Sindbad~EG File Manager
<?php
require_once '../config/config.php';
// Check if user is logged in
if (!isLoggedIn()) {
redirect('login.php');
}
$db = new Database();
$conn = $db->getConnection();
$success_message = '';
$error_message = '';
// Handle form submissions
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (!validateCSRFToken($_POST['csrf_token'] ?? '')) {
$error_message = 'Invalid security token. Please try again.';
} else {
$action = $_POST['action'] ?? '';
if ($action === 'create' || $action === 'update') {
$name = sanitizeInput($_POST['name'] ?? '');
$description = sanitizeInput($_POST['description'] ?? '');
$start_date = $_POST['start_date'] ?? null;
$end_date = $_POST['end_date'] ?? null;
$location_id = $_POST['location_id'] ?? null;
$is_active = isset($_POST['is_active']) ? 1 : 0;
if (empty($name)) {
$error_message = 'Program name is required.';
} else {
try {
if ($action === 'create') {
$query = "INSERT INTO programs (name, description, start_date, end_date, location_id, is_active, created_by)
VALUES (?, ?, ?, ?, ?, ?, ?)";
$stmt = $conn->prepare($query);
$stmt->execute([$name, $description, $start_date ?: null, $end_date ?: null, $location_id ?: null, $is_active, $_SESSION['user_id']]);
logActivity($_SESSION['user_id'], 'create_program', "Created program: $name");
$success_message = 'Program created successfully.';
} else {
$program_id = (int)$_POST['program_id'];
$query = "UPDATE programs SET name = ?, description = ?, start_date = ?, end_date = ?, location_id = ?, is_active = ?
WHERE id = ?";
$params = [$name, $description, $start_date ?: null, $end_date ?: null, $location_id ?: null, $is_active, $program_id];
// Add location restriction for admin users
if (hasRole('admin') && isset($_SESSION['location_id']) && $_SESSION['location_id']) {
$query .= " AND location_id = ?";
$params[] = $_SESSION['location_id'];
}
$stmt = $conn->prepare($query);
$stmt->execute($params);
logActivity($_SESSION['user_id'], 'update_program', "Updated program: $name");
$success_message = 'Program updated successfully.';
}
} catch (Exception $e) {
$error_message = 'An error occurred while saving the program.';
}
}
} elseif ($action === 'delete' && hasRole('superuser')) {
$program_id = (int)$_POST['program_id'];
try {
$query = "DELETE FROM programs WHERE id = ?";
$stmt = $conn->prepare($query);
$stmt->execute([$program_id]);
logActivity($_SESSION['user_id'], 'delete_program', "Deleted program ID: $program_id");
$success_message = 'Program deleted successfully.';
} catch (Exception $e) {
$error_message = 'Cannot delete program. It may have associated attendance records.';
}
}
}
}
// Get programs with location restriction for admin users
$query = "SELECT p.*, l.name as location_name, u.full_name as created_by_name,
COUNT(ar.id) as attendance_count
FROM programs p
LEFT JOIN locations l ON p.location_id = l.id
LEFT JOIN users u ON p.created_by = u.id
LEFT JOIN attendance_records ar ON p.id = ar.program_id
WHERE 1=1";
$params = [];
if (hasRole('admin') && isset($_SESSION['location_id']) && $_SESSION['location_id']) {
$query .= " AND p.location_id = ?";
$params[] = $_SESSION['location_id'];
}
$query .= " GROUP BY p.id ORDER BY p.created_at DESC";
$stmt = $conn->prepare($query);
$stmt->execute($params);
$programs = $stmt->fetchAll();
// Get locations for dropdown
$location_query = "SELECT id, name, type FROM locations WHERE is_active = 1";
if (hasRole('admin') && isset($_SESSION['location_id']) && $_SESSION['location_id']) {
$location_query .= " AND id = ?";
$location_stmt = $conn->prepare($location_query);
$location_stmt->execute([$_SESSION['location_id']]);
} else {
$location_stmt = $conn->prepare($location_query);
$location_stmt->execute();
}
$locations = $location_stmt->fetchAll();
// Get program for editing
$edit_program = null;
if (isset($_GET['edit'])) {
$edit_id = (int)$_GET['edit'];
$edit_query = "SELECT * FROM programs WHERE id = ?";
if (hasRole('admin') && isset($_SESSION['location_id']) && $_SESSION['location_id']) {
$edit_query .= " AND location_id = ?";
$edit_stmt = $conn->prepare($edit_query);
