diff --git a/add_room_admin.php b/add_room_admin.php
index 5b852e0..f4919a0 100644
--- a/add_room_admin.php
+++ b/add_room_admin.php
@@ -80,6 +80,7 @@
diff --git a/admin_mark_paid.php b/admin_mark_paid.php
new file mode 100644
index 0000000..aecf7ca
--- /dev/null
+++ b/admin_mark_paid.php
@@ -0,0 +1,40 @@
+ booked_hist and update balance/rooms
+ $conn = new mysqli("localhost","root","", "iwp");
+ if($conn->connect_error) {
+ die("Connection failed: ".$conn->connect_error);
+ }
+ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['book_id'])) {
+ $bid = $conn->real_escape_string($_POST['book_id']);
+ $sql = "SELECT * from confirmed_booking WHERE book_id='$bid'";
+ $result = mysqli_query($conn, $sql);
+ if ($row = mysqli_fetch_row($result)) {
+ // update balance
+ $sql1 = "SELECT * FROM balance";
+ $result1 = mysqli_query($conn,$sql1);
+ $r = mysqli_fetch_row($result1);
+ $r[0] = $r[0] + $row[13];
+ $sql2 = "DELETE FROM balance";
+ mysqli_query($conn, $sql2);
+ $sql2 = "INSERT INTO balance VALUES ('".$r[0]."')";
+ mysqli_query($conn, $sql2);
+
+ // insert into booked_hist
+ $sql2 = "INSERT INTO booked_hist VALUES ('".$row[0]."','".$row[1]."','".$row[2]."','".$row[3]."','".$row[4]."','".$row[5]."','".$row[6]."','".$row[7]."','".$row[8]."','".$row[9]."','".$row[10]."','".$row[11]."','".$row[12]."','".$row[13]."','".$row[14]."')";
+ mysqli_query($conn, $sql2);
+
+ // delete from confirmed_booking
+ $sql2 = "DELETE FROM confirmed_booking WHERE book_id='$bid'";
+ mysqli_query($conn, $sql2);
+
+ // update rooms_count
+ $sql2 = "UPDATE rooms_count SET available_rooms = available_rooms+1, occupied_rooms = occupied_rooms-1 WHERE room_type='".$row[3]."'";
+ mysqli_query($conn, $sql2);
+ }
+ mysqli_free_result($result);
+ }
+ $conn->close();
+ // redirect back to admin payments with a status message
+ header('Location: admin_payments.php?status=paid&book_id='.urlencode($bid));
+ exit;
+?>
diff --git a/admin_modify_room1.php b/admin_modify_room1.php
index ad6aaaa..25ef6da 100644
--- a/admin_modify_room1.php
+++ b/admin_modify_room1.php
@@ -87,6 +87,7 @@ function submitForm(action)
Booking Requests
Confirmed Bookings
Booking History
+
Payments
Logout
diff --git a/admin_payments.php b/admin_payments.php
new file mode 100644
index 0000000..c94bfae
--- /dev/null
+++ b/admin_payments.php
@@ -0,0 +1,187 @@
+
+
+
+
Admin Payments
+
+
+
+
+
+
+ connect_error) { die("Connection failed: ".$conn->connect_error); }
+ $book_id = isset($_GET['book_id']) ? $conn->real_escape_string($_GET['book_id']) : '';
+ $name = isset($_GET['name']) ? $conn->real_escape_string($_GET['name']) : '';
+
+ // Export CSV when requested
+ if (isset($_GET['export']) && $_GET['export']=='1') {
+ header('Content-Type: text/csv; charset=utf-8');
+ header('Content-Disposition: attachment; filename=payments.csv');
+ $out = fopen('php://output', 'w');
+ fputcsv($out, ['booking_id','name','room_type','checkin','checkout','price','status']);
+
+ // unpaid (confirmed_booking)
+ $w = [];
+ if ($book_id !== '') $w[] = "book_id='$book_id'";
+ if ($name !== '') $w[] = "name LIKE '%$name%'";
+ $where = count($w) ? ' WHERE '.implode(' AND ', $w) : '';
+ $sql_unpaid = "SELECT book_id,name,room_type,checkin,checkout,price FROM confirmed_booking".$where;
+ if ($resu = mysqli_query($conn, $sql_unpaid)) {
+ while ($r = mysqli_fetch_row($resu)) {
+ fputcsv($out, [$r[0], $r[1], $r[2], $r[3], $r[4], $r[5], 'Unpaid']);
+ }
+ }
+
+ // paid (booked_hist)
+ $w2 = [];
+ if ($book_id !== '') $w2[] = "book_id='$book_id'";
+ if ($name !== '') $w2[] = "name LIKE '%$name%'";
+ $where2 = count($w2) ? ' WHERE '.implode(' AND ', $w2) : '';
+ $sql_paid = "SELECT book_id,name,room_type,checkin,checkout,price FROM booked_hist".$where2;
+ if ($resp = mysqli_query($conn, $sql_paid)) {
+ while ($rp = mysqli_fetch_row($resp)) {
+ fputcsv($out, [$rp[0], $rp[1], $rp[2], $rp[3], $rp[4], $rp[5], 'Paid']);
+ }
+ }
+ fclose($out);
+ exit;
+ }
+ ?>
+
+ Booking '.($paid_bid_msg?:'').' marked as paid successfully.
