prepare("SELECT o.*, o.query_text, o.reply_text, u.name as sales_rep_name FROM orders o LEFT JOIN users u ON o.sales_rep_id = u.id WHERE o.id = :id"); $stmt->bindParam(':id', $order_id, PDO::PARAM_INT); $stmt->execute(); $order = $stmt->fetch(PDO::FETCH_ASSOC); if (!$order) { $errors[] = "Order not found."; } else { // Determine if user can edit this order if ($user_role === 'Sales Rep' && $order['sales_rep_id'] == $user_id) { $edit_mode = true; } elseif ($user_role === 'Dispatch' || $user_role === 'Admin') { $edit_mode = true; // Dispatch and Admin can always edit } } } catch (PDOException $e) { $errors[] = "Database error fetching order: " . $e->getMessage(); } } else { $errors[] = "No order ID provided."; } // Handle form submission for updating order if ($_SERVER['REQUEST_METHOD'] === 'POST' && $edit_mode && $order) { $new_order_number = trim($_POST['order_number'] ?? ''); $new_order_date = trim($_POST['order_date'] ?? ''); $new_order_text = trim($_POST['order_text'] ?? ''); $new_status = trim($_POST['status'] ?? ''); $new_query_text = trim($_POST['query_text'] ?? ''); $new_reply_text = trim($_POST['reply_text'] ?? ''); // Preserve existing query/reply if not being updated by a specific status change $query_to_save = $order['query_text']; $reply_to_save = $order['reply_text']; if ($new_status === 'Query' && empty($order['query_text'])) { $query_to_save = $new_query_text; } elseif ($new_status === 'Query Replied' && empty($order['reply_text'])) { $reply_to_save = $new_reply_text; } if (empty($new_order_number)) { $errors[] = "Order number cannot be empty."; } if (empty($new_order_date)) { $errors[] = "Order date cannot be empty."; } if (empty($new_order_text)) { $errors[] = "Order text cannot be empty."; } if (empty($new_status)) { $errors[] = "Status cannot be empty."; } if (empty($errors)) { try { $stmt = $pdo->prepare("UPDATE orders SET order_number = :order_number, order_date = :order_date, order_text = :order_text, status = :status, query_text = :query_text, reply_text = :reply_text WHERE id = :id"); $stmt->bindParam(':order_number', $new_order_number); $stmt->bindParam(':order_date', $new_order_date); $stmt->bindParam(':order_text', $new_order_text); $stmt->bindParam(':status', $new_status); $stmt->bindParam(':query_text', $query_to_save); $stmt->bindParam(':reply_text', $reply_to_save); $stmt->bindParam(':id', $order_id, PDO::PARAM_INT); $stmt->execute(); $success_message = "Order updated successfully!"; // Re-fetch order to display updated data $stmt = $pdo->prepare("SELECT o.*, u.name as sales_rep_name FROM orders o LEFT JOIN users u ON o.sales_rep_id = u.id WHERE o.id = :id"); $stmt->bindParam(':id', $order_id, PDO::PARAM_INT); $stmt->execute(); $order = $stmt->fetch(PDO::FETCH_ASSOC); } catch (PDOException $e) { error_log("Database error updating order: " . $e->getMessage()); $errors[] = "Error updating order. Please try again later."; } } } ?>

>
>
Back to Dashboard
Back to Dashboard