35089-vm/portal/admin/users.php

<?php
require_once __DIR__ . '/../../includes/auth.php';
require_admin(); // Only admins can access this page

$db = db();
$stmt = $db->query('SELECT users.id, users.name, users.email, roles.name AS role_name FROM users LEFT JOIN roles ON users.role_id = roles.id ORDER BY users.name');
$users = $stmt->fetchAll(PDO::FETCH_ASSOC);

$page_title = 'Manage Users';
include __DIR__ . '/../includes/header.php';
?>

<div class="container-fluid p-4">
    <h1 class="h3 mb-4">Manage Users</h1>

    <div class="card">
        <div class="card-body">
            <table class="table table-striped">
                <thead>
                    <tr>
                        <th>Name</th>
                        <th>Email</th>
                        <th>Role</th>
                        <th>Actions</th>
                    </tr>
                </thead>
                <tbody>
                    <?php foreach ($users as $user): ?>
                        <tr>
                            <td><?php echo htmlspecialchars($user['name']); ?></td>
                            <td><?php echo htmlspecialchars($user['email']); ?></td>
                            <td><?php echo htmlspecialchars($user['role_name']); ?></td>
                            <td>
                                <?php if (!in_array($user['role_name'], ['Super Admin', 'Agency Admin']) || $user['id'] == ($_SESSION['original_user_id'] ?? $_SESSION['user_id'])): ?>
                                    <a href="/portal/admin/impersonate_handler.php?user_id=<?php echo $user['id']; ?>" class="btn btn-sm btn-outline-secondary">Impersonate</a>
                                <?php else: ?>
                                    <button class="btn btn-sm btn-outline-secondary" disabled>Impersonate</button>
                                <?php endif; ?>
                            </td>
                        </tr>
                    <?php endforeach; ?>
                </tbody>
            </table>
        </div>
    </div>
</div>

<?php include __DIR__ . '/../includes/footer.php'; ?>