From e2fb4c84bf8c56a8c37437ed9dabbc0fd7ce70b2 Mon Sep 17 00:00:00 2001 From: Flatlogic Bot Date: Tue, 24 Feb 2026 10:05:25 +0000 Subject: [PATCH] purchase update --- admin/includes/header.php | 6 +- admin/profile.php | 103 +++-- admin/purchase_edit.php | 352 ----------------- admin/purchases.php | 373 ++++++++++++++++++- api/purchase_details.php | 31 ++ assets/images/users/user_1_699d76ecd9c95.jpg | Bin 0 -> 15786 bytes includes/functions.php | 2 +- login.php | 10 +- logout.php | 4 +- test_url.php | 14 +- 10 files changed, 492 insertions(+), 403 deletions(-) delete mode 100644 admin/purchase_edit.php create mode 100644 api/purchase_details.php create mode 100644 assets/images/users/user_1_699d76ecd9c95.jpg diff --git a/admin/includes/header.php b/admin/includes/header.php index cb8e907..66e8ad5 100644 --- a/admin/includes/header.php +++ b/admin/includes/header.php @@ -401,7 +401,7 @@ function can_view($module) { @@ -415,7 +415,7 @@ function can_view($module) { diff --git a/admin/profile.php b/admin/profile.php index c464fee..772aae7 100644 --- a/admin/profile.php +++ b/admin/profile.php @@ -7,17 +7,21 @@ $pdo = db(); $currentUser = get_logged_user(); $id = $currentUser['id']; -// Always fetch fresh data from DB -$stmt = $pdo->prepare("SELECT u.*, g.name as group_name, g.permissions - FROM users u - LEFT JOIN user_groups g ON u.group_id = g.id - WHERE u.id = ?"); -$stmt->execute([$id]); -$user = $stmt->fetch(PDO::FETCH_ASSOC); +// Helper for fresh data +function fetch_user_data($pdo, $id) { + $stmt = $pdo->prepare("SELECT u.*, g.name as group_name, g.permissions + FROM users u + LEFT JOIN user_groups g ON u.group_id = g.id + WHERE u.id = ?"); + $stmt->execute([$id]); + return $stmt->fetch(PDO::FETCH_ASSOC); +} + +$user = fetch_user_data($pdo, $id); if (!$user) { logout_user(); - header('Location: /login.php'); + header('Location: ' . get_base_url() . 'login.php'); exit; } @@ -25,12 +29,13 @@ $message = ''; if ($_SERVER['REQUEST_METHOD'] === 'POST') { $full_name = $_POST['full_name']; + $full_name_ar = $_POST['full_name_ar'] ?? ''; $email = $_POST['email']; $pdo->beginTransaction(); try { - $sql = "UPDATE users SET full_name = ?, email = ? WHERE id = ?"; - $params = [$full_name, $email, $id]; + $sql = "UPDATE users SET full_name = ?, full_name_ar = ?, email = ? WHERE id = ?"; + $params = [$full_name, $full_name_ar, $email, $id]; $stmt = $pdo->prepare($sql); $stmt->execute($params); @@ -73,13 +78,14 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { $message = '
Profile updated successfully!
'; // Refresh user data and update session - $stmt->execute([$id]); - $user = $stmt->fetch(PDO::FETCH_ASSOC); + $user = fetch_user_data($pdo, $id); $_SESSION['user'] = $user; unset($_SESSION['user']['password']); } catch (Exception $e) { - $pdo->rollBack(); + if ($pdo->inTransaction()) { + $pdo->rollBack(); + } $message = '
Error updating profile: ' . $e->getMessage() . '
'; } } @@ -101,24 +107,38 @@ include 'includes/header.php';
- - + +
- - + +
+ + +
- - + +
+
+ + +
+
+ +
- - + +
+
+
@@ -131,7 +151,7 @@ include 'includes/header.php'; Profile Picture
- +
@@ -165,19 +185,19 @@ include 'includes/header.php'; Profile Picture
- +
-

-
@
+

+
@
Active Account
- Member since + Member since
@@ -195,4 +215,35 @@ include 'includes/header.php'; + + \ No newline at end of file diff --git a/admin/purchase_edit.php b/admin/purchase_edit.php deleted file mode 100644 index a43b880..0000000 --- a/admin/purchase_edit.php +++ /dev/null @@ -1,352 +0,0 @@ -prepare("SELECT * FROM purchases WHERE id = ?"); - $stmt->execute([$id]); - $purchase = $stmt->fetch(); - - if (!$purchase) { - header("Location: purchases.php"); - exit; - } - - $stmt = $pdo->prepare("SELECT pi.*, p.name as product_name FROM purchase_items pi JOIN products p ON pi.product_id = p.id WHERE pi.purchase_id = ?"); - $stmt->execute([$id]); - $items = $stmt->fetchAll(); -} - -if ($_SERVER['REQUEST_METHOD'] === 'POST') { - $supplier_id = $_POST['supplier_id'] ?: null; - $purchase_date = $_POST['purchase_date']; - $status = $_POST['status']; - $notes = $_POST['notes']; - $product_ids = $_POST['product_id'] ?? []; - $quantities = $_POST['quantity'] ?? []; - $cost_prices = $_POST['cost_price'] ?? []; - - try { - $pdo->beginTransaction(); - - $total_amount = 0; - foreach ($product_ids as $index => $pid) { - $total_amount += $quantities[$index] * $cost_prices[$index]; - } - - if ($id) { - $old_status = $purchase['status']; - $stmt = $pdo->prepare("UPDATE purchases SET supplier_id = ?, purchase_date = ?, status = ?, notes = ?, total_amount = ? WHERE id = ?"); - $stmt->execute([$supplier_id, $purchase_date, $status, $notes, $total_amount, $id]); - - $stmt = $pdo->prepare("SELECT * FROM purchase_items WHERE purchase_id = ?"); - $stmt->execute([$id]); - $old_items = $stmt->fetchAll(); - - if ($old_status === 'completed') { - foreach ($old_items as $oi) { - $pdo->prepare("UPDATE products SET stock_quantity = stock_quantity - ? WHERE id = ?") - ->execute([$oi['quantity'], $oi['product_id']]); - } - } - $pdo->prepare("DELETE FROM purchase_items WHERE purchase_id = ?")->execute([$id]); - } else { - $stmt = $pdo->prepare("INSERT INTO purchases (supplier_id, purchase_date, status, notes, total_amount) VALUES (?, ?, ?, ?, ?)"); - $stmt->execute([$supplier_id, $purchase_date, $status, $notes, $total_amount]); - $id = $pdo->lastInsertId(); - } - - foreach ($product_ids as $index => $pid) { - $qty = $quantities[$index]; - $cost = $cost_prices[$index]; - $total_item_price = $qty * $cost; - - $stmt = $pdo->prepare("INSERT INTO purchase_items (purchase_id, product_id, quantity, cost_price, total_price) VALUES (?, ?, ?, ?, ?)"); - $stmt->execute([$id, $pid, $qty, $cost, $total_item_price]); - - if ($status === 'completed') { - $pdo->prepare("UPDATE products SET stock_quantity = stock_quantity + ?, cost_price = ? WHERE id = ?") - ->execute([$qty, $cost, $pid]); - } - } - - $pdo->commit(); - header("Location: purchases.php?msg=success"); - exit; - } catch (Exception $e) { - $pdo->rollBack(); - $message = '
Error: ' . $e->getMessage() . '
'; - } -} - -$suppliers = $pdo->query("SELECT * FROM suppliers ORDER BY name")->fetchAll(); -$products = $pdo->query("SELECT id, name, cost_price FROM products ORDER BY name")->fetchAll(); -$products_json = json_encode($products); - -include 'includes/header.php'; -?> - -
-
- Back to Purchases -

-
-
- - - - -
-
-
-
-
Purchase Details
-
-
- - -
-
- - -
-
- - -
-
- - -
-
-
-
- -
-
-
-
Products to Purchase
-
-
- - -
- -
-
- -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
PRODUCTQTYCOSTTOTAL
-
- -
Grand Total:
- -
-
-
Use the search bar above to add products to this purchase.
-
-
-
-
- -
- -
-
-
-
- - - - - - \ No newline at end of file diff --git a/admin/purchases.php b/admin/purchases.php index 0853222..4b07aa6 100644 --- a/admin/purchases.php +++ b/admin/purchases.php @@ -6,18 +6,95 @@ $pdo = db(); $message = ''; +// Handle SAVE (Add/Edit) Purchase via POST +if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'save_purchase') { + $id = $_POST['id'] ?: null; + $supplier_id = $_POST['supplier_id'] ?: null; + $purchase_date = $_POST['purchase_date']; + $status = $_POST['status']; + $notes = $_POST['notes']; + $product_ids = $_POST['product_id'] ?? []; + $quantities = $_POST['quantity'] ?? []; + $cost_prices = $_POST['cost_price'] ?? []; + + try { + $pdo->beginTransaction(); + + $total_amount = 0; + foreach ($product_ids as $index => $pid) { + $total_amount += $quantities[$index] * $cost_prices[$index]; + } + + $purchase = null; + if ($id) { + $stmt = $pdo->prepare("SELECT * FROM purchases WHERE id = ?"); + $stmt->execute([$id]); + $purchase = $stmt->fetch(); + + if ($purchase) { + $old_status = $purchase['status']; + $stmt = $pdo->prepare("UPDATE purchases SET supplier_id = ?, purchase_date = ?, status = ?, notes = ?, total_amount = ? WHERE id = ?"); + $stmt->execute([$supplier_id, $purchase_date, $status, $notes, $total_amount, $id]); + + $stmt = $pdo->prepare("SELECT * FROM purchase_items WHERE purchase_id = ?"); + $stmt->execute([$id]); + $old_items = $stmt->fetchAll(); + + if ($old_status === 'completed') { + foreach ($old_items as $oi) { + $pdo->prepare("UPDATE products SET stock_quantity = stock_quantity - ? WHERE id = ?") + ->execute([$oi['quantity'], $oi['product_id']]); + } + } + $pdo->prepare("DELETE FROM purchase_items WHERE purchase_id = ?")->execute([$id]); + } + } else { + $stmt = $pdo->prepare("INSERT INTO purchases (supplier_id, purchase_date, status, notes, total_amount) VALUES (?, ?, ?, ?, ?)"); + $stmt->execute([$supplier_id, $purchase_date, $status, $notes, $total_amount]); + $id = $pdo->lastInsertId(); + } + + foreach ($product_ids as $index => $pid) { + $qty = $quantities[$index]; + $cost = $cost_prices[$index]; + $total_item_price = $qty * $cost; + + $stmt = $pdo->prepare("INSERT INTO purchase_items (purchase_id, product_id, quantity, cost_price, total_price) VALUES (?, ?, ?, ?, ?)"); + $stmt->execute([$id, $pid, $qty, $cost, $total_item_price]); + + if ($status === 'completed') { + $pdo->prepare("UPDATE products SET stock_quantity = stock_quantity + ?, cost_price = ? WHERE id = ?") + ->execute([$qty, $cost, $pid]); + } + } + + $pdo->commit(); + $message = ''; + } catch (Exception $e) { + $pdo->rollBack(); + $message = '
Error: ' . $e->getMessage() . '
'; + } +} + +// Handle Delete if (isset($_GET['delete'])) { if (!has_permission('purchases_del')) { $message = '
Access Denied: You do not have permission to delete purchases.
