admin/34766-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Auto commit: 2025-10-08T05:39:35.594Z

Browse Source
This commit is contained in:
Flatlogic Bot 2025-10-08 05:39:35 +00:00
parent 363f73447c
commit 238c66845b
6 changed files with 275 additions and 83 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
db/migrations/002_add_roles_and_details_to_users.sql Normal file
View File

@ -0,0 +1,10 @@
ALTER TABLE `users`
ADD COLUMN `role` VARCHAR(50) NOT NULL AFTER `password`,
ADD COLUMN `name` VARCHAR(255) NOT NULL AFTER `role`,
ADD COLUMN `address` TEXT NULL AFTER `name`,
ADD COLUMN `contact_person` VARCHAR(255) NULL AFTER `address`,
ADD COLUMN `license_number` VARCHAR(255) NULL AFTER `contact_person`,
ADD COLUMN `registration_number` VARCHAR(255) NULL AFTER `license_number`,
ADD COLUMN `areas_served` TEXT NULL AFTER `registration_number`,
ADD COLUMN `is_verified` BOOLEAN NOT NULL DEFAULT FALSE AFTER `areas_served`,
ADD COLUMN `first_login` BOOLEAN NOT NULL DEFAULT TRUE AFTER `is_verified`;

19
listings.php Normal file
View File

@ -0,0 +1,19 @@
<?php
session_start();
// Redirect to login if not logged in or not a restaurant
if (!isset($_SESSION['user_id']) || $_SESSION['user_role'] !== 'restaurant') {
header("Location: login.php");
exit;
}
?>
<?php include 'partials/header.php'; ?>
<div class="container py-5">
<h1 class="text-center">Restaurant Dashboard</h1>
<p class="text-center">Welcome, <?php echo htmlspecialchars($_SESSION['user_email']); ?>!</p>
<p class="text-center">This is where you will manage your food listings.</p>
</div>
<?php include 'partials/footer.php'; ?>

29
login.php
View File

@ -1,6 +1,11 @@
<?php
require_once 'db/config.php';
// Extend session lifetime to 30 days
ini_set('session.gc_maxlifetime', 30 * 24 * 60 * 60);
session_set_cookie_params(30 * 24 * 60 * 60);
session_start();
$errors = [];
if ($_SERVER["REQUEST_METHOD"] == "POST") {
@ -23,11 +28,29 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password'])) {
session_start();
$_SESSION['user_id'] = $user['id'];
$_SESSION['user_email'] = $user['email'];
header("Location: dashboard.php");
exit;
$_SESSION['user_role'] = $user['role'];
if ($user['first_login']) {
$updateStmt = $pdo->prepare("UPDATE users SET first_login = 0 WHERE id = ?");
$updateStmt->execute([$user['id']]);
// Here you could redirect to a welcome page, e.g., header("Location: welcome.php");
}
// Role-based redirection
switch ($user['role']) {
case 'ngo':
header("Location: dashboard.php");
exit;
case 'restaurant':
header("Location: listings.php");
exit;
default:
// Default redirect for any other roles
header("Location: dashboard.php");
exit;
}
} else {
$errors[] = 'Invalid email or password';
}

