<?php
include 'inc/check_login.php';
include 'connectiondb.php';
$_SESSION['username'] = $_SESSION['manager']; // Must be already set
?>
<?php
$userid="";
if (loggedin())
{
$query = mysql_query("SELECT * FROM account WHERE username='$_SESSION[manager]' AND description='staff' ");
while ($row = mysql_fetch_assoc($query))
{
$username = $row ['username'];
}
}
else
{
header("Location:login.php");
exit();
}
?>
<?php include 'staff.php'?>
<tr>
<td height="450" colspan="2" align="left" valign="top"><br />
<table width="960" border="0">
<tr>
<td colspan="7" align="center" valign="middle">
<?php
if (isset($_GET['updateid']))
{
$id = ($_GET['updateid']);
echo 'Are you sure you want to accept return ID no : '.$id.' ? <a
href="addproductrequest.php?yesid='.$id.'">Yes!</a> |<a href="addproductrequest.php"> No</a>!';
}
?>
<?php
include 'connectiondb.php';
if (isset($_GET['yesid']))
{
$trans_id = $_GET['yesid'];
$status = $_GET['status'];
$query = mysql_query("SELECT * FROM `addproduct_request` WHERE 'id'='$trans_id'");
while($row = mysql_fetch_assoc($query))
{
$db_status = $row['status'];
$db_id = $_row['id'];
}
if($status == $db_status)
{
$sql=mysql_query("SELECT * FROM addproduct_request WHERE 'id'='$trans_id'");
while($row = mysql_fetch_assoc($sql))
mysql_query("UPDATE `addproduct_request` SET `status` = 'Complete' WHERE `addproduct_request`.`id` = '$trans_id'");
}
echo '<div class="success">Successfully accepted the request <a href="returning.php">click here to continue</a></div>';
}
?>
<?php
if (isset($_GET['declineid']))
{
$id = ($_GET['declineid']);
echo 'Are you sure you want to decline add ID no : '.$id.' ? <a
href="addproductrequest.php?noid='.$id.'">Yes!</a> |<a href="addproductrequest.php"> No</a>!';
}
?>
<?php
include 'connectiondb.php';
if (isset($_GET['noid']))
{
$trans_id = $_GET['noid'];
$status = $_GET['status'];
$query = mysql_query("SELECT * FROM `addproduct_request` WHERE 'id'='$trans_id'");
while($row = mysql_fetch_assoc($query))
{
$db_status = $row['status'];
$db_id = $_row['id'];
}
if($status == $db_status)
{
$sql=mysql_query("SELECT * FROM addproduct_request WHERE id='$trans_id'");
while($row = mysql_fetch_assoc($sql))
{
{
$cnumber=$row['contact_number'];
}
mysql_query("UPDATE `addproduct_request` SET `status` = 'Declined' WHERE `addproduct_request`.`id` = '$trans_id'");
}
}
}
?>
<?php
include 'connectiondb.php';
if (isset($_GET['id'])) {
$targetID = $_GET['id'];
$sql = mysql_query("SELECT * FROM products WHERE id='$targetID' LIMIT 1");
$productCount = mysql_num_rows($sql); // count the output amount
if ($productCount > 0) {
while($row = mysql_fetch_array($sql)){
$stock = $row["stock"];
$date_added = strftime("%b %d, %Y", strtotime($row["date_added"]));
}
} else {
echo "<div id='error'>Invalid Id</div>";
}
}
?>
<?php
if (isset($_POST['products']))
{
$pid = addslashes(strip_tags($_POST['id']));
$ustock = addslashes(strip_tags($_POST['ustock']));
$errors = array();
if ($stock)
{
if ($stock > 9097152)
{
$errors[] = "<div id='error'>Too many stocks</div>";
}
if (!empty($errors))
{
foreach ($errors as $error)
{
echo $error, '<br/>';
}
}
else{
// include '../inc/connectdb.php';
$totalstock = $stock + $ustock;
$sql = mysql_query("UPDATE products SET
stock='$totalstock'
WHERE id='$pid'");
}
}
else
{
echo "<div id='error'>Please fill in all fields</div>";
}
}
?>
</td>
</tr>
<table width="960" border="0" align="center" style="background: 0 0 rgba(0, 0, 0, 0.14); box-shadow: 0 3px 1px rgba(0, 0, 0, 0.02) inset, 0 1px 0 white; -moz-border-radius: 15px; border-radius: 15px;">
<?php
$sql1 = mysql_query("SELECT * FROM addproduct_request");//database
$addproductrequestcount = mysql_num_rows($sql1); // count the output amount
if ($addproductrequestcount > 0) {
echo "<table width='960' border='0' align='center' style='background: 0 0 rgba(0, 0, 0, 0.14); box-shadow: 0 3px 1px rgba(0, 0, 0, 0.02) inset, 0 1px 0 white; -moz-border-radius: 15px; border-radius: 15px;'>";
echo " <tr>
<td colspan='2' align='center' valign='top'>
<tr>
<td width='89' align='center' valign='middle'><strong >Product ID</td>
<td width='89' align='center' align='middle'><strong >Category</td>
<td width='89' align='center' valign='middle'><strong >Name</td>
<td width='89' align='center' valign='middle'><strong >Description</td>
<td width='89' align='center' valign='middle'><strong >Stock Added</td>
<td width='89' align='center' valign='middle'><strong >Date Added</td>
<td width='89' align='center' valign='middle'><strong >Date Requested</td>
<td width='89' align='center' valign='middle'><strong >Status</td>
</tr>";
while($row = mysql_fetch_array($sql1)){
$userid = $row['id'];
$category = $row['category'];
$pname = $row['pname'];
$description = $row['description'];
$stock = $row['stock'];
$date_requested = $row['date_request'];
$date_request = $row['date_request'];
$status = $row['status'];
$ext = $row["ext"];
$date = strftime("%b %d, %Y", strtotime($row["date_added"]));
echo'<tr>
<td width="89" align="center" valign="middle" >'.$userid.'</td>
<td width="89" align="center" valign="middle" >'.$category.'</td>
<td width="89" align="center" valign="middle" >'.$pname.'</td>
<td width="89" align="center" valign="middle" >'.$description.'</td>
<td width="89" align="center" valign="middle" >'.$stock.'</td>
<td width="89" align="center" valign="middle" >'.$date_requested.'</td>
<td width="89" align="center" valign="middle" >'.$date_request.'</td>
<td width="89" align="center" valign="middle" style="color: GREEN;
text-shadow: 0 1px 0 #FFFF00;
font-size: 18px;
font-family:serif">'.$status.'</td>
<td width="89"><a href="addproductrequest.php?updateid='.$userid.'" style="font-family: verdana;border: 1px solid #1F79AE;
background-color: #1F79AE;
border-radius: 4px;
box-shadow: inset 0 1px 3px #fff, inset 0 -15px #cbe6f2, 0 0 3px #8ec1da;
-o-box-shadow: inset 0 1px 3px #fff, inset 0 -15px #cbe6f2, 0 0 3px #8ec1da;
-webkit-box-shadow: inset 0 1px 3px #fff, inset 0 -15px #1F79AE, 0 0 3px #8ec1da;
-moz-box-shadow: inset 0 1px 3px #fff, inset 0 -15px #cbe6f2, 0 0 3px #8ec1da;
color: darkgreen;
text-shadow: 0 1px #fff;
padding: 2px 5px;">Accept</a><a
href="addproductrequest.php?declineid='.$userid.'" style="font-family: verdana;border: 1px solid #1F79AE;
background-color: #1F79AE;
border-radius: 4px;
box-shadow: inset 0 1px 3px #fff, inset 0 -15px #cbe6f2, 0 0 3px #8ec1da;
-o-box-shadow: inset 0 1px 3px #fff, inset 0 -15px #cbe6f2, 0 0 3px #8ec1da;
-webkit-box-shadow: inset 0 1px 3px #fff, inset 0 -15px #1F79AE, 0 0 3px #8ec1da;
-moz-box-shadow: inset 0 1px 3px #fff, inset 0 -15px #cbe6f2, 0 0 3px #8ec1da;
color: darkgreen;
text-shadow: 0 1px #fff;
padding: 2px 5px;">Decline</a>
</td></tr></tr>';
}
}
else{
echo 'No Requesting';
}
?>
</td>
</table>
</table>
</td>
</tr>
</table>
<center>
<br>
</tr>
</center>
</body>
</html>