197 lines
8.7 KiB
PHP
197 lines
8.7 KiB
PHP
<?php
|
|
require_once __DIR__ . "/../includes/functions.php";
|
|
require_permission("customers_view");
|
|
require_once __DIR__ . '/../db/config.php';
|
|
$pdo = db();
|
|
|
|
$message = '';
|
|
|
|
// Handle Add/Edit Customer
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action'])) {
|
|
if ($_POST['action'] === 'add_customer') {
|
|
if (!has_permission('customers_add')) {
|
|
$message = '<div class="alert alert-danger">Access Denied: You do not have permission to add customers.</div>';
|
|
} else {
|
|
$name = $_POST['name'];
|
|
$email = $_POST['email'];
|
|
$phone = $_POST['phone'];
|
|
$address = $_POST['address'];
|
|
|
|
$stmt = $pdo->prepare("INSERT INTO customers (name, email, phone, address) VALUES (?, ?, ?, ?)");
|
|
if ($stmt->execute([$name, $email, $phone, $address])) {
|
|
$message = '<div class="alert alert-success">Customer added successfully!</div>';
|
|
} else {
|
|
$message = '<div class="alert alert-danger">Error adding customer.</div>';
|
|
}
|
|
}
|
|
} elseif ($_POST['action'] === 'edit_customer') {
|
|
if (!has_permission('customers_add')) { // Use customers_add for editing as well
|
|
$message = '<div class="alert alert-danger">Access Denied: You do not have permission to edit customers.</div>';
|
|
} else {
|
|
$id = $_POST['id'];
|
|
$name = $_POST['name'];
|
|
$email = $_POST['email'];
|
|
$phone = $_POST['phone'];
|
|
$address = $_POST['address'];
|
|
|
|
$stmt = $pdo->prepare("UPDATE customers SET name = ?, email = ?, phone = ?, address = ? WHERE id = ?");
|
|
if ($stmt->execute([$name, $email, $phone, $address, $id])) {
|
|
$message = '<div class="alert alert-success">Customer updated successfully!</div>';
|
|
} else {
|
|
$message = '<div class="alert alert-danger">Error updating customer.</div>';
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
// Handle Delete
|
|
if (isset($_GET['delete'])) {
|
|
if (!has_permission('customers_del')) {
|
|
$message = '<div class="alert alert-danger">Access Denied: You do not have permission to delete customers.</div>';
|
|
} else {
|
|
$id = $_GET['delete'];
|
|
$pdo->prepare("DELETE FROM customers WHERE id = ?")->execute([$id]);
|
|
header("Location: customers.php");
|
|
exit;
|
|
}
|
|
}
|
|
|
|
// Fetch Customers
|
|
$query = "SELECT * FROM customers ORDER BY id DESC";
|
|
$customers_pagination = paginate_query($pdo, $query);
|
|
$customers = $customers_pagination['data'];
|
|
|
|
include 'includes/header.php';
|
|
?>
|
|
|
|
<div class="d-flex justify-content-between align-items-center mb-4">
|
|
<h2 class="fw-bold mb-0">Customers</h2>
|
|
<?php if (has_permission('customers_add')): ?>
|
|
<button class="btn btn-primary" data-bs-toggle="modal" data-bs-target="#customerModal" onclick="openAddModal()">
|
|
<i class="bi bi-plus-lg"></i> Add Customer
|
|
</button>
|
|
<?php endif; ?>
|
|
</div>
|
|
|
|
<?= $message ?>
|
|
|
|
<div class="card border-0 shadow-sm">
|
|
<div class="card-body p-0">
|
|
<!-- Pagination Controls -->
|
|
<div class="p-3 border-bottom bg-light">
|
|
<?php render_pagination_controls($customers_pagination); ?>
|
|
</div>
|
|
<div class="table-responsive">
|
|
<table class="table table-hover align-middle mb-0">
|
|
<thead class="bg-light">
|
|
<tr>
|
|
<th class="ps-4">Name</th>
|
|
<th>Email</th>
|
|
<th>Phone</th>
|
|
<th>Address</th>
|
|
<th class="text-center">Redemptions</th>
|
|
<th>Actions</th>
|
|
</tr>
|
|
</thead>
|
|
<tbody>
|
|
<?php foreach ($customers as $customer): ?>
|
|
<tr>
|
|
<td class="ps-4 fw-bold"><?= htmlspecialchars($customer['name']) ?></td>
|
|
<td><?= htmlspecialchars($customer['email']) ?></td>
|
|
<td><?= htmlspecialchars($customer['phone']) ?></td>
|
|
<td><?= htmlspecialchars(substr($customer['address'] ?? '', 0, 30)) ?>...</td>
|
|
<td class="text-center">
|
|
<span class="badge bg-info text-dark"><?= intval($customer['loyalty_redemptions_count'] ?? 0) ?></span>
|
|
</td>
|
|
<td>
|
|
<div class="btn-group">
|
|
<?php if (has_permission('customers_add')): ?>
|
|
<button type="button" class="btn btn-sm btn-outline-primary"
|
|
data-bs-toggle="modal"
|
|
data-bs-target="#customerModal"
|
|
onclick="openEditModal(<?= htmlspecialchars(json_encode($customer)) ?>)"
|
|
title="Edit Customer"><i class="bi bi-pencil"></i></button>
|
|
<?php endif; ?>
|
|
|
|
<?php if (has_permission('customers_del')): ?>
|
|
<a href="?delete=<?= $customer['id'] ?>" class="btn btn-sm btn-outline-danger" onclick="return confirm('Are you sure?')" title="Delete"><i class="bi bi-trash"></i></a>
|
|
<?php endif; ?>
|
|
</div>
|
|
</td>
|
|
</tr>
|
|
<?php endforeach; ?>
|
|
<?php if (empty($customers)): ?>
|
|
<tr>
|
|
<td colspan="6" class="text-center py-4 text-muted">No customers found.</td>
|
|
</tr>
|
|
<?php endif; ?>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
<!-- Bottom Pagination -->
|
|
<div class="p-3 border-top bg-light">
|
|
<?php render_pagination_controls($customers_pagination); ?>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<!-- Customer Modal -->
|
|
<?php if (has_permission('customers_add')): ?>
|
|
<div class="modal fade" id="customerModal" tabindex="-1">
|
|
<div class="modal-dialog">
|
|
<div class="modal-content">
|
|
<div class="modal-header">
|
|
<h5 class="modal-title" id="customerModalTitle">Add New Customer</h5>
|
|
<button type="button" class="btn-close" data-bs-dismiss="modal"></button>
|
|
</div>
|
|
<form method="POST" id="customerForm">
|
|
<div class="modal-body">
|
|
<input type="hidden" name="action" id="customerAction" value="add_customer">
|
|
<input type="hidden" name="id" id="customerId">
|
|
<div class="mb-3">
|
|
<label class="form-label">Name</label>
|
|
<input type="text" name="name" id="customerName" class="form-control" required>
|
|
</div>
|
|
<div class="mb-3">
|
|
<label class="form-label">Email</label>
|
|
<input type="email" name="email" id="customerEmail" class="form-control">
|
|
</div>
|
|
<div class="mb-3">
|
|
<label class="form-label">Phone</label>
|
|
<input type="text" name="phone" id="customerPhone" class="form-control">
|
|
</div>
|
|
<div class="mb-3">
|
|
<label class="form-label">Address</label>
|
|
<textarea name="address" id="customerAddress" class="form-control" rows="3"></textarea>
|
|
</div>
|
|
</div>
|
|
<div class="modal-footer">
|
|
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Close</button>
|
|
<button type="submit" class="btn btn-primary">Save Customer</button>
|
|
</div>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<script>
|
|
function openAddModal() {
|
|
document.getElementById('customerModalTitle').innerText = 'Add New Customer';
|
|
document.getElementById('customerAction').value = 'add_customer';
|
|
document.getElementById('customerForm').reset();
|
|
document.getElementById('customerId').value = '';
|
|
}
|
|
|
|
function openEditModal(customer) {
|
|
document.getElementById('customerModalTitle').innerText = 'Edit Customer';
|
|
document.getElementById('customerAction').value = 'edit_customer';
|
|
document.getElementById('customerId').value = customer.id;
|
|
document.getElementById('customerName').value = customer.name;
|
|
document.getElementById('customerEmail').value = customer.email || '';
|
|
document.getElementById('customerPhone').value = customer.phone || '';
|
|
document.getElementById('customerAddress').value = customer.address || '';
|
|
}
|
|
</script>
|
|
<?php endif; ?>
|
|
|
|
<?php include 'includes/footer.php'; ?>
|