Sindbad~EG File Manager
<?php
/**
* Module Management Installation Script
* Run this once to set up the module access control system
*/
require_once 'config/config.php';
checkLogin();
// Only superusers can run this
if (!isSuperuser()) {
die('<div style="padding: 20px; background: #fee; border: 2px solid #c00; color: #c00; font-family: Arial;">
<h2>Access Denied</h2>
<p>Only superusers can run the installation script.</p>
<a href="dashboard.php" style="color: #00f;">Return to Dashboard</a>
</div>');
}
$db = Database::getInstance()->getConnection();
$errors = [];
$success = [];
// Pre-installation checks
try {
// Check if module_management table exists
$checkTable = $db->query("SHOW TABLES LIKE 'module_management'")->fetch();
if (!$checkTable) {
$errors[] = "❌ module_management table does not exist!";
$errors[] = "Please run the main database setup first before installing Module Management.";
$errors[] = "The module_management table is required for this installation.";
}
} catch (Exception $e) {
$errors[] = "❌ Database check failed: " . $e->getMessage();
}
// If pre-checks failed, don't proceed
if (!empty($errors)) {
// Skip to display
} else {
try {
// Read and execute SQL file
$sqlFile = __DIR__ . '/sql/module_access_control.sql';
if (!file_exists($sqlFile)) {
throw new Exception("SQL file not found: $sqlFile");
}
$sql = file_get_contents($sqlFile);
// Remove comments
$sql = preg_replace('/^--.*$/m', '', $sql);
$sql = preg_replace('/\/\*.*?\*\//s', '', $sql);
// Split by semicolon and clean up
$statements = explode(';', $sql);
$statements = array_map('trim', $statements);
$statements = array_filter($statements, function($stmt) {
return !empty($stmt) && strlen($stmt) > 5;
});
// Check if we have any valid statements
if (empty($statements)) {
throw new Exception("No valid SQL statements found in the SQL file");
}
$transactionStarted = false;
try {
$db->beginTransaction();
$transactionStarted = true;
$executedCount = 0;
foreach ($statements as $index => $statement) {
if (!empty($statement)) {
try {
// Use exec for queries that don't return results
// This prevents unbuffered query issues
$result = $db->exec($statement);
$executedCount++;
} catch (PDOException $e) {
$errorMsg = $e->getMessage();
// Ignore certain acceptable errors
if (strpos($errorMsg, 'Duplicate entry') !== false ||
strpos($errorMsg, 'already exists') !== false ||
strpos($errorMsg, 'Duplicate column') !== false ||
strpos($errorMsg, 'Multiple primary key') !== false ||
strpos($errorMsg, 'Duplicate key') !== false) {
// These are OK - means already installed
continue;
}
// Log the problematic statement for debugging
$errors[] = "Statement #" . ($index + 1) . " failed: " . $errorMsg;
$errors[] = "Statement was: " . substr($statement, 0, 200) . "...";
throw $e;
}
}
}
// Only commit if transaction is still active
if ($db->inTransaction()) {
$db->commit();
$transactionStarted = false;
}
$success[] = "✅ Executed $executedCount SQL statements successfully";
$success[] = "✅ Database tables created successfully";
$success[] = "✅ module_access_levels table created";
$success[] = "✅ module_access_audit table created";
$success[] = "✅ Existing modules migrated to new system";
$success[] = "✅ Module Management module added";
} catch (Exception $e) {
// Rollback if transaction is active
if ($transactionStarted && $db->inTransaction()) {
$db->rollBack();
}
throw $e; // Re-throw to be caught by outer catch
}
// Verify installation (outside of transaction)
// Use prepared statements to avoid unbuffered query issues
try {
$stmt = $db->prepare("SHOW TABLES LIKE 'module_access%'");
$stmt->execute();
$tables = $stmt->fetchAll();
$stmt->closeCursor(); // Important: close cursor before next query
$success[] = "✅ Found " . count($tables) . " access control tables";
// Count modules
$stmt = $db->prepare("SELECT COUNT(*) FROM module_management");
$stmt->execute();
$moduleCount = $stmt->fetchColumn();
$stmt->closeCursor();