';
+ } ?>
+
+
+
+
+
Unpaid (Confirmed Bookings)
+
+
+ | Booking ID |
+ Name |
+ Room Type |
+ Check-in |
+ Check-out |
+ Price |
+ Action |
+
+ ';
+ echo ''.htmlspecialchars($r[0]).' | ';
+ echo ''.htmlspecialchars($r[1]).' | ';
+ echo ''.htmlspecialchars($r[2]).' | ';
+ echo ''.htmlspecialchars($r[3]).' | ';
+ echo ''.htmlspecialchars($r[4]).' | ';
+ echo ''.htmlspecialchars($r[5]).' | ';
+ echo '';
+ echo '';
+ echo ' | ';
+ echo '';
+ }
+ mysqli_free_result($res);
+ }
+ ?>
+
+
+
+
+
+
Paid (Booking History)
+
+
+ | Booking ID |
+ Name |
+ Room Type |
+ Check-in |
+ Check-out |
+ Price |
+
+ ';
+ echo ''.htmlspecialchars($r2[0]).' | ';
+ echo ''.htmlspecialchars($r2[1]).' | ';
+ echo ''.htmlspecialchars($r2[2]).' | ';
+ echo ''.htmlspecialchars($r2[3]).' | ';
+ echo ''.htmlspecialchars($r2[4]).' | ';
+ echo ''.htmlspecialchars($r2[5]).' | ';
+ echo '';
+ }
+ mysqli_free_result($res2);
+ }
+ $conn->close();
+ ?>
+
+
+
+
+
+
diff --git a/admin_room_added1.php b/admin_room_added1.php
index 8ae27b0..a96cc67 100644
--- a/admin_room_added1.php
+++ b/admin_room_added1.php
@@ -87,6 +87,7 @@ function submitForm(action)
Booking Requests
Confirmed Bookings
Booking History
+
Payments
Logout
diff --git a/admin_room_history.php b/admin_room_history.php
index 9ae1a01..3bd424a 100644
--- a/admin_room_history.php
+++ b/admin_room_history.php
@@ -87,6 +87,7 @@ function submitForm(action)
Booking Requests
Confirmed Bookings
Booking History
+
Payments
Logout
diff --git a/admin_room_removed1.php b/admin_room_removed1.php
index 9df6ad4..6e85751 100644
--- a/admin_room_removed1.php
+++ b/admin_room_removed1.php
@@ -87,6 +87,7 @@ function submitForm(action)
Booking Requests
Confirmed Bookings
Booking History
+
Payments
Logout
diff --git a/admin_room_status.php b/admin_room_status.php
index 1a3f920..03904f5 100644
--- a/admin_room_status.php
+++ b/admin_room_status.php
@@ -87,6 +87,7 @@ function submitForm(action)
Booking Requests
Confirmed Bookings
Booking History
+
Payments
Logout
diff --git a/admin_view.php b/admin_view.php
index efea445..32424cc 100644
--- a/admin_view.php
+++ b/admin_view.php
@@ -80,6 +80,7 @@
Booking Requests
Confirmed Bookings
Booking History
+
Payments
Logout
diff --git a/booking_history.php b/booking_history.php
index 66a9ec2..1c01502 100644
--- a/booking_history.php
+++ b/booking_history.php
@@ -22,6 +22,19 @@
padding: 50px;
box-shadow: 0 10px 20px rgba(0,0,0,0.19);
}
+ .status-pill {
+ display: inline-block;
+ padding: 5px 10px;
+ border-radius: 12px;
+ color: white;
+ font-weight: bold;
+ }
+ .status-paid {
+ background-color: #28a745;
+ }
+ .status-unpaid {
+ background-color: #dc3545;
+ }
#td1
{
background-color: rgba(09,41,98,0.9);
@@ -80,13 +93,14 @@
Booking Requests
Confirmed Bookings
Booking History
+
Payments
Logout
- Booking History
+ | Booking History
|
| Booking ID |
@@ -95,6 +109,7 @@
Check-in Date |
Check-out Date |
Price |
+ Payment Status |
|
|
@@ -115,6 +130,7 @@
|
|
|
+ |
Booking Requests
Confirmed Bookings
Booking History
+ Payments
Logout
diff --git a/confirmed_bookings.php b/confirmed_bookings.php
index e4781bc..b16a2b2 100644
--- a/confirmed_bookings.php
+++ b/confirmed_bookings.php
@@ -34,6 +34,19 @@
font-weight: bold;
padding-left: 15px;
}
+ .status-pill {
+ display: inline-block;
+ padding: 5px 10px;
+ border-radius: 12px;
+ color: white;
+ font-weight: bold;
+ }
+ .status-paid {
+ background-color: #28a745;
+ }
+ .status-unpaid {
+ background-color: #dc3545;
+ }
ul {
list-style-type: none;
margin: 0;
@@ -80,13 +93,14 @@
Booking Requests
Confirmed Bookings
Booking History
+
Payments
Logout
- Confirmed Bookings
+ | Confirmed Bookings
|
| Booking ID |
@@ -95,6 +109,7 @@
Check-in Date |
Check-out Date |
Price |
+ Payment Status |
0);
?>
|
|
@@ -115,6 +134,7 @@
|
|
|
+ |
connect_error);
}
$bid = $_POST["book_id"];
+ // get current user phone from temp_session to ensure users can only pay their own bookings
+ $usr = mysqli_query($conn, "SELECT * FROM temp_session");
+ $urow = mysqli_fetch_row($usr);
+ $user_phone = isset($urow[0]) ? $urow[0] : '';
$sql = "SELECT * from confirmed_booking";
$result=mysqli_query($conn,$sql);
while ($row=mysqli_fetch_row($result))
- {
- if($bid==$row[14])
- {
+ {
+ if($bid==$row[14] && $row[0] == $user_phone)
+ {
$sql1 = "SELECT * FROM balance";
$result1 = mysqli_query($conn,$sql1);
$r = mysqli_fetch_row($result1);
@@ -27,7 +31,7 @@
mysqli_query($conn, $sql2);
$sql2 = "UPDATE rooms_count SET available_rooms = available_rooms+1, occupied_rooms = occupied_rooms-1 WHERE room_type='$row[3]'";
mysqli_query($conn, $sql2);
- header("Location: payment1.php");
+ header("Location: user_payment.php?status=success&book_id=".urlencode($bid));
}
}
?>
diff --git a/remove_room_admin.php b/remove_room_admin.php
index f8687f7..159439a 100644
--- a/remove_room_admin.php
+++ b/remove_room_admin.php
@@ -80,6 +80,7 @@
Booking Requests
Confirmed Bookings
Booking History
+ Payments
Logout
diff --git a/user_booking_history.php b/user_booking_history.php
index 4e64376..c82bf1d 100644
--- a/user_booking_history.php
+++ b/user_booking_history.php
@@ -107,20 +107,18 @@
-
|
-
|
-
|
-
|
-
|
-
|
+
|
+
|
+
|
+
|
+
|
+
|
+ $user_row=mysqli_fetch_row($result);
+ $user_phone = isset($user_row[0]) ? $user_row[0] : ''; ?>
| THE DELUXE HOTEL |
- Hello, |
+ Hello, |
+ Payment successful'.($paid_bid? ' for booking '.$paid_bid:'').'.
';
+ } ?>
@@ -113,22 +137,23 @@
{
die("Connection failed: ".$conn->connect_error);
}
- $sql1 = "SELECT * from confirmed_booking";
+ $user_phone_esc = $conn->real_escape_string($user_phone);
+ $sql1 = "SELECT * from confirmed_booking WHERE phone='$user_phone_esc'";
if ($result=mysqli_query($conn,$sql1))
- {
- while ($row=mysqli_fetch_row($result))
- {
- ?>
- |
- |
- |
- |
- |
- |
+ {
+ while ($row=mysqli_fetch_row($result))
+ {
+ ?>
+ |
+ |
+ |
+ |
+ |
+ |
+ }
+ mysqli_free_result($result);
+ }?>
+