Sindbad~EG File Manager
<?php
require_once '../config/config.php';
// Check if user is logged in and has admin privileges
if (!isLoggedIn() || (!hasRole('admin') && !hasRole('superuser'))) {
redirect('login.php');
}
$db = new Database();
$conn = $db->getConnection();
$success_message = '';
$error_message = '';
// Handle form submissions
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (!validateCSRFToken($_POST['csrf_token'] ?? '')) {
$error_message = 'Invalid security token. Please try again.';
} else {
$action = $_POST['action'] ?? '';
if ($action === 'generate') {
// Generate new special code
$description = sanitizeInput($_POST['description'] ?? '');
$expires_at = !empty($_POST['expires_at']) ? $_POST['expires_at'] : null;
$max_usage = !empty($_POST['max_usage']) ? (int)$_POST['max_usage'] : null;
// Generate unique code
do {
$code = strtoupper(substr(str_shuffle('ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'), 0, 8));
$check_query = "SELECT id FROM special_codes WHERE code = ?";
$check_stmt = $conn->prepare($check_query);
$check_stmt->execute([$code]);
} while ($check_stmt->fetch());
// Insert new code
$insert_query = "INSERT INTO special_codes (code, description, created_by, expires_at, max_usage) VALUES (?, ?, ?, ?, ?)";
$insert_stmt = $conn->prepare($insert_query);
if ($insert_stmt->execute([$code, $description, $_SESSION['user_id'], $expires_at, $max_usage])) {
$success_message = "Special code '$code' generated successfully!";
// Log activity
logActivity($_SESSION['user_id'], 'special_code_generated', "Generated special code: $code");
} else {
$error_message = 'Failed to generate special code. Please try again.';
}
} elseif ($action === 'toggle') {
// Toggle code status
$code_id = (int)$_POST['code_id'];
$new_status = $_POST['status'] === '1' ? 0 : 1;
$update_query = "UPDATE special_codes SET is_active = ? WHERE id = ?";
$update_stmt = $conn->prepare($update_query);
if ($update_stmt->execute([$new_status, $code_id])) {
$success_message = 'Code status updated successfully!';
// Log activity
$status_text = $new_status ? 'activated' : 'deactivated';
logActivity($_SESSION['user_id'], 'special_code_updated', "Special code $status_text (ID: $code_id)");
} else {
$error_message = 'Failed to update code status.';
}
} elseif ($action === 'delete') {
// Delete code
$code_id = (int)$_POST['code_id'];
$delete_query = "DELETE FROM special_codes WHERE id = ?";
$delete_stmt = $conn->prepare($delete_query);
if ($delete_stmt->execute([$code_id])) {
$success_message = 'Special code deleted successfully!';
// Log activity
logActivity($_SESSION['user_id'], 'special_code_deleted', "Deleted special code (ID: $code_id)");
} else {
$error_message = 'Failed to delete special code.';
}
}
}
}
// Get all special codes
$query = "SELECT sc.*, u.full_name as created_by_name
FROM special_codes sc
JOIN users u ON sc.created_by = u.id
ORDER BY sc.created_at DESC";
$stmt = $conn->prepare($query);
$stmt->execute();
$special_codes = $stmt->fetchAll();
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Special Codes - Admin Panel</title>
<script src="https://cdn.tailwindcss.com"></script>
<link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css" rel="stylesheet">
<style>
.gradient-bg {
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
}
</style>
</head>
<body class="bg-gray-100">
<div class="flex h-screen">
<!-- Sidebar -->
<?php include 'includes/sidebar.php'; ?>
<!-- Main Content -->
<div class="flex-1 flex flex-col overflow-hidden">
<!-- Header -->
<header class="bg-white shadow-sm border-b border-gray-200">
<div class="max-w-7xl mx-auto py-4 px-4 sm:px-6 lg:px-8">
<div class="flex items-center justify-between">
<h1 class="text-2xl font-bold text-gray-900">
<i class="fas fa-key mr-2 text-blue-600"></i>Special Codes Management
</h1>
<div class="text-sm text-gray-500">
