admin/36952-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

PMS 1

Browse Source
This commit is contained in:
Flatlogic Bot 2025-12-15 01:31:18 +00:00
parent ba07da0ebc
commit 76d7d99142
26 changed files with 2209 additions and 146 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

113
add_payment.php Normal file
View File

@ -0,0 +1,113 @@
<?php
require_once 'session.php';
check_admin();
require_once 'db/config.php';
$db = db();
$properties = $db->query("SELECT id, name FROM properties ORDER BY name")->fetchAll();
$tenants = $db->query("SELECT id, name FROM tenants ORDER BY name")->fetchAll();
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$property_id = $_POST['property_id'];
$tenant_id = $_POST['tenant_id'];
$amount = $_POST['amount'];
$payment_date = $_POST['payment_date'];
$notes = $_POST['notes'];
$stmt = $db->prepare("INSERT INTO payments (property_id, tenant_id, amount, payment_date, notes) VALUES (?, ?, ?, ?, ?)");
try {
$db->beginTransaction();
$stmt->execute([$property_id, $tenant_id, $amount, $payment_date, $notes]);
$payment_id = $db->lastInsertId();
if (isset($_FILES['file']) && $_FILES['file']['error'] == 0) {
$upload_dir = 'uploads/';
$file_name = uniqid() . '_' . basename($_FILES['file']['name']);
$target_file = $upload_dir . $file_name;
if (move_uploaded_file($_FILES['file']['tmp_name'], $target_file)) {
$stmt = $db->prepare("INSERT INTO files (file_name, file_path, payment_id) VALUES (?, ?, ?)");
$stmt->execute([$_FILES['file']['name'], $target_file, $payment_id]);
} else {
throw new Exception("Failed to upload file.");
}
}
$db->commit();
header("Location: index.php?page=payments&success=1");
exit;
} catch (Exception $e) {
$db->rollBack();
$error = "Error adding payment: " . $e->getMessage();
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Add Payment - Property Management System</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
<link href="https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css">
</head>
<body class="bg-dark text-light">
<div class="container mt-5">
<h1 class="text-primary mb-4">Record New Payment</h1>
<?php if (!empty($error)): ?>
<div class="alert alert-danger"><?= htmlspecialchars($error) ?></div>
<?php endif; ?>
<div class="card bg-surface">
<div class="card-body">
<form action="add_payment.php" method="post" enctype="multipart/form-data">
<div class="mb-3">
<label for="property_id" class="form-label">Property</label>
<select class="form-select" id="property_id" name="property_id" required>
<option value="">Select Property</option>
<?php foreach ($properties as $property): ?>
<option value="<?= $property['id'] ?>"><?= htmlspecialchars($property['name']) ?></option>
<?php endforeach; ?>
</select>
</div>
<div class="mb-3">
<label for="tenant_id" class="form-label">Tenant</label>
<select class="form-select" id="tenant_id" name="tenant_id" required>
<option value="">Select Tenant</option>
<?php foreach ($tenants as $tenant): ?>
<option value="<?= $tenant['id'] ?>"><?= htmlspecialchars($tenant['name']) ?></option>
<?php endforeach; ?>
</select>
</div>
<div class="mb-3">
<label for="amount" class="form-label">Amount</label>
<div class="input-group">
<span class="input-group-text">$</span>
<input type="number" step="0.01" class="form-control" id="amount" name="amount" required>
</div>
</div>
<div class="mb-3">
<label for="payment_date" class="form-label">Payment Date</label>
<input type="date" class="form-control" id="payment_date" name="payment_date" value="<?= date('Y-m-d') ?>" required>
</div>
<div class="mb-3">
<label for="notes" class="form-label">Notes</label>
<textarea class="form-control" id="notes" name="notes" rows="3"></textarea>
</div>
<div class="mb-3">
<label for="file" class="form-label">Upload Document</label>
<input type="file" class="form-control" id="file" name="file">
</div>
<button type="submit" class="btn btn-primary"><i class="bi bi-check-circle"></i> Save Payment</button>
<a href="index.php?page=payments" class="btn btn-secondary">Cancel</a>
</form>
</div>
</div>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>

105
add_property.php Normal file
View File

@ -0,0 +1,105 @@
<?php
require_once 'session.php';
check_admin();
require_once 'db/config.php';
$name = $address = $rent_amount = '';
$errors = [];
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$name = $_POST['name'] ?? '';
$address = $_POST['address'] ?? '';
$rent_amount = $_POST['rent_amount'] ?? '';
if (empty($name)) {
$errors[] = 'Name is required';
}
if (empty($address)) {
$errors[] = 'Address is required';
}
if (empty($rent_amount) || !is_numeric($rent_amount)) {
$errors[] = 'Valid rent amount is required';
}
if (empty($errors)) {
$db = db();
try {
$sql = "INSERT INTO properties (name, address, rent_amount) VALUES (:name, :address, :rent_amount)";
$stmt = $db->prepare($sql);
$stmt->bindParam(':name', $name, PDO::PARAM_STR);
$stmt->bindParam(':address', $address, PDO::PARAM_STR);
$stmt->bindParam(':rent_amount', $rent_amount, PDO::PARAM_STR);
$stmt->execute();
$property_id = $db->lastInsertId(); // Get the ID of the new property
// Handle file upload
if (isset($_FILES['file']) && $_FILES['file']['error'] == 0) {
$target_dir = "uploads/";
if (!is_dir($target_dir)) {
mkdir($target_dir, 0755, true);
}
$file_name = uniqid() . '-' . basename($_FILES["file"]["name"]);
$target_file = $target_dir . $file_name;
if (move_uploaded_file($_FILES["file"]["tmp_name"], $target_file)) {
// Insert file info into database
$file_sql = "INSERT INTO files (file_name, file_path, property_id) VALUES (:file_name, :file_path, :property_id)";
$file_stmt = $db->prepare($file_sql);
$file_stmt->bindParam(':file_name', $file_name, PDO::PARAM_STR);
$file_stmt->bindParam(':file_path', $target_file, PDO::PARAM_STR);
$file_stmt->bindParam(':property_id', $property_id, PDO::PARAM_INT);
$file_stmt->execute();
} else {
$errors[] = "Sorry, there was an error uploading your file.";
// Note: The property has been added, but the file upload failed.
// You might want to handle this case, e.g., by showing a specific error message.
}
}
header('Location: properties.php?message=Property added successfully.');
exit;
} catch (Exception $e) {
$errors[] = "DB ERROR: " . $e->getMessage();
}
}
}
include 'templates/header.php';
?>
<div class="container mt-4">
<h1>Add New Property</h1>
<?php if (!empty($errors)): ?>
<div class="alert alert-danger">
<?php foreach ($errors as $error): ?>
<p><?php echo $error; ?></p>
<?php endforeach; ?>
</div>
<?php endif; ?>
<form action="add_property.php" method="POST" enctype="multipart/form-data">
<div class="mb-3">
<label for="name" class="form-label">Property Name</label>
<input type="text" class="form-control" id="name" name="name" value="<?php echo htmlspecialchars($name); ?>" required>
</div>
<div class="mb-3">
<label for="address" class="form-label">Address</label>
<textarea class="form-control" id="address" name="address" rows="3" required><?php echo htmlspecialchars($address); ?></textarea>
</div>
<div class="mb-3">
<label for="rent_amount" class="form-label">Rent Amount ($)</label>
<input type="number" step="0.01" class="form-control" id="rent_amount" name="rent_amount" value="<?php echo htmlspecialchars($rent_amount); ?>" required>
</div>
<div class="mb-3">
<label for="file" class="form-label">Upload File</label>
<input type="file" class="form-control" id="file" name="file">
</div>
<button type="submit" class="btn btn-primary">Save Property</button>
<a href="properties.php" class="btn btn-secondary">Cancel</a>
</form>
</div>
<?php include 'templates/footer.php'; ?>

85
add_request.php Normal file
View File

@ -0,0 +1,85 @@
<?php
require_once 'session.php';
require_once 'db/config.php';
$properties = $tenants = [];
try {
$db = db();
$properties = $db->query("SELECT id, name FROM properties ORDER BY name ASC")->fetchAll(PDO::FETCH_ASSOC);
$tenants = $db->query("SELECT id, name FROM tenants ORDER BY name ASC")->fetchAll(PDO::FETCH_ASSOC);
} catch (PDOException $e) {
$error = "Error fetching data: " . $e->getMessage();
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$property_id = $_POST['property_id'] ?? null;
$tenant_id = $_POST['tenant_id'] ?? null;
$description = $_POST['description'] ?? '';
$reported_date = $_POST['reported_date'] ?? '';
$status = $_POST['status'] ?? 'Open';
if ($property_id && $description && $reported_date) {
try {
$stmt = $db->prepare("INSERT INTO maintenance_requests (property_id, tenant_id, description, reported_date, status) VALUES (?, ?, ?, ?, ?)");
$stmt->execute([$property_id, $tenant_id, $description, $reported_date, $status]);
header("Location: index.php?page=maintenance&success=Request added");
exit;
} catch (PDOException $e) {
$error = "Error: " . $e->getMessage();
}
} else {
$error = "Please fill all required fields.";
}
}
include 'templates/header.php';
?>
<div class="container mt-4">
<h2>Add Maintenance Request</h2>
<?php if (!empty($error)): ?>
<div class="alert alert-danger"><?php echo htmlspecialchars($error); ?></div>
<?php endif; ?>
<form action="add_request.php" method="post">
<div class="form-group">
<label for="property_id">Property</label>
<select class="form-control" id="property_id" name="property_id" required>
<option value="">Select Property</option>
<?php foreach ($properties as $prop): ?>
<option value="<?php echo $prop['id']; ?>"><?php echo htmlspecialchars($prop['name']); ?></option>
<?php endforeach; ?>
</select>
</div>
<div class="form-group">
<label for="tenant_id">Tenant (Optional)</label>
<select class="form-control" id="tenant_id" name="tenant_id">
<option value="">Select Tenant</option>
<?php foreach ($tenants as $tenant): ?>
<option value="<?php echo $tenant['id']; ?>"><?php echo htmlspecialchars($tenant['name']); ?></option>
<?php endforeach; ?>
</select>
</div>
<div class="form-group">
<label for="description">Description</label>
<textarea class="form-control" id="description" name="description" rows="4" required></textarea>
</div>
<div class="form-group">
<label for="reported_date">Reported Date</label>
<input type="date" class="form-control" id="reported_date" name="reported_date" required>
</div>
<div class="form-group">
<label for="status">Status</label>
<select class="form-control" id="status" name="status">
<option value="Open">Open</option>
<option value="In Progress">In Progress</option>
<option value="Closed">Closed</option>
</select>
</div>
<button type="submit" class="btn btn-primary">Add Request</button>
<a href="index.php?page=maintenance" class="btn btn-secondary">Cancel</a>
</form>
</div>
<?php include 'templates/footer.php'; ?>

