Sindbad~EG File Manager
<?php
require_once '../../config/config.php';
checkLogin();
// Only superusers and admins can add users
if (!isSuperuser() && getAccessLevel() !== 'area') {
redirect('../../dashboard.php');
}
$pageTitle = "Add User - " . APP_NAME;
$db = Database::getInstance()->getConnection();
$success = '';
$error = '';
// Get areas, districts, assemblies
$areas = $db->query("SELECT * FROM areas WHERE is_active = 1 ORDER BY area_name")->fetchAll();
// Handle form submission
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$username = sanitize($_POST['username']);
$email = sanitize($_POST['email']);
$password = $_POST['password'];
$fullName = sanitize($_POST['full_name']);
$phone = sanitize($_POST['phone']);
$accessLevel = $_POST['access_level'];
$areaId = $_POST['area_id'] ?: null;
$districtId = $_POST['district_id'] ?: null;
$assemblyId = $_POST['assembly_id'] ?: null;
// Validate
if (empty($username) || empty($email) || empty($password) || empty($fullName)) {
$error = "Please fill all required fields";
} elseif (strlen($password) < 6) {
$error = "Password must be at least 6 characters";
} else {
$auth = new Auth();
$result = $auth->register([
'username' => $username,
'email' => $email,
'password' => $password,
'full_name' => $fullName,
'phone' => $phone,
'access_level' => $accessLevel,
'area_id' => $areaId,
'district_id' => $districtId,
'assembly_id' => $assemblyId
]);
if ($result['success']) {
$success = "User created successfully!";
// Send welcome email if enabled
try {
require_once '../../classes/EmailService.php';
$emailService = new EmailService();
$emailService->sendWelcomeUserEmail([
'full_name' => $fullName,
'email' => $email,
'username' => $username
]);
} catch (Exception $e) {
error_log("Welcome email error: " . $e->getMessage());
}
} else {
$error = $result['message'];
}
}
}
include '../../includes/header.php';
?>
<?php include '../../includes/sidebar.php'; ?>
<!-- Main Content -->
<main class="flex-1 md:ml-64 mt-16">
<div class="container mx-auto px-4 py-8">
<div class="max-w-4xl mx-auto">
<!-- Page Header -->
<div class="mb-6">
<h1 class="text-3xl font-bold text-gray-800">
<i class="fas fa-user-plus mr-2 text-blue-500"></i>Add New User
</h1>
<p class="text-gray-600 mt-2">Create a new user account for the system</p>
</div>
<!-- Messages -->
<?php if ($success): ?>
<div class="bg-green-100 border border-green-400 text-green-700 px-4 py-3 rounded-lg mb-6">
<i class="fas fa-check-circle mr-2"></i><?php echo $success; ?>
<a href="index.php" class="float-right text-green-800 hover:text-green-900">View Users →</a>
</div>
<?php endif; ?>
<?php if ($error): ?>
<div class="bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded-lg mb-6">
<i class="fas fa-exclamation-circle mr-2"></i><?php echo $error; ?>
</div>
<?php endif; ?>
<!-- Form -->
<form method="POST" class="bg-white rounded-xl shadow-lg p-6">
<div class="grid grid-cols-1 md:grid-cols-2 gap-6">
<div>
<label class="block text-sm font-medium text-gray-700 mb-2">Full Name *</label>
<input type="text" name="full_name" required
class="w-full px-4 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-blue-500">
</div>
<div>
<label class="block text-sm font-medium text-gray-700 mb-2">Username *</label>
<input type="text" name="username" required
class="w-full px-4 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-blue-500">
</div>
<div>
<label class="block text-sm font-medium text-gray-700 mb-2">Email *</label>
<input type="email" name="email" required
class="w-full px-4 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-blue-500">
</div>
<div>
<label class="block text-sm font-medium text-gray-700 mb-2">Phone</label>
<input type="tel" name="phone"
class="w-full px-4 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-blue-500">
</div>
<div>
<label class="block text-sm font-medium text-gray-700 mb-2">Password *</label>
<input type="password" name="password" required minlength="6"
class="w-full px-4 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-blue-500">
<p class="text-xs text-gray-500 mt-1">Minimum 6 characters</p>
</div>
<div>
<label class="block text-sm font-medium text-gray-700 mb-2">Access Level *</label>
<select name="access_level" id="accessLevel" required onchange="updateLocationFields()"
class="w-full px-4 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-blue-500">
<option value="">Select Access Level</option>
<?php if (isSuperuser()): ?>
<option value="superuser">Superuser</option>
<?php endif; ?>
<option value="area">Area Admin</option>
<option value="district">District Admin</option>
<option value="assembly">Assembly Admin</option>
</select>
</div>
<div id="areaField" class="hidden">
<label class="block text-sm font-medium text-gray-700 mb-2">Area</label>
<select name="area_id" id="areaSelect" onchange="loadDistricts(this.value)"
class="w-full px-4 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-blue-500">
<option value="">Select Area</option>
<?php foreach ($areas as $area): ?>
<option value="<?php echo $area['id']; ?>"><?php echo htmlspecialchars($area['area_name']); ?></option>
<?php endforeach; ?>
</select>
</div>
<div id="districtField" class="hidden">
<label class="block text-sm font-medium text-gray-700 mb-2">District</label>
<select name="district_id" id="districtSelect" onchange="loadAssemblies(this.value)"
class="w-full px-4 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-blue-500">
<option value="">Select District</option>
</select>
</div>
<div id="assemblyField" class="hidden">
<label class="block text-sm font-medium text-gray-700 mb-2">Assembly</label>
<select name="assembly_id" id="assemblySelect"
class="w-full px-4 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-blue-500">
<option value="">Select Assembly</option>
</select>
</div>
</div>
<div class="mt-6 flex justify-end space-x-4">
<a href="index.php" class="px-6 py-2 border border-gray-300 rounded-lg hover:bg-gray-100 transition">
Cancel
</a>
<button type="submit" class="bg-gradient-to-r from-blue-500 to-blue-600 text-white px-6 py-2 rounded-lg hover:from-blue-600 hover:to-blue-700 transition">
<i class="fas fa-save mr-2"></i>Create User
</button>
</div>
</form>
</div>
</div>
</main>
<script>
function updateLocationFields() {
const level = document.getElementById('accessLevel').value;
const areaField = document.getElementById('areaField');
const districtField = document.getElementById('districtField');
const assemblyField = document.getElementById('assemblyField');
areaField.classList.add('hidden');
districtField.classList.add('hidden');
assemblyField.classList.add('hidden');
if (level === 'area') {
areaField.classList.remove('hidden');
} else if (level === 'district') {
areaField.classList.remove('hidden');
districtField.classList.remove('hidden');
} else if (level === 'assembly') {
areaField.classList.remove('hidden');
districtField.classList.remove('hidden');
assemblyField.classList.remove('hidden');
}
}
function loadDistricts(areaId) {
if (!areaId) {
document.getElementById('districtSelect').innerHTML = '<option value="">Select District</option>';
document.getElementById('assemblySelect').innerHTML = '<option value="">Select Assembly</option>';
return;
}
fetch('<?php echo BASE_URL; ?>api/get-districts.php?area_id=' + areaId)
.then(response => response.json())
.then(data => {
let html = '<option value="">Select District</option>';
data.forEach(district => {
html += `<option value="${district.id}">${district.district_name}</option>`;
});
document.getElementById('districtSelect').innerHTML = html;
document.getElementById('assemblySelect').innerHTML = '<option value="">Select Assembly</option>';
});
}
function loadAssemblies(districtId) {
if (!districtId) {
document.getElementById('assemblySelect').innerHTML = '<option value="">Select Assembly</option>';
return;
}
fetch('<?php echo BASE_URL; ?>api/get-assemblies.php?district_id=' + districtId)
.then(response => response.json())
.then(data => {
let html = '<option value="">Select Assembly</option>';
data.forEach(assembly => {
html += `<option value="${assembly.id}">${assembly.assembly_name}</option>`;
});
document.getElementById('assemblySelect').innerHTML = html;
});
}
</script>
<?php include '../../includes/footer.php'; ?>
Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists