diff --git a/about.php b/about.php index 50beb87..e6e9caa 100644 --- a/about.php +++ b/about.php @@ -38,7 +38,7 @@ $t = $texts[$lang]; // Database fetch $pdo = db(); -$profile = $pdo->query("SELECT * FROM org_profile LIMIT 1")->fetch(); +$profile = $pdo->query("SELECT * FROM org_profile LIMIT 1")->fetch(PDO::FETCH_ASSOC); require_once 'includes/header.php'; ?> @@ -54,6 +54,14 @@ require_once 'includes/header.php'; font-size: 2.5rem; font-weight: 800; } +.page-content { + line-height: 1.8; +} +.page-content h2 { + font-weight: 700; + margin-top: 2rem; + margin-bottom: 1rem; +}
@@ -65,11 +73,15 @@ require_once 'includes/header.php';
-
-

Our Mission

-

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed non risus. Suspendisse lectus tortor, dignissim sit amet, adipiscing nec, ultricies sed, dolor. Cras elementum ultrices diam. Maecenas ligula massa, varius a, semper congue, euismod non, mi. Proin porttitor, orci nec nonummy molestie, enim est eleifend mi, non fermentum diam nisl sit amet erat. Duis semper. Duis arcu massa, scelerisque vitae, consequat in, pretium a, enim. Pellentesque congue. Ut in risus volutpat libero pharetra tempor. Cras vestibulum bibendum augue. Praesent egestas leo in pede. Praesent blandit odio eu enim. Pellentesque sed dui ut augue blandit sodales. Vestibulum ante ipsum primis in faucibus orci luctus et ultrices posuere cubilia Curae; Aliquam nibh.

-

Our Vision

-

Praesent vitae arcu tempor, aliquet nisl et, accumsan lectus. Curabitur vel sem sit amet nulla fermentum consequat. In eget nisl sedligula ultrices commodo. Nam vel velit nec turpis blandit malesuada. Duis ac accumsan erat. Phasellus et ex pretium, consequat lacus eget, pulvinar turpis. Integer maximus magna et, porttitor purus. Quisque non sodales sem, id eleifend tellus. Nulla ut sit amet sem non neque pellentesque.sdf

+
+ " . ($lang === 'ar' ? 'لم يتم إضافة المحتوى بعد. يرجى إضافته من لوحة التحكم.' : 'Content has not been added yet. Please add it from the admin panel.') . "

"; + } else { + echo $content; + } + ?>
@@ -79,4 +91,4 @@ require_once 'includes/header.php'; - \ No newline at end of file + diff --git a/admin/about.php b/admin/about.php new file mode 100644 index 0000000..b3d87dc --- /dev/null +++ b/admin/about.php @@ -0,0 +1,78 @@ +query("SELECT * FROM org_profile LIMIT 1")->fetch(PDO::FETCH_ASSOC); + +if ($_SERVER['REQUEST_METHOD'] === 'POST') { + if (isset($_POST['description_en']) && isset($_POST['description_ar'])) { + $stmt = $pdo->prepare("UPDATE org_profile SET description_en = ?, description_ar = ? WHERE id = ?"); + $stmt->execute([ + $_POST['description_en'], + $_POST['description_ar'], + $profile['id'] + ]); + header('Location: about.php?success=1'); + exit; + } +} + +$is_rtl = (get_current_lang() === 'ar'); +?> + + + + + + <?= __('About Us Page') ?> - <?= htmlspecialchars(get_org_name()) ?> + + + + + + + + + + + + + + +
+
+

+
+ + +
+ + +
+ + +
+
+ +
+
+
+
+ + +
+
+ + +
+ +
+
+
+
+ + + + diff --git a/admin/auth.php b/admin/auth.php index 635eb37..24b7eb5 100644 --- a/admin/auth.php +++ b/admin/auth.php @@ -51,12 +51,12 @@ function is_super_admin() { /** * Log an action to audit_logs table */ -function log_action($action, $details = '') { +function log_action($action, $details = '', $case_id = null) { try { $pdo = db(); $user_id = $_SESSION['user_id'] ?? null; - $stmt = $pdo->prepare("INSERT INTO audit_logs (user_id, action, details) VALUES (?, ?, ?)"); - $stmt->execute([$user_id, $action, $details]); + $stmt = $pdo->prepare("INSERT INTO audit_logs (user_id, action, details, case_id) VALUES (?, ?, ?, ?)"); + $stmt->execute([$user_id, $action, $details, $case_id]); } catch (Exception $e) { error_log("Failed to log action: " . $e->getMessage()); } diff --git a/admin/case_history.php b/admin/case_history.php new file mode 100644 index 0000000..af05925 --- /dev/null +++ b/admin/case_history.php @@ -0,0 +1,104 @@ +prepare("SELECT * FROM cases WHERE id = ?"); +$stmt->execute([$case_id]); +$case = $stmt->fetch(); + +if (!$case) { + header('Location: cases.php'); + exit; +} + +// Fetch audit logs for this case +$stmt = $pdo->prepare(" + SELECT l.*, u.email as user_email + FROM audit_logs l + LEFT JOIN users u ON l.user_id = u.id + WHERE l.case_id = ? + ORDER BY l.created_at DESC +"); +$stmt->execute([$case_id]); +$logs = $stmt->fetchAll(); + +$is_rtl = (get_current_lang() === 'ar'); +?> + + + + + + <?= __('Case History') ?> - <?= htmlspecialchars($case['title_en']) ?> + + + + + + + + + + + + + + +
+
+
+

