From 4c4b8df824dcd2fd3ac4b8d486181ec87a0f13cd Mon Sep 17 00:00:00 2001 From: arf20 Date: Mon, 18 Mar 2024 17:55:48 +0100 Subject: Add manageorders, fix services edit --- manageorders.php | 190 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 190 insertions(+) create mode 100644 manageorders.php (limited to 'manageorders.php') diff --git a/manageorders.php b/manageorders.php new file mode 100644 index 0000000..c91a5b7 --- /dev/null +++ b/manageorders.php @@ -0,0 +1,190 @@ +fetch_all(MYSQLI_ASSOC); + +// Get services +$sql = "SELECT id, name, type, billing, description FROM services"; +$stmt = mysqli_prepare($link, $sql); +mysqli_stmt_execute($stmt); +$result = mysqli_stmt_get_result($stmt); +$services = $result->fetch_all(MYSQLI_ASSOC); + +// Get orders +$sql = "SELECT id, service, name, client, date, billing, comments FROM orders"; +$stmt = mysqli_prepare($link, $sql); +mysqli_stmt_execute($stmt); +$result = mysqli_stmt_get_result($stmt); +$orders = $result->fetch_all(MYSQLI_ASSOC); + +// GET actions +// delete entry +if (isset($_GET["del"])) { + $sql = "DELETE FROM orders WHERE id = ?"; + $stmt = mysqli_prepare($link, $sql); + mysqli_stmt_bind_param($stmt, "s", $param_id); + $param_id = $_GET["del"]; + if (!mysqli_stmt_execute($stmt) || mysqli_stmt_affected_rows($stmt) != 1) { + echo "SQL error."; + } else header("location: ".$_SERVER['SCRIPT_NAME']); +} + +// POST actions +if ($_SERVER["REQUEST_METHOD"] == "POST") { + // add entry + if (isset($_POST["add"])) { + $sql = "INSERT INTO orders (service, name, client, billing, comments) VALUES (?, ?, ?, ?, ?)"; + $stmt = mysqli_prepare($link, $sql); + mysqli_stmt_bind_param($stmt, "sssss", $param_service, $param_name, $param_client, $param_billing, $param_comments); + $param_service = $_POST["service"]; + $param_name = $_POST["name"]; + $param_client = $_POST["client"]; + $param_billing = $_POST["billing"]; + $param_comments = $_POST["comments"]; + + if (!mysqli_stmt_execute($stmt) || (mysqli_stmt_affected_rows($stmt) != 1)) { + echo "SQL error."; + } else header("location: ".$_SERVER['SCRIPT_NAME']); + } + + // edit entry + if (isset($_POST["save"])) { + $sql = "UPDATE orders SET name = ?, billing = ?, comments = ? WHERE id = ?"; + $stmt = mysqli_prepare($link, $sql); + mysqli_stmt_bind_param($stmt, "ssss", $param_name, $param_billing, $param_comments, $param_id); + $param_name = $_POST["name"]; + $param_billing = $_POST["billing"]; + $param_comments = $_POST["comments"]; + $param_id = $_POST["id"]; + + if (!mysqli_stmt_execute($stmt) || (mysqli_stmt_affected_rows($stmt) != 1)) { + echo "SQL error."; + } else header("location: ".$_SERVER['SCRIPT_NAME']); + } +} + +function getorderbyid($id) { + global $orders; + foreach ($orders as $order) { + if ($order["id"] == $id) { + return $order; + } + } +} + +function getservicebyid($id) { + global $services; + foreach ($services as $service) { + if ($service["id"] == $id) { + return $service; + } + } +} + +function getclientbyid($id) { + global $clients; + foreach ($clients as $client) { + if ($client["id"] == $id) { + return $client; + } + } +} + +?> + + + + + + + ARFNET CSTIMS + + +
+ ARFNET +
+
+
+
+
+

ARFNET Client Service Ticket and Invoice Management System

+

panel

+

Orders

+ +

Edit order ".$order["id"]."

\n" + ."

\n" + ."

\n" + ."

\n" + ."" + ."
cancel" + ."
"; + } + + if (isset($_GET["add"])) { + $client_options = $service_options = ""; + foreach ($clients as $client) + $client_options .= ""; + foreach ($services as $service) + $service_options .= ""; + echo "

Add order

\n" + ."

" + ."

\n" + ."

\n" + ."

\n" + ."

\n" + ."
cancel" + ."
"; + } + ?> + + add + + + " + ."" + ."" + ."" + ."" + ."" + ."" + ."\n"; + } + ?> +
idserviceinstanceclientbillingdatecommentsaction
".$order["id"]."".getservicebyid($order["service"])["name"]."".$order["name"]."".getclientbyid($order["client"])["username"]."".$order["billing"]."".$order["date"]."
".$order["comments"]."
del edit
+ +
+
+

Logged as

+

Logout

+

Back to admin panel

+
+ +
+ + + -- cgit v1.2.3