admin/35867-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: admin:master
Branches Tags
admin:master
admin:ai-dev
..
compare: admin:ai-dev
Branches Tags
admin:ai-dev
admin:master

1 Commits
master ... ai-dev

Author SHA1 Message Date
Flatlogic Bot
6d48e88ec8 V1.0 2025-11-20 11:10:15 +00:00
28 changed files with 1655 additions and 140 deletions
Show Stats Expand all files Collapse all files

48
add_grade.php Normal file
View File

@ -0,0 +1,48 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header('Location: index.php');
exit;
}
require_once 'db/config.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$section = $_POST['section'] ?? '';
$grade_name = $_POST['grade_name'] ?? '';
$min_score = $_POST['min_score'] ?? '';
$max_score = $_POST['max_score'] ?? '';
// Basic validation
if (empty($section) || empty($grade_name) || !is_numeric($min_score) || !is_numeric($max_score)) {
$_SESSION['error_message'] = 'All fields are required and scores must be numbers.';
header('Location: school_settings.php');
exit;
}
if ($min_score >= $max_score) {
$_SESSION['error_message'] = 'Min score must be less than max score.';
header('Location: school_settings.php');
exit;
}
try {
$pdo = db();
$sql = "INSERT INTO grading_scales (section, grade_name, min_score, max_score) VALUES (?, ?, ?, ?)";
$stmt = $pdo->prepare($sql);
$stmt->execute([$section, $grade_name, $min_score, $max_score]);
$_SESSION['success_message'] = 'Grade added successfully.';
} catch (PDOException $e) {
if ($e->errorInfo[1] == 1062) { // Duplicate entry
$_SESSION['error_message'] = "A grade with the name '{$grade_name}' already exists in the '{$section}' section.";
} else {
$_SESSION['error_message'] = 'Database error: ' . $e->getMessage();
}
}
}
header('Location: school_settings.php');
exit;

91
add_user.php Normal file
View File

@ -0,0 +1,91 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header('Location: index.php');
exit;
}
$errors = $_SESSION['errors'] ?? [];
$old_input = $_SESSION['old_input'] ?? [];
unset($_SESSION['errors']);
unset($_SESSION['old_input']);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Add User - Admin Dashboard</title>
<link href="https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&family=Open+Sans&display=swap" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css">
</head>
<body class="admin-body">
<div class="admin-container">
<aside class="sidebar">
<div class="sidebar-header">
<h2>School Admin</h2>
</div>
<nav class="sidebar-nav">
<a href="admin.php">Dashboard</a>
<a href="users.php" class="active">User Management</a>
<a href="school_settings.php">School Settings</a>
<a href="#">Subjects & Classes</a>
<a href="#">Student Promotions</a>
<a href="#">Reports</a>
<a href="logout.php" class="logout">Logout</a>
</nav>
</aside>
<main class="main-content">
<header class="main-header">
<h1>Add New User</h1>
</header>
<div class="content-grid">
<div class="card full-width-card">
<div class="card-body">
<?php if (!empty($errors['db'])): ?>
<div class="alert alert-danger"><?= htmlspecialchars($errors['db']) ?></div>
<?php endif; ?>
<form action="save_user.php" method="POST">
<div class="form-group">
<label for="name">Name</label>
<input type="text" id="name" name="name" class="form-control" value="<?= htmlspecialchars($old_input['name'] ?? '') ?>" required>
<?php if (!empty($errors['name'])): ?>
<div class="error-message"><?= htmlspecialchars($errors['name']) ?></div>
<?php endif; ?>
</div>
<div class="form-group">
<label for="email">Email</label>
<input type="email" id="email" name="email" class="form-control" value="<?= htmlspecialchars($old_input['email'] ?? '') ?>" required>
<?php if (!empty($errors['email'])): ?>
<div class="error-message"><?= htmlspecialchars($errors['email']) ?></div>
<?php endif; ?>
</div>
<div class="form-group">
<label for="password">Password</label>
<input type="password" id="password" name="password" class="form-control" required>
<?php if (!empty($errors['password'])): ?>
<div class="error-message"><?= htmlspecialchars($errors['password']) ?></div>
<?php endif; ?>
</div>
<div class="form-group">
<label for="role">Role</label>
<select id="role" name="role" class="form-control" required>
<option value="Student" <?= ($old_input['role'] ?? '') == 'Student' ? 'selected' : '' ?>>Student</option>
<option value="Teacher" <?= ($old_input['role'] ?? '') == 'Teacher' ? 'selected' : '' ?>>Teacher</option>
<option value="Admin" <?= ($old_input['role'] ?? '') == 'Admin' ? 'selected' : '' ?>>Admin</option>
<option value="Parent" <?= ($old_input['role'] ?? '') == 'Parent' ? 'selected' : '' ?>>Parent</option>
<option value="Bursar" <?= ($old_input['role'] ?? '') == 'Bursar' ? 'selected' : '' ?>>Bursar</option>
<option value="Assistant Bursar" <?= ($old_input['role'] ?? '') == 'Assistant Bursar' ? 'selected' : '' ?>>Assistant Bursar</option>
</select>
</div>
<button type="submit" class="btn btn-primary">Save User</button>
</form>
</div>
</div>
</div>
</main>
</div>
</body>
</html>

64
admin.php Normal file
View File

@ -0,0 +1,64 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header('Location: index.php');
exit;
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Admin Dashboard - School Management</title>
<link rel="stylesheet" href="assets/css/custom.css">
<link href="https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&family=Open+Sans&display=swap" rel="stylesheet">
</head>
<body>
<div class="admin-container">
<aside class="sidebar">
<div class="sidebar-header">
<h3>School Admin</h3>
</div>
<nav class="sidebar-nav">
<a href="admin.php" class="active">Dashboard</a>
<a href="users.php">User Management</a>
<a href="school_settings.php">School Settings</a>
<a href="#">Subjects & Classes</a>
<a href="#">Student Promotions</a>
<a href="#">Reports</a>
<a href="logout.php" class="logout">Logout</a>
</nav>
</aside>
<main class="main-content">
<header class="main-header">
<h1>Welcome, <?php echo htmlspecialchars($_SESSION['user_name']); ?>!</h1>
<p>Here is your school's summary.</p>
</header>
<div class="dashboard-grid">
<div class="dashboard-card">
<h4>Total Students</h4>
<p class="card-value">1,234</p>
<div class="card-footer">+5% from last term</div>
</div>
<div class="dashboard-card">
<h4>Total Teachers</h4>
<p class="card-value">56</p>
<div class="card-footer">+2 new hires</div>
</div>
<div class="dashboard-card">
<h4>Bursary Overview</h4>
<p class="card-value">$546,789</p>
<div class="card-footer">75% fees collected</div>
</div>
<div class="dashboard-card">
<h4>Pending Issues</h4>
<p class="card-value">12</p>
<div class="card-footer">3 urgent</div>
</div>
</div>
</main>
</div>
</body>
</html>

296
assets/css/custom.css Normal file
View File

@ -0,0 +1,296 @@
@import url('https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&family=Poppins:wght@600;700&display=swap');
:root {
--primary-color: #4A90E2;
--secondary-color: #50E3C2;
--background-color: #F4F7F6;
--surface-color: #FFFFFF;
--text-color: #333333;
--border-radius: 0.75rem;
--primary-font: 'Poppins', sans-serif;
--secondary-font: 'Open Sans', sans-serif;
}
body {
background-color: var(--background-color);
font-family: var(--secondary-font);
color: var(--text-color);
margin: 0;
}
h1, h2, h3, h4, h5, h6 {
font-family: var(--primary-font);
font-weight: 700;
}
/* New Login Page Styles */
.login-container {
display: flex;
min-height: 100vh;
width: 100%;
}
.login-hero-split {
flex: 1;
background: linear-gradient(135deg, var(--primary-color), var(--secondary-color));
display: flex;
justify-content: center;
align-items: center;
color: white;
padding: 3rem;
text-align: center;
}
.hero-content {
max-width: 400px;
}
.hero-title {
font-size: 3.5rem;
font-weight: 700;
margin-bottom: 1rem;
}
.hero-subtitle {
font-size: 1.25rem;
font-family: var(--secondary-font);
opacity: 0.9;
}
.login-form-area {
flex: 1;
display: flex;
flex-direction: column;
justify-content: center;
align-items: center;
padding: 3rem;
background-color: var(--surface-color);
}
.login-card {
width: 100%;
max-width: 400px;
border: none;
box-shadow: 0 15px 40px rgba(0,0,0,0.08);
border-radius: var(--border-radius);
padding: 2.5rem;
background-color: var(--surface-color);
}
.login-card .card-title {
color: var(--primary-color);
font-weight: 600;
}
.form-label {
font-weight: 600;
color: #555;
}
.form-control {
border-radius: var(--border-radius);
padding: 0.85rem 1.1rem;
border: 1px solid #ddd;
transition: border-color 0.2s, box-shadow 0.2s;
}
.form-control:focus {
box-shadow: 0 0 0 0.25rem rgba(74, 144, 226, 0.2);
border-color: var(--primary-color);
}
.btn-primary {
background-color: var(--primary-color);
border-color: var(--primary-color);
border-radius: var(--border-radius);
padding: 0.85rem 1.5rem;
font-weight: 600;
font-size: 1.1rem;
transition: background-color 0.3s ease, transform 0.2s ease;
}
.btn-primary:hover {
background-color: #357ABD;
border-color: #357ABD;
transform: translateY(-2px);
}
.alert {
border-radius: var(--border-radius);
}
/* Admin Dashboard Styles */
.admin-container {
display: flex;
min-height: 100vh;
}
.sidebar {
width: 250px;
background-color: var(--surface-color);
box-shadow: 2px 0 10px rgba(0,0,0,0.05);
display: flex;
flex-direction: column;
}
.sidebar-header {
padding: 1.5rem;
text-align: center;
border-bottom: 1px solid var(--background-color);
}
.sidebar-header h3 {
color: var(--primary-color);
margin: 0;
}
.sidebar-nav ul {
list-style: none;
padding: 0;
margin: 1rem 0;
}
.sidebar-nav li {
padding: 0.5rem 1.5rem;
}
.sidebar-nav a {
text-decoration: none;
color: var(--text-color);
font-weight: 600;
display: block;
transition: color 0.2s ease;
}
.sidebar-nav a:hover,
.sidebar-nav li.active a {
color: var(--primary-color);
}
.main-content {
flex-grow: 1;
padding: 2rem;
background-color: var(--background-color);
}
.main-header {
margin-bottom: 2rem;
}
.dashboard-grid {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(250px, 1fr));
gap: 1.5rem;
}
.dashboard-card {
background-color: var(--surface-color);
border-radius: var(--border-radius);
padding: 1.5rem;
box-shadow: 0 4px 15px rgba(0,0,0,0.05);
transition: transform 0.3s ease, box-shadow 0.3s ease;
}
.dashboard-card:hover {
transform: translateY(-5px);
box-shadow: 0 8px 25px rgba(0,0,0,0.08);
}
.dashboard-card h4 {
color: var(--primary-color);
margin-top: 0;
margin-bottom: 0.5rem;
}
.card-value {
font-size: 2.5rem;
font-weight: 700;
margin-bottom: 0.5rem;
}
.card-footer {
color: #6c757d;
font-size: 0.9rem;
}
/* User Management Table */
.user-table {
width: 100%;
border-collapse: collapse;
margin-top: 1rem;
}
.user-table th, .user-table td {
padding: 0.75rem 1rem;
text-align: left;
border-bottom: 1px solid #eee;
}
.user-table thead th {
font-family: var(--primary-font);
font-weight: 600;
color: var(--primary-color);
}
.user-table tbody tr:hover {
background-color: rgba(74, 144, 226, 0.05);
}
.action-link {
color: var(--primary-color);
text-decoration: none;
margin-right: 1rem;
font-weight: 600;
}
.action-link:hover {
text-decoration: underline;
}
.full-width-card {
grid-column: 1 / -1;
}
.content-grid {
display: grid;
grid-template-columns: 1fr;
gap: 1.5rem;
}
.form-group {
margin-bottom: 1.5rem;
}
.error-message {
color: #dc3545;
font-size: 0.875em;
margin-top: 0.25rem;
}
.alert-danger {
color: #721c24;
background-color: #f8d7da;
border-color: #f5c6cb;
}
.alert-success {
color: #155724;
background-color: #d4edda;
border-color: #c3e6cb;
}
@media (max-width: 768px) {
.login-container {
flex-direction: column;
}
.login-hero-split {
padding: 2rem;
min-height: 200px;
}
.hero-title {
font-size: 2.5rem;
}
.login-form-area {
padding: 2rem 1rem;
}
}

23
assets/js/main.js Normal file
View File

@ -0,0 +1,23 @@
document.addEventListener('DOMContentLoaded', function() {
const loginForm = document.getElementById('loginForm');
if (loginForm) {
loginForm.addEventListener('submit', function(e) {
e.preventDefault();
// --- SIMULATED LOGIN ---
// In a real application, you would send this to a server for validation.
const email = document.getElementById('email').value;
const password = document.getElementById('password').value;
// Basic validation
if (email && password) {
// Simulate a successful login and redirect to the admin dashboard
console.log('Simulating successful login...');
window.location.href = 'admin.php';
} else {
// In a real app, you'd show a more specific error.
alert('Please enter both email and password.');
}
});
}
});

8
db/migrations/001_create_users_table.sql Normal file
View File

@ -0,0 +1,8 @@
CREATE TABLE IF NOT EXISTS `users` (
`id` INT AUTO_INCREMENT PRIMARY KEY,
`name` VARCHAR(255) NOT NULL,
`role` VARCHAR(50) NOT NULL,
`email` VARCHAR(255) NOT NULL UNIQUE,
`password` VARCHAR(255) NOT NULL,
`created_at` TIMESTAMP DEFAULT CURRENT_TIMESTAMP
) ENGINE=INNODB;

7
db/migrations/002_add_email_password_to_users.sql Normal file
View File

@ -0,0 +1,7 @@
ALTER TABLE `users`
ADD COLUMN `email` VARCHAR(255) NOT NULL AFTER `name`,
ADD COLUMN `password` VARCHAR(255) NOT NULL AFTER `email`,
ADD COLUMN `role` VARCHAR(50) NOT NULL DEFAULT 'user' AFTER `password`;
-- Add a unique constraint to the email column to prevent duplicate emails
ALTER TABLE `users` ADD UNIQUE (`email`);

6
db/migrations/003_add_email_and_password_columns.sql Normal file
View File

@ -0,0 +1,6 @@
ALTER TABLE `users`
ADD COLUMN `email` VARCHAR(255) NOT NULL AFTER `name`,
ADD COLUMN `password` VARCHAR(255) NOT NULL AFTER `email`;
-- Add a unique constraint to the email column to prevent duplicate emails
ALTER TABLE `users` ADD UNIQUE (`email`);

2
db/migrations/004_add_status_to_users.sql Normal file
View File

@ -0,0 +1,2 @@
ALTER TABLE `users`
ADD COLUMN `status` VARCHAR(20) NOT NULL DEFAULT 'active' COMMENT 'User account status: active or inactive' AFTER `role`;

11
db/migrations/005_create_school_settings_table.sql Normal file
View File

@ -0,0 +1,11 @@
CREATE TABLE IF NOT EXISTS `school_settings` (
`id` INT AUTO_INCREMENT PRIMARY KEY,
`setting_key` VARCHAR(255) NOT NULL UNIQUE,
`setting_value` TEXT,
`created_at` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
`updated_at` TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
) ENGINE=INNODB;
-- Insert some default values
INSERT INTO `school_settings` (setting_key, setting_value) VALUES
('school_name', 'My School') ON DUPLICATE KEY UPDATE setting_key=setting_key;

10
db/migrations/006_create_grading_scales_table.sql Normal file
View File

@ -0,0 +1,10 @@
CREATE TABLE IF NOT EXISTS `grading_scales` (
`id` INT AUTO_INCREMENT PRIMARY KEY,
`section` VARCHAR(50) NOT NULL,
`grade_name` VARCHAR(10) NOT NULL,
`min_score` INT NOT NULL,
`max_score` INT NOT NULL,
`created_at` TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
`updated_at` TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
UNIQUE KEY `section_grade` (`section`, `grade_name`)
) ENGINE=INNODB;

5
db/migrations/007_create_classes_table.sql Normal file
View File

@ -0,0 +1,5 @@
CREATE TABLE IF NOT EXISTS `classes` (
`id` INT AUTO_INCREMENT PRIMARY KEY,
`name` VARCHAR(255) NOT NULL UNIQUE,
`created_at` TIMESTAMP DEFAULT CURRENT_TIMESTAMP
) ENGINE=INNODB;

5
db/migrations/008_create_subjects_table.sql Normal file
View File

@ -0,0 +1,5 @@
CREATE TABLE IF NOT EXISTS `subjects` (
`id` INT AUTO_INCREMENT PRIMARY KEY,
`name` VARCHAR(255) NOT NULL UNIQUE,
`created_at` TIMESTAMP DEFAULT CURRENT_TIMESTAMP
) ENGINE=INNODB;

28
delete_grade.php Normal file
View File

@ -0,0 +1,28 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header('Location: index.php');
exit;
}
require_once 'db/config.php';
if (isset($_GET['id'])) {
$id = $_GET['id'];
try {
$pdo = db();
$sql = "DELETE FROM grading_scales WHERE id = ?";
$stmt = $pdo->prepare($sql);
$stmt->execute([$id]);
$_SESSION['success_message'] = 'Grade deleted successfully.';
} catch (PDOException $e) {
$_SESSION['error_message'] = 'Database error: ' . $e->getMessage();
}
}
header('Location: school_settings.php');
exit;

26
delete_user.php Normal file
View File

@ -0,0 +1,26 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header('Location: index.php');
exit;
}
require_once 'db/config.php';
$id = $_GET['id'] ?? null;
if ($id) {
try {
$pdo = db();
$sql = "DELETE FROM users WHERE id = ?";
$stmt = $pdo->prepare($sql);
$stmt->execute([$id]);
$_SESSION['success_message'] = 'User deleted successfully.';
} catch (PDOException $e) {
die("Database error: " . $e->getMessage());
}
}
header("Location: users.php");
exit;

89
edit_grade.php Normal file
View File

@ -0,0 +1,89 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header('Location: index.php');
exit;
}
require_once 'db/config.php';
$id = $_GET['id'] ?? null;
if (!$id) {
header('Location: school_settings.php');
exit;
}
$grade = null;
try {
$pdo = db();
$stmt = $pdo->prepare("SELECT id, section, grade_name, min_score, max_score FROM grading_scales WHERE id = ?");
$stmt->execute([$id]);
$grade = $stmt->fetch();
} catch (PDOException $e) {
die("Database error: " . $e->getMessage());
}
if (!$grade) {
die("Grade not found.");
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Edit Grade - Admin Dashboard</title>
<link href="https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&family=Open+Sans&display=swap" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css">
</head>
<body class="admin-body">
<div class="admin-container">
<aside class="sidebar">
<div class="sidebar-header">
<h2>School Admin</h2>
</div>
<nav class="sidebar-nav">
<a href="admin.php">Dashboard</a>
<a href="users.php">User Management</a>
<a href="school_settings.php" class="active">School Settings</a>
<a href="#">Subjects & Classes</a>
<a href="#">Student Promotions</a>
<a href="#">Reports</a>
<a href="logout.php" class="logout">Logout</a>
</nav>
</aside>
<main class="main-content">
<header class="main-header">
<h1>Edit Grade</h1>
</header>
<div class="content-grid">
<div class="card full-width-card">
<div class="card-body">
<form action="update_grade.php" method="POST">
<input type="hidden" name="id" value="<?= htmlspecialchars($grade['id']) ?>">
<div class="form-group">
<label for="section">Section</label>
<input type="text" id="section" name="section" class="form-control" value="<?= htmlspecialchars($grade['section']) ?>" readonly>
</div>
<div class="form-group">
<label for="grade_name">Grade Name</label>
<input type="text" id="grade_name" name="grade_name" class="form-control" value="<?= htmlspecialchars($grade['grade_name']) ?>" required>
</div>
<div class="form-group">
<label for="min_score">Min Score</label>
<input type="number" id="min_score" name="min_score" class="form-control" value="<?= htmlspecialchars($grade['min_score']) ?>" required>
</div>
<div class="form-group">
<label for="max_score">Max Score</label>
<input type="number" id="max_score" name="max_score" class="form-control" value="<?= htmlspecialchars($grade['max_score']) ?>" required>
</div>
<button type="submit" class="btn btn-primary">Update Grade</button>
</form>
</div>
</div>
</div>
</main>
</div>
</body>
</html>

