<?php

    session_start();
    
    if(!isset($_SESSION['user_ID']) || !isset($_SESSION['is_admin']) || !$_SESSION['is_admin']) {
        header("Location: ./Log In.php");
    }

    require './connect.php';
    require './SendEmail.php';

    if(!isset($_POST['order_id'])) {
        header("Location: ./PendingOrders.php");
        die();
    }

    $res = mysqli_query($conn, "SELECT * FROM orders WHERE id={$_POST['order_id']};");

    if(mysqli_num_rows($res) >= 1) {
        $row = $res->fetch_assoc();
        $email = mysqli_query($conn, "SELECT email FROM users WHERE user_id={$row['user_id']}")->fetch_assoc()['email'];

        if($row['status'] == 'p') {
            mysqli_query($conn, "UPDATE orders SET status = 'a', shipped_date = CURDATE() WHERE id={$_POST['order_id']};");
            SendMail($email, "InnovaDB Update\n", "Your order with id({$row['id']}) has been APPROVED\n");
        }
    }


    header("Location: ./PendingOrders.php");
    die();
?>