admin/36352-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

t3

Browse Source
This commit is contained in:
Flatlogic Bot 2025-11-27 09:24:02 +00:00
parent 4359789531
commit acd454b06b
5 changed files with 495 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
index.php
View File

@ -1,3 +1,4 @@
<?php session_start(); ?>
<!DOCTYPE html> <!DOCTYPE html>
<html lang="fa" dir="rtl"> <html lang="fa" dir="rtl">
<head> <head>
@ -35,13 +36,17 @@
</a> </a>
<ul class="nav col-12 col-lg-auto me-lg-auto mb-2 justify-content-center mb-md-0"> <ul class="nav col-12 col-lg-auto me-lg-auto mb-2 justify-content-center mb-md-0">
<li><a href="#" class="nav-link px-2 link-secondary">خانه</a></li> <li><a href="index.php" class="nav-link px-2 link-secondary">خانه</a></li>
<li><a href="roles.php" class="nav-link px-2 link-dark">مدیریت نقش‌ها</a></li>
<li><a href="users.php" class="nav-link px-2 link-dark">مدیریت کاربران</a></li>
</ul> </ul>
<div class="text-end"> <div class="text-end">
<button type="button" class="btn btn-primary" data-bs-toggle="modal" data-bs-target="#loginModal"> <?php if (isset($_SESSION['user_id'])): ?>
ورود <a href="logout.php" class="btn btn-outline-primary">خروج</a>
</button> <?php else: ?>
<a href="login.php" class="btn btn-primary">ورود</a>
<?php endif; ?>
</div> </div>
</div> </div>
</div> </div>
@ -92,31 +97,6 @@
</div> </div>
</footer> </footer>
<!-- Login Modal -->
<div class="modal fade" id="loginModal" tabindex="-1" aria-labelledby="loginModalLabel" aria-hidden="true">
<div class="modal-dialog modal-dialog-centered">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="loginModalLabel">ورود به سیستم</h5>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<div class="modal-body">
<form>
<div class="mb-3">
<label for="username" class="form-label">نام کاربری</label>
<input type="text" class="form-control" id="username">
</div>
<div class="mb-3">
<label for="password" class="form-label">رمز عبور</label>
<input type="password" class="form-control" id="password">
</div>
<button type="submit" class="btn btn-primary w-100">ورود</button>
</form>
</div>
</div>
</div>
</div>
<!-- Bootstrap JS --> <!-- Bootstrap JS -->
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script> <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
<!-- Custom JS --> <!-- Custom JS -->

91
login.php Normal file
View File

@ -0,0 +1,91 @@
<?php
session_start();
require_once 'db/config.php';
$db = db();
// Redirect if already logged in
if (isset($_SESSION['user_id'])) {
header("Location: index.php");
exit();
}
$error_message = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = $_POST['username'] ?? '';
$password = $_POST['password'] ?? '';
if (empty($username) || empty($password)) {
$error_message = 'Please enter both username and password.';
} else {
$stmt = $db->prepare("SELECT id, password, role_id FROM users WHERE username = :username");
$stmt->bindParam(':username', $username);
$stmt->execute();
$user = $stmt->fetch(PDO::FETCH_ASSOC);
if ($user && password_verify($password, $user['password'])) {
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $username;
$_SESSION['role_id'] = $user['role_id'];
header("Location: index.php");
exit();
} else {
$error_message = 'Invalid username or password.';
}
}
}
// Fetch header content
ob_start();
include 'index.php';
$page_content = ob_get_clean();
// Extract only the <head> and <header>
$head_and_header = '';
if (preg_match('/<head>.*?<\/head>/s', $page_content, $head_match)) {
$head_and_header .= $head_match[0];
}
if (preg_match('/<header>.*?<\/header>/s', $page_content, $header_match)) {
$head_and_header .= $header_match[0];
}
// Replace active nav link
$head_and_header = str_replace('<a class="nav-link" href="index.php">Home</a>', '<a class="nav-link" href="index.php">Home</a>', $head_and_header);
$head_and_header = preg_replace('/<a class="nav-link active" (.*?)>/', '<a class="nav-link" $1>', $head_and_header);
echo str_replace('</head>', '<style>.login-container { max-width: 400px; margin: 5rem auto; }</style></head>', $head_and_header);
?>
<main class="container mt-5">
<div class="login-container card">
<div class="card-body">
<h1 class="card-title text-center mb-4">Login</h1>
<?php if ($error_message): ?>
<div class="alert alert-danger"><?php echo $error_message; ?></div>
<?php endif; ?>
<form action="login.php" method="post">
<div class="mb-3">
<label for="username" class="form-label">Username</label>
<input type="text" class="form-control" id="username" name="username" required>
</div>
<div class="mb-3">
<label for="password" class="form-label">Password</label>
<input type="password" class="form-control" id="password" name="password" required>
</div>
<div class="d-grid">
<button type="submit" class="btn btn-primary">Login</button>
</div>
</form>
</div>
</div>
</main>
<?php
// Extract footer
if (preg_match('/<footer.*?>.*?<\/footer>/s', $page_content, $footer_match)) {
echo $footer_match[0];
}
?>

6
logout.php Normal file
View File

@ -0,0 +1,6 @@
<?php
session_start();
session_unset();
session_destroy();
header("Location: login.php");
exit();

161
roles.php Normal file
View File

@ -0,0 +1,161 @@
<?php
session_start();
// Authentication check
if (!isset($_SESSION['user_id'])) {
header('Location: login.php');
exit();
}
require_once 'db/config.php';
try {
$pdo = db();
// Create roles table if it doesn't exist
$pdo->exec("CREATE TABLE IF NOT EXISTS roles (
id INT AUTO_INCREMENT PRIMARY KEY,
name VARCHAR(255) NOT NULL UNIQUE
)");
// Handle Create and Update
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($_POST['add_role'])) {
$name = trim($_POST['role_name']);
if (!empty($name)) {
$stmt = $pdo->prepare("INSERT INTO roles (name) VALUES (:name)");
$stmt->execute(['name' => $name]);
}
} elseif (isset($_POST['update_role'])) {
$id = $_POST['role_id'];
$name = trim($_POST['role_name']);
if (!empty($name) && !empty($id)) {
$stmt = $pdo->prepare("UPDATE roles SET name = :name WHERE id = :id");
$stmt->execute(['name' => $name, 'id' => $id]);
}
}
header("Location: roles.php");
exit;
}
// Handle Delete
if (isset($_GET['delete_id'])) {
$id = $_GET['delete_id'];
$stmt = $pdo->prepare("DELETE FROM roles WHERE id = :id");
$stmt->execute(['id' => $id]);
header("Location: roles.php");
exit;
}
// Fetch all roles
$roles = $pdo->query("SELECT * FROM roles ORDER BY id DESC")->fetchAll();
// Fetch role for editing
$editing_role = null;
if (isset($_GET['edit_id'])) {
$id = $_GET['edit_id'];
$stmt = $pdo->prepare("SELECT * FROM roles WHERE id = :id");
$stmt->execute(['id' => $id]);
$editing_role = $stmt->fetch();
}
} catch (PDOException $e) {
die("Database error: " . $e->getMessage());
}
?>
<!DOCTYPE html>
<html lang="fa" dir="rtl">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>مدیریت نقش‌ها</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.rtl.min.css" rel="stylesheet">
<link href="https://fonts.googleapis.com/css2?family=Vazirmatn:wght@400;700&display=swap" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css?v=<?php echo time(); ?>">
<script src="https://unpkg.com/feather-icons"></script>
</head>
<body>
<header class="p-3 mb-3 border-bottom sticky-top bg-light">
<div class="container">
<div class="d-flex flex-wrap align-items-center justify-content-center justify-content-lg-start">
<a href="/" class="d-flex align-items-center mb-2 mb-lg-0 text-dark text-decoration-none">
<span class="fs-4">مدیریت مدرسه</span>
</a>
<ul class="nav col-12 col-lg-auto me-lg-auto mb-2 justify-content-center mb-md-0">
<li><a href="index.php" class="nav-link px-2 link-dark">خانه</a></li>
<li><a href="roles.php" class="nav-link px-2 link-secondary">مدیریت نقش‌ها</a></li>
<li><a href="users.php" class="nav-link px-2 link-dark">مدیریت کاربران</a></li>
</ul>
<div class="text-end">
<?php if (isset($_SESSION['user_id'])): ?>
<a href="logout.php" class="btn btn-outline-primary">خروج</a>
<?php else: ?>
<a href="login.php" class="btn btn-primary">ورود</a>
<?php endif; ?>
</div>
</div>
</div>
</header>
<main class="container py-5">
<div class="row">
<div class="col-md-8">
<h2>فهرست نقش‌ها</h2>
<div class="table-responsive">
<table class="table table-striped table-hover">
<thead>
<tr>
<th>#</th>
<th>نام نقش</th>
<th>عملیات</th>
</tr>
</thead>
<tbody>
<?php foreach ($roles as $role): ?>
<tr>
<td><?php echo htmlspecialchars($role['id']); ?></td>
<td><?php echo htmlspecialchars($role['name']); ?></td>
<td>
<a href="roles.php?edit_id=<?php echo $role['id']; ?>" class="btn btn-sm btn-outline-primary">ویرایش</a>
<a href="roles.php?delete_id=<?php echo $role['id']; ?>" class="btn btn-sm btn-outline-danger" onclick="return confirm('آیا مطمئن هستید؟')">حذف</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
</div>
<div class="col-md-4">
<h2><?php echo $editing_role ? 'ویرایش نقش' : 'افزودن نقش جدید'; ?></h2>
<form method="POST" action="roles.php">
<?php if ($editing_role): ?>
<input type="hidden" name="role_id" value="<?php echo $editing_role['id']; ?>">
<?php endif; ?>
<div class="mb-3">
<label for="role_name" class="form-label">نام نقش</label>
<input type="text" class="form-control" id="role_name" name="role_name" value="<?php echo htmlspecialchars($editing_role['name'] ?? ''); ?>" required>
</div>
<?php if ($editing_role): ?>
<button type="submit" name="update_role" class="btn btn-primary w-100">به‌روزرسانی</button>
<a href="roles.php" class="btn btn-secondary w-100 mt-2">انصراف</a>
<?php else: ?>
<button type="submit" name="add_role" class="btn btn-success w-100">افزودن</button>
<?php endif; ?>
</form>
</div>
</div>
</main>
<footer class="footer mt-auto py-3 bg-light">
<div class="container text-center">
<span class="text-muted">© 2025 سیستم مدیریت مدرسه</span>
</div>
</footer>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
<script>
feather.replace()
</script>
</body>
</html>

228
users.php Normal file
View File

@ -0,0 +1,228 @@
<?php
session_start();
// Authentication check
if (!isset($_SESSION['user_id'])) {
header('Location: login.php');
exit();
}
require_once 'db/config.php';
try {
$pdo = db();
// Create users table if it doesn't exist
$pdo->exec("CREATE TABLE IF NOT EXISTS users (
id INT AUTO_INCREMENT PRIMARY KEY,
username VARCHAR(255) NOT NULL UNIQUE,
email VARCHAR(255) NOT NULL UNIQUE,
password VARCHAR(255) NOT NULL,
role_id INT,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (role_id) REFERENCES roles(id) ON DELETE SET NULL
)");
// Fetch all roles for the dropdown
$roles = $pdo->query("SELECT * FROM roles ORDER BY name")->fetchAll();
// Handle Create and Update
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($_POST['add_user'])) {
$username = trim($_POST['username']);
$email = trim($_POST['email']);
$password = $_POST['password'];
$role_id = $_POST['role_id'];
if (!empty($username) && !empty($email) && !empty($password) && !empty($role_id)) {
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$stmt = $pdo->prepare("INSERT INTO users (username, email, password, role_id) VALUES (:username, :email, :password, :role_id)");
$stmt->execute([
'username' => $username,
'email' => $email,
'password' => $hashed_password,
'role_id' => $role_id
]);
}
} elseif (isset($_POST['update_user'])) {
$id = $_POST['user_id'];
$username = trim($_POST['username']);
$email = trim($_POST['email']);
$password = $_POST['password'];
$role_id = $_POST['role_id'];
if (!empty($id) && !empty($username) && !empty($email) && !empty($role_id)) {
if (!empty($password)) {
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$stmt = $pdo->prepare("UPDATE users SET username = :username, email = :email, password = :password, role_id = :role_id WHERE id = :id");
$stmt->execute([
'username' => $username,
'email' => $email,
'password' => $hashed_password,
'role_id' => $role_id,
'id' => $id
]);
} else {
$stmt = $pdo->prepare("UPDATE users SET username = :username, email = :email, role_id = :role_id WHERE id = :id");
$stmt->execute([
'username' => $username,
'email' => $email,
'role_id' => $role_id,
'id' => $id
]);
}
}
}
header("Location: users.php");
exit;
}
// Handle Delete
if (isset($_GET['delete_id'])) {
$id = $_GET['delete_id'];
$stmt = $pdo->prepare("DELETE FROM users WHERE id = :id");
$stmt->execute(['id' => $id]);
header("Location: users.php");
exit;
}
// Fetch all users with their role names
$users = $pdo->query("
SELECT users.*, roles.name AS role_name
FROM users
LEFT JOIN roles ON users.role_id = roles.id
ORDER BY users.id DESC
")->fetchAll();
// Fetch user for editing
$editing_user = null;
if (isset($_GET['edit_id'])) {
$id = $_GET['edit_id'];
$stmt = $pdo->prepare("SELECT * FROM users WHERE id = :id");
$stmt->execute(['id' => $id]);
$editing_user = $stmt->fetch();
}
} catch (PDOException $e) {
die("Database error: " . $e->getMessage());
}
?>
<!DOCTYPE html>
<html lang="fa" dir="rtl">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>مدیریت کاربران</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.rtl.min.css" rel="stylesheet">
<link href="https://fonts.googleapis.com/css2?family=Vazirmatn:wght@400;700&display=swap" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css?v=<?php echo time(); ?>">
<script src="https://unpkg.com/feather-icons"></script>
</head>
<body>
<header class="p-3 mb-3 border-bottom sticky-top bg-light">
<div class="container">
<div class="d-flex flex-wrap align-items-center justify-content-center justify-content-lg-start">
<a href="/" class="d-flex align-items-center mb-2 mb-lg-0 text-dark text-decoration-none">
<span class="fs-4">مدیریت مدرسه</span>
</a>
<ul class="nav col-12 col-lg-auto me-lg-auto mb-2 justify-content-center mb-md-0">
<li><a href="index.php" class="nav-link px-2 link-dark">خانه</a></li>
<li><a href="roles.php" class="nav-link px-2 link-dark">مدیریت نقش‌ها</a></li>
<li><a href="users.php" class="nav-link px-2 link-secondary">مدیریت کاربران</a></li>
</ul>
<div class="text-end">
<?php if (isset($_SESSION['user_id'])): ?>
<a href="logout.php" class="btn btn-outline-primary">خروج</a>
<?php else: ?>
<a href="login.php" class="btn btn-primary">ورود</a>
<?php endif; ?>
</div>
</div>
</div>
</header>
<main class="container py-5">
<div class="row">
<div class="col-md-8">
<h2>فهرست کاربران</h2>
<div class="table-responsive">
<table class="table table-striped table-hover">
<thead>
<tr>
<th>#</th>
<th>نام کاربری</th>
<th>ایمیل</th>
<th>نقش</th>
<th>عملیات</th>
</tr>
</thead>
<tbody>
<?php foreach ($users as $user): ?>
<tr>
<td><?php echo htmlspecialchars($user['id']); ?></td>
<td><?php echo htmlspecialchars($user['username']); ?></td>
<td><?php echo htmlspecialchars($user['email']); ?></td>
<td><?php echo htmlspecialchars($user['role_name'] ?? 'بدون نقش'); ?></td>
<td>
<a href="users.php?edit_id=<?php echo $user['id']; ?>" class="btn btn-sm btn-outline-primary">ویرایش</a>
<a href="users.php?delete_id=<?php echo $user['id']; ?>" class="btn btn-sm btn-outline-danger" onclick="return confirm('آیا مطمئن هستید؟')">حذف</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
</div>
<div class="col-md-4">
<h2><?php echo $editing_user ? 'ویرایش کاربر' : 'افزودن کاربر جدید'; ?></h2>
<form method="POST" action="users.php">
<?php if ($editing_user): ?>
<input type="hidden" name="user_id" value="<?php echo $editing_user['id']; ?>">
<?php endif; ?>
<div class="mb-3">
<label for="username" class="form-label">نام کاربری</label>
<input type="text" class="form-control" id="username" name="username" value="<?php echo htmlspecialchars($editing_user['username'] ?? ''); ?>" required>
</div>
<div class="mb-3">
<label for="email" class="form-label">ایمیل</label>
<input type="email" class="form-control" id="email" name="email" value="<?php echo htmlspecialchars($editing_user['email'] ?? ''); ?>" required>
</div>
<div class="mb-3">
<label for="password" class="form-label">رمز عبور <?php echo $editing_user ? '(خالی بگذارید تا بدون تغییر بماند)' : ''; ?></label>
<input type="password" class="form-control" id="password" name="password" <?php echo !$editing_user ? 'required' : ''; ?>>
</div>
<div class="mb-3">
<label for="role_id" class="form-label">نقش</label>
<select class="form-select" id="role_id" name="role_id" required>
<option value="">یک نقش انتخاب کنید</option>
<?php foreach ($roles as $role): ?>
<option value="<?php echo $role['id']; ?>" <?php echo (isset($editing_user) && $editing_user['role_id'] == $role['id']) ? 'selected' : ''; ?>>
<?php echo htmlspecialchars($role['name']); ?>
</option>
<?php endforeach; ?>
</select>
</div>
<?php if ($editing_user): ?>
<button type="submit" name="update_user" class="btn btn-primary w-100">به‌روزرسانی</button>
<a href="users.php" class="btn btn-secondary w-100 mt-2">انصراف</a>
<?php else: ?>
<button type="submit" name="add_user" class="btn btn-success w-100">افزودن</button>
<?php endif; ?>
</form>
</div>
</div>
</main>
<footer class="footer mt-auto py-3 bg-light">
<div class="container text-center">
<span class="text-muted">© 2025 سیستم مدیریت مدرسه</span>
</div>
</footer>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
<script>
feather.replace()
</script>
</body>
</html>