From 710295fea36edc88ff0df73446917ab4c1b0bebf Mon Sep 17 00:00:00 2001
From: JunBarroga <jjbarroga@premiummegastructures.com>
Date: Fri, 1 Mar 2024 10:28:18 +0800
Subject: [PATCH] first commit

---
 admin-test.php       |  99 +++++++++++
 functions-test.php   | 401 +++++++++++++++++++++++++++++++++++++++++++
 header.php           |  65 +++++++
 index.php            |   3 +
 login/action.php     |  37 ++++
 login/index.php      |  74 ++++++++
 logout.php           |   6 +
 users/index.php      |   3 +
 users/users-test.php | 102 +++++++++++
 9 files changed, 790 insertions(+)
 create mode 100644 admin-test.php
 create mode 100644 functions-test.php
 create mode 100644 header.php
 create mode 100644 index.php
 create mode 100644 login/action.php
 create mode 100644 login/index.php
 create mode 100644 logout.php
 create mode 100644 users/index.php
 create mode 100644 users/users-test.php

diff --git a/admin-test.php b/admin-test.php
new file mode 100644
index 0000000..a2158c5
--- /dev/null
+++ b/admin-test.php
@@ -0,0 +1,99 @@
+<?php
+session_start();
+if (!isset($_SESSION['token'])) {
+	header("Location: /login/");
+	exit();
+}
+$user_id = $_SESSION['user_id'];
+?>
+<!DOCTYPE html>
+<html>
+<?php include 'header.php'; ?>
+<script type="text/javascript" class="init">
+	$(document).ready(function() {
+		$('#example').DataTable({
+			dom: 'Bfrtip',
+			buttons: [
+				'csv'
+			],
+			responsive: true
+		});
+	});
+</script>
+
+<body class="dt-example dt-example-bootstrap" >
+	<nav class="navbar navbar-default">
+		<div class="container-fluid">
+			<div class="navbar-header">
+				<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1" aria-expanded="false">
+					<span class="sr-only">Toggle navigation</span>
+					<span class="icon-bar"></span>
+					<span class="icon-bar"></span>
+					<span class="icon-bar"></span>
+				</button>
+				<a class="navbar-brand" href="#">oBananaPay</a>
+			</div>
+
+			<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
+				<ul class="nav navbar-nav">
+					<li class="active"><a href="#">Transactions</a></li>
+					<li><a href="/users/users-test.php">Users</a></li>
+					<!-- <li class="dropdown">
+                        <a class="dropdown-toggle" data-toggle="dropdown" href="#">Loan
+                            <span class="caret"></span></a>
+                        <ul class="dropdown-menu">
+                            <li><a href="/loan/">Applications</a></li>
+                            <li><a href="/loan/transfer.php">Batch Transfer</a></li>
+                            <li><a href="/loan/payment.php">Payments</a></li>
+                        </ul>
+                    </li> -->
+				</ul>
+				<ul class="nav navbar-nav navbar-right">
+					<li><a href="/logout.php">Logout <span class="glyphicon glyphicon-log-out" aria-hidden="true"></span></a></li>
+				</ul>
+			</div>
+		</div>
+	</nav>
+	<div class="container">
+		<h1>Transactions</h1>
+		<?php
+		include 'functions-test.php';
+		$response = get_transactions();
+		$array = json_decode($response, true);
+		?>
+		<table id="example" class="table table-bordered display responsive nowrap" style="width:100%">
+			<thead>
+				<tr>
+					<th width='1'>ID</th>
+					<th>Date</th>
+					<th>Time</th>
+					<th>From</th>
+					<th>To</th>
+					<th>Amount</th>
+					<th>Notes</th>
+					<th>Ref. No.</th>
+				</tr>
+			</thead>
+			<tbody>
+				<?php
+				foreach ($array as $x => $val) {
+					echo "<tr>";
+					echo "<td>" . $val['transaction']['_id'] . "</td>";
+					echo "<td>" . substr($val['transaction']['createdAt'], 0, 10)  . "</td>";
+					echo "<td>" . substr($val['transaction']['createdAt'], 11, 8)  . "</td>";
+					//echo "<td>" . $val['userDetails']['senderNumber'] . "</td>";
+					echo "<td>" . $val['userDetails']['senderName'] . "</td>";
+					//echo "<td>" . $val['userDetails']['receiverNumber'] . "</td>";
+					echo "<td>" . $val['userDetails']['receiverName'] . "</td>";
+					echo "<td>" . number_format($val['transaction']['amount'], 2, '.', ',') . "</td>";
+					echo "<td>" . $val['transaction']['notes'] . "</td>";
+					echo "<td>" . $val['transaction']['ref_no'] . "</td>";
+					echo "</tr>";
+				}
+				?>
+			</tbody>
+		</table>
+	</div>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/functions-test.php b/functions-test.php
new file mode 100644
index 0000000..4b9ba1e
--- /dev/null
+++ b/functions-test.php
@@ -0,0 +1,401 @@
+<?php
+
+function validate_user($id, $pwd)
+{
+    $curl = curl_init();
+    $url = "172.17.0.3:3000/api/users/id/$id";
+    curl_setopt($curl, CURLOPT_URL, $url);
+    curl_setopt_array(
+        $curl,
+        array(
+            //CURLOPT_URL => '172.17.0.3:3000/api/users/id/648058013436143c807101e4',
+            CURLOPT_RETURNTRANSFER => true,
+            CURLOPT_ENCODING => '',
+            CURLOPT_MAXREDIRS => 10,
+            CURLOPT_TIMEOUT => 0,
+            CURLOPT_FOLLOWLOCATION => true,
+            CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
+            CURLOPT_CUSTOMREQUEST => 'GET',
+            CURLOPT_HTTPHEADER => array(
+                'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjY0MmUzYTIzOTQwNTg5Y2UxM2Q4MjVlOSIsImlhdCI6MTY4MDc1MTI4M30.nk_GgSbyA8WuGYa9DgKJNvCVjl5GLHPAOt2rOujwUxs'
+            ),
+        )
+    );
+    $response = curl_exec($curl);
+    curl_close($curl);
+    $array = json_decode($response, true);
+    if ($array['user']['password'] == $pwd) {
+        return true;
+    } else {
+        return false;
+    }
+}
+
+function get_user_info($email)
+{
+    $curl = curl_init();
+    //$url = "172.17.0.3:3000/api/users/id/$email";
+    $url = "172.17.0.3:3000/api/users/$email";
+    curl_setopt($curl, CURLOPT_URL, $url);
+    curl_setopt_array($curl, array(
+        //CURLOPT_URL => '172.17.0.3:3000/api/users/egalang@premiummegastructures.com',
+        CURLOPT_RETURNTRANSFER => true,
+        CURLOPT_ENCODING => '',
+        CURLOPT_MAXREDIRS => 10,
+        CURLOPT_TIMEOUT => 0,
+        CURLOPT_FOLLOWLOCATION => true,
+        CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
+        CURLOPT_CUSTOMREQUEST => 'GET',
+        CURLOPT_HTTPHEADER => array(
+            'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjY0MmUzYTIzOTQwNTg5Y2UxM2Q4MjVlOSIsImlhdCI6MTY4MDc1MTI4M30.nk_GgSbyA8WuGYa9DgKJNvCVjl5GLHPAOt2rOujwUxs'
+        ),
+    ));
+
+    $response = curl_exec($curl);
+
+    curl_close($curl);
+    return $response;
+}
+
+function get_user_info2($email)
+{
+    $curl = curl_init();
+    $url = "http://172.17.0.3:3000/api/users/id/$email";
+    curl_setopt($curl, CURLOPT_URL, $url);
+    curl_setopt_array($curl, array(
+        //CURLOPT_URL => 'https://api.obananapay.com/api/users/egalang@premiummegastructures.com',
+        CURLOPT_RETURNTRANSFER => true,
+        CURLOPT_ENCODING => '',
+        CURLOPT_MAXREDIRS => 10,
+        CURLOPT_TIMEOUT => 0,
+        CURLOPT_FOLLOWLOCATION => true,
+        CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
+        CURLOPT_CUSTOMREQUEST => 'GET',
+        CURLOPT_HTTPHEADER => array(
+            'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjY0MmUzYTIzOTQwNTg5Y2UxM2Q4MjVlOSIsImlhdCI6MTY4MDc1MTI4M30.nk_GgSbyA8WuGYa9DgKJNvCVjl5GLHPAOt2rOujwUxs'
+        ),
+    ));
+
+    $response = curl_exec($curl);
+
+    curl_close($curl);
+    return $response;
+}
+
+function activate_account($user_id)
+{
+    $curl = curl_init();
+    $url = "172.17.0.3:3000/api/users/$user_id/sub";
+    curl_setopt($curl, CURLOPT_URL, $url);
+    curl_setopt_array($curl, array(
+        //CURLOPT_URL => '172.17.0.3:3000/api/users/645a0c93008258b5e9a2cd20/sub',
+        CURLOPT_RETURNTRANSFER => true,
+        CURLOPT_ENCODING => '',
+        CURLOPT_MAXREDIRS => 10,
+        CURLOPT_TIMEOUT => 0,
+        CURLOPT_FOLLOWLOCATION => true,
+        CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
+        CURLOPT_CUSTOMREQUEST => 'PATCH',
+        CURLOPT_POSTFIELDS => '{"status":"validated"}',
+        CURLOPT_HTTPHEADER => array(
+            'Content-Type: application/json',
+            'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjY0MjRkOTYyZmNiMWU0ZjgyNDU0NmM4OSIsImlhdCI6MTY4MDEzNzU2NH0.9EHOeaXkYS5mGYG-g-_tgRpw338JzxECLec9cU2zhys'
+        ),
+    ));
+    $response = curl_exec($curl);
+    curl_close($curl);
+    return $response;
+}
+
+function get_transactions()
+{
+    $curl = curl_init();
+
+    curl_setopt_array($curl, array(
+        CURLOPT_URL => '172.17.0.3:3000/api/transactions/',
+        CURLOPT_RETURNTRANSFER => true,
+        CURLOPT_ENCODING => '',
+        CURLOPT_MAXREDIRS => 10,
+        CURLOPT_TIMEOUT => 0,
+        CURLOPT_FOLLOWLOCATION => true,
+        CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
+        CURLOPT_CUSTOMREQUEST => 'GET',
+        CURLOPT_HTTPHEADER => array(
+            'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjY0MmUzYTIzOTQwNTg5Y2UxM2Q4MjVlOSIsImlhdCI6MTY4MDc1MTI4M30.nk_GgSbyA8WuGYa9DgKJNvCVjl5GLHPAOt2rOujwUxs'
+        ),
+    ));
+
+    $response = curl_exec($curl);
+
+    curl_close($curl);
+    return $response;
+}
+
+function get_users()
+{
+    $curl = curl_init();
+
+    curl_setopt_array($curl, array(
+        CURLOPT_URL => '172.17.0.3:3000/api/users/',
+        CURLOPT_RETURNTRANSFER => true,
+        CURLOPT_ENCODING => '',
+        CURLOPT_MAXREDIRS => 10,
+        CURLOPT_TIMEOUT => 0,
+        CURLOPT_FOLLOWLOCATION => true,
+        CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
+        CURLOPT_CUSTOMREQUEST => 'GET',
+        CURLOPT_HTTPHEADER => array(
+            'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjY0MmUzYTIzOTQwNTg5Y2UxM2Q4MjVlOSIsImlhdCI6MTY4MDc1MTI4M30.nk_GgSbyA8WuGYa9DgKJNvCVjl5GLHPAOt2rOujwUxs'
+        ),
+    ));
+
+    $response = curl_exec($curl);
+
+    curl_close($curl);
+    return $response;
+}
+
+function user_login($email, $password)
+{
+    $curl = curl_init();
+    $postfields = '{"users":"' . $email . '", "password":"' . $password . '"}';
+    curl_setopt($curl, CURLOPT_POSTFIELDS, $postfields);
+    curl_setopt_array($curl, array(
+        CURLOPT_URL => '172.17.0.3:3000/api/auth/login',
+        CURLOPT_RETURNTRANSFER => true,
+        CURLOPT_ENCODING => '',
+        CURLOPT_MAXREDIRS => 10,
+        CURLOPT_TIMEOUT => 0,
+        CURLOPT_FOLLOWLOCATION => true,
+        CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
+        CURLOPT_CUSTOMREQUEST => 'POST',
+        //CURLOPT_POSTFIELDS => '{"users":"webdev@obanana.com", "password":"P@$$w0rd!"}',
+        CURLOPT_HTTPHEADER => array(
+            'Content-Type: application/json'
+        ),
+    ));
+
+    $response = curl_exec($curl);
+
+    curl_close($curl);
+    return $response;
+}
+
+function user_balance($user_id, $token)
+{
+    $curl = curl_init();
+    $url = "172.17.0.3:3000/api/users/id/$user_id";
+    $httpheader = "Authorization: Bearer $token";
+    curl_setopt($curl, CURLOPT_URL, $url);
+    curl_setopt($curl, CURLOPT_HTTPHEADER, array($httpheader));
+    curl_setopt_array($curl, array(
+        //CURLOPT_URL => '172.17.0.3:3000/api/users/id/6458dd6066139b3fee29a9cf',
+        CURLOPT_RETURNTRANSFER => true,
+        CURLOPT_ENCODING => '',
+        CURLOPT_MAXREDIRS => 10,
+        CURLOPT_TIMEOUT => 0,
+        CURLOPT_FOLLOWLOCATION => true,
+        CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
+        CURLOPT_CUSTOMREQUEST => 'GET',
+        //CURLOPT_HTTPHEADER => array('Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjY0MmUzYTIzOTQwNTg5Y2UxM2Q4MjVlOSIsImlhdCI6MTY4MDc1MTI4M30.nk_GgSbyA8WuGYa9DgKJNvCVjl5GLHPAOt2rOujwUxs'),
+    ));
+
+    $response = curl_exec($curl);
+
+    curl_close($curl);
+    return $response;
+}
+
+function random_string($n)
+{
+    $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
+    $randomString = '';
+
+    for ($i = 0; $i < $n; $i++) {
+        $index = rand(0, strlen($characters) - 1);
+        $randomString .= $characters[$index];
+    }
+
+    return $randomString;
+}
+
+function cash_in($user_id, $amount, $notes, $refno)
+{
+    $curl = curl_init();
+    $postfields = '{
+        "from_id":"6458dd6066139b3fee29a9cf",
+        "to_id":"' . $user_id . '",
+        "amount": ' . $amount . ',
+        "type":"cash in",
+        "status":"new",
+        "notes":"' . $notes . '",
+        "ref_no":"' . $refno . '"
+      }';
+    curl_setopt($curl, CURLOPT_POSTFIELDS, $postfields);
+    curl_setopt_array($curl, array(
+        CURLOPT_URL => '172.17.0.3:3000/api/transactions/create',
+        CURLOPT_RETURNTRANSFER => true,
+        CURLOPT_ENCODING => '',
+        CURLOPT_MAXREDIRS => 10,
+        CURLOPT_TIMEOUT => 0,
+        CURLOPT_FOLLOWLOCATION => true,
+        CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
+        CURLOPT_CUSTOMREQUEST => 'POST',
+        CURLOPT_HTTPHEADER => array(
+            'Content-Type: application/json',
+            'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjY0MjRkOTYyZmNiMWU0ZjgyNDU0NmM4OSIsImlhdCI6MTY4MDEzNzU2NH0.9EHOeaXkYS5mGYG-g-_tgRpw338JzxECLec9cU2zhys'
+        ),
+    ));
+
+    $response = curl_exec($curl);
+
+    curl_close($curl);
+    return $response;
+}
+
+function cash_out($user_id, $amount, $notes, $refno)
+{
+    $curl = curl_init();
+    $postfields = '{
+        "from_id":"' . $user_id . '",
+        "to_id":"6458dd6066139b3fee29a9cf",
+        "amount": ' . $amount . ',
+        "type":"cash in",
+        "status":"new",
+        "notes":"' . $notes . '",
+        "ref_no":"' . $refno . '"
+      }';
+    curl_setopt($curl, CURLOPT_POSTFIELDS, $postfields);
+    curl_setopt_array($curl, array(
+        CURLOPT_URL => '172.17.0.3:3000/api/transactions/create',
+        CURLOPT_RETURNTRANSFER => true,
+        CURLOPT_ENCODING => '',
+        CURLOPT_MAXREDIRS => 10,
+        CURLOPT_TIMEOUT => 0,
+        CURLOPT_FOLLOWLOCATION => true,
+        CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
+        CURLOPT_CUSTOMREQUEST => 'POST',
+        CURLOPT_HTTPHEADER => array(
+            'Content-Type: application/json',
+            'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjY0MjRkOTYyZmNiMWU0ZjgyNDU0NmM4OSIsImlhdCI6MTY4MDEzNzU2NH0.9EHOeaXkYS5mGYG-g-_tgRpw338JzxECLec9cU2zhys'
+        ),
+    ));
+
+    $response = curl_exec($curl);
+
+    curl_close($curl);
+    return $response;
+}
+
+function create_notification($to_id, $amount)
+{
+    $curl = curl_init();
+    $postfields = '{
+        "from_id":"6458dd6066139b3fee29a9cf",
+      "to_id":"' . $to_id . '",
+      "title":"Cash-In Received",
+      "message":"You have received PHP' . $amount . '.",
+      "status":"new"
+      }
+      ';
+    curl_setopt($curl, CURLOPT_POSTFIELDS, $postfields);
+    curl_setopt_array($curl, array(
+        CURLOPT_URL => '172.17.0.3:3000/api/notifications/create',
+        CURLOPT_RETURNTRANSFER => true,
+        CURLOPT_ENCODING => '',
+        CURLOPT_MAXREDIRS => 10,
+        CURLOPT_TIMEOUT => 0,
+        CURLOPT_FOLLOWLOCATION => true,
+        CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
+        CURLOPT_CUSTOMREQUEST => 'POST',
+        CURLOPT_HTTPHEADER => array(
+            'Content-Type: application/json',
+            'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjY0MjE1NmU0ZTVhMTUwNjk2MTI3NGYyMCIsImlhdCI6MTY3OTkwNjU2OH0.1hDJwO760_p83FsQQwCduz0PIBBNFnMKYK3RvDqE9dA'
+        ),
+    ));
+
+    $response = curl_exec($curl);
+
+    curl_close($curl);
+    return $response;
+}
+
+function create_notification_co($from_id, $amount)
+{
+    $curl = curl_init();
+    $postfields = '{
+        "from_id":"' . $from_id . '",
+      "to_id":"6458dd6066139b3fee29a9cf",
+      "title":"Cash-out completed",
+      "message":"You have sent PHP' . $amount . '.",
+      "status":"new"
+      }
+      ';
+    curl_setopt($curl, CURLOPT_POSTFIELDS, $postfields);
+    curl_setopt_array($curl, array(
+        CURLOPT_URL => '172.17.0.3:3000/api/notifications/create',
+        CURLOPT_RETURNTRANSFER => true,
+        CURLOPT_ENCODING => '',
+        CURLOPT_MAXREDIRS => 10,
+        CURLOPT_TIMEOUT => 0,
+        CURLOPT_FOLLOWLOCATION => true,
+        CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
+        CURLOPT_CUSTOMREQUEST => 'POST',
+        CURLOPT_HTTPHEADER => array(
+            'Content-Type: application/json',
+            'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjY0MjE1NmU0ZTVhMTUwNjk2MTI3NGYyMCIsImlhdCI6MTY3OTkwNjU2OH0.1hDJwO760_p83FsQQwCduz0PIBBNFnMKYK3RvDqE9dA'
+        ),
+    ));
+
+    $response = curl_exec($curl);
+
+    curl_close($curl);
+    return $response;
+}
+
+function sendSMSotp($phone, $otp)
+{
+    $curl = curl_init();
+    $url = "http://124.6.185.87:1688/services/api/messaging/?To=$phone&Message=Your%20One-Time%20PIN%20is%20$otp.%20DO%20NOT%20SHARE%20THIS%20WITH%20ANYONE.%20If%20you%20did%20not%20request%20for%20an%20OTP%2C%20pls%20call%20(02)%208807-6379";
+    curl_setopt($curl, CURLOPT_URL, $url);
+    curl_setopt_array($curl, array(
+        //CURLOPT_URL => 'http://124.6.185.87:1688/services/api/messaging/?To=09475367847&Message=Your%20One-Time%20PIN%20is%20OgsKLi.%20DO%20NOT%20SHARE%20THIS%20WITH%20ANYONE.%20If%20you%20did%20not%20request%20for%20an%20OTP%2C%20pls%20call%20(02)%208807-6379',
+        CURLOPT_RETURNTRANSFER => true,
+        CURLOPT_ENCODING => '',
+        CURLOPT_MAXREDIRS => 10,
+        CURLOPT_TIMEOUT => 0,
+        CURLOPT_FOLLOWLOCATION => true,
+        CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
+        CURLOPT_CUSTOMREQUEST => 'POST',
+    ));
+
+    $response = curl_exec($curl);
+
+    curl_close($curl);
+    return $response;
+}
+
+function getUserById($id)
+{
+    $curl = curl_init();
+    $url = "172.17.0.3:3000/api/users/id/".$id;
+    curl_setopt($curl,CURLOPT_URL,$url);
+    curl_setopt_array($curl, array(
+        //CURLOPT_URL => 'https://api.obpay.online/api/users/id/6458dd6066139b3fee29a9cf',
+        CURLOPT_RETURNTRANSFER => true,
+        CURLOPT_ENCODING => '',
+        CURLOPT_MAXREDIRS => 10,
+        CURLOPT_TIMEOUT => 0,
+        CURLOPT_FOLLOWLOCATION => true,
+        CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
+        CURLOPT_CUSTOMREQUEST => 'GET',
+        CURLOPT_HTTPHEADER => array(
+            'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjY0MmUzYTIzOTQwNTg5Y2UxM2Q4MjVlOSIsImlhdCI6MTY4MDc1MTI4M30.nk_GgSbyA8WuGYa9DgKJNvCVjl5GLHPAOt2rOujwUxs'
+        ),
+    ));
+
+    $response = curl_exec($curl);
+
+    curl_close($curl);
+    return $response;
+}
diff --git a/header.php b/header.php
new file mode 100644
index 0000000..eb76437
--- /dev/null
+++ b/header.php
@@ -0,0 +1,65 @@
+<head>
+	<title>oBananaPay</title>
+    <meta charset="utf-8">
+	<link rel="shortcut icon" type="image/ico" href="https://www.datatables.net/favicon.ico">
+	<meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1.0, user-scalable=no">
+	
+    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css">
+	<!-- <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css"> -->
+	<link rel="stylesheet" type="text/css" href="https://cdn.datatables.net/1.10.22/css/jquery.dataTables.min.css">
+	<link rel="stylesheet" type="text/css" href="https://cdn.datatables.net/responsive/2.2.6/css/responsive.dataTables.min.css">
+	<link rel="stylesheet" type="text/css" href="https://cdn.datatables.net/buttons/1.6.5/css/buttons.dataTables.min.css">
+	<link rel="stylesheet" type="text/css" href="https://cdn.datatables.net/select/1.3.1/css/select.dataTables.min.css">
+	<link rel="stylesheet" type="text/css" href="/editor/css/editor.dataTables.min.css">
+	<link rel="stylesheet" type="text/css" href="/editor/examples/resources/syntax/shCore.css">
+	<link rel="stylesheet" type="text/css" href="/editor/examples/resources/demo.css">
+	<!-- <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/select2@4.1.0/css/select2.min.css"> -->
+	<link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/npm/selectize@latest/dist/css/selectize.default.css">
