Mini Shell
<?php
session_start();
$rootPath = realpath(dirname(__FILE__) . '/..');
require_once $rootPath . '/Portal/config/config.php';
require_once $rootPath . '/Portal/AccessControl.php';
require_once $rootPath . '/PortalM/include/auth_validate.php';
if ($Manage_Students== 1) {
/////// Code for new access control on header menu /////////////////////////
$User = $_SESSION['id'];
$UserAccessName = $query3 = $result3 = $Status = "";
$result = mysqli_query($conn, "SELECT * FROM admin_accounts WHERE id = '$User'");
$num = mysqli_num_rows($result);
if ($num > 0) {
$rows = mysqli_fetch_array($result);
$UserAccessName = $rows['Access_Level'];
}
$db = getDbInstance();
// Get data from query string
//$search_string = filter_input(INPUT_GET, 'search_string', FILTER_SANITIZE_STRING);
//$del_id = filter_input(INPUT_GET, 'del_id', FILTER_SANITIZE_NUMBER_INT);
//$filter_col = filter_input(INPUT_GET, 'filter_col', FILTER_SANITIZE_STRING);
// $order_by = filter_input(INPUT_GET, 'order_by', FILTER_SANITIZE_STRING);
$search_string = filter_input(INPUT_GET, 'search_string', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$del_id = filter_input(INPUT_GET, 'del_id', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$filter_col = filter_input(INPUT_GET, 'filter_col', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$order_by = filter_input(INPUT_GET, 'order_by', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$page = filter_input(INPUT_GET, 'page', FILTER_SANITIZE_NUMBER_INT);
$pagelimit = 5;
if (!$page) {
$page = 1;
}
// If filter types are not selected we show latest added data first
if (!$filter_col) {
$filter_col = "id";
}
if (!$order_by) {
$order_by = "desc";
}
// Select the columns
$select = array('id', 'Full_Name', 'user_name', 'Phone', 'User_Type', 'email', 'Access_Level', 'Status');
// If user searches
if ($search_string) {
$db->where('user_name', '%' . $search_string . '%', 'like');
}
if ($order_by) {
$db->orderBy($filter_col, $order_by);
}
$db->pageLimit = $pagelimit;
$result = $db->arraybuilder()->paginate("admin_accounts", $page, $select);
$total_pages = $db->totalPages;
// Get columns for order filter
$filter_options = array();
if (!empty($result)) {
foreach ($result as $value) {
foreach ($value as $col_name => $col_value) {
$filter_options[$col_name] = $col_name;
}
// Execute only once
break;
}
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// Sanitize and validate input
$Full_Name = mysqli_real_escape_string($conn, $_POST['Full_Name']);
$Name = mysqli_real_escape_string($conn, $_POST['user_name']);
$Phone = mysqli_real_escape_string($conn, $_POST['Phone']);
$Password = md5($_POST['passwd']);
$AccessLevel = mysqli_real_escape_string($conn, $_POST['AccessLevel']);
$Region = mysqli_real_escape_string($conn, $_POST['Region']);
$UniqNumber = isset($_POST['UniqNumber']) ? mysqli_real_escape_string($conn, $_POST['UniqNumber']) : '';
// Check if username already exists
$check_sql = "SELECT * FROM admin_accounts WHERE user_name = '$Name'";
$check_result = mysqli_query($conn, $check_sql);
if (mysqli_num_rows($check_result) > 0) {
$_SESSION['failure'] = "Username already exists!";
} else {
$sql = mysqli_query($conn, "INSERT INTO admin_accounts (Full_Name, user_name, Phone, passwd, admin_type, UserAccessName, Region, UniqNumber)
VALUES ('$Full_Name','$Name','$Phone','$Password','super','$AccessLevel','$Region','$UniqNumber')");
if ($sql) {
// Event Trail
date_default_timezone_set('Africa/Blantyre');
$EventTime = date('d-m-Y H:i', time());
$Action = 'Adding Record';
$RecordType = 'User Account';
$Details = "$Full_Name";
$Date = "$EventTime";
$User = $_SESSION['Full_Name'];
$event_sql = mysqli_query($conn, "INSERT INTO eventtrail (Action, RecordType, Details, Date, User)
VALUES ('$Action','$RecordType','$Details','$Date','$User')");
$_SESSION['success'] = "User added successfully!";
} else {
$_SESSION['failure'] = "Error adding user: " . mysqli_error($conn);
}
}
header('location: admin_users.php');
exit();
}
$query3 = "SELECT * FROM `admin_accounts`";
$result3 = mysqli_query($conn, $query3);
include_once 'include/AdminHeader.php';
?>
<div id="page-wrapper">
<div class="row">
<div class="col-lg-6">
<h4 class="page-header">Manage Student Records</h4>
</div>
<div class="col-lg-6" style="">
<div class="page-action-links text-right">
<a href="StudentSample.php"><button class="btn btn-success"><span class="glyphicon glyphicon-download"></span> Download Template</button>
</a>
<a href="#" data-toggle="modal" data-target="#Upload-Students">
<button class="btn btn-success"><span class="glyphicon glyphicon-upload"></span> Upload Student Records</button>
</a>
<a href="">
<button class="btn btn-success"><span class="glyphicon glyphicon-refresh"></span> Refresh</button>
</a>
</div>
</div>
</div>
<?php include('include/flash_messages.php') ?>
<?php
if (isset($del_stat) && $del_stat == 1) {
echo '<div class="alert alert-info">Successfully deleted</div>';
}
?>
<!-- Begin filter section -->
<div class="well text-center filter-form">
<form class="form form-inline" action="">
<label for="input_search">Search</label>
<input type="text" class="form-control" id="input_search" name="search_string" value="<?php echo htmlspecialchars($search_string ?? ''); ?>">
<label for="input_order">Order By</label>
<select name="filter_col" class="form-control">
<?php
foreach ($filter_options as $option) {
$selected = ($filter_col === $option) ? "selected" : "";
echo '<option value="' . htmlspecialchars($option) . '" ' . $selected . '>' . htmlspecialchars($option) . '</option>';
}
?>
</select>
<select name="order_by" class="form-control" id="input_order">
<option value="Asc" <?php echo ($order_by == 'Asc') ? "selected" : ""; ?>>Asc</option>
<option value="Desc" <?php echo ($order_by == 'Desc') ? "selected" : ""; ?>>Desc</option>
</select>
<input type="submit" value="Go" class="btn btn-primary">
</form>
</div>
<!-- Filter section end -->
<hr>
<table class="table table-striped table-bordered table-condensed">
<thead>
<tr style="background-color:#BAC4CC;">
<th>Full Name</th>
<th>User Name</th>
<th>Phone</th>
<th>Email</th>
<th>User Type</th>
<th>Access Level</th>
<th>Status</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php if (!empty($result)): ?>
<?php foreach ($result as $row): ?>
<tr>
<td><h5><?php echo htmlspecialchars($row['Full_Name'] ?? '') ?></h5></td>
<td><h5><?php echo htmlspecialchars($row['user_name'] ?? '') ?></h5></td>
<td><h5><?php echo htmlspecialchars($row['Phone'] ?? '') ?></h5></td>
<td><h5><?php echo htmlspecialchars($row['email'] ?? '') ?></h5></td>
<td><h5><?php echo htmlspecialchars($row['User_Type'] ?? '') ?></h5></td>
<td><h5><?php echo htmlspecialchars($row['Access_Level'] ?? '') ?></h5></td>
<td><h5><?php echo htmlspecialchars($row['Status'] ?? '') ?></h5></td>
<?php $Status = $row['Status'] ?? ''; ?>
<td>
<ul class="nav navbar-top-links navbar-right">
<li class="dropdown">
<a class="dropdown-toggle" data-toggle="dropdown" href="#">
<i class="fa fa-folder-open"></i>
</a>
<ul class="dropdown-menu dropdown-user">
<li class="divider"></li>
<li><h6><a href="#" data-toggle="modal" data-target="#Update-Account-<?php echo $row['id'] ?>"><span class="btn btn-primary"> Update Record</span></a></h6></li>
<?php if ($Status == "Active"): ?>
<li class="divider"></li>
<li><h6><a href="#" data-toggle="modal" data-target="#Deactivate-Account-<?php echo $row['id'] ?>"><span class="btn btn-warning"> Deactivate Account</span></a></h6></li>
<?php else: ?>
<li class="divider"></li>
<li><h6><a href="#" data-toggle="modal" data-target="#Activate-Account-<?php echo $row['id'] ?>"><span class="btn btn-success"> Activate Account</span></a></h6></li>
<?php endif; ?>
<li class="divider"></li>
<li><h6><a href="#" data-toggle="modal" data-target="#confirm-delete-<?php echo $row['id'] ?>"><span class="btn btn-danger delete_btn"> Delete Record</span></a></h6></li>
</ul>
</li>
</ul>
</td>
</tr>
<!-- Record Updation Modal -->
<div class="modal fade" id="Update-Account-<?php echo $row['id'] ?>" role="dialog">
<div class="modal-dialog">
<form action="edit_admin.php" method="POST">
<div class="modal-content">
<div class="modal-header" style="text-align:center; background-color:#BAC4CC;">
<button type="button" class="close" data-dismiss="modal">×</button>
<h4 class="modal-title">Update User Account Record</h4>
</div>
<div class="modal-body">
<?php
$UserID = $row['id'];
$queryv = "SELECT * FROM `admin_accounts` WHERE id = '$UserID'";
$resultv = mysqli_query($conn, $queryv);
if ($resultv && mysqli_num_rows($resultv) > 0) {
$rowsv = mysqli_fetch_array($resultv);
} else {
$rowsv = array();
}
?>
<div class="form-group">
<label class="control-label">Full Name *</label>
<input type="text" name="Full_Name" placeholder="Full Name" class="form-control" value="<?php echo htmlspecialchars($rowsv['Full_Name'] ?? '') ?>" required autocomplete="off">
<input type="hidden" name="UserID" class="form-control" value="<?php echo htmlspecialchars($rowsv['id'] ?? '') ?>" required>
</div>
<div class="form-group">
<label class="control-label">User Name *</label>
<input type="text" name="user_name" placeholder="User Name" class="form-control" value="<?php echo htmlspecialchars($rowsv['user_name'] ?? '') ?>" required autocomplete="off">
</div>
<div class="form-group">
<label class="control-label">Phone *</label>
<input type="text" name="Phone" placeholder="Phone" class="form-control" value="<?php echo htmlspecialchars($rowsv['Phone'] ?? '') ?>" required autocomplete="off">
</div>
<div class="form-group">
<label class="control-label">Password (leave blank to keep current)</label>
<input type="password" name="passwd" placeholder="Password" class="form-control" autocomplete="off">
</div>
<div class="form-group">
<label class="control-label">Access Level*</label>
<select name="UserAccessName" class="form-control selectpicker" required>
<option value="<?php echo htmlspecialchars($rowsv['Access_Level'] ?? '') ?>"><?php echo htmlspecialchars($rowsv['Access_Level'] ?? '') ?></option>
<?php
$query3 = "SELECT * FROM `accesslevelmanagement`";
$result3 = mysqli_query($conn, $query3);
while ($row3 = mysqli_fetch_array($result3)):
$PCategory = $row3['AccessName'];
?>
<option value="<?php echo htmlspecialchars($PCategory); ?>"><?php echo htmlspecialchars($PCategory); ?></option>
<?php endwhile; ?>
</select>
</div>
<div class="form-group">
<label class="control-label">User Type *</label>
<select name="User_Type" class="form-control selectpicker" required>
<option value="<?php echo htmlspecialchars($rowsv['User_Type'] ?? '') ?>"><?php echo htmlspecialchars($rowsv['User_Type'] ?? '') ?></option>
<option value="Official">Official</option>
<option value="Student">Student</option>
</select>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="submit" id="submit" class="btn btn-warning pull-left">Save <span class="glyphicon glyphicon-send"></span></button>
<button type="button" class="btn btn-primary" data-dismiss="modal">Cancel <span class="glyphicon glyphicon-remove"></span></button>
</div>
</div>
</form>
</div>
</div>
<!-- Delete Confirmation Modal -->
<div class="modal fade" id="confirm-delete-<?php echo $row['id'] ?>" role="dialog">
<div class="modal-dialog">
<form action="delete_user.php" method="POST">
<div class="modal-content">
<div class="modal-header" style="text-align:center; background-color:#BAC4CC;">
<button type="button" class="close" data-dismiss="modal">×</button>
<h4 class="modal-title">Confirm</h4>
</div>
<div class="modal-body">
<input type="hidden" name="del_id" id="del_id" value="<?php echo $row['id'] ?>">
<p>Are you sure you want to delete this user?</p>
</div>
<div class="modal-footer">
<button type="submit" name="submit" id="submit" class="btn btn-danger delete_btn pull-left">Delete <span class="glyphicon glyphicon-trash"></span></button>
<button type="button" class="btn btn-primary" data-dismiss="modal">Cancel <span class="glyphicon glyphicon-remove"></span></button>
</div>
</div>
</form>
</div>
</div>
<!-- Add Activation/Deactivation Modals here if needed -->
<?php endforeach; ?>
<?php else: ?>
<tr>
<td colspan="8" class="text-center">No users found</td>
</tr>
<?php endif; ?>
</tbody>
</table>
<!-- Adding a New User Modal -->
<div class="modal fade" id="Upload-Students" role="dialog">
<div class="modal-dialog">
<form action="Student_Upload.php" method="post" id="contact_form" enctype="multipart/form-data">
<div class="modal-content">
<div class="modal-header" style="text-align:center; background-color:#BAC4CC;">
<button type="button" class="close" data-dismiss="modal">×</button>
<h5 class="modal-title" style="text-align:center;"><strong>UPLOAD STUDENT RECORDS</strong></h5>
</div>
<div class="modal-body">
<div class="form-group">
<label class="control-label">Grade</label>
<select name="Glade" class="form-control" required id= "Grade">
<option value="" >Select Grade/Class</option>
<option value="Baby Class" >Baby Class</option>
<option value="Middle Class" >Middle Class</option>
<option value="Top Class" >Top Class</option>
<option value="Year 1" >Year 1</option>
<option value="Year 2" >Year 2</option>
<option value="Year 3" >Year 3</option>
<option value="Year 4" >Year 4</option>
<option value="Year 5" >Year 5</option>
<option value="Year 6" >Year 6</option>
<option value="Year 7" >Year 7</option>
<option value="Year 8" >Year 8</option>
<option value="Year 9" >Year 9</option>
<option value="Year 10" >Year 10</option>
</select>
</div>
<div class="form-group">
<label class="control-label">Attach results in CSV format</label>
<div class="form-control"><input type="file" name="file" id="file" required /></div>
</div>
</div><br><hr>
<div class="modal-footer">
<button type="submit" name="submit" id="submit" class="btn btn-warning pull-left">Save <span class="glyphicon glyphicon-send"></span></button>
<button type="button" class="btn btn-primary" data-dismiss="modal">Cancel <span class="glyphicon glyphicon-remove"></span></button>
</div>
</div>
</form>
</div>
</div>
<!-- Adding a New User Modal -->
<div class="modal fade" id="Upload-NewUser" role="dialog">
<div class="modal-dialog">
<form action="" method="post" id="contact_form" enctype="multipart/form-data">
<div class="modal-content">
<div class="modal-header" style="text-align:center; background-color:#BAC4CC;">
<button type="button" class="close" data-dismiss="modal">×</button>
<h5 class="modal-title" style="text-align:center;"><strong>ADD A NEW SYSTEM USER</strong></h5>
</div>
<div class="modal-body">
<div class="form-group">
<label class="control-label">Full Name *</label>
<input type="text" name="Full_Name" placeholder="Full Name" class="form-control" required autocomplete="off">
</div>
<div class="form-group">
<label class="control-label">Student / Employment Number *</label>
<input type="text" name="UniqNumber" placeholder="Unique Number" class="form-control" required autocomplete="off">
</div>
<div class="form-group">
<label class="control-label">User Name *</label>
<input type="text" name="user_name" placeholder="User Name" class="form-control" required autocomplete="off">
</div>
<div class="form-group">
<label class="control-label">Phone *</label>
<input type="text" name="Phone" placeholder="Phone" class="form-control" required autocomplete="off">
</div>
<div class="form-group">
<label class="control-label">Email</label>
<input type="email" name="email" placeholder="Email" class="form-control" autocomplete="off">
</div>
<div class="form-group">
<label class="control-label">Password *</label>
<input type="password" name="passwd" placeholder="Password" class="form-control" required autocomplete="off">
</div>
<div class="form-group">
<label class="control-label">Access Level*</label>
<select name="AccessLevel" class="form-control selectpicker" required>
<option value="">Select Access Level</option>
<?php
$query3 = "SELECT * FROM `accesslevelmanagement`";
$result3 = mysqli_query($conn, $query3);
while ($row3 = mysqli_fetch_array($result3)):
$PCategory = $row3['AccessName'];
?>
<option value="<?php echo htmlspecialchars($PCategory); ?>"><?php echo htmlspecialchars($PCategory); ?></option>
<?php endwhile; ?>
</select>
</div>
<div class="form-group">
<label class="control-label">Region *</label>
<select name="Region" class="form-control selectpicker" required>
<option value="">Select Region</option>
<option value="South">South</option>
<option value="East">East</option>
<option value="Center">Center</option>
<option value="North">North</option>
<option value="Head Office">Head Office</option>
<option value="Admin">Admin</option>
</select>
</div>
</div>
<div class="modal-footer">
<button type="submit" name="submit" id="submit" class="btn btn-warning pull-left">Save <span class="glyphicon glyphicon-send"></span></button>
<button type="button" class="btn btn-primary" data-dismiss="modal">Cancel <span class="glyphicon glyphicon-remove"></span></button>
</div>
</div>
</form>
</div>
</div>
<!-- Pagination links -->
<div class="text-center">
<?php
if ($total_pages > 1) {
// Build query string
$query_params = $_GET;
unset($query_params['page']);
$query_string = !empty($query_params) ? '?' . http_build_query($query_params) : '?';
echo '<ul class="pagination text-center">';
for ($i = 1; $i <= $total_pages; $i++) {
$li_class = ($page == $i) ? ' class="active"' : '';
echo '<li' . $li_class . '><a href="ManageStudents.php' . $query_string . '&page=' . $i . '">' . $i . '</a></li>';
}
echo '</ul>';
}
?>
</div>
</div>
<?php
} else {
header('location: AccessLevelMessage.php');
exit();
}
include_once 'include/footer.php';
?>