$success[] = "✅ Total modules in system: " . $moduleCount;
// Count access permissions
$stmt = $db->prepare("SELECT COUNT(*) FROM module_access_levels");
$stmt->execute();
$accessCount = $stmt->fetchColumn();
$stmt->closeCursor();
$success[] = "✅ Total access permissions configured: " . $accessCount;
} catch (Exception $e) {
// Verification failed but installation succeeded
$success[] = "⚠️ Verification queries failed, but installation completed";
}
} catch (Exception $e) {
if ($db->inTransaction()) {
$db->rollBack();
}
$errors[] = "❌ Installation failed: " . $e->getMessage();
$errors[] = "Stack trace: " . $e->getTraceAsString();
}
} // End of else block from pre-installation checks
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Module Management Installation</title>
<script src="https://cdn.tailwindcss.com"></script>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css">
</head>
<body class="bg-gray-100">
<div class="min-h-screen flex items-center justify-center p-4">
<div class="max-w-4xl w-full bg-white rounded-2xl shadow-2xl p-8">
<!-- Header -->
<div class="text-center mb-8">
<div class="inline-flex items-center justify-center w-20 h-20 rounded-full bg-gradient-to-br from-blue-500 to-purple-600 mb-4">
<i class="fas fa-sliders-h text-3xl text-white"></i>
</div>
<h1 class="text-4xl font-bold text-gray-800 mb-2">Module Management Installation</h1>
<p class="text-gray-600">Setting up role-based module access control system</p>
</div>
<!-- Success Messages -->
<?php if (!empty($success)): ?>
<div class="bg-green-50 border-l-4 border-green-500 p-6 rounded-lg mb-6">
<div class="flex items-start">
<i class="fas fa-check-circle text-green-500 text-2xl mr-4 mt-1"></i>
<div class="flex-1">
<h3 class="text-lg font-bold text-green-800 mb-3">Installation Successful!</h3>
<ul class="space-y-2">
<?php foreach ($success as $msg): ?>
<li class="text-green-700 flex items-center">
<i class="fas fa-check mr-2 text-sm"></i>
<?php echo htmlspecialchars($msg); ?>
</li>
<?php endforeach; ?>
</ul>
</div>
</div>
</div>
<?php endif; ?>
<!-- Error Messages -->
<?php if (!empty($errors)): ?>
<div class="bg-red-50 border-l-4 border-red-500 p-6 rounded-lg mb-6">
<div class="flex items-start">
<i class="fas fa-exclamation-circle text-red-500 text-2xl mr-4 mt-1"></i>
<div class="flex-1">
<h3 class="text-lg font-bold text-red-800 mb-3">Installation Failed</h3>
<ul class="space-y-2">
<?php foreach ($errors as $msg): ?>
<li class="text-red-700 text-sm font-mono"><?php echo htmlspecialchars($msg); ?></li>
<?php endforeach; ?>
</ul>
</div>
</div>
</div>
<!-- Help if module_management table missing -->
<?php if (strpos(implode(' ', $errors), 'module_management table does not exist') !== false): ?>
<div class="bg-yellow-50 border-l-4 border-yellow-500 p-6 rounded-lg mb-6">
<h3 class="text-lg font-bold text-yellow-800 mb-4">
<i class="fas fa-lightbulb mr-2"></i>How to Fix This
</h3>
<div class="text-yellow-700 space-y-3">
<p><strong>The `module_management` table is required but doesn't exist in your database.</strong></p>
<p class="font-semibold">Option 1: Run the main database setup</p>
<p>Check if you have a <code class="bg-yellow-100 px-2 py-1 rounded">database/schema.sql</code> file and import it into your database.</p>
<p class="font-semibold mt-4">Option 2: Create the table manually</p>
<p>Run this SQL in your database:</p>
<pre class="bg-yellow-100 p-3 rounded mt-2 text-xs overflow-x-auto">CREATE TABLE module_management (
id INT AUTO_INCREMENT PRIMARY KEY,
module_name VARCHAR(100) NOT NULL,
module_description TEXT,
module_icon VARCHAR(100),
module_url VARCHAR(255),
display_order INT DEFAULT 0,
required_role VARCHAR(50),
is_active BOOLEAN DEFAULT TRUE,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
INDEX idx_display_order (display_order),
INDEX idx_is_active (is_active)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;</pre>
<p class="mt-4"><strong>After creating the table, refresh this page to try again.</strong></p>
</div>
</div>
<?php endif; ?>
<?php endif; ?>
<!-- What was installed -->
<?php if (empty($errors)): ?>
<div class="bg-blue-50 border-l-4 border-blue-500 p-6 rounded-lg mb-6">
<h3 class="text-lg font-bold text-blue-800 mb-4">
<i class="fas fa-info-circle mr-2"></i>What Was Installed
</h3>
<div class="grid grid-cols-1 md:grid-cols-2 gap-4">
<div class="bg-white p-4 rounded-lg">
<h4 class="font-semibold text-gray-800 mb-2">📊 Database Tables</h4>
<ul class="text-sm text-gray-600 space-y-1">
<li>• <code class="bg-gray-100 px-2 py-1 rounded">module_access_levels</code></li>
<li>• <code class="bg-gray-100 px-2 py-1 rounded">module_access_audit</code></li>
<li>• Updated <code class="bg-gray-100 px-2 py-1 rounded">module_management</code></li>
</ul>
</div>
<div class="bg-white p-4 rounded-lg">
<h4 class="font-semibold text-gray-800 mb-2">⚙️ Features Added</h4>
<ul class="text-sm text-gray-600 space-y-1">
<li>• Role-based module access control</li>
<li>• Per-level module enable/disable</li>
<li>• Access change audit logging</li>
<li>• Module categories</li>
</ul>
</div>
<div class="bg-white p-4 rounded-lg">
<h4 class="font-semibold text-gray-800 mb-2">🎯 Access Levels</h4>
<ul class="text-sm text-gray-600 space-y-1">
<li>• Assembly Admin</li>
<li>• District Admin</li>
<li>• Area Admin</li>
<li>• Superuser</li>
</ul>
</div>
<div class="bg-white p-4 rounded-lg">
<h4 class="font-semibold text-gray-800 mb-2">🔐 Protected Modules</h4>
<ul class="text-sm text-gray-600 space-y-1">
<li>• Dashboard (Critical)</li>
<li>• Settings (Critical)</li>
<li>• Notifications (Critical)</li>
<li>• Users (Critical)</li>
</ul>
</div>
</div>
</div>
<!-- Next Steps -->
<div class="bg-purple-50 border-l-4 border-purple-500 p-6 rounded-lg mb-6">
<h3 class="text-lg font-bold text-purple-800 mb-4">
<i class="fas fa-rocket mr-2"></i>Next Steps
</h3>
<ol class="space-y-3 text-purple-700">
<li class="flex items-start">
<span class="font-bold mr-3">1.</span>
<span>Access the <strong>Module Management</strong> page from your sidebar menu</span>
</li>
<li class="flex items-start">
<span class="font-bold mr-3">2.</span>
<span>Review which modules are enabled for each access level</span>
</li>
<li class="flex items-start">
<span class="font-bold mr-3">3.</span>
<span>Toggle access for specific admin levels as needed</span>
</li>
<li class="flex items-start">
<span class="font-bold mr-3">4.</span>
<span>Test with different user accounts to verify access control</span>
</li>
<li class="flex items-start">
<span class="font-bold mr-3">5.</span>
<span>Review the audit log to track access changes</span>
</li>
</ol>
</div>
<!-- Important Notes -->
<div class="bg-yellow-50 border-l-4 border-yellow-500 p-6 rounded-lg">
<h3 class="text-lg font-bold text-yellow-800 mb-3">
<i class="fas fa-exclamation-triangle mr-2"></i>Important Notes
</h3>
<ul class="space-y-2 text-yellow-700 text-sm">
<li>⚠️ Critical modules (Dashboard, Settings, etc.) cannot be disabled</li>
<li>⚠️ Superuser access cannot be disabled for any module</li>
<li>⚠️ All access changes are logged in the audit table</li>
<li>⚠️ Sidebar menu updates automatically based on module access</li>
<li>⚠️ Users must log out and log back in to see menu changes</li>
</ul>
</div>
<?php endif; ?>
<!-- Action Buttons -->
<div class="mt-8 flex gap-4 justify-center">
<a href="<?php echo BASE_URL; ?>modules/module-management/index.php"
class="px-6 py-3 bg-gradient-to-r from-blue-500 to-purple-600 text-white rounded-lg hover:from-blue-600 hover:to-purple-700 transition shadow-lg flex items-center gap-2">
<i class="fas fa-sliders-h"></i>
Open Module Management
</a>
<a href="<?php echo BASE_URL; ?>dashboard.php"
class="px-6 py-3 bg-gray-500 text-white rounded-lg hover:bg-gray-600 transition shadow-lg flex items-center gap-2">
<i class="fas fa-home"></i>
Back to Dashboard
</a>
</div>
</div>
</div>
</body>
</html>
Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists