admin/34414-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

0.2

Browse Source
This commit is contained in:
Flatlogic Bot 2025-09-26 09:52:11 +00:00
parent a5bc44b0ba
commit ba92df7101
15 changed files with 662 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
assets/js/main.js
View File

@ -2,13 +2,35 @@
document.addEventListener('DOMContentLoaded', function () {
const addVisitorBtn = document.getElementById('add-visitor');
const visitorsContainer = document.getElementById('visitors-container');
let visitorCount = 1;
function updateVisitorIndices() {
const visitorGroups = visitorsContainer.querySelectorAll('.visitor-group');
visitorGroups.forEach((group, index) => {
const visitorIndex = index + 1;
group.querySelector('h3').textContent = `Visitor ${visitorIndex}`;
group.querySelectorAll('[id^="visitor_"]').forEach(input => {
const oldId = input.id;
const newId = oldId.replace(/_\d+$/, `_${visitorIndex}`);
input.id = newId;
const label = document.querySelector(`[for="${oldId}"]`);
if (label) {
label.htmlFor = newId;
}
});
group.querySelectorAll('[name^="visitors["]').forEach(input => {
input.name = input.name.replace(/\[\d+\]/, `[${visitorIndex}]`);
});
});
}
addVisitorBtn.addEventListener('click', function () {
visitorCount++;
const visitorCount = visitorsContainer.querySelectorAll('.visitor-group').length + 1;
const visitorTemplate = `
<div class="visitor-group border-t mt-4 pt-4">
<h3 class="text-lg font-semibold">Visitor ${visitorCount}</h3>
<div class="flex justify-between items-center">
<h3 class="text-lg font-semibold">Visitor ${visitorCount}</h3>
<button type="button" class="text-red-500 hover:text-red-700 delete-visitor">Delete</button>
</div>
<div class="grid grid-cols-1 md:grid-cols-2 gap-4 mt-2">
<div>
<label for="visitor_full_name_${visitorCount}" class="block text-sm font-medium text-gray-700">Full Name</label>
@ -35,4 +57,11 @@ document.addEventListener('DOMContentLoaded', function () {
`;
visitorsContainer.insertAdjacentHTML('beforeend', visitorTemplate);
});
visitorsContainer.addEventListener('click', function(e) {
if (e.target.classList.contains('delete-visitor')) {
e.target.closest('.visitor-group').remove();
updateVisitorIndices();
}
});
});

17
auth.php Normal file
View File

@ -0,0 +1,17 @@
<?php
session_start();
function require_login($required_role = null) {
if (!isset($_SESSION['user_id'])) {
// User is not logged in
header('Location: login.php');
exit();
}
if ($required_role && (!isset($_SESSION['role']) || $_SESSION['role'] !== $required_role)) {
// User does not have the required role
// You can redirect to an unauthorized page or the login page
header('Location: login.php?error=You are not authorized to view this page.');
exit();
}
}

138
dashboard.php Normal file
View File

@ -0,0 +1,138 @@
<?php
require_once 'auth.php';
require_login('secretariat');
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Secretariat Dashboard</title>
<link href="https://cdn.jsdelivr.net/npm/tailwindcss@2.2.19/dist/tailwind.min.css" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css">
</head>
<body class="bg-gray-100">
<nav class="bg-white shadow-md">
<div class="max-w-7xl mx-auto px-4 sm:px-6 lg:px-8">
<div class="flex justify-between h-16">
<div class="flex">
<div class="flex-shrink-0 flex items-center">
<a href="index.php" class="text-2xl font-bold text-blue-600">SecurePort</a>
</div>
<div class="hidden sm:-my-px sm:ml-6 sm:flex sm:space-x-8">
<a href="dashboard.php" class="border-blue-500 text-gray-900 inline-flex items-center px-1 pt-1 border-b-2 text-sm font-medium" aria-current="page">Dashboard</a>
</div>
</div>
<div class="flex items-center">
<?php if (isset($_SESSION['user_id'])):
require_once 'auth.php';
?>
<span class="mr-4">Welcome, <?php echo htmlspecialchars($_SESSION['username']); ?>!</span>
<a href="logout.php" class="px-3 py-2 rounded-md text-sm font-medium text-gray-700 hover:text-blue-600 hover:bg-gray-50">Logout</a>
<?php else: ?>
<a href="login.php" class="px-3 py-2 rounded-md text-sm font-medium text-gray-700 hover:text-blue-600 hover:bg-gray-50">Login</a>
<?php endif; ?>
</div>
</div>
</div>
</nav>
<main class="container mx-auto px-6 py-8">
<h1 class="text-3xl font-bold text-gray-800 mb-6">Secretariat Dashboard</h1>
<!-- Filter and Search Form -->
<div class="mb-6">
<form action="dashboard.php" method="GET" class="bg-white shadow-md rounded-lg p-4 flex items-center space-x-4">
<div class="flex-grow">
<label for="search" class="sr-only">Search</label>
<input type="text" name="search" id="search" placeholder="Search by name or email..."
class="w-full rounded-md border-gray-300 shadow-sm focus:border-indigo-500 focus:ring-indigo-500 sm:text-sm"
value="<?php echo isset($_GET['search']) ? htmlspecialchars($_GET['search']) : ''; ?>">
</div>
<div>
<label for="status" class="sr-only">Status</label>
<select name="status" id="status"
class="rounded-md border-gray-300 shadow-sm focus:border-indigo-500 focus:ring-indigo-500 sm:text-sm">
<option value="">All Statuses</option>
<option value="Pending" <?php echo (isset($_GET['status']) && $_GET['status'] === 'Pending') ? 'selected' : ''; ?>>Pending</option>
<option value="Approved" <?php echo (isset($_GET['status']) && $_GET['status'] === 'Approved') ? 'selected' : ''; ?>>Approved</option>
<option value="Rejected" <?php echo (isset($_GET['status']) && $_GET['status'] === 'Rejected') ? 'selected' : ''; ?>>Rejected</option>
</select>
</div>
<div>
<button type="submit" class="px-4 py-2 bg-blue-500 text-white rounded-md hover:bg-blue-600">Filter</button>
</div>
</form>
</div>
<div class="bg-white shadow-md rounded-lg overflow-hidden">
<table class="min-w-full bg-white">
<thead class="bg-gray-800 text-white">
<tr>
<th class="w-1/6 text-left py-3 px-4 uppercase font-semibold text-sm">Submission ID</th>
<th class="w-1/6 text-left py-3 px-4 uppercase font-semibold text-sm">Applicant Name</th>
<th class="w-1/4 text-left py-3 px-4 uppercase font-semibold text-sm">Email</th>
<th class="w-1/6 text-left py-3 px-4 uppercase font-semibold text-sm">Submission Date</th>
<th class="w-1/6 text-left py-3 px-4 uppercase font-semibold text-sm">Status</th>
<th class="text-left py-3 px-4 uppercase font-semibold text-sm">Actions</th>
</tr>
</thead>
<tbody class="text-gray-700">
<?php
require_once 'db/config.php';
$pdo = db();
// Base query
$sql = "SELECT id, full_name, email, created_at, status FROM submissions";
$params = [];
$where_clauses = [];
// Search filter
if (!empty($_GET['search'])) {
$search_term = '%' . $_GET['search'] . '%';
$where_clauses[] = "(full_name LIKE ? OR email LIKE ?)";
$params[] = $search_term;
$params[] = $search_term;
}
// Status filter
if (!empty($_GET['status'])) {
$where_clauses[] = "status = ?";
$params[] = $_GET['status'];
}
if (!empty($where_clauses)) {
$sql .= " WHERE " . implode(' AND ', $where_clauses);
}
$sql .= " ORDER BY created_at DESC";
$stmt = $pdo->prepare($sql);
$stmt->execute($params);
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
echo "<tr>";
echo "<td class='text-left py-3 px-4'>" . htmlspecialchars($row['id']) . "</td>";
echo "<td class='text-left py-3 px-4'>" . htmlspecialchars($row['full_name']) . "</td>";
echo "<td class='text-left py-3 px-4'>" . htmlspecialchars($row['email']) . "</td>";
echo "<td class='text-left py-3 px-4'>" . htmlspecialchars($row['created_at']) . "</td>";
$status_class = 'bg-yellow-200 text-yellow-800';
if ($row['status'] === 'Approved') {
$status_class = 'bg-green-200 text-green-800';
} elseif ($row['status'] === 'Rejected') {
$status_class = 'bg-red-200 text-red-800';
}
echo "<td class='text-left py-3 px-4'><span class='" . $status_class . " py-1 px-3 rounded-full text-xs'>" . htmlspecialchars($row['status']) . "</span></td>";
echo "<td class='text-left py-3 px-4'><a href='view_submission.php?id=" . $row['id'] . "' class='text-blue-500 hover:text-blue-700'>View Details</a></td>";
echo "</tr>";
}
?>
</tbody>
</table>
</div>
</main>
</body>
</html>

14
db/migrations/002_create_users_table.sql Normal file
View File

@ -0,0 +1,14 @@
CREATE TABLE IF NOT EXISTS `users` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`username` varchar(255) NOT NULL,
`password` varchar(255) NOT NULL,
`role` varchar(50) NOT NULL,
`created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (`id`),
UNIQUE KEY `username` (`username`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
-- Insert a default admin user with a hashed password
-- The password is '''password'''
INSERT INTO `users` (`username`, `password`, `role`) VALUES
('''secretariat''', '''$2y$10$92IXUNpkjO0rOQ5byMi.Ye4oKoEa3Ro9llC/.og/at2.uheWG/igi''', '''secretariat''');

7
db/migrations/003_add_department_users.sql Normal file
View File

@ -0,0 +1,7 @@
-- Add new roles for the vetting departments
-- For now, we are adding only identity_verification. We can add more roles later.
-- Insert a default user for the Identity Verification department
-- The password is '''password'''
INSERT INTO `users` (`username`, `password`, `role`) VALUES
('''identity_verifier''', '''$2y$10$92IXUNpkjO0rOQ5byMi.Ye4oKoEa3Ro9llC/.og/at2.uheWG/igi''', '''identity_verification''');

6
db/migrations/004_add_vetting_status_to_submissions.sql Normal file
View File

@ -0,0 +1,6 @@
ALTER TABLE `submissions`
ADD COLUMN `identity_status` VARCHAR(20) NOT NULL DEFAULT 'Pending' AFTER `status`,
ADD COLUMN `passport_status` VARCHAR(20) NOT NULL DEFAULT 'Pending' AFTER `identity_status`,
ADD COLUMN `criminal_record_status` VARCHAR(20) NOT NULL DEFAULT 'Pending' AFTER `passport_status`,
ADD COLUMN `maritime_status` VARCHAR(20) NOT NULL DEFAULT 'Pending' AFTER `criminal_record_status`,
ADD COLUMN `maritime_criminal_status` VARCHAR(20) NOT NULL DEFAULT 'Pending' AFTER `maritime_status`;

87
identity_dashboard.php Normal file
View File

@ -0,0 +1,87 @@
<?php
require_once 'auth.php';
require_login('identity_verification');
require_once 'db/config.php';
$pdo = db();
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Identity Verification Dashboard</title>
<link href="https://cdn.jsdelivr.net/npm/tailwindcss@2.2.19/dist/tailwind.min.css" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css">
</head>
<body class="bg-gray-100">
<nav class="bg-white shadow-md">
<div class="max-w-7xl mx-auto px-4 sm:px-6 lg:px-8">
<div class="flex justify-between h-16">
<div class="flex">
<div class="flex-shrink-0 flex items-center">
<a href="#" class="text-2xl font-bold text-blue-600">SecurePort (Identity Vetting)</a>
</div>
</div>
<div class="flex items-center">
<span class="mr-4">Welcome, <?php echo htmlspecialchars($_SESSION['username']); ?>!</span>
<a href="logout.php" class="px-3 py-2 rounded-md text-sm font-medium text-gray-700 hover:text-blue-600 hover:bg-gray-50">Logout</a>
</div>
</div>
</div>
</nav>
<main class="container mx-auto px-6 py-8">
<h1 class="text-3xl font-bold text-gray-800 mb-6">Identity Verification Dashboard</h1>
<div class="bg-white shadow-md rounded-lg overflow-hidden">
<table class="min-w-full bg-white">
<thead class="bg-gray-800 text-white">
<tr>
<th class="w-1/6 text-left py-3 px-4 uppercase font-semibold text-sm">Submission ID</th>
<th class="w-1/4 text-left py-3 px-4 uppercase font-semibold text-sm">Applicant Name</th>
<th class="w-1/4 text-left py-3 px-4 uppercase font-semibold text-sm">ID/Passport #</th>
<th class="w-1/6 text-left py-3 px-4 uppercase font-semibold text-sm">ID Scan</th>
<th class="w-1/6 text-left py-3 px-4 uppercase font-semibold text-sm">Status</th>
<th class="text-left py-3 px-4 uppercase font-semibold text-sm">Actions</th>
</tr>
</thead>
<tbody class="text-gray-700">
<?php
$stmt = $pdo->query("SELECT id, full_name, id_or_passport, id_scan, identity_status FROM submissions ORDER BY created_at DESC");
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
echo "<tr>";
echo "<td class='text-left py-3 px-4'>" . htmlspecialchars($row['id']) . "</td>";
echo "<td class='text-left py-3 px-4'>" . htmlspecialchars($row['full_name']) . "</td>";
echo "<td class='text-left py-3 px-4'>" . htmlspecialchars($row['id_or_passport']) . "</td>";
echo "<td class='text-left py-3 px-4'><a href='uploads/" . htmlspecialchars($row['id_scan']) . "' target='_blank' class='text-blue-500 hover:text-blue-700'>View Scan</a></td>";
$status_class = 'bg-yellow-200 text-yellow-800';
if ($row['identity_status'] === 'Approved') {
$status_class = 'bg-green-200 text-green-800';
} elseif ($row['identity_status'] === 'Rejected') {
$status_class = 'bg-red-200 text-red-800';
}
echo "<td class='text-left py-3 px-4'><span class='" . $status_class . " py-1 px-3 rounded-full text-xs'>" . htmlspecialchars($row['identity_status']) . "</span></td>";
echo "<td class='text-left py-3 px-4'>";
if ($row['identity_status'] === 'Pending') {
echo "<form action='update_vetting_status.php' method='POST' class='flex space-x-2'>";
echo "<input type='hidden' name='submission_id' value='" . $row['id'] . "'>";
echo "<input type='hidden' name='department' value='identity'>";
echo "<button type='submit' name='status' value='Approved' class='px-2 py-1 bg-green-500 text-white rounded-md text-xs hover:bg-green-600'>Approve</button>";
echo "<button type='submit' name='status' value='Rejected' class='px-2 py-1 bg-red-500 text-white rounded-md text-xs hover:bg-red-600'>Reject</button>";
echo "</form>";
}
echo "</td>";
echo "</tr>";
}
?>
</tbody>
</table>
</div>
</main>
</body>
</html>

38
index.php
View File

@ -1,3 +1,6 @@
<?php
session_start();
?>
<!DOCTYPE html>
<html lang="en">
<head>
@ -12,7 +15,35 @@
</head>
<body>
<div class="hero py-16">
<nav class="bg-white shadow-md">
<div class="max-w-7xl mx-auto px-4 sm:px-6 lg:px-8">
<div class="flex justify-between h-16">
<div class="flex">
<div class="flex-shrink-0 flex items-center">
<a href="index.php" class="text-2xl font-bold text-blue-600">SecurePort</a>
</div>
<div class="hidden sm:-my-px sm:ml-6 sm:flex sm:space-x-8">
<?php if (isset($_SESSION['role']) && $_SESSION['role'] === 'secretariat'): ?>
<a href="dashboard.php" class="border-transparent text-gray-500 hover:text-gray-700 hover:border-gray-300 inline-flex items-center px-1 pt-1 border-b-2 text-sm font-medium">Dashboard</a>
<?php elseif (isset($_SESSION['role']) && $_SESSION['role'] === 'identity_verification'): ?>
<a href="identity_dashboard.php" class="border-transparent text-gray-500 hover:text-gray-700 hover:border-gray-300 inline-flex items-center px-1 pt-1 border-b-2 text-sm font-medium">Vetting Dashboard</a>
<?php endif; ?>
</div>
</div>
<div class="flex items-center">
<?php if (isset($_SESSION['user_id'])):
?>
<span class="mr-4">Welcome, <?php echo htmlspecialchars($_SESSION['username']); ?>!</span>
<a href="logout.php" class="px-3 py-2 rounded-md text-sm font-medium text-gray-700 hover:text-blue-600 hover:bg-gray-50">Logout</a>
<?php else: ?>
<a href="login.php" class="px-3 py-2 rounded-md text-sm font-medium text-gray-700 hover:text-blue-600 hover:bg-gray-50">Login</a>
<?php endif; ?>
</div>
</div>
</div>
</nav>
<div class="hero py-16 bg-gray-200">
<div class="container mx-auto text-center">
<h1 class="text-4xl font-bold">Security Clearance Application</h1>
<p class="mt-4 text-lg">Republic of Indonesia</p>
@ -118,7 +149,10 @@
<h2 class="text-2xl font-bold">Visitor Details</h2>
<div id="visitors-container">
<div class="visitor-group">
<h3 class="text-lg font-semibold">Visitor 1</h3>
<div class="flex justify-between items-center">
<h3 class="text-lg font-semibold">Visitor 1</h3>
<button type="button" class="text-red-500 hover:text-red-700 delete-visitor">Delete</button>
</div>
<div class="grid grid-cols-1 md:grid-cols-2 gap-4 mt-2">
<div>
<label for="visitor_full_name_1" class="block text-sm font-medium text-gray-700">Full Name</label>

63
login.php Normal file
View File

@ -0,0 +1,63 @@
<?php
session_start();
if (isset($_SESSION['user_id'])) {
header('Location: dashboard.php');
exit();
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Login - Security Clearance Application</title>
<link href="https://cdn.jsdelivr.net/npm/tailwindcss@2.2.19/dist/tailwind.min.css" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css">
</head>
<body class="bg-gray-100">
<nav class="bg-white shadow-md">
<div class="max-w-7xl mx-auto px-4 sm:px-6 lg:px-8">
<div class="flex justify-between h-16">
<div class="flex">
<div class="flex-shrink-0 flex items-center">
<a href="index.php" class="text-2xl font-bold text-blue-600">SecurePort</a>
</div>
</div>
<div class="flex items-center">
<a href="login.php" class="px-3 py-2 rounded-md text-sm font-medium text-gray-700 hover:text-blue-600 hover:bg-gray-50">Login</a>
</div>
</div>
</div>
</nav>
<div class="container mx-auto px-4 py-8">
<div class="max-w-md mx-auto bg-white rounded-lg shadow-md overflow-hidden">
<div class="px-6 py-8">
<h2 class="text-2xl font-bold text-center text-gray-800 mb-6">Secretariat Login</h2>
<?php if (isset($_GET['error'])): ?>
<div class="bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded relative mb-4" role="alert">
<span class="block sm:inline"><?php echo htmlspecialchars($_GET['error']); ?></span>
</div>
<?php endif; ?>
<form action="login_process.php" method="POST">
<div class="mb-4">
<label for="username" class="block text-gray-700 text-sm font-bold mb-2">Username</label>
<input type="text" name="username" id="username" class="shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 leading-tight focus:outline-none focus:shadow-outline" required>
</div>
<div class="mb-6">
<label for="password" class="block text-gray-700 text-sm font-bold mb-2">Password</label>
<input type="password" name="password" id="password" class="shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 mb-3 leading-tight focus:outline-none focus:shadow-outline" required>
</div>
<div class="flex items-center justify-between">
<button type="submit" class="bg-blue-500 hover:bg-blue-700 text-white font-bold py-2 px-4 rounded focus:outline-none focus:shadow-outline">
Sign In
</button>
</div>
</form>
</div>
</div>
</div>
</body>
</html>

41
login_process.php Normal file
View File

@ -0,0 +1,41 @@
<?php
session_start();
require_once 'db/config.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = $_POST['username'];
$password = $_POST['password'];
if (empty($username) || empty($password)) {
header('Location: login.php?error=Username and password are required');
exit();
}
try {
$pdo = db();
$stmt = $pdo->prepare("SELECT * FROM users WHERE username = ?");
$stmt->execute([$username]);
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password'])) {
// Password is correct, start session
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
$_SESSION['role'] = $user['role'];
header('Location: dashboard.php');
exit();
} else {
// Invalid credentials
header('Location: login.php?error=Invalid username or password');
exit();
}
} catch (PDOException $e) {
// die("Database error: " . $e->getMessage());
header('Location: login.php?error=A database error occurred.');
exit();
}
} else {
header('Location: login.php');
exit();
}

6
logout.php Normal file
View File

@ -0,0 +1,6 @@
<?php
session_start();
session_unset();
session_destroy();
header('Location: login.php');
exit();

34
update_status.php Normal file
View File

@ -0,0 +1,34 @@
<?php
require_once 'auth.php';
require_login('secretariat');
require_once 'db/config.php';
require_once 'mail/MailService.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$submission_id = $_POST['submission_id'] ?? null;
$status = $_POST['status'] ?? null;
if ($submission_id && $status) {
$pdo = db();
$stmt = $pdo->prepare("UPDATE submissions SET status = ? WHERE id = ?");
$stmt->execute([$status, $submission_id]);
// Fetch applicant email
$stmt = $pdo->prepare("SELECT email, full_name FROM submissions WHERE id = ?");
$stmt->execute([$submission_id]);
$submission = $stmt->fetch(PDO::FETCH_ASSOC);
if ($submission) {
$to = $submission['email'];
$subject = "Your Security Clearance Application Status";
$body = "<p>Dear " . htmlspecialchars($submission['full_name']) . ",</p>";
$body .= "<p>Your application for security clearance has been <strong>" . htmlspecialchars($status) . "</strong>.</p>";
$body .= "<p>Thank you.</p>";
MailService::sendMail($to, $subject, $body, strip_tags($body));
}
}
}
header("Location: dashboard.php");
exit;

41
update_vetting_status.php Normal file
View File

@ -0,0 +1,41 @@
<?php
require_once 'auth.php';
require_login(); // User must be logged in
require_once 'db/config.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$submission_id = $_POST['submission_id'] ?? null;
$department = $_POST['department'] ?? null;
$status = $_POST['status'] ?? null;
$allowed_departments = [
'identity',
'passport',
'criminal_record',
'maritime',
'maritime_criminal'
];
if ($submission_id && $department && $status && in_array($department, $allowed_departments)) {
$status_column = $department . '_status';
$pdo = db();
$stmt = $pdo->prepare("UPDATE submissions SET {$status_column} = ? WHERE id = ?");
$stmt->execute([$status, $submission_id]);
}
}
// Redirect back to the appropriate dashboard
$role = $_SESSION['role'] ?? '';
$redirect_url = 'login.php'; // Default redirect
if ($role === 'secretariat') {
$redirect_url = 'dashboard.php';
} elseif ($role === 'identity_verification') {
$redirect_url = 'identity_dashboard.php';
}
// Add more else-if for other department roles here in the future
header("Location: " . $redirect_url);
exit;

BIN
uploads/ANTHONY-LEONG-KEE-YET.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 207 KiB

140
view_submission.php Normal file
View File

@ -0,0 +1,140 @@
<?php
require_once 'auth.php';
require_login('secretariat');
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>View Submission</title>
<link href="https://cdn.jsdelivr.net/npm/tailwindcss@2.2.19/dist/tailwind.min.css" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css">
</head>
<body class="bg-gray-100">
<nav class="bg-white shadow-md">
<div class="max-w-7xl mx-auto px-4 sm:px-6 lg:px-8">
<div class="flex justify-between h-16">
<div class="flex">
<div class="flex-shrink-0 flex items-center">
<a href="index.php" class="text-2xl font-bold text-blue-600">SecurePort</a>
</div>
<div class="hidden sm:-my-px sm:ml-6 sm:flex sm:space-x-8">
<a href="dashboard.php" class="border-transparent text-gray-500 hover:text-gray-700 hover:border-gray-300 inline-flex items-center px-1 pt-1 border-b-2 text-sm font-medium">Dashboard</a>
</div>
</div>
<div class="flex items-center">
<?php if (isset($_SESSION['user_id'])):
require_once 'auth.php';
?>
<span class="mr-4">Welcome, <?php echo htmlspecialchars($_SESSION['username']); ?>!</span>
<a href="logout.php" class="px-3 py-2 rounded-md text-sm font-medium text-gray-700 hover:text-blue-600 hover:bg-gray-50">Logout</a>
<?php else: ?>
<a href="login.php" class="px-3 py-2 rounded-md text-sm font-medium text-gray-700 hover:text-blue-600 hover:bg-gray-50">Login</a>
<?php endif; ?>
</div>
</div>
</div>
</nav>
<main class="container mx-auto px-6 py-8">
<?php
require_once 'db/config.php';
$pdo = db();
$submission_id = $_GET['id'] ?? null;
if ($submission_id) {
$stmt = $pdo->prepare("SELECT * FROM submissions WHERE id = ?");
$stmt->execute([$submission_id]);
$submission = $stmt->fetch(PDO::FETCH_ASSOC);
if ($submission) {
?>
<h1 class="text-3xl font-bold text-gray-800 mb-6">Submission Details</h1>
<div class="bg-white shadow-md rounded-lg p-6 mb-6">
<h2 class="text-2xl font-bold text-gray-800 mb-4">Applicant Information</h2>
<div class="grid grid-cols-1 md:grid-cols-2 gap-4">
<div><strong>Full Name:</strong> <?php echo htmlspecialchars($submission['full_name']); ?></div>
<div><strong>Email:</strong> <?php echo htmlspecialchars($submission['email']); ?></div>
<div><strong>National ID/Passport:</strong> <?php echo htmlspecialchars($submission['id_or_passport']); ?></div>
