MagiCV

2025-09-17 12:23:23 +00:00 · 2025-09-17 12:23:23 +00:00 · 35f149b4db
commit 35f149b4db
parent 7a4a20350d
2 changed files with 69 additions and 0 deletions
--- a/admin/index.php
+++ b/admin/index.php
@ -0,0 +1,66 @@
+<?php
+session_start();
+require_once '../db/config.php';
+
+// Restrict access to admins
+if (!isset($_SESSION['user_id']) || $_SESSION['role'] !== 'admin') {
+    header('Location: ../dashboard.php');
+    exit();
+}
+
+// Fetch all users for the user management table
+try {
+    $p_users = $db->prepare('SELECT id, username, email, role, created_at FROM users ORDER BY created_at DESC');
+    $p_users->execute();
+    $users = $p_users->fetchAll(PDO::FETCH_ASSOC);
+} catch (PDOException $e) {
+    // For now, we'll just die on error. In a real app, log this.
+    die("Error fetching users: " . $e->getMessage());
+}
+
+$pageTitle = 'Admin Dashboard';
+include '../includes/header.php';
+?>
+
+<div class="container">
+    <h1 class="page-title">Admin Dashboard</h1>
+    <p>Welcome, <?php echo htmlspecialchars($_SESSION['username']); ?>!</p>
+
+    <div class="section">
+        <h2>User Management</h2>
+        <p>Here you can view all registered users.</p>
+        
+        <div class="table-responsive">
+            <table class="table">
+                <thead>
+                    <tr>
+                        <th>ID</th>
+                        <th>Username</th>
+                        <th>Email</th>
+                        <th>Role</th>
+                        <th>Registered At</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    <?php if (empty($users)): ?>
+                        <tr>
+                            <td colspan="5">No users found.</td>
+                        </tr>
+                    <?php else: ?>
+                        <?php foreach ($users as $user): ?>
+                            <tr>
+                                <td><?php echo htmlspecialchars($user['id']); ?></td>
+                                <td><?php echo htmlspecialchars($user['username']); ?></td>
+                                <td><?php echo htmlspecialchars($user['email']); ?></td>
+                                <td><?php echo htmlspecialchars($user['role']); ?></td>
+                                <td><?php echo htmlspecialchars(date('Y-m-d H:i', strtotime($user['created_at']))); ?></td>
+                            </tr>
+                        <?php endforeach; ?>
+                    <?php endif; ?>
+                </tbody>
+            </table>
+        </div>
+    </div>
+</div>
+
+<?php include '../includes/footer.php'; ?>
--- a/includes/header.php
+++ b/includes/header.php
@ -23,6 +23,9 @@ if (session_status() == PHP_SESSION_NONE) {
                    <?php if (isset($_SESSION['role']) && $_SESSION['role'] == 'free'): ?>
                        <li><a href="/upgrade.php" class="button-secondary">Upgrade to PRO</a></li>
                    <?php endif; ?>
+                    <?php if (isset($_SESSION['role']) && $_SESSION['role'] == 'admin'): ?>
+                        <li><a href="/admin/index.php" class="button-secondary">Admin</a></li>
+                    <?php endif; ?>
                    <li><a href="/logout.php">Logout</a></li>
                <?php else: ?>
                    <li><a href="/templates_preview.php">Templates</a></li>