admin/35273-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: admin:master
Branches Tags
admin:master
admin:ai-dev
...
pull from: admin:ai-dev
Branches Tags
admin:ai-dev
admin:master

4 Commits
master ... ai-dev

Author SHA1 Message Date
Flatlogic Bot
734d16aa81 v4 2025-10-27 13:06:57 +00:00
Flatlogic Bot
a3fa722e5f c3 2025-10-27 12:46:17 +00:00
Flatlogic Bot
57b68bc2a2 2nd 2025-10-27 10:19:31 +00:00
Flatlogic Bot
ae55cc8a86 Just testing 2025-10-27 10:08:26 +00:00
14 changed files with 843 additions and 146 deletions
Show Stats Expand all files Collapse all files

156
analysis.php Normal file
View File

@ -0,0 +1,156 @@
<?php
require_once 'config.php';
require_once 'db/config.php';
include 'header.php';
// Protected page
if (!isset($_SESSION['user_email'])) {
header('Location: login.php');
exit;
}
?>
<div class="container-fluid mt-5">
<div class="row">
<div class="col-12">
<div class="card">
<div class="card-header">
<h2><i class="bi bi-bar-chart-line-fill me-2"></i>Data Analysis Mockup</h2>
</div>
<div class="card-body">
<p>This is a static mockup to illustrate the data analysis interface. The data below is for demonstration purposes only.</p>
<!-- Filters -->
<div class="card mb-4">
<div class="card-body bg-light">
<h5 class="card-title">Filters</h5>
<form class="row g-3 align-items-end">
<div class="col-md-3">
<label for="filterYear" class="form-label">Year</label>
<select id="filterYear" class="form-select">
<option selected>2024</option>
<option>2023</option>
<option>2022</option>
</select>
</div>
<div class="col-md-3">
<label for="filterPollutant" class="form-label">Pollutant</label>
<select id="filterPollutant" class="form-select">
<option selected>Carbon Dioxide (CO2)</option>
<option>Methane (CH4)</option>
<option>Nitrogen Oxides (NOx)</option>
</select>
</div>
<div class="col-md-4">
<label for="filterRegion" class="form-label">Region / NUTS Code</label>
<input type="text" class="form-control" id="filterRegion" placeholder="e.g., UKN0">
</div>
<div class="col-md-2">
<button type="submit" class="btn btn-primary w-100">Apply</button>
</div>
</form>
</div>
</div>
<!-- Chart Placeholder -->
<div class="row text-center">
<div class="col-lg-8 mb-4">
<div class="card h-100">
<div class="card-header">Emissions Trend (Chart Placeholder)</div>
<div class="card-body d-flex align-items-center justify-content-center bg-light">
<div class="text-muted">
<i class="bi bi-graph-up" style="font-size: 3rem;"></i>
<p>Chart would be rendered here.</p>
</div>
</div>
</div>
</div>
<div class="col-lg-4 mb-4">
<div class="card h-100">
<div class="card-header">Key Metrics</div>
<div class="card-body">
<div class="d-flex justify-content-between align-items-center border-bottom pb-2 mb-2">
<span>Total Facilities Reporting:</span>
<span class="badge bg-primary rounded-pill fs-6">1,204</span>
</div>
<div class="d-flex justify-content-between align-items-center border-bottom pb-2 mb-2">
<span>Total Emissions (Tons):</span>
<span class="badge bg-success rounded-pill fs-6">4.5M</span>
</div>
<div class="d-flex justify-content-between align-items-center">
<span>Compliance Rate:</span>
<span class="badge bg-warning rounded-pill fs-6">98.2%</span>
</div>
</div>
</div>
</div>
</div>
<!-- Data Table -->
<h5>Submitted Reports</h5>
<div class="table-responsive">
<table class="table table-striped table-hover">
<thead class="table-dark">
<tr>
<th>ID</th>
<th>Original Filename</th>
<th>Upload Time</th>
<th>Status</th>
<th>Uploaded By</th>
</tr>
</thead>
<tbody>
<?php
try {
$pdo = db();
$sql = 'SELECT id, original_filename, upload_time, status, uploaded_by FROM uploaded_files';
if ($_SESSION['user_role'] !== 'admin') {
$sql .= ' WHERE user_id = ?';
}
$sql .= ' ORDER BY upload_time DESC';
$stmt = $pdo->prepare($sql);
if ($_SESSION['user_role'] !== 'admin') {
$stmt->execute([$_SESSION['user_id']]);
} else {
$stmt->execute();
}
$files = $stmt->fetchAll();
if (empty($files)):
?>
<tr>
<td colspan="5" class="text-center">No files have been uploaded yet.</td>
</tr>
<?php else: foreach ($files as $file): ?>
<tr>
<td><?php echo htmlspecialchars($file['id']); ?></td>
<td><?php echo htmlspecialchars($file['original_filename']); ?></td>
<td><?php echo htmlspecialchars($file['upload_time']); ?></td>
<td><span class="badge bg-secondary"><?php echo htmlspecialchars($file['status']); ?></span></td>
<td><?php echo htmlspecialchars($file['uploaded_by']); ?></td>
</tr>
<?php endforeach; endif;
} catch (PDOException $e) {
echo '<tr><td colspan="5" class="text-center text-danger">Error fetching data: ' . htmlspecialchars($e->getMessage()) . '</td></tr>';
}
?>
</tbody>
</table>
</div>
<div class="d-flex justify-content-end">
<button class="btn btn-secondary"><i class="bi bi-download me-2"></i>Export as CSV</button>
</div>
</div>
</div>
</div>
</div>
</div>
<?php include 'footer.php'; ?>

42
assets/css/custom.css Normal file
View File

@ -0,0 +1,42 @@
:root {
--bs-primary: #005bac;
--bs-secondary: #6c757d;
--bs-light: #f8f9fa;
--bs-dark: #343a40;
}
body {
font-family: 'Roboto', -apple-system, BlinkMacSystemFont, "Segoe UI", "Helvetica Neue", Arial, sans-serif;
background-color: var(--bs-light);
display: flex;
flex-direction: column;
min-height: 100vh;
}
h1, h2, h3, h4, h5, h6, .h1, .h2, .h3, .h4, .h5, .h6 {
font-family: 'Montserrat', sans-serif;
font-weight: 700;
}
.navbar-brand {
font-weight: 700;
color: var(--bs-primary);
}
.btn-primary {
background-image: linear-gradient(to right, #005bac 0%, #007bff 100%);
border: none;
transition: all 0.3s ease;
background-size: 200% auto;
}
.btn-primary:hover {
background-position: right center;
}
.login-container {
max-width: 450px;
margin-top: 5rem;
margin-bottom: 5rem;
}

20
config.php Normal file
View File

@ -0,0 +1,20 @@
<?php
// Central configuration and bootstrap file.
// 1. Error Reporting (Development vs. Production)
// For development, show all errors. In a production environment, this should be logged, not displayed.
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
// 2. Session Management
// Ensures a session is started on all pages that include this file.
if (session_status() === PHP_SESSION_NONE) {
session_start();
}
// 3. Application Constants (optional, but good practice)
define('ROOT_PATH', __DIR__);
define('UPLOADS_PATH', ROOT_PATH . '/uploads');
?>

44
dashboard.php Normal file
View File

@ -0,0 +1,44 @@
<?php
require_once 'config.php';
include 'header.php';
// This is a protected page. If the user is not logged in, redirect to login.
if (!isset($_SESSION['user_email'])) {
header('Location: login.php');
exit;
}
?>
<div class="container mt-5">
<div class="row">
<div class="col-12">
<div class="alert alert-success">
<strong>Welcome, <?php echo htmlspecialchars($_SESSION['user_email']); ?>!</strong> You are now logged in.
</div>
<div class="card">
<div class="card-header">
<h2>Dashboard</h2>
</div>
<div class="card-body">
<p>This is a placeholder for your dashboard content. From here, you will be able to manage your reporting tasks based on your role.</p>
<hr>
<h4>Actions</h4>
<div class="list-group">
<a href="upload.php" class="list-group-item list-group-item-action">
<i class="bi bi-file-earmark-arrow-up-fill me-2"></i>
<strong>Submit a new Report</strong>
<p class="mb-1 text-muted">Upload your XML report file for validation and processing.</p>
</a>
<a href="analysis.php" class="list-group-item list-group-item-action">
<i class="bi bi-bar-chart-line-fill me-2"></i>
<strong>Analyze Data</strong>
<p class="mb-1 text-muted">View aggregated data, trends, and generate analytical reports.</p>
</a>
</div>
</div>
</div>
</div>
</div>
</div>
<?php include 'footer.php'; ?>

11
db/migrations/001_create_uploaded_files_table.sql Normal file
View File

@ -0,0 +1,11 @@
-- SQL Migration for creating the uploaded_files table.
-- This table will store metadata for each XML file uploaded.
CREATE TABLE IF NOT EXISTS `uploaded_files` (
`id` INT AUTO_INCREMENT PRIMARY KEY,
`original_filename` VARCHAR(255) NOT NULL,
`new_filename` VARCHAR(255) NOT NULL,
`upload_time` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
`status` VARCHAR(50) DEFAULT 'pending_validation',
`uploaded_by` VARCHAR(255) NOT NULL COMMENT 'User email or identifier'
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;

7
db/migrations/002_create_users_table.sql Normal file
View File

@ -0,0 +1,7 @@
CREATE TABLE IF NOT EXISTS `users` (
`id` INT AUTO_INCREMENT PRIMARY KEY,
`email` VARCHAR(255) NOT NULL UNIQUE,
`password` VARCHAR(255) NOT NULL,
`role` VARCHAR(50) NOT NULL DEFAULT 'user',
`created_at` TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);

3
db/migrations/003_add_user_id_to_uploaded_files.sql Normal file
View File

@ -0,0 +1,3 @@
ALTER TABLE `uploaded_files`
ADD COLUMN `user_id` INT,
ADD CONSTRAINT `fk_user_id` FOREIGN KEY (`user_id`) REFERENCES `users`(`id`) ON DELETE SET NULL;

119
edit_user.php Normal file
View File

@ -0,0 +1,119 @@
<?php
require_once 'config.php';
require_once 'db/config.php';
// Admin-only access
if (!isset($_SESSION['user_role']) || $_SESSION['user_role'] !== 'admin') {
header('Location: dashboard.php');
exit;
}
$pdo = db();
$feedback = [];
$userId = filter_input(INPUT_GET, 'id', FILTER_VALIDATE_INT);
if (!$userId) {
header('Location: users.php');
exit;
}
// Handle Update User
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'update') {
$email = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);
$role = $_POST['role'];
$password = $_POST['password']; // New password
$postedUserId = filter_input(INPUT_POST, 'user_id', FILTER_VALIDATE_INT);
if (!$email || !in_array($role, ['user', 'admin']) || $postedUserId != $userId) {
$feedback = ['type' => 'danger', 'message' => 'Invalid input. Please check all fields.'];
} else {
// Prevent admin from changing their own role if they are the last admin
if ($userId == $_SESSION['user_id'] && $role !== 'admin') {
$stmt = $pdo->prepare("SELECT COUNT(*) FROM users WHERE role = 'admin'");
$stmt->execute();
$adminCount = $stmt->fetchColumn();
if ($adminCount <= 1) {
$feedback = ['type' => 'danger', 'message' => 'You cannot change your role as you are the only admin.'];
}
}
if (empty($feedback)) {
$sql = "UPDATE users SET email = ?, role = ?";
$params = [$email, $role];
if (!empty($password)) {
$sql .= ", password = ?";
$params[] = password_hash($password, PASSWORD_DEFAULT);
}
$sql .= " WHERE id = ?";
$params[] = $userId;
$stmt = $pdo->prepare($sql);
if ($stmt->execute($params)) {
header('Location: users.php?update=success');
exit;
} else {
$feedback = ['type' => 'danger', 'message' => 'Failed to update user.'];
}
}
}
}
// Fetch user data
$stmt = $pdo->prepare("SELECT id, email, role FROM users WHERE id = ?");
$stmt->execute([$userId]);
$user = $stmt->fetch();
if (!$user) {
header('Location: users.php');
exit;
}
include 'header.php';
?>
<div class="container py-5">
<div class="d-flex justify-content-between align-items-center mb-4">
<h1 class="text-primary">Edit User</h1>
<a href="users.php" class="btn btn-outline-secondary">Back to User List</a>
</div>
<?php if (!empty($feedback)):
?>
<div class="alert alert-<?php echo htmlspecialchars($feedback['type']); ?> alert-dismissible fade show" role="alert">
<?php echo htmlspecialchars($feedback['message']); ?>
<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
</div>
<?php endif; ?>
<div class="card shadow-sm">
<div class="card-header bg-light">
<h5 class="mb-0">Editing User: <?php echo htmlspecialchars($user['email']); ?></h5>
</div>
<div class="card-body">
<form action="edit_user.php?id=<?php echo $user['id']; ?>" method="POST">
<input type="hidden" name="action" value="update">
<input type="hidden" name="user_id" value="<?php echo $user['id']; ?>">
<div class="mb-3">
<label for="email" class="form-label">Email</label>
<input type="email" class="form-control" id="email" name="email" value="<?php echo htmlspecialchars($user['email']); ?>" required>
</div>
<div class="mb-3">
<label for="role" class="form-label">Role</label>
<select class="form-select" id="role" name="role">
<option value="user" <?php if ($user['role'] === 'user') echo 'selected'; ?>>User</option>
<option value="admin" <?php if ($user['role'] === 'admin') echo 'selected'; ?>>Admin</option>
</select>
</div>
<div class="mb-3">
<label for="password" class="form-label">New Password</label>
<input type="password" class="form-control" id="password" name="password" placeholder="Leave blank to keep current password">
</div>
<button type="submit" class="btn btn-primary">Update User</button>
</form>
</div>
</div>
</div>
<?php include 'footer.php'; ?>

12
footer.php Normal file
View File

@ -0,0 +1,12 @@
<footer class="footer mt-auto py-3 bg-light">
<div class="container text-center">
<span class="text-muted">© <?php echo date("Y"); ?> IEPR Integrated Data Reporting. All rights reserved.</span>
</div>
</footer>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
<script src="https://unpkg.com/feather-icons"></script>
<script>
feather.replace()
</script>
</body>
</html>

57
header.php Normal file
View File

@ -0,0 +1,57 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Integrated Environmental Management System</title>
<meta name="description" content="Built with Flatlogic Generator">
<meta name="keywords" content="IEPR, data reporting, environmental pollutants, emissions, Industrial Emissions Directive, IED, data model, XML submission, environmental data, EU regulations, Built with Flatlogic Generator">
<meta property="og:title" content="Integrated Environmental Management System">
<meta property="og:description" content="Built with Flatlogic Generator">
<meta property="og:image" content="">
<meta name="twitter:card" content="summary_large_image">
<meta name="twitter:image" content="">
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Montserrat:wght@700&family=Roboto:wght@400;500&display=swap" rel="stylesheet">
<link href="assets/css/custom.css?v=<?php echo time(); ?>" rel="stylesheet">
</head>
<body>
<nav class="navbar navbar-expand-lg navbar-light bg-white shadow-sm">
<div class="container">
<a class="navbar-brand" href="index.php" style="font-family: 'Montserrat', sans-serif; color: #005bac;">
<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-shield-check d-inline-block align-text-top me-2"><path d="M12 22s8-4 8-10V5l-8-3-8 3v7c0 6 8 10 8 10z"></path><polyline points="9 12 11 14 15 10"></polyline></svg>
IEPR
</a>
<button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav" aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
<div class="collapse navbar-collapse" id="navbarNav">
<ul class="navbar-nav ms-auto">
<li class="nav-item">
<a class="nav-link" href="index.php">Home</a>
</li>
<?php if (isset($_SESSION['user_email'])): ?>
<li class="nav-item">
<a class="nav-link" href="dashboard.php">Dashboard</a>
</li>
<?php if (isset($_SESSION['user_role']) && $_SESSION['user_role'] === 'admin'): ?>
<li class="nav-item">
<a class="nav-link" href="users.php">User Management</a>
</li>
<?php endif; ?>
<li class="nav-item">
<a class="nav-link" href="index.php?logout=1">Logout</a>
</li>
<?php else: ?>
<li class="nav-item">
<a class="nav-link" href="login.php">Login</a>
</li>
<?php endif; ?>
</ul>
</div>
</div>
</nav>

