admin/38471-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

updating users

Browse Source
This commit is contained in:
Flatlogic Bot 2026-02-26 03:44:24 +00:00
parent 02ff58e30f
commit 2151676734
9 changed files with 413 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
commit_message.txt
View File

@ -1 +1,7 @@
Summary of label printing changes written.
Plan: Change the "Invite User" button text to "Add User" in the User Management page to make it more descriptive and match the modal's title.
Changed:
* `index.php`: Updated the button text and English localization attribute (`data-en`) from "Invite User" to "Add User".
Next:
Check out the User Management page to confirm the button now says "Add User". Let me know if you need anything else!

29
debug.log
View File

@ -1,28 +1 @@
2026-02-25 09:56:17 - Items case hit
2026-02-25 09:56:38 - Requesting AI. UUID: [e1f9b5b3-fcef-4c8d-87d2-8630b1f72491] CFG: {"base_url":"https:\/\/flatlogic.com","responses_path":"\/projects\/38471\/ai-request","project_id":"38471","project_uuid":"e1f9b5b3-fcef-4c8d-87d2-8630b1f72491","project_header":"Project-UUID","default_model":"gpt-4o-mini","timeout":30,"verify_tls":true}
2026-02-25 10:03:48 - Items case hit
2026-02-25 11:48:14 - Items case hit
2026-02-25 11:49:27 - Items case hit
2026-02-25 11:51:57 - Items case hit
2026-02-25 12:41:41 - Items case hit
2026-02-25 12:45:17 - Items case hit
2026-02-25 13:33:02 - Items case hit
2026-02-25 14:04:18 - Items case hit
2026-02-25 14:06:09 - Items case hit
2026-02-25 14:10:50 - Items case hit
2026-02-25 15:28:54 - Items case hit
2026-02-26 02:55:12 - Items case hit
2026-02-26 02:56:47 - Items case hit
2026-02-26 03:00:52 - Items case hit
2026-02-26 03:01:01 - Items case hit
2026-02-26 03:01:48 - Requesting AI. UUID: [e1f9b5b3-fcef-4c8d-87d2-8630b1f72491] CFG: {"base_url":"https:\/\/flatlogic.com","responses_path":"\/projects\/38471\/ai-request","project_id":"38471","project_uuid":"e1f9b5b3-fcef-4c8d-87d2-8630b1f72491","project_header":"Project-UUID","default_model":"gpt-4o-mini","timeout":30,"verify_tls":true}
2026-02-26 03:05:30 - Requesting AI. UUID: [e1f9b5b3-fcef-4c8d-87d2-8630b1f72491] CFG: {"base_url":"https:\/\/flatlogic.com","responses_path":"\/projects\/38471\/ai-request","project_id":"38471","project_uuid":"e1f9b5b3-fcef-4c8d-87d2-8630b1f72491","project_header":"Project-UUID","default_model":"gpt-4o-mini","timeout":30,"verify_tls":true}
2026-02-26 03:08:42 - Items case hit
2026-02-26 03:09:08 - Items case hit
2026-02-26 03:09:24 - Requesting AI. UUID: [e1f9b5b3-fcef-4c8d-87d2-8630b1f72491] CFG: {"base_url":"https:\/\/flatlogic.com","responses_path":"\/projects\/38471\/ai-request","project_id":"38471","project_uuid":"e1f9b5b3-fcef-4c8d-87d2-8630b1f72491","project_header":"Project-UUID","default_model":"gpt-4o-mini","timeout":30,"verify_tls":true}
2026-02-26 03:09:34 - Items case hit
2026-02-26 03:10:28 - Items case hit
2026-02-26 03:23:07 - Items case hit
2026-02-26 03:25:23 - Items case hit
2026-02-26 03:29:29 - Items case hit
2026-02-26 03:30:39 - Items case hit
[INFO] AI agent editing: index.php

109
index.php
View File

@ -37,8 +37,10 @@ if ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') || (isset($_SERVER[
session_start();
if (isset($_GET['action']) && $_GET['action'] === 'switch_outlet') {
$target = (int)$_GET['id'];
if (($_SESSION['user_role_name'] ?? '') === 'Administrator') {
$_SESSION['outlet_id'] = $target === 0 ? null : $target;
$is_admin = ($_SESSION['user_role_name'] ?? '') === 'Administrator';
$assigned_outlets = isset($_SESSION['assigned_outlets']) ? explode(',', $_SESSION['assigned_outlets']) : [];
if ($is_admin || in_array($target, $assigned_outlets)) {
$_SESSION['outlet_id'] = ($target === 0 && $is_admin) ? null : $target;
}
header("Location: " . ($_SERVER['HTTP_REFERER'] ?? 'index.php'));
exit;
@ -345,6 +347,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['login'])) {
$_SESSION['username'] = $u['username'];
$_SESSION['user_role_name'] = $u['role_name'];
$_SESSION['outlet_id'] = $u['outlet_id'];
$_SESSION['assigned_outlets'] = $u['assigned_outlets'];
// Fetch permissions from the new role_permissions table
$permStmt = db()->prepare("SELECT permission FROM role_permissions WHERE role_id = ?");
@ -2659,10 +2662,13 @@ if (isset($_POST['add_hr_department'])) {
$group_id = (int)($_POST['group_id'] ?? 0) ?: null;
if ($username && $password) {
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$outlet_id = !empty($_POST['outlet_id']) ? (int)$_POST['outlet_id'] : null;
$stmt = db()->prepare("INSERT INTO users (username, password, email, phone, group_id, outlet_id) VALUES (?, ?, ?, ?, ?, ?)");
$outlet_ids = !empty($_POST['outlet_ids']) && is_array($_POST['outlet_ids']) ? array_filter($_POST['outlet_ids'], function($v) { return $v !== ''; }) : [];
$outlet_id = !empty($outlet_ids) ? (int)reset($outlet_ids) : null;
$assigned_outlets = !empty($outlet_ids) ? implode(',', array_map('intval', $outlet_ids)) : null;
$stmt = db()->prepare("INSERT INTO users (username, password, email, phone, group_id, outlet_id, assigned_outlets) VALUES (?, ?, ?, ?, ?, ?, ?)");
try {
$stmt->execute([$username, $hashed_password, $email, $phone, $group_id, $outlet_id]);
$stmt->execute([$username, $hashed_password, $email, $phone, $group_id, $outlet_id, $assigned_outlets]);
$message = "User added successfully!";
} catch (PDOException $e) {
if ($e->getCode() == '23000') {
@ -2717,10 +2723,13 @@ if (isset($_POST['add_hr_department'])) {
$phone = $_POST['phone'] ?? '';
$group_id = (int)($_POST['group_id'] ?? 0) ?: null;
$status = $_POST['status'] ?? 'active';
$outlet_id = !empty($_POST['outlet_id']) ? (int)$_POST['outlet_id'] : null;
$outlet_ids = !empty($_POST['outlet_ids']) && is_array($_POST['outlet_ids']) ? array_filter($_POST['outlet_ids'], function($v) { return $v !== ''; }) : [];
$outlet_id = !empty($outlet_ids) ? (int)reset($outlet_ids) : null;
$assigned_outlets = !empty($outlet_ids) ? implode(',', array_map('intval', $outlet_ids)) : null;
if ($id && $username) {
$stmt = db()->prepare("UPDATE users SET username = ?, email = ?, phone = ?, group_id = ?, status = ?, outlet_id = ? WHERE id = ?");
$stmt->execute([$username, $email, $phone, $group_id, $status, $outlet_id, $id]);
$stmt = db()->prepare("UPDATE users SET username = ?, email = ?, phone = ?, group_id = ?, status = ?, outlet_id = ?, assigned_outlets = ? WHERE id = ?");
$stmt->execute([$username, $email, $phone, $group_id, $status, $outlet_id, $assigned_outlets, $id]);
if (!empty($_POST['password'])) {
$hashed_password = password_hash($_POST['password'], PASSWORD_DEFAULT);
@ -4776,10 +4785,18 @@ $projectDescription = $_SERVER['PROJECT_DESCRIPTION'] ?? 'Accounting System';
</div>
<?php endif; ?>
<?php
if (($_SESSION['user_role_name'] ?? '') === 'Administrator'):
$outlets = db()->query("SELECT * FROM outlets WHERE status = 'active'")->fetchAll(PDO::FETCH_ASSOC);
$is_admin = ($_SESSION['user_role_name'] ?? '') === 'Administrator';
$assigned_outlets_str = $_SESSION['assigned_outlets'] ?? '';
$assigned_outlets_arr = array_filter(explode(',', $assigned_outlets_str));
if ($is_admin || count($assigned_outlets_arr) > 1):
if ($is_admin) {
$outlets = db()->query("SELECT * FROM outlets WHERE status = 'active'")->fetchAll(PDO::FETCH_ASSOC);
} else {
$in_clause = implode(',', array_map('intval', $assigned_outlets_arr));
$outlets = db()->query("SELECT * FROM outlets WHERE status = 'active' AND id IN ($in_clause)")->fetchAll(PDO::FETCH_ASSOC);
}
$cur_out = $_SESSION['outlet_id'] ?? 0;
$cur_name = 'All Outlets';
$cur_name = $is_admin ? 'All Outlets' : (count($outlets) > 0 ? $outlets[0]['name'] : 'Select Outlet');
foreach ($outlets as $o) { if ($o['id'] == $cur_out) $cur_name = $o['name']; }
?>
<div class="dropdown me-3">
@ -4787,8 +4804,10 @@ $projectDescription = $_SERVER['PROJECT_DESCRIPTION'] ?? 'Accounting System';
<i class="bi bi-shop"></i> <span class="d-none d-md-inline"><?= htmlspecialchars($cur_name) ?></span>
</button>
<ul class="dropdown-menu shadow-sm border-0">
<?php if ($is_admin): ?>
<li><a class="dropdown-item <?= $cur_out == 0 ? 'active' : '' ?>" href="index.php?action=switch_outlet&id=0">All Outlets</a></li>
<li><hr class="dropdown-divider"></li>
<?php endif; ?>
<?php foreach ($outlets as $o): ?>
<li><a class="dropdown-item <?= $cur_out == $o['id'] ? 'active' : '' ?>" href="index.php?action=switch_outlet&id=<?= $o['id'] ?>"><?= htmlspecialchars($o['name']) ?></a></li>
<?php endforeach; ?>
@ -10177,7 +10196,7 @@ $projectDescription = $_SERVER['PROJECT_DESCRIPTION'] ?? 'Accounting System';
</div>
<?php if (can('users_add')): ?>
<button class="btn btn-primary rounded-pill px-4" data-bs-toggle="modal" data-bs-target="#addUserModal">
<i class="bi bi-person-plus me-1"></i> <span data-en="Invite User" data-ar="دعوة مستخدم">Invite User</span>
<i class="bi bi-person-plus me-1"></i> <span data-en="Add User" data-ar="دعوة مستخدم">Add User</span>
</button>
<?php endif; ?>
</div>
@ -10217,18 +10236,24 @@ $projectDescription = $_SERVER['PROJECT_DESCRIPTION'] ?? 'Accounting System';
</span>
</td>
<td>
<span class="badge rounded-pill bg-secondary bg-opacity-10 text-secondary px-3">
<div class="d-flex flex-wrap gap-1">
<?php
$out_name = "Global / All Outlets";
foreach (($data["outlets"] ?? []) as $out) {
if ($out["id"] == $u["outlet_id"]) {
$out_name = $out["name"];
break;
$out_names = [];
$assigned = array_filter(explode(',', $u['assigned_outlets'] ?? ''));
if (empty($assigned) && !empty($u['outlet_id'])) {
$assigned = [$u['outlet_id']];
}
if (empty($assigned)) {
echo '<span class="badge rounded-pill bg-secondary bg-opacity-10 text-secondary px-3">Global / All Outlets</span>';
} else {
foreach (($data["outlets"] ?? []) as $out) {
if (in_array($out["id"], $assigned)) {
echo '<span class="badge rounded-pill bg-secondary bg-opacity-10 text-secondary px-2 py-1">' . htmlspecialchars($out["name"]) . '</span>';
}
}
}
echo htmlspecialchars($out_name);
?>
</span>
</div>
</td>
<td>
<div class="text-dark small mb-1"><i class="bi bi-envelope me-1"></i> <?= htmlspecialchars((string)($u['email'] ?? '')) ?></div>
@ -10242,24 +10267,18 @@ $projectDescription = $_SERVER['PROJECT_DESCRIPTION'] ?? 'Accounting System';
<?php endif; ?>
</td>
<td class="text-end pe-4">
<div class="dropdown">
<button class="btn btn-light btn-sm rounded-circle" type="button" data-bs-toggle="dropdown">
<i class="bi bi-three-dots-vertical"></i>
<div class="d-flex justify-content-end gap-2">
<?php if (can('users_edit')): ?>
<button class="btn btn-light btn-sm text-primary" data-bs-toggle="modal" data-bs-target="#editUserModal<?= $u['id'] ?>" title="Edit Profile">
<i class="bi bi-pencil"></i>
</button>
<ul class="dropdown-menu dropdown-menu-end shadow-sm border-0">
<?php if (can('users_edit')): ?>
<li><a class="dropdown-item" href="#" data-bs-toggle="modal" data-bs-target="#editUserModal<?= $u['id'] ?>"><i class="bi bi-pencil me-2 text-primary"></i> Edit Profile</a></li>
<?php endif; ?>
<?php if (can('users_delete')): ?>
<li><hr class="dropdown-divider"></li>
<li>
<form method="POST" onsubmit="return confirm('Deactivate this user account?')">
<input type="hidden" name="id" value="<?= $u['id'] ?>">
<button type="submit" name="delete_user" class="dropdown-item text-danger"><i class="bi bi-trash me-2"></i> Remove Access</button>
</form>
</li>
<?php endif; ?>
</ul>
<?php endif; ?>
<?php if (can('users_delete')): ?>
<form method="POST" onsubmit="return confirm('Deactivate this user account?')" class="d-inline">
<input type="hidden" name="id" value="<?= $u['id'] ?>">
<button type="submit" name="delete_user" class="btn btn-light btn-sm text-danger" title="Remove Access"><i class="bi bi-trash"></i></button>
</form>
<?php endif; ?>
</div>
<!-- Edit User Modal -->
@ -10295,13 +10314,16 @@ $projectDescription = $_SERVER['PROJECT_DESCRIPTION'] ?? 'Accounting System';
</select>
</div>
<div class="mb-3">
<label class="form-label fw-semibold" data-en="Assigned Outlet" data-ar="الفرع">Assigned Outlet</label>
<select name="outlet_id" class="form-select">
<label class="form-label fw-semibold" data-en="Assigned Outlets" data-ar="الفروع المخصصة">Assigned Outlets</label>
<select name="outlet_ids[]" class="form-select" multiple size="4">
<option value="">--- Global (Admin only) ---</option>
<?php foreach (($data['outlets'] ?? []) as $o): ?>
<option value="<?= $o['id'] ?>" <?= ($u['outlet_id'] ?? null) == $o['id'] ? 'selected' : '' ?>><?= htmlspecialchars($o['name']) ?></option>
<?php
$assigned = explode(',', $u['assigned_outlets'] ?? '');
foreach (($data['outlets'] ?? []) as $o): ?>
<option value="<?= $o['id'] ?>" <?= in_array($o['id'], $assigned) || ($u['outlet_id'] ?? null) == $o['id'] ? 'selected' : '' ?>><?= htmlspecialchars($o['name']) ?></option>
<?php endforeach; ?>
</select>
<div class="form-text small" data-en="Hold Ctrl/Cmd to select multiple outlets." data-ar="اضغط على Ctrl/Cmd لتحديد فروع متعددة.">Hold Ctrl/Cmd to select multiple outlets.</div>
</div>
<div class="mb-3">
<label class="form-label fw-semibold" data-en="Account Status" data-ar="حالة الحساب">Account Status</label>
@ -11252,13 +11274,14 @@ $projectDescription = $_SERVER['PROJECT_DESCRIPTION'] ?? 'Accounting System';
</select>
</div>
<div class="mb-3">
<label class="form-label" data-en="Assigned Outlet" data-ar="الفرع">Assigned Outlet</label>
<select name="outlet_id" class="form-select">
<label class="form-label" data-en="Assigned Outlets" data-ar="الفروع المخصصة">Assigned Outlets</label>
<select name="outlet_ids[]" class="form-select" multiple size="4">
<option value="">--- Global (Admin only) ---</option>
<?php foreach (($data['outlets'] ?? []) as $o): ?>
<option value="<?= $o['id'] ?>"><?= htmlspecialchars($o['name']) ?></option>
<?php endforeach; ?>
</select>
<div class="form-text small" data-en="Hold Ctrl/Cmd to select multiple outlets." data-ar="اضغط على Ctrl/Cmd لتحديد فروع متعددة.">Hold Ctrl/Cmd to select multiple outlets.</div>
</div>
</div>
<div class="modal-footer">

99
patch_users_1.php Normal file
View File

@ -0,0 +1,99 @@
<?php
$file = 'index.php';
$content = file_get_contents($file);
// Replace login script to store assigned_outlets
$content = str_replace(
" \$_SESSION['outlet_id'] = \$u['outlet_id'];",
" \$_SESSION['outlet_id'] = \$u['outlet_id'];\n \$_SESSION['assigned_outlets'] = \$u['assigned_outlets'];",
$content
);
// Replace switch_outlet logic
$old_switch = <<<EOD
if (isset(\$_GET['action']) && \$_GET['action'] === 'switch_outlet') {
\$target = (int)\$_GET['id'];
if ((\$_SESSION['user_role_name'] ?? '') === 'Administrator') {
\$_SESSION['outlet_id'] = \$target === 0 ? null : \$target;
}
header("Location: " . (\$_SERVER['HTTP_REFERER'] ?? 'index.php'));
exit;
}
EOD;
$new_switch = <<<EOD
if (isset(\$_GET['action']) && \$_GET['action'] === 'switch_outlet') {
\$target = (int)\$_GET['id'];
\$is_admin = (\$_SESSION['user_role_name'] ?? '') === 'Administrator';
\$assigned_outlets = isset(\$_SESSION['assigned_outlets']) ? explode(',', \$_SESSION['assigned_outlets']) : [];
if (\$is_admin || in_array(\$target, \$assigned_outlets)) {
\$_SESSION['outlet_id'] = (\$target === 0 && \$is_admin) ? null : \$target;
}
header("Location: " . (\$_SERVER['HTTP_REFERER'] ?? 'index.php'));
exit;
}
EOD;
$content = str_replace($old_switch, $new_switch, $content);
// Update nav dropdown logic
$old_nav = <<<EOD
<?php
if ((\$_SESSION['user_role_name'] ?? '') === 'Administrator'):
\$outlets = db()->query("SELECT * FROM outlets WHERE status = 'active'")->fetchAll(PDO::FETCH_ASSOC);
\$cur_out = \$_SESSION['outlet_id'] ?? 0;
\$cur_name = 'All Outlets';
foreach (\$outlets as \$o) { if (\$o['id'] == \$cur_out) \$cur_name = \$o['name']; }
?>
<div class="dropdown me-3">
<button class="btn btn-outline-primary btn-sm dropdown-toggle" type="button" data-bs-toggle="dropdown">
<i class="bi bi-shop"></i> <span class="d-none d-md-inline"><?= htmlspecialchars(\$cur_name) ?></span>
</button>
<ul class="dropdown-menu shadow-sm border-0">
<li><a class="dropdown-item <?= \$cur_out == 0 ? 'active' : '' ?>" href="index.php?action=switch_outlet&id=0">All Outlets</a></li>
<li><hr class="dropdown-divider"></li>
<?php foreach (\$outlets as \$o): ?>
<li><a class="dropdown-item <?= \$cur_out == \$o['id'] ? 'active' : '' ?>" href="index.php?action=switch_outlet&id=<?= \$o['id'] ?>"><?= htmlspecialchars(\$o['name']) ?></a></li>
<?php endforeach; ?>
</ul>
</div>
<?php endif; ?>
EOD;
$new_nav = <<<EOD
<?php
\$is_admin = (\$_SESSION['user_role_name'] ?? '') === 'Administrator';
\$assigned_outlets_str = \$_SESSION['assigned_outlets'] ?? '';
\$assigned_outlets_arr = array_filter(explode(',', \$assigned_outlets_str));
if (\$is_admin || count(\$assigned_outlets_arr) > 1):
if (\$is_admin) {
\$outlets = db()->query("SELECT * FROM outlets WHERE status = 'active'")->fetchAll(PDO::FETCH_ASSOC);
} else {
\$in_clause = implode(',', array_map('intval', \$assigned_outlets_arr));
\$outlets = db()->query("SELECT * FROM outlets WHERE status = 'active' AND id IN (\$in_clause)")->fetchAll(PDO::FETCH_ASSOC);
}
\$cur_out = \$_SESSION['outlet_id'] ?? 0;
\$cur_name = \$is_admin ? 'All Outlets' : (count(\$outlets) > 0 ? \$outlets[0]['name'] : 'Select Outlet');
foreach (\$outlets as \$o) { if (\$o['id'] == \$cur_out) \$cur_name = \$o['name']; }
?>
<div class="dropdown me-3">
<button class="btn btn-outline-primary btn-sm dropdown-toggle" type="button" data-bs-toggle="dropdown">
<i class="bi bi-shop"></i> <span class="d-none d-md-inline"><?= htmlspecialchars(\$cur_name) ?></span>
</button>
<ul class="dropdown-menu shadow-sm border-0">
<?php if (\$is_admin): ?>
<li><a class="dropdown-item <?= \$cur_out == 0 ? 'active' : '' ?>" href="index.php?action=switch_outlet&id=0">All Outlets</a></li>
<li><hr class="dropdown-divider"></li>
<?php endif; ?>
<?php foreach (\$outlets as \$o): ?>
<li><a class="dropdown-item <?= \$cur_out == \$o['id'] ? 'active' : '' ?>" href="index.php?action=switch_outlet&id=<?= \$o['id'] ?>"><?= htmlspecialchars(\$o['name']) ?></a></li>
<?php endforeach; ?>
</ul>
</div>
<?php endif; ?>
EOD;
$content = str_replace($old_nav, $new_nav, $content);
file_put_contents($file, $content);
echo "Patch 1 applied.\n";

