File: /srv/www/rectt-csmcri.res.in/admin_html/manage_advertisement.php
<?php
session_start();
include_once dirname(__DIR__) . '/public_html/sites/config/config.php';
if (!isset($_SESSION['admin_logged_in']) || !in_array($_SESSION['admin_role'], ['superadmin', 'manager'])) {
header("Location: admin_dashboard.php");
exit;
}
// 1) basic session checks
if (
empty($_SESSION['admin_id']) || empty($_SESSION['session_token'])
) {
header("Location: admin_login.php");
exit;
}
// 2) pull the token (and role) from the database
$stmt = $conn->prepare("SELECT session_token FROM admin_users WHERE id = ?");
$stmt->bind_param("i", $_SESSION['admin_id']);
$stmt->execute();
$result = $stmt->get_result()->fetch_assoc();
$stmt->close();
// 3) if the DB token is gone or doesn’t match the session’s, force logout
if (
! $result || $result['session_token'] !== $_SESSION['session_token']
) {
session_unset();
session_destroy();
header("Location: admin_login.php?error=" . urlencode("Your session has expired."));
exit;
}
$add_error = '';
$edit_error = '';
// Handle add
if (isset($_POST['add'])) {
$ad_id = $_POST['ad_id'];
$title = $_POST['title'];
$last_date = $_POST['last_date_to_apply'];
$status = $_POST['status'];
// Check if Ad ID already exists
$check = $conn->prepare("SELECT COUNT(*) FROM Advertisement WHERE Ad_id = ?");
$check->bind_param("s", $ad_id);
$check->execute();
$check->bind_result($count);
$check->fetch();
$check->close();
if ($count > 0) {
$add_error = "Ad ID '$ad_id' already exists.";
} else {
// Updated INSERT statement to no longer include scientific and experience_required
$stmt = $conn->prepare("INSERT INTO Advertisement (Ad_id, title, last_date_to_apply, status) VALUES (?, ?, ?, ?)");
$stmt->bind_param("ssss", $ad_id, $title, $last_date, $status); // 'ssss' for 4 string parameters
$stmt->execute();
$stmt->close();
header("Location: manage_advertisement.php");
exit;
}
}
// Handle update status and other fields
if (isset($_POST['edit_advertisement'])) {
$id = $_POST['edit_id'];
$new_status = $_POST['new_status'];
$new_title = $_POST['new_title'];
$new_last_date = $_POST['new_last_date_to_apply'];
// Updated UPDATE statement to no longer include scientific and experience_required
$stmt = $conn->prepare("UPDATE Advertisement SET title = ?, last_date_to_apply = ?, status = ? WHERE id = ?");
$stmt->bind_param("sssi", $new_title, $new_last_date, $new_status, $id); // 'sssi' for 3 strings and 1 integer
if ($stmt->execute()) {
header("Location: manage_advertisement.php");
exit;
} else {
$edit_error = "Error updating advertisement.";
}
$stmt->close();
}
// Handle delete
if (isset($_GET['delete'])) {
$id = $_GET['delete'];
$stmt = $conn->prepare("DELETE FROM Advertisement WHERE id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$stmt->close();
header("Location: manage_advertisement.php");
exit;
}
$result = $conn->query("SELECT * FROM Advertisement ORDER BY created_at DESC");
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Manage Advertisements</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
</head>
<body class="bg-light">
<div class="container mt-5">
<center>
<h1 class="mb-4">Advertisement Management</h1>
<div class="d-flex justify-content-center align-items-center my-3 gap-2">
<a href="admin_dashboard.php" class="btn btn-secondary btn-sm">Back to Dashboard</a>
<a href="admin_logout.php" class="btn btn-danger btn-sm ms-2">Logout</a>
</div>
</center>
<?php if (!empty($add_error)): ?>
<div class="alert alert-danger"><?= htmlspecialchars($add_error) ?></div>
<?php endif; ?>
<form method="post" class="card p-4 mb-4">
<div class="row">
<h5>Add Advertisement</h5>
<div class="col-12 mb-3">
<label class="form-label">Title</label>
<input type="text" name="title" class="form-control" required>
</div>
<div class="col-auto mb-3">
<label class="form-label">Ad ID</label>
<input type="text" name="ad_id" class="form-control" required>
</div>
<div class="col-auto mb-3">
<label class="form-label">Last Date to Apply</label>
<input type="date" name="last_date_to_apply" class="form-control" required>
</div>
<div class="col-auto mb-3">
<label class="form-label">Status</label>
<select name="status" class="form-select" required>
<option value="Published">Published</option>
<option value="Unpublished">Unpublished</option>
</select>
</div>
<div class="mb-3">
<button type="submit" name="add" class="btn btn-primary">Add Advertisement</button></div>
</div>
</form>
<?php if (!empty($edit_error)): ?>
<div class="alert alert-danger"><?= htmlspecialchars($edit_error) ?></div>
<?php endif; ?>
<table class="table table-bordered bg-white">
<thead class="table-dark">
<tr>
<th>ID</th>
<th>Ad ID</th>
<th>Title</th>
<th>Created At</th>
<th>Last Date to Apply</th>
<th>Status</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php while ($row = $result->fetch_assoc()): ?>
<tr>
<td><?= htmlspecialchars($row['id']) ?></td>
<td><?= htmlspecialchars($row['Ad_id']) ?></td>
<td><?= htmlspecialchars($row['title']) ?></td>
<td><?= htmlspecialchars($row['created_at']) ?></td>
<td><?= htmlspecialchars($row['last_date_to_apply']) ?></td>
<td><?= htmlspecialchars($row['status']) ?></td>
<td>
<button type="button" class="btn btn-sm btn-warning" data-bs-toggle="modal" data-bs-target="#editAdvertisementModal<?= $row['id'] ?>">Edit</button>
<a href="?delete=<?= $row['id'] ?>" class="btn btn-sm btn-danger ms-1" onclick="return confirm('Are you sure?')">Delete</a>
<div class="modal fade" id="editAdvertisementModal<?= $row['id'] ?>" tabindex="-1" aria-labelledby="editAdvertisementModalLabel<?= $row['id'] ?>" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="editAdvertisementModalLabel<?= $row['id'] ?>">Edit Advertisement</h5>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<form method="post">
<div class="modal-body">
<input type="hidden" name="edit_id" value="<?= $row['id'] ?>">
<div class="mb-3">
<label class="form-label">Title</label>
<input type="text" name="new_title" class="form-control" value="<?= htmlspecialchars($row['title']) ?>" required>
</div>
<div class="mb-3">
<label class="form-label">Last Date to Apply</label>
<input type="date" name="new_last_date_to_apply" class="form-control" value="<?= htmlspecialchars($row['last_date_to_apply']) ?>" required>
</div>
<div class="mb-3">
<label class="form-label">Status</label>
<select name="new_status" class="form-select" required>
<option value="Published" <?= ($row['status'] == 'Published') ? 'selected' : '' ?>>Published</option>
<option value="Unpublished" <?= ($row['status'] == 'Unpublished') ? 'selected' : '' ?>>Unpublished</option>
</select>
</div>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Close</button>
<button type="submit" name="edit_advertisement" class="btn btn-primary">Save Changes</button>
</div>
</form>
</div>
</div>
</div>
</td>
</tr>
<?php endwhile; ?>
</tbody>
</table>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>