38676-vm/admin.php

<?php
require_once 'db/config.php';
session_start();
$db = db();

// Auth Check: Must be logged in and be admin
if (!isset($_SESSION['user_id'])) {
    header("Location: auth.php?page=login");
    exit;
}

$user_id = $_SESSION['user_id'];
$user_stmt = $db->prepare("SELECT role FROM users WHERE id = ?");
$user_stmt->execute([$user_id]);
$current_user = $user_stmt->fetch();

if (!$current_user || $current_user['role'] !== 'admin') {
    die("Accès refusé. Cette console est réservée aux Administrateurs.");
}

$tab = isset($_GET['tab']) ? $_GET['tab'] : 'users';

// --- HANDLERS ---

// Handle User Role Update
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'update_user_role') {
    $target_user_id = (int)$_POST['target_user_id'];
    $new_role = $_POST['new_role'];
    if (in_array($new_role, ['user', 'gm', 'admin'])) {
        $stmt = $db->prepare("UPDATE users SET role = ? WHERE id = ?");
        $stmt->execute([$new_role, $target_user_id]);
    }
    header("Location: admin.php?tab=users&success=1");
    exit;
}

// Handle Celestial Object Type CRUD
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'upsert_object_type') {
    $id = (int)$_POST['id'];
    $name = $_POST['name'];
    $slug = $_POST['slug'];
    $icon = $_POST['icon'];
    $description = $_POST['description'];

    if ($id > 0) {
        $stmt = $db->prepare("UPDATE celestial_object_types SET name = ?, slug = ?, icon = ?, description = ? WHERE id = ?");
        $stmt->execute([$name, $slug, $icon, $description, $id]);
    } else {
        $stmt = $db->prepare("INSERT INTO celestial_object_types (name, slug, icon, description) VALUES (?, ?, ?, ?)");
        $stmt->execute([$name, $slug, $icon, $description]);
    }
    header("Location: admin.php?tab=objects&success=1");
    exit;
}

if (isset($_GET['delete_object'])) {
    $id = (int)$_GET['delete_object'];
    $db->prepare("DELETE FROM celestial_object_types WHERE id = ?")->execute([$id]);
    header("Location: admin.php?tab=objects&success=1");
    exit;
}

// Handle Status CRUD
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'upsert_status') {
    $id = (int)$_POST['id'];
    $name = $_POST['name'];
    $slug = $_POST['slug'];
    $color = $_POST['color'];
    $description = $_POST['description'];

    if ($id > 0) {
        $stmt = $db->prepare("UPDATE celestial_object_statuses SET name = ?, slug = ?, color = ?, description = ? WHERE id = ?");
        $stmt->execute([$name, $slug, $color, $description, $id]);
    } else {
        $stmt = $db->prepare("INSERT INTO celestial_object_statuses (name, slug, color, description) VALUES (?, ?, ?, ?)");
        $stmt->execute([$name, $slug, $color, $description]);
    }
    header("Location: admin.php?tab=statuses&success=1");
    exit;
}

if (isset($_GET['delete_status'])) {
    $id = (int)$_GET['delete_status'];
    $db->prepare("DELETE FROM celestial_object_statuses WHERE id = ?")->execute([$id]);
    header("Location: admin.php?tab=statuses&success=1");
    exit;
}

// Handle Settlement Type CRUD
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'upsert_settlement') {
    $id = (int)$_POST['id'];
    $name = $_POST['name'];
    $slug = $_POST['slug'];
    $description = $_POST['description'];

    if ($id > 0) {
        $stmt = $db->prepare("UPDATE settlement_types SET name = ?, slug = ?, description = ? WHERE id = ?");
        $stmt->execute([$name, $slug, $description, $id]);
    } else {
        $stmt = $db->prepare("INSERT INTO settlement_types (name, slug, description) VALUES (?, ?, ?)");
        $stmt->execute([$name, $slug, $description]);
    }
    header("Location: admin.php?tab=settlements&success=1");
    exit;
}

if (isset($_GET['delete_settlement'])) {
    $id = (int)$_GET['delete_settlement'];
    $db->prepare("DELETE FROM settlement_types WHERE id = ?")->execute([$id]);
    header("Location: admin.php?tab=settlements&success=1");
    exit;
}

// --- DATA FETCHING ---
$users_list = [];
$objects_list = [];
$statuses_list = [];
$settlements_list = [];

if ($tab === 'users') {
    $users_list = $db->query("SELECT id, username, email, role FROM users ORDER BY username ASC")->fetchAll();
} elseif ($tab === 'objects') {
    $objects_list = $db->query("SELECT * FROM celestial_object_types ORDER BY name ASC")->fetchAll();
} elseif ($tab === 'statuses') {
    $statuses_list = $db->query("SELECT * FROM celestial_object_statuses ORDER BY name ASC")->fetchAll();
} elseif ($tab === 'settlements') {
    $settlements_list = $db->query("SELECT * FROM settlement_types ORDER BY name ASC")->fetchAll();
}

?>
<!DOCTYPE html>
<html lang="fr">
<head>
    <meta charset="UTF-8">
    <title>Console Admin - Nexus</title>
    <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css" rel="stylesheet">
    <link href="assets/css/custom.css?v=<?php echo time(); ?>" rel="stylesheet">
    <style>
        body { background: #000; color: #fff; font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif; margin: 0; }
        header { background: #1a202c; padding: 10px 20px; border-bottom: 2px solid #2d3545; display: flex; justify-content: space-between; align-items: center; }
        .nav-links a { color: #88c0d0; text-decoration: none; margin-right: 20px; font-weight: bold; font-size: 14px; }
        .nav-links a:hover { color: #fff; }
        .container { padding: 40px; max-width: 1200px; margin: 0 auto; }
        
        .tabs { display: flex; gap: 5px; margin-bottom: 20px; border-bottom: 2px solid #2d3545; }
        .tab-link { padding: 10px 20px; text-decoration: none; color: #8c92a3; background: #0a0f1d; border: 1px solid #2d3545; border-bottom: none; font-weight: bold; font-size: 14px; }
        .tab-link.active { background: #1a202c; color: #88c0d0; border-bottom: 2px solid #88c0d0; }

        table { width: 100%; border-collapse: collapse; background: #0a0f1d; margin-top: 20px; }
        th, td { border: 1px solid #2d3545; padding: 12px; text-align: left; }
        th { background: #1a202c; color: #88c0d0; font-size: 13px; text-transform: uppercase; }
        
        .form-card { background: #1e293b; padding: 20px; border: 1px solid #334155; margin-bottom: 30px; }
        .form-group { margin-bottom: 15px; }
        .form-group label { display: block; font-size: 12px; color: #8c92a3; margin-bottom: 5px; }
        .form-group input, .form-group select, .form-group textarea { width: 100%; background: #0f172a; border: 1px solid #334155; color: #fff; padding: 8px; box-sizing: border-box; }
        
        .btn { border: none; padding: 8px 15px; cursor: pointer; font-weight: bold; border-radius: 4px; font-size: 12px; }
        .btn-add { background: #a3be8c; color: #000; }
        .btn-edit { background: #ebcb8b; color: #000; }
        .btn-del { background: #bf616a; color: #fff; text-decoration: none; }
        .btn-ok { background: #88c0d0; color: #000; }
        
        .success-msg { background: #a3be8c; color: #000; padding: 10px; margin-bottom: 20px; border-radius: 4px; font-weight: bold; }
    </style>
</head>
<body>
    <header>
        <div style="display: flex; align-items: center; gap: 20px;">
            <h2 style="margin: 0; color: #bf616a;"><i class="fa-solid fa-shield-halved"></i> CONSOLE ADMIN</h2>
            <nav class="nav-links">
                <a href="index.php"><i class="fa-solid fa-eye"></i> Vue Joueur</a>
                <a href="gm_console.php" target="_blank"><i class="fa-solid fa-headset"></i> Console MJ</a>
            </nav>
        </div>
        <div>
            <span style="font-weight: bold; color: #88c0d0;"><?php echo htmlspecialchars($_SESSION['username']); ?></span>
        </div>
    </header>

    <div class="container">
        <?php if (isset($_GET['success'])): ?>
            <div class="success-msg"><i class="fa-solid fa-check-circle"></i> Opération effectuée avec succès.</div>
        <?php endif; ?>

        <div class="tabs">
            <a href="?tab=users" class="tab-link <?php echo $tab === 'users' ? 'active' : ''; ?>"><i class="fa-solid fa-users"></i> Utilisateurs</a>
            <a href="?tab=objects" class="tab-link <?php echo $tab === 'objects' ? 'active' : ''; ?>"><i class="fa-solid fa-earth-europe"></i> Objets Célestes</a>
            <a href="?tab=statuses" class="tab-link <?php echo $tab === 'statuses' ? 'active' : ''; ?>"><i class="fa-solid fa-signal"></i> Statuts / États</a>
            <a href="?tab=settlements" class="tab-link <?php echo $tab === 'settlements' ? 'active' : ''; ?>"><i class="fa-solid fa-city"></i> Villes / Avant-postes</a>
        </div>

        <?php if ($tab === 'users'): ?>
            <h3 style="color: #88c0d0;">Gestion des Rôles</h3>
            <table>
                <thead>
                    <tr><th>Utilisateur</th><th>Email</th><th>Rôle Actuel</th><th>Nouveau Rôle</th></tr>
                </thead>
                <tbody>
                    <?php foreach ($users_list as $u): ?>
                        <tr>
                            <td><strong><?php echo htmlspecialchars($u['username']); ?></strong></td>
                            <td><?php echo htmlspecialchars($u['email']); ?></td>
                            <td>
                                <span style="background: <?php echo $u['role'] === 'admin' ? '#bf616a' : ($u['role'] === 'gm' ? '#ebcb8b' : '#4c566a'); ?>; padding: 2px 8px; border-radius: 10px; font-size: 11px; color: #000; font-weight: bold;">
                                    <?php echo strtoupper($u['role']); ?>
                                </span>
                            </td>
                            <td>
                                <form method="POST" style="display: flex; gap: 10px;">
                                    <input type="hidden" name="action" value="update_user_role">
                                    <input type="hidden" name="target_user_id" value="<?php echo $u['id']; ?>">
                                    <select name="new_role">
                                        <option value="user" <?php echo $u['role'] === 'user' ? 'selected' : ''; ?>>Utilisateur</option>
                                        <option value="gm" <?php echo $u['role'] === 'gm' ? 'selected' : ''; ?>>Maître du Jeu (MJ)</option>
                                        <option value="admin" <?php echo $u['role'] === 'admin' ? 'selected' : ''; ?>>Administrateur</option>
                                    </select>
                                    <button type="submit" class="btn btn-ok">Modifier</button>
                                </form>
                            </td>
                        </tr>
                    <?php endforeach; ?>
                </tbody>
            </table>

        <?php elseif ($tab === 'objects'): ?>
            <h3 style="color: #88c0d0;">Objets Célestes</h3>
            <div class="form-card">
                <h4>Ajouter / Modifier un Objet</h4>
                <form method="POST" id="objectForm">
                    <input type="hidden" name="action" value="upsert_object_type">
                    <input type="hidden" name="id" id="obj_id" value="0">
                    <div style="display: flex; gap: 20px;">
                        <div class="form-group" style="flex: 1;">
                            <label>Nom (Affichage)</label>
                            <input type="text" name="name" id="obj_name" required placeholder="Ex: Planète">
                        </div>
                        <div class="form-group" style="flex: 1;">
                            <label>Slug (Identifiant technique)</label>
                            <input type="text" name="slug" id="obj_slug" required placeholder="Ex: planet">
                        </div>
                        <div class="form-group" style="flex: 1;">
                            <label>Icône (FontAwesome)</label>
                            <input type="text" name="icon" id="obj_icon" required placeholder="Ex: fa-earth-europe">
                        </div>
                    </div>
                    <div class="form-group">
                        <label>Description</label>
                        <textarea name="description" id="obj_desc" rows="2"></textarea>
                    </div>
                    <button type="submit" class="btn btn-add">ENREGISTRER L'OBJET</button>
                    <button type="button" class="btn" style="background: #4c566a; color: #fff;" onclick="resetObjectForm()">ANNULER</button>
                </form>
            </div>

            <table>
                <thead><tr><th>Icône</th><th>Nom</th><th>Slug</th><th>Actions</th></tr></thead>
                <tbody>
                    <?php foreach ($objects_list as $o): ?>
                        <tr>
                            <td><i class="fa-solid <?php echo htmlspecialchars($o['icon']); ?> fa-lg"></i></td>
                            <td><strong><?php echo htmlspecialchars($o['name']); ?></strong></td>
                            <td><code><?php echo htmlspecialchars($o['slug']); ?></code></td>
                            <td>
                                <button class="btn btn-edit" onclick='editObject(<?php echo json_encode($o); ?>)'>Editer</button>
                                <a href="?tab=objects&delete_object=<?php echo $o['id']; ?>" class="btn btn-del" onclick="return confirm('Supprimer cet objet ?')">Suppr</a>
                            </td>
                        </tr>
                    <?php endforeach; ?>
                </tbody>
            </table>

        <?php elseif ($tab === 'statuses'): ?>
            <h3 style="color: #88c0d0;">Statuts / États</h3>
            <div class="form-card">
                <h4>Ajouter / Modifier un Statut</h4>
                <form method="POST" id="statusForm">
                    <input type="hidden" name="action" value="upsert_status">
                    <input type="hidden" name="id" id="st_id" value="0">
                    <div style="display: flex; gap: 20px;">
                        <div class="form-group" style="flex: 1;">
                            <label>Nom du Statut</label>
                            <input type="text" name="name" id="st_name" required>
                        </div>
                        <div class="form-group" style="flex: 1;">
                            <label>Slug</label>
                            <input type="text" name="slug" id="st_slug" required>
                        </div>
                        <div class="form-group" style="flex: 1;">
                            <label>Couleur (Hex ou CSS)</label>
                            <input type="text" name="color" id="st_color" required placeholder="Ex: #ef4444">
                        </div>
                    </div>
                    <div class="form-group">
                        <label>Description</label>
                        <textarea name="description" id="st_desc" rows="2"></textarea>
                    </div>
                    <button type="submit" class="btn btn-add">ENREGISTRER LE STATUT</button>
                    <button type="button" class="btn" style="background: #4c566a; color: #fff;" onclick="resetStatusForm()">ANNULER</button>
                </form>
            </div>

