prepare("SELECT name FROM clients WHERE client_id = ? AND user_id = ?"); $stmt->execute([$client_id, $_SESSION['user_id']]); $client = $stmt->fetch(PDO::FETCH_ASSOC); if (!$client) { header('Location: dashboard.php?error=invalidclient'); exit; } $errors = []; if ($_SERVER['REQUEST_METHOD'] === 'POST') { $name = trim($_POST['name'] ?? ''); $username = trim($_POST['username'] ?? ''); $password = $_POST['password'] ?? ''; // Do not trim password $url = trim($_POST['url'] ?? ''); $notes = trim($_POST['notes'] ?? ''); if (empty($name)) { $errors[] = 'Credential name is required.'; } if (empty($password)) { $errors[] = 'Password is required.'; } if (empty($errors)) { // For now, we will store passwords in plain text. This is NOT secure and will be updated. // In a real-world scenario, use a proper encryption method. $insertStmt = $pdo->prepare( "INSERT INTO credentials (client_id, name, username, password, url, notes, created_by, updated_by) VALUES (?, ?, ?, ?, ?, ?, ?, ?)" ); $user_id = $_SESSION['user_id']; try { $insertStmt->execute([$client_id, $name, $username, $password, $url, $notes, $user_id, $user_id]); $newCredentialId = $pdo->lastInsertId(); log_audit_event('credential_create', $user_id, 'credential', $newCredentialId); header("Location: dashboard.php?client_id=$client_id&status=credential_added"); exit; } catch (PDOException $e) { $errors[] = "Database error: " . $e->getMessage(); } } } ?> Add Credential - FlexPass

Add New Credential for

A descriptive name, e.g., "Primary Admin Login" or "Database Access".
Cancel