admin/38808-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Autosave: 20260228-024736

Browse Source
This commit is contained in:
Flatlogic Bot 2026-02-28 02:47:36 +00:00
parent 21d9204f3a
commit 90db1dc8a5
2 changed files with 47 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
includes/header.php
View File

@ -1,4 +1,5 @@
<?php <?php
ob_start();
session_start(); session_start();
require_once __DIR__ . '/../db/config.php'; require_once __DIR__ . '/../db/config.php';

68
login.php
View File

@ -2,15 +2,11 @@
require_once __DIR__ . '/includes/header.php'; require_once __DIR__ . '/includes/header.php';
if (isLoggedIn()) { if (isLoggedIn()) {
redirect('index.php'); redirect('user_dashboard.php');
} }
$error = ''; $error = '';
// Fetch charity settings
$stmt = db()->query("SELECT * FROM charity_settings WHERE id = 1");
$charity = $stmt->fetch();
if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = trim($_POST['username'] ?? ''); $username = trim($_POST['username'] ?? '');
$password = $_POST['password'] ?? ''; $password = $_POST['password'] ?? '';
@ -18,63 +14,67 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if ($username && $password) { if ($username && $password) {
$stmt = db()->prepare("SELECT * FROM users WHERE username = ?"); $stmt = db()->prepare("SELECT * FROM users WHERE username = ?");
$stmt->execute([$username]); $stmt->execute([$username]);
$user = $stmt->fetch(PDO::FETCH_ASSOC); $user = $stmt->fetch();
if ($user && password_verify($password, $user['password'])) { if ($user && password_verify($password, $user['password'])) {
$_SESSION['user_id'] = $user['id']; $_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username']; $_SESSION['username'] = $user['username'];
$_SESSION['full_name'] = $user['full_name']; $_SESSION['role'] = $user['role'];
$_SESSION['user_role'] = $user['role'];
// Set permissions in session immediately // Redirect to dashboard
$_SESSION['can_view'] = $user['can_view'] ?? 1; redirect('user_dashboard.php');
$_SESSION['can_add'] = $user['can_add'] ?? 0;
$_SESSION['can_edit'] = $user['can_edit'] ?? 0;
$_SESSION['can_delete'] = $user['can_delete'] ?? 0;
redirect('index.php');
} else { } else {
$error = 'اسم المستخدم أو كلمة المرور غير صحيحة'; $error = "اسم المستخدم أو كلمة المرور غير صحيحة";
} }
} else { } else {
$error = 'يرجى إدخال جميع الحقول المطلوبة'; $error = "يرجى إدخال اسم المستخدم وكلمة المرور";
} }
} }
?> ?>
<div class="row justify-content-center align-items-center" style="min-height: 80vh;"> <div class="row justify-content-center align-items-center" style="min-height: 80vh;">
<div class="col-md-4"> <div class="col-md-5 col-lg-4">
<div class="card p-4 shadow-sm border-0"> <div class="card shadow-sm border-0">
<div class="card-body p-4">
<div class="text-center mb-4"> <div class="text-center mb-4">
<?php if ($charity['charity_logo']): ?> <?php if (!empty($charity['charity_logo'])): ?>
<img src="<?= htmlspecialchars($charity['charity_logo']) ?>" alt="Logo" class="mb-3" style="max-height: 100px;"> <img src="<?php echo htmlspecialchars($charity['charity_logo']); ?>" alt="Logo" class="img-fluid mb-3" style="max-height: 80px;">
<?php endif; ?> <?php endif; ?>
<h3 class="fw-bold"><?= htmlspecialchars($charity['charity_name'] ?? 'تسجيل الدخول') ?></h3> <h4 class="fw-bold mb-0"><?php echo htmlspecialchars($charity['charity_name'] ?? 'تسجيل الدخول'); ?></h4>
<p class="text-muted">نظام المراسلات</p> <p class="text-muted small">يرجى إدخال بيانات الاعتماد الخاصة بك</p>
</div> </div>
<?php if ($error): ?> <?php if ($error): ?>
<div class="alert alert-danger text-center"><?= $error ?></div> <div class="alert alert-danger py-2 small" role="alert">
<?php echo $error; ?>
</div>
<?php endif; ?> <?php endif; ?>
<form method="POST"> <form method="POST" action="">
<div class="mb-3"> <div class="mb-3">
<label for="username" class="form-label">اسم المستخدم</label> <label for="username" class="form-label small fw-semibold">اسم المستخدم</label>
<input type="text" class="form-control" id="username" name="username" required autocomplete="username"> <input type="text" class="form-control" id="username" name="username" required tabindex="1" autofocus>
</div> </div>
<div class="mb-3">
<div class="d-flex justify-content-between"> <div class="mb-2">
<label for="password" class="form-label">كلمة المرور</label> <div class="d-flex justify-content-between align-items-center mb-1">
<a href="forgot_password.php" class="text-decoration-none small text-primary">نسيت كلمة المرور؟</a> <label for="password" class="form-label small fw-semibold mb-0">كلمة المرور</label>
<a href="forgot_password.php" class="text-decoration-none small text-primary" tabindex="4">نسيت كلمة المرور؟</a>
</div> </div>
<input type="password" class="form-control" id="password" name="password" required autocomplete="current-password"> <input type="password" class="form-control" id="password" name="password" required tabindex="2">
</div> </div>
<div class="d-grid mt-4">
<button type="submit" class="btn btn-dark btn-lg">دخول</button> <div class="mt-4">
<button type="submit" class="btn btn-primary w-100 fw-bold py-2" tabindex="3">تسجيل الدخول</button>
</div> </div>
</form> </form>
</div> </div>
</div> </div>
<div class="text-center mt-3 text-muted small">
&copy; <?php echo date('Y'); ?> <?php echo htmlspecialchars($charity['charity_name'] ?? ''); ?>. جميع الحقوق محفوظة.
</div>
</div>
</div> </div>
<?php require_once __DIR__ . '/includes/footer.php'; ?> <?php require_once __DIR__ . '/includes/footer.php'; ?>