117
edit_user.php Normal file
View File

@ -0,0 +1,117 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header('Location: index.php');
exit;
}
require_once 'db/config.php';
$id = $_GET['id'] ?? null;
$errors = $_SESSION['errors'] ?? [];
$old_input = $_SESSION['old_input'] ?? [];
unset($_SESSION['errors']);
unset($_SESSION['old_input']);
$user = null;
if ($id) {
if (!empty($old_input)) {
$user = $old_input;
$user['id'] = $id;
} else {
try {
$pdo = db();
$stmt = $pdo->prepare("SELECT id, name, role, email FROM users WHERE id = ?");
$stmt->execute([$id]);
$user = $stmt->fetch();
} catch (PDOException $e) {
die("Database error: " . $e->getMessage());
}
}
}
if (!$user) {
die("User not found.");
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Edit User - Admin Dashboard</title>
<link href="https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&family=Open+Sans&display=swap" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css">
</head>
<body class="admin-body">
<div class="admin-container">
<aside class="sidebar">
<div class="sidebar-header">
<h2>School Admin</h2>
</div>
<nav class="sidebar-nav">
<a href="admin.php">Dashboard</a>
<a href="users.php" class="active">User Management</a>
<a href="school_settings.php">School Settings</a>
<a href="#">Subjects & Classes</a>
<a href="#">Student Promotions</a>
<a href="#">Reports</a>
<a href="logout.php" class="logout">Logout</a>
</nav>
</aside>
<main class="main-content">
<header class="main-header">
<h1>Edit User</h1>
</header>
<div class="content-grid">
<div class="card full-width-card">
<div class="card-body">
<?php if (!empty($errors['db'])): ?>
<div class="alert alert-danger"><?= htmlspecialchars($errors['db']) ?></div>
<?php endif; ?>
<form action="update_user.php" method="POST">
<input type="hidden" name="id" value="<?= htmlspecialchars($user['id']) ?>">
<div class="form-group">
<label for="name">Name</label>
<input type="text" id="name" name="name" class="form-control" value="<?= htmlspecialchars($user['name'] ?? '') ?>" required>
<?php if (!empty($errors['name'])): ?>
<div class="error-message"><?= htmlspecialchars($errors['name']) ?></div>
<?php endif; ?>
</div>
<div class="form-group">
<label for="email">Email</label>
<input type="email" id="email" name="email" class="form-control" value="<?= htmlspecialchars($user['email'] ?? '') ?>" required>
<?php if (!empty($errors['email'])): ?>
<div class="error-message"><?= htmlspecialchars($errors['email']) ?></div>
<?php endif; ?>
</div>
<div class="form-group">
<label for="password">New Password (leave blank to keep current)</label>
<input type="password" id="password" name="password" class="form-control">
<?php if (!empty($errors['password'])): ?>
<div class="error-message"><?= htmlspecialchars($errors['password']) ?></div>
<?php endif; ?>
</div>
<div class="form-group">
<label for="role">Role</label>
<select id="role" name="role" class="form-control" required>
<option value="Student" <?= ($user['role'] ?? '') == 'Student' ? 'selected' : '' ?>>Student</option>
<option value="Teacher" <?= ($user['role'] ?? '') == 'Teacher' ? 'selected' : '' ?>>Teacher</option>
<option value="Admin" <?= ($user['role'] ?? '') == 'Admin' ? 'selected' : '' ?>>Admin</option>
<option value="Parent" <?= ($user['role'] ?? '') == 'Parent' ? 'selected' : '' ?>>Parent</option>
<option value="Bursar" <?= ($user['role'] ?? '') == 'Bursar' ? 'selected' : '' ?>>Bursar</option>
<option value="Assistant Bursar" <?= ($user['role'] ?? '') == 'Assistant Bursar' ? 'selected' : '' ?>>Assistant Bursar</option>
</select>
</div>
<button type="submit" class="btn btn-primary">Update User</button>
</form>
</div>
</div>
</div>
</main>
</div>
</body>
</html>

203
index.php
View File

@ -1,150 +1,75 @@
<?php <?php
declare(strict_types=1); session_start();
@ini_set('display_errors', '1'); $message = null;
@error_reporting(E_ALL); $message_type = 'danger';
@date_default_timezone_set('UTC');
$phpVersion = PHP_VERSION; if (isset($_SESSION['login_error'])) {
$now = date('Y-m-d H:i:s'); $message = $_SESSION['login_error'];
unset($_SESSION['login_error']);
}
?> ?>
<!doctype html> <!DOCTYPE html>
<html lang="en"> <html lang="en">
<head> <head>
<meta charset="utf-8" /> <meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>New Style</title> <title>Welcome to SchoolAdmin</title>
<?php <meta name="description" content="SchoolAdmin: Streamline academic management with tailored dashboards for admins, teachers, students, and bursars.">
// Read project preview data from environment <meta name="keywords" content="school management, academic reporting, student information system, gradebook, parent portal, teacher dashboard, school administration, student results, fee management, class management, education technology, k-12 software">
$projectDescription = $_SERVER['PROJECT_DESCRIPTION'] ?? '';
$projectImageUrl = $_SERVER['PROJECT_IMAGE_URL'] ?? ''; <meta property="og:type" content="website">
?> <meta property="og:title" content="School Management App">
<?php if ($projectDescription): ?> <meta property="og:description" content="SchoolAdmin: Streamline academic management with tailored dashboards for admins, teachers, students, and bursars.">
<!-- Meta description --> <meta property="og:image" content="https://project-screens.s3.amazonaws.com/screenshots/35867/app-hero-20251120-104052.png">
<meta name="description" content='<?= htmlspecialchars($projectDescription) ?>' />
<!-- Open Graph meta tags --> <meta property="twitter:card" content="summary_large_image">
<meta property="og:description" content="<?= htmlspecialchars($projectDescription) ?>" /> <meta property="twitter:title" content="School Management App">
<!-- Twitter meta tags --> <meta property="twitter:description" content="SchoolAdmin: Streamline academic management with tailored dashboards for admins, teachers, students, and bursars.">
<meta property="twitter:description" content="<?= htmlspecialchars($projectDescription) ?>" /> <meta property="twitter:image" content="https://project-screens.s3.amazonaws.com/screenshots/35867/app-hero-20251120-104052.png">
<?php endif; ?>
<?php if ($projectImageUrl): ?> <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
<!-- Open Graph image --> <link rel="stylesheet" href="assets/css/custom.css?v=<?php echo time(); ?>">
<meta property="og:image" content="<?= htmlspecialchars($projectImageUrl) ?>" />
<!-- Twitter image -->
<meta property="twitter:image" content="<?= htmlspecialchars($projectImageUrl) ?>" />
<?php endif; ?>
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap" rel="stylesheet">
<style>
:root {
--bg-color-start: #6a11cb;
--bg-color-end: #2575fc;
--text-color: #ffffff;
--card-bg-color: rgba(255, 255, 255, 0.01);
--card-border-color: rgba(255, 255, 255, 0.1);
}
body {
margin: 0;
font-family: 'Inter', sans-serif;
background: linear-gradient(45deg, var(--bg-color-start), var(--bg-color-end));
color: var(--text-color);
display: flex;
justify-content: center;
align-items: center;
min-height: 100vh;
text-align: center;
overflow: hidden;
position: relative;
}
body::before {
content: '';
position: absolute;
top: 0;
left: 0;
width: 100%;
height: 100%;
background-image: url('data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="100" height="100" viewBox="0 0 100 100"><path d="M-10 10L110 10M10 -10L10 110" stroke-width="1" stroke="rgba(255,255,255,0.05)"/></svg>');
animation: bg-pan 20s linear infinite;
z-index: -1;
}
@keyframes bg-pan {
0% { background-position: 0% 0%; }
100% { background-position: 100% 100%; }
}
main {
padding: 2rem;
}
.card {
background: var(--card-bg-color);
border: 1px solid var(--card-border-color);
border-radius: 16px;
padding: 2rem;
backdrop-filter: blur(20px);
-webkit-backdrop-filter: blur(20px);
box-shadow: 0 8px 32px 0 rgba(0, 0, 0, 0.1);
}
.loader {
margin: 1.25rem auto 1.25rem;
width: 48px;
height: 48px;
border: 3px solid rgba(255, 255, 255, 0.25);
border-top-color: #fff;
border-radius: 50%;
animation: spin 1s linear infinite;
}
@keyframes spin {
from { transform: rotate(0deg); }
to { transform: rotate(360deg); }
}
.hint {
opacity: 0.9;
}
.sr-only {
position: absolute;
width: 1px; height: 1px;
padding: 0; margin: -1px;
overflow: hidden;
clip: rect(0, 0, 0, 0);
white-space: nowrap; border: 0;
}
h1 {
font-size: 3rem;
font-weight: 700;
margin: 0 0 1rem;
letter-spacing: -1px;
}
p {
margin: 0.5rem 0;
font-size: 1.1rem;
}
code {
background: rgba(0,0,0,0.2);
padding: 2px 6px;
border-radius: 4px;
font-family: ui-monospace, SFMono-Regular, Menlo, Consolas, monospace;
}
footer {
position: absolute;
bottom: 1rem;
font-size: 0.8rem;
opacity: 0.7;
}
</style>
</head> </head>
<body> <body>
<main>
<div class="card"> <div class="login-container">
<h1>Analyzing your requirements and generating your website…</h1> <div class="login-hero-split">
<div class="loader" role="status" aria-live="polite" aria-label="Applying initial changes"> <div class="hero-content">
<span class="sr-only">Loading…</span> <h1 class="hero-title">SchoolAdmin</h1>
<p class="hero-subtitle">Effortless school management for modern educators.</p>
</div> </div>
<p class="hint"><?= ($_SERVER['HTTP_HOST'] ?? '') === 'appwizzy.com' ? 'AppWizzy' : 'Flatlogic' ?> AI is collecting your requirements and applying the first changes.</p>
<p class="hint">This page will update automatically as the plan is implemented.</p>
<p>Runtime: PHP <code><?= htmlspecialchars($phpVersion) ?></code> — UTC <code><?= htmlspecialchars($now) ?></code></p>
</div> </div>
</main> <div class="login-form-area">
<footer> <div class="login-card">
Page updated: <?= htmlspecialchars($now) ?> (UTC) <h2 class="card-title text-center mb-4">Parent & Staff Login</h2>
</footer>
<?php if ($message): ?>
<div class="alert alert-<?php echo $message_type; ?>" role="alert">
<?php echo htmlspecialchars($message); ?>
</div>
<?php endif; ?>
<form action="login.php" method="POST" id="loginForm">
<div class="mb-3">
<label for="email" class="form-label">Email Address</label>
<input type="email" class="form-control" id="email" name="email" required>
</div>
<div class="mb-3">
<label for="password" class="form-label">Password</label>
<input type="password" class="form-control" id="password" name="password" required>
</div>
<div class="d-grid">
<button type="submit" class="btn btn-primary btn-lg">Login</button>
</div>
</form>
</div>
<div class="text-center mt-4">
<span class="text-muted">&copy; <?php echo date("Y"); ?> SchoolAdmin. All Rights Reserved.</span>
</div>
</div>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
<script src="assets/js/main.js?v=<?php echo time(); ?>"></script>
</body> </body>
</html> </html>

33
login.php Normal file
View File

@ -0,0 +1,33 @@
<?php
session_start();
require 'db/config.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$email = $_POST['email'];
$password = $_POST['password'];
$pdo = db();
$stmt = $pdo->prepare("SELECT * FROM users WHERE email = ?");
$stmt->execute([$email]);
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password'])) {
// Add this block to check user status
if ($user['status'] !== 'active') {
$_SESSION['login_error'] = 'Your account is inactive. Please contact an administrator.';
header('Location: index.php');
exit;
}
$_SESSION['user_id'] = $user['id'];
$_SESSION['user_name'] = $user['name'];
$_SESSION['user_role'] = $user['role'];
header('Location: admin.php');
exit;
} else {
$_SESSION['login_error'] = 'Invalid email or password.';
header('Location: index.php');
exit;
}
}

