admin/36522-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: admin:master
Branches Tags
admin:master
admin:ai-dev
...
pull from: admin:ai-dev
Branches Tags
admin:ai-dev
admin:master

4 Commits
master ... ai-dev

Author SHA1 Message Date
Flatlogic Bot
1449d3a66a Auto commit: 2025-12-01T13:51:22.482Z 2025-12-01 13:51:22 +00:00
Flatlogic Bot
91d94f28e2 1.2 2025-12-01 13:46:02 +00:00
Flatlogic Bot
1cff3c750d 1.1 2025-12-01 13:32:48 +00:00
Flatlogic Bot
26f521c2bd Client Verify 1.0 2025-12-01 06:11:23 +00:00
22 changed files with 1185 additions and 142 deletions
Show Stats Expand all files Collapse all files

95
add_visit.php Normal file
View File

@ -0,0 +1,95 @@
<?php
require_once 'auth.php';
require_role('Loan Officer');
require_once __DIR__ . '/db/config.php';
$success_message = '';
$error_message = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$client_name = $_POST['client_name'] ?? '';
$latitude = $_POST['latitude'] ?? '';
$longitude = $_POST['longitude'] ?? '';
if (empty($client_name) || empty($latitude) || empty($longitude)) {
$error_message = 'Client name and GPS coordinates are required.';
} else {
try {
$pdo = db();
$stmt = $pdo->prepare('INSERT INTO visits (client_name, latitude, longitude, user_id) VALUES (?, ?, ?, ?)');
$stmt->execute([$client_name, $latitude, $longitude, $_SESSION['user_id']]);
$success_message = 'Visit captured successfully!';
} catch (PDOException $e) {
$error_message = 'Database error: ' . $e->getMessage();
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Add Client Visit</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.3/font/bootstrap-icons.min.css">
</head>
<body>
<nav class="navbar navbar-expand-lg navbar-dark bg-primary">
<div class="container-fluid">
<a class="navbar-brand" href="/"><?php echo htmlspecialchars($_SERVER['PROJECT_NAME'] ?? 'GeoVerify'); ?></a>
</div>
</nav>
<div class="container mt-5">
<div class="row justify-content-center">
<div class="col-md-6">
<div class="card">
<div class="card-header">
<h1 class="h4 mb-0">Add Client Visit</h1>
</div>
<div class="card-body">
<?php if ($success_message): ?>
<div class="alert alert-success"><?php echo $success_message; ?></div>
<?php endif; ?>
<?php if ($error_message): ?>
<div class="alert alert-danger"><?php echo $error_message; ?></div>
<?php endif; ?>
<form id="visitForm" method="POST" action="add_visit.php">
<div class="mb-3">
<label for="client_name" class="form-label">Client Name</label>
<input type="text" class="form-control" id="client_name" name="client_name" required>
</div>
<input type="hidden" id="latitude" name="latitude">
<input type="hidden" id="longitude" name="longitude">
<button type="submit" class="btn btn-primary w-100">Capture and Save Visit <i class="bi bi-geo-alt-fill"></i></button>
</form>
</div>
</div>
<div class="text-center mt-3">
<a href="/" class="btn btn-secondary">Back to Home</a>
</div>
</div>
</div>
</div>
<script>
document.addEventListener('DOMContentLoaded', function () {
if (navigator.geolocation) {
navigator.geolocation.getCurrentPosition(function(position) {
document.getElementById('latitude').value = position.coords.latitude;
document.getElementById('longitude').value = position.coords.longitude;
}, function(error) {
console.error("Error getting location: ", error);
alert('Could not get your location. Please enable location services and try again.');
});
} else {
alert('Geolocation is not supported by this browser.');
}
});
</script>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>

91
admin/create_user.php Normal file
View File

@ -0,0 +1,91 @@
<?php
require_once '../auth.php';
if (!isAdmin()) {
header('Location: /index.php');
exit;
}
$pdo = db();
$error_message = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = trim($_POST['username']);
$password = $_POST['password'];
$role_id = $_POST['role_id'];
$branch = trim($_POST['branch']);
if (empty($username) || empty($password) || empty($role_id)) {
$error_message = 'Username, password, and role are required.';
} else {
// Check if username already exists
$stmt = $pdo->prepare("SELECT id FROM users WHERE username = ?");
$stmt->execute([$username]);
if ($stmt->fetch()) {
$error_message = 'Username already taken. Please choose another.';
} else {
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$insert_stmt = $pdo->prepare("INSERT INTO users (username, password, role_id, branch) VALUES (?, ?, ?, ?)");
if ($insert_stmt->execute([$username, $hashed_password, $role_id, $branch])) {
header('Location: index.php?success=create');
exit;
} else {
$error_message = 'Failed to create user.';
}
}
}
}
// Fetch all roles
$roles_stmt = $pdo->query("SELECT id, name FROM roles");
$roles = $roles_stmt->fetchAll(PDO::FETCH_ASSOC);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Create User</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
</head>
<body>
<div class="container mt-4">
<h1 class="mb-4">Create New User</h1>
<?php if ($error_message): ?>
<div class="alert alert-danger"><?php echo $error_message; ?></div>
<?php endif; ?>
<div class="card">
<div class="card-body">
<form action="create_user.php" method="POST">
<div class="mb-3">
<label for="username" class="form-label">Username</label>
<input type="text" class="form-control" id="username" name="username" required>
</div>
<div class="mb-3">
<label for="password" class="form-label">Password</label>
<input type="password" class="form-control" id="password" name="password" required>
</div>
<div class="mb-3">
<label for="role" class="form-label">Role</label>
<select class="form-select" id="role" name="role_id" required>
<option value="" disabled selected>Select a role</option>
<?php foreach ($roles as $role): ?>
<option value="<?php echo $role['id']; ?>"><?php echo htmlspecialchars($role['name']); ?></option>
<?php endforeach; ?>
</select>
</div>
<div class="mb-3">
<label for="branch" class="form-label">Branch</label>
<input type="text" class="form-control" id="branch" name="branch">
</div>
<button type="submit" class="btn btn-primary">Create User</button>
<a href="index.php" class="btn btn-secondary">Cancel</a>
</form>
</div>
</div>
</div>
</body>
</html>

26
admin/delete_user.php Normal file
View File

@ -0,0 +1,26 @@
<?php
require_once '../auth.php';
// Block access if user is not an admin
if (!isAdmin()) {
header('Location: /index.php');
exit;
}
$user_id = $_GET['id'] ?? null;
if ($user_id) {
// Prevent admin from deleting themselves
if ($user_id == $_SESSION['user_id']) {
header('Location: index.php?error=self_delete');
exit;
}
$pdo = db();
$stmt = $pdo->prepare("DELETE FROM users WHERE id = ?");
$stmt->execute([$user_id]);
}
header('Location: index.php?success=delete');
exit;
?>

86
admin/edit_user.php Normal file
View File

@ -0,0 +1,86 @@
<?php
require_once '../auth.php';
// Block access if user is not an admin
if (!isAdmin()) {
header('Location: /index.php');
exit;
}
$user_id = $_GET['id'] ?? null;
if (!$user_id) {
header('Location: admin/index.php');
exit;
}
$pdo = db();
// Handle form submission
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = trim($_POST['username']);
$role_id = $_POST['role_id'];
$branch = trim($_POST['branch']);
$update_stmt = $pdo->prepare("UPDATE users SET username = ?, role_id = ?, branch = ? WHERE id = ?");
if ($update_stmt->execute([$username, $role_id, $branch, $user_id])) {
header('Location: index.php?success=1');
exit;
} else {
$error_message = "Failed to update user.";
}
}
// Fetch user data
$stmt = $pdo->prepare("SELECT id, username, role_id, branch FROM users WHERE id = ?");
$stmt->execute([$user_id]);
$user = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$user) {
header('Location: admin/index.php');
exit;
}
// Fetch all roles
$roles_stmt = $pdo->query("SELECT id, name FROM roles");
$roles = $roles_stmt->fetchAll(PDO::FETCH_ASSOC);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Edit User</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
</head>
<body>
<div class="container mt-4">
<h1 class="mb-4">Edit User: <?php echo htmlspecialchars($user['username']); ?></h1>
<div class="card">
<div class="card-body">
<form action="edit_user.php?id=<?php echo $user_id; ?>" method="POST">
<div class="mb-3">
<label for="username" class="form-label">Username</label>
<input type="text" class="form-control" id="username" name="username" value="<?php echo htmlspecialchars($user['username']); ?>" required>
</div>
<div class="mb-3">
<label for="role" class="form-label">Role</label>
<select class="form-select" id="role" name="role_id" required>
<?php foreach ($roles as $role): ?>
<option value="<?php echo $role['id']; ?>" <?php echo ($user['role_id'] == $role['id']) ? 'selected' : ''; ?>><?php echo htmlspecialchars($role['name']); ?></option>
<?php endforeach; ?>
</select>
</div>
<div class="mb-3">
<label for="branch" class="form-label">Branch</label>
<input type="text" class="form-control" id="branch" name="branch" value="<?php echo htmlspecialchars($user['branch'] ?? ''); ?>">
</div>
<button type="submit" class="btn btn-primary">Save Changes</button>
<a href="index.php" class="btn btn-secondary">Cancel</a>
</form>
</div>
</div>
</div>
</body>
</html>

130
admin/index.php Normal file
View File

@ -0,0 +1,130 @@
<?php
require_once '../auth.php';
// Block access if user is not an admin
if (!isAdmin()) {
header('Location: /index.php');
exit;
}
// Get search terms
$searchTerm = $_GET['search'] ?? '';
$searchRole = $_GET['role'] ?? '';
$searchBranch = $_GET['branch'] ?? '';
// Build the search query
$sql = "SELECT u.id, u.username, r.name as role, u.branch FROM users u LEFT JOIN roles r ON u.role_id = r.id WHERE 1=1";
$params = [];
if (!empty($searchTerm)) {
$sql .= " AND u.username LIKE ?";
$params[] = "%$searchTerm%";
}
if (!empty($searchRole)) {
$sql .= " AND r.name = ?";
$params[] = $searchRole;
}
if (!empty($searchBranch)) {
$sql .= " AND u.branch LIKE ?";
$params[] = "%$searchBranch%";
}
$sql .= " ORDER BY username";
// Fetch all users from the database
$stmt = db()->prepare($sql);
$stmt->execute($params);
$users = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Fetch all unique roles for the filter dropdown
$rolesStmt = db()->query("SELECT name FROM roles ORDER BY name");
$roles = $rolesStmt->fetchAll(PDO::FETCH_COLUMN);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Admin - User Management</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
</head>
<body>
<div class="container mt-4">
<div class="d-flex justify-content-between align-items-center mb-4">
<h1 class="mb-0">User Management</h1>
<a href="create_user.php" class="btn btn-success">Create User</a>
</div>
<!-- Search Form -->
<div class="card mb-4">
<div class="card-header">
Search & Filter
</div>
<div class="card-body">
<form action="index.php" method="get" class="row g-3">
<div class="col-md-4">
<input type="text" class="form-control" name="search" placeholder="Search by username..." value="<?php echo htmlspecialchars($searchTerm); ?>">
</div>
<div class="col-md-3">
<select name="role" class="form-select">
<option value="">All Roles</option>
<?php foreach ($roles as $role): ?>
<option value="<?php echo htmlspecialchars($role); ?>" <?php if ($role === $searchRole) echo 'selected'; ?>>
<?php echo htmlspecialchars($role); ?>
</option>
<?php endforeach; ?>
</select>
</div>
<div class="col-md-3">
<input type="text" class="form-control" name="branch" placeholder="Search by branch..." value="<?php echo htmlspecialchars($searchBranch); ?>">
</div>
<div class="col-md-2">
<button type="submit" class="btn btn-primary w-100">Search</button>
</div>
</form>
</div>
</div>
<div class="card">
<div class="card-header">
All Users
</div>
<div class="card-body">
<table class="table table-striped">
<thead>
<tr>
<th>Username</th>
<th>Role</th>
<th>Branch</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php if (empty($users)): ?>
<tr>
<td colspan="4" class="text-center">No users found.</td>
</tr>
<?php endif; ?>
<?php foreach ($users as $user): ?>
<tr>
<td><?php echo htmlspecialchars($user['username']); ?></td>
<td><?php echo htmlspecialchars($user['role']); ?></td>
<td><?php echo htmlspecialchars($user['branch'] ?? 'N/A'); ?></td>
<td>
<a href="edit_user.php?id=<?php echo $user['id']; ?>" class="btn btn-sm btn-primary">Edit</a>
<a href="delete_user.php?id=<?php echo $user['id']; ?>" class="btn btn-sm btn-danger" onclick="return confirm('Are you sure you want to delete this user?');">Delete</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
</div>
<a href="/index.php" class="btn btn-secondary mt-3">Back to Dashboard</a>
</div>
</body>
</html>

BIN
assets/icons/icon-192x192.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 293 B

BIN
assets/icons/icon-512x512.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 319 B

51
auth.php Normal file
View File

@ -0,0 +1,51 @@
<?php
session_start();
require_once 'db/config.php';
function is_logged_in() {
return isset($_SESSION['user_id']);
}
function require_login() {
if (!is_logged_in()) {
header('Location: login.php');
exit();
}
}
function current_user_role() {
if (!is_logged_in()) {
return null;
}
$pdo = db();
$stmt = $pdo->prepare('SELECT roles.name FROM users JOIN roles ON users.role_id = roles.id WHERE users.id = ?');
$stmt->execute([$_SESSION['user_id']]);
$role = $stmt->fetchColumn();
return $role;
}
function has_role($role_names) {
$current_role = current_user_role();
if (is_array($role_names)) {
return in_array($current_role, $role_names);
} else {
return $current_role === $role_names;
}
}
function require_role($role_names) {
require_login();
if (!has_role($role_names)) {
// http_response_code(403);
// echo 'Forbidden';
header('Location: index.php');
exit();
}
}
function isAdmin() {
return has_role('Admin');
}

26
dashboard.php Normal file
View File

@ -0,0 +1,26 @@
<?php
header('Content-Type: application/json');
require_once 'auth.php';
require_login();
$pdo = db();
function getVisitsByStatus($pdo) {
$stmt = $pdo->prepare('SELECT status, COUNT(*) as count FROM visits GROUP BY status');
$stmt->execute();
$results = $stmt->fetchAll(PDO::FETCH_KEY_PAIR);
$labels = array_keys($results);
$data = array_values($results);
return [
'labels' => $labels,
'data' => $data,
];
}
$response = [
'visitsByStatus' => getVisitsByStatus($pdo),
];
echo json_encode($response);

7
db/migrations/001_create_visits_table.sql Normal file
View File

@ -0,0 +1,7 @@
CREATE TABLE IF NOT EXISTS visits (
id INT AUTO_INCREMENT PRIMARY KEY,
client_name VARCHAR(255) NOT NULL,
latitude DECIMAL(10, 8) NOT NULL,
longitude DECIMAL(11, 8) NOT NULL,
visit_time TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);

1
db/migrations/002_add_status_to_visits.sql Normal file
View File

@ -0,0 +1 @@
ALTER TABLE visits ADD COLUMN status VARCHAR(20) NOT NULL DEFAULT 'pending';

14
db/migrations/003_create_roles_and_users_tables.sql Normal file
View File

@ -0,0 +1,14 @@
CREATE TABLE IF NOT EXISTS `roles` (
`id` INT AUTO_INCREMENT PRIMARY KEY,
`name` VARCHAR(50) NOT NULL UNIQUE
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
INSERT INTO `roles` (`name`) VALUES ('Loan Officer'), ('Verifier'), ('Branch Manager'), ('Admin');
CREATE TABLE IF NOT EXISTS `users` (
`id` INT AUTO_INCREMENT PRIMARY KEY,
`username` VARCHAR(50) NOT NULL UNIQUE,
`password` VARCHAR(255) NOT NULL,
`role_id` INT,
FOREIGN KEY (`role_id`) REFERENCES `roles`(`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;

3
db/migrations/004_add_branch_and_user_to_visits.sql Normal file
View File

@ -0,0 +1,3 @@
ALTER TABLE `users` ADD `branch` VARCHAR(255) NULL;
ALTER TABLE `visits` ADD `user_id` INT NULL;
ALTER TABLE `visits` ADD FOREIGN KEY (`user_id`) REFERENCES `users`(`id`);

371
index.php
View File

@ -1,150 +1,237 @@
<?php
declare(strict_types=1);
@ini_set('display_errors', '1');
@error_reporting(E_ALL);
@date_default_timezone_set('UTC');
require_once 'auth.php';
require_login();
$phpVersion = PHP_VERSION;
$now = date('Y-m-d H:i:s');
?>
<!doctype html>
$pdo = db();
$branch_update_message = '';
// Handle branch update
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['branch'])) {
$branch = trim($_POST['branch']);
if (!empty($branch)) {
$stmt = $pdo->prepare('UPDATE users SET branch = ? WHERE id = ?');
if ($stmt->execute([$branch, $_SESSION['user_id']])) {
$branch_update_message = 'Branch updated successfully! Refreshing...';
// Redirect to refresh the page and clear POST data
header("Refresh: 2; url=index.php");
} else {
$branch_update_message = 'Error updating branch.';
}
}
}
// Get user info
$stmt = $pdo->prepare('SELECT username, branch FROM users WHERE id = ?');
$stmt->execute([$_SESSION['user_id']]);
$user = $stmt->fetch(PDO::FETCH_ASSOC);
$username = $user['username'] ?? 'User';
$branch = $user['branch'] ?? null;
$current_role = current_user_role();
?><!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>New Style</title>
<?php
// Read project preview data from environment
$projectDescription = $_SERVER['PROJECT_DESCRIPTION'] ?? '';
$projectImageUrl = $_SERVER['PROJECT_IMAGE_URL'] ?? '';
?>
<?php if ($projectDescription): ?>
<!-- Meta description -->
<meta name="description" content='<?= htmlspecialchars($projectDescription) ?>' />
<!-- Open Graph meta tags -->
<meta property="og:description" content="<?= htmlspecialchars($projectDescription) ?>" />
<!-- Twitter meta tags -->
<meta property="twitter:description" content="<?= htmlspecialchars($projectDescription) ?>" />
<?php endif; ?>
<?php if ($projectImageUrl): ?>
<!-- Open Graph image -->
<meta property="og:image" content="<?= htmlspecialchars($projectImageUrl) ?>" />
<!-- Twitter image -->
<meta property="twitter:image" content="<?= htmlspecialchars($projectImageUrl) ?>" />
<?php endif; ?>
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap" rel="stylesheet">
<style>
:root {
--bg-color-start: #6a11cb;
--bg-color-end: #2575fc;
--text-color: #ffffff;
--card-bg-color: rgba(255, 255, 255, 0.01);
--card-border-color: rgba(255, 255, 255, 0.1);
}
body {
margin: 0;
font-family: 'Inter', sans-serif;
background: linear-gradient(45deg, var(--bg-color-start), var(--bg-color-end));
color: var(--text-color);
display: flex;
justify-content: center;
align-items: center;
min-height: 100vh;
text-align: center;
overflow: hidden;
position: relative;
}
body::before {
content: '';
position: absolute;
top: 0;
left: 0;
width: 100%;
height: 100%;
background-image: url('data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="100" height="100" viewBox="0 0 100 100"><path d="M-10 10L110 10M10 -10L10 110" stroke-width="1" stroke="rgba(255,255,255,0.05)"/></svg>');
animation: bg-pan 20s linear infinite;
z-index: -1;
}
@keyframes bg-pan {
0% { background-position: 0% 0%; }
100% { background-position: 100% 100%; }
}
main {
padding: 2rem;
}
.card {
background: var(--card-bg-color);
border: 1px solid var(--card-border-color);
border-radius: 16px;
padding: 2rem;
backdrop-filter: blur(20px);
-webkit-backdrop-filter: blur(20px);
box-shadow: 0 8px 32px 0 rgba(0, 0, 0, 0.1);
}
.loader {
margin: 1.25rem auto 1.25rem;
width: 48px;
height: 48px;
border: 3px solid rgba(255, 255, 255, 0.25);
border-top-color: #fff;
border-radius: 50%;
animation: spin 1s linear infinite;
}
@keyframes spin {
from { transform: rotate(0deg); }
to { transform: rotate(360deg); }
}
.hint {
opacity: 0.9;
}
.sr-only {
position: absolute;
width: 1px; height: 1px;
padding: 0; margin: -1px;
overflow: hidden;
clip: rect(0, 0, 0, 0);
white-space: nowrap; border: 0;
}
h1 {
font-size: 3rem;
font-weight: 700;
margin: 0 0 1rem;
letter-spacing: -1px;
}
p {
margin: 0.5rem 0;
font-size: 1.1rem;
}
code {
background: rgba(0,0,0,0.2);
padding: 2px 6px;
border-radius: 4px;
font-family: ui-monospace, SFMono-Regular, Menlo, Consolas, monospace;
}
footer {
position: absolute;
bottom: 1rem;
font-size: 0.8rem;
opacity: 0.7;
}
</style>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title><?php echo htmlspecialchars($_SERVER['PROJECT_NAME'] ?? 'GeoVerify'); ?></title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
<link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css" rel="stylesheet">
<script src="https://cdn.jsdelivr.net/npm/chart.js"></script>
<link rel="manifest" href="manifest.json">
</head>
<body>
<main>
<div class="card">
<h1>Analyzing your requirements and generating your website…</h1>
<div class="loader" role="status" aria-live="polite" aria-label="Applying initial changes">
<span class="sr-only">Loading…</span>
</div>
<p class="hint"><?= ($_SERVER['HTTP_HOST'] ?? '') === 'appwizzy.com' ? 'AppWizzy' : 'Flatlogic' ?> AI is collecting your requirements and applying the first changes.</p>
<p class="hint">This page will update automatically as the plan is implemented.</p>
<p>Runtime: PHP <code><?= htmlspecialchars($phpVersion) ?></code> — UTC <code><?= htmlspecialchars($now) ?></code></p>
</div>
</main>
<footer>
Page updated: <?= htmlspecialchars($now) ?> (UTC)
</footer>
<nav class="navbar navbar-expand-lg navbar-light bg-white mb-4">
<div class="container-fluid">
<a class="navbar-brand" href="index.php">
<i class="fas fa-map-marked-alt text-primary"></i>
Geo-verification
</a>
<button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav" aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
<div class="collapse navbar-collapse" id="navbarNav">
<ul class="navbar-nav ms-auto">
<li class="nav-item">
<a class="nav-link active" href="index.php">Home</a>
</li>
<?php if (has_role('Loan Officer')): ?>
<li class="nav-item">
<a class="nav-link" href="add_visit.php">Add Visit</a>
</li>
<?php endif; ?>
<?php if (has_role(['Verifier', 'Branch Manager'])): ?>
<li class="nav-item">
<a class="nav-link" href="view_visits.php">Review Visits</a>
</li>
<?php endif; ?>
<?php if (isAdmin()): ?>
<li class="nav-item">
<a class="nav-link" href="admin/index.php">Admin</a>
</li>
<?php endif; ?>
<li class="nav-item dropdown">
<a class="nav-link dropdown-toggle" href="#" id="navbarDropdown" role="button" data-bs-toggle="dropdown" aria-expanded="false">
<i class="fas fa-user"></i> <?= htmlspecialchars($username) ?> (<?= htmlspecialchars($current_role) ?>)
</a>
<ul class="dropdown-menu dropdown-menu-end" aria-labelledby="navbarDropdown">
<li><a class="dropdown-item" href="logout.php">Logout</a></li>
</ul>
</li>
</ul>
</div>
</div>
</nav>
<main class="container mt-5">
<?php if (empty($branch)): ?>
<div class="p-5 mb-4 bg-light rounded-3">
<div class="container-fluid py-5">
<h1 class="display-5 fw-bold">Set Your Branch</h1>
<p class="fs-4">Please set your branch to continue.</p>
<?php if ($branch_update_message): ?>
<div class="alert alert-info"><?= htmlspecialchars($branch_update_message) ?></div>
<?php endif; ?>
<form method="POST" action="index.php">
<div class="mb-3">
<label for="branch" class="form-label">Branch Name</label>
<input type="text" class="form-control" id="branch" name="branch" required>
</div>
<button type="submit" class="btn btn-primary">Save Branch</button>
</form>
</div>
</div>
<?php else: ?>
<div class="p-5 mb-4 bg-light rounded-3">
<div class="container-fluid py-5">
<h1 class="display-5 fw-bold">Dashboard</h1>
<p class="fs-4">Welcome, <?= htmlspecialchars($username) ?>! You are logged in as a <?= htmlspecialchars($current_role) ?> from the <?= htmlspecialchars($branch) ?> branch.</p>
</div>
</div>
<div class="row">
<div class="col-12">
<div class="card">
<div class="card-header">
<h2 class="h4">Visits by Status</h2>
</div>
<div class="card-body">
<canvas id="visitsByStatusChart"></canvas>
</div>
</div>
</div>
</div>
<script>
document.addEventListener('DOMContentLoaded', function () {
fetch('dashboard.php')
.then(response => response.json())
.then(data => {
const ctx = document.getElementById('visitsByStatusChart').getContext('2d');
new Chart(ctx, {
type: 'bar',
data: {
labels: data.visitsByStatus.labels,
datasets: [{
label: '# of Visits',
data: data.visitsByStatus.data,
backgroundColor: [
'rgba(255, 99, 132, 0.2)',
'rgba(54, 162, 235, 0.2)',
'rgba(255, 206, 86, 0.2)',
'rgba(75, 192, 192, 0.2)',
'rgba(153, 102, 255, 0.2)',
'rgba(255, 159, 64, 0.2)'
],
borderColor: [
'rgba(255, 99, 132, 1)',
'rgba(54, 162, 235, 1)',
'rgba(255, 206, 86, 1)',
'rgba(75, 192, 192, 1)',
'rgba(153, 102, 255, 1)',
'rgba(255, 159, 64, 1)'
],
borderWidth: 1
}]
},
options: {
scales: {
y: {
beginAtZero: true
}
}
}
});
});
});
</script>
<?php
if ($current_role === 'Loan Officer') {
$stmt = $pdo->prepare('SELECT status, COUNT(*) as count FROM visits WHERE user_id = ? GROUP BY status');
$stmt->execute([$_SESSION['user_id']]);
?>
<?php } else { // Verifier and Branch Manager
$stmt = $pdo->query("SELECT u.branch, u.username, COUNT(v.id) AS visit_count FROM visits v JOIN users u ON v.user_id = u.id WHERE u.branch IS NOT NULL AND u.role_id = (SELECT id FROM roles WHERE name = 'Loan Officer') GROUP BY u.branch, u.username ORDER BY u.branch, u.username");
$visits_by_officer = $stmt->fetchAll(PDO::FETCH_GROUP | PDO::FETCH_ASSOC);
?>
<div class="row">
<div class="col-12">
<div class="card">
<div class="card-header"><h2 class="h4">Visits by Branch and Loan Officer</h2></div>
<div class="card-body">
<?php if (empty($visits_by_officer)): ?>
<p>No visits recorded yet.</p>
<?php else: ?>
<div class="accordion" id="branchAccordion">
<?php foreach ($visits_by_officer as $branchName => $officers): ?>
<div class="accordion-item">
<h2 class="accordion-header" id="heading-<?= md5($branchName) ?>">
<button class="accordion-button collapsed" type="button" data-bs-toggle="collapse" data-bs-target="#collapse-<?= md5($branchName) ?>" aria-expanded="false" aria-controls="collapse-<?= md5($branchName) ?>">
<strong><?= htmlspecialchars($branchName) ?></strong>
</button>
</h2>
<div id="collapse-<?= md5($branchName) ?>" class="accordion-collapse collapse" aria-labelledby="heading-<?= md5($branchName) ?>" data-bs-parent="#branchAccordion">
<div class="accordion-body">
<ul class="list-group">
<?php foreach ($officers as $officer): ?>
<li class="list-group-item d-flex justify-content-between align-items-center">
<?= htmlspecialchars($officer['username']) ?>
<span class="badge bg-primary rounded-pill"><?= $officer['visit_count'] ?> visits</span>
</li>
<?php endforeach; ?>
</ul>
</div>
</div>
</div>
<?php endforeach; ?>
</div>
<?php endif; ?>
</div>
</div>
</div>
</div>
<?php } ?>
<?php endif; ?>
</main>
<footer class="footer mt-auto py-3 bg-light">
<div class="container text-center">
<span class="text-muted">Copyright &copy; <?php echo date('Y'); ?> <?php echo htmlspecialchars($_SERVER['PROJECT_NAME'] ?? 'GeoVerify'); ?></span>
</div>
</footer>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
<script>
if ('serviceWorker' in navigator) {
window.addEventListener('load', () => {
navigator.serviceWorker.register('/sw.js').then(registration => {
console.log('ServiceWorker registration successful with scope: ', registration.scope);
}, err => {
console.log('ServiceWorker registration failed: ', err);
});
});
}
</script>
</body>
</html>

74
login.php Normal file
View File

@ -0,0 +1,74 @@
<?php
require_once 'db/config.php';
require_once 'auth.php';
if (is_logged_in()) {
header('Location: index.php');
exit();
}
$error = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = $_POST['username'] ?? '';
$password = $_POST['password'] ?? '';
if (empty($username) || empty($password)) {
$error = 'Please enter username and password.';
} else {
$pdo = db();
$stmt = $pdo->prepare('SELECT * FROM users WHERE username = ?');
$stmt->execute([$username]);
$user = $stmt->fetch(PDO::FETCH_ASSOC);
if ($user && password_verify($password, $user['password'])) {
$_SESSION['user_id'] = $user['id'];
header('Location: index.php');
exit();
} else {
$error = 'Invalid username or password.';
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Login</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
</head>
<body>
<div class="container mt-5">
<div class="row justify-content-center">
<div class="col-md-6">
<div class="card">
<div class="card-header">
<h3>Login</h3>
</div>
<div class="card-body">
<?php if ($error): ?>
<div class="alert alert-danger"><?= htmlspecialchars($error) ?></div>
<?php endif; ?>
<form action="login.php" method="POST">
<div class="mb-3">
<label for="username" class="form-label">Username</label>
<input type="text" class="form-control" id="username" name="username" required>
</div>
<div class="mb-3">
<label for="password" class="form-label">Password</label>
<input type="password" class="form-control" id="password" name="password" required>
</div>
<button type="submit" class="btn btn-primary">Login</button>
</form>
</div>
<div class="card-footer text-center">
<p>Don't have an account? <a href="register.php">Register here</a></p>
</div>
</div>
</div>
</div>
</div>
</body>
</html>

6
logout.php Normal file
View File

@ -0,0 +1,6 @@
<?php
session_start();
session_unset();
session_destroy();
header('Location: login.php');
exit();

20
manifest.json Normal file
View File

@ -0,0 +1,20 @@
{
"short_name": "Clinic",
"name": "Clinic Management",
"icons": [
{
"src": "assets/icons/icon-192x192.png",
"type": "image/png",
"sizes": "192x192"
},
{
"src": "assets/icons/icon-512x512.png",
"type": "image/png",
"sizes": "512x512"
}
],
"start_url": "/index.php",
"display": "standalone",
"theme_color": "#3367D6",
"background_color": "#3367D6"
}

BIN
project.zip Normal file
View File

Binary file not shown.

88
register.php Normal file
View File

@ -0,0 +1,88 @@
<?php
require_once 'db/config.php';
require_once 'auth.php';
$pdo = db();
$roles = $pdo->query('SELECT * FROM roles')->fetchAll(PDO::FETCH_ASSOC);
$error = '';
$success = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = $_POST['username'] ?? '';
$password = $_POST['password'] ?? '';
$role_id = $_POST['role_id'] ?? '';
if (empty($username) || empty($password) || empty($role_id)) {
$error = 'Please fill in all fields.';
} else {
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
try {
$stmt = $pdo->prepare('INSERT INTO users (username, password, role_id) VALUES (?, ?, ?)');
$stmt->execute([$username, $hashed_password, $role_id]);
$success = "User registered successfully. You can now <a href='login.php'>login</a>.";
} catch (PDOException $e) {
if ($e->errorInfo[1] == 1062) { // Duplicate entry
$error = 'Username already exists.';
} else {
$error = 'Database error: ' . $e->getMessage();
}
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Register</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
</head>
<body>
<div class="container mt-5">
<div class="row justify-content-center">
<div class="col-md-6">
<div class="card">
<div class="card-header">
<h3>Register</h3>
</div>
<div class="card-body">
<?php if ($error): ?>
<div class="alert alert-danger"><?= htmlspecialchars($error) ?></div>
<?php endif; ?>
<?php if ($success): ?>
<div class="alert alert-success"><?= $success ?></div>
<?php else: ?>
<form action="register.php" method="POST">
<div class="mb-3">
<label for="username" class="form-label">Username</label>
<input type="text" class="form-control" id="username" name="username" required>
</div>
<div class="mb-3">
<label for="password" class="form-label">Password</label>
<input type="password" class="form-control" id="password" name="password" required>
</div>
<div class="mb-3">
<label for="role_id" class="form-label">Role</label>
<select class="form-select" id="role_id" name="role_id" required>
<option value="">Select a role</option>
<?php foreach ($roles as $role): ?>
<option value="<?= $role['id'] ?>"><?= htmlspecialchars($role['name']) ?></option>
<?php endforeach; ?>
</select>
</div>
<button type="submit" class="btn btn-primary">Register</button>
</form>
<?php endif; ?>
</div>
<div class="card-footer text-center">
<p>Already have an account? <a href="login.php">Login here</a></p>
</div>
</div>
</div>
</div>
</div>
</body>
</html>

36
sw.js Normal file
View File

@ -0,0 +1,36 @@
const CACHE_NAME = 'clinic-app-cache-v1';
const urlsToCache = [
'/',
'/index.php',
'/dashboard.php',
'/login.php',
'/register.php',
'/view_visits.php',
'/add_visit.php',
'/auth.php',
'/logout.php',
'/update_visit_status.php'
];
self.addEventListener('install', event => {
event.waitUntil(
caches.open(CACHE_NAME)
.then(cache => {
console.log('Opened cache');
return cache.addAll(urlsToCache);
})
);
});
self.addEventListener('fetch', event => {
event.respondWith(
caches.match(event.request)
.then(response => {
if (response) {
return response;
}
return fetch(event.request);
})
);
});

27
update_visit_status.php Normal file
View File

@ -0,0 +1,27 @@
<?php
require_once 'auth.php';
require_role('Verifier');
require_once 'db/config.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$visit_id = $_POST['visit_id'] ?? null;
$status = $_POST['status'] ?? null;
if ($visit_id && in_array($status, ['verified', 'rejected'])) {
try {
$pdoconn = db();
$stmt = $pdoconn->prepare('UPDATE visits SET status = :status WHERE id = :id');
$stmt->bindParam(':status', $status, PDO::PARAM_STR);
$stmt->bindParam(':id', $visit_id, PDO::PARAM_INT);
$stmt->execute();
} catch (PDOException $e) {
// Optional: Log error to a file
// error_log('Database error: ' . $e->getMessage());
}
}
}
// Redirect back to the review page
header('Location: view_visits.php');
exit;

