| Server IP : 72.60.21.38 / Your IP : 216.73.217.140 Web Server : LiteSpeed System : Linux uk-fast-web1372.main-hosting.eu 4.18.0-553.121.1.lve.el8.x86_64 #1 SMP Thu Apr 30 16:40:41 UTC 2026 x86_64 User : u390967363 ( 390967363) PHP Version : 8.2.30 Disable Function : system, exec, shell_exec, passthru, mysql_list_dbs, ini_alter, dl, symlink, link, chgrp, leak, popen, apache_child_terminate, virtual, mb_send_mail MySQL : OFF | cURL : ON | WGET : ON | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /home/u390967363/domains/aibenproperties.com/public_html/app/ |
Upload File : |
<?php
include 'includes/header.php';
require_once 'includes/db.php';
require_once 'includes/functions.php';
$role = strtolower($_SESSION['user_role'] ?? 'guest');
if (!in_array($role, ['auditor','super_admin'])) {
echo "<div class='container p-4'><div class='alert alert-danger'>Access denied.</div></div>";
include 'includes/footer.php';
exit;
}
$start = isset($_GET['start']) && $_GET['start'] ? $_GET['start'].' 00:00:00' : date('Y-m-01 00:00:00');
$end = isset($_GET['end']) && $_GET['end'] ? $_GET['end'].' 23:59:59' : date('Y-m-t 23:59:59');
$estate = $_GET['estate'] ?? '';
$approvedBy = isset($_GET['approved_by']) && ctype_digit($_GET['approved_by']) ? (int)$_GET['approved_by'] : null;
$export = $_GET['export'] ?? null;
$where = " WHERE a.created_at BETWEEN ? AND ? ";
$params = [$start,$end];
$joins = " LEFT JOIN users u ON a.user_id = u.id LEFT JOIN properties pr ON a.property_id = pr.id LEFT JOIN estates e ON pr.estate_id = e.id ";
if ($estate) { $where .= " AND e.name = ? "; $params[] = $estate; }
if ($approvedBy && function_exists('tableHasColumn') && tableHasColumn('allocations','exec_decided_by')) { $where .= " AND a.exec_decided_by = ? "; $params[] = $approvedBy; }
function scalar_kpi($pdo, $sql, $params = []) { try { $st = $pdo->prepare($sql); $st->execute($params); return (float)$st->fetchColumn(); } catch (Exception $e) { return 0; } }
$k_total = scalar_kpi($pdo, "SELECT COUNT(*) FROM allocations a ".$joins.$where, $params);
$k_pending = scalar_kpi($pdo, "SELECT COUNT(*) FROM allocations a ".$joins.$where." AND a.status IN ('pending','awaiting_approval')", $params);
$k_approved = scalar_kpi($pdo, "SELECT COUNT(*) FROM allocations a ".$joins.$where." AND a.status IN ('approved','active')", $params);
$k_letters = function_exists('tableHasColumn') && tableHasColumn('allocations','letter_generated') ? scalar_kpi($pdo, "SELECT COUNT(*) FROM allocations a ".$joins.$where." AND a.letter_generated = 1", $params) : 0;
$k_signed = function_exists('tableHasColumn') && tableHasColumn('allocations','letter_signed') ? scalar_kpi($pdo, "SELECT COUNT(*) FROM allocations a ".$joins.$where." AND a.letter_signed = 1", $params) : 0;
$k_edited = scalar_kpi($pdo, "SELECT COUNT(*) FROM allocations a ".$joins.$where." AND a.status IN ('approved','active') AND (a.updated_at > a.created_at)", $params);
if ($export) {
header('Content-Type: text/csv; charset=utf-8');
header('Content-Disposition: attachment; filename="allocation-audit.csv"');
$out = fopen('php://output', 'w');
fputcsv($out, ['Client','Estate','Plot','Total Paid','Status','Admin Review','Executive Approval','Letter Generated','Signature Applied','Created']);
fputcsv($out, ['Client','Estate','Plot','Total Paid','Status','Admin Review','Executive Approval','Letter Generated','Signature Applied','Created']);
$sql = "SELECT a.*, u.name AS client, e.name AS estate, pr.title AS plot FROM allocations a ".$joins.$where." ORDER BY a.created_at DESC";
$st = $pdo->prepare($sql); $st->execute($params);
while ($r = $st->fetch(PDO::FETCH_ASSOC)) {
$letterGen = isset($r['letter_generated']) ? ($r['letter_generated'] ? 'Yes' : 'No') : 'N/A';
$sig = isset($r['letter_signed']) ? ($r['letter_signed'] ? 'Yes' : 'No') : 'N/A';
fputcsv($out, [
$r['client'] ?? '',
$r['estate'] ?? '',
$r['plot'] ?? '',
$r['total_paid'] ?? '',
$r['status'] ?? '',
$r['reviewed_at'] ?? ($r['admin_reviewed_at'] ?? ''),
$r['exec_decided_at'] ?? '',
$letterGen,
$sig,
$r['created_at'] ?? ''
]);
}
exit;
}
$rows = [];
try{
$sql = "SELECT a.*, u.name AS client, e.name AS estate, pr.title AS plot FROM allocations a ".$joins.$where." ORDER BY a.created_at DESC LIMIT 500";
$st=$pdo->prepare($sql); $st->execute($params); $rows=$st->fetchAll(PDO::FETCH_ASSOC);
}catch(Exception $e){}
$estates = [];
try{ $q=$pdo->query("SELECT DISTINCT name FROM estates ORDER BY name ASC"); $estates=$q->fetchAll(PDO::FETCH_COLUMN);}catch(Exception $e){}
$users = [];
try{ $q=$pdo->query("SELECT id,name FROM users ORDER BY name ASC"); $users=$q->fetchAll(PDO::FETCH_ASSOC);}catch(Exception $e){}
?>
<div class="container-fluid py-4">
<div class="d-flex align-items-center justify-content-between mb-3">
<h2 class="mb-0">Allocation Logs</h2>
<form class="d-flex gap-2" method="get">
<input type="date" name="start" class="form-control form-control-sm" value="<?= htmlspecialchars(substr($start,0,10)) ?>">
<input type="date" name="end" class="form-control form-control-sm" value="<?= htmlspecialchars(substr($end,0,10)) ?>">
<select name="estate" class="form-select form-select-sm"><option value="">All estates</option><?php foreach($estates as $e): ?><option value="<?= htmlspecialchars($e) ?>" <?= $estate===$e?'selected':'' ?>><?= htmlspecialchars($e) ?></option><?php endforeach; ?></select>
<select name="approved_by" class="form-select form-select-sm"><option value="">Approved by</option><?php foreach($users as $u): ?><option value="<?= (int)$u['id'] ?>" <?= $approvedBy===(int)$u['id']?'selected':'' ?>><?= htmlspecialchars($u['name']) ?></option><?php endforeach; ?></select>
<button class="btn btn-dark btn-sm" type="submit">Apply</button>
<a class="btn btn-outline-secondary btn-sm" href="?start=<?= urlencode(substr($start,0,10)) ?>&end=<?= urlencode(substr($end,0,10)) ?>&estate=<?= urlencode($estate) ?>&approved_by=<?= urlencode($approvedBy ?? '') ?>&export=1">Export CSV</a>
</form>
</div>
<div class="row g-3 mb-3">
<div class="col-6 col-md-3"><div class="card shadow-sm"><div class="card-body"><div class="text-muted small">Allocations (count)</div><div class="h5 mb-0"><?= number_format($k_total) ?></div></div></div></div>
<div class="col-6 col-md-3"><div class="card shadow-sm"><div class="card-body"><div class="text-muted small">Pending</div><div class="h5 mb-0"><?= number_format($k_pending) ?></div></div></div></div>
<div class="col-6 col-md-3"><div class="card shadow-sm"><div class="card-body"><div class="text-muted small">Approved/Active</div><div class="h5 mb-0"><?= number_format($k_approved) ?></div></div></div></div>
<div class="col-6 col-md-3"><div class="card shadow-sm"><div class="card-body"><div class="text-muted small">Post-approval edits</div><div class="h5 mb-0"><?= number_format($k_edited) ?></div></div></div></div>
<div class="col-6 col-md-3"><div class="card shadow-sm"><div class="card-body"><div class="text-muted small">Letters generated</div><div class="h5 mb-0"><?= number_format($k_letters) ?></div></div></div></div>
<div class="col-6 col-md-3"><div class="card shadow-sm"><div class="card-body"><div class="text-muted small">Signatures applied</div><div class="h5 mb-0"><?= number_format($k_signed) ?></div></div></div></div>
</div>
<div class="card shadow-sm">
<div class="card-body p-0">
<div class="table-responsive">
<table class="table table-hover mb-0">
<thead class="table-light">
<tr>
<th>Client</th>
<th>Estate</th>
<th>Plot</th>
<th class="text-end">Total Paid</th>
<th>Status</th>
<th>Admin Review</th>
<th>Executive Approval</th>
<th>Letter Generated</th>
<th>Signature Applied</th>
<th>Created</th>
</tr>
</thead>
<tbody>
<?php if (empty($rows)): ?>
<tr><td colspan="10" class="text-center text-muted p-4">No records</td></tr>
<?php else: foreach ($rows as $r):
$letterGen = isset($r['letter_generated']) ? ($r['letter_generated'] ? 'Yes' : 'No') : 'N/A';
$sig = isset($r['letter_signed']) ? ($r['letter_signed'] ? 'Yes' : 'No') : 'N/A';
$adminDate = $r['reviewed_at'] ?? ($r['admin_reviewed_at'] ?? '');
?>
<tr>
<td><?= htmlspecialchars($r['client'] ?? '—') ?></td>
<td><?= htmlspecialchars($r['estate'] ?? '—') ?></td>
<td><?= htmlspecialchars($r['plot'] ?? '—') ?></td>
<td class="text-end"><?= isset($r['total_paid']) ? '₦'.number_format((float)$r['total_paid'],2) : '—' ?></td>
<td><?= htmlspecialchars($r['status'] ?? '—') ?></td>
<td><?= htmlspecialchars($adminDate) ?></td>
<td><?= htmlspecialchars($r['exec_decided_at'] ?? '') ?></td>
<td><?= htmlspecialchars($letterGen) ?></td>
<td><?= htmlspecialchars($sig) ?></td>
<td><?= htmlspecialchars($r['created_at'] ?? '') ?></td>
</tr>
<?php endforeach; endif; ?>
</tbody>
</table>
</div>
</div>
</div>
</div>
<script>
(function(){
let t; const logoutAfter=15*60*1000; const reset=()=>{clearTimeout(t);t=setTimeout(()=>location.href='logout.php?reason=idle',logoutAfter);};
['click','mousemove','keydown','scroll','touchstart'].forEach(ev=>window.addEventListener(ev,reset,{passive:true}));
reset();
})();
</script>
<?php include 'includes/footer.php'; ?>