admin/35861-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

tre

Browse Source
This commit is contained in:
Flatlogic Bot 2025-11-19 23:45:40 +00:00
parent 1b14267623
commit f05220da7c
31 changed files with 845 additions and 163 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
admin/applications.php
View File

@ -9,7 +9,7 @@ require_once '../includes/header.php';
$pdo = db();
// Fetch all applications with user and event info
$stmt = $pdo->query('SELECT a.id, a.status, a.created_at, u.name AS user_name, u.email AS user_email, e.name AS event_name
$stmt = $pdo->query('SELECT a.id, a.status, a.created_at, u.email AS user_name, u.email AS user_email, e.title AS event_name
FROM applications a
JOIN users u ON a.user_id = u.id
JOIN events e ON a.event_id = e.id
@ -18,7 +18,7 @@ $applications = $stmt->fetchAll();
?>
<main class="container my-5">
<div class="main-content">
<div class="d-flex justify-content-between align-items-center mb-4">
<h1>Manage Applications</h1>
</div>
@ -37,10 +37,10 @@ $applications = $stmt->fetchAll();
<table class="table table-striped table-hover">
<thead>
<tr>
<th>Event</th>
<th>Applicant</th>
<th>Submitted</th>
<th>Event</th>
<th>Status</th>
<th>Proof</th>
<th>Actions</th>
</tr>
</thead>
@ -48,34 +48,57 @@ $applications = $stmt->fetchAll();
<?php if (count($applications) > 0): ?>
<?php foreach ($applications as $app): ?>
<tr>
<td><?php echo htmlspecialchars($app['event_name']); ?></td>
<td>
<?php echo htmlspecialchars($app['user_name']); ?><br>
<small class="text-muted"><?php echo htmlspecialchars($app['user_email']); ?></small>
</td>
<td><?php echo date('M j, Y, g:i a', strtotime($app['created_at'])); ?></td>
<td><?php echo htmlspecialchars($app['event_name']); ?></td>
<td>
<span class="badge bg-<?php
switch ($app['status']) {
case 'approved': echo 'success'; break;
case 'rejected': echo 'danger'; break;
case 'pending_approval': echo 'warning'; break;
case 'awaiting_proof': echo 'info'; break;
default: echo 'secondary';
}
?>">
<?php echo htmlspecialchars(ucfirst($app['status'])); ?>
<?php echo htmlspecialchars(str_replace('_', ' ', ucfirst($app['status']))); ?>
</span>
</td>
<td>
<form action="application_actions.php" method="POST" class="d-inline-block">
<input type="hidden" name="application_id" value="<?php echo $app['id']; ?>">
<input type="hidden" name="action" value="approve">
<button type="submit" class="btn btn-sm btn-success" <?php echo $app['status'] === 'approved' ? 'disabled' : ''; ?>>Approve</button>
</form>
<form action="application_actions.php" method="POST" class="d-inline-block">
<input type="hidden" name="application_id" value="<?php echo $app['id']; ?>">
<input type="hidden" name="action" value="reject">
<button type="submit" class="btn btn-sm btn-danger" <?php echo $app['status'] === 'rejected' ? 'disabled' : ''; ?>>Reject</button>
</form>
<?php
// Fetch proofs for the application
$proofs_stmt = $pdo->prepare('SELECT file_path, created_at FROM application_proofs WHERE application_id = ? ORDER BY created_at DESC');
$proofs_stmt->execute([$app['id']]);
$proofs = $proofs_stmt->fetchAll();
if (count($proofs) > 0) {
echo '<ul class="list-unstyled mb-0">';
foreach ($proofs as $proof) {
echo '<li><a href="/' . htmlspecialchars($proof['file_path']) . '" target="_blank">View Proof</a> <small class="text-muted">(' . htmlspecialchars($proof['created_at']) . ')</small></li>';
}
echo '</ul>';
} else {
echo '-';
}
?>
</td>
<td>
<?php if ($app['status'] === 'pending_approval'): ?>
<form action="application_actions.php" method="POST" class="d-inline-block">
<input type="hidden" name="application_id" value="<?php echo $app['id']; ?>">
<input type="hidden" name="action" value="approve">
<button type="submit" class="btn btn-sm btn-success">Approve</button>
</form>
<form action="application_actions.php" method="POST" class="d-inline-block">
<input type="hidden" name="application_id" value="<?php echo $app['id']; ?>">
<input type="hidden" name="action" value="reject">
<button type="submit" class="btn btn-sm btn-danger">Reject</button>
</form>
<?php else: ?>
-
<?php endif; ?>
</td>
</tr>
<?php endforeach; ?>
@ -89,6 +112,6 @@ $applications = $stmt->fetchAll();
</div>
</div>
</div>
</main>
</div>
<?php require_once '../includes/footer.php'; ?>

33
admin/event_actions.php
View File

@ -22,6 +22,39 @@ switch ($action) {
}
break;
case 'edit':
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$event_id = $_POST['event_id'] ?? null;
$name = $_POST['name'] ?? '';
$description = $_POST['description'] ?? '';
$date = $_POST['date'] ?? '';
$location = $_POST['location'] ?? '';
$capacity = $_POST['capacity'] ?? 0;
if ($event_id) {
// Handle image upload
$image_url = $_POST['existing_image_url'] ?? null;
if (isset($_FILES['image']) && $_FILES['image']['error'] === UPLOAD_ERR_OK) {
$upload_dir = '../assets/images/events/';
if (!is_dir($upload_dir)) {
mkdir($upload_dir, 0775, true);
}
$image_name = uniqid() . '-' . basename($_FILES['image']['name']);
$target_path = $upload_dir . $image_name;
if (move_uploaded_file($_FILES['image']['tmp_name'], $target_path)) {
$image_url = 'assets/images/events/' . $image_name;
}
}
$stmt = $pdo->prepare('UPDATE events SET name = ?, description = ?, date = ?, location = ?, capacity = ?, image_url = ? WHERE id = ?');
$stmt->execute([$name, $description, $date, $location, $capacity, $image_url, $event_id]);
}
header('Location: events.php');
exit;
}
break;
case 'toggle_open':
$id = $_GET['id'] ?? null;
if ($id) {

