From 3159a392950f5f4c4a38b2460a9db17833d269d6 Mon Sep 17 00:00:00 2001
From: divyesh000 <divjok28@outlook.com>
Date: Thu, 23 May 2024 20:53:32 +0400
Subject: [PATCH 1/5] update OrderProduct model to allow getByID to retrieve by
 order_id only, and add 'View' button to Profile view

---
 src/controllers/Orders.php  | 80 +++++++++++++++++++++++++++++++++++++
 src/models/OrderProduct.php | 43 +++++++++++---------
 src/views/Orders.php        | 46 +++++++++++++++++++++
 src/views/Profile.php       |  1 +
 4 files changed, 152 insertions(+), 18 deletions(-)
 create mode 100644 src/controllers/Orders.php
 create mode 100644 src/views/Orders.php

diff --git a/src/controllers/Orders.php b/src/controllers/Orders.php
new file mode 100644
index 0000000..ac65f75
--- /dev/null
+++ b/src/controllers/Orders.php
@@ -0,0 +1,80 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Steamy\Controller;
+
+use Steamy\Core\Controller;
+use Steamy\Core\Utility;
+use Steamy\Model\Order;
+use Steamy\Model\OrderProduct;
+
+class Orders
+{
+    use Controller;
+
+    private array $view_data = [];
+
+    private function validateURL(): bool
+    {
+    $url = Utility::getURL();
+    $parts = explode('/', $url);
+    // Check if the URL matches the expected pattern
+    $isValidURL = preg_match('/^orders\/\d+$/', $url) === 1;
+    return $isValidURL;
+    }
+
+    private function getOrderIDFromURL(): ?int
+    {
+    if ($this->validateURL()) {
+        $url = Utility::getURL();
+        $parts = explode('/', $url);
+        // Check if the last part of the URL is a valid integer
+        $lastPart = end($parts);
+        if (is_numeric($lastPart)) {
+            return (int)$lastPart;
+        } else {
+            return null;
+        }
+    }
+    return null;
+    }
+
+
+    private function handleInvalidURL(): void
+    {
+        if (!$this->validateURL()) {
+            (new Error())->handlePageNotFoundError();
+            die();
+        }
+    }
+
+    public function index(): void
+    {
+        $this->handleInvalidURL();
+
+        $order_id = $this->getOrderIDFromURL();
+        if ($order_id === null) {
+            (new Error())->handlePageNotFoundError();
+            die();
+        }
+
+        $order = Order::getByID($order_id);
+        if (!$order) {
+            (new Error())->handlePageNotFoundError();
+            die();
+        }
+
+        $order_products = OrderProduct::getByID($order_id);
+
+        $this->view_data['orders'] = $order;
+        $this->view_data['orderproduct'] = $order_products;
+
+        $this->view(
+            'orders',
+            $this->view_data,
+            'Order',
+            enableIndexing: false
+        );
+    }
+}
diff --git a/src/models/OrderProduct.php b/src/models/OrderProduct.php
index 2c79e13..5c4d7be 100644
--- a/src/models/OrderProduct.php
+++ b/src/models/OrderProduct.php
@@ -87,29 +87,36 @@ public function validate(): array
         return $errors;
     }
 
-    public static function getByID(int $order_id, int $product_id): ?OrderProduct
+    public static function getByID(int $order_id, int $product_id = null): ?OrderProduct
     {
-        $query = <<< EOL
-        select * from order_product
-        where order_id = :order_id and product_id = :product_id
-        EOL;
+    $query = 'SELECT * FROM order_product WHERE order_id = :order_id';
+    $params = ['order_id' => $order_id];
 
-        $result = self::query($query, ['order_id' => $order_id, 'product_id' => $product_id]);
-        if (empty($result)) {
-            return null;
-        }
-        $result = $result[0];
+    if ($product_id !== null) {
+        $query .= ' AND product_id = :product_id';
+        $params['product_id'] = $product_id;
+    }
 
-        return new OrderProduct(
-            product_id: $result->product_id,
-            cup_size: $result->cup_size,
-            milk_type: $result->milk_type,
-            quantity: $result->quantity,
-            unit_price: (float)$result->unit_price,
-            order_id: $result->order_id,
-        );
+    $result = self::query($query, $params);
+    if (empty($result)) {
+        return null;
     }
 
+    // Assuming there's only one product for a given order if product_id is not provided
+    if ($product_id === null) {
+        $result = $result[0];
+    }
+
+    return new OrderProduct(
+        product_id: $result->product_id,
+        cup_size: $result->cup_size,
+        milk_type: $result->milk_type,
+        quantity: $result->quantity,
+        unit_price: (float)$result->unit_price,
+        order_id: $result->order_id,
+    );
+   }
+
     public function getOrderID(): int
     {
         return $this->order_id;
diff --git a/src/views/Orders.php b/src/views/Orders.php
new file mode 100644
index 0000000..ee3839e
--- /dev/null
+++ b/src/views/Orders.php
@@ -0,0 +1,46 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * @var Order $orders 
+ * @var OrderProduct $orderproduct 
+ */
+
+use Steamy\Model\Order;
+use Steamy\Model\OrderProduct;
+?>
+
+<main class="container">
+    <h1>Order #<?= filter_var($orders->getOrderID(), FILTER_SANITIZE_NUMBER_INT); ?></h1>
+    <section>
+        <h2>Order Details</h2>
+        <p><strong>Order ID:</strong> <?= filter_var($orders->getOrderID(), FILTER_SANITIZE_NUMBER_INT); ?></p>
+        <p><strong>Date:</strong> <?= htmlspecialchars($orders->getCreatedDate()->format('Y-m-d H:i:s')) ?></p>
+        <p><strong>Status:</strong> <?= htmlspecialchars(ucfirst($orders->getStatus()->value)) ?></p>
+        <p><strong>Total Price:</strong> $<?= htmlspecialchars(number_format($orders->calculateTotalPrice(), 2)) ?></p>
+    </section>
+    
+    <section>
+        <h2>Order Items</h2>
+        <table>
+            <tr>
+                <th>Product Name</th>
+                <th>Quantity</th>
+                <th>Milk Type</th>
+                <th>Cup Size</th>
+                <th>Price</th>
+            </tr>
+            <?php
+            foreach ($orderproduct as $item): ?>
+                <tr>
+                    <td><?= htmlspecialchars($item->getProductName()) ?></td>
+                    <td><?= htmlspecialchars($item->getQuantity()) ?></td>
+                    <td><?= htmlspecialchars($item->getMilkType()) ?></td>
+                    <td><?= htmlspecialchars($item->getCupSize()) ?></td>
+                    <td>$<?= htmlspecialchars(number_format($item->getPrice(), 2)) ?></td>
+                </tr>
+            <?php endforeach; ?>
+        </table>
+    </section>
+</main>
diff --git a/src/views/Profile.php b/src/views/Profile.php
index e4b95f3..f4cfa03 100644
--- a/src/views/Profile.php
+++ b/src/views/Profile.php
@@ -105,6 +105,7 @@
                         <td>\$$totalPrice</td>
                         <td class="grid">
                             <button>cancel</button>
+                            <a href="/orders/$id"><button type="button">View</button></a>
                         </td>
                     </tr>
                     EOL;

From 8787cad8b5a5eeefac2cb3280e4e7c0089722b2b Mon Sep 17 00:00:00 2001
From: creme332 <65414576+creme332@users.noreply.github.com>
Date: Thu, 30 May 2024 19:57:46 +0400
Subject: [PATCH 2/5] set fixed height to each action button

---
 src/views/Profile.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/views/Profile.php b/src/views/Profile.php
index 44fe1f9..6051efe 100644
--- a/src/views/Profile.php
+++ b/src/views/Profile.php
@@ -112,10 +112,10 @@
 
                         <td>
                             <form style="display: flex; gap:1em;" method="post">
-                                <a href="/orders/$id"><button type="button">View</button></a>
+                                <a style="height: 60px" class="secondary" href="/orders/$id" role="button">View</a>
                                 <input type="hidden" name="order_id" value="$id">
-                                <button type="submit" name="cancel_order" $cancelDisabled>Cancel</button>
-                                <button type="submit" name="reorder">Reorder</button>
+                                <button style="height: 60px" type="submit" name="reorder">Reorder</button>
+                                <button style="height: 60px" type="submit" name="cancel_order" $cancelDisabled>Cancel</button>
                             </form>
                         </td>
                     </tr>

From 242c6d6fa485a9bafb9fc132930639673bb970d6 Mon Sep 17 00:00:00 2001
From: creme332 <65414576+creme332@users.noreply.github.com>
Date: Thu, 30 May 2024 19:58:44 +0400
Subject: [PATCH 3/5] use better variable names, fix bug with
 htmlspecialchars()

