57 lines
1.5 KiB
PHP
57 lines
1.5 KiB
PHP
<?php
|
|
header('Content-Type: application/json');
|
|
require_once __DIR__ . '/../db/config.php';
|
|
session_start();
|
|
|
|
if (!isset($_SESSION['user_id']) || $_SESSION['role'] !== 'admin') {
|
|
http_response_code(403); // Forbidden
|
|
echo json_encode(['error' => 'You do not have permission to view this content.']);
|
|
exit;
|
|
}
|
|
|
|
$sale_id = $_GET['id'] ?? 0;
|
|
|
|
if (empty($sale_id)) {
|
|
http_response_code(400); // Bad Request
|
|
echo json_encode(['error' => 'Invalid Sale ID.']);
|
|
exit;
|
|
}
|
|
|
|
try {
|
|
$pdo = db();
|
|
|
|
// Fetch main sale info
|
|
$stmt = $pdo->prepare(
|
|
"SELECT s.id, s.receipt_number, s.total_amount, s.tax_amount, s.created_at, u.username as cashier_name
|
|
FROM sales s
|
|
LEFT JOIN users u ON s.user_id = u.id
|
|
WHERE s.id = ?"
|
|
);
|
|
$stmt->execute([$sale_id]);
|
|
$sale = $stmt->fetch();
|
|
|
|
if (!$sale) {
|
|
http_response_code(404); // Not Found
|
|
echo json_encode(['error' => 'Sale not found.']);
|
|
exit;
|
|
}
|
|
|
|
// Fetch sale items
|
|
$items_stmt = $pdo->prepare(
|
|
"SELECT si.quantity, si.price_at_sale, p.name as product_name
|
|
FROM sale_items si
|
|
JOIN products p ON si.product_id = p.id
|
|
WHERE si.sale_id = ?"
|
|
);
|
|
$items_stmt->execute([$sale_id]);
|
|
$items = $items_stmt->fetchAll();
|
|
|
|
$sale['items'] = $items;
|
|
|
|
echo json_encode($sale);
|
|
|
|
} catch (PDOException $e) {
|
|
http_response_code(500);
|
|
echo json_encode(['error' => 'Database error: ' . $e->getMessage()]);
|
|
}
|
|
?>
|