Added new admin features, updated login functionality, and modified orders view

app/Http/Controllers/AdminController.php

@@ -2,8 +2,10 @@
 
 namespace App\Http\Controllers;
 
+use Illuminate\Support\Facades\URL;
 use App\Models\User;
 
+
 use Illuminate\Http\Request;
 use App\Models\Product;
 
@@ -169,4 +171,24 @@ class AdminController extends Controller
         }
         return redirect()->back();
     }
+
+    public function customers()
+    {
+        if (session()->get('type') == 'Admin') {
+            $customers = User::where('type', 'customer')->get();
+            return view('Dashboard.customers', compact('customers'));
+        }
+        return redirect()->back();
+    }
+
+    public function changeUserStatus($status, $id)
+    {
+        if (session()->get('type') == 'Admin') {
+            $user = User::find($id);
+            $user->status = $status;
+            $user->save();
+            return redirect()->back()->with('success', 'User Status Changed Successfully');
+        }
+        return redirect()->back();
+    }
 }

app/Http/Controllers/MainController.php

@@ -100,18 +100,44 @@ class MainController extends Controller
     //     }
     // }
 
+
+    //old loginUser
+    // public function loginUser(Request $data)
+    // {
+    //     $user = User::where('email', $data->input('email'))->first();
+
+    //     //if ($user && Hash::check($data->input('password'), $user->password)) {
+    //     if ($user && Hash::check($data->input('password'), $user->password) && $user->status == 'Active') {
+    //         session()->put('id', $user->id);
+    //         session()->put('type', $user->type);
+
+    //         if ($user->type == 'Customer') {
+    //             return redirect('/');
+    //         } else if ($user->type == 'Admin') {
+    //             return redirect('/admin');
+    //         }
+    //     }
+
+    //     return redirect('login')->with('error', 'Invalid email or password!');
+    // }
+
+    //new loginUser
     public function loginUser(Request $data)
     {
         $user = User::where('email', $data->input('email'))->first();
 
         if ($user && Hash::check($data->input('password'), $user->password)) {
-            session()->put('id', $user->id);
-            session()->put('type', $user->type);
+            if ($user->status == 'Active') {
+                session()->put('id', $user->id);
+                session()->put('type', $user->type);
 
-            if ($user->type == 'Customer') {
-                return redirect('/');
-            } else if ($user->type == 'Admin') {
-                return redirect('/admin');
+                if ($user->type == 'Customer') {
+                    return redirect('/');
+                } elseif ($user->type == 'Admin') {
+                    return redirect('/admin');
+                }
+            } elseif ($user->status == 'Blocked') {
+                return redirect('login')->with('error', 'Your account is blocked. Please contact support.');
             }
         }
 
@@ -214,21 +240,6 @@ class MainController extends Controller
     }
 
 
-    // public function myOrders()
-    // {
-    //     if (session()->has('id')) {
-    //         $orders = Order::where('customerId', session()->get('id'))->get();
-    //         // dd($orders);
-    //         $items = DB::table('products')
-    //             ->join('order_items', 'order_items.productId', '=', 'products.id')
-    //             ->select('products.name', 'products.picture', 'products.*')
-    //             ->get();
-
-    //         return view('orders', compact('orders', 'items'));
-    //     }
-
-    //     return view('login');
-    // }
 
     //old myOrders
     // public function myOrders()
@@ -250,19 +261,22 @@ class MainController extends Controller
     //new myOrders
     public function myOrders()
     {
-        if (session()->has('id')) {
-            $orders = Order::where('customerId', session()->get('id'))->get();
+        if (session()->get('type') == 'Customer') {
+            if (session()->has('id')) {
+                $orders = Order::where('customerId', session()->get('id'))->get();
 
-            $items = DB::table('products')
-                ->join('order_items', 'order_items.productId', '=', 'products.id')
-                ->select('products.name', 'products.picture', 'order_items.*')
+                $items = DB::table('products')
+                    ->join('order_items', 'order_items.productId', '=', 'products.id')
+                    ->select('products.name', 'products.picture', 'order_items.*')
 
-                ->get();
+                    ->get();
 
-            return view('orders', compact('orders', 'items'));
+                return view('orders', compact('orders', 'items'));
+            }
+
+            return view('login');
         }
-
-        return view('login');
+        return redirect()->back();
     }