[phpBB Debug] PHP Warning: in file [ROOT]/includes/crs/crs_misc_functions.php on line 37: mime_content_type(): Empty filename or path
[phpBB Debug] PHP Warning: in file [ROOT]/includes/crs/crs_misc_functions.php on line 37: mime_content_type(): Empty filename or path
Zen Cart 源代码 orders.php

Zen Cart 源代码 orders.php




下载文件

文件名: orders.php
文件类型: PHP文件
文件大小: 55.99 KiB
MD5: ef423688802e7c5038d8456c3044646a

orders.php - 关闭高亮
  1. <?php
  2. /**
  3.  * @package admin
  4.  * @copyright Copyright 2003-2010 Zen Cart Development Team
  5.  * @copyright Portions Copyright 2003 osCommerce
  6.  * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
  7.  * @version $Id: orders.php 15994 2010-04-19 17:17:51Z ajeh $
  8.  */
  9.  
  10.   require('includes/application_top.php');
  11.  
  12.   require(DIR_WS_CLASSES . 'currencies.php');
  13.   $currencies = new currencies();
  14.  
  15.   include(DIR_WS_CLASSES . 'order.php');
  16.  
  17.   // prepare order-status pulldown list
  18.   $orders_statuses = array();
  19.   $orders_status_array = array();
  20.   $orders_status = $db->Execute("select orders_status_id, orders_status_name
  21.                                 from " . TABLE_ORDERS_STATUS . "
  22.                                 where language_id = '" . (int)$_SESSION['languages_id'] . "' order by orders_status_id");
  23.   while (!$orders_status->EOF) {
  24.     $orders_statuses[] = array('id' => $orders_status->fields['orders_status_id'],
  25.                                'text' => $orders_status->fields['orders_status_name'] . ' [' . $orders_status->fields['orders_status_id'] . ']');
  26.     $orders_status_array[$orders_status->fields['orders_status_id']] = $orders_status->fields['orders_status_name'];
  27.     $orders_status->MoveNext();
  28.   }
  29.  
  30.   $action = (isset($_GET['action']) ? $_GET['action'] : '');
  31.   $order_exists = false;
  32.   if (isset($_GET['oID']) && trim($_GET['oID']) == '') unset($_GET['oID']);
  33.   if ($action == 'edit' && !isset($_GET['oID'])) $action = '';
  34.  
  35.   if (isset($_GET['oID'])) {
  36.     $oID = zen_db_prepare_input(trim($_GET['oID']));
  37.  
  38.     $orders = $db->Execute("select orders_id from " . TABLE_ORDERS . "
  39.                            where orders_id = '" . (int)$oID . "'");
  40.     $order_exists = true;
  41.     if ($orders->RecordCount() <= 0) {
  42.       $order_exists = false;
  43.       if ($action != '') $messageStack->add_session(ERROR_ORDER_DOES_NOT_EXIST . ' ' . $oID, 'error');
  44.       zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')), 'NONSSL'));
  45.     }
  46.   }
  47.  
  48.   if (zen_not_null($action) && $order_exists == true) {
  49.     switch ($action) {
  50.       case 'edit':
  51.       // reset single download to on
  52.         if ($_GET['download_reset_on'] > 0) {
  53.           // adjust download_maxdays based on current date
  54.           $check_status = $db->Execute("select customers_name, customers_email_address, orders_status,
  55.                                      date_purchased from " . TABLE_ORDERS . "
  56.                                      where orders_id = '" . $_GET['oID'] . "'");
  57.           $zc_max_days = zen_date_diff($check_status->fields['date_purchased'], date('Y-m-d H:i:s', time())) + DOWNLOAD_MAX_DAYS;
  58.  
  59.           $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays='" . $zc_max_days . "', download_count='" . DOWNLOAD_MAX_COUNT . "' where orders_id='" . $_GET['oID'] . "' and orders_products_download_id='" . $_GET['download_reset_on'] . "'";
  60.           $db->Execute($update_downloads_query);
  61.           unset($_GET['download_reset_on']);
  62.  
  63.           $messageStack->add_session(SUCCESS_ORDER_UPDATED_DOWNLOAD_ON, 'success');
  64.           zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  65.         }
  66.       // reset single download to off
  67.         if ($_GET['download_reset_off'] > 0) {
  68.           // adjust download_maxdays based on current date
  69.           // *** fix: adjust count not maxdays to cancel download
  70. //          $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays='0', download_count='0' where orders_id='" . $_GET['oID'] . "' and orders_products_download_id='" . $_GET['download_reset_off'] . "'";
  71.           $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_count='0' where orders_id='" . $_GET['oID'] . "' and orders_products_download_id='" . $_GET['download_reset_off'] . "'";
  72.           unset($_GET['download_reset_off']);
  73.           $db->Execute($update_downloads_query);
  74.  
  75.           $messageStack->add_session(SUCCESS_ORDER_UPDATED_DOWNLOAD_OFF, 'success');
  76.           zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  77.         }
  78.       break;
  79.       case 'update_order':
  80.         // demo active test
  81.         if (zen_admin_demo()) {
  82.           $_GET['action']= '';
  83.           $messageStack->add_session(ERROR_ADMIN_DEMO, 'caution');
  84.           zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  85.         }
  86.         $oID = zen_db_prepare_input($_GET['oID']);
  87.         $status = zen_db_prepare_input($_POST['status']);
  88.         $comments = zen_db_prepare_input($_POST['comments']);
  89.  
  90.         $order_updated = false;
  91.         $check_status = $db->Execute("select customers_name, customers_email_address, orders_status,
  92.                                      date_purchased from " . TABLE_ORDERS . "
  93.                                      where orders_id = '" . (int)$oID . "'");
  94.  
  95.         if ( ($check_status->fields['orders_status'] != $status) || zen_not_null($comments)) {
  96.           $db->Execute("update " . TABLE_ORDERS . "
  97.                        set orders_status = '" . zen_db_input($status) . "', last_modified = now()
  98.                        where orders_id = '" . (int)$oID . "'");
  99.  
  100.           $customer_notified = '0';
  101.           if (isset($_POST['notify']) && ($_POST['notify'] == '1')) {
  102.  
  103.             $notify_comments = '';
  104.             if (isset($_POST['notify_comments']) && ($_POST['notify_comments'] == 'on') && zen_not_null($comments)) {
  105.               $notify_comments = EMAIL_TEXT_COMMENTS_UPDATE . $comments . "\n\n";
  106.             }
  107.             //send emails
  108.             $message =
  109.             EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID . "\n\n" .
  110.             EMAIL_TEXT_INVOICE_URL . ' ' . zen_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id=' . $oID, 'SSL') . "\n\n" .
  111.             EMAIL_TEXT_DATE_ORDERED . ' ' . zen_date_long($check_status->fields['date_purchased']) . "\n\n" .
  112.             strip_tags($notify_comments) .
  113.             EMAIL_TEXT_STATUS_UPDATED . sprintf(EMAIL_TEXT_STATUS_LABEL, $orders_status_array[$status] ) .
  114.             EMAIL_TEXT_STATUS_PLEASE_REPLY;
  115.  
  116.             $html_msg['EMAIL_CUSTOMERS_NAME']    = $check_status->fields['customers_name'];
  117.             $html_msg['EMAIL_TEXT_ORDER_NUMBER'] = EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID;
  118.             $html_msg['EMAIL_TEXT_INVOICE_URL']  = '<a href="' . zen_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id=' . $oID, 'SSL') .'">'.str_replace(':','',EMAIL_TEXT_INVOICE_URL).'</a>';
  119.             $html_msg['EMAIL_TEXT_DATE_ORDERED'] = EMAIL_TEXT_DATE_ORDERED . ' ' . zen_date_long($check_status->fields['date_purchased']);
  120.             $html_msg['EMAIL_TEXT_STATUS_COMMENTS'] = nl2br($notify_comments);
  121.             $html_msg['EMAIL_TEXT_STATUS_UPDATED'] = str_replace('\n','', EMAIL_TEXT_STATUS_UPDATED);
  122.             $html_msg['EMAIL_TEXT_STATUS_LABEL'] = str_replace('\n','', sprintf(EMAIL_TEXT_STATUS_LABEL, $orders_status_array[$status] ));
  123.             $html_msg['EMAIL_TEXT_NEW_STATUS'] = $orders_status_array[$status];
  124.             $html_msg['EMAIL_TEXT_STATUS_PLEASE_REPLY'] = str_replace('\n','', EMAIL_TEXT_STATUS_PLEASE_REPLY);
  125.  
  126.             zen_mail($check_status->fields['customers_name'], $check_status->fields['customers_email_address'], EMAIL_TEXT_SUBJECT . ' #' . $oID, $message, STORE_NAME, EMAIL_FROM, $html_msg, 'order_status');
  127.             $customer_notified = '1';
  128.  
  129.             //send extra emails
  130.             if (SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO_STATUS == '1' and SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO != '') {
  131.               zen_mail('', SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO, SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO_SUBJECT . ' ' . EMAIL_TEXT_SUBJECT . ' #' . $oID, $message, STORE_NAME, EMAIL_FROM, $html_msg, 'order_status_extra');
  132.             }
  133.           } elseif (isset($_POST['notify']) && ($_POST['notify'] == '-1')) {
  134.             // hide comment
  135.             $customer_notified = '-1';
  136.           }
  137.  
  138.           $db->Execute("insert into " . TABLE_ORDERS_STATUS_HISTORY . "
  139.                      (orders_id, orders_status_id, date_added, customer_notified, comments)
  140.                      values ('" . (int)$oID . "',
  141.                      '" . zen_db_input($status) . "',
  142.                      now(),
  143.                      '" . zen_db_input($customer_notified) . "',
  144.                      '" . zen_db_input($comments)  . "')");
  145.           $order_updated = true;
  146.         }
  147.  
  148.         // trigger any appropriate updates which should be sent back to the payment gateway:
  149.         $order = new order((int)$oID);
  150.         if ($order->info['payment_module_code']) {
  151.           if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php')) {
  152.             require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
  153.             require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
  154.             $module = new $order->info['payment_module_code'];
  155.             if (method_exists($module, '_doStatusUpdate')) {
  156.               $response = $module->_doStatusUpdate($oID, $status, $comments, $customer_notified, $check_status->fields['orders_status']);
  157.             }
  158.           }
  159.         }
  160.  
  161.         if ($order_updated == true) {
  162.          if ($status == DOWNLOADS_ORDERS_STATUS_UPDATED_VALUE) {
  163.             // adjust download_maxdays based on current date
  164.             $zc_max_days = zen_date_diff($check_status->fields['date_purchased'], date('Y-m-d H:i:s', time())) + DOWNLOAD_MAX_DAYS;
  165.  
  166.             $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays='" . $zc_max_days . "', download_count='" . DOWNLOAD_MAX_COUNT . "' where orders_id='" . (int)$oID . "'";
  167.             $db->Execute($update_downloads_query);
  168.           }
  169.           $messageStack->add_session(SUCCESS_ORDER_UPDATED, 'success');
  170.         } else {
  171.           $messageStack->add_session(WARNING_ORDER_NOT_UPDATED, 'warning');
  172.         }
  173.         zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  174.         break;
  175.       case 'deleteconfirm':
  176.         // demo active test
  177.         if (zen_admin_demo()) {
  178.           $_GET['action']= '';
  179.           $messageStack->add_session(ERROR_ADMIN_DEMO, 'caution');
  180.           zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')), 'NONSSL'));
  181.         }
  182.         $oID = zen_db_prepare_input($_GET['oID']);
  183.  
  184.         zen_remove_order($oID, $_POST['restock']);
  185.  
  186.         zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')), 'NONSSL'));
  187.         break;
  188.       case 'delete_cvv':
  189.         $delete_cvv = $db->Execute("update " . TABLE_ORDERS . " set cc_cvv = '" . TEXT_DELETE_CVV_REPLACEMENT . "' where orders_id = '" . (int)$_GET['oID'] . "'");
  190.         zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  191.         break;
  192.       case 'mask_cc':
  193.         $result  = $db->Execute("select cc_number from " . TABLE_ORDERS . " where orders_id = '" . (int)$_GET['oID'] . "'");
  194.         $old_num = $result->fields['cc_number'];
  195.         $new_num = substr($old_num, 0, 4) . str_repeat('*', (strlen($old_num) - 8)) . substr($old_num, -4);
  196.         $mask_cc = $db->Execute("update " . TABLE_ORDERS . " set cc_number = '" . $new_num . "' where orders_id = '" . (int)$_GET['oID'] . "'");
  197.         zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  198.         break;
  199.  
  200.       case 'doRefund':
  201.         $order = new order($oID);
  202.         if ($order->info['payment_module_code']) {
  203.           if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php')) {
  204.             require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
  205.             require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
  206.             $module = new $order->info['payment_module_code'];
  207.             if (method_exists($module, '_doRefund')) {
  208.               $module->_doRefund($oID);
  209.             }
  210.           }
  211.         }
  212.         zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  213.         break;
  214.       case 'doAuth':
  215.         $order = new order($oID);
  216.         if ($order->info['payment_module_code']) {
  217.           if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php')) {
  218.             require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
  219.             require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
  220.             $module = new $order->info['payment_module_code'];
  221.             if (method_exists($module, '_doAuth')) {
  222.               $module->_doAuth($oID, $order->info['total'], $order->info['currency']);
  223.             }
  224.           }
  225.         }
  226.         zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  227.         break;
  228.       case 'doCapture':
  229.         $order = new order($oID);
  230.         if ($order->info['payment_module_code']) {
  231.           if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php')) {
  232.             require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
  233.             require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
  234.             $module = new $order->info['payment_module_code'];
  235.             if (method_exists($module, '_doCapt')) {
  236.               $module->_doCapt($oID, 'Complete', $order->info['total'], $order->info['currency']);
  237.             }
  238.           }
  239.         }
  240.         zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  241.         break;
  242.       case 'doVoid':
  243.         $order = new order($oID);
  244.         if ($order->info['payment_module_code']) {
  245.           if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php')) {
  246.             require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
  247.             require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
  248.             $module = new $order->info['payment_module_code'];
  249.             if (method_exists($module, '_doVoid')) {
  250.               $module->_doVoid($oID);
  251.             }
  252.           }
  253.         }
  254.         zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  255.         break;
  256.     }
  257.   }
  258. ?>
  259. <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
  260. <html <?php echo HTML_PARAMS; ?>>
  261. <head>
  262. <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
  263. <title><?php echo TITLE; ?></title>
  264. <link rel="stylesheet" type="text/css" href="includes/stylesheet.css">
  265. <link rel="stylesheet" type="text/css" media="print" href="includes/stylesheet_print.css">
  266. <link rel="stylesheet" type="text/css" href="includes/cssjsmenuhover.css" media="all" id="hoverJS">
  267. <script language="javascript" src="includes/menu.js"></script>
  268. <script language="javascript" src="includes/general.js"></script>
  269. <script type="text/javascript">
  270.   <!--
  271.   function init()
  272.   {
  273.     cssjsmenu('navbar');
  274.     if (document.getElementById)
  275.     {
  276.       var kill = document.getElementById('hoverJS');
  277.       kill.disabled = true;
  278.     }
  279.   }
  280.   // -->
  281. </script>
  282. <script language="javascript" type="text/javascript"><!--
  283. function couponpopupWindow(url) {
  284.   window.open(url,'popupWindow','toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=yes,resizable=yes,copyhistory=no,width=450,height=280,screenX=150,screenY=150,top=150,left=150')
  285. }
  286. //--></script>
  287. </head>
  288. <body onLoad="init()">
  289. <!-- header //-->
  290. <div class="header-area">
  291. <?php
  292.   require(DIR_WS_INCLUDES . 'header.php');
  293. ?>
  294. </div>
  295. <!-- header_eof //-->
  296.  
  297. <!-- body //-->
  298. <table border="0" width="100%" cellspacing="2" cellpadding="2">
  299.   <tr>
  300. <!-- body_text //-->
  301.  
  302. <?php if ($action == '') { ?>
  303. <!-- search -->
  304.     <td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
  305.       <tr>
  306.         <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
  307.          <tr><?php echo zen_draw_form('search', FILENAME_ORDERS, '', 'get', '', true); ?>
  308.             <td width="65%" class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
  309.             <td colspan="2" class="smallText" align="right">
  310. <?php
  311. // show reset search
  312.   if ((isset($_GET['search']) && zen_not_null($_GET['search'])) or $_GET['cID'] !='') {
  313.     echo '<a href="' . zen_href_link(FILENAME_ORDERS, '', 'NONSSL') . '">' . zen_image_button('button_reset.gif', IMAGE_RESET) . '</a><br />';
  314.   }
  315. ?>
  316. <?php
  317.   echo HEADING_TITLE_SEARCH_DETAIL . ' ' . zen_draw_input_field('search') . zen_hide_session_id();
  318.   if (isset($_GET['search']) && zen_not_null($_GET['search'])) {
  319.     $keywords = zen_db_input(zen_db_prepare_input($_GET['search']));
  320.     echo '<br/ >' . TEXT_INFO_SEARCH_DETAIL_FILTER . $keywords;
  321.   }
  322. ?>
  323.             </td>
  324.           </form>
  325.  
  326.  
  327.          <?php echo zen_draw_form('search_orders_products', FILENAME_ORDERS, '', 'get', '', true); ?>
  328.             <td class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
  329.             <td colspan="2" class="smallText" align="right">
  330. <?php
  331. // show reset search orders_products
  332.   if ((isset($_GET['search_orders_products']) && zen_not_null($_GET['search_orders_products'])) or $_GET['cID'] !='') {
  333.     echo '<a href="' . zen_href_link(FILENAME_ORDERS, '', 'NONSSL') . '">' . zen_image_button('button_reset.gif', IMAGE_RESET) . '</a><br />';
  334.   }
  335. ?>
  336. <?php
  337.   echo HEADING_TITLE_SEARCH_DETAIL_ORDERS_PRODUCTS . ' ' . zen_draw_input_field('search_orders_products') . zen_hide_session_id();
  338.   if (isset($_GET['search_orders_products']) && zen_not_null($_GET['search_orders_products'])) {
  339.     $keywords_orders_products = zen_db_input(zen_db_prepare_input($_GET['search_orders_products']));
  340.     echo '<br/ >' . TEXT_INFO_SEARCH_DETAIL_FILTER_ORDERS_PRODUCTS . zen_db_prepare_input($keywords_orders_products);
  341.   }
  342. ?>
  343.             </td>
  344.           </form>
  345.  
  346.         </table></td>
  347.       </tr>
  348. <!-- search -->
  349. <?php } ?>
  350.  
  351.  
  352. <?php
  353.   if (($action == 'edit') && ($order_exists == true)) {
  354.     $order = new order($oID);
  355.     if ($order->info['payment_module_code']) {
  356.       if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php')) {
  357.         require(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
  358.         require(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
  359.         $module = new $order->info['payment_module_code'];
  360. //        echo $module->admin_notification($oID);
  361.       }
  362.     }
  363. ?>
  364.       <tr>
  365.         <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
  366.           <tr>
  367.             <td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
  368.             <td class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
  369.             <td class="pageHeading" align="right"><?php echo '<a href="javascript:history.back()">' . zen_image_button('button_back.gif', IMAGE_BACK) . '</a>'; ?></td>
  370.           </tr>
  371.         </table></td>
  372.       </tr>
  373.       <tr>
  374.         <td><table width="100%" border="0" cellspacing="0" cellpadding="2">
  375.           <tr>
  376.             <td colspan="3"><?php echo zen_draw_separator(); ?></td>
  377.           </tr>
  378.           <tr>
  379.             <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">
  380.               <tr>
  381.                 <td class="main" valign="top"><strong><?php echo ENTRY_CUSTOMER; ?></strong></td>
  382.                 <td class="main"><?php echo zen_address_format($order->customer['format_id'], $order->customer, 1, '', '<br />'); ?></td>
  383.               </tr>
  384.               <tr>
  385.                 <td colspan="2"><?php echo zen_draw_separator('pixel_trans.gif', '1', '5'); ?></td>
  386.               </tr>
  387.               <tr>
  388.                 <td class="main"><strong><?php echo ENTRY_TELEPHONE_NUMBER; ?></strong></td>
  389.                 <td class="main"><?php echo $order->customer['telephone']; ?></td>
  390.               </tr>
  391.               <tr>
  392.                 <td class="main"><strong><?php echo ENTRY_EMAIL_ADDRESS; ?></strong></td>
  393.                 <td class="main"><?php echo '<a href="mailto:' . $order->customer['email_address'] . '">' . $order->customer['email_address'] . '</a>'; ?></td>
  394.               </tr>
  395.               <tr>
  396.                 <td class="main"><strong><?php echo TEXT_INFO_IP_ADDRESS; ?></strong></td>
  397.                 <td class="main"><?php echo $order->info['ip_address']; ?></td>
  398.               </tr>
  399.             </table></td>
  400.             <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">
  401.               <tr>
  402.                 <td class="main" valign="top"><strong><?php echo ENTRY_SHIPPING_ADDRESS; ?></strong></td>
  403.                 <td class="main"><?php echo zen_address_format($order->delivery['format_id'], $order->delivery, 1, '', '<br />'); ?></td>
  404.               </tr>
  405.             </table></td>
  406.             <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">
  407.               <tr>
  408.                 <td class="main" valign="top"><strong><?php echo ENTRY_BILLING_ADDRESS; ?></strong></td>
  409.                 <td class="main"><?php echo zen_address_format($order->billing['format_id'], $order->billing, 1, '', '<br />'); ?></td>
  410.               </tr>
  411.             </table></td>
  412.           </tr>
  413.         </table></td>
  414.       </tr>
  415.       <tr>
  416.         <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  417.       </tr>
  418.       <tr>
  419.         <td class="main"><strong><?php echo ENTRY_ORDER_ID . $oID; ?></strong></td>
  420.       </tr>
  421.       <tr>
  422.      <td><table border="0" cellspacing="0" cellpadding="2">
  423.         <tr>
  424.            <td class="main"><strong><?php echo ENTRY_DATE_PURCHASED; ?></strong></td>
  425.            <td class="main"><?php echo zen_date_long($order->info['date_purchased']); ?></td>
  426.         </tr>
  427.         <tr>
  428.            <td class="main"><strong><?php echo ENTRY_PAYMENT_METHOD; ?></strong></td>
  429.            <td class="main"><?php echo $order->info['payment_method']; ?></td>
  430.         </tr>
  431. <?php
  432.     if (zen_not_null($order->info['cc_type']) || zen_not_null($order->info['cc_owner']) || zen_not_null($order->info['cc_number'])) {
  433. ?>
  434.           <tr>
  435.             <td colspan="2"><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  436.           </tr>
  437.           <tr>
  438.             <td class="main"><?php echo ENTRY_CREDIT_CARD_TYPE; ?></td>
  439.             <td class="main"><?php echo $order->info['cc_type']; ?></td>
  440.           </tr>
  441.           <tr>
  442.             <td class="main"><?php echo ENTRY_CREDIT_CARD_OWNER; ?></td>
  443.             <td class="main"><?php echo $order->info['cc_owner']; ?></td>
  444.           </tr>
  445.           <tr>
  446.             <td class="main"><?php echo ENTRY_CREDIT_CARD_NUMBER; ?></td>
  447.             <td class="main"><?php echo $order->info['cc_number'] . (zen_not_null($order->info['cc_number']) && !strstr($order->info['cc_number'],'X') && !strstr($order->info['cc_number'],'********') ? '&nbsp;&nbsp;<a href="' . zen_href_link(FILENAME_ORDERS, '&action=mask_cc&oID=' . $oID, 'NONSSL') . '" class="noprint">' . TEXT_MASK_CC_NUMBER . '</a>' : ''); ?><td>
  448.           </tr>
  449. <?php if (zen_not_null($order->info['cc_cvv'])) { ?>
  450.           <tr>
  451.             <td class="main"><?php echo ENTRY_CREDIT_CARD_CVV; ?></td>
  452.             <td class="main"><?php echo $order->info['cc_cvv'] . (zen_not_null($order->info['cc_cvv']) && !strstr($order->info['cc_cvv'],TEXT_DELETE_CVV_REPLACEMENT) ? '&nbsp;&nbsp;<a href="' . zen_href_link(FILENAME_ORDERS, '&action=delete_cvv&oID=' . $oID, 'NONSSL') . '" class="noprint">' . TEXT_DELETE_CVV_FROM_DATABASE . '</a>' : ''); ?><td>
  453.           </tr>
  454. <?php } ?>
  455.           <tr>
  456.             <td class="main"><?php echo ENTRY_CREDIT_CARD_EXPIRES; ?></td>
  457.             <td class="main"><?php echo $order->info['cc_expires']; ?></td>
  458.           </tr>
  459. <?php
  460.     }
  461. ?>
  462.         </table></td>
  463.       </tr>
  464. <?php
  465.       if (method_exists($module, 'admin_notification')) {
  466. ?>
  467.       <tr>
  468.         <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  469.       </tr>
  470.       <tr>
  471.         <?php echo $module->admin_notification($oID); ?>
  472.       </tr>
  473.       <tr>
  474.         <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  475.       </tr>
  476. <?php
  477. }
  478. ?>
  479.       <tr>
  480.         <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
  481.           <tr class="dataTableHeadingRow">
  482.             <td class="dataTableHeadingContent" colspan="2"><?php echo TABLE_HEADING_PRODUCTS; ?></td>
  483.             <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_PRODUCTS_MODEL; ?></td>
  484.             <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TAX; ?></td>
  485.             <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_PRICE_EXCLUDING_TAX; ?></td>
  486.             <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_PRICE_INCLUDING_TAX; ?></td>
  487.             <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TOTAL_EXCLUDING_TAX; ?></td>
  488.             <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TOTAL_INCLUDING_TAX; ?></td>
  489.           </tr>
  490. <?php
  491.     for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {
  492.       echo '          <tr class="dataTableRow">' . "\n" .
  493.            '            <td class="dataTableContent" valign="top" align="right">' . $order->products[$i]['qty'] . '&nbsp;x</td>' . "\n" .
  494.            '            <td class="dataTableContent" valign="top">' . $order->products[$i]['name'];
  495.  
  496.       if (isset($order->products[$i]['attributes']) && (sizeof($order->products[$i]['attributes']) > 0)) {
  497.         for ($j = 0, $k = sizeof($order->products[$i]['attributes']); $j < $k; $j++) {
  498.           echo '<br /><nobr><small>&nbsp;<i> - ' . $order->products[$i]['attributes'][$j]['option'] . ': ' . nl2br(zen_output_string_protected($order->products[$i]['attributes'][$j]['value']));
  499.           if ($order->products[$i]['attributes'][$j]['price'] != '0') echo ' (' . $order->products[$i]['attributes'][$j]['prefix'] . $currencies->format($order->products[$i]['attributes'][$j]['price'] * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) . ')';
  500.           if ($order->products[$i]['attributes'][$j]['product_attribute_is_free'] == '1' and $order->products[$i]['product_is_free'] == '1') echo TEXT_INFO_ATTRIBUTE_FREE;
  501.           echo '</i></small></nobr>';
  502.         }
  503.       }
  504.  
  505.       echo '            </td>' . "\n" .
  506.            '            <td class="dataTableContent" valign="top">' . $order->products[$i]['model'] . '</td>' . "\n" .
  507.            '            <td class="dataTableContent" align="right" valign="top">' . zen_display_tax_value($order->products[$i]['tax']) . '%</td>' . "\n" .
  508.            '            <td class="dataTableContent" align="right" valign="top"><strong>' .
  509.                           $currencies->format($order->products[$i]['final_price'], true, $order->info['currency'], $order->info['currency_value']) .
  510.                           ($order->products[$i]['onetime_charges'] != 0 ? '<br />' . $currencies->format($order->products[$i]['onetime_charges'], true, $order->info['currency'], $order->info['currency_value']) : '') .
  511.                         '</strong></td>' . "\n" .
  512.            '            <td class="dataTableContent" align="right" valign="top"><strong>' .
  513.                           $currencies->format(zen_add_tax($order->products[$i]['final_price'], $order->products[$i]['tax']), true, $order->info['currency'], $order->info['currency_value']) .
  514.                           ($order->products[$i]['onetime_charges'] != 0 ? '<br />' . $currencies->format(zen_add_tax($order->products[$i]['onetime_charges'], $order->products[$i]['tax']), true, $order->info['currency'], $order->info['currency_value']) : '') .
  515.                         '</strong></td>' . "\n" .
  516.            '            <td class="dataTableContent" align="right" valign="top"><strong>' .
  517.                           $currencies->format($order->products[$i]['final_price'] * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) .
  518.                           ($order->products[$i]['onetime_charges'] != 0 ? '<br />' . $currencies->format($order->products[$i]['onetime_charges'], true, $order->info['currency'], $order->info['currency_value']) : '') .
  519.                         '</strong></td>' . "\n" .
  520.            '            <td class="dataTableContent" align="right" valign="top"><strong>' .
  521.                           $currencies->format(zen_add_tax($order->products[$i]['final_price'], $order->products[$i]['tax']) * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) .
  522.                           ($order->products[$i]['onetime_charges'] != 0 ? '<br />' . $currencies->format(zen_add_tax($order->products[$i]['onetime_charges'], $order->products[$i]['tax']), true, $order->info['currency'], $order->info['currency_value']) : '') .
  523.                         '</strong></td>' . "\n";
  524.       echo '          </tr>' . "\n";
  525.     }
  526. ?>
  527.           <tr>
  528.             <td align="right" colspan="8"><table border="0" cellspacing="0" cellpadding="2">
  529. <?php
  530.     for ($i = 0, $n = sizeof($order->totals); $i < $n; $i++) {
  531.       echo '              <tr>' . "\n" .
  532.            '                <td align="right" class="'. str_replace('_', '-', $order->totals[$i]['class']) . '-Text">' . $order->totals[$i]['title'] . '</td>' . "\n" .
  533.            '                <td align="right" class="'. str_replace('_', '-', $order->totals[$i]['class']) . '-Amount">' . $order->totals[$i]['text'] . '</td>' . "\n" .
  534.            '              </tr>' . "\n";
  535.     }
  536. ?>
  537.             </table></td>
  538.           </tr>
  539.         </table></td>
  540.       </tr>
  541.  
  542. <?php
  543.   // show downloads
  544.   require(DIR_WS_MODULES . 'orders_download.php');
  545. ?>
  546.  
  547.       <tr>
  548.         <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  549.       </tr>
  550.       <tr>
  551.         <td class="main"><table border="1" cellspacing="0" cellpadding="5">
  552.           <tr>
  553.             <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_DATE_ADDED; ?></strong></td>
  554.             <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_CUSTOMER_NOTIFIED; ?></strong></td>
  555.             <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_STATUS; ?></strong></td>
  556.             <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_COMMENTS; ?></strong></td>
  557.           </tr>
  558. <?php
  559.     $orders_history = $db->Execute("select orders_status_id, date_added, customer_notified, comments
  560.                                    from " . TABLE_ORDERS_STATUS_HISTORY . "
  561.                                    where orders_id = '" . zen_db_input($oID) . "'
  562.                                    order by date_added");
  563.  
  564.     if ($orders_history->RecordCount() > 0) {
  565.       while (!$orders_history->EOF) {
  566.         echo '          <tr>' . "\n" .
  567.              '            <td class="smallText" align="center">' . zen_datetime_short($orders_history->fields['date_added']) . '</td>' . "\n" .
  568.              '            <td class="smallText" align="center">';
  569.         if ($orders_history->fields['customer_notified'] == '1') {
  570.           echo zen_image(DIR_WS_ICONS . 'tick.gif', TEXT_YES) . "</td>\n";
  571.         } else if ($orders_history->fields['customer_notified'] == '-1') {
  572.           echo zen_image(DIR_WS_ICONS . 'locked.gif', TEXT_HIDDEN) . "</td>\n";
  573.         } else {
  574.           echo zen_image(DIR_WS_ICONS . 'unlocked.gif', TEXT_VISIBLE) . "</td>\n";
  575.         }
  576.         echo '            <td class="smallText">' . $orders_status_array[$orders_history->fields['orders_status_id']] . '</td>' . "\n";
  577.         echo '            <td class="smallText">' . nl2br(zen_db_output($orders_history->fields['comments'])) . '&nbsp;</td>' . "\n" .
  578.              '          </tr>' . "\n";
  579.         $orders_history->MoveNext();
  580.       }
  581.     } else {
  582.         echo '          <tr>' . "\n" .
  583.              '            <td class="smallText" colspan="5">' . TEXT_NO_ORDER_HISTORY . '</td>' . "\n" .
  584.              '          </tr>' . "\n";
  585.     }
  586. ?>
  587.         </table></td>
  588.       </tr>
  589.       <tr>
  590.         <td class="main noprint"><br /><strong><?php echo TABLE_HEADING_COMMENTS; ?></strong></td>
  591.       </tr>
  592.       <tr>
  593.         <td class="noprint"><?php echo zen_draw_separator('pixel_trans.gif', '1', '5'); ?></td>
  594.       </tr>
  595.       <tr><?php echo zen_draw_form('status', FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=update_order', 'post', '', true); ?>
  596.         <td class="main noprint"><?php echo zen_draw_textarea_field('comments', 'soft', '60', '5'); ?></td>
  597.       </tr>
  598.       <tr>
  599.         <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  600.       </tr>
  601.       <tr>
  602.         <td><table border="0" cellspacing="0" cellpadding="2" class="noprint">
  603.           <tr>
  604.             <td><table border="0" cellspacing="0" cellpadding="2">
  605.               <tr>
  606.                 <td class="main"><strong><?php echo ENTRY_STATUS; ?></strong> <?php echo zen_draw_pull_down_menu('status', $orders_statuses, $order->info['orders_status']); ?></td>
  607.               </tr>
  608.               <tr>
  609.                 <td class="main"><strong><?php echo ENTRY_NOTIFY_CUSTOMER; ?></strong> [<?php echo zen_draw_radio_field('notify', '1', true) . '-' . TEXT_EMAIL . ' ' . zen_draw_radio_field('notify', '0', FALSE) . '-' . TEXT_NOEMAIL . ' ' . zen_draw_radio_field('notify', '-1', FALSE) . '-' . TEXT_HIDE; ?>]&nbsp;&nbsp;&nbsp;</td>
  610.                 <td class="main"><strong><?php echo ENTRY_NOTIFY_COMMENTS; ?></strong> <?php echo zen_draw_checkbox_field('notify_comments', '', true); ?></td>
  611.               </tr>
  612.               <tr><td><br /></td></tr>
  613.             </table></td>
  614.             <td valign="top"><?php echo zen_image_submit('button_update.gif', IMAGE_UPDATE); ?></td>
  615.           </tr>
  616.         </table></td>
  617.       </form></tr>
  618.       <tr>
  619.         <td colspan="2" align="right" class="noprint"><?php echo '<a href="' . zen_href_link(FILENAME_ORDERS_INVOICE, 'oID=' . $_GET['oID']) . '" TARGET="_blank">' . zen_image_button('button_invoice.gif', IMAGE_ORDERS_INVOICE) . '</a> <a href="' . zen_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $_GET['oID']) . '" TARGET="_blank">' . zen_image_button('button_packingslip.gif', IMAGE_ORDERS_PACKINGSLIP) . '</a> <a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action'))) . '">' . zen_image_button('button_orders.gif', IMAGE_ORDERS) . '</a>'; ?></td>
  620.       </tr>
  621. <?php
  622. // check if order has open gv
  623.         $gv_check = $db->Execute("select order_id, unique_id
  624.                                  from " . TABLE_COUPON_GV_QUEUE ."
  625.                                  where order_id = '" . $_GET['oID'] . "' and release_flag='N' limit 1");
  626.         if ($gv_check->RecordCount() > 0) {
  627.           $goto_gv = '<a href="' . zen_href_link(FILENAME_GV_QUEUE, 'order=' . $_GET['oID']) . '">' . zen_image_button('button_gift_queue.gif',IMAGE_GIFT_QUEUE) . '</a>';
  628.           echo '      <tr><td align="right"><table width="225"><tr>';
  629.           echo '        <td align="center">';
  630.           echo $goto_gv . '&nbsp;&nbsp;';
  631.           echo '        </td>';
  632.           echo '      </tr></table></td></tr>';
  633.         }
  634. ?>
  635. <?php
  636.   } else {
  637. ?>
  638.       <tr>
  639.         <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
  640.           <tr>
  641.             <td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
  642.             <td class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
  643.             <td align="right"><table border="0" width="100%" cellspacing="0" cellpadding="0">
  644.               <tr><?php echo zen_draw_form('orders', FILENAME_ORDERS, '', 'get', '', true); ?>
  645.                 <td class="smallText" align="right"><?php echo HEADING_TITLE_SEARCH . ' ' . zen_draw_input_field('oID', '', 'size="12"') . zen_draw_hidden_field('action', 'edit') . zen_hide_session_id(); ?></td>
  646.               </form></tr>
  647.               <tr><?php echo zen_draw_form('status', FILENAME_ORDERS, '', 'get', '', true); ?>
  648.                 <td class="smallText" align="right">
  649.                   <?php
  650.                     echo HEADING_TITLE_STATUS . ' ' . zen_draw_pull_down_menu('status', array_merge(array(array('id' => '', 'text' => TEXT_ALL_ORDERS)), $orders_statuses), $_GET['status'], 'onChange="this.form.submit();"');
  651.                     echo zen_hide_session_id();
  652.                   ?>
  653.                 </td>
  654.               </form></tr>
  655.             </table></td>
  656.           </tr>
  657.         </table></td>
  658.       </tr>
  659.       <tr>
  660.         <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
  661.           <tr>
  662.             <td class="smallText"><?php echo TEXT_LEGEND . ' ' . zen_image(DIR_WS_IMAGES . 'icon_status_red.gif', TEXT_BILLING_SHIPPING_MISMATCH, 10, 10) . ' ' . TEXT_BILLING_SHIPPING_MISMATCH; ?>
  663.           </td>
  664.           <tr>
  665.             <td valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
  666.               <tr class="dataTableHeadingRow">
  667. <?php
  668. // Sort Listing
  669.           switch ($_GET['list_order']) {
  670.               case "id-asc":
  671.               $disp_order = "c.customers_id";
  672.               break;
  673.               case "firstname":
  674.               $disp_order = "c.customers_firstname";
  675.               break;
  676.               case "firstname-desc":
  677.               $disp_order = "c.customers_firstname DESC";
  678.               break;
  679.               case "lastname":
  680.               $disp_order = "c.customers_lastname, c.customers_firstname";
  681.               break;
  682.               case "lastname-desc":
  683.               $disp_order = "c.customers_lastname DESC, c.customers_firstname";
  684.               break;
  685.               case "company":
  686.               $disp_order = "a.entry_company";
  687.               break;
  688.               case "company-desc":
  689.               $disp_order = "a.entry_company DESC";
  690.               break;
  691.               default:
  692.               $disp_order = "c.customers_id DESC";
  693.           }
  694. ?>
  695.                 <td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_ORDERS_ID; ?></td>
  696.                 <td class="dataTableHeadingContent" align="left" width="50"><?php echo TABLE_HEADING_PAYMENT_METHOD; ?></td>
  697.                 <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_CUSTOMERS; ?></td>
  698.                 <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ORDER_TOTAL; ?></td>
  699.                 <td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_DATE_PURCHASED; ?></td>
  700.                 <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_STATUS; ?></td>
  701.                 <td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_CUSTOMER_COMMENTS; ?></td>
  702.                 <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACTION; ?>&nbsp;</td>
  703.               </tr>
  704.  
  705. <?php
  706. // Only one or the other search
  707. // create search_orders_products filter
  708.   $search = '';
  709.   $new_table = '';
  710.   $new_fields = '';
  711.   if (isset($_GET['search_orders_products']) && zen_not_null($_GET['search_orders_products'])) {
  712.     $new_fields = '';
  713.     $search_distinct = ' distinct ';
  714.     $new_table = " left join " . TABLE_ORDERS_PRODUCTS . " op on (op.orders_id = o.orders_id) ";
  715.     $keywords = zen_db_input(zen_db_prepare_input($_GET['search_orders_products']));
  716.     $search = " and (op.products_model like '%" . $keywords . "%' or op.products_name like '" . $keywords . "%')";
  717.     if (substr(strtoupper($_GET['search_orders_products']), 0, 3) == 'ID:') {
  718.       $keywords = TRIM(substr($_GET['search_orders_products'], 3));
  719.       $search = " and op.products_id ='" . (int)$keywords . "'";
  720.     }
  721.   } else {
  722. ?>
  723. <?php
  724. // create search filter
  725.   $search = '';
  726.   if (isset($_GET['search']) && zen_not_null($_GET['search'])) {
  727.     $search_distinct = ' ';
  728.     $keywords = zen_db_input(zen_db_prepare_input($_GET['search']));
  729.     $search = " and (o.customers_city like '%" . $keywords . "%' or o.customers_postcode like '%" . $keywords . "%' or o.date_purchased like '%" . $keywords . "%' or o.billing_name like '%" . $keywords . "%' or o.billing_company like '%" . $keywords . "%' or o.billing_street_address like '%" . $keywords . "%' or o.delivery_city like '%" . $keywords . "%' or o.delivery_postcode like '%" . $keywords . "%' or o.delivery_name like '%" . $keywords . "%' or o.delivery_company like '%" . $keywords . "%' or o.delivery_street_address like '%" . $keywords . "%' or o.billing_city like '%" . $keywords . "%' or o.billing_postcode like '%" . $keywords . "%' or o.customers_email_address like '%" . $keywords . "%' or o.customers_name like '%" . $keywords . "%' or o.customers_company like '%" . $keywords . "%' or o.customers_street_address  like '%" . $keywords . "%' or o.customers_telephone like '%" . $keywords . "%' or o.ip_address  like '%" . $keywords . "%')";
  730.     $new_table = '';
  731. //    $new_fields = ", o.customers_company, o.customers_email_address, o.customers_street_address, o.delivery_company, o.delivery_name, o.delivery_street_address, o.billing_company, o.billing_name, o.billing_street_address, o.payment_module_code, o.shipping_module_code, o.ip_address ";
  732.   }
  733. } // eof: search orders or orders_products
  734.     $new_fields = ", o.customers_company, o.customers_email_address, o.customers_street_address, o.delivery_company, o.delivery_name, o.delivery_street_address, o.billing_company, o.billing_name, o.billing_street_address, o.payment_module_code, o.shipping_module_code, o.ip_address ";
  735. ?>
  736. <?php
  737.     if (isset($_GET['cID'])) {
  738.       $cID = zen_db_prepare_input($_GET['cID']);
  739.       $orders_query_raw =   "select o.orders_id, o.customers_id, o.customers_name, o.payment_method, o.shipping_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total" .
  740.                             $new_fields . "
  741.                            from (" . TABLE_ORDERS_STATUS . " s, " .
  742.                             TABLE_ORDERS . " o " .
  743.                             $new_table . ")
  744.                            left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id and ot.class = 'ot_total') " . "
  745.                            where o.customers_id = '" . (int)$cID . "' and o.orders_status = s.orders_status_id and s.language_id = '" . (int)$_SESSION['languages_id'] . "' order by orders_id DESC";
  746.  
  747. //echo '<BR><BR>I SEE A: ' . $orders_query_raw . '<BR><BR>';
  748.  
  749.     } elseif ($_GET['status'] != '') {
  750.       $status = zen_db_prepare_input($_GET['status']);
  751.       $orders_query_raw = "select o.orders_id, o.customers_id, o.customers_name, o.payment_method, o.shipping_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total" .
  752.                           $new_fields . "
  753.                          from (" . TABLE_ORDERS_STATUS . " s, " .
  754.                           TABLE_ORDERS . " o " .
  755.                           $new_table . ")
  756.                          left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id and ot.class = 'ot_total') " . "
  757.                          where o.orders_status = s.orders_status_id and s.language_id = '" . (int)$_SESSION['languages_id'] . "' and s.orders_status_id = '" . (int)$status . "'  " .
  758.                           $search . " order by o.orders_id DESC";
  759.  
  760. //echo '<BR><BR>I SEE B: ' . $orders_query_raw . '<BR><BR>';
  761.  
  762.     } else {
  763.       $orders_query_raw = "select " . $search_distinct . " o.orders_id, o.customers_id, o.customers_name, o.payment_method, o.shipping_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total" .
  764.                           $new_fields . "
  765.                          from (" . TABLE_ORDERS_STATUS . " s, " .
  766.                           TABLE_ORDERS . " o " .
  767.                           $new_table . ")
  768.                          left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id and ot.class = 'ot_total') " . "
  769.                          where (o.orders_status = s.orders_status_id and s.language_id = '" . (int)$_SESSION['languages_id'] . "')  " .
  770.                           $search . " order by o.orders_id DESC";
  771.  
  772. //echo '<BR><BR>I SEE C: ' . $orders_query_raw . '<BR><BR>';
  773.  
  774.     }
  775.  
  776. // Split Page
  777. // reset page when page is unknown
  778. if (($_GET['page'] == '' or $_GET['page'] <= 1) and $_GET['oID'] != '') {
  779.   $check_page = $db->Execute($orders_query_raw);
  780.   $check_count=1;
  781.   if ($check_page->RecordCount() > MAX_DISPLAY_SEARCH_RESULTS_ORDERS) {
  782.     while (!$check_page->EOF) {
  783.       if ($check_page->fields['orders_id'] == $_GET['oID']) {
  784.         break;
  785.       }
  786.       $check_count++;
  787.       $check_page->MoveNext();
  788.     }
  789.     $_GET['page'] = round((($check_count/MAX_DISPLAY_SEARCH_RESULTS_ORDERS)+(fmod_round($check_count,MAX_DISPLAY_SEARCH_RESULTS_ORDERS) !=0 ? .5 : 0)),0);
  790.   } else {
  791.     $_GET['page'] = 1;
  792.   }
  793. }
  794.  
  795. //    $orders_query_numrows = '';
  796.     $orders_split = new splitPageResults($_GET['page'], MAX_DISPLAY_SEARCH_RESULTS_ORDERS, $orders_query_raw, $orders_query_numrows);
  797.     $orders = $db->Execute($orders_query_raw);
  798.     while (!$orders->EOF) {
  799.     if ((!isset($_GET['oID']) || (isset($_GET['oID']) && ($_GET['oID'] == $orders->fields['orders_id']))) && !isset($oInfo)) {
  800.         $oInfo = new objectInfo($orders->fields);
  801.       }
  802.  
  803.       if (isset($oInfo) && is_object($oInfo) && ($orders->fields['orders_id'] == $oInfo->orders_id)) {
  804.         echo '              <tr id="defaultSelected" class="dataTableRowSelected" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=edit', 'NONSSL') . '\'">' . "\n";
  805.       } else {
  806.         echo '              <tr class="dataTableRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID')) . 'oID=' . $orders->fields['orders_id'], 'NONSSL') . '\'">' . "\n";
  807.       }
  808.  
  809.       $show_difference = '';
  810.       if (($orders->fields['delivery_name'] != $orders->fields['billing_name'] and $orders->fields['delivery_name'] != '')) {
  811.         $show_difference = zen_image(DIR_WS_IMAGES . 'icon_status_red.gif', TEXT_BILLING_SHIPPING_MISMATCH, 10, 10) . '&nbsp;';
  812.       }
  813.       if (($orders->fields['delivery_street_address'] != $orders->fields['billing_street_address'] and $orders->fields['delivery_street_address'] != '')) {
  814.         $show_difference = zen_image(DIR_WS_IMAGES . 'icon_status_red.gif', TEXT_BILLING_SHIPPING_MISMATCH, 10, 10) . '&nbsp;';
  815.       }
  816.       $show_payment_type = $orders->fields['payment_module_code'] . '<br />' . $orders->fields['shipping_module_code'];
  817. ?>
  818.                 <td class="dataTableContent" align="right"><?php echo $show_difference . $orders->fields['orders_id']; ?></td>
  819.                 <td class="dataTableContent" align="left" width="50"><?php echo $show_payment_type; ?></td>
  820.                 <td class="dataTableContent"><?php echo '<a href="' . zen_href_link(FILENAME_CUSTOMERS, 'cID=' . $orders->fields['customers_id'], 'NONSSL') . '">' . zen_image(DIR_WS_ICONS . 'preview.gif', ICON_PREVIEW . ' ' . TABLE_HEADING_CUSTOMERS) . '</a>&nbsp;' . $orders->fields['customers_name'] . ($orders->fields['customers_company'] != '' ? '<br />' . $orders->fields['customers_company'] : ''); ?></td>
  821.                 <td class="dataTableContent" align="right"><?php echo strip_tags($orders->fields['order_total']); ?></td>
  822.                 <td class="dataTableContent" align="center"><?php echo zen_datetime_short($orders->fields['date_purchased']); ?></td>
  823.                 <td class="dataTableContent" align="right"><?php echo $orders->fields['orders_status_name']; ?></td>
  824.                 <td class="dataTableContent" align="center"><?php echo (zen_get_orders_comments($orders->fields['orders_id']) == '' ? '' : zen_image(DIR_WS_IMAGES . 'icon_yellow_on.gif', TEXT_COMMENTS_YES, 16, 16)); ?></td>
  825.  
  826.                 <td class="dataTableContent" align="right"><?php echo '<a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $orders->fields['orders_id'] . '&action=edit', 'NONSSL') . '">' . zen_image(DIR_WS_IMAGES . 'icon_edit.gif', ICON_EDIT) . '</a>'; ?><?php if (isset($oInfo) && is_object($oInfo) && ($orders->fields['orders_id'] == $oInfo->orders_id)) { echo zen_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '<a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID')) . 'oID=' . $orders->fields['orders_id'], 'NONSSL') . '">' . zen_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . '</a>'; } ?>&nbsp;</td>
  827.               </tr>
  828. <?php
  829.       $orders->MoveNext();
  830.     }
  831. ?>
  832.               <tr>
  833.                 <td colspan="5"><table border="0" width="100%" cellspacing="0" cellpadding="2">
  834.                   <tr>
  835.                     <td class="smallText" valign="top"><?php echo $orders_split->display_count($orders_query_numrows, MAX_DISPLAY_SEARCH_RESULTS_ORDERS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_ORDERS); ?></td>
  836.                     <td class="smallText" align="right"><?php echo $orders_split->display_links($orders_query_numrows, MAX_DISPLAY_SEARCH_RESULTS_ORDERS, MAX_DISPLAY_PAGE_LINKS, $_GET['page'], zen_get_all_get_params(array('page', 'oID', 'action'))); ?></td>
  837.                   </tr>
  838. <?php
  839.   if (isset($_GET['search']) && zen_not_null($_GET['search'])) {
  840. ?>
  841.                   <tr>
  842.                     <td class="smallText" align="right" colspan="2">
  843.                       <?php
  844.                         echo '<a href="' . zen_href_link(FILENAME_ORDERS, '', 'NONSSL') . '">' . zen_image_button('button_reset.gif', IMAGE_RESET) . '</a>';
  845.                         if (isset($_GET['search']) && zen_not_null($_GET['search'])) {
  846.                           $keywords = zen_db_input(zen_db_prepare_input($_GET['search']));
  847.                           echo '<br/ >' . TEXT_INFO_SEARCH_DETAIL_FILTER . $keywords;
  848.                         }
  849.                       ?>
  850.                     </td>
  851.                   </tr>
  852. <?php
  853.   }
  854. ?>
  855.                 </table></td>
  856.               </tr>
  857.             </table></td>
  858. <?php
  859.   $heading = array();
  860.   $contents = array();
  861.  
  862.   switch ($action) {
  863.     case 'delete':
  864.       $heading[] = array('text' => '<strong>' . TEXT_INFO_HEADING_DELETE_ORDER . '</strong>');
  865.  
  866.       $contents = array('form' => zen_draw_form('orders', FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=deleteconfirm', 'post', '', true));
  867. //      $contents[] = array('text' => TEXT_INFO_DELETE_INTRO . '<br /><br /><strong>' . $cInfo->customers_firstname . ' ' . $cInfo->customers_lastname . '</strong>');
  868.       $contents[] = array('text' => TEXT_INFO_DELETE_INTRO . '<br /><br /><strong>' . ENTRY_ORDER_ID . $oInfo->orders_id . '<br />' . $oInfo->order_total . '<br />' . $oInfo->customers_name . ($oInfo->customers_company != '' ? '<br />' . $oInfo->customers_company : '') . '</strong>');
  869.       $contents[] = array('text' => '<br />' . zen_draw_checkbox_field('restock') . ' ' . TEXT_INFO_RESTOCK_PRODUCT_QUANTITY);
  870.       $contents[] = array('align' => 'center', 'text' => '<br />' . zen_image_submit('button_delete.gif', IMAGE_DELETE) . ' <a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id, 'NONSSL') . '">' . zen_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>');
  871.       break;
  872.     default:
  873.       if (isset($oInfo) && is_object($oInfo)) {
  874.         $heading[] = array('text' => '<strong>[' . $oInfo->orders_id . ']&nbsp;&nbsp;' . zen_datetime_short($oInfo->date_purchased) . '</strong>');
  875.  
  876.         $contents[] = array('align' => 'center', 'text' => '<a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=edit', 'NONSSL') . '">' . zen_image_button('button_edit.gif', IMAGE_EDIT) . '</a> <a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=delete', 'NONSSL') . '">' . zen_image_button('button_delete.gif', IMAGE_DELETE) . '</a>');
  877.         $contents[] = array('align' => 'center', 'text' => '<a href="' . zen_href_link(FILENAME_ORDERS_INVOICE, 'oID=' . $oInfo->orders_id) . '" TARGET="_blank">' . zen_image_button('button_invoice.gif', IMAGE_ORDERS_INVOICE) . '</a> <a href="' . zen_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $oInfo->orders_id) . '" TARGET="_blank">' . zen_image_button('button_packingslip.gif', IMAGE_ORDERS_PACKINGSLIP) . '</a>');
  878.         $contents[] = array('text' => '<br />' . TEXT_DATE_ORDER_CREATED . ' ' . zen_date_short($oInfo->date_purchased));
  879.         $contents[] = array('text' => '<br />' . $oInfo->customers_email_address);
  880.         $contents[] = array('text' => TEXT_INFO_IP_ADDRESS . ' ' . $oInfo->ip_address);
  881.         if (zen_not_null($oInfo->last_modified)) $contents[] = array('text' => TEXT_DATE_ORDER_LAST_MODIFIED . ' ' . zen_date_short($oInfo->last_modified));
  882.         $contents[] = array('text' => '<br />' . TEXT_INFO_PAYMENT_METHOD . ' '  . $oInfo->payment_method);
  883.         $contents[] = array('text' => '<br />' . ENTRY_SHIPPING . ' '  . $oInfo->shipping_method);
  884.  
  885. // check if order has open gv
  886.         $gv_check = $db->Execute("select order_id, unique_id
  887.                                  from " . TABLE_COUPON_GV_QUEUE ."
  888.                                  where order_id = '" . $oInfo->orders_id . "' and release_flag='N' limit 1");
  889.         if ($gv_check->RecordCount() > 0) {
  890.           $goto_gv = '<a href="' . zen_href_link(FILENAME_GV_QUEUE, 'order=' . $oInfo->orders_id) . '">' . zen_image_button('button_gift_queue.gif',IMAGE_GIFT_QUEUE) . '</a>';
  891.           $contents[] = array('text' => '<br />' . zen_image(DIR_WS_IMAGES . 'pixel_black.gif','','100%','3'));
  892.           $contents[] = array('align' => 'center', 'text' => $goto_gv);
  893.         }
  894.       }
  895.  
  896. // indicate if comments exist
  897.       $orders_history_query = $db->Execute("select orders_status_id, date_added, customer_notified, comments from " . TABLE_ORDERS_STATUS_HISTORY . " where orders_id = '" . $oInfo->orders_id . "' and comments !='" . "'" );
  898.       if ($orders_history_query->RecordCount() > 0) {
  899.         $contents[] = array('align' => 'left', 'text' => '<br />' . TABLE_HEADING_COMMENTS);
  900.       }
  901.  
  902.       $contents[] = array('text' => '<br />' . zen_image(DIR_WS_IMAGES . 'pixel_black.gif','','100%','3'));
  903.       $order = new order($oInfo->orders_id);
  904.       $contents[] = array('text' => 'Products Ordered: ' . sizeof($order->products) );
  905.       for ($i=0; $i<sizeof($order->products); $i++) {
  906.         $contents[] = array('text' => $order->products[$i]['qty'] . '&nbsp;x&nbsp;' . $order->products[$i]['name']);
  907.  
  908.         if (sizeof($order->products[$i]['attributes']) > 0) {
  909.           for ($j=0; $j<sizeof($order->products[$i]['attributes']); $j++) {
  910.             $contents[] = array('text' => '&nbsp;<i> - ' . $order->products[$i]['attributes'][$j]['option'] . ': ' . nl2br(zen_output_string_protected($order->products[$i]['attributes'][$j]['value'])) . '</i></nobr>' );
  911.           }
  912.         }
  913.         if ($i > MAX_DISPLAY_RESULTS_ORDERS_DETAILS_LISTING and MAX_DISPLAY_RESULTS_ORDERS_DETAILS_LISTING != 0) {
  914.           $contents[] = array('align' => 'left', 'text' => TEXT_MORE);
  915.           break;
  916.         }
  917.       }
  918.  
  919.       if (sizeof($order->products) > 0) {
  920.         $contents[] = array('align' => 'center', 'text' => '<a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=edit', 'NONSSL') . '">' . zen_image_button('button_edit.gif', IMAGE_EDIT) . '</a>');
  921.       }
  922.       break;
  923.   }
  924.  
  925.   if ( (zen_not_null($heading)) && (zen_not_null($contents)) ) {
  926.     echo '            <td width="25%" valign="top">' . "\n";
  927.  
  928.     $box = new box;
  929.     echo $box->infoBox($heading, $contents);
  930.  
  931.     echo '            </td>' . "\n";
  932.   }
  933. ?>
  934.           </tr>
  935.         </table></td>
  936.       </tr>
  937. <?php
  938.   }
  939. ?>
  940.     </table></td>
  941. <!-- body_text_eof //-->
  942.   </tr>
  943. </table>
  944. <!-- body_eof //-->
  945.  
  946. <!-- footer //-->
  947. <div class="footer-area">
  948. <?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
  949. </div>
  950. <!-- footer_eof //-->
  951. <br />
  952. </body>
  953. </html>
  954. <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>
  955.