Mini Shell
<?php
session_start();
$rootPath = realpath(dirname(__FILE__) . '/..');
require_once $rootPath . '/Portal/config/config.php';
require_once $rootPath . '/Portal/include/auth_validate.php';
// Check if user has permission to manage users
$User = $_SESSION['id'];
$UserAccessName = "";
$userRegion = "";
$isManagerRegUsers = false;
$isManagerAllUsers = false;
$result = mysqli_query($conn, "SELECT * FROM admin_accounts WHERE id = '$User'");
if (mysqli_num_rows($result) > 0) {
$rows = mysqli_fetch_array($result);
$UserAccessName = $rows['Access_Level'];
$userRegion = $rows['Region'];
}
// Get access control permissions from accesslevelmanagement table
$accessQuery = mysqli_query($conn, "SELECT * FROM accesslevelmanagement WHERE AccessName = '$UserAccessName'");
if (mysqli_num_rows($accessQuery) > 0) {
$accessRights = mysqli_fetch_assoc($accessQuery);
$isManagerRegUsers = isset($accessRights['Manager_Reg_Users']) && $accessRights['Manager_Reg_Users'] == 1;
$isManagerAllUsers = isset($accessRights['ManagerUsers']) && $accessRights['ManagerUsers'] == 1;
}
$db = getDbInstance();
// Get data from query string
$search_string = filter_input(INPUT_GET, 'search_string', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$filter_col = filter_input(INPUT_GET, 'filter_col', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$order_by = filter_input(INPUT_GET, 'order_by', FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$page = filter_input(INPUT_GET, 'page', FILTER_SANITIZE_NUMBER_INT);
$pagelimit = 10;
if (!$page) {
$page = 1;
}
// If filter types are not selected we show latest added data first
if (!$filter_col) {
$filter_col = "id";
}
if (!$order_by) {
$order_by = "desc";
}
// Select the columns
$select = array('id', 'Full_Name', 'Position', 'user_name', 'Phone', 'Region', 'email', 'UserDepartment', 'Status', 'HOD');
$db->where('Full_Name', 'Administrator', '!=');
// Apply access control based on user permissions
if ($isManagerAllUsers) {
// ManagerUsers = 1: Display all records (no restriction)
// No additional WHERE clause needed
} elseif ($isManagerRegUsers) {
// Manager_Reg_Users = 1: Restrict to records in user's region
if (!empty($userRegion)) {
$db->where('Region', $userRegion);
}
} else {
// No manager permissions: Show only own record
$db->where('id', $User);
}
// If user searches
if ($search_string) {
$db->where('Full_Name', '%' . $search_string . '%', 'like');
}
if ($order_by) {
$db->orderBy($filter_col, $order_by);
}
$db->pageLimit = $pagelimit;
$result = $db->arraybuilder()->paginate("admin_accounts", $page, $select);
$total_pages = $db->totalPages;
// Get columns for order filter
$filter_options = array();
if (!empty($result)) {
foreach ($result as $value) {
foreach ($value as $col_name => $col_value) {
$filter_options[$col_name] = $col_name;
}
break;
}
}
// Handle Add User POST request
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['add_user'])) {
// Check if user has permission to add users
if (!$isManagerAllUsers && !$isManagerRegUsers) {
$_SESSION['failure'] = "You don't have permission to add users!";
header('location: admin_users.php');
exit();
}
$Full_Name = mysqli_real_escape_string($conn, $_POST['Full_Name']);
$Position = mysqli_real_escape_string($conn, $_POST['Position']);
$Name = mysqli_real_escape_string($conn, $_POST['user_name']);
$Phone = mysqli_real_escape_string($conn, $_POST['Phone']);
$Password = md5($_POST['passwd']);
$AccessLevel = mysqli_real_escape_string($conn, $_POST['AccessLevel']);
$Region = mysqli_real_escape_string($conn, $_POST['Region']);
$Department = mysqli_real_escape_string($conn, $_POST['Department']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
$HOD = isset($_POST['HOD']) && $_POST['HOD'] == '1' ? '1' : '0';
// For regional managers, enforce that they can only add users to their region
if ($isManagerRegUsers && !$isManagerAllUsers) {
if ($Region != $userRegion) {
$_SESSION['failure'] = "You can only add users to your region: $userRegion";
header('location: admin_users.php');
exit();
}
}
// Check if username already exists
$check_sql = "SELECT * FROM admin_accounts WHERE user_name = '$Name'";
$check_result = mysqli_query($conn, $check_sql);
if (mysqli_num_rows($check_result) > 0) {
$_SESSION['failure'] = "Username already exists!";
} else {
$sql = mysqli_query($conn, "INSERT INTO admin_accounts (Full_Name, Position, user_name, Phone, passwd, admin_type, User_Type, email, UserAccessName, Access_Level, Region, UserDepartment, HOD, Status)
VALUES ('$Full_Name','$Position','$Name','$Phone','$Password','super','Official', '$email', '$AccessLevel', '$AccessLevel', '$Region','$Department', '$HOD', 'Active')");
$last_id = mysqli_insert_id($conn);
// Update accesslevelmanagement with the UserID
$update_sql = mysqli_query($conn, "UPDATE accesslevelmanagement SET UserID = '$last_id' WHERE AccessName = '$AccessLevel'");
if ($sql) {
date_default_timezone_set('Africa/Blantyre');
$EventTime = date('d-m-Y H:i', time());
$Action = 'Adding Record';
$RecordType = 'User Account';
$Details = "$Full_Name";
$Date = "$EventTime";
$User = $_SESSION['Full_Name'];
$event_sql = mysqli_query($conn, "INSERT INTO eventtrail (Action, RecordType, Details, Date, User)
VALUES ('$Action','$RecordType','$Details','$Date','$User')");
$_SESSION['success'] = "User added successfully!";
} else {
$_SESSION['failure'] = "Error adding user: " . mysqli_error($conn);
}
}
header('location: admin_users.php');
exit();
}
// Handle Edit User POST request
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['edit_user'])) {
// Check if user has permission to edit users
if (!$isManagerAllUsers && !$isManagerRegUsers) {
$_SESSION['failure'] = "You don't have permission to edit users!";
header('location: admin_users.php');
exit();
}
$UserID = mysqli_real_escape_string($conn, $_POST['UserID']);
$Full_Name = mysqli_real_escape_string($conn, $_POST['Full_Name']);
$Position = mysqli_real_escape_string($conn, $_POST['Position']);
$user_name = mysqli_real_escape_string($conn, $_POST['user_name']);
$Phone = mysqli_real_escape_string($conn, $_POST['Phone']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
$Department = mysqli_real_escape_string($conn, $_POST['Department']);
$UserAccessName = mysqli_real_escape_string($conn, $_POST['UserAccessName']);
$Region = mysqli_real_escape_string($conn, $_POST['Region']);
$HOD = isset($_POST['HOD']) && $_POST['HOD'] == '1' ? '1' : '0';
// Get current user data to check region
$currentUserQuery = mysqli_query($conn, "SELECT Region FROM admin_accounts WHERE id = '$UserID'");
$currentUser = mysqli_fetch_assoc($currentUserQuery);
// For regional managers, enforce that they can only edit users in their region
if ($isManagerRegUsers && !$isManagerAllUsers) {
if ($currentUser['Region'] != $userRegion) {
$_SESSION['failure'] = "You can only edit users in your region!";
header('location: admin_users.php');
exit();
}
// Also prevent changing region to a different one
if ($Region != $userRegion) {
$_SESSION['failure'] = "You cannot change user's region to a different region!";
header('location: admin_users.php');
exit();
}
}
// Check if the access level changed and update the UserID in accesslevelmanagement
$old_access_query = mysqli_query($conn, "SELECT Access_Level FROM admin_accounts WHERE id = '$UserID'");
$old_access = mysqli_fetch_assoc($old_access_query);
$update_query = "UPDATE admin_accounts SET
Full_Name = '$Full_Name',
Position = '$Position',
user_name = '$user_name',
Phone = '$Phone',
email = '$email',
UserDepartment = '$Department',
Access_Level = '$UserAccessName',
UserAccessName = '$UserAccessName',
Region = '$Region',
HOD = '$HOD'";
// Update password if provided
if (!empty($_POST['passwd'])) {
$Password = md5($_POST['passwd']);
$update_query .= ", passwd = '$Password'";
}
$update_query .= " WHERE id = '$UserID'";
if (mysqli_query($conn, $update_query)) {
// If access level changed, update the UserID in accesslevelmanagement
if ($old_access['Access_Level'] != $UserAccessName) {
// Remove UserID from old access level
mysqli_query($conn, "UPDATE accesslevelmanagement SET UserID = '0' WHERE AccessName = '{$old_access['Access_Level']}' AND UserID = '$UserID'");
// Assign UserID to new access level
mysqli_query($conn, "UPDATE accesslevelmanagement SET UserID = '$UserID' WHERE AccessName = '$UserAccessName'");
}
$_SESSION['success'] = "User updated successfully!";
// Log event
date_default_timezone_set('Africa/Blantyre');
$EventTime = date('d-m-Y H:i', time());
$event_sql = mysqli_query($conn, "INSERT INTO eventtrail (Action, RecordType, Details, Date, User)
VALUES ('Updating Record','User Account','$Full_Name','$EventTime','{$_SESSION['Full_Name']}')");
} else {
$_SESSION['failure'] = "Error updating user: " . mysqli_error($conn);
}
header('location: admin_users.php');
exit();
}
// Handle Activate User
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['activate_user'])) {
// Check if user has permission to activate users
if (!$isManagerAllUsers && !$isManagerRegUsers) {
$_SESSION['failure'] = "You don't have permission to activate users!";
header('location: admin_users.php');
exit();
}
$user_id = mysqli_real_escape_string($conn, $_POST['user_id']);
// For regional managers, verify the user is in their region
if ($isManagerRegUsers && !$isManagerAllUsers) {
$checkUserQuery = mysqli_query($conn, "SELECT Region FROM admin_accounts WHERE id = '$user_id'");
$checkUser = mysqli_fetch_assoc($checkUserQuery);
if ($checkUser['Region'] != $userRegion) {
$_SESSION['failure'] = "You can only activate users in your region!";
header('location: admin_users.php');
exit();
}
}
$query = "UPDATE admin_accounts SET Status = 'Active' WHERE id = '$user_id'";
if (mysqli_query($conn, $query)) {
$_SESSION['success'] = "User account activated successfully!";
// Log event
date_default_timezone_set('Africa/Blantyre');
$EventTime = date('d-m-Y H:i', time());
$user_query = mysqli_query($conn, "SELECT Full_Name FROM admin_accounts WHERE id = '$user_id'");
$user_data = mysqli_fetch_assoc($user_query);
$event_sql = mysqli_query($conn, "INSERT INTO eventtrail (Action, RecordType, Details, Date, User)
VALUES ('Activating Account','User Account','{$user_data['Full_Name']}','$EventTime','{$_SESSION['Full_Name']}')");
} else {
$_SESSION['failure'] = "Error activating user: " . mysqli_error($conn);
}
header('location: admin_users.php');
exit();
}
// Handle Deactivate User
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['deactivate_user'])) {
// Check if user has permission to deactivate users
if (!$isManagerAllUsers && !$isManagerRegUsers) {
$_SESSION['failure'] = "You don't have permission to deactivate users!";
header('location: admin_users.php');
exit();
}
$user_id = mysqli_real_escape_string($conn, $_POST['user_id']);
// For regional managers, verify the user is in their region
if ($isManagerRegUsers && !$isManagerAllUsers) {
$checkUserQuery = mysqli_query($conn, "SELECT Region FROM admin_accounts WHERE id = '$user_id'");
$checkUser = mysqli_fetch_assoc($checkUserQuery);
if ($checkUser['Region'] != $userRegion) {
$_SESSION['failure'] = "You can only deactivate users in your region!";
header('location: admin_users.php');
exit();
}
}
$query = "UPDATE admin_accounts SET Status = 'Inactive' WHERE id = '$user_id'";
if (mysqli_query($conn, $query)) {
$_SESSION['success'] = "User account deactivated successfully!";
// Log event
date_default_timezone_set('Africa/Blantyre');
$EventTime = date('d-m-Y H:i', time());
$user_query = mysqli_query($conn, "SELECT Full_Name FROM admin_accounts WHERE id = '$user_id'");
$user_data = mysqli_fetch_assoc($user_query);
$event_sql = mysqli_query($conn, "INSERT INTO eventtrail (Action, RecordType, Details, Date, User)
VALUES ('Deactivating Account','User Account','{$user_data['Full_Name']}','$EventTime','{$_SESSION['Full_Name']}')");
} else {
$_SESSION['failure'] = "Error deactivating user: " . mysqli_error($conn);
}
header('location: admin_users.php');
exit();
}
// Handle Delete User
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['delete_user'])) {
// Check if user has permission to delete users
if (!$isManagerAllUsers && !$isManagerRegUsers) {
$_SESSION['failure'] = "You don't have permission to delete users!";
header('location: admin_users.php');
exit();
}
$del_id = mysqli_real_escape_string($conn, $_POST['del_id']);
// For regional managers, verify the user is in their region
if ($isManagerRegUsers && !$isManagerAllUsers) {
$checkUserQuery = mysqli_query($conn, "SELECT Region FROM admin_accounts WHERE id = '$del_id'");
