fix 9
This commit is contained in:
Flatlogic Bot
parent
1e9abec636
commit
07ef77935c
@ -1,7 +1,7 @@
|
||||
<?php
|
||||
error_reporting(E_ALL);
|
||||
ini_set('display_errors', '1');
|
||||
declare(strict_types=1);
|
||||
error_reporting(E_ALL);
|
||||
ini_set("display_errors", "1");
|
||||
require_once __DIR__ . '/../db/config.php';
|
||||
require_once __DIR__ . '/../includes/functions.php';
|
||||
|
||||
|
||||
@ -25,7 +25,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action'])) {
|
||||
if (!has_permission('tables_add')) {
|
||||
$message = '<div class="alert alert-danger">Access Denied.</div>';
|
||||
} else {
|
||||
$stmt = $pdo->prepare("UPDATE tables SET table_number = ?, capacity = ?, area_id = ?, status = ? WHERE id = ?");
|
||||
$stmt = $pdo->prepare("UPDATE `tables` SET table_number = ?, capacity = ?, area_id = ?, status = ? WHERE id = ?");
|
||||
$stmt->execute([$table_number, $capacity, $area_id, $status, $id]);
|
||||
$message = '<div class="alert alert-success">Table updated successfully!</div>';
|
||||
}
|
||||
@ -33,7 +33,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action'])) {
|
||||
if (!has_permission('tables_add')) {
|
||||
$message = '<div class="alert alert-danger">Access Denied.</div>';
|
||||
} else {
|
||||
$stmt = $pdo->prepare("INSERT INTO tables (table_number, capacity, area_id, status) VALUES (?, ?, ?, ?)");
|
||||
$stmt = $pdo->prepare("INSERT INTO `tables` (table_number, capacity, area_id, status) VALUES (?, ?, ?, ?)");
|
||||
$stmt->execute([$table_number, $capacity, $area_id, $status]);
|
||||
$message = '<div class="alert alert-success">Table created successfully!</div>';
|
||||
}
|
||||
@ -52,7 +52,7 @@ if (isset($_GET['delete'])) {
|
||||
try {
|
||||
$id = (int)$_GET['delete'];
|
||||
// Soft delete to avoid breaking historical order integrity
|
||||
$pdo->prepare("UPDATE tables SET is_deleted = 1 WHERE id = ?")->execute([$id]);
|
||||
$pdo->prepare("UPDATE `tables` SET is_deleted = 1 WHERE id = ?")->execute([$id]);
|
||||
header("Location: tables.php?deleted=1");
|
||||
exit;
|
||||
} catch (PDOException $e) {
|
||||
@ -67,11 +67,12 @@ if (isset($_GET['deleted'])) {
|
||||
|
||||
$areas = $pdo->query("SELECT * FROM areas WHERE is_deleted = 0 ORDER BY name ASC")->fetchAll();
|
||||
|
||||
$query = "SELECT `t`.`id`, `t`.`table_number`, `t`.`capacity`, `t`.`status`, `t`.`area_id`, `a`.`name` AS `area_name`
|
||||
FROM `tables` AS `t`
|
||||
LEFT JOIN `areas` AS `a` ON `t`.`area_id` = `a`.`id`
|
||||
WHERE `t`.`is_deleted` = 0
|
||||
ORDER BY `a`.`name` ASC, `t`.`table_number` ASC";
|
||||
// Use a very standard query without backticks on aliases to maximize compatibility
|
||||
$query = "SELECT t.id, t.table_number, t.capacity, t.status, t.area_id, a.name AS area_name
|
||||
FROM `tables` t
|
||||
LEFT JOIN areas a ON t.area_id = a.id
|
||||
WHERE t.is_deleted = 0
|
||||
ORDER BY a.name ASC, t.table_number ASC";
|
||||
$tables_pagination = paginate_query($pdo, $query);
|
||||
$tables = $tables_pagination['data'];
|
||||
|
||||
|
||||
@ -34,11 +34,12 @@ try {
|
||||
$tid = $data['table_id'] ?? ($data['table_number'] ?? null); // Support both table_id and table_number as numeric ID
|
||||
if ($tid) {
|
||||
// Validate table exists AND belongs to the correct outlet
|
||||
// Using standard aliases without backticks for better compatibility
|
||||
$stmt = $pdo->prepare(
|
||||
"SELECT `t`.`id`, `t`.`table_number`
|
||||
FROM `tables` AS `t`
|
||||
JOIN `areas` AS `a` ON `t`.`area_id` = `a`.`id`
|
||||
WHERE `t`.`id` = ? AND `a`.`outlet_id` = ?"
|
||||
"SELECT t.id, t.table_number
|
||||
FROM tables t
|
||||
JOIN areas a ON t.area_id = a.id
|
||||
WHERE t.id = ? AND a.outlet_id = ?"
|
||||
);
|
||||
$stmt->execute([$tid, $outlet_id]);
|
||||
$table = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
@ -52,10 +53,10 @@ try {
|
||||
if (!$table_id) {
|
||||
// Optional: try to find the first available table for this outlet
|
||||
$stmt = $pdo->prepare(
|
||||
"SELECT `t`.`id`, `t`.`table_number`
|
||||
FROM `tables` AS `t`
|
||||
JOIN `areas` AS `a` ON `t`.`area_id` = `a`.`id`
|
||||
WHERE `a`.`outlet_id` = ?
|
||||
"SELECT t.id, t.table_number
|
||||
FROM tables t
|
||||
JOIN areas a ON t.area_id = a.id
|
||||
WHERE a.outlet_id = ?
|
||||
LIMIT 1"
|
||||
);
|
||||
$stmt->execute([$outlet_id]);
|
||||
@ -419,4 +420,4 @@ You've earned *{points_earned} points* with this order.
|
||||
if ($pdo->inTransaction()) $pdo->rollBack();
|
||||
error_log("Order Error: " . $e->getMessage());
|
||||
echo json_encode(['success' => false, 'error' => $e->getMessage()]);
|
||||
}
|
||||
}
|
||||
|
||||
@ -10,12 +10,13 @@ try {
|
||||
$outlet_id = isset($_GET['outlet_id']) ? intval($_GET['outlet_id']) : 1;
|
||||
|
||||
// Fetch all tables with their area names, filtered by outlet_id
|
||||
// Using standard aliases without backticks for better compatibility
|
||||
$sql = "
|
||||
SELECT `t`.`id`, `t`.`table_number` AS `name`, `t`.`capacity`, `a`.`name` AS `area_name`, `t`.`status`
|
||||
FROM `tables` AS `t`
|
||||
LEFT JOIN `areas` AS `a` ON `t`.`area_id` = `a`.`id`
|
||||
WHERE `a`.`outlet_id` = :outlet_id AND `t`.`is_deleted` = 0
|
||||
ORDER BY `a`.`name` ASC, `t`.`table_number` ASC
|
||||
SELECT t.id, t.table_number AS name, t.capacity, a.name AS area_name, t.status
|
||||
FROM `tables` t
|
||||
LEFT JOIN areas a ON t.area_id = a.id
|
||||
WHERE a.outlet_id = :outlet_id AND t.is_deleted = 0
|
||||
ORDER BY a.name ASC, t.table_number ASC
|
||||
";
|
||||
$stmt = $pdo->prepare($sql);
|
||||
$stmt->execute(['outlet_id' => $outlet_id]);
|
||||
|
||||
@ -111,28 +111,28 @@ function paginate_query($pdo, $query, $params = [], $default_limit = 20) {
|
||||
}
|
||||
|
||||
// Count total rows using a subquery to handle complex queries safely
|
||||
// Strip ORDER BY from the query for the count to avoid SQL errors and improve performance
|
||||
// Use a more robust regex that handles potential trailing semicolons or whitespace
|
||||
// We wrap the original query into a subquery. This is the most reliable way.
|
||||
// If ORDER BY is present, some older MySQL versions might fail in subquery, so we try to strip it.
|
||||
$count_query = preg_replace('/ORDER\s+BY.*?(?=;|$)/is', '', $query);
|
||||
$count_sql = "SELECT COUNT(*) FROM ($count_query) as count_table";
|
||||
|
||||
try {
|
||||
$stmt = $pdo->prepare($count_sql);
|
||||
$stmt->execute($params);
|
||||
$total_rows = $stmt->fetchColumn();
|
||||
$total_rows = (int)$stmt->fetchColumn();
|
||||
} catch (PDOException $e) {
|
||||
// If stripping ORDER BY failed or caused issues, try with the original query in subquery
|
||||
// Fallback to original query if regex stripping failed
|
||||
try {
|
||||
$count_sql_fallback = "SELECT COUNT(*) FROM ($query) as count_table";
|
||||
$stmt = $pdo->prepare($count_sql_fallback);
|
||||
$stmt->execute($params);
|
||||
$total_rows = $stmt->fetchColumn();
|
||||
$total_rows = (int)$stmt->fetchColumn();
|
||||
} catch (PDOException $e2) {
|
||||
die("Pagination Count Error: " . $e2->getMessage() . "\nSQL: " . $count_sql);
|
||||
}
|
||||
}
|
||||
|
||||
$total_pages = ceil($total_rows / $limit);
|
||||
$total_pages = $limit > 0 ? ceil($total_rows / $limit) : 1;
|
||||
if ($page > $total_pages && $total_pages > 0) $page = $total_pages;
|
||||
|
||||
// Calculate offset
|
||||
@ -159,6 +159,7 @@ function paginate_query($pdo, $query, $params = [], $default_limit = 20) {
|
||||
];
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Render pagination controls and limit selector.
|
||||
*
|
||||
|
||||
17
qorder.php
17
qorder.php
@ -1,7 +1,7 @@
|
||||
<?php
|
||||
error_reporting(E_ALL);
|
||||
ini_set('display_errors', '1');
|
||||
declare(strict_types=1);
|
||||
error_reporting(E_ALL);
|
||||
ini_set("display_errors", "1");
|
||||
require_once __DIR__ . '/db/config.php';
|
||||
require_once __DIR__ . '/includes/functions.php';
|
||||
|
||||
@ -17,12 +17,13 @@ if ($table_id <= 0) {
|
||||
|
||||
// Fetch table and outlet info
|
||||
try {
|
||||
// Using standard aliases without backticks for better compatibility
|
||||
$stmt = $pdo->prepare("
|
||||
SELECT `t`.`id`, `t`.`table_number` AS `table_name`, `a`.`outlet_id`, `o`.`name` AS `outlet_name`
|
||||
FROM `tables` AS `t`
|
||||
JOIN `areas` AS `a` ON `t`.`area_id` = `a`.`id`
|
||||
JOIN `outlets` AS `o` ON `a`.`outlet_id` = `o`.`id`
|
||||
WHERE `t`.`id` = ?
|
||||
SELECT t.id, t.table_number AS table_name, a.outlet_id, o.name AS outlet_name
|
||||
FROM `tables` t
|
||||
JOIN areas a ON t.area_id = a.id
|
||||
JOIN outlets o ON a.outlet_id = o.id
|
||||
WHERE t.id = ?
|
||||
");
|
||||
$stmt->execute([$table_id]);
|
||||
$table_info = $stmt->fetch();
|
||||
@ -526,4 +527,4 @@ foreach ($variants_raw as $v) {
|
||||
}
|
||||
</script>
|
||||
</body>
|
||||
</html>
|
||||
</html>
|
||||
@ -1,36 +0,0 @@
|
||||
<?php
|
||||
require_once __DIR__ . '/db/config.php';
|
||||
require_once __DIR__ . '/includes/functions.php';
|
||||
|
||||
echo "Checking tables permission...\n";
|
||||
try {
|
||||
// Mock session for a user with all permissions
|
||||
init_session();
|
||||
$_SESSION['user'] = [
|
||||
'id' => 1,
|
||||
'username' => 'admin',
|
||||
'group_name' => 'Admin',
|
||||
'permissions' => 'all'
|
||||
];
|
||||
|
||||
require_permission("tables_view");
|
||||
echo "Tables permission OK\n";
|
||||
|
||||
require_permission("orders_view");
|
||||
echo "Orders permission OK\n";
|
||||
|
||||
$pdo = db();
|
||||
$query = "SELECT t.*, a.name as area_name
|
||||
FROM tables t
|
||||
LEFT JOIN areas a ON t.area_id = a.id
|
||||
WHERE t.is_deleted = 0
|
||||
ORDER BY a.name ASC, t.table_number ASC";
|
||||
$stmt = $pdo->query($query);
|
||||
$tables = $stmt->fetchAll();
|
||||
echo "Tables query OK, found " . count($tables) . " tables\n";
|
||||
|
||||
} catch (Exception $e) {
|
||||
echo "Caught exception: " . $e->getMessage() . "\n";
|
||||
} catch (Error $e) {
|
||||
echo "Caught error: " . $e->getMessage() . "\n";
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user