175
view_visits.php Normal file
View File

@ -0,0 +1,175 @@
<?php
require_once 'auth.php';
require_role(['Verifier', 'Branch Manager']);
require_once 'db/config.php';
$current_role = current_user_role();
// Get username for display
$pdo = db();
$stmt = $pdo->prepare('SELECT username FROM users WHERE id = ?');
$stmt->execute([$_SESSION['user_id']]);
$username = $stmt->fetchColumn();
$pageTitle = 'View Visits';
// Fetch all visits from the database
$stmt = $pdo->query('SELECT id, client_name, latitude, longitude, visit_time, status FROM visits ORDER BY visit_time DESC');
$visits = $stmt->fetchAll(PDO::FETCH_ASSOC);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title><?php echo htmlspecialchars($pageTitle); ?> - Geo-verification App</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
<link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css" rel="stylesheet">
<style>
body {
background-color: #f8f9fa;
}
.navbar {
box-shadow: 0 2px 4px rgba(0,0,0,.1);
}
.card {
border: none;
box-shadow: 0 4px 8px rgba(0,0,0,.1);
}
.card-header {
background-color: #0d6efd;
color: white;
font-weight: bold;
}
.badge-status {
font-size: 0.9em;
}
</style>
</head>
<body>
<nav class="navbar navbar-expand-lg navbar-light bg-white mb-4">
<div class="container-fluid">
<a class="navbar-brand" href="index.php">
<i class="fas fa-map-marked-alt text-primary"></i>
Geo-verification
</a>
<button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav" aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
<div class="collapse navbar-collapse" id="navbarNav">
<ul class="navbar-nav ms-auto">
<li class="nav-item">
<a class="nav-link" href="index.php">Home</a>
</li>
<?php if ($current_role === 'Loan Officer'): ?>
<li class="nav-item">
<a class="nav-link" href="add_visit.php">Add Visit</a>
</li>
<?php endif; ?>
<?php if ($current_role === 'Verifier' || $current_role === 'Branch Manager'): ?>
<li class="nav-item">
<a class="nav-link active" href="view_visits.php">Review Visits</a>
</li>
<?php endif; ?>
<li class="nav-item dropdown">
<a class="nav-link dropdown-toggle" href="#" id="navbarDropdown" role="button" data-bs-toggle="dropdown" aria-expanded="false">
<i class="fas fa-user"></i> <?= htmlspecialchars($username) ?> (<?= htmlspecialchars($current_role) ?>)
</a>
<ul class="dropdown-menu dropdown-menu-end" aria-labelledby="navbarDropdown">
<li><a class="dropdown-item" href="logout.php">Logout</a></li>
</ul>
</li>
</ul>
</div>
</div>
</nav>
<main class="container mt-5">
<div class="card">
<div class="card-header">
<i class="fas fa-list-check"></i>
Review Client Visits
</div>
<div class="card-body">
<div class="table-responsive">
<table class="table table-striped table-hover align-middle">
<thead class="table-light">
<tr>
<th>ID</th>
<th>Client Name</th>
<th>Coordinates</th>
<th>Visit Time</th>
<th>Status</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php if (empty($visits)): ?>
<tr>
<td colspan="6" class="text-center">No visits recorded yet.</td>
</tr>
<?php else: ?>
<?php foreach ($visits as $visit): ?>
<tr>
<td><?php echo htmlspecialchars($visit['id']); ?></td>
<td><?php echo htmlspecialchars($visit['client_name']); ?></td>
<td>
<a href="https://www.google.com/maps?q=<?php echo htmlspecialchars($visit['latitude']); ?>,<?php echo htmlspecialchars($visit['longitude']); ?>" target="_blank">
<?php echo htmlspecialchars(round($visit['latitude'], 5)) . ', ' . htmlspecialchars(round($visit['longitude'], 5)); ?>
</a>
</td>
<td><?php echo htmlspecialchars($visit['visit_time']); ?></td>
<td>
<?php
$status = htmlspecialchars($visit['status']);
$badge_class = 'bg-secondary';
if ($status === 'verified') {
$badge_class = 'bg-success';
} elseif ($status === 'rejected') {
$badge_class = 'bg-danger';
}
echo "<span class=\"badge {$badge_class} badge-status p-2\">" . ucfirst($status) . "</span>";
?>
</td>
<td>
<?php if ($visit['status'] === 'pending' && $current_role === 'Verifier'): ?>
<div class="btn-group" role="group">
<form action="update_visit_status.php" method="POST" class="d-inline">
<input type="hidden" name="visit_id" value="<?php echo $visit['id']; ?>">
<input type="hidden" name="status" value="verified">
<button type="submit" class="btn btn-sm btn-success">
<i class="fas fa-check"></i> Verify
</button>
</form>
<form action="update_visit_status.php" method="POST" class="d-inline">
<input type="hidden" name="visit_id" value="<?php echo $visit['id']; ?>">
<input type="hidden" name="status" value="rejected">
<button type="submit" class="btn btn-sm btn-danger">
<i class="fas fa-times"></i> Reject
</button>
</form>
</div>
<?php else: ?>
<span>-</span>
<?php endif; ?>
</td>
</tr>
<?php endforeach; ?>
<?php endif; ?>
</tbody>
</table>
</div>
</div>
</div>
</main>
<footer class="text-center text-muted py-4 mt-5">
<p>&copy; <?php echo date("Y"); ?> Geo-verification App. All Rights Reserved.</p>
</footer>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>