pcwvanbeers/assetmgt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

CMXX - Improved whereclause

Browse Source
This commit is contained in:
“VeLiTi”
2025-02-20 13:35:59 +01:00
parent 3aaa6c6680
commit 4c6ed0d203
83 changed files with 897 additions and 1274 deletions
Download Patch File Download Diff File Expand all files Collapse all files

362
order.php
View File

@@ -1,163 +1,199 @@
<?php
defined('admin') or exit;
if (!isset($_GET['id'])) {
exit('Invalid ID!');
defined(page_security_key) or exit;
if (debug && debug_id == $_SESSION['id']){
ini_set('display_errors', '1');
ini_set('display_startup_errors', '1');
error_reporting(E_ALL);
}
// Retrieve order items
$stmt = $pdo->prepare('SELECT ti.*, p.productcode, p.name FROM transactions t JOIN transactions_items ti ON ti.txn_id = t.txn_id LEFT JOIN products p ON p.id = ti.item_id WHERE t.id = ?');
$stmt->execute([ $_GET['id'] ]);
$order_items = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Retrieve order details
$stmt = $pdo->prepare('SELECT a.email, a.id AS a_id, a.first_name AS a_first_name, a.last_name AS a_last_name, a.address_street AS a_address_street, a.address_city AS a_address_city, a.address_state AS a_address_state, a.address_zip AS a_address_zip, a.address_country AS a_address_country, a.address_phone AS a_address_phone, t.* FROM transactions t LEFT JOIN transactions_items ti ON ti.txn_id = t.txn_id LEFT JOIN accounts a ON a.id = t.account_id WHERE t.id = ?');
$stmt->execute([ $_GET['id'] ]);
$order = $stmt->fetch(PDO::FETCH_ASSOC);
include_once './assets/functions.php';
include_once './settings/settings.php';
// Get tax
$stmt = $pdo->prepare('SELECT * FROM taxes WHERE country = ?');
$stmt->execute([$order['a_address_country']]);
$tax = $stmt->fetch(PDO::FETCH_ASSOC);
$tax_rate = $tax ? $tax['rate'] : 0.00;
//SET ORIGIN FOR NAVIGATION
$prev_page = $_SESSION['prev_origin'] ?? '';
$page = 'order';
//Add giftcards
if (isset($_GET['add_giftcard'])){
createGiftCart($pdo, $order['txn_id']);
}
//create backbutton to prev_origin
$back_btn_orgin = ($prev_page != '')? '<a href="'.$prev_page.'" class="btn alt mar-right-2">'.$button_back.'</a>':'';
//Get connected giftcards
$giftcards_template = $order['txn_id'].'#%#%';
$stmt = $pdo->prepare('SELECT * from discounts WHERE discount_code like ?');
$stmt->execute([$giftcards_template]);
$giftcards = $stmt->fetchAll(PDO::FETCH_ASSOC);
// Get the current date
$current_date = strtotime((new DateTime())->format('Y-m-d H:i:s'));
// Delete transaction
if (isset($_GET['delete'])) {
// Delete the transaction
$stmt = $pdo->prepare('DELETE t, ti FROM transactions t LEFT JOIN transactions_items ti ON ti.txn_id = t.txn_id WHERE t.id = ?');
$stmt->execute([ $_GET['id'] ]);
// Deactive giftcards
removeGiftCart($pdo, $_GET['txn']);
header('Location: index.php?page=orders&success_msg=3');
//Check if allowed
if (isAllowed($page,$_SESSION['profile'],$_SESSION['permission'],'R') === 0){
header('location: index.php');
exit;
}
if (!$order) {
exit('Invalid ID!');
//GET PARAMETERS && STORE in SESSION for FURTHER USE/NAVIGATION
$pagination_page = $_SESSION['p'] = isset($_GET['p']) ? $_GET['p'] : 1;
//PAGE Security
$page_manage = 'order_manage';
$update_allowed = isAllowed($page ,$_SESSION['profile'],$_SESSION['permission'],'U');
$update_allowed_edit = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'U');
$delete_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'D');
$create_allowed = isAllowed($page_manage ,$_SESSION['profile'],$_SESSION['permission'],'C');
//GET Details from URL
$_GET['list'] = 'order';
$GET_VALUES = urlGETdetails($_GET) ?? '';
//CALL TO API
$api_url = '/v2/transactions/'.$GET_VALUES;
$order = ioServer($api_url,'');
//Decode Payload
if (!empty($order)){$order = json_decode($order,true);}else{$order = null;}
// Handle success messages
if (isset($_GET['success_msg'])) {
if ($_GET['success_msg'] == 1) {
$success_msg = $message_order_1 ?? 'Created';
}
if ($_GET['success_msg'] == 2) {
$success_msg = $message_order_2 ?? 'Updated';
}
if ($_GET['success_msg'] == 3) {
$success_msg = $message_order_3 ?? 'Deleted' ;
}
}
?>
<?=template_admin_header('Orders', 'orders')?>
template_header('order', 'order', 'view');
$view = '
<div class="content-title responsive-flex-wrap responsive-pad-bot-3">
<h2 class="responsive-width-100">'.$order['header']['id'].' - '.$order['header']['txn_id'].'</h2>
<a href="index.php?page='.$_SESSION['origin'].'&p='.$_SESSION['p'].'" class="btn alt mar-right-2">'.$button_cancel.'</a>
';
<div class="content-title responsive-flex-wrap responsive-pad-bot-3">
<h2 class="responsive-width-100">Order #<?=$_GET['id']?></h2>
<a href="index.php?page=orders" class="btn alt mar-right-2">Cancel</a>
<a href="index.php?page=order&id=<?=$_GET['id']?>&delete=true&txn=<?=$order['txn_id']?>" class="btn red mar-right-2" onclick="return confirm('Are you sure you want to delete this order?')">Delete</a>
<a href="index.php?page=order_manage&id=<?=$_GET['id']?>" class="btn">Edit</a>
</div>
<div class="content-block-wrapper">
//------------------------------------
//
//------------------------------------
if ($update_allowed_edit === 1){
$view .= '<a href="index.php?page=order_manage&id='.$_GET['id'].'" class="btn">Edit</a>';
}
$view .= '</div>';
if (isset($success_msg)){
$view .= ' <div class="msg success">
<i class="fas fa-check-circle"></i>
<p>'.$success_msg.'</p>
<i class="fas fa-times"></i>
</div>';
}
$view .= '<div class="content-block-wrapper">';
$view .='
<div class="content-block order-details">
<div class="block-header">
<i class="fa-solid fa-cart-shopping fa-sm"></i>Order Details
</div>
<div class="order-detail">
<h3>Order ID</h3>
<p><?=$order['id']?></p>
<p>' . $order['header']['id'] . '</p>
</div>
<div class="order-detail">
<h3>Transaction ID</h3>
<p><?=$order['txn_id']?></p>
</div>
<?php if ($order['shipping_method']): ?>
<p>' . $order['header']['txn_id'] . '</p>
</div>';
if ($order['header']['shipping_method']) {
$view .='
<div class="order-detail">
<h3>Shipping Method</h3>
<p><?=$order['shipping_method'] ? htmlspecialchars($order['shipping_method'], ENT_QUOTES) : '--'?></p>
</div>
<?php endif; ?>
<p>' . htmlspecialchars($order['header']['shipping_method'], ENT_QUOTES) . '</p>
</div>';
}
$view .='
<div class="order-detail">
<h3>Payment Method</h3>
<p><?=$order['payment_method']?></p>
<p>' . $order['header']['payment_method'] . '</p>
</div>
<div class="order-detail">
<h3>Payment Status</h3>
<p><?=$order['payment_status']?></p>
<p>' . $order['header']['payment_status'] . '</p>
</div>
<div class="order-detail">
<h3>Date</h3>
<p><?=date('F j, Y H:ia', strtotime($order['created']))?></p>
</div>
<?php if ($order['discount_code']): ?>
<p>'.getRelativeTime($order['header']['created']). '</p>
</div>';
if ($order['header']['discount_code']) {
$view .='
<div class="order-detail">
<h3>Discount Code</h3>
