From 1aec2c17d61c4574d202c92d8a2ade0a653c76c0 Mon Sep 17 00:00:00 2001
From: Flatlogic Bot <support@flatlogic.com>
Date: Sat, 28 Feb 2026 17:39:42 +0000
Subject: [PATCH] show products in qr order

---
 admin/products.php                            | 26 +++++++++++++++----
 cookies.txt                                   |  5 ++++
 .../044_add_show_in_qorder_to_products.sql    |  1 +
 patch_badge.php                               | 23 ++++++++++++++++
 qorder.php                                    |  2 +-
 5 files changed, 51 insertions(+), 6 deletions(-)
 create mode 100644 cookies.txt
 create mode 100644 db/migrations/044_add_show_in_qorder_to_products.sql
 create mode 100644 patch_badge.php

diff --git a/admin/products.php b/admin/products.php
index e6fe17d..5a348a9 100644
--- a/admin/products.php
+++ b/admin/products.php
@@ -23,6 +23,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action'])) {
     $promo_date_from = !empty($_POST['promo_date_from']) ? $_POST['promo_date_from'] : null;
     $promo_date_to = !empty($_POST['promo_date_to']) ? $_POST['promo_date_to'] : null;
     $is_loyalty = isset($_POST['is_loyalty']) ? 1 : 0;
+    $show_in_qorder = isset($_POST['show_in_qorder']) ? 1 : 0;
 
     $image_url = null;
     if ($id) {
@@ -49,16 +50,16 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action'])) {
             if (!has_permission('products_edit')) {
                 $message = '<div class="alert alert-danger">Access Denied: You do not have permission to edit products.</div>';
             } else {
-                $stmt = $pdo->prepare("UPDATE products SET name = ?, name_ar = ?, category_id = ?, price = ?, vat_percent = ?, cost_price = ?, stock_quantity = ?, description = ?, image_url = ?, promo_discount_percent = ?, promo_date_from = ?, promo_date_to = ?, is_loyalty = ? WHERE id = ?");
-                $stmt->execute([$name, $name_ar, $category_id, $price, $vat_percent, $cost_price, $stock_quantity, $description, $image_url, $promo_discount_percent, $promo_date_from, $promo_date_to, $is_loyalty, $id]);
+                $stmt = $pdo->prepare("UPDATE products SET name = ?, name_ar = ?, category_id = ?, price = ?, vat_percent = ?, cost_price = ?, stock_quantity = ?, description = ?, image_url = ?, promo_discount_percent = ?, promo_date_from = ?, promo_date_to = ?, is_loyalty = ?, show_in_qorder = ? WHERE id = ?");
+                $stmt->execute([$name, $name_ar, $category_id, $price, $vat_percent, $cost_price, $stock_quantity, $description, $image_url, $promo_discount_percent, $promo_date_from, $promo_date_to, $is_loyalty, $show_in_qorder, $id]);
                 $message = '<div class="alert alert-success">Product updated successfully!</div>';
             }
         } elseif ($action === 'add_product') {
             if (!has_permission('products_add')) {
                 $message = '<div class="alert alert-danger">Access Denied: You do not have permission to add products.</div>';
             } else {
-                $stmt = $pdo->prepare("INSERT INTO products (name, name_ar, category_id, price, vat_percent, cost_price, stock_quantity, description, image_url, promo_discount_percent, promo_date_from, promo_date_to, is_loyalty) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
-                $stmt->execute([$name, $name_ar, $category_id, $price, $vat_percent, $cost_price, $stock_quantity, $description, $image_url, $promo_discount_percent, $promo_date_from, $promo_date_to, $is_loyalty]);
+                $stmt = $pdo->prepare("INSERT INTO products (name, name_ar, category_id, price, vat_percent, cost_price, stock_quantity, description, image_url, promo_discount_percent, promo_date_from, promo_date_to, is_loyalty, show_in_qorder) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
+                $stmt->execute([$name, $name_ar, $category_id, $price, $vat_percent, $cost_price, $stock_quantity, $description, $image_url, $promo_discount_percent, $promo_date_from, $promo_date_to, $is_loyalty, $show_in_qorder]);
                 $message = '<div class="alert alert-success">Product created successfully!</div>';
             }
         }
@@ -211,6 +212,11 @@ include 'includes/header.php';
                                                 <i class="bi bi-star-fill"></i> Loyalty
                                             </span>
                                         <?php endif; ?>
+                                        <?php if ($product["show_in_qorder"]): ?>
+                                            <span class="badge bg-primary bg-opacity-10 text-primary border border-primary rounded-pill ms-1" style="font-size: 0.7rem;">
+                                                <i class="bi bi-qr-code"></i> QR Menu
+                                            </span>
+                                        <?php endif; ?>
                                     </div>
                                     <small class="text-muted"><?= htmlspecialchars($product['name_ar'] ?? '') ?></small>
                                 </div>
@@ -369,6 +375,14 @@ include 'includes/header.php';
                                 </div> 
                                 <input class="form-check-input ms-0" type="checkbox" name="is_loyalty" id="productIsLoyalty" style="width: 2.5rem; height: 1.25rem;"> 
                             </div> 
+                            <div class="form-check form-switch p-3 bg-light rounded-3 border d-flex justify-content-between align-items-center mb-3"> 
+                                <div class="ms-1"> 
+                                    <label class="form-check-label fw-bold text-dark mb-0" for="productShowInQorder">Show in QR Order</label> 
+                                    <div class="small text-muted">Make this product visible in the customer QR menu</div> 
+                                </div> 
+                                <input class="form-check-input ms-0" type="checkbox" name="show_in_qorder" id="productShowInQorder" style="width: 2.5rem; height: 1.25rem;" checked> 
+                            </div> 
+
 
                             <h6 class="fw-bold border-bottom pb-2 mb-3"><i class="bi bi-percent me-1"></i> Promotion Settings</h6>
                             <div class="row g-3">
@@ -404,6 +418,7 @@ function prepareAddForm() {
     document.getElementById('productForm').reset();
     document.getElementById('productId').value = '';
     document.getElementById('productImagePreview').style.display = 'none';
+    document.getElementById('productShowInQorder').checked = true;
 }
 
 function prepareEditForm(p) {
@@ -423,6 +438,7 @@ function prepareEditForm(p) {
     document.getElementById('productPromoFrom').value = p.promo_date_from || '';
     document.getElementById('productPromoTo').value = p.promo_date_to || '';
     document.getElementById('productIsLoyalty').checked = p.is_loyalty == 1;
+    document.getElementById('productShowInQorder').checked = p.show_in_qorder == 1;
     
     if (p.image_url) {
         const preview = document.getElementById('productImagePreview');
@@ -472,4 +488,4 @@ async function translateTo(targetLang) {
 </script>
 <?php endif; ?>
 
-<?php include 'includes/footer.php'; ?>
\ No newline at end of file
+<?php include 'includes/footer.php'; ?>
diff --git a/cookies.txt b/cookies.txt
new file mode 100644
index 0000000..b87e7bd
--- /dev/null
+++ b/cookies.txt
@@ -0,0 +1,5 @@
+# Netscape HTTP Cookie File
+# https://curl.se/docs/http-cookies.html
+# This file was generated by libcurl! Edit at your own risk.
+
+#HttpOnly_127.0.0.1	FALSE	/	FALSE	1772904726	PHPSESSID	p7okqi6joq82i0rfhlmbbj2pgd
diff --git a/db/migrations/044_add_show_in_qorder_to_products.sql b/db/migrations/044_add_show_in_qorder_to_products.sql
new file mode 100644
index 0000000..4aac703
--- /dev/null
+++ b/db/migrations/044_add_show_in_qorder_to_products.sql
@@ -0,0 +1 @@
+ALTER TABLE `products` ADD COLUMN IF NOT EXISTS `show_in_qorder` TINYINT(1) DEFAULT 1;
diff --git a/patch_badge.php b/patch_badge.php
new file mode 100644
index 0000000..2b45e29
--- /dev/null
+++ b/patch_badge.php
@@ -0,0 +1,23 @@
+<?php
+$content = file_get_contents('admin/products.php');
+
+$search = <<<HTML
+                                        <?php if ($product['is_loyalty']): ?>
+                                            <span class="badge bg-info bg-opacity-10 text-info border border-info rounded-pill ms-1" style="font-size: 0.7rem;">
+                                                <i class="bi bi-star-fill"></i> Loyalty
+                                            </span>
+                                        <?php endif; ?>
+HTML;
+
+$replace = $search . <<<HTML
+
+                                        <?php if ($product['show_in_qorder']): ?>
+                                            <span class="badge bg-primary bg-opacity-10 text-primary border border-primary rounded-pill ms-1" style="font-size: 0.7rem;">
+                                                <i class="bi bi-qr-code"></i> QR Menu
+                                            </span>
+                                        <?php endif; ?>
+HTML;
+
+$content = str_replace($search, $replace, $content);
+file_put_contents('admin/products.php', $content);
+echo "Badge added.\n";
\ No newline at end of file
diff --git a/qorder.php b/qorder.php
index 5e0846d..125cdc1 100644
--- a/qorder.php
+++ b/qorder.php
@@ -34,7 +34,7 @@ if ($table_id > 0) {
 
 $outlet_id = (int)($table_info['outlet_id'] ?? 0);
 $categories = $pdo->query("SELECT * FROM categories WHERE is_deleted = 0 ORDER BY sort_order")->fetchAll();
-$all_products = $pdo->query("SELECT p.*, c.name as category_name, c.name_ar as category_name_ar FROM products p JOIN categories c ON p.category_id = c.id WHERE p.is_deleted = 0 AND c.is_deleted = 0")->fetchAll();
+$all_products = $pdo->query("SELECT p.*, c.name as category_name, c.name_ar as category_name_ar FROM products p JOIN categories c ON p.category_id = c.id WHERE p.is_deleted = 0 AND p.show_in_qorder = 1 AND c.is_deleted = 0")->fetchAll();
 
 // Fetch variants
 $variants_raw = $pdo->query("SELECT * FROM product_variants WHERE is_deleted = 0 ORDER BY price_adjustment ASC")->fetchAll();