ARFNET CSTIMS

From c509a2d6aa9394fa7200d8fa11904914d8e81f06 Mon Sep 17 00:00:00 2001 From: arf20 Date: Tue, 19 Mar 2024 04:58:03 +0100 Subject: Order working --- admin.php | 26 +++++++++++-- order.php | 124 ++++++++++++++++++++++++++++++++++++++++++++++---------------- style.css | 4 ++ 3 files changed, 120 insertions(+), 34 deletions(-) diff --git a/admin.php b/admin.php index 37a69f6..2aeebe1 100644 --- a/admin.php +++ b/admin.php @@ -10,6 +10,8 @@ if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){ $username = $_SESSION["username"]; $type = $_SESSION["type"]; +if ($type != "admin") die("Permission denied."); + require_once "config.php"; // Get users @@ -33,6 +35,24 @@ mysqli_stmt_execute($stmt); $result = mysqli_stmt_get_result($stmt); $orders = $result->fetch_all(MYSQLI_ASSOC); +function getservicebyid($id) { + global $services; + foreach ($services as $service) { + if ($service["id"] == $id) { + return $service; + } + } +} + +function getclientbyid($id) { + global $users; + foreach ($users as $client) { + if ($client["id"] == $id) { + return $client; + } + } +} + ?> @@ -59,7 +79,7 @@ $orders = $result->fetch_all(MYSQLI_ASSOC); usertypestatus ".$user['username']."".$user['type']."".$user['status']."\n"; + echo "".$user["username"]."".$user["type"]."".$user["status"]."\n"; } ?> @@ -70,7 +90,7 @@ $orders = $result->fetch_all(MYSQLI_ASSOC); nametypebilling ".$service['name']."".$service['type']."".$service['billing']."\n"; + echo "".$service["name"]."".$service["type"]."".$service["billing"]."\n"; } ?> @@ -81,7 +101,7 @@ $orders = $result->fetch_all(MYSQLI_ASSOC); serviceinstanceclient ".$order['service']."".$order['name']."".$order['client']."\n"; + echo "".getservicebyid($order["service"])["name"]."".$order["name"]."".getclientbyid($order["client"])["username"]."\n"; } ?> diff --git a/order.php b/order.php index 1dd8555..613e3e7 100644 --- a/order.php +++ b/order.php @@ -14,12 +14,29 @@ $type = $_SESSION["type"]; require_once "config.php"; // Get services -$sql = "SELECT id, name, type, billing FROM services"; +$sql = "SELECT id, name, type, billing, description FROM services"; $stmt = mysqli_prepare($link, $sql); mysqli_stmt_execute($stmt); $result = mysqli_stmt_get_result($stmt); $services = $result->fetch_all(MYSQLI_ASSOC); +// POST actions +if ($_SERVER["REQUEST_METHOD"] == "POST") { + // add entry + $sql = "INSERT INTO orders (service, name, client, billing, comments) VALUES (?, ?, ?, ?, ?)"; + $stmt = mysqli_prepare($link, $sql); + mysqli_stmt_bind_param($stmt, "sssss", $param_service, $param_name, $param_client, $param_billing, $param_comments); + $param_service = $_POST["service"]; + $param_name = $_POST["name"]; + $param_client = $clientid; + $param_billing = $_POST["billing"]; + $param_comments = $_POST["comments"]; + + if (!mysqli_stmt_execute($stmt) || (mysqli_stmt_affected_rows($stmt) != 1)) { + echo "SQL error."; + } else header("location: ".$_SERVER['SCRIPT_NAME']); +} + function getservicebyid($id) { global $services; foreach ($services as $service) { @@ -29,6 +46,11 @@ function getservicebyid($id) { } } +function genoption($id, $name) { + return "" + ."$name
\n"; +} + ?> @@ -37,6 +59,39 @@ function getservicebyid($id) { ARFNET CSTIMS +

@@ -50,39 +105,46 @@ function getservicebyid($id) {

panel

Order a new service

Service
- - Premium
- " - ."".$service["name"]."
\n"; - } - ?> - - - Standard
- " - ."".$service["name"]."
\n"; - } - ?> - - Free
- " - ."".$service["name"]."
\n"; - } - ?> - +

+
Instance name
+
+ +

diff --git a/style.css b/style.css index be0edd3..cdbc4a2 100644 --- a/style.css +++ b/style.css @@ -22,6 +22,10 @@ body { font-size: 150%; } +.col { + float: left; +} + .col5 { float: left; width: 50%; -- cgit v1.2.3