| Server IP : 172.67.187.206 / Your IP : 172.71.28.156 Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586 User : SYSTEM ( 0) PHP Version : 5.6.30 Disable Function : NONE MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /Inetpub/www/supply_system/supplies/ |
Upload File : |
<?php
include_once __DIR__ . '/../config.php';
include_once __DIR__ . '/../functions.php';
include_once __DIR__ . '/../includes/auth_check.php';
// requireRole(['admin', 'supply_manager']); // Ensure only authorized users
$message = '';
$message_type = 'danger';
$supply_id = isset($_GET['id']) ? intval($_GET['id']) : 0;
$current_status = isset($_GET['status']) ? sanitize_input($conn, $_GET['status']) : '';
if ($supply_id > 0 && ($current_status == 'active' || $current_status == 'inactive')) {
$new_status = ($current_status == 'active') ? 'inactive' : 'active';
$action_text = ($new_status == 'active') ? 'เปิดใช้งาน' : 'ปิดใช้งาน';
// --- Prepare Update SQL ---
$sql_update = "UPDATE supplies SET status = '$new_status', updated_at = NOW() WHERE id = $supply_id";
if (mysqli_query($conn, $sql_update)) {
if (mysqli_affected_rows($conn) > 0) {
// Fetch supply name for message
$sql_name = "SELECT supply_name FROM supplies WHERE id = $supply_id";
$res_name = mysqli_query($conn, $sql_name);
$supply_name = ($res_name && $row = mysqli_fetch_assoc($res_name)) ? $row['supply_name'] : "ID $supply_id";
// Use isset() for PHP 5.6 compatibility when fetching name
// $supply_name = ($res_name && ($row = mysqli_fetch_assoc($res_name)) && isset($row['supply_name'])) ? $row['supply_name'] : "ID $supply_id";
if($res_name) mysqli_free_result($res_name);
$message = "$action_text พัสดุ '" . htmlspecialchars($supply_name) . "' เรียบร้อยแล้ว";
$message_type = 'success';
} else {
// Check if the record exists but status was already the target status
$sql_verify = "SELECT status FROM supplies WHERE id = $supply_id";
$res_verify = mysqli_query($conn, $sql_verify);
if($res_verify && $row_verify = mysqli_fetch_assoc($res_verify)){
if($row_verify['status'] == $new_status){
$message = "สถานะของพัสดุ ID: $supply_id เป็น '$new_status' อยู่แล้ว";
$message_type = 'warning';
} else {
$message = "ไม่พบพัสดุ ID: $supply_id";
$message_type = 'warning';
}
mysqli_free_result($res_verify);
} else {
$message = "ไม่พบพัสดุ ID: $supply_id";
$message_type = 'warning';
}
}
} else {
$message = "เกิดข้อผิดพลาดในการอัปเดตสถานะ: " . mysqli_error($conn);
$message_type = 'danger';
}
mysqli_close($conn);
} else {
$message = "ข้อมูลไม่ถูกต้อง (ID หรือ สถานะ ปัจจุบันไม่ถูกต้อง)";
$message_type = 'danger';
}
// --- Redirect back with message ---
$_SESSION['message'] = $message;
$_SESSION['message_type'] = $message_type;
// Redirect back to index.php, potentially preserving filters if needed (more complex)
redirect('index.php');
?>