From 662d9f213fa3848140dd82926778fb593491cc9f Mon Sep 17 00:00:00 2001 From: Josh Date: Sun, 4 Dec 2016 18:15:38 -0500 Subject: [PATCH] Finished up employee pages (customer dems advanced search doesn't really work but it would be a ton of work to fix it so I'm ok with that) --- employeePages/eEditCategories.php | 78 ++++++++ employeePages/eEditProducts.php | 168 ++++++++++++++++++ employeePages/eNewProduct.php | 77 ++++++++ employeePages/eReviewCustomerDemographics.php | 166 +++++++++++++++++ employeePages/eViewOrder.php | 49 ++++- employeePages/eViewProduct.php | 154 +++++++++++++++- 6 files changed, 688 insertions(+), 4 deletions(-) create mode 100644 employeePages/eEditCategories.php create mode 100644 employeePages/eEditProducts.php create mode 100644 employeePages/eNewProduct.php create mode 100644 employeePages/eReviewCustomerDemographics.php diff --git a/employeePages/eEditCategories.php b/employeePages/eEditCategories.php new file mode 100644 index 0000000..84c007c --- /dev/null +++ b/employeePages/eEditCategories.php @@ -0,0 +1,78 @@ +prepare($query); + $stmt ->bind_param("ss", $_GET['NewCatName'], $_GET['NewCatDesc']); + $stmt ->execute(); +}elseif (isset($_GET['NewName'])){ //Update old category + $query = "UPDATE categories SET CategoryName = ?, Description = ? WHERE CategoryID = ?"; + $stmt = $con->prepare($query); + $stmt ->bind_param("ssd", $_GET['NewName'], $_GET['NewDesc'], $_GET['Category']); + $stmt ->execute(); +} + +?> + + + + + + + + +
+
+ +
+

Add Category

+
+ + + + + + + +
+
+
+ +
+
+

Edit Category

+
+ + + + + + + + + + +
+
+
+
+ + + + + diff --git a/employeePages/eEditProducts.php b/employeePages/eEditProducts.php new file mode 100644 index 0000000..3b90f4c --- /dev/null +++ b/employeePages/eEditProducts.php @@ -0,0 +1,168 @@ +query($sql)) {} + +$row = $result->fetch_assoc(); +if ($row) { + $FirstName = $row['FirstName']; + $Photo = $row['Photo']; + +} + +//echo "Welcome " . $_SESSION["userName"] . "!"; +?> + + + + + + + +
+ +
+ +
+
+
+ +
+

Simple Search

+
+ + + +
+
+
+
+ +
+

Advanced Search

+
+ + + + + + + + + + + + +
+
+
+
+
+ prepare($query); + + }elseif (isset($_GET["SimpleSearch"]) && !empty($_GET["SimpleSearch"])) { //Simple search + $query ="SELECT ProductID as _ProductID, ProductName as Product, CategoryName as Category, CompanyName as Company, + QuantityPerUnit as Quantity, CONCAT('$', FORMAT(p.UnitPrice,2)) as Price, UnitsInStock as Stock + FROM + ((products as p LEFT JOIN suppliers as s ON p.SupplierID = s.SupplierID) + LEFT JOIN categories c ON p.CategoryID = c.CategoryID) + LEFT JOIN company co ON s.CompanyId = co.CompanyID + WHERE + CategoryName LIKE ? OR + ProductName LIKE ? OR + CompanyName LIKE ?"; + + $SimpleSearch = "%" . $_GET['SimpleSearch'] . "%"; + $stmt = $con->prepare($query); + $stmt ->bind_param("sss", $SimpleSearch, $SimpleSearch, $SimpleSearch); + + }else{ //Advanced search + + $query ="SELECT ProductID as _ProductID, ProductName as Product, CategoryName as Category, CompanyName as Company, + QuantityPerUnit as Quantity, CONCAT('$', FORMAT(p.UnitPrice,2)) as Price, UnitsInStock as Stock + FROM + ((products as p LEFT JOIN suppliers as s ON p.SupplierID = s.SupplierID) + LEFT JOIN categories c ON p.CategoryID = c.CategoryID) + LEFT JOIN company co ON s.CompanyId = co.CompanyID + WHERE + ProductName LIKE ? AND + CompanyName LIKE ? AND + CategoryName LIKE ? AND + UnitPrice > ? AND + UnitPrice < ?"; + + $ProductName = "%" . $_GET['ProductName'] . "%"; + $CompanyName = "%" . $_GET['CompanyName'] . "%"; + $Category = "%" . $_GET['Category'] . "%"; + if (empty($_GET["UnitPriceLow"])){ + $UnitPriceLow = 0.00; + }else{ + $UnitPriceLow = number_format($_GET['UnitPriceLow'], 2); + } + if (empty($_GET["UnitPriceHigh"])){ + $UnitPriceHigh = 10000000.00; + }else{ + $UnitPriceHigh = number_format($_GET['UnitPriceHigh'], 2); + } + $stmt = $con->prepare($query); + $stmt ->bind_param("sssdd", $ProductName, $CompanyName, $Category, $UnitPriceLow, $UnitPriceHigh); + + } + + $stmt ->execute(); + $result = $stmt->get_result(); + + $trArgs = array("onclick=\"window.document.location='eViewProduct.php?productID=%ProductID%'\"", + array('%ProductID%' => '_ProductID') + ); + makeTable($result, $trArgs); + + + ?> +
+ + + + + diff --git a/employeePages/eNewProduct.php b/employeePages/eNewProduct.php new file mode 100644 index 0000000..084f154 --- /dev/null +++ b/employeePages/eNewProduct.php @@ -0,0 +1,77 @@ +prepare($query); + $stmt ->bind_param("sddsddddd", $_GET['ProductName'], $_GET['SupplierID'], $_GET['CategoryID'], $_GET['QuantityPerUnit'], $_GET['UnitPrice'], $zero, $zero, $_GET['ReorderLevel'], $zero); + + $stmt ->execute(); + + header("Location:cEditProducts.php"); + // $con->query($query); +} +?> + + + + + + + +
+
+

New Product

+
+ + + + + + + + + + + + + + + + + + + +
+
+
+ + + + + diff --git a/employeePages/eReviewCustomerDemographics.php b/employeePages/eReviewCustomerDemographics.php new file mode 100644 index 0000000..7a6b284 --- /dev/null +++ b/employeePages/eReviewCustomerDemographics.php @@ -0,0 +1,166 @@ +query($sql)) {} + +$row = $result->fetch_assoc(); +if ($row) { + $FirstName = $row['FirstName']; + $Photo = $row['Photo']; + +} + +//echo "Welcome " . $_SESSION["userName"] . "!"; +?> + + + + + + + + +
+
+ +
+

Simple Search

+
+ + + +
+
+
+
+ +
+

Advanced Search

+
+ + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+
+
+ prepare($query); + + }elseif (isset($_GET["SimpleSearch"]) && !empty($_GET["SimpleSearch"])) { //Simple search + $query ="SELECT CustomerID as ID, CompanyName as Company, ContactName as Name, ContactTitle as Title, Address, City, Region, PostalCode as `Postal Code`, Country, Phone, Fax + FROM + customers + WHERE + CustomerID LIKE ? OR + CompanyName LIKE ? OR + ContactName LIKE ? OR + ContactTitle LIKE ? OR + Address LIKE ? OR + City LIKE ? OR + Region LIKE ? OR + PostalCode LIKE ? OR + Country LIKE ? OR + Phone LIKE ? OR + Fax LIKE ?"; + // echo $query; + $SimpleSearch = "%" . $_GET['SimpleSearch'] . "%"; + $stmt = $con->prepare($query); + $stmt ->bind_param("sssssssssss", $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch, $SimpleSearch); + + }else{ //Advanced search + + $query ="SELECT CustomerID as ID, CompanyName as Company, ContactName as Name, ContactTitle as Title, Address, City, Region, PostalCode as `Postal Code`, Country, Phone, Fax + FROM + customers + WHERE + CustomerID LIKE ? AND + CompanyName LIKE ? AND + ContactName LIKE ? AND + ContactTitle LIKE ? AND + Address LIKE ? AND + City LIKE ? AND + Region LIKE ? AND + PostalCode LIKE ? AND + Country LIKE ? AND + Phone LIKE ? AND + Fax LIKE ?"; + + $CustomerID = "%" . $_GET['CustomerID'] . "%"; + $CompanyName = "%" . $_GET['CompanyName'] . "%"; + $ContactName = "%" . $_GET['ContactName'] . "%"; + $ContactTitle = "%" . $_GET['ContactTitle'] . "%"; + $Address = "%" . $_GET['Address'] . "%"; + $City = "%" . $_GET['City'] . "%"; + $Region = "%" . $_GET['Region'] . "%"; + $PostalCode = "%" . $_GET['PostalCode'] . "%"; + $Country = "%" . $_GET['Country'] . "%"; + $Phone = "%" . $_GET['Phone'] . "%"; + $Fax = "%" . $_GET['Fax'] . "%"; + + $stmt = $con->prepare($query); + $stmt ->bind_param("sssssssssss", $CustomerID, $CompanyName, $ContactName, $ContactTitle, + $Address, $City, $Region, + $PostalCode, $Country, $Phone, $Fax); + + } + + $stmt ->execute(); + $result = $stmt->get_result(); + + + makeTable($result); + + + ?> +
+ + + + + diff --git a/employeePages/eViewOrder.php b/employeePages/eViewOrder.php index 7cfff88..c0c32af 100644 --- a/employeePages/eViewOrder.php +++ b/employeePages/eViewOrder.php @@ -16,9 +16,54 @@ $orderID = $_GET['orderID'];
', ShipRegion, ' ', ShipPostalCode, ', ', ShipCountry) as `Ship Address`, + CONCAT('$', FORMAT(Total,2)) as Total, pt.Name as `Paid Via` + FROM + ((((orders o LEFT JOIN employees e ON o.EmployeeID = e.EmployeeID) + LEFT JOIN shipments sh ON o.OrderID = sh.OrderID) + LEFT JOIN shipaddresses s ON sh.ShipmentsID = s.ShipAddrID) + LEFT JOIN payment p ON o.orderID = p.orderID) + LEFT JOIN paymenttype pt ON pt.paymenttypeid = p.paymenttypeid + " . $where . " ORDER BY OrderDate DESC"; + + $result = $con->query($sql); + $trArgs = array("onclick=\"window.document.location='eViewOrder.php?orderID=%OrderID%'\"", + array('%OrderID%' => '_OrderID') + ); + makeTable($result, $trArgs); + echo "
"; - displayOrderDetails($orderID); + + $sql = "SELECT + p.ProductID as _ProductID, + ProductName as Product, + CategoryName as Category, + CompanyName as Company, + QuantityPerUnit as Quantity, + CONCAT('$', FORMAT(p.UnitPrice,2)) as Price, + UnitsInStock as Stock, + Quantity as `Amount Ordered`, + CONCAT('$', FORMAT(Quantity*p.UnitPrice,2)) as `Sub-total` + FROM + (((`order details` od LEFT JOIN products p ON od.ProductID = p.ProductID) + LEFT JOIN suppliers as s ON p.SupplierID = s.SupplierID) + LEFT JOIN categories c ON p.CategoryID = c.CategoryID) + LEFT JOIN company co ON s.CompanyId = co.CompanyID + WHERE orderid = " . $orderID . " + order by od.ProductID ASC"; + + $result = $con->query($sql); + + $trArgs = array("onclick=\"window.document.location='eViewProduct.php?productID=%ProductID%'\"", + array('%ProductID%' => '_ProductID') + ); + makeTable($result, $trArgs); ?>
diff --git a/employeePages/eViewProduct.php b/employeePages/eViewProduct.php index 5614c43..9c42a86 100644 --- a/employeePages/eViewProduct.php +++ b/employeePages/eViewProduct.php @@ -2,6 +2,35 @@ require("../dbCon.php"); require("../commonFunctions.php"); + +if (isset($_GET['ProductName'])){ //If productName is set, then update product in DB + $query = "UPDATE products SET + ProductName = ?, + SupplierID = ?, + CategoryID = ?, + QuantityPerUnit = ?, + UnitPrice = ?, + UnitsInStock = ?, + ReorderLevel = ?, + Discontinued = ? + WHERE ProductID = ?"; + // echo $query; + $stmt = $con->prepare($query); + $stmt ->bind_param("sddsddddd", + $_GET['ProductName'], + $_GET['SupplierID'], + $_GET['CategoryID'], + $_GET['QuantityPerUnit'], + $_GET['UnitPrice'], + $_GET['Stock'], + $_GET['ReorderLevel'], + $_GET['Discontinued'], + $_GET['productID'] + ); + $stmt ->execute(); + + +} $productID = $_GET['productID']; //echo "Welcome " . $_SESSION["userName"] . "!"; ?> @@ -12,14 +41,135 @@ $productID = $_GET['productID'];
query($sql); + makeTable($result); + + $result = $con->query($sql); + $row = $result->fetch_assoc(); + + $ProductName = $row['Product']; + $SupplierID = $row['_SupplierID']; + $CategoryID = $row['_CategoryID']; + $Quantity = $row['Quantity']; + $UnitPrice = $row['Price']; + $UnitsInStock = $row['Stock']; + $ReorderLevel = $row['Reorder Level']; + $Discontinued = $row['Discontinued']; + + + echo "
"; + ?> + +
+
+

Edit Product

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+
+ query($sql); + $row = $result->fetch_assoc(); + loadPicture($row['Picture']); ?>