manage video reports as admin

kuldp18 · Apr 21, 2024 · 59f48ff · 59f48ff
1 parent 023c080
commit 59f48ff
Show file tree

Hide file tree

Showing 6 changed files with 307 additions and 1 deletion.
diff --git a/includes/admin_edit_video_report.inc.php b/includes/admin_edit_video_report.inc.php
@@ -0,0 +1,31 @@
+<?php
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $updated_video_status = $_POST['updated_video_status'];
+    $updated_report_status = $_POST['updated_report_status'];
+    $selected_video_id = $_POST['selected_video_id'];
+    $selected_report_id = $_POST['selected_report_id'];
+
+    try {
+        require_once "./db_handler.inc.php";
+        require_once "./config_session.inc.php";
+        require_once "../models/videos.inc.php";
+        require_once "../models/reports.inc.php";
+
+        $current_video = fetch_video_by_id($pdo, $selected_video_id);
+
+
+        // take action for the video
+        update_video_status($pdo, $selected_video_id, $updated_video_status);
+        update_video_report($pdo, $selected_report_id, $updated_report_status);
+        header('Location: ../pages/admin_manage_video_reports.php?video_report_update=success');
+        $pdo = null;
+        $stmt = null;
+        die();
+    } catch (PDOException $e) {
+        die("Failed to take action for this video: " . $e->getMessage());
+    }
+} else {
+    header('Location: ../index.php');
+    die();
+}
diff --git a/models/reports.inc.php b/models/reports.inc.php
@@ -24,3 +24,23 @@ function submit_user_report(object $pdo, int $target_user_id, int $user_id, stri
     $stmt->bindParam(":reason", $reason, PDO::PARAM_STR);
     $stmt->execute();
 }
+
+// get all video reports
+function get_all_video_reports(object $pdo): array
+{
+    // video_reports has fields: video_report_id, video_id, user_id, reason, reported_at, updated_at, status, video_id is foreign key to videos table, user_id is foreign key to users table
+    $query = "SELECT video_reports.video_report_id, video_reports.video_id, video_reports.user_id, video_reports.reason, video_reports.reported_at, video_reports.updated_at, video_reports.status, videos.video_title, users.username FROM video_reports JOIN videos ON video_reports.video_id = videos.video_id JOIN users ON video_reports.user_id = users.user_id";
+    $stmt = $pdo->prepare($query);
+    $stmt->execute();
+    return $stmt->fetchAll();
+}
+
+// update video report as admin 
+function update_video_report(object $pdo, int $video_report_id, string $status): void
+{
+    $query = "UPDATE video_reports SET status = :status, updated_at = CURRENT_TIMESTAMP WHERE video_report_id = :video_report_id";
+    $stmt = $pdo->prepare($query);
+    $stmt->bindParam(":status", $status, PDO::PARAM_STR);
+    $stmt->bindParam(":video_report_id", $video_report_id, PDO::PARAM_INT);
+    $stmt->execute();
+}
diff --git a/models/videos.inc.php b/models/videos.inc.php
@@ -5,7 +5,7 @@
 // fetch all videos from the database
 function fetch_all_videos(object $pdo): array
 {
-    $query = "SELECT * FROM videos WHERE is_active = 'Y' ORDER BY created_at DESC";
+    $query = "SELECT * FROM videos ORDER BY created_at DESC";
     $stmt = $pdo->prepare($query);
     $stmt->execute();
     $result = $stmt->fetchAll(PDO::FETCH_ASSOC);
@@ -385,3 +385,13 @@ function update_video_timestamp(object $pdo, string $video_id): void
     $stmt->bindParam(":video_id", $video_id, PDO::PARAM_STR);
     $stmt->execute();
 }
+
+// update video status (is_active)
+function update_video_status(object $pdo, string $video_id, string $updated_status): void
+{
+    $query = "UPDATE videos SET is_active = :is_active, updated_at = CURRENT_TIMESTAMP WHERE video_id = :video_id";
+    $stmt = $pdo->prepare($query);
+    $stmt->bindParam(":video_id", $video_id, PDO::PARAM_STR);
+    $stmt->bindParam(":is_active", $updated_status, PDO::PARAM_STR);
+    $stmt->execute();
+}
diff --git a/pages/admin_dashboard.php b/pages/admin_dashboard.php
@@ -35,6 +35,8 @@
             <a href="./admin_manage_users.php" class="admin__actions__link">Manage Users</a>
             <a href="./admin_manage_videos.php" class="admin__actions__link">Manage Videos</a>
             <a href="./admin_manage_tags.php" class="admin__actions__link">Manage Video Tags</a>
+            <a href="./admin_manage_video_reports.php" class="admin__actions__link">Manage Video Reports</a>
+            <a href="./admin_manage_user_reports.php" class="admin__actions__link">Manage User Reports</a>
         </section>
     </main>
 

diff --git a/pages/admin_edit_video_report.php b/pages/admin_edit_video_report.php
@@ -0,0 +1,95 @@
+<?php
+require_once "../includes/db_handler.inc.php";
+require_once "../includes/config_session.inc.php";
+require_once "../models/videos.inc.php";
+// require_once "../views/video_tags.inc.php";
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Admin Dashboard - Videos Reports</title>
+    <!-- Bootstrap CSS -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/css/bootstrap.min.css" integrity="sha512-jnSuA4Ss2PkkikSOLtYs8BlYIeeIK1h99ty4YfvRPAlzr377vr3CXDb7sb7eEEBYjDtcYj+AjBH3FLv5uSJuXg==" crossorigin="anonymous" referrerpolicy="no-referrer" />
+
+    <link rel="stylesheet" href="../css/global.css">
+    <link rel="stylesheet" href="../css/navbar.css" />
+
+    <style>
+        .table {
+            border: 1px solid whitesmoke;
+            font-size: 1.2rem;
+        }
+
+        form {
+            font-size: 1.25rem;
+        }
+
+        label,
+        input.form-control,
+        select.form-select,
+        textarea.form-control,
+        option {
+            font-size: inherit;
+        }
+    </style>
+</head>
+
+<body>
+
+    <?php include_once('../includes/components/navbar.inc.php') ?>
+    <?php
+    // check is user is not logged in or is not admin
+    if (!isset($_SESSION['user_id']) || !isset($_SESSION['user_role']) || $_SESSION['user_role'] !== 'admin') {
+        // if not, redirect to home page
+        header('Location: ../index.php');
+        exit();
+    }
+    $selected_video_id = $_GET['video_id'];
+    $selected_video = fetch_video_by_id($pdo, $selected_video_id);
+    $video_report_id = $_GET['report_id'];
+    ?>
+
+    <div class="container mt-3">
+        <h1 class="mb-4 heading">Admin - Manage Video Report</h1>
+
+        <div class="mb-4" id="updateUserForm">
+            <h2>Update Video: <?php echo $selected_video_id; ?></h2>
+            <form method="POST" action="../includes/admin_edit_video_report.inc.php">
+                <div class="mb-3">
+                    <label for="updateActive" class="form-label">Video status</label>
+                    <select class="form-select" name="updated_video_status">
+                        <option value="Y" <?php echo $selected_video['is_active'] === 'Y' ? 'selected' : '' ?>>Public</option>
+                        <option value="N" <?php echo $selected_video['is_active'] === 'N' ? 'selected' : '' ?>>Hidden</option>
+                    </select>
+                </div>
+                <div class="mb-3">
+                    <label for="updateStatus" class="form-label">Report status</label>
+                    <select class="form-select" name="updated_report_status">
+                        <option value="resolved" selected>Resolved</option>
+                        <option value="under_review">Under Review</option>
+                        <option value="created">Created</option>
+                    </select>
+                </div>
+                <input type="hidden" name="selected_video_id" value="<?php echo $selected_video_id; ?>">
+                <input type="hidden" name="selected_report_id" value="<?php echo $video_report_id; ?>">
+                <button type="submit" class="btn btn-primary">Update</button>
+                <a href="./admin_manage_video_reports.php" class="btn btn-secondary" id="cancelUpdate">Cancel</a>
+            </form>
+        </div>
+
+
+
+    </div>
+
+    <!-- Bootstrap JS (optional, only if you need Bootstrap JavaScript features) -->
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js" integrity="sha512-v2CJ7UaYy4JwqLDIrZUI/4hqeoQieOmAZNXBeQyjo21dadnwR+8ZaIJVT8EE2iyI61OV8e6M8PP2/4hpQINQ/g==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
+
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/js/bootstrap.min.js" integrity="sha512-ykZ1QQr0Jy/4ZkvKuqWn4iF3lqPZyij9iRv6sGqLRdTPkY69YX6+7wvVGmsdBbiIfN/8OdsI7HABjvEok6ZopQ==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
+
+</body>
+
+</html>
diff --git a/pages/admin_manage_video_reports.php b/pages/admin_manage_video_reports.php
@@ -0,0 +1,148 @@
+<?php
+require_once "../includes/db_handler.inc.php";
+require_once "../includes/config_session.inc.php";
+require_once "../models/users.inc.php";
+require_once "../models/reports.inc.php";
+require_once "../views/admin_manage_users.php";
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Admin Dashboard - Video Reports</title>
+    <!-- Bootstrap CSS -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css" integrity="sha512-SnH5WK+bZxgPHs44uWIX+LLJAJ9/2PkPKZ5QiAj6Ta86w+fsb2TkcmfRyVX3pBnMFcV7oQPJkl9QevSCWr3W6A==" crossorigin="anonymous" referrerpolicy="no-referrer" />
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/css/bootstrap.min.css" integrity="sha512-jnSuA4Ss2PkkikSOLtYs8BlYIeeIK1h99ty4YfvRPAlzr377vr3CXDb7sb7eEEBYjDtcYj+AjBH3FLv5uSJuXg==" crossorigin="anonymous" referrerpolicy="no-referrer" />
+
+    <link rel="stylesheet" href="../css/global.css">
+    <link rel="stylesheet" href="../css/navbar.css" />
+
+    <style>
+        .table {
+            border: 1px solid whitesmoke;
+            font-size: 1.2rem;
+        }
+
+        .btn {
+            width: 25px;
+            height: 25px;
+            display: flex;
+            justify-content: center;
+            align-items: center;
+
+        }
+    </style>
+</head>
+
+<body>
+
+    <?php include_once('../includes/components/navbar.inc.php') ?>
+    <?php
+    // check is user is not logged in or is not admin
+    if (!isset($_SESSION['user_id']) || !isset($_SESSION['user_role']) || $_SESSION['user_role'] !== 'admin') {
+        // if not, redirect to home page
+        header('Location: ../index.php');
+        exit();
+    }
+    $user_name = $_SESSION['user_username'];
+
+    $user_list = get_all_users($pdo);
+
+    $video_reports = get_all_video_reports($pdo);
+
+
+
+    check_and_print_admin_edit_user_errors();
+    check_and_print_admin_delete_user_errors();
+
+    if (isset($_GET["user_update"]) && $_GET["user_update"] === "success") {
+        echo <<<HTML
+          <section class="modal modal--success">
+            <h1 class="modal__title">User updated successfully!</h1>
+            <span class="modal__close modal__close--success">X</span>
+          </section>
+        HTML;
+    }
+
+    if (isset($_GET["user_delete"]) && $_GET["user_delete"] === "success") {
+        echo <<<HTML
+          <section class="modal modal--success">
+            <h1 class="modal__title">User soft-deleted successfully!</h1>
+            <span class="modal__close modal__close--success">X</span>
+          </section>
+        HTML;
+    }
+
+
+    ?>
+
+    <div class="container mt-3">
+        <h1 class="mb-4 heading">Admin - Manage Video Reports</h1>
+
+        <!-- Display Users Table -->
+        <div class="mb-4">
+            <h2>List of all reports</h2>
+            <table class="table table-dark table-striped">
+                <thead>
+                    <tr>
+                        <th scope="col">Report ID</th>
+                        <th scope="col">Video ID</th>
+                        <th scope="col">User ID</th>
+                        <th scope="col">Reason</th>
+                        <th scope="col">Reported At</th>
+                        <th scope="col">Updated At</th>
+                        <th scope="col">Status</th>
+                        <th scope="col">Video Title</th>
+                        <th scope="col">Username</th>
+                        <th scope="col">Actions</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    <!-- check if report list is not empty -->
+                    <?php if (empty($video_reports)) : ?>
+                        <tr>
+                            <td colspan="10">No reports found</td>
+                        </tr>
+                    <?php endif; ?>
+
+                    <?php if (!empty($video_reports)) : ?>
+                        <!-- loop through report list and display each report -->
+                        <?php foreach ($video_reports as $report) : ?>
+                            <tr>
+                                <td><?php echo htmlspecialchars($report['video_report_id']); ?></td>
+                                <td><?php echo htmlspecialchars($report['video_id']); ?></td>
+                                <td><?php echo htmlspecialchars($report['user_id']); ?></td>
+                                <td><?php echo htmlspecialchars($report['reason']); ?></td>
+                                <td><?php echo htmlspecialchars($report['reported_at']); ?></td>
+                                <td><?php echo htmlspecialchars($report['updated_at']); ?></td>
+                                <td><?php echo htmlspecialchars($report['status']); ?></td>
+                                <td><?php echo htmlspecialchars($report['video_title']); ?></td>
+                                <td><?php echo htmlspecialchars($report['username']); ?></td>
+                                <td class="actions">
+                                    <a href="<?php
+                                                echo "./admin_edit_video_report.php?video_id=" . $report['video_id'] . "&report_id=" . $report['video_report_id'];
+                                                ?>" class="btn btn-primary btn-sm update-btn"><i class="fa-solid fa-pencil"></i>
+                                    </a>
+                                </td>
+                            </tr>
+                        <?php endforeach; ?>
+                    <?php endif; ?>
+                </tbody>
+            </table>
+        </div>
+
+
+    </div>
+
+    <!-- Bootstrap JS (optional, only if you need Bootstrap JavaScript features) -->
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js" integrity="sha512-v2CJ7UaYy4JwqLDIrZUI/4hqeoQieOmAZNXBeQyjo21dadnwR+8ZaIJVT8EE2iyI61OV8e6M8PP2/4hpQINQ/g==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
+
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/js/bootstrap.min.js" integrity="sha512-ykZ1QQr0Jy/4ZkvKuqWn4iF3lqPZyij9iRv6sGqLRdTPkY69YX6+7wvVGmsdBbiIfN/8OdsI7HABjvEok6ZopQ==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
+
+    <script src="../js/close_modal.js"></script>
+</body>
+
+</html>