PDO::ERRMODE_EXCEPTION] ); } catch (PDOException $e) { die("DB Connection failed: " . $e->getMessage()); } $message = ''; $messageType = ''; // 'success' or 'error' // Handle POST actions if ($_SERVER['REQUEST_METHOD'] === 'POST') { $action = $_POST['action'] ?? ''; if ($action === 'add' || $action === 'update') { $email = $_POST['email'] ?? ''; $newRole = $_POST['role_to_set'] ?? ''; if ($email && in_array($newRole, ['admin', 'superadmin'])) { // Update user role $stmt = $pdo->prepare("UPDATE users SET role = :role WHERE email = :email"); $success = $stmt->execute([':role' => $newRole, ':email' => $email]); if ($success && $stmt->rowCount() > 0) { $message = "Successfully updated permission for " . escape($email); $messageType = 'success'; } elseif ($success) { $message = "User " . escape($email) . " already has that role or does not exist."; $messageType = 'info'; } else { $message = "Failed to update permission."; $messageType = 'error'; } } } elseif ($action === 'remove') { $email = $_POST['email'] ?? ''; // Prevent self-removal if validation needed, but usually SuperAdmin can remove themselves if not careful. // Let's just allow it or maybe warn. For now allow. if ($email === $_SESSION['user_email']) { $message = "You cannot remove your own SuperAdmin status from here."; $messageType = 'error'; } else { $stmt = $pdo->prepare("UPDATE users SET role = 'user' WHERE email = :email"); $success = $stmt->execute([':email' => $email]); if ($success) { $message = "Removed admin rights from " . escape($email); $messageType = 'success'; } } } } // Fetch Admins and SuperAdmins $stmt = $pdo->query("SELECT * FROM users WHERE LOWER(TRIM(role)) IN ('admin', 'superadmin') ORDER BY role DESC, email ASC"); $admins = $stmt->fetchAll(PDO::FETCH_ASSOC); // Fetch All Users for Dropdown $stmt = $pdo->query("SELECT email FROM users ORDER BY email ASC"); $allUsers = $stmt->fetchAll(PDO::FETCH_COLUMN); ?> Manage Permissions

Permission Management

« Back to Dashboard

Grant Permissions

Select a user to promote to Admin or SuperAdmin status.

Current Admins & SuperAdmins

Email Company Current Role Actions
No admins found.
(You)