xNightR00T File Manager

Loading...
Current Directory:
Name Size Permission Modified Actions
Loading...
$ Waiting for command...
© xNightR00T
HEX
HEX
Server: LiteSpeed
System: Linux server701.web-hosting.com 4.18.0-553.45.1.lve.el8.x86_64 #1 SMP Wed Mar 26 12:08:09 UTC 2025 x86_64
User: artiksbn (3537)
PHP: 8.1.34
Disabled: NONE
$ pwd: /home/artiksbn/fidelity.artigianodellapizza.com/
Upload Files
File: //home/artiksbn/fidelity.artigianodellapizza.com/admin.php
<?php
// admin.php - Enhanced Admin interface
require_once 'admin_functions.php';
require_once 'customer_functions.php';

$message = '';
$message_type = '';
$customers = [];
$action = $_GET['action'] ?? 'dashboard';

// Handle CSV export
if ($action === 'export_csv' && isAdminLoggedIn()) {
    $startDate = $_GET['start_date'] ?? null;
    $endDate = $_GET['end_date'] ?? null;
    $transactionType = $_GET['transaction_type'] ?? 'all';
    
    $csvContent = exportTransactionsCSV($startDate, $endDate, $transactionType);
    
    $filename = 'transactions_' . date('Y-m-d_H-i-s') . '.csv';
    
    header('Content-Type: text/csv');
    header('Content-Disposition: attachment; filename="' . $filename . '"');
    header('Content-Length: ' . strlen($csvContent));
    
    echo $csvContent;
    exit;
}

// Handle form submissions
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    if (!verifyCSRFToken($_POST['csrf_token'] ?? '')) {
        $message = 'Requête invalide';
        $message_type = 'error';
    } else {
        $postAction = $_POST['action'] ?? '';
        
        if ($postAction === 'login') {
            $username = $_POST['username'] ?? '';
            $password = $_POST['password'] ?? '';
            
            if (authenticateAdmin($username, $password)) {
                $message = 'Connexion réussie';
                $message_type = 'success';
                $action = 'dashboard';
            } else {
                $message = "Nom d'utilisateur ou mot de passe invalide";
                $message_type = 'error';
            }
        } elseif ($postAction === 'search') {
            requireAdminLogin();
            $query = $_POST['query'] ?? '';
            if (!empty($query)) {
                $customers = searchCustomers($query);
                if (empty($customers)) {
                    $message = 'Aucun client trouvé';
                    $message_type = 'error';
                }
            }
        } elseif ($postAction === 'add_point') {
            requireAdminLogin();
            $customerId = $_POST['customer_id'] ?? '';
            $pointsToAdd = $_POST['points_to_add'] ?? 1;
            $adminInfo = getAdminInfo();
            
            if ($customerId && $adminInfo) {
                $result = addPointToCustomer($customerId, $adminInfo['id'], $pointsToAdd);
                $message = $result['message'];
                $message_type = $result['success'] ? 'success' : 'error';
                if ($result['success'] && $result['earned_free_pizza']) {
                    $message .= ' - Le client a gagné ' . $result['pizzas_earned'] . ' pizza(s) gratuite(s) !';
                }
                
                // Refresh customer data
                $customers = [getCustomerByCode($_POST['customer_code'])];
            }
        } elseif ($postAction === 'redeem_pizza') {
            requireAdminLogin();
            $customerId = $_POST['customer_id'] ?? '';
            $adminInfo = getAdminInfo();
            
            if ($customerId && $adminInfo) {
                $result = redeemFreePizza($customerId, $adminInfo['id']);
                $message = $result['message'];
                $message_type = $result['success'] ? 'success' : 'error';
                
                // Refresh customer data
                $customers = [getCustomerByCode($_POST['customer_code'])];
            }
        } elseif ($postAction === 'create_customer') {
            requireAdminLogin();
            $phone = $_POST['phone'] ?? '';
            $firstName = $_POST['first_name'] ?? null;
            $lastName = $_POST['last_name'] ?? null;
            $currentPoints = $_POST['current_points'] ?? 0;
            $availablePizzas = $_POST['available_pizzas'] ?? 0;
            
            $result = createCustomer($phone, $firstName, $lastName, $currentPoints, $availablePizzas, $address);            $message = $result['message'];
            $message_type = $result['success'] ? 'success' : 'error';
            
            if ($result['success']) {
                $action = 'customers';
            }
        } elseif ($postAction === 'update_customer') {
            requireAdminLogin();
            $customerId = $_POST['customer_id'] ?? '';
            $phone = $_POST['phone'] ?? '';
            $firstName = $_POST['first_name'] ?? null;
            $lastName = $_POST['last_name'] ?? null;
            $currentPoints = $_POST['current_points'] ?? 0;
            $availablePizzas = $_POST['available_pizzas'] ?? 0;
            $address = $_POST['address'] ?? null; // Added
            
            $result = updateCustomer($customerId, $phone, $firstName, $lastName, $currentPoints, $availablePizzas, $address);            $message = $result['message'];
            $message_type = $result['success'] ? 'success' : 'error';
            
            if ($result['success']) {
                $action = 'customers';
            }
        } elseif ($postAction === 'deactivate_customer') {
            requireAdminLogin();
            $customerId = $_POST['customer_id'] ?? '';
            
            $result = deactivateCustomer($customerId);
            $message = $result['message'];
            $message_type = $result['success'] ? 'success' : 'error';
            
            if ($result['success']) {
                $action = 'customers';
            }
        } elseif ($postAction === 'reactivate_customer') {
            requireAdminLogin();
            $customerId = $_POST['customer_id'] ?? '';
            
            $result = reactivateCustomer($customerId);
            $message = $result['message'];
            $message_type = $result['success'] ? 'success' : 'error';
            
            if ($result['success']) {
                $action = 'customers';
            }
        } elseif ($postAction === 'update_password') {
            requireAdminLogin();
            $adminInfo = getAdminInfo();
            $oldPassword = $_POST['old_password'] ?? '';
            $newPassword = $_POST['new_password'] ?? '';
            $confirmPassword = $_POST['confirm_password'] ?? '';

            if ($newPassword !== $confirmPassword) {
                $message = 'Les nouveaux mots de passe ne correspondent pas.';
                $message_type = 'error';
            } else {
                $result = updateAdminPassword($adminInfo['id'], $oldPassword, $newPassword);
                $message = $result['message'];
                $message_type = $result['success'] ? 'success' : 'error';
            }
            $action = 'change_password';
        } elseif ($postAction === 'logout') {
            adminLogout();
            $message = 'Déconnexion réussie';
            $message_type = 'success';
            $action = 'login';
        }
    }
}

// Check login status
if ($action !== 'login' && !isAdminLoggedIn()) {
    $action = 'login';
}

// Get data for customers page
$customerData = [];
if ($action === 'customers' && isAdminLoggedIn()) {
    $page = $_GET['page'] ?? 1;
    $search = $_GET['search'] ?? '';
    $status = $_GET['status'] ?? 'active';
    $customerData = getAllCustomers($page, 20, $search, $status);
}

// Get customer for editing
$editCustomer = null;
if ($action === 'edit_customer' && isAdminLoggedIn()) {
    $customerId = $_GET['id'] ?? '';
    $editCustomer = getCustomerById($customerId);
    if (!$editCustomer) {
        $message = 'Client non trouvé';
        $message_type = 'error';
        $action = 'customers';
    }
}

// Get statistics for export page
$stats = [];
if ($action === 'export' && isAdminLoggedIn()) {
    $startDate = $_GET['start_date'] ?? null;
    $endDate = $_GET['end_date'] ?? null;
    $stats = getTransactionStats($startDate, $endDate);
}

$csrfToken = generateCSRFToken();
?>
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-QWTKZyjpPEjISv5WaRU9OFeRpok6YctnYmDr5pNlyT2bRjXh0JMhjY6hW+ALEwIH" crossorigin="anonymous">
    <link href="https://fonts.googleapis.com/css2?family=PT+Sans+Narrow:wght@400;700&display=swap" rel="stylesheet">
    <title>Admin - <?= APP_NAME ?></title>
    <!-- Favicon -->
    <link rel="icon" type="image/x-icon" href="img/favicon.png">

    <style>
        body {
            font-family: 'PT Sans Narrow', sans-serif;
        }
        .btn-primary {
            background-color: #9b9a76;
            border-color: #9b9a76;
        }
        .btn-primary:hover {
            background-color: #8a8965;
            border-color: #8a8965;
        }
    </style>
    <script>
        function showModal(modalId) {
            document.getElementById(modalId).style.display = 'block';
        }
        
        function hideModal(modalId) {
            document.getElementById(modalId).style.display = 'none';
        }
        
        function confirmAddPoint(form) {
            const customerId = form.customer_id.value;
            const customerCode = form.customer_code.value;
            const pointsToAdd = form.points_to_add.value;
            const customerName = form.dataset.customerName;
            
            document.getElementById('addPointCustomerId').value = customerId;
            document.getElementById('addPointCustomerCode').value = customerCode;
            document.getElementById('addPointPointsToAdd').value = pointsToAdd;
            document.getElementById('addPointCustomerName').textContent = customerName;
            document.getElementById('addPointConfirmationText').textContent = `Êtes-vous sûr de vouloir ajouter ${pointsToAdd} point(s) à `;
            
            showModal('addPointModal');
            return false;
        }
        
        function confirmRedeemPizza(customerId, customerCode, customerName) {
            document.getElementById('redeemCustomerId').value = customerId;
            document.getElementById('redeemCustomerCode').value = customerCode;
            document.getElementById('redeemCustomerName').textContent = customerName;
            showModal('redeemModal');
        }
        
        function confirmDeactivate(customerId, customerName) {
            document.getElementById('deactivateCustomerId').value = customerId;
            document.getElementById('deactivateCustomerName').textContent = customerName;
            showModal('deactivateModal');
        }
        
        function confirmReactivate(customerId, customerName) {
            document.getElementById('reactivateCustomerId').value = customerId;
            document.getElementById('reactivateCustomerName').textContent = customerName;
            showModal('reactivateModal');
        }
        
        // Close modal when clicking outside
        window.onclick = function(event) {
            if (event.target.classList.contains('modal')) {
                event.target.style.display = 'none';
            }
        }
        
        // Auto-generate export filename
        function updateExportFilename() {
            const startDate = document.getElementById('start_date').value;
            const endDate = document.getElementById('end_date').value;
            const type = document.getElementById('transaction_type').value;
            
            let filename = 'transactions';
            if (startDate) filename += '_from_' + startDate;
            if (endDate) filename += '_to_' + endDate;
            if (type !== 'all') filename += '_' + type;
            filename += '.csv';
            
            document.getElementById('export_filename').textContent = filename;
        }
</script>
</head>
<body>
    <div class="container mt-5">
        <?php if ($action === 'login'): ?>
            <!-- Login Form -->
            <div class="row justify-content-center">
                <div class="col-md-6 col-lg-4">
                    <div class="card">
                        <div class="card-body">
                            <img src="img/logo.png" alt="Pizzeria Logo" class="img-fluid d-block mx-auto mb-3" style="max-width: 150px;">
                            <h1 class="h3 mb-3 fw-normal text-center">🛠️ Admin Login</h1>
                            
                            <?php if ($message): ?>
                                <div class="alert alert-<?= $message_type === 'success' ? 'success' : 'danger' ?>" role="alert">
                                    <?= sanitize($message) ?>
                                </div>
                            <?php endif; ?>
                            
                            <form method="post">
                                <input type="hidden" name="csrf_token" value="<?= $csrfToken ?>">
                                <input type="hidden" name="action" value="login">
                                <div class="form-floating mb-3">
                                    <input type="text" class="form-control" id="username" name="username" placeholder="Username" required>
                                    <label for="username">Nom d'utilisateur:</label>
                                </div>
                                <div class="form-floating mb-3">
                                    <input type="password" class="form-control" id="password" name="password" placeholder="Password" required>
                                    <label for="password">Mot de passe:</label>
                                </div>
                                <button class="w-100 btn btn-lg btn-primary" type="submit">Connexion</button>
                            </form>
                        </div>
                    </div>
                </div>
            </div>
            
        <?php else: ?>
            <!-- Admin Dashboard -->
            <!-- Admin Dashboard -->
            <header class="d-flex flex-wrap align-items-center justify-content-center justify-content-md-between py-3 mb-4 border-bottom">
                <a href="?action=dashboard" class="d-flex align-items-center col-md-3 mb-2 mb-md-0 text-dark text-decoration-none">
                    <img src="img/logo.png" alt="Pizzeria Logo" style="max-width: 100px;">
                    <span class="fs-4">Admin Panel</span>
                </a>

                <ul class="nav col-12 col-md-auto mb-2 justify-content-center mb-md-0">
                    <li><a href="?action=dashboard" class="nav-link px-2 link-secondary <?= $action === 'dashboard' ? 'active' : '' ?>">🏠 Dashboard</a></li>
                    <li><a href="?action=customers" class="nav-link px-2 link-dark <?= $action === 'customers' ? 'active' : '' ?>">👥 Clients</a></li>
                    <li><a href="?action=add_customer" class="nav-link px-2 link-dark <?= $action === 'add_customer' ? 'active' : '' ?>">➕ Nouveau Client</a></li>
                    <li><a href="?action=export" class="nav-link px-2 link-dark <?= $action === 'export' ? 'active' : '' ?>">📊 Export</a></li>
                </ul>

                <div class="col-md-3 text-end">
                    <div class="dropdown d-inline-block">
                        <button class="btn btn-outline-primary dropdown-toggle" type="button" id="accountDropdown" data-bs-toggle="dropdown" aria-expanded="false">
                            👤 Compte
                        </button>
                        <ul class="dropdown-menu dropdown-menu-end" aria-labelledby="accountDropdown">
                            <li><a class="dropdown-item" href="?action=change_password">🔑 Changer Mot de Passe</a></li>
                            <li><hr class="dropdown-divider"></li>
                            <li>
                                <form method="post" class="d-inline">
                                    <input type="hidden" name="csrf_token" value="<?= $csrfToken ?>">
                                    <input type="hidden" name="action" value="logout">
                                    <button type="submit" class="dropdown-item">🚪 Déconnexion</button>
                                </form>
                            </li>
                        </ul>
                    </div>
                </div>
            </header>
            
            <?php if ($message): ?>
                <div class="message <?= $message_type === 'success' ? 'success' : 'error' ?>">
                    <?= sanitize($message) ?>
                </div>
            <?php endif; ?>
            
            <?php if ($action === 'dashboard'): ?>
                <!-- Dashboard Content -->
                <h2 class="mb-4">Recherche Client</h2>
                <form method="post" class="row g-3 mb-4">
                    <input type="hidden" name="csrf_token" value="<?= $csrfToken ?>">
                    <input type="hidden" name="action" value="search">
                    <div class="col-auto">
                        <label for="query" class="visually-hidden">Recherche</label>
                        <input type="text" class="form-control" name="query" placeholder="Entrez le code client, le numéro de téléphone ou le nom..." required>
                    </div>
                    <div class="col-auto">
                        <button type="submit" class="btn btn-primary">Rechercher</button>
                    </div>
                </form>
                
                <!-- Search Results -->
                <?php if (!empty($customers)): ?>
                    <h3>Résultats de recherche:</h3>
                    <?php foreach ($customers as $customer): ?>
                        <div class="card mb-3">
                            <div class="card-body">
                                <div class="d-flex justify-content-between align-items-center">
                                    <div>
                                        <h5 class="card-title"><?= $customer['first_name'] ? sanitize($customer['first_name'] . ' ' . $customer['last_name']) : 'Client ' . $customer['customer_code'] ?></h5>
                                        <h6 class="card-subtitle mb-2 text-muted">Code: <?= $customer['customer_code'] ?> | Téléphone: <?= $customer['phone_number'] ?></h6>
                                        <?php if (!empty($customer['address'])): ?>
                                          <p class="card-text small mt-2">
                                            <strong>Adresse:</strong><br>
                                            <?= nl2br(sanitize($customer['address'])) ?>
                                          </p>
                                        <?php endif; ?>
                                    </div>
                                    <div>
                                        <span class="badge bg-primary rounded-pill me-2"><?= $customer['current_points'] ?> points</span>
                                        <span class="badge bg-success rounded-pill"><?= $customer['available_free_pizzas'] ?> pizzas gratuites</span>
                                    </div>
                                </div>
                                <hr>
                                <div class="d-flex justify-content-end align-items-center">
                                    <form method="post" onsubmit="return confirmAddPoint(this);" data-customer-name="<?= $customer['first_name'] ? sanitize($customer['first_name'] . ' ' . $customer['last_name']) : 'Customer ' . $customer['customer_code'] ?>" class="d-flex gap-2 align-items-center">
                                        <input type="hidden" name="csrf_token" value="<?= $csrfToken ?>">
                                        <input type="hidden" name="action" value="add_point">
                                        <input type="hidden" name="customer_id" value="<?= $customer['id'] ?>">
                                        <input type="hidden" name="customer_code" value="<?= $customer['customer_code'] ?>">
                                        <input type="number" name="points_to_add" value="1" min="1" class="form-control" style="width: 80px;">
                                        <button type="submit" class="btn btn-success">Ajouter Points</button>
                                    </form>
                                    <button type="button" class="btn btn-warning ms-2" 
                                            onclick="confirmRedeemPizza(<?= $customer['id'] ?>, '<?= $customer['customer_code'] ?>', '<?= $customer['first_name'] ? sanitize($customer['first_name'] . ' ' . $customer['last_name']) : 'Customer ' . $customer['customer_code'] ?>')"
                                            <?= $customer['available_free_pizzas'] == 0 ? 'disabled' : '' ?>>
                                        ✅ Marquer utilisée
                                    </button>
                                </div>
                            </div>
                        </div>
                    <?php endforeach; ?>
                <?php endif; ?>
                
            <?php elseif ($action === 'customers'): ?>
                <!-- Customers Management -->
                <h2 class="mb-4">Gestion des Clients</h2>
                
                <!-- Filters -->
                <form method="get" class="row g-3 mb-4">
                    <input type="hidden" name="action" value="customers">
                    <div class="col-md-6">
                        <input type="text" name="search" class="form-control" placeholder="Rechercher..." value="<?= htmlspecialchars($_GET['search'] ?? '') ?>">
                    </div>
                    <div class="col-md-4">
                        <select name="status" class="form-select">
                            <option value="active" <?= ($_GET['status'] ?? 'active') === 'active' ? 'selected' : '' ?>>Actifs</option>
                            <option value="inactive" <?= ($_GET['status'] ?? 'active') === 'inactive' ? 'selected' : '' ?>>Inactifs</option>
                        </select>
                    </div>
                    <div class="col-md-2">
                        <button type="submit" class="btn btn-primary w-100">Filtrer</button>
                    </div>
                </form>
                
                <!-- Customer Table -->
                <div class="table-responsive">
                    <table class="table table-striped table-hover">
                        <thead class="table-light">
                            <tr>
                                <th>Code</th>
                                <th>Nom</th>
                                <th>Téléphone</th>
                                <th>Points (restant)</th>
                                <th>Pizzas</th>
                                <th>Statut</th>
                                <th>Dernière Transaction</th>
                                <th>Actions</th>
                            </tr>
                        </thead>
                        <tbody>
                            <?php if (!empty($customerData['customers'])): ?>
                                <?php foreach ($customerData['customers'] as $customer): ?>
                                    <tr class="<?= $customer['status'] === 'inactive' ? 'opacity-50' : '' ?>">
                                        <td><?= $customer['customer_code'] ?></td>
                                        <td><?= $customer['first_name'] ? sanitize($customer['first_name'] . ' ' . $customer['last_name']) : '-' ?></td>
                                        <td><?= $customer['phone_number'] ?></td>
                                        <td><span class="badge bg-primary rounded-pill"><?= $customer['current_points'] ?></span></td>
                                        <td><span class="badge bg-success rounded-pill"><?= $customer['available_free_pizzas'] ?></span></td>
                                        <td>
                                            <span class="badge bg-<?= $customer['status'] === 'active' ? 'success' : 'danger' ?>">
                                                <?= $customer['status'] === 'active' ? 'Actif' : 'Inactif' ?>
                                            </span>
                                        </td>
                                        <td><?= $customer['last_transaction'] ? date('d/m/Y H:i', strtotime($customer['last_transaction'])) : 'Jamais' ?></td>
                                        <td>
                                            <a href="?action=edit_customer&id=<?= $customer['id'] ?>" class="btn btn-sm btn-info">✏️</a>
                                            <?php if ($customer['status'] === 'active'): ?>
                                                <button type="button" class="btn btn-sm btn-danger" onclick="confirmDeactivate(<?= $customer['id'] ?>, '<?= $customer['first_name'] ? sanitize($customer['first_name'] . ' ' . $customer['last_name']) : 'Customer ' . $customer['customer_code'] ?>')">🚫</button>
                                            <?php else: ?>
                                                <button type="button" class="btn btn-sm btn-success" onclick="confirmReactivate(<?= $customer['id'] ?>, '<?= $customer['first_name'] ? sanitize($customer['first_name'] . ' ' . $customer['last_name']) : 'Customer ' . $customer['customer_code'] ?>')">✅</button>
                                            <?php endif; ?>
                                        </td>
                                    </tr>
                                <?php endforeach; ?>
                            <?php else: ?>
                                <tr>
                                    <td colspan="8" class="text-center py-4">Aucun client trouvé</td>
                                </tr>
                            <?php endif; ?>
                        </tbody>
                    </table>
                </div>
                
                <!-- Pagination -->
                <?php if ($customerData['pages'] > 1): ?>
                    <nav>
                        <ul class="pagination justify-content-center">
                            <?php for ($i = 1; $i <= $customerData['pages']; $i++): ?>
                                <li class="page-item <?= $i == $customerData['current_page'] ? 'active' : '' ?>">
                                    <a class="page-link" href="?action=customers&page=<?= $i ?>&search=<?= urlencode($_GET['search'] ?? '') ?>&status=<?= urlencode($_GET['status'] ?? 'active') ?>"><?= $i ?></a>
                                </li>
                            <?php endfor; ?>
                        </ul>
                    </nav>
                <?php endif; ?>
                
            <?php elseif ($action === 'add_customer'): ?>
                <!-- Add Customer Form -->
                <h2 class="mb-4">Nouveau Client</h2>
                <form method="post">
                    <input type="hidden" name="csrf_token" value="<?= $csrfToken ?>">
                    <input type="hidden" name="action" value="create_customer">
                    <div class="row g-3">
                        <div class="col-md-12">
                            <label for="phone" class="form-label">Téléphone (requis):</label>
                            <input type="tel" class="form-control" id="phone" name="phone" required placeholder="0123456789">
                        </div>
                        <div class="col-md-6">
                            <label for="first_name" class="form-label">Prénom:</label>
                            <input type="text" class="form-control" id="first_name" name="first_name">
                        </div>
                        <div class="col-md-6">
                            <label for="last_name" class="form-label">Nom:</label>
                            <input type="text" class="form-control" id="last_name" name="last_name">
                        </div>
                        <div class="col-md-12">
                            <label for="address" class="form-label">Adresse:</label>
                            <textarea class="form-control" id="address" name="address" rows="3"></textarea>
                        </div>
                        <div class="col-md-6">
                            <label for="current_points" class="form-label">Points actuels:</label>
                            <input type="number" class="form-control" id="current_points" name="current_points" min="0" value="0">
                        </div>
                        <div class="col-md-6">
                            <label for="available_pizzas" class="form-label">Pizzas gratuites:</label>
                            <input type="number" class="form-control" id="available_pizzas" name="available_pizzas" min="0" value="0">
                        </div>
                        <div class="col-12">
                            <button type="submit" class="btn btn-primary">Créer Client</button>
                            <a href="?action=customers" class="btn btn-secondary">Annuler</a>
                        </div>
                    </div>
                </form>
                
