aboutsummaryrefslogtreecommitdiff
path: root/manageinvoices.php
diff options
context:
space:
mode:
authorarf20 <aruizfernandez05@gmail.com>2024-04-09 16:20:32 +0200
committerarf20 <aruizfernandez05@gmail.com>2024-04-09 16:20:32 +0200
commit50464559aa522ce04222cebcee3cc6a115aa2902 (patch)
tree3608f36fe6816d7ea847806048ef952ec3d315a3 /manageinvoices.php
parentb708311d256bbf057b0d6ad2fba4d75642c5a095 (diff)
downloadarfnet2-cstims-50464559aa522ce04222cebcee3cc6a115aa2902.tar.gz
arfnet2-cstims-50464559aa522ce04222cebcee3cc6a115aa2902.zip
Add proof of payment and fix HTML issues
Diffstat (limited to 'manageinvoices.php')
-rw-r--r--manageinvoices.php52
1 files changed, 42 insertions, 10 deletions
diff --git a/manageinvoices.php b/manageinvoices.php
index 56f2490..04983b3 100644
--- a/manageinvoices.php
+++ b/manageinvoices.php
@@ -61,6 +61,20 @@ if (isset($_GET["pdf"])) {
echo $pdf;
}
+if (isset($_GET["proof"])) {
+ // Get invoice
+ $sql = "SELECT proof FROM invoices WHERE id = ?";
+ $stmt = mysqli_prepare($link, $sql);
+ mysqli_stmt_bind_param($stmt, "s", $param_id);
+ $param_id = $_GET["proof"];
+ mysqli_stmt_execute($stmt);
+ $result = mysqli_stmt_get_result($stmt);
+ $proof = $result->fetch_all(MYSQLI_ASSOC)[0]["proof"];
+ header("Content-type: application/pdf");
+ header("Content-Disposition: inline;filename=\"proof.pdf\"");
+ echo $proof;
+}
+
// POST actions
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// edit entry
@@ -71,9 +85,25 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
$param_status = $_POST["status"];
$param_id = $_POST["id"];
- if (!mysqli_stmt_execute($stmt) || (mysqli_stmt_affected_rows($stmt) != 1)) {
- echo "SQL error.";
- } else header("location: ".$_SERVER['SCRIPT_NAME']);
+ if (!mysqli_stmt_execute($stmt)) {
+ die("SQL error 1.");
+ }
+
+ if (isset($_FILES["proof"])) {
+ $proof = file_get_contents($_FILES["proof"]["tmp_name"]);
+
+ $sql = "UPDATE invoices SET proof = ? WHERE id = ?";
+ $stmt = mysqli_prepare($link, $sql);
+ mysqli_stmt_bind_param($stmt, "ss", $param_proof, $param_id);
+ $param_proof = $proof;
+ $param_id = $_POST["id"];
+
+ if (!mysqli_stmt_execute($stmt) || (mysqli_stmt_affected_rows($stmt) != 1)) {
+ die("SQL error 2.");
+ }
+ }
+
+ header("location: ".$_SERVER['SCRIPT_NAME']);
}
}
@@ -132,7 +162,7 @@ function getinvoicebyid($id) {
<div class="col8">
<h2 class="center">ARFNET Client Service Ticket and Invoice Management System</h2>
<h3><?php echo strtoupper($type[0]).substr($type, 1); ?> panel</h3>
- <h3>Orders</h3>
+ <h3>Invoices</h3>
<?php
if (isset($_GET["add"])) {
@@ -156,21 +186,22 @@ function getinvoicebyid($id) {
if (isset($_GET["edit"])) {
$invoice = getinvoicebyid($_GET["edit"]);
$client_options = $service_options = "";
- echo "<div class=\"form\"><h3>Edit invoice ".$invoice["id"]."</h3><form action=\"".$_SERVER['SCRIPT_NAME']."\" method=\"post\">\n"
+ echo "<div class=\"form\"><h3>Edit invoice ".$invoice["id"]."</h3><form action=\"".$_SERVER['SCRIPT_NAME']."\" method=\"post\" enctype=\"multipart/form-data\">\n"
."<label><b>Client</b></label><br><label>".getclientbyid($invoice["client"])["username"]."</label><br>\n"
."<label><b>Description</b></label><br><label>".$invoice["desc"]."</label><br>\n"
."<label><b>Amount</b></label><br><label>".$invoice["amount"]."</label><br>\n"
."<label><b>Date</b></label><br><label>".$invoice["date"]."</label><br>\n"
."<label><b>Status</b></label><br><select name=\"status\"><option value=\"paid\" ".($invoice["status"] == "paid" ? "selected" : "").">paid</option><option value=\"unpaid\" ".($invoice["status"] == "unpaid" ? "selected" : "").">unpaid</option></select><br>\n"
- ."<input type=\"hidden\" name=\"id\" value=\"".$invoice["id"]."\">"
- ."<br><input type=\"submit\" name=\"save\" value=\"Save\"><a href=\"".$_SERVER['SCRIPT_NAME']."\">cancel</a>"
+ ."<label><b>Proof</b></label><br><input type=\"file\" name=\"proof\"><br>\n"
+ ."<input type=\"hidden\" name=\"id\" value=\"".$invoice["id"]."\">\n"
+ ."<br><input type=\"submit\" name=\"save\" value=\"Save\"><a href=\"".$_SERVER['SCRIPT_NAME']."\">cancel</a>\n"
."</form></div>";
}
?>
<a href="?add">manual invoice</a>
<table>
- <tr><th>id</th><th>client</th><th>description</th><th>amount</th><th>date</th><th>pdf</th><th>status</th><th>action</th></tr>
+ <tr><th>id</th><th>client</th><th>description</th><th>amount</th><th>date</th><th>pdf</th><th>status</th><th>proof</th><th>action</th></tr>
<?php
foreach ($invoices as $invoice) {
echo "<tr><td>".$invoice["id"]."</td>"
@@ -180,6 +211,7 @@ function getinvoicebyid($id) {
."<td>".$invoice["date"]."</td>"
."<td><a href=\"?pdf=".$invoice["id"]."\">pdf</a></td>"
."<td>".$invoice["status"]."</td>"
+ ."<td><a href=\"?proof=".$invoice["id"]."\">pdf</a></td>"
."<td><a href=\"?del=".$invoice["id"]."\">del</a> <a href=\"?edit=".$invoice["id"]."\">edit</a></td></tr>\n";
}
?>
@@ -188,8 +220,8 @@ function getinvoicebyid($id) {
</div>
<div class="col2">
<h3>Logged as <?php echo $username; ?></h3>
- <h3><a href="/logout.php">Logout</h2>
- <h3><a href="/admin.php">Back to admin panel</h2>
+ <h3><a href="/logout.php">Logout</a></h2>
+ <h3><a href="/admin.php">Back to admin panel</a></h2>
</div>
</div>
</main>