| Server IP : 172.67.187.206 / Your IP : 172.71.28.156 Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586 User : SYSTEM ( 0) PHP Version : 5.6.30 Disable Function : NONE MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /Inetpub/www/school_budget/admin/ |
Upload File : |
<?php
include '../template/header.php';
// ป้องกัน
if (!isset($_SESSION['user_id']) || $_SESSION['role'] != 'admin') {
header("Location: ../login.php");
exit();
}
$edit_mode = false;
$edit_id = 0;
$edit_school_name = '';
$edit_username = '';
// การจัดการข้อมูล (เพิ่ม/แก้ไข/ลบ)
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$school_name = mysqli_real_escape_string($conn, $_POST['school_name']);
$username = mysqli_real_escape_string($conn, $_POST['username']);
$password = mysqli_real_escape_string($conn, $_POST['password']);
$id_to_update = mysqli_real_escape_string($conn, $_POST['id_to_update']);
if ($id_to_update > 0) { // โหมดแก้ไข
$sql_school = "UPDATE schools SET school_name='$school_name' WHERE id=$id_to_update";
mysqli_query($conn, $sql_school);
if (!empty($password)) {
$sql_user = "UPDATE users SET username='$username', password='$password' WHERE school_id=$id_to_update";
} else {
$sql_user = "UPDATE users SET username='$username' WHERE school_id=$id_to_update";
}
mysqli_query($conn, $sql_user);
} else { // โหมดเพิ่ม
$sql_school = "INSERT INTO schools (school_name) VALUES ('$school_name')";
if (mysqli_query($conn, $sql_school)) {
$school_id = mysqli_insert_id($conn);
$sql_user = "INSERT INTO users (username, password, role, school_id) VALUES ('$username', '$password', 'school', $school_id)";
mysqli_query($conn, $sql_user);
}
}
header("Location: manage_schools.php");
exit();
}
// การลบข้อมูล
if (isset($_GET['delete'])) {
$id_to_delete = mysqli_real_escape_string($conn, $_GET['delete']);
$sql_delete = "DELETE FROM schools WHERE id=$id_to_delete";
mysqli_query($conn, $sql_delete);
header("Location: manage_schools.php");
exit();
}
// การดึงข้อมูลมาแก้ไข
if (isset($_GET['edit'])) {
$edit_mode = true;
$edit_id = mysqli_real_escape_string($conn, $_GET['edit']);
$sql_edit = "SELECT s.school_name, u.username FROM schools s JOIN users u ON s.id = u.school_id WHERE s.id=$edit_id";
$result_edit = mysqli_query($conn, $sql_edit);
$data_edit = mysqli_fetch_assoc($result_edit);
$edit_school_name = $data_edit['school_name'];
$edit_username = $data_edit['username'];
}
?>
<h1 class="mb-4"><i class="bi bi-building"></i> จัดการโรงเรียนและผู้ใช้งาน</h1>
<div class="row">
<div class="col-md-4">
<div class="card">
<div class="card-header bg-primary text-white">
<?php echo $edit_mode ? 'แก้ไขข้อมูลโรงเรียน' : 'เพิ่มโรงเรียนใหม่'; ?>
</div>
<div class="card-body">
<form method="post">
<input type="hidden" name="id_to_update" value="<?php echo $edit_id; ?>">
<div class="mb-3">
<label class="form-label">ชื่อโรงเรียน</label>
<input type="text" name="school_name" class="form-control" value="<?php echo $edit_school_name; ?>" required>
</div>
<div class="mb-3">
<label class="form-label">Username (สำหรับโรงเรียน)</label>
<input type="text" name="username" class="form-control" value="<?php echo $edit_username; ?>" required>
</div>
<div class="mb-3">
<label class="form-label">Password</label>
<input type="text" name="password" class="form-control" <?php echo $edit_mode ? '' : 'required'; ?>>
<?php if ($edit_mode): ?><div class="form-text">เว้นว่างไว้หากไม่ต้องการเปลี่ยนรหัสผ่าน</div><?php endif; ?>
</div>
<button type="submit" class="btn btn-primary"><?php echo $edit_mode ? 'อัปเดตข้อมูล' : 'เพิ่มโรงเรียน'; ?></button>
<?php if ($edit_mode): ?><a href="manage_schools.php" class="btn btn-secondary">ยกเลิก</a><?php endif; ?>
</form>
</div>
</div>
</div>
<div class="col-md-8">
<div class="d-grid mb-3">
<a href="import_schools.php" class="btn btn-info"><i class="bi bi-file-earmark-excel-fill me-1"></i> นำเข้าข้อมูลโรงเรียนจาก Excel</a>
</div>
<div class="card">
<div class="card-body">
<div class="table-responsive">
<table class="table table-striped table-hover">
<thead>
<tr>
<th>#</th>
<th>ชื่อโรงเรียน</th>
<th>Username</th>
<th>จัดการ</th>
</tr>
</thead>
<tbody>
<?php
$sql = "SELECT s.id, s.school_name, u.username FROM schools s LEFT JOIN users u ON s.id = u.school_id WHERE u.role='school' ORDER BY s.school_name";
$result = mysqli_query($conn, $sql);
$counter = 1;
while ($row = mysqli_fetch_assoc($result)) {
?>
<tr>
<td><?php echo $counter++; ?></td>
<td><?php echo htmlspecialchars($row['school_name']); ?></td>
<td><?php echo htmlspecialchars($row['username']); ?></td>
<td>
<a href="?edit=<?php echo $row['id']; ?>" class="btn btn-warning btn-sm"><i class="bi bi-pencil-square"></i></a>
<a href="?delete=<?php echo $row['id']; ?>" class="btn btn-danger btn-sm" onclick="return confirm('คุณแน่ใจหรือไม่ว่าต้องการลบข้อมูลนี้?')"><i class="bi bi-trash"></i></a>
</td>
</tr>
<?php } ?>
</tbody>
</table>
</div>
</div>
</div>
</div>
</div>
<?php include '../template/footer.php'; ?>