+	<!-- <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/css/select2.min.css" /> -->
+	<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/selectize.js/0.12.6/css/selectize.bootstrap3.min.css" integrity="sha256-ze/OEYGcFbPRmvCnrSeKbRTtjG4vGLHXgOqsyLFTRjg=" crossorigin="anonymous" />
+	<style type="text/css" class="init">
+	
+	</style>
+    <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js"></script>
+    <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js"></script>
+	<script src="https://cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/popper.min.js"></script>
+    <!-- <script type="text/javascript" language="javascript" src="https://code.jquery.com/jquery-3.5.1.js"></script> -->
+	<script type="text/javascript" language="javascript" src="https://cdn.datatables.net/1.10.22/js/jquery.dataTables.min.js"></script>
+	<script type="text/javascript" language="javascript" src="https://cdn.datatables.net/responsive/2.2.6/js/dataTables.responsive.min.js"></script>
+	<script type="text/javascript" language="javascript" src="https://cdn.datatables.net/buttons/1.6.5/js/dataTables.buttons.min.js"></script>
+	<script type="text/javascript" language="javascript" src="https://cdn.datatables.net/select/1.3.1/js/dataTables.select.min.js"></script>
+	<script type="text/javascript" language="javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jszip/3.1.3/jszip.min.js"></script>
+	<script type="text/javascript" language="javascript" src="https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.53/pdfmake.min.js"></script>
+	<script type="text/javascript" language="javascript" src="https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.53/vfs_fonts.js"></script>
+	<script type="text/javascript" language="javascript" src="https://cdn.datatables.net/buttons/2.3.6/js/buttons.html5.min.js"></script>
+	<script type="text/javascript" language="javascript" src="https://cdn.datatables.net/buttons/2.3.6/js/buttons.print.min.js"></script>
+	<script type="text/javascript" language="javascript" src="/editor/js/dataTables.editor.min.js"></script>
+	<script type="text/javascript" language="javascript" src="/editor/examples/resources/syntax/shCore.js"></script>
+	<script type="text/javascript" language="javascript" src="/editor/examples/resources/demo.js"></script>
+	<script type="text/javascript" language="javascript" src="/editor/examples/resources/editor-demo.js"></script>
+	<script src="https://cdnjs.cloudflare.com/ajax/libs/selectize.js/0.12.6/js/standalone/selectize.min.js" integrity="sha256-+C0A5Ilqmu4QcSPxrlGpaZxJ04VjsRjKu+G82kl5UJk=" crossorigin="anonymous"></script>
+	<script src="https://cdn.jsdelivr.net/npm/selectize@latest"></script>
+	<!-- <script src="https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js"></script> -->
+	
+
+
+
+	<style>
+		.centered {
+			position: fixed;
+			top: 50%;
+			left: 50%;
+			transform: translate(-50%, -50%);
+			-webkit-transform: translate(-50%, -50%);
+			-moz-transform: translate(-50%, -50%);
+			-o-transform: translate(-50%, -50%);
+			-ms-transform: translate(-50%, -50%);
+
+			font-size: 20px;
+			background-color: transparent;
+			border: 0px;
+			padding: 5px;
+			z-index: 100;
+		}
+	</style>
+</head>
\ No newline at end of file
diff --git a/index.php b/index.php
new file mode 100644
index 0000000..fc27b96
--- /dev/null
+++ b/index.php
@@ -0,0 +1,3 @@
+<?php
+    header("location: admin-test.php");
+?>
\ No newline at end of file
diff --git a/login/action.php b/login/action.php
new file mode 100644
index 0000000..fa54f21
--- /dev/null
+++ b/login/action.php
@@ -0,0 +1,37 @@
+<?php
+session_start();
+$email = $_POST['email'];
+$pwd = $_POST['pwd'];
+$data = '{ "users":"'.$email.'", "password":"'.$pwd.'" }';
+$curl = curl_init();
+curl_setopt($curl,CURLOPT_POSTFIELDS,$data);
+curl_setopt_array($curl, array(
+    CURLOPT_URL => '172.17.0.4:3000/api/auth/login',
+    CURLOPT_RETURNTRANSFER => true,
+    CURLOPT_ENCODING => '',
+    CURLOPT_MAXREDIRS => 10,
+    CURLOPT_TIMEOUT => 0,
+    CURLOPT_FOLLOWLOCATION => true,
+    CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
+    CURLOPT_CUSTOMREQUEST => 'POST',
+    CURLOPT_HTTPHEADER => array(
+        'Content-Type: application/json'
+    ),
+));
+
+$response = curl_exec($curl);
+
+curl_close($curl);
+$array = json_decode($response, true);
+if($array['token']!=null){
+    if($array['user']['type']!='admin'){
+        header("Location: /login/?msg=1");
+    } else {
+            $_SESSION['token']=$array['token'];
+            $_SESSION['user_id']=$array['user']['_id'];
+            $_SESSION['user_type']=$array['user']['type'];
+            header("Location: /admin-test.php".$_SESSION['url']);
+    }  
+} else {
+    header("Location: /login/?msg=2");
+}
\ No newline at end of file
diff --git a/login/index.php b/login/index.php
new file mode 100644
index 0000000..3acb713
--- /dev/null
+++ b/login/index.php
@@ -0,0 +1,74 @@
+<!DOCTYPE html>
+<html lang="en">
+<?php include '../header.php' ?>
+
+<body class="dt-example dt-example-bootstrap">
+    <nav class="navbar navbar-default">
+        <div class="container-fluid">
+            <div class="navbar-header">
+                <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1" aria-expanded="false">
+                    <span class="sr-only">Toggle navigation</span>
+                    <span class="icon-bar"></span>
+                    <span class="icon-bar"></span>
+                    <span class="icon-bar"></span>
+                </button>
+                <a class="navbar-brand" href="#">oBananaPay</a>
+            </div>
+
+            <div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
+                <ul class="nav navbar-nav">
+                    <li class="active"><a href="/">Transactions</a></li>
+                    <li><a href="/users/">Users</a></li>
+                    <li class="dropdown">
+                        <a class="dropdown-toggle" data-toggle="dropdown" href="#">Loan
+                            <span class="caret"></span></a>
+                        <ul class="dropdown-menu">
+                            <li><a href="/loan/">Applications</a></li>
+                            <li><a href="#">Batch Transfer</a></li>
+                            <li><a href="#">Logs</a></li>
+                        </ul>
+                    </li>
+                </ul>
+            </div>
+        </div>
+    </nav>
+    <div class="container">
+        <h2>Please Login</h2>
+        <?php
+        if ($_GET['msg'] == 1) {
+            echo "<div class='alert alert-warning alert-dismissible'>";
+            echo "<a href='#' class='close' data-dismiss='alert' aria-label='close'>&times;</a>";
+            echo "<strong>Warning!</strong> Only administrators allowed.";
+            echo "</div>";
+        }
+        if ($_GET['msg'] == 2) {
+            echo "<div class='alert alert-warning alert-dismissible'>";
+            echo "<a href='#' class='close' data-dismiss='alert' aria-label='close'>&times;</a>";
+            echo "<strong>Login Failed!</strong> Please check your credentials.";
+            echo "</div>";
+        }
+        ?>
+        <form class="form-horizontal" method="post" action="action.php">
+            <div class="form-group">
+                <label class="control-label col-sm-2" for="email">Email:</label>
+                <div class="col-sm-10">
+                    <input type="email" class="form-control" id="email" placeholder="Enter email" name="email">
+                </div>
+            </div>
+            <div class="form-group">
+                <label class="control-label col-sm-2" for="pwd">Password:</label>
+                <div class="col-sm-10">
+                    <input type="password" class="form-control" id="pwd" placeholder="Enter password" name="pwd">
+                </div>
+            </div>
+            <div class="form-group">
+                <div class="col-sm-offset-2 col-sm-10">
+                    <button type="submit" class="btn btn-default">Submit</button>
+                </div>
+            </div>
+        </form>
+    </div>
+
+</body>
+
+</html>
\ No newline at end of file
diff --git a/logout.php b/logout.php
new file mode 100644
index 0000000..1b7ea5a
--- /dev/null
+++ b/logout.php
@@ -0,0 +1,6 @@
+<?php
+    session_start();
+    session_unset();
+    session_destroy();
+    header("Location: /login/");
+?>
\ No newline at end of file
diff --git a/users/index.php b/users/index.php
new file mode 100644
index 0000000..64681ad
--- /dev/null
+++ b/users/index.php
@@ -0,0 +1,3 @@
+<?php
+	header("location: users-test.php");
+?>
\ No newline at end of file
diff --git a/users/users-test.php b/users/users-test.php
new file mode 100644
index 0000000..a640dde
--- /dev/null
+++ b/users/users-test.php
@@ -0,0 +1,102 @@
+<?php
+session_start();
+if (!isset($_SESSION['token'])) {
+	$_SESSION['url'] = "users/";
+	header("Location: /login/");
+	exit();
+}
+$user_id = $_SESSION['user_id'];
+?>
+<!DOCTYPE html>
+<html>
+<?php include '../header.php'; ?>
+<script type="text/javascript" class="init">
+	$(document).ready(function() {
+		$('#example').DataTable({
+			dom: 'Bfrtip',
+			buttons: [
+				'csv'
+			],
+			responsive: true
+		});
+	});
+</script>
+
+<body class="dt-example dt-example-bootstrap">
+	<nav class="navbar navbar-default">
+		<div class="container-fluid">
+			<div class="navbar-header">
+				<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1" aria-expanded="false">
+					<span class="sr-only">Toggle navigation</span>
+					<span class="icon-bar"></span>
+					<span class="icon-bar"></span>
+					<span class="icon-bar"></span>
+				</button>
+				<a class="navbar-brand" href="#">oBananaPay</a>
+			</div>
+
+			<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
+				<ul class="nav navbar-nav">
+					<li><a href="/admin-test.php">Transactions</a></li>
+					<li class="active"><a href="#">Users</a></li>
+					<!-- <li class="dropdown">
+                        <a class="dropdown-toggle" data-toggle="dropdown" href="#">Loan
+                            <span class="caret"></span></a>
+                        <ul class="dropdown-menu">
+                            <li><a href="/loan/">Applications</a></li>
+                            <li><a href="/loan/transfer.php">Batch Transfer</a></li>
+                            <li><a href="/loan/payment.php">Payments</a></li>
+                        </ul>
+                    </li> -->
+				</ul>
+				<ul class="nav navbar-nav navbar-right">
+					<li><a href="/logout.php">Logout <span class="glyphicon glyphicon-log-out" aria-hidden="true"></span></a></li>
+				</ul>
+			</div>
+		</div>
+	</nav>
+	<div class="container">
+		<h1>Users</h1>
+		<?php
+		include '../functions-test.php';
+		$response = get_users();
+		$array = json_decode($response, true);
+		?>
+		<table id="example" class="table table-bordered display responsive nowrap" style="width:100%">
+			<thead>
+				<tr>
+					<th width='1'>ID</th>
+					<th>Name</th>
+					<th>Email</th>
+					<th>Phone</th>
+					<th>Type</th>
+					<th>Status</th>
+					<th>Balance</th>
+					<th>Reg. Date</th>
+					<th>Reg. Time</th>
+				</tr>
+			</thead>
+			<tbody>
+				<?php
+				foreach ($array as $x => $val) {
+					echo "<tr>";
+					echo "<td>" . $val['_id'] . "</td>";
+					echo "<td>" . $val['fName'] . ' ' . $val['lName'] . "</td>";
+					echo "<td>" . $val['email'] . "</td>";
+					echo "<td>" . $val['phone'] . "</td>";
+					echo "<td>" . $val['type'] . "</td>";
+					echo "<td>" . $val['status'] . "</td>";
+					$json = getUserById($val['_id']);
+					$balance = json_decode($json,true);
+					echo "<td>".$balance['balance']."</td>";
+					echo "<td>" . substr($val['createdAt'], 0, 10)  . "</td>";
+					echo "<td>" . substr($val['createdAt'], 11, 8)  . "</td>";
+					echo "</tr>";
+				}
+				?>
+			</tbody>
+		</table>
+	</div>
+</body>
+
+</html>
\ No newline at end of file