44
patch_users_2.php Normal file
View File

@ -0,0 +1,44 @@
<?php
$file = 'index.php';
$content = file_get_contents($file);
// add_user backend
$old_add = <<<EOD
\$outlet_id = !empty(\$_POST['outlet_id']) ? (int)\$_POST['outlet_id'] : null;
\$stmt = db()->prepare("INSERT INTO users (username, password, email, phone, group_id, outlet_id) VALUES (?, ?, ?, ?, ?, ?)");
try {
\$stmt->execute([\$username, \$hashed_password, \$email, \$phone, \$group_id, \$outlet_id]);
EOD;
$new_add = <<<EOD
\$outlet_ids = !empty(\$_POST['outlet_ids']) && is_array(\$_POST['outlet_ids']) ? \$_POST['outlet_ids'] : [];
\$outlet_id = !empty(\$outlet_ids) ? (int)\$outlet_ids[0] : null;
\$assigned_outlets = !empty(\$outlet_ids) ? implode(',', array_map('intval', \$outlet_ids)) : null;
\$stmt = db()->prepare("INSERT INTO users (username, password, email, phone, group_id, outlet_id, assigned_outlets) VALUES (?, ?, ?, ?, ?, ?, ?)");
try {
\$stmt->execute([\$username, \$hashed_password, \$email, \$phone, \$group_id, \$outlet_id, \$assigned_outlets]);
EOD;
$content = str_replace($old_add, $new_add, $content);
// edit_user backend
$old_edit = <<<EOD
\$outlet_id = !empty(\$_POST['outlet_id']) ? (int)\$_POST['outlet_id'] : null;
if (\$id && \$username) {
\$stmt = db()->prepare("UPDATE users SET username = ?, email = ?, phone = ?, group_id = ?, status = ?, outlet_id = ? WHERE id = ?");
\$stmt->execute([\$username, \$email, \$phone, \$group_id, \$status, \$outlet_id, \$id]);
EOD;
$new_edit = <<<EOD
\$outlet_ids = !empty(\$_POST['outlet_ids']) && is_array(\$_POST['outlet_ids']) ? \$_POST['outlet_ids'] : [];
\$outlet_id = !empty(\$outlet_ids) ? (int)\$outlet_ids[0] : null;
\$assigned_outlets = !empty(\$outlet_ids) ? implode(',', array_map('intval', \$outlet_ids)) : null;
if (\$id && \$username) {
\$stmt = db()->prepare("UPDATE users SET username = ?, email = ?, phone = ?, group_id = ?, status = ?, outlet_id = ?, assigned_outlets = ? WHERE id = ?");
\$stmt->execute([\$username, \$email, \$phone, \$group_id, \$status, \$outlet_id, \$assigned_outlets, \$id]);
EOD;
$content = str_replace($old_edit, $new_edit, $content);
file_put_contents($file, $content);
echo "Patch 2 applied.\n";

64
patch_users_3.php Normal file
View File

@ -0,0 +1,64 @@
<?php
$file = 'index.php';
$content = file_get_contents($file);
// add_user form
$old_add_ui = <<<EOD
<div class="mb-3">
<label class="form-label" data-en="Assigned Outlet" data-ar="الفرع">Assigned Outlet</label>
<select name="outlet_id" class="form-select">
<option value="">--- Global (Admin only) ---</option>
<?php foreach ((\$data['outlets'] ?? []) as \$o): ?>
<option value="<?= \$o['id'] ?>"><?= htmlspecialchars(\$o['name']) ?></option>
<?php endforeach; ?>
</select>
</div>
EOD;
$new_add_ui = <<<EOD
<div class="mb-3">
<label class="form-label" data-en="Assigned Outlets" data-ar="الفروع المخصصة">Assigned Outlets</label>
<select name="outlet_ids[]" class="form-select" multiple size="4">
<option value="">--- Global (Admin only) ---</option>
<?php foreach ((\$data['outlets'] ?? []) as \$o): ?>
<option value="<?= \$o['id'] ?>"><?= htmlspecialchars(\$o['name']) ?></option>
<?php endforeach; ?>
</select>
<div class="form-text small" data-en="Hold Ctrl/Cmd to select multiple outlets." data-ar="اضغط على Ctrl/Cmd لتحديد فروع متعددة.">Hold Ctrl/Cmd to select multiple outlets.</div>
</div>
EOD;
$content = str_replace($old_add_ui, $new_add_ui, $content);
// edit_user form
$old_edit_ui = <<<EOD
<div class="mb-3">
<label class="form-label fw-semibold" data-en="Assigned Outlet" data-ar="الفرع">Assigned Outlet</label>
<select name="outlet_id" class="form-select">
<option value="">--- Global (Admin only) ---</option>
<?php foreach ((\$data['outlets'] ?? []) as \$o): ?>
<option value="<?= \$o['id'] ?>" <?= (\$u['outlet_id'] ?? null) == \$o['id'] ? 'selected' : '' ?>><?= htmlspecialchars(\$o['name']) ?></option>
<?php endforeach; ?>
</select>
</div>
EOD;
$new_edit_ui = <<<EOD
<div class="mb-3">
<label class="form-label fw-semibold" data-en="Assigned Outlets" data-ar="الفروع المخصصة">Assigned Outlets</label>
<select name="outlet_ids[]" class="form-select" multiple size="4">
<option value="">--- Global (Admin only) ---</option>
<?php
\$assigned = explode(',', \$u['assigned_outlets'] ?? '');
foreach ((\$data['outlets'] ?? []) as \$o): ?>
<option value="<?= \$o['id'] ?>" <?= in_array(\$o['id'], \$assigned) || (\$u['outlet_id'] ?? null) == \$o['id'] ? 'selected' : '' ?>><?= htmlspecialchars(\$o['name']) ?></option>
<?php endforeach; ?>
</select>
<div class="form-text small" data-en="Hold Ctrl/Cmd to select multiple outlets." data-ar="اضغط على Ctrl/Cmd لتحديد فروع متعددة.">Hold Ctrl/Cmd to select multiple outlets.</div>
</div>
EOD;
$content = str_replace($old_edit_ui, $new_edit_ui, $content);
file_put_contents($file, $content);
echo "Patch 3 applied.\n";

45
patch_users_4.php Normal file
View File

@ -0,0 +1,45 @@
<?php
$file = 'index.php';
$content = file_get_contents($file);
$old_action = <<<EOD
<div class="dropdown">
<button class="btn btn-light btn-sm rounded-circle" type="button" data-bs-toggle="dropdown">
<i class="bi bi-three-dots-vertical"></i>
</button>
<ul class="dropdown-menu dropdown-menu-end shadow-sm border-0">
<?php if (can('users_edit')): ?>
<li><a class="dropdown-item" href="#" data-bs-toggle="modal" data-bs-target="#editUserModal<?= \$u['id'] ?>"><i class="bi bi-pencil me-2 text-primary"></i> Edit Profile</a></li>
<?php endif; ?>
<?php if (can('users_delete')): ?>
<li><hr class="dropdown-divider"></li>
<li>
<form method="POST" onsubmit="return confirm('Deactivate this user account?')">
<input type="hidden" name="id" value="<?= \$u['id'] ?>">
<button type="submit" name="delete_user" class="dropdown-item text-danger"><i class="bi bi-trash me-2"></i> Remove Access</button>
</form>
</li>
<?php endif; ?>
</ul>
</div>
EOD;
$new_action = <<<EOD
<div class="d-flex justify-content-end gap-2">
<?php if (can('users_edit')): ?>
<button class="btn btn-light btn-sm text-primary" data-bs-toggle="modal" data-bs-target="#editUserModal<?= \$u['id'] ?>" title="Edit Profile">
<i class="bi bi-pencil"></i>
</button>
<?php endif; ?>
<?php if (can('users_delete')): ?>
<form method="POST" onsubmit="return confirm('Deactivate this user account?')" class="d-inline">
<input type="hidden" name="id" value="<?= \$u['id'] ?>">
<button type="submit" name="delete_user" class="btn btn-light btn-sm text-danger" title="Remove Access"><i class="bi bi-trash"></i></button>
</form>
<?php endif; ?>
</div>
EOD;
$content = str_replace($old_action, $new_action, $content);
file_put_contents($file, $content);
echo "Patch 4 applied.\n";