144
add_tenant.php Normal file
View File

@ -0,0 +1,144 @@
<?php
require_once 'session.php';
check_admin();
require_once 'db/config.php';
$properties = [];
try {
$db = db();
$stmt = $db->query('SELECT id, name FROM properties ORDER BY name');
$properties = $stmt->fetchAll(PDO::FETCH_ASSOC);
} catch (PDOException $e) {
// Don't block the page, just log error or show a message
error_log("Failed to fetch properties: " . $e->getMessage());
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$name = $_POST['name'] ?? '';
$email = $_POST['email'] ?? '';
$phone = $_POST['phone'] ?? '';
$property_id = !empty($_POST['property_id']) ? (int)$_POST['property_id'] : null;
$lease_start = !empty($_POST['lease_start']) ? $_POST['lease_start'] : null;
$lease_end = !empty($_POST['lease_end']) ? $_POST['lease_end'] : null;
$rent_due = !empty($_POST['rent_due']) ? (float)$_POST['rent_due'] : null;
$security_deposit = !empty($_POST['security_deposit']) ? (float)$_POST['security_deposit'] : null;
$status = $_POST['status'] ?? 'active';
try {
$db = db();
$db->beginTransaction();
$sql = "INSERT INTO tenants (name, email, phone, property_id, lease_start, lease_end, rent_due, security_deposit, status) VALUES (:name, :email, :phone, :property_id, :lease_start, :lease_end, :rent_due, :security_deposit, :status)";
$stmt = $db->prepare($sql);
$stmt->bindParam(':name', $name);
$stmt->bindParam(':email', $email);
$stmt->bindParam(':phone', $phone);
$stmt->bindParam(':property_id', $property_id);
$stmt->bindParam(':lease_start', $lease_start);
$stmt->bindParam(':lease_end', $lease_end);
$stmt->bindParam(':rent_due', $rent_due);
$stmt->bindParam(':security_deposit', $security_deposit);
$stmt->bindParam(':status', $status);
$stmt->execute();
$tenant_id = $db->lastInsertId();
if (isset($_FILES['file']) && $_FILES['file']['error'] == 0) {
$upload_dir = 'uploads/';
$file_name = uniqid() . '_' . basename($_FILES['file']['name']);
$target_file = $upload_dir . $file_name;
if (move_uploaded_file($_FILES['file']['tmp_name'], $target_file)) {
$stmt = $db->prepare("INSERT INTO files (file_name, file_path, tenant_id) VALUES (?, ?, ?)");
$stmt->execute([$_FILES['file']['name'], $target_file, $tenant_id]);
} else {
throw new Exception("Failed to upload file.");
}
}
$db->commit();
header('Location: index.php?tab=tenants&message=Tenant added successfully.');
exit;
} catch (Exception $e) {
$db->rollBack();
$error = "Error adding tenant: " . $e->getMessage();
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Add Tenant</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
<link rel="stylesheet" href="assets/css/custom.css">
</head>
<body>
<div class="container mt-5">
<h1 class="text-white">Add New Tenant</h1>
<?php if (!empty($error)): ?>
<div class="alert alert-danger"><?php echo $error; ?></div>
<?php endif; ?>
<form action="add_tenant.php" method="post" class="card p-4 card-dark" enctype="multipart/form-data">
<div class="form-group">
<label for="name">Full Name</label>
<input type="text" class="form-control" id="name" name="name" required>
</div>
<div class="form-row">
<div class="form-group col-md-6">
<label for="email">Email</label>
<input type="email" class="form-control" id="email" name="email" required>
</div>
<div class="form-group col-md-6">
<label for="phone">Phone</label>
<input type="tel" class="form-control" id="phone" name="phone">
</div>
</div>
<div class="form-group">
<label for="property_id">Assign to Property</label>
<select class="form-control" id="property_id" name="property_id">
<option value="">None</option>
<?php foreach ($properties as $prop): ?>
<option value="<?php echo htmlspecialchars($prop['id']); ?>">
<?php echo htmlspecialchars($prop['name']); ?>
</option>
<?php endforeach; ?>
</select>
</div>
<div class="form-row">
<div class="form-group col-md-6">
<label for="lease_start">Lease Start</label>
<input type="date" class="form-control" id="lease_start" name="lease_start">
</div>
<div class="form-group col-md-6">
<label for="lease_end">Lease End</label>
<input type="date" class="form-control" id="lease_end" name="lease_end">
</div>
</div>
<div class="form-row">
<div class="form-group col-md-6">
<label for="rent_due">Rent Amount</label>
<input type="number" step="0.01" class="form-control" id="rent_due" name="rent_due">
</div>
<div class="form-group col-md-6">
<label for="security_deposit">Security Deposit</label>
<input type="number" step="0.01" class="form-control" id="security_deposit" name="security_deposit">
</div>
</div>
<div class="form-group">
<label for="status">Status</label>
<select class="form-control" id="status" name="status">
<option value="active" selected>Active</option>
<option value="inactive">Inactive</option>
<option value="moved_out">Moved Out</option>
</select>
</div>
<div class="form-group">
<label for="file">Upload Document</label>
<input type="file" class="form-control" id="file" name="file">
</div>
<button type="submit" class="btn btn-primary">Add Tenant</button>
<a href="index.php?tab=tenants" class="btn btn-secondary mt-2">Cancel</a>
</form>
</div>
</body>
</html>

59
add_user.php Normal file
View File

@ -0,0 +1,59 @@
<?php
require_once 'session.php';
check_admin();
require_once 'db/config.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = $_POST['username'];
$password = $_POST['password'];
$role = $_POST['role'];
if ($username && $password && $role) {
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
try {
$db = db();
$stmt = $db->prepare("INSERT INTO users (username, password, role) VALUES (?, ?, ?)");
$stmt->execute([$username, $hashed_password, $role]);
header("Location: users.php?success=User added");
exit;
} catch (PDOException $e) {
$error = "Error: " . $e->getMessage();
}
} else {
$error = "Please fill all required fields.";
}
}
include 'templates/header.php';
?>
<div class="container mt-4">
<h2>Add New User</h2>
<?php if (!empty($error)): ?>
<div class="alert alert-danger"><?php echo htmlspecialchars($error); ?></div>
<?php endif; ?>
<form action="add_user.php" method="post">
<div class="form-group">
<label for="username">Username</label>
<input type="text" class="form-control" id="username" name="username" required>
</div>
<div class="form-group">
<label for="password">Password</label>
<input type="password" class="form-control" id="password" name="password" required>
</div>
<div class="form-group">
<label for="role">Role</label>
<select class="form-control" id="role" name="role">
<option value="user">User</option>
<option value="admin">Admin</option>
</select>
</div>
<button type="submit" class="btn btn-primary">Add User</button>
<a href="users.php" class="btn btn-secondary">Cancel</a>
</form>
</div>
<?php include 'templates/footer.php'; ?>

70
assets/css/custom.css Normal file
View File

@ -0,0 +1,70 @@
/* assets/css/custom.css */
:root {
--primary-color: #4A90E2; /* A modern, vibrant blue */
--secondary-color: #F5A623; /* A warm, contrasting orange for accents */
--background-color: #FFFFFF; /* Clean white background */
--surface-color: #F8F9FA; /* A very light grey for cards, tables etc. */
--text-color: #333333; /* Dark grey for readability */
--text-color-secondary: #555555;
--border-color: #E0E0E0; /* Light grey for borders */
}
body {
background-color: var(--background-color);
color: var(--text-color);
font-family: 'Inter', sans-serif;
-webkit-font-smoothing: antialiased;
-moz-osx-font-smoothing: grayscale;
}
.bg-surface {
background-color: var(--surface-color) !important;
}
.navbar-light {
background-color: var(--background-color) !important;
border-bottom: 1px solid var(--border-color);
box-shadow: 0 2px 4px rgba(0,0,0,0.05);
}
.btn-primary {
background-color: var(--primary-color);
border-color: var(--primary-color);
font-weight: 600;
transition: all 0.2s ease-in-out;
}
.btn-primary:hover {
opacity: 0.9;
transform: translateY(-2px);
box-shadow: 0 4px 8px rgba(0,0,0,0.1);
}
.btn-secondary {
background-color: var(--secondary-color);
border-color: var(--secondary-color);
}
.card {
border: none;
border-radius: 8px;
box-shadow: 0 4px 12px rgba(0,0,0,0.08);
background-color: var(--surface-color);
}
.table {
--bs-table-bg: var(--surface-color);
--bs-table-border-color: var(--border-color);
--bs-table-striped-bg: #FDFDFD;
}
.footer {
background-color: var(--surface-color) !important;
border-top: 1px solid var(--border-color);
color: var(--text-color-secondary);
}
h1, h2, h3, h4, h5, h6 {
font-weight: 700;
color: var(--text-color);
}

97
db/setup.php Normal file
View File

@ -0,0 +1,97 @@
<?php
require_once 'config.php';
try {
$db = db();
$sql_properties = "
CREATE TABLE IF NOT EXISTS properties (
id INT AUTO_INCREMENT PRIMARY KEY,
name VARCHAR(255) NOT NULL,
address TEXT NOT NULL,
rent_amount DECIMAL(10, 2) NOT NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);";
$db->exec($sql_properties);
$sql_tenants = "
CREATE TABLE IF NOT EXISTS tenants (
id INT AUTO_INCREMENT PRIMARY KEY,
name VARCHAR(255) NOT NULL,
email VARCHAR(255) NOT NULL UNIQUE,
phone VARCHAR(20),
property_id INT,
lease_start DATE,
lease_end DATE,
rent_due DECIMAL(10, 2),
security_deposit DECIMAL(10, 2),
status VARCHAR(50) DEFAULT 'active',
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (property_id) REFERENCES properties(id) ON DELETE SET NULL
);";
$db->exec($sql_tenants);
$sql_payments = "
CREATE TABLE IF NOT EXISTS payments (
id INT AUTO_INCREMENT PRIMARY KEY,
tenant_id INT,
property_id INT,
amount DECIMAL(10, 2) NOT NULL,
payment_date DATE NOT NULL,
notes TEXT,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (tenant_id) REFERENCES tenants(id) ON DELETE SET NULL,
FOREIGN KEY (property_id) REFERENCES properties(id) ON DELETE SET NULL
);";
$db->exec($sql_payments);
$sql_maintenance = "
CREATE TABLE IF NOT EXISTS maintenance_requests (
id INT AUTO_INCREMENT PRIMARY KEY,
property_id INT,
tenant_id INT,
description TEXT NOT NULL,
status VARCHAR(50) DEFAULT 'Open',
reported_date DATE NOT NULL,
completed_date DATE,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (property_id) REFERENCES properties(id) ON DELETE SET NULL,
FOREIGN KEY (tenant_id) REFERENCES tenants(id) ON DELETE SET NULL
);";
$db->exec($sql_maintenance);
$sql_files = "
CREATE TABLE IF NOT EXISTS files (
id INT AUTO_INCREMENT PRIMARY KEY,
file_name VARCHAR(255) NOT NULL,
file_path VARCHAR(255) NOT NULL,
property_id INT,
tenant_id INT,
payment_id INT,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (property_id) REFERENCES properties(id) ON DELETE CASCADE,
FOREIGN KEY (tenant_id) REFERENCES tenants(id) ON DELETE CASCADE,
FOREIGN KEY (payment_id) REFERENCES payments(id) ON DELETE CASCADE
);";
$db->exec($sql_files);
$sql_users = "
CREATE TABLE IF NOT EXISTS users (
id INT AUTO_INCREMENT PRIMARY KEY,
username VARCHAR(255) NOT NULL UNIQUE,
password VARCHAR(255) NOT NULL,
role VARCHAR(50) NOT NULL DEFAULT 'user', -- 'user', 'admin'
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);";
$db->exec($sql_users);
// Seed the database with a default admin user
$admin_user = 'admin';
$admin_pass = password_hash('password', PASSWORD_DEFAULT);
$stmt = $db->prepare('INSERT IGNORE INTO users (username, password, role) VALUES (?, ?, ?)');
$stmt->execute([$admin_user, $admin_pass, 'admin']);
echo "Tables 'properties', 'tenants', 'payments', 'maintenance_requests', 'files', and 'users' created successfully.";
} catch (PDOException $e) {
die("DB ERROR: ". $e->getMessage());
}
?>

46
delete_file.php Normal file
View File

@ -0,0 +1,46 @@
<?php
require_once 'session.php';
check_admin();
require_once 'db/config.php';
$id = $_POST['id'] ?? null;
$property_id = $_POST['property_id'] ?? null;
if (!$id) {
header('Location: index.php');
exit;
}
try {
$db = db();
$stmt = $db->prepare("SELECT * FROM files WHERE id = :id");
$stmt->bindParam(':id', $id, PDO::PARAM_INT);
$stmt->execute();
$file = $stmt->fetch(PDO::FETCH_ASSOC);
if ($file) {
// Delete file from server
if (file_exists($file['file_path'])) {
unlink($file['file_path']);
}
// Delete record from database
$stmt = $db->prepare("DELETE FROM files WHERE id = :id");
$stmt->bindParam(':id', $id, PDO::PARAM_INT);
$stmt->execute();
}
if ($property_id) {
header('Location: edit_property.php?id=' . $property_id . '&message=File deleted successfully');
} elseif ($tenant_id = $_GET['tenant_id'] ?? null) {
header('Location: edit_tenant.php?id=' . $tenant_id . '&message=File deleted successfully');
} elseif ($payment_id = $_GET['payment_id'] ?? null) {
header('Location: edit_payment.php?id=' . $payment_id . '&message=File deleted successfully');
} else {
header('Location: index.php?page=properties&message=File deleted successfully');
}
exit;
} catch (PDOException $e) {
die("DB ERROR: " . $e->getMessage());
}
?>

26
delete_payment.php Normal file
View File

@ -0,0 +1,26 @@
<?php
require_once 'session.php';
check_admin();
require_once 'db/config.php';
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
http_response_code(405);
die('Method Not Allowed');
}
$id = $_POST['id'] ?? null;
if (!$id) {
header("Location: index.php?page=payments&error=1");
exit;
}
$db = db();
$stmt = $db->prepare("DELETE FROM payments WHERE id = ?");
if ($stmt->execute([$id])) {
header("Location: index.php?page=payments&success=3");
} else {
header("Location: index.php?page=payments&error=2");
}
exit;
?>

23
delete_property.php Normal file
View File

@ -0,0 +1,23 @@
<?php
require_once 'session.php';
check_admin();
require_once 'db/config.php';
$id = $_POST['id'] ?? null;
if (!$id) {
header('Location: properties.php');
exit;
}
try {
$db = db();
$stmt = $db->prepare("DELETE FROM properties WHERE id = :id");
$stmt->bindParam(':id', $id, PDO::PARAM_INT);
$stmt->execute();
} catch (PDOException $e) {
die("DB ERROR: " . $e->getMessage());
}
header('Location: properties.php');
exit;
?>

26
delete_request.php Normal file
View File

@ -0,0 +1,26 @@
<?php
require_once 'session.php';
check_admin();
require_once 'db/config.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$id = $_POST['id'] ?? null;
if ($id) {
try {
$db = db();
$stmt = $db->prepare("DELETE FROM maintenance_requests WHERE id = ?");
$stmt->execute([$id]);
header("Location: index.php?page=maintenance&success=Request deleted");
exit;
} catch (PDOException $e) {
header("Location: index.php?page=maintenance&error=Error deleting request");
exit;
}
}
} else {
// Redirect if not a POST request
header("Location: index.php?page=maintenance");
exit;
}
?>

33
delete_tenant.php Normal file
View File

@ -0,0 +1,33 @@
<?php
require_once 'session.php';
check_admin();
require_once 'db/config.php';
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
header('Location: index.php?tab=tenants');
exit;
}
$id = $_POST['id'] ?? 0;
if (!$id) {
header('Location: index.php?tab=tenants&error=InvalidID');
exit;
}
try {
$db = db();
$stmt = $db->prepare("DELETE FROM tenants WHERE id = :id");
$stmt->bindParam(':id', $id, PDO::PARAM_INT);
$stmt->execute();
if ($stmt->rowCount() > 0) {
header('Location: index.php?tab=tenants&status=deleted');
} else {
header('Location: index.php?tab=tenants&error=NotFound');
}
exit;
} catch (PDOException $e) {
header('Location: index.php?tab=tenants&error=' . urlencode($e->getMessage()));
exit;
}
?>

44
delete_user.php Normal file
View File

@ -0,0 +1,44 @@
<?php
require_once 'session.php';
check_admin();
require_once 'db/config.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$id = $_POST['id'] ?? null;
if ($id) {
// Prevent deleting the last admin user
$db = db();
if ($id == $_SESSION['user_id']) {
header("Location: users.php?error=Cannot delete yourself");
exit;
}
$stmt = $db->prepare("SELECT role FROM users WHERE id = ?");
$stmt->execute([$id]);
$user = $stmt->fetch();
if ($user && $user['role'] === 'admin') {
$stmt = $db->query("SELECT COUNT(*) FROM users WHERE role = 'admin'");
$admin_count = $stmt->fetchColumn();
if ($admin_count <= 1) {
header("Location: users.php?error=Cannot delete the last admin");
exit;
}
}
try {
$stmt = $db->prepare("DELETE FROM users WHERE id = ?");
$stmt->execute([$id]);
header("Location: users.php?success=User deleted");
exit;
} catch (PDOException $e) {
header("Location: users.php?error=Error deleting user");
exit;
}
}
} else {
header("Location: users.php");
exit;
}
?>