187
index.php
View File

@ -1,150 +1,45 @@
<?php <?php
declare(strict_types=1); require_once 'config.php';
@ini_set('display_errors', '1'); include 'header.php';
@error_reporting(E_ALL);
@date_default_timezone_set('UTC');
$phpVersion = PHP_VERSION; if (isset($_GET['logout'])) {
$now = date('Y-m-d H:i:s'); session_destroy();
header('Location: index.php');
exit;
}
?> ?>
<!doctype html>
<html lang="en"> <main class="container mt-5 flex-grow-1">
<head> <div class="p-5 mb-4 bg-white rounded-3 shadow-sm border">
<meta charset="utf-8" /> <div class="container-fluid py-5">
<meta name="viewport" content="width=device-width, initial-scale=1" /> <h1 class="display-5 fw-bold">IEPR Integrated Data Reporting</h1>
<title>New Style</title> <p class="col-md-8 fs-4">A comprehensive system for reporters, validators, and analysts to manage environmental data submissions under EU regulations.</p>
<?php <a href="login.php" class="btn btn-primary btn-lg">Login & Get Started</a>
// Read project preview data from environment </div>
$projectDescription = $_SERVER['PROJECT_DESCRIPTION'] ?? '';
$projectImageUrl = $_SERVER['PROJECT_IMAGE_URL'] ?? '';
?>
<?php if ($projectDescription): ?>
<!-- Meta description -->
<meta name="description" content='<?= htmlspecialchars($projectDescription) ?>' />
<!-- Open Graph meta tags -->
<meta property="og:description" content="<?= htmlspecialchars($projectDescription) ?>" />
<!-- Twitter meta tags -->
<meta property="twitter:description" content="<?= htmlspecialchars($projectDescription) ?>" />
<?php endif; ?>
<?php if ($projectImageUrl): ?>
<!-- Open Graph image -->
<meta property="og:image" content="<?= htmlspecialchars($projectImageUrl) ?>" />
<!-- Twitter image -->
<meta property="twitter:image" content="<?= htmlspecialchars($projectImageUrl) ?>" />
<?php endif; ?>
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap" rel="stylesheet">
<style>
:root {
--bg-color-start: #6a11cb;
--bg-color-end: #2575fc;
--text-color: #ffffff;
--card-bg-color: rgba(255, 255, 255, 0.01);
--card-border-color: rgba(255, 255, 255, 0.1);
}
body {
margin: 0;
font-family: 'Inter', sans-serif;
background: linear-gradient(45deg, var(--bg-color-start), var(--bg-color-end));
color: var(--text-color);
display: flex;
justify-content: center;
align-items: center;
min-height: 100vh;
text-align: center;
overflow: hidden;
position: relative;
}
body::before {
content: '';
position: absolute;
top: 0;
left: 0;
width: 100%;
height: 100%;
background-image: url('data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="100" height="100" viewBox="0 0 100 100"><path d="M-10 10L110 10M10 -10L10 110" stroke-width="1" stroke="rgba(255,255,255,0.05)"/></svg>');
animation: bg-pan 20s linear infinite;
z-index: -1;
}
@keyframes bg-pan {
0% { background-position: 0% 0%; }
100% { background-position: 100% 100%; }
}
main {
padding: 2rem;
}
.card {
background: var(--card-bg-color);
border: 1px solid var(--card-border-color);
border-radius: 16px;
padding: 2rem;
backdrop-filter: blur(20px);
-webkit-backdrop-filter: blur(20px);
box-shadow: 0 8px 32px 0 rgba(0, 0, 0, 0.1);
}
.loader {
margin: 1.25rem auto 1.25rem;
width: 48px;
height: 48px;
border: 3px solid rgba(255, 255, 255, 0.25);
border-top-color: #fff;
border-radius: 50%;
animation: spin 1s linear infinite;
}
@keyframes spin {
from { transform: rotate(0deg); }
to { transform: rotate(360deg); }
}
.hint {
opacity: 0.9;
}
.sr-only {
position: absolute;
width: 1px; height: 1px;
padding: 0; margin: -1px;
overflow: hidden;
clip: rect(0, 0, 0, 0);
white-space: nowrap; border: 0;
}
h1 {
font-size: 3rem;
font-weight: 700;
margin: 0 0 1rem;
letter-spacing: -1px;
}
p {
margin: 0.5rem 0;
font-size: 1.1rem;
}
code {
background: rgba(0,0,0,0.2);
padding: 2px 6px;
border-radius: 4px;
font-family: ui-monospace, SFMono-Regular, Menlo, Consolas, monospace;
}
footer {
position: absolute;
bottom: 1rem;
font-size: 0.8rem;
opacity: 0.7;
}
</style>
</head>
<body>
<main>
<div class="card">
<h1>Analyzing your requirements and generating your website…</h1>
<div class="loader" role="status" aria-live="polite" aria-label="Applying initial changes">
<span class="sr-only">Loading…</span>
</div>
<p class="hint"><?= ($_SERVER['HTTP_HOST'] ?? '') === 'appwizzy.com' ? 'AppWizzy' : 'Flatlogic' ?> AI is collecting your requirements and applying the first changes.</p>
<p class="hint">This page will update automatically as the plan is implemented.</p>
<p>Runtime: PHP <code><?= htmlspecialchars($phpVersion) ?></code> — UTC <code><?= htmlspecialchars($now) ?></code></p>
</div> </div>
</main>
<footer> <div class="p-5 mb-4 bg-light rounded-3 shadow-sm border">
Page updated: <?= htmlspecialchars($now) ?> (UTC) <div class="container-fluid py-3">
</footer> <h2 class="display-6 fw-bold">Transition to the Industrial Emissions Portal Regulation (IEPR)</h2>
</body> <p class="col-md-12 fs-5">The European Union has updated its regulations on environmental data reporting, replacing the former European Pollutant Release and Transfer Register (E-PRTR) with the new Industrial Emissions Portal Regulation (IEPR). This new regulation aims to enhance public access to environmental information and streamline the reporting process for industrial facilities.</p>
</html> <p class="col-md-12 fs-5">Our platform has been fully updated to align with the IEPR requirements. All data submission, validation, and analysis tools are now compliant with the new format, ensuring a seamless transition for all users.</p>
</div>
</div>
<div class="row align-items-md-stretch">
<div class="col-md-6 mb-4">
<div class="h-100 p-5 text-white rounded-3" style="background-color: #005bac;">
<h2>For Reporters</h2>
<p>Easily upload XML submission files, run pre-validation checks, and submit your final reports with confidence.</p>
</div>
</div>
<div class="col-md-6 mb-4">
<div class="h-100 p-5 bg-light border rounded-3">
<h2>For Analysts & Public</h2>
<p>Browse aggregated data, run trend analyses, and download public datasets. A public portal provides transparency.</p>
</div>
</div>
</div>
</main>
<?php include 'footer.php'; ?>

68
login.php Normal file
View File

@ -0,0 +1,68 @@
<?php
require_once 'config.php';
include 'header.php';
$error = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$email = $_POST['email'] ?? '';
$password = $_POST['password'] ?? '';
if (empty($email) || empty($password)) {
$error = 'Please fill in both fields.';
} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error = 'Please enter a valid email address.';
} else {
require_once 'db/config.php';
$pdo = db();
$stmt = $pdo->prepare("SELECT * FROM users WHERE email = :email");
$stmt->execute(['email' => $email]);
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password'])) {
$_SESSION['user_id'] = $user['id'];
$_SESSION['user_email'] = $user['email'];
$_SESSION['user_role'] = $user['role'];
header('Location: dashboard.php');
exit;
} else {
$error = 'Invalid credentials.';
}
}
}
?>
<div class="container flex-grow-1">
<div class="row justify-content-center">
<div class="col-md-6 col-lg-5">
<div class="card shadow-lg border-0 rounded-lg mt-5">
<div class="card-header text-center bg-primary text-white">
<h3 class="my-4">Login</h3>
</div>
<div class="card-body p-4">
<p class="text-center text-muted mb-4">Access your IEPR account</p>
<?php if ($error): ?>
<div class="alert alert-danger"><?php echo htmlspecialchars($error); ?></div>
<?php endif; ?>
<form action="login.php" method="POST">
<div class="form-floating mb-3">
<input class="form-control" id="inputEmail" type="email" name="email" placeholder="name@example.com" required value="<?php echo isset($_POST['email']) ? htmlspecialchars($_POST['email']) : ''; ?>">
<label for="inputEmail">Email address</label>
</div>
<div class="form-floating mb-3">
<input class="form-control" id="inputPassword" type="password" name="password" placeholder="Password" required>
<label for="inputPassword">Password</label>
</div>
<div class="d-grid mt-4">
<button class="btn btn-primary btn-lg" type="submit">Login</button>
</div>
</form>
</div>
<div class="card-footer text-center py-3">
<div class="small"><a href="index.php">Back to Home</a></div>
</div>
</div>
</div>
</div>
</div>
<?php include 'footer.php'; ?>

