adding small page to show all users

app-code/account/manage_users.php

@@ -0,0 +1,79 @@
+<!DOCTYPE html>
+<html lang="en" data-bs-theme="dark">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>User Management</title>
+    <?php
+      include "../assets/components.php";
+    ?>
+</head>
+<body>
+<div class="container mt-5">
+    <h1 class="mb-4">User Management</h1>
+    <table class="table table-bordered">
+        <thead>
+        <tr>
+            <th>ID</th>
+            <th>Username</th>
+            <th>Actions</th>
+        </tr>
+        </thead>
+        <tbody id="userTableBody">
+        <!-- User rows will be dynamically inserted here -->
+        </tbody>
+    </table>
+</div>
+
+<script>
+    async function fetchUsers() {
+        try {
+            const response = await fetch('/api/manage/fetch_users.php');
+            const data = await response.json();
+
+            if (data.success) {
+                const userTableBody = document.getElementById('userTableBody');
+                userTableBody.innerHTML = ''; // Clear existing rows
+
+                data.data.forEach(user => {
+                    const row = document.createElement('tr');
+                    row.innerHTML = `
+                        <td>${user.id}</td>
+                        <td>${user.username}</td>
+                        <td>
+                            <button class="btn btn-danger btn-sm" onclick="deleteUser(${user.id})">Delete</button>
+                        </td>
+                    `;
+                    userTableBody.appendChild(row);
+                });
+            } else {
+                console.error(data.message);
+            }
+        } catch (error) {
+            console.error('Error fetching users:', error);
+        }
+    }
+
+    async function deleteUser(userId) {
+        if (!confirm('Are you sure you want to delete this user?')) return;
+
+        try {
+            const response = await fetch(`/api/manage/delete_user.php?id=${userId}`, { method: 'DELETE' });
+            const data = await response.json();
+
+            if (data.success) {
+                alert('User deleted successfully!');
+                fetchUsers(); // Refresh the user list
+            } else {
+                alert(`Error: ${data.message}`);
+            }
+        } catch (error) {
+            console.error('Error deleting user:', error);
+        }
+    }
+
+    // Fetch users on page load
+    fetchUsers();
+</script>
+</body>
+</html>

app-code/api/manage/delete_user.php

@@ -0,0 +1,43 @@
+<?php
+header('Content-Type: application/json');
+session_start();
+//check for permisisons
+if (!isset($_SESSION["logged_in"]) || $_SESSION["logged_in"] !== true || $_SESSION["permissions"][0]!=="1" ) {
+    echo(json_encode(['success' => false, 'message'=>'not authenticated']));
+        exit();
+}
+include "../../config/config.php";
+
+$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD, $DB_DATABASE);
+
+if ($conn->connect_error) {
+    echo json_encode(['success' => false, 'message' => 'Database connection failed: ' . $conn->connect_error]);
+    exit;
+}
+
+if ($_SERVER['REQUEST_METHOD'] === 'DELETE' && isset($_GET['id'])) {
+    $id = (int) $_GET['id'];
+    $query = "DELETE FROM users WHERE id = ?";
+    $stmt = $conn->prepare($query);
+
+    if (!$stmt) {
+        echo json_encode(['success' => false, 'message' => 'Failed to prepare statement']);
+        exit;
+    }
+
+    $stmt->bind_param("i", $id);
+    $stmt->execute();
+
+    if ($stmt->affected_rows > 0) {
+        echo json_encode(['success' => true]);
+    } else {
+        echo json_encode(['success' => false, 'message' => 'User not found']);
+    }
+
+    $stmt->close();
+} else {
+    echo json_encode(['success' => false, 'message' => 'Invalid request']);
+}
+
+$conn->close();
+?>

app-code/api/manage/fetch_users.php

@@ -0,0 +1,38 @@
+<?php
+header('Content-Type: application/json');
+session_start();
+//check for permisisons
+if (!isset($_SESSION["logged_in"]) || $_SESSION["logged_in"] !== true || $_SESSION["permissions"][0]!=="1" ) {
+    echo(json_encode(['success' => false, 'message'=>'not authenticated']));
+    exit();
+}
+include "../../config/config.php";
+
+$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD, $DB_DATABASE);
+
+if ($conn->connect_error) {
+    echo json_encode(['success' => false, 'message' => 'Database connection failed: ' . $conn->connect_error]);
+    exit;
+}
+
+$query = "SELECT id, username FROM users";
+$stmt = $conn->prepare($query);
+
+if (!$stmt) {
+    echo json_encode(['success' => false, 'message' => 'Failed to prepare statement']);
+    exit;
+}
+
+$stmt->execute();
+$result = $stmt->get_result();
+$users = [];
+
+while ($row = $result->fetch_assoc()) {
+    $users[] = $row;
+}
+
+$stmt->close();
+$conn->close();
+
+echo json_encode(['success' => true, 'data' => $users]);
+?>