36557-vm/add_user.php

<?php
session_start();

if (!isset($_SESSION['user_id']) || $_SESSION['role'] !== 'Super Admin') {
    header('Location: login.php');
    exit;
}

require_once 'db/config.php';

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $name = $_POST['name'];
    $email = $_POST['email'];
    $password = $_POST['password'];
    $role = $_POST['role'];
    $agent_tier = $_POST['agent_tier'];
    $phone = $_POST['phone'];
    $company = $_POST['company'];
    $notes = $_POST['notes'];

    if (empty($name) || empty($email) || empty($password) || empty($role)) {
        // Handle empty fields
        header('Location: admin_dashboard.php?error=empty_fields');
        exit;
    }

    $db = db();
    
    $hashed_password = password_hash($password, PASSWORD_BCRYPT);
    $referral_code = uniqid();

    $stmt = $db->prepare('INSERT INTO users (name, email, password, referral_code, role, agent_tier, phone, company, notes) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)');
    $stmt->execute([$name, $email, $hashed_password, $referral_code, $role, $agent_tier, $phone, $company, $notes]);

    header('Location: admin_dashboard.php');
    exit;
} else {
    header('Location: admin_dashboard.php');
    exit;
}
?>