252 lines
12 KiB
PHP
252 lines
12 KiB
PHP
<?php
|
|
// Handle Actions
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
if (isset($_POST['action'])) {
|
|
try {
|
|
if ($_POST['action'] === 'add_user') {
|
|
$name = $_POST['name'];
|
|
$email = $_POST['email'];
|
|
$password = password_hash($_POST['password'], PASSWORD_DEFAULT);
|
|
$role_id = $_POST['role_id'];
|
|
$active = isset($_POST['active']) ? 1 : 0;
|
|
|
|
$stmt = $db->prepare("INSERT INTO users (name, email, password, role_id, active) VALUES (?, ?, ?, ?, ?)");
|
|
$stmt->execute([$name, $email, $password, $role_id, $active]);
|
|
$_SESSION['flash_message'] = __('user_created');
|
|
} elseif ($_POST['action'] === 'edit_user') {
|
|
$id = $_POST['id'];
|
|
$name = $_POST['name'];
|
|
$email = $_POST['email'];
|
|
$role_id = $_POST['role_id'];
|
|
$active = isset($_POST['active']) ? 1 : 0;
|
|
|
|
$sql = "UPDATE users SET name = ?, email = ?, role_id = ?, active = ? WHERE id = ?";
|
|
$params = [$name, $email, $role_id, $active, $id];
|
|
|
|
if (!empty($_POST['password'])) {
|
|
$sql = "UPDATE users SET name = ?, email = ?, role_id = ?, active = ?, password = ? WHERE id = ?";
|
|
$params = [$name, $email, $role_id, $active, password_hash($_POST['password'], PASSWORD_DEFAULT), $id];
|
|
}
|
|
|
|
$stmt = $db->prepare($sql);
|
|
$stmt->execute($params);
|
|
$_SESSION['flash_message'] = __('user_updated');
|
|
} elseif ($_POST['action'] === 'delete_user') {
|
|
$id = $_POST['id'];
|
|
// Prevent deleting self
|
|
if ($id == $_SESSION['user_id']) {
|
|
throw new Exception("You cannot delete yourself.");
|
|
}
|
|
$stmt = $db->prepare("DELETE FROM users WHERE id = ?");
|
|
$stmt->execute([$id]);
|
|
$_SESSION['flash_message'] = __('user_deleted');
|
|
}
|
|
} catch (Exception $e) {
|
|
$_SESSION['flash_message'] = "Error: " . $e->getMessage();
|
|
}
|
|
header("Location: users.php");
|
|
exit;
|
|
}
|
|
}
|
|
|
|
// Fetch Users
|
|
$stmt = $db->query("SELECT u.*, r.name as role_name FROM users u JOIN roles r ON u.role_id = r.id ORDER BY u.id DESC");
|
|
$users = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
// Fetch Roles
|
|
$stmt = $db->query("SELECT * FROM roles ORDER BY name ASC");
|
|
$roles = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
|
?>
|
|
|
|
<div class="container-fluid">
|
|
<div class="d-flex justify-content-between align-items-center mb-4">
|
|
<h2 class="fw-bold text-dark mb-0"><?php echo __('users_management'); ?></h2>
|
|
<button type="button" class="btn btn-primary" data-bs-toggle="modal" data-bs-target="#addUserModal">
|
|
<i class="bi bi-plus-lg me-1"></i> <?php echo __('add_user'); ?>
|
|
</button>
|
|
</div>
|
|
|
|
<div class="card shadow-sm">
|
|
<div class="card-body">
|
|
<div class="table-responsive">
|
|
<table class="table table-hover align-middle">
|
|
<thead class="table-light">
|
|
<tr>
|
|
<th>ID</th>
|
|
<th><?php echo __('name'); ?></th>
|
|
<th><?php echo __('email'); ?></th>
|
|
<th><?php echo __('role'); ?></th>
|
|
<th><?php echo __('status'); ?></th>
|
|
<th><?php echo __('created_at'); ?></th>
|
|
<th><?php echo __('actions'); ?></th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
<?php foreach ($users as $user): ?>
|
|
<tr>
|
|
<td><?php echo $user['id']; ?></td>
|
|
<td>
|
|
<div class="d-flex align-items-center">
|
|
<img src="https://ui-avatars.com/api/?name=<?php echo urlencode($user['name']); ?>&background=random&color=fff&size=32" class="rounded-circle me-2" width="32" height="32">
|
|
<span class="fw-medium"><?php echo htmlspecialchars($user['name']); ?></span>
|
|
</div>
|
|
</td>
|
|
<td><?php echo htmlspecialchars($user['email']); ?></td>
|
|
<td><span class="badge bg-secondary"><?php echo htmlspecialchars($user['role_name']); ?></span></td>
|
|
<td>
|
|
<?php if ($user['active']): ?>
|
|
<span class="badge bg-success"><?php echo __('active'); ?></span>
|
|
<?php else: ?>
|
|
<span class="badge bg-danger"><?php echo __('inactive'); ?></span>
|
|
<?php endif; ?>
|
|
</td>
|
|
<td><?php echo date('Y-m-d', strtotime($user['created_at'])); ?></td>
|
|
<td>
|
|
<button class="btn btn-sm btn-outline-primary me-1"
|
|
data-id="<?php echo $user['id']; ?>"
|
|
data-name="<?php echo htmlspecialchars($user['name']); ?>"
|
|
data-email="<?php echo htmlspecialchars($user['email']); ?>"
|
|
data-role="<?php echo $user['role_id']; ?>"
|
|
data-active="<?php echo $user['active']; ?>"
|
|
onclick="editUser(this)">
|
|
<i class="bi bi-pencil"></i>
|
|
</button>
|
|
<?php if ($user['id'] != $_SESSION['user_id']): ?>
|
|
<button class="btn btn-sm btn-outline-danger" onclick="deleteUser(<?php echo $user['id']; ?>)">
|
|
<i class="bi bi-trash"></i>
|
|
</button>
|
|
<?php endif; ?>
|
|
</td>
|
|
</tr>
|
|
<?php endforeach; ?>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<!-- Add User Modal -->
|
|
<div class="modal fade" id="addUserModal" tabindex="-1">
|
|
<div class="modal-dialog">
|
|
<form method="POST" class="modal-content">
|
|
<input type="hidden" name="action" value="add_user">
|
|
<div class="modal-header">
|
|
<h5 class="modal-title"><?php echo __('add_user'); ?></h5>
|
|
<button type="button" class="btn-close" data-bs-dismiss="modal"></button>
|
|
</div>
|
|
<div class="modal-body">
|
|
<div class="mb-3">
|
|
<label class="form-label"><?php echo __('name'); ?></label>
|
|
<input type="text" name="name" class="form-control" required>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label class="form-label"><?php echo __('email'); ?></label>
|
|
<input type="email" name="email" class="form-control" required>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label class="form-label"><?php echo __('password'); ?></label>
|
|
<input type="password" name="password" class="form-control" required>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label class="form-label"><?php echo __('role'); ?></label>
|
|
<select name="role_id" class="form-select" required>
|
|
<?php foreach ($roles as $role): ?>
|
|
<option value="<?php echo $role['id']; ?>"><?php echo htmlspecialchars($role['name']); ?></option>
|
|
<?php endforeach; ?>
|
|
</select>
|
|
</div>
|
|
<div class="form-check">
|
|
<input type="checkbox" name="active" class="form-check-input" id="addActive" checked>
|
|
<label class="form-check-label" for="addActive"><?php echo __('active'); ?></label>
|
|
</div>
|
|
</div>
|
|
<div class="modal-footer">
|
|
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal"><?php echo __('cancel'); ?></button>
|
|
<button type="submit" class="btn btn-primary"><?php echo __('save'); ?></button>
|
|
</div>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
|
|
<!-- Edit User Modal -->
|
|
<div class="modal fade" id="editUserModal" tabindex="-1">
|
|
<div class="modal-dialog">
|
|
<form method="POST" class="modal-content">
|
|
<input type="hidden" name="action" value="edit_user">
|
|
<input type="hidden" name="id" id="editUserId">
|
|
<div class="modal-header">
|
|
<h5 class="modal-title"><?php echo __('edit_user'); ?></h5>
|
|
<button type="button" class="btn-close" data-bs-dismiss="modal"></button>
|
|
</div>
|
|
<div class="modal-body">
|
|
<div class="mb-3">
|
|
<label class="form-label"><?php echo __('name'); ?></label>
|
|
<input type="text" name="name" id="editUserName" class="form-control" required>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label class="form-label"><?php echo __('email'); ?></label>
|
|
<input type="email" name="email" id="editUserEmail" class="form-control" required>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label class="form-label"><?php echo __('password'); ?> <small class="text-muted">(Leave blank to keep current)</small></label>
|
|
<input type="password" name="password" class="form-control">
|
|
</div>
|
|
<div class="mb-3">
|
|
<label class="form-label"><?php echo __('role'); ?></label>
|
|
<select name="role_id" id="editUserRole" class="form-select" required>
|
|
<?php foreach ($roles as $role): ?>
|
|
<option value="<?php echo $role['id']; ?>"><?php echo htmlspecialchars($role['name']); ?></option>
|
|
<?php endforeach; ?>
|
|
</select>
|
|
</div>
|
|
<div class="form-check">
|
|
<input type="checkbox" name="active" class="form-check-input" id="editUserActive">
|
|
<label class="form-check-label" for="editUserActive"><?php echo __('active'); ?></label>
|
|
</div>
|
|
</div>
|
|
<div class="modal-footer">
|
|
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal"><?php echo __('cancel'); ?></button>
|
|
<button type="submit" class="btn btn-primary"><?php echo __('save'); ?></button>
|
|
</div>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
|
|
<!-- Delete Confirmation Modal -->
|
|
<div class="modal fade" id="deleteUserModal" tabindex="-1">
|
|
<div class="modal-dialog">
|
|
<form method="POST" class="modal-content">
|
|
<input type="hidden" name="action" value="delete_user">
|
|
<input type="hidden" name="id" id="deleteUserId">
|
|
<div class="modal-header">
|
|
<h5 class="modal-title"><?php echo __('delete_user'); ?></h5>
|
|
<button type="button" class="btn-close" data-bs-dismiss="modal"></button>
|
|
</div>
|
|
<div class="modal-body">
|
|
<p><?php echo __('confirm_delete_user'); ?></p>
|
|
</div>
|
|
<div class="modal-footer">
|
|
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal"><?php echo __('cancel'); ?></button>
|
|
<button type="submit" class="btn btn-danger"><?php echo __('delete'); ?></button>
|
|
</div>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
|
|
<script>
|
|
function editUser(btn) {
|
|
document.getElementById('editUserId').value = btn.dataset.id;
|
|
document.getElementById('editUserName').value = btn.dataset.name;
|
|
document.getElementById('editUserEmail').value = btn.dataset.email;
|
|
document.getElementById('editUserRole').value = btn.dataset.role;
|
|
document.getElementById('editUserActive').checked = btn.dataset.active == 1;
|
|
|
|
new bootstrap.Modal(document.getElementById('editUserModal')).show();
|
|
}
|
|
|
|
function deleteUser(id) {
|
|
document.getElementById('deleteUserId').value = id;
|
|
new bootstrap.Modal(document.getElementById('deleteUserModal')).show();
|
|
}
|
|
</script>
|