156 lines
6.4 KiB
PHP
156 lines
6.4 KiB
PHP
<?php
|
|
session_start();
|
|
require_once 'db/config.php';
|
|
|
|
// Check if user is logged in
|
|
if (!isset($_SESSION['user_id'])) {
|
|
header("Location: login.php");
|
|
exit();
|
|
}
|
|
|
|
$userId = $_SESSION['user_id'];
|
|
$taskId = $_GET['id'] ?? null;
|
|
$message = $_GET['message'] ?? '';
|
|
$message_type = $_GET['type'] ?? 'info';
|
|
|
|
if (!$taskId) {
|
|
header("Location: manage-tasks.php");
|
|
exit();
|
|
}
|
|
|
|
$pdo = db();
|
|
|
|
// Verify task ownership
|
|
try {
|
|
$stmt = $pdo->prepare('SELECT * FROM tasks WHERE id = :task_id AND user_id = :user_id');
|
|
$stmt->execute([':task_id' => $taskId, ':user_id' => $userId]);
|
|
$task = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
|
|
if (!$task) {
|
|
// If the user does not own this task, redirect them
|
|
header("Location: manage-tasks.php?message=access_denied");
|
|
exit();
|
|
}
|
|
} catch (PDOException $e) {
|
|
die("Database error: Could not verify task ownership.");
|
|
}
|
|
|
|
// Handle POST request to update application status
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['application_id']) && isset($_POST['action'])) {
|
|
$applicationId = $_POST['application_id'];
|
|
$action = $_POST['action'];
|
|
|
|
try {
|
|
$pdo->beginTransaction();
|
|
|
|
if ($action === 'accept') {
|
|
// 1. Set this application to 'accepted'
|
|
$stmt = $pdo->prepare('UPDATE applications SET status = 'accepted' WHERE id = :application_id AND task_id = :task_id');
|
|
$stmt->execute([':application_id' => $applicationId, ':task_id' => $taskId]);
|
|
|
|
// 2. Set the task status to 'assigned'
|
|
$stmt = $pdo->prepare('UPDATE tasks SET status = 'assigned' WHERE id = :task_id');
|
|
$stmt->execute([':task_id' => $taskId]);
|
|
|
|
// 3. Set all other pending applications for this task to 'rejected'
|
|
$stmt = $pdo->prepare('UPDATE applications SET status = 'rejected' WHERE task_id = :task_id AND id != :application_id AND status = 'pending'');
|
|
$stmt->execute([':task_id' => $taskId, ':application_id' => $applicationId]);
|
|
|
|
$message = 'Application accepted! The task is now assigned.';
|
|
$message_type = 'success';
|
|
|
|
} elseif ($action === 'reject') {
|
|
// Just reject this single application
|
|
$stmt = $pdo->prepare('UPDATE applications SET status = 'rejected' WHERE id = :application_id AND task_id = :task_id');
|
|
$stmt->execute([':application_id' => $applicationId, ':task_id' => $taskId]);
|
|
$message = 'Application rejected.';
|
|
$message_type = 'info';
|
|
}
|
|
|
|
$pdo->commit();
|
|
header("Location: manage-task.php?id=$taskId&message=" . urlencode($message) . "&type=" . $message_type);
|
|
exit();
|
|
|
|
} catch (PDOException $e) {
|
|
$pdo->rollBack();
|
|
// Log error instead of dying in production
|
|
die("Database error: Could not update application status. " . $e->getMessage());
|
|
}
|
|
}
|
|
|
|
|
|
// Fetch all applications for this task
|
|
try {
|
|
$stmt = $pdo->prepare(
|
|
'SELECT a.id, a.status, u.username, u.email
|
|
FROM applications a
|
|
JOIN users u ON a.user_id = u.id
|
|
WHERE a.task_id = :task_id
|
|
ORDER BY a.created_at DESC'
|
|
);
|
|
$stmt->execute([':task_id' => $taskId]);
|
|
$applications = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
|
} catch (PDOException $e) {
|
|
die("Database error: Could not retrieve applications.");
|
|
}
|
|
|
|
|
|
$pageTitle = "Manage Task: " . htmlspecialchars($task['title']);
|
|
include 'shared/header.php';
|
|
?>
|
|
|
|
<div class="container">
|
|
<div class="page-header">
|
|
<h1>Manage Task</h1>
|
|
<h2><?php echo htmlspecialchars($task['title']); ?></h2>
|
|
<p>Posted on: <?php echo date('F j, Y', strtotime($task['created_at'])); ?></p>
|
|
<p class="task-status-manage">Status: <span class="status-badge status-<?php echo strtolower(htmlspecialchars($task['status'])); ?>"><?php echo htmlspecialchars($task['status']); ?></span></p>
|
|
</div>
|
|
|
|
<?php if ($message): ?>
|
|
<div class="alert alert-<?php echo htmlspecialchars($message_type); ?>"><?php echo htmlspecialchars($message); ?></div>
|
|
<?php endif; ?>
|
|
|
|
<div class="applicants-section">
|
|
<h3>Applicants</h3>
|
|
<?php if (empty($applications)): ?>
|
|
<div class="alert alert-info">There are no applicants for this task yet.</div>
|
|
<?php else: ?>
|
|
<div class="applicants-list">
|
|
<?php foreach ($applications as $app): ?>
|
|
<div class="applicant-card">
|
|
<div class="applicant-info">
|
|
<strong><?php echo htmlspecialchars($app['username']); ?></strong>
|
|
(<?php echo htmlspecialchars($app['email']); ?>)
|
|
</div>
|
|
<div class="applicant-status">
|
|
Status: <span class="status-badge status-<?php echo strtolower(htmlspecialchars($app['status'])); ?>"><?php echo htmlspecialchars($app['status']); ?></span>
|
|
</div>
|
|
<?php if ($app['status'] === 'accepted'): ?>
|
|
<div class="applicant-actions">
|
|
<p class="text-success">This applicant was awarded the task.</p>
|
|
</div>
|
|
<?php elseif ($task['status'] === 'open' && $app['status'] === 'pending'): ?>
|
|
<div class="applicant-actions">
|
|
<form action="manage-task.php?id=<?php echo $taskId; ?>" method="POST" style="display: inline;">
|
|
<input type="hidden" name="application_id" value="<?php echo $app['id']; ?>">
|
|
<button type="submit" name="action" value="accept" class="btn btn-success">Accept</button>
|
|
</form>
|
|
<form action="manage-task.php?id=<?php echo $taskId; ?>" method="POST" style="display: inline;">
|
|
<input type="hidden" name="application_id" value="<?php echo $app['id']; ?>">
|
|
<button type="submit" name="action" value="reject" class="btn btn-danger">Reject</button>
|
|
</form>
|
|
</div>
|
|
<?php endif; ?>
|
|
</div>
|
|
<?php endforeach; ?>
|
|
</div>
|
|
<?php endif; ?>
|
|
</div>
|
|
<div class="back-link">
|
|
<a href="manage-tasks.php">Back to All My Tasks</a>
|
|
</div>
|
|
</div>
|
|
|
|
<?php include 'shared/footer.php'; ?>
|