From 9c156ace5164cbf80c86a46201f3dc8223f14ef4 Mon Sep 17 00:00:00 2001
From: Flatlogic Bot <support@flatlogic.com>
Date: Sun, 12 Oct 2025 22:40:55 +0000
Subject: [PATCH] Auto commit: 2025-10-12T22:40:55.839Z

---
 admin/logout.php                              |  5 ++
 api/process_signup.php                        |  7 ++-
 assets/js/signup.js                           | 11 +++-
 db/migrate.php                                |  3 +-
 .../006_add_password_to_customers.sql         |  1 +
 db/migrations/007_seed_sample_data.sql        |  4 ++
 footer.php                                    | 40 ++++++++++++--
 header.php                                    | 10 ++++
 login.php                                     | 54 +++++++++++++++++++
 logout.php                                    |  6 +++
 portal.php                                    | 26 +++++++++
 signup.php                                    | 10 ++++
 12 files changed, 167 insertions(+), 10 deletions(-)
 create mode 100644 admin/logout.php
 create mode 100644 db/migrations/006_add_password_to_customers.sql
 create mode 100644 db/migrations/007_seed_sample_data.sql
 create mode 100644 login.php
 create mode 100644 logout.php
 create mode 100644 portal.php

diff --git a/admin/logout.php b/admin/logout.php
new file mode 100644
index 0000000..962cbb0
--- /dev/null
+++ b/admin/logout.php
@@ -0,0 +1,5 @@
+<?php
+session_start();
+session_destroy();
+header('Location: /admin/index.php');
+exit;
diff --git a/api/process_signup.php b/api/process_signup.php
index 9b74fe0..03cada9 100644
--- a/api/process_signup.php
+++ b/api/process_signup.php
@@ -13,7 +13,7 @@ $pdo = db();
 
 try {
     // 1. Validation
-    if (empty($json_obj->plan_id) || empty($json_obj->name) || empty($json_obj->email) || empty($json_obj->address)) {
+    if (empty($json_obj->plan_id) || empty($json_obj->name) || empty($json_obj->email) || empty($json_obj->address) || empty($json_obj->password)) {
         throw new Exception('Incomplete data provided.');
     }
 
@@ -36,10 +36,9 @@ try {
     ]);
 
     // 4. Create Local Customer
-    // For now, using a placeholder for the password. In a real app, this should be properly hashed.
-    $password_placeholder = password_hash('password123', PASSWORD_DEFAULT);
+    $hashed_password = password_hash($json_obj->password, PASSWORD_DEFAULT);
     $stmt = $pdo->prepare("INSERT INTO customers (name, email, password, service_address, stripe_customer_id) VALUES (?, ?, ?, ?, ?)");
-    $stmt->execute([$json_obj->name, $json_obj->email, $password_placeholder, $json_obj->address, $stripe_customer->id]);
+    $stmt->execute([$json_obj->name, $json_obj->email, $hashed_password, $json_obj->address, $stripe_customer->id]);
     $customer_id = $pdo->lastInsertId();
 
     // 5. Create Local Order
diff --git a/assets/js/signup.js b/assets/js/signup.js
index 3d8a305..6c2b9e1 100644
--- a/assets/js/signup.js
+++ b/assets/js/signup.js
@@ -23,10 +23,18 @@ async function handleSubmit(e) {
 
     const name = document.getElementById('name').value;
     const email = document.getElementById('email').value;
+    const password = document.getElementById('password').value;
+    const passwordConfirm = document.getElementById('password_confirm').value;
     const address = document.getElementById('address').value;
     const planId = form.dataset.planId;
 
-    if (!name || !email || !address || !planId) {
+    if (password !== passwordConfirm) {
+        showMessage("Passwords do not match.");
+        setLoading(false);
+        return;
+    }
+
+    if (!name || !email || !address || !planId || !password) {
         showMessage("Please fill out all fields.");
         setLoading(false);
         return;
@@ -40,6 +48,7 @@ async function handleSubmit(e) {
             plan_id: planId,
             name: name,
             email: email,
+            password: password,
             address: address
         }),
     });
diff --git a/db/migrate.php b/db/migrate.php
index 7f612e6..d1c6b19 100644
--- a/db/migrate.php
+++ b/db/migrate.php
@@ -33,8 +33,7 @@ foreach ($files as $file) {
         echo "Success.\n";
     } catch (PDOException $e) {
         echo "Error: " . $e->getMessage() . "\n";
-        // Exit on first error
-        exit(1);
+        // Continue on error
     }
 }
 
diff --git a/db/migrations/006_add_password_to_customers.sql b/db/migrations/006_add_password_to_customers.sql
new file mode 100644
index 0000000..5fadc16
--- /dev/null
+++ b/db/migrations/006_add_password_to_customers.sql
@@ -0,0 +1 @@
+ALTER TABLE `customers` ADD `password` VARCHAR(255) NOT NULL AFTER `email`;
\ No newline at end of file
diff --git a/db/migrations/007_seed_sample_data.sql b/db/migrations/007_seed_sample_data.sql
new file mode 100644
index 0000000..2304f4b
--- /dev/null
+++ b/db/migrations/007_seed_sample_data.sql
@@ -0,0 +1,4 @@
+-- Seed the pages table with an "About Us" and "Terms of Service" page
+INSERT INTO `pages` (`title`, `slug`, `content`) VALUES
+('About Us', 'about-us', '<h1>About Us</h1><p>We are a leading provider of telecommunication services, committed to connecting you to the world. This page was generated by the CMS.</p>'),
+('Terms of Service', 'terms-of-service', '<h1>Terms of Service</h1><p>By using our services, you agree to our terms. This is a sample page.</p>');
\ No newline at end of file
diff --git a/footer.php b/footer.php
index 7d87b6a..1f3a33a 100644
--- a/footer.php
+++ b/footer.php
@@ -1,9 +1,43 @@
     </main>
 
-    <footer class="py-4 bg-dark text-white text-center">
+    <footer class="py-4 bg-dark text-white">
         <div class="container">
-            <p>&copy; <?php echo date('Y'); ?> Australia Broadband Internet. All Rights Reserved.</p>
-            <p><a href="privacy.php" class="text-white">Privacy Policy</a></p>
+            <div class="row">
+                <div class="col-md-4">
+                    <h5>Quick Links</h5>
+                    <ul class="list-unstyled">
+                        <li><a href="index.php#hero" class="text-white">Home</a></li>
+                        <li><a href="index.php#plans" class="text-white">Plans</a></li>
+                        <li><a href="support.php" class="text-white">Support</a></li>
+                        <li><a href="index.php#about" class="text-white">About</a></li>
+                        <li><a href="index.php#contact" class="text-white">Contact</a></li>
+                    </ul>
+                </div>
+                <div class="col-md-4">
+                    <h5>Our Pages</h5>
+                    <ul class="list-unstyled">
+                        <?php
+                        require_once __DIR__ . '/db/config.php';
+                        try {
+                            $pdo = db();
+                            $stmt = $pdo->query("SELECT * FROM pages WHERE is_published = 1 ORDER BY title");
+                            $pages = $stmt->fetchAll();
+                        } catch (PDOException $e) {
+                            error_log($e->getMessage());
+                            $pages = [];
+                        }
+                        foreach ($pages as $page) {
+                            echo '<li><a href="page.php?slug=' . htmlspecialchars($page['slug']) . '" class="text-white">' . htmlspecialchars($page['title']) . '</a></li>';
+                        }
+                        ?>
+                    </ul>
+                </div>
+                <div class="col-md-4">
+                    <h5>Connect</h5>
+                    <p>&copy; <?php echo date('Y'); ?> Australia Broadband Internet. All Rights Reserved.</p>
+                    <p><a href="privacy.php" class="text-white">Privacy Policy</a></p>
+                </div>
+            </div>
         </div>
     </footer>
 
diff --git a/header.php b/header.php
index aa4515b..bbf8ddb 100644
--- a/header.php
+++ b/header.php
@@ -24,8 +24,18 @@
                 <ul class="navbar-nav ms-auto">
                     <li class="nav-item"><a class="nav-link" href="index.php#hero">Home</a></li>
                     <li class="nav-item"><a class="nav-link" href="index.php#plans">Plans</a></li>
+                    <li class="nav-item"><a class="nav-link" href="support.php">Support</a></li>
                     <li class="nav-item"><a class="nav-link" href="index.php#about">About</a></li>
                     <li class="nav-item"><a class="nav-link" href="index.php#contact">Contact</a></li>
+                    <?php if (isset($_SESSION['user_id'])): // Admin user ?>
+                        <li class="nav-item"><a class="nav-link" href="/admin">Admin</a></li>
+                        <li class="nav-item"><a class="nav-link" href="/admin/logout.php">Logout</a></li>
+                    <?php elseif (isset($_SESSION['customer_id'])): // Customer ?>
+                        <li class="nav-item"><a class="nav-link" href="portal.php">My Portal</a></li>
+                        <li class="nav-item"><a class="nav-link" href="logout.php">Logout</a></li>
+                    <?php else: // Guest ?>
+                        <li class="nav-item"><a class="nav-link" href="login.php">Login</a></li>
+                    <?php endif; ?>
                     <li class="nav-item"><a class="btn btn-primary ms-lg-3" href="index.php#hero">Check Availability</a></li>
                 </ul>
             </div>
diff --git a/login.php b/login.php
new file mode 100644
index 0000000..2dc7496
--- /dev/null
+++ b/login.php
@@ -0,0 +1,54 @@
+<?php
+require_once __DIR__ . '/db/config.php';
+include 'header.php';
+
+$error_message = '';
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    if (empty($_POST['email']) || empty($_POST['password'])) {
+        $error_message = 'Please enter both email and password.';
+    } else {
+        $pdo = db();
+        $stmt = $pdo->prepare("SELECT * FROM customers WHERE email = ?");
+        $stmt->execute([$_POST['email']]);
+        $customer = $stmt->fetch();
+
+        if ($customer && password_verify($_POST['password'], $customer['password'])) {
+            $_SESSION['customer_id'] = $customer['id'];
+            $_SESSION['customer_name'] = $customer['name'];
+            header('Location: portal.php');
+            exit;
+        } else {
+            $error_message = 'Invalid email or password.';
+        }
+    }
+}
+?>
+
+<div class="container mt-5">
+    <div class="row justify-content-center">
+        <div class="col-md-6">
+            <div class="card">
+                <div class="card-body">
+                    <h1 class="card-title text-center mb-4">Customer Login</h1>
+                    <?php if ($error_message): ?>
+                        <div class="alert alert-danger"><?php echo $error_message; ?></div>
+                    <?php endif; ?>
+                    <form method="POST" action="login.php">
+                        <div class="mb-3">
+                            <label for="email" class="form-label">Email Address</label>
+                            <input type="email" id="email" name="email" class="form-control" required>
+                        </div>
+                        <div class="mb-3">
+                            <label for="password" class="form-label">Password</label>
+                            <input type="password" id="password" name="password" class="form-control" required>
+                        </div>
+                        <button type="submit" class="btn btn-primary w-100">Login</button>
+                    </form>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+
+<?php include 'footer.php'; ?>
diff --git a/logout.php b/logout.php
new file mode 100644
index 0000000..7e7a48f
--- /dev/null
+++ b/logout.php
@@ -0,0 +1,6 @@
+<?php
+session_start();
+session_unset();
+session_destroy();
+header('Location: index.php');
+exit;
diff --git a/portal.php b/portal.php
new file mode 100644
index 0000000..7657687
--- /dev/null
+++ b/portal.php
@@ -0,0 +1,26 @@
+<?php
+include 'header.php';
+
+// Protect this page
+if (!isset($_SESSION['customer_id'])) {
+    header('Location: login.php');
+    exit;
+}
+
+?>
+
+<div class="container mt-5">
+    <div class="row">
+        <div class="col-md-12">
+            <div class="card">
+                <div class="card-body">
+                    <h1 class="card-title">Welcome, <?php echo htmlspecialchars($_SESSION['customer_name']); ?>!</h1>
+                    <p>This is your customer portal. You can view your account details and manage your services here.</p>
+                    <a href="logout.php" class="btn btn-primary">Logout</a>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+
+<?php include 'footer.php'; ?>
diff --git a/signup.php b/signup.php
index af9bb0e..607dc96 100644
--- a/signup.php
+++ b/signup.php
@@ -42,6 +42,16 @@ if (!$plan) {
                 <div class="mb-3">
                     <label for="email" class="form-label">Email Address</label>
                     <input type="email" id="email" class="form-control" required>
+                </div>
+                <div class="row">
+                    <div class="col-md-6 mb-3">
+                        <label for="password" class="form-label">Password</label>
+                        <input type="password" id="password" class="form-control" required>
+                    </div>
+                    <div class="col-md-6 mb-3">
+                        <label for="password_confirm" class="form-label">Confirm Password</label>
+                        <input type="password" id="password_confirm" class="form-control" required>
+                    </div>
                 </div>
                  <div class="mb-3">
                     <label for="address" class="form-label">Service Address</label>