You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
328 lines
18 KiB
PHP
328 lines
18 KiB
PHP
<?php
|
|
require_once 'includes/db.php';
|
|
require_once 'includes/auth.php';
|
|
checkAuth();
|
|
|
|
$message = '';
|
|
$id = $_GET['id'] ?? 0;
|
|
|
|
$stmt = $pdo->prepare("SELECT * FROM " . DB_PREFIX . "orders WHERE id = ?");
|
|
$stmt->execute([$id]);
|
|
$order = $stmt->fetch();
|
|
|
|
if (!$order) {
|
|
die("Zamówienie nie istnieje.");
|
|
}
|
|
|
|
// 1. OBSŁUGA ZMIANY STATUSU ARCHIWUM
|
|
if (isset($_POST['archive_action'])) {
|
|
requireCsrfToken();
|
|
$new_archive_status = $order['is_archived'] ? 0 : 1;
|
|
|
|
$update_arch = $pdo->prepare("UPDATE " . DB_PREFIX . "orders SET is_archived = ? WHERE id = ?");
|
|
$update_arch->execute([$new_archive_status, $id]);
|
|
|
|
$action_msg = $new_archive_status ? "Przeniesiono do archiwum." : "Przywrócono z archiwum do aktualnych.";
|
|
$hist_arch = $pdo->prepare("INSERT INTO " . DB_PREFIX . "order_history (order_id, user_id, action) VALUES (?, ?, ?)");
|
|
$hist_arch->execute([$id, $_SESSION['user_id'], $action_msg]);
|
|
|
|
// Wracamy na listę, uwzględniając czy lądujemy w archiwum czy nie
|
|
$redirect_url = $new_archive_status ? "index.php?archive=1" : "index.php";
|
|
header("Location: $redirect_url");
|
|
exit();
|
|
}
|
|
|
|
// 2. OBSŁUGA DODAWANIA KOMENTARZA
|
|
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['add_comment'])) {
|
|
requireCsrfToken();
|
|
$comment_text = trim($_POST['comment_text'] ?? '');
|
|
|
|
if (!empty($comment_text)) {
|
|
try {
|
|
$ins_comm = $pdo->prepare("INSERT INTO " . DB_PREFIX . "order_comments (order_id, user_id, comment_text) VALUES (?, ?, ?)");
|
|
$ins_comm->execute([$id, $_SESSION['user_id'], $comment_text]);
|
|
|
|
// Przeładowanie strony (PRG - Post/Redirect/Get), aby uniknąć ponownego wysłania przy odświeżaniu F5
|
|
header("Location: edit_order.php?id=" . $id);
|
|
exit();
|
|
} catch (PDOException $e) {
|
|
$message = "<div class='alert alert-danger'>Błąd zapisu komentarza: " . $e->getMessage() . "</div>";
|
|
}
|
|
}
|
|
}
|
|
|
|
// 3. OBSŁUGA STANDARDOWEJ EDYCJI
|
|
if ($_SERVER["REQUEST_METHOD"] == "POST" && !isset($_POST['archive_action']) && !isset($_POST['add_comment'])) {
|
|
requireCsrfToken();
|
|
$product_name = trim($_POST['product_name'] ?? '');
|
|
$part_number = trim($_POST['part_number'] ?? '');
|
|
$quantity = (int)$_POST['quantity'];
|
|
$purchase_place = trim($_POST['purchase_place'] ?? '');
|
|
$status = $_POST['status'];
|
|
$price = (float)str_replace(',', '.', $_POST['price_per_unit'] ?? '0');
|
|
$delivery_date = $_POST['delivery_date'] ?? null;
|
|
$notes = trim($_POST['notes'] ?? '');
|
|
$recipient = trim($_POST['recipient'] ?? '');
|
|
$delivery_address = trim($_POST['delivery_address'] ?? '');
|
|
$company = trim($_POST['company'] ?? '');
|
|
|
|
$changes = [];
|
|
if (($order['company'] ?? '') !== $company) $changes[] = "Firma: [{$order['company']}] ➔ [$company]";
|
|
if (($order['product_name'] ?? '') !== $product_name) $changes[] = "Produkt: [{$order['product_name']}] ➔ [$product_name]";
|
|
if (($order['part_number'] ?? '') !== $part_number) $changes[] = "PN: [{$order['part_number']}] ➔ [$part_number]";
|
|
if ((int)$order['quantity'] !== $quantity) $changes[] = "Ilość: [{$order['quantity']}] ➔ [$quantity]";
|
|
if (($order['purchase_place'] ?? '') !== $purchase_place) $changes[] = "Sklep: [{$order['purchase_place']}] ➔ [$purchase_place]";
|
|
if (($order['status'] ?? '') !== $status) $changes[] = "Status: [{$order['status']}] ➔ [$status]";
|
|
if ((float)$order['price_per_unit'] !== $price) $changes[] = "Cena: [{$order['price_per_unit']}] ➔ [$price]";
|
|
if (($order['delivery_date'] ?? '') !== $delivery_date) $changes[] = "Dostawa: [{$order['delivery_date']}] ➔ [$delivery_date]";
|
|
if (($order['recipient'] ?? '') !== $recipient) $changes[] = "Odbiorca: [{$order['recipient']}] ➔ [$recipient]";
|
|
if (($order['delivery_address'] ?? '') !== $delivery_address) $changes[] = "Adres: [{$order['delivery_address']}] ➔ [$delivery_address]";
|
|
if (($order['notes'] ?? '') !== $notes) $changes[] = "Zaktualizowano notatki";
|
|
|
|
if (!empty($changes)) {
|
|
try {
|
|
$pdo->beginTransaction();
|
|
|
|
$update = $pdo->prepare("UPDATE " . DB_PREFIX . "orders SET
|
|
product_name=?, part_number=?, quantity=?, purchase_place=?, status=?, price_per_unit=?, delivery_date=?, notes=?, recipient=?, delivery_address=?, company=?
|
|
WHERE id=?");
|
|
$update->execute([$product_name, $part_number, $quantity, $purchase_place, $status, $price, $delivery_date, $notes, $recipient, $delivery_address, $company, $id]);
|
|
|
|
$action_text = "Zmieniono: " . implode(', ', $changes);
|
|
$hist = $pdo->prepare("INSERT INTO " . DB_PREFIX . "order_history (order_id, user_id, action) VALUES (?, ?, ?)");
|
|
$hist->execute([$id, $_SESSION['user_id'], $action_text]);
|
|
|
|
$pdo->commit();
|
|
$message = "<div class='alert alert-success'>Zmiany zostały zapisane!</div>";
|
|
|
|
$stmt->execute([$id]);
|
|
$order = $stmt->fetch();
|
|
} catch (PDOException $e) {
|
|
$pdo->rollBack();
|
|
$message = "<div class='alert alert-danger'>Błąd bazy: " . $e->getMessage() . "</div>";
|
|
}
|
|
}
|
|
}
|
|
|
|
// POBIERANIE HISTORII
|
|
$hist_sql = "SELECT h.action, h.created_at, u.username
|
|
FROM " . DB_PREFIX . "order_history h
|
|
LEFT JOIN " . DB_PREFIX . "users u ON h.user_id = u.id
|
|
WHERE h.order_id = ?
|
|
ORDER BY h.created_at DESC";
|
|
$hist_stmt = $pdo->prepare($hist_sql);
|
|
$hist_stmt->execute([$id]);
|
|
$history = $hist_stmt->fetchAll();
|
|
|
|
// POBIERANIE KOMENTARZY
|
|
$comm_sql = "SELECT c.comment_text, c.created_at, u.username
|
|
FROM " . DB_PREFIX . "order_comments c
|
|
LEFT JOIN " . DB_PREFIX . "users u ON c.user_id = u.id
|
|
WHERE c.order_id = ?
|
|
ORDER BY c.created_at DESC";
|
|
$comm_stmt = $pdo->prepare($comm_sql);
|
|
$comm_stmt->execute([$id]);
|
|
$comments = $comm_stmt->fetchAll();
|
|
?>
|
|
|
|
<!DOCTYPE html>
|
|
<html lang="pl">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<title>Karta Zamówienia - <?php echo APP_NAME; ?></title>
|
|
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
|
|
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.11.0/font/bootstrap-icons.css">
|
|
</head>
|
|
<body class="bg-light">
|
|
|
|
<nav class="navbar navbar-expand navbar-dark bg-dark mb-4 shadow-sm position-relative">
|
|
<div class="container">
|
|
<a class="navbar-brand d-flex align-items-center m-0" href="index.php">
|
|
<?php
|
|
$logo_path = $pdo->query("SELECT setting_value FROM " . DB_PREFIX . "settings WHERE setting_key = 'logo_path'")->fetchColumn();
|
|
if($logo_path && file_exists($logo_path)): ?>
|
|
<img src="<?php echo $logo_path; ?>" alt="Logo" style="max-height: 40px; width: auto;">
|
|
<?php else: ?>
|
|
<span class="fs-4">💻</span>
|
|
<?php endif; ?>
|
|
</a>
|
|
<div class="position-absolute top-50 start-50 translate-middle text-white fw-bold d-none d-md-block" style="font-size: 1.15rem; letter-spacing: 0.5px;">
|
|
<?php echo APP_NAME; ?>
|
|
</div>
|
|
<div class="d-flex ms-auto align-items-center gap-2">
|
|
<span class="text-light small d-none d-lg-inline me-2">Witaj, <strong><?php echo $_SESSION['username']; ?></strong></span>
|
|
<a class="btn btn-outline-danger btn-sm" href="logout.php">Wyloguj</a>
|
|
</div>
|
|
</div>
|
|
</nav>
|
|
|
|
<div class="container pb-5">
|
|
<div class="row">
|
|
|
|
<div class="col-md-7 mb-4">
|
|
<div class="card shadow-sm mb-4">
|
|
<div class="card-header bg-dark text-white d-flex justify-content-between align-items-center">
|
|
<h5 class="mb-0">
|
|
<i class="bi bi-box-seam"></i> Edycja zamówienia #<?php echo $id; ?>
|
|
<?php if ($order['is_archived']): ?>
|
|
<span class="badge bg-secondary ms-2"><i class="bi bi-archive"></i> Archiwum</span>
|
|
<?php endif; ?>
|
|
</h5>
|
|
<a href="index.php<?php echo $order['is_archived'] ? '?archive=1' : ''; ?>" class="btn btn-sm btn-outline-light"><i class="bi bi-arrow-left"></i> Powrót</a>
|
|
</div>
|
|
<div class="card-body">
|
|
<?php echo $message; ?>
|
|
<form method="POST">
|
|
<?php echo csrfInput(); ?>
|
|
|
|
<div class="mb-3 p-2 bg-success bg-opacity-10 border border-success rounded">
|
|
<label class="form-label small fw-bold text-success"><i class="bi bi-building"></i> Firma kupująca</label>
|
|
<select name="company" class="form-select border-success">
|
|
<option value="" <?php if(empty($order['company'])) echo 'selected'; ?>>Wybierz firmę...</option>
|
|
<option value="Przedsiębiorstwo" <?php if(($order['company']??'')=='Przedsiębiorstwo') echo 'selected'; ?>>Przedsiębiorstwo</option>
|
|
<option value="Spółka" <?php if(($order['company']??'')=='Spółka') echo 'selected'; ?>>Spółka</option>
|
|
</select>
|
|
</div>
|
|
|
|
<div class="row mb-3">
|
|
<div class="col-md-8">
|
|
<label class="form-label small fw-bold">Nazwa produktu</label>
|
|
<input type="text" name="product_name" class="form-control" value="<?php echo htmlspecialchars($order['product_name'] ?? ''); ?>" required>
|
|
</div>
|
|
<div class="col-md-4">
|
|
<label class="form-label small fw-bold">PN (Part Number)</label>
|
|
<input type="text" name="part_number" class="form-control" placeholder="np. 90NB0W..." value="<?php echo htmlspecialchars($order['part_number'] ?? ''); ?>">
|
|
</div>
|
|
</div>
|
|
|
|
<div class="row mb-3">
|
|
<div class="col-md-3">
|
|
<label class="form-label small fw-bold">Ilość</label>
|
|
<input type="number" name="quantity" class="form-control" value="<?php echo $order['quantity']; ?>" required min="1">
|
|
</div>
|
|
<div class="col-md-4">
|
|
<label class="form-label small fw-bold">Cena za szt.</label>
|
|
<div class="input-group">
|
|
<input type="text" name="price_per_unit" class="form-control" value="<?php echo $order['price_per_unit']; ?>">
|
|
<span class="input-group-text">zł</span>
|
|
</div>
|
|
</div>
|
|
<div class="col-md-5">
|
|
<label class="form-label small fw-bold">Miejsce zakupu</label>
|
|
<input type="text" name="purchase_place" class="form-control" value="<?php echo htmlspecialchars($order['purchase_place'] ?? ''); ?>">
|
|
</div>
|
|
</div>
|
|
|
|
<div class="row mb-3">
|
|
<div class="col-md-6">
|
|
<label class="form-label small fw-bold">Szacowana data dostawy</label>
|
|
<input type="date" name="delivery_date" class="form-control" value="<?php echo $order['delivery_date'] ?? ''; ?>">
|
|
</div>
|
|
<div class="col-md-6">
|
|
<label class="form-label small fw-bold text-danger">Bieżący Status</label>
|
|
<select name="status" class="form-select border-danger">
|
|
<option value="nowe" <?php if($order['status']=='nowe') echo 'selected'; ?>>Nowe</option>
|
|
<option value="w trakcie realizacji" <?php if($order['status']=='w trakcie realizacji') echo 'selected'; ?>>W trakcie</option>
|
|
<option value="zrealizowane" <?php if($order['status']=='zrealizowane') echo 'selected'; ?>>Zrealizowane</option>
|
|
<option value="anulowane" <?php if($order['status']=='anulowane') echo 'selected'; ?>>Anulowane</option>
|
|
</select>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="p-3 bg-light border rounded mb-3">
|
|
<div class="row">
|
|
<div class="col-md-5 mb-2 mb-md-0">
|
|
<label class="form-label small fw-bold text-primary">Odbiorca / Projekt</label>
|
|
<input type="text" name="recipient" class="form-control form-control-sm" value="<?php echo htmlspecialchars($order['recipient'] ?? ''); ?>">
|
|
</div>
|
|
<div class="col-md-7">
|
|
<label class="form-label small fw-bold text-primary">Adres dostawy</label>
|
|
<textarea name="delivery_address" class="form-control form-control-sm" rows="1"><?php echo htmlspecialchars($order['delivery_address'] ?? ''); ?></textarea>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="mb-4">
|
|
<label class="form-label small fw-bold">Notatki wewnętrzne</label>
|
|
<textarea name="notes" class="form-control" rows="3"><?php echo htmlspecialchars($order['notes'] ?? ''); ?></textarea>
|
|
</div>
|
|
|
|
<div class="d-flex justify-content-between">
|
|
<button type="submit" name="archive_action" value="1" class="btn btn-outline-secondary" formnovalidate>
|
|
<i class="bi bi-archive"></i> <?php echo $order['is_archived'] ? 'Przywróć z archiwum' : 'Zarchiwizuj zamówienie'; ?>
|
|
</button>
|
|
<button type="submit" class="btn btn-success px-4"><i class="bi bi-save"></i> Zapisz modyfikacje</button>
|
|
</div>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="col-md-5">
|
|
|
|
<div class="card shadow-sm border-0 mb-4">
|
|
<div class="card-header bg-primary text-white">
|
|
<i class="bi bi-chat-text"></i> Komentarze i ustalenia
|
|
</div>
|
|
<div class="card-body bg-light">
|
|
<form method="POST" class="mb-3">
|
|
<?php echo csrfInput(); ?>
|
|
<div class="input-group shadow-sm">
|
|
<textarea name="comment_text" class="form-control" rows="2" placeholder="Wpisz nowy komentarz..." required></textarea>
|
|
<button type="submit" name="add_comment" class="btn btn-primary px-3"><i class="bi bi-send"></i></button>
|
|
</div>
|
|
</form>
|
|
|
|
<div class="comments-list" style="max-height: 350px; overflow-y: auto;">
|
|
<?php if (empty($comments)): ?>
|
|
<div class="text-muted small text-center p-3 border rounded bg-white">Brak komentarzy. Bądź pierwszy!</div>
|
|
<?php else: ?>
|
|
<?php foreach ($comments as $c): ?>
|
|
<div class="card mb-2 border-0 shadow-sm">
|
|
<div class="card-body p-2 px-3">
|
|
<div class="d-flex justify-content-between align-items-center mb-1 border-bottom pb-1">
|
|
<strong class="small text-primary"><i class="bi bi-person-circle"></i> <?php echo htmlspecialchars($c['username']); ?></strong>
|
|
<span class="text-muted" style="font-size: 0.70rem;"><?php echo date('d.m.Y H:i', strtotime($c['created_at'])); ?></span>
|
|
</div>
|
|
<div class="small mt-1 text-dark" style="line-height: 1.4;">
|
|
<?php echo nl2br(htmlspecialchars($c['comment_text'])); ?>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<?php endforeach; ?>
|
|
<?php endif; ?>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="card shadow-sm border-0">
|
|
<div class="card-header bg-info text-dark">
|
|
<i class="bi bi-clock-history"></i> Historia zmian
|
|
</div>
|
|
<div class="card-body p-0" style="max-height: 300px; overflow-y: auto;">
|
|
<ul class="list-group list-group-flush">
|
|
<?php if (empty($history)): ?>
|
|
<li class="list-group-item text-muted small">Brak zapisanej historii modyfikacji.</li>
|
|
<?php else: ?>
|
|
<?php foreach ($history as $h): ?>
|
|
<li class="list-group-item p-3">
|
|
<div class="d-flex justify-content-between align-items-center mb-1">
|
|
<strong class="small text-primary"><i class="bi bi-person"></i> <?php echo htmlspecialchars($h['username'] ?? 'System'); ?></strong>
|
|
<span class="text-muted" style="font-size: 0.75rem;"><?php echo date('d.m.Y H:i', strtotime($h['created_at'])); ?></span>
|
|
</div>
|
|
<div class="small text-secondary">
|
|
<?php echo htmlspecialchars($h['action']); ?>
|
|
</div>
|
|
</li>
|
|
<?php endforeach; ?>
|
|
<?php endif; ?>
|
|
</ul>
|
|
</div>
|
|
</div>
|
|
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html>
|