manage user reports as admin

kuldp18 · Apr 21, 2024 · 66c91c1 · 66c91c1
1 parent 59f48ff
commit 66c91c1
Show file tree

Hide file tree

Showing 5 changed files with 301 additions and 0 deletions.
diff --git a/includes/admin_edit_user_report.inc.php b/includes/admin_edit_user_report.inc.php
@@ -0,0 +1,30 @@
+<?php
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $updated_user_status = $_POST['updated_user_status'];
+    $updated_report_status = $_POST['updated_report_status'];
+    $selected_user_id = $_POST['selected_user_id'];
+    $selected_report_id = $_POST['selected_report_id'];
+
+    try {
+        require_once "./db_handler.inc.php";
+        require_once "./config_session.inc.php";
+        require_once "../models/users.inc.php";
+        require_once "../models/reports.inc.php";
+
+
+
+        // take action for the video
+        update_user_status($pdo, $selected_user_id, $updated_user_status);
+        update_user_report($pdo, $selected_report_id, $updated_report_status);
+        header('Location: ../pages/admin_manage_user_reports.php?user_report_update=success');
+        $pdo = null;
+        $stmt = null;
+        die();
+    } catch (PDOException $e) {
+        die("Failed to take action for this user: " . $e->getMessage());
+    }
+} else {
+    header('Location: ../index.php');
+    die();
+}
diff --git a/models/reports.inc.php b/models/reports.inc.php
@@ -34,6 +34,15 @@ function get_all_video_reports(object $pdo): array
     $stmt->execute();
     return $stmt->fetchAll();
 }
+// get all user reports
+function get_all_user_reports(object $pdo): array
+{
+    // user_reports has fields: user_report_id, target_user_id, user_id, reason, reported_at, updated_at, status, target_user_id is foreign key to users table, user_id is foreign key to users table
+    $query = "SELECT user_reports.user_report_id, user_reports.target_user_id, user_reports.user_id, user_reports.reason, user_reports.reported_at, user_reports.updated_at, user_reports.status, users.username, target_user.username AS target_username FROM user_reports JOIN users ON user_reports.user_id = users.user_id JOIN users AS target_user ON user_reports.target_user_id = target_user.user_id";
+    $stmt = $pdo->prepare($query);
+    $stmt->execute();
+    return $stmt->fetchAll();
+}
 
 // update video report as admin 
 function update_video_report(object $pdo, int $video_report_id, string $status): void
@@ -44,3 +53,13 @@ function update_video_report(object $pdo, int $video_report_id, string $status):
     $stmt->bindParam(":video_report_id", $video_report_id, PDO::PARAM_INT);
     $stmt->execute();
 }
+
+// update user report as admin
+function update_user_report(object $pdo, int $user_report_id, string $status): void
+{
+    $query = "UPDATE user_reports SET status = :status, updated_at = CURRENT_TIMESTAMP WHERE user_report_id = :user_report_id";
+    $stmt = $pdo->prepare($query);
+    $stmt->bindParam(":status", $status, PDO::PARAM_STR);
+    $stmt->bindParam(":user_report_id", $user_report_id, PDO::PARAM_INT);
+    $stmt->execute();
+}
diff --git a/models/users.inc.php b/models/users.inc.php
@@ -44,3 +44,11 @@ function does_user_exist(object $pdo, int $user_id): bool
     $stmt->execute(['user_id' => $user_id]);
     return $stmt->fetch(PDO::FETCH_ASSOC) ? true : false;
 }
+
+// update user status 
+function update_user_status(object $pdo, int $user_id, string $updated_status): void
+{
+    $query = "UPDATE users SET is_active = :updated_status, updated_at = CURRENT_TIMESTAMP WHERE user_id = :user_id";
+    $stmt = $pdo->prepare($query);
+    $stmt->execute(['updated_status' => $updated_status, 'user_id' => $user_id]);
+}
diff --git a/pages/admin_edit_user_report.php b/pages/admin_edit_user_report.php
@@ -0,0 +1,96 @@
+<?php
+require_once "../includes/db_handler.inc.php";
+require_once "../includes/config_session.inc.php";
+require_once "../models/users.inc.php";
+// require_once "../views/video_tags.inc.php";
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Admin Dashboard - User Reports</title>
+    <!-- Bootstrap CSS -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/css/bootstrap.min.css" integrity="sha512-jnSuA4Ss2PkkikSOLtYs8BlYIeeIK1h99ty4YfvRPAlzr377vr3CXDb7sb7eEEBYjDtcYj+AjBH3FLv5uSJuXg==" crossorigin="anonymous" referrerpolicy="no-referrer" />
+
+    <link rel="stylesheet" href="../css/global.css">
+    <link rel="stylesheet" href="../css/navbar.css" />
+
+    <style>
+        .table {
+            border: 1px solid whitesmoke;
+            font-size: 1.2rem;
+        }
+
+        form {
