fix(public) better structure
This commit is contained in:
Valentin
73
components/admin/main.php
Normal file
73
components/admin/main.php
Normal file
@@ -0,0 +1,73 @@
|
||||
<?php
|
||||
|
||||
if (!isset($_SESSION['is_admin']) || $_SESSION['is_admin'] !== 1) {
|
||||
header("Location: /");
|
||||
exit();
|
||||
}
|
||||
|
||||
function getUsers() {
|
||||
global $conn;
|
||||
try {
|
||||
$query = $conn->prepare("SELECT id, email, firstName, lastName FROM users");
|
||||
$query->execute();
|
||||
return $query->fetchAll(PDO::FETCH_ASSOC);
|
||||
} catch (PDOException $e) {
|
||||
return [];
|
||||
}
|
||||
}
|
||||
|
||||
$users = getUsers();
|
||||
|
||||
function updateUserDetails($userId, $email, $firstName, $lastName, $password = null) {
|
||||
global $conn;
|
||||
try {
|
||||
if ($password) {
|
||||
$query = $conn->prepare("UPDATE users SET email = ?, firstName = ?, lastName = ?, password = ? WHERE id = ?");
|
||||
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
|
||||
$query->execute([$email, $firstName, $lastName, $hashedPassword, $userId]);
|
||||
} else {
|
||||
$query = $conn->prepare("UPDATE users SET email = ?, firstName = ?, lastName = ? WHERE id = ?");
|
||||
$query->execute([$email, $firstName, $lastName, $userId]);
|
||||
}
|
||||
return true;
|
||||
} catch(PDOException $e) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['userId'])) {
|
||||
$password = !empty($_POST['password']) ? $_POST['password'] : null;
|
||||
|
||||
$success = updateUserDetails($_POST['userId'], $_POST['email'], $_POST['firstName'], $_POST['lastName'], $password);
|
||||
|
||||
if ($success) {
|
||||
$_SESSION['message'] = '<div class="alert alert-success text-center" role="alert">User updated successfully.</div>';
|
||||
} else {
|
||||
$_SESSION['message'] = '<div class="alert alert-danger text-center" role="alert">Failed to update user.</div>';
|
||||
}
|
||||
|
||||
header("Location: " . $_SERVER['REQUEST_URI']);
|
||||
exit();
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
<div class="container mt-5">
|
||||
<?php
|
||||
echo $_SESSION['message'] ?? '';
|
||||
unset($_SESSION['message']);
|
||||
?>
|
||||
<h2 class="mb-4">Administration</h2>
|
||||
<?php include 'users_list.php'; ?>
|
||||
</div>
|
||||
|
||||
<?php include 'modal.php'; ?>
|
||||
<script>
|
||||
var editUserModal = document.getElementById('editUserModal');
|
||||
editUserModal.addEventListener('show.bs.modal', function (event) {
|
||||
editUserModal.querySelector('#editUserId').value = event.relatedTarget.getAttribute('data-id');
|
||||
editUserModal.querySelector('#editEmail').value = event.relatedTarget.getAttribute('data-email');
|
||||
editUserModal.querySelector('#editFirstName').value = event.relatedTarget.getAttribute('data-firstname');
|
||||
editUserModal.querySelector('#editLastName').value = event.relatedTarget.getAttribute('data-lastname');
|
||||
});
|
||||
</script>
|
||||
33
components/admin/modal.php
Normal file
33
components/admin/modal.php
Normal file
@@ -0,0 +1,33 @@
|
||||
<div class="modal fade" id="editUserModal" tabindex="-1" aria-labelledby="editUserModalLabel" aria-hidden="true">
|
||||
<div class="modal-dialog">
|
||||
<div class="modal-content">
|
||||
<div class="modal-header">
|
||||
<h5 class="modal-title">Edititing user</h5>
|
||||
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
|
||||
</div>
|
||||
<div class="modal-body">
|
||||
<form id="editUserForm" method="POST" action="">
|
||||
<input type="hidden" name="userId" id="editUserId">
|
||||
<div class="mb-3">
|
||||
<label for="editEmail" class="form-label">Email</label>
|
||||
<input type="email" class="form-control" id="editEmail" name="email" required>
|
||||
</div>
|
||||
<div class="mb-3">
|
||||
<label for="editFirstName" class="form-label">First Name</label>
|
||||
<input type="text" class="form-control" id="editFirstName" name="firstName" required>
|
||||
</div>
|
||||
<div class="mb-3">
|
||||
<label for="editLastName" class="form-label">Last Name</label>
|
||||
<input type="text" class="form-control" id="editLastName" name="lastName" required>
|
||||
</div>
|
||||
<div class="mb-3">
|
||||
<label for="editPassword" class="form-label">Password</label>
|
||||
<input type="password" class="form-control" id="editPassword" name="password">
|
||||
<small class="form-text text-muted">Leave blank if you do not want to change the password</small>
|
||||
</div>
|
||||
<button type="submit" class="btn btn-primary">Save Changes</button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
30
components/admin/users_list.php
Normal file
30
components/admin/users_list.php
Normal file
@@ -0,0 +1,30 @@
|
||||
<table class="table table-striped">
|
||||
<thead>
|
||||
<tr>
|
||||
<th scope="col">#</th>
|
||||
<th scope="col">Email</th>
|
||||
<th scope="col">First Name</th>
|
||||
<th scope="col">Last Name</th>
|
||||
<th scope="col"></th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<?php foreach ($users as $user): ?>
|
||||
<tr>
|
||||
<th scope="row"><?php echo htmlspecialchars($user['id']); ?></th>
|
||||
<td><?php echo htmlspecialchars($user['email']); ?></td>
|
||||
<td><?php echo htmlspecialchars($user['firstName']); ?></td>
|
||||
<td><?php echo htmlspecialchars($user['lastName']); ?></td>
|
||||
<td>
|
||||
<button type="button" class="btn btn-primary" data-bs-toggle="modal" data-bs-target="#editUserModal"
|
||||
data-id="<?php echo htmlspecialchars($user['id']); ?>"
|
||||
data-email="<?php echo htmlspecialchars($user['email']); ?>"
|
||||
data-firstname="<?php echo htmlspecialchars($user['firstName']); ?>"
|
||||
data-lastname="<?php echo htmlspecialchars($user['lastName']); ?>">
|
||||
Edit
|
||||
</button>
|
||||
</td>
|
||||
</tr>
|
||||
<?php endforeach; ?>
|
||||
</tbody>
|
||||
</table>
|
||||
Reference in New Issue
Block a user