<p><?=htmlspecialchars($order['discount_code'], ENT_QUOTES)?></p>
</div>
<?php endif; ?>
</div>
<p>' . htmlspecialchars($order['header']['discount_code'], ENT_QUOTES) . '</p>
</div>';
}
$view .=' </div>';
// Account Details Block
$view .='
<div class="content-block order-details">
<div class="block-header">
<i class="fa-solid fa-user fa-sm"></i>Account Details
</div>
<?php if ($order['email']): ?>
</div>';
if ($order['customer']['email']) {
$view .='
<div class="order-detail">
<h3>Email</h3>
<p><a href="index.php?page=account&id=<?=$order['a_id']?>" target="_blank" class="link1" style="margin:0"><?=htmlspecialchars($order['email'], ENT_QUOTES)?></a></p>
<p><a href="index.php?page=account&id=' . $order['header']['id'] . '" target="_blank" class="link1" style="margin:0">' . htmlspecialchars($order['customer']['email'], ENT_QUOTES) . '</a></p>
</div>
<div class="order-detail">
<h3>Name</h3>
<p><?=htmlspecialchars($order['a_first_name'], ENT_QUOTES)?> <?=htmlspecialchars($order['a_last_name'], ENT_QUOTES)?></p>
<p>' . htmlspecialchars($order['customer']['name'], ENT_QUOTES) . '</p>
</div>
<div class="order-detail">
<h3>Address</h3>
<p style="text-align:right;"><?=htmlspecialchars($order['a_address_street'], ENT_QUOTES)?><br>
<?=htmlspecialchars($order['a_address_city'], ENT_QUOTES)?><br>
<?=htmlspecialchars($order['a_address_state'], ENT_QUOTES)?><br>
<?=htmlspecialchars($order['a_address_zip'], ENT_QUOTES)?><br>
<?=htmlspecialchars($order['a_address_country'], ENT_QUOTES)?>
</p>
<p style="text-align:right;">' . htmlspecialchars($order['customer']['street'], ENT_QUOTES) . '<br>
' . htmlspecialchars($order['customer']['city'], ENT_QUOTES) . '<br>
' . htmlspecialchars($order['customer']['state'], ENT_QUOTES) . '<br>
' . htmlspecialchars($order['customer']['zip'], ENT_QUOTES) . '<br>
' . htmlspecialchars($order['customer']['country'], ENT_QUOTES) . '</p>
</div>
<div class="order-detail">
<h3>Contact</h3>
<p style="text-align:right;"><?=htmlspecialchars($order['a_address_phone'], ENT_QUOTES)?>
</p>
</div>
<?php else: ?>
<p>The order is not associated with an account.</p>
<?php endif; ?>
</div>
<p style="text-align:right;">' . htmlspecialchars($order['customer']['phone'], ENT_QUOTES) . '</p>
</div>';
} else {
$view .=' <p>The order is not associated with an account.</p>';
}
$view .=' </div>';
// Customer Details Block
$view .='
<div class="content-block order-details">
<div class="block-header">
<i class="fa-solid fa-user fa-sm"></i>Customer Details
</div>
<div class="order-detail">
<h3>Email</h3>
<p><?=htmlspecialchars($order['payer_email'], ENT_QUOTES)?></p>
<p>' . htmlspecialchars($order['customer']['email'], ENT_QUOTES) . '</p>
</div>
<div class="order-detail">
<h3>Name</h3>
<p><?=htmlspecialchars($order['first_name'], ENT_QUOTES)?> <?=htmlspecialchars($order['last_name'], ENT_QUOTES)?></p>
<p>' . htmlspecialchars($order['customer']['name'], ENT_QUOTES) . ' </p>
</div>
<div class="order-detail">
<h3>Address</h3>
<p style="text-align:right;"><?=htmlspecialchars($order['address_street'], ENT_QUOTES)?><br>
<?=htmlspecialchars($order['address_city'], ENT_QUOTES)?><br>
<?=htmlspecialchars($order['address_state'], ENT_QUOTES)?><br>
<?=htmlspecialchars($order['address_zip'], ENT_QUOTES)?><br>
<?=htmlspecialchars($order['address_country'], ENT_QUOTES)?>
</p>
<p style="text-align:right;">' . htmlspecialchars($order['customer']['street'], ENT_QUOTES) . '<br>
' . htmlspecialchars($order['customer']['city'], ENT_QUOTES) . '<br>
' . htmlspecialchars($order['customer']['state'], ENT_QUOTES) . '<br>
' . htmlspecialchars($order['customer']['zip'], ENT_QUOTES) . '<br>
' . htmlspecialchars($order['customer']['country'], ENT_QUOTES) . '</p>
</div>
<div class="order-detail">
<h3>Contact</h3>
<p style="text-align:right;"><?=htmlspecialchars($order['a_address_phone'], ENT_QUOTES)?>
</p>
<p style="text-align:right;">' . htmlspecialchars($order['customer']['phone'], ENT_QUOTES) . '</p>
</div>
</div>
</div>
</div>';
// Order Items Table
$view .='
<div class="content-block">
<div class="block-header">
<i class="fa-solid fa-bars fa-sm"></i>Order
@@ -173,60 +209,63 @@ if (!$order) {
<td style="text-align:right;">Total</td>
</tr>
</thead>
<tbody>
<?php if (empty($order_items)): ?>
<tbody>';
if (empty($order)) {
$view .='
<tr>
<td colspan="5" style="text-align:center;">There are no order items</td>
</tr>
<?php else: ?>
<?php
$subtotal = 0;
foreach ($order_items as $item):
?>
</tr>';
} else {
foreach ($order['products'] as $item) {
$view .='
<tr>
<td><?=$item['productcode']?> <?=$item['name'] ? htmlspecialchars($item['name'], ENT_QUOTES) : '(Product ' . $item['item_id'] . ')'?></td>
<td><?=$item['item_options'] ? htmlspecialchars(str_replace(',', ', ', $item['item_options']), ENT_QUOTES) : '--'?></td>
<td><?=$item['item_quantity']?></td>
<td class="responsive-hidden"><?=currency_code?><?=number_format($item['item_price'], 2)?></td>
<td style="text-align:right;"><?=currency_code?><?=number_format($item['item_price']*$item['item_quantity'], 2)?></td>
</tr>
<?php $subtotal += $item['item_price']*$item['item_quantity'];?>
<?php endforeach; ?>
<?php endif; ?>
<td>' . ($item['product_name'] ? htmlspecialchars(${$item['product_name']} ?? $item['product_name'] , ENT_QUOTES) : '(Product ' . $item['item_id'] . ')') . '</td>
<td>' . ($item['options'] ? htmlspecialchars(implode(", ", $item['options']), ENT_QUOTES) : '--') . '</td>
<td>' . $item['quantity'] . '</td>
<td class="responsive-hidden">' . number_format($item['price'], 2) . '</td>
<td style="text-align:right;">' . number_format($item['line_total'], 2) . '</td>
</tr>';
}
}
$view .='
<tr>
<td colspan="5" class="item-list-end"></td>
</tr>
<tr>
<td colspan="4" class="subtotal">Subtotal</td>
<td class="num"><?=currency_code?><?=number_format($subtotal, 2)?></td>
<td class="num">' . number_format($order['pricing']['subtotal'], 2) . '</td>
</tr>
<tr>
<td colspan="4" class="shipping">Shipping</td>
<td class="num"><?=currency_code?><?=number_format($order['shipping_amount'], 2)?></td>
<td class="num">' . number_format($order['pricing']['shipping_total'], 2) . '</td>
</tr>
<tr>
<td colspan="4" class="shipping">Discount</td>
<td class="num"><?=currency_code?><?=number_format(($order['payment_amount']+$order['shipping_amount'])-($subtotal), 2)?></td>
<td class="num">' . number_format($order['pricing']['discount_total'], 2) . '</td>
</tr>
<tr>
<td colspan="4" class="shipping">VAT</td>
<td class="num" style="border-bottom: 1px solid #f0f1f2;"><?=currency_code?><?=number_format($order['tax_amount'], 2)?></td>
<td class="num" style="border-bottom: 1px solid #f0f1f2;">' . number_format($order['pricing']['tax_total'], 2) . '</td>
</tr>
<tr>
<td colspan="4" class="total">Total</td>
<td class="num"><b><?=currency_code?><?=number_format($order['payment_amount'], 2)?></b></td>
<td class="num"><b>' . number_format($order['pricing']['payment_amount'], 2) . '</b></td>