<div><strong>Gender:</strong> <?php echo htmlspecialchars($submission['gender']); ?></div>
<div><strong>Date of Birth:</strong> <?php echo htmlspecialchars($submission['dob']); ?></div>
<div><strong>Mobile Phone:</strong> <?php echo htmlspecialchars($submission['mobile_phone']); ?></div>
<div class="md:col-span-2"><strong>Address:</strong> <?php echo htmlspecialchars($submission['address']); ?></div>
</div>
</div>
<div class="bg-white shadow-md rounded-lg p-6 mb-6">
<h2 class="text-2xl font-bold text-gray-800 mb-4">Visit Details</h2>
<div class="grid grid-cols-1 md:grid-cols-2 gap-4">
<div><strong>Start Date:</strong> <?php echo htmlspecialchars($submission['start_date']); ?></div>
<div><strong>End Date:</strong> <?php echo htmlspecialchars($submission['end_date']); ?></div>
<div class="md:col-span-2"><strong>Purpose of Visit:</strong> <?php echo htmlspecialchars($submission['purpose_of_visit']); ?></div>
<div><strong>Visit Category:</strong> <?php echo htmlspecialchars($submission['visit_category']); ?></div>
<div><strong>Location:</strong> <?php echo htmlspecialchars($submission['location']); ?></div>
</div>
</div>
<div class="bg-white shadow-md rounded-lg p-6 mb-6">
<h2 class="text-2xl font-bold text-gray-800 mb-4">Uploaded Documents</h2>
<div>
<strong>National ID/Passport Scan:</strong>
<a href="uploads/<?php echo htmlspecialchars($submission['id_scan']); ?>" target="_blank" class="text-blue-500 hover:text-blue-700">View Document</a>
</div>
<?php if (!empty($submission['official_letter_scan'])) : ?>
<div>
<strong>Official Letter/Memo:</strong>
<a href="uploads/<?php echo htmlspecialchars($submission['official_letter_scan']); ?>" target="_blank" class="text-blue-500 hover:text-blue-700">View Document</a>
</div>
<?php endif; ?>
</div>
<div class="bg-white shadow-md rounded-lg p-6">
<h2 class="text-2xl font-bold text-gray-800 mb-4">Visitors</h2>
<?php
$visitor_stmt = $pdo->prepare("SELECT * FROM visitors WHERE submission_id = ?");
$visitor_stmt->execute([$submission_id]);
while ($visitor = $visitor_stmt->fetch(PDO::FETCH_ASSOC)) {
?>
<div class="border-b pb-4 mb-4">
<div class="grid grid-cols-1 md:grid-cols-2 gap-4">
<div><strong>Full Name:</strong> <?php echo htmlspecialchars($visitor['full_name']); ?></div>
<div><strong>National ID/Passport:</strong> <?php echo htmlspecialchars($visitor['id_or_passport']); ?></div>
<div><strong>Mobile Phone:</strong> <?php echo htmlspecialchars($visitor['mobile_phone']); ?></div>
<div><strong>Address:</strong> <?php echo htmlspecialchars($visitor['address']); ?></div>
<div>
<strong>ID Scan:</strong>
<a href="uploads/<?php echo htmlspecialchars($visitor['id_scan']); ?>" target="_blank" class="text-blue-500 hover:text-blue-700">View Document</a>
</div>
</div>
</div>
<?php
}
?>
</div>
<div class="bg-white shadow-md rounded-lg p-6 mt-6">
<h2 class="text-2xl font-bold text-gray-800 mb-4">Secretariat Action</h2>
<form action="update_status.php" method="POST">
<input type="hidden" name="submission_id" value="<?php echo $submission['id']; ?>">
<div class="flex space-x-4">
<button type="submit" name="status" value="Approved" class="px-4 py-2 bg-green-500 text-white rounded-md hover:bg-green-600">Approve</button>
<button type="submit" name="status" value="Rejected" class="px-4 py-2 bg-red-500 text-white rounded-md hover:bg-red-600">Reject</button>
</div>
</form>
</div>
<?php
} else {
echo "<p class='text-red-500'>Submission not found.</p>";
}
} else {
echo "<p class='text-red-500'>No submission ID provided.</p>";
}
?>
</main>
</body>
</html>