PageRenderTime 54ms CodeModel.GetById 19ms RepoModel.GetById 0ms app.codeStats 1ms

/admin/orders.php

https://github.com/happyxlq/lt_svn
PHP | 1035 lines | 935 code | 58 blank | 42 comment | 150 complexity | a12592b859b8750739126eab7e22ed64 MD5 | raw file
Possible License(s): AGPL-1.0, BSD-3-Clause, LGPL-2.1

Large files files are truncated, but you can click here to view the full file

  1. <?php
  2. /**
  3. * @package admin
  4. * @copyright Copyright 2003-2007 Zen Cart Development Team
  5. * @copyright Portions Copyright 2003 osCommerce
  6. * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
  7. * @version $Id: orders.php 6864 2007-08-27 16:15:20Z drbyte $
  8. */
  9. require('includes/application_top.php');
  10. require(DIR_WS_CLASSES . 'currencies.php');
  11. $currencies = new currencies();
  12. include(DIR_WS_CLASSES . 'order.php');
  13. // prepare order-status pulldown list
  14. $orders_statuses = array();
  15. $orders_status_array = array();
  16. $orders_status = $db->Execute("select orders_status_id, orders_status_name
  17. from " . TABLE_ORDERS_STATUS . "
  18. where language_id = '" . (int)$_SESSION['languages_id'] . "'");
  19. while (!$orders_status->EOF)
  20. {
  21. $orders_statuses[] = array('id' => $orders_status->fields['orders_status_id'],
  22. 'text' => $orders_status->fields['orders_status_name'] . ' [' . $orders_status->fields['orders_status_id'] . ']');
  23. $orders_status_array[$orders_status->fields['orders_status_id']] = $orders_status->fields['orders_status_name'];
  24. $orders_status->MoveNext();
  25. }
  26. $action = (isset($_GET['action']) ? $_GET['action'] : '');
  27. $order_exists = false;
  28. if (isset($_GET['oID']) && trim($_GET['oID']) == '') unset($_GET['oID']);
  29. if ($action == 'edit' && !isset($_GET['oID'])) $action = '';
  30. if (isset($_GET['oID']))
  31. {
  32. $orderid = zen_db_prepare_input(trim($_GET['oID']));
  33. $oID = '';
  34. $orders = $db->Execute("select order_no,orders_id from " . TABLE_ORDERS . "
  35. where order_no = '" . $orderid . "' limit 1");
  36. $order_exists = true;
  37. if ($orders->RecordCount() <= 0)
  38. {
  39. $order_exists = false;
  40. if ($action != '') $messageStack->add(sprintf(ERROR_ORDER_DOES_NOT_EXIST, $orderid), 'error');
  41. }else {
  42. $oID = $orders->fields['orders_id'];
  43. }
  44. }
  45. if (zen_not_null($action) && $order_exists == true)
  46. {
  47. switch ($action)
  48. {
  49. case 'edit':
  50. // reset single download to on
  51. if ($_GET['download_reset_on'] > 0)
  52. {
  53. // adjust download_maxdays based on current date
  54. $check_status = $db->Execute("select customers_name, customers_email_address, orders_status,
  55. date_purchased from " . TABLE_ORDERS . "
  56. where orders_id = '" . $oID . "'");
  57. $zc_max_days = date_diff($check_status->fields['date_purchased'], date('Y-m-d H:i:s', time())) + DOWNLOAD_MAX_DAYS;
  58. $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays='" . $zc_max_days . "', download_count='" . DOWNLOAD_MAX_COUNT . "' where orders_id='" . $oID . "' and orders_products_download_id='" . $_GET['download_reset_on'] . "'";
  59. $db->Execute($update_downloads_query);
  60. unset($_GET['download_reset_on']);
  61. $messageStack->add_session(SUCCESS_ORDER_UPDATED_DOWNLOAD_ON, 'success');
  62. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  63. }
  64. // reset single download to off
  65. if ($_GET['download_reset_off'] > 0)
  66. {
  67. // adjust download_maxdays based on current date
  68. // *** fix: adjust count not maxdays to cancel download
  69. // $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays='0', download_count='0' where orders_id='" . $_GET['oID'] . "' and orders_products_download_id='" . $_GET['download_reset_off'] . "'";
  70. $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_count='0' where orders_id='" . $oID . "' and orders_products_download_id='" . $_GET['download_reset_off'] . "'";
  71. unset($_GET['download_reset_off']);
  72. $db->Execute($update_downloads_query);
  73. $messageStack->add_session(SUCCESS_ORDER_UPDATED_DOWNLOAD_OFF, 'success');
  74. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  75. }
  76. break;
  77. case 'update_order':
  78. // demo active test
  79. if (zen_admin_demo())
  80. {
  81. $_GET['action']= '';
  82. $messageStack->add_session(ERROR_ADMIN_DEMO, 'caution');
  83. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  84. }
  85. //$oID = zen_db_prepare_input($_GET['oID']);
  86. $status = zen_db_prepare_input($_POST['status']);
  87. $comments = zen_db_prepare_input($_POST['comments']);
  88. $order_updated = false;
  89. $check_status = $db->Execute("select customers_name, customers_email_address, orders_status,
  90. date_purchased from " . TABLE_ORDERS . "
  91. where orders_id = '" . (int)$oID . "'");
  92. if ( ($check_status->fields['orders_status'] != $status) || zen_not_null($comments))
  93. {
  94. $db->Execute("update " . TABLE_ORDERS . "
  95. set orders_status = '" . zen_db_input($status) . "', last_modified = now()
  96. where orders_id = '" . (int)$oID . "'");
  97. $notify_comments = '';
  98. if (isset($_POST['notify_comments']) && ($_POST['notify_comments'] == 'on') && zen_not_null($comments))
  99. {
  100. $notify_comments = EMAIL_TEXT_COMMENTS_UPDATE . $comments . "\n\n";
  101. }
  102. //send emails
  103. $message = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" .
  104. EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID . "\n\n" .
  105. EMAIL_TEXT_INVOICE_URL . ' ' . zen_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id=' . $oID, 'SSL') . "\n\n" .
  106. EMAIL_TEXT_DATE_ORDERED . ' ' . zen_date_long($check_status->fields['date_purchased']) . "\n\n" .
  107. strip_tags($notify_comments) .
  108. EMAIL_TEXT_STATUS_UPDATED . sprintf(EMAIL_TEXT_STATUS_LABEL, $orders_status_array[$status] ) .
  109. EMAIL_TEXT_STATUS_PLEASE_REPLY;
  110. $html_msg['EMAIL_CUSTOMERS_NAME'] = $check_status->fields['customers_name'];
  111. $html_msg['EMAIL_TEXT_ORDER_NUMBER'] = EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID;
  112. $html_msg['EMAIL_TEXT_INVOICE_URL'] = '<a href="' . zen_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id=' . $oID, 'SSL') .'">'.str_replace(':','',EMAIL_TEXT_INVOICE_URL).'</a>';
  113. $html_msg['EMAIL_TEXT_DATE_ORDERED'] = EMAIL_TEXT_DATE_ORDERED . ' ' . zen_date_long($check_status->fields['date_purchased']);
  114. $html_msg['EMAIL_TEXT_STATUS_COMMENTS'] = nl2br($notify_comments);
  115. $html_msg['EMAIL_TEXT_STATUS_UPDATED'] = str_replace('\n','', EMAIL_TEXT_STATUS_UPDATED);
  116. $html_msg['EMAIL_TEXT_STATUS_LABEL'] = str_replace('\n','', sprintf(EMAIL_TEXT_STATUS_LABEL, $orders_status_array[$status] ));
  117. $html_msg['EMAIL_TEXT_NEW_STATUS'] = $orders_status_array[$status];
  118. $html_msg['EMAIL_TEXT_STATUS_PLEASE_REPLY'] = str_replace('\n','', EMAIL_TEXT_STATUS_PLEASE_REPLY);
  119. $customer_notified = '0';
  120. if (isset($_POST['notify']) && ($_POST['notify'] == 'on'))
  121. {
  122. zen_mail($check_status->fields['customers_name'], $check_status->fields['customers_email_address'], EMAIL_TEXT_SUBJECT . ' #' . $orderid, $message, STORE_NAME, EMAIL_FROM, $html_msg, 'order_status');
  123. $customer_notified = '1';
  124. //send extra emails
  125. if (SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO_STATUS == '1' and SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO != '')
  126. {
  127. zen_mail('', SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO, SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO_SUBJECT . ' ' . EMAIL_TEXT_SUBJECT . ' #' . $orderid, $message, STORE_NAME, EMAIL_FROM, $html_msg, 'order_status_extra');
  128. }
  129. }
  130. $db->Execute("insert into " . TABLE_ORDERS_STATUS_HISTORY . "
  131. (orders_id, orders_status_id, date_added, customer_notified, comments)
  132. values ('" . (int)$oID . "',
  133. '" . zen_db_input($status) . "',
  134. now(),
  135. '" . zen_db_input($customer_notified) . "',
  136. '" . zen_db_input($comments) . "')");
  137. $order_updated = true;
  138. }
  139. if ($order_updated == true)
  140. {
  141. if ($status == DOWNLOADS_ORDERS_STATUS_UPDATED_VALUE)
  142. {
  143. // adjust download_maxdays based on current date
  144. $zc_max_days = date_diff($check_status->fields['date_purchased'], date('Y-m-d H:i:s', time())) + DOWNLOAD_MAX_DAYS;
  145. $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays='" . $zc_max_days . "', download_count='" . DOWNLOAD_MAX_COUNT . "' where orders_id='" . (int)$oID . "'";
  146. $db->Execute($update_downloads_query);
  147. }
  148. $messageStack->add_session(SUCCESS_ORDER_UPDATED, 'success');
  149. } else
  150. {
  151. $messageStack->add_session(WARNING_ORDER_NOT_UPDATED, 'warning');
  152. }
  153. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  154. break;
  155. case 'deleteconfirm':
  156. // demo active test
  157. if (zen_admin_demo())
  158. {
  159. $_GET['action']= '';
  160. $messageStack->add_session(ERROR_ADMIN_DEMO, 'caution');
  161. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')), 'NONSSL'));
  162. }
  163. //$oID = zen_db_prepare_input($_GET['oID']);
  164. zen_remove_order($oID, $_POST['restock']);
  165. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')), 'NONSSL'));
  166. break;
  167. case 'delete_cvv':
  168. $delete_cvv = $db->Execute("update " . TABLE_ORDERS . " set cc_cvv = '" . TEXT_DELETE_CVV_REPLACEMENT . "' where orders_id = '" . (int)$oID . "'");
  169. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  170. break;
  171. case 'mask_cc':
  172. $result = $db->Execute("select cc_number from " . TABLE_ORDERS . " where orders_id = '" . (int)$oID . "'");
  173. $old_num = $result->fields['cc_number'];
  174. $new_num = substr($old_num, 0, 4) . str_repeat('*', (strlen($old_num) - 8)) . substr($old_num, -4);
  175. $mask_cc = $db->Execute("update " . TABLE_ORDERS . " set cc_number = '" . $new_num . "' where orders_id = '" . (int)$oID . "'");
  176. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  177. break;
  178. case 'doRefund':
  179. $order = new order($oID);
  180. if ($order->info['payment_module_code'])
  181. {
  182. if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php'))
  183. {
  184. require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
  185. require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
  186. $module = new $order->info['payment_module_code'];
  187. if (method_exists($module, '_doRefund'))
  188. {
  189. $module->_doRefund($oID);
  190. }
  191. }
  192. }
  193. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  194. break;
  195. case 'doAuth':
  196. $order = new order($oID);
  197. if ($order->info['payment_module_code'])
  198. {
  199. if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php'))
  200. {
  201. require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
  202. require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
  203. $module = new $order->info['payment_module_code'];
  204. if (method_exists($module, '_doAuth'))
  205. {
  206. $module->_doAuth($oID, $order->info['total'], $order->info['currency']);
  207. }
  208. }
  209. }
  210. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  211. break;
  212. case 'doCapture':
  213. $order = new order($oID);
  214. if ($order->info['payment_module_code'])
  215. {
  216. if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php'))
  217. {
  218. require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
  219. require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
  220. $module = new $order->info['payment_module_code'];
  221. if (method_exists($module, '_doCapt'))
  222. {
  223. $module->_doCapt($oID, 'Complete', $order->info['total'], $order->info['currency']);
  224. }
  225. }
  226. }
  227. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  228. break;
  229. case 'doVoid':
  230. $order = new order($oID);
  231. if ($order->info['payment_module_code'])
  232. {
  233. if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php'))
  234. {
  235. require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
  236. require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
  237. $module = new $order->info['payment_module_code'];
  238. if (method_exists($module, '_doVoid'))
  239. {
  240. $module->_doVoid($oID);
  241. }
  242. }
  243. }
  244. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  245. break;
  246. }
  247. }
  248. ?>
  249. <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
  250. <html <?php echo HTML_PARAMS; ?>>
  251. <head>
  252. <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
  253. <title><?php echo TITLE; ?></title>
  254. <link rel="stylesheet" type="text/css" href="includes/stylesheet.css">
  255. <link rel="stylesheet" type="text/css" media="print" href="includes/stylesheet_print.css">
  256. <link rel="stylesheet" type="text/css" href="includes/cssjsmenuhover.css" media="all" id="hoverJS">
  257. <script language="javascript" src="includes/menu.js"></script>
  258. <script language="javascript" src="includes/general.js"></script>
  259. <script type="text/javascript">
  260. <!--
  261. function init()
  262. {
  263. cssjsmenu('navbar');
  264. if (document.getElementById)
  265. {
  266. var kill = document.getElementById('hoverJS');
  267. kill.disabled = true;
  268. }
  269. }
  270. // -->
  271. </script>
  272. <script language="javascript" type="text/javascript"><!--
  273. function couponpopupWindow(url) {
  274. window.open(url,'popupWindow','toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=yes,resizable=yes,copyhistory=no,width=450,height=280,screenX=150,screenY=150,top=150,left=150')
  275. }
  276. //--></script>
  277. </head>
  278. <body onLoad="init()">
  279. <!-- header //-->
  280. <div class="header-area">
  281. <?php
  282. require(DIR_WS_INCLUDES . 'header.php');
  283. ?>
  284. </div>
  285. <!-- header_eof //-->
  286. <!-- body //-->
  287. <table border="0" width="100%" cellspacing="2" cellpadding="2">
  288. <tr>
  289. <!-- body_text //-->
  290. <?php if ($action == '')
  291. { ?>
  292. <!-- search -->
  293. <td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
  294. <tr>
  295. <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
  296. <tr><?php echo zen_draw_form('search', FILENAME_ORDERS, '', 'get', '', true); ?>
  297. <td width="65%" class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
  298. <td colspan="2" class="smallText" align="right">
  299. <?php
  300. // show reset search
  301. if ((isset($_GET['search']) && zen_not_null($_GET['search'])) or $_GET['cID'] !='')
  302. {
  303. echo '<a href="' . zen_href_link(FILENAME_ORDERS, '', 'NONSSL') . '">' . zen_image_button('button_reset.gif', IMAGE_RESET) . '</a><br />';
  304. }
  305. ?>
  306. <?php
  307. echo HEADING_TITLE_SEARCH_DETAIL . ' ' . zen_draw_input_field('search') . zen_hide_session_id();
  308. if (isset($_GET['search']) && zen_not_null($_GET['search']))
  309. {
  310. $keywords = zen_db_input(zen_db_prepare_input($_GET['search']));
  311. echo '<br/ >' . TEXT_INFO_SEARCH_DETAIL_FILTER . $keywords;
  312. }
  313. ?>
  314. </td>
  315. </form>
  316. <?php echo zen_draw_form('search_orders_products', FILENAME_ORDERS, '', 'get', '', true); ?>
  317. <td class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
  318. <td colspan="2" class="smallText" align="right">
  319. <?php
  320. // show reset search orders_products
  321. if ((isset($_GET['search_orders_products']) && zen_not_null($_GET['search_orders_products'])) or $_GET['cID'] !='')
  322. {
  323. echo '<a href="' . zen_href_link(FILENAME_ORDERS, '', 'NONSSL') . '">' . zen_image_button('button_reset.gif', IMAGE_RESET) . '</a><br />';
  324. }
  325. ?>
  326. <?php
  327. echo HEADING_TITLE_SEARCH_DETAIL_ORDERS_PRODUCTS . ' ' . zen_draw_input_field('search_orders_products') . zen_hide_session_id();
  328. if (isset($_GET['search_orders_products']) && zen_not_null($_GET['search_orders_products']))
  329. {
  330. $keywords_orders_products = zen_db_input(zen_db_prepare_input($_GET['search_orders_products']));
  331. echo '<br/ >' . TEXT_INFO_SEARCH_DETAIL_FILTER_ORDERS_PRODUCTS . zen_db_prepare_input($keywords_orders_products);
  332. }
  333. ?>
  334. </td>
  335. </form>
  336. </table></td>
  337. </tr>
  338. <!-- search -->
  339. <?php } ?>
  340. <?php
  341. if (($action == 'edit') && ($order_exists == true))
  342. {
  343. $order = new order($oID);
  344. if ($order->info['payment_module_code'])
  345. {
  346. if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php'))
  347. {
  348. require(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
  349. require(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
  350. $module = new $order->info['payment_module_code'];
  351. // echo $module->admin_notification($oID);
  352. }
  353. }
  354. ?>
  355. <tr>
  356. <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
  357. <tr>
  358. <td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
  359. <td class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
  360. <td class="pageHeading" align="right"><?php echo '<a href="javascript:history.back()">' . zen_image_button('button_back.gif', IMAGE_BACK) . '</a>'; ?></td>
  361. </tr>
  362. </table></td>
  363. </tr>
  364. <tr>
  365. <td><table width="100%" border="0" cellspacing="0" cellpadding="2">
  366. <tr>
  367. <td colspan="3"><?php echo zen_draw_separator(); ?></td>
  368. </tr>
  369. <tr>
  370. <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">
  371. <tr>
  372. <td class="main" valign="top"><strong><?php echo ENTRY_CUSTOMER; ?></strong></td>
  373. <td class="main"><?php echo zen_address_format($order->customer['format_id'], $order->customer, 1, '', '<br />'); ?></td>
  374. </tr>
  375. <tr>
  376. <td colspan="2"><?php echo zen_draw_separator('pixel_trans.gif', '1', '5'); ?></td>
  377. </tr>
  378. <tr>
  379. <td class="main"><strong><?php echo ENTRY_TELEPHONE_NUMBER; ?></strong></td>
  380. <td class="main"><?php echo $order->customer['telephone']; ?></td>
  381. </tr>
  382. <tr>
  383. <td class="main"><strong><?php echo ENTRY_EMAIL_ADDRESS; ?></strong></td>
  384. <td class="main"><?php echo '<a href="mailto:' . $order->customer['email_address'] . '">' . $order->customer['email_address'] . '</a>'; ?></td>
  385. </tr>
  386. <tr>
  387. <td class="main"><strong><?php echo TEXT_INFO_IP_ADDRESS; ?></strong></td>
  388. <td class="main"><?php echo $order->info['ip_address']; ?></td>
  389. </tr>
  390. </table></td>
  391. <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">
  392. <tr>
  393. <td class="main" valign="top"><strong><?php echo ENTRY_SHIPPING_ADDRESS; ?></strong></td>
  394. <td class="main"><?php echo zen_address_format($order->delivery['format_id'], $order->delivery, 1, '', '<br />'); ?></td>
  395. </tr>
  396. </table></td>
  397. <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">
  398. <tr>
  399. <td class="main" valign="top"><strong><?php echo ENTRY_BILLING_ADDRESS; ?></strong></td>
  400. <td class="main"><?php echo zen_address_format($order->billing['format_id'], $order->billing, 1, '', '<br />'); ?></td>
  401. </tr>
  402. </table></td>
  403. </tr>
  404. </table></td>
  405. </tr>
  406. <tr>
  407. <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  408. </tr>
  409. <tr>
  410. <td class="main"><strong><?php echo ENTRY_ORDER_ID . $orderid; ?></strong></td>
  411. </tr>
  412. <tr>
  413. <td><table border="0" cellspacing="0" cellpadding="2">
  414. <tr>
  415. <td class="main"><strong><?php echo ENTRY_DATE_PURCHASED; ?></strong></td>
  416. <td class="main"><?php echo zen_date_long($order->info['date_purchased']); ?></td>
  417. </tr>
  418. <tr>
  419. <td class="main"><strong><?php echo ENTRY_PAYMENT_METHOD; ?></strong></td>
  420. <td class="main"><?php echo $order->info['payment_method']; ?></td>
  421. </tr>
  422. <?php
  423. if (zen_not_null($order->info['cc_type']) || zen_not_null($order->info['cc_owner']) || zen_not_null($order->info['cc_number']))
  424. {
  425. ?>
  426. <tr>
  427. <td colspan="2"><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  428. </tr>
  429. <tr>
  430. <td class="main"><?php echo ENTRY_CREDIT_CARD_TYPE; ?></td>
  431. <td class="main"><?php echo $order->info['cc_type']; ?></td>
  432. </tr>
  433. <tr>
  434. <td class="main"><?php echo ENTRY_CREDIT_CARD_OWNER; ?></td>
  435. <td class="main"><?php echo $order->info['cc_owner']; ?></td>
  436. </tr>
  437. <tr>
  438. <td class="main"><?php echo ENTRY_CREDIT_CARD_NUMBER; ?></td>
  439. <td class="main"><?php echo $order->info['cc_number'] . (zen_not_null($order->info['cc_number']) && !strstr($order->info['cc_number'],'X') && !strstr($order->info['cc_number'],'********') ? '&nbsp;&nbsp;<a href="' . zen_href_link(FILENAME_ORDERS, '&action=mask_cc&oID=' . $oID, 'NONSSL') . '" class="noprint">' . TEXT_MASK_CC_NUMBER . '</a>' : ''); ?><td>
  440. </tr>
  441. <tr>
  442. <td class="main"><?php echo ENTRY_CREDIT_CARD_CVV; ?></td>
  443. <td class="main"><?php echo $order->info['cc_cvv'] . (zen_not_null($order->info['cc_cvv']) && !strstr($order->info['cc_cvv'],TEXT_DELETE_CVV_REPLACEMENT) ? '&nbsp;&nbsp;<a href="' . zen_href_link(FILENAME_ORDERS, '&action=delete_cvv&oID=' . $oID, 'NONSSL') . '" class="noprint">' . TEXT_DELETE_CVV_FROM_DATABASE . '</a>' : ''); ?><td>
  444. </tr>
  445. <tr>
  446. <td class="main"><?php echo ENTRY_CREDIT_CARD_EXPIRES; ?></td>
  447. <td class="main"><?php echo $order->info['cc_expires']; ?></td>
  448. </tr>
  449. <?php
  450. }
  451. ?>
  452. </table></td>
  453. </tr>
  454. <?php
  455. if (method_exists($module, 'admin_notification'))
  456. {
  457. ?>
  458. <tr>
  459. <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  460. </tr>
  461. <tr>
  462. <?php echo $module->admin_notification($oID); ?>
  463. </tr>
  464. <tr>
  465. <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  466. </tr>
  467. <?php
  468. }
  469. ?>
  470. <tr>
  471. <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
  472. <tr class="dataTableHeadingRow">
  473. <td class="dataTableHeadingContent" colspan="2"><?php echo TABLE_HEADING_PRODUCTS; ?></td>
  474. <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_PRODUCTS_MODEL; ?></td>
  475. <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TAX; ?></td>
  476. <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_PRICE_EXCLUDING_TAX; ?></td>
  477. <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_PRICE_INCLUDING_TAX; ?></td>
  478. <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TOTAL_EXCLUDING_TAX; ?></td>
  479. <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TOTAL_INCLUDING_TAX; ?></td>
  480. </tr>
  481. <?php
  482. for ($i=0, $n=sizeof($order->products); $i<$n; $i++)
  483. {
  484. echo ' <tr class="dataTableRow">' . "\n" .
  485. ' <td class="dataTableContent" valign="top" align="right">' . $order->products[$i]['qty'] . '&nbsp;x</td>' . "\n" .
  486. ' <td class="dataTableContent" valign="top">' . $order->products[$i]['name'];
  487. if (isset($order->products[$i]['attributes']) && (sizeof($order->products[$i]['attributes']) > 0))
  488. {
  489. for ($j = 0, $k = sizeof($order->products[$i]['attributes']); $j < $k; $j++)
  490. {
  491. echo '<br /><nobr><small>&nbsp;<i> - ' . $order->products[$i]['attributes'][$j]['option'] . ': ' . nl2br(zen_output_string_protected($order->products[$i]['attributes'][$j]['value']));
  492. if ($order->products[$i]['attributes'][$j]['price'] != '0') echo ' (' . $order->products[$i]['attributes'][$j]['prefix'] . $currencies->format($order->products[$i]['attributes'][$j]['price'] * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) . ')';
  493. if ($order->products[$i]['attributes'][$j]['product_attribute_is_free'] == '1' and $order->products[$i]['product_is_free'] == '1') echo TEXT_INFO_ATTRIBUTE_FREE;
  494. echo '</i></small></nobr>';
  495. }
  496. }
  497. echo ' </td>' . "\n" .
  498. ' <td class="dataTableContent" valign="top">' . $order->products[$i]['model'] . '</td>' . "\n" .
  499. ' <td class="dataTableContent" align="right" valign="top">' . zen_display_tax_value($order->products[$i]['tax']) . '%</td>' . "\n" .
  500. ' <td class="dataTableContent" align="right" valign="top"><strong>' .
  501. $currencies->format($order->products[$i]['final_price'], true, $order->info['currency'], $order->info['currency_value']) .
  502. ($order->products[$i]['onetime_charges'] != 0 ? '<br />' . $currencies->format($order->products[$i]['onetime_charges'], true, $order->info['currency'], $order->info['currency_value']) : '') .
  503. '</strong></td>' . "\n" .
  504. ' <td class="dataTableContent" align="right" valign="top"><strong>' .
  505. $currencies->format(zen_add_tax($order->products[$i]['final_price'], $order->products[$i]['tax']), true, $order->info['currency'], $order->info['currency_value']) .
  506. ($order->products[$i]['onetime_charges'] != 0 ? '<br />' . $currencies->format(zen_add_tax($order->products[$i]['onetime_charges'], $order->products[$i]['tax']), true, $order->info['currency'], $order->info['currency_value']) : '') .
  507. '</strong></td>' . "\n" .
  508. ' <td class="dataTableContent" align="right" valign="top"><strong>' .
  509. $currencies->format($order->products[$i]['final_price'] * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) .
  510. ($order->products[$i]['onetime_charges'] != 0 ? '<br />' . $currencies->format($order->products[$i]['onetime_charges'], true, $order->info['currency'], $order->info['currency_value']) : '') .
  511. '</strong></td>' . "\n" .
  512. ' <td class="dataTableContent" align="right" valign="top"><strong>' .
  513. $currencies->format(zen_add_tax($order->products[$i]['final_price'], $order->products[$i]['tax']) * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) .
  514. ($order->products[$i]['onetime_charges'] != 0 ? '<br />' . $currencies->format(zen_add_tax($order->products[$i]['onetime_charges'], $order->products[$i]['tax']), true, $order->info['currency'], $order->info['currency_value']) : '') .
  515. '</strong></td>' . "\n";
  516. echo ' </tr>' . "\n";
  517. }
  518. ?>
  519. <tr>
  520. <td align="right" colspan="8"><table border="0" cellspacing="0" cellpadding="2">
  521. <?php
  522. for ($i = 0, $n = sizeof($order->totals); $i < $n; $i++)
  523. {
  524. echo ' <tr>' . "\n" .
  525. ' <td align="right" class="'. str_replace('_', '-', $order->totals[$i]['class']) . '-Text">' . $order->totals[$i]['title'] . '</td>' . "\n" .
  526. ' <td align="right" class="'. str_replace('_', '-', $order->totals[$i]['class']) . '-Amount">' . $order->totals[$i]['text'] . '</td>' . "\n" .
  527. ' </tr>' . "\n";
  528. }
  529. ?>
  530. </table></td>
  531. </tr>
  532. </table></td>
  533. </tr>
  534. <?php
  535. // show downloads
  536. require(DIR_WS_MODULES . 'orders_download.php');
  537. ?>
  538. <tr>
  539. <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  540. </tr>
  541. <tr>
  542. <td class="main"><table border="1" cellspacing="0" cellpadding="5">
  543. <tr>
  544. <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_DATE_ADDED; ?></strong></td>
  545. <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_CUSTOMER_NOTIFIED; ?></strong></td>
  546. <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_STATUS; ?></strong></td>
  547. <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_COMMENTS; ?></strong></td>
  548. </tr>
  549. <?php
  550. $orders_history = $db->Execute("select orders_status_id, date_added, customer_notified, comments
  551. from " . TABLE_ORDERS_STATUS_HISTORY . "
  552. where orders_id = '" . zen_db_input($oID) . "'
  553. order by date_added");
  554. if ($orders_history->RecordCount() > 0)
  555. {
  556. while (!$orders_history->EOF)
  557. {
  558. echo ' <tr>' . "\n" .
  559. ' <td class="smallText" align="center">' . zen_datetime_short($orders_history->fields['date_added']) . '</td>' . "\n" .
  560. ' <td class="smallText" align="center">';
  561. if ($orders_history->fields['customer_notified'] == '1')
  562. {
  563. echo zen_image(DIR_WS_ICONS . 'tick.gif', ICON_TICK) . "</td>\n";
  564. } else
  565. {
  566. echo zen_image(DIR_WS_ICONS . 'cross.gif', ICON_CROSS) . "</td>\n";
  567. }
  568. echo ' <td class="smallText">' . $orders_status_array[$orders_history->fields['orders_status_id']] . '</td>' . "\n";
  569. echo ' <td class="smallText">' . nl2br(zen_db_output($orders_history->fields['comments'])) . '&nbsp;</td>' . "\n" .
  570. ' </tr>' . "\n";
  571. $orders_history->MoveNext();
  572. }
  573. } else
  574. {
  575. echo ' <tr>' . "\n" .
  576. ' <td class="smallText" colspan="5">' . TEXT_NO_ORDER_HISTORY . '</td>' . "\n" .
  577. ' </tr>' . "\n";
  578. }
  579. ?>
  580. </table></td>
  581. </tr>
  582. <tr>
  583. <td class="main noprint"><br /><strong><?php echo TABLE_HEADING_COMMENTS; ?></strong></td>
  584. </tr>
  585. <tr>
  586. <td class="noprint"><?php echo zen_draw_separator('pixel_trans.gif', '1', '5'); ?></td>
  587. </tr>
  588. <tr><?php echo zen_draw_form('status', FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=update_order', 'post', '', true); ?>
  589. <td class="main noprint"><?php echo zen_draw_textarea_field('comments', 'soft', '60', '5'); ?></td>
  590. </tr>
  591. <tr>
  592. <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  593. </tr>
  594. <tr>
  595. <td><table border="0" cellspacing="0" cellpadding="2" class="noprint">
  596. <tr>
  597. <td><table border="0" cellspacing="0" cellpadding="2">
  598. <tr>
  599. <td class="main"><strong><?php echo ENTRY_STATUS; ?></strong> <?php echo zen_draw_pull_down_menu('status', $orders_statuses, $order->info['orders_status']); ?></td>
  600. </tr>
  601. <tr>
  602. <td class="main"><strong><?php echo ENTRY_NOTIFY_CUSTOMER; ?></strong> <?php echo zen_draw_checkbox_field('notify', '', true); ?></td>
  603. <td class="main"><strong><?php echo ENTRY_NOTIFY_COMMENTS; ?></strong> <?php echo zen_draw_checkbox_field('notify_comments', '', true); ?></td>
  604. </tr>
  605. </table></td>
  606. <td valign="top"><?php echo zen_image_submit('button_update.gif', IMAGE_UPDATE); ?></td>
  607. </tr>
  608. </table></td>
  609. </form></tr>
  610. <tr>
  611. <td colspan="2" align="right" class="noprint"><?php echo '<a href="' . zen_href_link(FILENAME_ORDERS_INVOICE, 'oID=' . $oID) . '" TARGET="_blank">' . zen_image_button('button_invoice.gif', IMAGE_ORDERS_INVOICE) . '</a> <a href="' . zen_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $oID) . '" TARGET="_blank">' . zen_image_button('button_packingslip.gif', IMAGE_ORDERS_PACKINGSLIP) . '</a> <a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action'))) . '">' . zen_image_button('button_orders.gif', IMAGE_ORDERS) . '</a>'; ?></td>
  612. </tr>
  613. <?php
  614. // check if order has open gv
  615. $gv_check = $db->Execute("select order_id, unique_id
  616. from " . TABLE_COUPON_GV_QUEUE ."
  617. where order_id = '" . $oID . "' and release_flag='N' limit 1");
  618. if ($gv_check->RecordCount() > 0)
  619. {
  620. $goto_gv = '<a href="' . zen_href_link(FILENAME_GV_QUEUE, 'order=' . $oID) . '">' . zen_image_button('button_gift_queue.gif',IMAGE_GIFT_QUEUE) . '</a>';
  621. echo ' <tr><td align="right"><table width="225"><tr>';
  622. echo ' <td align="center">';
  623. echo $goto_gv . '&nbsp;&nbsp;';
  624. echo ' </td>';
  625. echo ' </tr></table></td></tr>';
  626. }
  627. ?>
  628. <?php
  629. } else
  630. {
  631. ?>
  632. <tr>
  633. <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
  634. <tr>
  635. <td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
  636. <td class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
  637. <td align="right"><table border="0" width="100%" cellspacing="0" cellpadding="0">
  638. <tr><?php echo zen_draw_form('orders', FILENAME_ORDERS, '', 'get', '', true); ?>
  639. <td class="smallText" align="right"><?php echo HEADING_TITLE_SEARCH . ' ' . zen_draw_input_field('oID', '', 'size="12"') . zen_draw_hidden_field('action', 'edit') . zen_hide_session_id(); ?></td>
  640. </form></tr>
  641. <tr><?php echo zen_draw_form('status', FILENAME_ORDERS, '', 'get', '', true); ?>
  642. <td class="smallText" align="right">
  643. <?php
  644. echo HEADING_TITLE_STATUS . ' ' . zen_draw_pull_down_menu('status', array_merge(array(array('id' => '', 'text' => TEXT_ALL_ORDERS)), $orders_statuses), $_GET['status'], 'onChange="this.form.submit();"');
  645. echo zen_hide_session_id();
  646. ?>
  647. </td>
  648. </form></tr>
  649. </table></td>
  650. </tr>
  651. </table></td>
  652. </tr>
  653. <tr>
  654. <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
  655. <tr>
  656. <td class="smallText"><?php echo TEXT_LEGEND . ' ' . zen_image(DIR_WS_IMAGES . 'icon_status_red.gif', TEXT_BILLING_SHIPPING_MISMATCH, 10, 10) . ' ' . TEXT_BILLING_SHIPPING_MISMATCH; ?>
  657. </td>
  658. <tr>
  659. <td valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
  660. <tr class="dataTableHeadingRow">
  661. <?php
  662. // Sort Listing
  663. switch ($_GET['list_order'])
  664. {
  665. case "id-asc":
  666. $disp_order = "c.customers_id";
  667. break;
  668. case "firstname":
  669. $disp_order = "c.customers_firstname";
  670. break;
  671. case "firstname-desc":
  672. $disp_order = "c.customers_firstname DESC";
  673. break;
  674. case "lastname":
  675. $disp_order = "c.customers_lastname, c.customers_firstname";
  676. break;
  677. case "lastname-desc":
  678. $disp_order = "c.customers_lastname DESC, c.customers_firstname";
  679. break;
  680. case "company":
  681. $disp_order = "a.entry_company";
  682. break;
  683. case "company-desc":
  684. $disp_order = "a.entry_company DESC";
  685. break;
  686. default:
  687. $disp_order = "c.customers_id DESC";
  688. }
  689. ?>
  690. <td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_ORDERS_ID; ?></td>
  691. <td class="dataTableHeadingContent" align="left" width="50"><?php echo TABLE_HEADING_PAYMENT_METHOD; ?></td>
  692. <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_CUSTOMERS; ?></td>
  693. <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ORDER_TOTAL; ?></td>
  694. <td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_DATE_PURCHASED; ?></td>
  695. <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_STATUS; ?></td>
  696. <td class="dataTableHeadingContent" align="center"><?

Large files files are truncated, but you can click here to view the full file