262 lines
11 KiB
PHP
262 lines
11 KiB
PHP
<?php
|
|
require_once __DIR__ . '/includes/header.php';
|
|
|
|
if (!isAdmin()) {
|
|
echo '<div class="alert alert-danger mt-4">غير مصرح لك بالوصول لهذه الصفحة.</div>';
|
|
require_once __DIR__ . '/includes/footer.php';
|
|
exit;
|
|
}
|
|
|
|
$error = '';
|
|
$success = '';
|
|
|
|
// Handle actions
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$action = $_POST['action'] ?? '';
|
|
$username = $_POST['username'] ?? '';
|
|
$full_name = $_POST['full_name'] ?? '';
|
|
$role = $_POST['role'] ?? 'staff';
|
|
$password = $_POST['password'] ?? '';
|
|
$id = $_POST['id'] ?? 0;
|
|
|
|
if ($username && $full_name) {
|
|
try {
|
|
if ($action === 'add') {
|
|
if (!$password) {
|
|
$error = 'يرجى إدخال كلمة المرور للمستخدم الجديد';
|
|
} else {
|
|
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
|
|
$stmt = db()->prepare("INSERT INTO users (username, full_name, role, password) VALUES (?, ?, ?, ?)");
|
|
$stmt->execute([$username, $full_name, $role, $hashed_password]);
|
|
$success = 'تمت إضافة المستخدم بنجاح';
|
|
}
|
|
} elseif ($action === 'edit') {
|
|
if ($password) {
|
|
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
|
|
$stmt = db()->prepare("UPDATE users SET username = ?, full_name = ?, role = ?, password = ? WHERE id = ?");
|
|
$stmt->execute([$username, $full_name, $role, $hashed_password, $id]);
|
|
} else {
|
|
$stmt = db()->prepare("UPDATE users SET username = ?, full_name = ?, role = ? WHERE id = ?");
|
|
$stmt->execute([$username, $full_name, $role, $id]);
|
|
}
|
|
$success = 'تم تحديث بيانات المستخدم بنجاح';
|
|
}
|
|
} catch (PDOException $e) {
|
|
if ($e->getCode() == 23000) {
|
|
$error = 'اسم المستخدم موجود مسبقاً';
|
|
} else {
|
|
$error = 'حدث خطأ: ' . $e->getMessage();
|
|
}
|
|
}
|
|
} else {
|
|
$error = 'يرجى ملء الحقول المطلوبة';
|
|
}
|
|
}
|
|
|
|
// Delete action
|
|
if (isset($_GET['action']) && $_GET['action'] === 'delete' && isset($_GET['id'])) {
|
|
$id = $_GET['id'];
|
|
if ($id == $_SESSION['user_id']) {
|
|
$error = 'لا يمكنك حذف حسابك الحالي';
|
|
} else {
|
|
$stmt = db()->prepare("DELETE FROM users WHERE id = ?");
|
|
$stmt->execute([$id]);
|
|
$success = 'تم حذف المستخدم بنجاح';
|
|
}
|
|
}
|
|
|
|
$users = db()->query("SELECT * FROM users ORDER BY created_at DESC")->fetchAll();
|
|
|
|
// Handle Deep Link for Edit
|
|
$deepLinkData = null;
|
|
if (isset($_GET['action']) && $_GET['action'] === 'edit' && isset($_GET['id'])) {
|
|
$stmt = db()->prepare("SELECT * FROM users WHERE id = ?");
|
|
$stmt->execute([$_GET['id']]);
|
|
$deepLinkData = $stmt->fetch();
|
|
}
|
|
?>
|
|
|
|
<div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
|
|
<h1 class="h2">إدارة المستخدمين</h1>
|
|
<button type="button" class="btn btn-primary" onclick="openUserModal('add')">
|
|
<i class="fas fa-user-plus me-1"></i> إضافة مستخدم
|
|
</button>
|
|
</div>
|
|
|
|
<?php if ($success): ?>
|
|
<div class="alert alert-success alert-dismissible fade show" role="alert">
|
|
<?= $success ?>
|
|
<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
|
|
</div>
|
|
<?php endif; ?>
|
|
|
|
<?php if ($error): ?>
|
|
<div class="alert alert-danger alert-dismissible fade show" role="alert">
|
|
<?= $error ?>
|
|
<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
|
|
</div>
|
|
<?php endif; ?>
|
|
|
|
<div class="card shadow-sm border-0">
|
|
<div class="card-body p-0">
|
|
<div class="table-responsive">
|
|
<table class="table table-hover align-middle mb-0">
|
|
<thead class="bg-light">
|
|
<tr>
|
|
<th class="ps-4">اسم المستخدم</th>
|
|
<th>الاسم الكامل</th>
|
|
<th>الصلاحية</th>
|
|
<th>تاريخ الإنشاء</th>
|
|
<th class="pe-4 text-center">الإجراءات</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
<?php foreach ($users as $user): ?>
|
|
<tr>
|
|
<td class="ps-4 fw-bold"><?= htmlspecialchars($user['username']) ?></td>
|
|
<td><?= htmlspecialchars($user['full_name']) ?></td>
|
|
<td>
|
|
<?php
|
|
$badge = 'bg-secondary';
|
|
if ($user['role'] === 'admin') $badge = 'bg-danger';
|
|
if ($user['role'] === 'clerk') $badge = 'bg-primary';
|
|
?>
|
|
<span class="badge <?= $badge ?>"><?= $user['role'] ?></span>
|
|
</td>
|
|
<td><?= date('Y-m-d', strtotime($user['created_at'])) ?></td>
|
|
<td class="pe-4 text-center">
|
|
<button type="button" class="btn btn-sm btn-outline-primary"
|
|
onclick='openUserModal("edit", <?= json_encode($user) ?>)'>
|
|
<i class="fas fa-edit"></i>
|
|
</button>
|
|
<?php if ($user['id'] != $_SESSION['user_id']): ?>
|
|
<a href="javascript:void(0)" onclick="confirmDelete(<?= $user['id'] ?>)" class="btn btn-sm btn-outline-danger"><i class="fas fa-trash"></i></a>
|
|
<?php endif; ?>
|
|
</td>
|
|
</tr>
|
|
<?php endforeach; ?>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<!-- User Modal -->
|
|
<div class="modal fade" id="userModal" tabindex="-1" aria-labelledby="userModalLabel" aria-hidden="true">
|
|
<div class="modal-dialog">
|
|
<div class="modal-content">
|
|
<div class="modal-header">
|
|
<h5 class="modal-title" id="userModalLabel">إضافة مستخدم جديد</h5>
|
|
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
|
|
</div>
|
|
<form id="userForm" method="POST">
|
|
<div class="modal-body">
|
|
<input type="hidden" name="action" id="modalAction" value="add">
|
|
<input type="hidden" name="id" id="modalUserId" value="0">
|
|
|
|
<div class="mb-3">
|
|
<label class="form-label">اسم المستخدم <span class="text-danger">*</span></label>
|
|
<input type="text" name="username" id="modalUsername" class="form-control" required>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label class="form-label">الاسم الكامل <span class="text-danger">*</span></label>
|
|
<input type="text" name="full_name" id="modalFullName" class="form-control" required>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label class="form-label">الصلاحية</label>
|
|
<select name="role" id="modalRole" class="form-select">
|
|
<option value="staff">موظف (Staff)</option>
|
|
<option value="clerk">مدخل بيانات (Clerk)</option>
|
|
<option value="admin">مدير (Admin)</option>
|
|
</select>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label class="form-label" id="passwordLabel">كلمة المرور <span class="text-danger">*</span></label>
|
|
<input type="password" name="password" id="modalPassword" class="form-control">
|
|
<small class="text-muted" id="passwordHelp" style="display:none;">اتركه فارغاً للمحافظة على الحالية</small>
|
|
</div>
|
|
</div>
|
|
<div class="modal-footer">
|
|
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">إلغاء</button>
|
|
<button type="submit" class="btn btn-primary">حفظ البيانات</button>
|
|
</div>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<script>
|
|
const userModal = new bootstrap.Modal(document.getElementById('userModal'));
|
|
|
|
function openUserModal(action, data = null) {
|
|
const label = document.getElementById('userModalLabel');
|
|
const modalAction = document.getElementById('modalAction');
|
|
const modalUserId = document.getElementById('modalUserId');
|
|
const modalUsername = document.getElementById('modalUsername');
|
|
const modalFullName = document.getElementById('modalFullName');
|
|
const modalRole = document.getElementById('modalRole');
|
|
const modalPassword = document.getElementById('modalPassword');
|
|
const passwordLabel = document.getElementById('passwordLabel');
|
|
const passwordHelp = document.getElementById('passwordHelp');
|
|
|
|
modalAction.value = action;
|
|
|
|
if (action === 'add') {
|
|
label.textContent = 'إضافة مستخدم جديد';
|
|
modalUserId.value = '0';
|
|
modalUsername.value = '';
|
|
modalFullName.value = '';
|
|
modalRole.value = 'staff';
|
|
modalPassword.required = true;
|
|
passwordLabel.innerHTML = 'كلمة المرور <span class="text-danger">*</span>';
|
|
passwordHelp.style.display = 'none';
|
|
} else {
|
|
label.textContent = 'تعديل بيانات المستخدم';
|
|
modalUserId.value = data.id;
|
|
modalUsername.value = data.username;
|
|
modalFullName.value = data.full_name;
|
|
modalRole.value = data.role;
|
|
modalPassword.required = false;
|
|
passwordLabel.innerHTML = 'كلمة المرور';
|
|
passwordHelp.style.display = 'block';
|
|
}
|
|
|
|
userModal.show();
|
|
}
|
|
|
|
document.addEventListener('DOMContentLoaded', function() {
|
|
<?php if ($deepLinkData): ?>
|
|
openUserModal('edit', <?= json_encode($deepLinkData) ?>);
|
|
<?php elseif ($error && isset($_POST['action'])): ?>
|
|
const data = {
|
|
id: '<?= $_POST['id'] ?? 0 ?>',
|
|
username: '<?= addslashes($_POST['username'] ?? '') ?>',
|
|
full_name: '<?= addslashes($_POST['full_name'] ?? '') ?>',
|
|
role: '<?= $_POST['role'] ?? 'staff' ?>'
|
|
};
|
|
openUserModal('<?= $_POST['action'] ?>', data);
|
|
<?php elseif (isset($_GET['action']) && $_GET['action'] === 'add'): ?>
|
|
openUserModal('add');
|
|
<?php endif; ?>
|
|
});
|
|
|
|
function confirmDelete(id) {
|
|
Swal.fire({
|
|
title: 'هل أنت متأكد؟',
|
|
text: "سيتم حذف المستخدم بشكل نهائي!",
|
|
icon: 'warning',
|
|
showCancelButton: true,
|
|
confirmButtonColor: '#d33',
|
|
cancelButtonColor: '#3085d6',
|
|
confirmButtonText: 'نعم، احذف!',
|
|
cancelButtonText: 'إلغاء'
|
|
}).then((result) => {
|
|
if (result.isConfirmed) {
|
|
window.location.href = 'users.php?action=delete&id=' + id;
|
|
}
|
|
})
|
|
}
|
|
</script>
|
|
|
|
<?php require_once __DIR__ . '/includes/footer.php'; ?>
|