148
edit_payment.php Normal file
View File

@ -0,0 +1,148 @@
<?php
require_once 'session.php';
check_admin();
require_once 'db/config.php';
$id = $_GET['id'] ?? null;
if (!$id) {
header("Location: index.php?page=payments");
exit;
}
$db = db();
$stmt = $db->prepare("SELECT * FROM payments WHERE id = ?");
$stmt->execute([$id]);
$payment = $stmt->fetch();
if (!$payment) {
header("Location: index.php?page=payments");
exit;
}
$properties = $db->query("SELECT id, name FROM properties ORDER BY name")->fetchAll();
$tenants = $db->query("SELECT id, name FROM tenants ORDER BY name")->fetchAll();
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$property_id = $_POST['property_id'];
$tenant_id = $_POST['tenant_id'];
$amount = $_POST['amount'];
$payment_date = $_POST['payment_date'];
$notes = $_POST['notes'];
$stmt = $db->prepare("UPDATE payments SET property_id = ?, tenant_id = ?, amount = ?, payment_date = ?, notes = ? WHERE id = ?");
try {
$db->beginTransaction();
$stmt->execute([$property_id, $tenant_id, $amount, $payment_date, $notes, $id]);
if (isset($_FILES['file']) && $_FILES['file']['error'] == 0) {
$upload_dir = 'uploads/';
$file_name = uniqid() . '_' . basename($_FILES['file']['name']);
$target_file = $upload_dir . $file_name;
if (move_uploaded_file($_FILES['file']['tmp_name'], $target_file)) {
$stmt = $db->prepare("INSERT INTO files (file_name, file_path, payment_id) VALUES (?, ?, ?)");
$stmt->execute([$_FILES['file']['name'], $target_file, $id]);
} else {
throw new Exception("Failed to upload file.");
}
}
$db->commit();
header("Location: index.php?page=payments&success=2");
exit;
} catch (Exception $e) {
$db->rollBack();
$error = "Error updating payment: " . $e->getMessage();
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Edit Payment - Property Management System</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
<link href="https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css">
</head>
<body class="bg-dark text-light">
<div class="container mt-5">
<h1 class="text-primary mb-4">Edit Payment</h1>
<?php if (!empty($error)): ?>
<div class="alert alert-danger"><?= htmlspecialchars($error) ?></div>
<?php endif; ?>
<div class="card bg-surface">
<div class="card-body">
<form action="edit_payment.php?id=<?= $id ?>" method="post" enctype="multipart/form-data">
<div class="mb-3">
<label for="property_id" class="form-label">Property</label>
<select class="form-select" id="property_id" name="property_id" required>
<?php foreach ($properties as $property): ?>
<option value="<?= $property['id'] ?>" <?= $payment['property_id'] == $property['id'] ? 'selected' : '' ?>><?= htmlspecialchars($property['name']) ?></option>
<?php endforeach; ?>
</select>
</div>
<div class="mb-3">
<label for="tenant_id" class="form-label">Tenant</label>
<select class="form-select" id="tenant_id" name="tenant_id" required>
<?php foreach ($tenants as $tenant): ?>
<option value="<?= $tenant['id'] ?>" <?= $payment['tenant_id'] == $tenant['id'] ? 'selected' : '' ?>><?= htmlspecialchars($tenant['name']) ?></option>
<?php endforeach; ?>
</select>
</div>
<div class="mb-3">
<label for="amount" class="form-label">Amount</label>
<div class="input-group">
<span class="input-group-text">$</span>
<input type="number" step="0.01" class="form-control" id="amount" name="amount" value="<?= htmlspecialchars($payment['amount']) ?>" required>
</div>
</div>
<div class="mb-3">
<label for="payment_date" class="form-label">Payment Date</label>
<input type="date" class="form-control" id="payment_date" name="payment_date" value="<?= htmlspecialchars($payment['payment_date']) ?>" required>
</div>
<div class="mb-3">
<label for="notes" class="form-label">Notes</label>
<textarea class="form-control" id="notes" name="notes" rows="3"><?= htmlspecialchars($payment['notes']) ?></textarea>
</div>
<div class="mb-3">
<label for="file" class="form-label">Upload New Document</label>
<input type="file" class="form-control" id="file" name="file">
</div>
<button type="submit" class="btn btn-primary"><i class="bi bi-check-circle"></i> Update Payment</button>
<a href="index.php?page=payments" class="btn btn-secondary">Cancel</a>
</form>
<hr>
<h5 class="text-white">Uploaded Files</h5>
<?php
$stmt = $db->prepare("SELECT * FROM files WHERE payment_id = :payment_id");
$stmt->bindParam(':payment_id', $id, PDO::PARAM_INT);
$stmt->execute();
$files = $stmt->fetchAll(PDO::FETCH_ASSOC);
?>
<?php if (empty($files)): ?>
<p class="text-white">No files uploaded for this payment.</p>
<?php else: ?>
<ul class="list-group">
<?php foreach ($files as $file): ?>
<li class="list-group-item d-flex justify-content-between align-items-center">
<a href="<?= htmlspecialchars($file['file_path']) ?>" target="_blank"><?= htmlspecialchars($file['file_name']) ?></a>
<a href="delete_file.php?id=<?= $file['id'] ?>&payment_id=<?= $id ?>" class="btn btn-danger btn-sm">Delete</a>
</li>
<?php endforeach; ?>
</ul>
<?php endif; ?>
</div>
</div>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>

163
edit_property.php Normal file
View File

@ -0,0 +1,163 @@
<?php
require_once 'session.php';
check_admin();
require_once 'db/config.php';
$id = $_GET['id'] ?? null;
if (!$id) {
header('Location: properties.php');
exit;
}
$name = $address = $rent_amount = '';
$errors = [];
try {
$db = db();
$stmt = $db->prepare("SELECT * FROM properties WHERE id = :id");
$stmt->bindParam(':id', $id, PDO::PARAM_INT);
$stmt->execute();
$property = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$property) {
header('Location: properties.php');
exit;
}
$name = $property['name'];
$address = $property['address'];
$rent_amount = $property['rent_amount'];
} catch (PDOException $e) {
die("DB ERROR: " . $e->getMessage());
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$name = $_POST['name'] ?? '';
$address = $_POST['address'] ?? '';
$rent_amount = $_POST['rent_amount'] ?? '';
if (empty($name)) {
$errors[] = 'Name is required';
}
if (empty($address)) {
$errors[] = 'Address is required';
}
if (empty($rent_amount) || !is_numeric($rent_amount)) {
$errors[] = 'Valid rent amount is required';
}
if (empty($errors)) {
$db = db();
try {
$sql = "UPDATE properties SET name = :name, address = :address, rent_amount = :rent_amount WHERE id = :id";
$stmt = $db->prepare($sql);
$stmt->bindParam(':name', $name, PDO::PARAM_STR);
$stmt->bindParam(':address', $address, PDO::PARAM_STR);
$stmt->bindParam(':rent_amount', $rent_amount, PDO::PARAM_STR);
$stmt->bindParam(':id', $id, PDO::PARAM_INT);
$stmt->execute();
// Handle file upload
if (isset($_FILES['file']) && $_FILES['file']['error'] == 0) {
$target_dir = "uploads/";
if (!is_dir($target_dir)) {
mkdir($target_dir, 0755, true);
}
$file_name = uniqid() . '-' . basename($_FILES["file"]["name"]);
$target_file = $target_dir . $file_name;
if (move_uploaded_file($_FILES["file"]["tmp_name"], $target_file)) {
// Insert file info into database
$file_sql = "INSERT INTO files (file_name, file_path, property_id) VALUES (:file_name, :file_path, :property_id)";
$file_stmt = $db->prepare($file_sql);
$file_stmt->bindParam(':file_name', $file_name, PDO::PARAM_STR);
$file_stmt->bindParam(':file_path', $target_file, PDO::PARAM_STR);
$file_stmt->bindParam(':property_id', $id, PDO::PARAM_INT);
$file_stmt->execute();
} else {
$errors[] = "Sorry, there was an error uploading your file.";
}
}
header('Location: edit_property.php?id=' . $id . '&message=Property updated successfully.');
exit;
} catch (Exception $e) {
$errors[] = "DB ERROR: " . $e->getMessage();
}
}
}
include 'templates/header.php';
?>
<div class="container mt-4">
<h1>Edit Property</h1>
<?php if (!empty($errors)):
<div class="alert alert-danger">
<?php foreach ($errors as $error):
<p><?php echo $error; ?></p>
<?php endforeach; ?>
</div>
<?php endif; ?>
<form action="edit_property.php?id=<?php echo $id; ?>" method="POST" enctype="multipart/form-data">
<div class="mb-3">
<label for="name" class="form-label">Property Name</label>
<input type="text" class="form-control" id="name" name="name" value="<?php echo htmlspecialchars($name); ?>" required>
</div>
<div class="mb-3">
<label for="address" class="form-label">Address</label>
<textarea class="form-control" id="address" name="address" rows="3" required><?php echo htmlspecialchars($address); ?></textarea>
</div>
<div class="mb-3">
<label for="rent_amount" class="form-label">Rent Amount ($)</label>
<input type="number" step="0.01" class="form-control" id="rent_amount" name="rent_amount" value="<?php echo htmlspecialchars($rent_amount); ?>" required>
</div>
<div class="mb-3">
<label for="file" class="form-label">Upload New File</label>
<input type="file" class="form-control" id="file" name="file">
</div>
<button type="submit" class="btn btn-primary">Save Changes</button>
<a href="properties.php" class="btn btn-secondary">Cancel</a>
</form>
<hr class="my-4">
<h2>Uploaded Files</h2>
<?php
try {
$file_stmt = $db->prepare("SELECT * FROM files WHERE property_id = :property_id");
$file_stmt->bindParam(':property_id', $id, PDO::PARAM_INT);
$file_stmt->execute();
$files = $file_stmt->fetchAll(PDO::FETCH_ASSOC);
} catch (PDOException $e) {
$files = [];
echo "<p class="text-danger">Could not load files: " . $e->getMessage() . "</p>";
}
if (count($files) > 0) {
echo '<ul class="list-group">';
foreach ($files as $file) {
echo '<li class="list-group-item d-flex justify-content-between align-items-center">';
echo '<a href="' . htmlspecialchars($file['file_path']) . '" target="_blank">' . htmlspecialchars($file['file_name']) . '</a>';
echo '<form action="delete_file.php" method="POST" style="display:inline;" onsubmit="return confirm(\'Are you sure you want to delete this file?\');">';
echo '<input type="hidden" name="id" value="' . $file['id'] . '">';
echo '<input type="hidden" name="property_id" value="' . $id . '">';
echo '<button type="submit" class="btn btn-danger btn-sm">Delete</button>';
echo '</form>';
echo '</li>';
}
echo '</ul>';
} else {
echo '<p>No files uploaded for this property yet.</p>';
}
?>
</div>
<?php include 'templates/footer.php'; ?>

108
edit_request.php Normal file
View File

@ -0,0 +1,108 @@
<?php
require_once 'session.php';
require_once 'db/config.php';
$id = $_GET['id'] ?? null;
if (!$id) {
header("Location: index.php?page=maintenance");
exit;
}
$properties = $tenants = [];
$request = null;
try {
$db = db();
$properties = $db->query("SELECT id, name FROM properties ORDER BY name ASC")->fetchAll(PDO::FETCH_ASSOC);
$tenants = $db->query("SELECT id, name FROM tenants ORDER BY name ASC")->fetchAll(PDO::FETCH_ASSOC);
$stmt = $db->prepare("SELECT * FROM maintenance_requests WHERE id = ?");
$stmt->execute([$id]);
$request = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$request) {
header("Location: index.php?page=maintenance&error=Request not found");
exit;
}
} catch (PDOException $e) {
$error = "Error fetching data: " . $e->getMessage();
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$property_id = $_POST['property_id'] ?? null;
$tenant_id = $_POST['tenant_id'] ?? null;
$description = $_POST['description'] ?? '';
$reported_date = $_POST['reported_date'] ?? '';
$completed_date = !empty($_POST['completed_date']) ? $_POST['completed_date'] : null;
$status = $_POST['status'] ?? 'Open';
if ($property_id && $description && $reported_date) {
try {
$stmt = $db->prepare("UPDATE maintenance_requests SET property_id = ?, tenant_id = ?, description = ?, reported_date = ?, completed_date = ?, status = ? WHERE id = ?");
$stmt->execute([$property_id, $tenant_id, $description, $reported_date, $completed_date, $status, $id]);
header("Location: index.php?page=maintenance&success=Request updated");
exit;
} catch (PDOException $e) {
$error = "Error: " . $e->getMessage();
}
} else {
$error = "Please fill all required fields.";
}
}
include 'templates/header.php';
?>
<div class="container mt-4">
<h2>Edit Maintenance Request</h2>
<?php if (!empty($error)): ?>
<div class="alert alert-danger"><?php echo htmlspecialchars($error); ?></div>
<?php endif; ?>
<form action="edit_request.php?id=<?php echo $id; ?>" method="post">
<div class="form-group">
<label for="property_id">Property</label>
<select class="form-control" id="property_id" name="property_id" required>
<option value="">Select Property</option>
<?php foreach ($properties as $prop): ?>
<option value="<?php echo $prop['id']; ?>" <?php echo ($prop['id'] == $request['property_id']) ? 'selected' : ''; ?>><?php echo htmlspecialchars($prop['name']); ?></option>
<?php endforeach; ?>
</select>
</div>
<div class="form-group">
<label for="tenant_id">Tenant (Optional)</label>
<select class="form-control" id="tenant_id" name="tenant_id">
<option value="">Select Tenant</option>
<?php foreach ($tenants as $tenant): ?>
<option value="<?php echo $tenant['id']; ?>" <?php echo ($tenant['id'] == $request['tenant_id']) ? 'selected' : ''; ?>><?php echo htmlspecialchars($tenant['name']); ?></option>
<?php endforeach; ?>
</select>
</div>
<div class="form-group">
<label for="description">Description</label>
<textarea class="form-control" id="description" name="description" rows="4" required><?php echo htmlspecialchars($request['description']); ?></textarea>
</div>
<div class="form-group">
<label for="reported_date">Reported Date</label>
<input type="date" class="form-control" id="reported_date" name="reported_date" value="<?php echo htmlspecialchars($request['reported_date']); ?>" required>
</div>
<div class="form-group">
<label for="completed_date">Completed Date</label>
<input type="date" class="form-control" id="completed_date" name="completed_date" value="<?php echo htmlspecialchars($request['completed_date']); ?>">
</div>
<div class="form-group">
<label for="status">Status</label>
<select class="form-control" id="status" name="status">
<option value="Open" <?php echo ($request['status'] == 'Open') ? 'selected' : ''; ?>>Open</option>
<option value="In Progress" <?php echo ($request['status'] == 'In Progress') ? 'selected' : ''; ?>>In Progress</option>
<option value="Closed" <?php echo ($request['status'] == 'Closed') ? 'selected' : ''; ?>>Closed</option>
</select>
</div>
<button type="submit" class="btn btn-primary">Update Request</button>
<a href="index.php?page=maintenance" class="btn btn-secondary">Cancel</a>
</form>
</div>
<?php include 'templates/footer.php'; ?>

189
edit_tenant.php Normal file
View File

@ -0,0 +1,189 @@
<?php
require_once 'session.php';
check_admin();
require_once 'db/config.php';
$id = $_GET['id'] ?? 0;
if (!$id) {
header('Location: index.php?tab=tenants');
exit;
}
$db = db();
$tenant = null;
$properties = [];
try {
// Fetch tenant
$stmt = $db->prepare("SELECT * FROM tenants WHERE id = :id");
$stmt->bindParam(':id', $id, PDO::PARAM_INT);
$stmt->execute();
$tenant = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$tenant) {
header('Location: index.php?tab=tenants');
exit;
}
// Fetch properties for dropdown
$stmt = $db->query('SELECT id, name FROM properties ORDER BY name');
$properties = $stmt->fetchAll(PDO::FETCH_ASSOC);
} catch (PDOException $e) {
$error = "DB Error: " . $e->getMessage();
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$name = $_POST['name'] ?? '';
$email = $_POST['email'] ?? '';
$phone = $_POST['phone'] ?? '';
$property_id = !empty($_POST['property_id']) ? (int)$_POST['property_id'] : null;
$lease_start = !empty($_POST['lease_start']) ? $_POST['lease_start'] : null;
$lease_end = !empty($_POST['lease_end']) ? $_POST['lease_end'] : null;
$rent_due = !empty($_POST['rent_due']) ? (float)$_POST['rent_due'] : null;
$security_deposit = !empty($_POST['security_deposit']) ? (float)$_POST['security_deposit'] : null;
$status = $_POST['status'] ?? 'active';
try {
$db->beginTransaction();
$sql = "UPDATE tenants SET name = :name, email = :email, phone = :phone, property_id = :property_id, lease_start = :lease_start, lease_end = :lease_end, rent_due = :rent_due, security_deposit = :security_deposit, status = :status WHERE id = :id";
$stmt = $db->prepare($sql);
$stmt->bindParam(':id', $id, PDO::PARAM_INT);
$stmt->bindParam(':name', $name);
$stmt->bindParam(':email', $email);
$stmt->bindParam(':phone', $phone);
$stmt->bindParam(':property_id', $property_id);
$stmt->bindParam(':lease_start', $lease_start);
$stmt->bindParam(':lease_end', $lease_end);
$stmt->bindParam(':rent_due', $rent_due);
$stmt->bindParam(':security_deposit', $security_deposit);
$stmt->bindParam(':status', $status);
$stmt->execute();
if (isset($_FILES['file']) && $_FILES['file']['error'] == 0) {
$upload_dir = 'uploads/';
$file_name = uniqid() . '_' . basename($_FILES['file']['name']);
$target_file = $upload_dir . $file_name;
if (move_uploaded_file($_FILES['file']['tmp_name'], $target_file)) {
$stmt = $db->prepare("INSERT INTO files (file_name, file_path, tenant_id) VALUES (?, ?, ?)");
$stmt->execute([$_FILES['file']['name'], $target_file, $id]);
} else {
throw new Exception("Failed to upload file.");
}
}
$db->commit();
header('Location: index.php?tab=tenants&message=Tenant updated successfully.');
exit;
} catch (Exception $e) {
$db->rollBack();
$error = "Error updating tenant: " . $e->getMessage();
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Edit Tenant</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
<link rel="stylesheet" href="assets/css/custom.css">
</head>
<body>
<div class="container mt-5">
<h1 class="text-white">Edit Tenant</h1>
<?php if (!empty($error)): ?>
<div class="alert alert-danger"><?php echo htmlspecialchars($error); ?></div>
<?php endif; ?>
<?php if ($tenant): ?>
<form action="edit_tenant.php?id=<?php echo $id; ?>" method="post" class="card p-4 card-dark" enctype="multipart/form-data">
<div class="form-group">
<label for="name">Full Name</label>
<input type="text" class="form-control" id="name" name="name" value="<?php echo htmlspecialchars($tenant['name']); ?>" required>
</div>
<div class="form-row">
<div class="form-group col-md-6">
<label for="email">Email</label>
<input type="email" class="form-control" id="email" name="email" value="<?php echo htmlspecialchars($tenant['email']); ?>" required>
</div>
<div class="form-group col-md-6">
<label for="phone">Phone</label>
<input type="tel" class="form-control" id="phone" name="phone" value="<?php echo htmlspecialchars($tenant['phone']); ?>">
</div>
</div>
<div class="form-group">
<label for="property_id">Assign to Property</label>
<select class="form-control" id="property_id" name="property_id">
<option value="">None</option>
<?php foreach ($properties as $prop): ?>
<option value="<?php echo htmlspecialchars($prop['id']); ?>" <?php echo ($tenant['property_id'] == $prop['id']) ? 'selected' : ''; ?>>
<?php echo htmlspecialchars($prop['name']); ?>
</option>
<?php endforeach; ?>
</select>
</div>
<div class="form-row">
<div class="form-group col-md-6">
<label for="lease_start">Lease Start</label>
<input type="date" class="form-control" id="lease_start" name="lease_start" value="<?php echo htmlspecialchars($tenant['lease_start']); ?>">
</div>
<div class="form-group col-md-6">
<label for="lease_end">Lease End</label>
<input type="date" class="form-control" id="lease_end" name="lease_end" value="<?php echo htmlspecialchars($tenant['lease_end']); ?>">
</div>
</div>
<div class="form-row">
<div class="form-group col-md-6">
<label for="rent_due">Rent Amount</label>
<input type="number" step="0.01" class="form-control" id="rent_due" name="rent_due" value="<?php echo htmlspecialchars($tenant['rent_due']); ?>">
</div>
<div class="form-group col-md-6">
<label for="security_deposit">Security Deposit</label>
<input type="number" step="0.01" class="form-control" id="security_deposit" name="security_deposit" value="<?php echo htmlspecialchars($tenant['security_deposit']); ?>">
</div>
</div>
<div class="form-group">
<label for="status">Status</label>
<select class="form-control" id="status" name="status">
<option value="active" <?php echo ($tenant['status'] === 'active') ? 'selected' : ''; ?>>Active</option>
<option value="inactive" <?php echo ($tenant['status'] === 'inactive') ? 'selected' : ''; ?>>Inactive</option>
<option value="moved_out" <?php echo ($tenant['status'] === 'moved_out') ? 'selected' : ''; ?>>Moved Out</option>
</select>
</div>
<div class="form-group">
<label for="file">Upload New Document</label>
<input type="file" class="form-control" id="file" name="file">
</div>
<button type="submit" class="btn btn-primary">Save Changes</button>
<a href="index.php?tab=tenants" class="btn btn-secondary mt-2">Cancel</a>
</form>
<hr>
<h5 class="text-white">Uploaded Files</h5>
<?php
$stmt = $db->prepare("SELECT * FROM files WHERE tenant_id = :tenant_id");
$stmt->bindParam(':tenant_id', $id, PDO::PARAM_INT);
$stmt->execute();
$files = $stmt->fetchAll(PDO::FETCH_ASSOC);
?>
<?php if (empty($files)): ?>
<p class="text-white">No files uploaded for this tenant.</p>
<?php else: ?>
<ul class="list-group">
<?php foreach ($files as $file): ?>
<li class="list-group-item d-flex justify-content-between align-items-center">
<a href="<?= htmlspecialchars($file['file_path']) ?>" target="_blank"><?= htmlspecialchars($file['file_name']) ?></a>
<a href="delete_file.php?id=<?= $file['id'] ?>&tenant_id=<?= $id ?>" class="btn btn-danger btn-sm">Delete</a>
</li>
<?php endforeach; ?>
</ul>
<?php endif; ?>
<?php else: ?>
<div class="alert alert-warning">Tenant not found.</div>
<?php endif; ?>
</div>
</body>
</html>

78
edit_user.php Normal file
View File

@ -0,0 +1,78 @@
<?php
require_once 'session.php';
check_admin();
require_once 'db/config.php';
$id = $_GET['id'] ?? null;
if (!$id) {
header("Location: users.php");
exit;
}
$db = db();
$stmt = $db->prepare("SELECT * FROM users WHERE id = ?");
$stmt->execute([$id]);
$user = $stmt->fetch();
if (!$user) {
header("Location: users.php?error=User not found");
exit;
}
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = $_POST['username'];
$role = $_POST['role'];
$password = $_POST['password'];
if ($username && $role) {
try {
if ($password) {
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$stmt = $db->prepare("UPDATE users SET username = ?, password = ?, role = ? WHERE id = ?");
$stmt->execute([$username, $hashed_password, $role, $id]);
} else {
$stmt = $db->prepare("UPDATE users SET username = ?, role = ? WHERE id = ?");
$stmt->execute([$username, $role, $id]);
}
header("Location: users.php?success=User updated");
exit;
} catch (PDOException $e) {
$error = "Error: " . $e->getMessage();
}
} else {
$error = "Please fill all required fields.";
}
}
include 'templates/header.php';
?>
<div class="container mt-4">
<h2>Edit User</h2>
<?php if (!empty($error)): ?>
<div class="alert alert-danger"><?php echo htmlspecialchars($error); ?></div>
<?php endif; ?>
<form action="edit_user.php?id=<?php echo $id; ?>" method="post">
<div class="form-group">
<label for="username">Username</label>
<input type="text" class="form-control" id="username" name="username" value="<?php echo htmlspecialchars($user['username']); ?>" required>
</div>
<div class="form-group">
<label for="password">Password (leave blank to keep current password)</label>
<input type="password" class="form-control" id="password" name="password">
</div>
<div class="form-group">
<label for="role">Role</label>
<select class="form-control" id="role" name="role">
<option value="user" <?php echo ($user['role'] == 'user') ? 'selected' : ''; ?>>User</option>
<option value="admin" <?php echo ($user['role'] == 'admin') ? 'selected' : ''; ?>>Admin</option>
</select>
</div>
<button type="submit" class="btn btn-primary">Update User</button>
<a href="users.php" class="btn btn-secondary">Cancel</a>
</form>
</div>
<?php include 'templates/footer.php'; ?>

554
index.php
View File

@ -1,150 +1,416 @@
<?php
declare(strict_types=1);
@ini_set('display_errors', '1');
@error_reporting(E_ALL);
@date_default_timezone_set('UTC');
require_once 'session.php';
require_once 'db/config.php';
$phpVersion = PHP_VERSION;
$now = date('Y-m-d H:i:s');
$page = $_GET['page'] ?? 'dashboard';
$properties = [];
$tenants = [];
$payments = [];
try {
$db = db();
if ($page === 'properties') {
$stmt = $db->query('SELECT * FROM properties ORDER BY created_at DESC');
$properties = $stmt->fetchAll(PDO::FETCH_ASSOC);
} elseif ($page === 'dashboard') {
$stmt = $db->query('SELECT COUNT(*) FROM properties');
$total_properties = $stmt->fetchColumn();
$stmt = $db->query('SELECT COUNT(*) FROM tenants');
$total_tenants = $stmt->fetchColumn();
$stmt = $db->query('SELECT COUNT(*) FROM maintenance_requests');
$total_requests = $stmt->fetchColumn();
$stmt = $db->query('SELECT SUM(amount) FROM payments');
$total_payments = $stmt->fetchColumn();
// Data for Payments Chart
$stmt = $db->query("SELECT MONTH(payment_date) as month, SUM(amount) as total FROM payments WHERE YEAR(payment_date) = YEAR(CURDATE()) GROUP BY MONTH(payment_date)");
$payment_chart_data = $stmt->fetchAll(PDO::FETCH_ASSOC);
$payment_labels = [];
$payment_values = [];
foreach ($payment_chart_data as $data) {
$payment_labels[] = date('F', mktime(0, 0, 0, $data['month'], 10));
$payment_values[] = $data['total'];
}
// Data for Maintenance Requests Chart
$stmt = $db->query("SELECT status, COUNT(*) as count FROM maintenance_requests GROUP BY status");
$request_chart_data = $stmt->fetchAll(PDO::FETCH_ASSOC);
$request_labels = [];
$request_values = [];
foreach ($request_chart_data as $data) {
$request_labels[] = $data['status'];
$request_values[] = $data['count'];
}
} elseif ($page === 'tenants') {
$stmt = $db->query('SELECT t.*, p.name AS property_name FROM tenants t LEFT JOIN properties p ON t.property_id = p.id ORDER BY t.created_at DESC');
$tenants = $stmt->fetchAll(PDO::FETCH_ASSOC);
} elseif ($page === 'payments') {
$stmt = $db->query('SELECT pay.*, t.name AS tenant_name, p.name AS property_name FROM payments pay JOIN tenants t ON pay.tenant_id = t.id JOIN properties p ON pay.property_id = p.id ORDER BY pay.payment_date DESC');
$payments = $stmt->fetchAll(PDO::FETCH_ASSOC);
} elseif ($page === 'maintenance') {
$stmt = $db->query('SELECT mr.*, p.name AS property_name, t.name AS tenant_name FROM maintenance_requests mr LEFT JOIN properties p ON mr.property_id = p.id LEFT JOIN tenants t ON mr.tenant_id = t.id ORDER BY mr.reported_date DESC');
$maintenance_requests = $stmt->fetchAll(PDO::FETCH_ASSOC);
}
} catch (PDOException $e) {
die("DB ERROR: " . $e->getMessage());
}
$success_message = '';
if (isset($_GET['success'])) {
switch ($_GET['success']) {
case 1: $success_message = "Payment added successfully!"; break;
case 2: $success_message = "Payment updated successfully!"; break;
case 3: $success_message = "Payment deleted successfully!"; break;
}
}
$error_message = '';
if (isset($_GET['error'])) {
switch ($_GET['error']) {
case 1: $error_message = "Error: Missing payment ID."; break;
case 2: $error_message = "Error: Could not delete payment."; break;
}
}
require_once 'templates/header.php';
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>New Style</title>
<?php
// Read project preview data from environment
$projectDescription = $_SERVER['PROJECT_DESCRIPTION'] ?? '';
$projectImageUrl = $_SERVER['PROJECT_IMAGE_URL'] ?? '';
?>
<?php if ($projectDescription): ?>
<!-- Meta description -->
<meta name="description" content='<?= htmlspecialchars($projectDescription) ?>' />
<!-- Open Graph meta tags -->
<meta property="og:description" content="<?= htmlspecialchars($projectDescription) ?>" />
<!-- Twitter meta tags -->
<meta property="twitter:description" content="<?= htmlspecialchars($projectDescription) ?>" />
<?php endif; ?>
<?php if ($projectImageUrl): ?>
<!-- Open Graph image -->
<meta property="og:image" content="<?= htmlspecialchars($projectImageUrl) ?>" />
<!-- Twitter image -->
<meta property="twitter:image" content="<?= htmlspecialchars($projectImageUrl) ?>" />
<?php endif; ?>
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap" rel="stylesheet">
<style>
:root {
--bg-color-start: #6a11cb;
--bg-color-end: #2575fc;
--text-color: #ffffff;
--card-bg-color: rgba(255, 255, 255, 0.01);
--card-border-color: rgba(255, 255, 255, 0.1);
}
body {
margin: 0;
font-family: 'Inter', sans-serif;
background: linear-gradient(45deg, var(--bg-color-start), var(--bg-color-end));
color: var(--text-color);
display: flex;
justify-content: center;
align-items: center;
min-height: 100vh;
text-align: center;
overflow: hidden;
position: relative;
}
body::before {
content: '';
position: absolute;
top: 0;
left: 0;
width: 100%;
height: 100%;
background-image: url('data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="100" height="100" viewBox="0 0 100 100"><path d="M-10 10L110 10M10 -10L10 110" stroke-width="1" stroke="rgba(255,255,255,0.05)"/></svg>');
animation: bg-pan 20s linear infinite;
z-index: -1;
}
@keyframes bg-pan {
0% { background-position: 0% 0%; }
100% { background-position: 100% 100%; }
}
main {
padding: 2rem;
}
.card {
background: var(--card-bg-color);
border: 1px solid var(--card-border-color);
border-radius: 16px;
padding: 2rem;
backdrop-filter: blur(20px);
-webkit-backdrop-filter: blur(20px);
box-shadow: 0 8px 32px 0 rgba(0, 0, 0, 0.1);
}
.loader {
margin: 1.25rem auto 1.25rem;
width: 48px;
height: 48px;
border: 3px solid rgba(255, 255, 255, 0.25);
border-top-color: #fff;
border-radius: 50%;
animation: spin 1s linear infinite;
}
@keyframes spin {
from { transform: rotate(0deg); }
to { transform: rotate(360deg); }
}
.hint {
opacity: 0.9;
}
.sr-only {
position: absolute;
width: 1px; height: 1px;
padding: 0; margin: -1px;
overflow: hidden;
clip: rect(0, 0, 0, 0);
white-space: nowrap; border: 0;
}
h1 {
font-size: 3rem;
font-weight: 700;
margin: 0 0 1rem;
letter-spacing: -1px;
}
p {
margin: 0.5rem 0;
font-size: 1.1rem;
}
code {
background: rgba(0,0,0,0.2);
padding: 2px 6px;
border-radius: 4px;
font-family: ui-monospace, SFMono-Regular, Menlo, Consolas, monospace;
}
footer {
position: absolute;
bottom: 1rem;
font-size: 0.8rem;
opacity: 0.7;
}
</style>
</head>
<body>
<main>
<main class="container mt-4 flex-grow-1">
<?php if ($success_message): ?>
<div class="alert alert-success"><?= $success_message ?></div>
<?php endif; ?>
<?php if ($error_message): ?>
<div class="alert alert-danger"><?= $error_message ?></div>
<?php endif; ?>
<ul class="nav nav-tabs" id="myTab" role="tablist">
<li class="nav-item" role="presentation">
<a class="nav-link <?= ($page === 'dashboard') ? 'active' : '' ?>" href="?page=dashboard">Dashboard</a>
</li>
<li class="nav-item" role="presentation">
<a class="nav-link <?= ($page === 'properties') ? 'active' : '' ?>" href="?page=properties">Properties</a>
</li>
<li class="nav-item" role="presentation">
<a class="nav-link <?= ($page === 'tenants') ? 'active' : '' ?>" href="?page=tenants">Tenants</a>
</li>
<li class="nav-item" role="presentation">
<a class="nav-link <?= ($page === 'payments') ? 'active' : '' ?>" href="?page=payments">Payments</a>
</li>
<li class="nav-item" role="presentation">
<a class="nav-link <?= ($page === 'maintenance') ? 'active' : '' ?>" href="?page=maintenance">Maintenance</a>
</li>
</ul>
<div class="tab-content" id="myTabContent">
<div class="tab-pane fade <?php echo ($page === 'dashboard') ? 'show active' : ''; ?>" id="dashboard" role="tabpanel">
<div class="d-flex justify-content-between align-items-center my-4">
<h1>Dashboard</h1>
</div>
<div class="row">
<div class="col-md-3">
<div class="card mb-3">
<div class="card-body">
<h5 class="card-title">Total Properties</h5>
<p class="card-text fs-4"><?= $total_properties ?? 0 ?></p>
</div>
</div>
</div>
<div class="col-md-3">
<div class="card mb-3">
<div class="card-body">
<h5 class="card-title">Total Tenants</h5>
<p class="card-text fs-4"><?= $total_tenants ?? 0 ?></p>
</div>
</div>
</div>
<div class="col-md-3">
<div class="card mb-3">
<div class="card-body">
<h5 class="card-title">Maintenance Requests</h5>
<p class="card-text fs-4"><?= $total_requests ?? 0 ?></p>
</div>
</div>
</div>
<div class="col-md-3">
<div class="card mb-3">
<div class="card-body">
<h5 class="card-title">Total Payments</h5>
<p class="card-text fs-4">$<?= number_format($total_payments ?? 0, 2) ?></p>
</div>
</div>
</div>
</div>
<div class="row">
<div class="col-md-6">
<div class="card">
<h1>Analyzing your requirements and generating your website…</h1>
<div class="loader" role="status" aria-live="polite" aria-label="Applying initial changes">
<span class="sr-only">Loading…</span>
<div class="card-body">
<h5 class="card-title">Monthly Payments (Current Year)</h5>
<canvas id="paymentsChart"></canvas>
</div>
<p class="hint"><?= ($_SERVER['HTTP_HOST'] ?? '') === 'appwizzy.com' ? 'AppWizzy' : 'Flatlogic' ?> AI is collecting your requirements and applying the first changes.</p>
<p class="hint">This page will update automatically as the plan is implemented.</p>
<p>Runtime: PHP <code><?= htmlspecialchars($phpVersion) ?></code> — UTC <code><?= htmlspecialchars($now) ?></code></p>
</div>
</main>
<footer>
Page updated: <?= htmlspecialchars($now) ?> (UTC)
</footer>
</body>
</html>
</div>
<div class="col-md-6">
<div class="card">
<div class="card-body">
<h5 class="card-title">Maintenance Requests Status</h5>
<canvas id="requestsChart"></canvas>
</div>
</div>
</div>
</div>
</div>
<div class="tab-pane fade <?php echo ($page === 'properties') ? 'show active' : ''; ?>" id="properties" role="tabpanel">
<div class="d-flex justify-content-between align-items-center my-4">
<h1>Properties</h1>
<?php if (is_admin()): ?>
<a href="add_property.php" class="btn btn-primary"><i class="bi bi-plus-circle"></i> Add New Property</a>
<?php endif; ?>
</div>
<div class="card">
<div class="card-body">
<table class="table table-hover">
<thead>
<tr>
<th>Name</th>
<th>Address</th>
<th>Rent</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php foreach ($properties as $property): ?>
<tr>
<td><?php echo htmlspecialchars($property['name']); ?></td>
<td><?php echo htmlspecialchars($property['address']); ?></td>
<td>$<?php echo htmlspecialchars(number_format($property['rent_amount'], 2)); ?></td>
<td>
<a href="edit_property.php?id=<?php echo $property['id']; ?>" class="btn btn-sm btn-secondary"><i class="bi bi-pencil-square"></i> Edit</a>
<?php if (is_admin()): ?>
<form action="delete_property.php" method="POST" class="d-inline" onsubmit="return confirm('Are you sure you want to delete this property?');">
<input type="hidden" name="id" value="<?php echo $property['id']; ?>">
<button type="submit" class="btn btn-sm btn-danger"><i class="bi bi-trash"></i> Delete</button>
</form>
<?php endif; ?>
</td>
</tr>
<?php endforeach; ?>
<?php if (empty($properties)): ?>
<tr><td colspan="4" class="text-center">No properties found.</td></tr>
<?php endif; ?>
</tbody>
</table>
</div>
</div>
</div>
<div class="tab-pane fade <?php echo ($page === 'tenants') ? 'show active' : ''; ?>" id="tenants" role="tabpanel">
<div class="d-flex justify-content-between align-items-center my-4">
<h1>Tenants</h1>
<?php if (is_admin()): ?>
<a href="add_tenant.php" class="btn btn-primary"><i class="bi bi-plus-circle"></i> Add New Tenant</a>
<?php endif; ?>
</div>
<div class="card">
<div class="card-body">
<table class="table table-hover">
<thead>
<tr>
<th>Name</th>
<th>Email</th>
<th>Property</th>
<th>Lease End</th>
<th>Status</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php foreach ($tenants as $tenant): ?>
<tr>
<td><?php echo htmlspecialchars($tenant['name']); ?></td>
<td><?php echo htmlspecialchars($tenant['email']); ?></td>
<td><?php echo htmlspecialchars($tenant['property_name'] ?? 'N/A'); ?></td>
<td><?php echo htmlspecialchars($tenant['lease_end']); ?></td>
<td><span class="badge bg-primary"><?php echo htmlspecialchars($tenant['status']); ?></span></td>
<td>
<a href="edit_tenant.php?id=<?php echo $tenant['id']; ?>" class="btn btn-sm btn-secondary"><i class="bi bi-pencil-square"></i> Edit</a>
<?php if (is_admin()): ?>
<form action="delete_tenant.php" method="POST" class="d-inline" onsubmit="return confirm('Are you sure you want to delete this tenant?');">
<input type="hidden" name="id" value="<?php echo $tenant['id']; ?>">
<button type="submit" class="btn btn-sm btn-danger"><i class="bi bi-trash"></i> Delete</button>
</form>
<?php endif; ?>
</td>
</tr>
<?php endforeach; ?>
<?php if (empty($tenants)): ?>
<tr><td colspan="6" class="text-center">No tenants found.</td></tr>
<?php endif; ?>
</tbody>
</table>
</div>
</div>
</div>
<div class="tab-pane fade <?= ($page === 'payments') ? 'show active' : '' ?>" id="payments" role="tabpanel">
<div class="d-flex justify-content-between align-items-center my-4">
<h1>Payments</h1>
<?php if (is_admin()): ?>
<a href="add_payment.php" class="btn btn-primary"><i class="bi bi-plus-circle"></i> Add New Payment</a>
<?php endif; ?>
</div>
<div class="card">
<div class="card-body">
<table class="table table-hover">
<thead>
<tr>
<th>Tenant</th>
<th>Property</th>
<th>Amount</th>
<th>Payment Date</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php foreach ($payments as $payment): ?>
<tr>
<td><?= htmlspecialchars($payment['tenant_name']) ?></td>
<td><?= htmlspecialchars($payment['property_name']) ?></td>
<td>$<?= htmlspecialchars(number_format($payment['amount'], 2)) ?></td>
<td><?= htmlspecialchars($payment['payment_date']) ?></td>
<td>
<a href="edit_payment.php?id=<?= $payment['id'] ?>" class="btn btn-sm btn-secondary"><i class="bi bi-pencil-square"></i> Edit</a>
<?php if (is_admin()): ?>
<form action="delete_payment.php" method="POST" class="d-inline" onsubmit="return confirm('Are you sure you want to delete this payment?');">
<input type="hidden" name="id" value="<?= $payment['id'] ?>">
<button type="submit" class="btn btn-sm btn-danger"><i class="bi bi-trash"></i> Delete</button>
</form>
<?php endif; ?>
</td>
</tr>
<?php endforeach; ?>
<?php if (empty($payments)): ?>
<tr><td colspan="5" class="text-center">No payments found.</td></tr>
<?php endif; ?>
</tbody>
</table>
</div>
</div>
</div>
<div class="tab-pane fade <?php echo ($page === 'maintenance') ? 'show active' : ''; ?>" id="maintenance" role="tabpanel">
<div class="d-flex justify-content-between align-items-center my-4">
<h1>Maintenance Requests</h1>
<a href="add_request.php" class="btn btn-primary"><i class="bi bi-plus-circle"></i> Add New Request</a>
</div>
<div class="card">
<div class="card-body">
<table class="table table-hover">
<thead>
<tr>
<th>Property</th>
<th>Tenant</th>
<th>Description</th>
<th>Status</th>
<th>Reported Date</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php if (isset($maintenance_requests)): ?>
<?php foreach ($maintenance_requests as $request): ?>
<tr>
<td><?php echo htmlspecialchars($request['property_name'] ?? 'N/A'); ?></td>
<td><?php echo htmlspecialchars($request['tenant_name'] ?? 'N/A'); ?></td>
<td><?php echo htmlspecialchars($request['description']); ?></td>
<td><span class="badge bg-info"><?php echo htmlspecialchars($request['status']); ?></span></td>
<td><?php echo htmlspecialchars($request['reported_date']); ?></td>
<td>
<a href="edit_request.php?id=<?php echo $request['id']; ?>" class="btn btn-sm btn-secondary"><i class="bi bi-pencil-square"></i> Edit</a>
<?php if (is_admin()): ?>
<form action="delete_request.php" method="POST" class="d-inline" onsubmit="return confirm('Are you sure you want to delete this request?');">
<input type="hidden" name="id" value="<?php echo $request['id']; ?>">
<button type="submit" class="btn btn-sm btn-danger"><i class="bi bi-trash"></i> Delete</button>
</form>
<?php endif; ?>
</td>
</tr>
<?php endforeach; ?>
<?php if (empty($maintenance_requests)): ?>
<tr><td colspan="6" class="text-center">No maintenance requests found.</td></tr>
<?php endif; ?>
<?php endif; ?>
</tbody>
</table>
</div>
</div>
</div>
</div>
</main>
<?php require_once 'templates/footer.php'; ?>
<script src="https://cdn.jsdelivr.net/npm/chart.js"></script>
<script>
document.addEventListener('DOMContentLoaded', function () {
const primaryColor = getComputedStyle(document.documentElement).getPropertyValue('--primary-color').trim();
const secondaryColor = getComputedStyle(document.documentElement).getPropertyValue('--secondary-color').trim();
// Payments Chart
const paymentsCtx = document.getElementById('paymentsChart');
if (paymentsCtx) {
new Chart(paymentsCtx, {
type: 'bar',
data: {
labels: <?= json_encode($payment_labels ?? []) ?>,
datasets: [{
label: 'Total Payments',
data: <?= json_encode($payment_values ?? []) ?>,
backgroundColor: primaryColor + '33', // Adding alpha for fill
borderColor: primaryColor,
borderWidth: 1
}]
},
options: {
scales: {
y: {
beginAtZero: true
}
}
}
});
}
// Maintenance Requests Chart
const requestsCtx = document.getElementById('requestsChart');
if (requestsCtx) {
new Chart(requestsCtx, {
type: 'pie',
data: {
labels: <?= json_encode($request_labels ?? []) ?>,
datasets: [{
label: 'Request Status',
data: <?= json_encode($request_values ?? []) ?>,
backgroundColor: [
primaryColor + '33',
secondaryColor + '33',
'#36A2EB33',
'#FFCE5633'
],
borderColor: [
primaryColor,
secondaryColor,
'#36A2EB',
'#FFCE56'
],
borderWidth: 1
}]
}
});
}
});
</script>

71
login.php Normal file
View File

@ -0,0 +1,71 @@
<?php
require_once 'db/config.php';
session_start();
if (isset($_SESSION['user_id'])) {
header('Location: index.php');
exit;
}
$error = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = $_POST['username'];
$password = $_POST['password'];
if (empty($username) || empty($password)) {
$error = 'Please enter both username and password.';
} else {
$db = db();
$stmt = $db->prepare('SELECT id, password, role FROM users WHERE username = ?');
$stmt->execute([$username]);
$user = $stmt->fetch();
if ($user && password_verify($password, $user['password'])) {
$_SESSION['user_id'] = $user['id'];
$_SESSION['role'] = $user['role'];
header('Location: index.php');
exit;
} else {
$error = 'Invalid username or password.';
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Login</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
</head>
<body>
<div class="container">
<div class="row justify-content-center">
<div class="col-md-6">
<div class="card mt-5">
<div class="card-header">
<h4>Login</h4>
</div>
<div class="card-body">
<?php if ($error): ?>
<div class="alert alert-danger"><?php echo $error; ?></div>
<?php endif; ?>
<form method="POST">
<div class="form-group">
<label for="username">Username</label>
<input type="text" name="username" id="username" class="form-control" required>
</div>
<div class="form-group">
<label for="password">Password</label>
<input type="password" name="password" id="password" class="form-control" required>
</div>
<button type="submit" class="btn btn-primary">Login</button>
</form>
</div>
</div>
</div>
</div>
</div>
</body>
</html>

6
logout.php Normal file
View File

@ -0,0 +1,6 @@
<?php
session_start();
session_destroy();
header('Location: login.php');
exit;
?>

45
properties.php Normal file
View File

@ -0,0 +1,45 @@
<?php
require_once 'session.php';
check_admin();
require_once 'db/config.php';
$db = db();
$properties = $db->query("SELECT * FROM properties ORDER BY name ASC")->fetchAll();
include 'templates/header.php';
?>
<div class="container mt-4">
<h2>Manage Properties</h2>
<a href="add_property.php" class="btn btn-primary mb-3">Add New Property</a>
<table class="table table-bordered">
<thead>
<tr>
<th>Name</th>
<th>Address</th>
<th>Rent Amount</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php foreach ($properties as $property): ?>
<tr>
<td><?php echo htmlspecialchars($property['name']); ?></td>
<td><?php echo htmlspecialchars($property['address']); ?></td>
<td>$<?php echo htmlspecialchars($property['rent_amount']); ?></td>
<td>
<a href="edit_property.php?id=<?php echo $property['id']; ?>" class="btn btn-sm btn-secondary">Edit</a>
<form action="delete_property.php" method="POST" class="d-inline" onsubmit="return confirm('Are you sure you want to delete this property?');">
<input type="hidden" name="id" value="<?php echo $property['id']; ?>">
<button type="submit" class="btn btn-sm btn-danger">Delete</button>
</form>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
<?php include 'templates/footer.php'; ?>

21
session.php Normal file
View File

@ -0,0 +1,21 @@
<?php
session_start();
require_once 'db/config.php';
if (!isset($_SESSION['user_id'])) {
header('Location: login.php');
exit();
}
function is_admin() {
return isset($_SESSION['role']) && $_SESSION['role'] === 'admin';
}
function check_admin() {
if (!is_admin()) {
// You can customize this part, e.g., show an error message or redirect.
die('You are not authorized to access this page.');
}
}
?>

11
templates/footer.php Normal file
View File

@ -0,0 +1,11 @@
</main>
<footer class="footer mt-auto py-3 text-center">
<div class="container">
<span class="text-body-secondary">© 2025 Property Management, Inc.</span>
</div>
</footer>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>

43
templates/header.php Normal file
View File

@ -0,0 +1,43 @@
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>Property Management System</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
<link href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.3/font/bootstrap-icons.css" rel="stylesheet">
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap" rel="stylesheet">
<link href="assets/css/custom.css?v=<?php echo time(); ?>" rel="stylesheet">
</head>
<body class="d-flex flex-column min-vh-100">
<nav class="navbar navbar-expand-lg navbar-light">
<div class="container-fluid">
<a class="navbar-brand" href="index.php">Property Management</a>
<button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav" aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
<div class="collapse navbar-collapse" id="navbarNav">
<ul class="navbar-nav ms-auto">
<?php if (is_admin()): ?>
<li class="nav-item">
<a class="nav-link" href="properties.php">Manage Properties</a>
</li>
<li class="nav-item">
<a class="nav-link" href="users.php">Manage Users</a>
</li>
<?php endif; ?>
<li class="nav-item">
<a href="logout.php" class="nav-link">Logout</a>
</li>
</ul>
</div>
</div>
</nav>
<main class="container mt-4 flex-grow-1">
</div>
</nav>
<main class="container mt-4 flex-grow-1">

43
users.php Normal file
View File

@ -0,0 +1,43 @@
<?php
require_once 'session.php';
check_admin();
require_once 'db/config.php';
$db = db();
$users = $db->query("SELECT * FROM users ORDER BY username ASC")->fetchAll();
include 'templates/header.php';
?>
<div class="container mt-4">
<h2>Manage Users</h2>
<a href="add_user.php" class="btn btn-primary mb-3">Add New User</a>
<table class="table table-bordered">
<thead>
<tr>
<th>Username</th>
<th>Role</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php foreach ($users as $user): ?>
<tr>
<td><?php echo htmlspecialchars($user['username']); ?></td>
<td><?php echo htmlspecialchars($user['role']); ?></td>
<td>
<a href="edit_user.php?id=<?php echo $user['id']; ?>" class="btn btn-sm btn-secondary">Edit</a>
<form action="delete_user.php" method="POST" class="d-inline" onsubmit="return confirm('Are you sure you want to delete this user?');">
<input type="hidden" name="id" value="<?php echo $user['id']; ?>">
<button type="submit" class="btn btn-sm btn-danger">Delete</button>
</form>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
<?php include 'templates/footer.php'; ?>