admin/38395-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sadiq

Browse Source
This commit is contained in:
Flatlogic Bot 2026-02-13 08:56:51 +00:00
parent 4ad8ad11c8
commit 60a638c740
3 changed files with 62 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
db/setup.php
View File

@ -18,6 +18,7 @@ try {
// Cars Table // Cars Table
$pdo->exec("CREATE TABLE IF NOT EXISTS cars ( $pdo->exec("CREATE TABLE IF NOT EXISTS cars (
id INT AUTO_INCREMENT PRIMARY KEY, id INT AUTO_INCREMENT PRIMARY KEY,
owner_id INT NULL,
title VARCHAR(255) NOT NULL, title VARCHAR(255) NOT NULL,
brand VARCHAR(100) NOT NULL, brand VARCHAR(100) NOT NULL,
model VARCHAR(100) NOT NULL, model VARCHAR(100) NOT NULL,
@ -30,16 +31,44 @@ try {
description TEXT, description TEXT,
image_url VARCHAR(255), image_url VARCHAR(255),
status ENUM('available', 'sold') DEFAULT 'available', status ENUM('available', 'sold') DEFAULT 'available',
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP approval_status ENUM('pending', 'approved', 'rejected') DEFAULT 'approved',
view_count INT DEFAULT 0,
badge VARCHAR(50) NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (owner_id) REFERENCES users(id) ON DELETE SET NULL
) ENGINE=InnoDB;"); ) ENGINE=InnoDB;");
// Bookings Table // Reviews Table
$pdo->exec("CREATE TABLE IF NOT EXISTS bookings ( $pdo->exec("CREATE TABLE IF NOT EXISTS reviews (
id INT AUTO_INCREMENT PRIMARY KEY, id INT AUTO_INCREMENT PRIMARY KEY,
user_id INT NOT NULL, user_id INT NOT NULL,
car_id INT NOT NULL, car_id INT NOT NULL,
message TEXT, rating INT NOT NULL CHECK (rating >= 1 AND rating <= 5),
status ENUM('pending', 'confirmed', 'cancelled') DEFAULT 'pending', comment TEXT,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
FOREIGN KEY (car_id) REFERENCES cars(id) ON DELETE CASCADE
) ENGINE=InnoDB;");
// Notifications Table
$pdo->exec("CREATE TABLE IF NOT EXISTS notifications (
id INT AUTO_INCREMENT PRIMARY KEY,
user_id INT NULL,
message TEXT NOT NULL,
type VARCHAR(50) DEFAULT 'info',
is_read TINYINT(1) DEFAULT 0,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
) ENGINE=InnoDB;");
// Purchases Table
$pdo->exec("CREATE TABLE IF NOT EXISTS purchases (
id INT AUTO_INCREMENT PRIMARY KEY,
user_id INT NOT NULL,
car_id INT NOT NULL,
amount DECIMAL(12, 2) NOT NULL,
bank_name VARCHAR(100) NOT NULL,
transaction_id VARCHAR(100) NOT NULL,
status ENUM('pending', 'completed', 'failed') DEFAULT 'completed',
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP, created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE, FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
FOREIGN KEY (car_id) REFERENCES cars(id) ON DELETE CASCADE FOREIGN KEY (car_id) REFERENCES cars(id) ON DELETE CASCADE
@ -65,47 +94,31 @@ try {
$pdo->prepare("INSERT INTO users (full_name, email, password, role) VALUES (?, ?, ?, ?)") $pdo->prepare("INSERT INTO users (full_name, email, password, role) VALUES (?, ?, ?, ?)")
->execute(['Admin User', $adminEmail, $pass, 'admin']); ->execute(['Admin User', $adminEmail, $pass, 'admin']);
echo "Admin user created (admin@gmail.com / 12345678)\n"; echo "Admin user created (admin@gmail.com / 12345678)\n";
} else {
// Update password just in case
$pass = password_hash('12345678', PASSWORD_DEFAULT);
$pdo->prepare("UPDATE users SET password = ? WHERE email = ?")->execute([$pass, $adminEmail]);
echo "Admin password verified/updated.\n";
} }
// Insert 20 cars if empty // Insert cars if empty
$stmt = $pdo->query("SELECT COUNT(*) FROM cars"); $stmt = $pdo->query("SELECT COUNT(*) FROM cars");
if ($stmt->fetchColumn() < 20) { if ($stmt->fetchColumn() == 0) {
$pdo->exec("SET FOREIGN_KEY_CHECKS = 0");
$pdo->exec("TRUNCATE TABLE cars");
$pdo->exec("TRUNCATE TABLE bookings");
$pdo->exec("TRUNCATE TABLE favorites");
$pdo->exec("SET FOREIGN_KEY_CHECKS = 1");
$sampleCars = [ $sampleCars = [
['Toyota Corolla 2022', 'Toyota', 'Corolla', 2022, 18500, 'Kabul', 'Petrol', 'Automatic', 12000, 'Like new condition, full options.', 'https://images.pexels.com/photos/3311574/pexels-photo-3311574.jpeg?auto=compress&cs=tinysrgb&w=800'], ['Toyota Corolla 2022', 'Toyota', 'Corolla', 2022, 18500, 'Kabul', 'Petrol', 'Automatic', 12000, 'Like new condition, full options.', 'https://images.pexels.com/photos/3311574/pexels-photo-3311574.jpeg?auto=compress&cs=tinysrgb&w=800'],
['Lexus LX570 2018', 'Lexus', 'LX570', 2018, 75000, 'Herat', 'Petrol', 'Automatic', 45000, 'Powerful SUV, VIP interior.', 'https://images.pexels.com/photos/170811/pexels-photo-170811.jpeg?auto=compress&cs=tinysrgb&w=800'], ['Lexus LX570 2018', 'Lexus', 'LX570', 2018, 75000, 'Herat', 'Petrol', 'Automatic', 45000, 'Powerful SUV, VIP interior.', 'https://images.pexels.com/photos/170811/pexels-photo-170811.jpeg?auto=compress&cs=tinysrgb&w=800'],
['Mercedes-Benz C300', 'Mercedes-Benz', 'C300', 2020, 32000, 'Mazar-i-Sharif', 'Petrol', 'Automatic', 25000, 'Excellent fuel efficiency and comfort.', 'https://images.pexels.com/photos/120049/pexels-photo-120049.jpeg?auto=compress&cs=tinysrgb&w=800'], ['Mercedes-Benz C300', 'Mercedes-Benz', 'C300', 2020, 32000, 'Mazar-i-Sharif', 'Petrol', 'Automatic', 25000, 'Excellent fuel efficiency and comfort.', 'https://images.pexels.com/photos/120049/pexels-photo-120049.jpeg?auto=compress&cs=tinysrgb&w=800'],
['Toyota Land Cruiser Prado', 'Toyota', 'Prado', 2019, 55000, 'Kabul', 'Diesel', 'Automatic', 30000, 'Perfect for off-road and city driving.', 'https://images.pexels.com/photos/112460/pexels-photo-112460.jpeg?auto=compress&cs=tinysrgb&w=800'], ['Toyota Land Cruiser Prado', 'Toyota', 'Prado', 2019, 55000, 'Kabul', 'Diesel', 'Automatic', 30000, 'Perfect for off-road and city driving.', 'https://images.pexels.com/photos/112460/pexels-photo-112460.jpeg?auto=compress&cs=tinysrgb&w=800'],
['Hyundai Elantra', 'Hyundai', 'Elantra', 2021, 21000, 'Kabul', 'Petrol', 'Automatic', 15000, 'Modern design and great fuel economy.', 'https://images.pexels.com/photos/3752162/pexels-photo-3752162.jpeg?auto=compress&cs=tinysrgb&w=800'], ['Hyundai Elantra', 'Hyundai', 'Elantra', 2021, 21000, 'Kabul', 'Petrol', 'Automatic', 15000, 'Modern design and great fuel economy.', 'https://images.pexels.com/photos/3752162/pexels-photo-3752162.jpeg?auto=compress&cs=tinysrgb&w=800']
['Kia Sportage', 'Kia', 'Sportage', 2022, 28000, 'Herat', 'Petrol', 'Automatic', 8000, 'Latest model, panoramic sunroof.', 'https://images.pexels.com/photos/358070/pexels-photo-358070.jpeg?auto=compress&cs=tinysrgb&w=800'],
['Toyota Hilux', 'Toyota', 'Hilux', 2020, 35000, 'Kandahar', 'Diesel', 'Manual', 40000, 'Reliable workhorse, 4x4.', 'https://images.pexels.com/photos/1035108/pexels-photo-1035108.jpeg?auto=compress&cs=tinysrgb&w=800'],
['Honda Civic', 'Honda', 'Civic', 2017, 15000, 'Mazar-i-Sharif', 'Petrol', 'Automatic', 60000, 'Sporty look, well maintained.', 'https://images.pexels.com/photos/1149137/pexels-photo-1149137.jpeg?auto=compress&cs=tinysrgb&w=800'],
['Lexus RX350', 'Lexus', 'RX350', 2016, 28000, 'Kabul', 'Petrol', 'Automatic', 75000, 'Luxury SUV, smooth ride.', 'https://images.pexels.com/photos/116675/pexels-photo-116675.jpeg?auto=compress&cs=tinysrgb&w=800'],
['Nissan Patrol', 'Nissan', 'Patrol', 2015, 42000, 'Jalalabad', 'Petrol', 'Automatic', 90000, 'Desert king, powerful V8 engine.', 'https://images.pexels.com/photos/1637859/pexels-photo-1637859.jpeg?auto=compress&cs=tinysrgb&w=800'],
['Toyota Camry 2023', 'Toyota', 'Camry', 2023, 31000, 'Kabul', 'Hybrid', 'Automatic', 5000, 'Eco-friendly and premium comfort.', 'https://images.pexels.com/photos/210019/pexels-photo-210019.jpeg?auto=compress&cs=tinysrgb&w=800'],
['BMW X5', 'BMW', 'X5', 2018, 45000, 'Kabul', 'Petrol', 'Automatic', 55000, 'High performance and luxury features.', 'https://images.pexels.com/photos/1007410/pexels-photo-1007410.jpeg?auto=compress&cs=tinysrgb&w=800'],
['Ford Mustang', 'Ford', 'Mustang', 2019, 38000, 'Herat', 'Petrol', 'Automatic', 20000, 'Iconic muscle car, head-turner.', 'https://images.pexels.com/photos/337909/pexels-photo-337909.jpeg?auto=compress&cs=tinysrgb&w=800'],
['Volkswagen Golf', 'Volkswagen', 'Golf', 2017, 14000, 'Mazar-i-Sharif', 'Diesel', 'Manual', 85000, 'Compact and efficient daily driver.', 'https://images.pexels.com/photos/1149831/pexels-photo-1149831.jpeg?auto=compress&cs=tinysrgb&w=800'],
['Toyota RAV4', 'Toyota', 'RAV4', 2021, 29000, 'Kabul', 'Hybrid', 'Automatic', 12000, 'Smart SUV for modern lifestyle.', 'https://images.pexels.com/photos/3156482/pexels-photo-3156482.jpeg?auto=compress&cs=tinysrgb&w=800'],
['Mercedes-Benz G-Class', 'Mercedes-Benz', 'G-Wagon', 2020, 180000, 'Kabul', 'Petrol', 'Automatic', 15000, 'Luxury status symbol, armored glass.', 'https://images.pexels.com/photos/100656/pexels-photo-100656.jpeg?auto=compress&cs=tinysrgb&w=800'],
['Hyundai Tucson', 'Hyundai', 'Tucson', 2022, 27500, 'Herat', 'Petrol', 'Automatic', 10000, 'Modern tech and spacious interior.', 'https://images.pexels.com/photos/3972755/pexels-photo-3972755.jpeg?auto=compress&cs=tinysrgb&w=800'],
['Kia Sorento', 'Kia', 'Sorento', 2021, 32000, 'Kabul', 'Diesel', 'Automatic', 18000, '7-seater family SUV, great for long trips.', 'https://images.pexels.com/photos/1149137/pexels-photo-1149137.jpeg?auto=compress&cs=tinysrgb&w=800'],
['Honda Accord', 'Honda', 'Accord', 2018, 19500, 'Mazar-i-Sharif', 'Petrol', 'Automatic', 45000, 'Reliable sedan with premium feel.', 'https://images.pexels.com/photos/3802510/pexels-photo-3802510.jpeg?auto=compress&cs=tinysrgb&w=800'],
['Toyota 4Runner', 'Toyota', '4Runner', 2017, 34000, 'Kabul', 'Petrol', 'Automatic', 70000, 'Legendary reliability, off-road ready.', 'https://images.pexels.com/photos/1592384/pexels-photo-1592384.jpeg?auto=compress&cs=tinysrgb&w=800']
]; ];
$insert = $pdo->prepare("INSERT INTO cars (title, brand, model, year, price, location, fuel_type, transmission, mileage, description, image_url) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"); $insert = $pdo->prepare("INSERT INTO cars (title, brand, model, year, price, location, fuel_type, transmission, mileage, description, image_url, approval_status) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, 'approved')");
foreach ($sampleCars as $car) { foreach ($sampleCars as $car) {
$insert->execute($car); $insert->execute($car);
} }
echo "Database populated with 20 cars.\n"; echo "Database populated with cars.\n";
} }
} catch (PDOException $e) { } catch (PDOException $e) {
die("Database Error: " . $e->getMessage()); die("Database Error: " . $e->getMessage());
} }

17
login.php
View File

@ -4,8 +4,8 @@ include 'includes/header.php';
$error = ''; $error = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$email = $_POST['email'] ?? ''; $email = trim($_POST['email'] ?? '');
$password = $_POST['password'] ?? ''; $password = trim($_POST['password'] ?? '');
if ($email && $password) { if ($email && $password) {
$pdo = db(); $pdo = db();
@ -17,7 +17,12 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$_SESSION['user_id'] = $user['id']; $_SESSION['user_id'] = $user['id'];
$_SESSION['full_name'] = $user['full_name']; $_SESSION['full_name'] = $user['full_name'];
$_SESSION['role'] = $user['role']; $_SESSION['role'] = $user['role'];
header('Location: index.php');
if ($user['role'] === 'admin') {
header('Location: admin/dashboard.php');
} else {
header('Location: user/dashboard.php');
}
exit; exit;
} else { } else {
$error = "Invalid email or password."; $error = "Invalid email or password.";
@ -34,7 +39,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
<div class="card border-0 shadow-sm p-4" style="border-radius: 20px;"> <div class="card border-0 shadow-sm p-4" style="border-radius: 20px;">
<div class="text-center mb-4"> <div class="text-center mb-4">
<h2 class="fw-bold">Welcome Back</h2> <h2 class="fw-bold">Welcome Back</h2>
<p class="text-muted">Login to manage your bookings and favorites</p> <p class="text-muted">Login to manage your listings and account</p>
</div> </div>
<?php if ($error): ?> <?php if ($error): ?>
@ -44,7 +49,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
<form method="POST"> <form method="POST">
<div class="mb-3"> <div class="mb-3">
<label class="form-label">Email Address</label> <label class="form-label">Email Address</label>
<input type="email" name="email" class="form-control" placeholder="name@example.com" required> <input type="email" name="email" class="form-control" placeholder="admin@gmail.com" required>
</div> </div>
<div class="mb-4"> <div class="mb-4">
<label class="form-label">Password</label> <label class="form-label">Password</label>
@ -61,4 +66,4 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
</div> </div>
</div> </div>
<?php include 'includes/footer.php'; ?> <?php include 'includes/footer.php'; ?>

12
register.php
View File

@ -4,10 +4,10 @@ include 'includes/header.php';
$error = ''; $error = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$full_name = $_POST['full_name'] ?? ''; $full_name = trim($_POST['full_name'] ?? '');
$email = $_POST['email'] ?? ''; $email = trim($_POST['email'] ?? '');
$password = $_POST['password'] ?? ''; $password = trim($_POST['password'] ?? '');
$phone = $_POST['phone'] ?? ''; $phone = trim($_POST['phone'] ?? '');
if ($full_name && $email && $password) { if ($full_name && $email && $password) {
$pdo = db(); $pdo = db();
@ -24,7 +24,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$_SESSION['user_id'] = $pdo->lastInsertId(); $_SESSION['user_id'] = $pdo->lastInsertId();
$_SESSION['full_name'] = $full_name; $_SESSION['full_name'] = $full_name;
$_SESSION['role'] = 'user'; $_SESSION['role'] = 'user';
header('Location: index.php'); header('Location: user/dashboard.php');
exit; exit;
} else { } else {
$error = "Registration failed. Please try again."; $error = "Registration failed. Please try again.";
@ -77,4 +77,4 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
</div> </div>
</div> </div>
<?php include 'includes/footer.php'; ?> <?php include 'includes/footer.php'; ?>