????
Your IP : 216.73.216.152
<?php
/*
$Id: designs.php
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
Released under the GNU General Public License
*/
require('includes/application_top.php');
require(DIR_WS_CLASSES . 'currencies.php');
$currencies = new currencies();
$orders_statuses = array();
$orders_status_array = array();
$orders_status_query = tep_db_query("select orders_status_id, orders_status_name from " . TABLE_ORDERS_STATUS . " where language_id = '" . (int)$languages_id . "'");
while ($orders_status = tep_db_fetch_array($orders_status_query)) {
$orders_statuses[] = array('id' => $orders_status['orders_status_id'],
'text' => $orders_status['orders_status_name']);
$orders_status_array[$orders_status['orders_status_id']] = $orders_status['orders_status_name'];
}
$action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : '');
if (tep_not_null($action)) {
switch ($action) {
case 'update_design':
$oID = tep_db_prepare_input($HTTP_GET_VARS['oID']);
$d_name = tep_db_prepare_input($HTTP_POST_VARS['name']);
$d_description = tep_db_prepare_input($HTTP_POST_VARS['description']);
$d_data = tep_db_prepare_input($HTTP_POST_VARS['data']);
$comments = tep_db_prepare_input($HTTP_POST_VARS['comments']);
$order_updated = false;
$check_status_query = tep_db_query("select designs_name, designs_description, designs_comment, designs_data, date_expires from " . TABLE_DESIGNS . " where designs_id = '" . (int)$oID . "'");
$check_status = tep_db_fetch_array($check_status_query);
if ( ($check_status['designs_name'] != $d_name) || ($check_status['designs_description'] != $d_description) || ($check_status['designs_comment'] != $comments) || ($check_status['designs_data'] != $d_data)) {
tep_db_query("update " . TABLE_DESIGNS . " set designs_name = '" . tep_db_input($d_name) . "', designs_description = '" . tep_db_input($d_description) . "', designs_comment = '" . tep_db_input($comments) . "', designs_data = '" . tep_db_input($d_data) . "' where designs_id = '" . (int)$oID . "'");
$order_updated = true;
}
if ($order_updated == true) {
$messageStack->add_session(SUCCESS_ORDER_UPDATED, 'success');
} else {
$messageStack->add_session(WARNING_ORDER_NOT_UPDATED, 'warning');
}
tep_redirect(tep_href_link(FILENAME_DESIGNS, tep_get_all_get_params(array('action')) . 'action=edit'));
break;
case 'new_design':
$cID = tep_db_prepare_input($HTTP_GET_VARS['cID']);
// $d_name = tep_db_prepare_input($HTTP_POST_VARS['name']);
// $d_description = tep_db_prepare_input($HTTP_POST_VARS['description']);
$d_data = 'A101BKXXXXXXXXXX110GLBKXXGLSLBKRDYEXXXXXX';
// $comments = tep_db_prepare_input($HTTP_POST_VARS['comments']);
$order_updated = false;
// $check_status_query = tep_db_query("select designs_name, designs_description, designs_comment, designs_data, date_expires from " . TABLE_DESIGNS . " where designs_id = '" . (int)$oID . "'");
// $check_status = tep_db_fetch_array($check_status_query);
tep_db_query("insert into " . TABLE_DESIGNS . " (customers_id, date_created, designs_data) values ('" . (int)$cID . "', now(), '" . tep_db_input($d_data) . "')");
$order_updated = true;
if ($order_updated == true) {
$messageStack->add_session(SUCCESS_ORDER_UPDATED, 'success');
} else {
$messageStack->add_session(WARNING_ORDER_NOT_UPDATED, 'warning');
}
tep_redirect(tep_href_link(FILENAME_DESIGNS, tep_get_all_get_params(array('oID', 'action'))));
break;
case 'deleteconfirm':
$oID = tep_db_prepare_input($HTTP_GET_VARS['oID']);
tep_remove_design($oID);
tep_redirect(tep_href_link(FILENAME_DESIGNS, tep_get_all_get_params(array('oID', 'action'))));
break;
}
}
if (($action == 'edit') && isset($HTTP_GET_VARS['oID'])) {
$oID = tep_db_prepare_input($HTTP_GET_VARS['oID']);
$orders_query = tep_db_query("select designs_id from " . TABLE_DESIGNS . " where designs_id = '" . (int)$oID . "'");
$order_exists = true;
if (!tep_db_num_rows($orders_query)) {
$order_exists = false;
$messageStack->add(sprintf(ERROR_ORDER_DOES_NOT_EXIST, $oID), 'error');
}
}
include(DIR_WS_CLASSES . 'order.php');
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php echo HTML_PARAMS; ?>>
<head><script src="//cdn.optimizely.com/js/1865631164.js"></script>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
<title><?php echo TITLE; ?></title>
<link rel="stylesheet" type="text/css" href="includes/stylesheet.css">
<script language="javascript" src="includes/general.js"></script>
</head>
<body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" bgcolor="#FFFFFF">
<!-- header //-->
<?php
require(DIR_WS_INCLUDES . 'header.php');
?>
<!-- header_eof //-->
<!-- body //-->
<table border="0" width="100%" cellspacing="2" cellpadding="2">
<tr>
<td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="1" cellpadding="1" class="columnLeft">
<!-- left_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_left.php'); ?>
<!-- left_navigation_eof //-->
</table></td>
<!-- body_text //-->
<td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
<?php
if (($action == 'edit') && ($order_exists == true)) {
// $order = new order($oID);
$orders_query_raw = "select d.designs_id, c.customers_firstname, c.customers_lastname, c.customers_telephone, c.customers_email_address, a.entry_street_address, a.entry_city, z.zone_code, a.entry_postcode, d.date_created, d.designs_name, d.designs_description, d.designs_comment, d.designs_data from " . TABLE_DESIGNS . " d , " . TABLE_CUSTOMERS . " c, " . TABLE_ADDRESS_BOOK . " a, " . TABLE_ZONES . " z where d.designs_id = '" . (int)$oID . "' and (c.customers_id = d.customers_id) and (a.customers_id = d.customers_id) and (z.zone_id = a.entry_zone_id)";
$orders_query = tep_db_query($orders_query_raw);
$orders = tep_db_fetch_array($orders_query);
$infoo = tep_href_link(FILENAME_DESIGNS, tep_get_all_get_params(array('action')) . 'action=update_design');
?>
<tr>
<td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr>
<td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
<td class="pageHeading" align="right"><?php echo tep_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
<td class="pageHeading" align="right"><?php echo '<a href="' . tep_href_link(FILENAME_DESIGNS, tep_get_all_get_params(array('action'))) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a>'; ?></td>
</tr>
</table></td>
</tr>
<tr>
<td><table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td colspan="3"><?php echo tep_draw_separator(); ?></td>
</tr>
<tr>
<td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td class="main" valign="top"><b><?php echo ENTRY_CUSTOMER; ?></b></td>
<td class="main"><?php echo $orders['customers_firstname'] . ' '. $orders['customers_lastname'] . '<br>' . $orders['entry_street_address'] . '<br>' . $orders['entry_city'] . ', ' . $orders['zone_code'] . '<br>' . $orders['entry_postcode'] . '<br>' ; ?></td>
</tr>
<tr>
<td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '1', '5'); ?></td>
</tr>
<tr>
<td class="main"><b><?php echo ENTRY_TELEPHONE_NUMBER; ?></b></td>
<td class="main"><?php echo $orders['customers_telephone']; ?></td>
</tr>
<tr>
<td class="main"><b><?php echo ENTRY_EMAIL_ADDRESS; ?></b></td>
<td class="main"><?php echo '<a href="mailto:' . $orders['customers_email_address'] . '"><u>' . $orders['customers_email_address'] . '</u></a>'; ?></td>
</tr>
</table></td>
</tr>
</table></td>
</tr>
<tr>
<td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
</tr>
<tr>
<td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
</tr>
<!-- ag_plus //-->
<tr>
<center>
<object classid="clsid:166B1BCA-3F9C-11CF-8075-444553540000"
codebase="http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab#version=8,5,1,0"
ID=dirtest11 width=800 height=600>
<param name=src value="../design/dirtest11.dcr">
<param name=swRemote value="swSaveEnabled='false' swVolume='false' swRestart='false' swPausePlay='false' swFastForward='false' swContextMenu='false'">
<param name=swStretchStyle value=none>
<PARAM NAME=bgColor VALUE=#000000>
<param name="sw1" value=<?php echo '"' . rtrim($orders['designs_data']) . '">'; ?>
<param name="sw2" value="value 2 goes here">
<param name="sw2" value=<?php echo '"' . $infoo . '">'; ?>
<embed src="../design/dirtest11.dcr" bgColor=#000000 width=800 height=600 swRemote="swSaveEnabled='false' swVolume='false' swRestart='false' swPausePlay='false' swFastForward='false' swContextMenu='false'" swStretchStyle=none
type="application/x-director" pluginspage="http://www.macromedia.com/shockwave/download/" sw1=<?php echo '"' . rtrim($orders['designs_data']) . '"'; ?> sw2=<?php echo '"' . $infoo . '"'; ?> ></embed>
</object>
</center>
</tr>
<!-- ag_plus_eof //-->
<tr>
<td><?php echo tep_draw_separator('pixel_trans.gif', '1', '5'); ?></td>
</tr>
<tr><?php echo tep_draw_form('status', FILENAME_DESIGNS, tep_get_all_get_params(array('action')) . 'action=update_design'); ?>
<td><table border="0" cellspacing="0" cellpadding="2">
<tr>
<td><table border="0" cellspacing="0" cellpadding="3">
<tr>
<td class="main"><b><?php echo TABLE_HEADING_NAME; ?></b></td>
<td class="main"><?php echo tep_draw_input_field('name', $orders['designs_name'], 'maxlength="64", size="60"'); ?></td>
</tr>
<tr>
<td class="main"><b><?php echo TABLE_HEADING_DESCRIPTION; ?></b></td>
<td class="main"><?php echo tep_draw_input_field('description', $orders['designs_description'] , 'maxlength="64", size="60"'); ?></td>
</tr>
<tr>
<td class="main"><b><?php echo TABLE_HEADING_DATA; ?><b></td>
<td class="main"><?php echo tep_draw_input_field('data', $orders['designs_data'], 'maxlength="64", size="60"'); ?></td>
</tr>
</table></td>
</tr>
</td>
<tr>
<td class="main"><br><b><?php echo TABLE_HEADING_COMMENTS; ?></b></td>
</tr>
<td class="main"><?php echo tep_draw_textarea_field('comments', 'soft', '76', '5', $orders['designs_comment']); ?></td>
</tr>
<tr>
<td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
</tr>
<tr>
<td><table border="0" cellspacing="0" cellpadding="2">
<tr>
<td valign="top"><?php echo tep_image_submit('button_update.gif', IMAGE_UPDATE); ?></td>
</tr>
</table></td>
</form></tr>
<tr>
<td class="main"><?php echo $infoo; ?></td>
</tr>
<tr>
<td colspan="2" align="right"><?php echo '<a href="' . tep_href_link(FILENAME_DESIGNS, tep_get_all_get_params(array('action'))) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a>'; ?></td>
</tr>
<?php
} else {
?>
<tr>
<td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr>
<td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
<td class="pageHeading" align="right"><?php echo tep_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
<td align="right"><table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr><?php echo tep_draw_form('orders', FILENAME_ORDERS, '', 'get'); ?>
<td class="smallText" align="right"><?php echo HEADING_TITLE_SEARCH . ' ' . tep_draw_input_field('oID', '', 'size="12"') . tep_draw_hidden_field('action', 'edit'); ?></td>
</form></tr>
</table></td>
</tr>
</table></td>
</tr>
<tr>
<td><table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr>
<td valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
<tr class="dataTableHeadingRow">
<td class="dataTableHeadingContent"><?php echo TABLE_HEADING_CUSTOMERS; ?></td>
<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ORDER_TOTAL; ?></td>
<td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_DATE_PURCHASED; ?></td>
<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_STATUS; ?></td>
<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACTION; ?> </td>
</tr>
<?php
if (isset($HTTP_GET_VARS['cID'])) {
$cID = tep_db_prepare_input($HTTP_GET_VARS['cID']);
$orders_query_raw = "select d.designs_id, d.customers_id, c.customers_firstname, c.customers_lastname, d.date_created, d.designs_name, d.designs_description from " . TABLE_DESIGNS . " d , " . TABLE_CUSTOMERS . " c where (d.customers_id = c.customers_id) and d.customers_id = '" . (int)$cID . "' order by d.designs_id DESC";
} else {
$orders_query_raw = "select d.designs_id, d.customers_id, c.customers_firstname, c.customers_lastname, d.date_created, d.designs_name, d.designs_description from " . TABLE_DESIGNS . " d , " . TABLE_CUSTOMERS . " c where (d.customers_id = c.customers_id) order by d.designs_id DESC";
}
$orders_split = new splitPageResults($HTTP_GET_VARS['page'], MAX_DISPLAY_SEARCH_RESULTS, $orders_query_raw, $orders_query_numrows);
$orders_query = tep_db_query($orders_query_raw);
while ($orders = tep_db_fetch_array($orders_query)) {
if ((!isset($HTTP_GET_VARS['oID']) || (isset($HTTP_GET_VARS['oID']) && ($HTTP_GET_VARS['oID'] == $orders['designs_id']))) && !isset($oInfo)) {
$oInfo = new objectInfo($orders);
}
if (isset($oInfo) && is_object($oInfo) && ($orders['designs_id'] == $oInfo->designs_id)) {
echo ' <tr id="defaultSelected" class="dataTableRowSelected" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . tep_href_link(FILENAME_DESIGNS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->designs_id . '&action=edit') . '\'">' . "\n";
} else {
echo ' <tr class="dataTableRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . tep_href_link(FILENAME_DESIGNS, tep_get_all_get_params(array('oID')) . 'oID=' . $orders['designs_id']) . '\'">' . "\n";
}
?>
<td class="dataTableContent"><?php echo '<a href="' . tep_href_link(FILENAME_DESIGNS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $orders['designs_id'] . '&action=edit') . '">' . tep_image(DIR_WS_ICONS . 'preview.gif', ICON_PREVIEW) . '</a> ' . $orders['customers_firstname']; ?></td>
<td class="dataTableContent" align="right"><?php echo strip_tags($orders['customers_lastname']); ?></td>
<td class="dataTableContent" align="center"><?php echo tep_datetime_short($orders['date_created']); ?></td>
<td class="dataTableContent" align="right"><?php echo $orders['designs_name']; ?></td>
<td class="dataTableContent" align="right"><?php if (isset($oInfo) && is_object($oInfo) && ($orders['designs_id'] == $oInfo->designs_id)) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '<a href="' . tep_href_link(FILENAME_DESIGNS, tep_get_all_get_params(array('oID')) . 'oID=' . $orders['designs_id']) . '">' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . '</a>'; } ?> </td>
</tr>
<?php
}
?>
<tr>
<td colspan="5"><table border="0" width="100%" cellspacing="0" cellpadding="2">
<tr>
<td class="smallText" valign="top"><?php echo $orders_split->display_count($orders_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_DESIGNS); ?></td>
