admin/38960-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update users

Browse Source
This commit is contained in:
Flatlogic Bot 2026-03-23 06:09:04 +00:00
parent 3ca5cde9e3
commit 9667cec7e6
2 changed files with 56 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
includes/actions.php
View File

@ -1082,7 +1082,7 @@ if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST')
$active = isset($_POST['active']) ? 1 : 0; $active = isset($_POST['active']) ? 1 : 0;
if ($id && $text_en && $text_ar) { if ($id && $text_en && $text_ar) {
$stmt = $db->prepare("UPDATE queue_ads SET text_en = ?, text_ar = ?, active = ? WHERE id = ?"); $stmt = $db->prepare("UPDATE queue_ads SET text_en = ?, text_ar, active = ? WHERE id = ?");
$stmt->execute([$text_en, $text_ar, $active, $id]); $stmt->execute([$text_en, $text_ar, $active, $id]);
$_SESSION['flash_message'] = __('edit_ad') . ' ' . __('successfully'); $_SESSION['flash_message'] = __('edit_ad') . ' ' . __('successfully');
$redirect = true; $redirect = true;
@ -1167,6 +1167,60 @@ if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST')
$_SESSION['flash_message'] = __('transaction_deleted_success'); $_SESSION['flash_message'] = __('transaction_deleted_success');
$redirect = true; $redirect = true;
} }
} elseif ($_POST['action'] === 'add_user') {
require_role('admin');
try {
$name = $_POST['name'];
$email = $_POST['email'];
$password = password_hash($_POST['password'], PASSWORD_DEFAULT);
$role_id = $_POST['role_id'];
$active = isset($_POST['active']) ? 1 : 0;
$stmt = $db->prepare("INSERT INTO users (name, email, password, role_id, active) VALUES (?, ?, ?, ?, ?)");
$stmt->execute([$name, $email, $password, $role_id, $active]);
$_SESSION['flash_message'] = __('user_created');
} catch (Exception $e) {
$_SESSION['flash_message'] = "Error: " . $e->getMessage();
}
$redirect = true;
} elseif ($_POST['action'] === 'edit_user') {
require_role('admin');
try {
$id = $_POST['id'];
$name = $_POST['name'];
$email = $_POST['email'];
$role_id = $_POST['role_id'];
$active = isset($_POST['active']) ? 1 : 0;
$sql = "UPDATE users SET name = ?, email = ?, role_id = ?, active = ? WHERE id = ?";
$params = [$name, $email, $role_id, $active, $id];
if (!empty($_POST['password'])) {
$sql = "UPDATE users SET name = ?, email = ?, role_id = ?, active = ?, password = ? WHERE id = ?";
$params = [$name, $email, $role_id, $active, password_hash($_POST['password'], PASSWORD_DEFAULT), $id];
}
$stmt = $db->prepare($sql);
$stmt->execute($params);
$_SESSION['flash_message'] = __('user_updated');
} catch (Exception $e) {
$_SESSION['flash_message'] = "Error: " . $e->getMessage();
}
$redirect = true;
} elseif ($_POST['action'] === 'delete_user') {
require_role('admin');
try {
$id = $_POST['id'];
if ($id == $_SESSION['user_id']) {
throw new Exception("You cannot delete yourself.");
}
$stmt = $db->prepare("DELETE FROM users WHERE id = ?");
$stmt->execute([$id]);
$_SESSION['flash_message'] = __('user_deleted');
} catch (Exception $e) {
$_SESSION['flash_message'] = "Error: " . $e->getMessage();
}
$redirect = true;
} }
} }

50
includes/pages/users.php
View File

@ -1,54 +1,4 @@
<?php <?php
// Handle Actions
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($_POST['action'])) {
try {
if ($_POST['action'] === 'add_user') {
$name = $_POST['name'];
$email = $_POST['email'];
$password = password_hash($_POST['password'], PASSWORD_DEFAULT);
$role_id = $_POST['role_id'];
$active = isset($_POST['active']) ? 1 : 0;
$stmt = $db->prepare("INSERT INTO users (name, email, password, role_id, active) VALUES (?, ?, ?, ?, ?)");
$stmt->execute([$name, $email, $password, $role_id, $active]);
$_SESSION['flash_message'] = __('user_created');
} elseif ($_POST['action'] === 'edit_user') {
$id = $_POST['id'];
$name = $_POST['name'];
$email = $_POST['email'];
$role_id = $_POST['role_id'];
$active = isset($_POST['active']) ? 1 : 0;
$sql = "UPDATE users SET name = ?, email = ?, role_id = ?, active = ? WHERE id = ?";
$params = [$name, $email, $role_id, $active, $id];
if (!empty($_POST['password'])) {
$sql = "UPDATE users SET name = ?, email = ?, role_id = ?, active = ?, password = ? WHERE id = ?";
$params = [$name, $email, $role_id, $active, password_hash($_POST['password'], PASSWORD_DEFAULT), $id];
}
$stmt = $db->prepare($sql);
$stmt->execute($params);
$_SESSION['flash_message'] = __('user_updated');
} elseif ($_POST['action'] === 'delete_user') {
$id = $_POST['id'];
// Prevent deleting self
if ($id == $_SESSION['user_id']) {
throw new Exception("You cannot delete yourself.");
}
$stmt = $db->prepare("DELETE FROM users WHERE id = ?");
$stmt->execute([$id]);
$_SESSION['flash_message'] = __('user_deleted');
}
} catch (Exception $e) {
$_SESSION['flash_message'] = "Error: " . $e->getMessage();
}
header("Location: users.php");
exit;
}
}
// Fetch Users // Fetch Users
$stmt = $db->query("SELECT u.*, r.name as role_name FROM users u JOIN roles r ON u.role_id = r.id ORDER BY u.id DESC"); $stmt = $db->query("SELECT u.*, r.name as role_name FROM users u JOIN roles r ON u.role_id = r.id ORDER BY u.id DESC");
$users = $stmt->fetchAll(PDO::FETCH_ASSOC); $users = $stmt->fetchAll(PDO::FETCH_ASSOC);