120 lines
4.6 KiB
PHP
120 lines
4.6 KiB
PHP
<?php
|
|
session_start();
|
|
require_once 'db/config.php';
|
|
require_once 'auth-check.php';
|
|
require_once 'auth-helpers.php';
|
|
|
|
if (!can($_SESSION['user_role_id'], 'user', 'create')) {
|
|
header('Location: index.php?error=access_denied');
|
|
exit;
|
|
}
|
|
|
|
$error_message = '';
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$name = $_POST['name'] ?? '';
|
|
$email = $_POST['email'] ?? '';
|
|
$password = $_POST['password'] ?? '';
|
|
$role = $_POST['role'] ?? 'Employee';
|
|
|
|
if (empty($name) || empty($email) || empty($password)) {
|
|
$error_message = 'Please fill in all required fields.';
|
|
} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
|
$error_message = 'Invalid email format.';
|
|
} else {
|
|
try {
|
|
$pdo = db();
|
|
|
|
// Check if email already exists
|
|
$stmt = $pdo->prepare('SELECT id FROM users WHERE email = ?');
|
|
$stmt->execute([$email]);
|
|
if ($stmt->fetch()) {
|
|
$error_message = 'A user with this email address already exists.';
|
|
} else {
|
|
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
|
|
$sql = "INSERT INTO users (name, email, password, role) VALUES (?, ?, ?, ?)";
|
|
$stmt = $pdo->prepare($sql);
|
|
$stmt->execute([$name, $email, $hashed_password, $role]);
|
|
|
|
header("Location: users.php?success=user_added");
|
|
exit;
|
|
}
|
|
} catch (PDOException $e) {
|
|
$error_message = 'Database error: ' . $e->getMessage();
|
|
}
|
|
}
|
|
}
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<title>Add New User - IC-Inventory</title>
|
|
<meta name="description" content="Add a new user.">
|
|
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
|
|
<link rel="stylesheet" href="assets/css/custom.css?v=<?php echo time(); ?>">
|
|
<link rel="preconnect" href="https://fonts.googleapis.com">
|
|
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
|
|
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap" rel="stylesheet">
|
|
<script src="https://unpkg.com/feather-icons"></script>
|
|
</head>
|
|
<body>
|
|
|
|
<div class="wrapper">
|
|
<?php require_once 'templates/sidebar.php'; ?>
|
|
|
|
<main id="content">
|
|
<div class="header">
|
|
<h1>Add New User</h1>
|
|
<div class="theme-switcher" id="theme-switcher">
|
|
<i data-feather="moon"></i>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="surface p-4">
|
|
<?php if ($error_message): ?>
|
|
<div class="alert alert-danger"><?php echo htmlspecialchars($error_message); ?></div>
|
|
<?php endif; ?>
|
|
|
|
<form action="add-user.php" method="post">
|
|
<div class="row">
|
|
<div class="col-md-6 mb-3">
|
|
<label for="name" class="form-label">Full Name*</label>
|
|
<input type="text" class="form-control" id="name" name="name" required>
|
|
</div>
|
|
<div class="col-md-6 mb-3">
|
|
<label for="email" class="form-label">Email Address*</label>
|
|
<input type="email" class="form-control" id="email" name="email" required>
|
|
</div>
|
|
</div>
|
|
<div class="row">
|
|
<div class="col-md-6 mb-3">
|
|
<label for="password" class="form-label">Password*</label>
|
|
<input type="password" class="form-control" id="password" name="password" required>
|
|
</div>
|
|
<div class="col-md-6 mb-3">
|
|
<label for="role" class="form-label">Role</label>
|
|
<select class="form-select" id="role" name="role">
|
|
<option>Employee</option>
|
|
<option>IT Technician</option>
|
|
<option>Asset Manager</option>
|
|
<option>Admin</option>
|
|
</select>
|
|
</div>
|
|
</div>
|
|
|
|
<button type="submit" class="btn btn-primary">Add User</button>
|
|
<a href="users.php" class="btn btn-secondary">Cancel</a>
|
|
</form>
|
|
</div>
|
|
</main>
|
|
</div>
|
|
|
|
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
|
|
<script src="assets/js/main.js?v=<?php echo time(); ?>"></script>
|
|
<script>
|
|
feather.replace();
|
|
</script>
|
|
</body>
|
|
</html>
|