8
logout.php Normal file
View File

@ -0,0 +1,8 @@
<?php
session_start();
session_unset();
session_destroy();
header('Location: index.php');
exit;

35
save_school_settings.php Normal file
View File

@ -0,0 +1,35 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header('Location: index.php');
exit;
}
require_once 'db/config.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$school_name = $_POST['school_name'] ?? '';
if (empty($school_name)) {
$_SESSION['error_message'] = 'School name cannot be empty.';
header('Location: school_settings.php');
exit;
}
try {
$pdo = db();
$sql = "INSERT INTO school_settings (setting_key, setting_value) VALUES ('school_name', ?)
ON DUPLICATE KEY UPDATE setting_value = ?";
$stmt = $pdo->prepare($sql);
$stmt->execute([$school_name, $school_name]);
$_SESSION['success_message'] = 'School settings saved successfully.';
} catch (PDOException $e) {
$_SESSION['error_message'] = 'Database error: ' . $e->getMessage();
}
}
header('Location: school_settings.php');
exit;

84
save_user.php Normal file
View File

@ -0,0 +1,84 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header('Location: index.php');
exit;
}
require_once 'db/config.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$name = $_POST['name'] ?? '';
$email = $_POST['email'] ?? '';
$password = $_POST['password'] ?? '';
$role = $_POST['role'] ?? '';
$errors = [];
if (empty($name)) {
$errors['name'] = 'Name is required.';
}
if (empty($email)) {
$errors['email'] = 'Email is required.';
} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errors['email'] = 'Invalid email format.';
} else {
try {
$pdo = db();
$stmt = $pdo->prepare("SELECT id FROM users WHERE email = ?");
$stmt->execute([$email]);
if ($stmt->fetch()) {
$errors['email'] = 'Email already exists.';
}
} catch (PDOException $e) {
$errors['db'] = "Database error: " . $e->getMessage();
}
}
if (empty($password)) {
$errors['password'] = 'Password is required.';
} elseif (strlen($password) < 8) {
$errors['password'] = 'Password must be at least 8 characters long.';
}
// Check for role uniqueness: Bursar and Assistant Bursar
if ($role === 'Bursar' || $role === 'Assistant Bursar') {
try {
$pdo = db();
$stmt = $pdo->prepare("SELECT id FROM users WHERE role = ?");
$stmt->execute([$role]);
if ($stmt->fetch()) {
// Using 'db' to show a general form error, as there's no specific field for this.
$errors['db'] = "A user with the role '{$role}' already exists. Only one is allowed.";
}
} catch (PDOException $e) {
$errors['db'] = "Database error while checking role uniqueness: " . $e->getMessage();
}
}
if (empty($errors)) {
try {
$pdo = db();
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$sql = "INSERT INTO users (name, email, password, role) VALUES (?, ?, ?, ?)";
$stmt = $pdo->prepare($sql);
$stmt->execute([$name, $email, $hashed_password, $role]);
$_SESSION['success_message'] = 'User created successfully.';
header("Location: users.php");
exit;
} catch (PDOException $e) {
$errors['db'] = "Database error: " . $e->getMessage();
}
}
$_SESSION['errors'] = $errors;
$_SESSION['old_input'] = $_POST;
header("Location: add_user.php");
exit;
}
header("Location: add_user.php");
exit;

162
school_settings.php Normal file
View File

@ -0,0 +1,162 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header('Location: index.php');
exit;
}
require_once 'db/config.php';
// School Name Setting
$settings = [];
try {
$pdo = db();
// Auto-apply migrations
if (file_exists('db/migrations/005_create_school_settings_table.sql')) {
$pdo->exec(file_get_contents('db/migrations/005_create_school_settings_table.sql'));
}
if (file_exists('db/migrations/006_create_grading_scales_table.sql')) {
$pdo->exec(file_get_contents('db/migrations/006_create_grading_scales_table.sql'));
}
$stmt = $pdo->query("SELECT setting_key, setting_value FROM school_settings");
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$settings[$row['setting_key']] = $row['setting_value'];
}
} catch (Exception $e) {
die("Could not connect to the database: " . $e->getMessage());
}
$school_name = $settings['school_name'] ?? '';
// Grading Scales
$grading_scales = [];
try {
$stmt = $pdo->query("SELECT id, section, grade_name, min_score, max_score FROM grading_scales ORDER BY section, min_score DESC");
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$grading_scales[$row['section']][] = $row;
}
} catch (Exception $e) {
die("Could not fetch grading scales: " . $e->getMessage());
}
$sections = ['Nursery', 'Primary', 'Secondary'];
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>School Settings - Admin Dashboard</title>
<link href="https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&family=Open+Sans&display=swap" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css">
</head>
<body class="admin-body">
<div class="admin-container">
<aside class="sidebar">
<div class="sidebar-header">
<h2>School Admin</h2>
</div>
<nav class="sidebar-nav">
<a href="admin.php">Dashboard</a>
<a href="users.php">User Management</a>
<a href="school_settings.php" class="active">School Settings</a>
<a href="#">Subjects & Classes</a>
<a href="#">Student Promotions</a>
<a href="#">Reports</a>
<a href="logout.php" class="logout">Logout</a>
</nav>
</aside>
<main class="main-content">
<header class="main-header">
<h1>School Settings</h1>
</header>
<?php if (isset($_SESSION['success_message'])): ?>
<div class="alert alert-success"><?= htmlspecialchars($_SESSION['success_message']) ?></div>
<?php unset($_SESSION['success_message']); ?>
<?php endif; ?>
<?php if (isset($_SESSION['error_message'])): ?>
<div class="alert alert-danger"><?= htmlspecialchars($_SESSION['error_message']) ?></div>
<?php unset($_SESSION['error_message']); ?>
<?php endif; ?>
<div class="content-grid">
<div class="card full-width-card">
<div class="card-header">
<h3>General Settings</h3>
</div>
<div class="card-body">
<form action="save_school_settings.php" method="POST">
<div class="form-group">
<label for="school_name">School Name</label>
<input type="text" id="school_name" name="school_name" class="form-control" value="<?= htmlspecialchars($school_name) ?>" required>
</div>
<button type="submit" class="btn btn-primary">Save Settings</button>
</form>
</div>
</div>
<div class="card full-width-card">
<div class="card-header">
<h3>Grading Scales</h3>
</div>
<div class="card-body">
<?php foreach ($sections as $section): ?>
<div class="grading-section">
<h4><?= htmlspecialchars($section) ?></h4>
<table class="user-table">
<thead>
<tr>
<th>Grade</th>
<th>Min Score</th>
<th>Max Score</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php if (isset($grading_scales[$section])): ?>
<?php foreach ($grading_scales[$section] as $grade): ?>
<tr>
<td><?= htmlspecialchars($grade['grade_name']) ?></td>
<td><?= htmlspecialchars($grade['min_score']) ?></td>
<td><?= htmlspecialchars($grade['max_score']) ?></td>
<td>
<a href="edit_grade.php?id=<?= $grade['id'] ?>" class="action-link">Edit</a>
<a href="delete_grade.php?id=<?= $grade['id'] ?>" class="action-link" onclick="return confirm('Are you sure?')">Delete</a>
</td>
</tr>
<?php endforeach; ?>
<?php else: ?>
<tr>
<td colspan="4">No grades defined for this section.</td>
</tr>
<?php endif; ?>
</tbody>
</table>
<form action="add_grade.php" method="POST" class="add-grade-form">
<input type="hidden" name="section" value="<?= htmlspecialchars($section) ?>">
<div class="form-group">
<label>Grade Name</label>
<input type="text" name="grade_name" class="form-control" required>
</div>
<div class="form-group">
<label>Min Score</label>
<input type="number" name="min_score" class="form-control" required>
</div>
<div class="form-group">
<label>Max Score</label>
<input type="number" name="max_score" class="form-control" required>
</div>
<button type="submit" class="btn btn-secondary">Add Grade</button>
</form>
</div>
<?php endforeach; ?>
</div>
</div>
</div>
</main>
</div>
</body>
</html>

148
subjects_classes.php Normal file
View File

@ -0,0 +1,148 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header('Location: index.php');
exit;
}
require_once 'db/config.php';
try {
$pdo = db();
// Auto-apply migrations
if (file_exists('db/migrations/007_create_classes_table.sql')) {
$pdo->exec(file_get_contents('db/migrations/007_create_classes_table.sql'));
}
if (file_exists('db/migrations/008_create_subjects_table.sql')) {
$pdo->exec(file_get_contents('db/migrations/008_create_subjects_table.sql'));
}
// Fetch classes
$stmt_classes = $pdo->query("SELECT id, name FROM classes ORDER BY name");
$classes = $stmt_classes->fetchAll();
// Fetch subjects
$stmt_subjects = $pdo->query("SELECT id, name FROM subjects ORDER BY name");
$subjects = $stmt_subjects->fetchAll();
} catch (Exception $e) {
die("Could not connect to the database: " . $e->getMessage());
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Subjects & Classes - Admin Dashboard</title>
<link href="https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&family=Open+Sans&display=swap" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css">
</head>
<body class="admin-body">
<div class="admin-container">
<aside class="sidebar">
<div class="sidebar-header">
<h2>School Admin</h2>
</div>
<nav class="sidebar-nav">
<a href="admin.php">Dashboard</a>
<a href="users.php">User Management</a>
<a href="school_settings.php">School Settings</a>
<a href="subjects_classes.php" class="active">Subjects & Classes</a>
<a href="#">Student Promotions</a>
<a href="#">Reports</a>
<a href="logout.php" class="logout">Logout</a>
</nav>
</aside>
<main class="main-content">
<header class="main-header">
<h1>Subjects & Classes</h1>
</header>
<?php if (isset($_SESSION['success_message'])): ?>
<div class="alert alert-success"><?= htmlspecialchars($_SESSION['success_message']) ?></div>
<?php unset($_SESSION['success_message']); ?>
<?php endif; ?>
<?php if (isset($_SESSION['error_message'])): ?>
<div class="alert alert-danger"><?= htmlspecialchars($_SESSION['error_message']) ?></div>
<?php unset($_SESSION['error_message']); ?>
<?php endif; ?>
<div class="content-grid">
<!-- Classes Section -->
<div class="card full-width-card">
<div class="card-header">
<h3>Manage Classes</h3>
</div>
<div class="card-body">
<table class="user-table">
<thead>
<tr>
<th>Class Name</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php foreach ($classes as $class): ?>
<tr>
<td><?= htmlspecialchars($class['name']) ?></td>
<td>
<a href="edit_class.php?id=<?= $class['id'] ?>" class="action-link">Edit</a>
<a href="delete_class.php?id=<?= $class['id'] ?>" class="action-link" onclick="return confirm('Are you sure?')">Delete</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<form action="add_class.php" method="POST" class="add-form">
<div class="form-group">
<label>Add New Class</label>
<input type="text" name="name" class="form-control" required>
</div>
<button type="submit" class="btn btn-secondary">Add Class</button>
</form>
</div>
</div>
<!-- Subjects Section -->
<div class="card full-width-card">
<div class="card-header">
<h3>Manage Subjects</h3>
</div>
<div class="card-body">
<table class="user-table">
<thead>
<tr>
<th>Subject Name</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php foreach ($subjects as $subject): ?>
<tr>
<td><?= htmlspecialchars($subject['name']) ?></td>
<td>
<a href="edit_subject.php?id=<?= $subject['id'] ?>" class="action-link">Edit</a>
<a href="delete_subject.php?id=<?= $subject['id'] ?>" class="action-link" onclick="return confirm('Are you sure?')">Delete</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<form action="add_subject.php" method="POST" class="add-form">
<div class="form-group">
<label>Add New Subject</label>
<input type="text" name="name" class="form-control" required>
</div>
<button type="submit" class="btn btn-secondary">Add Subject</button>
</form>
</div>
</div>
</div>
</main>
</div>
</body>
</html>

48
update_grade.php Normal file
View File

@ -0,0 +1,48 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header('Location: index.php');
exit;
}
require_once 'db/config.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$id = $_POST['id'] ?? null;
$grade_name = $_POST['grade_name'] ?? '';
$min_score = $_POST['min_score'] ?? '';
$max_score = $_POST['max_score'] ?? '';
// Basic validation
if (empty($id) || empty($grade_name) || !is_numeric($min_score) || !is_numeric($max_score)) {
$_SESSION['error_message'] = 'All fields are required and scores must be numbers.';
header('Location: school_settings.php');
exit;
}
if ($min_score >= $max_score) {
$_SESSION['error_message'] = 'Min score must be less than max score.';
header('Location: school_settings.php');
exit;
}
try {
$pdo = db();
$sql = "UPDATE grading_scales SET grade_name = ?, min_score = ?, max_score = ? WHERE id = ?";
$stmt = $pdo->prepare($sql);
$stmt->execute([$grade_name, $min_score, $max_score, $id]);
$_SESSION['success_message'] = 'Grade updated successfully.';
} catch (PDOException $e) {
if ($e->errorInfo[1] == 1062) { // Duplicate entry
$_SESSION['error_message'] = "A grade with that name already exists in this section.";
} else {
$_SESSION['error_message'] = 'Database error: ' . $e->getMessage();
}
}
}
header('Location: school_settings.php');
exit;

74
update_user.php Normal file
View File

@ -0,0 +1,74 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header('Location: index.php');
exit;
}
require_once 'db/config.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$id = $_POST['id'] ?? null;
$name = $_POST['name'] ?? '';
$email = $_POST['email'] ?? '';
$password = $_POST['password'] ?? '';
$role = $_POST['role'] ?? '';
$errors = [];
if (empty($name)) {
$errors['name'] = 'Name is required.';
}
if (empty($email)) {
$errors['email'] = 'Email is required.';
} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$errors['email'] = 'Invalid email format.';
} else {
try {
$pdo = db();
$stmt = $pdo->prepare("SELECT id FROM users WHERE email = ? AND id != ?");
$stmt->execute([$email, $id]);
if ($stmt->fetch()) {
$errors['email'] = 'Email already exists.';
}
} catch (PDOException $e) {
$errors['db'] = "Database error: " . $e->getMessage();
}
}
if (!empty($password) && strlen($password) < 8) {
$errors['password'] = 'Password must be at least 8 characters long.';
}
if (empty($errors)) {
try {
$pdo = db();
if ($password) {
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$sql = "UPDATE users SET name = ?, email = ?, password = ?, role = ? WHERE id = ?";
$stmt = $pdo->prepare($sql);
$stmt->execute([$name, $email, $hashed_password, $role, $id]);
} else {
$sql = "UPDATE users SET name = ?, email = ?, role = ? WHERE id = ?";
$stmt = $pdo->prepare($sql);
$stmt->execute([$name, $email, $role, $id]);
}
$_SESSION['success_message'] = 'User updated successfully.';
header("Location: users.php");
exit;
} catch (PDOException $e) {
$errors['db'] = "Database error: " . $e->getMessage();
}
}
$_SESSION['errors'] = $errors;
$_SESSION['old_input'] = $_POST;
header("Location: edit_user.php?id=" . $id);
exit;
}
header("Location: users.php");
exit;

43
update_user_status.php Normal file
View File

@ -0,0 +1,43 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header('Location: index.php');
exit;
}
require_once 'db/config.php';
if (isset($_GET['id']) && isset($_GET['status'])) {
$id = $_GET['id'];
$status = $_GET['status'];
// Basic validation
if ($status !== 'active' && $status !== 'inactive') {
$_SESSION['error_message'] = 'Invalid status value.';
header('Location: users.php');
exit;
}
// Prevent admin from deactivating themselves
if ($id == $_SESSION['user_id']) {
$_SESSION['error_message'] = 'You cannot deactivate your own account.';
header('Location: users.php');
exit;
}
try {
$pdo = db();
$sql = "UPDATE users SET status = ? WHERE id = ?";
$stmt = $pdo->prepare($sql);
$stmt->execute([$status, $id]);
$_SESSION['success_message'] = 'User status updated successfully.';
} catch (PDOException $e) {
$_SESSION['error_message'] = 'Database error: ' . $e->getMessage();
}
}
header('Location: users.php');
exit;

119
users.php Normal file
View File

@ -0,0 +1,119 @@
<?php
session_start();
if (!isset($_SESSION['user_id'])) {
header('Location: index.php');
exit;
}
require_once 'db/config.php';
$success_message = $_SESSION['success_message'] ?? null;
unset($_SESSION['success_message']);
$error_message = $_SESSION['error_message'] ?? null;
unset($_SESSION['error_message']);
try {
$pdo = db();
$stmt = $pdo->query("SELECT id, name, role, email, status FROM users");
$users = $stmt->fetchAll();
} catch (PDOException $e) {
if (strpos($e->getMessage(), "Unknown column 'status'") !== false) {
try {
$sql = file_get_contents('db/migrations/004_add_status_to_users.sql');
$pdo->exec($sql);
header("Location: users.php"); // Refresh the page after migration
exit;
} catch (Exception $me) {
die("Could not apply migration and connect to the database: " . $me->getMessage());
}
} else {
die("Could not connect to the database: " . $e->getMessage());
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>User Management - Admin Dashboard</title>
<link href="https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&family=Open+Sans&display=swap" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css">
</head>
<body class="admin-body">
<div class="admin-container">
<aside class="sidebar">
<div class="sidebar-header">
<h2>School Admin</h2>
</div>
<nav class="sidebar-nav">
<a href="admin.php">Dashboard</a>
<a href="users.php" class="active">User Management</a>
<a href="#">School Settings</a>
<a href="#">Subjects & Classes</a>
<a href="#">Student Promotions</a>
<a href="#">Reports</a>
<a href="logout.php" class="logout">Logout</a>
</nav>
</aside>
<main class="main-content">
<header class="main-header">
<h1>User Management</h1>
<a href="add_user.php" class="btn btn-primary">Add New User</a>
</header>
<?php if ($success_message): ?>
<div class="alert alert-success"><?= htmlspecialchars($success_message) ?></div>
<?php endif; ?>
<?php if ($error_message): ?>
<div class="alert alert-danger"><?= htmlspecialchars($error_message) ?></div>
<?php endif; ?>
<div class="content-grid">
<div class="card full-width-card">
<div class="card-header">
<h3>All Users</h3>
</div>
<div class="card-body">
<table class="user-table">
<thead>
<tr>
<th>Name</th>
<th>Role</th>
<th>Email</th>
<th>Status</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php foreach ($users as $user): ?>
<tr>
<td><?= htmlspecialchars($user['name']) ?></td>
<td><?= htmlspecialchars($user['role']) ?></td>
<td><?= htmlspecialchars($user['email']) ?></td>
<td><?= htmlspecialchars(ucfirst($user['status'])) ?></td>
<td>
<a href="edit_user.php?id=<?= $user['id'] ?>" class="action-link">Edit</a>
<a href="delete_user.php?id=<?= $user['id'] ?>" class="action-link" onclick="return confirm('Are you sure you want to delete this user?')">Delete</a>
<?php if ($user['status'] === 'active'): ?>
<a href="update_user_status.php?id=<?= $user['id'] ?>&status=inactive" class="action-link" onclick="return confirm('Are you sure you want to deactivate this user?')">Deactivate</a>
<?php else: ?>
<a href="update_user_status.php?id=<?= $user['id'] ?>&status=active" class="action-link" onclick="return confirm('Are you sure you want to activate this user?')">Activate</a>
<?php endif; ?>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
</div>
</div>
</main>
</div>
</body>
</html>