288 lines
12 KiB
PHP
288 lines
12 KiB
PHP
<?php
|
|
require_once __DIR__ . '/includes/header.php';
|
|
|
|
if (!isAdmin()) {
|
|
redirect('index.php');
|
|
}
|
|
|
|
$error = '';
|
|
$success = '';
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$action = $_POST['action'] ?? '';
|
|
$username = $_POST['username'] ?? '';
|
|
$full_name = $_POST['full_name'] ?? '';
|
|
$role = $_POST['role'] ?? 'staff';
|
|
$password = $_POST['password'] ?? '';
|
|
$id = $_POST['id'] ?? 0;
|
|
|
|
if ($action === 'add') {
|
|
if ($username && $password && $full_name) {
|
|
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
|
|
try {
|
|
$stmt = db()->prepare("INSERT INTO users (username, password, full_name, role) VALUES (?, ?, ?, ?)");
|
|
$stmt->execute([$username, $hashed_password, $full_name, $role]);
|
|
$success = 'تم إضافة المستخدم بنجاح';
|
|
} catch (PDOException $e) {
|
|
if ($e->getCode() == 23000) {
|
|
$error = 'اسم المستخدم موجود مسبقاً';
|
|
} else {
|
|
$error = 'حدث خطأ: ' . $e->getMessage();
|
|
}
|
|
}
|
|
} else {
|
|
$error = 'يرجى ملء جميع الحقول المطلوبة';
|
|
}
|
|
} elseif ($action === 'edit') {
|
|
if ($username && $full_name && $id) {
|
|
try {
|
|
if ($password) {
|
|
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
|
|
$stmt = db()->prepare("UPDATE users SET username = ?, full_name = ?, role = ?, password = ? WHERE id = ?");
|
|
$stmt->execute([$username, $full_name, $role, $hashed_password, $id]);
|
|
} else {
|
|
$stmt = db()->prepare("UPDATE users SET username = ?, full_name = ?, role = ? WHERE id = ?");
|
|
$stmt->execute([$username, $full_name, $role, $id]);
|
|
}
|
|
$success = 'تم تحديث بيانات المستخدم بنجاح';
|
|
} catch (PDOException $e) {
|
|
$error = 'حدث خطأ: ' . $e->getMessage();
|
|
}
|
|
} else {
|
|
$error = 'يرجى ملء جميع الحقول المطلوبة';
|
|
}
|
|
}
|
|
}
|
|
|
|
if (isset($_GET['action']) && $_GET['action'] === 'delete' && isset($_GET['id'])) {
|
|
if ($_GET['id'] != $_SESSION['user_id']) {
|
|
$stmt = db()->prepare("DELETE FROM users WHERE id = ?");
|
|
$stmt->execute([$_GET['id']]);
|
|
$success = 'تم حذف المستخدم بنجاح';
|
|
} else {
|
|
$error = 'لا يمكنك حذف حسابك الحالي';
|
|
}
|
|
}
|
|
|
|
$stmt = db()->query("SELECT * FROM users ORDER BY created_at DESC");
|
|
$users = $stmt->fetchAll();
|
|
|
|
// Handle Deep Link for Edit
|
|
$deepLinkData = null;
|
|
if (isset($_GET['action']) && $_GET['action'] === 'edit' && isset($_GET['id'])) {
|
|
$stmt = db()->prepare("SELECT * FROM users WHERE id = ?");
|
|
$stmt->execute([$_GET['id']]);
|
|
$deepLinkData = $stmt->fetch();
|
|
}
|
|
?>
|
|
|
|
<div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
|
|
<h1 class="h2">إدارة المستخدمين</h1>
|
|
<button type="button" class="btn btn-primary shadow-sm" onclick="openUserModal('add')">
|
|
<i class="fas fa-user-plus me-1"></i> إضافة مستخدم جديد
|
|
</button>
|
|
</div>
|
|
|
|
<?php if ($success): ?>
|
|
<div class="alert alert-success alert-dismissible fade show" role="alert">
|
|
<?= $success ?>
|
|
<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
|
|
</div>
|
|
<?php endif; ?>
|
|
|
|
<?php if ($error): ?>
|
|
<div class="alert alert-danger alert-dismissible fade show" role="alert">
|
|
<?= $error ?>
|
|
<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
|
|
</div>
|
|
<?php endif; ?>
|
|
|
|
<div class="card shadow-sm border-0 mb-4">
|
|
<div class="card-body p-0">
|
|
<div class="table-responsive">
|
|
<table class="table table-hover align-middle mb-0">
|
|
<thead class="bg-light">
|
|
<tr>
|
|
<th class="ps-4">الاسم الكامل</th>
|
|
<th>اسم المستخدم</th>
|
|
<th>الدور</th>
|
|
<th>تاريخ الإنشاء</th>
|
|
<th class="pe-4 text-center">الإجراءات</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
<?php foreach ($users as $user): ?>
|
|
<tr>
|
|
<td class="ps-4 fw-bold"><?= htmlspecialchars($user['full_name']) ?></td>
|
|
<td><?= htmlspecialchars($user['username']) ?></td>
|
|
<td>
|
|
<?php if ($user['role'] === 'admin'): ?>
|
|
<span class="badge bg-danger">مدير</span>
|
|
<?php elseif ($user['role'] === 'clerk'): ?>
|
|
<span class="badge bg-warning text-dark">كاتب</span>
|
|
<?php else: ?>
|
|
<span class="badge bg-secondary">موظف</span>
|
|
<?php endif; ?>
|
|
</td>
|
|
<td><?= $user['created_at'] ?></td>
|
|
<td class="pe-4 text-center">
|
|
<button type="button" class="btn btn-sm btn-outline-primary"
|
|
onclick="openUserModal('edit', <?= htmlspecialchars(json_encode($user), ENT_QUOTES, 'UTF-8') ?>)">
|
|
<i class="fas fa-edit"></i> تعديل
|
|
</button>
|
|
<?php if ($user['id'] != $_SESSION['user_id']): ?>
|
|
<a href="javascript:void(0)" onclick="confirmDelete(<?= $user['id'] ?>)" class="btn btn-sm btn-outline-danger">
|
|
<i class="fas fa-trash"></i> حذف
|
|
</a>
|
|
<?php endif; ?>
|
|
</td>
|
|
</tr>
|
|
<?php endforeach; ?>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<!-- User Modal -->
|
|
<div class="modal fade" id="userModal" tabindex="-1" aria-labelledby="userModalLabel" aria-hidden="true">
|
|
<div class="modal-dialog">
|
|
<div class="modal-content border-0 shadow">
|
|
<div class="modal-header bg-primary text-white">
|
|
<h5 class="modal-title fw-bold" id="userModalLabel">إضافة مستخدم جديد</h5>
|
|
<button type="button" class="btn-close btn-close-white" data-bs-dismiss="modal" aria-label="Close"></button>
|
|
</div>
|
|
<form id="userForm" method="POST">
|
|
<div class="modal-body p-4">
|
|
<input type="hidden" name="action" id="modalAction" value="add">
|
|
<input type="hidden" name="id" id="modalId" value="0">
|
|
|
|
<div class="mb-3">
|
|
<label class="form-label fw-bold">الاسم الكامل</label>
|
|
<input type="text" name="full_name" id="modalFullName" class="form-control" required>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label class="form-label fw-bold">اسم المستخدم</label>
|
|
<input type="text" name="username" id="modalUsername" class="form-control" required>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label class="form-label fw-bold">كلمة المرور <span id="pwdHint" class="text-muted small"></span></label>
|
|
<input type="password" name="password" id="modalPassword" class="form-control">
|
|
</div>
|
|
<div class="mb-3">
|
|
<label class="form-label fw-bold">الدور</label>
|
|
<select name="role" id="modalRole" class="form-select">
|
|
<option value="staff">موظف</option>
|
|
<option value="clerk">كاتب</option>
|
|
<option value="admin">مدير</option>
|
|
</select>
|
|
</div>
|
|
</div>
|
|
<div class="modal-footer bg-light">
|
|
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">إلغاء</button>
|
|
<button type="submit" class="btn btn-primary px-4">حفظ البيانات</button>
|
|
</div>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<script>
|
|
let userModal;
|
|
|
|
function openUserModal(action, data = null) {
|
|
if (!userModal) {
|
|
const modalEl = document.getElementById('userModal');
|
|
if (typeof bootstrap !== 'undefined') {
|
|
userModal = new bootstrap.Modal(modalEl);
|
|
} else {
|
|
console.error('Bootstrap not loaded');
|
|
return;
|
|
}
|
|
}
|
|
|
|
const label = document.getElementById('userModalLabel');
|
|
const modalAction = document.getElementById('modalAction');
|
|
const modalId = document.getElementById('modalId');
|
|
const modalPassword = document.getElementById('modalPassword');
|
|
const pwdHint = document.getElementById('pwdHint');
|
|
|
|
const fields = {
|
|
full_name: document.getElementById('modalFullName'),
|
|
username: document.getElementById('modalUsername'),
|
|
role: document.getElementById('modalRole')
|
|
};
|
|
|
|
modalAction.value = action;
|
|
|
|
if (action === 'add') {
|
|
label.textContent = 'إضافة مستخدم جديد';
|
|
modalId.value = '0';
|
|
Object.keys(fields).forEach(key => fields[key].value = '');
|
|
modalRole.value = 'staff';
|
|
modalPassword.required = true;
|
|
pwdHint.textContent = '';
|
|
} else {
|
|
label.textContent = 'تعديل بيانات المستخدم';
|
|
modalId.value = data.id;
|
|
Object.keys(fields).forEach(key => {
|
|
if (fields[key]) fields[key].value = data[key] || '';
|
|
});
|
|
modalPassword.required = false;
|
|
pwdHint.textContent = '(اتركه فارغاً للحفاظ على كلمة المرور الحالية)';
|
|
}
|
|
|
|
userModal.show();
|
|
}
|
|
|
|
document.addEventListener('DOMContentLoaded', function() {
|
|
<?php if ($deepLinkData): ?>
|
|
openUserModal('edit', <?= json_encode($deepLinkData) ?>);
|
|
<?php elseif ($error && isset($_POST['action'])): ?>
|
|
const errorData = <?= json_encode([
|
|
'id' => $_POST['id'] ?? 0,
|
|
'username' => $_POST['username'] ?? '',
|
|
'full_name' => $_POST['full_name'] ?? '',
|
|
'role' => $_POST['role'] ?? 'staff'
|
|
]) ?>;
|
|
openUserModal('<?= $_POST['action'] ?>', errorData);
|
|
<?php elseif (isset($_GET['action']) && $_GET['action'] === 'add'): ?>
|
|
openUserModal('add');
|
|
<?php endif; ?>
|
|
});
|
|
|
|
function confirmDelete(id) {
|
|
if (typeof Swal === 'undefined') {
|
|
if (confirm('هل أنت متأكد من الحذف؟')) {
|
|
window.location.href = 'users.php?action=delete&id=' + id;
|
|
}
|
|
return;
|
|
}
|
|
Swal.fire({
|
|
title: 'هل أنت متأكد؟',
|
|
text: "لا يمكن التراجع عن عملية الحذف!",
|
|
icon: 'warning',
|
|
showCancelButton: true,
|
|
confirmButtonColor: '#d33',
|
|
cancelButtonColor: '#3085d6',
|
|
confirmButtonText: 'نعم، احذف!',
|
|
cancelButtonText: 'إلغاء'
|
|
}).then((result) => {
|
|
if (result.isConfirmed) {
|
|
window.location.href = 'users.php?action=delete&id=' + id;
|
|
}
|
|
})
|
|
}
|
|
</script>
|
|
|
|
<style>
|
|
.modal-content {
|
|
border-radius: 15px;
|
|
overflow: hidden;
|
|
}
|
|
.modal-header.bg-primary {
|
|
background-color: #0d6efd !important;
|
|
}
|
|
</style>
|
|
|
|
<?php require_once __DIR__ . '/includes/footer.php'; ?>
|