admin/34619-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: admin:master
Branches Tags
admin:master
admin:ai-dev
..
compare: admin:ai-dev
Branches Tags
admin:ai-dev
admin:master

1 Commits
master ... ai-dev

Author SHA1 Message Date
Flatlogic Bot
610097cac5 Auto commit: 2025-10-03T13:03:26.863Z 2025-10-03 13:03:26 +00:00
26 changed files with 1963 additions and 140 deletions
Show Stats Expand all files Collapse all files

138
admin/index.php Normal file
View File

@ -0,0 +1,138 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header("Location: login.php");
exit;
}
require_once __DIR__ . '/../db/config.php';
// Fetch stats
$pdo = db();
$total_surveys = $pdo->query("SELECT COUNT(*) FROM surveys")->fetchColumn();
$total_responses = $pdo->query("SELECT COUNT(*) FROM responses")->fetchColumn();
$total_users = $pdo->query("SELECT COUNT(*) FROM users")->fetchColumn();
// Fetch recent surveys
$recent_surveys_stmt = $pdo->query("SELECT id, title, created_at FROM surveys ORDER BY created_at DESC LIMIT 5");
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Admin Dashboard - FormFlex Pro</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="../assets/css/admin.css">
</head>
<body>
<header class="navbar navbar-dark sticky-top bg-dark flex-md-nowrap p-0 shadow">
<a class="navbar-brand col-md-3 col-lg-2 me-0 px-3" href="#">FormFlex Pro</a>
<button class="navbar-toggler position-absolute d-md-none collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#sidebarMenu" aria-controls="sidebarMenu" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
<div class="navbar-nav">
<div class="nav-item text-nowrap">
<a class="nav-link px-3" href="logout.php">Sign out</a>
</div>
</div>
</header>
<div class="container-fluid">
<div class="row">
<nav id="sidebarMenu" class="col-md-3 col-lg-2 d-md-block bg-light sidebar collapse">
<div class="position-sticky pt-3">
<ul class="nav flex-column">
<li class="nav-item">
<a class="nav-link active" aria-current="page" href="index.php">
Dashboard
</a>
</li>
<li class="nav-item">
<a class="nav-link" href="surveys.php">
Surveys
</a>
</li>
<li class="nav-item">
<a class="nav-link" href="users.php">
Users
</a>
</li>
<li class="nav-item">
<a class="nav-link" href="#">
Settings
</a>
</li>
</ul>
</div>
</nav>
<main class="col-md-9 ms-sm-auto col-lg-10 px-md-4">
<div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
<h1 class="h2">Dashboard</h1>
</div>
<div class="row">
<div class="col-md-4">
<div class="card text-white bg-primary mb-3">
<div class="card-header">Total Surveys</div>
<div class="card-body">
<h5 class="card-title"><?php echo $total_surveys; ?></h5>
<a href="surveys.php" class="text-white">View all surveys &rarr;</a>
</div>
</div>
</div>
<div class="col-md-4">
<div class="card text-white bg-success mb-3">
<div class="card-header">Total Responses</div>
<div class="card-body">
<h5 class="card-title"><?php echo $total_responses; ?></h5>
<p class="card-text">Across all surveys.</p>
</div>
</div>
</div>
<div class="col-md-4">
<div class="card text-white bg-info mb-3">
<div class="card-header">Registered Users</div>
<div class="card-body">
<h5 class="card-title"><?php echo $total_users; ?></h5>
<a href="users.php" class="text-white">View all users &rarr;</a>
</div>
</div>
</div>
</div>
<h2 class="h3 mt-4">Recent Surveys</h2>
<div class="table-responsive">
<table class="table table-striped">
<thead>
<tr>
<th>Title</th>
<th>Created</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php while ($survey = $recent_surveys_stmt->fetch()): ?>
<tr>
<td><?php echo htmlspecialchars($survey['title']); ?></td>
<td><?php echo htmlspecialchars(date('Y-m-d', strtotime($survey['created_at']))); ?></td>
<td>
<a href="survey_results.php?id=<?php echo $survey['id']; ?>" class="btn btn-sm btn-outline-success">Results</a>
<a href="survey_build.php?id=<?php echo $survey['id']; ?>" class="btn btn-sm btn-outline-info">Manage</a>
</td>
</tr>
<?php endwhile; ?>
</tbody>
</table>
</div>
</main>
</div>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>

69
admin/login.php Normal file
View File

@ -0,0 +1,69 @@
<?php
session_start();
require_once __DIR__ . '/../db/config.php';
require_once __DIR__ . '/../includes/security.php';
$error_message = '';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!validate_csrf_token()) {
$error_message = 'CSRF token validation failed.';
} elseif (!empty($_POST['username']) && !empty($_POST['password'])) {
try {
$pdo = db();
$stmt = $pdo->prepare("SELECT * FROM users WHERE username = ?");
$stmt->execute([$_POST['username']]);
$user = $stmt->fetch();
if ($user && password_verify($_POST['password'], $user['password'])) {
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
header("Location: index.php");
exit;
} else {
$error_message = "Invalid username or password.";
}
} catch (PDOException $e) {
$error_message = "Database error: " . $e->getMessage();
}
} else {
$error_message = "Please enter both username and password.";
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Admin Login - FormFlex Pro</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="../assets/css/admin.css">
</head>
<body>
<div class="login-container">
<div class="login-box">
<h2 class="text-center mb-4">FormFlex Pro</h2>
<h4 class="text-center mb-4">Admin Portal</h4>
<?php if ($error_message): ?>
<div class="alert alert-danger" role="alert">
<?php echo htmlspecialchars($error_message); ?>
</div>
<?php endif; ?>
<form action="login.php" method="POST" autocomplete="off">
<?php echo csrf_input_field(); ?>
<div class="mb-3">
<label for="username" class="form-label">Username</label>
<input type="text" class="form-control" id="username" name="username" required>
</div>
<div class="mb-3">
<label for="password" class="form-label">Password</label>
<input type="password" class="form-control" id="password" name="password" required>
</div>
<button type="submit" class="btn btn-primary w-100">Login</button>
</form>
</div>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>

6
admin/logout.php Normal file
View File

@ -0,0 +1,6 @@
<?php
session_start();
session_unset();
session_destroy();
header("Location: login.php");
exit;

56
admin/question_add.php Normal file
View File

@ -0,0 +1,56 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header("Location: login.php");
exit;
}
require_once __DIR__ . '/../db/config.php';
require_once __DIR__ . '/../includes/security.php';
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
header("Location: surveys.php");
exit;
}
if (!validate_csrf_token()) {
die('CSRF token validation failed.');
}
$survey_id = $_POST['survey_id'] ?? null;
$question_text = $_POST['question_text'] ?? null;
$question_type = $_POST['question_type'] ?? null;
$options_text = $_POST['options'] ?? null;
if (!$survey_id || !$question_text || !$question_type) {
header("Location: survey_build.php?id=" . $survey_id . "&error=missing_fields");
exit;
}
$pdo = db();
try {
// Insert the question
$stmt = $pdo->prepare("INSERT INTO questions (survey_id, question_text, question_type) VALUES (?, ?, ?)");
$stmt->execute([$survey_id, $question_text, $question_type]);
$question_id = $pdo->lastInsertId();
// If the question type has options, insert them
if (in_array($question_type, ['radio', 'checkbox', 'select']) && !empty($options_text)) {
$options = array_filter(array_map('trim', explode("\n", $options_text)));
if (!empty($options)) {
$option_stmt = $pdo->prepare("INSERT INTO question_options (question_id, option_text) VALUES (?, ?)");
foreach ($options as $option) {
$option_stmt->execute([$question_id, $option]);
}
}
}
header("Location: survey_build.php?id=" . $survey_id . "&status=question_added");
exit;
} catch (PDOException $e) {
// In a real app, you'd log this error
header("Location: survey_build.php?id=" . $survey_id . "&error=db_error");
exit;
}

