admin/34968-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
34968-vm/restaurant/order_details.php
Flatlogic Bot 727b6fcf29 V10
2025-10-15 04:02:50 +00:00

125 lines
4.2 KiB
PHP
Raw Permalink Blame History

<?php
include 'header.php';
require_once '../db/config.php';
// Ensure the user is a logged-in restaurant owner
if (!isset($_SESSION['user_id']) || $_SESSION['role'] !== 'restaurant_owner') {
header('Location: ../login.php');
exit;
}
if (!isset($_GET['order_id'])) {
echo "<div class='alert alert-danger'>No order ID specified.</div>";
include 'footer.php';
exit;
}
$owner_id = $_SESSION['user_id'];
$order_id = $_GET['order_id'];
$pdo = db();
// Get the owner's restaurant ID
$stmt = $pdo->prepare("SELECT id FROM restaurants WHERE user_id = ?");
$stmt->execute([$owner_id]);
$restaurant = $stmt->fetch();
if (!$restaurant) {
echo "<div class='alert alert-danger'>You are not associated with any restaurant.</div>";
include 'footer.php';
exit;
}
$restaurant_id = $restaurant['id'];
// Security Check: Verify the order belongs to the restaurant owner
$check_stmt = $pdo->prepare("
SELECT o.id
FROM orders o
JOIN order_items oi ON o.id = oi.order_id
JOIN menu_items mi ON oi.menu_item_id = mi.id
WHERE o.id = ? AND mi.restaurant_id = ?
LIMIT 1
");
$check_stmt->execute([$order_id, $restaurant_id]);
if ($check_stmt->rowCount() == 0) {
echo "<div class='alert alert-danger'>Access Denied: This order does not belong to your restaurant.</div>";
include 'footer.php';
exit;
}
// Fetch order details
$order_stmt = $pdo->prepare("
SELECT o.*, u.name AS user_name, u.email AS user_email, u.address AS user_address
FROM orders o
JOIN users u ON o.user_id = u.id
WHERE o.id = ?
");
$order_stmt->execute([$order_id]);
$order = $order_stmt->fetch(PDO::FETCH_ASSOC);
if (!$order) {
echo "<div class='alert alert-danger'>Order not found.</div>";
include 'footer.php';
exit;
}
// Fetch order items
$items_stmt = $pdo->prepare("
SELECT oi.quantity, oi.price, mi.name AS item_name
FROM order_items oi
JOIN menu_items mi ON oi.menu_item_id = mi.id
WHERE oi.order_id = ? AND mi.restaurant_id = ?
");
$items_stmt->execute([$order_id, $restaurant_id]);
$items = $items_stmt->fetchAll(PDO::FETCH_ASSOC);
$possible_statuses = ['Pending', 'Confirmed', 'Preparing', 'Out for Delivery', 'Delivered', 'Cancelled'];
?>
<div class="container mt-4">
<h2>Order Details #<?php echo htmlspecialchars($order['id']); ?></h2>
<div class="card mb-4">
<div class="card-header">Customer & Order Information</div>
<div class="card-body">
<p><strong>Customer Name:</strong> <?php echo htmlspecialchars($order['user_name']); ?></p>
<p><strong>Customer Email:</strong> <?php echo htmlspecialchars($order['user_email']); ?></p>
<p><strong>Delivery Address:</strong> <?php echo htmlspecialchars($order['user_address']); ?></p>
<hr>
<p><strong>Order Total:</strong> $<?php echo number_format($order['total_price'], 2); ?></p>
<p><strong>Order Status:</strong> <?php echo htmlspecialchars($order['status']); ?></p>
<p><strong>Order Date:</strong> <?php echo $order['created_at']; ?></p>
</div>
</div>
<div class="card mb-4">
<div class="card-header">Order Items</div>
<div class="card-body">
<table class="table table-striped">
<thead>
<tr>
<th>Item Name</th>
<th>Quantity</th>
<th>Price per item</th>
<th>Subtotal</th>
</tr>
</thead>
<tbody>
<?php foreach ($items as $item): ?>
<tr>
<td><?php echo htmlspecialchars($item['item_name']); ?></td>
<td><?php echo $item['quantity']; ?></td>
<td>$<?php echo number_format($item['price'], 2); ?></td>
<td>$<?php echo number_format($item['price'] * $item['quantity'], 2); ?></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
</div>
<a href="orders.php" class="btn btn-secondary">Back to Orders List</a>
</div>
<?php include 'footer.php'; ?>
Reference in New Issue View Git Blame Copy Permalink