-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathvieworders.php
More file actions
122 lines (103 loc) · 3.35 KB
/
vieworders.php
File metadata and controls
122 lines (103 loc) · 3.35 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
<?php $dir = ""; include($dir . "header.php"); ?>
<?php
if (isset($_GET['toggleNo'])&&$_SESSION['perm']==100) {
// echo $_GET['toggleNo'];
$servername = "localhost";
$username = "root";
$password = "admin";
$dbname = "cscomp";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "UPDATE orders SET active='no' WHERE order_id=".$_GET['toggleNo'].";";
// echo $sql;
$result = $conn->query($sql);
$conn->close();
}
if (isset($_GET['toggleYes'])&&$_SESSION['perm']==100) {
// echo $_GET['toggleYes'];
$servername = "localhost";
$username = "root";
$password = "admin";
$dbname = "cscomp";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "UPDATE orders SET active='yes' WHERE order_id=".$_GET['toggleYes'].";";
// echo $sql;
$result = $conn->query($sql);
$conn->close();
}
if(isset($_GET['delete'])&&$_SESSION['perm']==100){
$servername = "localhost";
$username = "root";
$password = "admin";
$dbname = "cscomp";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "DELETE FROM orders WHERE order_id=".$_GET['delete'].";";
// echo $sql;
$result = $conn->query($sql);
$conn->close();
}
?>
<link rel="stylesheet" href="css/table.css">
<h1>Orders</h1>
<table>
<tr>
<th>Item Names</th>
<th>Cost</th>
<?php if($_SESSION['perm']==100){?>
<th>User</th>
<?php } ?>
<th>Status</th>
<?php if($_SESSION['perm']==100){?>
<th>Delete</th>
<?php } ?>
</tr>
<?php
$servername = "localhost";
$username = "root";
$password = "admin";
$dbname = "cscomp";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT * FROM orders";
$result = $conn->query($sql);
while($row = $result->fetch_assoc()) {
if($row['team_user']==$_SESSION['username']||$_SESSION['perm']==100){
echo "<tr>
<td>".str_replace('|', '<br>', $row['itemsName'])."</td>
<td>".$row['cost']."</td>";
if($_SESSION['perm']==100)
echo "<td>".$row['team_user']."</td>";
if($row['active']=='yes'){
echo "<td><center><a href = 'vieworders.php?toggleNo=\"".$row['order_id']."\"'><div class='box green'> </div></a></center></td>";
}
if($row['active']=='no'){
echo "<td><center><a href = 'vieworders.php?toggleYes=\"".$row['order_id']."\"'><div class='box red'> </div></a></center></td>";
}
if($_SESSION['perm']==100)
echo "<td><a href='vieworders.php?delete=\"".$row['order_id']."\"'><button type='button'>Delete</button></td>";
echo "</tr>";
}
}
$conn->close();
?>
</table>
<script type="text/javascript">
</script>