42
admin/question_delete.php Normal file
View File

@ -0,0 +1,42 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header("Location: login.php");
exit;
}
require_once __DIR__ . '/../db/config.php';
$question_id = $_GET['id'] ?? null;
if (!$question_id) {
header("Location: surveys.php");
exit;
}
$pdo = db();
try {
// First, get the survey_id for redirection
$stmt = $pdo->prepare("SELECT survey_id FROM questions WHERE id = ?");
$stmt->execute([$question_id]);
$question = $stmt->fetch();
if ($question) {
$survey_id = $question['survey_id'];
// Delete the question (options will be deleted by CASCADE)
$delete_stmt = $pdo->prepare("DELETE FROM questions WHERE id = ?");
$delete_stmt->execute([$question_id]);
header("Location: survey_build.php?id=" . $survey_id . "&status=question_deleted");
exit;
} else {
header("Location: surveys.php?error=not_found");
exit;
}
} catch (PDOException $e) {
header("Location: surveys.php?error=db_error");
exit;
}

94
admin/survey_add.php Normal file
View File

@ -0,0 +1,94 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header("Location: login.php");
exit;
}
require_once __DIR__ . '/../db/config.php';
require_once __DIR__ . '/../includes/security.php';
$error_message = '';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!validate_csrf_token()) {
$error_message = 'CSRF token validation failed.';
} else {
$title = $_POST['title'] ?? '';
$description = $_POST['description'] ?? '';
if (empty($title)) {
$error_message = 'Title is required.';
} else {
try {
$pdo = db();
$stmt = $pdo->prepare("INSERT INTO surveys (title, description) VALUES (?, ?)");
$stmt->execute([$title, $description]);
$new_survey_id = $pdo->lastInsertId();
header("Location: survey_build.php?id=" . $new_survey_id . "&status=created");
exit;
} catch (PDOException $e) {
$error_message = "Database error: " . $e->getMessage();
}
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Add New Survey - FormFlex Pro</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="../assets/css/admin.css">
</head>
<body>
<header class="navbar navbar-dark sticky-top bg-dark flex-md-nowrap p-0 shadow">
<a class="navbar-brand col-md-3 col-lg-2 me-0 px-3" href="#">FormFlex Pro</a>
</header>
<div class="container-fluid">
<div class="row">
<nav id="sidebarMenu" class="col-md-3 col-lg-2 d-md-block bg-light sidebar collapse">
<div class="position-sticky pt-3">
<ul class="nav flex-column">
<li class="nav-item"><a class="nav-link" href="index.php">Dashboard</a></li>
<li class="nav-item"><a class="nav-link active" aria-current="page" href="surveys.php">Surveys</a></li>
<li class="nav-item"><a class="nav-link" href="users.php">Users</a></li>
<li class="nav-item"><a class="nav-link" href="#">Settings</a></li>
</ul>
</div>
</nav>
<main class="col-md-9 ms-sm-auto col-lg-10 px-md-4">
<div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
<h1 class="h2">Add New Survey</h1>
</div>
<?php if ($error_message): ?>
<div class="alert alert-danger"><?php echo htmlspecialchars($error_message); ?></div>
<?php endif; ?>
<form method="POST" action="survey_add.php" class="card p-3">
<?php echo csrf_input_field(); ?>
<div class="mb-3">
<label for="title" class="form-label">Survey Title</label>
<input type="text" class="form-control" id="title" name="title" required>
</div>
<div class="mb-3">
<label for="description" class="form-label">Description (Optional)</label>
<textarea class="form-control" id="description" name="description" rows="3"></textarea>
</div>
<button type="submit" class="btn btn-primary">Save and Add Questions</button>
<a href="surveys.php" class="btn btn-secondary mt-2">Cancel</a>
</form>
</main>
</div>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>

153
admin/survey_build.php Normal file
View File

@ -0,0 +1,153 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header("Location: login.php");
exit;
}
require_once __DIR__ . '/../db/config.php';
require_once __DIR__ . '/../includes/security.php';
$survey_id = $_GET['id'] ?? null;
if (!$survey_id) {
header("Location: surveys.php?error=not_found");
exit;
}
$pdo = db();
// Fetch survey details
$survey_stmt = $pdo->prepare("SELECT * FROM surveys WHERE id = ?");
$survey_stmt->execute([$survey_id]);
$survey = $survey_stmt->fetch();
if (!$survey) {
header("Location: surveys.php?error=not_found");
exit;
}
// Fetch questions and their options
$questions_stmt = $pdo->prepare("SELECT * FROM questions WHERE survey_id = ? ORDER BY id ASC");
$questions_stmt->execute([$survey_id]);
$questions = $questions_stmt->fetchAll();
$options_stmt = $pdo->prepare("SELECT * FROM question_options WHERE question_id = ? ORDER BY id ASC");
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Survey Builder - FormFlex Pro</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="../assets/css/admin.css">
</head>
<body>
<header class="navbar navbar-dark sticky-top bg-dark flex-md-nowrap p-0 shadow">
<a class="navbar-brand col-md-3 col-lg-2 me-0 px-3" href="#">FormFlex Pro</a>
</header>
<div class="container-fluid">
<div class="row">
<nav id="sidebarMenu" class="col-md-3 col-lg-2 d-md-block bg-light sidebar collapse">
<div class="position-sticky pt-3">
<ul class="nav flex-column">
<li class="nav-item"><a class="nav-link" href="index.php">Dashboard</a></li>
<li class="nav-item"><a class="nav-link active" aria-current="page" href="surveys.php">Surveys</a></li>
<li class="nav-item"><a class="nav-link" href="users.php">Users</a></li>
<li class="nav-item"><a class="nav-link" href="#">Settings</a></li>
</ul>
</div>
</nav>
<main class="col-md-9 ms-sm-auto col-lg-10 px-md-4">
<div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
<div>
<h1 class="h2">Survey Builder</h1>
<h5 class="text-muted"><?php echo htmlspecialchars($survey['title']); ?></h5>
</div>
</div>
<!-- Add Question Form -->
<div class="card mb-4">
<div class="card-header">Add New Question</div>
<div class="card-body">
<form action="question_add.php" method="POST">
<?php echo csrf_input_field(); ?>
<input type="hidden" name="survey_id" value="<?php echo htmlspecialchars($survey_id); ?>">
<div class="mb-3">
<label for="question_text" class="form-label">Question Text</label>
<textarea name="question_text" id="question_text" class="form-control" required></textarea>
</div>
<div class="mb-3">
<label for="question_type" class="form-label">Question Type</label>
<select name="question_type" id="question_type" class="form-select">
<option value="text">Text (Single Line)</option>
<option value="textarea">Textarea (Multi-line)</option>
<option value="radio">Multiple Choice (Single Answer)</option>
<option value="checkbox">Checkboxes (Multiple Answers)</option>
<option value="select">Dropdown (Single Answer)</option>
</select>
</div>
<div class="mb-3" id="options-container" style="display: none;">
<label class="form-label">Options (one per line)</label>
<textarea name="options" class="form-control" rows="3"></textarea>
</div>
<button type="submit" class="btn btn-primary">Add Question</button>
</form>
</div>
</div>
<!-- Existing Questions -->
<h3 class="h4">Questions</h3>
<?php if (empty($questions)): ?>
<p>No questions have been added to this survey yet.</p>
<?php else: ?>
<?php foreach ($questions as $index => $question): ?>
<div class="card mb-3">
<div class="card-body">
<div class="d-flex justify-content-between">
<p class="fw-bold"><?php echo ($index + 1) . ". " . htmlspecialchars($question['question_text']); ?></p>
<div>
<a href="#" class="btn btn-sm btn-outline-secondary">Edit</a>
<a href="question_delete.php?id=<?php echo $question['id']; ?>" class="btn btn-sm btn-outline-danger" onclick="return confirm('Are you sure?')">Delete</a>
</div>
</div>
<p class="text-muted">Type: <?php echo htmlspecialchars($question['question_type']); ?></p>
<?php
if (in_array($question['question_type'], ['radio', 'checkbox', 'select'])) {
$options_stmt->execute([$question['id']]);
$options = $options_stmt->fetchAll();
if (!empty($options)) {
echo "<ul>";
foreach ($options as $option) {
echo "<li>" . htmlspecialchars($option['option_text']) . "</li>";
}
echo "</ul>";
}
}
?>
</div>
</div>
<?php endforeach; ?>
<?php endif; ?>
</main>
</div>
</div>
<script>
document.getElementById('question_type').addEventListener('change', function() {
var container = document.getElementById('options-container');
if (['radio', 'checkbox', 'select'].includes(this.value)) {
container.style.display = 'block';
} else {
container.style.display = 'none';
}
});
</script>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>

27
admin/survey_delete.php Normal file
View File

@ -0,0 +1,27 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header("Location: login.php");
exit;
}
require_once __DIR__ . '/../db/config.php';
$survey_id = $_GET['id'] ?? null;
if (!$survey_id) {
header("Location: surveys.php");
exit;
}
try {
$pdo = db();
// The ON DELETE CASCADE constraint will handle deleting related questions and options
$stmt = $pdo->prepare("DELETE FROM surveys WHERE id = ?");
$stmt->execute([$survey_id]);
header("Location: surveys.php?status=deleted");
exit;
} catch (PDOException $e) {
header("Location: surveys.php?error=db_error");
exit;
}

110
admin/survey_edit.php Normal file
View File

@ -0,0 +1,110 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header("Location: login.php");
exit;
}
require_once __DIR__ . '/../db/config.php';
require_once __DIR__ . '/../includes/security.php';
$error_message = '';
$survey_id = $_GET['id'] ?? null;
if (!$survey_id) {
header("Location: surveys.php");
exit;
}
$pdo = db();
// Fetch survey
$stmt = $pdo->prepare("SELECT * FROM surveys WHERE id = ?");
$stmt->execute([$survey_id]);
$survey = $stmt->fetch();
if (!$survey) {
header("Location: surveys.php?error=not_found");
exit;
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!validate_csrf_token()) {
$error_message = 'CSRF token validation failed.';
} else {
$title = $_POST['title'] ?? '';
$description = $_POST['description'] ?? '';
if (empty($title)) {
$error_message = 'Title is required.';
} else {
try {
$update_stmt = $pdo->prepare("UPDATE surveys SET title = ?, description = ? WHERE id = ?");
$update_stmt->execute([$title, $description, $survey_id]);
header("Location: surveys.php?status=updated");
exit;
} catch (PDOException $e) {
$error_message = "Database error: " . $e->getMessage();
}
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Edit Survey - FormFlex Pro</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="../assets/css/admin.css">
</head>
<body>
<header class="navbar navbar-dark sticky-top bg-dark flex-md-nowrap p-0 shadow">
<a class="navbar-brand col-md-3 col-lg-2 me-0 px-3" href="#">FormFlex Pro</a>
</header>
<div class="container-fluid">
<div class="row">
<nav id="sidebarMenu" class="col-md-3 col-lg-2 d-md-block bg-light sidebar collapse">
<div class="position-sticky pt-3">
<ul class="nav flex-column">
<li class="nav-item"><a class="nav-link" href="index.php">Dashboard</a></li>
<li class="nav-item"><a class="nav-link active" aria-current="page" href="surveys.php">Surveys</a></li>
<li class="nav-item"><a class="nav-link" href="users.php">Users</a></li>
<li class="nav-item"><a class="nav-link" href="#">Settings</a></li>
</ul>
</div>
</nav>
<main class="col-md-9 ms-sm-auto col-lg-10 px-md-4">
<div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
<h1 class="h2">Edit Survey</h1>
</div>
<?php if ($error_message): ?>
<div class="alert alert-danger"><?php echo htmlspecialchars($error_message); ?></div>
<?php endif; ?>
<form method="POST" action="survey_edit.php?id=<?php echo htmlspecialchars($survey_id); ?>" class="card p-3">
<?php echo csrf_input_field(); ?>
<div class="mb-3">
<label for="title" class="form-label">Survey Title</label>
<input type="text" class="form-control" id="title" name="title" value="<?php echo htmlspecialchars($survey['title']); ?>" required>
</div>
<div class="mb-3">
<label for="description" class="form-label">Description (Optional)</label>
<textarea class="form-control" id="description" name="description" rows="3"><?php echo htmlspecialchars($survey['description']); ?></textarea>
</div>
<button type="submit" class="btn btn-primary">Save Changes</button>
<a href="surveys.php" class="btn btn-secondary mt-2">Cancel</a>
</form>
</main>
</div>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>

145
admin/survey_results.php Normal file
View File

@ -0,0 +1,145 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header("Location: login.php");
exit;
}
require_once __DIR__ . '/../db/config.php';
$survey_id = $_GET['id'] ?? null;
if (!$survey_id) {
header("Location: surveys.php?error=not_found");
exit;
}
$pdo = db();
// Fetch survey details
$survey_stmt = $pdo->prepare("SELECT * FROM surveys WHERE id = ?");
$survey_stmt->execute([$survey_id]);
$survey = $survey_stmt->fetch();
if (!$survey) {
header("Location: surveys.php?error=not_found");
exit;
}
// Fetch total response count
$responses_count_stmt = $pdo->prepare("SELECT COUNT(*) FROM responses WHERE survey_id = ?");
$responses_count_stmt->execute([$survey_id]);
$total_responses = $responses_count_stmt->fetchColumn();
// Fetch questions
$questions_stmt = $pdo->prepare("SELECT * FROM questions WHERE survey_id = ? ORDER BY id ASC");
$questions_stmt->execute([$survey_id]);
$questions = $questions_stmt->fetchAll();
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Survey Results - FormFlex Pro</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="../assets/css/admin.css">
</head>
<body>
<header class="navbar navbar-dark sticky-top bg-dark flex-md-nowrap p-0 shadow">
<a class="navbar-brand col-md-3 col-lg-2 me-0 px-3" href="#">FormFlex Pro</a>
</header>
<div class="container-fluid">
<div class="row">
<nav id="sidebarMenu" class="col-md-3 col-lg-2 d-md-block bg-light sidebar collapse">
<div class="position-sticky pt-3">
<ul class="nav flex-column">
<li class="nav-item"><a class="nav-link" href="index.php">Dashboard</a></li>
<li class="nav-item"><a class="nav-link active" aria-current="page" href="surveys.php">Surveys</a></li>
<li class="nav-item"><a class="nav-link" href="users.php">Users</a></li>
<li class="nav-item"><a class="nav-link" href="#">Settings</a></li>
</ul>
</div>
</nav>
<main class="col-md-9 ms-sm-auto col-lg-10 px-md-4">
<div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
<div>
<h1 class="h2">Survey Results</h1>
<h5 class="text-muted"><?php echo htmlspecialchars($survey['title']); ?></h5>
</div>
<div class="btn-toolbar mb-2 mb-md-0">
<a href="surveys.php" class="btn btn-sm btn-outline-secondary">Back to Surveys</a>
</div>
</div>
<div class="card mb-4">
<div class="card-header">Summary</div>
<div class="card-body">
<p class="card-text"><strong>Total Responses:</strong> <?php echo $total_responses; ?></p>
</div>
</div>
<h3 class="h4">Per-Question Analysis</h3>
<?php if ($total_responses == 0): ?>
<p>There are no responses to analyze for this survey yet.</p>
<?php else: ?>
<?php foreach ($questions as $index => $question): ?>
<div class="card mb-3">
<div class="card-header">
<strong>Question #<?php echo ($index + 1); ?>:</strong> <?php echo htmlspecialchars($question['question_text']); ?>
</div>
<div class="card-body">
<?php
$answers_stmt = $pdo->prepare("SELECT answer_value FROM answers WHERE question_id = ?");
$answers_stmt->execute([$question['id']]);
$answers = $answers_stmt->fetchAll(PDO::FETCH_COLUMN);
if (in_array($question['question_type'], ['radio', 'select', 'checkbox'])) {
// Handle multiple-choice answers by counting frequencies
$counts = [];
foreach ($answers as $answer_str) {
$options = explode(', ', $answer_str);
foreach($options as $option) {
$counts[$option] = ($counts[$option] ?? 0) + 1;
}
}
arsort($counts);
echo '<table class="table table-sm table-bordered">';
echo '<thead><tr><th>Option</th><th>Count</th><th>Percentage</th></tr></thead><tbody>';
foreach ($counts as $option_text => $count) {
$percentage = ($total_responses > 0) ? round(($count / count($answers)) * 100, 2) : 0;
echo "<tr><td>" . htmlspecialchars($option_text) . "</td><td>{$count}</td><td>{$percentage}%</td></tr>";
}
echo '</tbody></table>';
} else { // text or textarea
echo '<ul class="list-group">';
if (empty($answers)) {
echo '<li class="list-group-item">No answers submitted for this question.</li>';
} else {
foreach ($answers as $answer) {
if (!empty(trim($answer))) {
echo '<li class="list-group-item">' . htmlspecialchars($answer) . '</li>';
}
}
}
echo '</ul>';
}
?>
</div>
</div>
<?php endforeach; ?>
<?php endif; ?>
</main>
</div>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>

121
admin/surveys.php Normal file
View File

@ -0,0 +1,121 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header("Location: login.php");
exit;
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Manage Surveys - FormFlex Pro</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="../assets/css/admin.css">
</head>
<body>
<header class="navbar navbar-dark sticky-top bg-dark flex-md-nowrap p-0 shadow">
<a class="navbar-brand col-md-3 col-lg-2 me-0 px-3" href="#">FormFlex Pro</a>
<div class="navbar-nav">
<div class="nav-item text-nowrap">
<a class="nav-link px-3" href="logout.php">Sign out</a>
</div>
</div>
</header>
<div class="container-fluid">
<div class="row">
<nav id="sidebarMenu" class="col-md-3 col-lg-2 d-md-block bg-light sidebar collapse">
<div class="position-sticky pt-3">
<ul class="nav flex-column">
<li class="nav-item">
<a class="nav-link" href="index.php">
Dashboard
</a>
</li>
<li class="nav-item">
<a class="nav-link active" aria-current="page" href="surveys.php">
Surveys
</a>
</li>
<li class="nav-item">
<a class="nav-link" href="users.php">
Users
</a>
</li>
<li class="nav-item">
<a class="nav-link" href="#">
Settings
</a>
</li>
</ul>
</div>
</nav>
<main class="col-md-9 ms-sm-auto col-lg-10 px-md-4">
<div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
<h1 class="h2">Manage Surveys</h1>
<div class="btn-toolbar mb-2 mb-md-0">
<a href="survey_add.php" class="btn btn-sm btn-outline-secondary">
Add New Survey
</a>
</div>
</div>
<div class="table-responsive">
<table class="table table-striped table-sm">
<thead>
<tr>
<th scope="col">#</th>
<th scope="col">Title</th>
<th scope="col">Responses</th>
<th scope="col">Created</th>
<th scope="col">Actions</th>
</tr>
</thead>
<tbody>
<?php
require_once __DIR__ . '/../db/config.php';
try {
$pdo = db();
$stmt = $pdo->query("SELECT id, title, created_at FROM surveys ORDER BY created_at DESC");
if ($stmt->rowCount() == 0) {
echo "<tr><td colspan='4' class='text-center'>No surveys found.</td></tr>";
}
$responses_stmt = $pdo->prepare("SELECT COUNT(*) FROM responses WHERE survey_id = ?");
while ($row = $stmt->fetch()) {
// Get response count
$responses_stmt->execute([$row['id']]);
$response_count = $responses_stmt->fetchColumn();
echo "<tr>";
echo "<td>" . htmlspecialchars($row['id']) . "</td>";
echo "<td>" . htmlspecialchars($row['title']) . "</td>";
echo "<td>" . htmlspecialchars($response_count) . "</td>";
echo "<td>" . htmlspecialchars(date('Y-m-d', strtotime($row['created_at']))) . "</td>";
echo "<td>";
echo "<a href='survey_results.php?id=" . htmlspecialchars($row['id']) . "' class='btn btn-sm btn-outline-success'>Results</a> ";
echo "<a href='survey_build.php?id=" . htmlspecialchars($row['id']) . "' class='btn btn-sm btn-outline-info'>Manage</a> ";
echo "<a href='survey_edit.php?id=" . htmlspecialchars($row['id']) . "' class='btn btn-sm btn-outline-primary'>Edit</a> ";
echo "<a href='survey_delete.php?id=" . htmlspecialchars($row['id']) . "' class='btn btn-sm btn-outline-danger' onclick='return confirm("Are you sure? This will delete the survey and all its questions.")'>Delete</a>";
echo "</td>";
echo "</tr>";
}
} catch (PDOException $e) {
echo "<tr><td colspan='4' class='text-danger'>Database error: " . htmlspecialchars($e->getMessage()) . "</td></tr>";
}
?>
</tbody>
</table>
</div>
</main>
</div>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>

105
admin/user_add.php Normal file
View File

@ -0,0 +1,105 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header("Location: login.php");
exit;
}
require_once __DIR__ . '/../db/config.php';
require_once __DIR__ . '/../includes/security.php';
$error_message = '';
$success_message = '';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!validate_csrf_token()) {
$error_message = 'CSRF token validation failed.';
} else {
$username = $_POST['username'] ?? '';
$password = $_POST['password'] ?? '';
if (empty($username) || empty($password)) {
$error_message = 'Please fill in all fields.';
} else {
try {
$pdo = db();
// Check if username already exists
$stmt = $pdo->prepare("SELECT id FROM users WHERE username = ?");
$stmt->execute([$username]);
if ($stmt->fetch()) {
$error_message = 'Username already taken.';
} else {
// Hash password and insert user
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$insert_stmt = $pdo->prepare("INSERT INTO users (username, password) VALUES (?, ?)");
$insert_stmt->execute([$username, $hashed_password]);
header("Location: users.php?status=added");
exit;
}
} catch (PDOException $e) {
$error_message = "Database error: " . $e->getMessage();
}
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Add User - FormFlex Pro</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="../assets/css/admin.css">
</head>
<body>
<header class="navbar navbar-dark sticky-top bg-dark flex-md-nowrap p-0 shadow">
<a class="navbar-brand col-md-3 col-lg-2 me-0 px-3" href="#">FormFlex Pro</a>
</header>
<div class="container-fluid">
<div class="row">
<nav id="sidebarMenu" class="col-md-3 col-lg-2 d-md-block bg-light sidebar collapse">
<div class="position-sticky pt-3">
<ul class="nav flex-column">
<li class="nav-item"><a class="nav-link" href="index.php">Dashboard</a></li>
<li class="nav-item"><a class="nav-link" href="surveys.php">Surveys</a></li>
<li class="nav-item"><a class="nav-link active" aria-current="page" href="users.php">Users</a></li>
<li class="nav-item"><a class="nav-link" href="#">Settings</a></li>
</ul>
</div>
</nav>
<main class="col-md-9 ms-sm-auto col-lg-10 px-md-4">
<div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
<h1 class="h2">Add New User</h1>
</div>
<?php if ($error_message): ?>
<div class="alert alert-danger"><?php echo htmlspecialchars($error_message); ?></div>
<?php endif; ?>
<form method="POST" action="user_add.php" class="card p-3">
<?php echo csrf_input_field(); ?>
<div class="mb-3">
<label for="username" class="form-label">Username</label>
<input type="text" class="form-control" id="username" name="username" required>
</div>
<div class="mb-3">
<label for="password" class="form-label">Password</label>
<input type="password" class="form-control" id="password" name="password" required>
</div>
<button type="submit" class="btn btn-primary">Add User</button>
<a href="users.php" class="btn btn-secondary mt-2">Cancel</a>
</form>
</main>
</div>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>

