[phpBB Debug] PHP Warning: in file [ROOT]/includes/crs/crs_misc_functions.php on line 37: mime_content_type(): Empty filename or path
[phpBB Debug] PHP Warning: in file [ROOT]/includes/crs/crs_misc_functions.php on line 37: mime_content_type(): Empty filename or path
Zen Cart 源代码 orders.php

Zen Cart 源代码 orders.php




下载文件

文件名: orders.php
文件类型: PHP文件
文件大小: 61.84 KiB
MD5: dff2d3ab0380757edb684a43e877c362

orders.php - 关闭高亮
  1. <?php
  2. /**
  3.  * @package admin
  4.  * @copyright Copyright 2003-2014 Zen Cart Development Team
  5.  * @copyright Portions Copyright 2003 osCommerce
  6.  * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
  7.  * @version GIT: $Id: Author: DrByte  Jun 30 2014 Modified in v1.5.4 $
  8.  */
  9.  
  10.   require('includes/application_top.php');
  11.  
  12.   // unset variable which is sometimes tainted by bad plugins like magneticOne tools
  13.   if (isset($module)) unset($module);
  14.  
  15.   require(DIR_WS_CLASSES . 'currencies.php');
  16.   $currencies = new currencies();
  17.  
  18.   if (isset($_GET['oID'])) $_GET['oID'] = (int)$_GET['oID'];
  19.   if (isset($_GET['download_reset_on'])) $_GET['download_reset_on'] = (int)$_GET['download_reset_on'];
  20.   if (isset($_GET['download_reset_off'])) $_GET['download_reset_off'] = (int)$_GET['download_reset_off'];
  21.  
  22.   include(DIR_WS_CLASSES . 'order.php');
  23.  
  24.   // prepare order-status pulldown list
  25.   $orders_statuses = array();
  26.   $orders_status_array = array();
  27.   $orders_status = $db->Execute("select orders_status_id, orders_status_name
  28.                                 from " . TABLE_ORDERS_STATUS . "
  29.                                 where language_id = '" . (int)$_SESSION['languages_id'] . "' order by orders_status_id");
  30.   while (!$orders_status->EOF) {
  31.     $orders_statuses[] = array('id' => $orders_status->fields['orders_status_id'],
  32.                                'text' => $orders_status->fields['orders_status_name'] . ' [' . $orders_status->fields['orders_status_id'] . ']');
  33.     $orders_status_array[$orders_status->fields['orders_status_id']] = $orders_status->fields['orders_status_name'];
  34.     $orders_status->MoveNext();
  35.   }
  36.  
  37.   $action = (isset($_GET['action']) ? $_GET['action'] : '');
  38.   $order_exists = false;
  39.   if (isset($_GET['oID']) && trim($_GET['oID']) == '') unset($_GET['oID']);
  40.   if ($action == 'edit' && !isset($_GET['oID'])) $action = '';
  41.  
  42.   $oID = FALSE;
  43.   if (isset($_POST['oID'])) {
  44.     $oID = zen_db_prepare_input(trim($_POST['oID']));
  45.   } elseif (isset($_GET['oID'])) {
  46.     $oID = zen_db_prepare_input(trim($_GET['oID']));
  47.   }
  48.   if ($oID) {
  49.     $orders = $db->Execute("select orders_id from " . TABLE_ORDERS . "
  50.                              where orders_id = '" . (int)$oID . "'");
  51.     $order_exists = true;
  52.     if ($orders->RecordCount() <= 0) {
  53.       $order_exists = false;
  54.       if ($action != '') $messageStack->add_session(ERROR_ORDER_DOES_NOT_EXIST . ' ' . $oID, 'error');
  55.       zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')), 'NONSSL'));
  56.     }
  57.   }
  58.  
  59.   if (zen_not_null($action) && $order_exists == true) {
  60.     switch ($action) {
  61.       case 'edit':
  62.       // reset single download to on
  63.         if ($_GET['download_reset_on'] > 0) {
  64.           // adjust download_maxdays based on current date
  65.           $check_status = $db->Execute("select customers_name, customers_email_address, orders_status,
  66.                                      date_purchased from " . TABLE_ORDERS . "
  67.                                      where orders_id = '" . $_GET['oID'] . "'");
  68.  
  69.           // check for existing product attribute download days and max
  70.           $chk_products_download_query = "SELECT orders_products_id, orders_products_filename, products_prid from " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " WHERE orders_products_download_id='" . $_GET['download_reset_on'] . "'";
  71.           $chk_products_download = $db->Execute($chk_products_download_query);
  72.  
  73.           $chk_products_download_time_query = "SELECT pa.products_attributes_id, pa.products_id, pad.products_attributes_filename, pad.products_attributes_maxdays, pad.products_attributes_maxcount
  74.          from " . TABLE_PRODUCTS_ATTRIBUTES . " pa, " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad
  75.          WHERE pa.products_attributes_id = pad.products_attributes_id
  76.          and pad.products_attributes_filename = '" . $db->prepare_input($chk_products_download->fields['orders_products_filename']) . "'
  77.          and pa.products_id = '" . (int)$chk_products_download->fields['products_prid'] . "'";
  78.  
  79.           $chk_products_download_time = $db->Execute($chk_products_download_time_query);
  80.  
  81.           if ($chk_products_download_time->EOF) {
  82.             $zc_max_days = (DOWNLOAD_MAX_DAYS == 0 ? 0 : zen_date_diff($check_status->fields['date_purchased'], date('Y-m-d H:i:s', time())) + DOWNLOAD_MAX_DAYS);
  83.             $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays='" . $zc_max_days . "', download_count='" . DOWNLOAD_MAX_COUNT . "' where orders_id='" . $_GET['oID'] . "' and orders_products_download_id='" . $_GET['download_reset_on'] . "'";
  84.           } else {
  85.             $zc_max_days = ($chk_products_download_time->fields['products_attributes_maxdays'] == 0 ? 0 : zen_date_diff($check_status->fields['date_purchased'], date('Y-m-d H:i:s', time())) + $chk_products_download_time->fields['products_attributes_maxdays']);
  86.             $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays='" . $zc_max_days . "', download_count='" . $chk_products_download_time->fields['products_attributes_maxcount'] . "' where orders_id='" . $_GET['oID'] . "' and orders_products_download_id='" . $_GET['download_reset_on'] . "'";
  87.           }
  88.  
  89.           $db->Execute($update_downloads_query);
  90.           unset($_GET['download_reset_on']);
  91.  
  92.           $messageStack->add_session(SUCCESS_ORDER_UPDATED_DOWNLOAD_ON, 'success');
  93.           zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  94.         }
  95.       // reset single download to off
  96.         if ($_GET['download_reset_off'] > 0) {
  97.           // adjust download_maxdays based on current date
  98.           // *** fix: adjust count not maxdays to cancel download
  99. //          $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays='0', download_count='0' where orders_id='" . $_GET['oID'] . "' and orders_products_download_id='" . $_GET['download_reset_off'] . "'";
  100.           $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_count='0' where orders_id='" . $_GET['oID'] . "' and orders_products_download_id='" . $_GET['download_reset_off'] . "'";
  101.           $db->Execute($update_downloads_query);
  102.           unset($_GET['download_reset_off']);
  103.  
  104.           $messageStack->add_session(SUCCESS_ORDER_UPDATED_DOWNLOAD_OFF, 'success');
  105.           zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  106.         }
  107.       break;
  108.       case 'update_order':
  109.         // demo active test
  110.         if (zen_admin_demo()) {
  111.           $_GET['action']= '';
  112.           $messageStack->add_session(ERROR_ADMIN_DEMO, 'caution');
  113.           zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  114.         }
  115.         $oID = zen_db_prepare_input($_GET['oID']);
  116.         $comments = zen_db_prepare_input($_POST['comments']);
  117.         $status = (int)zen_db_prepare_input($_POST['status']);
  118.         if ($status < 1) break;
  119.  
  120.         $order_updated = false;
  121.         $check_status = $db->Execute("select customers_name, customers_email_address, orders_status,
  122.                                      date_purchased from " . TABLE_ORDERS . "
  123.                                      where orders_id = '" . (int)$oID . "'");
  124.  
  125.         if ( ($check_status->fields['orders_status'] != $status) || zen_not_null($comments)) {
  126.           $db->Execute("update " . TABLE_ORDERS . "
  127.                        set orders_status = '" . zen_db_input($status) . "', last_modified = now()
  128.                        where orders_id = '" . (int)$oID . "'");
  129.  
  130.           $customer_notified = '0';
  131.           if (isset($_POST['notify']) && ($_POST['notify'] == '1')) {
  132.  
  133.             $notify_comments = '';
  134.             if (isset($_POST['notify_comments']) && ($_POST['notify_comments'] == 'on') && zen_not_null($comments)) {
  135.               $notify_comments = EMAIL_TEXT_COMMENTS_UPDATE . $comments . "\n\n";
  136.             }
  137.             //send emails
  138.             $message =
  139.             EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID . "\n\n" .
  140.             EMAIL_TEXT_INVOICE_URL . ' ' . zen_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id=' . $oID, 'SSL') . "\n\n" .
  141.             EMAIL_TEXT_DATE_ORDERED . ' ' . zen_date_long($check_status->fields['date_purchased']) . "\n\n" .
  142.             $notify_comments .
  143.             EMAIL_TEXT_STATUS_UPDATED . sprintf(EMAIL_TEXT_STATUS_LABEL, $orders_status_array[$status] ) .
  144.             EMAIL_TEXT_STATUS_PLEASE_REPLY;
  145.  
  146.             $html_msg['EMAIL_CUSTOMERS_NAME']    = $check_status->fields['customers_name'];
  147.             $html_msg['EMAIL_TEXT_ORDER_NUMBER'] = EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID;
  148.             $html_msg['EMAIL_TEXT_INVOICE_URL']  = '<a href="' . zen_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id=' . $oID, 'SSL') .'">'.str_replace(':','',EMAIL_TEXT_INVOICE_URL).'</a>';
  149.             $html_msg['EMAIL_TEXT_DATE_ORDERED'] = EMAIL_TEXT_DATE_ORDERED . ' ' . zen_date_long($check_status->fields['date_purchased']);
  150.             $html_msg['EMAIL_TEXT_STATUS_COMMENTS'] = nl2br($notify_comments);
  151.             $html_msg['EMAIL_TEXT_STATUS_UPDATED'] = str_replace('\n','', EMAIL_TEXT_STATUS_UPDATED);
  152.             $html_msg['EMAIL_TEXT_STATUS_LABEL'] = str_replace('\n','', sprintf(EMAIL_TEXT_STATUS_LABEL, $orders_status_array[$status] ));
  153.             $html_msg['EMAIL_TEXT_NEW_STATUS'] = $orders_status_array[$status];
  154.             $html_msg['EMAIL_TEXT_STATUS_PLEASE_REPLY'] = str_replace('\n','', EMAIL_TEXT_STATUS_PLEASE_REPLY);
  155.             $html_msg['EMAIL_PAYPAL_TRANSID'] = '';
  156.  
  157.             zen_mail($check_status->fields['customers_name'], $check_status->fields['customers_email_address'], EMAIL_TEXT_SUBJECT . ' #' . $oID, $message, STORE_NAME, EMAIL_FROM, $html_msg, 'order_status');
  158.             $customer_notified = '1';
  159.  
  160.             // PayPal Trans ID, if any
  161.             $sql = "select txn_id, parent_txn_id from " . TABLE_PAYPAL . " where order_id = :orderID order by last_modified DESC, date_added DESC, parent_txn_id DESC, paypal_ipn_id DESC ";
  162.             $sql = $db->bindVars($sql, ':orderID', $oID, 'integer');
  163.             $result = $db->Execute($sql);
  164.             if ($result->RecordCount() > 0) {
  165.               $message .= "\n\n" . ' PayPal Trans ID: ' . $result->fields['txn_id'];
  166.               $html_msg['EMAIL_PAYPAL_TRANSID'] = $result->fields['txn_id'];
  167.             }
  168.  
  169.             //send extra emails
  170.             if (SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO_STATUS == '1' and SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO != '') {
  171.               zen_mail('', SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO, SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO_SUBJECT . ' ' . EMAIL_TEXT_SUBJECT . ' #' . $oID, $message, STORE_NAME, EMAIL_FROM, $html_msg, 'order_status_extra');
  172.             }
  173.           } elseif (isset($_POST['notify']) && ($_POST['notify'] == '-1')) {
  174.             // hide comment
  175.             $customer_notified = '-1';
  176.           }
  177.  
  178.           $db->Execute("insert into " . TABLE_ORDERS_STATUS_HISTORY . "
  179.                      (orders_id, orders_status_id, date_added, customer_notified, comments)
  180.                      values ('" . (int)$oID . "',
  181.                      '" . zen_db_input($status) . "',
  182.                      now(),
  183.                      '" . zen_db_input($customer_notified) . "',
  184.                      '" . zen_db_input($comments)  . "')");
  185.           $order_updated = true;
  186.         }
  187.  
  188.         // trigger any appropriate updates which should be sent back to the payment gateway:
  189.         $order = new order((int)$oID);
  190.         if ($order->info['payment_module_code']) {
  191.           if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php')) {
  192.             require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
  193.             require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
  194.             $module = new $order->info['payment_module_code'];
  195.             if (method_exists($module, '_doStatusUpdate')) {
  196.               $response = $module->_doStatusUpdate($oID, $status, $comments, $customer_notified, $check_status->fields['orders_status']);
  197.             }
  198.           }
  199.         }
  200.  
  201.         if ($order_updated == true) {
  202.           if ($status == DOWNLOADS_ORDERS_STATUS_UPDATED_VALUE) {
  203.  
  204.             // adjust download_maxdays based on current date
  205.             $chk_downloads_query = "SELECT opd.*, op.products_id from " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " opd, " . TABLE_ORDERS_PRODUCTS . " op
  206.                                    WHERE op.orders_id='" . (int)$oID . "'
  207.                                    and opd.orders_products_id = op.orders_products_id";
  208.             $chk_downloads = $db->Execute($chk_downloads_query);
  209.  
  210.             while (!$chk_downloads->EOF) {
  211.               $chk_products_download_time_query = "SELECT pa.products_attributes_id, pa.products_id, pad.products_attributes_filename, pad.products_attributes_maxdays, pad.products_attributes_maxcount
  212.                                                    from " . TABLE_PRODUCTS_ATTRIBUTES . " pa, " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad
  213.                                                    WHERE pa.products_attributes_id = pad.products_attributes_id
  214.                                                    and pad.products_attributes_filename = '" . $db->prepare_input($chk_downloads->fields['orders_products_filename']) . "'
  215.                                                    and pa.products_id = '" . $chk_downloads->fields['products_id'] . "'";
  216.  
  217.               $chk_products_download_time = $db->Execute($chk_products_download_time_query);
  218.  
  219.               if ($chk_products_download_time->EOF) {
  220.                 $zc_max_days = (DOWNLOAD_MAX_DAYS == 0 ? 0 : zen_date_diff($check_status->fields['date_purchased'], date('Y-m-d H:i:s', time())) + DOWNLOAD_MAX_DAYS);
  221.                 $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays='" . $zc_max_days . "', download_count='" . DOWNLOAD_MAX_COUNT . "' where orders_id='" . (int)$oID . "' and orders_products_download_id='" . $_GET['download_reset_on'] . "'";
  222.               } else {
  223.                 $zc_max_days = ($chk_products_download_time->fields['products_attributes_maxdays'] == 0 ? 0 : zen_date_diff($check_status->fields['date_purchased'], date('Y-m-d H:i:s', time())) + $chk_products_download_time->fields['products_attributes_maxdays']);
  224.                 $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays='" . $zc_max_days . "', download_count='" . $chk_products_download_time->fields['products_attributes_maxcount'] . "' where orders_id='" . (int)$oID . "' and orders_products_download_id='" . $chk_downloads->fields['orders_products_download_id'] . "'";
  225.               }
  226.  
  227.               $db->Execute($update_downloads_query);
  228.  