+

+
+ +
+ +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + +
+ + + +
+
+
+
+ + + + diff --git a/admin/case_report.php b/admin/case_report.php new file mode 100644 index 0000000..bd2d4bb --- /dev/null +++ b/admin/case_report.php @@ -0,0 +1,197 @@ +prepare('SELECT c.*, cat.name_en as category_name FROM cases c JOIN categories cat ON c.category_id = cat.id WHERE c.id = ?'); +$stmt->execute([$case_id]); +$case = $stmt->fetch(PDO::FETCH_ASSOC); + +if (!$case) { + die('Case not found'); +} + +// Fetch data for PDF +$donations_stmt = $pdo->prepare('SELECT * FROM donations WHERE case_id = ? ORDER BY created_at DESC'); +$donations_stmt->execute([$case_id]); +$donations = $donations_stmt->fetchAll(PDO::FETCH_ASSOC); + +$logs_stmt = $pdo->prepare('SELECT al.*, u.email FROM audit_logs al LEFT JOIN users u ON al.user_id = u.id WHERE al.case_id = ? ORDER BY al.created_at DESC'); +$logs_stmt->execute([$case_id]); +$audit_logs = $logs_stmt->fetchAll(PDO::FETCH_ASSOC); + +// PDF Generation Class +class PDF extends FPDF +{ + function Header() { + if (file_exists('../assets/images/logo_1770967720.jpg')) { + $this->Image('../assets/images/logo_1770967720.jpg', 10, 6, 30); + } + $this->SetFont('Arial', 'B', 15); + $this->Cell(80); + $this->Cell(30, 10, 'Case Report', 0, 0, 'C'); + $this->Ln(20); + } + function Footer() { + $this->SetY(-15); + $this->SetFont('Arial', 'I', 8); + $this->Cell(0, 10, 'Page ' . $this->PageNo() . '/{nb}', 0, 0, 'C'); + } +} + +function generate_pdf($case, $donations, $audit_logs) +{ + $pdf = new PDF(); + $pdf->AliasNbPages(); + $pdf->AddPage(); + $pdf->SetFont('Times', '', 12); + + // Case Details + $pdf->SetFont('Arial', 'B', 16); + $pdf->Cell(0, 10, 'Case Details', 0, 1, 'L'); + $pdf->SetFont('Arial', '', 12); + $pdf->Cell(40, 10, 'Case ID:', 0, 0); $pdf->Cell(0, 10, $case['id'], 0, 1); + $pdf->Cell(40, 10, 'Title:', 0, 0); $pdf->Cell(0, 10, $case['title_en'], 0, 1); + $pdf->Cell(40, 10, 'Category:', 0, 0); $pdf->Cell(0, 10, $case['category_name'], 0, 1); + $pdf->Cell(40, 10, 'Goal Amount:', 0, 0); $pdf->Cell(0, 10, 'OMR ' . number_format($case['goal'], 3), 0, 1); + $pdf->Cell(40, 10, 'Raised Amount:', 0, 0); $pdf->Cell(0, 10, 'OMR ' . number_format($case['raised'], 3), 0, 1); + $pdf->Cell(40, 10, 'Status:', 0, 0); $pdf->Cell(0, 10, ucfirst($case['status']), 0, 1); + $pdf->Ln(10); + + // Donations + $pdf->SetFont('Arial', 'B', 16); + $pdf->Cell(0, 10, 'Donations', 0, 1, 'L'); + $pdf->SetFont('Arial', 'B', 10); + $pdf->Cell(25, 7, 'ID', 1, 0, 'C'); $pdf->Cell(50, 7, 'Donor', 1, 0, 'C'); $pdf->Cell(35, 7, 'Amount', 1, 0, 'C'); $pdf->Cell(40, 7, 'Date', 1, 0, 'C'); $pdf->Cell(30, 7, 'Status', 1, 1, 'C'); + $pdf->SetFont('Arial', '', 10); + if (empty($donations)) { + $pdf->Cell(180, 10, 'No donations for this case.', 1, 1, 'C'); + } else { + foreach ($donations as $donation) { + $pdf->Cell(25, 7, $donation['id'], 1, 0, 'C'); + $pdf->Cell(50, 7, htmlspecialchars($donation['donor_name']), 1, 0, 'L'); + $pdf->Cell(35, 7, 'OMR ' . number_format($donation['amount'], 3), 1, 0, 'R'); + $pdf->Cell(40, 7, $donation['created_at'], 1, 0, 'C'); + $pdf->Cell(30, 7, ucfirst($donation['status']), 1, 1, 'C'); + } + } + $pdf->Ln(10); + + // History + $pdf->SetFont('Arial', 'B', 16); + $pdf->Cell(0, 10, 'Case History', 0, 1, 'L'); + $pdf->SetFont('Arial', 'B', 10); + $pdf->Cell(20, 7, 'Log ID', 1, 0, 'C'); $pdf->Cell(30, 7, 'User', 1, 0, 'C'); $pdf->Cell(80, 7, 'Action', 1, 0, 'C'); $pdf->Cell(50, 7, 'Timestamp', 1, 1, 'C'); + $pdf->SetFont('Arial', '', 9); + if (empty($audit_logs)) { + $pdf->Cell(180, 10, 'No history for this case.', 1, 1, 'C'); + } else { + foreach ($audit_logs as $log) { + $pdf->Cell(20, 7, $log['id'], 1, 0, 'C'); + $pdf->Cell(30, 7, htmlspecialchars($log['email']), 1, 0, 'C'); + $pdf->Cell(80, 7, htmlspecialchars($log['action']), 1, 0, 'L'); + $pdf->Cell(50, 7, $log['created_at'], 1, 1, 'C'); + } + } + + return $pdf; +} + +// Handle Email Sending +$email_msg = ''; +if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['send_email'])) { + $recipient = filter_var($_POST['recipient_email'], FILTER_VALIDATE_EMAIL); + $message = htmlspecialchars($_POST['message']); + + if ($recipient) { + // Generate and save PDF + $pdf = generate_pdf($case, $donations, $audit_logs); + $tmp_dir = '../tmp'; + if (!is_dir($tmp_dir)) mkdir($tmp_dir, 0775, true); + $filename = "Case_Report_" . $case_id . "_" . time() . ".pdf"; + $filepath = $tmp_dir . '/' . $filename; + $pdf->Output('F', $filepath); + + // Send email + $subject = "Case Report: " . $case['title_en']; + $res = MailService::sendMail($recipient, $subject, $message, null, [], [$filepath]); + + // Clean up and set message + unlink($filepath); + if ($res['success']) { + $email_msg = '
Email sent successfully!
'; + } else { + $email_msg = '
Failed to send email. Error: ' . ($res['error'] ?? 'Unknown') . '
'; + } + } else { + $email_msg = '
Invalid recipient email address.
'; + } +} + +// Handle PDF view +if (isset($_GET['view']) && $_GET['view'] === 'pdf') { + $pdf = generate_pdf($case, $donations, $audit_logs); + $pdf->Output('I', 'Case_Report_' . $case_id . '.pdf'); + exit; +} + +$is_rtl = (get_current_lang() === 'ar'); +?> + + + + + Case Report - <?= htmlspecialchars($case['title_en']) ?> + + + + + + +
+

Case Report:

+ + + +
+
+
Actions
+
+
+ Download PDF +
+
+ +
+
+
Email Report
+
+
+
+
+ + +
+
+ + +
+ +
+
+
+
+ + + \ No newline at end of file diff --git a/admin/cases.php b/admin/cases.php index 751d578..fb25e4b 100644 --- a/admin/cases.php +++ b/admin/cases.php @@ -38,7 +38,7 @@ if (isset($_GET['delete'])) { if ($case_to_delete) { $pdo->prepare("DELETE FROM cases WHERE id = ?")->execute([$id]); - log_action('delete_case', "Deleted case: " . $case_to_delete['title_en'] . " (ID: $id)"); + log_action('delete_case', "Deleted case: " . $case_to_delete['title_en'] . " (ID: $id)", $id); } header('Location: cases.php?success=deleted'); @@ -87,12 +87,12 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($id) { $stmt = $pdo->prepare("UPDATE cases SET category_id=?, title_en=?, title_ar=?, desc_en=?, desc_ar=?, goal=?, image_url=?, importance=?, status=? WHERE id=?"); $stmt->execute([$category_id, $title_en, $title_ar, $desc_en, $desc_ar, $goal, $image_url, $importance, $status, $id]); - log_action('edit_case', "Updated case: $title_en (ID: $id)"); + log_action('edit_case', "Updated case: $title_en (ID: $id)", $id); } else { $stmt = $pdo->prepare("INSERT INTO cases (category_id, title_en, title_ar, desc_en, desc_ar, goal, raised, image_url, importance, status) VALUES (?, ?, ?, ?, ?, ?, 0, ?, ?, ?)"); $stmt->execute([$category_id, $title_en, $title_ar, $desc_en, $desc_ar, $goal, $image_url, $importance, $status]); $new_id = $pdo->lastInsertId(); - log_action('create_case', "Created new case: $title_en (ID: $new_id)"); + log_action('create_case', "Created new case: $title_en (ID: $new_id)", $new_id); } header('Location: cases.php?success=saved'); exit; @@ -200,6 +200,8 @@ $is_rtl = (get_current_lang() === 'ar'); + + @@ -297,7 +299,7 @@ $is_rtl = (get_current_lang() === 'ar');
- +