</tr>
</tbody>
</table>
</div>
</div>
</div>';
// Giftcards Block
$view .='
<div class="content-block">
<div class="block-header">
<i class="fa-solid fa-bars fa-sm"></i>Giftcards
</div>
<div class="table order-table">
<a href="index.php?page=order&id=<?=$_GET['id']?>&add_giftcard" class="btn">Relate giftcards</a>
<a href="index.php?page=order&id=' . $_GET['id'] . '&add_giftcard" class="btn">Relate giftcards</a>
<table>
<thead>
<tr>
@@ -235,56 +274,69 @@ if (!$order) {
<td>Value</td>
</tr>
</thead>
<tbody>
<?php if (empty($giftcards)): ?>
<tbody>';
if (empty($giftcards)) {
$view .='
<tr>
<td colspan="5" style="text-align:center;">There are no order items</td>
</tr>
<?php else: ?>
<?php foreach ($giftcards as $giftcard): ?>
</tr>';
} else {
foreach ($giftcards as $giftcard) {
$view .='
<tr>
<td><?=$giftcard['discount_code']?></td>
<td><?=$current_date >= strtotime($giftcard['start_date']) && $current_date <= strtotime($giftcard['end_date']) ? 'Yes' : 'No'?></td>
<td><?=currency_code?><?=number_format($giftcard['discount_value'], 2)?></td>
</tr>
<?php endforeach; ?>
<?php endif; ?>
<td>' . $giftcard['discount_code'] . '</td>
<td>' . ($current_date >= strtotime($giftcard['start_date']) && $current_date <= strtotime($giftcard['end_date']) ? 'Yes' : 'No') . '</td>
<td>' . number_format($giftcard['discount_value'], 2) . '</td>
</tr>';
}
}
$view .='
<tr>
<td colspan="5" class="item-list-end"></td>
</tr>
</tbody>
</table>
</div>
</div>
</div>';
// Invoice Block
$view .='
<div class="content-block">
<div class="block-header">
<i class="fa-solid fa-bars fa-sm"></i>Invoice
</div>
<div class="table order-table">
<table>
<tr>
<td style="width:70px";>
<form action="index.php?page=factuur" method="post">
<input type="hidden" name="txn_id" value="<?=$order['txn_id']?>">
<input type="submit" class="btn" name="show_invoice" value="Show">
</form>
</td>
<td style="width: 157px;">
<form action="index.php?page=factuur" method="post">
<input type="hidden" name="txn_id" value="<?=$order['txn_id']?>">
<input type="submit" class="btn" name="email_invoice" value="Email to Customer" onclick="return confirm('Send invoice to customer?');">
</form>
</td>
<td>
<form action="index.php?page=factuur" method="post">
<input type="hidden" name="txn_id" value="<?=$order['txn_id']?>">
<input type="submit" class="btn" name="email_invoice_to_admin" value="Email to Admin" onclick="return confirm('Send invoice to admin?');">
</form>
</td>
</tr>
</table>
</div>
</div>
<table>
<tr>
<td style="width:70px";>
<form action="index.php?page=factuur" method="post">
<input type="hidden" name="txn_id" value="' . $order['header']['txn_id'] . '">
<input type="submit" class="btn" name="show_invoice" value="Show">
</form>
</td>
<td style="width: 157px;">
<form action="index.php?page=factuur" method="post">
<input type="hidden" name="txn_id" value="' . $order['header']['txn_id'] . '">
<input type="submit" class="btn" name="email_invoice" value="Email to Customer" onclick="return confirm(\'Send invoice to customer?\');">
</form>
</td>
<td>
<form action="index.php?page=factuur" method="post">
<input type="hidden" name="txn_id" value="' . $order['header']['txn_id'] . '">
<input type="submit" class="btn" name="email_invoice_to_admin" value="Email to Admin" onclick="return confirm(\'Send invoice to admin?\');">
</form>
</td>
</tr>
</table>
</div>';
<?=template_admin_footer()?>
$view .='</div>';
//OUTPUT
echo $view;
template_footer()
?>