$checkUser = mysqli_fetch_assoc($checkUserQuery);
if ($checkUser['Region'] != $userRegion) {
$_SESSION['failure'] = "You can only delete users in your region!";
header('location: admin_users.php');
exit();
}
}
// Get user data before deleting
$user_query = mysqli_query($conn, "SELECT Full_Name, Access_Level FROM admin_accounts WHERE id = '$del_id'");
$user_data = mysqli_fetch_assoc($user_query);
// Remove UserID from accesslevelmanagement
mysqli_query($conn, "UPDATE accesslevelmanagement SET UserID = '0' WHERE AccessName = '{$user_data['Access_Level']}' AND UserID = '$del_id'");
$query = "DELETE FROM admin_accounts WHERE id = '$del_id'";
if (mysqli_query($conn, $query)) {
$_SESSION['success'] = "User deleted successfully!";
// Log event
date_default_timezone_set('Africa/Blantyre');
$EventTime = date('d-m-Y H:i', time());
$event_sql = mysqli_query($conn, "INSERT INTO eventtrail (Action, RecordType, Details, Date, User)
VALUES ('Deleting Record','User Account','{$user_data['Full_Name']}','$EventTime','{$_SESSION['Full_Name']}')");
} else {
$_SESSION['failure'] = "Error deleting user: " . mysqli_error($conn);
}
header('location: admin_users.php');
exit();
}
include_once 'include/AdminHeader.php';
?>
<!-- Add Font Awesome and Bootstrap Select -->
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.13.18/css/bootstrap-select.min.css">
<script src="https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.13.18/js/bootstrap-select.min.js"></script>
<style>
/* [Keep all the existing CSS styles exactly as before] */
/* BEAUTIFUL STYLING */
:root {
--primary-green: #2ecc71;
--dark-green: #27ae60;
--light-green: #d4edda;
--soft-white: #f8f9fa;
--pure-white: #ffffff;
--light-gray: #e9ecef;
--medium-gray: #ced4da;
--dark-gray: #495057;
--charcoal: #343a40;
--black: #212529;
--shadow: 0 2px 4px rgba(0,0,0,0.1);
--warning-color: #ffc107;
--danger-color: #dc3545;
}
body {
background-color: #f0f2f5;
font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
}
#page-wrapper {
min-height: 100vh;
padding: 15px;
}
.form-container {
max-width: 1400px;
margin: 0 auto;
}
.page-header {
background: var(--pure-white);
padding: 15px 25px;
border-radius: 8px;
margin: 0 0 20px 0;
box-shadow: var(--shadow);
border-left: 4px solid var(--primary-green);
display: flex;
align-items: center;
justify-content: space-between;
flex-wrap: wrap;
gap: 15px;
}
.page-header h4 {
margin: 0;
font-size: 20px;
font-weight: 600;
color: var(--black);
display: flex;
align-items: center;
gap: 10px;
}
.page-header h4 i {
color: var(--primary-green);
font-size: 24px;
}
.action-buttons {
display: flex;
gap: 10px;
flex-wrap: wrap;
}
.btn-custom {
padding: 8px 16px;
border-radius: 6px;
font-weight: 500;
font-size: 13px;
text-transform: uppercase;
letter-spacing: 0.3px;
transition: all 0.2s ease;
border: none;
cursor: pointer;
display: inline-flex;
align-items: center;
gap: 6px;
text-decoration: none;
}
.btn-custom i {
font-size: 14px;
}
.btn-custom-primary {
background: var(--pure-white);
color: var(--black);
border: 1px solid var(--light-gray);
}
.btn-custom-primary:hover {
background: var(--light-gray);
text-decoration: none;
color: var(--black);
}
.btn-custom-success {
background: var(--primary-green);
color: var(--pure-white);
}
.btn-custom-success:hover {
background: var(--dark-green);
text-decoration: none;
color: var(--pure-white);
}
.alert-custom {
padding: 12px 18px;
border-radius: 6px;
margin-bottom: 20px;
border: none;
display: flex;
align-items: center;
gap: 12px;
font-size: 14px;
box-shadow: var(--shadow);
}
.alert-custom i {
font-size: 18px;
}
.alert-custom-success {
background: var(--light-green);
color: var(--dark-green);
border-left: 4px solid var(--primary-green);
}
.alert-custom-danger {
background: #f8d7da;
color: #721c24;
border-left: 4px solid var(--danger-color);
}
.filter-section {
background: var(--pure-white);
border-radius: 8px;
padding: 15px 20px;
margin-bottom: 20px;
box-shadow: var(--shadow);
border: 1px solid var(--light-gray);
overflow-x: auto;
}
.filter-form {
display: flex;
align-items: center;
gap: 15px;
min-width: min-content;
}
.filter-form .form-control {
height: 38px;
border: 1px solid var(--light-gray);
border-radius: 6px;
padding: 0 10px;
font-size: 13px;
background: var(--pure-white);
}
.filter-form .form-control:focus {
border-color: var(--primary-green);
outline: none;
box-shadow: 0 0 0 2px rgba(46, 204, 113, 0.1);
}
.filter-form .btn-primary {
height: 38px;
padding: 0 20px;
background: var(--primary-green);
border: none;
border-radius: 6px;
color: white;
font-weight: 500;
font-size: 13px;
display: flex;
align-items: center;
gap: 5px;
white-space: nowrap;
cursor: pointer;
}
.filter-form .btn-primary:hover {
background: var(--dark-green);
}
.filter-label {
display: flex;
align-items: center;
gap: 5px;
color: var(--dark-gray);
font-weight: 500;
font-size: 13px;
white-space: nowrap;
}
.filter-label i {
color: var(--primary-green);
font-size: 14px;
}
.table-container {
background: var(--pure-white);
border-radius: 10px;
padding: 15px;
box-shadow: var(--shadow);
margin-bottom: 20px;
overflow-x: auto;
}
.table {
width: 100%;
border-collapse: collapse;
margin-bottom: 0;
}
.table thead tr {
background: linear-gradient(135deg, var(--charcoal) 0%, var(--black) 100%);
}
.table thead th {
padding: 12px 10px;
color: var(--pure-white);
font-weight: 500;
font-size: 13px;
text-transform: uppercase;
letter-spacing: 0.3px;
border: none;
white-space: nowrap;
}
.table tbody tr {
border-bottom: 1px solid var(--light-gray);
transition: background-color 0.2s ease;
}
.table tbody tr:hover {
background-color: rgba(46, 204, 113, 0.05);
}
.table tbody td {
padding: 12px 10px;
color: var(--dark-gray);
font-size: 12px;
vertical-align: middle;
}
/* Reduced font size for table content */
.table tbody td h5 {
font-size: 12px;
margin: 0;
font-weight: normal;
}
.table tbody td .hod-badge {
font-size: 9px;
padding: 1px 6px;
}
.table tbody td .status-badge {
font-size: 10px;
padding: 3px 8px;
}
.hod-badge {
background: var(--primary-green);
color: white;
padding: 2px 8px;
border-radius: 12px;
font-size: 10px;
font-weight: 600;
text-transform: uppercase;
margin-left: 5px;
display: inline-block;
}
.action-dropdown {
position: relative;
display: inline-block;
}
.action-toggle {
background: var(--light-gray);
border: none;
padding: 8px 12px;
border-radius: 6px;
color: var(--dark-gray);
cursor: pointer;
display: flex;
align-items: center;
gap: 5px;
font-size: 12px;
transition: all 0.2s ease;
width: 100%;
white-space: nowrap;
}
.action-toggle:hover {
background: var(--primary-green);
color: white;
}
.action-menu {
position: absolute;
right: 0;
top: 100%;
background: var(--pure-white);
border-radius: 8px;
box-shadow: 0 4px 12px rgba(0,0,0,0.15);
min-width: 200px;
z-index: 1000;
display: none;
margin-top: 5px;
border: 1px solid var(--light-gray);
}
.action-menu.show {
display: block;
}
.action-menu-item {
padding: 12px 15px;
display: flex;
align-items: center;
gap: 12px;
color: var(--dark-gray);
text-decoration: none;
font-size: 13px;
transition: all 0.2s ease;
border-bottom: 1px solid var(--light-gray);
cursor: pointer;
white-space: nowrap;
}
.action-menu-item:last-child {
border-bottom: none;
}
.action-menu-item:hover {
background: rgba(46, 204, 113, 0.1);
color: var(--primary-green);
text-decoration: none;
}
.action-menu-item i {
width: 18px;
font-size: 14px;
text-align: center;
}
.status-badge {
padding: 4px 8px;
border-radius: 12px;
font-size: 11px;
font-weight: 600;
text-transform: uppercase;
letter-spacing: 0.2px;
display: inline-block;
}
.status-active {
background: var(--light-green);
color: var(--dark-green);
}
.status-inactive {
background: #f8d7da;
color: #721c24;
}
.modal-content-custom {
border-radius: 12px;
border: none;
box-shadow: 0 10px 30px rgba(0,0,0,0.2);
overflow: hidden;
}
.modal-header-custom {
background: linear-gradient(135deg, var(--charcoal) 0%, var(--black) 100%);
color: var(--pure-white);
padding: 15px 20px;
border-bottom: none;
}
.modal-header-custom h4, .modal-header-custom h5 {
margin: 0;
font-weight: 500;
display: flex;
align-items: center;
gap: 10px;
}
.modal-header-custom h4 i, .modal-header-custom h5 i {
color: var(--primary-green);
font-size: 20px;
}
.modal-header-custom .close {
color: var(--pure-white);
opacity: 0.8;
}
.modal-header-custom .close:hover {
opacity: 1;
}
.modal-body-custom {
padding: 20px;
background: var(--soft-white);
}
.modal-footer-custom {
padding: 15px 20px;
background: var(--pure-white);
border-top: 1px solid var(--light-gray);
}
.form-group-custom {
margin-bottom: 15px;
}
.form-label {
display: block;
margin-bottom: 5px;
color: var(--dark-gray);
font-weight: 500;
font-size: 12px;
text-transform: uppercase;
letter-spacing: 0.2px;
}
.form-label i {
color: var(--primary-green);
margin-right: 5px;
}
.required-field::after {
content: "*";
color: #e74c3c;
margin-left: 3px;
}
.input-group-custom {
position: relative;
display: flex;
align-items: center;
}
.input-icon {
position: absolute;
left: 10px;
color: var(--primary-green);
font-size: 14px;
z-index: 2;
}
.form-control-custom {
width: 100%;
padding: 8px 10px 8px 35px;
font-size: 13px;
color: var(--black);
background: var(--pure-white);
border: 1px solid var(--light-gray);
border-radius: 6px;
transition: all 0.2s ease;
outline: none;
}
.form-control-custom:focus {
border-color: var(--primary-green);
box-shadow: 0 0 0 2px rgba(46, 204, 113, 0.1);
}
select.form-control-custom {
padding: 8px 30px 8px 35px;
appearance: none;
background-image: url("data:image/svg+xml;charset=UTF-8,%3csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24' fill='none' stroke='currentColor' stroke-width='2' stroke-linecap='round' stroke-linejoin='round'%3e%3cpolyline points='6 9 12 15 18 9'%3e%3c/polyline%3e%3c/svg%3e");
background-repeat: no-repeat;
background-position: right 10px center;
background-size: 14px;
}
.checkbox-group {
margin-top: 25px;
padding: 15px;
background: var(--pure-white);
border-radius: 6px;
border: 1px solid var(--light-gray);
display: flex;
align-items: center;
gap: 10px;
}
.checkbox-group input[type="checkbox"] {
width: 18px;
height: 18px;
cursor: pointer;
accent-color: var(--primary-green);
}
.checkbox-group label {
color: var(--dark-gray);
font-weight: 500;
font-size: 14px;
cursor: pointer;
margin: 0;
display: flex;
align-items: center;
gap: 5px;
}
.checkbox-group label i {
color: var(--primary-green);
font-size: 16px;
}
.two-column-row {
display: flex;
flex-wrap: wrap;
margin: 0 -10px;
}
.two-column-col {
flex: 1;
padding: 0 10px;
min-width: 250px;
}
.modal-btn {
padding: 8px 20px;
border-radius: 6px;
font-weight: 500;
font-size: 13px;
text-transform: uppercase;
letter-spacing: 0.3px;
transition: all 0.2s ease;
border: none;
cursor: pointer;
display: inline-flex;
align-items: center;
gap: 8px;
}
.modal-btn-primary {
background: var(--primary-green);
color: var(--pure-white);
}
.modal-btn-primary:hover {
background: var(--dark-green);
}
.modal-btn-default {
background: var(--light-gray);
color: var(--dark-gray);
}
.modal-btn-default:hover {
background: var(--medium-gray);
}
.modal-btn-danger {
background: var(--danger-color);
color: white;
}
.modal-btn-danger:hover {
background: #c82333;
}
.modal-btn-warning {
background: var(--warning-color);
color: var(--black);
}
.modal-btn-warning:hover {
background: #e0a800;
}
.pagination-container {
text-align: center;
margin-top: 20px;
}
.pagination {
display: inline-flex;
gap: 5px;
list-style: none;
padding: 0;
margin: 0;
}
.pagination li {
display: inline;
}
.pagination li a {
display: inline-block;
padding: 8px 12px;
background: var(--pure-white);
border: 1px solid var(--light-gray);
border-radius: 6px;
color: var(--dark-gray);
font-size: 13px;
text-decoration: none;
transition: all 0.2s ease;
}
.pagination li.active a {
background: var(--primary-green);
color: white;
border-color: var(--primary-green);
}
.pagination li a:hover {
background: var(--light-gray);
}
/* Access restriction message styles */
.access-restricted {
background-color: #fff3cd;
border: 1px solid #ffeaa7;
border-radius: 8px;
padding: 20px;
text-align: center;
margin: 20px 0;
}
.access-restricted i {
font-size: 48px;
color: #ffc107;
margin-bottom: 15px;
}
.access-restricted h5 {
color: #856404;
margin: 10px 0;
}
.access-restricted p {
color: #856404;
margin: 0;
}
@media (max-width: 992px) {
.filter-section {
overflow-x: auto;
}
.filter-form {
min-width: 800px;
}
}
@media (max-width: 768px) {
.page-header {
flex-direction: column;
text-align: center;
}
.two-column-col {
flex: 100%;
}
}
</style>
<div id="page-wrapper">
<div class="form-container">
<!-- Header Section -->
<div class="page-header">
<h4>
<i class="fas fa-users-cog"></i>
Manage User Accounts
<?php if ($isManagerRegUsers && !$isManagerAllUsers): ?>
<small style="font-size: 12px; color: var(--primary-green); margin-left: 10px;">
<i class="fas fa-map-marker-alt"></i> Managing: <?php echo htmlspecialchars($userRegion); ?> Region
</small>
<?php elseif ($isManagerAllUsers): ?>
<small style="font-size: 12px; color: var(--primary-green); margin-left: 10px;">
<i class="fas fa-globe"></i> Managing: All Regions
</small>
<?php endif; ?>
</h4>
<div class="action-buttons">
<?php if ($isManagerAllUsers || $isManagerRegUsers): ?>
<a href="#" data-toggle="modal" data-target="#Adding-NewUser" class="btn-custom btn-custom-success">
<i class="fas fa-plus-circle"></i>
Add User
</a>
<?php endif; ?>
<a href="admin_users.php" class="btn-custom btn-custom-primary">
<i class="fas fa-sync-alt"></i>
Refresh
</a>
</div>
</div>
<!-- Alert Messages -->
<?php include('include/flash_messages.php') ?>
<!-- Filter Section (only show if user has permissions) -->
<?php if ($isManagerAllUsers || $isManagerRegUsers): ?>
<div class="filter-section">
<form class="filter-form" action="">
<div class="filter-label">
<i class="fas fa-search"></i>
<span>Search</span>
</div>
<input type="text" class="form-control" placeholder="Full Name" name="search_string"
value="<?php echo htmlspecialchars($search_string ?? ''); ?>" style="width: 180px;">
<div class="filter-label" style="margin-left: 5px;">
<i class="fas fa-sort"></i>
<span>Order By</span>
</div>
<select name="filter_col" class="form-control" style="width: 120px;">
<?php
foreach ($filter_options as $option) {
$selected = ($filter_col === $option) ? "selected" : "";
echo '<option value="' . htmlspecialchars($option) . '" ' . $selected . '>' . htmlspecialchars($option) . '</option>';
}
?>
</select>
<select name="order_by" class="form-control" style="width: 100px;">
<option value="asc" <?php echo ($order_by == 'asc') ? "selected" : ""; ?>>Ascending</option>
<option value="desc" <?php echo ($order_by == 'desc') ? "selected" : ""; ?>>Descending</option>
</select>
<button type="submit" class="btn-primary">
<i class="fas fa-filter"></i> Go
</button>
</form>
</div>
<?php endif; ?>
<!-- Table Section -->
<div class="table-container">
<?php if (empty($result) && (!$isManagerAllUsers && !$isManagerRegUsers)): ?>
<div class="access-restricted">
<i class="fas fa-lock"></i>
<h5>Access Restricted</h5>
<p>You don't have permission to view user accounts.</p>
<p>Please contact your administrator for access.</p>
</div>
<?php elseif (empty($result)): ?>
<div class="access-restricted">
<i class="fas fa-users"></i>
<h5>No users found</h5>
<p>No users match the current criteria.</p>
</div>
<?php else: ?>
<table class="table">
<thead>
<tr>
<th>Full Name</th>
<th>Position</th>
<th>User Name</th>
<th>Phone</th>
<th>Email</th>
<th>Department</th>
<th>Region</th>
<th>Status</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php foreach ($result as $row): ?>
<?php
$Status = $row['Status'] ?? 'Inactive';
$IsHOD = isset($row['HOD']) && $row['HOD'] == '1';
// Get Department Name from ID
$dept_id = $row['UserDepartment'] ?? '';
$dept_name = 'N/A';
if (!empty($dept_id)) {
$dept_query = mysqli_query($conn, "SELECT Name FROM Department WHERE id = '$dept_id'");
if ($dept_query && mysqli_num_rows($dept_query) > 0) {
$dept_row = mysqli_fetch_assoc($dept_query);
$dept_name = $dept_row['Name'];
}
}
?>
<tr>
<td>
<h5>
<?php echo htmlspecialchars($row['Full_Name'] ?? '') ?>
<?php if ($IsHOD): ?>
<span class="hod-badge"><i class="fas fa-crown"></i> HOD</span>
<?php endif; ?>
</h5>
</td>
<td><h5><?php echo htmlspecialchars($row['Position'] ?? '') ?></h5></td>
<td><h5><?php echo htmlspecialchars($row['user_name'] ?? '') ?></h5></td>
<td><h5><?php echo htmlspecialchars($row['Phone'] ?? '') ?></h5></td>
<td><h5><?php echo htmlspecialchars($row['email'] ?? '') ?></h5></td>
<td>
<span class="status-badge" style="background: var(--light-green); color: var(--dark-green);">
<?php echo htmlspecialchars($dept_name) ?>
</span>
</td>
<td><h5><?php echo htmlspecialchars($row['Region'] ?? '') ?></h5></td>
<td>
<span class="status-badge <?php echo ($Status == 'Active') ? 'status-active' : 'status-inactive'; ?>">
<i class="fas <?php echo ($Status == 'Active') ? 'fa-check-circle' : 'fa-ban'; ?>"></i>
<?php echo $Status ?: 'Inactive' ?>
</span>
</td>
<td>
<?php if ($isManagerAllUsers || $isManagerRegUsers): ?>
<div class="action-dropdown">
<button class="action-toggle" onclick="toggleDropdown(event, 'dropdown-<?php echo $row['id']; ?>')">
<i class="fas fa-cog"></i> Actions <i class="fas fa-chevron-down"></i>
</button>
<div class="action-menu" id="dropdown-<?php echo $row['id']; ?>">
<a href="#" onclick="openEditModal(<?php echo $row['id']; ?>); return false;" class="action-menu-item">
<i class="fas fa-edit" style="color: var(--primary-green);"></i>
Edit Account
</a>
<?php if ($Status == "Active"): ?>
<a href="#" onclick="openDeactivateModal(<?php echo $row['id']; ?>, '<?php echo addslashes(htmlspecialchars($row['Full_Name'])); ?>'); return false;" class="action-menu-item">
<i class="fas fa-ban" style="color: var(--warning-color);"></i>
Deactivate Account
</a>
<?php else: ?>
<a href="#" onclick="openActivateModal(<?php echo $row['id']; ?>, '<?php echo addslashes(htmlspecialchars($row['Full_Name'])); ?>'); return false;" class="action-menu-item">
<i class="fas fa-check-circle" style="color: var(--primary-green);"></i>
Activate Account
</a>
<?php endif; ?>
<a href="#" onclick="openDeleteModal(<?php echo $row['id']; ?>, '<?php echo addslashes(htmlspecialchars($row['Full_Name'])); ?>'); return false;" class="action-menu-item">
<i class="fas fa-trash-alt" style="color: var(--danger-color);"></i>
Delete Account
</a>
</div>
</div>
<?php else: ?>
<span class="text-muted">No actions available</span>
<?php endif; ?>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
<?php endif; ?>
</div>
<!-- Add User Modal -->
<div class="modal fade" id="Adding-NewUser" tabindex="-1" role="dialog">
<div class="modal-dialog modal-lg" role="document">
<div class="modal-content modal-content-custom">
<div class="modal-header modal-header-custom">
<h5 class="modal-title">
<i class="fas fa-user-plus"></i>
Add New System User
</h5>
<button type="button" class="close" data-dismiss="modal" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>
<form action="" method="post" id="contact_form">
<div class="modal-body modal-body-custom">
<input type="hidden" name="add_user" value="1">
<div class="two-column-row">
<div class="two-column-col">
<div class="form-group-custom">
<label class="form-label required-field">
<i class="fas fa-user"></i> Full Name
</label>
<div class="input-group-custom">
<i class="fas fa-user input-icon"></i>
<input type="text" name="Full_Name" placeholder="Enter full name" class="form-control-custom" required>
</div>
</div>
<div class="form-group-custom">
<label class="form-label required-field">
<i class="fas fa-briefcase"></i> Position
</label>
<div class="input-group-custom">
<i class="fas fa-briefcase input-icon"></i>
<input type="text" name="Position" placeholder="Enter position" class="form-control-custom" required>
</div>
</div>
<div class="form-group-custom">
<label class="form-label required-field">
<i class="fas fa-phone"></i> Phone
</label>
<div class="input-group-custom">
<i class="fas fa-phone input-icon"></i>
<input type="text" name="Phone" placeholder="Enter phone number" class="form-control-custom" required>
</div>
</div>
<div class="form-group-custom">
<label class="form-label required-field">
<i class="fas fa-lock"></i> Password
</label>
<div class="input-group-custom">
<i class="fas fa-lock input-icon"></i>
<input type="password" name="passwd" placeholder="Enter password" class="form-control-custom" required>
</div>
</div>
</div>
<div class="two-column-col">
<div class="form-group-custom">
<label class="form-label required-field">
<i class="fas fa-user-tag"></i> Username
</label>
<div class="input-group-custom">
<i class="fas fa-user-tag input-icon"></i>
<input type="text" name="user_name" placeholder="Enter username" class="form-control-custom" required>
</div>
</div>
<div class="form-group-custom">
<label class="form-label">
<i class="fas fa-envelope"></i> Email
</label>
<div class="input-group-custom">
<i class="fas fa-envelope input-icon"></i>
<input type="email" name="email" placeholder="Enter email address" class="form-control-custom">
</div>
</div>
<div class="form-group-custom">
<label class="form-label required-field">
<i class="fas fa-building"></i> Department
</label>
<div class="input-group-custom">
<i class="fas fa-building input-icon"></i>
<select name="Department" class="form-control-custom" required>
<option value="">-- Select Department --</option>
<?php
$queryx = "SELECT * FROM `Department`";
$resultx = mysqli_query($conn, $queryx);
while ($rowx = mysqli_fetch_array($resultx)):
?>
<option value="<?php echo htmlspecialchars($rowx['id']); ?>"><?php echo htmlspecialchars($rowx['Name']); ?></option>
<?php endwhile; ?>
</select>
</div>
</div>
<div class="form-group-custom">
<label class="form-label required-field">
<i class="fas fa-shield-alt"></i> Access Level
</label>
<div class="input-group-custom">
<i class="fas fa-shield-alt input-icon"></i>
<select name="AccessLevel" class="form-control-custom" required>
<option value="">-- Select Access Level --</option>
<?php
// Only show access levels with UserID = 0 (unassigned)
$query3 = "SELECT * FROM `accesslevelmanagement` WHERE (UserID = '0' OR UserID IS NULL) AND AccessName != '' ORDER BY AccessName";
$result3 = mysqli_query($conn, $query3);
while ($row3 = mysqli_fetch_array($result3)):
?>
<option value="<?php echo htmlspecialchars($row3['AccessName']); ?>"><?php echo htmlspecialchars($row3['AccessName']); ?></option>
<?php endwhile; ?>
</select>
</div>
</div>
<div class="form-group-custom">
<label class="form-label required-field">
<i class="fas fa-map-marker-alt"></i> Region
</label>
<div class="input-group-custom">
<i class="fas fa-map-marker-alt input-icon"></i>
<select name="Region" class="form-control-custom" required>
<option value="">-- Select Region --</option>
<?php if ($isManagerRegUsers && !$isManagerAllUsers): ?>
<option value="<?php echo htmlspecialchars($userRegion); ?>" selected><?php echo htmlspecialchars($userRegion); ?></option>
<?php else: ?>
<option value="South">South</option>
<option value="East">East</option>
<option value="Center">Center</option>
<option value="North">North</option>
<option value="Head Office">Head Office</option>
<option value="Admin">Admin</option>
<?php endif; ?>
</select>
</div>
<?php if ($isManagerRegUsers && !$isManagerAllUsers): ?>
<small class="text-muted">Region is fixed to your region: <?php echo htmlspecialchars($userRegion); ?></small>
<?php endif; ?>
</div>
<div class="checkbox-group">
<input type="checkbox" id="HOD_new" name="HOD" value="1">
<label for="HOD_new">
<i class="fas fa-crown"></i> Head of Department
</label>
</div>
</div>
</div>
</div>
<div class="modal-footer modal-footer-custom">
<button type="button" class="modal-btn modal-btn-default" data-dismiss="modal">
<i class="fas fa-times"></i> Cancel
</button>
<button type="submit" class="modal-btn modal-btn-primary">
<i class="fas fa-user-plus"></i> Add User
</button>
</div>
</form>
</div>
</div>
</div>
<!-- Edit User Modal (Dynamic) -->
<div class="modal fade" id="EditUserModal" tabindex="-1" role="dialog">
<div class="modal-dialog modal-lg" role="document">
<div class="modal-content modal-content-custom">
<div class="modal-header modal-header-custom">
<h5 class="modal-title">
<i class="fas fa-user-edit"></i>
Edit User Account
</h5>
<button type="button" class="close" data-dismiss="modal" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>
<form action="" method="POST" id="editUserForm">
<div class="modal-body modal-body-custom">
<input type="hidden" name="UserID" id="edit_user_id">
<input type="hidden" name="edit_user" value="1">
<div class="two-column-row">
<div class="two-column-col">
<div class="form-group-custom">
<label class="form-label required-field">
<i class="fas fa-user"></i> Full Name
</label>
<div class="input-group-custom">
<i class="fas fa-user input-icon"></i>
<input type="text" name="Full_Name" id="edit_full_name" class="form-control-custom" required>
</div>
</div>
<div class="form-group-custom">
<label class="form-label required-field">
<i class="fas fa-briefcase"></i> Position
</label>
<div class="input-group-custom">
<i class="fas fa-briefcase input-icon"></i>
<input type="text" name="Position" id="edit_position" class="form-control-custom" required>
</div>
</div>
<div class="form-group-custom">
<label class="form-label required-field">
<i class="fas fa-phone"></i> Phone
</label>
<div class="input-group-custom">
<i class="fas fa-phone input-icon"></i>
<input type="text" name="Phone" id="edit_phone" class="form-control-custom" required>
</div>
</div>
<div class="form-group-custom">
<label class="form-label">
<i class="fas fa-lock"></i> Password
</label>
<div class="input-group-custom">
<i class="fas fa-lock input-icon"></i>
<input type="password" name="passwd" id="edit_password" class="form-control-custom" placeholder="Leave blank to keep current password">
</div>
<small class="text-muted">Leave empty to keep current password</small>
</div>
</div>
<div class="two-column-col">
<div class="form-group-custom">
<label class="form-label required-field">
<i class="fas fa-user-tag"></i> Username
</label>
<div class="input-group-custom">
<i class="fas fa-user-tag input-icon"></i>
<input type="text" name="user_name" id="edit_username" class="form-control-custom" required>
</div>
</div>
<div class="form-group-custom">
<label class="form-label">
<i class="fas fa-envelope"></i> Email
</label>
<div class="input-group-custom">
<i class="fas fa-envelope input-icon"></i>
<input type="email" name="email" id="edit_email" class="form-control-custom">
</div>
</div>
<div class="form-group-custom">
<label class="form-label required-field">
<i class="fas fa-building"></i> Department
</label>
<div class="input-group-custom">
<i class="fas fa-building input-icon"></i>
<select name="Department" id="edit_department" class="form-control-custom" required>
<?php
$dept_query = mysqli_query($conn, "SELECT * FROM Department");
while ($dept = mysqli_fetch_assoc($dept_query)):
?>
<option value="<?php echo $dept['id']; ?>"><?php echo htmlspecialchars($dept['Name']); ?></option>
<?php endwhile; ?>
</select>
</div>
</div>
<div class="form-group-custom">
<label class="form-label required-field">
<i class="fas fa-shield-alt"></i> Access Level
</label>
<div class="input-group-custom">
<i class="fas fa-shield-alt input-icon"></i>
<select name="UserAccessName" id="edit_access_level" class="form-control-custom" required>
<!-- Current access level will be added via JavaScript -->
</select>
</div>
</div>
<div class="form-group-custom">
<label class="form-label required-field">
<i class="fas fa-map-marker-alt"></i> Region
</label>
<div class="input-group-custom">
<i class="fas fa-map-marker-alt input-icon"></i>
<select name="Region" id="edit_region" class="form-control-custom" required>
<?php if ($isManagerRegUsers && !$isManagerAllUsers): ?>
<option value="<?php echo htmlspecialchars($userRegion); ?>" selected><?php echo htmlspecialchars($userRegion); ?></option>
<?php else: ?>
<option value="South">South</option>
<option value="East">East</option>
<option value="Center">Center</option>
<option value="North">North</option>
<option value="Head Office">Head Office</option>
<option value="Admin">Admin</option>
<?php endif; ?>
</select>
</div>
<?php if ($isManagerRegUsers && !$isManagerAllUsers): ?>
<small class="text-muted">Region is fixed to your region: <?php echo htmlspecialchars($userRegion); ?></small>
<?php endif; ?>
</div>
<div class="checkbox-group">
<input type="checkbox" id="edit_hod" name="HOD" value="1">
<label for="edit_hod">
<i class="fas fa-crown"></i> Head of Department
</label>
</div>
</div>
</div>
</div>
<div class="modal-footer modal-footer-custom">
<button type="button" class="modal-btn modal-btn-default" data-dismiss="modal">
<i class="fas fa-times"></i> Cancel
</button>
<button type="submit" class="modal-btn modal-btn-primary">
<i class="fas fa-save"></i> Update User
</button>
</div>
</form>
</div>
</div>
</div>
<!-- Deactivate Modal (Dynamic) -->
<div class="modal fade" id="DeactivateModal" tabindex="-1" role="dialog">
<div class="modal-dialog" role="document">
<div class="modal-content modal-content-custom">
<div class="modal-header modal-header-custom">
<h5 class="modal-title">
<i class="fas fa-ban" style="color: var(--warning-color);"></i>
Deactivate Account
</h5>
<button type="button" class="close" data-dismiss="modal" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>
<form action="" method="POST">
<div class="modal-body modal-body-custom">
<input type="hidden" name="user_id" id="deactivate_user_id">
<input type="hidden" name="deactivate_user" value="1">
<div style="text-align: center; padding: 20px;">
<i class="fas fa-user-lock" style="font-size: 48px; color: var(--warning-color); margin-bottom: 15px;"></i>
<p style="font-size: 16px; color: var(--dark-gray);">
Are you sure you want to <strong style="color: var(--warning-color);">deactivate</strong>
<strong id="deactivate_user_name"></strong>?
</p>
<p style="font-size: 13px; color: #999;">Deactivated users cannot log in to the system.</p>
</div>
</div>
<div class="modal-footer modal-footer-custom">
<button type="button" class="modal-btn modal-btn-default" data-dismiss="modal">
<i class="fas fa-times"></i> Cancel
</button>
<button type="submit" class="modal-btn modal-btn-warning">
<i class="fas fa-ban"></i> Deactivate
</button>
</div>
</form>
</div>
</div>
</div>
<!-- Activate Modal (Dynamic) -->
<div class="modal fade" id="ActivateModal" tabindex="-1" role="dialog">
<div class="modal-dialog" role="document">
<div class="modal-content modal-content-custom">
<div class="modal-header modal-header-custom">
<h5 class="modal-title">
<i class="fas fa-check-circle" style="color: var(--primary-green);"></i>
Activate Account
</h5>
<button type="button" class="close" data-dismiss="modal" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>
<form action="" method="POST">
<div class="modal-body modal-body-custom">
<input type="hidden" name="user_id" id="activate_user_id">
<input type="hidden" name="activate_user" value="1">
<div style="text-align: center; padding: 20px;">
<i class="fas fa-user-check" style="font-size: 48px; color: var(--primary-green); margin-bottom: 15px;"></i>
<p style="font-size: 16px; color: var(--dark-gray);">
Are you sure you want to <strong style="color: var(--primary-green);">activate</strong>
<strong id="activate_user_name"></strong>?
</p>
<p style="font-size: 13px; color: #999;">Activated users can log in to the system.</p>
</div>
</div>
<div class="modal-footer modal-footer-custom">
<button type="button" class="modal-btn modal-btn-default" data-dismiss="modal">
<i class="fas fa-times"></i> Cancel
</button>
<button type="submit" class="modal-btn modal-btn-primary">
<i class="fas fa-check-circle"></i> Activate
</button>
</div>
</form>
</div>
</div>
</div>
<!-- Delete Modal (Dynamic) -->
<div class="modal fade" id="DeleteModal" tabindex="-1" role="dialog">
<div class="modal-dialog" role="document">
<div class="modal-content modal-content-custom">
<div class="modal-header modal-header-custom">
<h5 class="modal-title">
<i class="fas fa-exclamation-triangle" style="color: var(--danger-color);"></i>
Delete Account
</h5>
<button type="button" class="close" data-dismiss="modal" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>
<form action="" method="POST">
<div class="modal-body modal-body-custom">
<input type="hidden" name="del_id" id="delete_user_id">
<input type="hidden" name="delete_user" value="1">
<div style="text-align: center; padding: 20px;">
<i class="fas fa-user-slash" style="font-size: 48px; color: var(--danger-color); margin-bottom: 15px;"></i>
<p style="font-size: 16px; color: var(--dark-gray);">
Are you sure you want to <strong style="color: var(--danger-color);">permanently delete</strong>
<strong id="delete_user_name"></strong>?
</p>
<p style="font-size: 13px; color: #999;">This action cannot be undone. All user data will be lost.</p>
</div>
</div>
<div class="modal-footer modal-footer-custom">
<button type="button" class="modal-btn modal-btn-default" data-dismiss="modal">
<i class="fas fa-times"></i> Cancel
</button>
<button type="submit" class="modal-btn modal-btn-danger">
<i class="fas fa-trash-alt"></i> Delete Permanently
</button>
</div>
</form>
</div>
</div>
</div>
<!-- Pagination -->
<?php if ($total_pages > 1 && ($isManagerAllUsers || $isManagerRegUsers)): ?>
<div class="pagination-container">
<?php
$query_params = $_GET;
unset($query_params['page']);
$query_string = !empty($query_params) ? '&' . http_build_query($query_params) : '';
?>
<ul class="pagination">
<?php for ($i = 1; $i <= $total_pages; $i++): ?>
<li class="<?php echo ($page == $i) ? 'active' : ''; ?>">
<a href="?page=<?php echo $i . $query_string; ?>"><?php echo $i; ?></a>
</li>
<?php endfor; ?>
</ul>
</div>
<?php endif; ?>
</div>
</div>
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.5/jquery.validate.min.js"></script>
<script>
// Store user data for edit modal
var userData = {};
// Toggle dropdown on click
function toggleDropdown(event, dropdownId) {
event.stopPropagation();
var menu = document.getElementById(dropdownId);
var isShow = menu.classList.contains('show');
// Close all dropdowns
var allMenus = document.querySelectorAll('.action-menu');
allMenus.forEach(function(m) {
m.classList.remove('show');
});
// If current wasn't shown, show it
if (!isShow) {
menu.classList.add('show');
}
}
// Close dropdowns when clicking outside
document.addEventListener('click', function(event) {
var isDropdownButton = event.target.closest('.action-toggle');
var isDropdownMenu = event.target.closest('.action-menu');
if (!isDropdownButton && !isDropdownMenu) {
var allMenus = document.querySelectorAll('.action-menu');
allMenus.forEach(function(m) {
m.classList.remove('show');
});
}
});
// Open Edit Modal with user data
function openEditModal(userId) {
// Fetch user data via AJAX
$.ajax({
url: 'get_user_data.php',
type: 'POST',
data: { user_id: userId },
dataType: 'json',
success: function(data) {
if (data.success) {
$('#edit_user_id').val(data.user.id);
$('#edit_full_name').val(data.user.Full_Name);
$('#edit_position').val(data.user.Position);
$('#edit_username').val(data.user.user_name);
$('#edit_phone').val(data.user.Phone);
$('#edit_email').val(data.user.email);
$('#edit_department').val(data.user.UserDepartment);
$('#edit_region').val(data.user.Region);
$('#edit_hod').prop('checked', data.user.HOD == 1);
// Build access level dropdown with current as default and only unassigned ones
var currentAccess = data.user.Access_Level;
var accessOptions = '<option value="' + currentAccess + '">' + currentAccess + ' (Current)</option>';
// Fetch available access levels (UserID = 0)
$.ajax({
url: 'get_available_access_levels.php',
type: 'POST',
dataType: 'json',
success: function(levels) {
$.each(levels, function(index, level) {
if (level.AccessName != currentAccess) {
accessOptions += '<option value="' + level.AccessName + '">' + level.AccessName + '</option>';
}
});
$('#edit_access_level').html(accessOptions);
}
});
$('#EditUserModal').modal('show');
}
},
error: function() {
alert('Error loading user data');
}
});
}
// Open Deactivate Modal
function openDeactivateModal(userId, userName) {
$('#deactivate_user_id').val(userId);
$('#deactivate_user_name').text(userName);
$('#DeactivateModal').modal('show');
}
// Open Activate Modal
function openActivateModal(userId, userName) {
$('#activate_user_id').val(userId);
$('#activate_user_name').text(userName);
$('#ActivateModal').modal('show');
}
// Open Delete Modal
function openDeleteModal(userId, userName) {
$('#delete_user_id').val(userId);
$('#delete_user_name').text(userName);
$('#DeleteModal').modal('show');
}
// Form validation for add user
$(document).ready(function() {
$("#contact_form").validate({
rules: {
Full_Name: { required: true, minlength: 3 },
user_name: { required: true, minlength: 3 },
Phone: { required: true, minlength: 10 },
passwd: { required: true, minlength: 6 },
Department: { required: true },
AccessLevel: { required: true },
Region: { required: true }
},
messages: {
Full_Name: { required: "Full name is required", minlength: "Minimum 3 characters" },
user_name: { required: "Username is required", minlength: "Minimum 3 characters" },
Phone: { required: "Phone number is required", minlength: "Minimum 10 digits" },
passwd: { required: "Password is required", minlength: "Minimum 6 characters" },
Department: "Please select a department",
AccessLevel: "Please select access level",
Region: "Please select region"
},
errorElement: "span",
errorClass: "help-block",
submitHandler: function(form) {
$('.modal-btn-primary').prop('disabled', true).html('<i class="fas fa-spinner fa-spin"></i> Saving...');
form.submit();
}
});
// Prevent dropdown from closing when clicking inside menu
$('.action-menu').on('click', function(e) {
e.stopPropagation();
});
});
</script>
<?php
include_once 'include/footer.php';
?>