  229.               $chk_downloads->MoveNext();
  230.             }
  231.           }
  232.           $messageStack->add_session(SUCCESS_ORDER_UPDATED, 'success');
  233.           zen_record_admin_activity('Order ' . $oID . ' updated.', 'info');
  234.         } else {
  235.           $messageStack->add_session(WARNING_ORDER_NOT_UPDATED, 'warning');
  236.         }
  237.         zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  238.         break;
  239.       case 'deleteconfirm':
  240.         // demo active test
  241.         if (zen_admin_demo()) {
  242.           $_GET['action']= '';
  243.           $messageStack->add_session(ERROR_ADMIN_DEMO, 'caution');
  244.           zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')), 'NONSSL'));
  245.         }
  246.         $oID = zen_db_prepare_input($_POST['oID']);
  247.  
  248.         zen_remove_order($oID, $_POST['restock']);
  249.  
  250.         zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')), 'NONSSL'));
  251.         break;
  252.       case 'delete_cvv':
  253.         $delete_cvv = $db->Execute("update " . TABLE_ORDERS . " set cc_cvv = '" . TEXT_DELETE_CVV_REPLACEMENT . "' where orders_id = '" . (int)$_GET['oID'] . "'");
  254.         zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  255.         break;
  256.       case 'mask_cc':
  257.         $result  = $db->Execute("select cc_number from " . TABLE_ORDERS . " where orders_id = '" . (int)$_GET['oID'] . "'");
  258.         $old_num = $result->fields['cc_number'];
  259.         $new_num = substr($old_num, 0, 4) . str_repeat('*', (strlen($old_num) - 8)) . substr($old_num, -4);
  260.         $mask_cc = $db->Execute("update " . TABLE_ORDERS . " set cc_number = '" . $new_num . "' where orders_id = '" . (int)$_GET['oID'] . "'");
  261.         zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  262.         break;
  263.  
  264.       case 'doRefund':
  265.         $order = new order($oID);
  266.         if ($order->info['payment_module_code']) {
  267.           if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php')) {
  268.             require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
  269.             require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
  270.             $module = new $order->info['payment_module_code'];
  271.             if (method_exists($module, '_doRefund')) {
  272.               $module->_doRefund($oID);
  273.             }
  274.           }
  275.         }
  276.         zen_record_admin_activity('Order ' . $oID . ' refund processed. See order comments for details.', 'info');
  277.         zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  278.         break;
  279.       case 'doAuth':
  280.         $order = new order($oID);
  281.         if ($order->info['payment_module_code']) {
  282.           if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php')) {
  283.             require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
  284.             require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
  285.             $module = new $order->info['payment_module_code'];
  286.             if (method_exists($module, '_doAuth')) {
  287.               $module->_doAuth($oID, $order->info['total'], $order->info['currency']);
  288.             }
  289.           }
  290.         }
  291.         zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  292.         break;
  293.       case 'doCapture':
  294.         $order = new order($oID);
  295.         if ($order->info['payment_module_code']) {
  296.           if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php')) {
  297.             require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
  298.             require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
  299.             $module = new $order->info['payment_module_code'];
  300.             if (method_exists($module, '_doCapt')) {
  301.               $module->_doCapt($oID, 'Complete', $order->info['total'], $order->info['currency']);
  302.             }
  303.           }
  304.         }
  305.         zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  306.         break;
  307.       case 'doVoid':
  308.         $order = new order($oID);
  309.         if ($order->info['payment_module_code']) {
  310.           if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php')) {
  311.             require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
  312.             require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
  313.             $module = new $order->info['payment_module_code'];
  314.             if (method_exists($module, '_doVoid')) {
  315.               $module->_doVoid($oID);
  316.             }
  317.           }
  318.         }
  319.         zen_record_admin_activity('Order ' . $oID . ' void processed. See order comments for details.', 'info');
  320.         zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  321.         break;
  322.     }
  323.   }
  324. ?>
  325. <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
  326. <html <?php echo HTML_PARAMS; ?>>
  327. <head>
  328. <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
  329. <title><?php echo TITLE; ?></title>
  330. <link rel="stylesheet" type="text/css" href="includes/stylesheet.css">
  331. <link rel="stylesheet" type="text/css" media="print" href="includes/stylesheet_print.css">
  332. <link rel="stylesheet" type="text/css" href="includes/cssjsmenuhover.css" media="all" id="hoverJS">
  333. <script language="javascript" src="includes/menu.js"></script>
  334. <script language="javascript" src="includes/general.js"></script>
  335. <script type="text/javascript">
  336.   <!--
  337.   function init()
  338.   {
  339.     cssjsmenu('navbar');
  340.     if (document.getElementById)
  341.     {
  342.       var kill = document.getElementById('hoverJS');
  343.       kill.disabled = true;
  344.     }
  345.   }
  346.   // -->
  347. </script>
  348. <script language="javascript" type="text/javascript"><!--
  349. function couponpopupWindow(url) {
  350.   window.open(url,'popupWindow','toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=yes,resizable=yes,copyhistory=no,width=450,height=280,screenX=150,screenY=150,top=150,left=150')
  351. }
  352. //--></script>
  353. </head>
  354. <body onLoad="init()">
  355. <!-- header //-->
  356. <div class="header-area">
  357. <?php
  358.   require(DIR_WS_INCLUDES . 'header.php');
  359. ?>
  360. </div>
  361. <!-- header_eof //-->
  362.  
  363. <!-- body //-->
  364. <table border="0" width="100%" cellspacing="2" cellpadding="2">
  365. <!-- body_text //-->
  366.  
  367. <?php if ($action == '') { ?>
  368. <!-- search -->
  369.   <tr>
  370.     <td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
  371.       <tr>
  372.         <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
  373.          <tr><?php echo zen_draw_form('search', FILENAME_ORDERS, '', 'get', '', true); ?>
  374.             <td width="65%" class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
  375.             <td colspan="2" class="smallText" align="right">
  376. <?php
  377. // show reset search
  378.   if ((isset($_GET['search']) && zen_not_null($_GET['search'])) or $_GET['cID'] !='') {
  379.     echo '<a href="' . zen_href_link(FILENAME_ORDERS, '', 'NONSSL') . '">' . zen_image_button('button_reset.gif', IMAGE_RESET) . '</a><br />';
  380.   }
  381. ?>
  382. <?php
  383.   echo HEADING_TITLE_SEARCH_DETAIL . ' ' . zen_draw_input_field('search') . zen_hide_session_id();
  384.   if (isset($_GET['search']) && zen_not_null($_GET['search'])) {
  385.     $keywords = zen_db_input(zen_db_prepare_input($_GET['search']));
  386.     echo '<br/ >' . TEXT_INFO_SEARCH_DETAIL_FILTER . $keywords;
  387.   }
  388. ?>
  389.             </td>
  390.           </form>
  391.  
  392.  
  393.          <?php echo zen_draw_form('search_orders_products', FILENAME_ORDERS, '', 'get', '', true); ?>
  394.             <td class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
  395.             <td colspan="2" class="smallText" align="right">
  396. <?php
  397. // show reset search orders_products
  398.   if ((isset($_GET['search_orders_products']) && zen_not_null($_GET['search_orders_products'])) or $_GET['cID'] !='') {
  399.     echo '<a href="' . zen_href_link(FILENAME_ORDERS, '', 'NONSSL') . '">' . zen_image_button('button_reset.gif', IMAGE_RESET) . '</a><br />';
  400.   }
  401. ?>
  402. <?php
  403.   echo HEADING_TITLE_SEARCH_DETAIL_ORDERS_PRODUCTS . ' ' . zen_draw_input_field('search_orders_products') . zen_hide_session_id();
  404.   if (isset($_GET['search_orders_products']) && zen_not_null($_GET['search_orders_products'])) {
  405.     $keywords_orders_products = zen_db_input(zen_db_prepare_input($_GET['search_orders_products']));
  406.     echo '<br/ >' . TEXT_INFO_SEARCH_DETAIL_FILTER_ORDERS_PRODUCTS . zen_db_prepare_input($keywords_orders_products);
  407.   }
  408. ?>
  409.             </td>
  410.           </form>
  411.  
  412.           </tr>
  413.         </table></td>
  414.       </tr>
  415. <!-- search -->
  416. <?php } ?>
  417.  
  418.  
  419. <?php
  420.   if (($action == 'edit') && ($order_exists == true)) {
  421.     $order = new order($oID);
  422.     if ($order->info['payment_module_code']) {
  423.       if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php')) {
  424.         require(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
  425.         require(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
  426.         $module = new $order->info['payment_module_code'];
  427. //        echo $module->admin_notification($oID);
  428.       }
  429.     }
  430. ?>
  431.       <tr>
  432.         <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
  433.           <tr>
  434.             <td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
  435.             <td class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
  436.             <td class="pageHeading" align="right"><?php echo '<a href="javascript:history.back()">' . zen_image_button('button_back.gif', IMAGE_BACK) . '</a>'; ?></td>
  437.           </tr>
  438.         </table></td>
  439.       </tr>
  440.       <tr>
  441.         <td><table width="100%" border="0" cellspacing="0" cellpadding="2">
  442.           <tr>
  443.             <td colspan="3"><?php echo zen_draw_separator(); ?></td>
  444.           </tr>
  445.           <tr>
  446.             <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">
  447.               <tr>
  448.                 <td class="main" valign="top"><strong><?php echo ENTRY_CUSTOMER; ?></strong></td>
  449.                 <td class="main"><?php echo zen_address_format($order->customer['format_id'], $order->customer, 1, '', '<br />'); ?></td>
  450.               </tr>
  451.               <tr>
  452.                 <td colspan="2"><?php echo zen_draw_separator('pixel_trans.gif', '1', '5'); ?></td>
  453.               </tr>
  454.               <tr>
  455.                 <td class="main"><strong><?php echo ENTRY_TELEPHONE_NUMBER; ?></strong></td>
  456.                 <td class="main"><?php echo $order->customer['telephone']; ?></td>
  457.               </tr>
  458.               <tr>
  459.                 <td class="main"><strong><?php echo ENTRY_EMAIL_ADDRESS; ?></strong></td>
  460.                 <td class="main"><?php echo '<a href="mailto:' . $order->customer['email_address'] . '">' . $order->customer['email_address'] . '</a>'; ?></td>
  461.               </tr>
  462.               <tr>
  463.                 <td class="main"><strong><?php echo TEXT_INFO_IP_ADDRESS; ?></strong></td>
  464.                 <td class="main"><?php echo $order->info['ip_address']; ?></td>
  465.               </tr>
  466.             </table></td>
  467.             <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">
  468.               <tr>
  469.                 <td class="main" valign="top"><strong><?php echo ENTRY_SHIPPING_ADDRESS; ?></strong></td>
  470.                 <td class="main"><?php echo zen_address_format($order->delivery['format_id'], $order->delivery, 1, '', '<br />'); ?></td>
  471.               </tr>
  472.             </table></td>
  473.             <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">
  474.               <tr>
  475.                 <td class="main" valign="top"><strong><?php echo ENTRY_BILLING_ADDRESS; ?></strong></td>
  476.                 <td class="main"><?php echo zen_address_format($order->billing['format_id'], $order->billing, 1, '', '<br />'); ?></td>
  477.               </tr>
  478.             </table></td>
  479.           </tr>
  480.         </table></td>
  481.       </tr>
  482.       <tr>
  483.         <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  484.       </tr>
  485.       <tr>
  486.         <td class="main"><strong><?php echo ENTRY_ORDER_ID . $oID; ?></strong></td>
  487.       </tr>
  488.       <tr>
  489.      <td><table border="0" cellspacing="0" cellpadding="2">
  490.         <tr>
  491.            <td class="main"><strong><?php echo ENTRY_DATE_PURCHASED; ?></strong></td>
  492.            <td class="main"><?php echo zen_date_long($order->info['date_purchased']); ?></td>
  493.         </tr>
  494.         <tr>
  495.            <td class="main"><strong><?php echo ENTRY_PAYMENT_METHOD; ?></strong></td>
  496.            <td class="main"><?php echo $order->info['payment_method']; ?></td>
  497.         </tr>
  498. <?php
  499.     if (zen_not_null($order->info['cc_type']) || zen_not_null($order->info['cc_owner']) || zen_not_null($order->info['cc_number'])) {
  500. ?>
  501.           <tr>
  502.             <td colspan="2"><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  503.           </tr>
  504.           <tr>
  505.             <td class="main"><?php echo ENTRY_CREDIT_CARD_TYPE; ?></td>
  506.             <td class="main"><?php echo $order->info['cc_type']; ?></td>
  507.           </tr>
  508.           <tr>
  509.             <td class="main"><?php echo ENTRY_CREDIT_CARD_OWNER; ?></td>
  510.             <td class="main"><?php echo $order->info['cc_owner']; ?></td>
  511.           </tr>
  512.           <tr>
  513.             <td class="main"><?php echo ENTRY_CREDIT_CARD_NUMBER; ?></td>
  514.             <td class="main"><?php echo $order->info['cc_number'] . (zen_not_null($order->info['cc_number']) && !strstr($order->info['cc_number'],'X') && !strstr($order->info['cc_number'],'********') ? '&nbsp;&nbsp;<a href="' . zen_href_link(FILENAME_ORDERS, '&action=mask_cc&oID=' . $oID, 'NONSSL') . '" class="noprint">' . TEXT_MASK_CC_NUMBER . '</a>' : ''); ?><td>
  515.           </tr>
  516. <?php if (zen_not_null($order->info['cc_cvv'])) { ?>
  517.           <tr>
  518.             <td class="main"><?php echo ENTRY_CREDIT_CARD_CVV; ?></td>
  519.             <td class="main"><?php echo $order->info['cc_cvv'] . (zen_not_null($order->info['cc_cvv']) && !strstr($order->info['cc_cvv'],TEXT_DELETE_CVV_REPLACEMENT) ? '&nbsp;&nbsp;<a href="' . zen_href_link(FILENAME_ORDERS, '&action=delete_cvv&oID=' . $oID, 'NONSSL') . '" class="noprint">' . TEXT_DELETE_CVV_FROM_DATABASE . '</a>' : ''); ?><td>
  520.           </tr>
  521. <?php } ?>
  522.           <tr>
  523.             <td class="main"><?php echo ENTRY_CREDIT_CARD_EXPIRES; ?></td>
  524.             <td class="main"><?php echo $order->info['cc_expires']; ?></td>
  525.           </tr>
  526. <?php
  527.     }
  528. ?>
  529.         </table></td>
  530.       </tr>
  531. <?php
  532.       if (is_object($module) && method_exists($module, 'admin_notification')) {
  533. ?>
  534.       <tr>
  535.         <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  536.       </tr>
  537.       <tr>
  538.         <?php echo $module->admin_notification($oID); ?>
  539.       </tr>
  540.       <tr>
  541.         <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  542.       </tr>
  543. <?php
  544. }
  545. ?>
  546.       <tr>
  547.         <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
  548.           <tr class="dataTableHeadingRow">
  549.             <td class="dataTableHeadingContent" colspan="2"><?php echo TABLE_HEADING_PRODUCTS; ?></td>
  550.             <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_PRODUCTS_MODEL; ?></td>
  551.             <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TAX; ?></td>
  552.             <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_PRICE_EXCLUDING_TAX; ?></td>
  553.             <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_PRICE_INCLUDING_TAX; ?></td>
  554.             <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TOTAL_EXCLUDING_TAX; ?></td>
  555.             <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TOTAL_INCLUDING_TAX; ?></td>
  556.           </tr>
  557. <?php
  558.     for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {
  559.       if (DISPLAY_PRICE_WITH_TAX_ADMIN == 'true')
  560.       {
  561.         $priceIncTax = $currencies->format(zen_round(zen_add_tax($order->products[$i]['final_price'], $order->products[$i]['tax']),$currencies->get_decimal_places($order->info['currency'])) * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']);
  562.       } else
  563.       {
  564.         $priceIncTax = $currencies->format(zen_add_tax($order->products[$i]['final_price'], $order->products[$i]['tax']) * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']);
  565.       }
  566.       echo '          <tr class="dataTableRow">' . "\n" .
  567.            '            <td class="dataTableContent" valign="top" align="right">' . $order->products[$i]['qty'] . '&nbsp;x</td>' . "\n" .
  568.            '            <td class="dataTableContent" valign="top">' . $order->products[$i]['name'];
  569.  
  570.       if (isset($order->products[$i]['attributes']) && (sizeof($order->products[$i]['attributes']) > 0)) {
  571.         for ($j = 0, $k = sizeof($order->products[$i]['attributes']); $j < $k; $j++) {
  572.           echo '<br /><nobr><small>&nbsp;<i> - ' . $order->products[$i]['attributes'][$j]['option'] . ': ' . nl2br(zen_output_string_protected($order->products[$i]['attributes'][$j]['value']));
  573.           if ($order->products[$i]['attributes'][$j]['price'] != '0') echo ' (' . $order->products[$i]['attributes'][$j]['prefix'] . $currencies->format($order->products[$i]['attributes'][$j]['price'] * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) . ')';
  574.           if ($order->products[$i]['attributes'][$j]['product_attribute_is_free'] == '1' and $order->products[$i]['product_is_free'] == '1') echo TEXT_INFO_ATTRIBUTE_FREE;
  575.           echo '</i></small></nobr>';
  576.         }
  577.       }
  578.  
  579.       echo '            </td>' . "\n" .
  580.            '            <td class="dataTableContent" valign="top">' . $order->products[$i]['model'] . '</td>' . "\n" .
  581.            '            <td class="dataTableContent" align="right" valign="top">' . zen_display_tax_value($order->products[$i]['tax']) . '%</td>' . "\n" .
  582.            '            <td class="dataTableContent" align="right" valign="top"><strong>' .
  583.                           $currencies->format($order->products[$i]['final_price'], true, $order->info['currency'], $order->info['currency_value']) .
  584.                           ($order->products[$i]['onetime_charges'] != 0 ? '<br />' . $currencies->format($order->products[$i]['onetime_charges'], true, $order->info['currency'], $order->info['currency_value']) : '') .
  585.                         '</strong></td>' . "\n" .
  586.            '            <td class="dataTableContent" align="right" valign="top"><strong>' .
  587.                           $currencies->format(zen_add_tax($order->products[$i]['final_price'], $order->products[$i]['tax']), true, $order->info['currency'], $order->info['currency_value']) .
  588.                           ($order->products[$i]['onetime_charges'] != 0 ? '<br />' . $currencies->format(zen_add_tax($order->products[$i]['onetime_charges'], $order->products[$i]['tax']), true, $order->info['currency'], $order->info['currency_value']) : '') .
  589.                         '</strong></td>' . "\n" .
  590.            '            <td class="dataTableContent" align="right" valign="top"><strong>' .
  591.                           $currencies->format(zen_round($order->products[$i]['final_price'], $currencies->get_decimal_places($order->info['currency'])) * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) .
  592.                           ($order->products[$i]['onetime_charges'] != 0 ? '<br />' . $currencies->format($order->products[$i]['onetime_charges'], true, $order->info['currency'], $order->info['currency_value']) : '') .
  593.                         '</strong></td>' . "\n" .
  594.            '            <td class="dataTableContent" align="right" valign="top"><strong>' .
  595.                           $priceIncTax .
  596.                           ($order->products[$i]['onetime_charges'] != 0 ? '<br />' . $currencies->format(zen_add_tax($order->products[$i]['onetime_charges'], $order->products[$i]['tax']), true, $order->info['currency'], $order->info['currency_value']) : '') .
  597.                         '</strong></td>' . "\n";
  598.       echo '          </tr>' . "\n";
  599.     }
  600. ?>
  601.           <tr>
  602.             <td align="right" colspan="8"><table border="0" cellspacing="0" cellpadding="2">
  603. <?php
  604.     for ($i = 0, $n = sizeof($order->totals); $i < $n; $i++) {
  605.       echo '              <tr>' . "\n" .
  606.            '                <td align="right" class="'. str_replace('_', '-', $order->totals[$i]['class']) . '-Text">' . $order->totals[$i]['title'] . '</td>' . "\n" .
  607.            '                <td align="right" class="'. str_replace('_', '-', $order->totals[$i]['class']) . '-Amount">' . $currencies->format($order->totals[$i]['value'], false) . '</td>' . "\n" .
  608.            '              </tr>' . "\n";
  609.     }
  610. ?>
  611.             </table></td>
  612.           </tr>
  613.         </table></td>
  614.       </tr>
  615.  
  616. <?php
  617.   // show downloads
  618.   require(DIR_WS_MODULES . 'orders_download.php');
  619. ?>
  620.  
  621.       <tr>
  622.         <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  623.       </tr>
  624.       <tr>
  625.         <td class="main"><table border="1" cellspacing="0" cellpadding="5">
  626.           <tr>
  627.             <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_DATE_ADDED; ?></strong></td>
  628.             <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_CUSTOMER_NOTIFIED; ?></strong></td>
  629.             <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_STATUS; ?></strong></td>
  630.             <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_COMMENTS; ?></strong></td>
  631.           </tr>
  632. <?php
  633.     $orders_history = $db->Execute("select orders_status_id, date_added, customer_notified, comments
  634.                                    from " . TABLE_ORDERS_STATUS_HISTORY . "
  635.                                    where orders_id = '" . zen_db_input($oID) . "'
  636.                                    order by date_added");
  637.  
  638.     if ($orders_history->RecordCount() > 0) {
  639.       while (!$orders_history->EOF) {
  640.         echo '          <tr>' . "\n" .
  641.              '            <td class="smallText" align="center">' . zen_datetime_short($orders_history->fields['date_added']) . '</td>' . "\n" .
  642.              '            <td class="smallText" align="center">';
  643.         if ($orders_history->fields['customer_notified'] == '1') {
  644.           echo zen_image(DIR_WS_ICONS . 'tick.gif', TEXT_YES) . "</td>\n";
  645.         } else if ($orders_history->fields['customer_notified'] == '-1') {
  646.           echo zen_image(DIR_WS_ICONS . 'locked.gif', TEXT_HIDDEN) . "</td>\n";
  647.         } else {
  648.           echo zen_image(DIR_WS_ICONS . 'unlocked.gif', TEXT_VISIBLE) . "</td>\n";
  649.         }
  650.         echo '            <td class="smallText">' . $orders_status_array[$orders_history->fields['orders_status_id']] . '</td>' . "\n";
  651.         echo '            <td class="smallText">' . nl2br(zen_db_output($orders_history->fields['comments'])) . '&nbsp;</td>' . "\n" .
  652.              '          </tr>' . "\n";
  653.         $orders_history->MoveNext();
  654.       }
  655.     } else {
  656.         echo '          <tr>' . "\n" .
  657.              '            <td class="smallText" colspan="5">' . TEXT_NO_ORDER_HISTORY . '</td>' . "\n" .
  658.              '          </tr>' . "\n";
  659.     }
  660. ?>
  661.         </table></td>
  662.       </tr>
  663.       <tr>
  664.         <td class="main noprint"><br /><strong><?php echo TABLE_HEADING_COMMENTS; ?></strong></td>
  665.       </tr>
  666.       <tr>
  667.         <td class="noprint"><?php echo zen_draw_separator('pixel_trans.gif', '1', '5'); ?></td>
  668.       </tr>
  669.       <tr><?php echo zen_draw_form('status', FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=update_order', 'post', '', true); ?>
  670.         <td class="main noprint"><?php echo zen_draw_textarea_field('comments', 'soft', '60', '5'); ?></td>
  671.       </tr>
  672.       <tr>
  673.         <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  674.       </tr>
  675.       <tr>
  676.         <td><table border="0" cellspacing="0" cellpadding="2" class="noprint">
  677.           <tr>
  678.             <td><table border="0" cellspacing="0" cellpadding="2">
  679.               <tr>
  680.                 <td class="main"><strong><?php echo ENTRY_STATUS; ?></strong> <?php echo zen_draw_pull_down_menu('status', $orders_statuses, $order->info['orders_status']); ?></td>
  681.               </tr>
  682.               <tr>
  683.                 <td class="main"><strong><?php echo ENTRY_NOTIFY_CUSTOMER; ?></strong> [<?php echo zen_draw_radio_field('notify', '1', true) . '-' . TEXT_EMAIL . ' ' . zen_draw_radio_field('notify', '0', FALSE) . '-' . TEXT_NOEMAIL . ' ' . zen_draw_radio_field('notify', '-1', FALSE) . '-' . TEXT_HIDE; ?>]&nbsp;&nbsp;&nbsp;</td>
  684.                 <td class="main"><strong><?php echo ENTRY_NOTIFY_COMMENTS; ?></strong> <?php echo zen_draw_checkbox_field('notify_comments', '', true); ?></td>
  685.               </tr>
  686.               <tr><td><br /></td></tr>
  687.             </table></td>
  688.             <td valign="top"><?php echo zen_image_submit('button_update.gif', IMAGE_UPDATE); ?></td>
  689.           </tr>
  690.         </table></td>
  691.       </form></tr>
  692.       <tr>
  693.         <td colspan="2" align="right" class="noprint"><?php echo '<a href="' . zen_href_link(FILENAME_ORDERS_INVOICE, 'oID=' . $_GET['oID']) . '" TARGET="_blank">' . zen_image_button('button_invoice.gif', IMAGE_ORDERS_INVOICE) . '</a> <a href="' . zen_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $_GET['oID']) . '" TARGET="_blank">' . zen_image_button('button_packingslip.gif', IMAGE_ORDERS_PACKINGSLIP) . '</a> <a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action'))) . '">' . zen_image_button('button_orders.gif', IMAGE_ORDERS) . '</a>'; ?></td>
  694.       </tr>
  695. <?php
  696. // check if order has open gv
  697.         $gv_check = $db->Execute("select order_id, unique_id
  698.                                  from " . TABLE_COUPON_GV_QUEUE ."
  699.                                  where order_id = '" . $_GET['oID'] . "' and release_flag='N' limit 1");
  700.         if ($gv_check->RecordCount() > 0) {
  701.           $goto_gv = '<a href="' . zen_href_link(FILENAME_GV_QUEUE, 'order=' . $_GET['oID']) . '">' . zen_image_button('button_gift_queue.gif',IMAGE_GIFT_QUEUE) . '</a>';
  702.           echo '      <tr><td align="right"><table width="225"><tr>';
  703.           echo '        <td align="center">';
  704.           echo $goto_gv . '&nbsp;&nbsp;';
  705.           echo '        </td>';
  706.           echo '      </tr></table></td></tr>';
  707.         }
  708. ?>
  709. <?php
  710.   } else {
  711. ?>
  712.       <tr>
  713.         <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
  714.           <tr>
  715.             <td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
  716.             <td class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
  717.             <td align="right"><table border="0" width="100%" cellspacing="0" cellpadding="0">
  718.               <tr><?php echo zen_draw_form('orders', FILENAME_ORDERS, '', 'get', '', true); ?>
  719.                 <td class="smallText" align="right"><?php echo HEADING_TITLE_SEARCH . ' ' . zen_draw_input_field('oID', '', 'size="12"') . zen_draw_hidden_field('action', 'edit') . zen_hide_session_id(); ?></td>
  720.               </form></tr>
  721.               <tr><?php echo zen_draw_form('status', FILENAME_ORDERS, '', 'get', '', true); ?>
  722.                 <td class="smallText" align="right">
  723.                   <?php
  724.                     echo HEADING_TITLE_STATUS . ' ' . zen_draw_pull_down_menu('status', array_merge(array(array('id' => '', 'text' => TEXT_ALL_ORDERS)), $orders_statuses), $_GET['status'], 'onChange="this.form.submit();"');
  725.                     echo zen_hide_session_id();
  726.                   ?>
  727.                 </td>
  728.               </form></tr>
  729.             </table></td>
  730.           </tr>
  731.         </table></td>
  732.       </tr>
  733.       <tr>
  734.         <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
  735.           <tr>
  736.             <td class="smallText"><?php echo TEXT_LEGEND . ' ' . zen_image(DIR_WS_IMAGES . 'icon_status_red.gif', TEXT_BILLING_SHIPPING_MISMATCH, 10, 10) . ' ' . TEXT_BILLING_SHIPPING_MISMATCH; ?>
  737.           </td>
  738.           <tr>
  739.             <td valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
  740.               <tr class="dataTableHeadingRow">
  741. <?php
  742. // Sort Listing
  743.           switch ($_GET['list_order']) {
  744.               case "id-asc":
  745.               $disp_order = "c.customers_id";
  746.               break;
  747.               case "firstname":
  748.               $disp_order = "c.customers_firstname";
  749.               break;
  750.               case "firstname-desc":
  751.               $disp_order = "c.customers_firstname DESC";
  752.               break;
  753.               case "lastname":
  754.               $disp_order = "c.customers_lastname, c.customers_firstname";
  755.               break;
  756.               case "lastname-desc":
  757.               $disp_order = "c.customers_lastname DESC, c.customers_firstname";
  758.               break;
  759.               case "company":
  760.               $disp_order = "a.entry_company";
  761.               break;
  762.               case "company-desc":
  763.               $disp_order = "a.entry_company DESC";
  764.               break;
  765.               default:
  766.               $disp_order = "c.customers_id DESC";
  767.           }
  768. ?>
  769.                 <td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_ORDERS_ID; ?></td>
  770.                 <td class="dataTableHeadingContent" align="left" width="50"><?php echo TABLE_HEADING_PAYMENT_METHOD; ?></td>
  771.                 <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_CUSTOMERS; ?></td>
  772.                 <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ORDER_TOTAL; ?></td>
  773.                 <td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_DATE_PURCHASED; ?></td>
  774.                 <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_STATUS; ?></td>
  775.                 <td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_CUSTOMER_COMMENTS; ?></td>
  776.                 <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACTION; ?>&nbsp;</td>
  777.               </tr>
  778.  
  779. <?php
  780. // Only one or the other search
  781. // create search_orders_products filter
  782.   $search = '';
  783.   $new_table = '';
  784.   $new_fields = '';
  785.   if (isset($_GET['search_orders_products']) && zen_not_null($_GET['search_orders_products'])) {
  786.     $new_fields = '';
  787.     $search_distinct = ' distinct ';
  788.     $new_table = " left join " . TABLE_ORDERS_PRODUCTS . " op on (op.orders_id = o.orders_id) ";
  789.     $keywords = zen_db_input(zen_db_prepare_input($_GET['search_orders_products']));
  790.     $search = " and (op.products_model like '%" . $keywords . "%' or op.products_name like '" . $keywords . "%')";
  791.     if (substr(strtoupper($_GET['search_orders_products']), 0, 3) == 'ID:') {
  792.       $keywords = TRIM(substr($_GET['search_orders_products'], 3));
  793.       $search = " and op.products_id ='" . (int)$keywords . "'";
  794.     }
  795.   } else {
  796. ?>
  797. <?php
  798. // create search filter
  799.   $search = '';
  800.   if (isset($_GET['search']) && zen_not_null($_GET['search'])) {
  801.     $search_distinct = ' ';
  802.     $keywords = zen_db_input(zen_db_prepare_input($_GET['search']));
  803.     $search = " and (o.customers_city like '%" . $keywords . "%' or o.customers_postcode like '%" . $keywords . "%' or o.date_purchased like '%" . $keywords . "%' or o.billing_name like '%" . $keywords . "%' or o.billing_company like '%" . $keywords . "%' or o.billing_street_address like '%" . $keywords . "%' or o.delivery_city like '%" . $keywords . "%' or o.delivery_postcode like '%" . $keywords . "%' or o.delivery_name like '%" . $keywords . "%' or o.delivery_company like '%" . $keywords . "%' or o.delivery_street_address like '%" . $keywords . "%' or o.billing_city like '%" . $keywords . "%' or o.billing_postcode like '%" . $keywords . "%' or o.customers_email_address like '%" . $keywords . "%' or o.customers_name like '%" . $keywords . "%' or o.customers_company like '%" . $keywords . "%' or o.customers_street_address  like '%" . $keywords . "%' or o.customers_telephone like '%" . $keywords . "%' or o.ip_address  like '%" . $keywords . "%')";
  804.     $new_table = '';
  805. //    $new_fields = ", o.customers_company, o.customers_email_address, o.customers_street_address, o.delivery_company, o.delivery_name, o.delivery_street_address, o.billing_company, o.billing_name, o.billing_street_address, o.payment_module_code, o.shipping_module_code, o.ip_address ";
  806.   }
  807. } // eof: search orders or orders_products
  808.     $new_fields = ", o.customers_company, o.customers_email_address, o.customers_street_address, o.delivery_company, o.delivery_name, o.delivery_street_address, o.billing_company, o.billing_name, o.billing_street_address, o.payment_module_code, o.shipping_module_code, o.ip_address ";
  809. ?>
  810. <?php
  811.     if (isset($_GET['cID'])) {
  812.       $cID = zen_db_prepare_input($_GET['cID']);
  813.       $orders_query_raw =   "select o.orders_id, o.customers_id, o.customers_name, o.payment_method, o.shipping_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total" .
  814.                             $new_fields . "
  815.                            from (" . TABLE_ORDERS_STATUS . " s, " .
  816.                             TABLE_ORDERS . " o " .
  817.                             $new_table . ")
  818.                            left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id and ot.class = 'ot_total') " . "
  819.                            where o.customers_id = '" . (int)$cID . "' and o.orders_status = s.orders_status_id and s.language_id = '" . (int)$_SESSION['languages_id'] . "' order by orders_id DESC";
  820.  
  821. //echo '<BR><BR>I SEE A: ' . $orders_query_raw . '<BR><BR>';
  822.  
  823.     } elseif ($_GET['status'] != '') {
  824.       $status = zen_db_prepare_input($_GET['status']);
  825.       $orders_query_raw = "select o.orders_id, o.customers_id, o.customers_name, o.payment_method, o.shipping_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total" .
  826.                           $new_fields . "
  827.                          from (" . TABLE_ORDERS_STATUS . " s, " .
  828.                           TABLE_ORDERS . " o " .
  829.                           $new_table . ")
  830.                          left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id and ot.class = 'ot_total') " . "
  831.                          where o.orders_status = s.orders_status_id and s.language_id = '" . (int)$_SESSION['languages_id'] . "' and s.orders_status_id = '" . (int)$status . "'  " .
  832.                           $search . " order by o.orders_id DESC";
  833.  
  834. //echo '<BR><BR>I SEE B: ' . $orders_query_raw . '<BR><BR>';
  835.  
  836.     } else {
  837.       $orders_query_raw = "select " . $search_distinct . " o.orders_id, o.customers_id, o.customers_name, o.payment_method, o.shipping_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total" .
  838.                           $new_fields . "
  839.                          from (" . TABLE_ORDERS_STATUS . " s, " .
  840.                           TABLE_ORDERS . " o " .
  841.                           $new_table . ")
  842.                          left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id and ot.class = 'ot_total') " . "
  843.                          where (o.orders_status = s.orders_status_id and s.language_id = '" . (int)$_SESSION['languages_id'] . "')  " .
  844.                           $search . " order by o.orders_id DESC";
  845.  
  846. //echo '<BR><BR>I SEE C: ' . $orders_query_raw . '<BR><BR>';
  847.  
  848.     }
  849.  
  850. // Split Page
  851. // reset page when page is unknown
  852. if (($_GET['page'] == '' or $_GET['page'] <= 1) and $_GET['oID'] != '') {
  853.   $check_page = $db->Execute($orders_query_raw);
  854.   $check_count=1;
  855.   if ($check_page->RecordCount() > MAX_DISPLAY_SEARCH_RESULTS_ORDERS) {
  856.     while (!$check_page->EOF) {
  857.       if ($check_page->fields['orders_id'] == $_GET['oID']) {
  858.         break;
  859.       }
  860.       $check_count++;
  861.       $check_page->MoveNext();
  862.     }
  863.     $_GET['page'] = round((($check_count/MAX_DISPLAY_SEARCH_RESULTS_ORDERS)+(fmod_round($check_count,MAX_DISPLAY_SEARCH_RESULTS_ORDERS) !=0 ? .5 : 0)),0);
  864.   } else {
  865.     $_GET['page'] = 1;
  866.   }
  867. }
  868.  
  869. //    $orders_query_numrows = '';
  870.     $orders_split = new splitPageResults($_GET['page'], MAX_DISPLAY_SEARCH_RESULTS_ORDERS, $orders_query_raw, $orders_query_numrows);
  871.     $orders = $db->Execute($orders_query_raw);
  872.     while (!$orders->EOF) {
  873.     if ((!isset($_GET['oID']) || (isset($_GET['oID']) && ($_GET['oID'] == $orders->fields['orders_id']))) && !isset($oInfo)) {
  874.         $oInfo = new objectInfo($orders->fields);
  875.       }
  876.  
  877.       if (isset($oInfo) && is_object($oInfo) && ($orders->fields['orders_id'] == $oInfo->orders_id)) {
  878.         echo '              <tr id="defaultSelected" class="dataTableRowSelected" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=edit', 'NONSSL') . '\'">' . "\n";
  879.       } else {
  880.         echo '              <tr class="dataTableRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID')) . 'oID=' . $orders->fields['orders_id'], 'NONSSL') . '\'">' . "\n";
  881.       }
  882.  
  883.       $show_difference = '';
  884.       if (($orders->fields['delivery_name'] != $orders->fields['billing_name'] and $orders->fields['delivery_name'] != '')) {
  885.         $show_difference = zen_image(DIR_WS_IMAGES . 'icon_status_red.gif', TEXT_BILLING_SHIPPING_MISMATCH, 10, 10) . '&nbsp;';
  886.       }
  887.       if (($orders->fields['delivery_street_address'] != $orders->fields['billing_street_address'] and $orders->fields['delivery_street_address'] != '')) {
  888.         $show_difference = zen_image(DIR_WS_IMAGES . 'icon_status_red.gif', TEXT_BILLING_SHIPPING_MISMATCH, 10, 10) . '&nbsp;';
  889.       }
  890.       $show_payment_type = $orders->fields['payment_module_code'] . '<br />' . $orders->fields['shipping_module_code'];
  891. ?>
  892.                 <td class="dataTableContent" align="right"><?php echo $show_difference . $orders->fields['orders_id']; ?></td>
  893.                 <td class="dataTableContent" align="left" width="50"><?php echo $show_payment_type; ?></td>
  894.                 <td class="dataTableContent"><?php echo '<a href="' . zen_href_link(FILENAME_CUSTOMERS, 'cID=' . $orders->fields['customers_id'], 'NONSSL') . '">' . zen_image(DIR_WS_ICONS . 'preview.gif', ICON_PREVIEW . ' ' . TABLE_HEADING_CUSTOMERS) . '</a>&nbsp;' . $orders->fields['customers_name'] . ($orders->fields['customers_company'] != '' ? '<br />' . $orders->fields['customers_company'] : ''); ?></td>
  895.                 <td class="dataTableContent" align="right"><?php echo strip_tags($orders->fields['order_total']); ?></td>
  896.                 <td class="dataTableContent" align="center"><?php echo zen_datetime_short($orders->fields['date_purchased']); ?></td>
  897.                 <td class="dataTableContent" align="right"><?php echo $orders->fields['orders_status_name']; ?></td>
  898.                 <td class="dataTableContent" align="center"><?php echo (zen_get_orders_comments($orders->fields['orders_id']) == '' ? '' : zen_image(DIR_WS_IMAGES . 'icon_yellow_on.gif', TEXT_COMMENTS_YES, 16, 16)); ?></td>
  899.  
  900.                 <td class="dataTableContent" align="right"><?php echo '<a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $orders->fields['orders_id'] . '&action=edit', 'NONSSL') . '">' . zen_image(DIR_WS_IMAGES . 'icon_edit.gif', ICON_EDIT) . '</a>'; ?><?php if (isset($oInfo) && is_object($oInfo) && ($orders->fields['orders_id'] == $oInfo->orders_id)) { echo zen_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '<a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID')) . 'oID=' . $orders->fields['orders_id'], 'NONSSL') . '">' . zen_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . '</a>'; } ?>&nbsp;</td>
  901.               </tr>
  902. <?php
  903.       $orders->MoveNext();
  904.     }
  905. ?>
  906.               <tr>
  907.                 <td colspan="5"><table border="0" width="100%" cellspacing="0" cellpadding="2">
  908.                   <tr>
  909.                     <td class="smallText" valign="top"><?php echo $orders_split->display_count($orders_query_numrows, MAX_DISPLAY_SEARCH_RESULTS_ORDERS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_ORDERS); ?></td>
  910.                     <td class="smallText" align="right"><?php echo $orders_split->display_links($orders_query_numrows, MAX_DISPLAY_SEARCH_RESULTS_ORDERS, MAX_DISPLAY_PAGE_LINKS, $_GET['page'], zen_get_all_get_params(array('page', 'oID', 'action'))); ?></td>
  911.                   </tr>
  912. <?php
  913.   if (isset($_GET['search']) && zen_not_null($_GET['search'])) {
  914. ?>
  915.                   <tr>
  916.                     <td class="smallText" align="right" colspan="2">
  917.                       <?php
  918.                         echo '<a href="' . zen_href_link(FILENAME_ORDERS, '', 'NONSSL') . '">' . zen_image_button('button_reset.gif', IMAGE_RESET) . '</a>';
  919.                         if (isset($_GET['search']) && zen_not_null($_GET['search'])) {
  920.                           $keywords = zen_db_input(zen_db_prepare_input($_GET['search']));
  921.                           echo '<br/ >' . TEXT_INFO_SEARCH_DETAIL_FILTER . $keywords;
  922.                         }
  923.                       ?>
  924.                     </td>
  925.                   </tr>
  926. <?php
  927.   }
  928. ?>
  929.                 </table></td>
  930.               </tr>
  931.             </table></td>
  932. <?php
  933.   $heading = array();
  934.   $contents = array();
  935.  
  936.   switch ($action) {
  937.     case 'delete':
  938.       $heading[] = array('text' => '<strong>' . TEXT_INFO_HEADING_DELETE_ORDER . '</strong>');
  939.  
  940.       $contents = array('form' => zen_draw_form('orders', FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . '&action=deleteconfirm', 'post', '', true) . zen_draw_hidden_field('oID', $oInfo->orders_id));
  941. //      $contents[] = array('text' => TEXT_INFO_DELETE_INTRO . '<br /><br /><strong>' . $cInfo->customers_firstname . ' ' . $cInfo->customers_lastname . '</strong>');
  942.       $contents[] = array('text' => TEXT_INFO_DELETE_INTRO . '<br /><br /><strong>' . ENTRY_ORDER_ID . $oInfo->orders_id . '<br />' . $oInfo->order_total . '<br />' . $oInfo->customers_name . ($oInfo->customers_company != '' ? '<br />' . $oInfo->customers_company : '') . '</strong>');
  943.       $contents[] = array('text' => '<br />' . zen_draw_checkbox_field('restock') . ' ' . TEXT_INFO_RESTOCK_PRODUCT_QUANTITY);
  944.       $contents[] = array('align' => 'center', 'text' => '<br />' . zen_image_submit('button_delete.gif', IMAGE_DELETE) . ' <a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id, 'NONSSL') . '">' . zen_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>');
  945.       break;
  946.     default:
  947.       if (isset($oInfo) && is_object($oInfo)) {
  948.         $heading[] = array('text' => '<strong>[' . $oInfo->orders_id . ']&nbsp;&nbsp;' . zen_datetime_short($oInfo->date_purchased) . '</strong>');
  949.  
  950.         $contents[] = array('align' => 'center', 'text' => '<a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=edit', 'NONSSL') . '">' . zen_image_button('button_edit.gif', IMAGE_EDIT) . '</a> <a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=delete', 'NONSSL') . '">' . zen_image_button('button_delete.gif', IMAGE_DELETE) . '</a>');
  951.         $contents[] = array('align' => 'center', 'text' => '<a href="' . zen_href_link(FILENAME_ORDERS_INVOICE, 'oID=' . $oInfo->orders_id) . '" TARGET="_blank">' . zen_image_button('button_invoice.gif', IMAGE_ORDERS_INVOICE) . '</a> <a href="' . zen_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $oInfo->orders_id) . '" TARGET="_blank">' . zen_image_button('button_packingslip.gif', IMAGE_ORDERS_PACKINGSLIP) . '</a>');
  952.         $contents[] = array('text' => '<br />' . TEXT_DATE_ORDER_CREATED . ' ' . zen_date_short($oInfo->date_purchased));
  953.         $contents[] = array('text' => '<br />' . $oInfo->customers_email_address);
  954.         $contents[] = array('text' => TEXT_INFO_IP_ADDRESS . ' ' . $oInfo->ip_address);
  955.         if (zen_not_null($oInfo->last_modified)) $contents[] = array('text' => TEXT_DATE_ORDER_LAST_MODIFIED . ' ' . zen_date_short($oInfo->last_modified));
  956.         $contents[] = array('text' => '<br />' . TEXT_INFO_PAYMENT_METHOD . ' '  . $oInfo->payment_method);
  957.         $contents[] = array('text' => '<br />' . ENTRY_SHIPPING . ' '  . $oInfo->shipping_method);
  958.  
  959. // check if order has open gv
  960.         $gv_check = $db->Execute("select order_id, unique_id
  961.                                  from " . TABLE_COUPON_GV_QUEUE ."
  962.                                  where order_id = '" . $oInfo->orders_id . "' and release_flag='N' limit 1");
  963.         if ($gv_check->RecordCount() > 0) {
  964.           $goto_gv = '<a href="' . zen_href_link(FILENAME_GV_QUEUE, 'order=' . $oInfo->orders_id) . '">' . zen_image_button('button_gift_queue.gif',IMAGE_GIFT_QUEUE) . '</a>';
  965.           $contents[] = array('text' => '<br />' . zen_image(DIR_WS_IMAGES . 'pixel_black.gif','','100%','3'));
  966.           $contents[] = array('align' => 'center', 'text' => $goto_gv);
  967.         }
  968.       }
  969.  
  970. // indicate if comments exist
  971.       $orders_history_query = $db->Execute("select orders_status_id, date_added, customer_notified, comments from " . TABLE_ORDERS_STATUS_HISTORY . " where orders_id = '" . $oInfo->orders_id . "' and comments !='" . "'" );
  972.       if ($orders_history_query->RecordCount() > 0) {
  973.         $contents[] = array('align' => 'left', 'text' => '<br />' . TABLE_HEADING_COMMENTS);
  974.       }
  975.  
  976.       $contents[] = array('text' => '<br />' . zen_image(DIR_WS_IMAGES . 'pixel_black.gif','','100%','3'));
  977.       $order = new order($oInfo->orders_id);
  978.       $contents[] = array('text' => TABLE_HEADING_PRODUCTS . ': ' . sizeof($order->products) );
  979.       for ($i=0; $i<sizeof($order->products); $i++) {
  980.         $contents[] = array('text' => $order->products[$i]['qty'] . '&nbsp;x&nbsp;' . $order->products[$i]['name']);
  981.  
  982.         if (sizeof($order->products[$i]['attributes']) > 0) {
  983.           for ($j=0; $j<sizeof($order->products[$i]['attributes']); $j++) {
  984.             $contents[] = array('text' => '&nbsp;<i> - ' . $order->products[$i]['attributes'][$j]['option'] . ': ' . nl2br(zen_output_string_protected($order->products[$i]['attributes'][$j]['value'])) . '</i></nobr>' );
  985.           }
  986.         }
  987.         if ($i > MAX_DISPLAY_RESULTS_ORDERS_DETAILS_LISTING and MAX_DISPLAY_RESULTS_ORDERS_DETAILS_LISTING != 0) {
  988.           $contents[] = array('align' => 'left', 'text' => TEXT_MORE);
  989.           break;
  990.         }
  991.       }
  992.  
  993.       if (sizeof($order->products) > 0) {
  994.         $contents[] = array('align' => 'center', 'text' => '<a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=edit', 'NONSSL') . '">' . zen_image_button('button_edit.gif', IMAGE_EDIT) . '</a>');
  995.       }
  996.       break;
  997.   }
  998.  
  999.   if ( (zen_not_null($heading)) && (zen_not_null($contents)) ) {
  1000.     echo '            <td width="25%" valign="top">' . "\n";
  1001.  
  1002.     $box = new box;
  1003.     echo $box->infoBox($heading, $contents);
  1004.  
  1005.     echo '            </td>' . "\n";
  1006.   }
  1007. ?>
  1008.           </tr>
  1009.         </table></td>
  1010.       </tr>
  1011. <?php
  1012.   }
  1013. ?>
  1014.     </table></td>
  1015. <!-- body_text_eof //-->
  1016.   </tr>
  1017. </table>
  1018. <!-- body_eof //-->
  1019.  
  1020. <!-- footer //-->
  1021. <div class="footer-area">
  1022. <?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
  1023. </div>
  1024. <!-- footer_eof //-->
  1025. <br />
  1026. </body>
  1027. </html>
  1028. <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>
  1029.  


cron