pcwvanbeers/Commerce
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

CMXX - Admin cleanup

Browse Source
This commit is contained in:
“VeLiTi”
2025-02-22 15:50:27 +01:00
parent 8bb78d2a08
commit 0b2ee8c3ce
27 changed files with 67 additions and 2698 deletions
Download Patch File Download Diff File Expand all files Collapse all files

131
admin/account.php
View File

@@ -1,131 +0,0 @@
<?php
defined('admin') or exit;
// Default account product values
$account = [
'email' => '',
'password' => '',
'role' => 'Member',
'first_name' => '',
'last_name' => '',
'address_street' => '',
'address_city' => '',
'address_state' => '',
'address_zip' => '',
'address_country' => '',
'registered' => date('Y-m-d\TH:i'),
'address_phone' => ''
];
if (isset($_GET['id'])) {
// Retrieve the account from the database
$stmt = $pdo->prepare('SELECT * FROM accounts WHERE id = ?');
$stmt->execute([ $_GET['id'] ]);
$account = $stmt->fetch(PDO::FETCH_ASSOC);
// ID param exists, edit an existing account
$page = 'Edit';
if (isset($_POST['submit'])) {
// Update the account
$password = !empty($_POST['password']) ? password_hash($_POST['password'], PASSWORD_DEFAULT) : $account['password'];
$stmt = $pdo->prepare('UPDATE accounts SET email = ?, password = ?, first_name = ?, last_name = ?, address_street = ?, address_city = ?, address_state = ?, address_zip = ?, address_country = ?, role = ?, registered = ?, address_phone = ? WHERE id = ?');
$stmt->execute([ $_POST['email'], $password, $_POST['first_name'], $_POST['last_name'], $_POST['address_street'], $_POST['address_city'], $_POST['address_state'], $_POST['address_zip'], $_POST['address_country'], $_POST['role'], date('Y-m-d H:i:s', strtotime($_POST['registered'])), $_POST['address_phone'],$_GET['id'] ]);
header('Location: index.php?page=accounts&success_msg=2');
exit;
}
if (isset($_POST['delete'])) {
// Delete the account
$stmt = $pdo->prepare('DELETE FROM accounts WHERE id = ?');
$stmt->execute([ $_GET['id'] ]);
header('Location: index.php?page=accounts&success_msg=3');
exit;
}
} else {
// Create a new account
$page = 'Create';
if (isset($_POST['submit'])) {
$password = password_hash($_POST['password'], PASSWORD_DEFAULT);
$stmt = $pdo->prepare('INSERT INTO accounts (email,password,first_name,last_name,address_street,address_city,address_state,address_zip,address_country,role,registered, address_phone) VALUES (?,?,?,?,?,?,?,?,?,?,?,?)');
$stmt->execute([ $_POST['email'], $password, $_POST['first_name'], $_POST['last_name'], $_POST['address_street'], $_POST['address_city'], $_POST['address_state'], $_POST['address_zip'], $_POST['address_country'], $_POST['role'], date('Y-m-d H:i:s', strtotime($_POST['registered'])), $_POST['address_phone'] ]);
header('Location: index.php?page=accounts&success_msg=1');
exit;
}
}
?>
<?=template_admin_header($page . ' Account', 'accounts', 'manage')?>
<form action="" method="post">
<div class="content-title responsive-flex-wrap responsive-pad-bot-3">
<h2 class="responsive-width-100"><?=$page?> Account</h2>
<a href="index.php?page=accounts" class="btn alt mar-right-2">Cancel</a>
<?php if ($page == 'Edit'): ?>
<input type="submit" name="delete" value="Delete" class="btn red mar-right-2" onclick="return confirm('Are you sure you want to delete this account?')">
<?php endif; ?>
<input type="submit" name="submit" value="Save" class="btn">
</div>
<div class="tabs">
<a href="#" class="active">General</a>
<a href="#">Shipping Address</a>
</div>
<div class="content-block tab-content active">
<div class="form responsive-width-100">
<label for="email"><i class="required">*</i> Email</label>
<input id="email" type="email" name="email" placeholder="Email" value="<?=htmlspecialchars($account['email'], ENT_QUOTES)?>" required>
<label for="password"><?=$page == 'Edit' ? 'New ' : ''?>Password</label>
<input type="text" id="password" name="password" placeholder="<?=$page == 'Edit' ? 'New ' : ''?>Password" value=""<?=$page == 'Edit' ? '' : ' required'?>>
<label for="first_name">First Name</label>
<input id="first_name" type="text" name="first_name" placeholder="Joe" value="<?=htmlspecialchars($account['first_name'], ENT_QUOTES)?>">
<label for="last_name">Last Name</label>
<input id="last_name" type="text" name="last_name" placeholder="Bloggs" value="<?=htmlspecialchars($account['last_name'], ENT_QUOTES)?>">
<label for="role"><i class="required">*</i> Role</label>
<select id="role" name="role" required>
<option value="Member"<?=$account['role']=='Member'?' selected':''?>>Member</option>
<option value="Admin"<?=$account['role']=='Admin'?' selected':''?>>Admin</option>
</select>
<label for="registered"><i class="required">*</i> Registered</label>
<input id="registered" type="datetime-local" name="registered" value="<?=date('Y-m-d\TH:i', strtotime($account['registered']))?>" required>
</div>
</div>
<div class="content-block tab-content">
<div class="form responsive-width-100">
<label for="address_street">Address Street</label>
<input id="address_street" type="text" name="address_street" placeholder="" value="<?=htmlspecialchars($account['address_street'], ENT_QUOTES)?>">
<label for="address_city">Address City</label>
<input id="address_city" type="text" name="address_city" placeholder="" value="<?=htmlspecialchars($account['address_city'], ENT_QUOTES)?>">
<label for="address_state">Address State</label>
<input id="address_state" type="text" name="address_state" placeholder="" value="<?=htmlspecialchars($account['address_state'], ENT_QUOTES)?>">
<label for="address_zip">Address Zip</label>
<input id="address_zip" type="text" name="address_zip" placeholder="" value="<?=htmlspecialchars($account['address_zip'], ENT_QUOTES)?>">
<label for="address_phone">Phone</label>
<input id="address_phone" type="text" name="address_phone" placeholder="" value="<?=htmlspecialchars($account['address_phone'], ENT_QUOTES)?>">
<label for="address_country">Country</label>
<select id="address_country" name="address_country" required>
<?php foreach(get_countries() as $country): ?>
<option value="<?=$country?>"<?=$country==$account['address_country']?' selected':''?>><?=$country?></option>
<?php endforeach; ?>
</select>
</div>
</div>
</form>
<?=template_admin_footer()?>

138
admin/accounts.php
View File

@@ -1,138 +0,0 @@
<?php
defined('admin') or exit;
// Retrieve the GET request parameters (if specified)
$pagination_page = isset($_GET['pagination_page']) ? $_GET['pagination_page'] : 1;
$search = isset($_GET['search']) ? $_GET['search'] : '';
// Order by column
$order = isset($_GET['order']) && $_GET['order'] == 'DESC' ? 'DESC' : 'ASC';
// Add/remove columns to the whitelist array
$order_by_whitelist = ['id','email','first_name','role','registered'];
$order_by = isset($_GET['order_by']) && in_array($_GET['order_by'], $order_by_whitelist) ? $_GET['order_by'] : 'id';
// Number of results per pagination page
$results_per_page = 20;
// Declare query param variables
$param1 = ($pagination_page - 1) * $results_per_page;
$param2 = $results_per_page;
$param3 = '%' . $search . '%';
// SQL where clause
$where = '';
$where .= $search ? 'WHERE (a.email LIKE :search OR a.first_name LIKE :search OR a.last_name LIKE :search) ' : '';
// Retrieve the total number of products
$stmt = $pdo->prepare('SELECT COUNT(*) AS total FROM accounts a ' . $where);
if ($search) $stmt->bindParam('search', $param3, PDO::PARAM_STR);
$stmt->execute();
$accounts_total = $stmt->fetchColumn();
// SQL query to get all products from the "products" table
$stmt = $pdo->prepare('SELECT a.*, count(t.id) AS orders FROM accounts a LEFT JOIN transactions t ON t.account_id = a.id ' . $where . ' GROUP BY a.id, a.email, a.password, a.role, a.first_name, a.last_name, a.address_street, a.address_city, a.address_state, a.address_zip, a.address_country, a.registered ORDER BY ' . $order_by . ' ' . $order . ' LIMIT :start_results,:num_results');
// Bind params
$stmt->bindParam('start_results', $param1, PDO::PARAM_INT);
$stmt->bindParam('num_results', $param2, PDO::PARAM_INT);
if ($search) $stmt->bindParam('search', $param3, PDO::PARAM_STR);
$stmt->execute();
// Retrieve query results
$accounts = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Handle success messages
if (isset($_GET['success_msg'])) {
if ($_GET['success_msg'] == 1) {
$success_msg = 'Account created successfully!';
}
if ($_GET['success_msg'] == 2) {
$success_msg = 'Account updated successfully!';
}
if ($_GET['success_msg'] == 3) {
$success_msg = 'Account deleted successfully!';
}
}
// Determine the URL
$url = 'index.php?page=accounts&search=' . $search;
?>
<?=template_admin_header('Accounts', 'accounts', 'view')?>
<div class="content-title">
<div class="title">
<i class="fa-solid fa-users"></i>
<div class="txt">
<h2>Accounts</h2>
<p>View, create, and edit accounts.</p>
</div>
</div>
</div>
<?php if (isset($success_msg)): ?>
<div class="msg success">
<i class="fas fa-check-circle"></i>
<p><?=$success_msg?></p>
<i class="fas fa-times"></i>
</div>
<?php endif; ?>
<div class="content-header responsive-flex-column pad-top-5">
<a href="index.php?page=account" class="btn">Create Account</a>
<form action="" method="get">
<input type="hidden" name="page" value="accounts">
<div class="search">
<label for="search">
<input id="search" type="text" name="search" placeholder="Search account..." value="<?=htmlspecialchars($search, ENT_QUOTES)?>" class="responsive-width-100">
<i class="fas fa-search"></i>
</label>
</div>
</form>
</div>
<div class="content-block">
<div class="table">
<table>
<thead>
<tr>
<td class="responsive-hidden"><a href="<?=$url . '&order=' . ($order=='ASC'?'DESC':'ASC') . '&order_by=id'?>">#<?php if ($order_by=='id'): ?><i class="fas fa-level-<?=str_replace(['ASC', 'DESC'], ['up','down'], $order)?>-alt fa-xs"></i><?php endif; ?></a></td>
<td><a href="<?=$url . '&order=' . ($order=='ASC'?'DESC':'ASC') . '&order_by=email'?>">Email<?php if ($order_by=='email'): ?><i class="fas fa-level-<?=str_replace(['ASC', 'DESC'], ['up','down'], $order)?>-alt fa-xs"></i><?php endif; ?></a></td>
<td><a href="<?=$url . '&order=' . ($order=='ASC'?'DESC':'ASC') . '&order_by=first_name'?>">Name<?php if ($order_by=='first_name'): ?><i class="fas fa-level-<?=str_replace(['ASC', 'DESC'], ['up','down'], $order)?>-alt fa-xs"></i><?php endif; ?></a></td>
<td class="responsive-hidden">Address</td>
<td class="responsive-hidden"><a href="<?=$url . '&order=' . ($order=='ASC'?'DESC':'ASC') . '&order_by=role'?>">Role<?php if ($order_by=='role'): ?><i class="fas fa-level-<?=str_replace(['ASC', 'DESC'], ['up','down'], $order)?>-alt fa-xs"></i><?php endif; ?></a></td>
<td class="responsive-hidden">Orders Placed</td>
<td class="responsive-hidden"><a href="<?=$url . '&order=' . ($order=='ASC'?'DESC':'ASC') . '&order_by=registered'?>">Registered Date<?php if ($order_by=='registered'): ?><i class="fas fa-level-<?=str_replace(['ASC', 'DESC'], ['up','down'], $order)?>-alt fa-xs"></i><?php endif; ?></a></td>
<td>Actions</td>
</tr>
</thead>
<tbody>
<?php if (empty($accounts)): ?>
<tr>
<td colspan="8" style="text-align:center;">There are no accounts</td>
</tr>
<?php else: ?>
<?php foreach ($accounts as $account): ?>
<tr>
<td class="responsive-hidden"><?=$account['id']?></td>
<td><?=htmlspecialchars($account['email'], ENT_QUOTES)?></td>
<td><?=htmlspecialchars($account['first_name'], ENT_QUOTES)?> <?=htmlspecialchars($account['last_name'], ENT_QUOTES)?></td>
<td class="responsive-hidden">
<?=htmlspecialchars($account['address_street'], ENT_QUOTES)?><?=$account['address_street']?', ':''?>
<?=htmlspecialchars($account['address_city'], ENT_QUOTES)?><?=$account['address_city']?', ':''?>
<?=htmlspecialchars($account['address_state'], ENT_QUOTES)?><?=$account['address_state']?', ':''?>
<?=htmlspecialchars($account['address_zip'], ENT_QUOTES)?><?=$account['address_zip']?', ':''?>
<?=htmlspecialchars($account['address_country'], ENT_QUOTES)?>
</td>
<td class="responsive-hidden"><?=$account['role']?></td>
<td class="responsive-hidden"><a href="index.php?page=orders&account_id=<?=$account['id']?>" class="link1"><?=number_format($account['orders'])?></a></td>
<td class="responsive-hidden"><?=date('F j, Y', strtotime($account['registered']))?></td>
<td><a href="index.php?page=account&id=<?=$account['id']?>" class="link1">Edit</a></td>
</tr>
<?php endforeach; ?>
<?php endif; ?>
</tbody>
</table>
</div>
</div>
<div class="pagination">
<?php if ($pagination_page > 1): ?>
<a href="<?=$url?>&pagination_page=<?=$pagination_page-1?>&order=<?=$order?>&order_by=<?=$order_by?>">Prev</a>
<?php endif; ?>
<span>Page <?=$pagination_page?> of <?=ceil($accounts_total / $results_per_page) == 0 ? 1 : ceil($accounts_total / $results_per_page)?></span>
<?php if ($pagination_page * $results_per_page < $accounts_total): ?>
<a href="<?=$url?>&pagination_page=<?=$pagination_page+1?>&order=<?=$order?>&order_by=<?=$order_by?>">Next</a>
<?php endif; ?>
</div>
<?=template_admin_footer()?>

83
admin/categories.php
View File

@@ -1,83 +0,0 @@
<?php
defined('admin') or exit;
// SQL query to get all categories from the "categories" table
$stmt = $pdo->prepare('SELECT * FROM categories');
$stmt->execute();
$categories = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Handle success messages
if (isset($_GET['success_msg'])) {
if ($_GET['success_msg'] == 1) {
$success_msg = 'Category created successfully!';
}
if ($_GET['success_msg'] == 2) {
$success_msg = 'Category updated successfully!';
}
if ($_GET['success_msg'] == 3) {
$success_msg = 'Category deleted successfully!';
}
}
// Populate categories function
function admin_populate_categories($categories, $parent_id = 0, $n = 0) {
$html = '';
foreach ($categories as $category) {
if ($parent_id == $category['parent_id']) {
$html .= '
<tr>
<td><span style="padding-right:8px;color:#bbbec0;border-left:1px solid #bbbec0;padding-bottom:2px;">-' . str_repeat('----', $n) . '</span>' . $category['name'] . '</td>
<td><a href="index.php?page=category&id=' . $category['id'] . '" class="link1">Edit</a> (ID =' . $category['id'] . ') </td>
</tr>
';
$html .= admin_populate_categories($categories, $category['id'], $n+1);
}
}
return $html;
}
?>
<?=template_admin_header('Categories', 'categories')?>
<div class="content-title">
<div class="title">
<i class="fa-solid fa-list-ul"></i>
<div class="txt">
<h2>Categories</h2>
<p>View, create, and edit categories.</p>
</div>
</div>
</div>
<?php if (isset($success_msg)): ?>
<div class="msg success">
<i class="fas fa-check-circle"></i>
<p><?=$success_msg?></p>
<i class="fas fa-times"></i>
</div>
<?php endif; ?>
<div class="content-header responsive-flex-column pad-top-5">
<a href="index.php?page=category" class="btn">Create Category</a>
</div>
<div class="content-block">
<div class="table">
<table>
<thead>
<tr>
<td>Name</td>
<td>Actions</td>
</tr>
</thead>
<tbody>
<?php if (empty($categories)): ?>
<tr>
<td colspan="8" style="text-align:center;">There are no categories</td>
</tr>
<?php else: ?>
<?=admin_populate_categories($categories)?>
<?php endif; ?>
</tbody>
</table>
</div>
</div>
<?=template_admin_footer()?>

85
admin/category.php
View File

@@ -1,85 +0,0 @@
<?php
defined('admin') or exit;
// Default input category values
$category = [
'name' => '',
'parent_id' => 0,
'status' => 1
];
if (isset($_GET['id'])) {
// Retrieve all the categories
$stmt = $pdo->prepare('SELECT * FROM categories WHERE id != ?');
$stmt->execute([ $_GET['id'] ]);
$categories = $stmt->fetchAll(PDO::FETCH_ASSOC);
// ID param exists, edit an existing category
$page = 'Edit';
if (isset($_POST['submit'])) {
// Update the category
$stmt = $pdo->prepare('UPDATE categories SET name = ?, parent_id = ?, status = ? WHERE id = ?');
$stmt->execute([ $_POST['name'], $_POST['parent_id'], $_POST['status'], $_GET['id'] ]);
header('Location: index.php?page=categories&success_msg=2');
exit;
}
if (isset($_POST['delete'])) {
// Delete the category
$stmt = $pdo->prepare('DELETE c, pc FROM categories c LEFT JOIN products_categories pc ON pc.category_id = c.id WHERE c.id = ?');
$stmt->execute([ $_GET['id'] ]);
header('Location: index.php?page=categories&success_msg=3');
exit;
}
// Get the category from the database
$stmt = $pdo->prepare('SELECT * FROM categories WHERE id = ?');
$stmt->execute([ $_GET['id'] ]);
$category = $stmt->fetch(PDO::FETCH_ASSOC);
} else {
// Retrieve all the categories
$stmt = $pdo->prepare('SELECT * FROM categories');
$stmt->execute();
$categories = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Create a new category
$page = 'Create';
if (isset($_POST['submit'])) {
$stmt = $pdo->prepare('INSERT INTO categories (name,parent_id,status) VALUES (?,?,?)');
$stmt->execute([ $_POST['name'], $_POST['parent_id'], $_POST['status'] ]);
header('Location: index.php?page=categories&success_msg=1');
exit;
}
}
?>
<?=template_admin_header($page . ' Category', 'categories', 'manage')?>
<form action="" method="post">
<div class="content-title responsive-flex-wrap responsive-pad-bot-3">
<h2 class="responsive-width-100"><?=$page?> Category</h2>
<a href="index.php?page=categories" class="btn alt mar-right-2">Cancel</a>
<?php if ($page == 'Edit'): ?>
<input type="submit" name="delete" value="Delete" class="btn red mar-right-2" onclick="return confirm('Are you sure you want to delete this category?')">
<?php endif; ?>
<input type="submit" name="submit" value="Save" class="btn">
</div>
<div class="content-block">
<div class="form responsive-width-100">
<label for="name"><i class="required">*</i> Name</label>
<input id="name" type="text" name="name" placeholder="Name" value="<?=$category['name']?>" required>
<label for="parent_id">Parent</label>
<select id="parent_id" name="parent_id">
<option value="0">(none)</option>
<?php foreach ($categories as $c): ?>
<option value="<?=$c['id']?>"<?=$c['id']==$category['parent_id']?' selected':''?>><?=$c['name']?></option>
<?php endforeach; ?>
</select>
<label for="status">Status</label>
<select id="status" name="status">
<option value="1"<?=$category['status']==1?' selected':''?>>Enabled</option>
<option value="0"<?=$category['status']==0?' selected':''?>>Disabled</option>
</select>
</div>
</div>
</form>
<?=template_admin_footer()?>

154
admin/discount.php
View File

@@ -1,154 +0,0 @@
<?php
defined('admin') or exit;
// Default input discount values
$discount = [
'category_ids' => '',
'product_ids' => '',
'discount_code' => '',
'discount_type' => 'Percentage',
'discount_value' => 0,
'start_date' => date('Y-m-d\TH:i'),
'end_date' => date('Y-m-d\TH:i', strtotime('+1 month', strtotime(date('Y-m-d\TH:i')))),
'categories' => [],
'products' => []
];
$types = ['Percentage', 'Fixed'];
// Get all the categories from the database
$stmt = $pdo->query('SELECT * FROM categories');
$stmt->execute();
$categories = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Get all the products from the database
$stmt = $pdo->query('SELECT * FROM products');
$stmt->execute();
$products = $stmt->fetchAll(PDO::FETCH_ASSOC);
if (isset($_GET['id'])) {
// ID param exists, edit an existing discount
$page = 'Edit';
if (isset($_POST['submit'])) {
// Update the discount
$categories_list = isset($_POST['categories']) ? implode(',', $_POST['categories']) : '';
$products_list = isset($_POST['products']) ? implode(',', $_POST['products']) : '';
$stmt = $pdo->prepare('UPDATE discounts SET category_ids = ?, product_ids = ?, discount_code = ?, discount_type = ?, discount_value = ?, start_date = ?, end_date = ? WHERE id = ?');
$stmt->execute([ $categories_list, $products_list, $_POST['discount_code'], $_POST['discount_type'], $_POST['discount_value'], date('Y-m-d H:i:s', strtotime($_POST['start_date'])), date('Y-m-d H:i:s', strtotime($_POST['end_date'])), $_GET['id'] ]);
// Remove session discount code
if (isset($_SESSION['discount'])) {
unset($_SESSION['discount']);
}
header('Location: index.php?page=discounts&success_msg=2');
exit;
}
if (isset($_POST['delete'])) {
// Delete the discount
$stmt = $pdo->prepare('DELETE FROM discounts WHERE id = ?');
$stmt->execute([ $_GET['id'] ]);
// Remove session discount code
if (isset($_SESSION['discount'])) {
unset($_SESSION['discount']);
}
header('Location: index.php?page=discounts&success_msg=3');
exit;
}
// Get the discount from the database
$stmt = $pdo->prepare('SELECT * FROM discounts WHERE id = ?');
$stmt->execute([ $_GET['id'] ]);
$discount = $stmt->fetch(PDO::FETCH_ASSOC);
// Get the discount categories
$stmt = $pdo->prepare('SELECT c.name, c.id FROM discounts d JOIN categories c ON FIND_IN_SET(c.id, d.category_ids) WHERE d.id = ?');
$stmt->execute([ $_GET['id'] ]);
$discount['categories'] = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Get the discount products
$stmt = $pdo->prepare('SELECT p.name, p.id FROM discounts d JOIN products p ON FIND_IN_SET(p.id, d.product_ids) WHERE d.id = ?');
$stmt->execute([ $_GET['id'] ]);
$discount['products'] = $stmt->fetchAll(PDO::FETCH_ASSOC);
} else {
// Create a new discount
$page = 'Create';
if (isset($_POST['submit'])) {
$categories_list = isset($_POST['categories']) ? implode(',', $_POST['categories']) : '';
$products_list = isset($_POST['products']) ? implode(',', $_POST['products']) : '';
$stmt = $pdo->prepare('INSERT INTO discounts (category_ids,product_ids,discount_code,discount_type,discount_value,start_date,end_date) VALUES (?,?,?,?,?,?,?)');
$stmt->execute([ $categories_list, $products_list, $_POST['discount_code'], $_POST['discount_type'], $_POST['discount_value'], date('Y-m-d H:i:s', strtotime($_POST['start_date'])), date('Y-m-d H:i:s', strtotime($_POST['end_date'])) ]);
// Remove session discount code
if (isset($_SESSION['discount'])) {
unset($_SESSION['discount']);
}
header('Location: index.php?page=discounts&success_msg=1');
exit;
}
}
?>
<?=template_admin_header($page . ' Discount', 'discounts', 'manage')?>
<form action="" method="post">
<div class="content-title responsive-flex-wrap responsive-pad-bot-3">
<h2 class="responsive-width-100"><?=$page?> Discount</h2>
<a href="index.php?page=discounts" class="btn alt mar-right-2">Cancel</a>
<?php if ($page == 'Edit'): ?>
<input type="submit" name="delete" value="Delete" class="btn red mar-right-2" onclick="return confirm('Are you sure you want to delete this discount?')">
<?php endif; ?>
<input type="submit" name="submit" value="Save" class="btn">
</div>
<div class="content-block">
<div class="form responsive-width-100">
<label for="code"><i class="required">*</i> Code</label>
<input id="code" type="text" name="discount_code" placeholder="Code" value="<?=$discount['discount_code']?>" required>
<label for="categories">Categories</label>
<div class="multiselect" data-name="categories[]">
<?php foreach ($discount['categories'] as $cat): ?>
<span class="item" data-value="<?=$cat['id']?>">
<i class="remove">&times;</i><?=$cat['name']?>
<input type="hidden" name="categories[]" value="<?=$cat['id']?>">
</span>
<?php endforeach; ?>
<input type="text" class="search" id="categories" placeholder="Categories">
<div class="list">
<?php foreach ($categories as $cat): ?>
<span data-value="<?=$cat['id']?>"><?=$cat['name']?></span>
<?php endforeach; ?>
</div>
</div>
<label for="products">Products</label>
<div class="multiselect" data-name="products[]">
<?php foreach ($discount['products'] as $product): ?>
<span class="item" data-value="<?=$product['id']?>">
<i class="remove">&times;</i><?=$product['name']?>
<input type="hidden" name="products[]" value="<?=$product['id']?>">
</span>
<?php endforeach; ?>
<input type="text" class="search" id="products" placeholder="Products">
<div class="list">
<?php foreach ($products as $product): ?>
<span data-value="<?=$product['id']?>"><?=$product['name']?></span>
<?php endforeach; ?>
</div>
</div>
<label for="type"><i class="required">*</i> Type</label>
<select id="type" name="discount_type">
<?php foreach ($types as $type): ?>
<option value="<?=$type?>"<?=$discount['discount_type']==$type?' selected':''?>><?=$type?></option>
<?php endforeach; ?>
</select>
<label for="discount_value"><i class="required">*</i> Value</label>
<input id="discount_value" type="number" name="discount_value" placeholder="Value" min="0" step=".01" value="<?=$discount['discount_value']?>" required>
<label for="start_date"><i class="required">*</i> Start Date</label>
<input id="start_date" type="datetime-local" name="start_date" placeholder="Start Date" value="<?=date('Y-m-d\TH:i', strtotime($discount['start_date']))?>" required>
<label for="end_date"><i class="required">*</i> End Date</label>
<input id="end_date" type="datetime-local" name="end_date" placeholder="End Date" value="<?=date('Y-m-d\TH:i', strtotime($discount['end_date']))?>" required>
</div>
</div>
</form>
<?=template_admin_footer()?>

89
admin/discounts.php
View File

@@ -1,89 +0,0 @@
<?php
defined('admin') or exit;
// SQL query to get all discounts from the "discounts" table
$stmt = $pdo->prepare('SELECT d.*, GROUP_CONCAT(DISTINCT p.name) product_names, GROUP_CONCAT(DISTINCT c.name) category_names FROM discounts d LEFT JOIN products p ON FIND_IN_SET(p.id, d.product_ids) LEFT JOIN categories c ON FIND_IN_SET(c.id, d.category_ids) GROUP BY d.id, d.category_ids, d.product_ids, d.discount_code, d.discount_type, d.discount_type, d.discount_value, d.start_date, d.end_date');
$stmt->execute();
$discounts = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Get the current date
$current_date = strtotime((new DateTime())->format('Y-m-d H:i:s'));
// Handle success messages
if (isset($_GET['success_msg'])) {
if ($_GET['success_msg'] == 1) {
$success_msg = 'Discount created successfully!';
}
if ($_GET['success_msg'] == 2) {
$success_msg = 'Discount updated successfully!';
}
if ($_GET['success_msg'] == 3) {
$success_msg = 'Discount deleted successfully!';
}
}
?>
<?=template_admin_header('Discounts', 'discounts')?>
<div class="content-title">
<div class="title">
<i class="fa-solid fa-tag"></i>
<div class="txt">
<h2>Discounts</h2>
<p>View, create, and edit discounts.</p>
</div>
</div>
</div>
<?php if (isset($success_msg)): ?>
<div class="msg success">
<i class="fas fa-check-circle"></i>
<p><?=$success_msg?></p>
<i class="fas fa-times"></i>
</div>
<?php endif; ?>
<div class="content-header responsive-flex-column pad-top-5">
<a href="index.php?page=discount" class="btn">Create Discount</a>
</div>
<div class="content-block">
<div class="table">
<table>
<thead>
<tr>
<td class="responsive-hidden">#</td>
<td>Code</td>
<td>Active</td>
<td class="responsive-hidden">Categories</td>
<td class="responsive-hidden">Products</td>
<td>Type</td>
<td>Value</td>
<td class="responsive-hidden">Start Date</td>
<td class="responsive-hidden">End Date</td>
<td>Actions</td>
</tr>
</thead>
<tbody>
<?php if (empty($discounts)): ?>
<tr>
<td colspan="8" style="text-align:center;">There are no discounts</td>
</tr>
<?php else: ?>
<?php foreach ($discounts as $discount): ?>
<tr>
<td class="responsive-hidden"><?=$discount['id']?></td>
<td><?=$discount['discount_code']?></td>
<td><?=$current_date >= strtotime($discount['start_date']) && $current_date <= strtotime($discount['end_date']) ? 'Yes' : 'No'?></td>
<td class="responsive-hidden"><?=$discount['category_names'] ? str_replace(',', ', ', $discount['category_names']) : 'all'?></td>
<td class="responsive-hidden"><?=$discount['product_names'] ? str_replace(',', ', ', $discount['product_names']) : 'all'?></td>
<td><?=$discount['discount_type']?></td>
<td><?=$discount['discount_value']?></td>
<td class="responsive-hidden"><?=date('Y-m-d h:ia', strtotime($discount['start_date']))?></td>
<td class="responsive-hidden"><?=date('Y-m-d h:ia', strtotime($discount['end_date']))?></td>
<td><a href="index.php?page=discount&id=<?=$discount['id']?>" class="link1">Edit</a></td>
</tr>
<?php endforeach; ?>
<?php endif; ?>
</tbody>
</table>
</div>
</div>
<?=template_admin_footer()?>

8
admin/emailtemplates.php
View File

@@ -3,15 +3,15 @@ defined('admin') or exit;
// Capture post data
if (isset($_POST['emailtemplate'], $_POST['emailtemplate2'])) {
// Save templates
file_put_contents('../order-details-template.php', $_POST['emailtemplate']);
file_put_contents('../order-notification-template.php', $_POST['emailtemplate2']);
file_put_contents(dirname(__FILE__,-1).'/custom/mail/order-details-template.php', $_POST['emailtemplate']);
file_put_contents(dirname(__FILE__,-1).'/custom/mail/order-notification-template.php', $_POST['emailtemplate2']);
header('Location: index.php?page=emailtemplates&success_msg=1');
exit;
}
// Read the order details template PHP file
$contents = file_get_contents('../order-details-template.php');
$contents = file_get_contents(dirname(__FILE__,-1).'/custom/mail/order-details-template.php');
// Read the order notification template PHP file
$contents2 = file_get_contents('../order-notification-template.php');
$contents2 = file_get_contents(dirname(__FILE__,-1).'/custom/mail/order-notification-template.php');
// Handle success messages
if (isset($_GET['success_msg'])) {
if ($_GET['success_msg'] == 1) {

60
admin/factuur.php
View File

@@ -1,60 +0,0 @@
<?php
(defined(security_key) or defined('admin') or defined('interface')) or exit;
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);
$order_number = $_POST['txn_id'];
list($data,$customer_email,$order_id) = generateInvoice($pdo,$order_number);
$dompdf->loadHtml($data);
// (Optional) Setup the paper size and orientation
$dompdf->setPaper('A4', 'portrait');
// Render the HTML as PDF
$dompdf->render();
$file_name = 'Factuur - '.$order_id;
// Output the generated PDF to Browser
if (isset($_POST['email_invoice']) || $_POST['status'] == 'Paid'){
$to = $customer_email;
$subject = 'Factuur - '.$order_id;
$message = $data;
$attachment = $dompdf->output();
$attachment_name = $file_name;
$header_redirect = 'Location: index.php?page=order&id='.$order_id;
//Send to PHPMailer
send_mail_by_PHPMailer($to, $subject, $message, $attachment, $attachment_name);
header($header_redirect);
exit;
}
if (isset($_POST['email_invoice_to_admin']) || $_POST['status'] == 'Paid'){
$to = $customer_email;
$subject = 'Factuur - '.$order_id;
$message = $data;
$attachment = $dompdf->output();
$attachment_name = $file_name;
$header_redirect = 'Location: index.php?page=order&id='.$order_id;
//Send to PHPMailer
if(invoice_bookkeeping){
send_mail_by_PHPMailer(email_bookkeeping, $subject, $data, $attachment, $subject);
}
header($header_redirect);
exit;
}
if (isset($_POST['show_invoice'])){
ob_end_clean();
$dompdf->stream("Factuur.pdf", array("Attachment" => false));
exit;
}
?>

8
admin/language.php
View File

@@ -3,15 +3,15 @@ defined('admin') or exit;
// Capture post data
if (isset($_POST['language_US'], $_POST['language_NL'])) {
// Save templates
file_put_contents('../custom/translations/translations_US.php', $_POST['language_US']);
file_put_contents('../custom/translations/translations_NL.php', $_POST['language_NL']);
file_put_contents(dirname(__FILE__,-1).'/custom/translations/translations_US.php', $_POST['language_US']);
file_put_contents(dirname(__FILE__,-1).'/custom/translations/translations_NL.php', $_POST['language_NL']);
header('Location: index.php?page=language&success_msg=1');
exit;
}
// Read language_US template PHP file
$contents = file_get_contents('../custom/translations/translations_US.php');
$contents = file_get_contents(dirname(__FILE__,-1).'/custom/translations/translations_US.php');
// Read language template PHP file
$contents2 = file_get_contents('../custom/translations/translations_NL.php');
$contents2 = file_get_contents(dirname(__FILE__,-1).'/custom/translations/translations_NL.php');
// Handle success messages
if (isset($_GET['success_msg'])) {
if ($_GET['success_msg'] == 1) {

99
admin/media.php
View File

@@ -1,99 +0,0 @@
<?php
defined('admin') or exit;
// Retrieve the GET request parameters (if specified)
$pagination_page = isset($_GET['pagination_page']) ? $_GET['pagination_page'] : 1;
$search = isset($_GET['search']) ? $_GET['search'] : '';
// Order by column
$order = isset($_GET['order']) && $_GET['order'] == 'DESC' ? 'DESC' : 'ASC';
// Add/remove columns to the whitelist array
$order_by_whitelist = ['id','title','caption','date_uploaded'];
$order_by = isset($_GET['order_by']) && in_array($_GET['order_by'], $order_by_whitelist) ? $_GET['order_by'] : 'id';
// Number of results per pagination page
$results_per_page = 20;
// Declare query param variables
$param1 = ($pagination_page - 1) * $results_per_page;
$param2 = $results_per_page;
$param3 = '%' . $search . '%';
// SQL where clause
$where = '';
$where .= $search ? 'WHERE (title LIKE :search OR caption LIKE :search OR full_path LIKE :search) ' : '';
// Retrieve the total number of media
$stmt = $pdo->prepare('SELECT COUNT(*) AS total FROM media ' . $where);
if ($search) $stmt->bindParam('search', $param3, PDO::PARAM_STR);
$stmt->execute();
$media_total = $stmt->fetchColumn();
// SQL query to get all media from the "media" table
$stmt = $pdo->prepare('SELECT * FROM media ' . $where . ' ORDER BY ' . $order_by . ' ' . $order . ' LIMIT :start_results,:num_results');
// Bind params
$stmt->bindParam('start_results', $param1, PDO::PARAM_INT);
$stmt->bindParam('num_results', $param2, PDO::PARAM_INT);
if ($search) $stmt->bindParam('search', $param3, PDO::PARAM_STR);
$stmt->execute();
// Retrieve query results
$media = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Determine the URL
$url = 'index.php?page=media&search=' . $search;
?>
<?=template_admin_header('Media', 'media')?>
<div class="content-title">
<div class="title">
<i class="fa-solid fa-images"></i>
<div class="txt">
<h2>Media</h2>
<p>View, manage, and search media files.</p>
</div>
</div>
</div>
<?php if (isset($success_msg)): ?>
<div class="msg success">
<i class="fas fa-check-circle"></i>
<p><?=$success_msg?></p>
<i class="fas fa-times"></i>
</div>
<?php endif; ?>
<div class="content-header responsive-flex-column pad-top-5">
<a href="#" class="btn upload">Upload</a>
<form action="" method="get">
<input type="hidden" name="page" value="media">
<a href="<?=$url?>&order_by=<?=$order_by?>&order=<?=$order=='ASC'?'DESC':'ASC'?>"><i class="fa-solid fa-arrow-<?=$order=='ASC'?'up':'down'?>-wide-short"></i></a>
<select name="order_by" onchange="this.form.submit()">
<option value="" disabled>Order By</option>
<option value="id"<?=$order_by=='id'?' selected':''?>>ID</option>
<option value="title"<?=$order_by=='title'?' selected':''?>>Title</option>
<option value="caption"<?=$order_by=='caption'?' selected':''?>>Caption</option>
<option value="date_uploaded"<?=$order_by=='date_uploaded'?' selected':''?>>Date Uploaded</option>
</select>
<div class="search">
<label for="search">
<input id="search" type="text" name="search" placeholder="Search media..." value="<?=htmlspecialchars($search, ENT_QUOTES)?>" class="responsive-width-100">
<i class="fas fa-search"></i>
</label>
</div>
</form>
</div>
<div class="content-block media-page">
<div class="media">
<?php foreach ($media as $m): ?>
<a href="#" class="image" data-id="<?=$m['id']?>" data-full-path="<?=$m['full_path']?>" data-title="<?=$m['title']?>" data-caption="<?=$m['caption']?>" data-date-uploaded="<?=date('Y-m-d\TH:i', strtotime($m['date_uploaded']))?>">
<img src="../<?=$m['full_path']?>" alt="<?=$m['caption']?>" loading="lazy">
</a>
<?php endforeach; ?>
</div>
</div>
<div class="pagination">
<?php if ($pagination_page > 1): ?>
<a href="<?=$url?>&pagination_page=<?=$pagination_page-1?>&order=<?=$order?>&order_by=<?=$order_by?>">Prev</a>
<?php endif; ?>
<span>Page <?=$pagination_page?> of <?=ceil($media_total / $results_per_page) == 0 ? 1 : ceil($media_total / $results_per_page)?></span>
<?php if ($pagination_page * $results_per_page < $media_total): ?>
<a href="<?=$url?>&pagination_page=<?=$pagination_page+1?>&order=<?=$order?>&order_by=<?=$order_by?>">Next</a>
<?php endif; ?>
</div>
<?=template_admin_footer('initMedia()')?>

290
admin/order.php
View File

@@ -1,290 +0,0 @@
<?php
defined('admin') or exit;
if (!isset($_GET['id'])) {
exit('Invalid ID!');
}
// Retrieve order items
$stmt = $pdo->prepare('SELECT ti.*, p.productcode, p.name FROM transactions t JOIN transactions_items ti ON ti.txn_id = t.txn_id LEFT JOIN products p ON p.id = ti.item_id WHERE t.id = ?');
$stmt->execute([ $_GET['id'] ]);
$order_items = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Retrieve order details
$stmt = $pdo->prepare('SELECT a.email, a.id AS a_id, a.first_name AS a_first_name, a.last_name AS a_last_name, a.address_street AS a_address_street, a.address_city AS a_address_city, a.address_state AS a_address_state, a.address_zip AS a_address_zip, a.address_country AS a_address_country, a.address_phone AS a_address_phone, t.* FROM transactions t LEFT JOIN transactions_items ti ON ti.txn_id = t.txn_id LEFT JOIN accounts a ON a.id = t.account_id WHERE t.id = ?');
$stmt->execute([ $_GET['id'] ]);
$order = $stmt->fetch(PDO::FETCH_ASSOC);
// Get tax
$stmt = $pdo->prepare('SELECT * FROM taxes WHERE country = ?');
$stmt->execute([$order['a_address_country']]);
$tax = $stmt->fetch(PDO::FETCH_ASSOC);
$tax_rate = $tax ? $tax['rate'] : 0.00;
//Add giftcards
if (isset($_GET['add_giftcard'])){
createGiftCart($pdo, $order['txn_id']);
}
//Get connected giftcards
$giftcards_template = $order['txn_id'].'#%#%';
$stmt = $pdo->prepare('SELECT * from discounts WHERE discount_code like ?');
$stmt->execute([$giftcards_template]);
$giftcards = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Get the current date
$current_date = strtotime((new DateTime())->format('Y-m-d H:i:s'));
// Delete transaction
if (isset($_GET['delete'])) {
// Delete the transaction
$stmt = $pdo->prepare('DELETE t, ti FROM transactions t LEFT JOIN transactions_items ti ON ti.txn_id = t.txn_id WHERE t.id = ?');
$stmt->execute([ $_GET['id'] ]);
// Deactive giftcards
removeGiftCart($pdo, $_GET['txn']);
header('Location: index.php?page=orders&success_msg=3');
exit;
}
if (!$order) {
exit('Invalid ID!');
}
?>
<?=template_admin_header('Orders', 'orders')?>
<div class="content-title responsive-flex-wrap responsive-pad-bot-3">
<h2 class="responsive-width-100">Order #<?=$_GET['id']?></h2>
<a href="index.php?page=orders" class="btn alt mar-right-2">Cancel</a>
<a href="index.php?page=order&id=<?=$_GET['id']?>&delete=true&txn=<?=$order['txn_id']?>" class="btn red mar-right-2" onclick="return confirm('Are you sure you want to delete this order?')">Delete</a>
<a href="index.php?page=order_manage&id=<?=$_GET['id']?>" class="btn">Edit</a>
</div>
<div class="content-block-wrapper">
<div class="content-block order-details">
<div class="block-header">
<i class="fa-solid fa-cart-shopping fa-sm"></i>Order Details
</div>
<div class="order-detail">
<h3>Order ID</h3>
<p><?=$order['id']?></p>
</div>
<div class="order-detail">
<h3>Transaction ID</h3>
<p><?=$order['txn_id']?></p>
</div>
<?php if ($order['shipping_method']): ?>
<div class="order-detail">
<h3>Shipping Method</h3>
<p><?=$order['shipping_method'] ? htmlspecialchars($order['shipping_method'], ENT_QUOTES) : '--'?></p>
</div>
<?php endif; ?>
<div class="order-detail">
<h3>Payment Method</h3>
<p><?=$order['payment_method']?></p>
</div>
<div class="order-detail">
<h3>Payment Status</h3>
<p><?=$order['payment_status']?></p>
</div>
<div class="order-detail">
<h3>Date</h3>
<p><?=date('F j, Y H:ia', strtotime($order['created']))?></p>
</div>
<?php if ($order['discount_code']): ?>
<div class="order-detail">
<h3>Discount Code</h3>
<p><?=htmlspecialchars($order['discount_code'], ENT_QUOTES)?></p>
</div>
<?php endif; ?>
</div>
<div class="content-block order-details">
<div class="block-header">
<i class="fa-solid fa-user fa-sm"></i>Account Details
</div>
<?php if ($order['email']): ?>
<div class="order-detail">
<h3>Email</h3>
<p><a href="index.php?page=account&id=<?=$order['a_id']?>" target="_blank" class="link1" style="margin:0"><?=htmlspecialchars($order['email'], ENT_QUOTES)?></a></p>
</div>
<div class="order-detail">
<h3>Name</h3>
<p><?=htmlspecialchars($order['a_first_name'], ENT_QUOTES)?> <?=htmlspecialchars($order['a_last_name'], ENT_QUOTES)?></p>
</div>
<div class="order-detail">
<h3>Address</h3>
<p style="text-align:right;"><?=htmlspecialchars($order['a_address_street'], ENT_QUOTES)?><br>
<?=htmlspecialchars($order['a_address_city'], ENT_QUOTES)?><br>
<?=htmlspecialchars($order['a_address_state'], ENT_QUOTES)?><br>
<?=htmlspecialchars($order['a_address_zip'], ENT_QUOTES)?><br>
<?=htmlspecialchars($order['a_address_country'], ENT_QUOTES)?>
</p>
</div>
<div class="order-detail">
<h3>Contact</h3>
<p style="text-align:right;"><?=htmlspecialchars($order['a_address_phone'], ENT_QUOTES)?>
</p>
</div>
<?php else: ?>
<p>The order is not associated with an account.</p>
<?php endif; ?>
</div>
<div class="content-block order-details">
<div class="block-header">
<i class="fa-solid fa-user fa-sm"></i>Customer Details
</div>
<div class="order-detail">
<h3>Email</h3>
<p><?=htmlspecialchars($order['payer_email'], ENT_QUOTES)?></p>
</div>
<div class="order-detail">
<h3>Name</h3>
<p><?=htmlspecialchars($order['first_name'], ENT_QUOTES)?> <?=htmlspecialchars($order['last_name'], ENT_QUOTES)?></p>
</div>
<div class="order-detail">
<h3>Address</h3>
<p style="text-align:right;"><?=htmlspecialchars($order['address_street'], ENT_QUOTES)?><br>
<?=htmlspecialchars($order['address_city'], ENT_QUOTES)?><br>
<?=htmlspecialchars($order['address_state'], ENT_QUOTES)?><br>
<?=htmlspecialchars($order['address_zip'], ENT_QUOTES)?><br>
<?=htmlspecialchars($order['address_country'], ENT_QUOTES)?>
</p>
</div>
<div class="order-detail">
<h3>Contact</h3>
<p style="text-align:right;"><?=htmlspecialchars($order['a_address_phone'], ENT_QUOTES)?>
</p>
</div>
</div>
</div>
<div class="content-block">
<div class="block-header">
<i class="fa-solid fa-bars fa-sm"></i>Order
</div>
<div class="table order-table">
<table>
<thead>
<tr>
<td>Product</td>
<td>Options</td>
<td>Qty</td>
<td class="responsive-hidden">Price</td>
<td style="text-align:right;">Total</td>
</tr>
</thead>
<tbody>
<?php if (empty($order_items)): ?>
<tr>
<td colspan="5" style="text-align:center;">There are no order items</td>
</tr>
<?php else: ?>
<?php
$subtotal = 0;
foreach ($order_items as $item):
?>
<tr>
<td><?=$item['productcode']?> <?=$item['name'] ? htmlspecialchars($item['name'], ENT_QUOTES) : '(Product ' . $item['item_id'] . ')'?></td>
<td><?=$item['item_options'] ? htmlspecialchars(str_replace(',', ', ', $item['item_options']), ENT_QUOTES) : '--'?></td>
<td><?=$item['item_quantity']?></td>
<td class="responsive-hidden"><?=currency_code?><?=number_format($item['item_price'], 2)?></td>
<td style="text-align:right;"><?=currency_code?><?=number_format($item['item_price']*$item['item_quantity'], 2)?></td>
</tr>
<?php $subtotal += $item['item_price']*$item['item_quantity'];?>
<?php endforeach; ?>
<?php endif; ?>
<tr>
<td colspan="5" class="item-list-end"></td>
</tr>
<tr>
<td colspan="4" class="subtotal">Subtotal</td>
<td class="num"><?=currency_code?><?=number_format($subtotal, 2)?></td>
</tr>
<tr>
<td colspan="4" class="shipping">Shipping</td>
<td class="num"><?=currency_code?><?=number_format($order['shipping_amount'], 2)?></td>
</tr>
<tr>
<td colspan="4" class="shipping">Discount</td>
<td class="num"><?=currency_code?><?=number_format(($order['payment_amount']+$order['shipping_amount'])-($subtotal), 2)?></td>
</tr>
<tr>
<td colspan="4" class="shipping">VAT</td>
<td class="num" style="border-bottom: 1px solid #f0f1f2;"><?=currency_code?><?=number_format($order['tax_amount'], 2)?></td>
</tr>
<tr>
<td colspan="4" class="total">Total</td>
<td class="num"><b><?=currency_code?><?=number_format($order['payment_amount'], 2)?></b></td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="content-block">
<div class="block-header">
<i class="fa-solid fa-bars fa-sm"></i>Giftcards
</div>
<div class="table order-table">
<a href="index.php?page=order&id=<?=$_GET['id']?>&add_giftcard" class="btn">Relate giftcards</a>
<table>
<thead>
<tr>
<td>Giftcard</td>
<td>Valid</td>
<td>Value</td>
</tr>
</thead>
<tbody>
<?php if (empty($giftcards)): ?>
<tr>
<td colspan="5" style="text-align:center;">There are no order items</td>
</tr>
<?php else: ?>
<?php foreach ($giftcards as $giftcard): ?>
<tr>
<td><?=$giftcard['discount_code']?></td>
<td><?=$current_date >= strtotime($giftcard['start_date']) && $current_date <= strtotime($giftcard['end_date']) ? 'Yes' : 'No'?></td>
<td><?=currency_code?><?=number_format($giftcard['discount_value'], 2)?></td>
</tr>
<?php endforeach; ?>
<?php endif; ?>
<tr>
<td colspan="5" class="item-list-end"></td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="content-block">
<div class="block-header">
<i class="fa-solid fa-bars fa-sm"></i>Invoice
</div>
<div class="table order-table">
<table>
<tr>
<td style="width:70px";>
<form action="index.php?page=factuur" method="post">
<input type="hidden" name="txn_id" value="<?=$order['txn_id']?>">
<input type="submit" class="btn" name="show_invoice" value="Show">
</form>
</td>
<td style="width: 157px;">
<form action="index.php?page=factuur" method="post">
<input type="hidden" name="txn_id" value="<?=$order['txn_id']?>">
<input type="submit" class="btn" name="email_invoice" value="Email to Customer" onclick="return confirm('Send invoice to customer?');">
</form>
</td>
<td>
<form action="index.php?page=factuur" method="post">
<input type="hidden" name="txn_id" value="<?=$order['txn_id']?>">
<input type="submit" class="btn" name="email_invoice_to_admin" value="Email to Admin" onclick="return confirm('Send invoice to admin?');">
</form>
</td>
</tr>
</table>
</div>
</div>
<?=template_admin_footer()?>

261
admin/order_manage.php
View File

@@ -1,261 +0,0 @@
<?php
defined('admin') or exit;
// Default transaction values
$transaction = [
'txn_id' => '',
'payment_amount' => '',
'payment_status' => '',
'payer_email' => '',
'first_name' => '',
'last_name' => '',
'account_id' => '',
'payment_method' => '',
'discount_code' => '',
'address_street' => '',
'address_city' => '',
'address_state' => '',
'address_zip' => '',
'address_country' => '',
'shipping_method' => '',
'shipping_amount' => '',
'created' => date('Y-m-d\TH:i'),
'address_phone' => ''
];
// Retrieve the products from the database
$stmt = $pdo->prepare('SELECT * FROM products ORDER BY id');
$stmt->execute();
$products = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Retrieve the accounts from the database
$stmt = $pdo->prepare('SELECT * FROM accounts ORDER BY id');
$stmt->execute();
$accounts = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Add transactions items to the database
function addOrderItems($pdo, $txn_id) {
if (isset($_POST['item_id']) && is_array($_POST['item_id']) && count($_POST['item_id']) > 0) {
// Iterate items
$delete_list = [];
for ($i = 0; $i < count($_POST['item_id']); $i++) {
// If the item doesnt exist in the database
if (!intval($_POST['item_id'][$i])) {
// Insert new item
$stmt = $pdo->prepare('INSERT INTO transactions_items (txn_id,item_id,item_price,item_quantity,item_options) VALUES (?,?,?,?,?)');
$stmt->execute([ $txn_id, $_POST['item_product'][$i], $_POST['item_price'][$i], $_POST['item_quantity'][$i], $_POST['item_options'][$i] ]);
$delete_list[] = $pdo->lastInsertId();
} else {
// Update existing item
$stmt = $pdo->prepare('UPDATE transactions_items SET txn_id = ?, item_id = ?, item_price = ?, item_quantity = ?, item_options = ? WHERE id = ?');
$stmt->execute([ $txn_id, $_POST['item_product'][$i], $_POST['item_price'][$i], $_POST['item_quantity'][$i], $_POST['item_options'][$i], $_POST['item_id'][$i] ]);
$delete_list[] = $_POST['item_id'][$i];
}
}
// Delete item
$in = str_repeat('?,', count($delete_list) - 1) . '?';
$stmt = $pdo->prepare('DELETE FROM transactions_items WHERE txn_id = ? AND id NOT IN (' . $in . ')');
$stmt->execute(array_merge([ $txn_id ], $delete_list));
} else {
// No item exists, delete all
$stmt = $pdo->prepare('DELETE FROM transactions_items WHERE txn_id = ?');
$stmt->execute([ $txn_id ]);
}
}
// Save captured data
if (isset($_GET['id'])) {
// Retrieve the transaction from the database
$stmt = $pdo->prepare('SELECT * FROM transactions WHERE id = ?');
$stmt->execute([ $_GET['id'] ]);
$transaction = $stmt->fetch(PDO::FETCH_ASSOC);
// Retrieve the transaction items from the database
$stmt = $pdo->prepare('SELECT * FROM transactions_items WHERE txn_id = ?');
$stmt->execute([ $transaction['txn_id'] ]);
$transactions_items = $stmt->fetchAll(PDO::FETCH_ASSOC);
// ID param exists, edit an existing transaction
$page = 'Edit';
if (isset($_POST['submit'])) {
// Update the transaction
$stmt = $pdo->prepare('UPDATE transactions SET txn_id = ?, payment_amount = ?, payment_status = ?, created = ?, payer_email = ?, first_name = ?, last_name = ?, address_street = ?, address_city = ?, address_state = ?, address_zip = ?, address_country = ?, account_id = ?, payment_method = ?, discount_code = ?, shipping_method = ?, shipping_amount = ?, address_phone= ? WHERE id = ?');
$stmt->execute([ $_POST['txn_id'], $_POST['amount'], $_POST['status'], date('Y-m-d H:i:s', strtotime($_POST['created'])), $_POST['email'], $_POST['first_name'], $_POST['last_name'], $_POST['address_street'], $_POST['address_city'], $_POST['address_state'], $_POST['address_zip'], $_POST['address_country'], empty($_POST['account']) ? NULL : $_POST['account'], $_POST['method'], $_POST['discount_code'], $_POST['shipping_method'], $_POST['shipping_amount'], $_POST['address_phone'], $_GET['id'] ]);
addOrderItems($pdo, $_POST['txn_id']);
if ($_POST['status'] == 'Paid'){
createGiftCart($pdo, $_POST['txn_id']);
include_once('./factuur.php');
}
header('Location: index.php?page=orders&success_msg=2');
exit;
}
if (isset($_POST['delete'])) {
// Delete the transaction
$stmt = $pdo->prepare('DELETE t, ti FROM transactions t LEFT JOIN transactions_items ti ON ti.txn_id = t.txn_id WHERE t.id = ?');
$stmt->execute([ $_GET['id'] ]);
// Deactive giftcards
removeGiftCart($pdo, $_POST['txn_id']);
header('Location: index.php?page=orders&success_msg=3');
exit;
}
} else {
// Create a new transaction
$page = 'Create';
if (isset($_POST['submit'])) {
$stmt = $pdo->prepare('INSERT INTO transactions (txn_id,payment_amount,payment_status,created,payer_email,first_name,last_name,address_street,address_city,address_state,address_zip,address_country,account_id,payment_method,discount_code,shipping_method,shipping_amount, address_phone) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)');
$stmt->execute([ $_POST['txn_id'], $_POST['amount'], $_POST['status'], date('Y-m-d H:i:s', strtotime($_POST['created'])), $_POST['email'], $_POST['first_name'], $_POST['last_name'], $_POST['address_street'], $_POST['address_city'], $_POST['address_state'], $_POST['address_zip'], $_POST['address_country'], empty($_POST['account']) ? NULL : $_POST['account'], $_POST['method'], $_POST['discount_code'], $_POST['shipping_method'], $_POST['shipping_amount'], $_POST['address_phone'] ]);
addOrderItems($pdo, $_POST['txn_id']);
header('Location: index.php?page=orders&success_msg=1');
exit;
}
}
?>
<?=template_admin_header($page . ' Order', 'orders', 'manage')?>
<form action="" method="post">
<div class="content-title">
<h2><?=$page?> Order</h2>
<a href="index.php?page=orders" class="btn alt mar-right-2">Cancel</a>
<?php if ($page == 'Edit'): ?>
<input type="submit" name="delete" value="Delete" class="btn red mar-right-2" onclick="return confirm('Are you sure you want to delete this order?')">
<?php endif; ?>
<input type="submit" name="submit" value="Save" class="btn">
</div>
<div class="tabs">
<a href="#" class="active">Details</a>
<a href="#">Address</a>
<a href="#">Items</a>
</div>
<div class="content-block tab-content active">
<div class="form responsive-width-100">
<label for="txn_id"><i class="required">*</i> Transaction ID</label>
<input id="txn_id" type="text" name="txn_id" placeholder="Transaction ID" value="<?=$transaction['txn_id']?>" required>
<label for="status"><i class="required">*</i> Status</label>
<select id="status" name="status" required>
<option value="New"<?=$transaction['payment_status']=='New'?' selected':''?>>New</option>
<option value="Paid"<?=$transaction['payment_status']=='Paid'?' selected':''?>>Paid</option>
<option value="Pending"<?=$transaction['payment_status']=='Pending'?' selected':''?>>Pending</option>
<option value="Completed"<?=$transaction['payment_status']=='Completed'?' selected':''?>>Completed</option>
<option value="Cancelled"<?=$transaction['payment_status']=='Cancelled'?' selected':''?>>Cancelled</option>
<option value="Failed"<?=$transaction['payment_status']=='Failed'?' selected':''?>>Failed</option>
<option value="Reversed"<?=$transaction['payment_status']=='Reversed'?' selected':''?>>Reversed</option>
<option value="Refunded"<?=$transaction['payment_status']=='Refunded'?' selected':''?>>Refunded</option>
<option value="Shipped"<?=$transaction['payment_status']=='Shipped'?' selected':''?>>Shipped</option>
</select>
<label for="amount"><i class="required">*</i> Payment Amount</label>
<input id="amount" type="number" name="amount" placeholder="0.00" value="<?=$transaction['payment_amount']?>" step=".01" required>
<label for="email"><i class="required">*</i> Customer Email</label>
<input id="email" type="email" name="email" placeholder="joebloggs@example.com" value="<?=htmlspecialchars($transaction['payer_email'], ENT_QUOTES)?>" required>
<label for="account">Account</label>
<select id="account" name="account">
<option value=""<?=$transaction['account_id']==NULL?' selected':''?>>(none)</option>
<?php foreach ($accounts as $account): ?>
<option value="<?=$account['id']?>"<?=$account['id']==$transaction['account_id']?' selected':''?>><?=$account['id']?> - <?=htmlspecialchars($account['email'], ENT_QUOTES)?></option>
<?php endforeach; ?>
</select>
<label for="first_name">First Name</label>
<input id="first_name" type="text" name="first_name" placeholder="Joe" value="<?=htmlspecialchars($transaction['first_name'], ENT_QUOTES)?>">
<label for="last_name">Last Name</label>
<input id="last_name" type="text" name="last_name" placeholder="Bloggs" value="<?=htmlspecialchars($transaction['last_name'], ENT_QUOTES)?>">
<label for="method">Payment Method</label>
<input id="method" type="text" name="method" placeholder="website" value="<?=$transaction['payment_method']?>">
<label for="shipping_method">Shipping Method</label>
<input id="shipping_method" type="text" name="shipping_method" placeholder="Standard" value="<?=$transaction['shipping_method']?>">
<label for="shipping_amount"><i class="required">*</i> Shipping Amount</label>
<input id="shipping_amount" type="number" name="shipping_amount" placeholder="0.00" value="<?=$transaction['shipping_amount']?>" step=".01" required>
<label for="discount_code">Discount Code</label>
<input id="discount_code" type="text" name="discount_code" placeholder="Discount Code" value="<?=htmlspecialchars($transaction['discount_code'], ENT_QUOTES)?>">
<label for="created"><i class="required">*</i> Date</label>
<input id="created" type="datetime-local" name="created" value="<?=date('Y-m-d\TH:i', strtotime($transaction['created']))?>" required>
</div>
</div>
<div class="content-block tab-content">
<div class="form responsive-width-100">
<label for="address_street">Address Street</label>
<input id="address_street" type="text" name="address_street" placeholder="" value="<?=htmlspecialchars($transaction['address_street'], ENT_QUOTES)?>">
<label for="address_city">Address City</label>
<input id="address_city" type="text" name="address_city" placeholder="" value="<?=htmlspecialchars($transaction['address_city'], ENT_QUOTES)?>">
<label for="address_state">Address State</label>
<input id="address_state" type="text" name="address_state" placeholder="" value="<?=htmlspecialchars($transaction['address_state'], ENT_QUOTES)?>">
<label for="address_zip">Address Zip</label>
<input id="address_zip" type="text" name="address_zip" placeholder="" value="<?=htmlspecialchars($transaction['address_zip'], ENT_QUOTES)?>">
<label for="address_phone">Phone</label>
<input id="address_phone" type="text" name="address_phone" placeholder="" value="<?=htmlspecialchars($transaction['address_phone'], ENT_QUOTES)?>">
<label for="address_country">Country</label>
<select id="address_country" name="address_country" required>
<?php foreach(get_countries() as $country): ?>
<option value="<?=$country?>"<?=$country==$transaction['address_country']?' selected':''?>><?=$country?></option>
<?php endforeach; ?>
</select>
</div>
</div>
<div class="content-block tab-content">
<div class="table manage-order-table">
<table>
<thead>
<tr>
<td>Product</td>
<td>Price</td>
<td>Quantity</td>
<td>Options</td>
<td></td>
</tr>
</thead>
<tbody>
<?php if (empty($transactions_items)): ?>
<tr>
<td colspan="5" style="text-align:center;" class="no-order-items-msg">There are no order items</td>
</tr>
<?php else: ?>
<?php foreach ($transactions_items as $item): ?>
<tr>
<td>
<input type="hidden" name="item_id[]" value="<?=$item['id']?>">
<select name="item_product[]">
<?php foreach ($products as $product): ?>
<option value="<?=$product['id']?>"<?=$item['item_id']==$product['id']?' selected':''?>><?=$product['id']?> - <?=htmlspecialchars($product['name'], ENT_QUOTES)?></option>
<?php endforeach; ?>
</select>
</td>
<td><input name="item_price[]" type="number" placeholder="Price" value="<?=$item['item_price']?>" step=".01"></td>
<td><input name="item_quantity[]" type="number" placeholder="Quantity" value="<?=$item['item_quantity']?>"></td>
<td><input name="item_options[]" type="text" placeholder="Options" value="<?=htmlspecialchars($item['item_options'], ENT_QUOTES)?>"></td>
<td><i class="fa-solid fa-xmark delete-item"></i></td>
</tr>
<?php endforeach; ?>
<?php endif; ?>
</tbody>
</table>
<a href="#" class="add-item"><i class="fa-solid fa-plus"></i>Add Item</a>
</div>
</div>
</form>
<?=template_admin_footer('initManageOrder(' . json_encode($products) . ')')?>

172
admin/orders.php
View File

@@ -1,172 +0,0 @@
<?php
defined('admin') or exit;
// Retrieve the GET request parameters (if specified)
$pagination_page = isset($_GET['pagination_page']) ? $_GET['pagination_page'] : 1;
$search = isset($_GET['search']) ? $_GET['search'] : '';
// Filters parameters
$status = isset($_GET['status']) ? $_GET['status'] : '';
$method = isset($_GET['method']) ? $_GET['method'] : '';
$account_id = isset($_GET['account_id']) ? $_GET['account_id'] : '';
// Order by column
$order = isset($_GET['order']) && $_GET['order'] == 'ASC' ? 'ASC' : 'DESC';
// Add/remove columns to the whitelist array
$order_by_whitelist = ['id','first_name','total_products','payment_amount','payment_method','payment_status','created','payer_email'];
$order_by = isset($_GET['order_by']) && in_array($_GET['order_by'], $order_by_whitelist) ? $_GET['order_by'] : 'created';
// Number of results per pagination page
$results_per_page = 20;
// Declare query param variables
$param1 = ($pagination_page - 1) * $results_per_page;
$param2 = $results_per_page;
$param3 = '%' . $search . '%';
// SQL where clause
$where = '';
$where .= $search ? 'WHERE (t.first_name LIKE :search OR t.last_name LIKE :search OR t.id LIKE :search OR t.txn_id LIKE :search OR t.payer_email LIKE :search) ' : '';
// Add filters
// Payment status filter
if ($status == 1) $where .= $where ? 'AND payment_status = "Completed" ' : 'WHERE payment_status = "Completed" ';
if ($status == 2) $where .= $where ? 'AND payment_status = "Pending" ' : 'WHERE payment_status = "Pending" ';
if ($status == 3) $where .= $where ? 'AND payment_status = "Cancelled" ' : 'WHERE payment_status = "Cancelled" ';
if ($status == 4) $where .= $where ? 'AND payment_status = "Reversed" ' : 'WHERE payment_status = "Reversed" ';
if ($status == 5) $where .= $where ? 'AND payment_status = "Shipped" ' : 'WHERE payment_status = "Shipped" ';
// Payment method filter
if ($method == 1) $where .= $where ? 'AND payment_method = "website" ' : 'WHERE payment_status = "website" ';
if ($method == 2) $where .= $where ? 'AND payment_method = "paypal" ' : 'WHERE payment_status = "paypal" ';
if ($method == 3) $where .= $where ? 'AND payment_method = "stripe" ' : 'WHERE payment_status = "stripe" ';
// Account ID filter
if ($account_id) $where .= $where ? 'AND account_id = :account_id ' : 'WHERE account_id = :account_id ';
// Retrieve the total number of transactions
$stmt = $pdo->prepare('SELECT COUNT(DISTINCT t.id) AS total FROM transactions t LEFT JOIN transactions_items ti ON ti.txn_id = t.txn_id ' . $where);
if ($search) $stmt->bindParam('search', $param3, PDO::PARAM_STR);
if ($account_id) $stmt->bindParam('account_id', $account_id, PDO::PARAM_INT);
$stmt->execute();
$orders_total = $stmt->fetchColumn();
// Retrieve transactions
$stmt = $pdo->prepare('SELECT t.*, COUNT(ti.id) AS total_products FROM transactions t LEFT JOIN transactions_items ti ON ti.txn_id = t.txn_id ' . $where . ' GROUP BY t.id, t.txn_id, t.payment_amount, t.payment_status, t.created, t.payer_email, t.first_name, t.last_name, t.address_street, t.address_city, t.address_state, t.address_zip, t.address_country, t.account_id, t.payment_method, t.discount_code, t.shipping_method, t.shipping_amount ORDER BY ' . $order_by . ' ' . $order . ' LIMIT :start_results,:num_results');
// Bind params
$stmt->bindParam('start_results', $param1, PDO::PARAM_INT);
$stmt->bindParam('num_results', $param2, PDO::PARAM_INT);
if ($search) $stmt->bindParam('search', $param3, PDO::PARAM_STR);
if ($account_id) $stmt->bindParam('account_id', $account_id, PDO::PARAM_INT);
$stmt->execute();
// Retrieve query results
$orders = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Determine the URL
$url = 'index.php?page=orders&search=' . $search . '&status=' . $status . '&method=' . $method . '&account_id=' . $account_id;
// Handle success messages
if (isset($_GET['success_msg'])) {
if ($_GET['success_msg'] == 1) {
$success_msg = 'Order created successfully!';
}
if ($_GET['success_msg'] == 2) {
$success_msg = 'Order updated successfully!';
}
if ($_GET['success_msg'] == 3) {
$success_msg = 'Order deleted successfully!';
}
}
?>
<?=template_admin_header('Orders', 'orders')?>
<div class="content-title">
<div class="title">
<i class="fa-solid fa-cart-shopping"></i>
<div class="txt">
<h2>Orders</h2>
<p>View, create, and search orders.</p>
</div>
</div>
</div>
<?php if (isset($success_msg)): ?>
<div class="msg success">
<i class="fas fa-check-circle"></i>
<p><?=$success_msg?></p>
<i class="fas fa-times"></i>
</div>
<?php endif; ?>
<div class="content-header responsive-flex-column pad-top-5">
<a href="index.php?page=order_manage" class="btn">Create Order</a>
<form action="" method="get">
<input type="hidden" name="page" value="orders">
<div class="filters">
<a href="#"><i class="fas fa-sliders-h"></i> Filters</a>
<div class="list">
<select name="status">
<option value="" disabled selected>Status</option>
<option value="1"<?=$status==1?' selected':''?>>Completed</option>
<option value="2"<?=$status==2?' selected':''?>>Pending</option>
<option value="3"<?=$status==3?' selected':''?>>Cancelled</option>
<option value="4"<?=$status==4?' selected':''?>>Reversed</option>
<option value="5"<?=$status==5?' selected':''?>>Shipped</option>
</select>
<select name="method">
<option value="" disabled selected>Method</option>
<option value="1"<?=$method==1?' selected':''?>>Website</option>
<option value="2"<?=$method==2?' selected':''?>>PayPal</option>
<option value="3"<?=$method==3?' selected':''?>>Stripe</option>
</select>
<button type="submit">Apply</button>
</div>
</div>
<div class="search">
<label for="search">
<input id="search" type="text" name="search" placeholder="Search order..." value="<?=htmlspecialchars($search, ENT_QUOTES)?>" class="responsive-width-100">
<i class="fas fa-search"></i>
</label>
</div>
</form>
</div>
<div class="content-block">
<div class="table">
<table>
<thead>
<tr>
<td><a href="<?=$url . '&order=' . ($order=='ASC'?'DESC':'ASC') . '&order_by=id'?>">#<?php if ($order_by=='id'): ?><i class="fas fa-level-<?=str_replace(['ASC', 'DESC'], ['up','down'], $order)?>-alt fa-xs"></i><?php endif; ?></a></td>
<td><a href="<?=$url . '&order=' . ($order=='ASC'?'DESC':'ASC') . '&order_by=first_name'?>">Customer<?php if ($order_by=='first_name'): ?><i class="fas fa-level-<?=str_replace(['ASC', 'DESC'], ['up','down'], $order)?>-alt fa-xs"></i><?php endif; ?></a></td>
<td class="responsive-hidden"><a href="<?=$url . '&order=' . ($order=='ASC'?'DESC':'ASC') . '&order_by=payer_email'?>">Email<?php if ($order_by=='payer_email'): ?><i class="fas fa-level-<?=str_replace(['ASC', 'DESC'], ['up','down'], $order)?>-alt fa-xs"></i><?php endif; ?></a></td>
<td class="responsive-hidden"><a href="<?=$url . '&order=' . ($order=='ASC'?'DESC':'ASC') . '&order_by=total_products'?>">Products<?php if ($order_by=='total_products'): ?><i class="fas fa-level-<?=str_replace(['ASC', 'DESC'], ['up','down'], $order)?>-alt fa-xs"></i><?php endif; ?></a></td>
<td><a href="<?=$url . '&order=' . ($order=='ASC'?'DESC':'ASC') . '&order_by=payment_amount'?>">Total<?php if ($order_by=='payment_amount'): ?><i class="fas fa-level-<?=str_replace(['ASC', 'DESC'], ['up','down'], $order)?>-alt fa-xs"></i><?php endif; ?></a></td>
<td class="responsive-hidden"><a href="<?=$url . '&order=' . ($order=='ASC'?'DESC':'ASC') . '&order_by=payment_method'?>">Method<?php if ($order_by=='payment_method'): ?><i class="fas fa-level-<?=str_replace(['ASC', 'DESC'], ['up','down'], $order)?>-alt fa-xs"></i><?php endif; ?></a></td>
<td class="responsive-hidden"><a href="<?=$url . '&order=' . ($order=='ASC'?'DESC':'ASC') . '&order_by=payment_status'?>">Status<?php if ($order_by=='payment_status'): ?><i class="fas fa-level-<?=str_replace(['ASC', 'DESC'], ['up','down'], $order)?>-alt fa-xs"></i><?php endif; ?></a></td>
<td class="responsive-hidden"><a href="<?=$url . '&order=' . ($order=='ASC'?'DESC':'ASC') . '&order_by=created'?>">Date<?php if ($order_by=='created'): ?><i class="fas fa-level-<?=str_replace(['ASC', 'DESC'], ['up','down'], $order)?>-alt fa-xs"></i><?php endif; ?></a></td>
<td>Actions</td>
</tr>
</thead>
<tbody>
<?php if (empty($orders)): ?>
<tr>
<td colspan="9" style="text-align:center;">There are no orders</td>
</tr>
<?php else: ?>
<?php foreach ($orders as $i): ?>
<tr>
<td><?=$i['id']?></td>
<td><?=htmlspecialchars($i['first_name'], ENT_QUOTES)?> <?=htmlspecialchars($i['last_name'], ENT_QUOTES)?></td>
<td class="responsive-hidden"><?=htmlspecialchars($i['payer_email'], ENT_QUOTES)?></td>
<td class="responsive-hidden"><?=$i['total_products']?></td>
<td><?=currency_code?><?=number_format($i['payment_amount'], 2)?></td>
<td class="responsive-hidden"><?=$i['payment_method']?></td>
<td class="responsive-hidden"><span class="status <?=strtolower($i['payment_status'])?>"><?=$i['payment_status']?></span></td>
<td class="responsive-hidden"><?=date('F j, Y', strtotime($i['created']))?></td>
<td><a href="index.php?page=order&id=<?=$i['id']?>" class="link1">View</a> <a href="index.php?page=order_manage&id=<?=$i['id']?>" class="link1">Edit</a></td>
</tr>
<?php endforeach; ?>
<?php endif; ?>
</tbody>
</table>
</div>
</div>
<div class="pagination">
<?php if ($pagination_page > 1): ?>
<a href="<?=$url?>&pagination_page=<?=$pagination_page-1?>&order=<?=$order?>&order_by=<?=$order_by?>">Prev</a>
<?php endif; ?>
<span>Page <?=$pagination_page?> of <?=ceil($orders_total / $results_per_page) == 0 ? 1 : ceil($orders_total / $results_per_page)?></span>
<?php if ($pagination_page * $results_per_page < $orders_total): ?>
<a href="<?=$url?>&pagination_page=<?=$pagination_page+1?>&order=<?=$order?>&order_by=<?=$order_by?>">Next</a>
<?php endif; ?>
</div>
<?=template_admin_footer()?>

437
admin/product.php
View File

@@ -1,437 +0,0 @@
<?php
defined('admin') or exit;
// Default input product values
$product = [
'name' => '',
'description' => '',
'price' => '',
'rrp' => '',
'quantity' => '',
'date_added' => date('Y-m-d\TH:i'),
'media' => [],
'categories' => [],
'options' => [],
'downloads' => [],
'weight' => '',
'url_slug' => '',
'status' => 1,
'productcode' => ''
];
// Get all the categories from the database
$stmt = $pdo->query('SELECT * FROM categories');
$stmt->execute();
$categories = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Add product images to the database
function addProductImages($pdo, $product_id) {
// Get the total number of media
if (isset($_POST['media']) && is_array($_POST['media']) && count($_POST['media']) > 0) {
// Iterate media
$delete_list = [];
for ($i = 0; $i < count($_POST['media']); $i++) {
// If the media doesnt exist in the database
if (!intval($_POST['media_product_id'][$i])) {
// Insert new media
$stmt = $pdo->prepare('INSERT INTO products_media (product_id,media_id,position) VALUES (?,?,?)');
$stmt->execute([ $product_id, $_POST['media'][$i], $_POST['media_position'][$i] ]);
$delete_list[] = $pdo->lastInsertId();
} else {
// Update existing media
$stmt = $pdo->prepare('UPDATE products_media SET position = ? WHERE id = ?');
$stmt->execute([ $_POST['media_position'][$i], $_POST['media_product_id'][$i] ]);
$delete_list[] = $_POST['media_product_id'][$i];
}
}
// Delete media
$in = str_repeat('?,', count($delete_list) - 1) . '?';
$stmt = $pdo->prepare('DELETE FROM products_media WHERE product_id = ? AND id NOT IN (' . $in . ')');
$stmt->execute(array_merge([ $product_id ], $delete_list));
} else {
// No media exists, delete all
$stmt = $pdo->prepare('DELETE FROM products_media WHERE product_id = ?');
$stmt->execute([ $product_id ]);
}
}
// Add product categories to the database
function addProductCategories($pdo, $product_id) {
if (isset($_POST['categories']) && is_array($_POST['categories']) && count($_POST['categories']) > 0) {
$in = str_repeat('?,', count($_POST['categories']) - 1) . '?';
$stmt = $pdo->prepare('DELETE FROM products_categories WHERE product_id = ? AND category_id NOT IN (' . $in . ')');
$stmt->execute(array_merge([ $product_id ], $_POST['categories']));
foreach ($_POST['categories'] as $cat) {
$stmt = $pdo->prepare('INSERT IGNORE INTO products_categories (product_id,category_id) VALUES (?,?)');
$stmt->execute([ $product_id, $cat ]);
}
} else {
$stmt = $pdo->prepare('DELETE FROM products_categories WHERE product_id = ?');
$stmt->execute([ $product_id ]);
}
}
// Add product options to the database
function addProductOptions($pdo, $product_id) {
if (isset($_POST['option_title']) && is_array($_POST['option_title']) && count($_POST['option_title']) > 0) {
$delete_list = [];
for ($i = 0; $i < count($_POST['option_title']); $i++) {
$delete_list[] = $_POST['option_title'][$i] . '__' . $_POST['option_name'][$i];
$stmt = $pdo->prepare('INSERT INTO products_options (title,name,quantity,price,price_modifier,weight,weight_modifier,type,required,position,product_id) VALUES (?,?,?,?,?,?,?,?,?,?,?) ON DUPLICATE KEY UPDATE quantity = VALUES(quantity), price = VALUES(price), price_modifier = VALUES(price_modifier), weight = VALUES(weight), weight_modifier = VALUES(weight_modifier), type = VALUES(type), required = VALUES(required), position = VALUES(position)');
$stmt->execute([ $_POST['option_title'][$i], $_POST['option_name'][$i], empty($_POST['option_quantity'][$i]) ? -1 : $_POST['option_quantity'][$i], empty($_POST['option_price'][$i]) ? 0.00 : $_POST['option_price'][$i], $_POST['option_price_modifier'][$i], empty($_POST['option_weight'][$i]) ? 0.00 : $_POST['option_weight'][$i], $_POST['option_weight_modifier'][$i], $_POST['option_type'][$i], $_POST['option_required'][$i], $_POST['option_position'][$i], $product_id ]);
}
$in = str_repeat('?,', count($delete_list) - 1) . '?';
$stmt = $pdo->prepare('DELETE FROM products_options WHERE product_id = ? AND CONCAT(title, "__", name) NOT IN (' . $in . ')');
$stmt->execute(array_merge([ $product_id ], $delete_list));
} else {
$stmt = $pdo->prepare('DELETE FROM products_options WHERE product_id = ?');
$stmt->execute([ $product_id ]);
}
}
// Add product downloads to the database
function addProductDownloads($pdo, $product_id) {
if (isset($_POST['download_file_path']) && is_array($_POST['download_file_path']) && count($_POST['download_file_path']) > 0) {
$delete_list = [];
for ($i = 0; $i < count($_POST['download_file_path']); $i++) {
$delete_list[] = $_POST['download_file_path'][$i];
$stmt = $pdo->prepare('INSERT INTO products_downloads (product_id,file_path,position) VALUES (?,?,?) ON DUPLICATE KEY UPDATE position = VALUES(position)');
$stmt->execute([ $product_id, $_POST['download_file_path'][$i], $_POST['download_position'][$i] ]);
}
$in = str_repeat('?,', count($delete_list) - 1) . '?';
$stmt = $pdo->prepare('DELETE FROM products_downloads WHERE product_id = ? AND file_path NOT IN (' . $in . ')');
$stmt->execute(array_merge([ $product_id ], $delete_list));
} else {
$stmt = $pdo->prepare('DELETE FROM products_downloads WHERE product_id = ?');
$stmt->execute([ $product_id ]);
}
}
if (isset($_GET['id'])) {
// ID param exists, edit an existing product
$page = 'Edit';
if (isset($_POST['submit'])) {
//decode product_config to JSON
$product_config = $_POST['product_config'] ?? '';
$productcode = $_POST['productcode'] ?? '';
// Update the product
$stmt = $pdo->prepare('UPDATE products SET name = ?, description = ?, price = ?, rrp = ?, quantity = ?, date_added = ?, weight = ?, url_slug = ?, status = ?, product_config = ?, productcode = ? WHERE id = ?');
$stmt->execute([ $_POST['name'], $_POST['description'], empty($_POST['price']) ? 0.00 : $_POST['price'], empty($_POST['rrp']) ? 0.00 : $_POST['rrp'], $_POST['quantity'], date('Y-m-d H:i:s', strtotime($_POST['date'])), empty($_POST['weight']) ? 0.00 : $_POST['weight'], $_POST['url_slug'], $_POST['status'], $product_config, $productcode, $_GET['id'] ]);
addProductImages($pdo, $_GET['id']);
addProductCategories($pdo, $_GET['id']);
addProductOptions($pdo, $_GET['id']);
addProductDownloads($pdo, $_GET['id']);
// Clear session cart
if (isset($_SESSION['cart'])) {
unset($_SESSION['cart']);
}
header('Location: index.php?page=products&success_msg=2');
exit;
}
if (isset($_POST['delete'])) {
// Redirect and delete product
header('Location: index.php?page=products&delete=' . $_GET['id']);
exit;
}
// Get the product and its images from the database
$stmt = $pdo->prepare('SELECT * FROM products WHERE id = ?');
$stmt->execute([ $_GET['id'] ]);
$product = $stmt->fetch(PDO::FETCH_ASSOC);
// get product media
$stmt = $pdo->prepare('SELECT m.*, pm.position, pm.id AS product_id FROM media m JOIN products_media pm ON pm.media_id = m.id JOIN products p ON p.id = pm.product_id WHERE p.id = ? ORDER BY pm.position');
$stmt->execute([ $_GET['id'] ]);
$product['media'] = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Get the product categories
$stmt = $pdo->prepare('SELECT c.name, c.id FROM products_categories pc JOIN categories c ON c.id = pc.category_id WHERE pc.product_id = ?');
$stmt->execute([ $_GET['id'] ]);
$product['categories'] = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Get the product options
$stmt = $pdo->prepare('SELECT title, type, GROUP_CONCAT(name) AS list FROM products_options WHERE product_id = ? GROUP BY title, type, position ORDER BY position');
$stmt->execute([ $_GET['id'] ]);
$product['options'] = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Get the product full options
$stmt = $pdo->prepare('SELECT * FROM products_options WHERE product_id = ? ORDER BY id');
$stmt->execute([ $_GET['id'] ]);
$product['options_full'] = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Get the product downloads
$stmt = $pdo->prepare('SELECT * FROM products_downloads WHERE product_id = ? ORDER BY position');
$stmt->execute([ $_GET['id'] ]);
$product['downloads'] = $stmt->fetchAll(PDO::FETCH_ASSOC);
} else {
// Create a new product
$page = 'Create';
if (isset($_POST['submit'])) {
$product_config = $_POST['product_config'] ?? '';
$productcode = $_POST['productcode'] ?? '';
$stmt = $pdo->prepare('INSERT INTO products (name,description,price,rrp,quantity,date_added,weight,url_slug,status, product_config, productcode) VALUES (?,?,?,?,?,?,?,?,?,?,?)');
$stmt->execute([ $_POST['name'], $_POST['description'], empty($_POST['price']) ? 0.00 : $_POST['price'], empty($_POST['rrp']) ? 0.00 : $_POST['rrp'], $_POST['quantity'], date('Y-m-d H:i:s', strtotime($_POST['date'])), empty($_POST['weight']) ? 0.00 : $_POST['weight'], $_POST['url_slug'], $_POST['status'], $product_config, $productcode ]);
$id = $pdo->lastInsertId();
addProductImages($pdo, $id);
addProductCategories($pdo, $id);
addProductOptions($pdo, $id);
addProductDownloads($pdo, $id);
// Clear session cart
if (isset($_SESSION['cart'])) {
unset($_SESSION['cart']);
}
header('Location: index.php?page=products&success_msg=1');
exit;
}
}
?>
<?=template_admin_header($page . ' Product', 'products', 'manage')?>
<form action="" method="post">
<div class="content-title responsive-flex-wrap responsive-pad-bot-3">
<h2 class="responsive-width-100"><?=$page?> Product</h2>
<a href="index.php?page=products" class="btn alt mar-right-2">Cancel</a>
<?php if ($page == 'Edit'): ?>
<input type="submit" name="delete" value="Delete" class="btn red mar-right-2" onclick="return confirm('Are you sure you want to delete this product?')">
<?php endif; ?>
<input type="submit" name="submit" value="Save" class="btn">
</div>
<div class="tabs">
<a href="#" class="active">General</a>
<a href="#">Media</a>
<a href="#">Configuration</a>
<a href="#">Options</a>
<a href="#">Downloads</a>
</div>
<!-- general tab -->
<div class="content-block tab-content active">
<div class="form responsive-width-100">
<label for="name"> Productcode</label>
<input id="name" type="text" name="productcode" placeholder="Productcode" value="<?=$product['productcode']?>">
<label for="name"><i class="required">*</i> Name</label>
<input id="name" type="text" name="name" placeholder="Name" value="<?=$product['name']?>" required>
<label for="description">Description (HTML)</label>
<textarea id="description" name="description" placeholder="Product Description..."><?=$product['description']?></textarea>
<label for="url_slug">URL Slug</label>
<input id="url_slug" type="text" name="url_slug" placeholder="your-product-name" value="<?=$product['url_slug']?>" title="If the rewrite URL setting is enabled, the URL slug will appear after the trailing slash as opposed to the product ID.">
<label for="price"><i class="required">*</i> Price</label>
<input id="price" type="number" name="price" placeholder="Price" min="0" step=".01" value="<?=$product['price']?>" required>
<label for="rrp">RRP</label>
<input id="rrp" type="number" name="rrp" placeholder="RRP" min="0" step=".01" value="<?=$product['rrp']?>">
<label for="quantity"><i class="required">*</i> Quantity</span></label>
<input id="quantity" type="number" name="quantity" placeholder="Quantity" min="-1" value="<?=$product['quantity']?>" title="-1 = unlimited" required>
<label for="category">Categories</label>
<div class="multiselect" data-name="categories[]">
<?php foreach ($product['categories'] as $cat): ?>
<span class="item" data-value="<?=$cat['id']?>">
<i class="remove">&times;</i><?=$cat['name']?>
<input type="hidden" name="categories[]" value="<?=$cat['id']?>">
</span>
<?php endforeach; ?>
<input type="text" class="search" id="category" placeholder="Categories">
<div class="list">
<?php foreach ($categories as $cat): ?>
<span data-value="<?=$cat['id']?>"><?=$cat['name']?></span>
<?php endforeach; ?>
</div>
</div>
<label for="weight">Weight (lbs)</span></label>
<input id="weight" type="number" name="weight" placeholder="Weight (lbs)" min="0" value="<?=$product['weight']?>">
<label for="status">Status</label>
<select id="status" name="status">
<option value="1"<?=$product['status']==1?' selected':''?>>Enabled</option>
<option value="0"<?=$product['status']==0?' selected':''?>>Disabled</option>
</select>
<label for="date"><i class="required">*</i> Date Added</label>
<input id="date" type="datetime-local" name="date" placeholder="Date" value="<?=date('Y-m-d\TH:i', strtotime($product['date_added']))?>" required>
</div>
</div>
<!-- product media tab -->
<div class="content-block tab-content">
<div class="pad-3 product-media-tab responsive-width-100">
<h3 class="title1 mar-bot-5">Images</h3>
<div class="product-media-container">
<?php if (isset($product['media'])): ?>
<?php foreach ($product['media'] as $i => $media): ?>
<div class="product-media">
<span class="media-index responsive-hidden"><?=$i+1?></span>
<a class="media-img" href="../<?=$media['full_path']?>" target="_blank">
<img src="../<?=$media['full_path']?>">
</a>
<div class="media-text">
<h3 class="responsive-hidden"><?=$media['title']?></h3>
<p class="responsive-hidden"><?=$media['caption']?></p>
</div>
<div class="media-position">
<i class="fas fa-times media-delete"></i>
<i class="fas fa-arrow-up move-up"></i>
<i class="fas fa-arrow-down move-down"></i>
</div>
<input type="hidden" class="input-media-id" name="media[]" value="<?=$media['id']?>">
<input type="hidden" class="input-media-product-id" name="media_product_id[]" value="<?=$media['product_id']?>">
<input type="hidden" class="input-media-position" name="media_position[]" value="<?=$media['position']?>">
</div>
<?php endforeach; ?>
<?php endif; ?>
<?php if (empty($product['media'])): ?>
<p class="no-images-msg">There are no images.</p>
<?php endif; ?>
</div>
<a href="#" class="btn open-media-library-modal mar-bot-2 mar-top-4">Add Media</a>
</div>
</div>
<!-- product media configuration -->
<div class="content-block tab-content">
<div class="pad-3 product-media-tab responsive-width-100">
<h3 class="title1 mar-bot-5">Available Images</h3>
<div class="product-media-container">
<?php if (isset($product['media'])): ?>
<div class="product-media">
<?php foreach ($product['media'] as $i => $media): ?>
<span class="media-index"><?=$media['id']?></span>
<a class="media-img" href="../<?=$media['full_path']?>" target="_blank">
<img src="../<?=$media['full_path']?>">
</a>
<?php endforeach; ?>
</div>
<?php endif; ?>
<?php if (empty($product['media'])): ?>
<p class="no-images-msg">There are no images.</p>
<?php endif; ?>
</div>
<h3 class="title1 mar-bot-5">Available Options</h3>
<div class="">
<?php if (isset($product['options'])): ?>
<?php foreach ($product['options'] as $i => $option): ?>
<div style="display: flex;">
<?php foreach ($product['options_full'] as $option_full): ?>
<?php if ($option['title'] != $option_full['title']) continue; ?>
<p><?=$option_full['id']?> - <?=$option_full['name']?> - <?=$option_full['title']?></p>
<?php endforeach; ?>
</div>
<?php endforeach; ?>
<?php endif; ?>
<?php if (empty($product['options'])): ?>
<p class="no-options-msg">There are no options.</p>
<?php endif; ?>
</div>
<h3 class="title1 mar-bot-5">Configuration JSON Profile</h3>
<textarea name="product_config" id="product_config" style="width:100%;min-height: 50vh;"><?=$product['product_config']?></textarea>
</div>
</div>
<!-- options tab -->
<div class="content-block tab-content">
<div class="pad-3 product-options-tab responsive-width-100">
<h3 class="title1 mar-bot-5">Options (be aware of changing optionIDs)</h3>
<div class="product-options-container">
<?php if (isset($product['options'])): ?>
<?php foreach ($product['options'] as $i => $option): ?>
<div class="product-option">
<span class="option-index responsive-hidden"><?=$i+1?></span>
<div class="option-text">
<h3><?=$option['title']?> (<?=$option['type']?>)</h3>
<p><?=str_replace(',', ', ', $option['list'])?></p>
</div>
<div class="option-position">
<i class="fas fa-pen option-edit"></i>
<i class="fas fa-times option-delete"></i>
<i class="fas fa-arrow-up move-up"></i>
<i class="fas fa-arrow-down move-down"></i>
</div>
<?php foreach ($product['options_full'] as $option_full): ?>
<?php if ($option['title'] != $option_full['title']) continue; ?>
<div class="input-option-value">
<input type="hidden" class="input-option-title" name="option_title[]" value="<?=$option_full['title']?>">
<input type="hidden" class="input-option-name" name="option_name[]" value="<?=$option_full['name']?>">
<input type="hidden" class="input-option-quantity" name="option_quantity[]" value="<?=$option_full['quantity']?>">
<input type="hidden" class="input-option-price" name="option_price[]" value="<?=$option_full['price']?>">
<input type="hidden" class="input-option-price-modifier" name="option_price_modifier[]" value="<?=$option_full['price_modifier']?>">
<input type="hidden" class="input-option-weight" name="option_weight[]" value="<?=$option_full['weight']?>">
<input type="hidden" class="input-option-weight-modifier" name="option_weight_modifier[]" value="<?=$option_full['weight_modifier']?>">
<input type="hidden" class="input-option-type" name="option_type[]" value="<?=$option_full['type']?>">
<input type="hidden" class="input-option-required" name="option_required[]" value="<?=$option_full['required']?>">
<input type="hidden" class="input-option-position" name="option_position[]" value="<?=$option_full['position']?>">
</div>
<?php endforeach; ?>
</div>
<?php endforeach; ?>
<?php endif; ?>
<?php if (empty($product['options'])): ?>
<p class="no-options-msg">There are no options.</p>
<?php endif; ?>
</div>
<a href="#" class="btn open-options-modal mar-bot-2 mar-top-4">Add Option</a>
</div>
</div>
<!-- digital downloads tab -->
<div class="content-block tab-content">
<div class="pad-3 product-options-tab responsive-width-100">
<h3 class="title1 mar-bot-5">Digital Downloads</h3>
<div class="product-downloads-container">
<?php if (isset($product['downloads'])): ?>
<?php foreach ($product['downloads'] as $i => $download): ?>
<?php if (!file_exists('../' . $download['file_path'])) continue; ?>
<div class="product-download">
<span class="download-index responsive-hidden"><?=$i+1?></span>
<div class="download-text">
<h3><?=$download['file_path']?></h3>
<p><?=mime_content_type('../' . $download['file_path'])?>, <?=format_bytes(filesize('../' . $download['file_path']))?></p>
</div>
<div class="download-position">
<i class="fas fa-times download-delete"></i>
<i class="fas fa-arrow-up move-up"></i>
<i class="fas fa-arrow-down move-down"></i>
</div>
<div class="input-option-value">
<input type="hidden" class="input-download-file-path" name="download_file_path[]" value="<?=$download['file_path']?>">
<input type="hidden" class="input-download-position" name="download_position[]" value="<?=$download['position']?>">
</div>
</div>
<?php endforeach; ?>
<?php endif; ?>
<?php if (empty($product['downloads'])): ?>
<p class="no-downloads-msg">There are no digital downloads.</p>
<?php endif; ?>
</div>
<a href="#" class="btn open-downloads-modal mar-bot-2 mar-top-4">Add Digital Download</a>
</div>
</div>
</form>
<?=template_admin_footer('initProduct()')?>

177
admin/products.php
View File

@@ -1,177 +0,0 @@
<?php
defined('admin') or exit;
// Retrieve the GET request parameters (if specified)
$pagination_page = isset($_GET['pagination_page']) ? $_GET['pagination_page'] : 1;
$search = isset($_GET['search']) ? $_GET['search'] : '';
// Filters parameters
$status = isset($_GET['status']) ? $_GET['status'] : '';
$quantity = isset($_GET['quantity']) ? $_GET['quantity'] : '';
// Order by column
$order = isset($_GET['order']) && $_GET['order'] == 'DESC' ? 'DESC' : 'ASC';
// Add/remove columns to the whitelist array
$order_by_whitelist = ['id','name','price','quantity','date_added','status'];
$order_by = isset($_GET['order_by']) && in_array($_GET['order_by'], $order_by_whitelist) ? $_GET['order_by'] : 'id';
// Number of results per pagination page
$results_per_page = 20;
// Declare query param variables
$param1 = ($pagination_page - 1) * $results_per_page;
$param2 = $results_per_page;
$param3 = '%' . $search . '%';
// SQL where clause
$where = '';
$where .= $search ? 'WHERE (p.name LIKE :search) ' : '';
// Add filters
if ($status == 'one') {
$where .= $where ? 'AND p.status = 1 ' : 'WHERE p.status = 1 ';
}
if ($status == 'zero') {
$where .= $where ? 'AND p.status = 0 ' : 'WHERE p.status = 0 ';
}
if ($quantity == 'zero') {
$where .= $where ? 'AND p.quantity = 0 ' : 'WHERE p.quantity = 0 ';
}
// Retrieve the total number of products
$stmt = $pdo->prepare('SELECT COUNT(*) AS total FROM products p ' . $where);
if ($search) $stmt->bindParam('search', $param3, PDO::PARAM_STR);
$stmt->execute();
$products_total = $stmt->fetchColumn();
// SQL query to get all products from the "products" table
$stmt = $pdo->prepare('SELECT p.*, GROUP_CONCAT(m2.full_path) AS imgs FROM products p LEFT JOIN (SELECT pm.id, pm.product_id, m.full_path FROM products_media pm JOIN media m ON m.id = pm.media_id GROUP BY pm.id, pm.product_id, m.full_path) m2 ON m2.product_id = p.id ' . $where . ' GROUP BY p.id, p.name, p.description, p.price, p.rrp, p.quantity, p.date_added, p.weight, p.url_slug, p.status ORDER BY ' . $order_by . ' ' . $order . ' LIMIT :start_results,:num_results');
// Bind params
$stmt->bindParam('start_results', $param1, PDO::PARAM_INT);
$stmt->bindParam('num_results', $param2, PDO::PARAM_INT);
if ($search) $stmt->bindParam('search', $param3, PDO::PARAM_STR);
$stmt->execute();
// Retrieve query results
$products = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Delete product
if (isset($_GET['delete'])) {
// Delete the product
$stmt = $pdo->prepare('DELETE p, pm, po, pc FROM products p LEFT JOIN products_media pm ON pm.product_id = p.id LEFT JOIN products_options po ON po.product_id = p.id LEFT JOIN products_categories pc ON pc.product_id = p.id WHERE p.id = ?');
$stmt->execute([ $_GET['delete'] ]);
// Clear session cart
if (isset($_SESSION['cart'])) {
unset($_SESSION['cart']);
}
header('Location: index.php?page=products&success_msg=3');
exit;
}
// Handle success messages
if (isset($_GET['success_msg'])) {
if ($_GET['success_msg'] == 1) {
$success_msg = 'Product created successfully!';
}
if ($_GET['success_msg'] == 2) {
$success_msg = 'Product updated successfully!';
}
if ($_GET['success_msg'] == 3) {
$success_msg = 'Product deleted successfully!';
}
}
// Determine the URL
$url = 'index.php?page=products&search=' . $search . '&status=' . $status . '&quantity=' . $quantity;
?>
<?=template_admin_header('Products', 'products', 'view')?>
<div class="content-title">
<div class="title">
<i class="fa-solid fa-box-open"></i>
<div class="txt">
<h2>Products</h2>
<p>View, manage, and search products.</p>
</div>
</div>
</div>
<?php if (isset($success_msg)): ?>
<div class="msg success">
<i class="fas fa-check-circle"></i>
<p><?=$success_msg?></p>
<i class="fas fa-times"></i>
</div>
<?php endif; ?>
<div class="content-header responsive-flex-column pad-top-5">
<a href="index.php?page=product" class="btn">Create Product</a>
<form action="" method="get">
<input type="hidden" name="page" value="products">
<div class="filters">
<a href="#"><i class="fas fa-sliders-h"></i> Filters</a>
<div class="list">
<label><input type="checkbox" name="status" value="one"<?=$status=='one'?' checked':''?>>Enabled</label>
<label><input type="checkbox" name="status" value="zero"<?=$status=='zero'?' checked':''?>>Disabled</label>
<label><input type="checkbox" name="quantity" value="zero"<?=$quantity=='zero'?' checked':''?>>No Stock</label>
<button type="submit">Apply</button>
</div>
</div>
<div class="search">
<label for="search">
<input id="search" type="text" name="search" placeholder="Search product name..." value="<?=htmlspecialchars($search, ENT_QUOTES)?>" class="responsive-width-100">
<i class="fas fa-search"></i>
</label>
</div>
</form>
</div>
<div class="content-block">
<div class="table">
<table>
<thead>
<tr>
<td class="responsive-hidden"><a href="<?=$url . '&order=' . ($order=='ASC'?'DESC':'ASC') . '&order_by=id'?>">#<?php if ($order_by=='id'): ?><i class="fas fa-level-<?=str_replace(['ASC', 'DESC'], ['up','down'], $order)?>-alt fa-xs"></i><?php endif; ?></a></td>
<td>Productcode</td>
<td><a href="<?=$url . '&order=' . ($order=='ASC'?'DESC':'ASC') . '&order_by=name'?>">Name<?php if ($order_by=='name'): ?><i class="fas fa-level-<?=str_replace(['ASC', 'DESC'], ['up','down'], $order)?>-alt fa-xs"></i><?php endif; ?></a></td>
<td><a href="<?=$url . '&order=' . ($order=='ASC'?'DESC':'ASC') . '&order_by=price'?>">Price<?php if ($order_by=='price'): ?><i class="fas fa-level-<?=str_replace(['ASC', 'DESC'], ['up','down'], $order)?>-alt fa-xs"></i><?php endif; ?></a></td>
<td><a href="<?=$url . '&order=' . ($order=='ASC'?'DESC':'ASC') . '&order_by=quantity'?>">Quantity<?php if ($order_by=='quantity'): ?><i class="fas fa-level-<?=str_replace(['ASC', 'DESC'], ['up','down'], $order)?>-alt fa-xs"></i><?php endif; ?></a></td>
<td class="responsive-hidden">Images</td>
<td class="responsive-hidden"><a href="<?=$url . '&order=' . ($order=='ASC'?'DESC':'ASC') . '&order_by=date_added'?>">Date Added<?php if ($order_by=='date_added'): ?><i class="fas fa-level-<?=str_replace(['ASC', 'DESC'], ['up','down'], $order)?>-alt fa-xs"></i><?php endif; ?></a></td>
<td class="responsive-hidden"><a href="<?=$url . '&order=' . ($order=='ASC'?'DESC':'ASC') . '&order_by=status'?>">Status<?php if ($order_by=='status'): ?><i class="fas fa-level-<?=str_replace(['ASC', 'DESC'], ['up','down'], $order)?>-alt fa-xs"></i><?php endif; ?></a></td>
<td>Actions</td>
</tr>
</thead>
<tbody>
<?php if (empty($products)): ?>
<tr>
<td colspan="8" style="text-align:center;">There are no products</td>
</tr>
<?php else: ?>
<?php foreach ($products as $product): ?>
<tr>
<td class="responsive-hidden"><?=$product['id']?></td>
<td><?=$product['productcode']?></td>
<td><?=$product['name']?></td>
<?php if ($product['rrp'] == 0.00): ?>
<td><?=currency_code?><?=number_format($product['price'], 2)?></td>
<?php else: ?>
<td><span class="rrp"><?=currency_code?><?=number_format($product['price'], 2)?></span> <s><?=currency_code . number_format($product['rrp'], 2)?></s></td>
<?php endif; ?>
<td><?=$product['quantity']==-1?'--':number_format($product['quantity'])?></td>
<td class="responsive-hidden img">
<?php foreach (array_reverse(explode(',',$product['imgs'])) as $img): ?>
<?php if ($img): ?>
<img src="../<?=$img?>" width="32" height="32" alt="<?=$img?>">
<?php endif; ?>
<?php endforeach; ?>
</td>
<td class="responsive-hidden"><?=date('F j, Y', strtotime($product['date_added']))?></td>
<td class="responsive-hidden"><?=$product['status'] ? 'Enabled' : 'Disabled'?></td>
<td><a href="index.php?page=product&id=<?=$product['id']?>" class="link1">Edit</a></td>
</tr>
<?php endforeach; ?>
<?php endif; ?>
</tbody>
</table>
</div>
</div>
<div class="pagination">
<?php if ($pagination_page > 1): ?>
<a href="<?=$url?>&pagination_page=<?=$pagination_page-1?>&order=<?=$order?>&order_by=<?=$order_by?>">Prev</a>
<?php endif; ?>
<span>Page <?=$pagination_page?> of <?=ceil($products_total / $results_per_page) == 0 ? 1 : ceil($products_total / $results_per_page)?></span>
<?php if ($pagination_page * $results_per_page < $products_total): ?>
<a href="<?=$url?>&pagination_page=<?=$pagination_page+1?>&order=<?=$order?>&order_by=<?=$order_by?>">Next</a>
<?php endif; ?>
</div>
<?=template_admin_footer()?>

109
admin/settings.php
View File

@@ -1,109 +0,0 @@
<?php
defined('admin') or exit;
// Configuration file
$file = '../custom/settings/config.php';
// Open the configuration file for reading
$contents = file_get_contents($file);
// Format key function
function format_key($key) {
$key = str_replace(
['_', 'url', 'db ', ' pass', ' user', 'ipn', 'paypal'],
[' ', 'URL', 'Database ', ' Password', ' Username', 'IPN', 'PayPal'],
strtolower($key)
);
return ucwords($key);
}
// Format HTML output function
function format_var_html($key, $value) {
$html = '';
$type = 'text';
$value = htmlspecialchars(trim($value, '\''), ENT_QUOTES);
$type = strpos($key, 'pass') !== false ? 'password' : $type;
$type = in_array(strtolower($value), ['true', 'false']) ? 'checkbox' : $type;
$checked = strtolower($value) == 'true' ? ' checked' : '';
$html .= '<label for="' . $key . '">' . format_key($key) . '</label>';
if ($type == 'checkbox') {
$html .= '<input type="hidden" name="' . $key . '" value="false">';
}
$html .= '<input type="' . $type . '" name="' . $key . '" id="' . $key . '" value="' . $value . '" placeholder="' . format_key($key) . '"' . $checked . '>';
return $html;
}
// Format tabs
function format_tabs($contents) {
$rows = explode("\n", $contents);
echo '<div class="tabs">';
echo '<a href="#" class="active">General</a>';
for ($i = 0; $i < count($rows); $i++) {
preg_match('/\/\*(.*?)\*\//', $rows[$i], $match);
if ($match) {
echo '<a href="#">' . $match[1] . '</a>';
}
}
echo '</div>';
}
// Format form
function format_form($contents) {
$rows = explode("\n", $contents);
echo '<div class="tab-content active">';
for ($i = 0; $i < count($rows); $i++) {
preg_match('/\/\*(.*?)\*\//', $rows[$i], $match);
if ($match) {
echo '</div><div class="tab-content">';
}
preg_match('/define\(\'(.*?)\', ?(.*?)\)/', $rows[$i], $match);
if ($match) {
echo format_var_html($match[1], $match[2]);
}
}
echo '</div>';
}
if (!empty($_POST)) {
// Update the configuration file with the new keys and values
foreach ($_POST as $k => $v) {
$v = in_array(strtolower($v), ['true', 'false']) ? strtolower($v) : '\'' . $v . '\'';
$contents = preg_replace('/define\(\'' . $k . '\'\, ?(.*?)\)/s', 'define(\'' . $k . '\',' . $v . ')', $contents);
}
file_put_contents('../custom/settings/config.php', $contents);
header('Location: index.php?page=settings&success_msg=1');
exit;
}
// Handle success messages
if (isset($_GET['success_msg'])) {
if ($_GET['success_msg'] == 1) {
$success_msg = 'Settings updated successfully!';
}
}
?>
<?=template_admin_header('Settings', 'settings')?>
<form action="" method="post">
<div class="content-title responsive-flex-wrap responsive-pad-bot-3">
<h2 class="responsive-width-100">Settings</h2>
<input type="submit" name="submit" value="Save" class="btn">
</div>
<?php if (isset($success_msg)): ?>
<div class="msg success">
<i class="fas fa-check-circle"></i>
<p><?=$success_msg?></p>
<i class="fas fa-times"></i>
</div>
<?php endif; ?>
<?=format_tabs($contents)?>
<div class="content-block">
<div class="form responsive-width-100">
<?=format_form($contents)?>
</div>
</div>
</form>
<script>
document.querySelectorAll("input[type='checkbox']").forEach(checkbox => {
checkbox.onclick = () => checkbox.value = checkbox.checked ? 'true' : 'false';
});
</script>
<?=template_admin_footer()?>

83
admin/shipping.php
View File

@@ -1,83 +0,0 @@
<?php
defined('admin') or exit;
// SQL query to get all shipping methods from the "shipping" table
$stmt = $pdo->prepare('SELECT * FROM shipping');
$stmt->execute();
$shipping = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Handle success messages
if (isset($_GET['success_msg'])) {
if ($_GET['success_msg'] == 1) {
$success_msg = 'Shipping method created successfully!';
}
if ($_GET['success_msg'] == 2) {
$success_msg = 'Shipping method updated successfully!';
}
if ($_GET['success_msg'] == 3) {
$success_msg = 'Shipping method deleted successfully!';
}
}
?>
<?=template_admin_header('Shipping', 'shipping')?>
<div class="content-title">
<div class="title">
<i class="fa-solid fa-truck-fast"></i>
<div class="txt">
<h2>Shipping</h2>
<p>View, create, and edit shipping methods.</p>
</div>
</div>
</div>
<?php if (isset($success_msg)): ?>
<div class="msg success">
<i class="fas fa-check-circle"></i>
<p><?=$success_msg?></p>
<i class="fas fa-times"></i>
</div>
<?php endif; ?>
<div class="content-header responsive-flex-column pad-top-5">
<a href="index.php?page=shipping_process" class="btn">Create Shipping Method</a>
</div>
<div class="content-block">
<div class="table">
<table>
<thead>
<tr>
<td>#</td>
<td>Name</td>
<td>Type</td>
<td class="responsive-hidden">Countries</td>
<td class="responsive-hidden">Price Range</td>
<td class="responsive-hidden">Weight Range</td>
<td>Total Shipping Price</td>
<td>Actions</td>
</tr>
</thead>
<tbody>
<?php if (empty($shipping)): ?>
<tr>
<td colspan="8" style="text-align:center;">There are no shipping methods</td>
</tr>
<?php else: ?>
<?php foreach ($shipping as $s): ?>
<tr>
<td><?=$s['id']?></td>
<td><?=$s['name']?></td>
<td><?=$s['type']?></td>
<td class="responsive-hidden" style="max-width:300px"><?=$s['countries'] ? str_replace(',', ', ', $s['countries']) : 'all'?></td>
<td class="responsive-hidden"><?=currency_code?><?=number_format($s['price_from'], 2)?> - <?=currency_code?><?=number_format($s['price_to'], 2)?></td>
<td class="responsive-hidden"><?=number_format($s['weight_from'], 2)?> lbs - <?=number_format($s['weight_to'], 2)?> lbs</td>
<td><?=currency_code?><?=number_format($s['price'], 2)?></td>
<td><a href="index.php?page=shipping_process&id=<?=$s['id']?>" class="link1">Edit</a></td>
</tr>
<?php endforeach; ?>
<?php endif; ?>
</tbody>
</table>
</div>
</div>
<?=template_admin_footer()?>

116
admin/shipping_process.php
View File

@@ -1,116 +0,0 @@
<?php
defined('admin') or exit;
// Default input shipping values
$shipping = [
'name' => '',
'price_from' => '',
'price_to' => '',
'weight_from' => '',
'weight_to' => '',
'price' => '',
'type' => 'Single Product',
'countries' => ''
];
$types = ['Single Product', 'Entire Order'];
if (isset($_GET['id'])) {
// ID param exists, edit an existing shipping method
$page = 'Edit';
if (isset($_POST['submit'])) {
// Update the shipping method
$countries_list = isset($_POST['countries']) ? implode(',', $_POST['countries']) : '';
$stmt = $pdo->prepare('UPDATE shipping SET name = ?, price_from = ?, price_to = ?, weight_from = ?, weight_to = ?, price = ?, type = ?, countries = ? WHERE id = ?');
$stmt->execute([ $_POST['name'], $_POST['price_from'], $_POST['price_to'], $_POST['weight_from'], $_POST['weight_to'], $_POST['price'], $_POST['type'], $countries_list, $_GET['id'] ]);
header('Location: index.php?page=shipping&success_msg=2');
exit;
}
if (isset($_POST['delete'])) {
// Delete the shipping method
$stmt = $pdo->prepare('DELETE FROM shipping WHERE id = ?');
$stmt->execute([ $_GET['id'] ]);
header('Location: index.php?page=shipping&success_msg=3');
exit;
}
// Get the shipping method from the database
$stmt = $pdo->prepare('SELECT * FROM shipping WHERE id = ?');
$stmt->execute([ $_GET['id'] ]);
$shipping = $stmt->fetch(PDO::FETCH_ASSOC);
} else {
// Create a new shipping method
$page = 'Create';
if (isset($_POST['submit'])) {
$countries_list = isset($_POST['countries']) ? implode(',', $_POST['countries']) : '';
$stmt = $pdo->prepare('INSERT INTO shipping (name, price_from, price_to, weight_from, weight_to, price, type, countries) VALUES (?,?,?,?,?,?,?,?)');
$stmt->execute([ $_POST['name'], $_POST['price_from'], $_POST['price_to'], $_POST['weight_from'], $_POST['weight_to'], $_POST['price'], $_POST['type'], $countries_list ]);
header('Location: index.php?page=shipping&success_msg=1');
exit;
}
}
?>
<?=template_admin_header($page . ' Shipping Method', 'shipping', 'manage')?>
<form action="" method="post">
<div class="content-title responsive-flex-wrap responsive-pad-bot-3">
<h2 class="responsive-width-100"><?=$page?> Shipping Method</h2>
<a href="index.php?page=shipping" class="btn alt mar-right-2">Cancel</a>
<?php if ($page == 'Edit'): ?>
<input type="submit" name="delete" value="Delete" class="btn red mar-right-2" onclick="return confirm('Are you sure you want to delete this shipping method?')">
<?php endif; ?>
<input type="submit" name="submit" value="Save" class="btn">
</div>
<div class="content-block">
<div class="form responsive-width-100">
<label for="name"><i class="required">*</i> Name</label>
<input type="text" name="name" placeholder="Name" value="<?=$shipping['name']?>" required>
<label for="type"><i class="required">*</i> Type</label>
<select name="type" id="type" required>
<?php foreach ($types as $type): ?>
<option value="<?=$type?>"<?=$shipping['type'] == $type ? ' selected' : ''?>><?=$type?></option>
<?php endforeach; ?>
</select>
<label for="countries">Countries</label>
<div class="multiselect" data-name="countries[]">
<?php foreach (explode(',', $shipping['countries']) as $c): ?>
<?php if (empty($c)) continue; ?>
<span class="item" data-value="<?=$c?>">
<i class="remove">&times;</i><?=$c?>
<input type="hidden" name="countries[]" value="<?=$c?>">
</span>
<?php endforeach; ?>
<input type="text" class="search" id="countries" placeholder="Countries">
<div class="list">
<?php foreach (get_countries() as $country): ?>
<span data-value="<?=$country?>"><?=$country?></span>
<?php endforeach; ?>
</div>
</div>
<label for="price"><i class="required">*</i> Product Price Range</label>
<div style="display:flex;margin:0;">
<input type="number" name="price_from" placeholder="From" min="0" step=".01" value="<?=$shipping['price_from']?>" required>
<span style="padding-top:15px">&nbsp;&nbsp;&nbsp;&mdash;&nbsp;&nbsp;&nbsp;</span>
<input type="number" name="price_to" placeholder="To" min="0" step=".01" value="<?=$shipping['price_to']?>" required>
</div>
<label for="price"><i class="required">*</i> Product Weight Range (lbs)</label>
<div style="display:flex;margin:0;">
<input type="number" name="weight_from" placeholder="From" min="0" step=".01" value="<?=$shipping['weight_from']?>" required>
<span style="padding-top:15px">&nbsp;&nbsp;&nbsp;&mdash;&nbsp;&nbsp;&nbsp;</span>
<input type="number" name="weight_to" placeholder="To" min="0" step=".01" value="<?=$shipping['weight_to']?>" required>
</div>
<label for="name"><i class="required">*</i> Total Shipping Price</label>
<input type="number" name="price" placeholder="3.99" min="0" step=".01" value="<?=$shipping['price']?>" required>
</div>
</div>
</form>
<?=template_admin_footer()?>

75
admin/tax.php
View File

@@ -1,75 +0,0 @@
<?php
defined('admin') or exit;
// Default input tax values
$tax = [
'country' => '',
'rate' => 0.00
];
if (isset($_GET['id'])) {
// ID param exists, edit an existing tax
$page = 'Edit';
if (isset($_POST['submit'])) {
// Update the tax
$categories_list = isset($_POST['categories']) ? implode(',', $_POST['categories']) : '';
$products_list = isset($_POST['products']) ? implode(',', $_POST['products']) : '';
$stmt = $pdo->prepare('UPDATE taxes SET country = ?, rate = ? WHERE id = ?');
$stmt->execute([ $_POST['country'], $_POST['rate'], $_GET['id'] ]);
header('Location: index.php?page=taxes&success_msg=2');
exit;
}
if (isset($_POST['delete'])) {
// Delete the tax
$stmt = $pdo->prepare('DELETE FROM taxes WHERE id = ?');
$stmt->execute([ $_GET['id'] ]);
header('Location: index.php?page=taxes&success_msg=3');
exit;
}
// Get the tax from the database
$stmt = $pdo->prepare('SELECT * FROM taxes WHERE id = ?');
$stmt->execute([ $_GET['id'] ]);
$tax = $stmt->fetch(PDO::FETCH_ASSOC);
} else {
// Create a new tax
$page = 'Create';
if (isset($_POST['submit'])) {
$stmt = $pdo->prepare('INSERT INTO taxes (country,rate) VALUES (?,?)');
$stmt->execute([ $_POST['country'], $_POST['rate'] ]);
header('Location: index.php?page=taxes&success_msg=1');
exit;
}
}
?>
<?=template_admin_header($page . ' Tax', 'taxes', 'manage')?>
<form action="" method="post">
<div class="content-title responsive-flex-wrap responsive-pad-bot-3">
<h2 class="responsive-width-100"><?=$page?> Tax</h2>
<a href="index.php?page=taxes" class="btn alt mar-right-2">Cancel</a>
<?php if ($page == 'Edit'): ?>
<input type="submit" name="delete" value="Delete" class="btn red mar-right-2" onclick="return confirm('Are you sure you want to delete this tax?')">
<?php endif; ?>
<input type="submit" name="submit" value="Save" class="btn">
</div>
<div class="content-block">
<div class="form responsive-width-100">
<label for="country"><i class="required">*</i> Country</label>
<select name="country" required>
<?php foreach (get_countries() as $country): ?>
<option value="<?=$country?>"<?=$country==$tax['country']?' selected':''?>><?=$country?></option>
<?php endforeach; ?>
</select>
<label for="rate"><i class="required">*</i> Rate</label>
<input id="rate" type="number" name="rate" step=".01" placeholder="Rate" value="<?=$tax['rate']?>" required>
</div>
</div>
</form>
<?=template_admin_footer()?>

75
admin/taxes.php
View File

@@ -1,75 +0,0 @@
<?php
defined('admin') or exit;
// SQL query to get all taxes from the "taxes" table
$stmt = $pdo->prepare('SELECT * FROM taxes ORDER BY country ASC');
$stmt->execute();
$taxes = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Handle success messages
if (isset($_GET['success_msg'])) {
if ($_GET['success_msg'] == 1) {
$success_msg = 'Tax created successfully!';
}
if ($_GET['success_msg'] == 2) {
$success_msg = 'Tax updated successfully!';
}
if ($_GET['success_msg'] == 3) {
$success_msg = 'Tax deleted successfully!';
}
}
?>
<?=template_admin_header('Taxes', 'taxes')?>
<div class="content-title">
<div class="title">
<i class="fa-solid fa-percent"></i>
<div class="txt">
<h2>Taxes</h2>
<p>View, create, and edit taxes.</p>
</div>
</div>
</div>
<?php if (isset($success_msg)): ?>
<div class="msg success">
<i class="fas fa-check-circle"></i>
<p><?=$success_msg?></p>
<i class="fas fa-times"></i>
</div>
<?php endif; ?>
<div class="content-header responsive-flex-column pad-top-5">
<a href="index.php?page=tax" class="btn">Create Tax</a>
</div>
<div class="content-block">
<div class="table">
<table>
<thead>
<tr>
<td class="responsive-hidden">#</td>
<td>Country</td>
<td>Tax Rate</td>
<td>Actions</td>
</tr>
</thead>
<tbody>
<?php if (empty($taxes)): ?>
<tr>
<td colspan="4" style="text-align:center;">There are no taxes</td>
</tr>
<?php else: ?>
<?php foreach ($taxes as $tax): ?>
<tr>
<td class="responsive-hidden"><?=$tax['id']?></td>
<td><?=$tax['country']?></td>
<td><?=$tax['rate']?>%</td>
<td><a href="index.php?page=tax&id=<?=$tax['id']?>" class="link1">Edit</a></td>
</tr>
<?php endforeach; ?>
<?php endif; ?>
</tbody>
</table>
</div>
</div>
<?=template_admin_footer()?>