fetch_all(MYSQLI_ASSOC);
// Get services
$sql = "SELECT id, name, type, billing, description FROM services";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$services = $result->fetch_all(MYSQLI_ASSOC);
// Get orders
$sql = "SELECT id, service, name, client, date, billing, status, comments FROM orders";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$orders = $result->fetch_all(MYSQLI_ASSOC);
// GET actions
// delete entry
if (isset($_GET["del"])) {
$sql = "DELETE FROM orders WHERE id = ?";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_bind_param($stmt, "s", $param_id);
$param_id = $_GET["del"];
if (!mysqli_stmt_execute($stmt) || mysqli_stmt_affected_rows($stmt) != 1) {
echo "SQL error.";
} else header("location: ".$_SERVER['SCRIPT_NAME']);
}
// POST actions
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// add entry
if (isset($_POST["add"])) {
$sql = "INSERT INTO orders (service, name, client, billing, comments) VALUES (?, ?, ?, ?, ?)";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_bind_param($stmt, "sssss", $param_service, $param_name, $param_client, $param_billing, $param_comments);
$param_service = $_POST["service"];
$param_name = $_POST["name"];
$param_client = $_POST["client"];
$param_billing = $_POST["billing"];
$param_comments = $_POST["comments"];
if (!mysqli_stmt_execute($stmt) || (mysqli_stmt_affected_rows($stmt) != 1)) {
echo "SQL error.";
} else header("location: ".$_SERVER['SCRIPT_NAME']);
}
// edit entry
if (isset($_POST["save"])) {
$sql = "UPDATE orders SET name = ?, billing = ?, status = ?, comments = ? WHERE id = ?";
$stmt = mysqli_prepare($link, $sql);
mysqli_stmt_bind_param($stmt, "sssss", $param_name, $param_billing, $param_status, $param_comments, $param_id);
$param_name = $_POST["name"];
$param_billing = $_POST["billing"];
$param_status = $_POST["status"];
$param_comments = $_POST["comments"];
$param_id = $_POST["id"];
if (!mysqli_stmt_execute($stmt) || (mysqli_stmt_affected_rows($stmt) != 1)) {
echo "SQL error.";
} else header("location: ".$_SERVER['SCRIPT_NAME']);
}
}
function getorderbyid($id) {
global $orders;
foreach ($orders as $order) {
if ($order["id"] == $id) {
return $order;
}
}
}
function getservicebyid($id) {
global $services;
foreach ($services as $service) {
if ($service["id"] == $id) {
return $service;
}
}
}
function getclientbyid($id) {
global $clients;
foreach ($clients as $client) {
if ($client["id"] == $id) {
return $client;
}
}
}
?>
ARFNET CSTIMS
ARFNET Client Service Ticket and Invoice Management System
panel
Orders
Edit order ".$order["id"]."
";
}
if (isset($_GET["add"])) {
$client_options = $service_options = "";
foreach ($clients as $client)
$client_options .= "
";
foreach ($services as $service)
$service_options .= "
";
echo "
";
}
?>
add
id | service | instance | client | billing | date | status | comments | action |
".$order["id"]." | "
."".getservicebyid($order["service"])["name"]." | "
."".$order["name"]." | "
."".getclientbyid($order["client"])["username"]." | "
."".$order["billing"]." | "
."".$order["date"]." | "
."".$order["status"]." | "
."
".$order["comments"]." | "
."del edit | \n";
}
?>