PageRenderTime 34ms CodeModel.GetById 10ms app.highlight 16ms RepoModel.GetById 1ms app.codeStats 1ms

/admin/orders.php

https://github.com/happyxlq/lt_svn
PHP | 1035 lines | 935 code | 58 blank | 42 comment | 150 complexity | a12592b859b8750739126eab7e22ed64 MD5 | raw file

Large files files are truncated, but you can click here to view the full file

  1<?php
  2/**
  3 * @package admin
  4 * @copyright Copyright 2003-2007 Zen Cart Development Team
  5 * @copyright Portions Copyright 2003 osCommerce
  6 * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
  7 * @version $Id: orders.php 6864 2007-08-27 16:15:20Z drbyte $
  8 */
  9
 10require('includes/application_top.php');
 11
 12require(DIR_WS_CLASSES . 'currencies.php');
 13$currencies = new currencies();
 14
 15include(DIR_WS_CLASSES . 'order.php');
 16
 17// prepare order-status pulldown list
 18$orders_statuses = array();
 19$orders_status_array = array();
 20$orders_status = $db->Execute("select orders_status_id, orders_status_name
 21                                 from " . TABLE_ORDERS_STATUS . "
 22                                 where language_id = '" . (int)$_SESSION['languages_id'] . "'");
 23while (!$orders_status->EOF)
 24{
 25    $orders_statuses[] = array('id' => $orders_status->fields['orders_status_id'],
 26            'text' => $orders_status->fields['orders_status_name'] . ' [' . $orders_status->fields['orders_status_id'] . ']');
 27    $orders_status_array[$orders_status->fields['orders_status_id']] = $orders_status->fields['orders_status_name'];
 28    $orders_status->MoveNext();
 29}
 30
 31$action = (isset($_GET['action']) ? $_GET['action'] : '');
 32$order_exists = false;
 33if (isset($_GET['oID']) && trim($_GET['oID']) == '') unset($_GET['oID']);
 34if ($action == 'edit' && !isset($_GET['oID'])) $action = '';
 35
 36if (isset($_GET['oID']))
 37{
 38	$orderid = zen_db_prepare_input(trim($_GET['oID']));
 39    $oID = '';
 40    $orders = $db->Execute("select order_no,orders_id from " . TABLE_ORDERS . "
 41                            where order_no = '" . $orderid . "' limit 1");
 42    $order_exists = true;
 43    if ($orders->RecordCount() <= 0)
 44    {
 45        $order_exists = false;
 46        if ($action != '') $messageStack->add(sprintf(ERROR_ORDER_DOES_NOT_EXIST, $orderid), 'error');
 47    }else {
 48    	$oID = $orders->fields['orders_id'];
 49    }
 50}
 51if (zen_not_null($action) && $order_exists == true)
 52{
 53    switch ($action)
 54    {
 55        case 'edit':
 56        // reset single download to on
 57            if ($_GET['download_reset_on'] > 0)
 58            {
 59                // adjust download_maxdays based on current date
 60                $check_status = $db->Execute("select customers_name, customers_email_address, orders_status,
 61                                      date_purchased from " . TABLE_ORDERS . "
 62                                      where orders_id = '" . $oID . "'");
 63                $zc_max_days = date_diff($check_status->fields['date_purchased'], date('Y-m-d H:i:s', time())) + DOWNLOAD_MAX_DAYS;
 64
 65                $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays='" . $zc_max_days . "', download_count='" . DOWNLOAD_MAX_COUNT . "' where orders_id='" . $oID . "' and orders_products_download_id='" . $_GET['download_reset_on'] . "'";
 66                $db->Execute($update_downloads_query);
 67                unset($_GET['download_reset_on']);
 68
 69                $messageStack->add_session(SUCCESS_ORDER_UPDATED_DOWNLOAD_ON, 'success');
 70                zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
 71            }
 72            // reset single download to off
 73            if ($_GET['download_reset_off'] > 0)
 74            {
 75                // adjust download_maxdays based on current date
 76                // *** fix: adjust count not maxdays to cancel download
 77//          $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays='0', download_count='0' where orders_id='" . $_GET['oID'] . "' and orders_products_download_id='" . $_GET['download_reset_off'] . "'";
 78                $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_count='0' where orders_id='" . $oID . "' and orders_products_download_id='" . $_GET['download_reset_off'] . "'";
 79                unset($_GET['download_reset_off']);
 80                $db->Execute($update_downloads_query);
 81
 82                $messageStack->add_session(SUCCESS_ORDER_UPDATED_DOWNLOAD_OFF, 'success');
 83                zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
 84            }
 85            break;
 86        case 'update_order':
 87        // demo active test
 88            if (zen_admin_demo())
 89            {
 90                $_GET['action']= '';
 91                $messageStack->add_session(ERROR_ADMIN_DEMO, 'caution');
 92                zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
 93            }
 94            //$oID = zen_db_prepare_input($_GET['oID']);
 95            $status = zen_db_prepare_input($_POST['status']);
 96            $comments = zen_db_prepare_input($_POST['comments']);
 97
 98            $order_updated = false;
 99            $check_status = $db->Execute("select customers_name, customers_email_address, orders_status,
100                                      date_purchased from " . TABLE_ORDERS . "
101                                      where orders_id = '" . (int)$oID . "'");
102
103            if ( ($check_status->fields['orders_status'] != $status) || zen_not_null($comments))
104            {
105                $db->Execute("update " . TABLE_ORDERS . "
106                        set orders_status = '" . zen_db_input($status) . "', last_modified = now()
107                        where orders_id = '" . (int)$oID . "'");
108
109                $notify_comments = '';
110                if (isset($_POST['notify_comments']) && ($_POST['notify_comments'] == 'on') && zen_not_null($comments))
111                {
112                    $notify_comments = EMAIL_TEXT_COMMENTS_UPDATE . $comments . "\n\n";
113                }
114                //send emails
115                $message = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" .
