admin/36522-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1.1

Browse Source
This commit is contained in:
Flatlogic Bot 2025-12-01 13:32:48 +00:00
parent 26f521c2bd
commit 1cff3c750d
12 changed files with 553 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
add_visit.php
View File

@ -17,8 +17,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
} else {
try {
$pdo = db();
$stmt = $pdo->prepare('INSERT INTO visits (client_name, latitude, longitude) VALUES (?, ?, ?)');
$stmt->execute([$client_name, $latitude, $longitude]);
$stmt = $pdo->prepare('INSERT INTO visits (client_name, latitude, longitude, user_id) VALUES (?, ?, ?, ?)');
$stmt->execute([$client_name, $latitude, $longitude, $_SESSION['user_id']]);
$success_message = 'Visit captured successfully!';
} catch (PDOException $e) {
$error_message = 'Database error: ' . $e->getMessage();

91
admin/create_user.php Normal file
View File

@ -0,0 +1,91 @@
<?php
require_once '../auth.php';
if (!isAdmin()) {
header('Location: /index.php');
exit;
}
$pdo = db();
$error_message = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = trim($_POST['username']);
$password = $_POST['password'];
$role_id = $_POST['role_id'];
$branch = trim($_POST['branch']);
if (empty($username) || empty($password) || empty($role_id)) {
$error_message = 'Username, password, and role are required.';
} else {
// Check if username already exists
$stmt = $pdo->prepare("SELECT id FROM users WHERE username = ?");
$stmt->execute([$username]);
if ($stmt->fetch()) {
$error_message = 'Username already taken. Please choose another.';
} else {
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$insert_stmt = $pdo->prepare("INSERT INTO users (username, password, role_id, branch) VALUES (?, ?, ?, ?)");
if ($insert_stmt->execute([$username, $hashed_password, $role_id, $branch])) {
header('Location: index.php?success=create');
exit;
} else {
$error_message = 'Failed to create user.';
}
}
}
}
// Fetch all roles
$roles_stmt = $pdo->query("SELECT id, name FROM roles");
$roles = $roles_stmt->fetchAll(PDO::FETCH_ASSOC);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Create User</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
</head>
<body>
<div class="container mt-4">
<h1 class="mb-4">Create New User</h1>
<?php if ($error_message): ?>
<div class="alert alert-danger"><?php echo $error_message; ?></div>
<?php endif; ?>
<div class="card">
<div class="card-body">
<form action="create_user.php" method="POST">
<div class="mb-3">
<label for="username" class="form-label">Username</label>
<input type="text" class="form-control" id="username" name="username" required>
</div>
<div class="mb-3">
<label for="password" class="form-label">Password</label>
<input type="password" class="form-control" id="password" name="password" required>
</div>
<div class="mb-3">
<label for="role" class="form-label">Role</label>
<select class="form-select" id="role" name="role_id" required>
<option value="" disabled selected>Select a role</option>
<?php foreach ($roles as $role): ?>
<option value="<?php echo $role['id']; ?>"><?php echo htmlspecialchars($role['name']); ?></option>
<?php endforeach; ?>
</select>
</div>
<div class="mb-3">
<label for="branch" class="form-label">Branch</label>
<input type="text" class="form-control" id="branch" name="branch">
</div>
<button type="submit" class="btn btn-primary">Create User</button>
<a href="index.php" class="btn btn-secondary">Cancel</a>
</form>
</div>
</div>
</div>
</body>
</html>

26
admin/delete_user.php Normal file
View File

@ -0,0 +1,26 @@
<?php
require_once '../auth.php';
// Block access if user is not an admin
if (!isAdmin()) {
header('Location: /index.php');
exit;
}
$user_id = $_GET['id'] ?? null;
if ($user_id) {
// Prevent admin from deleting themselves
if ($user_id == $_SESSION['user_id']) {
header('Location: index.php?error=self_delete');
exit;
}
$pdo = db();
$stmt = $pdo->prepare("DELETE FROM users WHERE id = ?");
$stmt->execute([$user_id]);
}
header('Location: index.php?success=delete');
exit;
?>

