Sindbad~EG File Manager
<?php
require_once '../config/config.php';
header('Content-Type: application/json');
// Verify access code
$input = json_decode(file_get_contents('php://input'), true);
$access_code = $input['access_code'] ?? '';
if (empty($access_code)) {
echo json_encode(['success' => false, 'message' => 'Access code required']);
exit;
}
$db = new Database();
$conn = $db->getConnection();
// Verify special code
$query = "SELECT * FROM special_codes WHERE code = ? AND is_active = 1
AND (expires_at IS NULL OR expires_at > NOW())";
$stmt = $conn->prepare($query);
$stmt->execute([$access_code]);
$code_info = $stmt->fetch();
if (!$code_info) {
echo json_encode(['success' => false, 'message' => 'Invalid access code']);
exit;
}
try {
// Build WHERE clause based on filters
$where_conditions = [];
$params = [];
if (!empty($input['program'])) {
$where_conditions[] = "ar.program_id = ?";
$params[] = $input['program'];
}
if (!empty($input['district'])) {
$where_conditions[] = "ar.district_id = ?";
$params[] = $input['district'];
}
if (!empty($input['officer_type'])) {
$where_conditions[] = "ar.officer_type = ?";
$params[] = $input['officer_type'];
}
if (!empty($input['from_date'])) {
$where_conditions[] = "DATE(ar.submitted_at) >= ?";
$params[] = $input['from_date'];
}
if (!empty($input['to_date'])) {
$where_conditions[] = "DATE(ar.submitted_at) <= ?";
$params[] = $input['to_date'];
}
$where_clause = !empty($where_conditions) ? 'WHERE ' . implode(' AND ', $where_conditions) : '';
// Get detail statistics
$stats_query = "SELECT
COUNT(ar.id) as total_records,
COUNT(DISTINCT CONCAT(ar.full_name, '-', ar.email)) as unique_attendees,
COUNT(DISTINCT CONCAT(ar.district_id, '-', ar.assembly_id)) as locations
FROM attendance_records ar
JOIN programs p ON ar.program_id = p.id
LEFT JOIN locations ld ON ar.district_id = ld.id
LEFT JOIN locations la ON ar.assembly_id = la.id
$where_clause";
$stats_stmt = $conn->prepare($stats_query);
$stats_stmt->execute($params);
$stats = $stats_stmt->fetch();
// Get detailed attendance records
$data_query = "SELECT
ar.full_name,
ar.email,
ar.telephone,
ar.officer_type,
p.name as program_name,
ld.name as district_name,
la.name as assembly_name,
ar.submitted_at,
ar.tracking_code,
ar.additional_data
FROM attendance_records ar
JOIN programs p ON ar.program_id = p.id
LEFT JOIN locations ld ON ar.district_id = ld.id
LEFT JOIN locations la ON ar.assembly_id = la.id
$where_clause
ORDER BY ar.submitted_at DESC
LIMIT 1000"; // Limit for performance
$data_stmt = $conn->prepare($data_query);
$data_stmt->execute($params);
$data = $data_stmt->fetchAll();
// Process additional data
foreach ($data as &$record) {
if ($record['additional_data'] && $record['additional_data'] !== 'null') {
$additional = json_decode($record['additional_data'], true);
$record['additional_fields'] = $additional;
} else {
$record['additional_fields'] = [];
}
}
echo json_encode([
'success' => true,
'stats' => $stats,
'data' => $data
]);
} catch (Exception $e) {
echo json_encode(['success' => false, 'message' => 'Database error: ' . $e->getMessage()]);
}
?>
Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists