diff --git a/admin/add_service.php b/admin/add_service.php new file mode 100644 index 0000000..bad3f1a --- /dev/null +++ b/admin/add_service.php @@ -0,0 +1,67 @@ +prepare("SELECT role FROM users WHERE id = ?"); +$stmt->execute([$_SESSION['user_id']]); +$user = $stmt->fetch(); + +if (!$user || $user['role'] !== 'admin') { + header('Location: /dashboard.php?error=unauthorized'); + exit; +} + +$message = ''; + +if ($_SERVER['REQUEST_METHOD'] === 'POST') { + $name = $_POST['name']; + $description = $_POST['description']; + $price = $_POST['price']; + $duration_days = $_POST['duration_days']; + + if (empty($name) || empty($description) || empty($price) || empty($duration_days)) { + $message = '
All fields are required.
'; + } else { + $stmt = $pdo->prepare("INSERT INTO services (name, description, price, duration_days) VALUES (?, ?, ?, ?)"); + if ($stmt->execute([$name, $description, $price, $duration_days])) { + header('Location: services.php?success=added'); + exit; + } else { + $message = '
Failed to add service.
'; + } + } +} +?> + +
+

Add New Service

+ +
+
+ + +
+
+ + +
+
+ + +
+
+ + +
+ + Cancel +
+
+ + diff --git a/admin/delete_service.php b/admin/delete_service.php new file mode 100644 index 0000000..63c89f9 --- /dev/null +++ b/admin/delete_service.php @@ -0,0 +1,32 @@ +prepare("SELECT role FROM users WHERE id = ?"); +$stmt->execute([$_SESSION['user_id']]); +$user = $stmt->fetch(); + +if (!$user || $user['role'] !== 'admin') { + header('Location: /dashboard.php?error=unauthorized'); + exit; +} + +$service_id = $_GET['id'] ?? null; + +if ($service_id) { + $stmt = $pdo->prepare("DELETE FROM services WHERE id = ?"); + if ($stmt->execute([$service_id])) { + header('Location: services.php?success=deleted'); + exit; + } +} + +header('Location: services.php?error=delete_failed'); +exit; +?> diff --git a/admin/edit_service.php b/admin/edit_service.php new file mode 100644 index 0000000..2f1649b --- /dev/null +++ b/admin/edit_service.php @@ -0,0 +1,82 @@ +prepare("SELECT role FROM users WHERE id = ?"); +$stmt->execute([$_SESSION['user_id']]); +$user = $stmt->fetch(); + +if (!$user || $user['role'] !== 'admin') { + header('Location: /dashboard.php?error=unauthorized'); + exit; +} + +$message = ''; +$service_id = $_GET['id'] ?? null; + +if (!$service_id) { + header('Location: services.php'); + exit; +} + +$stmt = $pdo->prepare("SELECT * FROM services WHERE id = ?"); +$stmt->execute([$service_id]); +$service = $stmt->fetch(); + +if (!$service) { + header('Location: services.php'); + exit; +} + +if ($_SERVER['REQUEST_METHOD'] === 'POST') { + $name = $_POST['name']; + $description = $_POST['description']; + $price = $_POST['price']; + $duration_days = $_POST['duration_days']; + + if (empty($name) || empty($description) || empty($price) || empty($duration_days)) { + $message = '
All fields are required.
'; + } else { + $stmt = $pdo->prepare("UPDATE services SET name = ?, description = ?, price = ?, duration_days = ? WHERE id = ?"); + if ($stmt->execute([$name, $description, $price, $duration_days, $service_id])) { + header('Location: services.php?success=updated'); + exit; + } else { + $message = '
Failed to update service.
'; + } + } +} +?> + +
+

Edit Service

+ +
+
+ + +
+
+ + +
+
+ + +
+
+ + +
+ + Cancel +
+
+ + diff --git a/admin/index.php b/admin/index.php new file mode 100644 index 0000000..bfbdf12 --- /dev/null +++ b/admin/index.php @@ -0,0 +1,32 @@ +prepare("SELECT role FROM users WHERE id = ?"); +$stmt->execute([$_SESSION['user_id']]); +$user = $stmt->fetch(); + +if (!$user || $user['role'] !== 'admin') { + // Redirect to the dashboard or show an error message + header('Location: /dashboard.php?error=unauthorized'); + exit; +} + +?> + +
+

Admin Panel

+

Welcome to the admin panel. Here you can manage users and services.

+ +
+ + diff --git a/admin/services.php b/admin/services.php new file mode 100644 index 0000000..387a493 --- /dev/null +++ b/admin/services.php @@ -0,0 +1,62 @@ +prepare("SELECT role FROM users WHERE id = ?"); +$stmt->execute([$_SESSION['user_id']]); +$user = $stmt->fetch(); + +if (!$user || $user['role'] !== 'admin') { + header('Location: /dashboard.php?error=unauthorized'); + exit; +} + +// Fetch all services +$stmt = $pdo->query("SELECT id, name, description, price, duration_days FROM services ORDER BY id DESC"); +$services = $stmt->fetchAll(); + +?> + +
+

Service Management

+

This page allows you to manage the services offered to users.

+ Add New Service + +
+ + + + + + + + + + + + + + + + + + + + + + + +
IDNameDescriptionPriceDuration (Days)Actions
+ Edit + Delete +
+
+
+ + diff --git a/admin/users.php b/admin/users.php new file mode 100644 index 0000000..da30351 --- /dev/null +++ b/admin/users.php @@ -0,0 +1,56 @@ +prepare("SELECT role FROM users WHERE id = ?"); +$stmt->execute([$_SESSION['user_id']]); +$user = $stmt->fetch(); + +if (!$user || $user['role'] !== 'admin') { + header('Location: /dashboard.php?error=unauthorized'); + exit; +} + +// Fetch all users +$stmt = $pdo->query("SELECT id, name, email, role, created_at FROM users ORDER BY created_at DESC"); +$users = $stmt->fetchAll(); + +?> + +
+

User Management

+

This page lists all the users in the database.

+ +
+ + + + + + + + + + + + + + + + + + + + + +
IDNameEmailRoleRegistered On
+
+
+ + diff --git a/db/migrations/005_add_role_to_users_table.php b/db/migrations/005_add_role_to_users_table.php new file mode 100644 index 0000000..346eb2a --- /dev/null +++ b/db/migrations/005_add_role_to_users_table.php @@ -0,0 +1,23 @@ +exec($sql); + echo "Migration 005: Added role column to users table successfully." . PHP_EOL; + } catch (PDOException $e) { + die("Migration 005 failed: " . $e->getMessage() . PHP_EOL); + } +} + +// Self-invocation check +if (basename(__FILE__) == basename($_SERVER["SCRIPT_FILENAME"])) { + migrate_005_add_role_to_users_table(); +} + diff --git a/includes/header.php b/includes/header.php index dc673f5..766de5b 100644 --- a/includes/header.php +++ b/includes/header.php @@ -73,6 +73,15 @@ Hi,