PHP Files for admin such as messages, products available in stock to …

…be monitored -fixes #6
eslamdyab21 · Apr 24, 2023 · a674cf8 · a674cf8
1 parent 42936cc
commit a674cf8
Show file tree

Hide file tree

Showing 5 changed files with 526 additions and 0 deletions.
diff --git a/ecommerce-website/admin/admin_accounts.php b/ecommerce-website/admin/admin_accounts.php
@@ -0,0 +1,93 @@
+<?php
+
+include '../components/connect.php';
+
+session_start();
+
+$admin_id = $_SESSION['admin_id'];
+
+if(!isset($admin_id)){
+   header('location:admin_login.php');
+}
+
+if(isset($_GET['delete'])){
+   $delete_id = $_GET['delete'];
+   $delete_admins = $conn->prepare("DELETE FROM `admins` WHERE id = ?");
+   $delete_admins->execute([$delete_id]);
+   header('location:admin_accounts.php');
+}
+
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+   <meta charset="UTF-8">
+   <meta http-equiv="X-UA-Compatible" content="IE=edge">
+   <meta name="viewport" content="width=device-width, initial-scale=1.0">
+   <title>admin accounts</title>
+
+   <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css">
+
+   <link rel="stylesheet" href="../css/admin_style.css">
+
+</head>
+<body>
+
+<?php include '../components/admin_header.php'; ?>
+
+<section class="accounts">
+
+   <h1 class="heading">admin accounts</h1>
+
+   <div class="box-container">
+
+   <div class="box">
+      <p>add new admin</p>
+      <a href="register_admin.php" class="option-btn">register admin</a>
+   </div>
+
+   <?php
+      $select_accounts = $conn->prepare("SELECT * FROM `admins`");
+      $select_accounts->execute();
+      if($select_accounts->rowCount() > 0){
+         while($fetch_accounts = $select_accounts->fetch(PDO::FETCH_ASSOC)){   
+   ?>
+   <div class="box">
+      <p> admin id : <span><?= $fetch_accounts['id']; ?></span> </p>
+      <p> admin name : <span><?= $fetch_accounts['name']; ?></span> </p>
+      <div class="flex-btn">
+         <a href="admin_accounts.php?delete=<?= $fetch_accounts['id']; ?>" onclick="return confirm('delete this account?')" class="delete-btn">delete</a>
+         <?php
+            if($fetch_accounts['id'] == $admin_id){
+               echo '<a href="update_profile.php" class="option-btn">update</a>';
+            }
+         ?>
+      </div>
+   </div>
+   <?php
+         }
+      }else{
+         echo '<p class="empty">no accounts available!</p>';
+      }
+   ?>
+
+   </div>
+
+</section>
+
+
+
+
+
+
+
+
+
+
+
+
+<script src="../js/admin_script.js"></script>
+
+</body>
+</html>
diff --git a/ecommerce-website/admin/admin_login.php b/ecommerce-website/admin/admin_login.php
@@ -0,0 +1,70 @@
+<?php
+
+include '../components/connect.php';
+
+session_start();
+
+if(isset($_POST['submit'])){
+
+   $name = $_POST['name'];
+   $name = filter_var($name, FILTER_SANITIZE_STRING);
+   $pass = sha1($_POST['pass']);
+   $pass = filter_var($pass, FILTER_SANITIZE_STRING);
+
+   $select_admin = $conn->prepare("SELECT * FROM `admins` WHERE name = ? AND password = ?");
+   $select_admin->execute([$name, $pass]);
+   $row = $select_admin->fetch(PDO::FETCH_ASSOC);
+
+   if($select_admin->rowCount() > 0){
+      $_SESSION['admin_id'] = $row['id'];
+      header('location:dashboard.php');
+   }else{
+      $message[] = 'incorrect username or password!';
+   }
+
+}
+
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+   <meta charset="UTF-8">
+   <meta http-equiv="X-UA-Compatible" content="IE=edge">
+   <meta name="viewport" content="width=device-width, initial-scale=1.0">
+   <title>login</title>
+
+   <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css">
+
+   <link rel="stylesheet" href="../css/admin_style.css">
+
+</head>
+<body>
+
+<?php
+   if(isset($message)){
+      foreach($message as $message){
+         echo '
+         <div class="message">
+            <span>'.$message.'</span>
+            <i class="fas fa-times" onclick="this.parentElement.remove();"></i>
+         </div>
+         ';
+      }
+   }
+?>
+
+<section class="form-container">
+
+   <form action="" method="post">
+      <h3>login now</h3>
+      <p>default username = <span>admin</span> & password = <span>111</span></p>
+      <input type="text" name="name" required placeholder="enter your username" maxlength="20"  class="box" oninput="this.value = this.value.replace(/\s/g, '')">
+      <input type="password" name="pass" required placeholder="enter your password" maxlength="20"  class="box" oninput="this.value = this.value.replace(/\s/g, '')">
+      <input type="submit" value="login now" class="btn" name="submit">
+   </form>
+
+</section>
+
+</body>
+</html>
diff --git a/ecommerce-website/admin/messages.php b/ecommerce-website/admin/messages.php
@@ -0,0 +1,84 @@
+<?php
+
+include '../components/connect.php';
+
+session_start();
+
+$admin_id = $_SESSION['admin_id'];
+
+if(!isset($admin_id)){
+   header('location:admin_login.php');
+};
+
+if(isset($_GET['delete'])){
+   $delete_id = $_GET['delete'];
+   $delete_message = $conn->prepare("DELETE FROM `messages` WHERE id = ?");
+   $delete_message->execute([$delete_id]);
+   header('location:messages.php');
+}
+
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+   <meta charset="UTF-8">
+   <meta http-equiv="X-UA-Compatible" content="IE=edge">
+   <meta name="viewport" content="width=device-width, initial-scale=1.0">
+   <title>messages</title>
+
+   <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css">
+
+   <link rel="stylesheet" href="../css/admin_style.css">
+
+</head>
+<body>
+
+<?php include '../components/admin_header.php'; ?>
+
+<section class="contacts">
+
+<h1 class="heading">messages</h1>
+
+<div class="box-container">
+
+   <?php
+      $select_messages = $conn->prepare("SELECT * FROM `messages`");
+      $select_messages->execute();
+      if($select_messages->rowCount() > 0){
+         while($fetch_message = $select_messages->fetch(PDO::FETCH_ASSOC)){
+   ?>
+   <div class="box">
+   <p> user id : <span><?= $fetch_message['user_id']; ?></span></p>
+   <p> name : <span><?= $fetch_message['name']; ?></span></p>
+   <p> email : <span><?= $fetch_message['email']; ?></span></p>
+   <p> number : <span><?= $fetch_message['number']; ?></span></p>
+   <p> message : <span><?= $fetch_message['message']; ?></span></p>
+   <a href="messages.php??delete=<?= $fetch_message['id']; ?>" onclick="return confirm('delete this message?');" class="delete-btn">delete</a>
+   </div>
+   <?php
+         }
+      }else{
+         echo '<p class="empty">you have no messages</p>';
+      }
+   ?>
+
+</div>
+
+</section>
+
+
+
+
+
+
+
+
+
+
+
+
+<script src="../js/admin_script.js"></script>
+
+</body>
+</html>