Generate access codes for special attendance reports
</div>
</div>
</div>
</header>
<!-- Main Content Area -->
<main class="flex-1 overflow-x-hidden overflow-y-auto bg-gray-100 p-6">
<div class="max-w-7xl mx-auto">
<!-- Success/Error Messages -->
<?php if ($success_message): ?>
<div class="bg-green-50 border border-green-200 text-green-700 px-4 py-3 rounded-lg mb-6">
<i class="fas fa-check-circle mr-2"></i>
<?php echo $success_message; ?>
</div>
<?php endif; ?>
<?php if ($error_message): ?>
<div class="bg-red-50 border border-red-200 text-red-700 px-4 py-3 rounded-lg mb-6">
<i class="fas fa-exclamation-triangle mr-2"></i>
<?php echo $error_message; ?>
</div>
<?php endif; ?>
<!-- Generate New Code Form -->
<div class="bg-white rounded-lg shadow-lg p-6 mb-8">
<h2 class="text-xl font-semibold text-gray-900 mb-4">
<i class="fas fa-plus-circle mr-2 text-green-600"></i>Generate New Special Code
</h2>
<form method="POST" class="space-y-4">
<input type="hidden" name="csrf_token" value="<?php echo generateCSRFToken(); ?>">
<input type="hidden" name="action" value="generate">
<div class="grid grid-cols-1 md:grid-cols-2 gap-4">
<div>
<label for="description" class="block text-sm font-medium text-gray-700 mb-2">
Description
</label>
<input type="text"
id="description"
name="description"
class="w-full px-3 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-blue-500 focus:border-transparent"
placeholder="Purpose of this code"
required>
</div>
<div>
<label for="expires_at" class="block text-sm font-medium text-gray-700 mb-2">
Expiration Date (Optional)
</label>
<input type="datetime-local"
id="expires_at"
name="expires_at"
class="w-full px-3 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-blue-500 focus:border-transparent">
</div>
<div>
<label for="max_usage" class="block text-sm font-medium text-gray-700 mb-2">
Maximum Usage (Optional)
</label>
<input type="number"
id="max_usage"
name="max_usage"
min="1"
class="w-full px-3 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-blue-500 focus:border-transparent"
placeholder="Leave empty for unlimited">
</div>
<div class="flex items-end">
<button type="submit" class="w-full bg-blue-600 text-white py-2 px-4 rounded-lg hover:bg-blue-700 transition duration-300">
<i class="fas fa-magic mr-2"></i>Generate Code
</button>
</div>
</div>
</form>
</div>
<!-- Existing Codes -->
<div class="bg-white rounded-lg shadow-lg p-6">
<h2 class="text-xl font-semibold text-gray-900 mb-4">
<i class="fas fa-list mr-2 text-blue-600"></i>Existing Special Codes
</h2>
<?php if (empty($special_codes)): ?>
<div class="text-center py-8">
<i class="fas fa-key text-gray-400 text-4xl mb-4"></i>
<p class="text-gray-500">No special codes generated yet.</p>
</div>
<?php else: ?>
<div class="overflow-x-auto">
<table class="w-full table-auto">
<thead>
<tr class="bg-gray-50">
<th class="px-4 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Code</th>
<th class="px-4 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Description</th>
<th class="px-4 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Created By</th>
<th class="px-4 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Usage</th>
<th class="px-4 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Expires</th>
<th class="px-4 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Status</th>
<th class="px-4 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Actions</th>
</tr>
</thead>
<tbody class="bg-white divide-y divide-gray-200">
<?php foreach ($special_codes as $code): ?>
<tr class="hover:bg-gray-50">
<td class="px-4 py-4 whitespace-nowrap">
<div class="font-mono text-lg font-bold text-blue-600 bg-blue-50 px-3 py-1 rounded">
<?php echo htmlspecialchars($code['code']); ?>
</div>
</td>
<td class="px-4 py-4">
<div class="text-sm text-gray-900">
<?php echo htmlspecialchars($code['description']); ?>
</div>
</td>
<td class="px-4 py-4 whitespace-nowrap">
<div class="text-sm text-gray-900">
<?php echo htmlspecialchars($code['created_by_name']); ?>
</div>
<div class="text-xs text-gray-500">
<?php echo date('M j, Y g:i A', strtotime($code['created_at'])); ?>
</div>
</td>
<td class="px-4 py-4 whitespace-nowrap">
<div class="text-sm text-gray-900">
<?php echo $code['usage_count']; ?>
<?php if ($code['max_usage']): ?>
/ <?php echo $code['max_usage']; ?>
<?php else: ?>
/ ∞
<?php endif; ?>
</div>
</td>
<td class="px-4 py-4 whitespace-nowrap">
<?php if ($code['expires_at']): ?>
<div class="text-sm text-gray-900">
<?php echo date('M j, Y g:i A', strtotime($code['expires_at'])); ?>
</div>
<?php if (strtotime($code['expires_at']) < time()): ?>
<span class="inline-flex px-2 py-1 text-xs font-semibold rounded-full bg-red-100 text-red-800">
Expired
</span>
<?php endif; ?>
<?php else: ?>
<span class="text-sm text-gray-500">Never</span>
<?php endif; ?>
</td>
<td class="px-4 py-4 whitespace-nowrap">
<?php if ($code['is_active']): ?>
<span class="inline-flex px-2 py-1 text-xs font-semibold rounded-full bg-green-100 text-green-800">
Active
</span>
<?php else: ?>
<span class="inline-flex px-2 py-1 text-xs font-semibold rounded-full bg-red-100 text-red-800">
Inactive
</span>
<?php endif; ?>
</td>
<td class="px-4 py-4 whitespace-nowrap text-sm font-medium space-x-2">
<!-- Toggle Status -->
<form method="POST" class="inline">
<input type="hidden" name="csrf_token" value="<?php echo generateCSRFToken(); ?>">
<input type="hidden" name="action" value="toggle">
<input type="hidden" name="code_id" value="<?php echo $code['id']; ?>">
<input type="hidden" name="status" value="<?php echo $code['is_active']; ?>">
<button type="submit"
class="<?php echo $code['is_active'] ? 'text-red-600 hover:text-red-900' : 'text-green-600 hover:text-green-900'; ?>"
title="<?php echo $code['is_active'] ? 'Deactivate' : 'Activate'; ?>">
<i class="fas <?php echo $code['is_active'] ? 'fa-pause' : 'fa-play'; ?>"></i>
</button>
</form>
<!-- Delete -->
<form method="POST" class="inline" onsubmit="return confirm('Are you sure you want to delete this code?')">
<input type="hidden" name="csrf_token" value="<?php echo generateCSRFToken(); ?>">
<input type="hidden" name="action" value="delete">
<input type="hidden" name="code_id" value="<?php echo $code['id']; ?>">
<button type="submit" class="text-red-600 hover:text-red-900" title="Delete">
<i class="fas fa-trash"></i>
</button>
</form>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
<?php endif; ?>
</div>
<!-- Usage Instructions -->
<div class="mt-8 bg-blue-50 border border-blue-200 rounded-lg p-6">
<h3 class="text-lg font-semibold text-blue-900 mb-3">
<i class="fas fa-info-circle mr-2"></i>How to Use Special Codes
</h3>
<div class="text-blue-800 space-y-2">
<p><strong>1.</strong> Generate a special code using the form above</p>
<p><strong>2.</strong> Share the code with authorized users</p>
<p><strong>3.</strong> Users can access special attendance reports at:
<a href="../special_attendance_reports.php" class="underline font-mono bg-blue-100 px-2 py-1 rounded">
<?php echo $_SERVER['HTTP_HOST'] . dirname($_SERVER['REQUEST_URI'], 2); ?>/special_attendance_reports.php
</a>
</p>
<p><strong>4.</strong> Monitor usage and manage codes as needed</p>
</div>
</div>
</div>
</main>
</div>
</div>
<script>
// Copy code to clipboard
document.querySelectorAll('.font-mono').forEach(element => {
element.style.cursor = 'pointer';
element.title = 'Click to copy';
element.addEventListener('click', function() {
navigator.clipboard.writeText(this.textContent).then(() => {
// Show temporary feedback
const original = this.textContent;
this.textContent = 'Copied!';
setTimeout(() => {
this.textContent = original;
}, 1000);
});
});
});
</script>
</body>
</html>
Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists