admin/38808-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update permissions

Browse Source
This commit is contained in:
Flatlogic Bot 2026-04-13 15:20:18 +00:00
parent 9f7d3b9c16
commit 80a446c20f
6 changed files with 543 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
events.php
View File

@ -44,7 +44,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_GET['ajax'])) {
exit;
}
if ($action === 'save' && ($can_add || $can_edit)) {
if ($action === 'save') {
$id = $_POST['id'] ?? 0;
$title = $_POST['title'] ?? '';
$date = $_POST['event_date'] ?? '';
@ -58,22 +58,37 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_GET['ajax'])) {
exit;
}
if ($id && $can_edit) {
$stmt = db()->prepare("UPDATE events SET title=?, description=?, event_date=?, start_time=?, end_time=?, location=? WHERE id=?");
$stmt->execute([$title, $description, $date, $start_time, $end_time, $location, $id]);
} elseif (!$id && $can_add) {
$stmt = db()->prepare("INSERT INTO events (title, description, event_date, start_time, end_time, location, created_by) VALUES (?, ?, ?, ?, ?, ?, ?)");
$stmt->execute([$title, $description, $date, $start_time, $end_time, $location, $_SESSION['user_id']]);
try {
if ($id && $can_edit) {
$stmt = db()->prepare("UPDATE events SET title=?, description=?, event_date=?, start_time=?, end_time=?, location=? WHERE id=?");
$stmt->execute([$title, $description, $date, $start_time, $end_time, $location, $id]);
} elseif (!$id && $can_add) {
$stmt = db()->prepare("INSERT INTO events (title, description, event_date, start_time, end_time, location, created_by) VALUES (?, ?, ?, ?, ?, ?, ?)");
$stmt->execute([$title, $description, $date, $start_time, $end_time, $location, $_SESSION['user_id']]);
} else {
echo json_encode(['success' => false, 'error' => 'عفواً، لا تملك الصلاحيات الكافية للتقويم (إضافة/تعديل) في هذا الخادم. يرجى تفعيل الصلاحيات من صفحة إدارة المستخدمين.']);
exit;
}
echo json_encode(['success' => true]);
} catch (Exception $e) {
echo json_encode(['success' => false, 'error' => 'خطأ قاعدة البيانات: ' . $e->getMessage()]);
}
echo json_encode(['success' => true]);
exit;
}
if ($action === 'delete' && $can_delete) {
$id = $_POST['id'] ?? 0;
db()->prepare("DELETE FROM events WHERE id=?")->execute([$id]);
echo json_encode(['success' => true]);
if ($action === 'delete') {
if (!$can_delete) {
echo json_encode(['success' => false, 'error' => 'لا تملك صلاحية الحذف.']);
exit;
}
try {
$id = $_POST['id'] ?? 0;
db()->prepare("DELETE FROM events WHERE id=?")->execute([$id]);
echo json_encode(['success' => true]);
} catch (Exception $e) {
echo json_encode(['success' => false, 'error' => 'خطأ قاعدة البيانات: ' . $e->getMessage()]);
}
exit;
}
}
@ -249,7 +264,10 @@ function saveEvent() {
method: 'POST',
body: new FormData(form)
})
.then(r => r.json())
.then(r => {
if (!r.ok) throw new Error("Network Error");
return r.json();
})
.then(res => {
if (res.success) {
eventModal.hide();
@ -258,6 +276,10 @@ function saveEvent() {
} else {
Swal.fire({icon: 'error', title: 'خطأ', text: res.error || 'حدث خطأ أثناء الحفظ'});
}
})
.catch(err => {
console.error(err);
Swal.fire({icon: 'error', title: 'حدث خطأ غير متوقع', text: 'إما أن جلسة تسجيل الدخول انتهت، أو لا توجد صلاحيات (راجع سجل وحدة التحكم). يرجى تحديث الصفحة والمحاولة مجدداً.'});
});
}
@ -283,13 +305,22 @@ function deleteEvent() {
method: 'POST',
body: fd
})
.then(r => r.json())
.then(r => {
if (!r.ok) throw new Error("Network Error");
return r.json();
})
.then(res => {
if (res.success) {
eventModal.hide();
calendar.refetchEvents();
Swal.fire({icon: 'success', title: 'تم الحذف', showConfirmButton: false, timer: 1500});
} else {
Swal.fire({icon: 'error', title: 'خطأ', text: res.error || 'حدث خطأ أثناء الحذف'});
}
})
.catch(err => {
console.error(err);
Swal.fire({icon: 'error', title: 'حدث خطأ غير متوقع', text: 'إما أن جلسة تسجيل الدخول انتهت، أو لا توجد صلاحيات. يرجى تحديث الصفحة والمحاولة مجدداً.'});
});
}
});

113
fix.php Normal file
View File

@ -0,0 +1,113 @@
<?php
$c = file_get_contents('events.php');
$search = <<<'EOD'
if ($action === 'save' && ($can_add || $can_edit)) {
$id = $_POST['id'] ?? 0;
$title = $_POST['title'] ?? '';
$date = $_POST['event_date'] ?? '';
$start_time = !empty($_POST['start_time']) ? $_POST['start_time'] : null;
$end_time = !empty($_POST['end_time']) ? $_POST['end_time'] : null;
$location = $_POST['location'] ?? '';
$description = $_POST['description'] ?? '';
if (!$title || !$date) {
echo json_encode(['success' => false, 'error' => 'البيانات الأساسية مطلوبة']);
exit;
}
if ($id && $can_edit) {
$stmt = db()->prepare("UPDATE events SET title=?, description=?, event_date=?, start_time=?, end_time=?, location=? WHERE id=?");
$stmt->execute([$title, $description, $date, $start_time, $end_time, $location, $id]);
} elseif (!$id && $can_add) {
$stmt = db()->prepare("INSERT INTO events (title, description, event_date, start_time, end_time, location, created_by) VALUES (?, ?, ?, ?, ?, ?, ?)");
$stmt->execute([$title, $description, $date, $start_time, $end_time, $location, $_SESSION['user_id']]);
}
echo json_encode(['success' => true]);
exit;
}
EOD;
$replace = <<<'EOD'
if ($action === 'save') {
$id = $_POST['id'] ?? 0;
$title = $_POST['title'] ?? '';
$date = $_POST['event_date'] ?? '';
$start_time = !empty($_POST['start_time']) ? $_POST['start_time'] : null;
$end_time = !empty($_POST['end_time']) ? $_POST['end_time'] : null;
$location = $_POST['location'] ?? '';
$description = $_POST['description'] ?? '';
if (!$title || !$date) {
echo json_encode(['success' => false, 'error' => 'البيانات الأساسية مطلوبة']);
exit;
}
try {
if ($id && $can_edit) {
$stmt = db()->prepare("UPDATE events SET title=?, description=?, event_date=?, start_time=?, end_time=?, location=? WHERE id=?");
$stmt->execute([$title, $description, $date, $start_time, $end_time, $location, $id]);
} elseif (!$id && $can_add) {
$stmt = db()->prepare("INSERT INTO events (title, description, event_date, start_time, end_time, location, created_by) VALUES (?, ?, ?, ?, ?, ?, ?)");
$stmt->execute([$title, $description, $date, $start_time, $end_time, $location, $_SESSION['user_id']]);
} else {
echo json_encode(['success' => false, 'error' => 'عفواً، لا تملك الصلاحيات الكافية للتقويم (إضافة/تعديل) في هذا الخادم. يرجى تفعيل الصلاحيات من صفحة إدارة المستخدمين.']);
exit;
}
echo json_encode(['success' => true]);
} catch (Exception $e) {
echo json_encode(['success' => false, 'error' => 'خطأ قاعدة البيانات: ' . $e->getMessage()]);
}
exit;
}
EOD;
$c = str_replace($search, $replace, $c);
$search2 = <<<'EOD'
fetch('events.php?ajax=1', {
method: 'POST',
body: new FormData(form)
})
.then(r => r.json())
.then(res => {
if (res.success) {
eventModal.hide();
calendar.refetchEvents();
Swal.fire({icon: 'success', title: 'تم الحفظ', showConfirmButton: false, timer: 1500});
} else {
Swal.fire({icon: 'error', title: 'خطأ', text: res.error || 'حدث خطأ أثناء الحفظ'});
}
});
EOD;
$replace2 = <<<'EOD'
fetch('events.php?ajax=1', {
method: 'POST',
body: new FormData(form)
})
.then(r => {
if (!r.ok) throw new Error("Network Error");
return r.json();
})
.then(res => {
if (res.success) {
eventModal.hide();
calendar.refetchEvents();
Swal.fire({icon: 'success', title: 'تم الحفظ', showConfirmButton: false, timer: 1500});
} else {
Swal.fire({icon: 'error', title: 'خطأ', text: res.error || 'حدث خطأ أثناء الحفظ'});
}
})
.catch(err => {
console.error(err);
Swal.fire({icon: 'error', title: 'حدث خطأ غير متوقع', text: 'إما أن جلسة تسجيل الدخول انتهت، أو لا توجد صلاحيات (راجع سجل وحدة التحكم). يرجى تحديث الصفحة والمحاولة مجدداً.'});
});
EOD;
$c = str_replace($search2, $replace2, $c);
file_put_contents('events.php', $c);
echo "Patched events.php successfully.\n";

74
fix2.php Normal file
View File

@ -0,0 +1,74 @@
<?php
$c = file_get_contents('events.php');
$search = <<<'EOD'
if ($action === 'delete' && $can_delete) {
$id = $_POST['id'] ?? 0;
db()->prepare("DELETE FROM events WHERE id=?")->execute([$id]);
echo json_encode(['success' => true]);
exit;
}
EOD;
$replace = <<<'EOD'
if ($action === 'delete') {
if (!$can_delete) {
echo json_encode(['success' => false, 'error' => 'لا تملك صلاحية الحذف.']);
exit;
}
try {
$id = $_POST['id'] ?? 0;
db()->prepare("DELETE FROM events WHERE id=?")->execute([$id]);
echo json_encode(['success' => true]);
} catch (Exception $e) {
echo json_encode(['success' => false, 'error' => 'خطأ قاعدة البيانات: ' . $e->getMessage()]);
}
exit;
}
EOD;
$c = str_replace($search, $replace, $c);
$search2 = <<<'EOD'
fetch('events.php?ajax=1', {
method: 'POST',
body: fd
})
.then(r => r.json())
.then(res => {
if (res.success) {
eventModal.hide();
calendar.refetchEvents();
Swal.fire({icon: 'success', title: 'تم الحذف', showConfirmButton: false, timer: 1500});
}
});
EOD;
$replace2 = <<<'EOD'
fetch('events.php?ajax=1', {
method: 'POST',
body: fd
})
.then(r => {
if (!r.ok) throw new Error("Network Error");
return r.json();
})
.then(res => {
if (res.success) {
eventModal.hide();
calendar.refetchEvents();
Swal.fire({icon: 'success', title: 'تم الحذف', showConfirmButton: false, timer: 1500});
} else {
Swal.fire({icon: 'error', title: 'خطأ', text: res.error || 'حدث خطأ أثناء الحذف'});
}
})
.catch(err => {
console.error(err);
Swal.fire({icon: 'error', title: 'حدث خطأ غير متوقع', text: 'إما أن جلسة تسجيل الدخول انتهت، أو لا توجد صلاحيات. يرجى تحديث الصفحة والمحاولة مجدداً.'});
});
EOD;
$c = str_replace($search2, $replace2, $c);
file_put_contents('events.php', $c);
echo "Patched delete in events.php\n";

113
fix_events.php Normal file
View File

@ -0,0 +1,113 @@
<?php
$content = file_get_contents('events.php');
$search = <<<EOT
if ($action === 'save' && ($can_add || $can_edit)) {
$id = $_POST['id'] ?? 0;
$title = $_POST['title'] ?? '';
$date = $_POST['event_date'] ?? '';
$start_time = !empty($_POST['start_time']) ? $_POST['start_time'] : null;
$end_time = !empty($_POST['end_time']) ? $_POST['end_time'] : null;
$location = $_POST['location'] ?? '';
$description = $_POST['description'] ?? '';
if (!$title || !$date) {
echo json_encode(['success' => false, 'error' => 'البيانات الأساسية مطلوبة']);
exit;
}
if ($id && $can_edit) {
$stmt = db()->prepare("UPDATE events SET title=?, description=?, event_date=?, start_time=?, end_time=?, location=? WHERE id=?");
$stmt->execute([$title, $description, $date, $start_time, $end_time, $location, $id]);
} elseif (!$id && $can_add) {
$stmt = db()->prepare("INSERT INTO events (title, description, event_date, start_time, end_time, location, created_by) VALUES (?, ?, ?, ?, ?, ?, ?)");
$stmt->execute([$title, $description, $date, $start_time, $end_time, $location, $_SESSION['user_id']]);
}
echo json_encode(['success' => true]);
exit;
}
EOT;
$replace = <<<EOT
if ($action === 'save') {
$id = $_POST['id'] ?? 0;
$title = $_POST['title'] ?? '';
$date = $_POST['event_date'] ?? '';
$start_time = !empty($_POST['start_time']) ? $_POST['start_time'] : null;
$end_time = !empty($_POST['end_time']) ? $_POST['end_time'] : null;
$location = $_POST['location'] ?? '';
$description = $_POST['description'] ?? '';
if (!$title || !$date) {
echo json_encode(['success' => false, 'error' => 'البيانات الأساسية مطلوبة']);
exit;
}
try {
if ($id && $can_edit) {
$stmt = db()->prepare("UPDATE events SET title=?, description=?, event_date=?, start_time=?, end_time=?, location=? WHERE id=?");
$stmt->execute([$title, $description, $date, $start_time, $end_time, $location, $id]);
} elseif (!$id && $can_add) {
$stmt = db()->prepare("INSERT INTO events (title, description, event_date, start_time, end_time, location, created_by) VALUES (?, ?, ?, ?, ?, ?, ?)");
$stmt->execute([$title, $description, $date, $start_time, $end_time, $location, $_SESSION['user_id']]);
} else {
echo json_encode(['success' => false, 'error' => 'ليس لديك صلاحية لإضافة أو تعديل الأحداث. يرجى تفعيل هذه الصلاحيات من "إدارة المستخدمين" أولاً.']);
exit;
}
echo json_encode(['success' => true]);
} catch (Exception $e) {
echo json_encode(['success' => false, 'error' => 'خطأ قاعدة البيانات: ' . $e->getMessage()]);
}
exit;
}
EOT;
$content = str_replace($search, $replace, $content);
$search2 = <<<EOT
fetch('events.php?ajax=1', {
method: 'POST',
body: new FormData(form)
})
.then(r => r.json())
.then(res => {
if (res.success) {
eventModal.hide();
calendar.refetchEvents();
Swal.fire({icon: 'success', title: 'تم الحفظ', showConfirmButton: false, timer: 1500});
} else {
Swal.fire({icon: 'error', title: 'خطأ', text: res.error || 'حدث خطأ أثناء الحفظ'});
}
});
EOT;
$replace2 = <<<EOT
fetch('events.php?ajax=1', {
method: 'POST',
body: new FormData(form)
})
.then(r => {
if (!r.ok) throw new Error("Network Error");
return r.json();
})
.then(res => {
if (res.success) {
eventModal.hide();
calendar.refetchEvents();
Swal.fire({icon: 'success', title: 'تم الحفظ', showConfirmButton: false, timer: 1500});
} else {
Swal.fire({icon: 'error', title: 'خطأ', text: res.error || 'حدث خطأ أثناء الحفظ'});
}
})
.catch(err => {
console.error(err);
Swal.fire({icon: 'error', title: 'حدث خطأ غير متوقع', text: 'ربما تكون جلسة تسجيل الدخول قد انتهت أو لا توجد صلاحيات كافية، يرجى تحديث الصفحة والمحاولة مجدداً.'});
});
EOT;
$content = str_replace($search2, $replace2, $content);
file_put_contents('events.php', $content);
echo "Patched events.php successfully.\n";

105
fix_events2.php Normal file
View File

@ -0,0 +1,105 @@
<?php
$content = file_get_contents('events.php');
$search = " if (\$action === 'save' && (\$can_add || \$can_edit)) {
\$id = etrieve_POST['id'] ?? 0;
\$title = etrieve_POST['title'] ?? '';
\$date = etrieve_POST['event_date'] ?? '';
\$start_time = !empty( etrieve_POST['start_time']) ? etrieve_POST['start_time'] : null;
\$end_time = !empty( etrieve_POST['end_time']) ? etrieve_POST['end_time'] : null;
\$location = etrieve_POST['location'] ?? '';
\$description = etrieve_POST['description'] ?? '';
if (!\$title || !\$date) {
echo json_encode(['success' => false, 'error' => 'البيانات الأساسية مطلوبة']);
exit;
}
if (\$id && \$can_edit) {
\$stmt = db()->prepare("UPDATE events SET title=?, description=?, event_date=?, start_time=?, end_time=?, location=? WHERE id=?");
\$stmt->execute([\$title, \$description, \$date, \$start_time, \$end_time, \$location, \$id]);
} elseif (!\$id && \$can_add) {
\$stmt = db()->prepare("INSERT INTO events (title, description, event_date, start_time, end_time, location, created_by) VALUES (?, ?, ?, ?, ?, ?, ?)");
\$stmt->execute([\$title, \$description, \$date, \$start_time, \$end_time, \$location, etrieve_SESSION['user_id']]);
}
echo json_encode(['success' => true]);
exit;
}";
$replace = " if (\$action === 'save') {
\$id = etrieve_POST['id'] ?? 0;
\$title = etrieve_POST['title'] ?? '';
\$date = etrieve_POST['event_date'] ?? '';
\$start_time = !empty( etrieve_POST['start_time']) ? etrieve_POST['start_time'] : null;
\$end_time = !empty( etrieve_POST['end_time']) ? etrieve_POST['end_time'] : null;
\$location = etrieve_POST['location'] ?? '';
\$description = etrieve_POST['description'] ?? '';
if (!\$title || !\$date) {
echo json_encode(['success' => false, 'error' => 'البيانات الأساسية مطلوبة']);
exit;
}
try {
if (\$id && \$can_edit) {
\$stmt = db()->prepare("UPDATE events SET title=?, description=?, event_date=?, start_time=?, end_time=?, location=? WHERE id=?");
\$stmt->execute([\$title, \$description, \$date, \$start_time, \$end_time, \$location, \$id]);
} elseif (!\$id && \$can_add) {
\$stmt = db()->prepare("INSERT INTO events (title, description, event_date, start_time, end_time, location, created_by) VALUES (?, ?, ?, ?, ?, ?, ?)");
\$stmt->execute([\$title, \$description, \$date, \$start_time, \$end_time, \$location, etrieve_SESSION['user_id']]);
} else {
echo json_encode(['success' => false, 'error' => 'عفواً، لا تملك الصلاحيات الكافية. يرجى تفعيل صلاحيات "الإضافة" أو "التعديل" للتقويم من صفحة إدارة المستخدمين.']);
exit;
}
echo json_encode(['success' => true]);
} catch (Exception \$e) {
echo json_encode(['success' => false, 'error' => 'خطأ قاعدة البيانات: ' . \$e->getMessage()]);
}
exit;
}";
$content = str_replace($search, $replace, $content);
$search2 = " fetch('events.php?ajax=1', {
method: 'POST',
