159 lines
6.2 KiB
PHP
159 lines
6.2 KiB
PHP
<?php
|
|
session_start();
|
|
require_once 'include/session_check.php';
|
|
if ($_SESSION['role'] !== 'Admin') {
|
|
header("Location: dashboard.php");
|
|
exit();
|
|
}
|
|
|
|
$usersFile = 'users.json.php';
|
|
$users = file_exists($usersFile) ? json_decode(file_get_contents($usersFile), true) : [];
|
|
$message = '';
|
|
$success = '';
|
|
|
|
// Accepter un utilisateur
|
|
if (isset($_GET['accepter'])) {
|
|
$cible = $_GET['accepter'];
|
|
if (isset($users[$cible])) {
|
|
$users[$cible]['statut'] = 'actif';
|
|
file_put_contents($usersFile, json_encode($users, JSON_PRETTY_PRINT));
|
|
$success = "Utilisateur '$cible' accepté avec succès.";
|
|
$users = json_decode(file_get_contents($usersFile), true);
|
|
}
|
|
}
|
|
|
|
// Refuser un utilisateur
|
|
if (isset($_GET['refuser'])) {
|
|
$cible = $_GET['refuser'];
|
|
if (isset($users[$cible])) {
|
|
unset($users[$cible]);
|
|
file_put_contents($usersFile, json_encode($users, JSON_PRETTY_PRINT));
|
|
$success = "Utilisateur '$cible' refusé et supprimé.";
|
|
$users = json_decode(file_get_contents($usersFile), true);
|
|
}
|
|
}
|
|
|
|
// Supprimer un utilisateur
|
|
if (isset($_GET['supprimer'])) {
|
|
$cible = $_GET['supprimer'];
|
|
if ($cible === $_SESSION['user']) {
|
|
$message = "Vous ne pouvez pas supprimer votre propre compte.";
|
|
} elseif (isset($users[$cible])) {
|
|
unset($users[$cible]);
|
|
file_put_contents($usersFile, json_encode($users, JSON_PRETTY_PRINT));
|
|
$success = "Utilisateur '$cible' supprimé avec succès.";
|
|
$users = json_decode(file_get_contents($usersFile), true);
|
|
}
|
|
}
|
|
|
|
// Changer le rôle
|
|
if (isset($_GET['role'])) {
|
|
$cible = $_GET['role'];
|
|
if ($cible === $_SESSION['user']) {
|
|
$message = "Vous ne pouvez pas changer votre propre rôle.";
|
|
} elseif (isset($users[$cible])) {
|
|
$users[$cible]['role'] = ($users[$cible]['role'] === 'Admin') ? 'User' : 'Admin';
|
|
file_put_contents($usersFile, json_encode($users, JSON_PRETTY_PRINT));
|
|
$success = "Rôle de '$cible' modifié avec succès.";
|
|
$users = json_decode(file_get_contents($usersFile), true);
|
|
}
|
|
}
|
|
|
|
include 'include/header.php';
|
|
?>
|
|
|
|
<main>
|
|
<div class="logs-container">
|
|
<h2>👥 Gestion des utilisateurs</h2>
|
|
|
|
<?php if ($message): ?>
|
|
<p class="form-error" style="margin-top: 10px;"><?php echo htmlspecialchars($message); ?></p>
|
|
<?php endif; ?>
|
|
<?php if ($success): ?>
|
|
<p class="form-success" style="margin-top: 10px;"><?php echo htmlspecialchars($success); ?></p>
|
|
<?php endif; ?>
|
|
|
|
<!-- Comptes en attente -->
|
|
<?php
|
|
$en_attente = array_filter($users, function($u) {
|
|
return isset($u['statut']) && $u['statut'] === 'en_attente';
|
|
});
|
|
?>
|
|
<?php if (!empty($en_attente)): ?>
|
|
<h3 style="margin-top: 20px; color: #f39c12;">⏳ Comptes en attente de validation</h3>
|
|
<table class="admin-table">
|
|
<thead>
|
|
<tr>
|
|
<th>Nom d'utilisateur</th>
|
|
<th>Statut</th>
|
|
<th>Actions</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
<?php foreach ($en_attente as $username => $data): ?>
|
|
<tr>
|
|
<td><?php echo htmlspecialchars($username); ?></td>
|
|
<td><span style="color: #f39c12;">En attente</span></td>
|
|
<td>
|
|
<a href="admin_users.php?accepter=<?php echo urlencode($username); ?>"
|
|
class="btn-action btn-warning">✅ Accepter</a>
|
|
<a href="admin_users.php?refuser=<?php echo urlencode($username); ?>"
|
|
class="btn-action btn-danger"
|
|
onclick="return confirm('Refuser <?php echo htmlspecialchars($username); ?> ?')">
|
|
❌ Refuser
|
|
</a>
|
|
</td>
|
|
</tr>
|
|
<?php endforeach; ?>
|
|
</tbody>
|
|
</table>
|
|
<?php endif; ?>
|
|
|
|
<!-- Comptes actifs -->
|
|
<h3 style="margin-top: 30px;">✅ Comptes actifs</h3>
|
|
<table class="admin-table">
|
|
<thead>
|
|
<tr>
|
|
<th>Nom d'utilisateur</th>
|
|
<th>Rôle</th>
|
|
<th>Actions</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
<?php foreach ($users as $username => $data):
|
|
if (isset($data['statut']) && $data['statut'] === 'en_attente') continue;
|
|
?>
|
|
<tr>
|
|
<td><?php echo htmlspecialchars($username); ?>
|
|
<?php if ($username === $_SESSION['user']): ?>
|
|
<span style="color: #3bc4e8; font-size: 0.8em;">(vous)</span>
|
|
<?php endif; ?>
|
|
</td>
|
|
<td>
|
|
<span style="color: <?php echo $data['role'] === 'Admin' ? '#3bc4e8' : '#aaa'; ?>">
|
|
<?php echo htmlspecialchars($data['role']); ?>
|
|
</span>
|
|
</td>
|
|
<td>
|
|
<?php if ($username !== $_SESSION['user']): ?>
|
|
<a href="admin_users.php?role=<?php echo urlencode($username); ?>"
|
|
class="btn-action btn-warning">
|
|
<?php echo $data['role'] === 'Admin' ? '⬇️ Rétrograder' : '⬆️ Promouvoir'; ?>
|
|
</a>
|
|
<a href="admin_users.php?supprimer=<?php echo urlencode($username); ?>"
|
|
class="btn-action btn-danger"
|
|
onclick="return confirm('Supprimer <?php echo htmlspecialchars($username); ?> ?')">
|
|
🗑️ Supprimer
|
|
</a>
|
|
<?php else: ?>
|
|
<span style="color: #666; font-size: 0.85em;">— compte actuel —</span>
|
|
<?php endif; ?>
|
|
</td>
|
|
</tr>
|
|
<?php endforeach; ?>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
</main>
|
|
|
|
<?php include 'include/footer.php'; ?>
|