diff --git a/employeePages/eEditCategories.php b/employeePages/eEditCategories.php
new file mode 100644
index 0000000..84c007c
--- /dev/null
+++ b/employeePages/eEditCategories.php
@@ -0,0 +1,78 @@
+prepare($query);
+ $stmt ->bind_param("ss", $_GET['NewCatName'], $_GET['NewCatDesc']);
+ $stmt ->execute();
+}elseif (isset($_GET['NewName'])){ //Update old category
+ $query = "UPDATE categories SET CategoryName = ?, Description = ? WHERE CategoryID = ?";
+ $stmt = $con->prepare($query);
+ $stmt ->bind_param("ssd", $_GET['NewName'], $_GET['NewDesc'], $_GET['Category']);
+ $stmt ->execute();
+}
+
+?>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/employeePages/eEditProducts.php b/employeePages/eEditProducts.php
new file mode 100644
index 0000000..3b90f4c
--- /dev/null
+++ b/employeePages/eEditProducts.php
@@ -0,0 +1,168 @@
+query($sql)) {}
+
+$row = $result->fetch_assoc();
+if ($row) {
+ $FirstName = $row['FirstName'];
+ $Photo = $row['Photo'];
+
+}
+
+//echo "Welcome " . $_SESSION["userName"] . "!";
+?>
+
+
+
+
+
+
+
+
+
+
+
+
+ prepare($query);
+
+ }elseif (isset($_GET["SimpleSearch"]) && !empty($_GET["SimpleSearch"])) { //Simple search
+ $query ="SELECT ProductID as _ProductID, ProductName as Product, CategoryName as Category, CompanyName as Company,
+ QuantityPerUnit as Quantity, CONCAT('$', FORMAT(p.UnitPrice,2)) as Price, UnitsInStock as Stock
+ FROM
+ ((products as p LEFT JOIN suppliers as s ON p.SupplierID = s.SupplierID)
+ LEFT JOIN categories c ON p.CategoryID = c.CategoryID)
+ LEFT JOIN company co ON s.CompanyId = co.CompanyID
+ WHERE
+ CategoryName LIKE ? OR
+ ProductName LIKE ? OR
+ CompanyName LIKE ?";
+
+ $SimpleSearch = "%" . $_GET['SimpleSearch'] . "%";
+ $stmt = $con->prepare($query);
+ $stmt ->bind_param("sss", $SimpleSearch, $SimpleSearch, $SimpleSearch);
+
+ }else{ //Advanced search
+
+ $query ="SELECT ProductID as _ProductID, ProductName as Product, CategoryName as Category, CompanyName as Company,
+ QuantityPerUnit as Quantity, CONCAT('$', FORMAT(p.UnitPrice,2)) as Price, UnitsInStock as Stock
+ FROM
+ ((products as p LEFT JOIN suppliers as s ON p.SupplierID = s.SupplierID)
+ LEFT JOIN categories c ON p.CategoryID = c.CategoryID)
+ LEFT JOIN company co ON s.CompanyId = co.CompanyID
+ WHERE
+ ProductName LIKE ? AND
+ CompanyName LIKE ? AND
+ CategoryName LIKE ? AND
+ UnitPrice > ? AND
+ UnitPrice < ?";
+
+ $ProductName = "%" . $_GET['ProductName'] . "%";
+ $CompanyName = "%" . $_GET['CompanyName'] . "%";
+ $Category = "%" . $_GET['Category'] . "%";
+ if (empty($_GET["UnitPriceLow"])){
+ $UnitPriceLow = 0.00;
+ }else{
+ $UnitPriceLow = number_format($_GET['UnitPriceLow'], 2);
+ }
+ if (empty($_GET["UnitPriceHigh"])){
+ $UnitPriceHigh = 10000000.00;
+ }else{
+ $UnitPriceHigh = number_format($_GET['UnitPriceHigh'], 2);
+ }
+ $stmt = $con->prepare($query);
+ $stmt ->bind_param("sssdd", $ProductName, $CompanyName, $Category, $UnitPriceLow, $UnitPriceHigh);
+
+ }
+
+ $stmt ->execute();
+ $result = $stmt->get_result();
+
+ $trArgs = array("onclick=\"window.document.location='eViewProduct.php?productID=%ProductID%'\"",
+ array('%ProductID%' => '_ProductID')
+ );
+ makeTable($result, $trArgs);
+
+
+ ?>
+
+
+
+
+
+
diff --git a/employeePages/eNewProduct.php b/employeePages/eNewProduct.php
new file mode 100644
index 0000000..084f154
--- /dev/null
+++ b/employeePages/eNewProduct.php
@@ -0,0 +1,77 @@
+prepare($query);
+ $stmt ->bind_param("sddsddddd", $_GET['ProductName'], $_GET['SupplierID'], $_GET['CategoryID'], $_GET['QuantityPerUnit'], $_GET['UnitPrice'], $zero, $zero, $_GET['ReorderLevel'], $zero);
+
+ $stmt ->execute();
+
+ header("Location:cEditProducts.php");
+ // $con->query($query);
+}
+?>
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/employeePages/eReviewCustomerDemographics.php b/employeePages/eReviewCustomerDemographics.php
new file mode 100644
index 0000000..7a6b284
--- /dev/null
+++ b/employeePages/eReviewCustomerDemographics.php
@@ -0,0 +1,166 @@
+query($sql)) {}
+
+$row = $result->fetch_assoc();
+if ($row) {
+ $FirstName = $row['FirstName'];
+ $Photo = $row['Photo'];
+
+}
+
+//echo "Welcome " . $_SESSION["userName"] . "!";
+?>
+
+
+
+
+
+
+
+
+
+
+ prepare($query);
+
+ }elseif (isset($_GET["SimpleSearch"]) && !empty($_GET["SimpleSearch"])) { //Simple search
+ $query ="SELECT CustomerID as ID, CompanyName as Company, ContactName as Name, ContactTitle as Title, Address, City, Region, PostalCode as `Postal Code`, Country, Phone, Fax
+ FROM
+ customers
+ WHERE
+ CustomerID LIKE ? OR
+ CompanyName LIKE ? OR
+ ContactName LIKE ? OR
+ ContactTitle LIKE ? OR
+ Address LIKE ? OR
+ City LIKE ? OR
+ Region LIKE ? OR
+ PostalCode LIKE ? OR
+ Country LIKE ? OR
+ Phone LIKE ? OR
+ Fax LIKE ?";
+ // echo $query;
+ $SimpleSearch = "%" . $_GET['SimpleSearch'] . "%";
+ $stmt = $con->prepare($query);
+ $stmt ->bind_param("sssssssssss", $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch);
+
+ }else{ //Advanced search
+
+ $query ="SELECT CustomerID as ID, CompanyName as Company, ContactName as Name, ContactTitle as Title, Address, City, Region, PostalCode as `Postal Code`, Country, Phone, Fax
+ FROM
+ customers
+ WHERE
+ CustomerID LIKE ? AND
+ CompanyName LIKE ? AND
+ ContactName LIKE ? AND
+ ContactTitle LIKE ? AND
+ Address LIKE ? AND
+ City LIKE ? AND
+ Region LIKE ? AND
+ PostalCode LIKE ? AND
+ Country LIKE ? AND
+ Phone LIKE ? AND
+ Fax LIKE ?";
+
+ $CustomerID = "%" . $_GET['CustomerID'] . "%";
+ $CompanyName = "%" . $_GET['CompanyName'] . "%";
+ $ContactName = "%" . $_GET['ContactName'] . "%";
+ $ContactTitle = "%" . $_GET['ContactTitle'] . "%";
+ $Address = "%" . $_GET['Address'] . "%";
+ $City = "%" . $_GET['City'] . "%";
+ $Region = "%" . $_GET['Region'] . "%";
+ $PostalCode = "%" . $_GET['PostalCode'] . "%";
+ $Country = "%" . $_GET['Country'] . "%";
+ $Phone = "%" . $_GET['Phone'] . "%";
+ $Fax = "%" . $_GET['Fax'] . "%";
+
+ $stmt = $con->prepare($query);
+ $stmt ->bind_param("sssssssssss", $CustomerID, $CompanyName, $ContactName, $ContactTitle,
+ $Address, $City, $Region,
+ $PostalCode, $Country, $Phone, $Fax);
+
+ }
+
+ $stmt ->execute();
+ $result = $stmt->get_result();
+
+
+ makeTable($result);
+
+
+ ?>
+
+
+
+
+
+
diff --git a/employeePages/eViewOrder.php b/employeePages/eViewOrder.php
index 7cfff88..c0c32af 100644
--- a/employeePages/eViewOrder.php
+++ b/employeePages/eViewOrder.php
@@ -16,9 +16,54 @@ $orderID = $_GET['orderID'];
', ShipRegion, ' ', ShipPostalCode, ', ', ShipCountry) as `Ship Address`,
+ CONCAT('$', FORMAT(Total,2)) as Total, pt.Name as `Paid Via`
+ FROM
+ ((((orders o LEFT JOIN employees e ON o.EmployeeID = e.EmployeeID)
+ LEFT JOIN shipments sh ON o.OrderID = sh.OrderID)
+ LEFT JOIN shipaddresses s ON sh.ShipmentsID = s.ShipAddrID)
+ LEFT JOIN payment p ON o.orderID = p.orderID)
+ LEFT JOIN paymenttype pt ON pt.paymenttypeid = p.paymenttypeid
+ " . $where . " ORDER BY OrderDate DESC";
+
+ $result = $con->query($sql);
+ $trArgs = array("onclick=\"window.document.location='eViewOrder.php?orderID=%OrderID%'\"",
+ array('%OrderID%' => '_OrderID')
+ );
+ makeTable($result, $trArgs);
+
echo "
";
- displayOrderDetails($orderID);
+
+ $sql = "SELECT
+ p.ProductID as _ProductID,
+ ProductName as Product,
+ CategoryName as Category,
+ CompanyName as Company,
+ QuantityPerUnit as Quantity,
+ CONCAT('$', FORMAT(p.UnitPrice,2)) as Price,
+ UnitsInStock as Stock,
+ Quantity as `Amount Ordered`,
+ CONCAT('$', FORMAT(Quantity*p.UnitPrice,2)) as `Sub-total`
+ FROM
+ (((`order details` od LEFT JOIN products p ON od.ProductID = p.ProductID)
+ LEFT JOIN suppliers as s ON p.SupplierID = s.SupplierID)
+ LEFT JOIN categories c ON p.CategoryID = c.CategoryID)
+ LEFT JOIN company co ON s.CompanyId = co.CompanyID
+ WHERE orderid = " . $orderID . "
+ order by od.ProductID ASC";
+
+ $result = $con->query($sql);
+
+ $trArgs = array("onclick=\"window.document.location='eViewProduct.php?productID=%ProductID%'\"",
+ array('%ProductID%' => '_ProductID')
+ );
+ makeTable($result, $trArgs);
?>
query($sql);
+ makeTable($result);
+
+ $result = $con->query($sql);
+ $row = $result->fetch_assoc();
+
+ $ProductName = $row['Product'];
+ $SupplierID = $row['_SupplierID'];
+ $CategoryID = $row['_CategoryID'];
+ $Quantity = $row['Quantity'];
+ $UnitPrice = $row['Price'];
+ $UnitsInStock = $row['Stock'];
+ $ReorderLevel = $row['Reorder Level'];
+ $Discontinued = $row['Discontinued'];
+
+
+ echo "
";
+ ?>
+
+
+
+ query($sql);
+ $row = $result->fetch_assoc();
+ loadPicture($row['Picture']);
?>