EduProjects/techstore
1
0
Fork 0
mirror of https://codeberg.org/ThisIsMiseryy/techstore synced 2026-05-14 14:52:04 +00:00
Code Issues Packages Projects Releases 3 Wiki Activity

Implementata pagina gestione ordini

Browse Source
This commit is contained in:
Andrea Fiorencis
2026-04-10 11:39:37 +02:00
parent 3ca10395b5
commit 397c899115
2 changed files with 229 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/admin/manageOrders.php
+163
View File
@@ -0,0 +1,163 @@
<?php
session_start();
include '../db_conf.php';
// Controlla se l'utente è loggato
if (!isset($_SESSION['id'])) {
header('Location: ../login.php');
exit();
}
// Controlla se l'utente ha ruolo admin
$user_id = $_SESSION['id'];
$sql_role = "SELECT Role FROM Users WHERE UserID = ?";
$stmt_role = $conn->prepare($sql_role);
$stmt_role->bind_param("i", $user_id);
$stmt_role->execute();
$stmt_role->bind_result($role);
$stmt_role->fetch();
$stmt_role->close();
if ($role !== 'admin') {
http_response_code(403);
die("Accesso negato. Solo gli amministratori possono accedere a questa sezione.");
}
// Gestisci azioni (cambio stato, eliminazione)
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$action = $_POST['action'] ?? '';
$order_id = $_POST['order_id'] ?? 0;
if ($action === 'update_status') {
$new_status = $_POST['status'] ?? '';
if (in_array($new_status, ['pending', 'completed', 'cancelled'])) {
$sql_update = "UPDATE Orders SET Status = ? WHERE OrderID = ?";
$stmt_update = $conn->prepare($sql_update);
$stmt_update->bind_param("si", $new_status, $order_id);
$stmt_update->execute();
$stmt_update->close();
}
} elseif ($action === 'delete_order') {
// Elimina gli items dell'ordine prima di eliminare l'ordine
$sql_delete_items = "DELETE FROM OrderItems WHERE OrderID = ?";
$stmt_delete_items = $conn->prepare($sql_delete_items);
$stmt_delete_items->bind_param("i", $order_id);
$stmt_delete_items->execute();
$stmt_delete_items->close();
// Elimina l'ordine
$sql_delete = "DELETE FROM Orders WHERE OrderID = ?";
$stmt_delete = $conn->prepare($sql_delete);
$stmt_delete->bind_param("i", $order_id);
$stmt_delete->execute();
$stmt_delete->close();
}
}
// Query per ottenere tutti gli ordini con dettagli utente
$sql = "SELECT o.OrderID, o.UserID, u.Name, u.Surname, u.Email, o.OrderDate, o.Total, o.Status,
GROUP_CONCAT(p.ProductName SEPARATOR ', ') AS Products
FROM Orders o
LEFT JOIN Users u ON o.UserID = u.UserID
LEFT JOIN OrderItems oi ON o.OrderID = oi.OrderID
LEFT JOIN Products p ON oi.ProductID = p.ProductID
GROUP BY o.OrderID
ORDER BY o.OrderDate DESC";
$result = $conn->query($sql);
if ($result === false) {
die("Errore nella query: " . $conn->error);
}
?>
<!DOCTYPE html>
<html lang="it">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Dashboard amministratore - TechStore</title>
<link rel="stylesheet" href="/assets/style.css">
<script src="/assets/js/cart.js"></script>
</head>
<body>
<header style="display: flex; justify-content: space-between; align-items: center; padding: 10px; background-color: #f2f2f2; border-bottom: 1px solid #ddd;">
<div id="logo" style="font-size: 24px; font-weight: bold;"><a href="/index.php"><img src="/img/logo.png" alt="Logo TechStore" height="32px"></a></div>
<div>
<a href="/cart.php"><button style="margin-left: 10px; padding: 8px 16px; background-color: #007bff; color: white; border: none; border-radius: 4px; cursor: pointer;">Carrello</button></a>
<?php if (isset($_SESSION['name'])): ?>
<a href="/logout.php"><button style="margin-left: 10px; padding: 8px 16px; background-color: #dc3545; color: white; border: none; border-radius: 4px; cursor: pointer;">Logout</button></a>
<span style="margin-left: 10px;">Benvenuto, <?php echo htmlspecialchars($_SESSION['name']); ?></span>
<?php else: ?>
<a href="/login.php"><button style="margin-left: 10px; padding: 8px 16px; background-color: #28a745; color: white; border: none; border-radius: 4px; cursor: pointer;">Accesso</button></a>
<?php endif; ?>
</div>
</header>
<?php if (isset($_SESSION['name'])): ?>
<div class="account-layout">
<div class="my-sidebar">
<ul>
<li><a href="/admin">Dashboard</a></li>
<li><a href="/admin/manageOrders.php">Gestione ordini</a></li>
</ul>
</div>
<div class="my-container">
<h1>Gestione Ordini</h1>
<?php if ($result && $result->num_rows > 0): ?>
<table class="admin-table">
<thead>
<tr>
<th>ID Ordine</th>
<th>Cliente</th>
<th>Email</th>
<th>Prodotti</th>
<th>Data</th>
<th>Totale</th>
<th>Stato</th>
<th>Azioni</th>
</tr>
</thead>
<tbody>
<?php while ($order = $result->fetch_assoc()): ?>
<tr>
<td>#<?php echo htmlspecialchars($order['OrderID']); ?></td>
<td><?php echo htmlspecialchars($order['Name'] . ' ' . $order['Surname']); ?></td>
<td><?php echo htmlspecialchars($order['Email']); ?></td>
<td><?php echo htmlspecialchars($order['Products'] ?? 'N/A'); ?></td>
<td><?php echo date('d/m/Y H:i', strtotime($order['OrderDate'])); ?></td>
<td>€<?php echo number_format($order['Total'], 2, ',', '.'); ?></td>
<td>
<form method="POST" style="display: inline;">
<input type="hidden" name="action" value="update_status">
<input type="hidden" name="order_id" value="<?php echo $order['OrderID']; ?>">
<select name="status" onchange="this.form.submit()" class="status-select status-<?php echo htmlspecialchars($order['Status']); ?>">
<option value="pending" <?php echo $order['Status'] === 'pending' ? 'selected' : ''; ?>>In sospeso</option>
<option value="completed" <?php echo $order['Status'] === 'completed' ? 'selected' : ''; ?>>Completato</option>
<option value="cancelled" <?php echo $order['Status'] === 'cancelled' ? 'selected' : ''; ?>>Cancellato</option>
</select>
</form>
</td>
<td>
<form method="POST" style="display: inline;" onsubmit="return confirm('Sei sicuro di voler eliminare questo ordine?');">
<input type="hidden" name="action" value="delete_order">
<input type="hidden" name="order_id" value="<?php echo $order['OrderID']; ?>">
<button type="submit" class="btn-delete">Elimina</button>
</form>
</td>
</tr>
<?php endwhile; ?>
</tbody>
</table>
<?php else: ?>
<p>Nessun ordine trovato.</p>
<?php endif; ?>
</div>
</div>
<?php else: ?>
<?php header('Location: login.php'); ?>
<?php endif; ?>
<?php $conn->close(); ?>
</body>
</html>
src/assets/style.css
+66
View File
@@ -319,4 +319,70 @@ form button:hover {
.order-details p {
margin: 5px 0;
color: #666;
}
/* Stili per la pagina admin di gestione ordini */
.admin-table {
width: 100%;
border-collapse: collapse;
margin-top: 20px;
background-color: #fff;
}
.admin-table th,
.admin-table td {
border: 1px solid #ddd;
padding: 12px;
text-align: left;
}
.admin-table th {
background-color: #f2f2f2;
font-weight: bold;
}
.admin-table tbody tr:hover {
background-color: #f9f9f9;
}
.status-select {
padding: 5px 8px;
border: 1px solid #ddd;
border-radius: 4px;
cursor: pointer;
}
.status-select.status-pending {
background-color: #fff3cd;
color: #212529;
}
.status-select.status-completed {
background-color: #d4edda;
color: #155724;
}
.status-select.status-cancelled {
background-color: #f8d7da;
color: #721c24;
}
.btn-delete {
padding: 5px 10px;
background-color: #dc3545;
color: white;
border: none;
border-radius: 4px;
cursor: pointer;
font-size: 12px;
}
.btn-delete:hover {
background-color: #c82333;
}
.admin-table td form {
display: contents;
margin: 0;
padding: 0;
}