admin/37497-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
37497-vm/user_management.php
Flatlogic Bot 65bff23a0b 1
2026-01-16 09:31:10 +00:00

262 lines
13 KiB
PHP
Raw Permalink Blame History

<?php
session_start();
if (!isset($_SESSION['user_id']) || $_SESSION['role'] !== 'Admin') {
header('Location: login.php');
exit;
}
require_once 'db/config.php';
try {
$pdo = db();
// Fetch users
$stmt = $pdo->query('SELECT u.id, u.username, u.email, u.created_at, r.name as role_name, d.name as department_name, dv.name as division_name FROM users u LEFT JOIN roles r ON u.role_id = r.id LEFT JOIN departments d ON r.department_id = d.id LEFT JOIN divisions dv ON d.division_id = dv.id ORDER BY u.created_at DESC');
$users = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Fetch divisions
$div_stmt = $pdo->query('SELECT id, name FROM divisions ORDER BY name');
$divisions = $div_stmt->fetchAll(PDO::FETCH_ASSOC);
// Fetch departments
$dept_stmt = $pdo->query('SELECT d.id, d.name, v.name as division_name FROM departments d JOIN divisions v ON d.division_id = v.id ORDER BY v.name, d.name');
$departments = $dept_stmt->fetchAll(PDO::FETCH_ASSOC);
// Fetch roles
$role_stmt = $pdo->query('SELECT r.id, r.name, d.name as department_name FROM roles r JOIN departments d ON r.department_id = d.id ORDER BY d.name, r.name');
$roles = $role_stmt->fetchAll(PDO::FETCH_ASSOC);
} catch (PDOException $e) {
echo "<div class='alert alert-danger'>Database error: " . $e->getMessage() . "</div>";
$users = [];
$divisions = [];
$departments = [];
$roles = [];
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>User Management</title>
<style>
body { font-family: Inter, system-ui, -apple-system, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif; background-color: #F7F9FC; color: #333; margin: 0; padding: 20px; }
.container { max-width: 1200px; margin: 0 auto; background-color: #FFFFFF; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.1); padding: 20px; }
h1, h3 { color: #4A90E2; }
table { width: 100%; border-collapse: collapse; margin-top: 20px; }
th, td { padding: 12px; border-bottom: 1px solid #ddd; text-align: left; }
th { background-color: #f2f2f2; }
.alert { padding: 15px; margin-bottom: 20px; border-radius: 4px; }
.alert-danger { background-color: #f8d7da; color: #721c24; border: 1px solid #f5c6cb; }
.alert-success { background-color: #d4edda; color: #155724; border: 1px solid #c3e6cb; }
.form-label { display: block; margin-bottom: 5px; font-weight: bold; }
.form-control, .form-select { width: 100%; padding: 8px; margin-bottom: 10px; border-radius: 4px; border: 1px solid #ccc; }
.btn { padding: 10px 15px; border: none; border-radius: 4px; cursor: pointer; color: white; }
.btn-primary { background-color: #4A90E2; }
.mt-5 { margin-top: 3rem !important; }
</style>
</head>
<body>
<div class="container">
<div style="text-align: right; margin-bottom: 20px;">
Logged in as <strong><?php echo htmlspecialchars($_SESSION['username']); ?></strong> | <a href="logout.php">Logout</a>
</div>
<h1>User Management</h1>
<!-- All Users -->
<h3>All Users</h3>
<table>
<thead>
<tr>
<th>ID</th>
<th>Username</th>
<th>Email</th>
<th>Division</th>
<th>Department</th>
<th>Role</th>
<th>Registered At</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php foreach ($users as $user): ?>
<tr>
<td><?php echo htmlspecialchars($user['id']); ?></td>
<td><?php echo htmlspecialchars($user['username']); ?></td>
<td><?php echo htmlspecialchars($user['email']); ?></td>
<td><?php echo htmlspecialchars($user['division_name'] ?? 'N/A'); ?></td>
<td><?php echo htmlspecialchars($user['department_name'] ?? 'N/A'); ?></td>
<td><?php echo htmlspecialchars($user['role_name'] ?? 'N/A'); ?></td>
<td><?php echo htmlspecialchars($user['created_at']); ?></td>
<td><a href="edit_user.php?id=<?php echo $user['id']; ?>" class="btn btn-sm btn-primary">Edit</a></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<!-- Divisions -->
<h3 class="mt-5">Manage Divisions</h3>
<table>
<thead><tr><th>ID</th><th>Division Name</th><th>Actions</th></tr></thead>
<tbody>
<?php foreach ($divisions as $division): ?>
<tr>
<td><?php echo htmlspecialchars($division['id']); ?></td>
<td><?php echo htmlspecialchars($division['name']); ?></td>
<td>
<a href="edit_division.php?id=<?php echo $division['id']; ?>">Edit</a> |
<a href="delete_division.php?id=<?php echo $division['id']; ?>" onclick="return confirm('Are you sure?')">Delete</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<form action="create_division.php" method="POST" style="max-width: 500px; margin-top:1rem;">
<input type="text" name="division_name" placeholder="New Division Name" required class="form-control">
<button type="submit" class="btn btn-primary">Add Division</button>
</form>
<!-- Departments -->
<h3 class="mt-5">Manage Departments</h3>
<table>
<thead><tr><th>ID</th><th>Department Name</th><th>Division</th><th>Actions</th></tr></thead>
<tbody>
<?php foreach ($departments as $department): ?>
<tr>
<td><?php echo htmlspecialchars($department['id']); ?></td>
