inventory_old/edit_order.php at master · bitsandbots/inventory_old · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
<?php
/**
 * edit_order.php
 *
 * @package default
 */


$page_title = 'Edit Order';
require_once 'includes/load.php';
// Checkin What level user has permission to view this page
page_require_level(2);


//Display all catgories.
$order = find_by_id('orders', (int)$_GET['id']);
if (!$order) {
	$session->msg("d", "Missing order id.");
	redirect('orders.php');
}

if (isset($_POST['edit_order'])) {
	$customer = remove_junk($db->escape($_POST['customer']));
	$paymethod = remove_junk($db->escape($_POST['paymethod']));
	$notes = remove_junk($db->escape($_POST['notes']));
	$date = remove_junk($db->escape($_POST['date']));
	if ($date == 0 ) { $date    = make_date(); }

	if (empty($errors)) {


	if ( ! find_by_name('customers',$customer) )
	{
		$query  = "INSERT INTO customers (";
		//$query .=" name,address,postcode,telephone,email,paymethod";
		$query .=" name,paymethod";
		$query .=") VALUES (";
		//$query .=" '{$customer}', '{$c_address}', '{$c_postcode}', '{$c_telephone}', '{$c_email}', '{$paymethod}'";
		$query .=" '{$customer}', '{$paymethod}'";
		$query .=")";
		$result = $db->query($query);
		if ($result && $db->affected_rows() === 1) {
			$session->msg('s', "customer added ");
		} else {
			$session->msg('d', ' Sorry failed to updated!');
		}
	}

		$sql = "UPDATE orders SET";
		$sql .= " customer='{$customer}', paymethod='{$paymethod}', notes='{$notes}', date='{$date}'";
		$sql .= " WHERE id='{$order['id']}'";

		$result = $db->query($sql);
		if ($result && $db->affected_rows() === 1) {
			$session->msg("s", "Successfully updated order");
			redirect('orders.php', false);
		} else {
			$session->msg("d", "Sorry! Failed to Order");
			redirect('orders.php', false);
		}
	} else {
		$session->msg("d", $errors);
		redirect('orders.php', false);
	}
}
?>
<?php include_once 'layouts/header.php'; ?>

<div class="row">
   <div class="col-md-12">
     <?php echo display_msg($msg); ?>
   </div>
   <div class="col-md-5">
     <div class="panel panel-default">
       <div class="panel-heading">
         <strong>
           <span class="glyphicon glyphicon-th"></span>
           <span>Editing Order #<?php echo remove_junk(ucfirst($order['id']));?></span>
        </strong>
       </div>
       <div class="panel-body">
         <form method="post" action="edit_order.php?id=<?php echo (int)$order['id'];?>">
           <div class="form-group">
               <input type="text" class="form-control" name="customer" value="<?php echo remove_junk(ucfirst($order['customer']));?>">
           </div>

           <div class="form-group">
                    <select class="form-control" name="paymethod">
                      <option value="">Select Payment Method</option>
                     <option value="Cash" <?php if ($order['paymethod'] === "Cash" ): echo "selected"; endif; ?> >Cash</option>
                     <option value="Check" <?php if ($order['paymethod'] === "Check" ): echo "selected"; endif; ?> >Check</option>
                     <option value="Credit" <?php if ($order['paymethod'] === "Credit" ): echo "selected"; endif; ?> >Credit</option>
                     <option value="Charge" <?php if ($order['paymethod'] === "Charge" ): echo "selected"; endif; ?> >Charge to Account</option>
                    </select>

           </div>

           <div class="form-group">
               <input type="text" class="form-control" name="notes" value="<?php echo remove_junk(ucfirst($order['notes']));?>" placeholder="Notes">
           </div>

           <div class="form-group">
           <input type="date" class="form-control datepicker" name="date" data-date-format="" value="<?php echo remove_junk($order['date']); ?>">
           </div>

         <div class="pull-right">
              <button type="submit" name="edit_order" class="btn btn-info">Update</button>
          </form>
         </div>
        </div>
      </div>
  </div>
<?php
// print "<pre>";
// print_r($order);
// print "</pre>\n";
?>

   </div>
</div>

<?php include_once 'layouts/footer.php'; ?>