43
patch_users_5.php Normal file
View File

@ -0,0 +1,43 @@
<?php
$file = 'index.php';
$content = file_get_contents($file);
$old_display = <<<EOD
<span class="badge rounded-pill bg-secondary bg-opacity-10 text-secondary px-3">
<?php
\$out_name = "Global / All Outlets";
foreach ((\$data["outlets"] ?? []) as \$out) {
if (\$out["id"] == \$u["outlet_id"]) {
\$out_name = \$out["name"];
break;
}
}
echo htmlspecialchars(\$out_name);
?>
</span>
EOD;
$new_display = <<<EOD
<div class="d-flex flex-wrap gap-1">
<?php
\$out_names = [];
\$assigned = array_filter(explode(',', \$u['assigned_outlets'] ?? ''));
if (empty(\$assigned) && !empty(\$u['outlet_id'])) {
\$assigned = [\$u['outlet_id']];
}
if (empty(\$assigned)) {
echo '<span class="badge rounded-pill bg-secondary bg-opacity-10 text-secondary px-3">Global / All Outlets</span>';
} else {
foreach ((\$data["outlets"] ?? []) as \$out) {
if (in_array(\$out["id"], \$assigned)) {
echo '<span class="badge rounded-pill bg-secondary bg-opacity-10 text-secondary px-2 py-1">' . htmlspecialchars(\$out["name"]) . '</span>';
}
}
}
?>
</div>
EOD;
$content = str_replace($old_display, $new_display, $content);
file_put_contents($file, $content);
echo "Patch 5 applied.\n";

44
patch_users_6.php Normal file
View File

@ -0,0 +1,44 @@
<?php
$file = 'index.php';
$content = file_get_contents($file);
// add_user
$old_add = <<<EOD
\$outlet_ids = !empty(\$_POST['outlet_ids']) && is_array(\$_POST['outlet_ids']) ? \$_POST['outlet_ids'] : [];
\$outlet_id = !empty(\$outlet_ids) ? (int)\$outlet_ids[0] : null;
\$assigned_outlets = !empty(\$outlet_ids) ? implode(',', array_map('intval', \$outlet_ids)) : null;
\$stmt = db()->prepare("INSERT INTO users (username, password, email, phone, group_id, outlet_id, assigned_outlets) VALUES (?, ?, ?, ?, ?, ?, ?)");
EOD;
$new_add = <<<EOD
\$outlet_ids = !empty(\$_POST['outlet_ids']) && is_array(\$_POST['outlet_ids']) ? array_filter(\$_POST['outlet_ids'], function(\$v) { return \$v !== ''; }) : [];
\$outlet_id = !empty(\$outlet_ids) ? (int)reset(\$outlet_ids) : null;
\$assigned_outlets = !empty(\$outlet_ids) ? implode(',', array_map('intval', \$outlet_ids)) : null;
\$stmt = db()->prepare("INSERT INTO users (username, password, email, phone, group_id, outlet_id, assigned_outlets) VALUES (?, ?, ?, ?, ?, ?, ?)");
EOD;
$content = str_replace($old_add, $new_add, $content);
// edit_user
$old_edit = <<<EOD
\$outlet_ids = !empty(\$_POST['outlet_ids']) && is_array(\$_POST['outlet_ids']) ? \$_POST['outlet_ids'] : [];
\$outlet_id = !empty(\$outlet_ids) ? (int)\$outlet_ids[0] : null;
\$assigned_outlets = !empty(\$outlet_ids) ? implode(',', array_map('intval', \$outlet_ids)) : null;
if (\$id && \$username) {
\$stmt = db()->prepare("UPDATE users SET username = ?, email = ?, phone = ?, group_id = ?, status = ?, outlet_id = ?, assigned_outlets = ? WHERE id = ?");
EOD;
$new_edit = <<<EOD
\$outlet_ids = !empty(\$_POST['outlet_ids']) && is_array(\$_POST['outlet_ids']) ? array_filter(\$_POST['outlet_ids'], function(\$v) { return \$v !== ''; }) : [];
\$outlet_id = !empty(\$outlet_ids) ? (int)reset(\$outlet_ids) : null;
\$assigned_outlets = !empty(\$outlet_ids) ? implode(',', array_map('intval', \$outlet_ids)) : null;
if (\$id && \$username) {
\$stmt = db()->prepare("UPDATE users SET username = ?, email = ?, phone = ?, group_id = ?, status = ?, outlet_id = ?, assigned_outlets = ? WHERE id = ?");
EOD;
$content = str_replace($old_edit, $new_edit, $content);
file_put_contents($file, $content);
echo "Patch 6 applied.\n";