116                        EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID . "\n\n" .
117                        EMAIL_TEXT_INVOICE_URL . ' ' . zen_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id=' . $oID, 'SSL') . "\n\n" .
118                        EMAIL_TEXT_DATE_ORDERED . ' ' . zen_date_long($check_status->fields['date_purchased']) . "\n\n" .
119                        strip_tags($notify_comments) .
120                        EMAIL_TEXT_STATUS_UPDATED . sprintf(EMAIL_TEXT_STATUS_LABEL, $orders_status_array[$status] ) .
121                        EMAIL_TEXT_STATUS_PLEASE_REPLY;
122
123                $html_msg['EMAIL_CUSTOMERS_NAME']    = $check_status->fields['customers_name'];
124                $html_msg['EMAIL_TEXT_ORDER_NUMBER'] = EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID;
125                $html_msg['EMAIL_TEXT_INVOICE_URL']  = '<a href="' . zen_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id=' . $oID, 'SSL') .'">'.str_replace(':','',EMAIL_TEXT_INVOICE_URL).'</a>';
126                $html_msg['EMAIL_TEXT_DATE_ORDERED'] = EMAIL_TEXT_DATE_ORDERED . ' ' . zen_date_long($check_status->fields['date_purchased']);
127                $html_msg['EMAIL_TEXT_STATUS_COMMENTS'] = nl2br($notify_comments);
128                $html_msg['EMAIL_TEXT_STATUS_UPDATED'] = str_replace('\n','', EMAIL_TEXT_STATUS_UPDATED);
129                $html_msg['EMAIL_TEXT_STATUS_LABEL'] = str_replace('\n','', sprintf(EMAIL_TEXT_STATUS_LABEL, $orders_status_array[$status] ));
130                $html_msg['EMAIL_TEXT_NEW_STATUS'] = $orders_status_array[$status];
131                $html_msg['EMAIL_TEXT_STATUS_PLEASE_REPLY'] = str_replace('\n','', EMAIL_TEXT_STATUS_PLEASE_REPLY);
132
133                $customer_notified = '0';
134                if (isset($_POST['notify']) && ($_POST['notify'] == 'on'))
135                {
136                    zen_mail($check_status->fields['customers_name'], $check_status->fields['customers_email_address'], EMAIL_TEXT_SUBJECT . ' #' . $orderid, $message, STORE_NAME, EMAIL_FROM, $html_msg, 'order_status');
137                    $customer_notified = '1';
138
139                    //send extra emails
140                    if (SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO_STATUS == '1' and SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO != '')
141                    {
142                        zen_mail('', SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO, SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO_SUBJECT . ' ' . EMAIL_TEXT_SUBJECT . ' #' . $orderid, $message, STORE_NAME, EMAIL_FROM, $html_msg, 'order_status_extra');
143                    }
144                }
145
146                $db->Execute("insert into " . TABLE_ORDERS_STATUS_HISTORY . "
147                      (orders_id, orders_status_id, date_added, customer_notified, comments)
148                      values ('" . (int)$oID . "',
149                      '" . zen_db_input($status) . "',
150                      now(),
151                      '" . zen_db_input($customer_notified) . "',
152                      '" . zen_db_input($comments)  . "')");
153                $order_updated = true;
154            }
155
156            if ($order_updated == true)
157            {
158                if ($status == DOWNLOADS_ORDERS_STATUS_UPDATED_VALUE)
159                {
160                    // adjust download_maxdays based on current date
161                    $zc_max_days = date_diff($check_status->fields['date_purchased'], date('Y-m-d H:i:s', time())) + DOWNLOAD_MAX_DAYS;
162
163                    $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays='" . $zc_max_days . "', download_count='" . DOWNLOAD_MAX_COUNT . "' where orders_id='" . (int)$oID . "'";
164                    $db->Execute($update_downloads_query);
165                }
166                $messageStack->add_session(SUCCESS_ORDER_UPDATED, 'success');
167            } else
168            {
169                $messageStack->add_session(WARNING_ORDER_NOT_UPDATED, 'warning');
170            }
171
172            zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
173            break;
174        case 'deleteconfirm':
175        // demo active test
176            if (zen_admin_demo())
177            {
178                $_GET['action']= '';
179                $messageStack->add_session(ERROR_ADMIN_DEMO, 'caution');
180                zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')), 'NONSSL'));
181            }
182            //$oID = zen_db_prepare_input($_GET['oID']);
183
184            zen_remove_order($oID, $_POST['restock']);
185
186            zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')), 'NONSSL'));
187            break;
188        case 'delete_cvv':
189            $delete_cvv = $db->Execute("update " . TABLE_ORDERS . " set cc_cvv = '" . TEXT_DELETE_CVV_REPLACEMENT . "' where orders_id = '" . (int)$oID . "'");
190            zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
191            break;
192        case 'mask_cc':
193            $result  = $db->Execute("select cc_number from " . TABLE_ORDERS . " where orders_id = '" . (int)$oID . "'");
194            $old_num = $result->fields['cc_number'];
195            $new_num = substr($old_num, 0, 4) . str_repeat('*', (strlen($old_num) - 8)) . substr($old_num, -4);
196            $mask_cc = $db->Execute("update " . TABLE_ORDERS . " set cc_number = '" . $new_num . "' where orders_id = '" . (int)$oID . "'");
197            zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
198            break;
199
200        case 'doRefund':
201            $order = new order($oID);
202            if ($order->info['payment_module_code'])
203            {
204                if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php'))
205                {
206                    require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
207                    require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
208                    $module = new $order->info['payment_module_code'];
209                    if (method_exists($module, '_doRefund'))
210                    {
211                        $module->_doRefund($oID);
212                    }
213                }
214            }
215            zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
216            break;
217        case 'doAuth':
218            $order = new order($oID);
219            if ($order->info['payment_module_code'])
220            {
221                if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php'))
222                {
223                    require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
224                    require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
225                    $module = new $order->info['payment_module_code'];
226                    if (method_exists($module, '_doAuth'))
227                    {
228                        $module->_doAuth($oID, $order->info['total'], $order->info['currency']);
229                    }
230                }
231            }
232            zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
233            break;
234        case 'doCapture':
235            $order = new order($oID);
236            if ($order->info['payment_module_code'])
237            {
238                if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php'))
239                {
240                    require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
241                    require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
242                    $module = new $order->info['payment_module_code'];
243                    if (method_exists($module, '_doCapt'))
244                    {
245                        $module->_doCapt($oID, 'Complete', $order->info['total'], $order->info['currency']);
246                    }
247                }
248            }
249            zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
250            break;
251        case 'doVoid':
252            $order = new order($oID);
253            if ($order->info['payment_module_code'])
254            {
255                if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php'))
256                {
257                    require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
258                    require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
259                    $module = new $order->info['payment_module_code'];
260                    if (method_exists($module, '_doVoid'))
261                    {
262                        $module->_doVoid($oID);
263                    }
264                }
265            }
266            zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
267            break;
268    }
269}
270?>
271<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
272<html <?php echo HTML_PARAMS; ?>>
273    <head>
274        <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
275        <title><?php echo TITLE; ?></title>
276        <link rel="stylesheet" type="text/css" href="includes/stylesheet.css">
277        <link rel="stylesheet" type="text/css" media="print" href="includes/stylesheet_print.css">
278        <link rel="stylesheet" type="text/css" href="includes/cssjsmenuhover.css" media="all" id="hoverJS">
279        <script language="javascript" src="includes/menu.js"></script>
280        <script language="javascript" src="includes/general.js"></script>
281        <script type="text/javascript">
282            <!--
283            function init()
284            {
285                cssjsmenu('navbar');
286                if (document.getElementById)
287                {
288                    var kill = document.getElementById('hoverJS');
289                    kill.disabled = true;
290                }
291            }
292            // -->
293        </script>
294        <script language="javascript" type="text/javascript"><!--
295            function couponpopupWindow(url) {
296                window.open(url,'popupWindow','toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=yes,resizable=yes,copyhistory=no,width=450,height=280,screenX=150,screenY=150,top=150,left=150')
297            }
298            //--></script>
299    </head>
300    <body onLoad="init()">
301        <!-- header //-->
302        <div class="header-area">
303                                            <?php
304                                            require(DIR_WS_INCLUDES . 'header.php');
305                                            ?>
306        </div>
307        <!-- header_eof //-->
308
309        <!-- body //-->
310        <table border="0" width="100%" cellspacing="2" cellpadding="2">
311            <tr>
312                <!-- body_text //-->
313
314                                            <?php if ($action == '')
315                                            { ?>
316                <!-- search -->
317                <td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
318                        <tr>
319                            <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
320                                    <tr><?php echo zen_draw_form('search', FILENAME_ORDERS, '', 'get', '', true); ?>
321                                        <td width="65%" class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
322                                        <td colspan="2" class="smallText" align="right">
323                                                <?php
324// show reset search
325                                                if ((isset($_GET['search']) && zen_not_null($_GET['search'])) or $_GET['cID'] !='')
326                                                {
327        echo '<a href="' . zen_href_link(FILENAME_ORDERS, '', 'NONSSL') . '">' . zen_image_button('button_reset.gif', IMAGE_RESET) . '</a><br />';
328    }
329    ?>
330    <?php
331    echo HEADING_TITLE_SEARCH_DETAIL . ' ' . zen_draw_input_field('search') . zen_hide_session_id();
332    if (isset($_GET['search']) && zen_not_null($_GET['search']))
333                            {
334        $keywords = zen_db_input(zen_db_prepare_input($_GET['search']));
335        echo '<br/ >' . TEXT_INFO_SEARCH_DETAIL_FILTER . $keywords;
336                            }
337                            ?>
338                                        </td>
339                                        </form>
340
341
342                            <?php echo zen_draw_form('search_orders_products', FILENAME_ORDERS, '', 'get', '', true); ?>
343                                        <td class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
344                                        <td colspan="2" class="smallText" align="right">
345                            <?php
346// show reset search orders_products
347                            if ((isset($_GET['search_orders_products']) && zen_not_null($_GET['search_orders_products'])) or $_GET['cID'] !='')
348    {
349        echo '<a href="' . zen_href_link(FILENAME_ORDERS, '', 'NONSSL') . '">' . zen_image_button('button_reset.gif', IMAGE_RESET) . '</a><br />';
350    }
351    ?>
352    <?php
353    echo HEADING_TITLE_SEARCH_DETAIL_ORDERS_PRODUCTS . ' ' . zen_draw_input_field('search_orders_products') . zen_hide_session_id();
354    if (isset($_GET['search_orders_products']) && zen_not_null($_GET['search_orders_products']))
355    {
356        $keywords_orders_products = zen_db_input(zen_db_prepare_input($_GET['search_orders_products']));
357        echo '<br/ >' . TEXT_INFO_SEARCH_DETAIL_FILTER_ORDERS_PRODUCTS . zen_db_prepare_input($keywords_orders_products);
358    }
359    ?>
360                                        </td>
361                                        </form>
362
363                                </table></td>
364                        </tr>
365                        <!-- search -->
366    <?php } ?>
367
368
369<?php
370if (($action == 'edit') && ($order_exists == true))
371{
372    $order = new order($oID);
373    if ($order->info['payment_module_code'])
374    {
375        if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php'))
376        {
377            require(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
378            require(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
379            $module = new $order->info['payment_module_code'];
380//        echo $module->admin_notification($oID);
381        }
382    }
383    ?>
384                        <tr>
385                            <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
386                                    <tr>
387                                        <td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
388                                        <td class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
389                                        <td class="pageHeading" align="right"><?php echo '<a href="javascript:history.back()">' . zen_image_button('button_back.gif', IMAGE_BACK) . '</a>'; ?></td>
390                                    </tr>
391                                </table></td>
392                        </tr>
393                        <tr>
394                            <td><table width="100%" border="0" cellspacing="0" cellpadding="2">
395                                    <tr>
396                                        <td colspan="3"><?php echo zen_draw_separator(); ?></td>
397                                    </tr>
398                                    <tr>
399                                        <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">
400                                                <tr>
401                                                    <td class="main" valign="top"><strong><?php echo ENTRY_CUSTOMER; ?></strong></td>
402                                                    <td class="main"><?php echo zen_address_format($order->customer['format_id'], $order->customer, 1, '', '<br />'); ?></td>
403                                                </tr>
404                                                <tr>
405                                                    <td colspan="2"><?php echo zen_draw_separator('pixel_trans.gif', '1', '5'); ?></td>
406                                                </tr>
407                                                <tr>
408                                                    <td class="main"><strong><?php echo ENTRY_TELEPHONE_NUMBER; ?></strong></td>
409                                                    <td class="main"><?php echo $order->customer['telephone']; ?></td>
410                                                </tr>
411                                                <tr>
412                                                    <td class="main"><strong><?php echo ENTRY_EMAIL_ADDRESS; ?></strong></td>
413                                                    <td class="main"><?php echo '<a href="mailto:' . $order->customer['email_address'] . '">' . $order->customer['email_address'] . '</a>'; ?></td>
414                                                </tr>
415                                                <tr>
416                                                    <td class="main"><strong><?php echo TEXT_INFO_IP_ADDRESS; ?></strong></td>
417                                                    <td class="main"><?php echo $order->info['ip_address']; ?></td>
418                                                </tr>
419                                            </table></td>
420                                        <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">
421                                                <tr>
422                                                    <td class="main" valign="top"><strong><?php echo ENTRY_SHIPPING_ADDRESS; ?></strong></td>
423                                                    <td class="main"><?php echo zen_address_format($order->delivery['format_id'], $order->delivery, 1, '', '<br />'); ?></td>
424                                                </tr>
425                                            </table></td>
426                                        <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">
427                                                <tr>
428                                                    <td class="main" valign="top"><strong><?php echo ENTRY_BILLING_ADDRESS; ?></strong></td>
429                                                    <td class="main"><?php echo zen_address_format($order->billing['format_id'], $order->billing, 1, '', '<br />'); ?></td>
430                                                </tr>
431                                            </table></td>
432                                    </tr>
433                                </table></td>
434                        </tr>
435                        <tr>
436                            <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
437                        </tr>
438                        <tr>
439                            <td class="main"><strong><?php echo ENTRY_ORDER_ID . $orderid; ?></strong></td>
440                        </tr>
441                        <tr>
442                            <td><table border="0" cellspacing="0" cellpadding="2">
443                                    <tr>
444                                        <td class="main"><strong><?php echo ENTRY_DATE_PURCHASED; ?></strong></td>
445                                        <td class="main"><?php echo zen_date_long($order->info['date_purchased']); ?></td>
446                                    </tr>
447                                    <tr>
448                                        <td class="main"><strong><?php echo ENTRY_PAYMENT_METHOD; ?></strong></td>
449                                        <td class="main"><?php echo $order->info['payment_method']; ?></td>
450                                    </tr>
451    <?php
452    if (zen_not_null($order->info['cc_type']) || zen_not_null($order->info['cc_owner']) || zen_not_null($order->info['cc_number']))
453                                {
454        ?>
455                                    <tr>
456                                        <td colspan="2"><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
457                                    </tr>
458                                    <tr>
459                                        <td class="main"><?php echo ENTRY_CREDIT_CARD_TYPE; ?></td>
460                                        <td class="main"><?php echo $order->info['cc_type']; ?></td>
461                                    </tr>
462                                    <tr>
463                                        <td class="main"><?php echo ENTRY_CREDIT_CARD_OWNER; ?></td>
464                                        <td class="main"><?php echo $order->info['cc_owner']; ?></td>
465                                    </tr>
466                                    <tr>
467                                        <td class="main"><?php echo ENTRY_CREDIT_CARD_NUMBER; ?></td>
468                                        <td class="main"><?php echo $order->info['cc_number'] . (zen_not_null($order->info['cc_number']) && !strstr($order->info['cc_number'],'X') && !strstr($order->info['cc_number'],'********') ? '&nbsp;&nbsp;<a href="' . zen_href_link(FILENAME_ORDERS, '&action=mask_cc&oID=' . $oID, 'NONSSL') . '" class="noprint">' . TEXT_MASK_CC_NUMBER . '</a>' : ''); ?><td>
469                                    </tr>
470                                    <tr>
471                                        <td class="main"><?php echo ENTRY_CREDIT_CARD_CVV; ?></td>
472                                        <td class="main"><?php echo $order->info['cc_cvv'] . (zen_not_null($order->info['cc_cvv']) && !strstr($order->info['cc_cvv'],TEXT_DELETE_CVV_REPLACEMENT) ? '&nbsp;&nbsp;<a href="' . zen_href_link(FILENAME_ORDERS, '&action=delete_cvv&oID=' . $oID, 'NONSSL') . '" class="noprint">' . TEXT_DELETE_CVV_FROM_DATABASE . '</a>' : ''); ?><td>
473                                    </tr>
474                                    <tr>
475                                        <td class="main"><?php echo ENTRY_CREDIT_CARD_EXPIRES; ?></td>
476                                        <td class="main"><?php echo $order->info['cc_expires']; ?></td>
477                                    </tr>
478                                            <?php
479                                        }
480                                        ?>
481                                </table></td>
482                        </tr>
483                                        <?php
484                                        if (method_exists($module, 'admin_notification'))
485                                        {
486                                            ?>
487                        <tr>
488                            <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
489                        </tr>
490                        <tr>
491                                            <?php echo $module->admin_notification($oID); ?>
492                        </tr>
493                        <tr>
494                            <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
495                        </tr>
496                                            <?php
497                                        }
498                                        ?>
499                        <tr>
500                            <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
501                                    <tr class="dataTableHeadingRow">
502                                        <td class="dataTableHeadingContent" colspan="2"><?php echo TABLE_HEADING_PRODUCTS; ?></td>
503                                        <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_PRODUCTS_MODEL; ?></td>
504                                        <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TAX; ?></td>
505                                        <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_PRICE_EXCLUDING_TAX; ?></td>
506                                        <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_PRICE_INCLUDING_TAX; ?></td>
507                                        <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TOTAL_EXCLUDING_TAX; ?></td>
508                                        <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TOTAL_INCLUDING_TAX; ?></td>
509                                    </tr>
510    <?php
511                                                    for ($i=0, $n=sizeof($order->products); $i<$n; $i++)
512                                                    {
513                                                        echo '          <tr class="dataTableRow">' . "\n" .
514                                                                '            <td class="dataTableContent" valign="top" align="right">' . $order->products[$i]['qty'] . '&nbsp;x</td>' . "\n" .
515                                                                '            <td class="dataTableContent" valign="top">' . $order->products[$i]['name'];
516
517                                                        if (isset($order->products[$i]['attributes']) && (sizeof($order->products[$i]['attributes']) > 0))
518                                                        {
519            for ($j = 0, $k = sizeof($order->products[$i]['attributes']); $j < $k; $j++)
520            {
521                echo '<br /><nobr><small>&nbsp;<i> - ' . $order->products[$i]['attributes'][$j]['option'] . ': ' . nl2br(zen_output_string_protected($order->products[$i]['attributes'][$j]['value']));
522                if ($order->products[$i]['attributes'][$j]['price'] != '0') echo ' (' . $order->products[$i]['attributes'][$j]['prefix'] . $currencies->format($order->products[$i]['attributes'][$j]['price'] * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) . ')';
523                if ($order->products[$i]['attributes'][$j]['product_attribute_is_free'] == '1' and $order->products[$i]['product_is_free'] == '1') echo TEXT_INFO_ATTRIBUTE_FREE;
524                                        echo '</i></small></nobr>';
525                                    }
526                                }
527
528        echo '            </td>' . "\n" .
529                '            <td class="dataTableContent" valign="top">' . $order->products[$i]['model'] . '</td>' . "\n" .
530                '            <td class="dataTableContent" align="right" valign="top">' . zen_display_tax_value($order->products[$i]['tax']) . '%</td>' . "\n" .
531                '            <td class="dataTableContent" align="right" valign="top"><strong>' .
532                $currencies->format($order->products[$i]['final_price'], true, $order->info['currency'], $order->info['currency_value']) .
533                ($order->products[$i]['onetime_charges'] != 0 ? '<br />' . $currencies->format($order->products[$i]['onetime_charges'], true, $order->info['currency'], $order->info['currency_value']) : '') .
534                '</strong></td>' . "\n" .
535                '            <td class="dataTableContent" align="right" valign="top"><strong>' .
536                $currencies->format(zen_add_tax($order->products[$i]['final_price'], $order->products[$i]['tax']), true, $order->info['currency'], $order->info['currency_value']) .
537                ($order->products[$i]['onetime_charges'] != 0 ? '<br />' . $currencies->format(zen_add_tax($order->products[$i]['onetime_charges'], $order->products[$i]['tax']), true, $order->info['currency'], $order->info['currency_value']) : '') .
538                '</strong></td>' . "\n" .
539                '            <td class="dataTableContent" align="right" valign="top"><strong>' .
540                                                    $currencies->format($order->products[$i]['final_price'] * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) .
541                                                    ($order->products[$i]['onetime_charges'] != 0 ? '<br />' . $currencies->format($order->products[$i]['onetime_charges'], true, $order->info['currency'], $order->info['currency_value']) : '') .
542                                                    '</strong></td>' . "\n" .
543                                                    '            <td class="dataTableContent" align="right" valign="top"><strong>' .
544                                                    $currencies->format(zen_add_tax($order->products[$i]['final_price'], $order->products[$i]['tax']) * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) .
545                                                    ($order->products[$i]['onetime_charges'] != 0 ? '<br />' . $currencies->format(zen_add_tax($order->products[$i]['onetime_charges'], $order->products[$i]['tax']), true, $order->info['currency'], $order->info['currency_value']) : '') .
546                                                    '</strong></td>' . "\n";
547                                            echo '          </tr>' . "\n";
548                                        }
549                                        ?>
550                                    <tr>
551                                        <td align="right" colspan="8"><table border="0" cellspacing="0" cellpadding="2">
552                                        <?php
553                                        for ($i = 0, $n = sizeof($order->totals); $i < $n; $i++)
554                                        {
555                                            echo '              <tr>' . "\n" .
556                                                    '                <td align="right" class="'. str_replace('_', '-', $order->totals[$i]['class']) . '-Text">' . $order->totals[$i]['title'] . '</td>' . "\n" .
557                                                    '                <td align="right" class="'. str_replace('_', '-', $order->totals[$i]['class']) . '-Amount">' . $order->totals[$i]['text'] . '</td>' . "\n" .
558                                                    '              </tr>' . "\n";
559                                        }
560                                        ?>
561                                            </table></td>
562                                    </tr>
563                                </table></td>
564                        </tr>
565
566                                        <?php
567    // show downloads
568    require(DIR_WS_MODULES . 'orders_download.php');
569    ?>
570
571                        <tr>
572                            <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
573                        </tr>
574                        <tr>
575                            <td class="main"><table border="1" cellspacing="0" cellpadding="5">
576                                    <tr>
577                                        <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_DATE_ADDED; ?></strong></td>
578                                        <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_CUSTOMER_NOTIFIED; ?></strong></td>
579                                        <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_STATUS; ?></strong></td>
580                                        <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_COMMENTS; ?></strong></td>
581                                    </tr>
582    <?php
583    $orders_history = $db->Execute("select orders_status_id, date_added, customer_notified, comments
584                                    from " . TABLE_ORDERS_STATUS_HISTORY . "
585                                    where orders_id = '" . zen_db_input($oID) . "'
586                                    order by date_added");
587
588    if ($orders_history->RecordCount() > 0)
589    {
590        while (!$orders_history->EOF)
591        {
592            echo '          <tr>' . "\n" .
593                    '            <td class="smallText" align="center">' . zen_datetime_short($orders_history->fields['date_added']) . '</td>' . "\n" .
594                    '            <td class="smallText" align="center">';
595            if ($orders_history->fields['customer_notified'] == '1')
596            {
597                echo zen_image(DIR_WS_ICONS . 'tick.gif', ICON_TICK) . "</td>\n";
598            } else
599            {
600                                        echo zen_image(DIR_WS_ICONS . 'cross.gif', ICON_CROSS) . "</td>\n";
601                                    }
602                                    echo '            <td class="smallText">' . $orders_status_array[$orders_history->fields['orders_status_id']] . '</td>' . "\n";
603                                    echo '            <td class="smallText">' . nl2br(zen_db_output($orders_history->fields['comments'])) . '&nbsp;</td>' . "\n" .
604                                            '          </tr>' . "\n";
605                                    $orders_history->MoveNext();
606                                }
607                            } else
608                            {
609                                echo '          <tr>' . "\n" .
610                                        '            <td class="smallText" colspan="5">' . TEXT_NO_ORDER_HISTORY . '</td>' . "\n" .
611                                        '          </tr>' . "\n";
612                            }
613                            ?>
614                                </table></td>
615                        </tr>
616                        <tr>
617                            <td class="main noprint"><br /><strong><?php echo TABLE_HEADING_COMMENTS; ?></strong></td>
618                        </tr>
619                        <tr>
620                            <td class="noprint"><?php echo zen_draw_separator('pixel_trans.gif', '1', '5'); ?></td>
621                        </tr>
622                        <tr><?php echo zen_draw_form('status', FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=update_order', 'post', '', true); ?>
623                            <td class="main noprint"><?php echo zen_draw_textarea_field('comments', 'soft', '60', '5'); ?></td>
624                        </tr>
625                        <tr>
626                            <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
627                        </tr>
628                        <tr>
629                            <td><table border="0" cellspacing="0" cellpadding="2" class="noprint">
630                                    <tr>
631                                        <td><table border="0" cellspacing="0" cellpadding="2">
632                                                <tr>
633                                                    <td class="main"><strong><?php echo ENTRY_STATUS; ?></strong> <?php echo zen_draw_pull_down_menu('status', $orders_statuses, $order->info['orders_status']); ?></td>
634                                                </tr>
635                                                <tr>
636                                                    <td class="main"><strong><?php echo ENTRY_NOTIFY_CUSTOMER; ?></strong> <?php echo zen_draw_checkbox_field('notify', '', true); ?></td>
637                                                    <td class="main"><strong><?php echo ENTRY_NOTIFY_COMMENTS; ?></strong> <?php echo zen_draw_checkbox_field('notify_comments', '', true); ?></td>
638                                                </tr>
639                                            </table></td>
640                                        <td valign="top"><?php echo zen_image_submit('button_update.gif', IMAGE_UPDATE); ?></td>
641                                    </tr>
642                                </table></td>
643                            </form></tr>
644                        <tr>
645                            <td colspan="2" align="right" class="noprint"><?php echo '<a href="' . zen_href_link(FILENAME_ORDERS_INVOICE, 'oID=' . $oID) . '" TARGET="_blank">' . zen_image_button('button_invoice.gif', IMAGE_ORDERS_INVOICE) . '</a> <a href="' . zen_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $oID) . '" TARGET="_blank">' . zen_image_button('button_packingslip.gif', IMAGE_ORDERS_PACKINGSLIP) . '</a> <a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action'))) . '">' . zen_image_button('button_orders.gif', IMAGE_ORDERS) . '</a>'; ?></td>
646                        </tr>
647                                                        <?php
648// check if order has open gv
649                                                        $gv_check = $db->Execute("select order_id, unique_id
650                                  from " . TABLE_COUPON_GV_QUEUE ."
651                                  where order_id = '" . $oID . "' and release_flag='N' limit 1");
652                                                        if ($gv_check->RecordCount() > 0)
653                                                        {
654                                                            $goto_gv = '<a href="' . zen_href_link(FILENAME_GV_QUEUE, 'order=' . $oID) . '">' . zen_image_button('button_gift_queue.gif',IMAGE_GIFT_QUEUE) . '</a>';
655                                                            echo '      <tr><td align="right"><table width="225"><tr>';
656                                                            echo '        <td align="center">';
657                                                            echo $goto_gv . '&nbsp;&nbsp;';
658                                                            echo '        </td>';
659                                                            echo '      </tr></table></td></tr>';
660                                                        }
661                                                        ?>
662                                                        <?php
663                                                    } else
664                                                    {
665                                                        ?>
666                        <tr>
667                            <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
668                                    <tr>
669                                        <td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
670                                        <td class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
671                                        <td align="right"><table border="0" width="100%" cellspacing="0" cellpadding="0">
672                                                <tr><?php echo zen_draw_form('orders', FILENAME_ORDERS, '', 'get', '', true); ?>
673                                                    <td class="smallText" align="right"><?php echo HEADING_TITLE_SEARCH . ' ' . zen_draw_input_field('oID', '', 'size="12"') . zen_draw_hidden_field('action', 'edit') . zen_hide_session_id(); ?></td>
674                                                    </form></tr>
675                                                <tr><?php echo zen_draw_form('status', FILENAME_ORDERS, '', 'get', '', true); ?>
676                                                    <td class="smallText" align="right">
677    <?php
678    echo HEADING_TITLE_STATUS . ' ' . zen_draw_pull_down_menu('status', array_merge(array(array('id' => '', 'text' => TEXT_ALL_ORDERS)), $orders_statuses), $_GET['status'], 'onChange="this.form.submit();"');
679    echo zen_hide_session_id();
680    ?>
681                                                    </td>
682                                                    </form></tr>
683                                            </table></td>
684                                    </tr>
685                                </table></td>
686                        </tr>
687                        <tr>
688                            <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
689                                    <tr>
690                                        <td class="smallText"><?php echo TEXT_LEGEND . ' ' . zen_image(DIR_WS_IMAGES . 'icon_status_red.gif', TEXT_BILLING_SHIPPING_MISMATCH, 10, 10) . ' ' . TEXT_BILLING_SHIPPING_MISMATCH; ?>
691                                        </td>
692                                    <tr>
693                                        <td valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
694                                                <tr class="dataTableHeadingRow">
695                                                    <?php
696// Sort Listing
697                                                    switch ($_GET['list_order'])
698                                                    {
699                                                        case "id-asc":
700                                                            $disp_order = "c.customers_id";
701                                                            break;
702                                                        case "firstname":
703                                                            $disp_order = "c.customers_firstname";
704                                                            break;
705                                                        case "firstname-desc":
706                                                            $disp_order = "c.customers_firstname DESC";
707                                                            break;
708                                                        case "lastname":
709                                                            $disp_order = "c.customers_lastname, c.customers_firstname";
710                                                            break;
711                                                        case "lastname-desc":
712                                                            $disp_order = "c.customers_lastname DESC, c.customers_firstname";
713                                                            break;
714                                                        case "company":
715                                                            $disp_order = "a.entry_company";
716                                                            break;
717                                                        case "company-desc":
718                                                            $disp_order = "a.entry_company DESC";
719                                                            break;
720                                                        default:
721                                                            $disp_order = "c.customers_id DESC";
722                                                    }
723                                                    ?>
724                                                    <td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_ORDERS_ID; ?></td>
725                                                    <td class="dataTableHeadingContent" align="left" width="50"><?php echo TABLE_HEADING_PAYMENT_METHOD; ?></td>
726                                                    <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_CUSTOMERS; ?></td>
727                                                    <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ORDER_TOTAL; ?></td>
728                                                    <td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_DATE_PURCHASED; ?></td>
729                                                    <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_STATUS; ?></td>
730                                                    <td class="dataTableHeadingContent" align="center"><?…

Large files files are truncated, but you can click here to view the full file