+            font-size: 1.25rem;
+        }
+
+        label,
+        input.form-control,
+        select.form-select,
+        textarea.form-control,
+        option {
+            font-size: inherit;
+        }
+    </style>
+</head>
+
+<body>
+
+    <?php include_once('../includes/components/navbar.inc.php') ?>
+    <?php
+    // check is user is not logged in or is not admin
+    if (!isset($_SESSION['user_id']) || !isset($_SESSION['user_role']) || $_SESSION['user_role'] !== 'admin') {
+        // if not, redirect to home page
+        header('Location: ../index.php');
+        exit();
+    }
+    $target_user_id = $_GET['target_user_id'];
+    $user_report_id = $_GET['report_id'];
+
+    $selected_user =  get_user_by_id($pdo, $target_user_id);
+    ?>
+
+    <div class="container mt-3">
+        <h1 class="mb-4 heading">Admin - Manage User Report</h1>
+
+        <div class="mb-4" id="updateUserForm">
+            <h2>Update User: <?php echo $target_user_id; ?></h2>
+            <form method="POST" action="../includes/admin_edit_user_report.inc.php">
+                <div class="mb-3">
+                    <label for="updateActive" class="form-label">User status</label>
+                    <select class="form-select" name="updated_user_status">
+                        <option value="Y" <?php echo $selected_user['is_active'] === 'Y' ? 'selected' : '' ?>>Active</option>
+                        <option value="N" <?php echo $selected_user['is_active'] === 'N' ? 'selected' : '' ?>>Inactive</option>
+                    </select>
+                </div>
+                <div class="mb-3">
+                    <label for="updateStatus" class="form-label">Report status</label>
+                    <select class="form-select" name="updated_report_status">
+                        <option value="resolved" selected>Resolved</option>
+                        <option value="under_review">Under Review</option>
+                        <option value="created">Created</option>
+                    </select>
+                </div>
+                <input type="hidden" name="selected_user_id" value="<?php echo $target_user_id; ?>">
+                <input type="hidden" name="selected_report_id" value="<?php echo $user_report_id; ?>">
+                <button type="submit" class="btn btn-primary">Update</button>
+                <a href="./admin_manage_user_reports.php" class="btn btn-secondary" id="cancelUpdate">Cancel</a>
+            </form>
+        </div>
+
+
+
+    </div>
+
+    <!-- Bootstrap JS (optional, only if you need Bootstrap JavaScript features) -->
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js" integrity="sha512-v2CJ7UaYy4JwqLDIrZUI/4hqeoQieOmAZNXBeQyjo21dadnwR+8ZaIJVT8EE2iyI61OV8e6M8PP2/4hpQINQ/g==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
+
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/js/bootstrap.min.js" integrity="sha512-ykZ1QQr0Jy/4ZkvKuqWn4iF3lqPZyij9iRv6sGqLRdTPkY69YX6+7wvVGmsdBbiIfN/8OdsI7HABjvEok6ZopQ==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
+
+</body>
+
+</html>
diff --git a/pages/admin_manage_user_reports.php b/pages/admin_manage_user_reports.php
@@ -0,0 +1,148 @@
+<?php
+require_once "../includes/db_handler.inc.php";
+require_once "../includes/config_session.inc.php";
+require_once "../models/users.inc.php";
+require_once "../models/reports.inc.php";
+require_once "../views/admin_manage_users.php";
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Admin Dashboard - User Reports</title>
+    <!-- Bootstrap CSS -->
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.2/css/all.min.css" integrity="sha512-SnH5WK+bZxgPHs44uWIX+LLJAJ9/2PkPKZ5QiAj6Ta86w+fsb2TkcmfRyVX3pBnMFcV7oQPJkl9QevSCWr3W6A==" crossorigin="anonymous" referrerpolicy="no-referrer" />
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/css/bootstrap.min.css" integrity="sha512-jnSuA4Ss2PkkikSOLtYs8BlYIeeIK1h99ty4YfvRPAlzr377vr3CXDb7sb7eEEBYjDtcYj+AjBH3FLv5uSJuXg==" crossorigin="anonymous" referrerpolicy="no-referrer" />
+
+    <link rel="stylesheet" href="../css/global.css">
+    <link rel="stylesheet" href="../css/navbar.css" />
+
+    <style>
+        .table {
+            border: 1px solid whitesmoke;
+            font-size: 1.2rem;
+        }
+
+        .btn {
+            width: 25px;
+            height: 25px;
+            display: flex;
+            justify-content: center;
+            align-items: center;
+
+        }
+    </style>
+</head>
+
+<body>
+
+    <?php include_once('../includes/components/navbar.inc.php') ?>
+    <?php
+    // check is user is not logged in or is not admin
+    if (!isset($_SESSION['user_id']) || !isset($_SESSION['user_role']) || $_SESSION['user_role'] !== 'admin') {
+        // if not, redirect to home page
+        header('Location: ../index.php');
+        exit();
+    }
+    $user_name = $_SESSION['user_username'];
+
+    $user_list = get_all_users($pdo);
+
+    $user_reports = get_all_user_reports($pdo);
+
+
+
+
+
+
+    // if (isset($_GET["user_update"]) && $_GET["user_update"] === "success") {
+    //     echo <<<HTML
+    //       <section class="modal modal--success">
+    //         <h1 class="modal__title">User updated successfully!</h1>
+    //         <span class="modal__close modal__close--success">X</span>
+    //       </section>
+    //     HTML;
+    // }
+
+    // if (isset($_GET["user_delete"]) && $_GET["user_delete"] === "success") {
+    //     echo <<<HTML
+    //       <section class="modal modal--success">
+    //         <h1 class="modal__title">User soft-deleted successfully!</h1>
+    //         <span class="modal__close modal__close--success">X</span>
+    //       </section>
+    //     HTML;
+    // }
+
+
+    ?>
+
+    <div class="container mt-3">
+        <h1 class="mb-4 heading">Admin - Manage User Reports</h1>
+
+        <!-- Display Users Table -->
+        <div class="mb-4">
+            <h2>List of all reports</h2>
+            <table class="table table-dark table-striped">
+                <thead>
+                    <tr>
+                        <th scope="col">Report ID</th>
+                        <th scope="col" style="color: rgba(255,0,0,0.85);">Target User ID</th>
+                        <th scope="col">User ID</th>
+                        <th scope="col">Reason</th>
+                        <th scope="col">Reported At</th>
+                        <th scope="col">Updated At</th>
+                        <th scope="col">Status</th>
+                        <th scope="col">User</th>
+                        <th scope="col" style="color: rgba(255,0,0,0.85);">Target User</th>
+                        <th scope="col">Actions</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    <!-- check if report list is not empty -->
+                    <?php if (empty($user_reports)) : ?>
+                        <tr>
+                            <td colspan="10">No reports found</td>
+                        </tr>
+                    <?php endif; ?>
+
+                    <?php if (!empty($user_reports)) : ?>
+                        <!-- loop through report list and display each report -->
+                        <?php foreach ($user_reports as $report) : ?>
+                            <tr>
+                                <td><?= $report['user_report_id'] ?></td>
+                                <td><?= $report['target_user_id'] ?></td>
+                                <td><?= $report['user_id'] ?></td>
+                                <td><?= $report['reason'] ?></td>
+                                <td><?= $report['reported_at'] ?></td>
+                                <td><?= $report['updated_at'] ?></td>
+                                <td><?= $report['status'] ?></td>
+                                <td><?= $report['username'] ?></td>
+                                <td><?= $report['target_username'] ?></td>
+                                <td class="actions">
+                                    <a href="<?php
+                                                echo "./admin_edit_user_report.php?target_user_id=" . $report['target_user_id'] . "&report_id=" . $report['user_report_id'];
+                                                ?>" class="btn btn-primary btn-sm update-btn"><i class="fa-solid fa-pencil"></i>
+                                    </a>
+                                </td>
+                            </tr>
+                        <?php endforeach; ?>
+                    <?php endif; ?>
+                </tbody>
+            </table>
+        </div>
+
+
+    </div>
+
+    <!-- Bootstrap JS (optional, only if you need Bootstrap JavaScript features) -->
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js" integrity="sha512-v2CJ7UaYy4JwqLDIrZUI/4hqeoQieOmAZNXBeQyjo21dadnwR+8ZaIJVT8EE2iyI61OV8e6M8PP2/4hpQINQ/g==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
+
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/js/bootstrap.min.js" integrity="sha512-ykZ1QQr0Jy/4ZkvKuqWn4iF3lqPZyij9iRv6sGqLRdTPkY69YX6+7wvVGmsdBbiIfN/8OdsI7HABjvEok6ZopQ==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
+
+    <script src="../js/close_modal.js"></script>
+</body>
+
+</html>