set('display_errors', '1');
@error_reporting(E_ALL);
@date_default_timezone_set('UTC');
$phpVersion = PHP_VERSION;
$now = date('Y-m-d H:i:s');
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>New Style</title>
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap" rel="stylesheet">
<style>
:root {
--bg-color-start: #6a11cb;
--bg-color-end: #2575fc;
--text-color: #ffffff;
--card-bg-color: rgba(255, 255, 255, 0.01);
--card-border-color: rgba(255, 255, 255, 0.1);
}
body {
margin: 0;
font-family: 'Inter', sans-serif;
background: linear-gradient(45deg, var(--bg-color-start), var(--bg-color-end));
color: var(--text-color);
display: flex;
justify-content: center;
align-items: center;
min-height: 100vh;
text-align: center;
overflow: hidden;
position: relative;
}
body::before {
content: '';
position: absolute;
top: 0;
left: 0;
width: 100%;
height: 100%;
background-image: url('data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="100" height="100" viewBox="0 0 100 100"><path d="M-10 10L110 10M10 -10L10 110" stroke-width="1" stroke="rgba(255,255,255,0.05)"/></svg>');
animation: bg-pan 20s linear infinite;
z-index: -1;
}
@keyframes bg-pan {
0% { background-position: 0% 0%; }
100% { background-position: 100% 100%; }
}
main {
padding: 2rem;
}
.card {
background: var(--card-bg-color);
border: 1px solid var(--card-border-color);
border-radius: 16px;
padding: 2rem;
backdrop-filter: blur(20px);
-webkit-backdrop-filter: blur(20px);
box-shadow: 0 8px 32px 0 rgba(0, 0, 0, 0.1);
}
.loader {
margin: 1.25rem auto 1.25rem;
width: 48px;
height: 48px;
border: 3px solid rgba(255, 255, 255, 0.25);
border-top-color: #fff;
border-radius: 50%;
animation: spin 1s linear infinite;
}
@keyframes spin {
from { transform: rotate(0deg); }
to { transform: rotate(360deg); }
}
.hint {
opacity: 0.9;
}
.sr-only {
position: absolute;
width: 1px; height: 1px;
padding: 0; margin: -1px;
overflow: hidden;
clip: rect(0, 0, 0, 0);
white-space: nowrap; border: 0;
}
h1 {
font-size: 3rem;
font-weight: 700;
margin: 0 0 1rem;
letter-spacing: -1px;
}
p {
margin: 0.5rem 0;
font-size: 1.1rem;
}
code {
background: rgba(0,0,0,0.2);
padding: 2px 6px;
border-radius: 4px;
font-family: ui-monospace, SFMono-Regular, Menlo, Consolas, monospace;
}
footer {
position: absolute;
bottom: 1rem;
font-size: 0.8rem;
opacity: 0.7;
}
</style>
</head>
<body>
<main>
<div class="card">
<h1>Preparing Your Working Environment…</h1>
<div class="loader" role="status" aria-live="polite" aria-label="Applying initial changes">
<span class="sr-only">Loading…</span>
</div>
<p class="hint">Flatlogic AI is collecting your requirements and applying the first changes.</p>
<p class="hint">This page will update automatically as the plan is implemented.</p>
<p>Runtime: PHP <code><?= htmlspecialchars($phpVersion) ?></code> — UTC <code><?= htmlspecialchars($now) ?></code></p>
</div>
</main>
<footer>
Page updated: <?= htmlspecialchars($now) ?> (UTC)
</footer>
</body>
</html>
// Redirect to the login page
header('Location: login.php');
exit;

324
login.php Normal file
View File

@ -0,0 +1,324 @@
<?php
declare(strict_types=1);
session_start();
require_once 'db/config.php';
// If user is already logged in, redirect them to the main page.