109
signup-ngo.php Normal file
View File

@ -0,0 +1,109 @@
<?php
require_once 'db/config.php';
$errors = [];
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$email = $_POST['email'] ?? '';
$password = $_POST['password'] ?? '';
$name = $_POST['name'] ?? '';
$address = $_POST['address'] ?? '';
$contact_person = $_POST['contact_person'] ?? '';
$registration_number = $_POST['registration_number'] ?? '';
$areas_served = $_POST['areas_served'] ?? '';
// --- Validation ---
if (empty($email)) { $errors[] = 'Email is required'; }
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $errors[] = 'Invalid email format'; }
if (empty($password)) { $errors[] = 'Password is required'; }
if (strlen($password) < 8) { $errors[] = 'Password must be at least 8 characters long'; }
if (empty($name)) { $errors[] = 'NGO name is required'; }
if (empty($address)) { $errors[] = 'Address is required'; }
if (empty($contact_person)) { $errors[] = 'Contact person is required'; }
if (empty($registration_number)) { $errors[] = 'Registration number is required'; }
if (empty($areas_served)) { $errors[] = 'Areas served is required'; }
// Check if email already exists
if (empty($errors)) {
try {
$pdo = db();
$stmt = $pdo->prepare("SELECT id FROM users WHERE email = ?");
$stmt->execute([$email]);
if ($stmt->fetch()) {
$errors[] = 'Email address is already registered';
}
} catch (PDOException $e) {
$errors[] = "Database error: " . $e->getMessage();
}
}
if (empty($errors)) {
try {
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$pdo = db();
$stmt = $pdo->prepare(
"INSERT INTO users (email, password, role, name, address, contact_person, registration_number, areas_served) VALUES (?, ?, 'ngo', ?, ?, ?, ?, ?)"
);
$stmt->execute([$email, $hashed_password, $name, $address, $contact_person, $registration_number, $areas_served]);
// Redirect to login page on success
header("Location: login.php?registration=success");
exit;
} catch (PDOException $e) {
$errors[] = "Database error on registration: " . $e->getMessage();
}
}
}
?>
<?php include 'partials/header.php'; ?>
<div class="container py-5">
<div class="row">
<div class="col-md-8 mx-auto">
<h2 class="text-center mb-4">NGO Registration</h2>
<?php if (!empty($errors)):
?>
<div class="alert alert-danger">
<?php foreach ($errors as $error): ?>
<p><?php echo htmlspecialchars($error); ?></p>
<?php endforeach; ?>
</div>
<?php endif; ?>
<form action="signup-ngo.php" method="post">
<div class="mb-3">
<label for="name" class="form-label">NGO Name</label>
<input type="text" class="form-control" id="name" name="name" required>
</div>
<div class="mb-3">
<label for="email" class="form-label">Email address</label>
<input type="email" class="form-control" id="email" name="email" required>
</div>
<div class="mb-3">
<label for="password" class="form-label">Password</label>
<input type="password" class="form-control" id="password" name="password" minlength="8" required>
</div>
<div class="mb-3">
<label for="address" class="form-label">Address</label>
<textarea class="form-control" id="address" name="address" rows="3" required></textarea>
</div>
<div class="mb-3">
<label for="contact_person" class="form-label">Contact Person</label>
<input type="text" class="form-control" id="contact_person" name="contact_person" required>
</div>
<div class="mb-3">
<label for="registration_number" class="form-label">Registration Number</label>
<input type="text" class="form-control" id="registration_number" name="registration_number" required>
</div>
<div class="mb-3">
<label for="areas_served" class="form-label">Areas Served</label>
<input type="text" class="form-control" id="areas_served" name="areas_served" required>
</div>
<button type="submit" class="btn btn-primary">Register</button>
</form>
</div>
</div>
</div>
<?php include 'partials/footer.php'; ?>

103
signup-restaurant.php Normal file
View File

@ -0,0 +1,103 @@
<?php
require_once 'db/config.php';
$errors = [];
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$email = $_POST['email'] ?? '';
$password = $_POST['password'] ?? '';
$name = $_POST['name'] ?? '';
$address = $_POST['address'] ?? '';
$contact_person = $_POST['contact_person'] ?? '';
$license_number = $_POST['license_number'] ?? '';
// --- Validation ---
if (empty($email)) { $errors[] = 'Email is required'; }
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $errors[] = 'Invalid email format'; }
if (empty($password)) { $errors[] = 'Password is required'; }
if (strlen($password) < 8) { $errors[] = 'Password must be at least 8 characters long'; }
if (empty($name)) { $errors[] = 'Restaurant name is required'; }
if (empty($address)) { $errors[] = 'Address is required'; }
if (empty($contact_person)) { $errors[] = 'Contact person is required'; }
if (empty($license_number)) { $errors[] = 'Food license number is required'; }
// Check if email already exists
if (empty($errors)) {
try {
$pdo = db();
$stmt = $pdo->prepare("SELECT id FROM users WHERE email = ?");
$stmt->execute([$email]);
if ($stmt->fetch()) {
$errors[] = 'Email address is already registered';
}
} catch (PDOException $e) {
$errors[] = "Database error: " . $e->getMessage();
}
}
if (empty($errors)) {
try {
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$pdo = db();
$stmt = $pdo->prepare(
"INSERT INTO users (email, password, role, name, address, contact_person, license_number) VALUES (?, ?, 'restaurant', ?, ?, ?, ?)"
);
$stmt->execute([$email, $hashed_password, $name, $address, $contact_person, $license_number]);
// Redirect to login page on success
header("Location: login.php?registration=success");
exit;
} catch (PDOException $e) {
$errors[] = "Database error on registration: " . $e->getMessage();
}
}
}
?>
<?php include 'partials/header.php'; ?>
<div class="container py-5">
<div class="row">
<div class="col-md-8 mx-auto">
<h2 class="text-center mb-4">Restaurant Registration</h2>
<?php if (!empty($errors)):
?>
<div class="alert alert-danger">
<?php foreach ($errors as $error): ?>
<p><?php echo htmlspecialchars($error); ?></p>
<?php endforeach; ?>
</div>
<?php endif; ?>
<form action="signup-restaurant.php" method="post">
<div class="mb-3">
<label for="name" class="form-label">Restaurant Name</label>
<input type="text" class="form-control" id="name" name="name" required>
</div>
<div class="mb-3">
<label for="email" class="form-label">Email address</label>
<input type="email" class="form-control" id="email" name="email" required>
</div>
<div class="mb-3">
<label for="password" class="form-label">Password</label>
<input type="password" class="form-control" id="password" name="password" minlength="8" required>
</div>
<div class="mb-3">
<label for="address" class="form-label">Address</label>
<textarea class="form-control" id="address" name="address" rows="3" required></textarea>
</div>
<div class="mb-3">
<label for="contact_person" class="form-label">Contact Person</label>
<input type="text" class="form-control" id="contact_person" name="contact_person" required>
</div>
<div class="mb-3">
<label for="license_number" class="form-label">Food License Number</label>
<input type="text" class="form-control" id="license_number" name="license_number" required>
</div>
<button type="submit" class="btn btn-primary">Register</button>
</form>
</div>
</div>
</div>
<?php include 'partials/footer.php'; ?>

88
signup.php
View File

@ -1,87 +1,15 @@
<?php
require_once 'db/config.php';
$errors = [];
$success = '';
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$email = $_POST['email'] ?? '';
$password = $_POST['password'] ?? '';
$password_confirm = $_POST['password_confirm'] ?? '';
if (empty($email)) {
$errors[] = 'Email is required';
} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errors[] = 'Invalid email format';
}
if (empty($password)) {
$errors[] = 'Password is required';
}
if ($password !== $password_confirm) {
$errors[] = 'Passwords do not match';
}
if (empty($errors)) {
try {
$pdo = db();
$stmt = $pdo->prepare("SELECT id FROM users WHERE email = ?");
$stmt->execute([$email]);
if ($stmt->fetch()) {
$errors[] = 'Email already exists';
} else {
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$stmt = $pdo->prepare("INSERT INTO users (email, password) VALUES (?, ?)");
$stmt->execute([$email, $hashed_password]);
$success = 'Registration successful! You can now <a href="login.php">login</a>.';
}
} catch (PDOException $e) {
$errors[] = "Database error: " . $e->getMessage();
}
}
}
?>
<?php include 'partials/header.php'; ?>
<div class="container py-5">
<div class="row">
<div class="col-md-6 mx-auto">
<h2 class="text-center mb-4">Sign Up</h2>
<?php if (!empty($errors)):
?>
<div class="alert alert-danger">
<?php foreach ($errors as $error): ?>
<p><?php echo $error; ?></p>
<?php endforeach; ?>
</div>
<?php endif; ?>
<?php if ($success): ?>
<div class="alert alert-success">
<p><?php echo $success; ?></p>
</div>
<?php else: ?>
<form action="signup.php" method="post">
<div class="mb-3">
<label for="email" class="form-label">Email address</label>
<input type="email" class="form-control" id="email" name="email" required>
</div>
<div class="mb-3">
<label for="password" class="form-label">Password</label>
<input type="password" class="form-control" id="password" name="password" required>
</div>
<div class="mb-3">
<label for="password_confirm" class="form-label">Confirm Password</label>
<input type="password" class="form-control" id="password_confirm" name="password_confirm" required>
</div>
<button type="submit" class="btn btn-primary">Sign Up</button>
</form>
<?php endif; ?>
<div class="col-md-8 mx-auto text-center">
<h2 class="mb-4">Join FoodBridge</h2>
<p class="lead mb-5">Are you a restaurant wanting to donate surplus food, or an NGO ready to distribute it to those in need? Choose your path below to get started.</p>
<div class="d-grid gap-4 d-md-flex justify-content-md-center">
<a href="signup-restaurant.php" class="btn btn-primary btn-lg px-4 gap-3">I'm a Restaurant</a>
<a href="signup-ngo.php" class="btn btn-secondary btn-lg px-4">I'm an NGO</a>
</div>
</div>
</div>
</div>