            <table>
                <thead><tr><th>Couleur</th><th>Nom</th><th>Slug</th><th>Actions</th></tr></thead>
                <tbody>
                    <?php foreach ($statuses_list as $s): ?>
                        <tr>
                            <td><div style="width: 20px; height: 20px; background: <?php echo $s['color']; ?>; border: 1px solid #fff;"></div></td>
                            <td><strong><?php echo htmlspecialchars($s['name']); ?></strong></td>
                            <td><code><?php echo htmlspecialchars($s['slug']); ?></code></td>
                            <td>
                                <button class="btn btn-edit" onclick='editStatus(<?php echo json_encode($s); ?>)'>Editer</button>
                                <a href="?tab=statuses&delete_status=<?php echo $s['id']; ?>" class="btn btn-del" onclick="return confirm('Supprimer ce statut ?')">Suppr</a>
                            </td>
                        </tr>
                    <?php endforeach; ?>
                </tbody>
            </table>

        <?php elseif ($tab === 'settlements'): ?>
            <h3 style="color: #88c0d0;">Villes / Avant-postes</h3>
            <div class="form-card">
                <h4>Ajouter / Modifier un Type d'Établissement</h4>
                <form method="POST" id="settlementForm">
                    <input type="hidden" name="action" value="upsert_settlement">
                    <input type="hidden" name="id" id="set_id" value="0">
                    <div style="display: flex; gap: 20px;">
                        <div class="form-group" style="flex: 1;">
                            <label>Nom</label>
                            <input type="text" name="name" id="set_name" required>
                        </div>
                        <div class="form-group" style="flex: 1;">
                            <label>Slug</label>
                            <input type="text" name="slug" id="set_slug" required>
                        </div>
                    </div>
                    <div class="form-group">
                        <label>Description</label>
                        <textarea name="description" id="set_desc" rows="2"></textarea>
                    </div>
                    <button type="submit" class="btn btn-add">ENREGISTRER</button>
                    <button type="button" class="btn" style="background: #4c566a; color: #fff;" onclick="resetSettlementForm()">ANNULER</button>
                </form>
            </div>

            <table>
                <thead><tr><th>Nom</th><th>Slug</th><th>Description</th><th>Actions</th></tr></thead>
                <tbody>
                    <?php foreach ($settlements_list as $st): ?>
                        <tr>
                            <td><strong><?php echo htmlspecialchars($st['name']); ?></strong></td>
                            <td><code><?php echo htmlspecialchars($st['slug']); ?></code></td>
                            <td><small><?php echo htmlspecialchars($st['description']); ?></small></td>
                            <td>
                                <button class="btn btn-edit" onclick='editSettlement(<?php echo json_encode($st); ?>)'>Editer</button>
                                <a href="?tab=settlements&delete_settlement=<?php echo $st['id']; ?>" class="btn btn-del" onclick="return confirm('Supprimer ce type ?')">Suppr</a>
                            </td>
                        </tr>
                    <?php endforeach; ?>
                </tbody>
            </table>
        <?php endif; ?>
    </div>

    <script>
        function editObject(data) {
            document.getElementById('obj_id').value = data.id;
            document.getElementById('obj_name').value = data.name;
            document.getElementById('obj_slug').value = data.slug;
            document.getElementById('obj_icon').value = data.icon;
            document.getElementById('obj_desc').value = data.description;
            window.scrollTo(0,0);
        }
        function resetObjectForm() { document.getElementById('objectForm').reset(); document.getElementById('obj_id').value = 0; }

        function editStatus(data) {
            document.getElementById('st_id').value = data.id;
            document.getElementById('st_name').value = data.name;
            document.getElementById('st_slug').value = data.slug;
            document.getElementById('st_color').value = data.color;
            document.getElementById('st_desc').value = data.description;
            window.scrollTo(0,0);
        }
        function resetStatusForm() { document.getElementById('statusForm').reset(); document.getElementById('st_id').value = 0; }

        function editSettlement(data) {
            document.getElementById('set_id').value = data.id;
            document.getElementById('set_name').value = data.name;
            document.getElementById('set_slug').value = data.slug;
            document.getElementById('set_desc').value = data.description;
            window.scrollTo(0,0);
        }
        function resetSettlementForm() { document.getElementById('settlementForm').reset(); document.getElementById('set_id').value = 0; }
    </script>
</body>
</html>