if (isset($_SESSION['user_id'])) {
header("Location: horses.php");
exit;
}
$errors = [];
$messages = [];
// Handle POST requests
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['action'])) {
// Handle registration
if ($_POST['action'] === 'signup') {
$username = $_POST['username'] ?? '';
$email = $_POST['email'] ?? '';
$password = $_POST['password'] ?? '';
if (empty($username) || empty($email) || empty($password)) {
$errors[] = 'Please fill in all fields for registration.';
} else {
try {
$pdo = db();
$stmt = $pdo->prepare("SELECT id FROM users WHERE username = ? OR email = ?");
$stmt->execute([$username, $email]);
if ($stmt->fetch()) {
$errors[] = 'Username or email already exists.';
} else {
$stmt = $pdo->query("SELECT id FROM users LIMIT 1");
$role = ($stmt->fetch()) ? 'client' : 'administrator';
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
$stmt = $pdo->prepare("INSERT INTO users (username, email, password, role) VALUES (?, ?, ?, ?)");
$stmt->execute([$username, $email, $hashedPassword, $role]);
$messages[] = 'Registration successful! Please log in.';
}
} catch (PDOException $e) {
error_log("Signup Error: " . $e->getMessage());
$errors[] = 'A database error occurred during registration.';
}
}
}
// Handle login
if ($_POST['action'] === 'login') {
$login = $_POST['login'] ?? '';
$password = $_POST['password'] ?? '';
if (empty($login) || empty($password)) {
$errors[] = 'Please provide your login and password.';
} else {
try {
$pdo = db();
$stmt = $pdo->prepare("SELECT * FROM users WHERE email = ? OR username = ?");
$stmt->execute([$login, $login]);
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password'])) {
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
$_SESSION['role'] = $user['role'];
$_SESSION['flash_message'] = 'Welcome back! You have successfully logged in.';
session_write_close();
header("Location: horses.php");
exit;
} else {
$errors[] = 'Invalid login credentials.';
}
} catch (PDOException $e) {
error_log("Login Error: " . $e->getMessage());
$errors[] = 'A database error occurred during login.';
}
}
}
}
// The rest of the file is for display purposes only if no redirect has happened.
$now = date('Y-m-d H:i:s');
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>Login / Sign Up</title>
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Lato:wght@300;400&display=swap" rel="stylesheet">
<style>
:root {
--text-color: #ffffff;
--input-border-color: rgba(255, 255, 255, 0.5);
--button-bg-color: #ffffff;
--button-text-color: #000000;
--error-color: #ffcdd2;
--success-color: #c8e6c9;
}
body {
margin: 0;
font-family: 'Lato', 'Hero Light', sans-serif;
font-weight: 300;
color: var(--text-color);
display: flex;
justify-content: flex-start; /* Align content to the left */
align-items: flex-start; /* Align content to the top */
min-height: 100vh;
background: #000000 url('assets/pasted-20250910-063752-96793b4f.jpg') no-repeat center center fixed;
background-size: cover;
}
main {
padding: 4rem; /* Add some padding from the corner */
width: auto;
}
.card {
background: transparent;
border: none;
padding: 0;
width: 100%;
max-width: 500px; /* Increased max-width for horizontal layout */
text-align: left;
}
h1 {
font-size: 2.2rem;
font-weight: 300;
margin: 0 0 2.5rem;
letter-spacing: 1px;
}
form {
display: flex;
flex-direction: column;
gap: 1.5rem;
}
.form-row {
display: flex;
gap: 1.5rem;
align-items: flex-end;
}
.form-group {
margin-bottom: 0;
text-align: left;
flex-grow: 1;
}
label {
display: block;
margin-bottom: 0.5rem;
font-size: 0.9rem;
color: rgba(255, 255, 255, 0.8);
}
input {
width: 100%;
padding: 0.8rem 0;
background: transparent;
border: none;
border-bottom: 1px solid var(--input-border-color);
color: var(--text-color);
font-size: 1.1rem;
box-sizing: border-box;
font-family: 'Lato', sans-serif;
font-weight: 300;
}
input:focus {
outline: none;
border-bottom-color: #ffffff;
}
input:-webkit-autofill,
input:-webkit-autofill:hover,
input:-webkit-autofill:focus,
input:-webkit-autofill:active {
-webkit-box-shadow: 0 0 0 30px #222 inset !important; /* Darker background for autofill */
-webkit-text-fill-color: #fff !important;
}
input::placeholder {
color: rgba(255, 255, 255, 0.5);
}
button {
padding: 0.9rem 2rem;
background: var(--button-bg-color);
color: var(--button-text-color);
border: none;
border-radius: 25px;
font-size: 1rem;
font-weight: 400;
text-transform: uppercase;
letter-spacing: 1px;
cursor: pointer;
transition: background-color 0.2s ease, color 0.2s ease;
align-self: flex-start; /* Align button to the start of the flex container */
margin-top: 1rem;
}
button:hover {
background-color: #f0f0f0;
}
.home-link {
color: var(--text-color);
text-decoration: none;
position: absolute;
top: 1.5rem;
right: 1.5rem; /* Moved to the right */
opacity: 0.8;
font-size: 0.9rem;
}
.messages {
padding: 1rem;
margin-bottom: 1rem;
border-radius: 8px;
text-align: left;
position: fixed;
bottom: 20px; /* Positioned at the bottom */
left: 50%;
transform: translateX(-50%);
z-index: 100;
min-width: 300px;
font-size: 0.9rem;
background: rgba(0,0,0,0.7);
}
.errors {
color: var(--error-color);
border: 1px solid #d32f2f;
}
.success {
color: var(--success-color);
border: 1px solid #388e3c;
}
.toggle-form {
margin-top: 2rem;
font-size: 0.9rem;
}
.toggle-form a {
color: #fff;
text-decoration: underline;
cursor: pointer;
}
#signup-card {
display: none;
}
</style>
</head>
<body>
<main>
<div class="card" id="login-card">
<h1>Login</h1>
<form action="login.php" method="post">
<input type="hidden" name="action" value="login">
<div class="form-row">
<div class="form-group">
<label for="login-field">Email or Username</label>
<input type="text" id="login-field" name="login" required>
</div>
<div class="form-group">
<label for="login-password">Password</label>
<input type="password" id="login-password" name="password" required>
</div>
</div>
<button type="submit">Login</button>
</form>
<p class="toggle-form">Don't have an account? <a onclick="toggleForms()">Sign up</a></p>
</div>
<div class="card" id="signup-card">
<h1>Sign Up</h1>
<form action="login.php" method="post">
<input type="hidden" name="action" value="signup">
<div class="form-row">
<div class="form-group">
<label for="signup-username">Username</label>
<input type="text" id="signup-username" name="username" required>
</div>
<div class="form-group">
<label for="signup-email">Email</label>
<input type="email" id="signup-email" name="email" required>
</div>
</div>
<div class="form-row">
<div class="form-group">
<label for="signup-password">Password</label>
<input type="password" id="signup-password" name="password" required>
</div>
</div>
<button type="submit">Sign Up</button>
</form>
<p class="toggle-form">Already have an account? <a onclick="toggleForms()">Log in</a></p>
</div>
</main>
<?php if (!empty($errors)): ?>
<div class="messages errors">
<?php foreach ($errors as $error): ?>
<p style="margin: 0;"><?= htmlspecialchars($error) ?></p>
<?php endforeach; ?>
</div>
<?php endif; ?>
<?php if (!empty($messages)): ?>
<div class="messages success">
<?php foreach ($messages as $message): ?>
<p style="margin: 0;"><?= htmlspecialchars($message) ?></p>
<?php endforeach; ?>
</div>
<?php endif; ?>
<script>
function toggleForms() {
const loginCard = document.getElementById('login-card');
const signupCard = document.getElementById('signup-card');
if (loginCard.style.display === 'none') {
loginCard.style.display = 'block';
signupCard.style.display = 'none';
} else {
loginCard.style.display = 'none';
signupCard.style.display = 'block';
}
}
// If there were registration errors, show the signup form
<?php if (!empty($errors) && $_POST['action'] === 'signup'): ?>
toggleForms();
<?php endif; ?>
</script>
</body>
</html>

6
logout.php Normal file
View File

@ -0,0 +1,6 @@
<?php
session_start();
session_unset();
session_destroy();
header("Location: index.php");
exit;

371
profile.php Normal file
View File

@ -0,0 +1,371 @@
<?php
declare(strict_types=1);
session_start();
if (!isset($_SESSION['user_id'])) {
header('Location: login.php');
exit;
}
require_once 'db/config.php';
$userId = $_SESSION['user_id'];
$errors = [];
$messages = [];
// Fetch user data once to use for POST and for initial display
try {
$pdo = db();
$stmt = $pdo->prepare('SELECT * FROM users WHERE id = ?');
$stmt->execute([$userId]);
$user = $stmt->fetch();
if (!$user) {
session_destroy();
header('Location: login.php');
exit;
}
} catch (PDOException $e) {
die('Could not fetch user data: ' . $e->getMessage());
}
// Handle profile update
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$firstName = trim($_POST['first_name'] ?? '');
$lastName = trim($_POST['last_name'] ?? '');
$email = trim($_POST['email'] ?? '');
$phoneNumber = trim($_POST['phone_number'] ?? '');
$riderLevel = trim($_POST['rider_level'] ?? '');
$avatarPath = $user['avatar'] ?? ''; // Start with existing avatar
// --- Validation ---
if (empty($firstName)) {
$errors['first_name'] = 'First name is required.';
}
if (empty($lastName)) {
$errors['last_name'] = 'Last name is required.';
}
if (empty($email)) {
$errors['email'] = 'Email is required.';
} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errors['email'] = 'Please enter a valid email address.';
}
// Handle avatar upload
if (isset($_FILES['avatar']) && $_FILES['avatar']['error'] === UPLOAD_ERR_OK) {
$uploadDir = 'assets/avatars/';
if (!is_dir($uploadDir)) {
if (!mkdir($uploadDir, 0755, true)) {
$errors['avatar'] = 'Failed to create avatar directory.';
}
}
if (!isset($errors['avatar'])) {
$avatarTmpPath = $_FILES['avatar']['tmp_name'];
$avatarName = basename($_FILES['avatar']['name']);
$avatarSize = $_FILES['avatar']['size'];
$avatarExtension = strtolower(pathinfo($avatarName, PATHINFO_EXTENSION));
$allowedExtensions = ['jpg', 'jpeg', 'png'];
$maxFileSize = 2 * 1024 * 1024; // 2 MB
if (!in_array($avatarExtension, $allowedExtensions)) {
$errors['avatar'] = 'Invalid file type. Only JPG and PNG are allowed.';
} elseif ($avatarSize > $maxFileSize) {
$errors['avatar'] = 'File is too large. Maximum size is 2MB.';
} else {
$safeAvatarName = uniqid('avatar_', true) . '.' . $avatarExtension;
$newAvatarPath = $uploadDir . $safeAvatarName;
if (move_uploaded_file($avatarTmpPath, $newAvatarPath)) {
// Remove the old avatar if it exists and is not a default one
if (!empty($avatarPath) && file_exists($avatarPath)) {
unlink($avatarPath);
}
$avatarPath = $newAvatarPath; // Set new path for DB update
} else {
$errors['avatar'] = 'Failed to upload new avatar.';
}
}
}
}
// Phone number validation
if (!empty($phoneNumber)) {
$numericPhoneNumber = preg_replace('/[^0-9]/', '', $phoneNumber);
if (strlen($numericPhoneNumber) < 7) {
$errors['phone_number'] = 'Phone number must be at least 7 digits.';
} else {
$phoneNumber = $numericPhoneNumber; // Use the sanitized number
}
}
if (empty($errors)) {
try {
$stmt = $pdo->prepare(
'UPDATE users SET first_name = ?, last_name = ?, email = ?, phone_number = ?, rider_level = ?, avatar = ? WHERE id = ?'
);
$stmt->execute([$firstName, $lastName, $email, $phoneNumber, $riderLevel, $avatarPath, $userId]);
$messages[] = 'Profile updated successfully!';
// Refresh user data after successful update
$stmt = $pdo->prepare('SELECT * FROM users WHERE id = ?');
$stmt->execute([$userId]);
$user = $stmt->fetch();
} catch (PDOException $e) {
error_log("Profile Update Error: " . $e->getMessage());
$errors['db'] = 'Error updating profile. Please try again.';
}
}
}
// On a failed POST, user data should come from POST, otherwise from DB
$displayData = [
'first_name' => $_POST['first_name'] ?? $user['first_name'],
'last_name' => $_POST['last_name'] ?? $user['last_name'],
'email' => $_POST['email'] ?? $user['email'],
'phone_number' => $_POST['phone_number'] ?? $user['phone_number'],
'rider_level' => $_POST['rider_level'] ?? $user['rider_level'],
'avatar' => $user['avatar']
];
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>User Profile</title>
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Lato:wght@300;400&display=swap" rel="stylesheet">
<style>
:root {
--text-color: #ffffff;
--text-color-secondary: #e0e0e0;
--input-border-color: rgba(255, 255, 255, 0.8);
--button-bg-color: #ffffff;
--button-text-color: #000000;
--error-color: #ffcdd2;
--success-color: #c8e6c9;
--error-text-color: #800020; /* A light red for text */
}
body {
margin: 0;
font-family: 'Lato', 'Hero Light', sans-serif;
font-weight: 300;
color: var(--text-color);
display: flex;
justify-content: center;
align-items: center;
min-height: 100vh;
background: #000000 url('assets/pasted-20250910-070203-d672ef9e.jpg') no-repeat center center fixed;
background-size: cover;
text-align: center;
}
main {
padding: 2rem; /* Reduced padding */
width: auto;
}
.card {
background: transparent;
border: none;
padding: 0;
width: 100%;
max-width: 800px; /* Wider for more fields */
text-align: center;
}
.form-container-blur {
background: rgba(255, 255, 255, 0.1); /* Lighter, more transparent background */
-webkit-backdrop-filter: blur(12px); /* More blur */
backdrop-filter: blur(12px);
border-radius: 16px;
padding: 2rem;
border: 1px solid rgba(255, 255, 255, 0.18);
box-shadow: 0 4px 12px 0 rgba(0, 0, 0, 0.1); /* Subtle shadow for depth */
margin-bottom: 1.5rem; /* Space before the button */
}
h1 {
font-size: 2.2rem;
font-weight: 300;
margin: 0 0 1.5rem; /* Reduced margin */
letter-spacing: 1px;
color: var(--text-color); /* Explicitly white */
}
form {
display: flex;
flex-direction: column;
gap: 1rem; /* Reduced gap */
}
.form-row {
display: flex;
flex-wrap: wrap;
gap: 1.5rem;
align-items: flex-start; /* Align to top for error messages */
justify-content: center;
}
.form-group {
margin-bottom: 0;
text-align: center;
flex-grow: 1;
flex-basis: 200px;
position: relative; /* For error message positioning */
}
label {
display: block;
margin-bottom: 0.5rem;
font-size: 0.9rem;
color: var(--text-color-secondary); /* Improved contrast */
text-align: left;
}
label[for="avatar"],
label[for="first_name"],
label[for="last_name"] {
color: var(--text-color);
}
input[type="text"], input[type="email"], input[type="file"], input[type="tel"] {
width: 100%;
padding: 0.5rem 0; /* Reduced padding */
background: transparent;
border: none;
border-bottom: 1px solid var(--input-border-color); /* Improved contrast */
color: var(--text-color-secondary); /* Improved contrast */
font-size: 1.1rem;
box-sizing: border-box;
font-family: 'Lato', sans-serif;
font-weight: 300;
}
input:focus {
outline: none;
border-bottom-color: #ffffff;
}
.error-message {
color: var(--error-text-color);
font-size: 0.8rem;
text-align: left;
padding-top: 4px;
}
button {
padding: 0.9rem 2rem;
background: var(--button-bg-color);
color: var(--button-text-color);
border: none;