<td><?php echo htmlspecialchars($department['name']); ?></td>
<td><?php echo htmlspecialchars($department['division_name']); ?></td>
<td>
<a href="edit_department.php?id=<?php echo $department['id']; ?>">Edit</a> |
<a href="delete_department.php?id=<?php echo $department['id']; ?>" onclick="return confirm('Are you sure?')">Delete</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<form action="create_department.php" method="POST" style="max-width: 500px; margin-top:1rem;">
<select name="division_id" required class="form-select">
<option value="">Select Division</option>
<?php foreach ($divisions as $division): ?>
<option value="<?php echo $division['id']; ?>"><?php echo htmlspecialchars($division['name']); ?></option>
<?php endforeach; ?>
</select>
<input type="text" name="department_name" placeholder="New Department Name" required class="form-control">
<button type="submit" class="btn btn-primary">Add Department</button>
</form>
<!-- Roles -->
<h3 class="mt-5">Manage Roles</h3>
<table>
<thead><tr><th>ID</th><th>Role Name</th><th>Department</th><th>Actions</th></tr></thead>
<tbody>
<?php foreach ($roles as $role): ?>
<tr>
<td><?php echo htmlspecialchars($role['id']); ?></td>
<td><?php echo htmlspecialchars($role['name']); ?></td>
<td><?php echo htmlspecialchars($role['department_name']); ?></td>
<td>
<a href="edit_role.php?id=<?php echo $role['id']; ?>">Edit</a> |
<a href="delete_role.php?id=<?php echo $role['id']; ?>" onclick="return confirm('Are you sure?')">Delete</a>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<form action="create_role.php" method="POST" style="max-width: 500px; margin-top:1rem;">
<select name="department_id" required class="form-select">
<option value="">Select Department</option>
<?php foreach ($departments as $department): ?>
<option value="<?php echo $department['id']; ?>"><?php echo htmlspecialchars($department['name']); ?> (<?php echo htmlspecialchars($department['division_name']); ?>)</option>
<?php endforeach; ?>
</select>
<input type="text" name="role_name" placeholder="New Role Name" required class="form-control">
<button type="submit" class="btn btn-primary">Add Role</button>
</form>
<!-- Create New User -->
<h3 class="mt-5">Create New User</h3>
<form action="create_user.php" method="POST" style="max-width: 500px;">
<div class="mb-3">
<label for="new_username" class="form-label">Username</label>
<input type="text" class="form-control" id="new_username" name="username" required>
</div>
<div class="mb-3">
<label for="new_email" class="form-label">Email</label>
<input type="email" class="form-control" id="new_email" name="email" required>
</div>
<div class="mb-3">
<label for="new_password" class="form-label">Password</label>
<input type="password" class="form-control" id="new_password" name="password" required>
</div>
<div class="mb-3">
<label for="division_id" class="form-label">Division</label>
<select name="division_id" id="division_id" required class="form-select">
<option value="">Select Division</option>
<?php foreach ($divisions as $division): ?>
<option value="<?php echo $division['id']; ?>"><?php echo htmlspecialchars($division['name']); ?></option>
<?php endforeach; ?>
</select>
</div>
<div class="mb-3">
<label for="department_id" class="form-label">Department</label>
<select name="department_id" id="department_id" required class="form-select">
<option value="">Select Department</option>
</select>
</div>
<div class="mb-3">
<label for="role_id" class="form-label">Role</label>
<select name="role_id" id="role_id" required class="form-select">
<option value="">Select Role</option>
</select>
</div>
<button type="submit" class="btn btn-primary">Create User</button>
</form>
<script>
document.getElementById('division_id').addEventListener('change', function() {
var divisionId = this.value;
var departmentSelect = document.getElementById('department_id');
var roleSelect = document.getElementById('role_id');
departmentSelect.innerHTML = '<option value="">Select Department</option>';
roleSelect.innerHTML = '<option value="">Select Role</option>';
if (divisionId) {
fetch('api.php?action=get_departments&division_id=' + divisionId)
.then(response => response.json())
.then(data => {
data.forEach(function(department) {
var option = document.createElement('option');
option.value = department.id;
option.textContent = department.name;
departmentSelect.appendChild(option);
});
});
}
});
document.getElementById('department_id').addEventListener('change', function() {
var departmentId = this.value;
var roleSelect = document.getElementById('role_id');
roleSelect.innerHTML = '<option value="">Select Role</option>';
if (departmentId) {
fetch('api.php?action=get_roles&department_id=' + departmentId)
.then(response => response.json())
.then(data => {
data.forEach(function(role) {
var option = document.createElement('option');
option.value = role.id;
option.textContent = role.name;
roleSelect.appendChild(option);
});
});
}
});
</script>
<br>
<a href="dashboard.php">Menu</a>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink