prepare("INSERT INTO users (name, email, password, role_id, active) VALUES (?, ?, ?, ?, ?)"); $stmt->execute([$name, $email, $password, $role_id, $active]); $_SESSION['flash_message'] = __('user_created'); } elseif ($_POST['action'] === 'edit_user') { $id = $_POST['id']; $name = $_POST['name']; $email = $_POST['email']; $role_id = $_POST['role_id']; $active = isset($_POST['active']) ? 1 : 0; $sql = "UPDATE users SET name = ?, email = ?, role_id = ?, active = ? WHERE id = ?"; $params = [$name, $email, $role_id, $active, $id]; if (!empty($_POST['password'])) { $sql = "UPDATE users SET name = ?, email = ?, role_id = ?, active = ?, password = ? WHERE id = ?"; $params = [$name, $email, $role_id, $active, password_hash($_POST['password'], PASSWORD_DEFAULT), $id]; } $stmt = $db->prepare($sql); $stmt->execute($params); $_SESSION['flash_message'] = __('user_updated'); } elseif ($_POST['action'] === 'delete_user') { $id = $_POST['id']; // Prevent deleting self if ($id == $_SESSION['user_id']) { throw new Exception("You cannot delete yourself."); } $stmt = $db->prepare("DELETE FROM users WHERE id = ?"); $stmt->execute([$id]); $_SESSION['flash_message'] = __('user_deleted'); } } catch (Exception $e) { $_SESSION['flash_message'] = "Error: " . $e->getMessage(); } header("Location: users.php"); exit; } } // Fetch Users $stmt = $db->query("SELECT u.*, r.name as role_name FROM users u JOIN roles r ON u.role_id = r.id ORDER BY u.id DESC"); $users = $stmt->fetchAll(PDO::FETCH_ASSOC); // Fetch Roles $stmt = $db->query("SELECT * FROM roles ORDER BY name ASC"); $roles = $stmt->fetchAll(PDO::FETCH_ASSOC); ?>

ID