admin/39728-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
39728-vm/users.php
Flatlogic Bot 1ac0f55ef8 update sales id
2026-04-19 09:52:55 +00:00

280 lines
14 KiB
PHP
Raw Blame History

<?php
require_once __DIR__ . '/includes/app.php';
$user = require_roles(['owner']);
$pageTitle = tr('المستخدمون والأدوار', 'Users & Roles');
$activeNav = 'users';
$flash = pull_flash();
// Handle POST actions (Create, Update, Delete)
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$action = $_POST['action'] ?? '';
if ($action === 'add') {
$username = trim($_POST['username'] ?? '');
$password = $_POST['password'] ?? '';
$name_ar = trim($_POST['name_ar'] ?? '');
$name_en = trim($_POST['name_en'] ?? '');
$role = $_POST['role'] ?? 'cashier';
$branch_code = $_POST['branch_code'] ?? 'muscat';
if ($username && $password && $name_ar) {
$hash = password_hash($password, PASSWORD_DEFAULT);
try {
$stmt = db()->prepare("INSERT INTO users (username, password, role, branch_code, name_ar, name_en) VALUES (?, ?, ?, ?, ?, ?)");
$stmt->execute([$username, $hash, $role, $branch_code, $name_ar, $name_en]);
set_flash('success', tr('تمت إضافة المستخدم بنجاح.', 'User added successfully.'));
} catch (PDOException $e) {
set_flash('error', tr('حدث خطأ، قد يكون اسم المستخدم موجوداً مسبقاً.', 'Error occurred, username might already exist.'));
}
} else {
set_flash('error', tr('يرجى تعبئة الحقول المطلوبة.', 'Please fill required fields.'));
}
redirect_to('users.php');
}
if ($action === 'edit') {
$id = (int)($_POST['id'] ?? 0);
$username = trim($_POST['username'] ?? '');
$name_ar = trim($_POST['name_ar'] ?? '');
$name_en = trim($_POST['name_en'] ?? '');
$role = $_POST['role'] ?? 'cashier';
$branch_code = $_POST['branch_code'] ?? 'muscat';
$password = $_POST['password'] ?? '';
if ($id && $username && $name_ar) {
try {
if ($password) {
$hash = password_hash($password, PASSWORD_DEFAULT);
$stmt = db()->prepare("UPDATE users SET username=?, password=?, role=?, branch_code=?, name_ar=?, name_en=? WHERE id=?");
$stmt->execute([$username, $hash, $role, $branch_code, $name_ar, $name_en, $id]);
} else {
$stmt = db()->prepare("UPDATE users SET username=?, role=?, branch_code=?, name_ar=?, name_en=? WHERE id=?");
$stmt->execute([$username, $role, $branch_code, $name_ar, $name_en, $id]);
}
set_flash('success', tr('تم تعديل المستخدم بنجاح.', 'User updated successfully.'));
} catch (PDOException $e) {
set_flash('error', tr('حدث خطأ أثناء التعديل.', 'Error occurred during update.'));
}
}
redirect_to('users.php');
}
if ($action === 'delete') {
$id = (int)($_POST['id'] ?? 0);
if ($id && $id !== $user['id']) {
$stmt = db()->prepare("DELETE FROM users WHERE id=?");
$stmt->execute([$id]);
set_flash('success', tr('تم حذف المستخدم بنجاح.', 'User deleted successfully.'));
} else {
set_flash('error', tr('لا يمكن حذف حسابك الحالي.', 'Cannot delete your own account.'));
}
redirect_to('users.php');
}
}
// Search logic
$search = $_GET['q'] ?? '';
$searchQuery = "%{$search}%";
if ($search) {
$stmt = db()->prepare("SELECT * FROM users WHERE name_ar LIKE ? OR name_en LIKE ? OR username LIKE ? ORDER BY id DESC");
$stmt->execute([$searchQuery, $searchQuery, $searchQuery]);
} else {
$stmt = db()->query("SELECT * FROM users ORDER BY id DESC");
}
$filteredAccounts = $stmt->fetchAll();
// Pagination logic
$page = max(1, (int)($_GET['p'] ?? 1));
$limit = 10;
$total = count($filteredAccounts);
$totalPages = max(1, ceil($total / $limit));
$offset = ($page - 1) * $limit;
$accounts = array_slice($filteredAccounts, $offset, $limit, true);
$availableBranches = branches();
require __DIR__ . '/includes/header.php';
?>
<section class="surface-card mb-4">
<div class="d-flex justify-content-between align-items-center mb-3">
<div>
<h3 class="h5 mb-2"><i class="bi bi-people me-2"></i><?= h(tr('الوصول حسب الدور', 'Role-based access')) ?></h3>
<p class="text-muted mb-0"><?= h(tr('إدارة المستخدمين وصلاحيات الوصول للنظام.', 'Manage users and system access permissions.')) ?></p>
</div>
<button type="button" class="btn btn-primary" onclick="openAddModal()">
<i class="bi bi-person-plus"></i> <?= h(tr('إضافة مستخدم', 'Add User')) ?>
</button>
</div>
<form class="d-flex mb-3" method="GET" action="users.php">
<div class="input-group" style="max-width: 400px;">
<input type="text" name="q" class="form-control" placeholder="<?= h(tr('بحث...', 'Search...')) ?>" value="<?= h($search) ?>">
<button class="btn btn-outline-secondary" type="submit"><i class="bi bi-search"></i></button>
</div>
</form>
<?php if ($flash): ?>
<div class="alert alert-<?= h($flash['type'] === 'error' ? 'danger' : $flash['type']) ?> alert-dismissible fade show mt-3" role="alert">
<?= h($flash['message']) ?>
<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
</div>
<?php endif; ?>
</section>
<section class="surface-card">
<div class="table-responsive shadow-sm" style="border-radius: 12px; overflow: hidden; border: 1px solid rgba(0,0,0,0.05);">
<table class="table table-hover align-middle mb-0 text-center" style="background-color: #fff;">
<thead style="background: linear-gradient(90deg, #0d6efd, #0dcaf0);">
<tr>
<th class="text-white border-0 py-3 fw-semibold bg-transparent"><?= h(tr('المستخدم', 'User')) ?></th>
<th class="text-white border-0 py-3 fw-semibold bg-transparent"><?= h(tr('الدور', 'Role')) ?></th>
<th class="text-white border-0 py-3 fw-semibold bg-transparent"><?= h(tr('الفرع', 'Branch')) ?></th>
<th class="text-white border-0 py-3 fw-semibold bg-transparent">POS</th>
<th class="text-white border-0 py-3 fw-semibold bg-transparent"><?= h(tr('تقارير', 'Reports')) ?></th>
<th class="text-white border-0 py-3 fw-semibold bg-transparent"><?= h(tr('مستخدمون', 'Users')) ?></th>
<th class="text-white border-0 py-3 fw-semibold bg-transparent"><?= h(tr('إجراءات', 'Actions')) ?></th>
</tr>
</thead>
<tbody class="border-top-0">
<?php if(empty($accounts)): ?>
<tr><td colspan="7" class="text-center text-muted py-4"><?= h(tr('لا توجد بيانات', 'No data found')) ?></td></tr>
<?php endif; ?>
<?php foreach ($accounts as $account): ?>
<tr>
<td>
<div class="fw-semibold"><?= h(current_lang() === 'ar' ? $account['name_ar'] : $account['name_en']) ?></div>
<div class="small text-muted"><?= h($account['username']) ?></div>
</td>
<td><?= h(role_label($account['role'])) ?></td>
<td><?= h(branch_label($account['branch_code'])) ?></td>
<td><span class="badge text-bg-light border"><?= h(tr('نعم', 'Yes')) ?></span></td>
<td><span class="badge <?= in_array($account['role'], ['owner', 'manager'], true) ? 'text-bg-light border' : 'text-bg-secondary' ?>"><?= h(in_array($account['role'], ['owner', 'manager'], true) ? tr('نعم', 'Yes') : tr('لا', 'No')) ?></span></td>
<td><span class="badge <?= $account['role'] === 'owner' ? 'text-bg-light border' : 'text-bg-secondary' ?>"><?= h($account['role'] === 'owner' ? tr('نعم', 'Yes') : tr('لا', 'No')) ?></span></td>
<td>
<button class="btn btn-sm btn-outline-primary rounded-circle shadow-sm" style="width: 34px; height: 34px; padding: 0;"
onclick='openEditModal(<?= json_encode($account) ?>)' title="<?= h(tr('تعديل', 'Edit')) ?>">
<i class="bi bi-pencil"></i>
</button>
<?php if ($account['id'] !== $user['id']): ?>
<form method="POST" class="d-inline" onsubmit="return confirm('<?= h(tr('هل أنت متأكد؟', 'Are you sure?')) ?>');">
<input type="hidden" name="action" value="delete">
<input type="hidden" name="id" value="<?= h($account['id']) ?>">
<button type="submit" class="btn btn-sm btn-outline-danger rounded-circle shadow-sm ms-1" style="width: 34px; height: 34px; padding: 0;" title="<?= h(tr('حذف', 'Delete')) ?>">
<i class="bi bi-trash"></i>
</button>
</form>
<?php endif; ?>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
<?php if ($totalPages > 1): ?>
<nav class="mt-4">
<ul class="pagination justify-content-center mb-0">
<?php for($i=1; $i<=$totalPages; $i++): ?>
<li class="page-item <?= $i === $page ? 'active' : '' ?>">
<a class="page-link" href="<?= h(url_for('users.php', ['p' => $i, 'q' => $search])) ?>"><?= $i ?></a>
</li>
<?php endfor; ?>
</ul>
</nav>
<?php endif; ?>
</section>
<!-- User Modal -->
<div class="modal fade" id="userModal" tabindex="-1" aria-labelledby="userModalLabel" aria-hidden="true">
<div class="modal-dialog modal-lg">
<div class="modal-content">
<form id="userForm" method="POST" action="users.php">
<input type="hidden" name="action" id="userAction" value="add">
<input type="hidden" name="id" id="userId" value="">
<div class="modal-header">
<h5 class="modal-title" id="userModalLabel"><?= h(tr('إضافة مستخدم جديد', 'Add New User')) ?></h5>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<div class="modal-body">
<div class="row">
<div class="col-md-6 mb-3">
<label for="userNameAr" class="form-label"><?= h(tr('الاسم (عربي)', 'Name (AR)')) ?></label>
<input type="text" class="form-control" id="userNameAr" name="name_ar" required>
</div>
<div class="col-md-6 mb-3">
<label for="userNameEn" class="form-label"><?= h(tr('الاسم (إنجليزي)', 'Name (EN)')) ?></label>
<input type="text" class="form-control" id="userNameEn" name="name_en">
</div>
<div class="col-md-6 mb-3">
<label for="username" class="form-label"><?= h(tr('اسم المستخدم للدخول', 'Login Username')) ?></label>
<input type="text" class="form-control" id="username" name="username" required autocomplete="new-username">
</div>
<div class="col-md-6 mb-3">
<label for="password" class="form-label"><?= h(tr('كلمة المرور', 'Password')) ?> <small class="text-muted" id="passwordHelp"></small></label>
<input type="password" class="form-control" id="password" name="password" autocomplete="new-password">
</div>
<div class="col-md-6 mb-3">
<label for="userRole" class="form-label"><?= h(tr('الدور', 'Role')) ?></label>
<select class="form-select" id="userRole" name="role" required>
<option value="cashier"><?= h(tr('كاشير', 'Cashier')) ?></option>
<option value="manager"><?= h(tr('مدير فرع', 'Branch Manager')) ?></option>
<option value="owner"><?= h(tr('مالك', 'Owner')) ?></option>
</select>
</div>
<div class="col-md-6 mb-3">
<label for="userBranch" class="form-label"><?= h(tr('الفرع', 'Branch')) ?></label>
<select class="form-select" id="userBranch" name="branch_code" required>
<?php foreach ($availableBranches as $code => $b): ?>
<option value="<?= h($code) ?>"><?= h(current_lang() === 'ar' ? $b['name_ar'] : $b['name_en']) ?></option>
<?php endforeach; ?>
</select>
</div>
</div>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal"><?= h(tr('إلغاء', 'Cancel')) ?></button>
<button type="submit" class="btn btn-primary"><?= h(tr('حفظ', 'Save')) ?></button>
</div>
</form>
</div>
</div>
</div>
<script>
const userModal = new bootstrap.Modal(document.getElementById('userModal'));
function openAddModal() {
document.getElementById('userAction').value = 'add';
document.getElementById('userId').value = '';
document.getElementById('userForm').reset();
document.getElementById('userModalLabel').innerText = '<?= h(tr('إضافة مستخدم جديد', 'Add New User')) ?>';
document.getElementById('password').required = true;
document.getElementById('passwordHelp').innerText = '';
userModal.show();
}
function openEditModal(account) {
document.getElementById('userAction').value = 'edit';
document.getElementById('userId').value = account.id;
document.getElementById('userNameAr').value = account.name_ar;
document.getElementById('userNameEn').value = account.name_en;
document.getElementById('username').value = account.username;
document.getElementById('userRole').value = account.role;
document.getElementById('userBranch').value = account.branch_code;
document.getElementById('password').required = false;
document.getElementById('password').value = '';
document.getElementById('passwordHelp').innerText = '(<?= h(tr('اتركه فارغاً لعدم التغيير', 'Leave blank to keep unchanged')) ?>)';
document.getElementById('userModalLabel').innerText = '<?= h(tr('تعديل مستخدم', 'Edit User')) ?>';
userModal.show();
}
</script>
<?php require __DIR__ . '/includes/footer.php'; ?>
Reference in New Issue View Git Blame Copy Permalink