admin/35512-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
35512-vm/edit-user.php
Flatlogic Bot 53eb27812c v1.1
2025-11-05 22:08:13 +00:00

161 lines
6.6 KiB
PHP
Raw Blame History

<?php
require_once 'auth-check.php';
if ($_SESSION['user_role'] !== 'Admin') {
header("Location: index.php?error=access_denied");
exit;
}
require_once 'db/config.php';
$error_message = '';
$user = null;
if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
header("Location: users.php");
exit;
}
$user_id = $_GET['id'];
try {
$pdo = db();
$stmt = $pdo->prepare("SELECT id, name, email, role FROM users WHERE id = ?");
$stmt->execute([$user_id]);
$user = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$user) {
header("Location: users.php?error=not_found");
exit;
}
} catch (PDOException $e) {
$error_message = 'Database error: ' . $e->getMessage();
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$name = $_POST['name'] ?? '';
$email = $_POST['email'] ?? '';
$role = $_POST['role'] ?? 'Employee';
$password = $_POST['password'] ?? '';
if (empty($name) || empty($email)) {
$error_message = 'Name and Email are required.';
} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error_message = 'Invalid email format.';
} else {
try {
$pdo = db();
// Check if email already exists for another user
$stmt = $pdo->prepare("SELECT id FROM users WHERE email = ? AND id != ?");
$stmt->execute([$email, $user_id]);
if ($stmt->fetch()) {
$error_message = 'Email already exists for another user.';
} else {
if (!empty($password)) {
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$sql = "UPDATE users SET name = ?, email = ?, role = ?, password = ? WHERE id = ?";
$stmt = $pdo->prepare($sql);
$stmt->execute([$name, $email, $role, $hashed_password, $user_id]);
} else {
$sql = "UPDATE users SET name = ?, email = ?, role = ? WHERE id = ?";
$stmt = $pdo->prepare($sql);
$stmt->execute([$name, $email, $role, $user_id]);
}
header("Location: users.php?success=user_updated");
exit;
}
} catch (PDOException $e) {
$error_message = 'Database error: ' . $e->getMessage();
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Edit User - IC-Inventory</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css?v=<?php echo time(); ?>">
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap" rel="stylesheet">
<script src="https://unpkg.com/feather-icons"></script>
</head>
<body>
<div class="wrapper">
<nav id="sidebar" class="d-flex flex-column flex-shrink-0 p-3">
<a href="/" class="d-flex align-items-center mb-3 mb-md-0 me-md-auto text-decoration-none">
<span class="fs-4">IC-Inventory</span>
</a>
<hr>
<ul class="nav nav-pills flex-column mb-auto">
<li class="nav-item"><a href="index.php" class="nav-link">Dashboard</a></li>
<li><a href="index.php" class="nav-link">Assets</a></li>
<?php if ($_SESSION['user_role'] === 'Admin'): ?>
<li><a href="users.php" class="nav-link active">Users</a></li>
<?php endif; ?>
<li><a href="#" class="nav-link">Settings</a></li>
</ul>
<hr>
<div>
<span class="d-flex align-items-center text-decoration-none"><strong><?php echo htmlspecialchars($_SESSION['user_name']); ?></strong></span>
<a href="logout.php" class="d-flex align-items-center text-decoration-none">
<i data-feather="log-out" class="me-2"></i>
<strong>Logout</strong>
</a>
</div>
</nav>
<main id="content">
<div class="header">
<h1>Edit User</h1>
<div class="theme-switcher" id="theme-switcher"><i data-feather="moon"></i></div>
</div>
<div class="surface p-4">
<?php if ($error_message): ?>
<div class="alert alert-danger"><?php echo htmlspecialchars($error_message); ?></div>
<?php endif; ?>
<?php if ($user): ?>
<form action="edit-user.php?id=<?php echo $user_id; ?>" method="post">
<div class="mb-3">
<label for="name" class="form-label">Name*</label>
<input type="text" class="form-control" id="name" name="name" value="<?php echo htmlspecialchars($user['name']); ?>" required>
</div>
<div class="mb-3">
<label for="email" class="form-label">Email*</label>
<input type="email" class="form-control" id="email" name="email" value="<?php echo htmlspecialchars($user['email']); ?>" required>
</div>
<div class="mb-3">
<label for="password" class="form-label">New Password</label>
<input type="password" class="form-control" id="password" name="password">
<div class="form-text">Leave blank to keep the current password.</div>
</div>
<div class="mb-3">
<label for="role" class="form-label">Role</label>
<select class="form-select" id="role" name="role">
<option <?php if ($user['role'] === 'Employee') echo 'selected'; ?>>Employee</option>
<option <?php if ($user['role'] === 'Asset Manager') echo 'selected'; ?>>Asset Manager</option>
<option <?php if ($user['role'] === 'IT Technician') echo 'selected'; ?>>IT Technician</option>
<option <?php if ($user['role'] === 'Admin') echo 'selected'; ?>>Admin</option>
</select>
</div>
<button type="submit" class="btn btn-primary">Update User</button>
<a href="users.php" class="btn btn-secondary">Cancel</a>
</form>
<?php endif; ?>
</div>
</main>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
<script src="assets/js/main.js?v=<?php echo time(); ?>"></script>
<script>feather.replace();</script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink