|
Server IP : 103.53.40.154 / Your IP : 3.149.231.122 Web Server : Apache System : Linux md-in-35.webhostbox.net 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64 User : ppcad7no ( 715) PHP Version : 8.2.25 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON Directory (0755) : /home2/ppcad7no/asksolution.in/../drckjon.in/../shsindia.com/crm/ |
| [ Home ] | [ C0mmand ] | [ Upload File ] |
|---|
<?php
include_once('include/config.php');
if (!isLoggedIn()) {
$_SESSION['msg'] = "You must log in first";
header('location: login.php');
}
if (!isAdmin()) {
$_SESSION['msg'] = "You are not Admin";
header('location: login.php');
}
if ($_SERVER["REQUEST_METHOD"] === "POST") {
if (isset($_POST['submit_user'])) {
$username = $_POST['username'];
$name = $_POST['name'];
$phone = $_POST['phone'];
$email = $_POST['email'];
$address = htmlspecialchars($_POST['address'], ENT_QUOTES);
$password = $_POST['password'];
$status = $_POST['status'];
$manager_id = $_POST['manager_type'];
$user_type = $_POST['user_type'];
date_default_timezone_set('Asia/Kolkata');
$current_datetime = date('Y-m-d H:i:s');
$selectedAccess = $_POST['access'];
$accessString = implode(',', $selectedAccess);
// Check if username already exists
$sql_check_username = "SELECT COUNT(*) FROM login_tbl WHERE username='$username'";
$result_check_username = mysqli_query($db, $sql_check_username);
$row = mysqli_fetch_array($result_check_username);
if ($row[0] > 0) {
echo "<script>
window.alert('Username Already Use, Please add new username.');
window.location.href = 'manage-sub-users.php';
</script>";
} else {
$sql = "INSERT INTO `login_tbl`(`name`, `admin_access`, `username`, `user_type`, `password`, `user_status`, `add_date`, `address`, `email`, `phone`, `manager_id`)
VALUES ('$name', '$accessString', '$username', '$user_type', '$password', '$status', '$current_datetime', '$address', '$email', '$phone', '$manager_id')";
$result = mysqli_query($db, $sql) or die("Query unsuccessful");
if ($result) {
echo "<script>
window.alert('Subadmin are activated successfully.');
window.location.href = 'manage-sub-users.php';
</script>";
}
}
}
if (isset($_POST['edit_user'])) {
$id = $_POST['id'];
$username = $_POST['username'];
$name = $_POST['name'];
$phone = $_POST['phone'];
$email = $_POST['email'];
$address = htmlspecialchars($_POST['address'], ENT_QUOTES);
$password = $_POST['password'];
$status = $_POST['status'];
$manager_id = $_POST['manager_type'];
$user_type = $_POST['user_type'];
date_default_timezone_set('Asia/Kolkata');
$current_datetime = date('Y-m-d H:i:s');
$selectedAccess = $_POST['access'];
$accessString = implode(',', $selectedAccess);
// Check if username already exists (excluding the current user)
$sql_check_username = "SELECT COUNT(*) FROM login_tbl WHERE username='$username' AND id != '$id'";
$result_check_username = mysqli_query($db, $sql_check_username);
$row = mysqli_fetch_array($result_check_username);
if ($row[0] > 0) {
echo "<script>
window.alert('Username is already in use.');
window.location.href = 'manage-sub-users.php';
</script>";
} else {
$sql = "UPDATE `login_tbl` SET
`name` = '$name',
`admin_access` = '$accessString',
`username` = '$username',
`password` = '$password',
`user_type` = '$user_type',
`phone` = '$phone',
`email` = '$email',
`manager_id` = '$manager_id',
`address` = '$address',
`user_status` = '$status'
WHERE `id` = $id";
$result = mysqli_query($db, $sql) or die("Query unsuccessful");
if ($result) {
echo "<script>
window.alert('Sub User Update successfully.');
window.location.href = 'manage-sub-users.php';
</script>";
}
}
}
if (isset($_POST['active'])) {
$checkedIDs = $_POST['checkedIDs'];
foreach ($checkedIDs as $pageID) {
$sql = "UPDATE login_tbl SET admin_status='Active' WHERE id='$pageID'";
$result = mysqli_query($db, $sql) or die("Query unsuccessful");
}
if ($result) {
echo "<script>
window.alert('Subadmin are activated successfully.');
window.location.href = 'manage-sub-users.php';
</script>";
}
}
if (isset($_POST['inactive'])) {
$checkedIDs = $_POST['checkedIDs'];
foreach ($checkedIDs as $pageID) {
$sql = "UPDATE login_tbl SET admin_status='Inactive' WHERE id='$pageID'";
$result = mysqli_query($db, $sql) or die("Query unsuccessful");
}
if ($result) {
echo "<script>
window.alert('Subadmin are deactivated successfully.');
window.location.href = 'manage-sub-users.php';
</script>";
}
}
if (isset($_POST['delete'])) {
$checkedIDs = $_POST['checkedIDs'];
foreach ($checkedIDs as $pageID) {
$sql = "DELETE FROM `login_tbl` WHERE id='$pageID'";
$result = mysqli_query($db, $sql) or die("Query unsuccessful");
}
if ($result) {
echo "<script>
window.alert('Subadmin Deleted successfully.');
window.location.href = 'manage-sub-users.php';
</script>";
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<?php include "top-links.php";?>
</head>
<body>
<!-- Begin page -->
<div class="wrapper">
<?php include "header.php";?>
<?php include "sidebar.php";?>
<div class="content-page">
<div class="content">
<!-- Start Content-->
<div class="container-fluid">
<div class="row">
<div class="col-12">
<div class="card">
<div class="card-header">
<h4 class="header-title mb-0"> Add Sub User</h4>
</div>
<div class="card-body">
<form action="<?php $_PHP_SELF?>" method="POST" enctype="multipart/form-data">
<div class="row">
<div class="col-xl-4 mb-2">
<div class="form-group">
<label>Name</label>
<input type="text" class="form-control" name="name" >
</div>
</div>
<div class="col-xl-4 mb-2">
<div class="form-group">
<label>Phone Number</label>
<input type="text" class="form-control" name="phone" >
</div>
</div>
<div class="col-xl-4 mb-2">
<div class="form-group">
<label>Email</label>
<input type="email" class="form-control" name="email" >
</div>
</div>
<div class="col-xl-12 mb-2">
<div class="form-group">
<label>Address</label>
<input type="text" class="form-control" name="address" >
</div>
</div>
<div class="col-xl-3 mb-2">
<div class="form-group">
<label>User Name</label>
<input type="text" class="form-control" name="username" required>
</div>
</div>
<div class="col-xl-3 mb-2">
<div class="form-group">
<label>Password</label>
<input type="text" class="form-control" name="password" required>
</div>
</div>
<div class="col-xl-3 mb-2">
<div class="form-group">
<label for="category">Status</label>
<select style ="width:100%; height:2.3rem; padding:3px; border-radius:5px;" name="status">
<option value="Active">Active</option>
<option value="Inactive">Inactive</option>
</select>
</div>
</div>
<?php
$user_type = $_SESSION['user']['user_type'];
$manager_idss = $_SESSION['user']['id'];
?>
<div class="col-xl-3 mb-2">
<div class="form-group">
<label for="category">User Type</label>
<select id="user_type" style="width:100%; height:2.3rem; padding:3px; border-radius:5px;" name="user_type">
<?php if ($user_type == 'supadmin' || $user_type == 'admin'): ?>
<option value="Manager">Manager</option>
<?php endif; ?>
<option value="Supervisor">Supervisor</option>
</select>
</div>
</div>
</div>
<?php if ($user_type == 'supadmin' || $user_type == 'admin'): ?>
<div id="manager_dropdown" class="col-xl-3 mb-2" style="display:none;">
<div class="form-group">
<label for="manager_type">Select Manager</label>
<select id="manager_type" style="width:100%; height:2.3rem; padding:3px; border-radius:5px;" name="manager_type">
<option value="0">Select Manager</option>
<?php
$sqlsup = "SELECT * FROM `login_tbl` WHERE user_type='Manager' AND user_status='Active'";
$runsup = mysqli_query($db,$sqlsup) or die("Query Not run");
while($datasup = mysqli_fetch_assoc($runsup)){
?>
<option value="<?php echo $datasup['id'];?>"><?php echo $datasup['name'];?></option>
<?php } ?>
</select>
</div>
</div>
<?php endif; ?>
<?php if ($user_type == 'Manager'): ?>
<input type="hidden" name="manager_type" value="<?php echo $manager_idss;?>">
<?php endif; ?>
<script>
document.getElementById('user_type').addEventListener('change', function() {
var userType = this.value;
var managerDropdown = document.getElementById('manager_dropdown');
if (userType === 'Supervisor') {
managerDropdown.style.display = 'block';
} else {
managerDropdown.style.display = 'none';
}
});
</script>
<?php if ($user_type == 'supadmin' || $user_type == 'admin'): ?>
<div class="row pt-2 pb-2" >
<table width="100%" border="0" cellspacing="0" cellpadding="2">
<tbody>
<!--<tr>-->
<!--<td width="3%" scope="col"><input type="checkbox" name="access[]" value="01"></td>-->
<!--<td width="23%">Manage Company</td>-->
<!--<td><input type="checkbox" name="access[]" value="04"></td>-->
<!--<td>Employee Skills</td>-->
<!--</tr>-->
<tr>
<th scope="row"><input type="checkbox" name="access[]" value="03"></th>
<td>Manage Employees</td>
<th scope="row"><input type="checkbox" name="access[]" value="02"></th>
<td>Manage Customers</td>
</tr>
<tr>
<th scope="row"><input type="checkbox" name="access[]" value="05"></th>
<td>Assignement of Employees</td>
<th scope="row"><input type="checkbox" name="access[]" value="08"></th>
<td>Employee Scheduling</td>
</tr>
<!--<tr>-->
<!--<th scope="row"><input type="checkbox" name="access[]" value="06"></th>-->
<!--<td>Manage Roles</td>-->
<!--<th scope="row"><input type="checkbox" name="access[]" value="07"></th>-->
<!--<td>Manage Shifts</td>-->
<!--</tr>-->
<tr>
<th scope="row"><input type="checkbox" name="access[]" value="09"></th>
<td>Attendance</td>
<th scope="row"><input type="checkbox" name="access[]" value="10"></th>
<td>Employee Tracking</td>
</tr>
<tr>
<th scope="row"><input type="checkbox" name="access[]" value="11"></th>
<td>Notifications</td>
<th scope="row"><input type="checkbox" name="access[]" value="12"></th>
<td>Reportings</td>
</tr>
<tr>
<th scope="row"><input type="checkbox" name="access[]" value="13"></th>
<td>Inventory Management</td>
<th scope="row"><input type="checkbox" name="access[]" value="14"></th>
<td>Payroll/Salary Management</td>
</tr>
<tr>
<th scope="row"><input type="checkbox" name="access[]" value="15"></th>
<td>Manage Sub Users</td>
<!--<th scope="row"><input type="checkbox" name="access[]" value="14"></th>-->
<!--<td>Payroll/Salary Management</td>-->
</tr>
<tr>
<th scope="row"><input name="check_all" type="checkbox" id="check_all" value="check_all" onclick="checkall(this.form)"></th>
<td><b>Select All</b></td>
</tr>
</tbody>
</table>
</div>
<?php endif; ?>
<?php if ($user_type == 'Manager'): ?>
<input type="hidden" name="access[]" value="02,03,09,10,11,12,13,14">
<?php endif; ?>
<div class="row">
<div class="col-12">
<button type="update" name="submit_user" class="btn btn-success" >Submit</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<script>
function togglePasswordVisibility() {
var passwordField = document.getElementById('password');
var passwordToggle = document.getElementById('password-toggle');
if (passwordField.type === 'password') {
passwordField.type = 'text';
passwordToggle.className = 'fa fa-eye-slash';
} else {
passwordField.type = 'password';
passwordToggle.className = 'fa fa-eye';
}
}
</script>
<script>
function checkall(form) {
var checkboxes = form.elements['access[]'];
var checkAllCheckbox = form.elements['check_all'];
for (var i = 0; i < checkboxes.length; i++) {
checkboxes[i].checked = checkAllCheckbox.checked;
}
}
</script>
<?php include "footer.php";?>
</body>
</html>