getenv('DB_DATABASE') ?: 'freeshop', 'user' => getenv('DB_USERNAME') ?: 'freeshop_user', 'password' => getenv('DB_PASSWORD') ?: 'freeshop_password', 'host' => getenv('DB_HOST') ?: 'db', 'driver' => 'pdo_mysql', 'port' => getenv('DB_PORT') ?: 3306, 'charset' => 'utf8mb4', ]; try { $conn = DriverManager::getConnection($connectionParams); // Bestellungen laden mit Kunden- und Produktinformationen $stmt = $conn->prepare(' SELECT o.*, u.firstname, u.lastname, u.email, COUNT(op.product_id) as item_count FROM ws_order o LEFT JOIN ws_user u ON o.user_id = u.id LEFT JOIN ws_order_product op ON o.id = op.order_id GROUP BY o.id ORDER BY o.created_at DESC '); $stmt->execute(); $orders = []; while ($row = $stmt->fetchAssociative()) { $orders[] = $row; } $this->render('admin/orders/index.html.twig', [ 'title' => 'Webshop Admin - Bestellungen', 'user_name' => $_SESSION['admin_user_name'], 'orders' => $orders ]); } catch (Exception $e) { $this->render('admin/orders/index.html.twig', [ 'title' => 'Webshop Admin - Bestellungen', 'user_name' => $_SESSION['admin_user_name'], 'orders' => [], 'error' => 'Datenbankfehler: ' . $e->getMessage() ]); } } public function show($id) { // Session prüfen session_start(); if (!isset($_SESSION['admin_user_id'])) { header('Location: /admin/login'); exit; } // DB-Verbindung herstellen $connectionParams = [ 'dbname' => getenv('DB_DATABASE') ?: 'freeshop', 'user' => getenv('DB_USERNAME') ?: 'freeshop_user', 'password' => getenv('DB_PASSWORD') ?: 'freeshop_password', 'host' => getenv('DB_HOST') ?: 'db', 'driver' => 'pdo_mysql', 'port' => getenv('DB_PORT') ?: 3306, 'charset' => 'utf8mb4', ]; try { $conn = DriverManager::getConnection($connectionParams); // Bestellung laden $stmt = $conn->prepare(' SELECT o.*, u.firstname, u.lastname, u.email FROM ws_order o LEFT JOIN ws_user u ON o.user_id = u.id WHERE o.id = ? '); $stmt->execute([$id]); $order = $stmt->fetchAssociative(); if (!$order) { header('Location: /admin/orders?error=Bestellung nicht gefunden'); exit; } // Produkte der Bestellung laden $stmt = $conn->prepare(' SELECT op.*, p.name, p.price, p.image FROM ws_order_product op LEFT JOIN ws_product p ON op.product_id = p.id WHERE op.order_id = ? '); $stmt->execute([$id]); $products = []; while ($row = $stmt->fetchAssociative()) { $products[] = $row; } $this->render('admin/orders/show.html.twig', [ 'title' => 'Webshop Admin - Bestellung Details', 'user_name' => $_SESSION['admin_user_name'], 'order' => $order, 'products' => $products ]); } catch (Exception $e) { header('Location: /admin/orders?error=Datenbankfehler: ' . $e->getMessage()); exit; } } public function edit($id) { // Session prüfen session_start(); if (!isset($_SESSION['admin_user_id'])) { header('Location: /admin/login'); exit; } if ($_SERVER['REQUEST_METHOD'] === 'POST') { $this->update($id); return; } $connectionParams = [ 'dbname' => getenv('DB_DATABASE') ?: 'freeshop', 'user' => getenv('DB_USERNAME') ?: 'freeshop_user', 'password' => getenv('DB_PASSWORD') ?: 'freeshop_password', 'host' => getenv('DB_HOST') ?: 'db', 'driver' => 'pdo_mysql', 'port' => getenv('DB_PORT') ?: 3306, 'charset' => 'utf8mb4', ]; try { $conn = DriverManager::getConnection($connectionParams); // Bestellung laden $stmt = $conn->prepare(' SELECT o.*, u.firstname, u.lastname, u.email FROM ws_order o LEFT JOIN ws_user u ON o.user_id = u.id WHERE o.id = ? '); $stmt->execute([$id]); $order = $stmt->fetchAssociative(); if (!$order) { header('Location: /admin/orders?error=Bestellung nicht gefunden'); exit; } // Produkte der Bestellung laden $stmt = $conn->prepare(' SELECT op.*, p.name, p.price, p.image FROM ws_order_product op LEFT JOIN ws_product p ON op.product_id = p.id WHERE op.order_id = ? '); $stmt->execute([$id]); $products = []; while ($row = $stmt->fetchAssociative()) { $products[] = $row; } $this->render('admin/orders/edit.html.twig', [ 'title' => 'Webshop Admin - Bestellung bearbeiten', 'user_name' => $_SESSION['admin_user_name'], 'order' => $order, 'products' => $products ]); } catch (Exception $e) { header('Location: /admin/orders?error=Datenbankfehler: ' . $e->getMessage()); exit; } } private function update($id) { $status = $_POST['status'] ?? ''; $shipping_address = $_POST['shipping_address'] ?? ''; $billing_address = $_POST['billing_address'] ?? ''; $notes = $_POST['notes'] ?? ''; if (empty($status)) { header('Location: /admin/orders/edit/' . $id . '?error=Status ist erforderlich'); exit; } $connectionParams = [ 'dbname' => getenv('DB_DATABASE') ?: 'freeshop', 'user' => getenv('DB_USERNAME') ?: 'freeshop_user', 'password' => getenv('DB_PASSWORD') ?: 'freeshop_password', 'host' => getenv('DB_HOST') ?: 'db', 'driver' => 'pdo_mysql', 'port' => getenv('DB_PORT') ?: 3306, 'charset' => 'utf8mb4', ]; try { $conn = DriverManager::getConnection($connectionParams); $stmt = $conn->prepare(' UPDATE ws_order SET status = ?, shipping_address = ?, billing_address = ?, notes = ?, updated_at = NOW() WHERE id = ? '); $stmt->execute([$status, $shipping_address, $billing_address, $notes, $id]); header('Location: /admin/orders/show/' . $id . '?success=Bestellung erfolgreich aktualisiert'); exit; } catch (Exception $e) { header('Location: /admin/orders/edit/' . $id . '?error=Datenbankfehler: ' . $e->getMessage()); exit; } } public function delete($id) { // Session prüfen session_start(); if (!isset($_SESSION['admin_user_id'])) { header('Location: /admin/login'); exit; } $connectionParams = [ 'dbname' => getenv('DB_DATABASE') ?: 'freeshop', 'user' => getenv('DB_USERNAME') ?: 'freeshop_user', 'password' => getenv('DB_PASSWORD') ?: 'freeshop_password', 'host' => getenv('DB_HOST') ?: 'db', 'driver' => 'pdo_mysql', 'port' => getenv('DB_PORT') ?: 3306, 'charset' => 'utf8mb4', ]; try { $conn = DriverManager::getConnection($connectionParams); // Bestellungsprodukte löschen $stmt = $conn->prepare('DELETE FROM ws_order_product WHERE order_id = ?'); $stmt->execute([$id]); // Bestellung löschen $stmt = $conn->prepare('DELETE FROM ws_order WHERE id = ?'); $stmt->execute([$id]); header('Location: /admin/orders?success=Bestellung erfolgreich gelöscht'); exit; } catch (Exception $e) { header('Location: /admin/orders?error=Datenbankfehler: ' . $e->getMessage()); exit; } } public function updateStatus($id) { // Session prüfen session_start(); if (!isset($_SESSION['admin_user_id'])) { header('Location: /admin/login'); exit; } $status = $_POST['status'] ?? ''; if (empty($status)) { header('Location: /admin/orders/show/' . $id . '?error=Status ist erforderlich'); exit; } $connectionParams = [ 'dbname' => getenv('DB_DATABASE') ?: 'freeshop', 'user' => getenv('DB_USERNAME') ?: 'freeshop_user', 'password' => getenv('DB_PASSWORD') ?: 'freeshop_password', 'host' => getenv('DB_HOST') ?: 'db', 'driver' => 'pdo_mysql', 'port' => getenv('DB_PORT') ?: 3306, 'charset' => 'utf8mb4', ]; try { $conn = DriverManager::getConnection($connectionParams); $stmt = $conn->prepare('UPDATE ws_order SET status = ?, updated_at = NOW() WHERE id = ?'); $stmt->execute([$status, $id]); header('Location: /admin/orders/show/' . $id . '?success=Status erfolgreich aktualisiert'); exit; } catch (Exception $e) { header('Location: /admin/orders/show/' . $id . '?error=Datenbankfehler: ' . $e->getMessage()); exit; } } protected function render($template, $data = []) { // Einfache Template-Engine (später durch Twig ersetzen) extract($data); include __DIR__ . '/../../templates/' . $template; } }