148 lines
7.0 KiB
PHP
148 lines
7.0 KiB
PHP
<?php
|
|
require_once __DIR__ . '/../db/config.php';
|
|
require_once __DIR__ . '/../includes/functions.php';
|
|
|
|
$pdo = db();
|
|
require_permission('users_view');
|
|
|
|
$message = '';
|
|
|
|
// Handle Delete
|
|
if (isset($_GET['delete'])) {
|
|
if (!has_permission('users_del')) {
|
|
$message = '<div class="alert alert-danger border-0 shadow-sm rounded-3">Access Denied: You do not have permission to delete users.</div>';
|
|
} else {
|
|
$id = $_GET['delete'];
|
|
$pdo->prepare("DELETE FROM users WHERE id = ?")->execute([$id]);
|
|
header("Location: users.php");
|
|
exit;
|
|
}
|
|
}
|
|
|
|
// Handle Search
|
|
$search = $_GET['search'] ?? '';
|
|
$params = [];
|
|
$query = "SELECT u.*, g.name as group_name
|
|
FROM users u
|
|
LEFT JOIN user_groups g ON u.group_id = g.id";
|
|
|
|
if ($search) {
|
|
$query .= " WHERE u.username LIKE ? OR u.full_name LIKE ? OR u.email LIKE ? OR u.employee_id LIKE ?";
|
|
$params = ["%$search%", "%$search%", "%$search%", "%$search%"];
|
|
}
|
|
|
|
$query .= " ORDER BY u.id DESC";
|
|
$users_pagination = paginate_query($pdo, $query, $params);
|
|
$users = $users_pagination['data'];
|
|
|
|
include 'includes/header.php';
|
|
?>
|
|
|
|
<div class="d-flex justify-content-between align-items-center mb-4">
|
|
<div>
|
|
<h2 class="fw-bold mb-1">Users</h2>
|
|
<p class="text-muted mb-0">Manage system staff and access</p>
|
|
</div>
|
|
<?php if (has_permission('users_add')): ?>
|
|
<a href="user_edit.php" class="btn btn-primary btn-lg shadow-sm" style="border-radius: 10px;">
|
|
<i class="bi bi-person-plus me-1"></i> Add User
|
|
</a>
|
|
<?php endif; ?>
|
|
</div>
|
|
|
|
<?= $message ?>
|
|
|
|
<div class="card border-0 shadow-sm rounded-4 mb-4">
|
|
<div class="card-body p-0">
|
|
<div class="p-3 border-bottom bg-light bg-opacity-50">
|
|
<form method="GET" class="row g-2">
|
|
<div class="col-md-4">
|
|
<div class="input-group">
|
|
<span class="input-group-text bg-white border-end-0"><i class="bi bi-search text-muted"></i></span>
|
|
<input type="text" name="search" class="form-control border-start-0" placeholder="Search users..." value="<?= htmlspecialchars($search) ?>">
|
|
</div>
|
|
</div>
|
|
<div class="col-auto">
|
|
<button type="submit" class="btn btn-light border">Filter</button>
|
|
</div>
|
|
</form>
|
|
</div>
|
|
|
|
<div class="table-responsive">
|
|
<table class="table table-hover align-middle mb-0">
|
|
<thead class="bg-light">
|
|
<tr>
|
|
<th class="ps-4">User</th>
|
|
<th>Role / Group</th>
|
|
<th>Emp. ID</th>
|
|
<th>Email</th>
|
|
<th>Ratable</th>
|
|
<th>Status</th>
|
|
<th>Joined</th>
|
|
<th class="text-end pe-4">Actions</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
<?php foreach ($users as $user): ?>
|
|
<tr>
|
|
<td class="ps-4">
|
|
<div class="d-flex align-items-center">
|
|
<?php if ($user['profile_pic']): ?>
|
|
<img src="../<?= htmlspecialchars($user['profile_pic']) ?>?v=<?= time() ?>" alt="Profile" class="rounded-circle me-3 shadow-sm border border-2 border-white" style="width: 45px; height: 45px; object-fit: cover;">
|
|
<?php else: ?>
|
|
<div class="rounded-circle bg-primary bg-opacity-10 text-primary d-flex align-items-center justify-content-center me-3 shadow-sm" style="width: 45px; height: 45px; font-weight: 600;">
|
|
<?= strtoupper(substr($user['username'], 0, 1)) ?>
|
|
</div>
|
|
<?php endif; ?>
|
|
<div>
|
|
<div class="fw-bold text-dark"><?= htmlspecialchars($user['full_name'] ?: $user['username']) ?></div>
|
|
<div class="text-muted small">@<?= htmlspecialchars($user['username']) ?></div>
|
|
</div>
|
|
</div>
|
|
</td>
|
|
<td>
|
|
<span class="badge bg-info bg-opacity-10 text-info border border-info border-opacity-25 px-3 rounded-pill fw-medium">
|
|
<?= htmlspecialchars($user['group_name'] ?: 'No Group') ?>
|
|
</span>
|
|
</td>
|
|
<td><?= htmlspecialchars($user['employee_id'] ?: '-') ?></td>
|
|
<td><?= htmlspecialchars($user['email'] ?: '-') ?></td>
|
|
<td>
|
|
<?php if ($user['is_ratable']): ?>
|
|
<span class="badge bg-warning bg-opacity-10 text-warning border border-warning border-opacity-25 px-2 rounded-pill"><i class="bi bi-star-fill small"></i> Yes</span>
|
|
<?php else: ?>
|
|
<span class="badge bg-secondary bg-opacity-10 text-secondary border border-secondary border-opacity-25 px-2 rounded-pill">No</span>
|
|
<?php endif; ?>
|
|
</td>
|
|
<td>
|
|
<?php if ($user['is_active']): ?>
|
|
<span class="badge bg-success bg-opacity-10 text-success border border-success border-opacity-25 px-3 rounded-pill">Active</span>
|
|
<?php else: ?>
|
|
<span class="badge bg-danger bg-opacity-10 text-danger border border-danger border-opacity-25 px-3 rounded-pill">Inactive</span>
|
|
<?php endif; ?>
|
|
</td>
|
|
<td class="text-muted small"><?= date('M d, Y', strtotime($user['created_at'])) ?></td>
|
|
<td class="text-end pe-4">
|
|
<div class="d-inline-flex gap-2">
|
|
<?php if (has_permission('users_add')): ?>
|
|
<a href="user_edit.php?id=<?= $user['id'] ?>" class="btn btn-sm btn-outline-primary rounded-pill px-3">Edit</a>
|
|
<?php endif; ?>
|
|
|
|
<?php if (has_permission('users_del')): ?>
|
|
<a href="?delete=<?= $user['id'] ?>" class="btn btn-sm btn-outline-danger rounded-pill px-3" onclick="return confirm('Delete this user?')">Delete</a>
|
|
<?php endif; ?>
|
|
</div>
|
|
</td>
|
|
</tr>
|
|
<?php endforeach; ?>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
|
|
<div class="p-3 border-top">
|
|
<?php render_pagination_controls($users_pagination); ?>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<?php include 'includes/footer.php'; ?>
|