Sindbad~EG File Manager
<?php
require_once '../config/config.php';
// Check if user is logged in and is superuser
if (!isLoggedIn() || !hasRole('superuser')) {
redirect('login.php');
}
$db = new Database();
$conn = $db->getConnection();
$record_id = isset($_GET['id']) ? (int)$_GET['id'] : 0;
$success_message = '';
$error_message = '';
if (!$record_id) {
redirect('admin/attendance.php');
}
// Get attendance record
$query = "SELECT ar.*, p.name as program_name
FROM attendance_records ar
JOIN programs p ON ar.program_id = p.id
WHERE ar.id = ?";
// Location restriction for admin users
if (hasRole('admin') && isset($_SESSION['location_id']) && $_SESSION['location_id']) {
$query .= " AND p.location_id = ?";
$stmt = $conn->prepare($query);
$stmt->execute([$record_id, $_SESSION['location_id']]);
} else {
$stmt = $conn->prepare($query);
$stmt->execute([$record_id]);
}
$record = $stmt->fetch();
if (!$record) {
$_SESSION['error_message'] = 'Attendance record not found.';
redirect('admin/attendance.php');
}
// Handle form submission
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (!validateCSRFToken($_POST['csrf_token'] ?? '')) {
$error_message = 'Invalid security token. Please try again.';
} else {
$full_name = sanitizeInput($_POST['full_name'] ?? '');
$email = sanitizeInput($_POST['email'] ?? '');
$telephone = sanitizeInput($_POST['telephone'] ?? '');
$district_name = sanitizeInput($_POST['district_name'] ?? '');
$assembly_name = sanitizeInput($_POST['assembly_name'] ?? '');
if (empty($full_name)) {
$error_message = 'Full name is required.';
} else {
try {
$query = "UPDATE attendance_records
SET full_name = ?, email = ?, telephone = ?, district_name = ?, assembly_name = ?
WHERE id = ?";
$stmt = $conn->prepare($query);
$stmt->execute([$full_name, $email, $telephone, $district_name, $assembly_name, $record_id]);
logActivity($_SESSION['user_id'], 'update_attendance', "Updated attendance record ID: $record_id");
$success_message = 'Attendance record updated successfully.';
// Refresh record data
$stmt = $conn->prepare("SELECT ar.*, p.name as program_name FROM attendance_records ar JOIN programs p ON ar.program_id = p.id WHERE ar.id = ?");
$stmt->execute([$record_id]);
$record = $stmt->fetch();
} catch (Exception $e) {
$error_message = 'An error occurred while updating the record.';
}
}
}
}
// Get districts and assemblies for dropdowns
$districts_query = "SELECT id, name FROM locations WHERE type = 'district' AND is_active = 1 ORDER BY name";
$districts_stmt = $conn->prepare($districts_query);
$districts_stmt->execute();
$districts = $districts_stmt->fetchAll();
$assemblies_query = "SELECT id, name FROM locations WHERE type = 'assembly' AND is_active = 1 ORDER BY name";
$assemblies_stmt = $conn->prepare($assemblies_query);
$assemblies_stmt->execute();
$assemblies = $assemblies_stmt->fetchAll();
// Parse additional data
$additional_data = [];
if ($record['additional_data'] && $record['additional_data'] !== 'null') {
$additional_data = json_decode($record['additional_data'], true) ?: [];
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Edit Attendance Record - Admin Panel</title>
<script src="https://cdn.tailwindcss.com"></script>
<script>
tailwind.config = {
theme: {
extend: {
colors: {
primary: '#3B82F6',
secondary: '#F59E0B',
accent: '#6B7280'
}
}
}
}
</script>
<link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css" rel="stylesheet">
<style>
.gradient-bg {
background: linear-gradient(135deg, #3B82F6 0%, #F59E0B 50%, #6B7280 100%);
}
</style>
</head>
<body class="bg-gray-50">
<!-- Include Sidebar -->
<?php include 'includes/sidebar.php'; ?>
<!-- Main Content -->
<div class="md:ml-64">
<!-- Header -->
<header class="bg-white shadow-sm border-b">
<div class="px-6 py-4">
<div class="flex items-center justify-between">
<div>
<h1 class="text-2xl font-bold text-gray-900">Edit Attendance Record</h1>
<p class="text-gray-600">Tracking Code: <span class="font-mono font-bold text-primary"><?php echo htmlspecialchars($record['tracking_code'] ?? 'N/A'); ?></span></p>
</div>
<a href="attendance.php" class="bg-gray-600 text-white px-4 py-2 rounded-lg hover:bg-gray-700 transition duration-300">
<i class="fas fa-arrow-left mr-2"></i>Back to List
</a>
</div>
</div>
</header>
<!-- Content -->
<main class="p-6">
<!-- Success/Error Messages -->
<?php if ($success_message): ?>
<div class="bg-green-50 border border-green-200 text-green-700 px-4 py-3 rounded-lg mb-6">
<i class="fas fa-check-circle mr-2"></i>
<?php echo $success_message; ?>
</div>
<?php endif; ?>
<?php if ($error_message): ?>
<div class="bg-red-50 border border-red-200 text-red-700 px-4 py-3 rounded-lg mb-6">
<i class="fas fa-exclamation-triangle mr-2"></i>
<?php echo $error_message; ?>
</div>
<?php endif; ?>
<div class="grid grid-cols-1 lg:grid-cols-3 gap-8">
<!-- Edit Form -->
<div class="lg:col-span-2">
<div class="bg-white rounded-lg shadow p-6">
<h2 class="text-xl font-semibold text-gray-900 mb-6">
<i class="fas fa-edit mr-2 text-primary"></i>Edit Attendance Information
</h2>
<form method="POST">
<input type="hidden" name="csrf_token" value="<?php echo generateCSRFToken(); ?>">
<div class="space-y-6">
<div>
<label for="full_name" class="block text-sm font-medium text-gray-700 mb-2">
Full Name <span class="text-red-500">*</span>
</label>
<input type="text" id="full_name" name="full_name"
value="<?php echo htmlspecialchars($record['full_name']); ?>" required
class="w-full px-3 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-primary focus:border-transparent">
</div>
<div class="grid grid-cols-1 md:grid-cols-2 gap-6">
<div>
<label for="email" class="block text-sm font-medium text-gray-700 mb-2">
Email
</label>
<input type="email" id="email" name="email"
value="<?php echo htmlspecialchars($record['email'] ?? ''); ?>"
class="w-full px-3 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-primary focus:border-transparent">
</div>
<div>
<label for="telephone" class="block text-sm font-medium text-gray-700 mb-2">
Phone
</label>
<input type="tel" id="telephone" name="telephone"
value="<?php echo htmlspecialchars($record['telephone'] ?? ''); ?>"
class="w-full px-3 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-primary focus:border-transparent">
</div>
</div>
<div class="grid grid-cols-1 md:grid-cols-2 gap-6">
<div>
<label for="district_name" class="block text-sm font-medium text-gray-700 mb-2">
District
</label>
<input type="text" id="district_name" name="district_name"
value="<?php echo htmlspecialchars($record['district_name'] ?? ''); ?>"
class="w-full px-3 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-primary focus:border-transparent">
</div>
<div>
<label for="assembly_name" class="block text-sm font-medium text-gray-700 mb-2">
Assembly
</label>
<input type="text" id="assembly_name" name="assembly_name"
value="<?php echo htmlspecialchars($record['assembly_name'] ?? ''); ?>"
class="w-full px-3 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-primary focus:border-transparent">
</div>
</div>
<div class="flex justify-end space-x-4">
<a href="attendance.php" class="px-6 py-2 border border-gray-300 text-gray-700 rounded-lg hover:bg-gray-50 transition duration-300">
Cancel
</a>
<button type="submit" class="px-6 py-2 bg-primary text-white rounded-lg hover:bg-blue-700 transition duration-300">
<i class="fas fa-save mr-2"></i>Update Record
</button>
</div>
</div>
</form>
</div>
</div>
<!-- Record Information -->
<div class="lg:col-span-1">
<div class="bg-white rounded-lg shadow p-6 mb-6">
<h3 class="text-lg font-semibold text-gray-900 mb-4">
<i class="fas fa-info-circle mr-2 text-blue-600"></i>Record Information
</h3>
<div class="space-y-3">
<div>
<label class="text-sm font-medium text-gray-500">Program</label>
<p class="text-gray-900"><?php echo htmlspecialchars($record['program_name']); ?></p>
</div>
<div>
<label class="text-sm font-medium text-gray-500">Submission Date</label>
<p class="text-gray-900"><?php echo date('F j, Y g:i A', strtotime($record['submitted_at'])); ?></p>
</div>
<?php if ($record['tracking_code']): ?>
<div>
<label class="text-sm font-medium text-gray-500">Tracking Code</label>
<p class="text-gray-900 font-mono"><?php echo htmlspecialchars($record['tracking_code']); ?></p>
</div>
<?php endif; ?>
<?php if ($record['ip_address']): ?>
<div>
<label class="text-sm font-medium text-gray-500">IP Address</label>
<p class="text-gray-900 font-mono text-sm"><?php echo htmlspecialchars($record['ip_address']); ?></p>
</div>
<?php endif; ?>
</div>
</div>
<!-- Additional Data (Read-only) -->
<?php if (!empty($additional_data)): ?>
<div class="bg-white rounded-lg shadow p-6">
<h3 class="text-lg font-semibold text-gray-900 mb-4">
<i class="fas fa-list mr-2 text-green-600"></i>Additional Information
</h3>
<div class="space-y-3">
<?php foreach ($additional_data as $key => $value): ?>
<?php if (!empty($value)): ?>
<div>
<label class="text-sm font-medium text-gray-500"><?php echo ucfirst(str_replace('_', ' ', $key)); ?></label>
<p class="text-gray-900"><?php echo htmlspecialchars($value); ?></p>
</div>
<?php endif; ?>
<?php endforeach; ?>
</div>
</div>
<?php endif; ?>
</div>
</div>
</main>
</div>
</body>
</html>
Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists