db = \Config\Database::connect(); helper(['url', 'form', 'text']); } public function index() { return view('v2/admin/index'); } public function users() { return view('v2/admin/users'); } public function profile() { return view('v2/admin/profile'); } public function settings() { return view('v2/admin/settings'); } // API Methods public function usersList() { $sql = "select u.USERID, u.USERLEVEL from GDC_CMOD.dbo.USERS u left join glendb.dbo.USERS u1 on u1.USERID=u.USERID where u1.LOCKEDACCOUNT is null"; $query = $this->db->query($sql); $results = $query->getResultArray(); return $this->respond(['data' => $results]); } public function userCreate() { $json = $this->request->getJSON(); $userid = strtoupper(trim($json->userid ?? '')); $userlevel = trim($json->userlevel ?? ''); $password = trim($json->password ?? ''); $password_2 = trim($json->password_2 ?? ''); if (empty($userid) || empty($userlevel) || empty($password)) { return $this->fail('All fields are required', 400); } if ($password != $password_2) { return $this->fail('Passwords do not match', 400); } if (strlen($password) < 3) { return $this->fail('Password must be at least 3 characters', 400); } // Check exists $sql = $this->db->query("SELECT USERID FROM gdc_cmod.dbo.USERS WHERE USERID = ?", [$userid]); if ($sql->getRowArray()) { return $this->fail('User ID already exists', 400); } $hashedPassword = password_hash($password, PASSWORD_DEFAULT); $this->db->transBegin(); try { $sqlInsert = "INSERT INTO gdc_cmod.dbo.USERS (USERID, USERLEVEL, PASSWORD) VALUES (?, ?, ?)"; $this->db->query($sqlInsert, [$userid, $userlevel, $hashedPassword]); $this->db->transCommit(); } catch (\Throwable $e) { $this->db->transRollback(); return $this->failServerError($e->getMessage()); } return $this->respondCreated(['message' => 'User created']); } public function userUpdate() { $json = $this->request->getJSON(); $userid = strtoupper(trim($json->userid ?? '')); $userlevel = trim($json->userlevel ?? ''); $password = trim($json->password ?? ''); $password_2 = trim($json->password_2 ?? ''); if (empty($userid)) { return $this->fail('User ID is required', 400); } $fullUpdate = false; $hashedPassword = ''; if (!empty($password) || !empty($password_2)) { if ($password != $password_2) { return $this->fail('Passwords do not match', 400); } $hashedPassword = password_hash($password, PASSWORD_DEFAULT); $fullUpdate = true; } $this->db->transBegin(); try { if ($fullUpdate) { $sql = "UPDATE gdc_cmod.dbo.USERS SET USERLEVEL = ?, PASSWORD = ? WHERE USERID = ?"; $this->db->query($sql, [$userlevel, $hashedPassword, $userid]); } else { $sql = "UPDATE gdc_cmod.dbo.USERS SET USERLEVEL = ? WHERE USERID = ?"; $this->db->query($sql, [$userlevel, $userid]); } $this->db->transCommit(); } catch (\Throwable $e) { $this->db->transRollback(); return $this->failServerError(); } return $this->respond(['message' => 'User updated']); } public function userDelete() { $json = $this->request->getJSON(); $userid = strtoupper(trim($json->userid ?? '')); if (empty($userid)) { return $this->fail('User ID is required', 400); } $this->db->transBegin(); try { $sqlDelete = "DELETE FROM gdc_cmod.dbo.USERS WHERE USERID = ?"; $this->db->query($sqlDelete, [$userid]); $this->db->transCommit(); } catch (\Throwable $e) { $this->db->transRollback(); return $this->failServerError(); } return $this->respondDeleted(['message' => 'User deleted']); } }