admin 1

Admin/adminUser/add.php

@@ -1,25 +1,46 @@
 <?php
-require_once __DIR__ . '/../../connect.php';
+require_once __DIR__ . '/../../core/bootstrap.php';
 
-$deviceNumber = filterRequest("deviceNumber"); // Assuming you'll get deviceNumber as input
+$deviceNumber = filterRequest("deviceNumber");
 $name = filterRequest("name");
+$password = filterRequest("password");
+$role = filterRequest("role") ?? 'admin';
 
-$sql = "INSERT INTO `adminUser`(`id`, `device_number`, `name`) VALUES (
-  UUID(),
-  :deviceNumber,
-  :name
-)";
+if (empty($name) || empty($password)) {
+    jsonError("Name and password are required.");
+    exit;
+}
 
-$stmt = $con->prepare($sql);
-$stmt->bindParam(':deviceNumber', $deviceNumber);
-$stmt->bindParam(':name', $name);
-$stmt->execute();
+try {
+    $con = Database::get('main');
+    
+    // Hash the password for security
+    $hashedPassword = password_hash($password, PASSWORD_DEFAULT);
 
-if ($stmt->rowCount() > 0) {
-  // Print a success message
-  jsonSuccess($message = "Admin user data saved successfully");
-} else {
-  // Print a failure message
-  jsonError($message = "Failed to save admin user data");
+    $sql = "INSERT INTO `adminUser`(`id`, `device_number`, `name`, `password`, `role`) VALUES (
+      UUID(),
+      :deviceNumber,
+      :name,
+      :password,
+      :role
+    )";
+
+    $stmt = $con->prepare($sql);
+    $stmt->execute([
+        ':deviceNumber' => $deviceNumber,
+        ':name' => $name,
+        ':password' => $hashedPassword,
+        ':role' => $role
+    ]);
+
+    if ($stmt->rowCount() > 0) {
+      jsonSuccess("Admin user data saved successfully");
+    } else {
+      jsonError("Failed to save admin user data");
+    }
+} catch (Exception $e) {
+    error_log("[Admin Add Error] " . $e->getMessage());
+    jsonError("Database error: " . $e->getMessage());
 }
 ?>
+