[
MAINHACK
]
Mail Test
BC
Config Scan
HOME
Create...
New File
New Folder
Viewing / Editing File: manage.php
<?php require_once '../config/database.php'; require_once '../config/functions.php'; requireAuth('manager'); // Get all users $stmt = $pdo->prepare("SELECT * FROM users ORDER BY full_name ASC"); $stmt->execute(); $users = $stmt->fetchAll(); $error = ''; $success = ''; // Handle user actions if ($_SERVER['REQUEST_METHOD'] === 'POST') { $action = $_POST['action'] ?? ''; if ($action === 'add_user') { $username = trim($_POST['username'] ?? ''); $password = trim($_POST['password'] ?? ''); $full_name = trim($_POST['full_name'] ?? ''); $role = $_POST['role'] ?? ''; $phone = trim($_POST['phone'] ?? ''); // بدون أي شروط if (!$username || !$password || !$full_name || !$role) { $error = 'جميع البيانات الأساسية مطلوبة'; } elseif (strlen($password) < 6) { $error = 'كلمة المرور يجب أن تكون 6 أحرف على الأقل'; } else { try { // Check if username exists $stmt = $pdo->prepare("SELECT id FROM users WHERE username = ?"); $stmt->execute([$username]); if ($stmt->fetch()) { $error = 'اسم المستخدم موجود بالفعل'; } else { // لا يوجد أي فحص للرقم الآن $hashed_password = password_hash($password, PASSWORD_DEFAULT); $stmt = $pdo->prepare(" INSERT INTO users (username, password, full_name, role, phone, is_active) VALUES (?, ?, ?, ?, ?, 1) "); $stmt->execute([$username, $hashed_password, $full_name, $role, $phone]); $user_id = $pdo->lastInsertId(); addAuditLog($pdo, $_SESSION['user_id'], 'create_user', 'user', $user_id, null, [ 'username' => $username, 'full_name' => $full_name, 'role' => $role, 'phone' => $phone ], "إضافة مستخدم جديد: $full_name"); $success = 'تم إضافة المستخدم بنجاح'; } } catch (Exception $e) { $error = 'خطأ في إضافة المستخدم: ' . $e->getMessage(); } } } elseif ($action === 'update_user') { $user_id = $_POST['user_id'] ?? ''; $username = trim($_POST['username'] ?? ''); $full_name = trim($_POST['full_name'] ?? ''); $role = $_POST['role'] ?? ''; $phone = trim($_POST['phone'] ?? ''); // بدون أي شروط $is_active = isset($_POST['is_active']) ? 1 : 0; $new_password = trim($_POST['new_password'] ?? ''); if (!$user_id || !$username || !$full_name || !$role) { $error = 'جميع البيانات الأساسية مطلوبة'; } elseif ($new_password && strlen($new_password) < 6) { $error = 'كلمة المرور الجديدة يجب أن تكون 6 أحرف على الأقل'; } else { try { // Get old values $stmt = $pdo->prepare("SELECT * FROM users WHERE id = ?"); $stmt->execute([$user_id]); $old_user = $stmt->fetch(); // Check if username exists for other users $stmt = $pdo->prepare("SELECT id FROM users WHERE username = ? AND id != ?"); $stmt->execute([$username, $user_id]); if ($stmt->fetch()) { $error = 'اسم المستخدم موجود بالفعل'; } else { // لا يوجد أي فحص للرقم الآن if ($new_password) { $hashed_password = password_hash($new_password, PASSWORD_DEFAULT); $stmt = $pdo->prepare(" UPDATE users SET username = ?, password = ?, full_name = ?, role = ?, phone = ?, is_active = ? WHERE id = ? "); $stmt->execute([$username, $hashed_password, $full_name, $role, $phone, $is_active, $user_id]); } else { $stmt = $pdo->prepare(" UPDATE users SET username = ?, full_name = ?, role = ?, phone = ?, is_active = ? WHERE id = ? "); $stmt->execute([$username, $full_name, $role, $phone, $is_active, $user_id]); } addAuditLog($pdo, $_SESSION['user_id'], 'update_user', 'user', $user_id, $old_user, [ 'username' => $username, 'full_name' => $full_name, 'role' => $role, 'phone' => $phone, 'is_active' => $is_active, 'password_changed' => !empty($new_password) ], "تحديث المستخدم: $full_name"); $success = 'تم تحديث المستخدم بنجاح'; } } catch (Exception $e) { $error = 'خطأ في تحديث المستخدم: ' . $e->getMessage(); } } } if ($success) { header("Location: /users/manage.php?success=" . urlencode($success)); exit; } } if (isset($_GET['success'])) { $success = $_GET['success']; } ?> <!DOCTYPE html> <html lang="ar" dir="rtl"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>إدارة المستخدمين - حسابات عربية بن فريش</title> <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.rtl.min.css" rel="stylesheet"> <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css" rel="stylesheet"> <style> .user-card { border-radius: 15px; transition: all 0.3s ease; } .user-card:hover { transform: translateY(-2px); box-shadow: 0 4px 8px rgba(0,0,0,0.1); } .role-manager { border-left: 5px solid #dc3545; } .role-accountant { border-left: 5px solid #ffc107; } .role-representative { border-left: 5px solid #198754; } .user-inactive { opacity: 0.6; } </style> </head> <body class="bg-light"> <div class="container-fluid mt-4"> <div class="d-flex justify-content-between align-items-center mb-4"> <h2><i class="fas fa-users-cog me-2"></i>إدارة المستخدمين</h2> <div> <button class="btn btn-primary me-2" data-bs-toggle="modal" data-bs-target="#addUserModal"> <i class="fas fa-user-plus me-1"></i>مستخدم جديد </button> <a href="/dashboard.php" class="btn btn-outline-secondary"> <i class="fas fa-arrow-left me-1"></i>العودة </a> </div> </div> <?php if ($error): ?> <div class="alert alert-danger" role="alert"> <i class="fas fa-exclamation-triangle me-2"></i><?= htmlspecialchars($error) ?> </div> <?php endif; ?> <?php if ($success): ?> <div class="alert alert-success" role="alert"> <i class="fas fa-check-circle me-2"></i><?= htmlspecialchars($success) ?> </div> <?php endif; ?> <!-- Users Grid --> <div class="row"> <?php foreach ($users as $user): ?> <div class="col-md-4 mb-4"> <div class="user-card card role-<?= $user['role'] ?> <?= $user['is_active'] ? '' : 'user-inactive' ?>"> <div class="card-body"> <div class="d-flex justify-content-between align-items-start mb-3"> <div> <h5 class="card-title"><?= htmlspecialchars($user['full_name']) ?></h5> <small class="text-muted">@<?= htmlspecialchars($user['username']) ?></small> </div> <div class="text-end"> <span class="badge bg-<?= $user['role'] === 'manager' ? 'danger' : ($user['role'] === 'accountant' ? 'warning' : 'success') ?>"> <?= $user['role'] === 'manager' ? 'مدير' : ($user['role'] === 'accountant' ? 'محاسب' : 'مندوب') ?> </span> <br> <span class="badge bg-<?= $user['is_active'] ? 'success' : 'secondary' ?> mt-1"> <?= $user['is_active'] ? 'نشط' : 'غير نشط' ?> </span> </div> </div> <?php if ($user['phone']): ?> <div class="mb-3"> <small class="text-muted">الهاتف:</small> <div><?= htmlspecialchars($user['phone']) ?></div> </div> <?php endif; ?> <div class="mb-3"> <small class="text-muted">تاريخ الإنشاء:</small> <div><?= date('Y-m-d', strtotime($user['created_at'])) ?></div> </div> <div class="d-flex gap-2"> <button class="btn btn-outline-primary btn-sm flex-grow-1" data-bs-toggle="modal" data-bs-target="#editModal<?= $user['id'] ?>"> <i class="fas fa-edit me-1"></i>تعديل </button> </div> </div> </div> </div> <!-- Edit User Modal --> <div class="modal fade" id="editModal<?= $user['id'] ?>" tabindex="-1"> <div class="modal-dialog"> <div class="modal-content"> <div class="modal-header"> <h5 class="modal-title">تعديل المستخدم</h5> <button type="button" class="btn-close" data-bs-dismiss="modal"></button> </div> <form method="POST"> <div class="modal-body"> <input type="hidden" name="action" value="update_user"> <input type="hidden" name="user_id" value="<?= $user['id'] ?>"> <div class="mb-3"> <label class="form-label">اسم المستخدم *</label> <input type="text" class="form-control" name="username" value="<?= htmlspecialchars($user['username']) ?>" required> </div> <div class="mb-3"> <label class="form-label">الاسم الكامل *</label> <input type="text" class="form-control" name="full_name" value="<?= htmlspecialchars($user['full_name']) ?>" required> </div> <div class="row"> <div class="col-md-6 mb-3"> <label class="form-label">الدور *</label> <select class="form-select" name="role" required> <option value="manager" <?= $user['role'] === 'manager' ? 'selected' : '' ?>>مدير</option> <option value="accountant" <?= $user['role'] === 'accountant' ? 'selected' : '' ?>>محاسب</option> <option value="representative" <?= $user['role'] === 'representative' ? 'selected' : '' ?>>مندوب</option> </select> </div> <div class="col-md-6 mb-3"> <label class="form-label">رقم الهاتف</label> <input type="text" class="form-control" name="phone" value="<?= htmlspecialchars($user['phone']) ?>" placeholder=""> </div> </div> <div class="mb-3"> <label class="form-label">كلمة مرور جديدة (اتركها فارغة للاحتفاظ بالحالية)</label> <input type="password" class="form-control" name="new_password" placeholder="كلمة مرور جديدة"> </div> <div class="form-check"> <input class="form-check-input" type="checkbox" name="is_active" <?= $user['is_active'] ? 'checked' : '' ?>> <label class="form-check-label">مستخدم نشط</label> </div> </div> <div class="modal-footer"> <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">إلغاء</button> <button type="submit" class="btn btn-primary">حفظ التغييرات</button> </div> </form> </div> </div> </div> <?php endforeach; ?> </div> </div> <!-- Add User Modal --> <div class="modal fade" id="addUserModal" tabindex="-1"> <div class="modal-dialog"> <div class="modal-content"> <div class="modal-header"> <h5 class="modal-title">إضافة مستخدم جديد</h5> <button type="button" class="btn-close" data-bs-dismiss="modal"></button> </div> <form method="POST"> <div class="modal-body"> <input type="hidden" name="action" value="add_user"> <div class="mb-3"> <label class="form-label">اسم المستخدم *</label> <input type="text" class="form-control" name="username" required> </div> <div class="mb-3"> <label class="form-label">كلمة المرور *</label> <input type="password" class="form-control" name="password" required> <div class="form-text">يجب أن تكون 6 أحرف على الأقل</div> </div> <div class="mb-3"> <label class="form-label">الاسم الكامل *</label> <input type="text" class="form-control" name="full_name" required> </div> <div class="row"> <div class="col-md-6 mb-3"> <label class="form-label">الدور *</label> <select class="form-select" name="role" required> <option value="">اختر الدور</option> <option value="manager">مدير</option> <option value="accountant">محاسب</option> <option value="representative">مندوب</option> </select> </div> <div class="col-md-6 mb-3"> <label class="form-label">رقم الهاتف</label> <input type="text" class="form-control" name="phone" placeholder=""> </div> </div> </div> <div class="modal-footer"> <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">إلغاء</button> <button type="submit" class="btn btn-primary">إضافة المستخدم</button> </div> </form> </div> </div> </div> <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js"></script> <!-- تمت إزالة الكود الخاص بفرض تنسيق رقم مصري --> </body> </html>
Save Changes
Cancel / Back
Close ×
Server Info
Hostname: premium320.web-hosting.com
Server IP: 66.29.153.54
PHP Version: 8.2.29
Server Software: LiteSpeed
System: Linux premium320.web-hosting.com 4.18.0-553.50.1.lve.el8.x86_64 #1 SMP Thu Apr 17 19:10:24 UTC 2025 x86_64
HDD Total: 97.87 GB
HDD Free: 76.86 GB
Domains on IP: N/A (Requires external lookup)
System Features
Safe Mode:
Off
disable_functions:
None
allow_url_fopen:
On
allow_url_include:
Off
magic_quotes_gpc:
Off
register_globals:
Off
open_basedir:
None
cURL:
Enabled
ZipArchive:
Enabled
MySQLi:
Enabled
PDO:
Enabled
wget:
Yes
curl (cmd):
Yes
perl:
Yes
python:
Yes (py3)
gcc:
Yes
pkexec:
No
git:
Yes
User Info
Username: aoneqssk
User ID (UID): 1285
Group ID (GID): 1290
Script Owner UID: 1285
Current Dir Owner: 1285