<td class="smallText" align="right"><?php echo $orders_split->display_links($orders_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page'], tep_get_all_get_params(array('page', 'oID', 'action'))); ?></td>
</tr>
</table></td>
</tr>
</table></td>
<?php
$heading = array();
$contents = array();
switch ($action) {
case 'delete':
$heading[] = array('text' => '<b>' . TEXT_INFO_HEADING_DELETE_ORDER . '</b>');
$contents = array('form' => tep_draw_form('orders', FILENAME_DESIGNS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->designs_id . '&action=deleteconfirm'));
$contents[] = array('text' => TEXT_INFO_DELETE_INTRO . '<br><br><b>' . $cInfo->customers_firstname . ' ' . $cInfo->customers_lastname . '</b>');
$contents[] = array('align' => 'center', 'text' => '<br>' . tep_image_submit('button_delete.gif', IMAGE_DELETE) . ' <a href="' . tep_href_link(FILENAME_DESIGNS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->designs_id) . '">' . tep_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>');
break;
default:
if (isset($oInfo) && is_object($oInfo)) {
$heading[] = array('text' => '<b>[' . $oInfo->designs_id . '] ' . tep_datetime_short($oInfo->date_created) . '</b>');
$contents[] = array('align' => 'center', 'text' => '<a href="' . tep_href_link(FILENAME_DESIGNS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->designs_id . '&action=edit') . '">' . tep_image_button('button_edit.gif', IMAGE_EDIT) . '</a> <a href="' . tep_href_link(FILENAME_DESIGNS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->designs_id . '&action=delete') . '">' . tep_image_button('button_delete.gif', IMAGE_DELETE) . '</a> <br> <a href="' . tep_href_link(FILENAME_DESIGNS, tep_get_all_get_params(array('cID', 'action')) . 'cID=' . $oInfo->customers_id . '&action=new_design') . '">' . tep_image_button('button_new.gif', IMAGE_NEW_DESIGN) . '</a>');
$contents[] = array('text' => '<br>' . TEXT_DATE_ORDER_CREATED . ' ' . tep_date_short($oInfo->date_created));
$contents[] = array('text' => '<br>' . TEXT_INFO_PAYMENT_METHOD . ' ' . $oInfo->designs_name);
} else {
if (isset($HTTP_GET_VARS['cID'])) {
$cID = tep_db_prepare_input($HTTP_GET_VARS['cID']);
$check_customer_query = tep_db_query("select customers_id, customers_firstname, customers_lastname from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$cID . "'");
$check_customer = tep_db_fetch_array($check_customer_query);
if ($check_customer['customers_id'] == $cID) {
$heading[] = array('text' => '<b>' . $check_customer['customers_firstname'] .' '. $check_customer['customers_lastname'] . '</b>');
$contents[] = array('align' => 'center', 'text' => '<a href="' . tep_href_link(FILENAME_DESIGNS, tep_get_all_get_params(array('cID', 'action')) . 'cID=' . $cID . '&action=new_design') . '">' . tep_image_button('button_new.gif', IMAGE_NEW_DESIGN) . '</a>');
}
}
}
break;
}
if ( (tep_not_null($heading)) && (tep_not_null($contents)) ) {
echo ' <td width="25%" valign="top">' . "\n";
$box = new box;
echo $box->infoBox($heading, $contents);
echo ' </td>' . "\n";
}
?>
</tr>
</table></td>
</tr>
<?php
}
?>
</table></td>
<!-- body_text_eof //-->
</tr>
</table>
<!-- body_eof //-->
<!-- footer //-->
<?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
<!-- footer_eof //-->
<br>
<!-- Hotjar Tracking Code for wanderfuls.com -->
<script>
(function(h,o,t,j,a,r){
h.hj=h.hj||function(){(h.hj.q=h.hj.q||[]).push(arguments)};
h._hjSettings={hjid:78806,hjsv:5};
a=o.getElementsByTagName('head')[0];
r=o.createElement('script');r.async=1;
r.src=t+h._hjSettings.hjid+j+h._hjSettings.hjsv;
a.appendChild(r);
})(window,document,'//static.hotjar.com/c/hotjar-','.js?sv=');
</script></body>
</html>
<?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>