Jinsi ya Kutengeneza Admin Dashboard kwa PDO

Admin Dashboard ni interface ya kipekee kwa admins kudhibiti data na kuona takwimu za mfumo.
Misingi muhimu:

Authentication: Admin lazima aingie system.

PDO Database Access: Salama na inazuia SQL Injection.

CRUD Operations: Admin anaweza ku-view, add, update, delete data.

Dashboard Metrics: Onyesha statistics muhimu (mfano: total users, total posts, etc.).

⚙️ 2. Muundo wa Project

Tengeneza folder la project (admin_dashboard/) na files:

admin_dashboard/
├── config.php
├── login.php
├── dashboard.php
├── logout.php
├── users.php
├── add_user.php
├── edit_user.php
└── delete_user.php

🧩 3. Database Setup

Mfano wa table ya admins:

CREATE DATABASE admin_system;

USE admin_system;

CREATE TABLE admins (
id INT AUTO_INCREMENT PRIMARY KEY,
username VARCHAR(50) NOT NULL UNIQUE,
email VARCHAR(100) NOT NULL UNIQUE,
password VARCHAR(255) NOT NULL,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);


💡 Maelezo:

Password zinapaswa kuhash.

Unique constraints zinazuia duplicate usernames/emails.

⚙️ 4. Database Connection (config.php)
<?php
$dsn = "mysql:host=localhost;dbname=admin_system;charset=utf8mb4";
$username = "root";
$password = "";

try {
$pdo = new PDO($dsn, $username, $password);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
die("❌ Connection failed: " . $e->getMessage());
}
?>

🔑 5. Admin Login (login.php)
<?php
include 'config.php';
session_start();

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$email = trim($_POST['email']);
$password = $_POST['password'];

$stmt = $pdo->prepare("SELECT * FROM admins WHERE email = :email");
$stmt->execute(['email' => $email]);
$admin = $stmt->fetch(PDO::FETCH_ASSOC);

if ($admin && password_verify($password, $admin['password'])) {
session_regenerate_id(true);
$_SESSION['admin_id'] = $admin['id'];
$_SESSION['admin_username'] = $admin['username'];
header("Location: dashboard.php");
exit;
} else {
$error = "❌ Invalid email or password!";
}
}
?>

<h2>Admin Login</h2>
<form method="POST">
<input type="email" name="email" placeholder="Email" required><br><br>
<input type="password" name="password" placeholder="Password" required><br><br>
<button type="submit">Login</button>
</form>

<?php if(isset($error)) echo "<p style='color:red;'>$error</p>"; ?>

🧩 6. Dashboard (dashboard.php)
<?php
include 'config.php';
session_start();

if(!isset($_SESSION['admin_id'])){
header("Location: login.php");
exit;
}

// Count total users
$stmt = $pdo->query("SELECT COUNT(*) AS total_users FROM admins");
$totalUsers = $stmt->fetch(PDO::FETCH_ASSOC)['total_users'];
?>

<h1>Welcome, <?= htmlspecialchars($_SESSION['admin_username']) ?></h1>
<p>Total Admins: <?= $totalUsers ?></p>

<a href="users.php">Manage Users</a> | <a href="logout.php">Logout</a>


💡 Maelezo:

Admin hawezi kuingia dashboard bila login.

Inaonyesha statistics za msingi.

📝 7. CRUD Operations kwa Users

a) View Users (users.php)

<?php
include 'config.php';
session_start();
if(!isset($_SESSION['admin_id'])) header("Location: login.php");

$stmt = $pdo->query("SELECT * FROM admins ORDER BY id DESC");
?>

<h2>Admin Users List</h2>
<a href="add_user.php">➕ Add Admin</a><br><br>
<table border="1" cellpadding="8">
<tr><th>ID</th><th>Username</th><th>Email</th><th>Actions</th></tr>
<?php
while($row = $stmt->fetch(PDO::FETCH_ASSOC)){
echo "<tr>
<td>{$row['id']}</td>
<td>{$row['username']}</td>
<td>{$row['email']}</td>
<td>
<a href='edit_user.php?id={$row['id']}'>✏️ Edit</a> |
<a href='delete_user.php?id={$row['id']}' onclick='return confirm(\"Are you sure?\")'>🗑️ Delete</a>
</td>
</tr>";
}
?>
</table>


b) Add User (add_user.php)

<?php
include 'config.php';
session_start();
if(!isset($_SESSION['admin_id'])) header("Location: login.php");

if($_SERVER['REQUEST_METHOD'] === 'POST'){
$username = trim($_POST['username']);
$email = trim($_POST['email']);
$password = password_hash($_POST['password'], PASSWORD_DEFAULT);

$stmt = $pdo->prepare("INSERT INTO admins (username,email,password) VALUES (:username,:email,:password)");
$stmt->execute(['username'=>$username,'email'=>$email,'password'=>$password]);
echo "<p style='color:green;'>✅ Admin added successfully!</p>";
}
?>

<h2>Add Admin</h2>
<form method="POST">
<input type="text" name="username" placeholder="Username" required><br><br>
<input type="email" name="email" placeholder="Email" required><br><br>
<input type="password" name="password" placeholder="Password" required><br><br>
<button type="submit">Add Admin</button>
</form>
<a href="users.php">🔙 Back to Users</a>


c) Logout (logout.php)

<?php
session_start();
session_destroy();
header("Location: login.php");
exit;
?>

🧠 8. Security Tips

PDO + Prepared Statements kwa queries zote.

Password hashing kwa usalama.

Session regeneration (session_regenerate_id(true)) baada ya login.

Access control: Admin pages haziruhusiwi kwa users wengine.

Tumia HTTPS ili kulinda login credentials.

✅ 9. Hitimisho

Mfumo huu ni msingi wa Admin Dashboard salama.

Admin anaweza ku-view, add, edit, delete users.

PDO na password hashing inaboresha usalama wa system.

🔗 Tembelea:

👉 https://www.faulink.com/

Kwa mafunzo zaidi ya PHP, PDO, na web development ya kisasa.