fetch_all(MYSQLI_ASSOC);
// Get invoices
$sql = "SELECT id, client, `desc`, amount, date, status FROM invoices";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$invoices = $result->fetch_all(MYSQLI_ASSOC);
// Get orders
$sql = "SELECT id, service, name, client, date, billing, status, comments FROM orders";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$orders = $result->fetch_all(MYSQLI_ASSOC);
// GET actions
// delete entry
if (isset($_GET["del"])) {
$sql = "DELETE FROM invoices WHERE id = ?";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_bind_param($stmt, "s", $param_id);
$param_id = $_GET["del"];
if (!mysqli_stmt_execute($stmt) || mysqli_stmt_affected_rows($stmt) != 1) {
echo "SQL error.";
} else header("location: ".$_SERVER['SCRIPT_NAME']);
}
if (isset($_GET["pdf"])) {
// Get invoice
$sql = "SELECT pdf FROM invoices WHERE id = ?";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_bind_param($stmt, "s", $param_id);
$param_id = $_GET["pdf"];
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$pdf = $result->fetch_all(MYSQLI_ASSOC)[0]["pdf"];
header("Content-type: application/pdf");
header("Content-Disposition: inline;filename=\"invoice.pdf\"");
echo $pdf;
}
if (isset($_GET["proof"])) {
// Get invoice
$sql = "SELECT proof FROM invoices WHERE id = ?";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_bind_param($stmt, "s", $param_id);
$param_id = $_GET["proof"];
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$proof = $result->fetch_all(MYSQLI_ASSOC)[0]["proof"];
header("Content-type: application/pdf");
header("Content-Disposition: inline;filename=\"proof.pdf\"");
echo $proof;
}
// POST actions
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// edit entry
if (isset($_POST["save"])) {
$sql = "UPDATE invoices SET status = ? WHERE id = ?";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_bind_param($stmt, "ss", $param_status, $param_id);
$param_status = $_POST["status"];
$param_id = $_POST["id"];
if (!mysqli_stmt_execute($stmt)) {
die("SQL error 1.");
}
if (isset($_FILES["proof"])) {
$proof = file_get_contents($_FILES["proof"]["tmp_name"]);
$sql = "UPDATE invoices SET proof = ? WHERE id = ?";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_bind_param($stmt, "ss", $param_proof, $param_id);
$param_proof = $proof;
$param_id = $_POST["id"];
if (!mysqli_stmt_execute($stmt) || (mysqli_stmt_affected_rows($stmt) != 1)) {
die("SQL error 2.");
}
}
header("location: ".$_SERVER['SCRIPT_NAME']);
}
}
function getorderbyid($id) {
global $orders;
foreach ($orders as $order) {
if ($order["id"] == $id) {
return $order;
}
}
}
function getservicebyid($id) {
global $services;
foreach ($services as $service) {
if ($service["id"] == $id) {
return $service;
}
}
}
function getclientbyid($id) {
global $clients;
foreach ($clients as $client) {
if ($client["id"] == $id) {
return $client;
}
}
}
function getinvoicebyid($id) {
global $invoices;
foreach ($invoices as $invoice) {
if ($invoice["id"] == $id) {
return $invoice;
}
}
}
?>
ARFNET CSTIMS
ARFNET Client Service Ticket and Invoice Management System
panel
Invoices
".$client["username"]."";
foreach ($orders as $order)
//if ($order["client"] == )
$order_options .= "
";
echo "
";
}
if (isset($_GET["edit"])) {
$invoice = getinvoicebyid($_GET["edit"]);
$client_options = $service_options = "";
echo "
";
}
?>
manual invoice
id | client | description | amount | date | pdf | status | proof | action |
".$invoice["id"]." | "
."".getclientbyid($invoice["client"])["username"]." | "
."".$invoice["desc"]." | "
."".$invoice["amount"]." € | "
."".$invoice["date"]." | "
."pdf | "
."".$invoice["status"]." | "
."pdf | "
."del edit | \n";
}
?>