update users
This commit is contained in:
Flatlogic Bot
parent
3ca5cde9e3
commit
9667cec7e6
@ -1082,7 +1082,7 @@ if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST')
|
||||
$active = isset($_POST['active']) ? 1 : 0;
|
||||
|
||||
if ($id && $text_en && $text_ar) {
|
||||
$stmt = $db->prepare("UPDATE queue_ads SET text_en = ?, text_ar = ?, active = ? WHERE id = ?");
|
||||
$stmt = $db->prepare("UPDATE queue_ads SET text_en = ?, text_ar, active = ? WHERE id = ?");
|
||||
$stmt->execute([$text_en, $text_ar, $active, $id]);
|
||||
$_SESSION['flash_message'] = __('edit_ad') . ' ' . __('successfully');
|
||||
$redirect = true;
|
||||
@ -1167,6 +1167,60 @@ if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST')
|
||||
$_SESSION['flash_message'] = __('transaction_deleted_success');
|
||||
$redirect = true;
|
||||
}
|
||||
} elseif ($_POST['action'] === 'add_user') {
|
||||
require_role('admin');
|
||||
try {
|
||||
$name = $_POST['name'];
|
||||
$email = $_POST['email'];
|
||||
$password = password_hash($_POST['password'], PASSWORD_DEFAULT);
|
||||
$role_id = $_POST['role_id'];
|
||||
$active = isset($_POST['active']) ? 1 : 0;
|
||||
|
||||
$stmt = $db->prepare("INSERT INTO users (name, email, password, role_id, active) VALUES (?, ?, ?, ?, ?)");
|
||||
$stmt->execute([$name, $email, $password, $role_id, $active]);
|
||||
$_SESSION['flash_message'] = __('user_created');
|
||||
} catch (Exception $e) {
|
||||
$_SESSION['flash_message'] = "Error: " . $e->getMessage();
|
||||
}
|
||||
$redirect = true;
|
||||
} elseif ($_POST['action'] === 'edit_user') {
|
||||
require_role('admin');
|
||||
try {
|
||||
$id = $_POST['id'];
|
||||
$name = $_POST['name'];
|
||||
$email = $_POST['email'];
|
||||
$role_id = $_POST['role_id'];
|
||||
$active = isset($_POST['active']) ? 1 : 0;
|
||||
|
||||
$sql = "UPDATE users SET name = ?, email = ?, role_id = ?, active = ? WHERE id = ?";
|
||||
$params = [$name, $email, $role_id, $active, $id];
|
||||
|
||||
if (!empty($_POST['password'])) {
|
||||
$sql = "UPDATE users SET name = ?, email = ?, role_id = ?, active = ?, password = ? WHERE id = ?";
|
||||
$params = [$name, $email, $role_id, $active, password_hash($_POST['password'], PASSWORD_DEFAULT), $id];
|
||||
}
|
||||
|
||||
$stmt = $db->prepare($sql);
|
||||
$stmt->execute($params);
|
||||
$_SESSION['flash_message'] = __('user_updated');
|
||||
} catch (Exception $e) {
|
||||
$_SESSION['flash_message'] = "Error: " . $e->getMessage();
|
||||
}
|
||||
$redirect = true;
|
||||
} elseif ($_POST['action'] === 'delete_user') {
|
||||
require_role('admin');
|
||||
try {
|
||||
$id = $_POST['id'];
|
||||
if ($id == $_SESSION['user_id']) {
|
||||
throw new Exception("You cannot delete yourself.");
|
||||
}
|
||||
$stmt = $db->prepare("DELETE FROM users WHERE id = ?");
|
||||
$stmt->execute([$id]);
|
||||
$_SESSION['flash_message'] = __('user_deleted');
|
||||
} catch (Exception $e) {
|
||||
$_SESSION['flash_message'] = "Error: " . $e->getMessage();
|
||||
}
|
||||
$redirect = true;
|
||||
}
|
||||
}
|
||||
|
||||
@ -1174,4 +1228,4 @@ if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST')
|
||||
header("Location: " . $_SERVER['REQUEST_URI']);
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,54 +1,4 @@
|
||||
<?php
|
||||
// Handle Actions
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
||||
if (isset($_POST['action'])) {
|
||||
try {
|
||||
if ($_POST['action'] === 'add_user') {
|
||||
$name = $_POST['name'];
|
||||
$email = $_POST['email'];
|
||||
$password = password_hash($_POST['password'], PASSWORD_DEFAULT);
|
||||
$role_id = $_POST['role_id'];
|
||||
$active = isset($_POST['active']) ? 1 : 0;
|
||||
|
||||
$stmt = $db->prepare("INSERT INTO users (name, email, password, role_id, active) VALUES (?, ?, ?, ?, ?)");
|
||||
$stmt->execute([$name, $email, $password, $role_id, $active]);
|
||||
$_SESSION['flash_message'] = __('user_created');
|
||||
} elseif ($_POST['action'] === 'edit_user') {
|
||||
$id = $_POST['id'];
|
||||
$name = $_POST['name'];
|
||||
$email = $_POST['email'];
|
||||
$role_id = $_POST['role_id'];
|
||||
$active = isset($_POST['active']) ? 1 : 0;
|
||||
|
||||
$sql = "UPDATE users SET name = ?, email = ?, role_id = ?, active = ? WHERE id = ?";
|
||||
$params = [$name, $email, $role_id, $active, $id];
|
||||
|
||||
if (!empty($_POST['password'])) {
|
||||
$sql = "UPDATE users SET name = ?, email = ?, role_id = ?, active = ?, password = ? WHERE id = ?";
|
||||
$params = [$name, $email, $role_id, $active, password_hash($_POST['password'], PASSWORD_DEFAULT), $id];
|
||||
}
|
||||
|
||||
$stmt = $db->prepare($sql);
|
||||
$stmt->execute($params);
|
||||
$_SESSION['flash_message'] = __('user_updated');
|
||||
} elseif ($_POST['action'] === 'delete_user') {
|
||||
$id = $_POST['id'];
|
||||
// Prevent deleting self
|
||||
if ($id == $_SESSION['user_id']) {
|
||||
throw new Exception("You cannot delete yourself.");
|
||||
}
|
||||
$stmt = $db->prepare("DELETE FROM users WHERE id = ?");
|
||||
$stmt->execute([$id]);
|
||||
$_SESSION['flash_message'] = __('user_deleted');
|
||||
}
|
||||
} catch (Exception $e) {
|
||||
$_SESSION['flash_message'] = "Error: " . $e->getMessage();
|
||||
}
|
||||
header("Location: users.php");
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
// Fetch Users
|
||||
$stmt = $db->query("SELECT u.*, r.name as role_name FROM users u JOIN roles r ON u.role_id = r.id ORDER BY u.id DESC");
|
||||
$users = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user