Karta Zamówienia - <?php echo APP

prepare("SELECT * FROM " . DB_PREFIX . "orders WHERE id = ?"); $stmt->execute([$id]); $order = $stmt->fetch(); if (!$order) { die("Zamówienie nie istnieje."); } // 1. OBSŁUGA ZMIANY STATUSU ARCHIWUM if (isset($_POST['archive_action'])) { requireCsrfToken(); $new_archive_status = $order['is_archived'] ? 0 : 1; $update_arch = $pdo->prepare("UPDATE " . DB_PREFIX . "orders SET is_archived = ? WHERE id = ?"); $update_arch->execute([$new_archive_status, $id]); $action_msg = $new_archive_status ? "Przeniesiono do archiwum." : "Przywrócono z archiwum do aktualnych."; $hist_arch = $pdo->prepare("INSERT INTO " . DB_PREFIX . "order_history (order_id, user_id, action) VALUES (?, ?, ?)"); $hist_arch->execute([$id, $_SESSION['user_id'], $action_msg]); // Wracamy na listę, uwzględniając czy lądujemy w archiwum czy nie $redirect_url = $new_archive_status ? "index.php?archive=1" : "index.php"; header("Location: $redirect_url"); exit(); } // 2. OBSŁUGA DODAWANIA KOMENTARZA if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['add_comment'])) { requireCsrfToken(); $comment_text = trim($_POST['comment_text'] ?? ''); if (!empty($comment_text)) { try { $ins_comm = $pdo->prepare("INSERT INTO " . DB_PREFIX . "order_comments (order_id, user_id, comment_text) VALUES (?, ?, ?)"); $ins_comm->execute([$id, $_SESSION['user_id'], $comment_text]); // Przeładowanie strony (PRG - Post/Redirect/Get), aby uniknąć ponownego wysłania przy odświeżaniu F5 header("Location: edit_order.php?id=" . $id); exit(); } catch (PDOException $e) { $message = "

Błąd zapisu komentarza: " . $e->getMessage() . "

"; } } } // 3. OBSŁUGA STANDARDOWEJ EDYCJI if ($_SERVER["REQUEST_METHOD"] == "POST" && !isset($_POST['archive_action']) && !isset($_POST['add_comment'])) { requireCsrfToken(); $product_name = trim($_POST['product_name'] ?? ''); $part_number = trim($_POST['part_number'] ?? ''); $quantity = (int)$_POST['quantity']; $purchase_place = trim($_POST['purchase_place'] ?? ''); $status = $_POST['status']; $price = (float)str_replace(',', '.', $_POST['price_per_unit'] ?? '0'); $delivery_date = $_POST['delivery_date'] ?? null; $notes = trim($_POST['notes'] ?? ''); $recipient = trim($_POST['recipient'] ?? ''); $delivery_address = trim($_POST['delivery_address'] ?? ''); $company = trim($_POST['company'] ?? ''); if ($quantity < 1) { $message = "

Ilość musi być większa od zera.

"; } else { $changes = []; if (($order['company'] ?? '') !== $company) $changes[] = "Firma: [{$order['company']}] ➔ [$company]"; if (($order['product_name'] ?? '') !== $product_name) $changes[] = "Produkt: [{$order['product_name']}] ➔ [$product_name]"; if (($order['part_number'] ?? '') !== $part_number) $changes[] = "PN: [{$order['part_number']}] ➔ [$part_number]"; if ((int)$order['quantity'] !== $quantity) $changes[] = "Ilość: [{$order['quantity']}] ➔ [$quantity]"; if (($order['purchase_place'] ?? '') !== $purchase_place) $changes[] = "Sklep: [{$order['purchase_place']}] ➔ [$purchase_place]"; if (($order['status'] ?? '') !== $status) $changes[] = "Status: [{$order['status']}] ➔ [$status]"; if ((float)$order['price_per_unit'] !== $price) $changes[] = "Cena: [{$order['price_per_unit']}] ➔ [$price]"; if (($order['delivery_date'] ?? '') !== $delivery_date) $changes[] = "Dostawa: [{$order['delivery_date']}] ➔ [$delivery_date]"; if (($order['recipient'] ?? '') !== $recipient) $changes[] = "Odbiorca: [{$order['recipient']}] ➔ [$recipient]"; if (($order['delivery_address'] ?? '') !== $delivery_address) $changes[] = "Adres: [{$order['delivery_address']}] ➔ [$delivery_address]"; if (($order['notes'] ?? '') !== $notes) $changes[] = "Zaktualizowano notatki"; if (!empty($changes)) { try { $pdo->beginTransaction(); $update = $pdo->prepare("UPDATE " . DB_PREFIX . "orders SET product_name=?, part_number=?, quantity=?, purchase_place=?, status=?, price_per_unit=?, delivery_date=?, notes=?, recipient=?, delivery_address=?, company=? WHERE id=?"); $update->execute([$product_name, $part_number, $quantity, $purchase_place, $status, $price, $delivery_date, $notes, $recipient, $delivery_address, $company, $id]); $action_text = "Zmieniono: " . implode(', ', $changes); $hist = $pdo->prepare("INSERT INTO " . DB_PREFIX . "order_history (order_id, user_id, action) VALUES (?, ?, ?)"); $hist->execute([$id, $_SESSION['user_id'], $action_text]); $pdo->commit(); $message = "

Zmiany zostały zapisane!

"; $stmt->execute([$id]); $order = $stmt->fetch(); } catch (PDOException $e) { $pdo->rollBack(); $message = "

Błąd bazy: " . $e->getMessage() . "

"; } } } } // POBIERANIE HISTORII $hist_sql = "SELECT h.action, h.created_at, u.username FROM " . DB_PREFIX . "order_history h LEFT JOIN " . DB_PREFIX . "users u ON h.user_id = u.id WHERE h.order_id = ? ORDER BY h.created_at DESC"; $hist_stmt = $pdo->prepare($hist_sql); $hist_stmt->execute([$id]); $history = $hist_stmt->fetchAll(); // POBIERANIE KOMENTARZY $comm_sql = "SELECT c.comment_text, c.created_at, u.username FROM " . DB_PREFIX . "order_comments c LEFT JOIN " . DB_PREFIX . "users u ON c.user_id = u.id WHERE c.order_id = ? ORDER BY c.created_at DESC"; $comm_stmt = $pdo->prepare($comm_sql); $comm_stmt->execute([$id]); $comments = $comm_stmt->fetchAll(); ?> Karta Zamówienia - <?php echo APP_NAME; ?>

Edycja zamówienia # Archiwum

Powrót

Firma kupująca

Nazwa produktu

PN (Part Number)

Ilość

Cena za szt.

zł

Miejsce zakupu

Szacowana data dostawy

Bieżący Status

Odbiorca / Projekt

Adres dostawy

Notatki wewnętrzne

Komentarze i ustalenia

Brak komentarzy. Bądź pierwszy!

Historia zmian

Brak zapisanej historii modyfikacji.