admin/37018-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
37018-vm/admin/users.php
Flatlogic Bot 0ba5997fad Auto commit: 2025-12-17T23:56:00.480Z
2025-12-17 23:56:00 +00:00

106 lines
4.2 KiB
PHP
Raw Blame History

<?php
session_start();
if (!isset($_SESSION['user_id']) || $_SESSION['user_role'] !== 'admin') {
header("Location: ../login.php");
exit;
}
require_once __DIR__ . '/../db/config.php';
$pdo = db();
// Handle user role updates
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['update_role'])) {
$user_id = $_POST['user_id'];
$role = $_POST['role'];
// Add extra validation for role value
if (in_array($role, ['regular', 'power_user', 'admin'])) {
$stmt = $pdo->prepare("UPDATE users SET role = ? WHERE id = ?");
$stmt->execute([$role, $user_id]);
}
header("Location: users.php");
exit;
}
$users = $pdo->query("SELECT id, username, role, created_at FROM users ORDER BY created_at DESC")->fetchAll();
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Manage Users - Admin Panel</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="../assets/css/custom.css?v=<?php echo time(); ?>">
</head>
<body>
<header class="header">
<h1><a href="/" style="text-decoration: none; color: inherit;">Admin Panel</a></h1>
<div class="auth-links">
<a href="../index.php">View Site</a>
<a href="../logout.php">Logout</a>
</div>
</header>
<div class="container my-4">
<div class="row">
<div class="col-md-3">
<aside class="admin-nav">
<h3>Menu</h3>
<nav class="nav flex-column">
<a class="nav-link" href="index.php">Dashboard</a>
<a class="nav-link" href="categories.php">Categories</a>
<a class="nav-link active" href="users.php">Users</a>
<a class="nav-link" href="links.php">Links</a>
</nav>
</aside>
</div>
<div class="col-md-9">
<main class="content">
<h2>Manage Users</h2>
<table class="table table-striped">
<thead>
<tr>
<th>Username</th>
<th>Role</th>
<th>Registered</th>
<th>Action</th>
</tr>
</thead>
<tbody>
<?php foreach ($users as $user): ?>
<tr>
<td><?php echo htmlspecialchars($user['username']); ?></td>
<td>
<form method="POST" action="users.php" class="d-inline">
<input type="hidden" name="user_id" value="<?php echo $user['id']; ?>">
<select name="role" class="form-select form-select-sm" style="width: auto; display: inline-block;">
<option value="regular" <?php echo ($user['role'] === 'regular') ? 'selected' : ''; ?>>Regular</option>
<option value="power_user" <?php echo ($user['role'] === 'power_user') ? 'selected' : ''; ?>>Power User</option>
<option value="admin" <?php echo ($user['role'] === 'admin') ? 'selected' : ''; ?>>Admin</option>
</select>
<button type="submit" name="update_role" class="btn btn-sm btn-primary">Update</button>
</form>
</td>
<td><?php echo date("Y-m-d", strtotime($user['created_at'])); ?></td>
<td>
<!-- Future actions like delete or view profile -->
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</main>
</div>
</div>
</div>
<footer class="footer">
<p>&copy; <?php echo date("Y"); ?> <?php echo htmlspecialchars($_SERVER['PROJECT_NAME'] ?? 'Web Directory'); ?>. All Rights Reserved.</p>
</footer>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink