Show sourcecode

The following files exists in this folder. Click to view.

webbserverprogrammering/projects/slutprojekt/endpoints/order-handling/

delete-order.php
fetch-new-orders.php
register-order.php
update-status.php

`fetch-new-orders.php`

73 lines UTF-8 Windows (CRLF)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73


<?php

session_start();



// Professional permission check

if (empty($_SESSION["restaurant_permission"])) {

    http_response_code(403);

    echo json_encode(["error" => "Permission denied."]);

    exit;

}



require __DIR__ . '/../../../../dbconnect.php';

require_once __DIR__  . '/../../functions/test_inputs.php';

require_once __DIR__ . '/../../incl/classes/Order.php';

require_once __DIR__ . '/../../incl/classes/Item.php';  // Assuming class name



// Validate/sanitize all POST inputs (if any)

test_all($_POST);



header('Content-Type: application/json; charset=utf-8');



try {

    // 1) Fetch all new orders for this restaurant

    $stmt = $dbconn->prepare(

        'SELECT id, item_id, customer_id, restaurant_id, status, price, token, created_at

         FROM slutprojekt_orders

         WHERE restaurant_id = ?

         ORDER BY created_at DESC'

    );

    $stmt->execute([$_SESSION["restaurant_id"]]);

    $orders = [];



    while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {

        // Build Order object

        $order = Order::init_from_db(

            $row["item_id"],

            $row["customer_id"],

            $row["restaurant_id"],

            $row["status"],

            $row["price"],

            $row["token"],

            $row["id"],

            $row["created_at"]

        );



        // 2) Fetch menu‑item details

        $stmt2 = $dbconn->prepare(

            'SELECT restaurant_id, item_name, item_description, item_price, item_enabled, item_image

             FROM slutprojekt_menu_items

             WHERE id = ?'

        );

        $stmt2->execute([$row["item_id"]]);

        if ($itemRow = $stmt2->fetch(PDO::FETCH_ASSOC)) {

            $menuItem = Menu_Item::init_from_db(

                $itemRow["restaurant_id"],

                $itemRow["item_name"],

                $itemRow["item_description"],

                $itemRow["item_price"],

                $itemRow["item_enabled"],

                $itemRow["item_image"],

                $row["item_id"]

            );

            $order->set_menu_item($menuItem);

        }



        $orders[] = $order->toArray();  // Make sure you have a method that returns an array

    }



    echo json_encode($orders);

} catch (Exception $e) {

    http_response_code(500);

    echo json_encode(["error" => "Server error."]);

}