border-radius: 25px;
font-size: 1rem;
font-weight: 400;
text-transform: uppercase;
letter-spacing: 1px;
cursor: pointer;
transition: background-color 0.2s ease, color 0.2s ease;
align-self: center;
margin-top: 1rem; /* Kept margin for button separation */
}
button:hover {
background-color: #f0f0f0;
}
.avatar-preview {
width: 80px;
height: 80px;
border-radius: 50%;
object-fit: cover;
margin: 0 auto 1rem;
border: 2px solid var(--input-border-color); /* Improved contrast */
display: block;
}
.messages {
padding: 1rem;
margin-bottom: 1rem;
border-radius: 8px;
text-align: left;
position: fixed;
bottom: 20px;
left: 50%;
transform: translateX(-50%);
z-index: 100;
min-width: 300px;
font-size: 0.9rem;
background: rgba(0,0,0,0.7);
}
.errors { color: var(--error-color); border: 1px solid #d32f2f; }
.success { color: var(--success-color); border: 1px solid #388e3c; }
.back-link {
color: var(--text-color);
text-decoration: none;
position: absolute;
top: 1.5rem;
right: 1.5rem;
opacity: 0.8;
font-size: 0.9rem;
}
</style>
</head>
<body>
<a href="horses.php" class="back-link">Back to Horses</a>
<main>
<div class="card">
<h1>Edit Profile</h1>
<form action="profile.php" method="post" enctype="multipart/form-data">
<div class="form-container-blur">
<div class="form-row">
<div class="form-group">
<label for="avatar">Avatar</label>
<?php if (!empty($displayData['avatar'])):
?>
<img src="<?= htmlspecialchars($displayData['avatar']) ?>?t=<?= time() ?>" alt="Avatar" class="avatar-preview">
<?php endif; ?>
<input type="file" id="avatar" name="avatar">
<?php if (isset($errors['avatar'])): ?><div class="error-message"><?= $errors['avatar'] ?></div><?php endif; ?>
</div>
</div>
<div class="form-row">
<div class="form-group">
<label for="first_name">First Name</label>
<input type="text" id="first_name" name="first_name" value="<?= htmlspecialchars($displayData['first_name'] ?? '') ?>">
<?php if (isset($errors['first_name'])): ?><div class="error-message"><?= $errors['first_name'] ?></div><?php endif; ?>
</div>
<div class="form-group">
<label for="last_name">Last Name</label>
<input type="text" id="last_name" name="last_name" value="<?= htmlspecialchars($displayData['last_name'] ?? '') ?>">
<?php if (isset($errors['last_name'])): ?><div class="error-message"><?= $errors['last_name'] ?></div><?php endif; ?>
</div>
</div>
<div class="form-row">
<div class="form-group">
<label for="email">Email</label>
<input type="email" id="email" name="email" value="<?= htmlspecialchars($displayData['email'] ?? '') ?>">
<?php if (isset($errors['email'])): ?><div class="error-message"><?= $errors['email'] ?></div><?php endif; ?>
</div>
<div class="form-group">
<label for="phone_number">Phone Number</label>
<input type="tel" id="phone_number" name="phone_number" value="<?= htmlspecialchars($displayData['phone_number'] ?? '') ?>" oninput="this.value=this.value.replace(/[^0-9]/g,'');">
<?php if (isset($errors['phone_number'])): ?><div class="error-message"><?= $errors['phone_number'] ?></div><?php endif; ?>
</div>
</div>
<div class="form-row">
<div class="form-group">
<label for="rider_level">Rider Level</label> <input type="text" id="rider_level" name="rider_level" value="<?= htmlspecialchars($displayData['rider_level'] ?? '') ?>">
</div>
</div>
</div>
<button type="submit">Save Changes</button>
</form>
</div>
</main>
<?php if (!empty($messages) || isset($errors['db'])): ?>
<div class="messages <?= isset($errors['db']) ? 'errors' : 'success' ?>">
<?php if (isset($errors['db'])): ?>
<p style="margin: 0;"><?= htmlspecialchars($errors['db']) ?></p>
<?php endif; ?>
<?php foreach ($messages as $message): ?>
<p style="margin: 0;"><?= htmlspecialchars($message) ?></p>
<?php endforeach; ?>
</div>
<?php endif; ?>
</body>
</html>