35149-vm/admin_schools.php

<?php
include 'templates/header.php';
require_once 'db/config.php';

// Admin-only page
if (!isset($_SESSION['role_id']) || $_SESSION['role_id'] != 1) {
    header('Location: dashboard.php');
    exit;
}

$pdo = db();
$action = $_GET['action'] ?? 'list';
$id = $_GET['id'] ?? null;

// Fetch institutions for the dropdown
$institutions_stmt = $pdo->query('SELECT id, name FROM institutions ORDER BY name');
$institutions = $institutions_stmt->fetchAll();

// Handle form submissions
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $name = trim($_POST['name']);
    $institution_id = $_POST['institution_id'];

    if (isset($_POST['add_school'])) {
        if (!empty($name) && !empty($institution_id)) {
            $stmt = $pdo->prepare('INSERT INTO schools (name, institution_id) VALUES (?, ?)');
            $stmt->execute([$name, $institution_id]);
        }
    } elseif (isset($_POST['update_school'])) {
        if (!empty($name) && !empty($institution_id) && !empty($id)) {
            $stmt = $pdo->prepare('UPDATE schools SET name = ?, institution_id = ? WHERE id = ?');
            $stmt->execute([$name, $institution_id, $id]);
        }
        header('Location: admin_schools.php');
        exit;
    } elseif (isset($_POST['delete_school'])) {
        if (!empty($id)) {
            $stmt = $pdo->prepare('DELETE FROM schools WHERE id = ?');
            $stmt->execute([$id]);
        }
        header('Location: admin_schools.php');
        exit;
    }
}

?>

<h2>Assessment Planning: Schools</h2>

<p><a href="admin.php"> &larr; Back to Admin Dashboard</a></p>

<?php if ($action === 'edit' && $id): ?>
    <?php
    $stmt = $pdo->prepare('SELECT * FROM schools WHERE id = ?');
    $stmt->execute([$id]);
    $school = $stmt->fetch();
    ?>
    <h3>Edit School</h3>
    <form action="admin_schools.php?action=edit&id=<?php echo $id; ?>" method="post">
        <div class="mb-3">
            <label for="name" class="form-label">School Name</label>
            <input type="text" class="form-control" id="name" name="name" value="<?php echo htmlspecialchars($school['name']); ?>" required>
        </div>
        <div class="mb-3">
            <label for="institution_id" class="form-label">Institution</label>
            <select class="form-select" id="institution_id" name="institution_id" required>
                <?php foreach ($institutions as $institution): ?>
                    <option value="<?php echo $institution['id']; ?>" <?php echo ($institution['id'] == $school['institution_id']) ? 'selected' : ''; ?>><?php echo htmlspecialchars($institution['name']); ?></option>
                <?php endforeach; ?>
            </select>
        </div>
        <input type="hidden" name="id" value="<?php echo $id; ?>">
        <button type="submit" name="update_school" class="btn btn-primary">Update</button>
        <a href="admin_schools.php" class="btn btn-secondary">Cancel</a>
    </form>

<?php elseif ($action === 'delete' && $id): ?>
    <?php
    $stmt = $pdo->prepare('SELECT * FROM schools WHERE id = ?');
    $stmt->execute([$id]);
    $school = $stmt->fetch();
    ?>
    <h3>Delete School</h3>
    <p>Are you sure you want to delete the school "<?php echo htmlspecialchars($school['name']); ?>"?</p>
    <form action="admin_schools.php?action=delete&id=<?php echo $id; ?>" method="post">
        <input type="hidden" name="id" value="<?php echo $id; ?>">
        <button type="submit" name="delete_school" class="btn btn-danger">Delete</button>
        <a href="admin_schools.php" class="btn btn-secondary">Cancel</a>
    </form>

<?php else: ?>

    <h3>Add New School</h3>
    <form action="admin_schools.php" method="post">
        <div class="mb-3">
            <label for="name" class="form-label">School Name</label>
            <input type="text" class="form-control" id="name" name="name" required>
        </div>
        <div class="mb-3">
            <label for="institution_id" class="form-label">Institution</label>
            <select class="form-select" id="institution_id" name="institution_id" required>
                <option value="">Select an Institution</option>
                <?php foreach ($institutions as $institution): ?>
                    <option value="<?php echo $institution['id']; ?>"><?php echo htmlspecialchars($institution['name']); ?></option>
                <?php endforeach; ?>
            </select>
        </div>
        <button type="submit" name="add_school" class="btn btn-primary">Add School</button>
    </form>

    <hr>

    <h3>Existing Schools</h3>
    <table class="table table-striped">
        <thead>
            <tr>
                <th>ID</th>
                <th>Name</th>
                <th>Institution</th>
                <th>Actions</th>
            </tr>
        </thead>
        <tbody>
            <?php
            $stmt = $pdo->query('SELECT s.id, s.name, i.name AS institution_name FROM schools s JOIN institutions i ON s.institution_id = i.id ORDER BY s.id');
            while ($row = $stmt->fetch()) {
                echo "<tr>";
                echo "<td>" . htmlspecialchars($row['id']) . "</td>";
                echo "<td>" . htmlspecialchars($row['name']) . "</td>";
                echo "<td>" . htmlspecialchars($row['institution_name']) . "</td>";
                echo '<td>
                        <a href="admin_schools.php?action=edit&id=' . $row['id'] . '" class="btn btn-sm btn-outline-primary">Edit</a>
                        <a href="admin_schools.php?action=delete&id=' . $row['id'] . '" class="btn btn-sm btn-outline-danger">Delete</a>
                      </td>';
                echo "</tr>";
            }
            ?>
        </tbody>
    </table>

<?php endif; ?>

<?php include 'templates/footer.php'; ?>