admin/36675-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
36675-vm/view_order.php

208 lines
10 KiB
PHP
Raw Blame History

<?php
$page_title = 'View/Edit Order';
require_once __DIR__ . '/partials/header.php';
require_once __DIR__ . '/db/config.php';
$user_id = $_SESSION['user_id'];
$user_role = $_SESSION['user_role'];
$pdo = db();
$order = null;
$edit_mode = false;
$errors = [];
$success_message = '';
// Check if order ID is provided
if (isset($_GET['id']) && is_numeric($_GET['id'])) {
$order_id = $_GET['id'];
$stmt = $pdo->prepare("SELECT o.*, o.query_text, o.reply_text, u.name as sales_rep_name FROM orders o JOIN users u ON o.sales_rep_id = u.id WHERE o.id = :id");
$stmt->bindParam(':id', $order_id, PDO::PARAM_INT);
$stmt->execute();
$order = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$order) {
$errors[] = "Order not found.";
} else {
// Determine if user can edit this order
if ($user_role === 'Sales Rep' && $order['sales_rep_id'] == $user_id) {
$edit_mode = true;
} elseif ($user_role === 'Dispatch' || $user_role === 'Admin') {
$edit_mode = true; // Dispatch and Admin can always edit
}
}
} catch (PDOException $e) {
error_log("Database error fetching order: " . $e->getMessage());
$errors[] = "Error loading order details. Please try again later.";
}
} else {
$errors[] = "No order ID provided.";
}
// Handle form submission for updating order
if ($_SERVER['REQUEST_METHOD'] === 'POST' && $edit_mode && $order) {
$new_order_number = trim($_POST['order_number'] ?? '');
$new_order_date = trim($_POST['order_date'] ?? '');
$new_order_text = trim($_POST['order_text'] ?? '');
$new_status = trim($_POST['status'] ?? '');
$new_query_text = trim($_POST['query_text'] ?? '');
$new_reply_text = trim($_POST['reply_text'] ?? '');
// Preserve existing query/reply if not being updated by a specific status change
$query_to_save = $order['query_text'];
$reply_to_save = $order['reply_text'];
if ($new_status === 'Query' && empty($order['query_text'])) {
$query_to_save = $new_query_text;
} elseif ($new_status === 'Query Replied' && empty($order['reply_text'])) {
$reply_to_save = $new_reply_text;
}
if (empty($new_order_number)) {
$errors[] = "Order number cannot be empty.";
}
if (empty($new_order_date)) {
$errors[] = "Order date cannot be empty.";
}
if (empty($new_order_text)) {
$errors[] = "Order text cannot be empty.";
}
if (empty($new_status)) {
$errors[] = "Status cannot be empty.";
}
if (empty($errors)) {
try {
$stmt = $pdo->prepare("UPDATE orders SET order_number = :order_number, order_date = :order_date, order_text = :order_text, status = :status, query_text = :query_text, reply_text = :reply_text WHERE id = :id");
$stmt->bindParam(':order_number', $new_order_number);
$stmt->bindParam(':order_date', $new_order_date);
$stmt->bindParam(':order_text', $new_order_text);
$stmt->bindParam(':status', $new_status);
$stmt->bindParam(':query_text', $query_to_save);
$stmt->bindParam(':reply_text', $reply_to_save);
$stmt->bindParam(':id', $order_id, PDO::PARAM_INT);
$stmt->execute();
$success_message = "Order updated successfully!";
// Re-fetch order to display updated data
$stmt = $pdo->prepare("SELECT o.*, u.name as sales_rep_name FROM orders o JOIN users u ON o.sales_rep_id = u.id WHERE o.id = :id");
$stmt->bindParam(':id', $order_id, PDO::PARAM_INT);
$stmt->execute();
$order = $stmt->fetch(PDO::FETCH_ASSOC);
} catch (PDOException $e) {
error_log("Database error updating order: " . $e->getMessage());
$errors[] = "Error updating order. Please try again later.";
}
}
}
?>
<div class="container mt-4">
<div class="row">
<div class="col-md-8 mx-auto">
<div class="card shadow-sm">
<div class="card-header bg-primary text-white">
<h1 class="card-title h4 mb-0"><?php echo htmlspecialchars($page_title); ?></h1>
</div>
<div class="card-body">
<?php if (!empty($errors)): ?>
<div class="alert alert-danger">
<?php foreach ($errors as $error): ?>