            <?php elseif ($action === 'edit_customer' && $editCustomer): ?>
                <!-- Edit Customer Form -->
                <h2 class="mb-4">Modifier Client</h2>
                <form method="post">
                    <input type="hidden" name="csrf_token" value="<?= $csrfToken ?>">
                    <input type="hidden" name="action" value="update_customer">
                    <input type="hidden" name="customer_id" value="<?= $editCustomer['id'] ?>">
                    <div class="row g-3">
                        <div class="col-md-12">
                            <label for="phone" class="form-label">Téléphone:</label>
                            <input type="tel" class="form-control" id="phone" name="phone" required value="<?= htmlspecialchars($editCustomer['phone_number']) ?>">
                        </div>
                        <div class="col-md-6">
                            <label for="first_name" class="form-label">Prénom:</label>
                            <input type="text" class="form-control" id="first_name" name="first_name" value="<?= htmlspecialchars($editCustomer['first_name']) ?>">
                        </div>
                        <div class="col-md-6">
                            <label for="last_name" class="form-label">Nom:</label>
                            <input type="text" class="form-control" id="last_name" name="last_name" value="<?= htmlspecialchars($editCustomer['last_name']) ?>">
                        </div>
                        <div class="col-md-12">
                            <label for="address" class="form-label">Adresse:</label>
                            <textarea class="form-control" id="address" name="address" rows="3"><?= htmlspecialchars($editCustomer['address']) ?></textarea>
                        </div>
                        <div class="col-md-6">
                            <label for="current_points" class="form-label">Points actuels:</label>
                            <input type="number" class="form-control" id="current_points" name="current_points" min="0" value="<?= $editCustomer['current_points'] ?>">
                        </div>
                        <div class="col-md-6">
                            <label for="available_pizzas" class="form-label">Pizzas gratuites:</label>
                            <input type="number" class="form-control" id="available_pizzas" name="available_pizzas" min="0" value="<?= $editCustomer['available_free_pizzas'] ?>">
                        </div>
                        <div class="col-12">
                            <button type="submit" class="btn btn-primary">Mettre à jour</button>
                            <a href="?action=customers" class="btn btn-secondary">Annuler</a>
                        </div>
                    </div>
                </form>
                
            <?php elseif ($action === 'change_password'): ?>
                <!-- Change Password Form -->
                <h2 class="mb-4">Changer le mot de passe</h2>
                <form method="post" class="col-md-6">
                    <input type="hidden" name="csrf_token" value="<?= $csrfToken ?>">
                    <input type="hidden" name="action" value="update_password">
                    <div class="mb-3">
                        <label for="old_password" class="form-label">Ancien mot de passe:</label>
                        <input type="password" class="form-control" id="old_password" name="old_password" required>
                    </div>
                    <div class="mb-3">
                        <label for="new_password" class="form-label">Nouveau mot de passe:</label>
                        <input type="password" class="form-control" id="new_password" name="new_password" required>
                    </div>
                    <div class="mb-3">
                        <label for="confirm_password" class="form-label">Confirmer le nouveau mot de passe:</label>
                        <input type="password" class="form-control" id="confirm_password" name="confirm_password" required>
                    </div>
                    <button type="submit" class="btn btn-primary">Mettre à jour</button>
                </form>

            <?php elseif ($action === 'export'): ?>
                <!-- Export Page -->
                <div class="d-flex justify-content-between align-items-center mb-4">
                    <h2>Statistiques</h2>
                    <form method="get" class="row g-2 align-items-center">
                        <input type="hidden" name="action" value="export">
                        <div class="col-auto">
                            <input type="date" class="form-control" name="start_date" value="<?= $_GET['start_date'] ?? '' ?>" placeholder="Date de début">
                        </div>
                        <div class="col-auto">
                            <input type="date" class="form-control" name="end_date" value="<?= $_GET['end_date'] ?? '' ?>" placeholder="Date de fin">
                        </div>
                        <div class="col-auto">
                            <button type="submit" class="btn btn-secondary">Prévisualiser</button>
                        </div>
                    </form>
                </div>
                
                <?php if (!empty($stats)): ?>
                    <div class="row g-4 mb-4">
                        <div class="col-md-3">
                            <div class="card text-center">
                                <div class="card-body">
                                    <h3 class="card-title"><?= $stats['total_transactions'] ?></h3>
                                    <p class="card-text text-muted">Total Transactions</p>
                                </div>
                            </div>
                        </div>
                        <div class="col-md-3">
                            <div class="card text-center">
                                <div class="card-body">
                                    <h3 class="card-title"><?= $stats['point_additions'] ?></h3>
                                    <p class="card-text text-muted">Points Ajoutés</p>
                                </div>
                            </div>
                        </div>
                        <div class="col-md-3">
                            <div class="card text-center">
                                <div class="card-body">
                                    <h3 class="card-title"><?= $stats['pizza_redemptions'] ?></h3>
                                    <p class="card-text text-muted">Pizzas Échangées</p>
                                </div>
                            </div>
                        </div>
                        <div class="col-md-3">
                            <div class="card text-center">
                                <div class="card-body">
                                    <h3 class="card-title"><?= $stats['unique_customers'] ?></h3>
                                    <p class="card-text text-muted">Clients Uniques</p>
                                </div>
                            </div>
                        </div>
                    </div>
                <?php else: ?>
                    <div class="alert alert-info text-center">Sélectionnez une plage de dates pour prévisualiser les statistiques.</div>
                <?php endif; ?>
                
                <hr class="my-4">

                <div class="card">
                    <div class="card-header">
                        <h3>Export des Transactions</h3>
                    </div>
                    <div class="card-body">
                        <form method="get" action="?action=export_csv">
                            <input type="hidden" name="action" value="export_csv">
                            <div class="row g-3">
                                <div class="col-md-6">
                                    <label for="start_date" class="form-label">Date de début:</label>
                                    <input type="date" class="form-control" id="start_date" name="start_date" value="<?= $_GET['start_date'] ?? '' ?>" onchange="updateExportFilename()">
                                </div>
                                <div class="col-md-6">
                                    <label for="end_date" class="form-label">Date de fin:</label>
                                    <input type="date" class="form-control" id="end_date" name="end_date" value="<?= $_GET['end_date'] ?? '' ?>" onchange="updateExportFilename()">
                                </div>
                                <div class="col-md-12">
                                    <label for="transaction_type" class="form-label">Type de transaction:</label>
                                    <select class="form-select" id="transaction_type" name="transaction_type" onchange="updateExportFilename()">
                                        <option value="all">Tous</option>
                                        <option value="POINT_ADDITION">Ajout de points</option>
                                        <option value="PIZZA_REDEMPTION">Échange de pizzas</option>
                                    </select>
                                </div>
                                <div class="col-12">
                                    <p class="mb-2"><strong>Nom du fichier:</strong> <span id="export_filename">transactions.csv</span></p>
                                    <button type="submit" class="btn btn-primary">📥 Télécharger CSV</button>
                                </div>
                            </div>
                        </form>
                    </div>
                </div>
                
            <?php endif; ?>
            
            <!-- Modals -->
            
            <!-- Add Point Modal -->
            <div class="modal fade" id="addPointModal" tabindex="-1" aria-labelledby="addPointModalLabel" aria-hidden="true">
                <div class="modal-dialog">
                    <div class="modal-content">
                        <div class="modal-header">
                            <h5 class="modal-title" id="addPointModalLabel">Ajouter Points</h5>
                            <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
                        </div>
                        <div class="modal-body">
                            <p><span id="addPointConfirmationText"></span><strong id="addPointCustomerName"></strong>?</p>
                        </div>
                        <div class="modal-footer">
                            <form method="post">
                                <input type="hidden" name="csrf_token" value="<?= $csrfToken ?>">
                                <input type="hidden" name="action" value="add_point">
                                <input type="hidden" name="customer_id" id="addPointCustomerId">
                                <input type="hidden" name="customer_code" id="addPointCustomerCode">
                                <input type="hidden" name="points_to_add" id="addPointPointsToAdd">
                                <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Annuler</button>
                                <button type="submit" class="btn btn-success">Confirmer</button>
                            </form>
                        </div>
                    </div>
                </div>
            </div>
            
            <!-- Redeem Pizza Modal -->
            <div class="modal fade" id="redeemModal" tabindex="-1" aria-labelledby="redeemModalLabel" aria-hidden="true">
                <div class="modal-dialog">
                    <div class="modal-content">
                        <div class="modal-header">
                            <h5 class="modal-title" id="redeemModalLabel">Échanger pizza gratuite</h5>
                            <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
                        </div>
                        <div class="modal-body">
                            <p>Êtes-vous sûr de vouloir marquer une pizza gratuite comme utilisée pour <strong id="redeemCustomerName"></strong>?</p>
                        </div>
                        <div class="modal-footer">
                            <form method="post">
                                <input type="hidden" name="csrf_token" value="<?= $csrfToken ?>">
                                <input type="hidden" name="action" value="redeem_pizza">
                                <input type="hidden" name="customer_id" id="redeemCustomerId">
                                <input type="hidden" name="customer_code" id="redeemCustomerCode">
                                <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Annuler</button>
                                <button type="submit" class="btn btn-warning">Confirmer</button>
                            </form>
                        </div>
                    </div>
                </div>
            </div>
            
            <!-- Deactivate Customer Modal -->
            <div class="modal fade" id="deactivateModal" tabindex="-1" aria-labelledby="deactivateModalLabel" aria-hidden="true">
                <div class="modal-dialog">
                    <div class="modal-content">
                        <div class="modal-header">
                            <h5 class="modal-title" id="deactivateModalLabel">Désactiver Client</h5>
                            <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
                        </div>
                        <div class="modal-body">
                            <p>Êtes-vous sûr de vouloir désactiver <strong id="deactivateCustomerName"></strong>?</p>
                        </div>
                        <div class="modal-footer">
                            <form method="post">
                                <input type="hidden" name="csrf_token" value="<?= $csrfToken ?>">
                                <input type="hidden" name="action" value="deactivate_customer">
                                <input type="hidden" name="customer_id" id="deactivateCustomerId">
                                <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Annuler</button>
                                <button type="submit" class="btn btn-danger">Confirmer</button>
                            </form>
                        </div>
                    </div>
                </div>
            </div>
            
            <!-- Reactivate Customer Modal -->
            <div class="modal fade" id="reactivateModal" tabindex="-1" aria-labelledby="reactivateModalLabel" aria-hidden="true">
                <div class="modal-dialog">
                    <div class="modal-content">
                        <div class="modal-header">
                            <h5 class="modal-title" id="reactivateModalLabel">Réactiver Client</h5>
                            <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
                        </div>
                        <div class="modal-body">
                            <p>Êtes-vous sûr de vouloir réactiver <strong id="reactivateCustomerName"></strong>?</p>
                        </div>
                        <div class="modal-footer">
                            <form method="post">
                                <input type="hidden" name="csrf_token" value="<?= $csrfToken ?>">
                                <input type="hidden" name="action" value="reactivate_customer">
                                <input type="hidden" name="customer_id" id="reactivateCustomerId">
                                <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Annuler</button>
                                <button type="submit" class="btn btn-success">Confirmer</button>
                            </form>
                        </div>
                    </div>
                </div>
            </div>
            
        <?php endif; ?>
    </div>
    
    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js" integrity="sha384-YvpcrYf0tY3lHB60NNkmXc5s9fDVZLESaAA55NDzOxhy9GkcIdslK1eN7N6jIeHz" crossorigin="anonymous"></script>
    <script>
        // Initialize export filename on page load
        document.addEventListener('DOMContentLoaded', function() {
            if (typeof updateExportFilename === 'function') {
                updateExportFilename();
            }
        });

        function showModal(modalId) {
            const modal = new bootstrap.Modal(document.getElementById(modalId));
            modal.show();
        }

        function confirmAddPoint(form) {
            const customerId = form.customer_id.value;
            const customerCode = form.customer_code.value;
            const pointsToAdd = form.points_to_add.value;
            const customerName = form.dataset.customerName;
            
            document.getElementById('addPointCustomerId').value = customerId;
            document.getElementById('addPointCustomerCode').value = customerCode;
            document.getElementById('addPointPointsToAdd').value = pointsToAdd;
            document.getElementById('addPointCustomerName').textContent = customerName;
            document.getElementById('addPointConfirmationText').textContent = `Êtes-vous sûr de vouloir ajouter ${pointsToAdd} point(s) à `;
            
            showModal('addPointModal');
            return false;
        }
        
        function confirmRedeemPizza(customerId, customerCode, customerName) {
            document.getElementById('redeemCustomerId').value = customerId;
            document.getElementById('redeemCustomerCode').value = customerCode;
            document.getElementById('redeemCustomerName').textContent = customerName;
            showModal('redeemModal');
        }
        
        function confirmDeactivate(customerId, customerName) {
            document.getElementById('deactivateCustomerId').value = customerId;
            document.getElementById('deactivateCustomerName').textContent = customerName;
            showModal('deactivateModal');
        }
        
        function confirmReactivate(customerId, customerName) {
            document.getElementById('reactivateCustomerId').value = customerId;
            document.getElementById('reactivateCustomerName').textContent = customerName;
            showModal('reactivateModal');
        }
    </script>
</body>
</html>
@ Telegram