78
admin/event_edit.php Normal file
View File

@ -0,0 +1,78 @@
<?php
require_once '../includes/session.php';
require_login();
require_admin();
require_once '../db/config.php';
$event_id = $_GET['id'] ?? null;
if (!$event_id) {
header('Location: events.php');
exit();
}
$pdo = db();
$stmt = $pdo->prepare('SELECT * FROM events WHERE id = ?');
$stmt->execute([$event_id]);
$event = $stmt->fetch();
if (!$event) {
header('Location: events.php');
exit();
}
require_once '../includes/header.php';
?>
<main class="container my-5">
<div class="d-flex justify-content-between align-items-center mb-4">
<h1>Edit Event</h1>
<a href="events.php" class="btn btn-secondary">Back to Events</a>
</div>
<div class="card">
<div class="card-body">
<form action="event_actions.php" method="POST" enctype="multipart/form-data">
<input type="hidden" name="action" value="edit">
<input type="hidden" name="event_id" value="<?php echo $event['id']; ?>">
<div class="mb-3">
<label for="name" class="form-label">Event Name</label>
<input type="text" class="form-control" id="name" name="name" value="<?php echo htmlspecialchars($event['name']); ?>" required>
</div>
<div class="mb-3">
<label for="description" class="form-label">Description</label>
<textarea class="form-control" id="description" name="description" rows="5" required><?php echo htmlspecialchars($event['description']); ?></textarea>
</div>
<div class="mb-3">
<label for="date" class="form-label">Date</label>
<input type="datetime-local" class="form-control" id="date" name="date" value="<?php echo date('Y-m-d\TH:i', strtotime($event['date'])); ?>" required>
</div>
<div class="mb-3">
<label for="location" class="form-label">Location</label>
<input type="text" class="form-control" id="location" name="location" value="<?php echo htmlspecialchars($event['location']); ?>" required>
</div>
<div class="mb-3">
<label for="capacity" class="form-label">Capacity</label>
<input type="number" class="form-control" id="capacity" name="capacity" value="<?php echo htmlspecialchars($event['capacity']); ?>" min="1">
</div>
<div class="mb-3">
<label for="image" class="form-label">Event Image</label>
<input type="file" class="form-control" id="image" name="image">
<?php if ($event['image_url']): ?>
<img src="../<?php echo htmlspecialchars($event['image_url']); ?>" alt="Event Image" class="img-fluid mt-3" style="max-height: 200px;">
<?php endif; ?>
</div>
<button type="submit" class="btn btn-primary">Save Changes</button>
</form>
</div>
</div>
</main>
<?php require_once '../includes/footer.php'; ?>

122
admin/events.php
View File

@ -11,66 +11,72 @@ $events = $stmt->fetchAll();
require_once '../includes/header.php';
?>
<main class="dashboard-container">
<div class="container">
<h1 class="my-5">Manage Events</h1>
<div class="main-content">
<h1 class="my-5">Manage Events</h1>
<div class="card mb-5">
<div class="card-body">
<h5 class="card-title">Create New Event</h5>
<form action="event_actions.php?action=create" method="POST">
<div class="mb-3">
<label for="title" class="form-label">Event Title</label>
<input type="text" class="form-control" id="title" name="title" required>
</div>
<div class="mb-3">
<label for="description" class="form-label">Description</label>
<textarea class="form-control" id="description" name="description" rows="3"></textarea>
</div>
<div class="mb-3">
<label for="event_date" class="form-label">Event Date</label>
<input type="datetime-local" class="form-control" id="event_date" name="event_date" required>
</div>
<div class="mb-3">
<label for="location" class="form-label">Location</label>
<input type="text" class="form-control" id="location" name="location">
</div>
<button type="submit" class="btn btn-primary">Create Event</button>
</form>
</div>
</div>
<h2 class="my-4">Existing Events</h2>
<div class="table-responsive">
<table class="table table-striped">
<thead>
<tr>
<th>Title</th>
<th>Date</th>
<th>Location</th>
<th>Open for Applications</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php foreach ($events as $event): ?>
<tr>
<td><?php echo htmlspecialchars($event['title']); ?></td>
<td><?php echo htmlspecialchars(date('M d, Y H:i', strtotime($event['event_date']))); ?></td>
<td><?php echo htmlspecialchars($event['location']); ?></td>
<td><?php echo $event['is_open'] ? 'Yes' : 'No'; ?></td>
<td>
<a href="event_actions.php?action=toggle_open&id=<?php echo $event['id']; ?>" class="btn btn-sm btn-secondary">
<?php echo $event['is_open'] ? 'Close' : 'Open'; ?>
</a>
<!-- Edit and Delete buttons will be added later -->
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<div class="card mb-5">
<div class="card-body">
<h5 class="card-title">Create New Event</h5>
<form action="event_actions.php?action=create" method="POST">
<div class="mb-3">
<label for="title" class="form-label">Event Title</label>
<input type="text" class="form-control" id="title" name="title" required>
</div>
<div class="mb-3">
<label for="description" class="form-label">Description</label>
<textarea class="form-control" id="description" name="description" rows="3"></textarea>
</div>
<div class="mb-3">
<label for="event_date" class="form-label">Event Date</label>
<input type="datetime-local" class="form-control" id="event_date" name="event_date" required>
</div>
<div class="mb-3">
<label for="location" class="form-label">Location</label>
<input type="text" class="form-control" id="location" name="location">
</div>
<button type="submit" class="btn btn-primary">Create Event</button>
</form>
</div>
</div>
</main>
<h2 class="my-4">Existing Events</h2>
<div class="table-responsive">
<table class="table table-striped">
<thead>
<tr>
<th>Title</th>
<th>Image</th>
<th>Date</th>
<th>Location</th>
<th>Capacity</th>
<th>Open for Applications</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php foreach ($events as $event): ?>
<tr>
<td><?php echo htmlspecialchars($event['title']); ?></td>
<td>
<?php if ($event['image_url']): ?>
<img src="../<?php echo htmlspecialchars($event['image_url']); ?>" alt="Event Image" style="max-height: 50px;">
<?php endif; ?>
</td>
<td><?php echo htmlspecialchars(date('M d, Y H:i', strtotime($event['event_date']))); ?></td>
<td><?php echo htmlspecialchars($event['location']); ?></td>
<td><?php echo htmlspecialchars($event['capacity']); ?></td>
<td><?php echo $event['is_open'] ? 'Yes' : 'No'; ?></td>
<td>
<a href="event_edit.php?id=<?php echo $event['id']; ?>" class="btn btn-sm btn-primary">Edit</a>
<a href="event_actions.php?action=toggle_open&id=<?php echo $event['id']; ?>" class="btn btn-sm btn-secondary">
<?php echo $event['is_open'] ? 'Close' : 'Open'; ?>
</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
</div>
<?php require_once '../includes/footer.php'; ?>

66
admin/index.php
View File

@ -1,45 +1,55 @@
<?php
require_once '../includes/session.php';
require_admin();
require_once '../db/config.php';
// Fetch counts for the dashboard
try {
$total_users = db()->query('SELECT COUNT(*) FROM users')->fetchColumn();
$total_events = db()->query('SELECT COUNT(*) FROM events')->fetchColumn();
$total_applications = db()->query('SELECT COUNT(*) FROM applications')->fetchColumn();
} catch (PDOException $e) {
// Handle database errors gracefully
error_log('Dashboard Error: ' . $e->getMessage());
$total_users = $total_events = $total_applications = 'N/A';
}
require_once '../includes/header.php';
?>
<main class="dashboard-container">
<div class="container">
<h1 class="my-5">Admin Dashboard</h1>
<p>Welcome, admin! From here you can manage events, applications, and users.</p>
<div class="row">
<div class="col-md-4">
<div class="card">
<div class="card-body">
<h5 class="card-title">Manage Events</h5>
<p class="card-text">Create, edit, and view all promotional events.</p>
<a href="events.php" class="btn btn-primary">Go to Events</a>
</div>
<div class="main-content">
<h1 class="my-5">Admin Dashboard</h1>
<p>Welcome, admin! From here you can manage events, applications, and users.</p>
<div class="row">
<div class="col-md-4">
<div class="summary-card">
<div class="card-body">
<div class="card-icon"><i class="fas fa-users"></i></div>
<h5 class="card-title">Total Users</h5>
<p class="card-text"><?php echo $total_users; ?></p>
</div>
</div>
<div class="col-md-4">
<div class="card">
<div class="card-body">
<h5 class="card-title">Manage Applications</h5>
<p class="card-text">Review and approve/reject applications from promoters.</p>
<a href="applications.php" class="btn btn-primary">Go to Applications</a>
</div>
</div>
<div class="col-md-4">
<div class="summary-card">
<div class="card-body">
<div class="card-icon"><i class="fas fa-calendar-alt"></i></div>
<h5 class="card-title">Total Events</h5>
<p class="card-text"><?php echo $total_events; ?></p>
</div>
</div>
<div class="col-md-4">
<div class="card">
<div class="card-body">
<h5 class="card-title">Manage Users</h5>
<p class="card-text">View and manage all registered users.</p>
<a href="#" class="btn btn-primary">Go to Users</a>
</div>
</div>
<div class="col-md-4">
<div class="summary-card">
<div class="card-body">
<div class="card-icon"><i class="fas fa-file-alt"></i></div>
<h5 class="card-title">Total Applications</h5>
<p class="card-text"><?php echo $total_applications; ?></p>
</div>
</div>
</div>
</div>
</main>
</div>
<?php require_once '../includes/footer.php'; ?>

67
admin/user_actions.php Normal file
View File

@ -0,0 +1,67 @@
<?php
require_once '../includes/session.php';
require_login();
require_admin();
require_once '../db/config.php';
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
header('Location: index.php');
exit();
}
$action = $_POST['action'] ?? '' ;
$user_id = $_POST['user_id'] ?? null;
if (!$user_id) {
header('Location: users.php');
exit();
}
$pdo = db();
try {
switch ($action) {
case 'update':
$name = $_POST['name'] ?? '';
$email = $_POST['email'] ?? '';
$role = $_POST['role'] ?? 'user';
// Basic validation
if (empty($name) || empty($email) || !in_array($role, ['user', 'admin'])) {
$_SESSION['flash_message'] = ['type' => 'danger', 'message' => 'Invalid input.'];
header('Location: user_edit.php?id=' . $user_id);
exit();
}
$stmt = $pdo->prepare('UPDATE users SET name = ?, email = ?, role = ? WHERE id = ?');
$stmt->execute([$name, $email, $role, $user_id]);
$_SESSION['flash_message'] = ['type' => 'success', 'message' => 'User updated successfully.'];
break;
case 'delete':
// Prevent admin from deleting themselves
if ($user_id == $_SESSION['user']['id']) {
$_SESSION['flash_message'] = ['type' => 'danger', 'message' => 'You cannot delete your own account.'];
header('Location: users.php');
exit();
}
$stmt = $pdo->prepare('DELETE FROM users WHERE id = ?');
$stmt->execute([$user_id]);
$_SESSION['flash_message'] = ['type' => 'success', 'message' => 'User deleted successfully.'];
break;
default:
$_SESSION['flash_message'] = ['type' => 'warning', 'message' => 'Invalid action.'];
break;
}
} catch (PDOException $e) {
// error_log($e->getMessage());
$_SESSION['flash_message'] = ['type' => 'danger', 'message' => 'A database error occurred.'];
}
header('Location: users.php');
exit();

61
admin/user_edit.php Normal file
View File

@ -0,0 +1,61 @@
<?php
require_once '../includes/session.php';
require_login();
require_admin();
require_once '../db/config.php';
require_once '../includes/header.php';
$user_id = $_GET['id'] ?? null;
if (!$user_id) {
header('Location: users.php');
exit();
}
$pdo = db();
$stmt = $pdo->prepare('SELECT id, name, email, role FROM users WHERE id = ?');
$stmt->execute([$user_id]);
$user = $stmt->fetch();
if (!$user) {
header('Location: users.php');
exit();
}
?>
<main class="container my-5">
<h1>Edit User: <?php echo htmlspecialchars($user['name']); ?></h1>
<div class="card">
<div class="card-body">
<form action="user_actions.php" method="POST">
<input type="hidden" name="action" value="update">
<input type="hidden" name="user_id" value="<?php echo $user['id']; ?>">
<div class="mb-3">
<label for="name" class="form-label">Name</label>
<input type="text" class="form-control" id="name" name="name" value="<?php echo htmlspecialchars($user['name']); ?>" required>
</div>
<div class="mb-3">
<label for="email" class="form-label">Email</label>
<input type="email" class="form-control" id="email" name="email" value="<?php echo htmlspecialchars($user['email']); ?>" required>
</div>
<div class="mb-3">
<label for="role" class="form-label">Role</label>
<select class="form-select" id="role" name="role">
<option value="user" <?php echo ($user['role'] === 'user') ? 'selected' : ''; ?>>User</option>
<option value="admin" <?php echo ($user['role'] === 'admin') ? 'selected' : ''; ?>>Admin</option>
</select>
</div>
<button type="submit" class="btn btn-primary">Save Changes</button>
<a href="users.php" class="btn btn-secondary">Cancel</a>
</form>
</div>
</div>
</main>
<?php require_once '../includes/footer.php'; ?>

73
admin/users.php Normal file
View File

@ -0,0 +1,73 @@
<?php
require_once '../includes/session.php';
require_login();
require_admin();
require_once '../db/config.php';
require_once '../includes/header.php';
$pdo = db();
// Fetch all users
$stmt = $pdo->query('SELECT id, email, role, created_at FROM users ORDER BY created_at DESC');
$users = $stmt->fetchAll();
?>
<div class="main-content">
<div class="d-flex justify-content-between align-items-center mb-4">
<h1>Manage Users</h1>
</div>
<?php if (isset($_SESSION['flash_message'])): ?>
<div class="alert alert-<?php echo $_SESSION['flash_message']['type']; ?> alert-dismissible fade show" role="alert">
<?php echo $_SESSION['flash_message']['message']; ?>
<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
</div>
<?php unset($_SESSION['flash_message']); ?>
<?php endif; ?>
<div class="card">
<div class="card-body">
<div class="table-responsive">
<table class="table table-striped table-hover">
<thead>
<tr>
<th>Name</th>
<th>Email</th>
<th>Role</th>
<th>Joined</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php if (count($users) > 0): ?>
<?php foreach ($users as $user): ?>
<tr>
<td><?php echo htmlspecialchars($user['email']); ?></td>
<td><?php echo htmlspecialchars($user['email']); ?></td>
<td><?php echo htmlspecialchars(ucfirst($user['role'])); ?></td>
<td><?php echo date('M j, Y', strtotime($user['created_at'])); ?></td>
<td>
<a href="user_edit.php?id=<?php echo $user['id']; ?>" class="btn btn-sm btn-primary">Edit</a>
<form action="user_actions.php" method="POST" class="d-inline-block" onsubmit="return confirm('Are you sure you want to delete this user?');">
<input type="hidden" name="user_id" value="<?php echo $user['id']; ?>">
<input type="hidden" name="action" value="delete">
<button type="submit" class="btn btn-sm btn-danger">Delete</button>
</form>
</td>
</tr>
<?php endforeach; ?>
<?php else: ?>
<tr>
<td colspan="5" class="text-center">No users found.</td>
</tr>
<?php endif; ?>
</tbody>
</table>
</div>
</div>
</div>
</div>
<?php require_once '../includes/footer.php'; ?>

8
apply.php
View File

@ -2,7 +2,7 @@
require_once 'includes/session.php';
// 1. Check if user is logged in
if (!isset($_SESSION['user_id'])) {
if (!isset($_SESSION['user']['id'])) {
header('Location: login.php');
exit();
}
@ -16,7 +16,7 @@ if ($_SERVER['REQUEST_METHOD'] !== 'POST' || !isset($_POST['event_id'])) {
require_once 'db/config.php';
$event_id = $_POST['event_id'];
$user_id = $_SESSION['user_id'];
$user_id = $_SESSION['user']['id'];
try {
$pdo = db();
@ -34,12 +34,12 @@ try {
}
// 4. Insert new application
$stmt = $pdo->prepare("INSERT INTO applications (event_id, user_id, status) VALUES (?, ?, 'pending')");
$stmt = $pdo->prepare("INSERT INTO applications (event_id, user_id, status) VALUES (?, ?, 'awaiting_proof')");
$stmt->execute([$event_id, $user_id]);
$_SESSION['flash_message'] = [
'type' => 'success',
'message' => 'Your application has been submitted successfully!'
'message' => 'You have successfully applied! Please upload your proof in the dashboard.'
];
} catch (PDOException $e) {

187
assets/css/custom.css
View File

@ -1,4 +1,3 @@
/* --- Fonts --- */
@import url('https://fonts.googleapis.com/css2?family=Poppins:wght@700&family=Roboto:wght@400;500&display=swap');
@ -128,3 +127,189 @@ h1, h2, h3, h4, h5, h6 {
border-top: 1px solid #282828;
margin-top: 50px;
}
/* --- Admin Dashboard --- */
.admin-container {
display: flex;
min-height: 100vh;
}
.sidebar {
width: 250px;
background-color: #1E1E1E;
color: #FFFFFF;
padding: 20px;
display: flex;
flex-direction: column;
}
.sidebar .brand {
font-family: 'Poppins', sans-serif;
font-weight: 700;
font-size: 1.5rem;
color: #FFFFFF;
text-align: center;
margin-bottom: 30px;
text-decoration: none;
}
.sidebar .nav-link {
color: #A0A0A0;
text-decoration: none;
padding: 15px 20px;
margin-bottom: 10px;
border-radius: 8px;
transition: all 0.3s ease;
}
.sidebar .nav-link i {
margin-right: 15px;
}
.sidebar .nav-link:hover,
.sidebar .nav-link.active {
background-color: #9E00FF;
color: #FFFFFF;
}
.content-wrapper {
flex-grow: 1;
padding: 30px;
background-color: #121212;
color: #FFFFFF;
}
.main-content {
background-color: #1E1E1E;
padding: 30px;
border-radius: 12px;
color: #FFFFFF;
}
.summary-card {
background-color: #1E1E1E;
border-radius: 12px;
padding: 25px;
margin-bottom: 30px;
display: flex;
align-items: center;
border: 1px solid #282828;
}
.summary-card .card-icon {
font-size: 2.5rem;
color: #9E00FF;
margin-right: 20px;
}
.summary-card .card-title {
font-size: 1rem;
color: #A0A0A0;
margin-bottom: 5px;
}
.summary-card .card-text {
font-size: 2rem;
font-weight: 700;
color: #FFFFFF;
}
.admin-footer {
background-color: #FFFFFF;
color: #121212;
border-top: 1px solid #E0E0E0;
}
/* --- Auth Cards --- */
.auth-card {
background-color: #1E1E1E;
border: 1px solid #282828;
border-radius: 12px;
padding: 40px;
box-shadow: 0 10px 30px rgba(0, 0, 0, 0.5);
}
.auth-card .card-title {
color: #FFFFFF;
font-size: 2rem;
margin-bottom: 20px;
}
.form-label {
color: #A0A0A0;
}
.form-control {
background-color: #282828;
border-color: #383838;
color: #FFFFFF;
}
.form-control:focus {
background-color: #282828;
border-color: #9E00FF;
color: #FFFFFF;
box-shadow: 0 0 0 0.25rem rgba(158, 0, 255, 0.25);
}
/* --- Responsive Design --- */
.sidebar-toggler {
position: fixed;
top: 15px;
left: 15px;
z-index: 1000;
background-color: rgba(30, 30, 30, 0.8);
border: 1px solid #383838;
color: #FFFFFF;
width: 50px;
height: 50px;
border-radius: 8px;
font-size: 1.5rem;
}
@media (max-width: 991.98px) {
.sidebar {
position: fixed;
left: -250px;
top: 0;
height: 100%;
z-index: 999;
transition: left 0.3s ease-in-out;
}
.admin-container.sidebar-show .sidebar {
left: 0;
}
.content-wrapper {
padding-left: 15px;
padding-right: 15px;
}
.hero h1 {
font-size: 2.5rem;
}
.hero p {
font-size: 1rem;
}
.summary-card {
flex-direction: column;
text-align: center;
}
.summary-card .card-icon {
margin-right: 0;
margin-bottom: 15px;
}
}
/* --- Responsive Tables --- */
.table-responsive {
display: block;
width: 100%;
overflow-x: auto;
-webkit-overflow-scrolling: touch;
}

11
assets/js/main.js
View File

@ -1 +1,10 @@
// PromoPass main javascript file
document.addEventListener('DOMContentLoaded', function() {
const sidebarToggler = document.getElementById('sidebarToggler');
const adminContainer = document.querySelector('.admin-container');
if (sidebarToggler && adminContainer) {
sidebarToggler.addEventListener('click', function() {
adminContainer.classList.toggle('sidebar-show');
});
}
});

BIN
assets/pasted-20251119-231546-cc8f8cb5.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 94 KiB

41
dashboard.php
View File

@ -10,10 +10,10 @@ if (is_admin()) {
require_once 'includes/header.php';
?>
<div class="main-content">
<main class="container my-5">
<h1 class="mb-4">User Dashboard</h1>
<p>Welcome back, <?php echo htmlspecialchars($_SESSION['user']['name']); ?>. Here you can view your applications and manage your profile.</p>
<p>Welcome back, <?php echo htmlspecialchars($_SESSION['user']['email']); ?>. Here you can view your applications and manage your profile.</p>
<hr class="my-5">
@ -23,7 +23,7 @@ require_once 'includes/header.php';
require_once 'db/config.php';
$pdo = db();
$stmt = $pdo->prepare(
'SELECT a.id, a.status, a.created_at, e.name AS event_name, e.event_date
'SELECT a.id, a.status, a.created_at, e.title AS event_name, e.event_date
FROM applications a
JOIN events e ON a.event_id = e.id
WHERE a.user_id = ?
@ -39,28 +39,56 @@ require_once 'includes/header.php';
<thead class="thead-dark">
<tr>
<th>Event</th>
<th>Event Date</th>
<th>Applied On</th>
<th>Status</th>
<th>Action / Proof</th>
</tr>
</thead>
<tbody>
<?php foreach ($applications as $app): ?>
<tr>
<td><?php echo htmlspecialchars($app['event_name']); ?></td>
<td><?php echo date('M j, Y', strtotime($app['event_date'])); ?></td>
<td><?php echo date('M j, Y, g:i a', strtotime($app['created_at'])); ?></td>
<td>
<span class="badge bg-<?php
switch ($app['status']) {
case 'approved': echo 'success'; break;
case 'rejected': echo 'danger'; break;
case 'pending_approval': echo 'warning'; break;
default: echo 'secondary';
}
?>">
<?php echo htmlspecialchars(ucfirst($app['status'])); ?>
<?php echo htmlspecialchars(str_replace('_', ' ', ucfirst($app['status']))); ?>
</span>
</td>
<td>
<?php
// Fetch proofs for the application
$proofs_stmt = $pdo->prepare('SELECT file_path FROM application_proofs WHERE application_id = ? ORDER BY uploaded_at DESC');
$proofs_stmt->execute([$app['id']]);
$proofs = $proofs_stmt->fetchAll();
if (count($proofs) > 0) {
echo '<ul class="list-unstyled mb-0">';
foreach ($proofs as $proof) {
echo '<li><a href="' . htmlspecialchars($proof['file_path']) . '" target="_blank">View Proof</a></li>';
}
echo '</ul>';
}
if ($app['status'] == 'awaiting_proof' || $app['status'] == 'pending_approval') { ?>
<form action="upload_proof.php" method="post" enctype="multipart/form-data" class="mt-2">
<input type="hidden" name="application_id" value="<?php echo $app['id']; ?>">
<div class="input-group">
<input type="file" name="proof_screenshot" class="form-control form-control-sm" required>
<button type="submit" class="btn btn-primary btn-sm">Upload</button>
</div>
</form>
<?php } elseif (count($proofs) == 0) {
echo '-';
}
?>
</td>
</tr>
<?php endforeach; ?>
</tbody>
@ -73,5 +101,6 @@ require_once 'includes/header.php';
<?php endif; ?>
</main>
</div>
<?php require_once 'includes/footer.php'; ?>

3
db/migrations/004_add_capacity_and_image_to_events.sql Normal file
View File

@ -0,0 +1,3 @@
ALTER TABLE events
ADD COLUMN capacity INT(11) DEFAULT 0,
ADD COLUMN image_url VARCHAR(255) DEFAULT NULL;

3
db/migrations/005_add_proof_to_applications.sql Normal file
View File

@ -0,0 +1,3 @@
ALTER TABLE `applications`
ADD COLUMN `proof_screenshot_path` VARCHAR(255) NULL,
ADD COLUMN `proof_status` VARCHAR(50) NOT NULL DEFAULT 'pending_upload';

3
db/migrations/006_update_applications_status_enum.sql Normal file
View File

@ -0,0 +1,3 @@
ALTER TABLE `applications`
CHANGE `status` `status` ENUM('awaiting_proof', 'pending_approval', 'approved', 'rejected') NOT NULL DEFAULT 'awaiting_proof',
DROP COLUMN `proof_status`;

8
db/migrations/010_fix_and_update_status_enum.sql Normal file
View File

@ -0,0 +1,8 @@
-- Step 1: Add 'awaiting_proof' to the ENUM to allow the update
ALTER TABLE `applications` MODIFY `status` ENUM('pending', 'awaiting_proof', 'pending_approval', 'approved', 'rejected') NOT NULL;
-- Step 2: Update existing 'pending' values
UPDATE `applications` SET `status` = 'awaiting_proof' WHERE `status` = 'pending';
-- Step 3: Remove 'pending' from the ENUM
ALTER TABLE `applications` MODIFY `status` ENUM('awaiting_proof', 'pending_approval', 'approved', 'rejected') NOT NULL DEFAULT 'awaiting_proof';

9
db/migrations/011_create_application_proofs_table.sql Normal file
View File

@ -0,0 +1,9 @@
CREATE TABLE IF NOT EXISTS `application_proofs` (
`id` INT AUTO_INCREMENT PRIMARY KEY,
`application_id` INT NOT NULL,
`file_path` VARCHAR(255) NOT NULL,
`uploaded_at` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (`application_id`) REFERENCES `applications`(`id`) ON DELETE CASCADE
);
ALTER TABLE `applications` DROP COLUMN `proof_screenshot_path`;

1
db/migrations/012_add_timestamp_to_proofs.sql Normal file
View File

@ -0,0 +1 @@
ALTER TABLE `application_proofs` ADD `created_at` TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP;

7
includes/footer.php
View File

@ -1,6 +1,9 @@
</div> <!-- .content-wrapper -->
</div> <!-- .admin-container -->
<!-- Footer -->
<footer class="footer">
<div class="container">
<div class="container-fluid">
<p class="mb-0">&copy; <?php echo date("Y"); ?> PromoPass. All Rights Reserved. Built with Flatlogic.</p>
</div>
</footer>
@ -8,6 +11,6 @@
<!-- Bootstrap 5 JS Bundle -->
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
<!-- Custom JS -->
<script src="assets/js/main.js?v=<?php echo time(); ?>"></script>
<script src="/assets/js/main.js?v=<?php echo time(); ?>"></script>
</body>
</html>

64
includes/header.php
View File

@ -1,4 +1,4 @@
<?php require_once 'session.php'; ?>
"""<?php require_once 'session.php'; ?>
<!DOCTYPE html>
<html lang="en">
<head>
@ -20,42 +20,36 @@
<!-- Bootstrap 5 CSS -->
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
<!-- Font Awesome for icons -->
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css">
<!-- Custom CSS -->
<link rel="stylesheet" href="/assets/css/custom.css?v=<?php echo time(); ?>">
</head>
<body>
<!-- Navigation Bar -->
<nav class="navbar navbar-expand-lg navbar-dark fixed-top">
<div class="container">
<a class="navbar-brand" href="index.php">PromoPass</a>
<button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav" aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
<div class="collapse navbar-collapse" id="navbarNav">
<ul class="navbar-nav ms-auto">
<li class="nav-item">
<a class="nav-link" href="index.php">Home</a>
</li>
<li class="nav-item">
<a class="nav-link" href="index.php#events">Events</a>
</li>
<?php if (is_logged_in()): ?>
<li class="nav-item">
<a class="nav-link" href="<?php echo is_admin() ? 'admin/index.php' : 'dashboard.php'; ?>">Dashboard</a>
</li>
<li class="nav-item">
<a class="nav-link" href="logout.php">Logout</a>
</li>
<?php else: ?>
<li class="nav-item">
<a class="nav-link" href="login.php">Login</a>
</li>
<li class="nav-item">
<a class="nav-link btn btn-primary btn-sm" href="signup.php" style="padding: 8px 16px; color: white;">Sign Up</a>
</li>
<?php endif; ?>
</ul>
</div>
</div>
</nav>
<div class="admin-container">
<div class="sidebar">
<a href="/index.php" class="brand">PromoPass</a>
<?php if (is_admin()): ?>
<a href="/admin/" class="nav-link <?php echo basename($_SERVER['PHP_SELF']) == 'index.php' && strpos($_SERVER['REQUEST_URI'], '/admin/') !== false ? 'active' : ''; ?>"><i class="fas fa-tachometer-alt"></i> Dashboard</a>
<a href="/admin/events.php" class="nav-link <?php echo basename($_SERVER['PHP_SELF']) == 'events.php' ? 'active' : ''; ?>"><i class="fas fa-calendar-alt"></i> Events</a>
<a href="/admin/applications.php" class="nav-link <?php echo basename($_SERVER['PHP_SELF']) == 'applications.php' ? 'active' : ''; ?>"><i class="fas fa-file-alt"></i> Applications</a>
<a href="/admin/users.php" class="nav-link <?php echo basename($_SERVER['PHP_SELF']) == 'users.php' ? 'active' : ''; ?>"><i class="fas fa-users"></i> Users</a>
<a href="/logout.php" class="nav-link"><i class="fas fa-sign-out-alt"></i> Logout</a>
<?php elseif (is_logged_in()): ?>
<a href="/index.php" class="nav-link <?php echo basename($_SERVER['PHP_SELF']) == 'index.php' ? 'active' : ''; ?>"><i class="fas fa-home"></i> Home</a>
<a href="/dashboard.php" class="nav-link <?php echo basename($_SERVER['PHP_SELF']) == 'dashboard.php' ? 'active' : ''; ?>"><i class="fas fa-user-circle"></i> My Dashboard</a>
<a href="/logout.php" class="nav-link"><i class="fas fa-sign-out-alt"></i> Logout</a>
<?php else: ?>
<a href="/index.php" class="nav-link <?php echo basename($_SERVER['PHP_SELF']) == 'index.php' ? 'active' : ''; ?>"><i class="fas fa-home"></i> Home</a>
<a href="/login.php" class="nav-link <?php echo basename($_SERVER['PHP_SELF']) == 'login.php' ? 'active' : ''; ?>"><i class="fas fa-sign-in-alt"></i> Login</a>
<a href="/signup.php" class="nav-link <?php echo basename($_SERVER['PHP_SELF']) == 'signup.php' ? 'active' : ''; ?>"><i class="fas fa-user-plus"></i> Sign Up</a>
<?php endif; ?>
</div>
<div class="content-wrapper">
<button class="sidebar-toggler d-lg-none" type="button" id="sidebarToggler">
<i class="fas fa-bars"></i>
</button>
""

4
includes/session.php
View File

@ -4,11 +4,11 @@ session_start();
require_once __DIR__ . '/../db/config.php';
function is_logged_in() {
return isset($_SESSION['user_id']);
return isset($_SESSION['user']['id']);
}
function is_admin() {
return is_logged_in() && isset($_SESSION['user_role']) && $_SESSION['user_role'] === 'admin';
return is_logged_in() && isset($_SESSION['user']['role']) && $_SESSION['user']['role'] === 'admin';
}
function require_login() {

12
index.php
View File

@ -1,5 +1,7 @@
<?php require_once 'includes/header.php'; ?>
<div class="main-content">
<!-- Hero Section -->
<header class="hero">
<div class="container">
@ -31,9 +33,9 @@
// If user is logged in, get their applications
$user_applications = [];
if (isset($_SESSION['user_id'])) {
if (isset($_SESSION['user']['id'])) {
$app_stmt = $pdo->prepare('SELECT event_id FROM applications WHERE user_id = ?');
$app_stmt->execute([$_SESSION['user_id']]);
$app_stmt->execute([$_SESSION['user']['id']]);
$user_applications = $app_stmt->fetchAll(PDO::FETCH_COLUMN);
}
@ -46,7 +48,7 @@
<div class="card-body">
<h5 class="card-title"><?php echo htmlspecialchars($event['title']); ?></h5>
<p class="card-text text-muted"><?php echo date("M d, Y", strtotime($event['event_date'])); ?> &bull; <?php echo htmlspecialchars($event['location']); ?></p>
<?php if (isset($_SESSION['user_id']) && $_SESSION['user_role'] === 'user'): ?>
<?php if (isset($_SESSION['user']['id']) && $_SESSION['user']['role'] === 'user'): ?>
<?php if (in_array($event['id'], $user_applications)): ?>
<button class="btn btn-success" disabled>Applied</button>
<?php else: ?>
@ -55,7 +57,8 @@
<button type="submit" class="btn btn-secondary">Apply Now</button>
</form>
<?php endif; ?>
<?php elseif (!isset($_SESSION['user_id'])): ?>
<?php elseif (!isset($_SESSION['user']['id'])):
?>
<a href="login.php" class="btn btn-secondary">Login to Apply</a>
<?php endif; ?>
</div>
@ -65,5 +68,6 @@
</div>
</div>
</main>
</div>
<?php require_once 'includes/footer.php'; ?>

10
login.php
View File

@ -19,8 +19,11 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if ($user && password_verify($password, $user['password'])) {
$_SESSION['user_id'] = $user['id'];
$_SESSION['user_role'] = $user['role'];
$_SESSION['user'] = [
'id' => $user['id'],
'email' => $user['email'],
'role' => $user['role']
];
if ($user['role'] === 'admin') {
header('Location: admin/index.php');
@ -40,7 +43,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
require_once 'includes/header.php';
?>
<div class="main-content">
<main class="form-container">
<div class="container">
<div class="row justify-content-center">
@ -71,5 +74,6 @@ require_once 'includes/header.php';
</div>
</div>
</main>
</div>
<?php require_once 'includes/footer.php'; ?>

3
signup.php
View File

@ -43,7 +43,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
require_once 'includes/header.php';
?>
<div class="main-content">
<main class="form-container">
<div class="container">
<div class="row justify-content-center">
@ -82,5 +82,6 @@ require_once 'includes/header.php';
</div>
</div>
</main>
</div>
<?php require_once 'includes/footer.php'; ?>

5
temp_check_migrations.php Normal file
View File

@ -0,0 +1,5 @@
<?php
require_once 'db/config.php';
$pdo = db();
$stmt = $pdo->query("SELECT * FROM migrations");
print_r($stmt->fetchAll(PDO::FETCH_ASSOC));

70
upload_proof.php Normal file
View File

@ -0,0 +1,70 @@
<?php
require_once 'includes/session.php';
require_login();
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
header('Location: dashboard.php');
exit();
}
if (!isset($_POST['application_id']) || !isset($_FILES['proof_screenshot'])) {
$_SESSION['flash_message'] = ['type' => 'danger', 'message' => 'Invalid request.'];
header('Location: dashboard.php');
exit();
}
$application_id = $_POST['application_id'];
$user_id = $_SESSION['user']['id'];
$file = $_FILES['proof_screenshot'];
require_once 'db/config.php';
$pdo = db();
// Verify application belongs to the user
$stmt = $pdo->prepare("SELECT id FROM applications WHERE id = ? AND user_id = ? AND (status = 'awaiting_proof' OR status = 'pending_approval')");
$stmt->execute([$application_id, $user_id]);
if (!$stmt->fetch()) {
$_SESSION['flash_message'] = ['type' => 'danger', 'message' => 'Invalid application or you are not allowed to perform this action.'];
header('Location: dashboard.php');
exit();
}
// File upload handling
if ($file['error'] !== UPLOAD_ERR_OK) {
$_SESSION['flash_message'] = ['type' => 'danger', 'message' => 'Error uploading file.'];
header('Location: dashboard.php');
exit();
}
$allowed_types = ['image/jpeg', 'image/png', 'image/gif'];
if (!in_array($file['type'], $allowed_types)) {
$_SESSION['flash_message'] = ['type' => 'danger', 'message' => 'Invalid file type. Only JPG, PNG, and GIF are allowed.'];
header('Location: dashboard.php');
exit();
}
if ($file['size'] > 5 * 1024 * 1024) { // 5 MB limit
$_SESSION['flash_message'] = ['type' => 'danger', 'message' => 'File is too large. Maximum size is 5MB.'];
header('Location: dashboard.php');
exit();
}
$upload_dir = 'uploads/proofs/';
$filename = uniqid() . '-' . basename($file['name']);
$destination = $upload_dir . $filename;
if (move_uploaded_file($file['tmp_name'], $destination)) {
// Update database
$stmt = $pdo->prepare("INSERT INTO application_proofs (application_id, file_path) VALUES (?, ?)");
$stmt->execute([$application_id, $destination]);
$stmt = $pdo->prepare("UPDATE applications SET status = 'pending_approval' WHERE id = ?");
$stmt->execute([$application_id]);
$_SESSION['flash_message'] = ['type' => 'success', 'message' => 'Proof uploaded successfully. It is now pending review.'];
} else {
$_SESSION['flash_message'] = ['type' => 'danger', 'message' => 'Failed to move uploaded file.'];
}
header('Location: dashboard.php');
exit();

BIN
uploads/proofs/691e53747373e-09.26_THE CAVERNS_SQUARE.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 33 KiB

BIN
uploads/proofs/691e563fd698a-09.26_THE CAVERNS_SQUARE.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 33 KiB

BIN
uploads/proofs/691e56454ef7d-120-91e4a5dd-91.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 142 KiB

BIN
uploads/proofs/691e564a73b72-f231faba-0efa-4fc3-88c4-5de128820834.jpeg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 200 KiB