Panel administratora - <?php echo e(defined('APP_NAME') ? APP

'Moje Przedsiebiorstwo IT', 'company_1_details' => 'ul. Glowna 1, 00-000 Warszawa | NIP: 0987654321', 'company_2_name' => 'Spolka Celowa Sp. z o.o.', 'company_2_details' => 'ul. Przykladowa 10, 00-000 Warszawa | NIP: 1234567890 | KRS: 0000123456' ]; foreach ($default_settings as $key => $val) { $stmt = $pdo->prepare("INSERT IGNORE INTO " . DB_PREFIX . "settings (setting_key, setting_value) VALUES (?, ?)"); $stmt->execute([$key, $val]); } if ($_SERVER["REQUEST_METHOD"] === "POST") { requireCsrfToken(); if (isset($_FILES['logo'])) { if ($_FILES['logo']['error'] === 0) { $upload_dir = 'uploads/'; if (!is_dir($upload_dir)) { mkdir($upload_dir, 0755, true); } $tmpPath = $_FILES['logo']['tmp_name']; $mime = mime_content_type($tmpPath); $allowedMimes = [ 'image/jpeg' => 'jpg', 'image/png' => 'png', 'image/gif' => 'gif', ]; if (isset($allowedMimes[$mime]) && @getimagesize($tmpPath) !== false) { $new_name = 'logo_' . bin2hex(random_bytes(8)) . '.' . $allowedMimes[$mime]; $dest_path = $upload_dir . $new_name; if (move_uploaded_file($tmpPath, $dest_path)) { $stmt = $pdo->prepare("REPLACE INTO " . DB_PREFIX . "settings (setting_key, setting_value) VALUES ('logo_path', ?)"); $stmt->execute([$dest_path]); $message = "

Pomyslnie zaktualizowano logo.

"; } else { $message = "

Nie udalo sie zapisac pliku.

"; } } else { $message = "

Dozwolone sa tylko prawidlowe pliki JPG, PNG i GIF.

"; } } } elseif (isset($_POST['action']) && $_POST['action'] === 'update_company_settings') { $settings_to_update = ['company_1_name', 'company_1_details', 'company_2_name', 'company_2_details']; try { $pdo->beginTransaction(); $update_stmt = $pdo->prepare("UPDATE " . DB_PREFIX . "settings SET setting_value = ? WHERE setting_key = ?"); foreach ($settings_to_update as $key) { if (isset($_POST[$key])) { $update_stmt->execute([trim($_POST[$key]), $key]); } } $pdo->commit(); $message = "

Ustawienia firmowe zostaly zapisane.

"; } catch (PDOException $e) { $pdo->rollBack(); error_log($e->getMessage()); $message = "

Nie udalo sie zapisac ustawien.

"; } } elseif (isset($_POST['add_user'])) { $new_user = trim($_POST['new_username'] ?? ''); $new_pass = $_POST['new_password'] ?? ''; $new_role = $_POST['new_role'] ?? 'user'; if ($new_user !== '' && $new_pass !== '') { try { $new_email = trim($_POST['new_email'] ?? ''); $hashed_pass = password_hash($new_pass, PASSWORD_BCRYPT); $stmt = $pdo->prepare("INSERT INTO " . DB_PREFIX . "users (username, email, password, role) VALUES (?, ?, ?, ?)"); $stmt->execute([$new_user, $new_email !== '' ? $new_email : null, $hashed_pass, $new_role === 'admin' ? 'admin' : 'user']); $message = "

Dodano nowego uzytkownika: " . e($new_user) . "

"; } catch (PDOException $e) { error_log($e->getMessage()); $message = "

Nie udalo sie dodac uzytkownika.

"; } } } elseif (isset($_POST['reset_password'])) { $user_id = (int)($_POST['user_id'] ?? 0); $new_pass = $_POST['new_password'] ?? ''; if ($user_id > 0 && $new_pass !== '') { $hashed_pass = password_hash($new_pass, PASSWORD_BCRYPT); $stmt = $pdo->prepare("UPDATE " . DB_PREFIX . "users SET password = ? WHERE id = ?"); $stmt->execute([$hashed_pass, $user_id]); $message = "

Zmieniono haslo dla wybranego uzytkownika.

"; } } elseif (isset($_POST['delete_user'])) { $id_to_delete = (int)($_POST['user_id'] ?? 0); if ($id_to_delete !== (int)$_SESSION['user_id']) { $stmt = $pdo->prepare("DELETE FROM " . DB_PREFIX . "users WHERE id = ?"); $stmt->execute([$id_to_delete]); $message = "

Uzytkownik zostal pomyslnie usuniety.

"; } else { $message = "

Nie mozesz usunac wlasnego konta administratora.

"; } } } $users = $pdo->query("SELECT id, username, email, role, oauth_provider, last_login_at FROM " . DB_PREFIX . "users ORDER BY username ASC")->fetchAll(); $settings = []; try { $settings = $pdo->query("SELECT setting_key, setting_value FROM " . DB_PREFIX . "settings")->fetchAll(PDO::FETCH_KEY_PAIR); } catch (PDOException $e) { error_log($e->getMessage()); } $current_logo = $settings['logo_path'] ?? ''; ?> Panel administratora - <?php echo e(defined('APP_NAME') ? APP_NAME : 'System'); ?>

Panel zarzadzania systemem

Ustawienia wizualne

Dane firm

Dodaj pracownika

Zarejestrowani pracownicy

ID	Login	Email	Uprawnienia	Zrodlo	Zarzadzaj
					Nowe haslo: Wpisz nowe haslo: