isset($_POST['perm_dashboard']), 'pos' => isset($_POST['perm_pos']), 'products' => isset($_POST['perm_products']), 'orders' => isset($_POST['perm_orders']), 'customers' => isset($_POST['perm_customers']), 'settings_payment' => isset($_POST['perm_settings']), 'settings_shipping' => isset($_POST['perm_settings']), 'settings_email' => isset($_POST['perm_settings']), 'admin_management' => isset($_POST['perm_admin']) ]; if (empty($email) || empty($name)) { setFlash('error', 'Email and name are required'); } else { $data = [ 'email' => strtolower($email), 'name' => $name, 'is_master' => $isMaster, 'permissions' => json_encode($permissions) ]; if ($action === 'update' && $userId) { if (!empty($password)) { $data['password_hash'] = hashPassword($password); } db()->update('admin_users', $data, 'user_id = :id', ['id' => $userId]); setFlash('success', 'Admin user updated'); } else { if (empty($password)) { setFlash('error', 'Password is required for new users'); } else { $existing = db()->fetch("SELECT id FROM admin_users WHERE email = :email", ['email' => strtolower($email)]); if ($existing) { setFlash('error', 'Email already exists'); } else { $data['user_id'] = generateId('admin_'); $data['password_hash'] = hashPassword($password); $data['is_admin'] = 1; db()->insert('admin_users', $data); setFlash('success', 'Admin user created'); } } } } header('Location: /admin/users.php'); exit; } if ($action === 'delete' && !empty($_POST['user_id'])) { // Don't allow deleting self or last master $user = db()->fetch("SELECT is_master FROM admin_users WHERE user_id = :id", ['id' => $_POST['user_id']]); if ($user && $user['is_master']) { $masterCount = db()->count('admin_users', 'is_master = 1'); if ($masterCount <= 1) { setFlash('error', 'Cannot delete the last master admin'); header('Location: /admin/users.php'); exit; } } db()->delete('admin_users', 'user_id = :id', ['id' => $_POST['user_id']]); setFlash('success', 'Admin user deleted'); header('Location: /admin/users.php'); exit; } } $users = db()->fetchAll("SELECT * FROM admin_users ORDER BY is_master DESC, name ASC"); ?>
Name Email Role Created Actions
You Master Admin Admin