logout(); } // Handle login form submission if ($_SERVER['REQUEST_METHOD'] === 'POST' && !$auth->isLoggedIn()) { $username = isset($_POST['username']) ? sanitize($_POST['username']) : ''; $password = isset($_POST['password']) ? $_POST['password'] : ''; $rememberMe = isset($_POST['remember_me']); if ($auth->login($username, $password, $rememberMe)) { header('Location: support.php'); exit; } else { $loginError = 'Invalid username or password.'; } } // Handle AJAX requests for logged-in admins if ($auth->isLoggedIn() && $_SERVER['REQUEST_METHOD'] === 'POST') { $action = isset($_POST['action']) ? $_POST['action'] : ''; $admin = $auth->getCurrentAdmin(); switch ($action) { // SUPPORT TICKET ACTIONS case 'update_status': $ticketId = isset($_POST['ticket_id']) ? intval($_POST['ticket_id']) : 0; $status = isset($_POST['status']) ? sanitize($_POST['status']) : ''; if ($ticketId && in_array($status, ['open', 'pending', 'resolved', 'closed'])) { $success = $auth->updateTicketStatus($ticketId, $status, $admin['id']); adminJsonResponse($success, $success ? 'Status updated successfully' : 'Failed to update status'); } else { adminJsonResponse(false, 'Invalid parameters'); } break; case 'assign_ticket': $ticketId = isset($_POST['ticket_id']) ? intval($_POST['ticket_id']) : 0; $adminId = isset($_POST['admin_id']) ? intval($_POST['admin_id']) : 0; if ($ticketId && $adminId) { $success = $auth->assignTicket($ticketId, $adminId); adminJsonResponse($success, $success ? 'Ticket assigned successfully' : 'Failed to assign ticket'); } else { adminJsonResponse(false, 'Invalid parameters'); } break; case 'add_reply': $ticketId = isset($_POST['ticket_id']) ? intval($_POST['ticket_id']) : 0; $message = isset($_POST['message']) ? trim($_POST['message']) : ''; $isInternal = isset($_POST['is_internal']) ? (bool)$_POST['is_internal'] : false; if ($ticketId && $message) { $messageId = $auth->addTicketReply($ticketId, $message, $admin['id'], $isInternal); if ($messageId) { // Handle file attachments using the exact message ID returned if ($supportHelperLoaded && !empty($_FILES['attachments']['name'][0])) { $pdo = $auth->getConnection(); handleSupportAttachments($pdo, intval($messageId), $_FILES['attachments']); } adminJsonResponse(true, 'Reply added successfully'); } else { adminJsonResponse(false, 'Failed to add reply'); } } else { adminJsonResponse(false, 'Message cannot be empty'); } break; // MEMBER REDEMPTION ACTIONS case 'update_redemption_status': $redemptionId = isset($_POST['redemption_id']) ? intval($_POST['redemption_id']) : 0; $newStatus = isset($_POST['status']) ? sanitize($_POST['status']) : ''; $adminNotes = isset($_POST['admin_notes']) ? sanitize($_POST['admin_notes']) : ''; $paymentRef = isset($_POST['payment_reference']) ? sanitize($_POST['payment_reference']) : null; $paymentMode = isset($_POST['payment_mode']) ? sanitize($_POST['payment_mode']) : 'UPI'; $disbursalDate = isset($_POST['disbursal_date']) && $_POST['disbursal_date'] !== '' ? sanitize($_POST['disbursal_date']) : null; if (!in_array($newStatus, ['pending', 'processing', 'completed', 'failed', 'cancelled'])) { adminJsonResponse(false, 'Invalid status'); } if ($newStatus === 'completed' && empty($paymentRef)) { adminJsonResponse(false, 'Transaction reference is required for completed payments'); } if ($redemptionId && $newStatus) { $success = $auth->updateRedemptionStatus($redemptionId, $newStatus, $adminNotes, $admin['id'], $paymentRef, $paymentMode, $disbursalDate); adminJsonResponse($success, $success ? 'Redemption status updated successfully' : 'Failed to update status'); } else { adminJsonResponse(false, 'Invalid parameters'); } break; // PARTNER REDEMPTION ACTIONS case 'update_partner_redemption_status': $redemptionId = isset($_POST['redemption_id']) ? intval($_POST['redemption_id']) : 0; $newStatus = isset($_POST['status']) ? sanitize($_POST['status']) : ''; $adminNotes = isset($_POST['admin_notes']) ? sanitize($_POST['admin_notes']) : ''; $paymentRef = isset($_POST['payment_reference']) ? sanitize($_POST['payment_reference']) : ''; $paymentMode = isset($_POST['payment_mode']) ? sanitize($_POST['payment_mode']) : 'UPI'; $paymentAmount = isset($_POST['payment_amount']) && $_POST['payment_amount'] !== '' ? floatval($_POST['payment_amount']) : null; $disbursalDate = isset($_POST['disbursal_date']) && $_POST['disbursal_date'] !== '' ? sanitize($_POST['disbursal_date']) : null; if (!in_array($newStatus, ['pending', 'processing', 'completed', 'rejected'])) { adminJsonResponse(false, 'Invalid status'); } if ($newStatus === 'completed' && empty($paymentRef)) { adminJsonResponse(false, 'Transaction number is required for completed payments'); } if ($redemptionId && $newStatus) { $result = $auth->updatePartnerRedemptionStatus($redemptionId, $newStatus, $adminNotes, $paymentRef, $admin['id'], $paymentMode, $paymentAmount, $disbursalDate); if ($result === true) { adminJsonResponse(true, 'Partner redemption updated successfully'); } else { adminJsonResponse(false, is_string($result) ? $result : 'Failed to update status'); } } else { adminJsonResponse(false, 'Invalid parameters'); } break; case 'create_admin': $username = isset($_POST['new_username']) ? sanitize($_POST['new_username']) : ''; $email = isset($_POST['new_email']) ? sanitize($_POST['new_email']) : ''; $password = isset($_POST['new_password']) ? $_POST['new_password'] : ''; $fullName = isset($_POST['new_full_name']) ? sanitize($_POST['new_full_name']) : ''; $role = isset($_POST['new_role']) ? sanitize($_POST['new_role']) : 'admin'; if ($username && $email && $password && $fullName) { $success = $auth->createAdmin($username, $email, $password, $fullName, $role); adminJsonResponse($success, $success ? 'Admin user created successfully' : 'Failed to create admin user (username or email may already exist)'); } else { adminJsonResponse(false, 'All fields are required'); } break; // USER MANAGEMENT ACTIONS (super_admin only) case 'create_user': if ($admin['role'] !== 'super_admin') { adminJsonResponse(false, 'Access denied'); break; } $uName = isset($_POST['full_name']) ? trim($_POST['full_name']) : ''; $uEmail = isset($_POST['email']) ? trim(strtolower($_POST['email'])) : ''; $uMobile = isset($_POST['mobile']) ? trim($_POST['mobile']) : ''; $uPassword = isset($_POST['password']) ? $_POST['password'] : ''; $uRole = isset($_POST['role']) ? sanitize($_POST['role']) : 'admin'; $uTabs = isset($_POST['allowed_tabs']) ? implode(',', $_POST['allowed_tabs']) : 'all'; $uTicketTypes = isset($_POST['allowed_ticket_types']) ? implode(',', $_POST['allowed_ticket_types']) : 'all'; if (empty($uName) || empty($uEmail) || empty($uPassword)) { adminJsonResponse(false, 'Name, email and password are required.'); break; } if (strlen($uPassword) < 6) { adminJsonResponse(false, 'Password must be at least 6 characters.'); break; } $result = $auth->createAdmin($uEmail, $uEmail, $uPassword, $uName, $uRole, $uMobile, $uTabs, $uTicketTypes); adminJsonResponse($result['success'], $result['message']); break; case 'update_user': if ($admin['role'] !== 'super_admin') { adminJsonResponse(false, 'Access denied'); break; } $uId = isset($_POST['user_id']) ? intval($_POST['user_id']) : 0; $uName = isset($_POST['full_name']) ? trim($_POST['full_name']) : ''; $uEmail = isset($_POST['email']) ? trim(strtolower($_POST['email'])) : ''; $uMobile = isset($_POST['mobile']) ? trim($_POST['mobile']) : ''; $uRole = isset($_POST['role']) ? sanitize($_POST['role']) : 'admin'; $uTabs = isset($_POST['allowed_tabs']) ? implode(',', $_POST['allowed_tabs']) : 'all'; $uTicketTypes = isset($_POST['allowed_ticket_types']) ? implode(',', $_POST['allowed_ticket_types']) : 'all'; $uPassword = isset($_POST['password']) && !empty($_POST['password']) ? $_POST['password'] : null; if (!$uId || empty($uName) || empty($uEmail)) { adminJsonResponse(false, 'Name and email are required.'); break; } if ($uPassword && strlen($uPassword) < 6) { adminJsonResponse(false, 'Password must be at least 6 characters.'); break; } $result = $auth->updateAdmin($uId, $uName, $uEmail, $uMobile, $uRole, $uTabs, $uTicketTypes, $uPassword); adminJsonResponse($result['success'], $result['message']); break; case 'toggle_user_status': if ($admin['role'] !== 'super_admin') { adminJsonResponse(false, 'Access denied'); break; } $uId = isset($_POST['user_id']) ? intval($_POST['user_id']) : 0; if ($uId) { $success = $auth->toggleAdminStatus($uId); adminJsonResponse($success, $success ? 'Status toggled successfully' : 'Cannot change this user\'s status'); } else { adminJsonResponse(false, 'Invalid user ID'); } break; default: adminJsonResponse(false, 'Invalid action'); } } // If admin is logged in, get data if ($auth->isLoggedIn()) { $admin = $auth->getCurrentAdmin(); $isSuperAdmin = ($admin['role'] === 'super_admin'); $allowedTicketTypes = $auth->getAllowedTicketTypes(); // Get current tab $currentTab = isset($_GET['tab']) ? sanitize($_GET['tab']) : 'tickets'; // Enforce tab permissions (users tab = super_admin only) if ($currentTab === 'users' && !$isSuperAdmin) $currentTab = 'tickets'; if (!$isSuperAdmin && !$auth->hasTabAccess($currentTab)) { // Fallback to first allowed tab $allTabs = ['tickets','redemptions','partner_redemptions']; $currentTab = 'tickets'; foreach ($allTabs as $t) { if ($auth->hasTabAccess($t)) { $currentTab = $t; break; } } } // Get filters from URL $statusFilter = isset($_GET['status']) ? sanitize($_GET['status']) : null; $priorityFilter = isset($_GET['priority']) ? sanitize($_GET['priority']) : null; $senderTypeFilter = isset($_GET['sender_type']) ? sanitize($_GET['sender_type']) : null; $dateFilter = isset($_GET['date_filter']) ? sanitize($_GET['date_filter']) : null; $page = isset($_GET['page']) ? max(1, intval($_GET['page'])) : 1; $limit = 25; $offset = ($page - 1) * $limit; // Get specific ticket if viewing one $viewTicketId = isset($_GET['ticket']) ? intval($_GET['ticket']) : null; $viewTicket = null; $ticketMessages = []; $messageAttachments = []; if ($viewTicketId) { $viewTicket = $auth->getTicketById($viewTicketId); if ($viewTicket) { $ticketMessages = $auth->getTicketMessages($viewTicketId, true); // Load attachments for all messages if ($supportHelperLoaded && !empty($ticketMessages)) { try { $db = new Database(); $pdo = $db->getConnection(); $msgIds = array_column($ticketMessages, 'id'); if (!empty($msgIds)) { $messageAttachments = getAttachmentsForMessages($pdo, $msgIds); } } catch (Exception $e) { $messageAttachments = []; } } } } // Get specific redemption if viewing one $viewRedemptionId = isset($_GET['redemption']) ? intval($_GET['redemption']) : null; $viewRedemption = null; if ($viewRedemptionId) { if ($currentTab === 'partner_redemptions') { $viewRedemption = $auth->getPartnerRedemptionById($viewRedemptionId); } else { $viewRedemption = $auth->getRedemptionById($viewRedemptionId); } } // Get data based on current tab if ($currentTab === 'redemptions') { $redemptions = $auth->getAllRedemptions($statusFilter, $dateFilter, $limit, $offset); $redemptionStats = $auth->getRedemptionStats(); } elseif ($currentTab === 'partner_redemptions') { $partnerRedemptions = $auth->getAllPartnerRedemptions($statusFilter, $dateFilter, $limit, $offset); $partnerRedemptionStats = $auth->getPartnerRedemptionStats(); } elseif ($currentTab === 'users' && $isSuperAdmin) { $allAdminUsers = $auth->getAllAdminUsersDetailed(); $editUserId = isset($_GET['edit_user']) ? intval($_GET['edit_user']) : null; $editUser = $editUserId ? $auth->getAdminById($editUserId) : null; } else { $tickets = $auth->getAllTickets($statusFilter, $priorityFilter, $senderTypeFilter, $limit, $offset, $allowedTicketTypes); $ticketStats = $auth->getTicketStats($allowedTicketTypes); } $adminUsers = $auth->getAdminUsers(); } ?> Support - Relevant Reflex
RELEVANT REFLEXADMIN PANEL isLoggedIn()): ?>
hasTabAccess('tickets')): ?> Tickets hasTabAccess('redemptions')): ?> Member Payouts hasTabAccess('partner_redemptions')): ?> Partner Payouts Users
() Logout
Admin Login
isLoggedIn()): ?>

Admin Login

Support & Payouts Management ADMIN

Manage support tickets, member redemptions, and partner payouts

Total Tickets
Open
Pending
Resolved
Member
Partner
Client
Total Redemptions
Pending
Processing
Completed
Pending Amount
Total Requests
Pending
Processing
Completed
Pending Amount
Total Users
$u['status'] === 'active')); ?>
Active
$u['role'] === 'super_admin')); ?>
Super Admins
$u['role'] === 'admin')); ?>
Admins
Back to Tickets

Ticket:

Partner Details:
Company:
Code:
Contact:
Email:
Client Details:
Company:
Client Code:
Contact Person:
Email:

User:

Status:

Priority:

Created:

Conversation
Internal

'; foreach ($messageAttachments[$message['id']] as $att) { $ext = strtolower(pathinfo($att['original_name'], PATHINFO_EXTENSION)); if (in_array($ext, ['jpg','jpeg','png','gif','webp'])) $icon = 'fa-file-image'; elseif ($ext === 'pdf') $icon = 'fa-file-pdf'; elseif (in_array($ext, ['doc','docx'])) $icon = 'fa-file-word'; elseif (in_array($ext, ['xls','xlsx','csv'])) $icon = 'fa-file-excel'; else $icon = 'fa-file-alt'; $sizeMB = number_format(($att['file_size'] ?? 0) / 1024 / 1024, 1); echo ' ' . htmlspecialchars($att['original_name']) . ' (' . $sizeMB . ' MB)'; } echo '
'; } } ?>
No Tickets Found

No support tickets match your current filters.

Subject Type From Priority Status Date Msgs
Back to Redemptions

Redemption Request Details

Request ID:

User:

Amount:

Points: points

UPI ID:

Status:

Created:

Processed:

Processed by:

Txn Ref:

Payment Mode:

Disbursal Date:

Admin Notes:
User Points Summary:
Current Balance: points | Total Earned: points | Total Redeemed: points
No Redemptions Found

No redemption requests match your current filters.

Request ID User Amount Points UPI Status Date
by
Back to Partner Redemptions

Partner Redemption Details PARTNER

Request ID:

Amount:

UPI ID:

Transaction No:

Paid Amount:

Status:

Created:

Payment Mode:

Disbursal Date:

Processed:

Partner Details:
Company:
Code:
Contact:
Email:
Mobile:

Commission Balance: ₹
Total Earned: ₹
Total Redeemed: ₹
Signups: (Verified: )
Admin Notes:
Rejection Reason:
No Partner Redemptions Found

No partner redemption requests match your current filters.

Request ID Partner Amount UPI Status Date
PARTNER
Back to Users
Edit User:
No Users Found
Name Email Mobile Role Menu Access Ticket Types Status Last Login
SUPER ADMIN ADMIN All'; } else { $tabMap = ['tickets'=>'Tickets','redemptions'=>'M. Payouts','partner_redemptions'=>'P. Payouts']; foreach (explode(',', $tabs) as $t) { echo '' . ($tabMap[trim($t)] ?? trim($t)) . ' '; } } ?> All'; } else { foreach (explode(',', $types) as $t) { $t = trim($t); echo '' . ucfirst($t) . ' '; } } ?> Active Inactive