update('reviews', ['is_approved' => 1], 'review_id = :id', ['id' => $reviewId]); setFlash('success', 'Review approved'); } if ($action === 'reject' && $reviewId) { db()->update('reviews', ['is_approved' => 0], 'review_id = :id', ['id' => $reviewId]); setFlash('success', 'Review rejected'); } if ($action === 'update' && $reviewId) { $rating = max(1, min(5, intval($_POST['rating'] ?? 5))); $title = trim($_POST['title'] ?? ''); $comment = trim($_POST['comment'] ?? ''); db()->update('reviews', [ 'rating' => $rating, 'title' => $title ?: null, 'comment' => $comment ?: null, ], 'review_id = :id', ['id' => $reviewId]); setFlash('success', 'Review updated'); } if ($action === 'delete' && $reviewId) { db()->delete('reviews', 'review_id = :id', ['id' => $reviewId]); setFlash('success', 'Review deleted'); } header('Location: /admin/reviews.php'); exit; } // Filters $status = $_GET['status'] ?? ''; $rating = $_GET['rating'] ?? ''; $where = ['1=1']; $params = []; if ($status === 'pending') { $where[] = 'is_approved = 0'; } elseif ($status === 'approved') { $where[] = 'is_approved = 1'; } if ($rating) { $where[] = 'rating = :rating'; $params['rating'] = $rating; } $whereClause = implode(' AND ', $where); $reviews = db()->fetchAll( "SELECT r.*, p.name as product_name FROM reviews r LEFT JOIN products p ON r.product_id = p.product_id WHERE {$whereClause} ORDER BY r.created_at DESC LIMIT 100", $params ); // Stats $totalReviews = db()->count('reviews'); $pendingReviews = db()->count('reviews', 'is_approved = 0'); $avgRating = db()->fetch("SELECT AVG(rating) as avg FROM reviews WHERE is_approved = 1")['avg'] ?? 0; ?>
= nl2br(htmlspecialchars($review['comment'])) ?>