---
 src/views/Orders.php | 28 +++++++++++++++-------------
 1 file changed, 15 insertions(+), 13 deletions(-)

diff --git a/src/views/Orders.php b/src/views/Orders.php
index ee3839e..a51e937 100644
--- a/src/views/Orders.php
+++ b/src/views/Orders.php
@@ -3,24 +3,25 @@
 declare(strict_types=1);
 
 /**
- * @var Order $orders 
- * @var OrderProduct $orderproduct 
+ * @var Order $order Current order
+ * @var OrderProduct[] $line_items Line items for current order
  */
 
 use Steamy\Model\Order;
 use Steamy\Model\OrderProduct;
+
 ?>
 
 <main class="container">
-    <h1>Order #<?= filter_var($orders->getOrderID(), FILTER_SANITIZE_NUMBER_INT); ?></h1>
+    <h1>Order #<?= filter_var($order->getOrderID(), FILTER_SANITIZE_NUMBER_INT); ?></h1>
     <section>
         <h2>Order Details</h2>
-        <p><strong>Order ID:</strong> <?= filter_var($orders->getOrderID(), FILTER_SANITIZE_NUMBER_INT); ?></p>
-        <p><strong>Date:</strong> <?= htmlspecialchars($orders->getCreatedDate()->format('Y-m-d H:i:s')) ?></p>
-        <p><strong>Status:</strong> <?= htmlspecialchars(ucfirst($orders->getStatus()->value)) ?></p>
-        <p><strong>Total Price:</strong> $<?= htmlspecialchars(number_format($orders->calculateTotalPrice(), 2)) ?></p>
+        <p><strong>Order ID:</strong> <?= filter_var($order->getOrderID(), FILTER_SANITIZE_NUMBER_INT); ?></p>
+        <p><strong>Date:</strong> <?= htmlspecialchars($order->getCreatedDate()->format('Y-m-d H:i:s')) ?></p>
+        <p><strong>Status:</strong> <?= htmlspecialchars(ucfirst($order->getStatus()->value)) ?></p>
+        <p><strong>Total Price:</strong> $<?= htmlspecialchars(number_format($order->calculateTotalPrice(), 2)) ?></p>
     </section>
-    
+
     <section>
         <h2>Order Items</h2>
         <table>
@@ -29,18 +30,19 @@
                 <th>Quantity</th>
                 <th>Milk Type</th>
                 <th>Cup Size</th>
-                <th>Price</th>
+                <th>Unit Price</th>
             </tr>
             <?php
-            foreach ($orderproduct as $item): ?>
+            foreach ($line_items as $item): ?>
                 <tr>
                     <td><?= htmlspecialchars($item->getProductName()) ?></td>
-                    <td><?= htmlspecialchars($item->getQuantity()) ?></td>
+                    <td><?= filter_var($item->getQuantity(), FILTER_SANITIZE_NUMBER_INT) ?></td>
                     <td><?= htmlspecialchars($item->getMilkType()) ?></td>
                     <td><?= htmlspecialchars($item->getCupSize()) ?></td>
-                    <td>$<?= htmlspecialchars(number_format($item->getPrice(), 2)) ?></td>
+                    <td>$<?= (number_format($item->getUnitPrice(), 2)) ?></td>
                 </tr>
-            <?php endforeach; ?>
+            <?php
+            endforeach; ?>
         </table>
     </section>
 </main>

From 401db2bb77f28ff9c8a618d2462941ca0d98b7d8 Mon Sep 17 00:00:00 2001
From: creme332 <65414576+creme332@users.noreply.github.com>
Date: Thu, 30 May 2024 19:59:19 +0400
Subject: [PATCH 4/5] format file, update view data variable names, fetch line
 items appropriately

---
 src/controllers/Orders.php | 42 ++++++++++++++++++--------------------
 1 file changed, 20 insertions(+), 22 deletions(-)

diff --git a/src/controllers/Orders.php b/src/controllers/Orders.php
index ac65f75..1cc1205 100644
--- a/src/controllers/Orders.php
+++ b/src/controllers/Orders.php
@@ -17,27 +17,25 @@ class Orders
 
     private function validateURL(): bool
     {
-    $url = Utility::getURL();
-    $parts = explode('/', $url);
-    // Check if the URL matches the expected pattern
-    $isValidURL = preg_match('/^orders\/\d+$/', $url) === 1;
-    return $isValidURL;
+        $url = Utility::getURL();
+        // Check if the URL matches the expected pattern
+        return preg_match('/^orders\/\d+$/', $url) === 1;
     }
 
     private function getOrderIDFromURL(): ?int
     {
-    if ($this->validateURL()) {
-        $url = Utility::getURL();
-        $parts = explode('/', $url);
-        // Check if the last part of the URL is a valid integer
-        $lastPart = end($parts);
-        if (is_numeric($lastPart)) {
-            return (int)$lastPart;
-        } else {
-            return null;
+        if ($this->validateURL()) {
+            $url = Utility::getURL();
+            $parts = explode('/', $url);
+            // Check if the last part of the URL is a valid integer
+            $lastPart = end($parts);
+            if (is_numeric($lastPart)) {
+                return (int)$lastPart;
+            } else {
+                return null;
+            }
         }
-    }
-    return null;
+        return null;
     }
 
 
@@ -56,24 +54,24 @@ public function index(): void
         $order_id = $this->getOrderIDFromURL();
         if ($order_id === null) {
             (new Error())->handlePageNotFoundError();
-            die();
+            return;
         }
 
         $order = Order::getByID($order_id);
         if (!$order) {
             (new Error())->handlePageNotFoundError();
-            die();
+            return;
         }
 
-        $order_products = OrderProduct::getByID($order_id);
+        $order_products = Order::getOrderProducts($order->getOrderID());
 
-        $this->view_data['orders'] = $order;
-        $this->view_data['orderproduct'] = $order_products;
+        $this->view_data['order'] = $order;
+        $this->view_data['line_items'] = $order_products;
 
         $this->view(
             'orders',
             $this->view_data,
-            'Order',
+            'Order #' . $order_id,
             enableIndexing: false
         );
     }

From 93721c5dd5d83f9179610b8f884e751b92370002 Mon Sep 17 00:00:00 2001
From: divyesh000 <divjok28@outlook.com>
Date: Sat, 1 Jun 2024 08:23:05 +0400
Subject: [PATCH 5/5] rename `deleteOrder` to `cancelOrder` in `Order` model,
 update implementation to update order status to 'cancelled' instead of
 deleting, and update `Profile` controller and view to reflect the change

---
 src/controllers/Profile.php |  2 +-
 src/models/Order.php        | 12 +++---------
 src/views/Profile.php       |  2 +-
 3 files changed, 5 insertions(+), 11 deletions(-)

diff --git a/src/controllers/Profile.php b/src/controllers/Profile.php
index f6c7892..e518acb 100644
--- a/src/controllers/Profile.php
+++ b/src/controllers/Profile.php
@@ -145,7 +145,7 @@ public function cancelOrder(): void
         }
 
         // Cancel the order
-        $order->deleteOrder();
+        $order->cancelOrder();
     }
 
     private function handleProfileEditSubmission(): void
diff --git a/src/models/Order.php b/src/models/Order.php
index c20cd86..07377be 100644
--- a/src/models/Order.php
+++ b/src/models/Order.php
@@ -260,21 +260,15 @@ public static function getByID(int $order_id): ?Order
     }
 
     /**
-     * Deletes the order and associated line items from the database.
+     * Cancels the order and associated line items from the database.
      */
-    public function deleteOrder(): void
+    public function cancelOrder(): void
     {
         $conn = self::connect();
         $conn->beginTransaction();
 
         try {
-            // Delete line items first
-            $query = "DELETE FROM order_product WHERE order_id = :order_id";
-            $stm = $conn->prepare($query);
-            $stm->execute(['order_id' => $this->order_id]);
-
-            // Delete the order itself
-            $query = "DELETE FROM `order` WHERE order_id = :order_id";
+            $query = "UPDATE `order` SET status = 'cancelled' WHERE order_id = :order_id";
             $stm = $conn->prepare($query);
             $stm->execute(['order_id' => $this->order_id]);
 
diff --git a/src/views/Profile.php b/src/views/Profile.php
index 6051efe..3987139 100644
--- a/src/views/Profile.php
+++ b/src/views/Profile.php
@@ -100,7 +100,7 @@
                     $totalPrice = htmlspecialchars(number_format($order->calculateTotalPrice(), 2));
 
                     // Determine button states
-                    $cancelDisabled = $order->getStatus()->value === 'completed' ? 'disabled' : '';
+                    $cancelDisabled = ($order->getStatus()->value === 'completed' || $order->getStatus()->value === 'cancelled') ? 'disabled' : '';
 
                     echo <<< EOL
                     <tr>