27
admin/user_delete.php Normal file
View File

@ -0,0 +1,27 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header("Location: login.php");
exit;
}
require_once __DIR__ . '/../db/config.php';
$user_id_to_delete = $_GET['id'] ?? null;
// Security check: cannot delete yourself
if (!$user_id_to_delete || $user_id_to_delete == $_SESSION['user_id']) {
header("Location: users.php?error=cannot_delete_self");
exit;
}
try {
$pdo = db();
$stmt = $pdo->prepare("DELETE FROM users WHERE id = ?");
$stmt->execute([$user_id_to_delete]);
header("Location: users.php?status=deleted");
exit;
} catch (PDOException $e) {
header("Location: users.php?error=db_error");
exit;
}

126
admin/user_edit.php Normal file
View File

@ -0,0 +1,126 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header("Location: login.php");
exit;
}
require_once __DIR__ . '/../db/config.php';
require_once __DIR__ . '/../includes/security.php';
$error_message = '';
$user_id = $_GET['id'] ?? null;
if (!$user_id) {
header("Location: users.php");
exit;
}
$pdo = db();
// Fetch user
$stmt = $pdo->prepare("SELECT id, username FROM users WHERE id = ?");
$stmt->execute([$user_id]);
$user = $stmt->fetch();
if (!$user) {
header("Location: users.php");
exit;
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!validate_csrf_token()) {
$error_message = 'CSRF token validation failed.';
} else {
$username = $_POST['username'] ?? '';
$password = $_POST['password'] ?? '';
if (empty($username)) {
$error_message = 'Username cannot be empty.';
} else {
try {
// Check if username is taken by another user
$check_stmt = $pdo->prepare("SELECT id FROM users WHERE username = ? AND id != ?");
$check_stmt->execute([$username, $user_id]);
if ($check_stmt->fetch()) {
$error_message = 'Username already taken.';
} else {
if (!empty($password)) {
// Update with new password
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$update_stmt = $pdo->prepare("UPDATE users SET username = ?, password = ? WHERE id = ?");
$update_stmt->execute([$username, $hashed_password, $user_id]);
} else {
// Update username only
$update_stmt = $pdo->prepare("UPDATE users SET username = ? WHERE id = ?");
$update_stmt->execute([$username, $user_id]);
}
header("Location: users.php?status=updated");
exit;
}
} catch (PDOException $e) {
$error_message = "Database error: " . $e->getMessage();
}
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Edit User - FormFlex Pro</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="../assets/css/admin.css">
</head>
<body>
<header class="navbar navbar-dark sticky-top bg-dark flex-md-nowrap p-0 shadow">
<a class="navbar-brand col-md-3 col-lg-2 me-0 px-3" href="#">FormFlex Pro</a>
</header>
<div class="container-fluid">
<div class="row">
<nav id="sidebarMenu" class="col-md-3 col-lg-2 d-md-block bg-light sidebar collapse">
<div class="position-sticky pt-3">
<ul class="nav flex-column">
<li class="nav-item"><a class="nav-link" href="index.php">Dashboard</a></li>
<li class="nav-item"><a class="nav-link" href="surveys.php">Surveys</a></li>
<li class="nav-item"><a class="nav-link active" aria-current="page" href="users.php">Users</a></li>
<li class="nav-item"><a class="nav-link" href="#">Settings</a></li>
</ul>
</div>
</nav>
<main class="col-md-9 ms-sm-auto col-lg-10 px-md-4">
<div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
<h1 class="h2">Edit User</h1>
</div>
<?php if ($error_message): ?>
<div class="alert alert-danger"><?php echo htmlspecialchars($error_message); ?></div>
<?php endif; ?>
<form method="POST" action="user_edit.php?id=<?php echo htmlspecialchars($user_id); ?>" class="card p-3">
<?php echo csrf_input_field(); ?>
<div class="mb-3">
<label for="username" class="form-label">Username</label>
<input type="text" class="form-control" id="username" name="username" value="<?php echo htmlspecialchars($user['username']); ?>" required>
</div>
<div class="mb-3">
<label for="password" class="form-label">New Password (optional)</label>
<input type="password" class="form-control" id="password" name="password">
<small class="form-text text-muted">Leave blank to keep the current password.</small>
</div>
<button type="submit" class="btn btn-primary">Update User</button>
<a href="users.php" class="btn btn-secondary mt-2">Cancel</a>
</form>
</main>
</div>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>

109
admin/users.php Normal file
View File

@ -0,0 +1,109 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header("Location: login.php");
exit;
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Manage Users - FormFlex Pro</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="../assets/css/admin.css">
</head>
<body>
<header class="navbar navbar-dark sticky-top bg-dark flex-md-nowrap p-0 shadow">
<a class="navbar-brand col-md-3 col-lg-2 me-0 px-3" href="#">FormFlex Pro</a>
<div class="navbar-nav">
<div class="nav-item text-nowrap">
<a class="nav-link px-3" href="logout.php">Sign out</a>
</div>
</div>
</header>
<div class="container-fluid">
<div class="row">
<nav id="sidebarMenu" class="col-md-3 col-lg-2 d-md-block bg-light sidebar collapse">
<div class="position-sticky pt-3">
<ul class="nav flex-column">
<li class="nav-item">
<a class="nav-link" href="index.php">
Dashboard
</a>
</li>
<li class="nav-item">
<a class="nav-link" href="surveys.php">
Surveys
</a>
</li>
<li class="nav-item">
<a class="nav-link active" aria-current="page" href="users.php">
Users
</a>
</li>
<li class="nav-item">
<a class="nav-link" href="#">
Settings
</a>
</li>
</ul>
</div>
</nav>
<main class="col-md-9 ms-sm-auto col-lg-10 px-md-4">
<div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
<h1 class="h2">Manage Users</h1>
<div class="btn-toolbar mb-2 mb-md-0">
<a href="user_add.php" class="btn btn-sm btn-outline-secondary">
Add New User
</a>
</div>
</div>
<div class="table-responsive">
<table class="table table-striped table-sm">
<thead>
<tr>
<th scope="col">#</th>
<th scope="col">Username</th>
<th scope="col">Actions</th>
</tr>
</thead>
<tbody>
<?php
require_once __DIR__ . '/../db/config.php';
try {
$pdo = db();
$stmt = $pdo->query("SELECT id, username FROM users ORDER BY username ASC");
while ($row = $stmt->fetch()) {
echo "<tr>";
echo "<td>" . htmlspecialchars($row['id']) . "</td>";
echo "<td>" . htmlspecialchars($row['username']) . "</td>";
echo "<td>";
echo "<a href='user_edit.php?id=" . htmlspecialchars($row['id']) . "' class='btn btn-sm btn-outline-primary'>Edit</a> ";
// Prevent user from deleting themselves
if ($_SESSION['user_id'] != $row['id']) {
echo "<a href='user_delete.php?id=" . htmlspecialchars($row['id']) . "' class='btn btn-sm btn-outline-danger' onclick='return confirm("Are you sure?")'>Delete</a>";
}
echo "</td>";
echo "</tr>";
}
} catch (PDOException $e) {
echo "<tr><td colspan='3' class='text-danger'>Database error: " . htmlspecialchars($e->getMessage()) . "</td></tr>";
}
?>
</tbody>
</table>
</div>
</main>
</div>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>

