diff --git a/db/setup.php b/db/setup.php index cdea52c..39f8189 100644 --- a/db/setup.php +++ b/db/setup.php @@ -7,7 +7,8 @@ function setup_database($pdo) { email VARCHAR(255) NOT NULL UNIQUE, password VARCHAR(255) NOT NULL, role ENUM('Admin', 'Sales Rep', 'Dispatch') NOT NULL, - created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP + created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP )"); $pdo->exec("CREATE TABLE IF NOT EXISTS orders ( @@ -16,6 +17,8 @@ function setup_database($pdo) { order_date DATE NOT NULL, order_text TEXT NOT NULL, status ENUM('Pending', 'Query', 'Query Replied', 'Shipped', 'Cancelled') NOT NULL DEFAULT 'Pending', + query_text TEXT DEFAULT NULL, + reply_text TEXT DEFAULT NULL, sales_rep_id INT NOT NULL, created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP, updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, diff --git a/index.php b/index.php index 7ab3303..b4af665 100644 --- a/index.php +++ b/index.php @@ -15,20 +15,35 @@ $shipped_orders_month_count = 0; try { // --- Fetch Dashboard Counts --- - $conditions = ''; + $base_conditions_arr = []; $params = []; + if ($user_role === 'Sales Rep') { - $conditions = " WHERE sales_rep_id = :user_id"; + $base_conditions_arr[] = "sales_rep_id = :user_id"; $params[':user_id'] = $user_id; } // Pending Orders Count - $stmt = $pdo->prepare("SELECT COUNT(*) FROM orders " . $conditions . " AND status = 'Pending'"); + $pending_orders_conditions_arr = $base_conditions_arr; + $pending_orders_conditions_arr[] = "status = 'Pending'"; + + $pending_orders_where_clause = ''; + if (!empty($pending_orders_conditions_arr)) { + $pending_orders_where_clause = " WHERE " . implode(" AND ", $pending_orders_conditions_arr); + } + $stmt = $pdo->prepare("SELECT COUNT(*) FROM orders " . $pending_orders_where_clause); $stmt->execute($params); $pending_orders_count = $stmt->fetchColumn(); // Pending Replies Count (Orders with status 'Query' or 'Query Replied') - $stmt = $pdo->prepare("SELECT COUNT(*) FROM orders " . $conditions . " AND (status = 'Query' OR status = 'Query Replied')"); + $pending_replies_conditions_arr = $base_conditions_arr; + $pending_replies_conditions_arr[] = "(status = 'Query' OR status = 'Query Replied')"; + + $pending_replies_where_clause = ''; + if (!empty($pending_replies_conditions_arr)) { + $pending_replies_where_clause = " WHERE " . implode(" AND ", $pending_replies_conditions_arr); + } + $stmt = $pdo->prepare("SELECT COUNT(*) FROM orders " . $pending_replies_where_clause); $stmt->execute($params); $pending_replies_count = $stmt->fetchColumn(); @@ -36,12 +51,21 @@ try { $current_month_start = date('Y-m-01 00:00:00'); $current_month_end = date('Y-m-t 23:59:59'); - $shipped_sql = "SELECT COUNT(*) FROM orders " . $conditions . " AND status = 'Shipped' AND created_at >= :start_date AND created_at <= :end_date"; + $shipped_conditions_arr = $base_conditions_arr; + $shipped_conditions_arr[] = "status = 'Shipped'"; + $shipped_conditions_arr[] = "created_at >= :start_date"; + $shipped_conditions_arr[] = "created_at <= :end_date"; + + $shipped_where_clause = ''; $shipped_params = $params; $shipped_params[':start_date'] = $current_month_start; $shipped_params[':end_date'] = $current_month_end; - $stmt = $pdo->prepare($shipped_sql); + if (!empty($shipped_conditions_arr)) { + $shipped_where_clause = " WHERE " . implode(" AND ", $shipped_conditions_arr); + } + + $stmt = $pdo->prepare("SELECT COUNT(*) FROM orders " . $shipped_where_clause); $stmt->execute($shipped_params); $shipped_orders_month_count = $stmt->fetchColumn(); @@ -133,9 +157,9 @@ try { ... - View + View - Edit + Edit diff --git a/view_order.php b/view_order.php new file mode 100644 index 0000000..b2cdb28 --- /dev/null +++ b/view_order.php @@ -0,0 +1,207 @@ +prepare("SELECT o.*, o.query_text, o.reply_text, u.name as sales_rep_name FROM orders o JOIN users u ON o.sales_rep_id = u.id WHERE o.id = :id"); + $stmt->bindParam(':id', $order_id, PDO::PARAM_INT); + $stmt->execute(); + $order = $stmt->fetch(PDO::FETCH_ASSOC); + + if (!$order) { + $errors[] = "Order not found."; + } else { + // Determine if user can edit this order + if ($user_role === 'Sales Rep' && $order['sales_rep_id'] == $user_id) { + $edit_mode = true; + } elseif ($user_role === 'Dispatch' || $user_role === 'Admin') { + $edit_mode = true; // Dispatch and Admin can always edit + } + } + } catch (PDOException $e) { + error_log("Database error fetching order: " . $e->getMessage()); + $errors[] = "Error loading order details. Please try again later."; + } +} else { + $errors[] = "No order ID provided."; +} + +// Handle form submission for updating order +if ($_SERVER['REQUEST_METHOD'] === 'POST' && $edit_mode && $order) { + $new_order_number = trim($_POST['order_number'] ?? ''); + $new_order_date = trim($_POST['order_date'] ?? ''); + $new_order_text = trim($_POST['order_text'] ?? ''); + $new_status = trim($_POST['status'] ?? ''); + $new_query_text = trim($_POST['query_text'] ?? ''); + $new_reply_text = trim($_POST['reply_text'] ?? ''); + + // Preserve existing query/reply if not being updated by a specific status change + $query_to_save = $order['query_text']; + $reply_to_save = $order['reply_text']; + + if ($new_status === 'Query' && empty($order['query_text'])) { + $query_to_save = $new_query_text; + } elseif ($new_status === 'Query Replied' && empty($order['reply_text'])) { + $reply_to_save = $new_reply_text; + } + + if (empty($new_order_number)) { + $errors[] = "Order number cannot be empty."; + } + if (empty($new_order_date)) { + $errors[] = "Order date cannot be empty."; + } + if (empty($new_order_text)) { + $errors[] = "Order text cannot be empty."; + } + if (empty($new_status)) { + $errors[] = "Status cannot be empty."; + } + + if (empty($errors)) { + try { + $stmt = $pdo->prepare("UPDATE orders SET order_number = :order_number, order_date = :order_date, order_text = :order_text, status = :status, query_text = :query_text, reply_text = :reply_text WHERE id = :id"); + $stmt->bindParam(':order_number', $new_order_number); + $stmt->bindParam(':order_date', $new_order_date); + $stmt->bindParam(':order_text', $new_order_text); + $stmt->bindParam(':status', $new_status); + $stmt->bindParam(':query_text', $query_to_save); + $stmt->bindParam(':reply_text', $reply_to_save); + $stmt->bindParam(':id', $order_id, PDO::PARAM_INT); + $stmt->execute(); + + $success_message = "Order updated successfully!"; + // Re-fetch order to display updated data + $stmt = $pdo->prepare("SELECT o.*, u.name as sales_rep_name FROM orders o JOIN users u ON o.sales_rep_id = u.id WHERE o.id = :id"); + $stmt->bindParam(':id', $order_id, PDO::PARAM_INT); + $stmt->execute(); + $order = $stmt->fetch(PDO::FETCH_ASSOC); + } catch (PDOException $e) { + error_log("Database error updating order: " . $e->getMessage()); + $errors[] = "Error updating order. Please try again later."; + } + } +} +?> + +
+
+
+
+
+

+
+
+ +
+ +

+ +
+ + + +
+ +
+ + + +
+
+ + > +
+
+ + > +
+
+ + +
+
+ + +
+
+ + + + + + +
+ + + + + + + + + Back to Dashboard +
+ + Back to Dashboard + +
+
+
+
+
+ + + +