/
myOrders.php
executable file
·239 lines (183 loc) · 7.64 KB
/
myOrders.php
1
<?php include('includes/_.php'); check_auth(); /* * Only the customers can view their offers. */ if( $_SESSION['access_level'] != 1) die("<h1>Unauthorized! Only Customers Allowed</h1>"); $_SESSION['view'] = 'Open Orders'; $uid = isset( $_REQUEST['id'] ) ? $_REQUEST['id'] : $_SESSION['user_id'];//A user can only view his offers Not anyone else's if( $_SESSION['access_level'] == 1 && $_SESSION['user_id'] != $uid ) die("Unauthorized!"); get_header(); $custID = $uid;?> <?php /* * Function to display my Orders in a table format returned by the last query. */ function displayResults($db) { $counter=0; while($rows = $db->result->fetch_assoc()) { $counter+=1; echo" <tr align = 'center' id = '$counter' onmouseover = 'changeRowColor(this,true);' onmouseout = 'changeRowColor(this,false);' onClick='pageRedirect($counter);'> <td>$rows[id]</td> <td>$rows[date]</td> <td>$rows[type]</td> <td>$rows[first_name]</td> <td>  $rows[last_name]  </td> <td>$rows[email]</td> </tr>"; } } /* * Function to display headers of the table with information pertaining to a customer's orders */ function myOrders($status,$custID) { echo " <script type='text/javascript'> function changeRowColor (Row,State) { if(State) { Row.style.backgroundColor = '#E0E0E0'; Row.style.color = 'Black'; } else { Row.style.backgroundColor = '#f6f6f6'; Row.style.color = 'Black'; } } function pageRedirect(indexOfRow) { var order = document.getElementById('ordersTable').rows[indexOfRow].cells[0].innerHTML; document.location.href = 'myOrders.php?orderID='+order; // alert(indexOfRow+\"order = \"+order); } </script> </head> <body> <h3>Click to View Order</h3> <div id='profileBox'></div> <form action='$PHP_SELF' method='POST'> <table align='center' id='ordersTable' class='profile_sect'> <tr align = 'center'> <th>     Order ID     </th> <th>     Order Date     </th> <th>     Order Type     </th> <th>     Employee First Name     </th> <th>     Employee Last Name     </th> <th>     Employee e-Mail ID     </th> </tr>"; global $db;$db->runQuery("select CL.id, CL.date, L.type,E.first_name,E.last_name,E.email from customer_leads CL, leads L, employees E where CL.customer_id = $custID and CL.employee_id = E.id and L.id = CL.id and status='$status' order by CL.date DESC;");if($db->result->num_rows > 0) displayResults($db);else echo"<script>location.href='myOrders.php?noOrders=1'</script>"; }if(isset($_GET['status']) && (!isset($_GET['noOrders']))) { $status = $_GET['status']; switch($status) { case 'Open': echo "<h1>Open Orders</h1>";myOrders('Open',$custID); break; case 'Closed': echo"<h1>Past Orders</h1>";myOrders('Closed',$custID); break; } }if(isset($_GET['orderID']) && (!isset($_GET['noOrders']))) { $orderID = $_GET['orderID']; $db->runQuery("select CL.id, CL.date,L.description, L.status, L.type, E.first_name as 'employee_first_name', E.last_name as 'employee_last_name',E.email as 'employee_email' from customer_leads CL, leads L, employees E where CL.id = $orderID and CL.employee_id = E.id and L.id = CL.id;"); $rows = $db->result->fetch_object(); $pdata = json_encode($rows); }if (isset($_GET['noOrders'])) { echo "<h2>You donot have any orders yet.</h2>"; }?> <div id="profileBox"></div><script type="text/javascript">showMsg('<?php get_msg(); ?>');var pdata = <?php echo $pdata; ?>;var html = '';var formhtml = '';$('#profile-h1').prepend('Order ID: ',pdata['id']);var str= ['<h3>Order Information</h3><table class="profile_sect">'];var st2= ['<h3>Edit Order Information</h3><form><table class="profile_sect">'];function nonEditable(keye){ str.push('<tr><td class="field">',keye.capitalize(),'</td><td>',pdata[keye],'</td></tr>'); st2.push('<tr><td class="field">',keye.capitalize(),'</td><td><input type=text disabled="disabled" name=',keye,' value="',pdata[keye],'"/></td></tr>');}function nonEditableID(keye){ str.push('<tr><td class="field">',keye.replace('_',' ').capitalize(),'</td> <td>',pdata[keye],'</td></tr>'); st2.push('<tr><td class="field">',keye.replace('_',' ').capitalize(),'</td><td><input type=text disabled = "disabled" name=',keye,' value="',pdata[keye],'"/></td></tr>');}function editable(keye){ str.push('<tr><td class="field">',keye.capitalize(),'</td> <td>',pdata[keye],'</td></tr>'); st2.push('<tr><td class="field">',keye.capitalize(),'</td><td><input type=text name=',keye,' value="',pdata[keye],'"/></td></tr>');}function forOrderID(keye){ str.push('<tr><td class="field">',keye.capitalize(),'</td> <td>',pdata[keye],'</td></tr>'); st2.push('<tr><td class="field">',keye.capitalize(),'</td><td><input type=text READONLY name=',keye,' value="',pdata[keye],'"/></td></tr>');}for (var key in pdata){ switch(key) { case 'id': forOrderID('id'); break; case 'employee_first_name': nonEditableID('employee_first_name'); break; case 'employee_last_name': nonEditableID('employee_last_name'); break; case 'employee_email': nonEditableID('employee_email'); break; case 'date': nonEditable('date'); break; case 'type': nonEditable('type'); break; case 'status': nonEditable('status'); break; case 'description': editable('description'); break; }}str.push('</table>');st2.push('</table>');html += str.join('');formhtml += st2.join('');st2 = [];formhtml += st2.join('');$('#profileBox').append( html );$('#edit-profile-link').click( function(){ if( $(this).html() == 'Edit' ){ $(this).html('Cancel'); $('#profileBox').html(formhtml); $('#cancel-edit').click( function(){$('#edit-profile-link').click();} ); } else{ $('#profileBox').html( html ); $(this).html('Edit'); } return false;});</script> <?php echo "</table></form></body></html>";get_footer(); ?>