pcwvanbeers/assetmgt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add user role management functionality with CRUD operations and permissions handling

Browse Source 
- Created user_role.php for viewing and editing user roles and their permissions.
- Implemented inline editing for role details and permissions.
- Added user_role_manage.php for creating and managing user roles.
- Introduced user_roles.php for listing all user roles with pagination and filtering options.
- Integrated API calls for fetching and updating role data and permissions.
- Enhanced user interface with success messages and navigation controls.
This commit is contained in:
“VeLiTi”
2026-01-19 11:16:54 +01:00
parent 3db13b9ebf
commit 782050c3ca
35 changed files with 4071 additions and 370 deletions
Download Patch File Download Diff File Expand all files Collapse all files

791
user.php
View File

@@ -1,6 +1,17 @@
<?php
defined(page_security_key) or exit;
if (debug && debug_id == $_SESSION['id']){
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);
}
include_once './assets/functions.php';
include_once './settings/settings_redirector.php';
//SET ORIGIN FOR NAVIGATION
$_SESSION['prev_origin_user'] = $_SERVER['REQUEST_URI'];
$page = 'user';
//Check if allowed
if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
@@ -8,331 +19,551 @@ if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
exit;
}
//PAGE Security
$page_manage = 'user_manage';
$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
$delete_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'D');
$create_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'C');
// Default input product values
$user = [
'id' => '',
'username' => '',
'email' => '',
'partnerhierarchy' => '',
'view' => 3,
'service' => 0,
'settings' => '',
'userkey' => 1,
'created' => '',
'createdby' => '',
'updated' => '',
'updatedby' => '',
'lastlogin' => '',
'language' => 'US',
'login_count' => 0
];
$update_allowed_edit = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
//GET Details from URL
$user_ID = $_GET['id'] ?? '';
if ($user_ID !=''){
$url = 'index.php?page=users&id='.$user_ID.'';
} else {
$url = 'index.php?page=users';
if ($user_ID == ''){
header('location: index.php?page=users');
exit;
}
if (isset($_GET['id'])) {
// ID param exists, edit an existing product
//CALL TO API
$api_url = '/v1/users/id='.$user_ID;
$responses = ioServer($api_url,'');
//Decode Payload
if (!empty($responses)){$responses = decode_payload($responses);}else{$responses = null;}
$user = json_decode(json_encode($responses[0]), true);
//CALL TO API FOR User information
$api_url = '/v2/users/id='.$user_ID;
$responses = ioServer($api_url,'');
//Decode Payload
if (!empty($responses)){$responses = json_decode($responses);}else{$responses = null;}
$user = $responses[0];
if ($update_allowed === 1){
if (isset($_POST['submit'])) {
//GET ALL POST DATA
$data = json_encode($_POST, JSON_UNESCAPED_UNICODE);
//Secure data
$payload = generate_payload($data);
//API call
$responses = ioServer('/v1/users', $payload);
if ($responses === 'NOK'){
} else {
header('Location: index.php?page=users&success_msg=2');
exit;
}
}
}
if ($update_allowed === 1){
if (isset($_POST['reset'])) {
//GET ALL POST DATA
$data = json_encode($_POST, JSON_UNESCAPED_UNICODE);
//Secure data
$payload = generate_payload($data);
//API call
$responses = ioServer('/v1/users', $payload);
if ($responses === 'NOK'){
} else {
header('Location: index.php?page=users&success_msg=2');
exit;
}
}
}
if ($update_allowed === 1){
if (isset($_POST['unblock'])) {
//UNSET THE SUMBIT FROM POST
unset($_POST['unblock']);
//CHANGE LOGIN COUNT TO 0
$_POST['login_count'] = '0';
//GET ALL POST DATA
$data = json_encode($_POST, JSON_UNESCAPED_UNICODE);
//Secure data
$payload = generate_payload($data);
//API call
$responses = ioServer('/v1/users', $payload);
if ($responses === 'NOK'){
} else {
header('Location: index.php?page=users&success_msg=2');
exit;
}
}
}
if ($delete_allowed === 1){
if (isset($_POST['delete'])) {
//GET ALL POST DATA
$data = json_encode($_POST , JSON_UNESCAPED_UNICODE);
//Secure data
$payload = generate_payload($data);
//API call
$responses = ioServer('/v1/users', $payload);
// Redirect and delete product
if ($responses === 'NOK'){
} else {
header('Location: index.php?page=users&success_msg=3');
exit;
}
}
}
} else {
// Create a new product
if (isset($_POST['submit']) && $create_allowed === 1) {
//GET ALL POST DATA
$data = json_encode($_POST, JSON_UNESCAPED_UNICODE);
//Secure data
$payload = generate_payload($data);
//API call
$responses = ioServer('/v1/users', $payload);
$responses = decode_payload($responses);
if ($responses === 'NOK'){
header('Location: index.php?page=user&success_msg=0');
} elseif ($responses == 1){
header('Location: index.php?page=user&success_msg=0');
}
else {
header('Location: index.php?page=users&success_msg=1');
exit;
}
//Helper function to convert service hex string to 1/0
function isServiceActive($service) {
// If service is a valid hex string (50 chars from bin2hex(random_bytes(25))), return 1
if (!empty($service) && ctype_xdigit($service)) {
return 1;
}
return 0;
}
$service_active = isServiceActive($user->service);
//CALL TO API FOR User Role Assignments
$api_url = '/v2/user_role_assignments/user_id='.$user_ID;
$role_assignments = ioServer($api_url,'');
//Decode Payload
if (!empty($role_assignments)){$role_assignments = json_decode($role_assignments);}else{$role_assignments = null;}
//CALL TO API FOR All Available Roles
$api_url = '/v2/user_roles/status=1&p=1';
$all_roles_response = ioServer($api_url,'');
//Decode Payload
if (!empty($all_roles_response)){
$all_roles = json_decode($all_roles_response);
if (!is_array($all_roles)){
$all_roles = [];
}
} else {
$all_roles = [];
}
//------------------------------
// Handle POST for inline edit (user AND roles)
//------------------------------
if (isset($_POST['save_user']) && $update_allowed_edit === 1) {
// Build user data using existing field names
$user_data = [
'id' => $user_ID,
'userkey' => $_POST['userkey'] ?? 1,
'username' => $_POST['username'] ?? '',
'email' => $_POST['email'] ?? '',
'view' => $_POST['view'] ?? 3,
'settings' => $_POST['settings'] ?? '',
'service' => $_POST['service'] ?? 0,
'language' => $_POST['language'] ?? '',
'login_count' => $_POST['login_count'] ?? 0,
'salesid' => $_POST['salesid'] ?? '',
'soldto' => $_POST['soldto'] ?? '',
'shipto' => $_POST['shipto'] ?? '',
'location' => $_POST['location'] ?? ''
];
$data = json_encode($user_data, JSON_UNESCAPED_UNICODE);
ioServer('/v2/users', $data);
// Also save role assignments
$role_data = [
'batch_update' => true,
'user_id' => (int)$user_ID,
'roles' => isset($_POST['roles']) ? array_map('intval', $_POST['roles']) : []
];
$data = json_encode($role_data, JSON_UNESCAPED_UNICODE);
ioServer('/v2/user_role_assignments', $data);
// Redirect to refresh
header('Location: index.php?page=user&id='.$user_ID.'&success_msg=2');
exit;
}
// Handle password reset
if (isset($_POST['reset']) && $update_allowed_edit === 1) {
$data = json_encode(['id' => $user_ID, 'reset' => 'reset'], JSON_UNESCAPED_UNICODE);
ioServer('/v2/users', $data);
header('Location: index.php?page=user&id='.$user_ID.'&success_msg=4');
exit;
}
// Handle unblock
if (isset($_POST['unblock']) && $update_allowed_edit === 1) {
$data = json_encode(['id' => $user_ID, 'login_count' => '0'], JSON_UNESCAPED_UNICODE);
ioServer('/v2/users', $data);
header('Location: index.php?page=user&id='.$user_ID.'&success_msg=5');
exit;
}
// Handle delete
if (isset($_POST['delete']) && $delete_allowed === 1) {
$data = json_encode(['id' => $user_ID, 'delete' => 'delete'], JSON_UNESCAPED_UNICODE);
ioServer('/v2/users', $data);
header('Location: index.php?page=users&success_msg=3');
exit;
}
//------------------------------
//Variables
//------------------------------
$is_blocked = ($user->login_count > 4);
$is_active = ($user->userkey && $user->userkey != '');
if ($is_blocked) {
$status_text = ($User_block ?? 'Blocked');
$status_class = 'id0';
} elseif ($is_active) {
$status_text = ($enabled ?? 'Active');
$status_class = 'id1';
} else {
$status_text = ($disabled ?? 'Inactive');
$status_class = 'id0';
}
//EMPTY VIEW
$view = '';
// Handle success messages
if (isset($_GET['success_msg'])) {
if ($_GET['success_msg'] == 0) {
$success_msg = $error_msg_0;
if ($_GET['success_msg'] == 1) {
$success_msg = ($message_user_1 ?? 'User created successfully');
}
if ($_GET['success_msg'] == 2) {
$success_msg = ($message_user_2 ?? 'User updated successfully');
}
if ($_GET['success_msg'] == 3) {
$success_msg = ($message_user_3 ?? 'User deleted successfully');
}
if ($_GET['success_msg'] == 4) {
$success_msg = ($message_user_4 ?? 'Password reset successfully');
}
if ($_GET['success_msg'] == 5) {
$success_msg = ($message_user_5 ?? 'User unblocked successfully');
}
if ($_GET['success_msg'] == 6) {
$success_msg = ($message_user_6 ?? 'Roles updated successfully');
}
}
template_header('User', 'user', 'manage');
template_header(($user_title ?? 'User'), 'user', 'view');
$view = '
<div class="content-title responsive-flex-wrap responsive-pad-bot-3">
<h2 class="responsive-width-100">'.($user_h2 ?? 'User').' - '.$user->username.'</h2>
<a href="index.php?page='.($_SESSION['origin'] ?? 'users').'&p='.($_SESSION['p'] ?? '1').($_SESSION['status'] ?? '').($_SESSION['sort'] ?? '').($_SESSION['search'] ?? '').'" class="btn alt mar-right-2">←</a>
';
if ($update_allowed_edit === 1){
$view .= '<a href="javascript:void(0);" id="editBtn" class="btn mar-right-2" onclick="toggleUserEdit()">✏️</a>';
$view .= '<button type="submit" form="userForm" id="saveBtn" class="btn" style="display:none;">💾</button>';
}
$view .= '</div>';
if (isset($success_msg)){
$view .= ' <div class="msg error">
$view .= ' <div class="msg success">
<i class="fas fa-check-circle"></i>
<p>'.$success_msg.'</p>
<i class="fas fa-times"></i>
</div>';
}
$view .='
<form action="" method="post">
<div class="content-title responsive-flex-wrap responsive-pad-bot-3">
<h2 class="responsive-width-100">'.$user_h2.': '.$user['username'].' '.(($user['login_count'] > 4)? '<span class="status disabled">'.$User_block:(($user['userkey'] && $user['userkey'] !='')? '<span class="status enabled">'.$enabled:'<span class="status">'.$disabled)).'</h2>
<a href="index.php?page=users" class="btn alt mar-right-2">←</a>
// Start form wrapper for edit mode
$view .= '<form id="userForm" action="" method="post">
<input type="hidden" name="save_user" value="1">
<input type="hidden" name="id" value="'.$user_ID.'">';
$view .= '<div class="content-block-wrapper">';
// User Information Block
$view .= ' <div class="content-block order-details">
<div class="block-header">
<i class="fa-solid fa-circle-info"></i>'.($view_user_information ?? 'User Information').'
</div>
<div class="order-detail">
<h3>'.($general_status ?? 'Status').'</h3>
<p>
<span class="view-mode status '.$status_class.'">'.$status_text.'</span>
<select class="edit-mode" name="userkey" style="display:none;">
<option value="1"'.($is_active ? ' selected' : '').'>'.($enabled ?? 'Active').'</option>
<option value="0"'.(!$is_active ? ' selected' : '').'>'.($disabled ?? 'Inactive').'</option>
</select>
</p>
</div>
<div class="order-detail">
<h3>'.($User_username ?? 'Username').'</h3>
<p>
<span class="view-mode">'.$user->username.'</span>
<input type="text" class="edit-mode" name="username" value="'.$user->username.'" style="display:none;" pattern="^\S+$" required>
</p>
</div>
<div class="order-detail">
<h3>'.($User_email ?? 'Email').'</h3>
<p>
<span class="view-mode">'.$user->email.'</span>
<input type="email" class="edit-mode" name="email" value="'.$user->email.'" style="display:none;" required>
</p>
</div>
<div class="order-detail">
<h3>'.($User_language ?? 'Language').'</h3>
<p>
<span class="view-mode">'.($user->language ?? '-').'</span>
<select class="edit-mode" name="language" style="display:none;">
<option value="">-</option>';
foreach ($supportedLanguages as $language){
$view .= '<option value="'.$language.'"'.(($user->language == $language) ? ' selected' : '').'>'.$language.'</option>';
}
$view .= ' </select>
</p>
</div>
</div>
';
if ($delete_allowed === 1){
$view .= '<input type="submit" name="delete" value="X" class="btn red mar-right-2" onclick="return confirm(\'Are you sure you want to delete this user?\')">';
}
if ($update_allowed === 1){
$view .= '<input type="submit" name="submit" value="💾" class="btn">';
}
$view .= '</div>';
// Role Assignments Block
$view .='<div class="content-block order-details" id="rolesBlock">
<div class="block-header">
<i class="fa-solid fa-user-shield fa-sm"></i>'.($view_user_roles ?? 'Assigned Roles').'
</div>
<div class="view-mode-roles">';
$view .= '<div class="tabs">
<a href="#" class="active">'.$tab1 .'</a>
</div>';
//Define Service and User enabled
$view .= '<div class="content-block tab-content active">
<div class="form responsive-width-100">
<label for="userkey">Active</label>
<select id="userkey" name="userkey">
<option value="1" '.(($user['userkey']==1 || $user['userkey'] !='' )?' selected':'').'>'.$enabled .'</option>
<option value="0" '.(($user['userkey']==0 || $user['userkey'] =='' )?' selected':'').'>'.$disabled .'</option>
</select>
<label for="username">'.$User_username.'</label>
<input id="name" type="text" name="username" placeholder="'.$User_username.'" value="'.$user['username'].'" pattern="^\S+$" required">
<label for="username">'.$User_email.'</label>
<input id="name" type="email" name="email" placeholder="'.$User_email.'" value="'.$user['email'].'" required">
<label for="view">'.$User_permission.'</label>
<select id="view" name="view" required>
<option value="3" '.($user['view']==3?' selected':'').'>'.$permission3.'</option>
<option value="2" '.($user['view']==2?' selected':'').'>'.$permission2.'</option>
<option value="1" '.($user['view']==1?' selected':'').'>'.$permission1.'</option>
';
//ADD PERMISSION SET BASED ON USER PERMISSION ADMIN OR ADMIN+
if ($_SESSION['permission'] == 3){
$view .= ' <option value="4" '.($user['view']==4?' selected':'').'>'.$permission4.'</option>';
}
if ($_SESSION['permission'] == 4){
$view .= ' <option value="4" '.($user['view']==4?' selected':'').'>'.$permission4.'</option>
<option value="5" '.($user['view']==5?' selected':'').'>'.$permission5.'</option>';
}
$view .= ' </select>
<label for="profile">'.$User_profile.'</label>
';
//Show profiles for AMIN
if ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4){
$view .='<select id="settings" name="settings">
<option value="" '.($user['settings']== ''?' selected':'').'></option>';
foreach ($all_profiles as $profile) {
$view .='<option value="'.$profile.'" '.($user['settings']== $profile?' selected':'').'>'.$profile.'</option>';
}
$view .='</select>';
} else {
//CHECK IF USER HAS A SPECIFIC PROFILE ASSIGNED
if (isset($_SESSION['profile_name']) && $_SESSION['profile_name'] !=''){
$view .=' <input id="name" type="text" name="settings" placeholder="settings" value="'.$_SESSION['profile_name'].'" readonly>';
} else {
$view .=' <input id="name" type="text" name="" placeholder="settings" value="'.$user['settings'].'" readonly>
';
}
// Get list of already assigned role IDs
$assigned_role_ids = [];
if (!empty($role_assignments)){
foreach ($role_assignments as $assignment){
if ($assignment->is_active == 1){
$assigned_role_ids[] = $assignment->role_id;
}
}
}
$view .=' <label for="service">'.$User_service.'</label>
<select id="service" name="service">
<option value="1" '.(($user['service']==1 || $user['service'] !='')?' selected':'').'>'.$enabled .'</option>
<option value="0" '.(($user['service']==0 || $user['service'] =='')?' selected':'').'>'.$disabled .'</option>
</select>
<label for="service">'.$User_language.'</label>
<select id="language" name="language">
<option value="" '.(($user['language'] =='')?' selected':'').'></option>';
foreach ($supportedLanguages as $language){
$view .='<option value="'.$language.'" '.(($user['language']==$language)?' selected':'').'>'.$language.'</option>';
}
$view .=' </select>
<input type="hidden" name="id" value="'.$user_ID.'">
<input type="hidden" name="old_view" value="'.$user['view'].'">
';
// VIEW MODE - Show only assigned roles
if (!empty($role_assignments)){
$has_active_roles = false;
foreach ($role_assignments as $assignment){
if ($assignment->is_active == 1){
$has_active_roles = true;
$view .= '<div class="order-detail">
<h3>'.$assignment->role_name.'</h3>';
if (!empty($assignment->role_description)){
$view .= '<p>'.$assignment->role_description.'</p>';
}
$view .= '</div>';
}
}
if (!$has_active_roles){
$view .= '<div class="order-detail">
<h3>-</h3>
<p>'.($no_roles_assigned ?? 'No roles assigned to this user').'</p>
</div>';
}
} else {
$view .= '<div class="order-detail">
<h3>-</h3>
<p>'.($no_roles_assigned ?? 'No roles assigned to this user').'</p>
</div>';
}
$view .= '</div>
$view .= '</div>'; // Close view-mode-roles
// EDIT MODE - Show all roles with checkboxes (only if user has edit permission)
if ($update_allowed_edit === 1 && !empty($all_roles)){
$view .= '<div class="edit-mode-roles" style="display:none;">';
foreach ($all_roles as $role){
$is_checked = in_array($role->rowID, $assigned_role_ids) ? ' checked' : '';
$view .= '<div class="order-detail" style="display: flex; align-items: center; gap: 10px;">
<input type="checkbox"
name="roles[]"
value="'.$role->rowID.'"
id="role_'.$role->rowID.'"'.$is_checked.'>
<label for="role_'.$role->rowID.'" style="margin: 0; cursor: pointer; flex: 1;">
<h3 style="margin: 0;">'.$role->name.'</h3>
<p style="margin: 5px 0 0 0; font-size: 0.9em; color: #666;">'.($role->description ?? '').'</p>
</label>
</div>';
}
$view .= '</div>'; // Close edit-mode-roles
}
$view .= '</div>'; // Close content-block
$view .= '</div>'; // Close content-block-wrapper
// Permissions Block
$view .= '<div class="content-block">
<div class="block-header">
<i class="fa-solid fa-key fa-sm"></i>'.($view_user_permissions ?? 'Permissions').'
</div>
<div class="table order-table">
<table>
<tr>
<td style="width:25%;">'.($User_permission ?? 'Permission Level').'</td>
<td>
<span class="view-mode">';
// Display permission level text
switch($user->view){
case 1: $view .= ($permission1 ?? 'View'); break;
case 2: $view .= ($permission2 ?? 'Edit'); break;
case 3: $view .= ($permission3 ?? 'Admin'); break;
case 4: $view .= ($permission4 ?? 'Super Admin'); break;
case 5: $view .= ($permission5 ?? 'System'); break;
default: $view .= '-';
}
$view .= '</span>
<select class="edit-mode" name="view" style="display:none;">
<option value="3"'.($user->view == 3 ? ' selected' : '').'>'.($permission3 ?? 'Admin').'</option>
<option value="2"'.($user->view == 2 ? ' selected' : '').'>'.($permission2 ?? 'Edit').'</option>
<option value="1"'.($user->view == 1 ? ' selected' : '').'>'.($permission1 ?? 'View').'</option>';
if ($_SESSION['permission'] == 3){
$view .= '<option value="4"'.($user->view == 4 ? ' selected' : '').'>'.($permission4 ?? 'Super Admin').'</option>';
}
if ($_SESSION['permission'] == 4){
$view .= '<option value="4"'.($user->view == 4 ? ' selected' : '').'>'.($permission4 ?? 'Super Admin').'</option>
<option value="5"'.($user->view == 5 ? ' selected' : '').'>'.($permission5 ?? 'System').'</option>';
}
$view .= ' </select>
</td>
</tr>
<tr>
<td style="width:25%;">'.($User_profile ?? 'Profile').'</td>
<td>
<span class="view-mode">'.($user->settings ?? '-').'</span>';
if ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4){
$view .= '<select class="edit-mode" name="settings" style="display:none;">
<option value="">-</option>';
foreach ($all_profiles as $profile) {
$view .= '<option value="'.$profile.'"'.($user->settings == $profile ? ' selected' : '').'>'.$profile.'</option>';
}
$view .= '</select>';
} else {
$view .= '<input type="hidden" name="settings" value="'.$user->settings.'">';
}
$view .= ' </td>
</tr>
<tr>
<td style="width:25%;">'.($User_service ?? 'Service Access').'</td>
<td>
<span class="view-mode">'.(($service_active == 1) ? ($enabled ?? 'Enabled') : ($disabled ?? 'Disabled')).'</span>
<select class="edit-mode" name="service" style="display:none;">
<option value="1"'.(($service_active == 1) ? ' selected' : '').'>'.($enabled ?? 'Enabled').'</option>
<option value="0"'.(($service_active == 0) ? ' selected' : '').'>'.($disabled ?? 'Disabled').'</option>
</select>
</td>
</tr>
</table>
</div>
</div>';
$view .= '<div class="tabs">
<a href="#">'.$tab2.'</a>
</div>';
// Partner Hierarchy Block
$partner_data = json_decode($user->partnerhierarchy) ?? json_decode($_SESSION['partnerhierarchy']);
//GET PARTNERDATA
$partner_data = json_decode($user['partnerhierarchy'])?? json_decode($_SESSION['partnerhierarchy']) ;
//BUID UP DROPDOWNS
$salesid_dropdown = listPartner('salesid',$_SESSION['permission'],$partner_data->salesid,'');
$soldto_dropdown = listPartner('soldto',$_SESSION['permission'],$partner_data->soldto,'');
$shipto_dropdown = listPartner('shipto',$_SESSION['permission'],$partner_data->shipto,'');
$location_dropdown = listPartner('location',$_SESSION['permission'],$partner_data->location,'');
$view .= '<div class="content-block">
<div class="block-header">
<i class="fa-solid fa-building fa-sm"></i>'.($view_user_partners ?? 'Partner Hierarchy').'
</div>
<div class="table order-table">
<table>';
//DISPLAY
$view .= '<div class="content-block tab-content">
<div class="form responsive-width-100">
';
if ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4){
$view .= '<label for="status">'.$general_salesid.'</label>';
$view .= $salesid_dropdown;
$view .= '<label for="status">'.$general_soldto.'</label>';
$view .= $soldto_dropdown;
$salesid_dropdown = listPartner('salesid', $_SESSION['permission'], $partner_data->salesid ?? '', '');
$soldto_dropdown = listPartner('soldto', $_SESSION['permission'], $partner_data->soldto ?? '', '');
$view .= '<tr>
<td style="width:25%;">'.($general_salesid ?? 'Sales ID').'</td>
<td>
<span class="view-mode">'.($partner_data->salesid ?? '-').'</span>
<span class="edit-mode" style="display:none;">'.$salesid_dropdown.'</span>
</td>
</tr>
<tr>
<td style="width:25%;">'.($general_soldto ?? 'Sold To').'</td>
<td>
<span class="view-mode">'.($partner_data->soldto ?? '-').'</span>
<span class="edit-mode" style="display:none;">'.$soldto_dropdown.'</span>
</td>
</tr>';
}
$view .= '<label for="status">'.$general_shipto.'</label>';
$view .= $shipto_dropdown;
$view .= '<label for="status">'.$general_location.'</label>';
$view .= $location_dropdown;
$view .= '
</div>
$shipto_dropdown = listPartner('shipto', $_SESSION['permission'], $partner_data->shipto ?? '', '');
$location_dropdown = listPartner('location', $_SESSION['permission'], $partner_data->location ?? '', '');
$view .= '<tr>
<td style="width:25%;">'.($general_shipto ?? 'Ship To').'</td>
<td>
<span class="view-mode">'.($partner_data->shipto ?? '-').'</span>
<span class="edit-mode" style="display:none;">'.$shipto_dropdown.'</span>
</td>
</tr>
<tr>
<td style="width:25%;">'.($general_location ?? 'Location').'</td>
<td>
<span class="view-mode">'.($partner_data->location ?? '-').'</span>
<span class="edit-mode" style="display:none;">'.$location_dropdown.'</span>
</td>
</tr>
</table>
</div>
</div>';
$view .= '<div class="tabs">
<a href="#">'.$tab3.'</a>
</div>';
// Metadata Block
$view .= '<div class="content-block">
<div class="block-header">
<i class="fa-solid fa-bars fa-sm"></i>'.($tab3 ?? 'Details').'
</div>
<div class="table order-table">
<table>
<tr>
<td style="width:25%;">'.($general_created ?? 'Created').'</td>
<td>'.getRelativeTime($user->created).'</td>
</tr>
<tr>
<td style="width:25%;">'.($User_lastlogin ?? 'Last Login').'</td>
<td>'.($user->lastlogin ? getRelativeTime($user->lastlogin) : '-').'</td>
</tr>
<tr>
<td style="width:25%;">'.($general_updated ?? 'Updated').'</td>
<td>'.($user->updated ? getRelativeTime($user->updated) : '-').'</td>
</tr>
<tr>
<td style="width:25%;">'.($general_updatedby ?? 'Updated By').'</td>
<td>'.($user->updatedby ?? '-').'</td>
</tr>
<tr>
<td style="width:25%;">'.($User_pw_login_count ?? 'Login Attempts').'</td>
<td>
<span class="view-mode">'.$user->login_count.'</span>';
//SUPERUSERS AND ADMINS CAN RESET BLOCKED USERS
if ($_SESSION['permission'] == 3 || $_SESSION['permission'] == 4){
$login_count = '<input id="name" type="text" name="login_count" placeholder="'.$User_pw_login_count.'" value="'.$user['login_count'].'">';
$view .= '<input type="number" class="edit-mode" name="login_count" value="'.$user->login_count.'" style="display:none; width: 80px;">';
} else {
$login_count = '<input id="name" type="text" name="" placeholder="'.$User_pw_login_count.'" value="'.$user['login_count'].'" readonly>';
$view .= '<input type="hidden" name="login_count" value="'.$user->login_count.'">';
}
$view .= '<div class="content-block tab-content">
<div class="form responsive-width-100">
<label for="">'.$general_created.'</label>
<input id="name" type="text" name="" placeholder="'.$general_created.'" value="'.$user['created'].'" readonly>
<label for="">'.$User_lastlogin.'</label>
<input id="name" type="text" name="" placeholder="'.$User_lastlogin.'" value="'.$user['lastlogin'].'" readonly>
<label for="productcode">'.$general_updated.'</label>
<input id="name" type="text" name="" placeholder="'.$general_updated.'" value="'.$user['updated'].'" readonly>
<label for="productcode">'.$general_updatedby.'</label>
<input id="name" type="text" name="" placeholder="'.$general_updatedby.'" value="'.$user['updatedby'].'" readonly>
<label for="">'.$User_pw_login_count.'</label>
'.$login_count.'
</div>
</div>';
$view .= ' </td>
</tr>
</table>
</div>
</div>
</form>
';
if ($update_allowed === 1 && $user_ID !=''){
$view .= '<div class="tabs">
<a href="#">'.$general_actions.'</a>
</div>';
$view .= '<div class="content-block tab-content">
<div class="form responsive-width-100">
<label for="service">'.$User_pw_reset .'</label>
<input type="submit" name="reset" value="Reset" class="btn" style="width: 15%;" onclick="return confirm(\'Are you sure you want to reset this user password?\')">
<label for="service">'.$User_unblock .'</label>
<input type="submit" name="unblock" value="'.$User_unblock.'" class="btn" style="width: 15%;" onclick="return confirm(\'Are you sure you want to unblock this user?\')">
// Actions Block (outside form for separate actions)
if ($update_allowed_edit === 1){
$view .= '<div class="content-block">
<div class="block-header">
<i class="fa-solid fa-bolt fa-sm"></i>'.($general_actions ?? 'Actions').'
</div>
<div class="table order-table">
<table>
<tr>
<td style="width:25%;">'.($User_pw_reset ?? 'Reset Password').'</td>
<td>
<form action="" method="post" style="display:inline;">
<input type="hidden" name="id" value="'.$user_ID.'">
<button type="submit" name="reset" class="btn alt" onclick="return confirm(\''.($confirm_reset_password ?? 'Are you sure you want to reset this user\'s password?').'\')">
<i class="fa-solid fa-key"></i>
</button>
</form>
</td>
</tr>';
if ($is_blocked){
$view .= ' <tr>
<td style="width:25%;">'.($User_unblock ?? 'Unblock User').'</td>
<td>
<form action="" method="post" style="display:inline;">
<input type="hidden" name="id" value="'.$user_ID.'">
<button type="submit" name="unblock" class="btn alt" onclick="return confirm(\''.($confirm_unblock ?? 'Are you sure you want to unblock this user?').'\')">
<i class="fa-solid fa-unlock"></i>
</button>
</form>
</td>
</tr>';
}
if ($delete_allowed === 1){
$view .= ' <tr>
<td style="width:25%;">'.($general_delete ?? 'Delete User').'</td>
<td>
<form action="" method="post" style="display:inline;">
<input type="hidden" name="id" value="'.$user_ID.'">
<button type="submit" name="delete" class="btn red" onclick="return confirm(\''.($confirm_delete_user ?? 'Are you sure you want to delete this user?').'\')">
<i class="fa-solid fa-trash"></i>
</button>
</form>
</td>
</tr>';
}
$view .= ' </table>
</div>
</div>';
}
$view .= '</form>';
//Output
//OUTPUT
echo $view;
template_footer()
?>
$js = 'var userEditMode = false;
function toggleUserEdit() {
userEditMode = !userEditMode;
var editBtn = document.getElementById("editBtn");
var saveBtn = document.getElementById("saveBtn");
var viewElements = document.querySelectorAll(".view-mode");
var editElements = document.querySelectorAll(".edit-mode");
var viewRolesElements = document.querySelectorAll(".view-mode-roles");
var editRolesElements = document.querySelectorAll(".edit-mode-roles");
var i;
if (userEditMode) {
// Enter edit mode for user info AND roles
for (i = 0; i < viewElements.length; i++) { viewElements[i].style.display = "none"; }
for (i = 0; i < editElements.length; i++) { editElements[i].style.display = "inline"; }
for (i = 0; i < viewRolesElements.length; i++) { viewRolesElements[i].style.display = "none"; }
for (i = 0; i < editRolesElements.length; i++) { editRolesElements[i].style.display = "block"; }
editBtn.style.display = "none";
saveBtn.style.display = "inline-block";
} else {
// Exit edit mode
for (i = 0; i < viewElements.length; i++) { viewElements[i].style.display = "inline"; }
for (i = 0; i < editElements.length; i++) { editElements[i].style.display = "none"; }
for (i = 0; i < viewRolesElements.length; i++) { viewRolesElements[i].style.display = "block"; }
for (i = 0; i < editRolesElements.length; i++) { editRolesElements[i].style.display = "none"; }
editBtn.style.display = "inline-block";
saveBtn.style.display = "none";
}
}';
template_footer($js);