You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
73 lines
2.6 KiB
PHP
73 lines
2.6 KiB
PHP
<?php
|
|
require_once 'includes/db.php';
|
|
require_once 'includes/auth.php';
|
|
checkAuth();
|
|
|
|
header('Content-Type: application/json');
|
|
$data = json_decode(file_get_contents('php://input'), true);
|
|
|
|
if (!$data || empty($data['action']) || empty($data['id'])) {
|
|
die(json_encode(['success' => false, 'error' => 'Brak danych']));
|
|
}
|
|
|
|
if (!isValidCsrfToken($data['csrf_token'] ?? null)) {
|
|
http_response_code(403);
|
|
die(json_encode(['success' => false, 'error' => 'Nieprawidłowy token bezpieczeństwa']));
|
|
}
|
|
|
|
$id = (int)$data['id'];
|
|
$action = $data['action'];
|
|
|
|
try {
|
|
if ($action === 'archive') {
|
|
$stmt = $pdo->prepare("UPDATE " . DB_PREFIX . "orders SET is_archived = 1 WHERE id = ?");
|
|
$stmt->execute([$id]);
|
|
|
|
$hist = $pdo->prepare("INSERT INTO " . DB_PREFIX . "order_history (order_id, user_id, action) VALUES (?, ?, ?)");
|
|
$hist->execute([$id, $_SESSION['user_id'], 'Przeniesiono zamówienie do archiwum.']);
|
|
|
|
echo json_encode(['success' => true]);
|
|
|
|
} elseif ($action === 'duplicate') {
|
|
// Pobierz oryginał
|
|
$stmt = $pdo->prepare("SELECT * FROM " . DB_PREFIX . "orders WHERE id = ?");
|
|
$stmt->execute([$id]);
|
|
$orig = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
|
|
if (!$orig) {
|
|
die(json_encode(['success' => false, 'error' => 'Nie znaleziono zamówienia']));
|
|
}
|
|
|
|
// Zapisz kopię (zawsze jako nowe, nie zarchiwizowane)
|
|
$insert = $pdo->prepare("INSERT INTO " . DB_PREFIX . "orders
|
|
(product_name, part_number, quantity, purchase_place, price_per_unit, delivery_date, notes, recipient, delivery_address, company, status, is_archived)
|
|
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, 'nowe', 0)");
|
|
|
|
$insert->execute([
|
|
$orig['product_name'] . ' (Kopia)',
|
|
$orig['part_number'],
|
|
$orig['quantity'],
|
|
$orig['purchase_place'],
|
|
$orig['price_per_unit'],
|
|
$orig['delivery_date'],
|
|
$orig['notes'],
|
|
$orig['recipient'],
|
|
$orig['delivery_address'],
|
|
$orig['company']
|
|
]);
|
|
|
|
$new_id = $pdo->lastInsertId();
|
|
|
|
$hist = $pdo->prepare("INSERT INTO " . DB_PREFIX . "order_history (order_id, user_id, action) VALUES (?, ?, ?)");
|
|
$hist->execute([$new_id, $_SESSION['user_id'], "Sklonowano na podstawie archiwalnego/starego zamówienia #$id."]);
|
|
|
|
echo json_encode(['success' => true]);
|
|
} else {
|
|
echo json_encode(['success' => false, 'error' => 'Nieznana akcja']);
|
|
}
|
|
} catch (PDOException $e) {
|
|
error_log($e->getMessage());
|
|
echo json_encode(['success' => false, 'error' => 'Wystapil blad serwera']);
|
|
}
|
|
?>
|