www.pscaluminium.com

Path : /home/vishqocm/pcib.in/admin/ajax/
Current File : //home/vishqocm/pcib.in/admin/ajax/update_application_status.php
<?php
// Start session
session_start();

// Check if user has admin privileges
if (!isset($_SESSION['role']) || ($_SESSION['role'] !== 'admin' && $_SESSION['role'] !== 'director')) {
    echo 'Unauthorized access';
    exit;
}

// Include database configuration
require_once '../../admin/database/db_config.php';

// Check if application ID is provided
if (!isset($_POST['application_id']) || empty($_POST['application_id'])) {
    echo 'Invalid application ID provided';
    exit;
}

if (!isset($_POST['status']) || empty($_POST['status'])) {
    echo 'Invalid status provided';
    exit;
}

$application_id = intval($_POST['application_id']);
$status = $_POST['status'];
$admin_notes = $_POST['admin_notes'] ?? '';

// Validate application ID format
if ($application_id <= 0) {
    echo 'Invalid application ID format';
    exit;
}

// Check if application exists
$check_query = "SELECT id, user_id, course_id, verification_token FROM enrollment_applications WHERE id = ?";
$stmt = $conn->prepare($check_query);
$stmt->bind_param("i", $application_id);
$stmt->execute();
$result = $stmt->get_result();

if ($result->num_rows === 0) {
    echo 'Application ID not found in database';
    exit;
}

$application = $result->fetch_assoc();

// Validate status
if (!in_array($status, ['pending', 'payment_pending', 'completed', 'rejected'])) {
    echo 'Invalid status value';
    exit;
}

// Begin transaction
$conn->begin_transaction();

try {
    // Update application status
    $update_query = "UPDATE enrollment_applications SET status = ?, admin_notes = ?, updated_at = NOW() WHERE id = ?";
    $stmt = $conn->prepare($update_query);
    $stmt->bind_param("ssi", $status, $admin_notes, $application_id);
    
    if (!$stmt->execute()) {
        throw new Exception("Failed to update application status: " . $conn->error);
    }
    
    // If status is 'completed', create enrollment record if it doesn't exist
    if ($status === 'completed') {
        // Check if enrollment record exists
        $check_query = "SELECT * FROM enrollments WHERE user_id = ? AND course_id = ?";
        $stmt = $conn->prepare($check_query);
        $stmt->bind_param("ii", $application['user_id'], $application['course_id']);
        $stmt->execute();
        $check_result = $stmt->get_result();
        
        if ($check_result->num_rows === 0) {
            // Create enrollment record
            $enroll_query = "INSERT INTO enrollments (course_id, user_id, status, verification_token, enrollment_date) 
                            VALUES (?, ?, 'active', ?, NOW())";
            $stmt = $conn->prepare($enroll_query);
            $stmt->bind_param("iis", $application['course_id'], $application['user_id'], $application['verification_token']);
            
            if (!$stmt->execute()) {
                throw new Exception("Failed to create enrollment record: " . $conn->error);
            }
            
            // Send notification to the user
            // Get student and course details for notification
            $notification_query = "SELECT u.email, u.first_name, c.title 
                                  FROM users u 
                                  JOIN courses c ON c.id = ? 
                                  WHERE u.id = ?";
            $stmt = $conn->prepare($notification_query);
            $stmt->bind_param("ii", $application['course_id'], $application['user_id']);
            $stmt->execute();
            $notification_result = $stmt->get_result();
            
            if ($notification_result && $notification_result->num_rows > 0) {
                $notification_data = $notification_result->fetch_assoc();
                
                // Check if email functions exist
                if (file_exists('../../includes/email_functions.php')) {
                    require_once '../../includes/email_functions.php';
                    
                    // Send enrollment confirmation email if function exists
                    if (function_exists('send_enrollment_confirmation_email')) {
                        send_enrollment_confirmation_email(
                            $notification_data['email'],
                            $notification_data['first_name'],
                            $notification_data['title']
                        );
                    }
                }
            }
        }
    }
    
    // Log the activity
    $admin_id = $_SESSION['user_id'];
    $activity_query = "INSERT INTO activities (user_id, user_type, activity_type, activity_description) 
                      VALUES (?, 'admin', 'application_update', ?)";
    $stmt = $conn->prepare($activity_query);
    $activity_description = "Application ID #" . $application_id . " status changed to " . $status;
    $stmt->bind_param("is", $admin_id, $activity_description);
    
    if (!$stmt->execute() && $conn->errno != 1146) { // Ignore error if activities table doesn't exist
        throw new Exception("Failed to log activity: " . $conn->error);
    }
    
    // Commit transaction
    $conn->commit();
    echo 'success';
    
} catch (Exception $e) {
    // Rollback transaction on error
    $conn->rollback();
    echo 'Error: ' . $e->getMessage();
}
?>