53
assets/css/admin.css Normal file
View File

@ -0,0 +1,53 @@
body {
background-color: #f8f9fa;
}
.login-container {
display: flex;
align-items: center;
justify-content: center;
height: 100vh;
}
.login-box {
padding: 2rem;
background: #fff;
border-radius: 0.5rem;
box-shadow: 0 0.5rem 1rem rgba(0, 0, 0, 0.15);
width: 100%;
max-width: 400px;
}
/* Admin Dashboard Layout */
.sidebar {
position: fixed;
top: 0;
bottom: 0;
left: 0;
z-index: 100;
padding: 48px 0 0;
box-shadow: inset -1px 0 0 rgba(0, 0, 0, .1);
}
.sidebar-sticky {
position: relative;
top: 0;
height: calc(100vh - 48px);
padding-top: .5rem;
overflow-x: hidden;
overflow-y: auto;
}
.nav-link {
font-weight: 500;
color: #333;
}
.nav-link.active {
color: #0d6efd;
}
.main-content {
margin-left: 220px; /* Same as sidebar width */
padding: 2rem;
}

147
assets/css/custom.css Normal file
View File

@ -0,0 +1,147 @@
@import url('https://fonts.googleapis.com/css2?family=Georgia&family=Roboto:wght@400;700&display=swap');
:root {
--primary-color: #4A90E2;
--secondary-color: #50E3C2;
--background-color: #F7F9FC;
--surface-color: #FFFFFF;
--text-color: #333333;
--light-gray-color: #EAEAEA;
--success-color: #28a745;
}
body {
background-color: var(--background-color);
font-family: 'Roboto', -apple-system, BlinkMacSystemFont, 'Segoe UI', Helvetica, Arial, sans-serif;
color: var(--text-color);
line-height: 1.6;
}
h1, h2, h3, h4, h5, h6 {
font-family: 'Georgia', serif;
color: var(--primary-color);
}
.survey-container {
max-width: 800px;
margin: 2rem auto;
padding: 2rem;
background-color: var(--surface-color);
border-radius: 0.5rem;
box-shadow: 0 4px 15px rgba(0, 0, 0, 0.05);
}
.survey-header {
text-align: center;
margin-bottom: 2rem;
padding: 2rem;
background: linear-gradient(135deg, var(--primary-color), var(--secondary-color));
color: white;
border-radius: 0.5rem;
}
.survey-header h1 {
color: white;
margin: 0;
}
.progress {
height: 10px;
margin-bottom: 2rem;
border-radius: 5px;
}
.progress-bar {
background-color: var(--secondary-color);
transition: width 0.4s ease;
}
.question-card {
background: var(--surface-color);
border: 1px solid var(--light-gray-color);
border-radius: 0.5rem;
padding: 1.5rem;
margin-bottom: 1.5rem;
transition: box-shadow 0.3s ease;
}
.question-card:focus-within {
box-shadow: 0 0 0 3px rgba(var(--primary-color-rgb), 0.2);
border-color: var(--primary-color);
}
.form-label {
font-weight: bold;
margin-bottom: 0.75rem;
display: block;
}
.form-control, .form-check-input {
transition: border-color 0.3s ease, box-shadow 0.3s ease;
}
.form-control:focus {
border-color: var(--primary-color);
box-shadow: 0 0 0 3px rgba(var(--primary-color-rgb), 0.2);
}
.form-check-input:checked {
background-color: var(--primary-color);
border-color: var(--primary-color);
}
.form-check-label {
margin-left: 0.5rem;
}
.btn-primary {
background-color: var(--primary-color);
border-color: var(--primary-color);
padding: 0.75rem 1.5rem;
font-weight: bold;
border-radius: 0.25rem;
transition: background-color 0.3s ease, transform 0.2s ease;
}
.btn-primary:hover {
background-color: #357ABD;
transform: translateY(-2px);
}
.survey-footer {
text-align: center;
margin-top: 2rem;
}
.powered-by {
font-size: 0.9rem;
color: #aaa;
margin-top: 1rem;
}
.powered-by a {
color: #aaa;
text-decoration: none;
}
.powered-by a:hover {
color: var(--primary-color);
}
/* Toast Notification */
.toast-container {
position: fixed;
top: 1rem;
right: 1rem;
z-index: 1050;
}
.toast {
opacity: 0;
transition: opacity 0.4s ease-in-out;
}
.toast.show {
opacity: 1;
}

80
assets/js/main.js Normal file
View File

@ -0,0 +1,80 @@
document.addEventListener('DOMContentLoaded', function () {
const form = document.getElementById('surveyForm');
if (!form) return;
const questions = form.querySelectorAll('.question-card');
const progressBar = document.querySelector('.progress-bar');
const submitBtn = form.querySelector('button[type="submit"]');
const totalQuestions = questions.length;
function updateProgress() {
let answeredQuestions = 0;
questions.forEach(card => {
const inputs = card.querySelectorAll('input, textarea');
let isAnswered = false;
inputs.forEach(input => {
if ((input.type === 'radio' || input.type === 'checkbox') && input.checked) {
isAnswered = true;
} else if (input.type !== 'radio' && input.type !== 'checkbox' && input.value.trim() !== '') {
isAnswered = true;
}
});
if (isAnswered) {
answeredQuestions++;
}
});
const progress = totalQuestions > 0 ? (answeredQuestions / totalQuestions) * 100 : 0;
if(progressBar) {
progressBar.style.width = progress + '%';
progressBar.setAttribute('aria-valuenow', progress);
}
}
form.addEventListener('change', updateProgress);
form.addEventListener('keyup', updateProgress);
form.addEventListener('submit', function (e) {
e.preventDefault();
showToast('Submission Successful!', 'Thank you for completing the survey. Your response has been recorded.');
if(submitBtn) {
submitBtn.disabled = true;
submitBtn.textContent = 'Submitted';
}
// In a real app, you would now send the data to the server.
// e.g., using fetch()
});
function showToast(title, message) {
const toastContainer = document.getElementById('toast-container');
if (!toastContainer) return;
const toastEl = document.createElement('div');
toastEl.className = 'toast align-items-center text-white bg-success border-0';
toastEl.setAttribute('role', 'alert');
toastEl.setAttribute('aria-live', 'assertive');
toastEl.setAttribute('aria-atomic', 'true');
toastEl.innerHTML = `
<div class="d-flex">
<div class="toast-body">
<strong>${title}</strong><br>${message}
</div>
<button type="button" class="btn-close btn-close-white me-2 m-auto" data-bs-dismiss="toast" aria-label="Close"></button>
</div>
`;
toastContainer.appendChild(toastEl);
const toast = new bootstrap.Toast(toastEl, { delay: 5000 });
toast.show();
toastEl.addEventListener('hidden.bs.toast', () => {
toastEl.remove();
});
}
// Initial check in case the form is pre-filled
updateProgress();
});

11
db/migrations/001_create_users_table.sql Normal file
View File

@ -0,0 +1,11 @@
CREATE TABLE IF NOT EXISTS `users` (
`id` INT AUTO_INCREMENT PRIMARY KEY,
`username` VARCHAR(50) NOT NULL UNIQUE,
`password` VARCHAR(255) NOT NULL,
`email` VARCHAR(100) NOT NULL UNIQUE,
`created_at` TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
-- Insert a default admin user for testing
-- IMPORTANT: This is for initial setup only. Passwords should be hashed in a real application.
INSERT IGNORE INTO `users` (`username`, `password`, `email`) VALUES ('admin', 'admin', 'admin@example.com');

29
db/migrations/002_create_surveys_tables.sql Normal file
View File

@ -0,0 +1,29 @@
-- Create surveys table
CREATE TABLE IF NOT EXISTS `surveys` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`title` varchar(255) NOT NULL,
`description` text DEFAULT NULL,
`created_at` timestamp NOT NULL DEFAULT current_timestamp(),
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
-- Create questions table
CREATE TABLE IF NOT EXISTS `questions` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`survey_id` int(11) NOT NULL,
`question_text` text NOT NULL,
`question_type` enum('text','textarea','radio','checkbox','select') NOT NULL,
PRIMARY KEY (`id`),
KEY `survey_id` (`survey_id`),
CONSTRAINT `questions_ibfk_1` FOREIGN KEY (`survey_id`) REFERENCES `surveys` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
-- Create question_options table
CREATE TABLE IF NOT EXISTS `question_options` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`question_id` int(11) NOT NULL,
`option_text` varchar(255) NOT NULL,
PRIMARY KEY (`id`),
KEY `question_id` (`question_id`),
CONSTRAINT `question_options_ibfk_1` FOREIGN KEY (`question_id`) REFERENCES `questions` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;

22
db/migrations/003_create_responses_tables.sql Normal file
View File

@ -0,0 +1,22 @@
-- Create responses table
CREATE TABLE IF NOT EXISTS `responses` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`survey_id` int(11) NOT NULL,
`submitted_at` timestamp NOT NULL DEFAULT current_timestamp(),
PRIMARY KEY (`id`),
KEY `survey_id` (`survey_id`),
CONSTRAINT `responses_ibfk_1` FOREIGN KEY (`survey_id`) REFERENCES `surveys` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
-- Create answers table
CREATE TABLE IF NOT EXISTS `answers` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`response_id` int(11) NOT NULL,
`question_id` int(11) NOT NULL,
`answer_value` text DEFAULT NULL,
PRIMARY KEY (`id`),
KEY `response_id` (`response_id`),
KEY `question_id` (`question_id`),
CONSTRAINT `answers_ibfk_1` FOREIGN KEY (`response_id`) REFERENCES `responses` (`id`) ON DELETE CASCADE,
CONSTRAINT `answers_ibfk_2` FOREIGN KEY (`question_id`) REFERENCES `questions` (`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;

40
includes/security.php Normal file
View File

@ -0,0 +1,40 @@
<?php
if (session_status() === PHP_SESSION_NONE) {
session_start();
}
/**
* Generates a CSRF token and stores it in the session.
* @return string The generated token.
*/
function generate_csrf_token() {
if (empty($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}
return $_SESSION['csrf_token'];
}
/**
* Validates the submitted CSRF token.
* @return bool True if the token is valid, false otherwise.
*/
function validate_csrf_token() {
if (!isset($_POST['csrf_token']) || !isset($_SESSION['csrf_token'])) {
return false;
}
if (!hash_equals($_SESSION['csrf_token'], $_POST['csrf_token'])) {
return false;
}
// Invalidate the token after use to prevent replay attacks
unset($_SESSION['csrf_token']);
return true;
}
/**
* Returns the HTML hidden input field for the CSRF token.
* @return string The HTML input field.
*/
function csrf_input_field() {
$token = generate_csrf_token();
return '<input type="hidden" name="csrf_token" value="' . htmlspecialchars($token) . ''>';
}

187
index.php
View File

@ -1,150 +1,61 @@
<?php
declare(strict_types=1);
@ini_set('display_errors', '1');
@error_reporting(E_ALL);
@date_default_timezone_set('UTC');
require_once __DIR__ . '/db/config.php';
// Fetch all public surveys
$pdo = db();
$surveys_stmt = $pdo->query("SELECT id, title, description, created_at FROM surveys ORDER BY created_at DESC");
$phpVersion = PHP_VERSION;
$now = date('Y-m-d H:i:s');
?>
<!doctype html>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>New Style</title>
<?php
// Read project preview data from environment
$projectDescription = $_SERVER['PROJECT_DESCRIPTION'] ?? '';
$projectImageUrl = $_SERVER['PROJECT_IMAGE_URL'] ?? '';
?>
<?php if ($projectDescription): ?>
<!-- Meta description -->
<meta name="description" content='<?= htmlspecialchars($projectDescription) ?>' />
<!-- Open Graph meta tags -->
<meta property="og:description" content="<?= htmlspecialchars($projectDescription) ?>" />
<!-- Twitter meta tags -->
<meta property="twitter:description" content="<?= htmlspecialchars($projectDescription) ?>" />
<?php endif; ?>
<?php if ($projectImageUrl): ?>
<!-- Open Graph image -->
<meta property="og:image" content="<?= htmlspecialchars($projectImageUrl) ?>" />
<!-- Twitter image -->
<meta property="twitter:image" content="<?= htmlspecialchars($projectImageUrl) ?>" />
<?php endif; ?>
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap" rel="stylesheet">
<style>
:root {
--bg-color-start: #6a11cb;
--bg-color-end: #2575fc;
--text-color: #ffffff;
--card-bg-color: rgba(255, 255, 255, 0.01);
--card-border-color: rgba(255, 255, 255, 0.1);
}
body {
margin: 0;
font-family: 'Inter', sans-serif;
background: linear-gradient(45deg, var(--bg-color-start), var(--bg-color-end));
color: var(--text-color);
display: flex;
justify-content: center;
align-items: center;
min-height: 100vh;
text-align: center;
overflow: hidden;
position: relative;
}
body::before {
content: '';
position: absolute;
top: 0;
left: 0;
width: 100%;
height: 100%;
background-image: url('data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="100" height="100" viewBox="0 0 100 100"><path d="M-10 10L110 10M10 -10L10 110" stroke-width="1" stroke="rgba(255,255,255,0.05)"/></svg>');
animation: bg-pan 20s linear infinite;
z-index: -1;
}
@keyframes bg-pan {
0% { background-position: 0% 0%; }
100% { background-position: 100% 100%; }
}
main {
padding: 2rem;
}
.card {
background: var(--card-bg-color);
border: 1px solid var(--card-border-color);
border-radius: 16px;
padding: 2rem;
backdrop-filter: blur(20px);
-webkit-backdrop-filter: blur(20px);
box-shadow: 0 8px 32px 0 rgba(0, 0, 0, 0.1);
}
.loader {
margin: 1.25rem auto 1.25rem;
width: 48px;
height: 48px;
border: 3px solid rgba(255, 255, 255, 0.25);
border-top-color: #fff;
border-radius: 50%;
animation: spin 1s linear infinite;
}
@keyframes spin {
from { transform: rotate(0deg); }
to { transform: rotate(360deg); }
}
.hint {
opacity: 0.9;
}
.sr-only {
position: absolute;
width: 1px; height: 1px;
padding: 0; margin: -1px;
overflow: hidden;
clip: rect(0, 0, 0, 0);
white-space: nowrap; border: 0;
}
h1 {
font-size: 3rem;
font-weight: 700;
margin: 0 0 1rem;
letter-spacing: -1px;
}
p {
margin: 0.5rem 0;
font-size: 1.1rem;
}
code {
background: rgba(0,0,0,0.2);
padding: 2px 6px;
border-radius: 4px;
font-family: ui-monospace, SFMono-Regular, Menlo, Consolas, monospace;
}
footer {
position: absolute;
bottom: 1rem;
font-size: 0.8rem;
opacity: 0.7;
}
</style>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>FormFlex Pro - Available Surveys</title>
<meta name="description" content="FormFlexPro: Streamline survey creation and data analysis with seamless respondent integration.">
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css">
</head>
<body>
<main>
<div class="card">
<h1>Analyzing your requirements and generating your website…</h1>
<div class="loader" role="status" aria-live="polite" aria-label="Applying initial changes">
<span class="sr-only">Loading…</span>
<div class="container mt-5 mb-5">
<div class="text-center mb-5">
<h1 class="display-4">FormFlex Pro</h1>
<p class="lead">The future of survey creation and data analysis.</p>
<hr class="my-4">
<p>Below is a list of our publicly available surveys. Please choose one to begin.</p>
</div>
<p class="hint"><?= ($_SERVER['HTTP_HOST'] ?? '') === 'appwizzy.com' ? 'AppWizzy' : 'Flatlogic' ?> AI is collecting your requirements and applying the first changes.</p>
<p class="hint">This page will update automatically as the plan is implemented.</p>
<p>Runtime: PHP <code><?= htmlspecialchars($phpVersion) ?></code> — UTC <code><?= htmlspecialchars($now) ?></code></p>
<div class="row">
<?php if ($surveys_stmt->rowCount() > 0): ?>
<?php while ($survey = $surveys_stmt->fetch()): ?>
<div class="col-md-6 col-lg-4 mb-4">
<div class="card h-100">
<div class="card-body d-flex flex-column">
<h5 class="card-title"><?php echo htmlspecialchars($survey['title']); ?></h5>
<p class="card-text flex-grow-1"><?php echo htmlspecialchars($survey['description']); ?></p>
<a href="survey.php?id=<?php echo $survey['id']; ?>" class="btn btn-primary mt-auto">Take Survey</a>
</div>
</main>
<footer>
Page updated: <?= htmlspecialchars($now) ?> (UTC)
<div class="card-footer text-muted">
Posted on <?php echo htmlspecialchars(date('F j, Y', strtotime($survey['created_at']))); ?>
</div>
</div>
</div>
<?php endwhile; ?>
<?php else: ?>
<div class="col-12">
<div class="alert alert-info text-center">No surveys are available at this time.</div>
</div>
<?php endif; ?>
</div>
<footer class="text-center mt-5">
<p class="text-muted">Powered by FormFlex Pro</p>
</footer>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>

112
survey.php Normal file
View File

@ -0,0 +1,112 @@
<?php
require_once __DIR__ . '/db/config.php';
require_once __DIR__ . '/includes/security.php';
$survey_id = $_GET['id'] ?? null;
$error_message = '';
$survey = null;
$questions = [];
if (!$survey_id) {
$error_message = "No survey specified. Please provide a survey ID.";
} else {
try {
$pdo = db();
// Fetch survey details
$survey_stmt = $pdo->prepare("SELECT * FROM surveys WHERE id = ?");
$survey_stmt->execute([$survey_id]);
$survey = $survey_stmt->fetch();
if (!$survey) {
$error_message = "The requested survey could not be found.";
} else {
// Fetch questions and their options
$questions_stmt = $pdo->prepare("SELECT * FROM questions WHERE survey_id = ? ORDER BY id ASC");
$questions_stmt->execute([$survey_id]);
$questions = $questions_stmt->fetchAll();
}
} catch (PDOException $e) {
$error_message = "A database error occurred.";
// In a real app, you would log the detailed error: error_log($e->getMessage());
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title><?php echo $survey ? htmlspecialchars($survey['title']) : 'Survey'; ?> - FormFlex Pro</title>
<meta name="description" content="<?php echo $survey ? htmlspecialchars($survey['description']) : 'Please complete the survey.'; ?>">
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css">
</head>
<body>
<div class="survey-container">
<?php if ($error_message): ?>
<div class="alert alert-danger text-center"><?php echo $error_message; ?></div>
<?php elseif ($survey): ?>
<div class="survey-header">
<h1><?php echo htmlspecialchars($survey['title']); ?></h1>
<p class="lead mb-0"><?php echo htmlspecialchars($survey['description']); ?></p>
</div>
<form id="surveyForm" action="survey_submit.php" method="POST">
<?php echo csrf_input_field(); ?>
<input type="hidden" name="survey_id" value="<?php echo htmlspecialchars($survey_id); ?>">
<?php foreach ($questions as $index => $question): ?>
<div class="question-card">
<label class="form-label"><?php echo ($index + 1) . ". " . htmlspecialchars($question['question_text']); ?></label>
<?php
$q_id = $question['id'];
$q_type = $question['question_type'];
$input_name = "answers[" . $q_id . "]";
if ($q_type == 'text') {
echo "<input type='text' class='form-control' name='{$input_name}'>";
} elseif ($q_type == 'textarea') {
echo "<textarea class='form-control' name='{$input_name}' rows='4'></textarea>";
} elseif (in_array($q_type, ['radio', 'checkbox', 'select'])) {
$options_stmt = $pdo->prepare("SELECT * FROM question_options WHERE question_id = ? ORDER BY id ASC");
$options_stmt->execute([$q_id]);
$options = $options_stmt->fetchAll();
if ($q_type == 'select') {
echo "<select class='form-select' name='{$input_name}'>";
echo "<option value='' selected disabled>-- Please select --</option>";
foreach ($options as $option) {
echo "<option value='" . htmlspecialchars($option['option_text']) . "'>" . htmlspecialchars($option['option_text']) . "</option>";
}
echo "</select>";
} else { // radio or checkbox
$input_type = $q_type;
$name_attr = ($q_type == 'checkbox') ? $input_name . "[]" : $input_name;
foreach ($options as $opt_index => $option) {
$option_id = "q{$q_id}_opt{$opt_index}";
echo "<div class='form-check'>";
echo "<input class='form-check-input' type='{$input_type}' name='{$name_attr}' id='{$option_id}' value='" . htmlspecialchars($option['option_text']) . "'>";
echo "<label class='form-check-label' for='{$option_id}'>" . htmlspecialchars($option['option_text']) . "</label>";
echo "</div>";
}
}
}
?>
</div>
<?php endforeach; ?>
<div class="survey-footer">
<button type="submit" class="btn btn-primary">Submit Survey</button>
<div class="powered-by">
Powered by <a href="index.php" target="_blank">FormFlex Pro</a>
</div>
</div>
</form>
<?php endif; ?>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>

63
survey_submit.php Normal file
View File

@ -0,0 +1,63 @@
<?php
require_once __DIR__ . '/db/config.php';
require_once __DIR__ . '/includes/security.php';
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
header("Location: index.php");
exit;
}
if (!validate_csrf_token()) {
die('CSRF token validation failed.');
}
$survey_id = $_POST['survey_id'] ?? null;
$answers = $_POST['answers'] ?? [];
if (!$survey_id || empty($answers)) {
// Or redirect to an error page
die("Invalid submission.");
}
$pdo = db();
try {
// Start a transaction
$pdo->beginTransaction();
// 1. Create a new response record
$response_stmt = $pdo->prepare("INSERT INTO responses (survey_id) VALUES (?)");
$response_stmt->execute([$survey_id]);
$response_id = $pdo->lastInsertId();
// 2. Insert each answer
$answer_stmt = $pdo->prepare("INSERT INTO answers (response_id, question_id, answer_value) VALUES (?, ?, ?)");
foreach ($answers as $question_id => $value) {
if (is_array($value)) {
// Handle checkbox arrays
$answer_value = implode(", ", $value);
} else {
$answer_value = $value;
}
if ($answer_value !== '') {
$answer_stmt->execute([$response_id, $question_id, $answer_value]);
}
}
// Commit the transaction
$pdo->commit();
// Redirect to a thank you page
header("Location: thank_you.php");
exit;
} catch (PDOException $e) {
// Roll back the transaction if something failed
if ($pdo->inTransaction()) {
$pdo->rollBack();
}
// In a real app, log the error and show a user-friendly error page
die("Database error occurred while submitting your survey. Please try again later.");
}

27
thank_you.php Normal file
View File

@ -0,0 +1,27 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Thank You - FormFlex Pro</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css">
</head>
<body>
<div class="survey-container text-center">
<div class="card p-4 p-md-5">
<h1 class="display-4">Thank You!</h1>
<p class="lead">Your survey has been submitted successfully.</p>
<hr class="my-4">
<p>We appreciate your feedback.</p>
<a class="btn btn-primary btn-lg" href="index.php" role="button">Return to Homepage</a>
</div>
<div class="powered-by mt-3">
Powered by <a href="index.php" target="_blank">FormFlex Pro</a>
</div>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>