body: new FormData(form)
})
.then(r => r.json())
.then(res => {
if (res.success) {
eventModal.hide();
calendar.refetchEvents();
Swal.fire({icon: 'success', title: 'تم الحفظ', showConfirmButton: false, timer: 1500});
} else {
Swal.fire({icon: 'error', title: 'خطأ', text: res.error || 'حدث خطأ أثناء الحفظ'});
}
});";
$replace2 = " fetch('events.php?ajax=1', {
method: 'POST',
body: new FormData(form)
})
.then(r => {
if (!r.ok) throw new Error(\"Network Error\");
return r.json();
})
.then(res => {
if (res.success) {
eventModal.hide();
calendar.refetchEvents();
Swal.fire({icon: 'success', title: 'تم الحفظ', showConfirmButton: false, timer: 1500});
} else {
Swal.fire({icon: 'error', title: 'خطأ', text: res.error || 'حدث خطأ أثناء الحفظ'});
}
})
.catch(err => {
console.error(err);
Swal.fire({icon: 'error', title: 'حدث خطأ غير متوقع', text: 'إما أن جلسة تسجيل الدخول انتهت، أو لا توجد صلاحيات. يرجى تحديث الصفحة والمحاولة مجدداً.'});
});";
$content = str_replace($search2, $replace2, $content);
file_put_contents('events.php', $content);
echo "Patched events.php successfully.\n";

106
users.php
View File

@ -364,25 +364,57 @@ if (isset($_GET['action']) && $_GET['action'] === 'edit' && isset($_GET['id']))
<th>إضافة</th>
<th>تعديل</th>
<th>حذف</th>
<th>الكل</th>
</tr>
</thead>
<tbody>
<?php foreach ($modules as $key => $label): ?>
<tr class="text-center">
<td class="text-start ps-3 fw-bold"><?= $label ?></td>
<td>
<input class="form-check-input" type="checkbox" name="perm_<?= $key ?>_view" id="perm_<?= $key ?>_view" value="1">
</td>
<td>
<input class="form-check-input" type="checkbox" name="perm_<?= $key ?>_add" id="perm_<?= $key ?>_add" value="1">
</td>
<td>
<input class="form-check-input" type="checkbox" name="perm_<?= $key ?>_edit" id="perm_<?= $key ?>_edit" value="1">
</td>
<td>
<input class="form-check-input" type="checkbox" name="perm_<?= $key ?>_delete" id="perm_<?= $key ?>_delete" value="1">
<?php
$module_groups = [
'البريد' => ['inbound', 'outbound', 'internal', 'reports'],
'الموارد البشرية' => ['hr_dashboard', 'hr_employees', 'hr_attendance', 'hr_leaves', 'hr_payroll', 'hr_reports'],
'المخزون' => ['stock_dashboard', 'stock_items', 'stock_in', 'stock_out', 'stock_lending', 'stock_reports', 'stock_settings'],
'المحاسبة والمصروفات' => ['accounting', 'expenses', 'expense_settings'],
'اللجان والاجتماعات' => ['committees', 'charity_members', 'charity_plans', 'meetings'],
'التقويم والأحداث' => ['events'],
'الإدارة والتنظيم' => ['users', 'settings']
];
foreach ($module_groups as $group_name => $group_keys):
$groupId = md5($group_name);
?>
<tr class="table-secondary">
<td class="text-start ps-3 fw-bold text-primary"><i class="fas fa-folder me-2"></i> <?= $group_name ?></td>
<td colspan="4"></td>
<td class="text-center">
<div class="form-check d-inline-block">
<input class="form-check-input group-toggle" type="checkbox" data-group="<?= $groupId ?>" title="تحديد كل المجموعة">
</div>
</td>
</tr>
<?php foreach ($group_keys as $key): ?>
<?php if(isset($modules[$key])):
?>
<tr class="text-center">
<td class="text-start ps-4 fw-bold text-muted"><i class="fas fa-angle-left me-2"></i> <?= $modules[$key] ?></td>
<td>
<input class="form-check-input perm-cb-<?= $groupId ?> row-cb-<?= $key ?>" type="checkbox" name="perm_<?= $key ?>_view" id="perm_<?= $key ?>_view" value="1" data-row="<?= $key ?>" data-group="<?= $groupId ?>">
</td>
<td>
<input class="form-check-input perm-cb-<?= $groupId ?> row-cb-<?= $key ?>" type="checkbox" name="perm_<?= $key ?>_add" id="perm_<?= $key ?>_add" value="1" data-row="<?= $key ?>" data-group="<?= $groupId ?>">
</td>
<td>
<input class="form-check-input perm-cb-<?= $groupId ?> row-cb-<?= $key ?>" type="checkbox" name="perm_<?= $key ?>_edit" id="perm_<?= $key ?>_edit" value="1" data-row="<?= $key ?>" data-group="<?= $groupId ?>">
</td>
<td>
<input class="form-check-input perm-cb-<?= $groupId ?> row-cb-<?= $key ?>" type="checkbox" name="perm_<?= $key ?>_delete" id="perm_<?= $key ?>_delete" value="1" data-row="<?= $key ?>" data-group="<?= $groupId ?>">
</td>
<td>
<div class="form-check d-inline-block">
<input class="form-check-input row-toggle" type="checkbox" data-row="<?= $key ?>" data-group="<?= $groupId ?>" title="تحديد الصف">
</div>
</td>
</tr>
<?php endif; ?>
<?php endforeach; ?>
<?php endforeach; ?>
</tbody>
</table>
@ -407,6 +439,50 @@ if (isset($_GET['action']) && $_GET['action'] === 'edit' && isset($_GET['id']))
let userModal;
const modules = <?= json_encode(array_keys($modules)) ?>;
function syncToggles() {
document.querySelectorAll('.row-toggle').forEach(toggle => {
const rowId = toggle.dataset.row;
const cbs = document.querySelectorAll(`.row-cb-${rowId}`);
let allChecked = true;
cbs.forEach(cb => { if (!cb.checked) allChecked = false; });
toggle.checked = cbs.length > 0 && allChecked;
});
document.querySelectorAll('.group-toggle').forEach(toggle => {
const groupId = toggle.dataset.group;
const cbs = document.querySelectorAll(`.perm-cb-${groupId}`);
let allChecked = true;
cbs.forEach(cb => { if (!cb.checked) allChecked = false; });
toggle.checked = cbs.length > 0 && allChecked;
});
}
document.addEventListener('DOMContentLoaded', function() {
document.querySelectorAll('.group-toggle').forEach(el => {
el.addEventListener('change', function() {
const groupId = this.dataset.group;
const checked = this.checked;
document.querySelectorAll(`.perm-cb-${groupId}`).forEach(cb => cb.checked = checked);
document.querySelectorAll(`.row-toggle[data-group="${groupId}"]`).forEach(cb => cb.checked = checked);
});
});
document.querySelectorAll('.row-toggle').forEach(el => {
el.addEventListener('change', function() {
const rowId = this.dataset.row;
const checked = this.checked;
document.querySelectorAll(`.row-cb-${rowId}`).forEach(cb => cb.checked = checked);
syncToggles();
});
});
document.querySelectorAll('[class*="perm-cb-"]').forEach(el => {
el.addEventListener('change', function() {
syncToggles();
});
});
});
function applyRolePresets(role) {
modules.forEach(m => {
const view = document.getElementById(`perm_${m}_view`);
@ -433,6 +509,7 @@ function applyRolePresets(role) {
}
}
});
if(typeof syncToggles !== 'undefined') syncToggles();
}
function openUserModal(action, data = null) {
@ -490,6 +567,7 @@ function openUserModal(action, data = null) {
pwdHint.textContent = '(اتركه فارغاً للحفاظ على كلمة المرور الحالية)';
}
if(typeof syncToggles !== 'undefined') syncToggles();
userModal.show();
}