<p class="mb-0"><?php echo htmlspecialchars($error); ?></p>
<?php endforeach; ?>
</div>
<?php endif; ?>
<?php if (!empty($success_message)): ?>
<div class="alert alert-success">
<?php echo htmlspecialchars($success_message); ?>
</div>
<?php endif; ?>
<?php if ($order): ?>
<form method="POST">
<div class="mb-3">
<label for="order_number" class="form-label">Order Number</label>
<input type="text" class="form-control" id="order_number" name="order_number" value="<?php echo htmlspecialchars($order['order_number']); ?>" <?php echo $edit_mode ? '' : 'readonly'; ?>>
</div>
<div class="mb-3">
<label for="order_date" class="form-label">Order Date</label>
<input type="date" class="form-control" id="order_date" name="order_date" value="<?php echo htmlspecialchars($order['order_date']); ?>" <?php echo $edit_mode ? '' : 'readonly'; ?>>
</div>
<div class="mb-3">
<label for="order_text" class="form-label">Order Details</label>
<textarea class="form-control" id="order_text" name="order_text" rows="5" <?php echo $edit_mode ? '' : 'readonly'; ?>><?php echo htmlspecialchars($order['order_text']); ?></textarea>
</div>
<div class="mb-3">
<label for="sales_rep_name" class="form-label">Sales Rep</label>
<input type="text" class="form-control" id="sales_rep_name" value="<?php echo htmlspecialchars($order['sales_rep_name']); ?>" readonly>
</div>
<div class="mb-3">
<label for="status" class="form-label">Status</label>
<?php if ($edit_mode): ?>
<select class="form-select" id="status" name="status">
<?php $statuses = ['Pending', 'Query', 'Query Replied', 'Shipped', 'Cancelled']; ?>
<?php foreach ($statuses as $status_option): ?>
<option value="<?php echo htmlspecialchars($status_option); ?>" <?php echo ($order['status'] === $status_option) ? 'selected' : ''; ?>>
<?php echo htmlspecialchars($status_option); ?>
</option>
<?php endforeach; ?>
</select>
<?php else: ?>
<input type="text" class="form-control" id="status" name="status" value="<?php echo htmlspecialchars($order['status']); ?>" readonly>
<?php endif; ?>
</div>
<div class="mb-3" id="queryTextBox" style="display: none;">
<label for="query_text" class="form-label">Query</label>
<textarea class="form-control" id="query_text" name="query_text" rows="3" <?php echo ($order['query_text'] && $order['query_text'] !== '') ? 'readonly' : ''; ?>><?php echo htmlspecialchars($order['query_text'] ?? ''); ?></textarea>
</div>
<div class="mb-3" id="replyTextBox" style="display: none;">
<label for="reply_text" class="form-label">Query Reply</label>
<textarea class="form-control" id="reply_text" name="reply_text" rows="3" <?php echo ($order['reply_text'] && $order['reply_text'] !== '') ? 'readonly' : ''; ?>><?php echo htmlspecialchars($order['reply_text'] ?? ''); ?></textarea>
</div>
<?php if ($edit_mode): ?>
<button type="submit" class="btn btn-primary">Update Order</button>
<?php endif; ?>
<a href="index.php" class="btn btn-secondary">Back to Dashboard</a>
</form>
<?php else: ?>
<a href="index.php" class="btn btn-primary">Back to Dashboard</a>
<?php endif; ?>
</div>
</div>
</div>
</div>
</div>
<script>
document.addEventListener('DOMContentLoaded', function() {
const statusSelect = document.getElementById('status');
const queryTextBox = document.getElementById('queryTextBox');
const replyTextBox = document.getElementById('replyTextBox');
function toggleTextBoxes() {
const currentStatus = statusSelect.value;
queryTextBox.style.display = 'none';
replyTextBox.style.display = 'none';
if (currentStatus === 'Query') {
queryTextBox.style.display = 'block';
} else if (currentStatus === 'Query Replied') {
replyTextBox.style.display = 'block';
}
}
// Initial call to set correct visibility on page load
toggleTextBoxes();
// Add event listener for status change
if (statusSelect) {
statusSelect.addEventListener('change', toggleTextBoxes);
}
});
</script>
<?php require_once __DIR__ . '/partials/footer.php'; ?>
Reference in New Issue View Git Blame Copy Permalink