104
upload.php Normal file
View File

@ -0,0 +1,104 @@
<?php
require_once 'config.php';
require_once 'db/config.php';
include 'header.php';
// Protected page
if (!isset($_SESSION['user_email'])) {
header('Location: login.php');
exit;
}
$message = '';
$message_type = ''; // 'success' or 'danger'
// Handle file upload
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES['xmlfile'])) {
$file = $_FILES['xmlfile'];
// Check for upload errors
if ($file['error'] !== UPLOAD_ERR_OK) {
$message = 'An error occurred during file upload. Please try again.';
$message_type = 'danger';
} else {
// Check file extension
$file_extension = pathinfo($file['name'], PATHINFO_EXTENSION);
if (strtolower($file_extension) !== 'xml') {
$message = 'Invalid file type. Only .xml files are allowed.';
$message_type = 'danger';
} else {
// Ensure the uploads directory exists and is writable.
if (!is_dir(UPLOADS_PATH)) {
mkdir(UPLOADS_PATH, 0755, true);
}
// Create a unique filename to prevent overwrites and sanitize the original name.
$original_filename = basename($file['name']);
$safe_filename = preg_replace("/[^a-zA-Z0-9-_\.]/", "", $original_filename);
$unique_id = uniqid();
$new_filename = $unique_id . '_' . $safe_filename;
$destination = UPLOADS_PATH . '/' . $new_filename;
// Move the file to the permanent location.
if (move_uploaded_file($file['tmp_name'], $destination)) {
// Insert a record into the database
try {
$pdo = db();
$stmt = $pdo->prepare(
'INSERT INTO uploaded_files (original_filename, new_filename, uploaded_by, user_id) VALUES (?, ?, ?, ?)'
);
$stmt->execute([$original_filename, $new_filename, $_SESSION['user_email'], $_SESSION['user_id']]);
$message = '<strong>Success!</strong> Your file "' . htmlspecialchars($original_filename) . '" has been uploaded and is pending validation.';
$message_type = 'success';
} catch (PDOException $e) {
// If DB insert fails, it's critical to let the user know.
$message = 'File uploaded, but failed to record the submission. Please contact support.';
$message_type = 'danger';
// Optionally, log the detailed error: error_log($e->getMessage());
}
} else {
$message = 'An error occurred while saving the file. Please try again.';
$message_type = 'danger';
}
}
}
}
?>
<div class="container mt-5">
<div class="row justify-content-center">
<div class="col-md-8">
<div class="card">
<div class="card-header">
<h2>Submit a new Report</h2>
</div>
<div class="card-body">
<p class="card-text">Please select the IEPR XML report file you wish to submit. The file will be validated against the required schema before being processed.</p>
<?php if ($message): ?>
<div class="alert alert-<?php echo $message_type; ?>">
<?php echo $message; ?>
</div>
<?php endif; ?>
<form action="upload.php" method="post" enctype="multipart/form-data">
<div class="mb-3">
<label for="xmlfile" class="form-label">XML Report File</label>
<input class="form-control" type="file" id="xmlfile" name="xmlfile" accept=".xml" required>
</div>
<div class="d-grid">
<button type="submit" class="btn btn-primary btn-lg">
<i class="bi bi-upload me-2"></i>Upload and Validate
</button>
</div>
</form>
</div>
</div>
<div class="text-center mt-3">
<a href="dashboard.php"><i class="bi bi-arrow-left-circle"></i> Back to Dashboard</a>
</div>
</div>
</div>
</div>
<?php include 'footer.php'; ?>

159
users.php Normal file
View File

@ -0,0 +1,159 @@
<?php
require_once 'config.php';
require_once 'db/config.php';
// Admin-only access
if (!isset($_SESSION['user_role']) || $_SESSION['user_role'] !== 'admin') {
header('Location: dashboard.php');
exit;
}
$pdo = db();
$feedback = [];
if (isset($_GET['update']) && $_GET['update'] === 'success') {
$feedback = ['type' => 'success', 'message' => 'User updated successfully.'];
}
// Handle Create User
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'create') {
$email = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);
$password = $_POST['password'];
$role = $_POST['role'];
if (!$email || empty($password) || !in_array($role, ['user', 'admin'])) {
$feedback = ['type' => 'danger', 'message' => 'Invalid input. Please check all fields.'];
} else {
// Check if user already exists
$stmt = $pdo->prepare("SELECT id FROM users WHERE email = ?");
$stmt->execute([$email]);
if ($stmt->fetch()) {
$feedback = ['type' => 'danger', 'message' => 'User with this email already exists.'];
} else {
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
$stmt = $pdo->prepare("INSERT INTO users (email, password, role) VALUES (?, ?, ?)");
if ($stmt->execute([$email, $hashedPassword, $role])) {
$feedback = ['type' => 'success', 'message' => 'User created successfully.'];
} else {
$feedback = ['type' => 'danger', 'message' => 'Failed to create user.'];
}
}
}
}
// Handle Delete User
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'delete') {
$userId = filter_input(INPUT_POST, 'user_id', FILTER_VALIDATE_INT);
// Prevent admin from deleting themselves
if ($userId && $userId != $_SESSION['user_id']) {
$stmt = $pdo->prepare("DELETE FROM users WHERE id = ?");
if ($stmt->execute([$userId])) {
$feedback = ['type' => 'success', 'message' => 'User deleted successfully.'];
} else {
$feedback = ['type' => 'danger', 'message' => 'Failed to delete user.'];
}
} else {
$feedback = ['type' => 'danger', 'message' => 'Invalid request or you cannot delete your own account.'];
}
}
$stmt = $pdo->query("SELECT id, email, role, created_at FROM users ORDER BY created_at DESC");
$users = $stmt->fetchAll();
include 'header.php';
?>
<div class="container py-5">
<div class="d-flex justify-content-between align-items-center mb-4">
<h1 class="text-primary">User Management</h1>
<a href="dashboard.php" class="btn btn-outline-secondary">Back to Dashboard</a>
</div>
<?php if (!empty($feedback)): ?>
<div class="alert alert-<?php echo htmlspecialchars($feedback['type']); ?> alert-dismissible fade show" role="alert">
<?php echo htmlspecialchars($feedback['message']); ?>
<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
</div>
<?php endif; ?>
<!-- Create User Form -->
<div class="card shadow-sm mb-4">
<div class="card-header bg-light">
<h5 class="mb-0">Create New User</h5>
</div>
<div class="card-body">
<form action="users.php" method="POST">
<input type="hidden" name="action" value="create">
<div class="row">
<div class="col-md-4 mb-3">
<label for="email" class="form-label">Email</label>
<input type="email" class="form-control" id="email" name="email" required>
</div>
<div class="col-md-3 mb-3">
<label for="password" class="form-label">Password</label>
<input type="password" class="form-control" id="password" name="password" required>
</div>
<div class="col-md-3 mb-3">
<label for="role" class="form-label">Role</label>
<select class="form-select" id="role" name="role">
<option value="user" selected>User</option>
<option value="admin">Admin</option>
</select>
</div>
<div class="col-md-2 d-flex align-items-end">
<button type="submit" class="btn btn-primary w-100">Create User</button>
</div>
</div>
</form>
</div>
</div>
<div class="card shadow-sm">
<div class="card-header bg-light">
<h5 class="mb-0">All Users</h5>
</div>
<div class="card-body">
<div class="table-responsive">
<table class="table table-striped table-hover">
<thead class="table-light">
<tr>
<th>ID</th>
<th>Email</th>
<th>Role</th>
<th>Registered At</th>
<th class="text-end">Actions</th>
</tr>
</thead>
<tbody>
<?php if (empty($users)):
?>
<tr>
<td colspan="5" class="text-center text-muted">No users found.</td>
</tr>
<?php else: ?>
<?php foreach ($users as $user): ?>
<tr>
<td><?php echo htmlspecialchars($user['id']); ?></td>
<td><?php echo htmlspecialchars($user['email']); ?></td>
<td><span class="badge bg-secondary"><?php echo htmlspecialchars($user['role']); ?></span></td>
<td><?php echo htmlspecialchars(date('Y-m-d H:i', strtotime($user['created_at']))); ?></td>
<td class="text-end">
<a href="edit_user.php?id=<?php echo $user['id']; ?>" class="btn btn-sm btn-outline-primary">Edit</a>
<form action="users.php" method="POST" class="d-inline" onsubmit="return confirm('Are you sure you want to delete this user?');">
<input type="hidden" name="action" value="delete">
<input type="hidden" name="user_id" value="<?php echo $user['id']; ?>">
<button type="submit" class="btn btn-sm btn-outline-danger" <?php if($user['id'] == $_SESSION['user_id']) echo 'disabled'; ?>>Delete</button>
</form>
</td>
</tr>
<?php endforeach; ?>
<?php endif; ?>
</tbody>
</table>
</div>
</div>
</div>
</div>
<?php include 'footer.php'; ?>