86
admin/edit_user.php Normal file
View File

@ -0,0 +1,86 @@
<?php
require_once '../auth.php';
// Block access if user is not an admin
if (!isAdmin()) {
header('Location: /index.php');
exit;
}
$user_id = $_GET['id'] ?? null;
if (!$user_id) {
header('Location: admin/index.php');
exit;
}
$pdo = db();
// Handle form submission
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = trim($_POST['username']);
$role_id = $_POST['role_id'];
$branch = trim($_POST['branch']);
$update_stmt = $pdo->prepare("UPDATE users SET username = ?, role_id = ?, branch = ? WHERE id = ?");
if ($update_stmt->execute([$username, $role_id, $branch, $user_id])) {
header('Location: index.php?success=1');
exit;
} else {
$error_message = "Failed to update user.";
}
}
// Fetch user data
$stmt = $pdo->prepare("SELECT id, username, role_id, branch FROM users WHERE id = ?");
$stmt->execute([$user_id]);
$user = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$user) {
header('Location: admin/index.php');
exit;
}
// Fetch all roles
$roles_stmt = $pdo->query("SELECT id, name FROM roles");
$roles = $roles_stmt->fetchAll(PDO::FETCH_ASSOC);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Edit User</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
</head>
<body>
<div class="container mt-4">
<h1 class="mb-4">Edit User: <?php echo htmlspecialchars($user['username']); ?></h1>
<div class="card">
<div class="card-body">
<form action="edit_user.php?id=<?php echo $user_id; ?>" method="POST">
<div class="mb-3">
<label for="username" class="form-label">Username</label>
<input type="text" class="form-control" id="username" name="username" value="<?php echo htmlspecialchars($user['username']); ?>" required>
</div>
<div class="mb-3">
<label for="role" class="form-label">Role</label>
<select class="form-select" id="role" name="role_id" required>
<?php foreach ($roles as $role): ?>
<option value="<?php echo $role['id']; ?>" <?php echo ($user['role_id'] == $role['id']) ? 'selected' : ''; ?>><?php echo htmlspecialchars($role['name']); ?></option>
<?php endforeach; ?>
</select>
</div>
<div class="mb-3">
<label for="branch" class="form-label">Branch</label>
<input type="text" class="form-control" id="branch" name="branch" value="<?php echo htmlspecialchars($user['branch'] ?? ''); ?>">
</div>
<button type="submit" class="btn btn-primary">Save Changes</button>
<a href="index.php" class="btn btn-secondary">Cancel</a>
</form>
</div>
</div>
</div>
</body>
</html>

130
admin/index.php Normal file
View File

@ -0,0 +1,130 @@
<?php
require_once '../auth.php';
// Block access if user is not an admin
if (!isAdmin()) {
header('Location: /index.php');
exit;
}
// Get search terms
$searchTerm = $_GET['search'] ?? '';
$searchRole = $_GET['role'] ?? '';
$searchBranch = $_GET['branch'] ?? '';
// Build the search query
$sql = "SELECT u.id, u.username, r.name as role, u.branch FROM users u LEFT JOIN roles r ON u.role_id = r.id WHERE 1=1";
$params = [];
if (!empty($searchTerm)) {
$sql .= " AND u.username LIKE ?";
$params[] = "%$searchTerm%";
}
if (!empty($searchRole)) {
$sql .= " AND r.name = ?";
$params[] = $searchRole;
}
if (!empty($searchBranch)) {
$sql .= " AND u.branch LIKE ?";
$params[] = "%$searchBranch%";
}
$sql .= " ORDER BY username";
// Fetch all users from the database
$stmt = db()->prepare($sql);
$stmt->execute($params);
$users = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Fetch all unique roles for the filter dropdown
$rolesStmt = db()->query("SELECT name FROM roles ORDER BY name");
$roles = $rolesStmt->fetchAll(PDO::FETCH_COLUMN);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Admin - User Management</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
</head>
<body>
<div class="container mt-4">
<div class="d-flex justify-content-between align-items-center mb-4">
<h1 class="mb-0">User Management</h1>
<a href="create_user.php" class="btn btn-success">Create User</a>
</div>
<!-- Search Form -->
<div class="card mb-4">
<div class="card-header">
Search & Filter
</div>
<div class="card-body">
<form action="index.php" method="get" class="row g-3">
<div class="col-md-4">
<input type="text" class="form-control" name="search" placeholder="Search by username..." value="<?php echo htmlspecialchars($searchTerm); ?>">
</div>
<div class="col-md-3">
<select name="role" class="form-select">
<option value="">All Roles</option>
<?php foreach ($roles as $role): ?>
<option value="<?php echo htmlspecialchars($role); ?>" <?php if ($role === $searchRole) echo 'selected'; ?>>
<?php echo htmlspecialchars($role); ?>
</option>
<?php endforeach; ?>
</select>
</div>
<div class="col-md-3">
<input type="text" class="form-control" name="branch" placeholder="Search by branch..." value="<?php echo htmlspecialchars($searchBranch); ?>">
</div>
<div class="col-md-2">
<button type="submit" class="btn btn-primary w-100">Search</button>
</div>
</form>
</div>
</div>
<div class="card">
<div class="card-header">
All Users
</div>
<div class="card-body">
<table class="table table-striped">
<thead>
<tr>
<th>Username</th>
<th>Role</th>
<th>Branch</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php if (empty($users)): ?>
<tr>
<td colspan="4" class="text-center">No users found.</td>
</tr>
<?php endif; ?>
<?php foreach ($users as $user): ?>
<tr>
<td><?php echo htmlspecialchars($user['username']); ?></td>
<td><?php echo htmlspecialchars($user['role']); ?></td>
<td><?php echo htmlspecialchars($user['branch'] ?? 'N/A'); ?></td>
<td>
<a href="edit_user.php?id=<?php echo $user['id']; ?>" class="btn btn-sm btn-primary">Edit</a>
<a href="delete_user.php?id=<?php echo $user['id']; ?>" class="btn btn-sm btn-danger" onclick="return confirm('Are you sure you want to delete this user?');">Delete</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
</div>
<a href="/index.php" class="btn btn-secondary mt-3">Back to Dashboard</a>
</div>
</body>
</html>

4
auth.php
View File

@ -45,3 +45,7 @@ function require_role($role_names) {
exit();
}
}
function isAdmin() {
return has_role('Admin');
}

26
dashboard.php Normal file
View File

@ -0,0 +1,26 @@
<?php
header('Content-Type: application/json');
require_once 'auth.php';
require_login();
$pdo = db();
function getVisitsByStatus($pdo) {
$stmt = $pdo->prepare('SELECT status, COUNT(*) as count FROM visits GROUP BY status');
$stmt->execute();
$results = $stmt->fetchAll(PDO::FETCH_KEY_PAIR);
$labels = array_keys($results);
$data = array_values($results);
return [
'labels' => $labels,
'data' => $data,
];
}
$response = [
'visitsByStatus' => getVisitsByStatus($pdo),
];
echo json_encode($response);

3
db/migrations/004_add_branch_and_user_to_visits.sql Normal file
View File

@ -0,0 +1,3 @@
ALTER TABLE `users` ADD `branch` VARCHAR(255) NULL;
ALTER TABLE `visits` ADD `user_id` INT NULL;
ALTER TABLE `visits` ADD FOREIGN KEY (`user_id`) REFERENCES `users`(`id`);

190
index.php
View File

@ -2,13 +2,31 @@
require_once 'auth.php';
require_login();
$current_role = current_user_role();
// Get username for display
$pdo = db();
$stmt = $pdo->prepare('SELECT username FROM users WHERE id = ?');
$branch_update_message = '';
// Handle branch update
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['branch'])) {
$branch = trim($_POST['branch']);
if (!empty($branch)) {
$stmt = $pdo->prepare('UPDATE users SET branch = ? WHERE id = ?');
if ($stmt->execute([$branch, $_SESSION['user_id']])) {
$branch_update_message = 'Branch updated successfully! Refreshing...';
// Redirect to refresh the page and clear POST data
header("Refresh: 2; url=index.php");
} else {
$branch_update_message = 'Error updating branch.';
}
}
}
// Get user info
$stmt = $pdo->prepare('SELECT username, branch FROM users WHERE id = ?');
$stmt->execute([$_SESSION['user_id']]);
$username = $stmt->fetchColumn();
$user = $stmt->fetch(PDO::FETCH_ASSOC);
$username = $user['username'] ?? 'User';
$branch = $user['branch'] ?? null;
$current_role = current_user_role();
?><!DOCTYPE html>
<html lang="en">
@ -18,6 +36,7 @@ $username = $stmt->fetchColumn();
<title><?php echo htmlspecialchars($_SERVER['PROJECT_NAME'] ?? 'GeoVerify'); ?></title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
<link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css" rel="stylesheet">
<script src="https://cdn.jsdelivr.net/npm/chart.js"></script>
</head>
<body>
<nav class="navbar navbar-expand-lg navbar-light bg-white mb-4">
@ -34,16 +53,21 @@ $username = $stmt->fetchColumn();
<li class="nav-item">
<a class="nav-link active" href="index.php">Home</a>
</li>
<?php if ($current_role === 'Loan Officer'): ?>
<?php if (has_role('Loan Officer')): ?>
<li class="nav-item">
<a class="nav-link" href="add_visit.php">Add Visit</a>
</li>
<?php endif; ?>
<?php if ($current_role === 'Verifier' || $current_role === 'Branch Manager'): ?>
<?php if (has_role(['Verifier', 'Branch Manager'])): ?>
<li class="nav-item">
<a class="nav-link" href="view_visits.php">Review Visits</a>
</li>
<?php endif; ?>
<?php if (isAdmin()): ?>
<li class="nav-item">
<a class="nav-link" href="admin/index.php">Admin</a>
</li>
<?php endif; ?>
<li class="nav-item dropdown">
<a class="nav-link dropdown-toggle" href="#" id="navbarDropdown" role="button" data-bs-toggle="dropdown" aria-expanded="false">
<i class="fas fa-user"></i> <?= htmlspecialchars($username) ?> (<?= htmlspecialchars($current_role) ?>)
@ -58,39 +82,136 @@ $username = $stmt->fetchColumn();
</nav>
<main class="container mt-5">
<div class="p-5 mb-4 bg-light rounded-3 text-center">
<div class="container-fluid py-5">
<h1 class="display-5 fw-bold">Geo-verification System</h1>
<p class="fs-4">Welcome, <?= htmlspecialchars($username) ?>! You are logged in as a <?= htmlspecialchars($current_role) ?>.</p>
<?php if (empty($branch)): ?>
<div class="p-5 mb-4 bg-light rounded-3">
<div class="container-fluid py-5">
<h1 class="display-5 fw-bold">Set Your Branch</h1>
<p class="fs-4">Please set your branch to continue.</p>
<?php if ($branch_update_message): ?>
<div class="alert alert-info"><?= htmlspecialchars($branch_update_message) ?></div>
<?php endif; ?>
<form method="POST" action="index.php">
<div class="mb-3">
<label for="branch" class="form-label">Branch Name</label>
<input type="text" class="form-control" id="branch" name="branch" required>
</div>
<button type="submit" class="btn btn-primary">Save Branch</button>
</form>
</div>
</div>
<?php else: ?>
<div class="p-5 mb-4 bg-light rounded-3">
<div class="container-fluid py-5">
<h1 class="display-5 fw-bold">Dashboard</h1>
<p class="fs-4">Welcome, <?= htmlspecialchars($username) ?>! You are logged in as a <?= htmlspecialchars($current_role) ?> from the <?= htmlspecialchars($branch) ?> branch.</p>
</div>
</div>
</div>
<div class="row">
<?php if ($current_role === 'Loan Officer'): ?>
<div class="col-md-6 mb-4">
<div class="card h-100">
<div class="card-body text-center d-flex flex-column justify-content-center">
<i class="fas fa-plus-circle fa-3x text-primary mb-3"></i>
<h5 class="card-title">Add New Visit</h5>
<p class="card-text">Capture GPS coordinates and client details for a new visit.</p>
<a href="add_visit.php" class="btn btn-primary mt-auto">Go &raquo;</a>
<div class="row">
<div class="col-12">
<div class="card">
<div class="card-header">
<h2 class="h4">Visits by Status</h2>
</div>
<div class="card-body">
<canvas id="visitsByStatusChart"></canvas>
</div>
</div>
</div>
</div>
<?php endif; ?>
<?php if ($current_role === 'Verifier' || $current_role === 'Branch Manager'): ?>
<div class="col-md-6 mb-4">
<div class="card h-100">
<div class="card-body text-center d-flex flex-column justify-content-center">
<i class="fas fa-list-check fa-3x text-success mb-3"></i>
<h5 class="card-title">Review Visits</h5>
<p class="card-text">View, verify, or reject recorded client visits.</p>
<a href="view_visits.php" class="btn btn-success mt-auto">Go &raquo;</a>
<script>
document.addEventListener('DOMContentLoaded', function () {
fetch('dashboard.php')
.then(response => response.json())
.then(data => {
const ctx = document.getElementById('visitsByStatusChart').getContext('2d');
new Chart(ctx, {
type: 'bar',
data: {
labels: data.visitsByStatus.labels,
datasets: [{
label: '# of Visits',
data: data.visitsByStatus.data,
backgroundColor: [
'rgba(255, 99, 132, 0.2)',
'rgba(54, 162, 235, 0.2)',
'rgba(255, 206, 86, 0.2)',
'rgba(75, 192, 192, 0.2)',
'rgba(153, 102, 255, 0.2)',
'rgba(255, 159, 64, 0.2)'
],
borderColor: [
'rgba(255, 99, 132, 1)',
'rgba(54, 162, 235, 1)',
'rgba(255, 206, 86, 1)',
'rgba(75, 192, 192, 1)',
'rgba(153, 102, 255, 1)',
'rgba(255, 159, 64, 1)'
],
borderWidth: 1
}]
},
options: {
scales: {
y: {
beginAtZero: true
}
}
}
});
});
});
</script>
<?php
if ($current_role === 'Loan Officer') {
$stmt = $pdo->prepare('SELECT status, COUNT(*) as count FROM visits WHERE user_id = ? GROUP BY status');
$stmt->execute([$_SESSION['user_id']]);
?>
<?php } else { // Verifier and Branch Manager
$stmt = $pdo->query("SELECT u.branch, u.username, COUNT(v.id) AS visit_count FROM visits v JOIN users u ON v.user_id = u.id WHERE u.branch IS NOT NULL AND u.role_id = (SELECT id FROM roles WHERE name = 'Loan Officer') GROUP BY u.branch, u.username ORDER BY u.branch, u.username");
$visits_by_officer = $stmt->fetchAll(PDO::FETCH_GROUP | PDO::FETCH_ASSOC);
?>
<div class="row">
<div class="col-12">
<div class="card">
<div class="card-header"><h2 class="h4">Visits by Branch and Loan Officer</h2></div>
<div class="card-body">
<?php if (empty($visits_by_officer)): ?>
<p>No visits recorded yet.</p>
<?php else: ?>
<div class="accordion" id="branchAccordion">
<?php foreach ($visits_by_officer as $branchName => $officers): ?>
<div class="accordion-item">
<h2 class="accordion-header" id="heading-<?= md5($branchName) ?>">
<button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#collapse-<?= md5($branchName) ?>" aria-expanded="false" aria-controls="collapse-<?= md5($branchName) ?>">
<strong><?= htmlspecialchars($branchName) ?></strong>
</button>
</h2>
<div id="collapse-<?= md5($branchName) ?>" class="accordion-collapse collapse" aria-labelledby="heading-<?= md5($branchName) ?>" data-bs-parent="#branchAccordion">
<div class="accordion-body">
<ul class="list-group">
<?php foreach ($officers as $officer): ?>
<li class="list-group-item d-flex justify-content-between align-items-center">
<?= htmlspecialchars($officer['username']) ?>
<span class="badge bg-primary rounded-pill"><?= $officer['visit_count'] ?> visits</span>
</li>
<?php endforeach; ?>
</ul>
</div>
</div>
</div>
<?php endforeach; ?>
</div>
<?php endif; ?>
</div>
</div>
</div>
</div>
</div>
<?php endif; ?>
</div>
<?php } ?>
<?php endif; ?>
</main>
<footer class="footer mt-auto py-3 bg-light">
@ -102,6 +223,3 @@ $username = $stmt->fetchColumn();
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>
sdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>

BIN
project.zip Normal file
View File

Binary file not shown.

3
update_visit_status.php
View File

@ -1,4 +1,7 @@
<?php
require_once 'auth.php';
require_role('Verifier');
require_once 'db/config.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {

35
view_visits.php
View File

@ -1,12 +1,21 @@
<?php
require_once 'auth.php';
require_role(['Verifier', 'Branch Manager']);
require_once 'db/config.php';
$current_role = current_user_role();
// Get username for display
$pdo = db();
$stmt = $pdo->prepare('SELECT username FROM users WHERE id = ?');
$stmt->execute([$_SESSION['user_id']]);
$username = $stmt->fetchColumn();
$pageTitle = 'View Visits';
$page = 'view_visits.php';
// Fetch all visits from the database
$pdoconn = db();
$stmt = $pdoconn->query('SELECT id, client_name, latitude, longitude, visit_time, status FROM visits ORDER BY visit_time DESC');
$stmt = $pdo->query('SELECT id, client_name, latitude, longitude, visit_time, status FROM visits ORDER BY visit_time DESC');
$visits = $stmt->fetchAll(PDO::FETCH_ASSOC);
?>
@ -53,13 +62,25 @@ $visits = $stmt->fetchAll(PDO::FETCH_ASSOC);
<div class="collapse navbar-collapse" id="navbarNav">
<ul class="navbar-nav ms-auto">
<li class="nav-item">
<a class="nav-link <?php if ($page === 'index.php') echo 'active'; ?>" href="index.php">Home</a>
<a class="nav-link" href="index.php">Home</a>
</li>
<?php if ($current_role === 'Loan Officer'): ?>
<li class="nav-item">
<a class="nav-link <?php if ($page === 'add_visit.php') echo 'active'; ?>" href="add_visit.php">Add Visit</a>
<a class="nav-link" href="add_visit.php">Add Visit</a>
</li>
<?php endif; ?>
<?php if ($current_role === 'Verifier' || $current_role === 'Branch Manager'): ?>
<li class="nav-item">
<a class="nav-link <?php if ($page === 'view_visits.php') echo 'active'; ?>" href="view_visits.php">Review Visits</a>
<a class="nav-link active" href="view_visits.php">Review Visits</a>
</li>
<?php endif; ?>
<li class="nav-item dropdown">
<a class="nav-link dropdown-toggle" href="#" id="navbarDropdown" role="button" data-bs-toggle="dropdown" aria-expanded="false">
<i class="fas fa-user"></i> <?= htmlspecialchars($username) ?> (<?= htmlspecialchars($current_role) ?>)
</a>
<ul class="dropdown-menu dropdown-menu-end" aria-labelledby="navbarDropdown">
<li><a class="dropdown-item" href="logout.php">Logout</a></li>
</ul>
</li>
</ul>
</div>
@ -114,7 +135,7 @@ $visits = $stmt->fetchAll(PDO::FETCH_ASSOC);
?>
</td>
<td>
<?php if ($visit['status'] === 'pending'): ?>
<?php if ($visit['status'] === 'pending' && $current_role === 'Verifier'): ?>
<div class="btn-group" role="group">
<form action="update_visit_status.php" method="POST" class="d-inline">
<input type="hidden" name="visit_id" value="<?php echo $visit['id']; ?>">