'; } else { $id = $_GET['delete']; $pdo->prepare("DELETE FROM purchases WHERE id = ?")->execute([$id]); - header("Location: purchases.php"); + header("Location: purchases.php?msg=deleted"); exit; } } +if (isset($_GET['msg']) && $_GET['msg'] === 'deleted') { + $message = ''; +} + $suppliers = $pdo->query("SELECT * FROM suppliers ORDER BY name")->fetchAll(); +$products = $pdo->query("SELECT id, name, cost_price FROM products ORDER BY name")->fetchAll(); +$products_json = json_encode($products); $search = $_GET['search'] ?? ''; $supplier_filter = $_GET['supplier_filter'] ?? ''; @@ -63,9 +140,9 @@ include 'includes/header.php';

Manage restocks, supplier invoices and inventory tracking

- + @@ -143,9 +220,9 @@ include 'includes/header.php';
- + @@ -176,4 +253,288 @@ include 'includes/header.php';
- + + + + + + + + \ No newline at end of file diff --git a/api/purchase_details.php b/api/purchase_details.php new file mode 100644 index 0000000..1e01031 --- /dev/null +++ b/api/purchase_details.php @@ -0,0 +1,31 @@ + false, 'error' => 'Missing ID']); + exit; +} + +$stmt = $pdo->prepare("SELECT * FROM purchases WHERE id = ?"); +$stmt->execute([$id]); +$purchase = $stmt->fetch(PDO::FETCH_ASSOC); + +if (!$purchase) { + echo json_encode(['success' => false, 'error' => 'Purchase not found']); + exit; +} + +$stmt = $pdo->prepare("SELECT pi.*, p.name as product_name FROM purchase_items pi JOIN products p ON pi.product_id = p.id WHERE pi.purchase_id = ?"); +$stmt->execute([$id]); +$items = $stmt->fetchAll(PDO::FETCH_ASSOC); + +echo json_encode([ + 'success' => true, + 'purchase' => $purchase, + 'items' => $items +]); diff --git a/assets/images/users/user_1_699d76ecd9c95.jpg b/assets/images/users/user_1_699d76ecd9c95.jpg new file mode 100644 index 0000000000000000000000000000000000000000..9e8f8a240e2098f2c17e4eb7182de6ec07a1d35f GIT binary patch literal 15786 zcmbWec~nzp_ck2sfI}@+s#a0b3c^z;(iVXhf%90aRFI~EkP1Sotw2CbDMaR+I*SOY zQlLN~bpVPOB9ed%=BS{kh*1JWf)EBVOd$!7li>_`Z~A-J`>yr<^?hG}wHU(5x$k@L zYhTy3cg(NMgOvCEcJJ9uS+HOMMdUAAJ`(xuCnT39S!xqSJGcfrGA z*?X2N-+gcX`}vE^|NH!ZfzNlBS}dJ^#{aj6`5tA}(ghY2WZ{C%ly_DwSh#9|xs^f% z_qrIYXns-u`?27ig^Lz10k^b#1$ct!eQ^5=7rp~-cJZP`;Mp1A@03NW7O(#J^Bqg9 z_8qd=9RI-=CoWxCYWsD~{WXCvHFmCte?7Tu`Py|KuHUf5-r+x=IBs)u_xSQF&z;}w z+U@)89>1Xd!6Eb?4ut;n^O4A?Xl6`8BKvq!a!Tr{(`U|}JD+*sa_%2_`2~L#7G1q| zy{x?ApUNAzYlWh^`a2Dc4_aCuK5BdX8gfDr<)UeWzcP%%UqF;DGFm5c26oL7mAc;y_`YAgVVbw9vPae8RD4 z=$caqU&~&Y+D;)OoeivB_0BrY^I~S4nc|bzmpnThS7WBshZ;W(W-#}^eF!h@)KJfD zg@wq-Tk$2s!k>tW%8Viz8SXSnTaNE0rI<@^>?HTqTT4SF)LB)$0(&ZctkG0-MOeO= zhHGQgnOWej)o5n!N%3K?V^!VW`A|^qG{xk&waO0e6Dl3q9B$2A7#B z?GID)61e?8j6N8I(lF_`qPL=jr*-bEhR06_&q>aFL_U+oJ{7MXgEbe;lxwi0EH%4C z?>0IZLr&>yw%sk9QL3J3o+^i$J@>VIAg{DpH=}i#&T?3VBl&d4Q}kQaN;k)|D-7HmpGBDN<35^!8-MnQG2X!Zx`RG?PG&;LghHZ z#AvNjJiMfF<8w^pE;mpP(^}UILez;Zf`0{j^nWDzW^-d=|OS?Y%Dm;{T z7uuP~&5_#|4#+a6jJD4l`AMY0s(DgD%T274ripRg8(Kwf6s^y?paYBjSMv zk7V&SPJ|RGH zdaW>17VpqloSo}%luz^pn<@TgNiKp z&AyN$39c^UM13w=sXNB3?`}1c-BILf!PHZEKGb`GZ`(907M^ACd@y_N}5@x7V^P>VN`fM%J=iY6GJQGVlI(^+M0Pm%!b=t>t>bgFcZsSgnY*af;1CSL`O>S}@ zxuuAO+pP;JFjL0B8Rq|E;&mYT+iJ~}s>E3; z*+@TWs5&U+*e73BV+nyED}<$C@U1Z8ul=w0m?;4zX3Fu>h_-KW#29s8z)svHwrAGW z$&YlD2~c`oJd5=Y%|Xsb)5!?p5`H;-+(GSyG?*z~lM|mDsx(tRFr^1ryBzVe;HQ6Q z*j{dUGafRqUK=-X0;L&~X0~q0Qf5orQ!d$=DPlYBGwzXJeKr{Ol#iF%Vc%6$hK7cw zm?_bBKz?L3HDyxYU|hWwNf1w;Xx}zeGE415bz1l0BqHy|{WTBIw3+%t6hGnPN(aTv zn^(LUsXh%-m9p?p+Dm9Ey3hJ9q2T>c`3~{~e4S?3c&6=jq9V>i`@|Y4#GazJM4w=; zZB-{K11oCLbMVN@gci9OW5L%caYJ^0j=e%;zx<882My`#n_7y<#jkbX&~INjrX zoNg!OtT(Vo2eF+<*w}Q6^v1a!dQK=ut0!j-(CGDefP4Kie)@XNXkEoHG#6W3#khUn zO!+9wU^^R?ZDYB8{%YIc%i1_zC-WoiI8=krNtyb7i#Fu)vv=|Gw$0V(Y>`%Smq2oqPv%z`|!A&*SnP? zO}asnF2aKcX?FDE+Urcc4~^Gugbe-h1KSP731-St1%6jfRGTSNdg_=BeHzW^z|55A zPpirm(L7Cd|7-a~NF8$Iq>E`XJ|2ns9Xv554M$vv3%Xy{vxH>{1)Flv}x|Vwpy;l z7PeAn)Q4aI%oX5<*O8vMO)U>|4aD5Q0^*D$>;mh_)V|{2hAzOd!g#kc3W&`LGS!$_ zJH3zoAJhHOuFCHU3Hz2|Pku^u0^?)&z8!qjn}z;K6i*{V_6=ABG6V|S6qdy`#=_QZ z;`LMl5%V<5P1Fc26+Oa!_cBD-9AKunxbX)Ir_){M zzspU5&?AQfv>q3T1-sI0Z?`F^x8NMMiGZxjG9s;@yGLf5V_d#-@2?6^bQ%R zhhZ7G3H?K6tk0S{148CjPlTE&=eJc=j@I9)2PIcJJ$QNDtK7cr*I_$Y4C=_QzHjMm z!6C67;1}rp6Iu zC<(;FRk*d?uc;GBt9Z?L4d1Ari88+Vrf?)%N;djp5@P+MNkwf*UE#35pcamqs6(O) z2%CZAVeA`Tyd6B9!gG)~=qD?+^aqGxhp<1SFGw1)$c5Mm*sY(Ed>6NC zFo1gwW7Wb(LSw+jMIm=)?6RiT?(x2-d_%FBvdp7R zMGt&2%?@MSRuH8FBl`GVENcGm>Eo`1m7r zRVzU*E)T$jv+fxZ*LE|dG+qYoq_rIo$E|E{{}vQM@<#|rfBW^fmsvF9xV4$mK=vmD z#TFHu5Gvk}q0^z6&vvZku~=_X7)>dwa0zcZh2u;5=z4AqNP~*1D)x?uKcoH2>FpRZ z%V)OSxr6OG9q&)pZ1Si8HBjooB^qanC5Erl11iJE8%v90nQS(B3FQuiwzFn3h~G&y zxq$2k481jtX9c&`2i1{^PGocd><=S~tIYVlkuwVec#}^S7)mtCZ@SEs;Unc?;r+}I zWDG=pG>`Q1Xq(B948Zp$1uKH3UMAt)Dxz1J+IB)Elz<&zhEAsPE7YXq5Q{}tDUE=w z8FLz(p6Hxi14MNV4WcFxQal*y00k1PA7^(a=MFtjRLsT33QPv#O$~k7&E$oxrR%{< zcMAIuKqY1dmZP7EpI2z@e;p30z-=p~>AnPjHydOOnNx@7mE3(k|5LpOtkaTaio$57 z46;WXz04G?D;CfpDl4nNG2?1@N;eVuUPD|ZpfOkFp>R85lFY#kW=gM&E<)K*;;&_@ zPslk_F}cikxQch0Dm>GZNdRU^d!PA5AHgFJWL(*_37Xje5qieoVmmDtjlwey%0_~D z7um?d3g!q6RYP0q@pRc+J^sP= zdwS1fW#K1$jwo z4T@*v^4gRkiFI;u3q3TyX}%ttDTEip$YDL^&9?nqj3WppF-GgIX)Sj)5P8rrzf0#7 zu#kXM)M(_^Oc}y$&(MUyvOSQpB>A91=#uG`FdQ(S(uo2}^aep5AsCKJh20svH#GY` zeLPZd*G%a)Q+^e%EnUm^6L*Zu9vlQ^u&#^dRza4T)ds$>&xj=e9t- zba!MW?o^f`0I&jT`E^i85=%TDmHK5!oZaaHzpiI@3mm3zVCRBTFeX!M--Xn8Q3rV& z0PyW_MqWA3IT?=$-uN1AlV}4+jkuYz8FJABgc+?cJ$IiSL5nL5xl;;FX7UZ`e5#r$ zzM2xHeA*qBen10Z{tyU2&oM8nVZmBM6fj5T`8`ZHCRaPFNkz&!ImG=L(#zA$l!-Ul z&?v7koSTir5dJ}CN+v5O-Ks36t`zQ_c7s){fma;0#CK0KuLPRB{%eLr$L>9YvKP~P z51A=RduJG{(|@U(cU#Pq2Ojgh3B2;z>dlx}&Nz~0rrh%xJs?dF9<;OqyjvFG+$bd4 zaKl0Pn(=dddTd+|ol5^Tg*W#++rQ0*(lyuD6z3YI4X%*meO%$eAHp6c9nxDpQ$&&x z5>SY`@)O2*<4K;SWgud2$7*)P$75Ks_$4N!eGv_x(iba8i?^`UPtOb_dS~4-N<7cy zCFkDnX(Jpkzj^AQCV5`@NHb8BozUek`>E-r3O{kS1nI7+}AdfbDVMTxBl~<6*LkF%j?e;I5T`PP8cq z$f!v{qPQ4OWn@eDEEf=--nK)koZ?}YAs?V-jF^fsisR9=O#GENpqPaFr*3jrr!UYR zgK85ySgPZVbR6tm`zPtGxzk5!dT5-dp<9(t)O)hz({b>qjM%(_3jsNW zT931;t?ccwe5YU$kFbGjU&GhKD)3uIpOLl$nByNEIR!27J8sSWuP2e-kbK?@C?KCA zgVt~PnB*L!$z>w)ke;5#ki6JMA@iDL)~k9q&2iOp7H zPPBpj-l1+8SM-dFoDQOpVae&`P^9Sr<>Bx(x(s<=5IbrqPw;E#!ab5uhB5JEL%w6# zUfML5-%gt^sab&1oQ`TmB1P2&sI{TEGW{d1Jwg=DOP%U7Y!(aS4j9kpi~|tvaUg1M zO3sJUQ67-jvA=0KRc6Za_CV~r!UWX6DU{gC6;_@@qk=<`W^b!U>jvx$h&J|tc=e0v zIJTMcet2|9<0GVMV)n_Wb$UzdCLqm@qVsvGR#*TA#kabr(0-xKkl^;E9|>pSH;_f~ zn$sY>PC!W;Ayk6py@76V@)EFMvMZ#(y|Dn_49u5TTg3{N#WbItaS2!zKnRhkThb(| zUD(I5u!YV==*yG^30K-Dj%y z)~0A#LrFPorvR(30UCfkwg8v4u~~Hr3+Wv2C2`l3_!jUYP7-3S=zq1*FE=Z#?sY!vasJ9hp*M+^9>z9B}rAxH3^ax+D(>`eZEq zG9fAPD3>&Bb8^^68EEtx;NoutFYl&icwqkImI8M~ zPgX{o0_rNzCf=;xi7GhE-0xQTTLs;4PT2+3C>~OQ(-K(M05Gy5EiHw7g2DsvlBZ8( zNF>7=W@c0bNfWD@7zX_v44N(ji!0}C;pAuA_w5A$niAWA2M?yPj7CAwioXsYXut48 zGw@vbwys9AS-H1MEM=GXhXN)TGid4}C6vWw`H?Sq`_>$=`NPPm9wHXRiF~m$r-2x@tY|(yS-8HQIcYGD3I+b%{F? zhMEFGq!K_lj1cN;ru+uqydi}TukT^2H<}7U8^W0OtqEiPN0b7$jgIHXUl9?5rt^&fwO=^n)FR+2s(DT?SA(e-z3gcjs%Q>a`F`3L(m3P>Lx zNjzB(m^h~n_sEDNikS)J2ju{dwGzFDjHX_7AH@7pQxv(Z7Oab0rz;alOwK)3i|SAi zytC@~(F&kkYe@^nF+*+(ueYc`&gqD7FjE$#5T!yz7U{0F;Oe|rOUX}ufNH0?;S7CBXKenNAB;)HVnSUE>8d>iEhhu~6uhh!Qp-!Y08t-X@C`^X@ z+l(_G+`UrrsY|Vo*id4DMwtTAE4A3LTRj@rox#&O+*im`<2c7bPhk0UqD1ssE(_o2 zP}_>xj%z?Q+&SBV{$(hR8!GWvxg%PA#KOwt8_G5Zm0J&gH%B69 z8LhX|^9C|tGmE`%;F2G(+SJPpa-|CX`Gw2yojdhFoQ1`+5dBNQ!SCuYOD%8cdFBWY zq^z95BtaQHeR8RYE9A@)j3-`Sz+-C+%)jw~I;oRRJ>+s;CAR0>!j*fF(elS5sWY>?fSQjf4t#C2KwoK;S?K|Q5|R$7f-{K%uz}ZzQ{;h^ zXr6tmLO(g&@zaC4mH@J|v7!5zYO4~|2f&y{o|2X$0vSl}3Lhx3A0SCHwoa@ZfxCek~dTPu6!^Epv2 z{*OTkyimU$GetFUji?ga!jZ|BC*(3Rt^Eh;ZSI36o_t-Pc5z4d^D5@w$ssM+*W~bn zWm~8DDyjPVXKL>ABASV5$5tOn_WQmC+nxN?bLXzgscdIjOR4j`RD*@$ZZ2IUmFOveL4+x`epJJkpamvp37!EW z1R-h#`!swm6&<*vxTs)CeVzclQAPzM8*QBVYz-`@(bo7Ae`+NkCfk7IV&SJ?)d)dX zfSLrWWSzVk{cqa>XaSwbt+{?jsh&CxWJ1n?V~`pdpqCyXirajw%@hHG9a&d6+C$59 z3ug^kWDEJMy$#rw?wiyx&?&GqMn#lEYgABTN@3&y42j`L$){^Q9a^B%^^C}WofHOu zxPbvnM;F(_4&;+S&~XGwn%6H%=G{|VWN7}vtvW@BK}U9<0ySkG@Y^DSwL!zj%F2^3 zPfpdl8Bw3SiH&~>hN*tZ^hcf!Xdb&!azQ91vl;KUXunfp9%Si+H+AG}8Bqq(ggulI za-}__5-l%ttE&h<_dxwlpQkl<-vwjKAS=hsWmEFyo<7hUoDy}yLmM>Vf9u?&-+mH^ zp6e|Ath5hv7jGcyyyAhni|p^CHA1sKpwugFD2!(n7QMDe(5HfxyyE!V z8M)u`?0$vYql5IkNgtYyJs4TqIq>|7;xze*j*+450go zK(ZC2rM#JMk4*+xv=+EsBhHlr24FuS?-4`q8Ue0l%%Fd~H0EkxbRnRBaj}(QaEyFB z1i;sI28gn@eozac?y`(i+7&}b>RV{NsZ$xnQw2#3WxL?$T|~-uStTDwW^|xxds|s*2?5s}gpsC!& z%Q}TsO#*}APW`PM$0uFl^)aEPWoU5~3qQg54)-?DuQH3`D&*DdFo7v)cG6*ZZRLE! zy*4b2UZB%=_5S!t=_bol$nb#(f9&fW31n6|Xb%C!)CmEYZKt^s;TfxvAfgf0J~bAj z)v~R=*?j0F^3oZeJCeGdjy<_wl;)ZI({F%ryf#F&6fKtEjU2sdt(h_>edDL&EyBM7 z7NDl@0U|#xgJYX!k3p(|h7OAdbp!U=x;#)f-6V3Mz;+7Vkb#h(+PnsQaB>1U6A~f^ z1`XUMyM(5t!A5UtbJifDRr?5ob+-~#8!cB7898nXM*0j?t~ztI1tdMuu$~e zylwmhoUPVXP=I#zYCpV5SNlV+Lb}hngO{{&oTDu=Y$sQ<=3?eLJkTR`T{>&vQPQ(7 zv~^bOZ#Pr`)v!ow*pmPZq~aSUYm}#z;G5B!K3E8qFbwMlSFp} z?XwZc?3KgdaMWn3>G?90^SsP8pYIYG*#hDI(Ju!{=|4his>&9P0r3U4=Uvd8H@yyK zM19+n=Ms}9!L6u+oJ_6juy3zOqGIT%WBRq!$+$NIyk<~%+6Cosj5-Sjjl9cJ%$3}U z{vJwPRp>c!r+B znTUw(QX6hKIjLui>(^0dI@~w2Kzb~M``hf;gMI?hZfTkBI45h&B*24UW*z2WVwijh zeFRH8GNQ*FEm!t~vu#(9fCl^)Ozo|BNVgrdJQF8^=BkieyHKw22%3GV$KsSO+@p=L z+AXY@H-}6K=CaaYQ!;5uZWXT?r}x^<{pCwv+bZ{?qP>=xHftKR z?qIG3#2#-}Yo>%ds_!W_9vm;q8^{E(N=*ftpSVUw*rsZ?Ll+~QwI1h5X&ir|o-wD! z?p*!XLGAHQU2+QLsa#aRdo%&4x?tKEK#lr#mKjnOQmNyeC2hl)p#PdaqF=*^=!S)p zr!^URw6r)>o)3hRPxnxoZF!~tqYeDJ!g9b991I;=cR>6^-Su+#rI!Iw4fvU|Mxrht z!^MsN3U)nP%Q)#!*M;w4gO=W06VFW9Dfs8fEwMyj(H12_Mqla#Qx+OQAkd_nCj%NW zMsHlYV2-Op6fo(c6x^IbB7q2Jy9j$MraUwP^8Gk>Y2XW;3-A(_A|nIKy!x_|vZ+eg z6opK~?a*bhP;-;2$%WfR=?)(b$1}nSnMPvKxBrzU?x!IMdgPZ#6}hF<8gonEr)As+jUI=FI~Xk}q5#{^ z0fb6(alHO`k7(w)LdZjTc=~Hu<({;i1HgO)5-OV3cj}vYOCSy{rs)9D1NE^AqqPqx;UQ?rkI8}`;NP8^pHUFEZGJ*ld_VXwxGb>bS++Zdxf1qwuMP5ASt@8Q zMk_f5QPSamJAPL823E`P;2WSvLNFeVBc{Ht0ZS z^Ws=w4`B&J6?i&OmA~-xGk&JMAqyuzkoe^L_5(boso*~}tGli^mEjc{c8w~f-o?Xd!&Gy!}% z4_;=}K6wj0$3X4TfVdf~t{?V2KS%4G3=nqlIo-?~^80HZ30O+v#-tjb*$(<85Dz5p zZ}c$C>DBnPfNpjZ?{w`&2&mFSqiy@}n>aPkw^Ko72q{0H_CU ziysix$Pvp$_^(}}aMoU}1OAZ>M5ue!D&@>oB-h~ehJ?Nl`x?#+)8spcC;(Y6OIz3G z1FJGV-lEtAz~OUx5E&u$toeZ&oxHWiTXL4|6c!uCn-dt5fd+{B^Cf}MV=Njo~R3@YZuK@Tl+IiPzZ;?!jsk!uTTuXEs{!*|Pq=G3SwP|9c1t%k6YFO(n}X6CsxJe?syunwM1 zN?gFsp=?8T+;E%+X@6WEJWyq(KsMiSfRu}3`~}~tf9TJ%Vm5|kf*km$%HMJdkc+I$ zEm`e*e886Vk(MUr485PR9Josd06ztU08D&9>~;7%d0v|wkw?BOB~d-wst#2Gs}cIS zn$}vn5zxM3G9qrPnKC($+6jJY1IfE#;tnly!=~qjWG;wtW`vK^soN7=d1rZ2;B&_y zw>iZbwrC^{43_a0$yR6zM$SAh9H!L*@F|mr6sWSb*5oQKDA77SNH>#sl zpYTc%;n@bFV%YzNW>e$?WkANd|0(h>+19lM(~=GOTdyzx z)voc#^s!Iw!#r9%?W=}Y2#osrQyu@)bYmPRpTL@9WYMF(R(K=Z7Tss2eDOTj15bx# z9Zxe9dRs82lV^eldFRNDhMhymlwxIceroXF01?)rB%RO`ri$UFDcSg+8*2gPd?1|+ z_U7Go#GN!Qr%6kLy{v`vzUFQ2Q23HA_}Z%I_Xc& z5@TJ^Rn5ia61b#QVSiXCuiExM+OjH zR?hUmhPo#0VuhM>KmMN`)ZVR-c#Qk*uh8@Wl~@OQ!cNLq4tnK9Y>3sVpoYx~R06S>7L;8Z1Kvd8|Y6EQ{XF zcY4V-GK+W(gHbfu1Mw%I9qsL}@?dBot;Kmz<+9R}p)}Sp9>;^GCIE`eX0f4?6WR$z3+91c9bf zyh);AMu#V0q)go>BUi`ysfi6BbAjty&Cpn?Ws*a`9{rB0_wDO?{!8#DK*zP51>p`1 zh0KzU?tU5J72!&y~C3j7xfYar9tfCxTxxYU-iR-iN^#rU{k(rELXP!>L?b3T~ zQQN@lE=3{34+>B_d68H^gN^Z$lBEDvf(&C89;{;@+AomvU{T4 zAvqXcW0;_)f_*<)F0W>OKPiNbMu25BK<@r9tgjA>NsX&8(TFs_6B)H_Z_@#-lK7@- zzvR3JXtHZ1@Zu^^I-o3Gc7V2#EucujTRnAxv*gk)vE@Waqr&6@Sd=hq{{QPc``6p}M1sXnqv18I^<@_L<{p2??XR)j-9HjMc0J&a5eS(cd-XPhf3E)d`LUxB)GSR<= zzT4tWlBx{*%8-lhH(X-Jfn6?R(&6z9y9J=PBLH=&mr7hP=6(+bb$I8k#~Cktxtxt- zymh!0`)YD=fKWD91%%)&z=mH)F)rE9N#k_Fny)iS@obH0 ztMpF@i7ARvz_UW4oUH;tI~UC5ObMo{mcb&G%1n8?%C0kgER*Eh?C}66YNi}U0Dop$ zE{7k2UW`B$7UmCXV<*(p_xh;O?i&!*Jkuu5cgeZv_e#pBf=zN zxvv64`rB%N=Ff*c=>@@Qt~*D$HV5Gcx4|;20$wzG#F7Pv(6p>9uB$5IVCQ^$<0o|m zp&ylH;`_Ugfu<19z}{QuDoF|GSYfZku$YIoz-k+DxwihnU8}v)V>%~+C=`w{)>Fr< zo_t!r+6%Nx+ImL;A(@>&UrWO!6nG(VJ!P@wa(TuL%Ua^<2*HwX@=2tjI8xg9ONDdL zL)_!W>-jEg($)Ey?tkVddFy946N<-~)&Ly!#gMxGT5Cbi{1|zKobx1U*wP1#odGy; z`4f}2!`LttV}_yo{oWopmIeL#Zx`J35Y;u$^OI1IhKaPQ1}|$z7%;m*;K1h0!DlqJU>w& zgh3Rx4K%PmjD~@gZlV*--$zD{=@nXMQ1<<%=lax!d^xzH%;hyKX_FjW1kKKdqg;sC zo>46WXAW?|f`tA{-OcGBKL-b)3?Mri8|KHJK~8uVyTkQw=`{w+q5QIu62Hzq(2A=2 zeOEkr$s%u!_;Ekjw*mMjkeggthnccK$57F%Ly6)5kgNHOC<5oT&De3thn!;aG4dXe zl&eDz_JzeDvBFzf5~8&QDH#C%JayrI@KlGpP-wj(&b1|kccj{XxE$Q@)}HRoUQNSnog`D_QcEu} z{RlFJ{MEzMdr|mM=Yf z1|BbL<#pca|H-eq>4(zWZs(m`|9qo4h$!1p)7`m7VgoiSjLf7zwQUaXXEsF64}yz!R3-o(zpA(I!b?@ zCVv9ax6G??^g5FI(|-Jj_H14y97&Y-$R|1{Iv+Uu3@FG_D92X;LJ{QM;bw`ihW{Ll zr_aAb;<2NpX%v%`BEDWM%qljOCszsEW1E_qXmebke(SVXX&8bka}V1w!3v?tl4RtO zjRm7mpum7Bp9|`@M8W*v7@N#Rs|1^!vfx|r z4WqL6E@(G$m4Z|Q9kT-60TZp4BZI(rQ9PzFz0E5SUC++=ozn{DIM(3~K6au8U>%@z zycxdE(LbY2JAkpP8eVP10|ew$kCOaz7YhYl1ktQ=DnYZPuLb%UbHP(XVTBwE`nnUY z-6kKbqRTCNKPbn#M-^5eWisXyC&_Hj(R*59C{zfLx6_2>0O~m zfmirNb))Z&`fa-UYp=S#zyC0H{1!bWJIG;pH%R)WlCxw-9B_4#;4u)!x|b8lF7S}` zi=)El(91*A2_KQgE09)u=FR(KD0NOvfJ1>^^EZYXj{bP@wVu~=an%N%2lA%Yc^Bn)1;k+)JZ?{DVr1E8N-AdgfRt zJXS%1Kyu;u0*%nl7{P$iAov|QMms5IoxrV#`pVbfjRU`jXPkWS0KT13I+E%MDxL$8 zXmpxe61%~mM}?ZV^;j@|RAgXXIVdM`TQvUhaC|&j1qvPuKmZs%==qToZg4`6_K+?U zj8_Gr166DkY@E$DnyEJX&vVO2+Ca@$j@+T$%_;xy6{!cSv z{0XOm6H%~1E_#wrJXupZO#$W(+LWPu1r95WHgvUn`WSC2cvIR?2k^W=O%la--$_-OH+LZ zPWgT%asqh|9$GJr?X*9cy90D+S8kA`PX9N>^3lqW=7b+k-t`#%KqtXHG-}YoTfMD{ z#hBw_!?g>?B)^e>nVz=3@1C!i19Y^n`s#CRL*9YTPv;}}i4>@g%)I`@kGySL62NkM z@@ssy$)9P0V@I%{eM0K&BzXz&D*EAfp1Cu6i&#Wz_a})w6=N=|RCjIL#^9937Z!g^ zLNlwuH1t=K+XGLzMLkf=Slzrg#h$b@ zAYX-?`^x_TknxdaNnq1A^FR4}n7^ZQnp;c6e)gr}qWB9lRqZf zKn_b3U@5o1w}Ae6HAr{4nY|QrCbXBKPS=|Hn?n+H?4+l{Sx+UW|v|(}S?j4OG%Tv>Ig8K@ck_SVpgt?ZY)w z!0~|3z_mWB=jn#z^~`JdO+Y3{na~5G+6{Daw}0cLo7%X9zG(==;qZ0- z`!;unet?Fz!k-ywQ+5TW?akn5!FXopg&d%7uD|A*U@=>_Ka^z=btuV zl{+qkTa@j&xj!{3=)j3rEuC50!5v%+500}*?K`)Jl=3N^XXg)NlV|z_Jqenfq?ec0 zCZ7MC%myS5$cK{Xgd$I`h1hmdjKF~dpt43X>*?Tmi$9gh+_We4n9GpI`K{ocdkFBt zp8VHlrKYW=0J8FN1~v`p?FD+iE4ai;r?HOjFmg*h`z@n3BfG9}u=uV&88KZ^Jpl^R zaM*$0@)&{Q%JiWFjjeN=7DxYBXm?t1aU{H{W%#I&ggOED~R_At-QtcLCDiSpC3n+pZu7VBN z-)+5r7X6_EL&Nif1(V`_a4mqlpQc~|OWOG9-aL$U-!oWZ#B?uZE}D~6LmeQCzW`D4 zruw#U!HfI***@K=%n9x#^?z-mDs^kt7BBuFy!1Ln)dBVwE8|PNEO`d2n~m$ zJfrDLz(nBtyFU2vwCquhk0abF8LB_;jEp~E;0emB7oJ&uNfhIO#|NVCe94$QPb*7> zc)&dC0}Yj3A6N(3&JtCdS%$)i{re95!5TA#d(gGpHXIrXo4I;{(&CvdE_+1=pBw%b zgvG887PK3DEDa4CEC^UuW2h+mV83+Xv*tY+MSSKB_`#m?j6b!z*3`IJMrk$`psbVI fsyK=tvjF<>A4gri@Zzdastp9wsZO6k=HCAWCOE6V literal 0 HcmV?d00001 diff --git a/includes/functions.php b/includes/functions.php index aef82bd..3933664 100644 --- a/includes/functions.php +++ b/includes/functions.php @@ -264,7 +264,7 @@ function get_logged_user() { function require_login() { if (!get_logged_user()) { - header('Location: /login.php'); + header('Location: ' . get_base_url() . 'login.php'); exit; } } diff --git a/login.php b/login.php index a66e114..e404608 100644 --- a/login.php +++ b/login.php @@ -4,9 +4,11 @@ require_once __DIR__ . '/includes/functions.php'; init_session(); +$baseUrl = get_base_url(); + // Redirect if already logged in if (get_logged_user()) { - header('Location: /admin/index.php'); + header('Location: ' . $baseUrl . 'admin/index.php'); exit; } @@ -17,7 +19,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { $password = $_POST['password'] ?? ''; if (login_user($username, $password)) { - header('Location: /admin/index.php'); + header('Location: ' . $baseUrl . 'admin/index.php'); exit; } else { $error = 'Invalid username or password.'; @@ -34,7 +36,7 @@ $settings = get_company_settings(); Login - <?= htmlspecialchars($settings['company_name']) ?> - +