32 lines
1.1 KiB
PHP
32 lines
1.1 KiB
PHP
<?php
|
|
session_start();
|
|
if (!isset($_SESSION['admin_logged_in']) || $_SESSION['admin_logged_in'] !== true) {
|
|
header('Location: index.php');
|
|
exit;
|
|
}
|
|
|
|
require_once '../db/config.php';
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
$application_id = $_POST['application_id'] ?? null;
|
|
$status = $_POST['status'] ?? null;
|
|
|
|
$possible_statuses = ['Pending', 'Approved', 'Rejected'];
|
|
|
|
if ($application_id && $status && in_array($status, $possible_statuses)) {
|
|
try {
|
|
$stmt = db()->prepare("UPDATE applications SET status = :status WHERE id = :id");
|
|
$stmt->bindParam(':status', $status, PDO::PARAM_STR);
|
|
$stmt->bindParam(':id', $application_id, PDO::PARAM_INT);
|
|
$stmt->execute();
|
|
$_SESSION['message'] = "Status for application #{$application_id} has been updated to '{$status}'.";
|
|
} catch (PDOException $e) {
|
|
// In a real app, you would log this error
|
|
$_SESSION['message'] = "Error updating status. Please try again.";
|
|
}
|
|
}
|
|
}
|
|
|
|
header('Location: dashboard.php');
|
|
exit;
|