$edit_stmt->execute([$edit_id, $_SESSION['location_id']]);
} else {
$edit_stmt = $conn->prepare($edit_query);
$edit_stmt->execute([$edit_id]);
}
$edit_program = $edit_stmt->fetch();
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Programs - Admin Panel</title>
<script src="https://cdn.tailwindcss.com"></script>
<script>
tailwind.config = {
theme: {
extend: {
colors: {
primary: '#3B82F6',
secondary: '#F59E0B',
accent: '#6B7280'
}
}
}
}
</script>
<link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css" rel="stylesheet">
<style>
.gradient-bg {
background: linear-gradient(135deg, #3B82F6 0%, #F59E0B 50%, #6B7280 100%);
}
</style>
</head>
<body class="bg-gray-50">
<!-- Include Sidebar -->
<?php include 'includes/sidebar.php'; ?>
<!-- Main Content -->
<div class="md:ml-64">
<!-- Header -->
<header class="bg-white shadow-sm border-b">
<div class="px-6 py-4">
<div class="flex items-center justify-between">
<h1 class="text-2xl font-bold text-gray-900">Program Management</h1>
<button onclick="showCreateModal()" class="bg-primary text-white px-4 py-2 rounded-lg hover:bg-blue-700 transition duration-300">
<i class="fas fa-plus mr-2"></i>
Create Program
</button>
</div>
</div>
</header>
<!-- Content -->
<main class="p-6">
<!-- Success/Error Messages -->
<?php if ($success_message): ?>
<div class="bg-green-100 border border-green-400 text-green-700 px-4 py-3 rounded mb-6">
<div class="flex items-center">
<i class="fas fa-check-circle mr-2"></i>
<span><?php echo $success_message; ?></span>
</div>
</div>
<?php endif; ?>
<?php if ($error_message): ?>
<div class="bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded mb-6">
<div class="flex items-center">
<i class="fas fa-exclamation-circle mr-2"></i>
<span><?php echo $error_message; ?></span>
</div>
</div>
<?php endif; ?>
<!-- Programs Grid -->
<div class="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 gap-6">
<?php foreach ($programs as $program): ?>
<div class="bg-white rounded-lg shadow overflow-hidden">
<div class="<?php echo $program['is_active'] ? 'gradient-bg' : 'bg-gray-400'; ?> p-4">
<div class="flex items-center justify-between">
<h3 class="text-lg font-bold text-white">
<?php echo htmlspecialchars($program['name']); ?>
</h3>
<div class="flex space-x-2">
<button onclick="editProgram(<?php echo $program['id']; ?>)"
class="text-white hover:text-yellow-200">
<i class="fas fa-edit"></i>
</button>
<?php if (hasRole('superuser')): ?>
<button onclick="deleteProgram(<?php echo $program['id']; ?>)"
class="text-white hover:text-red-200">
<i class="fas fa-trash"></i>
</button>
<?php endif; ?>
</div>
</div>
<p class="text-white/80 text-sm mt-1">
<i class="fas fa-map-marker-alt mr-1"></i>
<?php echo htmlspecialchars($program['location_name'] ?? 'All Locations'); ?>
</p>
</div>
<div class="p-4">
<?php if ($program['description']): ?>
<p class="text-gray-600 mb-3"><?php echo htmlspecialchars($program['description']); ?></p>
<?php endif; ?>
<div class="space-y-2 text-sm text-gray-500">
<?php if ($program['start_date']): ?>
<div class="flex items-center">
<i class="fas fa-calendar mr-2"></i>
<span>Start: <?php echo date('M j, Y', strtotime($program['start_date'])); ?></span>
</div>
<?php endif; ?>
<?php if ($program['end_date']): ?>
<div class="flex items-center">
<i class="fas fa-calendar-check mr-2"></i>
<span>End: <?php echo date('M j, Y', strtotime($program['end_date'])); ?></span>
</div>
<?php endif; ?>
<div class="flex items-center">
<i class="fas fa-users mr-2"></i>
<span><?php echo number_format($program['attendance_count']); ?> attendees</span>
</div>
<div class="flex items-center">
<i class="fas fa-user mr-2"></i>
<span>Created by: <?php echo htmlspecialchars($program['created_by_name'] ?? 'Unknown'); ?></span>
</div>
</div>
<div class="mt-4 pt-4 border-t">
<div class="flex items-center justify-between">
<span class="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium <?php echo $program['is_active'] ? 'bg-green-100 text-green-800' : 'bg-gray-100 text-gray-800'; ?>">
<?php echo $program['is_active'] ? 'Active' : 'Inactive'; ?>
</span>
<a href="attendance.php?program=<?php echo $program['id']; ?>"
class="text-primary hover:text-blue-700 text-sm font-medium">
View Attendance <i class="fas fa-arrow-right ml-1"></i>
</a>
</div>
</div>
</div>
</div>
<?php endforeach; ?>
<?php if (empty($programs)): ?>
<div class="col-span-full text-center py-12">
<i class="fas fa-calendar text-6xl text-gray-400 mb-4"></i>
<h3 class="text-xl font-semibold text-gray-700 mb-2">No Programs Found</h3>
<p class="text-gray-500 mb-4">Get started by creating your first program.</p>
<button onclick="showCreateModal()" class="bg-primary text-white px-6 py-2 rounded-lg hover:bg-blue-700 transition duration-300">
<i class="fas fa-plus mr-2"></i>
Create Program
</button>
</div>
<?php endif; ?>
</div>
</main>
</div>
<!-- Create/Edit Program Modal -->
<div id="programModal" class="fixed inset-0 bg-gray-600 bg-opacity-50 hidden items-center justify-center z-50">
<div class="bg-white rounded-lg p-6 max-w-md w-full mx-4">
<div class="flex items-center justify-between mb-4">
<h3 id="modalTitle" class="text-lg font-semibold text-gray-900">Create Program</h3>
<button onclick="closeModal()" class="text-gray-400 hover:text-gray-600">
<i class="fas fa-times"></i>
</button>
</div>
<form method="POST" id="programForm">
<input type="hidden" name="csrf_token" value="<?php echo generateCSRFToken(); ?>">
<input type="hidden" name="action" id="formAction" value="create">
<input type="hidden" name="program_id" id="programId">
<div class="space-y-4">
<div>
<label for="name" class="block text-sm font-medium text-gray-700 mb-2">
Program Name <span class="text-red-500">*</span>
</label>
<input type="text" id="name" name="name" required
class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-primary focus:border-transparent">
</div>
<div>
<label for="description" class="block text-sm font-medium text-gray-700 mb-2">
Description
</label>
<textarea id="description" name="description" rows="3"
class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-primary focus:border-transparent"></textarea>
</div>
<div>
<label for="location_id" class="block text-sm font-medium text-gray-700 mb-2">
Location
</label>
<select id="location_id" name="location_id"
class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-primary focus:border-transparent">
<option value="">All Locations</option>
<?php foreach ($locations as $location): ?>
<option value="<?php echo $location['id']; ?>">
<?php echo htmlspecialchars($location['name']) . ' (' . ucfirst($location['type']) . ')'; ?>
</option>
<?php endforeach; ?>
</select>
</div>
<div class="grid grid-cols-2 gap-4">
<div>
<label for="start_date" class="block text-sm font-medium text-gray-700 mb-2">
Start Date
</label>
<input type="date" id="start_date" name="start_date"
class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-primary focus:border-transparent">
</div>
<div>
<label for="end_date" class="block text-sm font-medium text-gray-700 mb-2">
End Date
</label>
<input type="date" id="end_date" name="end_date"
class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-primary focus:border-transparent">
</div>
</div>
<div class="flex items-center">
<input type="checkbox" id="is_active" name="is_active" checked
class="h-4 w-4 text-primary focus:ring-primary border-gray-300 rounded">
<label for="is_active" class="ml-2 block text-sm text-gray-700">
Active (visible to users)
</label>
</div>
</div>
<div class="flex justify-end space-x-4 mt-6">
<button type="button" onclick="closeModal()"
class="px-4 py-2 text-gray-600 hover:text-gray-800">
Cancel
</button>
<button type="submit"
class="px-4 py-2 bg-primary text-white rounded hover:bg-blue-700">
<span id="submitText">Create Program</span>
</button>
</div>
</form>
</div>
</div>
<!-- Delete Confirmation Modal -->
<div id="deleteModal" class="fixed inset-0 bg-gray-600 bg-opacity-50 hidden items-center justify-center z-50">
<div class="bg-white rounded-lg p-6 max-w-sm mx-auto">
<h3 class="text-lg font-semibold text-gray-900 mb-4">Confirm Delete</h3>
<p class="text-gray-600 mb-6">Are you sure you want to delete this program? This action cannot be undone.</p>
<div class="flex justify-end space-x-4">
<button onclick="closeDeleteModal()" class="px-4 py-2 text-gray-600 hover:text-gray-800">
Cancel
</button>
<form method="POST" id="deleteForm" class="inline">
<input type="hidden" name="csrf_token" value="<?php echo generateCSRFToken(); ?>">
<input type="hidden" name="action" value="delete">
<input type="hidden" name="program_id" id="deleteId">
<button type="submit" class="px-4 py-2 bg-red-600 text-white rounded hover:bg-red-700">
Delete
</button>
</form>
</div>
</div>
</div>
<script>
function showCreateModal() {
document.getElementById('modalTitle').textContent = 'Create Program';
document.getElementById('formAction').value = 'create';
document.getElementById('submitText').textContent = 'Create Program';
document.getElementById('programForm').reset();
document.getElementById('is_active').checked = true;
document.getElementById('programModal').classList.remove('hidden');
document.getElementById('programModal').classList.add('flex');
}
function editProgram(id) {
// Fetch program data and populate form
fetch(`get_program.php?id=${id}`)
.then(response => response.json())
.then(data => {
if (data.success) {
document.getElementById('modalTitle').textContent = 'Edit Program';
document.getElementById('formAction').value = 'update';
document.getElementById('submitText').textContent = 'Update Program';
document.getElementById('programId').value = data.program.id;
document.getElementById('name').value = data.program.name;
document.getElementById('description').value = data.program.description || '';
document.getElementById('location_id').value = data.program.location_id || '';
document.getElementById('start_date').value = data.program.start_date || '';
document.getElementById('end_date').value = data.program.end_date || '';
document.getElementById('is_active').checked = data.program.is_active == 1;
document.getElementById('programModal').classList.remove('hidden');
document.getElementById('programModal').classList.add('flex');
}
})
.catch(error => {
alert('Error loading program data');
});
}
function deleteProgram(id) {
document.getElementById('deleteId').value = id;
document.getElementById('deleteModal').classList.remove('hidden');
document.getElementById('deleteModal').classList.add('flex');
}
function closeModal() {
document.getElementById('programModal').classList.add('hidden');
document.getElementById('programModal').classList.remove('flex');
}
function closeDeleteModal() {
document.getElementById('deleteModal').classList.add('hidden');
document.getElementById('deleteModal').classList.remove('flex');
}
// Close modals when clicking outside
document.getElementById('programModal').addEventListener('click', function(e) {
if (e.target === this) closeModal();
});
document.getElementById('deleteModal').addEventListener('click', function(e) {
if (e.target === this) closeDeleteModal();
});
<?php if ($edit_program): ?>
// Auto-open edit modal if edit parameter is present
document.addEventListener('DOMContentLoaded', function() {
const program = <?php echo json_encode($edit_program); ?>;
document.getElementById('modalTitle').textContent = 'Edit Program';
document.getElementById('formAction').value = 'update';
document.getElementById('submitText').textContent = 'Update Program';
document.getElementById('programId').value = program.id;
document.getElementById('name').value = program.name;
document.getElementById('description').value = program.description || '';
document.getElementById('location_id').value = program.location_id || '';
document.getElementById('start_date').value = program.start_date || '';
document.getElementById('end_date').value = program.end_date || '';
document.getElementById('is_active').checked = program.is_active == 1;
document.getElementById('programModal').classList.remove('hidden');
document.getElementById('programModal').classList.add('flex');
});
<?php endif; ?>
</script>
</body>
</html>
Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists