/application/views/pages/admin/orderssz.php
PHP | 2384 lines | 2314 code | 32 blank | 38 comment | 375 complexity | 0a852678f65ae10305511de64de03287 MD5 | raw file
Large files files are truncated, but you can click here to view the full file
- <?php
- //This code is copyright (c) Internet Business Solutions SL, all rights reserved.
- //The contents of this file are protect under law as the intellectual property of Internet
- //Business Solutions SL. Any use, reproduction, disclosure or copying of any kind
- //without the express and written permission of Internet Business Solutions SL is forbidden.
- //Author: Vince Reid, vince@virtualred.net
- include('init.php');
- include(APPPATH.'views/pages/admin/cartmisc.php');
- include_once(IFZROOT.'kohana.php');
- session_register('order_id_commas');
- $lisuccess=0;
- if(@$dateadjust=="") $dateadjust=0;
- if(@$dateformatstr == "") $dateformatstr = "m/d/Y";
- $admindatestr="Y-m-d";
- if(@$admindateformat=="") $admindateformat=0;
- if($admindateformat==1)
- $admindatestr="m/d/Y";
- elseif($admindateformat==2)
- $admindatestr="d/m/Y";
- if(@$storesessionvalue=="") $storesessionvalue="virtualstore".time();
- if(@$_GET["doedit"]=="true") $doedit=TRUE; else $doedit=FALSE;
- function editfunc($data,$col,$size){
- global $doedit;
- if($doedit) return('<input type="text" id="' . $col . '" name="' . $col . '" value="' . str_replace('"','"',$data) . '" size="' . $size . '">'); else return($data);
- }
- function editnumeric($data,$col,$size){
- global $doedit;
- if($doedit) return('<input type="text" id="' . $col . '" name="' . $col . '" value="' . number_format($data,2,'.','') . '" size="' . $size . '">'); else return(FormatEuroCurrency($data));
- }
- if(@$_SESSION["loggedon"] != $storesessionvalue && trim(@$_COOKIE["WRITECKL"])!=""){
- $config = RBI_Kohana::config('database.default_ifrogz');
- $config = $config['connection'];
- $db=mysql_connect($config['hostname'], $config['username'], $config['password']);
- mysql_select_db($config['database']) or die ('RBI connection failed.</td></tr></table></body></html>');
- $rbiSQL = 'SELECT *
- FROM employee
- WHERE username="'.mysql_real_escape_string(unstripslashes(trim(@$_COOKIE["WRITECKL"]))).'" and password="'.mysql_real_escape_string(unstripslashes(trim(@$_COOKIE["WRITECKP"]))).'"';
- $rs_rbi = mysql_query($rbiSQL);
- if(mysql_num_rows($rs_rbi) > 0) {
- @$_SESSION["loggedon"] = $storesessionvalue;
- }else{
- $lisuccess=2;
- }
- mysql_free_result($rs_rbi);
-
- include(APPPATH.'views/partials/admin/dbconnection.php');
- }
- if(($_SESSION["loggedon"] != $storesessionvalue && $lisuccess!=2) || @$disallowlogin==TRUE) exit();
- if(@$htmlemails==TRUE) $emlNl = "<br />"; else $emlNl="\n";
- if($lisuccess==2){
- ?>
- <table border="0" cellspacing="0" cellpadding="0" width="100%" bgcolor="" align="center">
- <tr>
- <td width="100%">
- <table width="100%" border="0" cellspacing="0" cellpadding="2" bgcolor="">
- <tr>
- <td width="100%" colspan="4" align="center"><p> </p><p> </p>
- <p><strong><?php print $yyOpFai?></strong></p><p> </p>
- <p><?php print $yyCorCoo?> <?php print $yyCorLI?> <a href="/admin/login.php"><?php print $yyClkHer?></a>.</p>
- </td>
- </tr>
- </table>
- </td>
- </tr>
- </table>
- <?php
- }else{
- $success=true;
- $alreadygotadmin = getadminsettings();
- if(@$_POST["updatestatus"]=="1"){
- mysql_query("UPDATE orders SET ordStatusInfo='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["ordStatusInfo"]))) . "' WHERE ordID=" . @$_POST["orderid"]) or print(mysql_error());
- }elseif(@$_GET["id"] != ""){
- if(@$_POST["delccdets"] != ""){
- mysql_query("UPDATE orders SET ordCNum='' WHERE ordID=" . @$_GET["id"]);
- }
- $sSQL = "SELECT cartProdId,cartProdName,cartProdPrice,cartQuantity,cartID FROM cart WHERE cartOrderID=" . $_GET["id"];
- $allorders = mysql_query($sSQL) or print(mysql_error());
- }else{
- // Delete old uncompleted orders.
- if($delccafter != 0){
- $sSQL = "UPDATE orders SET ordCNum='' WHERE ordDate<'" . date("Y-m-d H:i:s", time()-($delccafter*60*60*24)) . "'";
- mysql_query($sSQL) or print(mysql_error());
- }
- if($delAfter != 0){
- $sSQL = "SELECT cartOrderID,cartID FROM cart WHERE cartCompleted=0 AND cartDateAdded<'" . date("Y-m-d H:i:s", time()-($delAfter*60*60*24)) . "'";
- $result = mysql_query($sSQL) or print(mysql_error());
- if(mysql_num_rows($result)>0){
- $delStr="";
- $delOptions="";
- $addcomma = "";
- while($rs = mysql_fetch_assoc($result)){
- $delStr .= $addcomma . $rs["cartOrderID"];
- $delOptions .= $addcomma . $rs["cartID"];
- $addcomma = ",";
- }
- mysql_query("DELETE FROM orders WHERE ordID IN (" . $delStr . ")") or print(mysql_error());
- mysql_query("DELETE FROM cartoptions WHERE coCartID IN (" . $delOptions . ")") or print(mysql_error());
- mysql_query("DELETE FROM cart WHERE cartID IN (" . $delOptions . ")") or print(mysql_error());
- }
- mysql_free_result($result);
- }else{
- $sSQL = "SELECT cartOrderID,cartID FROM cart WHERE cartCompleted=0 AND cartOrderID=0 AND cartDateAdded<'" . date("Y-m-d H:i:s", time()-(3*60*60*24)) . "'";
- $result = mysql_query($sSQL) or print(mysql_error());
- if(mysql_num_rows($result)>0){
- $delStr="";
- $delOptions="";
- $addcomma = "";
- while($rs = mysql_fetch_assoc($result)){
- $delStr .= $addcomma . $rs["cartOrderID"];
- $delOptions .= $addcomma . $rs["cartID"];
- $addcomma = ",";
- }
- mysql_query("DELETE FROM cartoptions WHERE coCartID IN (" . $delOptions . ")") or print(mysql_error());
- mysql_query("DELETE FROM cart WHERE cartID IN (" . $delOptions . ")") or print(mysql_error());
- }
- mysql_free_result($result);
- }
- $numstatus=0;
- $sSQL = "SELECT statID,statPrivate FROM orderstatus WHERE statPrivate<>'' ORDER BY statID";
- $result = mysql_query($sSQL) or print(mysql_error());
- while($rs = mysql_fetch_assoc($result)){
- $allstatus[$numstatus++]=$rs;
- }
- mysql_free_result($result);
- }
- if(@$_POST["updatestatus"]=="1"){
- ?>
- <script language="JavaScript" type="text/javascript">
- <!--
- setTimeout("history.go(-2);",1100);
- // -->
- </script>
- <table border="0" cellspacing="0" cellpadding="0" width="100%" bgcolor="" align="center">
- <tr>
- <td width="100%">
- <table width="100%" border="0" cellspacing="0" cellpadding="2" bgcolor="">
- <tr>
- <td width="100%" colspan="4" align="center"><br /><strong><?php print $yyUpdSuc?></strong><br /><br /><?php print $yyNowFrd?><br /><br />
- <?php print $yyNoAuto?> <a href="javascript:history.go(-2)"><strong><?php print $yyClkHer?></strong></a>.<br /><br />
- <img src="/lib/images/misc/clearpixel.gif" width="300" height="3" alt="" /></td>
- </tr>
- </table>
- </td>
- </tr>
- </table>
- <?php
- }elseif(@$_POST["doedit"] == "true"){
- $OWSP = "";
- $sSQL = "SELECT ordSessionID FROM orders WHERE ordID='" . $_POST["orderid"] . "'";
- $result = mysql_query($sSQL) or print(mysql_error());
- $rs = mysql_fetch_array($result);
- $thesessionid = $rs["ordSessionID"];
- mysql_free_result($result);
- $sSQL = "UPDATE orders SET ";
- $sSQL .= "ordName='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["name"]))) . "',";
- $sSQL .= "ordAddress='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["address"]))) . "',";
- if(@$useaddressline2==TRUE) $sSQL .= "ordAddress2='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["address2"]))) . "',";
- $sSQL .= "ordCity='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["city"]))) . "',";
- $sSQL .= "ordPoApo='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["APO"]))) . "',";
- $sSQL .= "ordState='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["state"]))) . "',";
- $sSQL .= "ordZip='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["zip"]))) . "',";
- $sSQL .= "ordCountry='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["country"]))) . "',";
- $sSQL .= "ordEmail='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["email"]))) . "',";
- $sSQL .= "ordPhone='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["phone"]))) . "',";
- $sSQL .= "ordShipName='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["sname"]))) . "',";
- $sSQL .= "ordShipAddress='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["saddress"]))) . "',";
- if(@$useaddressline2==TRUE) $sSQL .= "ordShipAddress2='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["saddress2"]))) . "',";
- $sSQL .= "ordShipCity='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["scity"]))) . "',";
- $sSQL .= "ordShipPoApo='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["ShipAPO"]))) . "',";
- $sSQL .= "ordShipState='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["sstate"]))) . "',";
- $sSQL .= "ordShipZip='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["szip"]))) . "',";
- $sSQL .= "ordShipCountry='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["scountry"]))) . "',";
- $sSQL .= "ordShipType='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["shipmethod"]))) . "',";
- $sSQL .= "ordIP='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["ipaddress"]))) . "',";
- $ordComLoc = 0;
- if(trim(@$_POST["commercialloc"])=="Y") $ordComLoc = 1;
- if(trim(@$_POST["wantinsurance"])=="Y") $ordComLoc += 2;
- $sSQL .= "ordComLoc=" . $ordComLoc . ",";
- $sSQL .= "ordAffiliate='" . trim(@$_POST["PARTNER"]) . "',";
- $sSQL .= "ordAddInfo='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["ordAddInfo"]))) . "',";
- $sSQL .= "ordStatusInfo='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["ordStatusInfo"]))) . "',";
- $sSQL .= "ordSupportInfo='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["ordSupportInfo"]))) . "',";
- $sSQL .= "order_changed='yes',";
- $sSQL .= "ordDiscountText='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["discounttext"]))) . "',";
- $sSQL .= "ordExtra1='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["ordextra1"]))) . "',";
- $sSQL .= "ordExtra2='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["ordextra2"]))) . "',";
- $sSQL .= "ordShipping='" . mysql_real_escape_string(trim(@$_POST["ordShipping"])) . "',";
- $sSQL .= "ordStateTax='" . mysql_real_escape_string(trim(@$_POST["ordStateTax"])) . "',";
- $sSQL .= "ordCountryTax='" . mysql_real_escape_string(trim(@$_POST["ordCountryTax"])) . "',";
- if(@$canadataxsystem==TRUE) $sSQL .= "ordHSTTax='" . mysql_real_escape_string(trim(@$_POST["ordHSTTax"])) . "',";
- $sSQL .= "ordDiscount='" . mysql_real_escape_string(trim(@$_POST["ordDiscount"])) . "',";
- $sSQL .= "ordHandling='" . mysql_real_escape_string(trim(@$_POST["ordHandling"])) . "',";
- $sSQL .= "ordAuthNumber='" . mysql_real_escape_string(trim(@$_POST["ordAuthNumber"])) . "',";
- $sSQL .= "ordTransID='" . mysql_real_escape_string(trim(@$_POST["ordTransID"])) . "',";
- $sSQL .= "ordTotal='" . mysql_real_escape_string(trim(@$_POST["ordtotal"])) . "',";
- $sSQL .= "ord_cert_amt='" . mysql_real_escape_string(trim(@$_POST["ord_cert_amt"])) . "'";
- $sSQL .= " WHERE ordID='" . $_POST["orderid"] . "'";
- mysql_query($sSQL) or print(mysql_error());
- foreach($_POST as $objItem => $objValue){
- //print $objItem . " : " . $objValue . "<br>";
- if(substr($objItem,0,6)=="prodid"){
- $idno = (int)substr($objItem, 6);
- $cartid = trim(@$_POST["cartid" . $idno]);
- $prodid = trim(@$_POST["prodid" . $idno]);
- $quant = trim(@$_POST["quant" . $idno]);
- $theprice = trim(@$_POST["price" . $idno]);
- $prodname = trim(@$_POST["prodname" . $idno]);
- $delitem = trim(@$_POST["del_" . $idno]);
- if($delitem=="yes"){
- mysql_query("DELETE FROM cart WHERE cartID=" . $cartid) or print(mysql_error());
- mysql_query("DELETE FROM cartoptions WHERE coCartID=" . $cartid) or print(mysql_error());
- $cartid = "";
- }elseif($cartid != ""){
- $sSQL = "UPDATE cart SET cartProdID='" . mysql_real_escape_string(trim(unstripslashes($prodid))) . "',cartProdPrice=" . $theprice . ",cartProdName='" . mysql_real_escape_string(trim(unstripslashes($prodname))) . "',cartQuantity=" . $quant . " WHERE cartID=" . $cartid;
- mysql_query($sSQL) or print(mysql_error());
- mysql_query("DELETE FROM cartoptions WHERE coCartID=" . $cartid) or print(mysql_error());
- }else{
- $sSQL = "INSERT INTO cart (cartSessionID,cartProdID,cartQuantity,cartCompleted,cartProdName,cartProdPrice,cartOrderID,cartDateAdded) VALUES (";
- $sSQL .= "'" . $thesessionid . "',";
- $sSQL .= "'" . mysql_real_escape_string(trim(unstripslashes($prodid))) . "',";
- $sSQL .= $quant . ",";
- $sSQL .= "1,";
- $sSQL .= "'" . mysql_real_escape_string(trim(unstripslashes($prodname))) . "',";
- $sSQL .= "'" . $theprice . "',";
- $sSQL .= @$_POST["orderid"] . ",";
- $sSQL .= "'" . date("Y-m-d H:i:s", time() + ($dateadjust*60*60)) . "')";
- mysql_query($sSQL) or print(mysql_error());
- $cartid = mysql_insert_id();
- }
- if($cartid != ""){
- $optprefix = "optn" . $idno . '_';
- $prefixlen = strlen($optprefix);
- foreach($_POST as $kk => $kkval){
- if(substr($kk,0,$prefixlen)==$optprefix && trim($kkval) != ''){
- $optidarr = split('\|', $kkval);
- $optid = $optidarr[0];
- if(@$_POST["v" . $kk] == ""){
- $sSQL="SELECT optID,".getlangid("optGrpName",16).",".getlangid("optName",32)."," . $OWSP . "optPriceDiff,optWeightDiff,optType,optFlags FROM options LEFT JOIN optiongroup ON options.optGroup=optiongroup.optGrpID WHERE optID='" . mysql_real_escape_string($kkval) . "'";
- $result = mysql_query($sSQL) or print(mysql_error());
- if($rs = mysql_fetch_array($result)){
- if(abs($rs["optType"]) != 3){
- $sSQL = "INSERT INTO cartoptions (coCartID,coOptID,coOptGroup,coCartOption,coPriceDiff,coWeightDiff) VALUES (" . $cartid . "," . $rs["optID"] . ",'" . mysql_real_escape_string($rs[getlangid("optGrpName",16)]) . "','" . mysql_real_escape_string($rs[getlangid("optName",32)]) . "',";
- $sSQL .= $optidarr[1] . ",0)";
- }else
- $sSQL = "INSERT INTO cartoptions (coCartID,coOptID,coOptGroup,coCartOption,coPriceDiff,coWeightDiff) VALUES (" . $cartid . "," . $rs["optID"] . ",'" . mysql_real_escape_string($rs[getlangid("optGrpName",16)]) . "','',0,0)";
- mysql_query($sSQL) or print(mysql_error());
- }
- mysql_free_result($result);
- }else{
- $sSQL="SELECT optID,".getlangid("optGrpName",16).",".getlangid("optName",32)." FROM options LEFT JOIN optiongroup ON options.optGroup=optiongroup.optGrpID WHERE optID='" . mysql_real_escape_string($kkval) . "'";
- $result = mysql_query($sSQL) or print(mysql_error());
- $rs = mysql_fetch_array($result);
- $sSQL = "INSERT INTO cartoptions (coCartID,coOptID,coOptGroup,coCartOption,coPriceDiff,coWeightDiff) VALUES (" . $cartid . "," . $rs["optID"] . ",'" . mysql_real_escape_string($rs[getlangid("optGrpName",16)]) . "','" . mysql_real_escape_string(unstripslashes(trim(@$_POST["v" . $kk]))) . "',0,0)";
- mysql_query($sSQL) or print(mysql_error());
- mysql_free_result($result);
- }
- }
- }
- }
- }
- }
- ?>
- <script language="JavaScript" type="text/javascript">
- <!--
- setTimeout("history.go(-2);",1100);
- // -->
- </script>
- <table border="0" cellspacing="0" cellpadding="0" width="100%" bgcolor="" align="center">
- <tr>
- <td width="100%">
- <table width="100%" border="0" cellspacing="0" cellpadding="2" bgcolor="">
- <tr>
- <td width="100%" colspan="4" align="center"><br /><strong><?php print $yyUpdSuc?></strong><br /><br /><?php print $yyNowFrd?><br /><br />
- <?php print $yyNoAuto?> <a href="javascript:history.go(-2)"><strong><?php print $yyClkHer?></strong></a>.<br /><br />
- <img src="/lib/images/misc/clearpixel.gif" width="300" height="3" alt="" /></td>
- </tr>
- </table>
- </td>
- </tr>
- </table>
- <?php
- }elseif(@$_GET["id"] != ""){
- $statetaxrate=0;
- $countrytaxrate=0;
- $hsttaxrate=0;
- $countryorder=0;
- $sSQL = "SELECT ordID,ordName,ordAddress,ordAddress2,ordCity,ordState,ordZip,ordCountry,ordEmail,ordPhone,ordShipName,ordShipAddress,ordShipAddress2,ordShipCity,ordShipState,ordShipZip,ordShipCountry,ordPayProvider,ordAuthNumber,ordTransID,ordTotal,ordDate,ordStateTax,ordCountryTax,ordHSTTax,ordShipping,ordShipType,ordIP,ordAffiliate,ordDiscount,ordHandling,ordDiscountText,ordComLoc,ordExtra1,ordExtra2,ordAddInfo,ordCNum,ordStatusInfo,ordSupportInfo,order_changed,ordStatus,ord_cert_amt,ord_cert_id,ordPoApo,ordShipPoApo,ordEID FROM orders LEFT JOIN payprovider ON payprovider.payProvID=orders.ordPayProvider WHERE ordID='" . $_GET["id"] . "'";
- $result = mysql_query($sSQL) or print(mysql_error());
- $alldata = mysql_fetch_array($result);
- $alldata["ordDate"] = strtotime($alldata["ordDate"]);
- mysql_free_result($result);
- if($doedit){
- print '<form method="post" name="editform" action="/admin/orderssz.php" onsubmit="return confirmedit()"><input type="hidden" name="orderid" value="' . $_GET["id"] . '" /><input type="hidden" name="doedit" value="true" />';
- $overridecurrency=TRUE;
- $orcsymbol="";
- $orcdecplaces=2;
- $orcpreamount=TRUE;
- $orcdecimals=".";
- $orcthousands="";
- }
- ?>
- <script language="JavaScript" type="text/javascript" src="http://assets.ifrogz.com/lib/packages/scriptaculous-js/1.5.1/prototype.js"></script>
- <script language="JavaScript" type="text/javascript" src="http://assets.ifrogz.com/lib/packages/scriptaculous-js/1.5.1/scriptaculous.js"></script>
- <script language="JavaScript" type="text/javascript">
- <!--
- var newwin="";
- var plinecnt=0;
- function openemailpopup(id) {
- popupWin = window.open('/admin/popupemail.php?'+id,'emailpopup','menubar=no, scrollbars=no, width=300, height=250, directories=no,location=no,resizable=yes,status=no,toolbar=no')
- }
- function updateoptions(id){
- prodid = document.getElementById('prodid'+id).value;
- if(prodid != ''){
- newwin = window.open('/admin/popupemail.php?prod='+prodid+'&index='+id,'updateopts','menubar=no, scrollbars=no, width=50, height=40, directories=no,location=no,resizable=yes,status=no,toolbar=no');
- }
- return(false);
- }
- function extraproduct(plusminus){
- var productspan=document.getElementById('productspan');
- if(plusminus=='+'){
- productspan.innerHTML=productspan.innerHTML.replace(/<!--NEXTPRODUCTCOMMENT-->/,'<!--PLINE'+plinecnt+'--><tr><td valign="top"><input type="button" value="..." onclick="updateoptions('+(plinecnt+1000)+')"> <input name="prodid'+(plinecnt+1000)+'" size="18" id="prodid'+(plinecnt+1000)+'"></td><td valign="top"><input type="text" id="prodname'+(plinecnt+1000)+'" name="prodname'+(plinecnt+1000)+'" size="24"></td><td><span id="optionsspan'+(plinecnt+1000)+'">-</span></td><td valign="top"><input type="text" id="quant'+(plinecnt+1000)+'" name="quant'+(plinecnt+1000)+'" size="5" value="1"></td><td valign="top"><input type="text" id="price'+(plinecnt+1000)+'" name="price'+(plinecnt+1000)+'" value="0" size="7"><br /><input type="hidden" id="optdiffspan'+(plinecnt+1000)+'" value="0"></td><td> </td></tr><!--PLINEEND'+plinecnt+'--><!--NEXTPRODUCTCOMMENT-->');
- plinecnt++;
- }else{
- if(plinecnt>0){
- plinecnt--;
- var restr = '<!--PLINE'+plinecnt+'-->(.|\\n)+<!--PLINEEND'+plinecnt+'-->';
- //alert(restr);
- var re = new RegExp(restr);
- productspan.innerHTML=productspan.innerHTML.replace(re,'');
- }
- }
- }
- function confirmedit(){
- if(confirm('<?php print str_replace("'","\'",$yyChkRec)?>'))
- return(true);
- return(false);
- }
- function checkAIM(frm) {
- if(frm.aim_type.selectedIndex==0) {
- alert("Please choose a transaction type.");
- frm.aim_type.focus();
- return false;
- }else if(frm.aim_txn=='') {
- alert("A transaction number is required.");
- frm.aim_txn.focus();
- return false;
- }else if(frm.aim_amt=='') {
- alert("Please enter an amount.");
- frm.aim_amt.focus();
- return false;
- }
-
- return true;
- }
- function toggleTXN() {
- if($('div_trans').style.display=='' || $('div_trans').style.display==undefined) {
- //$('div_trans').style.display = 'none';
- Effect.BlindUp('div_trans');
- $('btn_add_txn').value = 'Credit or Void';
- }else if($('div_trans').style.display=='none') {
- //$('div_trans').style.display = '';
- Effect.BlindDown('div_trans');
- $('btn_add_txn').value = 'Hide Credit or Void';
- }
- }
- function toggleCharge() {
- if($('div_charge').style.display=='' || $('div_charge').style.display==undefined) {
- //$('div_charge').style.display = 'none';
- Effect.BlindUp('div_charge');
- $('btn_charge').value = 'Charge CC';
- }else if($('div_charge').style.display=='none') {
- //$('div_charge').style.display = '';
- Effect.BlindDown('div_charge');
- $('btn_charge').value = 'Hide Charge CC';
- }
- }
- function togglePrcAdd() {
- if($('div_prc_add').style.display=='' || $('div_prc_add').style.display==undefined) {
- //$('div_charge').style.display = 'none';
- Effect.BlindUp('div_prc_add');
- $('btn_prc_add').value = 'Add Price Adjustment';
- }else if($('div_prc_add').style.display=='none') {
- //$('div_charge').style.display = '';
- Effect.BlindDown('div_prc_add');
- $('btn_prc_add').value = 'Hide Price Adjustment';
- }
- }
- //-->
- </script>
- <style type="text/css">
- a img{
- border: 0;
- }
- </style>
- <table border="0" cellspacing="0" cellpadding="0" width="100%" bgcolor="" align="center">
- <tr>
- <td width="100%">
- <table width="100%" border="0" cellspacing="0" cellpadding="2" bgcolor="">
- <?php if($isprinter && @$invoiceheader != ""){ ?>
- <tr>
- <td colspan="6"><?php print $invoiceheader?></td>
- </tr>
- <?php } ?>
- <tr <? //if(!empty($alldata["ordEID"])) echo 'bgcolor="#FA6561"'?>>
- <td colspan="6" align="center"><strong><?php print $xxOrdNum . " " . $alldata["ordID"] . "<br /><br />" . date($dateformatstr, $alldata["ordDate"]) . " " . date("H:i", $alldata["ordDate"])?></strong></td>
- </tr>
- <?php if($isprinter && @$invoiceaddress != ""){ ?>
- <tr>
- <td colspan="6"><?php print $invoiceaddress?></td>
- </tr>
- <?php } ?>
- <?php if(trim(@$extraorderfield1)!=""){ ?>
- <tr>
- <td width="23%" align="right"><strong><?php print $extraorderfield1 ?>:</strong></td>
- <td align="left" colspan="5"><?php print editfunc($alldata["ordExtra1"],"ordextra1",25)?></td>
- </tr>
- <?php } ?>
- <tr>
- <td width="23%" align="right"><strong><?php print $xxName?>:</strong></td>
- <td colspan="3" align="left"><?php print editfunc($alldata["ordName"],"name",25)?></td>
- <td width="25%" align="right">
- <strong><?php print $xxEmail?>:</strong></td>
- <td width="24%" align="left"><?php
- if($isprinter || $doedit) print editfunc($alldata["ordEmail"],"email",25); else print '<a href="mailto:' . $alldata["ordEmail"] . '">' . $alldata["ordEmail"] . '</a>';?></td>
- </tr>
- <tr>
- <td align="right"><strong><?php print $xxAddress?>:</strong></td>
- <td colspan="3" align="left"<?php if(@$useaddressline2==TRUE) print ' colspan="3"'?>><?php print editfunc($alldata["ordAddress"],"address",25)?></td>
- <?php if(@$useaddressline2==TRUE){ ?>
- </tr>
- <tr>
- <td align="right"><strong><?php print $xxAddress2?>:</strong></td>
- <td colspan="3" align="left"><?php print editfunc($alldata["ordAddress2"],"address2",25)?></td>
- <?php } ?>
- <td align="right"><strong><?php print $xxCity?>:</strong></td>
- <td align="left"><?php print editfunc($alldata["ordCity"],"city",25)?></td>
- </tr>
- <tr>
- <td align="right"><strong><?php print $xxAllSta?>:</strong></td>
- <td align="left"><?php print editfunc($alldata["ordState"],"state",25)?></td>
- <td align="right"><strong>APO/PO:</strong></td>
- <td align="left"><input <?php if (!(strcmp($alldata["ordPoApo"],1))) {echo "checked=\"checked\"";} ?> <? if($doedit) echo ''; else echo 'disabled="disabled"'; ?> name="APO" type="checkbox" value="1" /></td>
- <td align="right"><strong><?php print $xxCountry?>:</strong></td>
- <td align="left"><?php
- if($doedit){
- $foundmatch=FALSE;
- print '<select name="country" size="1">';
- $sSQL = "SELECT countryName,countryTax,countryOrder FROM countries ORDER BY countryOrder DESC, countryName";
- $result = mysql_query($sSQL) or print(mysql_error());
- while($rs2 = mysql_fetch_array($result)){
- print '<option value="' . str_replace('"','"',$rs2["countryName"]) . '"';
- if($alldata["ordCountry"]==$rs2["countryName"]){
- print ' selected';
- $foundmatch=TRUE;
- $countrytaxrate=$rs2["countryTax"];
- $countryorder=$rs2["countryOrder"];
- }
- print '>' . $rs2["countryName"] . "</option>\r\n"; }
- mysql_free_result($result);
- if(! $foundmatch) print '<option value="' . str_replace('"','"',$alldata["ordCountry"]) . '" selected>' . $alldata["ordCountry"] . "</option>\r\n";
- print '</select>';
- if($countryorder==2){
- $sSQL = "SELECT stateTax FROM states WHERE stateAbbrev='" . mysql_real_escape_string($alldata["ordState"]) . "'";
- $result = mysql_query($sSQL) or print(mysql_error());
- if($rs2 = mysql_fetch_array($result))
- $statetaxrate = $rs2["stateTax"];
- }
- if($alldata["ordStateTax"]==0)$statetaxrate=0;
- }else
- print $alldata["ordCountry"];?></td>
- </tr>
- <tr>
- <td align="right"><strong><?php print $xxZip?>:</strong></td>
- <td colspan="3" align="left"><?php print editfunc($alldata["ordZip"],"zip",15)?></td>
- <td align="right"><strong><?php print $xxPhone?>:</strong></td>
- <td align="left"><?php print editfunc($alldata["ordPhone"],"phone",25)?></td>
- </tr>
- <?php if(trim(@$extraorderfield2)!=""){ ?>
- <tr>
- <td align="right"><strong><?php print @$extraorderfield2 ?>:</strong></td>
- <td align="left" colspan="5"><?php print editfunc($alldata["ordExtra2"],"ordextra2",25)?></td>
- </tr>
- <?php } ?>
- <?php if(! $isprinter){ ?>
- <tr>
- <td align="right"><strong>IP Address:</strong></td>
- <td colspan="3" align="left"><?php print editfunc($alldata["ordIP"],"ipaddress",15)?></td>
- <td align="right"><strong><?php print $yyAffili?>:</strong></td>
- <td align="left"><?php print editfunc($alldata["ordAffiliate"],"PARTNER",15)?></td>
- </tr>
- <?php }
- if(trim($alldata["ordDiscountText"])!=""){ ?>
- <tr>
- <td align="right" valign="top"><strong><?php print $xxAppDs?>:</strong></td>
- <td align="left" colspan="5"><?php print editfunc($alldata["ordDiscountText"],"discounttext",25)?></td>
- </tr>
- <?php }
- if(trim($alldata["ordShipName"]) != "" || trim($alldata["ordShipAddress"]) != "" || trim($alldata["ordShipCity"]) != "" || $doedit){ ?>
- <tr>
- <td align="center" colspan="6"><strong><?php print $xxShpDet?>.</strong></td>
- </tr>
- <tr>
- <td align="right"><strong><?php print $xxName?>:</strong></td>
- <td align="left" colspan="5"><?php print editfunc($alldata["ordShipName"],"sname",25)?></td>
- </tr>
- <tr>
- <td align="right"><strong><?php print $xxAddress?>:</strong></td>
- <td colspan="3" align="left"<?php if(@$useaddressline2==TRUE) print ' colspan="3"'?>><?php print editfunc($alldata["ordShipAddress"],"saddress",25)?></td>
- <?php if(@$useaddressline2==TRUE){ ?>
- </tr>
- <tr>
- <td align="right"><strong><?php print $xxAddress2?>:</strong></td>
- <td colspan="3" align="left"><?php print editfunc($alldata["ordShipAddress2"],"saddress2",25)?></td>
- <?php } ?>
- <td align="right"><strong><?php print $xxCity?>:</strong></td>
- <td align="left"><?php print editfunc($alldata["ordShipCity"],"scity",25)?></td>
- </tr>
- <tr>
- <td align="right"><strong><?php print $xxAllSta?>:</strong></td>
- <td align="left"><?php print editfunc($alldata["ordShipState"],"sstate",25)?></td>
- <td align="right"><strong>APO/PO:</strong></td>
- <td align="left"><input name="ShipAPO" type="checkbox" id="ShipAPO" value="1" <?php if (!(strcmp($alldata["ordShipPoApo"],1))) {echo "checked=\"checked\"";} ?> <? if($doedit) echo ''; else echo 'disabled="disabled"'; ?> /></td>
- <td align="right"><strong><?php print $xxCountry?>:</strong></td>
- <td align="left"><?php
- if($doedit){
- if(trim($alldata["ordShipName"]) != "" || trim($alldata["ordShipAddress"]) != "") $usingshipcountry=TRUE; else $usingshipcountry=FALSE;
- $foundmatch=FALSE;
- print '<select name="scountry" size="1">';
- $sSQL = "SELECT countryName,countryTax,countryOrder FROM countries ORDER BY countryOrder DESC, countryName";
- $result = mysql_query($sSQL) or print(mysql_error());
- while($rs2 = mysql_fetch_array($result)){
- print '<option value="' . str_replace('"','"',$rs2["countryName"]) . '"';
- if($alldata["ordShipCountry"]==$rs2["countryName"]){
- print ' selected';
- $foundmatch=TRUE;
- if($usingshipcountry) $countrytaxrate=$rs2["countryTax"];
- $countryorder=$rs2["countryOrder"];
- }
- print '>' . $rs2["countryName"] . "</option>\r\n"; }
- mysql_free_result($result);
- if(! $foundmatch) print '<option value="' . str_replace('"','"',$alldata["ordShipCountry"]) . '" selected>' . $alldata["ordShipCountry"] . "</option>\r\n";
- print '</select>';
- if($countryorder==2 && $usingshipcountry){
- $sSQL = "SELECT stateTax FROM states WHERE stateName='" . mysql_real_escape_string($alldata["ordShipState"]) . "'";
- $result = mysql_query($sSQL) or print(mysql_error());
- if($rs2 = mysql_fetch_array($result))
- $statetaxrate = $rs2["stateTax"];
- }
- }else
- print $alldata["ordShipCountry"]?></td>
- </tr>
- <tr>
- <td align="right"><strong><?php print $xxZip?>:</strong></td>
- <td align="left" colspan="5"><?php print editfunc($alldata["ordShipZip"],"szip",15)?></td>
- </tr>
- <?php }
- if($alldata["ordShipType"] != "" || $alldata["ordComLoc"]>0 || $doedit){ ?>
- <tr>
- <td align="right"><strong><?php print $xxShpMet?>:</strong></td>
- <td colspan="3" align="left"><?php print editfunc($alldata["ordShipType"],"shipmethod",25);
- if(! $doedit && ($alldata["ordComLoc"]&2)==2) print $xxWtIns?></td>
- <td align="right"><strong><?php print $xxCLoc?>:</strong></td>
- <td align="left"><?php if($doedit){
- print '<select name="commercialloc" size="1">';
- print '<option value="N">' . $yyNo . '</option>';
- print '<option value="Y"' . (($alldata["ordComLoc"]&1)==1 ? ' selected' : '') . '>' . $yyYes . '</option>';
- print '</select>';
- }else{
- if(($alldata["ordComLoc"]&1)==1) print $yyYes; else print $yyNo;
- }?></td>
- </tr>
- <?php if($doedit){ ?>
- <tr>
- <td align="right"><strong><?php print $xxShpIns?>:</strong></td>
- <td align="left" colspan="5"><?php
- print '<select name="wantinsurance" size="1">';
- print '<option value="N">' . $yyNo . '</option>';
- print '<option value="Y"' . (($alldata["ordComLoc"]&2)==2 ? ' selected' : '') . '>' . $yyYes . '</option>';
- print '</select>';
- ?></td>
- </tr>
- <?php }
- }
- $ordAuthNumber = trim($alldata["ordAuthNumber"]);
- $ordTransID = trim($alldata["ordTransID"]);
- if(! $isprinter && ($ordAuthNumber != "" || $ordTransID != "" || $doedit)){ ?>
- <tr>
- <td align="right"><strong><?php print $yyAutCod?>:</strong></td>
- <td colspan="3" align="left"><?php print editfunc($ordAuthNumber,"ordAuthNumber",15) ?></td>
- <td align="right"><strong><?php print $yyTranID?>:</strong></td>
- <td align="left"><?php print editfunc($ordTransID,"ordTransID",15) ?></td>
- </tr>
- <?php }
- // BOL#s ADDED BY CHAD JUL 27,06
- $sql_bol = "SELECT * FROM bol WHERE ordID = " . $alldata["ordID"];
- $res_bol = mysql_query($sql_bol) or print(mysql_error());
- if(mysql_num_rows($res_bol) > 0) {
- $row_bol = mysql_fetch_assoc($res_bol);
- ?>
- <tr>
- <td align="right"><strong>Express BOL#:</strong></td>
- <td colspan="3"><?=$row_bol['exBOL']?></td>
- <?php
- if(!empty($row_bol['smBOL'])) {
- ?>
- <td align="right"><strong>Smart Mail BOL#:</strong></td>
- <td><?=$row_bol['smBOL']?></td>
- <?php
- }
- if(!empty($row_bol['gmBOL'])) {
- ?>
- <td align="right"><strong>Global Mail BOL#:</strong></td>
- <td><?=$row_bol['gmBOL']?></td>
- <?php
- }
- ?>
- </tr>
- <?php
- }
- // ADD ENDED
- $ordAddInfo = Trim($alldata["ordAddInfo"]);
- if($ordAddInfo != "" || $doedit){ ?>
- <tr>
- <td align="right" valign="top"><strong><?php print $xxAddInf?>:</strong></td>
- <td align="left" colspan="5"><?php
- if($doedit)
- print '<textarea name="ordAddInfo" cols="50" rows="4" wrap=virtual>' . $ordAddInfo . '</textarea>';
- else
- print str_replace(array("\r\n","\n"),array("<br />","<br />"),$ordAddInfo); ?></td>
- </tr>
- <?php }
- if(! $isprinter){
- if(! $doedit) print '<form method="post" action="/admin/orderssz.php"><input type="hidden" name="updatestatus" value="1" /><input type="hidden" name="orderid" value="' . @$_GET["id"] . '" />';
- ?> <tr>
- <td align="right" valign="top"><strong><?php print $yyStaInf?>:</strong></td>
- <td align="left" colspan="5"><?php print $alldata["ordStatusInfo"]?> </td>
- </tr>
- <? if($doedit) { ?>
- <tr>
- <td align="right" valign="top"><strong><?php print $yySupInf?>:</strong></td>
- <td align="left" colspan="5"><textarea name="ordSupportInfo" cols="50" rows="4" wrap=virtual><?php print $alldata["ordSupportInfo"]?></textarea> <?php if(! $doedit) print '<input type="submit" value="' . $yyUpdate . '" />'?></td>
- </tr>
- <? } ?>
- <?php if(($alldata["ordPayProvider"]==3 || $alldata["ordPayProvider"]==13) && $alldata["ordAuthNumber"] != ""){ ?>
- <tr>
- <td align="center" colspan="6"> </td>
- </tr>
- <?php }
- if(! $doedit) print '</form>';
- if((int)$alldata["ordPayProvider"]==10){ ?>
- <tr>
- <td align="center" colspan="6"><hr width="50%"> </td>
- </tr>
- <?php if(@$_SERVER["HTTPS"] != "on" && (@$_SERVER["SERVER_PORT"] != "443") && @$nochecksslserver != TRUE){ ?>
- <tr>
- <td align="center" colspan="6"><strong><font color="#FF0000">You do not appear to be viewing this page on a secure (https) connection. Credit card information cannot be shown.</font></strong></td>
- </tr>
- <?php }else{
- $ordCNum = $alldata["ordCNum"];
- if($ordCNum != ""){
- $cnumarr = "";
- $encryptmethod = strtolower(@$encryptmethod);
- if($encryptmethod=="none"){
- $cnumarr = explode("&",$ordCNum);
- }elseif($encryptmethod=="mcrypt"){
- if(@$mcryptalg == "") $mcryptalg = MCRYPT_BLOWFISH;
- $td = mcrypt_module_open($mcryptalg, '', 'cbc', '');
- $thekey = @$ccencryptkey;
- $thekey = substr($thekey, 0, mcrypt_enc_get_key_size($td));
- $cnumarr = explode(" ", $ordCNum);
- $iv = @$cnumarr[0];
- $iv = @pack("H" . strlen($iv), $iv);
- $ordCNum = @pack("H" . strlen(@$cnumarr[1]), @$cnumarr[1]);
- mcrypt_generic_init($td, $thekey, $iv);
- $cnumarr = explode("&", mdecrypt_generic($td, $ordCNum));
- mcrypt_generic_deinit($td);
- mcrypt_module_close($td);
- }else{
- print '<tr><td colspan="4">WARNING: $encryptmethod is not set. Please see http://www.ecommercetemplates.com/phphelp/ecommplus/parameters.asp#encryption</td></tr>';
- }
- } ?>
- <tr>
- <td align="right" colspan="4"><strong><?php print $xxCCName?>:</strong></td>
- <td align="left" colspan="2"><?php
- if(@$encryptmethod!=""){
- if(is_array(@$cnumarr)) print URLDecode(@$cnumarr[4]);
- } ?></td>
- </tr>
- <tr>
- <td align="right" colspan="4"><strong><?php print $yyCarNum?>:</strong></td>
- <td align="left" colspan="2"><?php
- if($ordCNum != ""){
- if(is_array($cnumarr)) print $cnumarr[0];
- }else{
- print "(no data)";
- } ?></td>
- </tr>
- <tr>
- <td align="right" colspan="4"><strong><?php print $yyExpDat?>:</strong></td>
- <td align="left" colspan="2"><?php
- if(@$encryptmethod!=""){
- if(is_array(@$cnumarr)) print @$cnumarr[1];
- } ?></td>
- </tr>
- <tr>
- <td align="right" colspan="4"><strong>CVV Code:</strong></td>
- <td align="left" colspan="2"><?php
- if(@$encryptmethod!=""){
- if(is_array(@$cnumarr)) print @$cnumarr[2];
- } ?></td>
- </tr>
- <tr>
- <td align="right" colspan="4"><strong>Issue Number:</strong></td>
- <td align="left" colspan="2"><?php
- if(@$encryptmethod!=""){
- if(is_array(@$cnumarr)) print @$cnumarr[3];
- } ?></td>
- </tr>
- <?php if($ordCNum != "" && !$doedit){ ?>
- <form method=POST action="/admin/orderssz.php?id=<?php print $_GET["id"]?>">
- <input type="hidden" name="delccdets" value="<?php print $_GET["id"]?>" />
- <tr>
- <td align="center" colspan="6"><input type=submit value="<?php print $yyDelCC?>" /></td>
- </tr>
- </form>
- <?php }
- }
- }
- } // isprinter ?>
- <tr>
- <td align="center" colspan="6"> <br /></td>
- </tr>
- </table>
- <span id="productspan">
- <table width="100%" border="1" cellspacing="0" cellpadding="4" bordercolor="#999999" style="border-collapse: collapse">
- <tr>
- <td><strong><?php print $xxPrId?></strong></td>
- <td><strong><?php print $xxPrNm?></strong></td>
- <td><strong><?php print $xxPrOpts?></strong></td>
- <td><strong><?php print $xxQuant?></strong></td>
- <td><strong><?php if($doedit) print $xxUnitPr; else print $xxPrice?></strong></td>
- <?php if($doedit) print '<td align="center"><strong>DEL</strong></td>' ?>
- </tr>
- <?php
- $totoptpricediff = 0;
- if(mysql_num_rows($allorders)>0){
- $totoptpricediff = 0;
- $rowcounter=0;
- while($rsOrders = mysql_fetch_assoc($allorders)){
- $optpricediff = 0;
- ?>
- <tr>
- <td valign="top" nowrap><?php if($doedit) print '<input type="button" value="..." onclick="updateoptions(' . $rowcounter . ')"> <input type="hidden" name="cartid' . $rowcounter . '" value="' . str_replace('"','"',$rsOrders["cartID"]) . '" />'?><strong><?php print editfunc($rsOrders["cartProdId"],'prodid' . $rowcounter,18)?></strong></td>
- <td valign="top">
- <?php print editfunc($rsOrders["cartProdName"],'prodname' . $rowcounter,24)?><br />
- <?
- $sql_cert="SELECT cert_id,cert_code FROM certificates WHERE cert_order_id=".$_GET["id"]." AND cert_prod_id='".$rsOrders["cartProdId"]."'";
- //echo $sql_cert;
- $result_cert=mysql_query($sql_cert);
- if(mysql_num_rows($result_cert)>0) {
- while($row_cert=mysql_fetch_assoc($result_cert)){?>
- <stong>(<?=$row_cert['cert_code']?>)</strong> <a href="/admin/certs.php?mode=1&sbcode=<?=$row_cert['cert_id']?>">view</a> | <a href="/admin/certs.php?mode=2&sbcode=<?=$row_cert['cert_id']?>">history</a><br />
- <? }
- }?>
- <?
- $sql_down="SELECT * FROM digitaldownloads WHERE orderID=".$_GET["id"]." AND type='".$rsOrders["cartProdId"]."'";
- //echo $sql_cert;
- $result_down=mysql_query($sql_down);
- if(mysql_num_rows($result_down)>0) {?>
- <ol style="margin:2px;">
- <? while($row_down=mysql_fetch_assoc($result_down)){?>
-
- <li style="margin:1px; font-weight:bold;">License ID: <?=$row_down['licenseID']?><br />
- Password: <?=$row_down['password']?></li>
- <? } ?>
- </ol>
- <? }?>
- </td>
- <td valign="top"><?php
- if($doedit) print '<span id="optionsspan' . $rowcounter . '">';
- $sSQL = "SELECT coOptGroup,coCartOption,coPriceDiff,coOptID,optGroup,coExtendShipping FROM cartoptions LEFT JOIN options ON cartoptions.coOptID=options.optID WHERE coCartID=" . $rsOrders["cartID"] . " ORDER BY coID";
- $result = mysql_query($sSQL) or print(mysql_error());
- if(mysql_num_rows($result) > 0){
- if($doedit) print '<table border="0" cellspacing="0" cellpadding="1" width="100%">';
- while($rs2 = mysql_fetch_array($result)){
- if($doedit){
- print '<tr><td align="right"><strong>' . $rs2["coOptGroup"] . ':</strong></td><td>';
- if(is_null($rs2["optGroup"])){
- print 'xxxxxx';
- }else{
- $sSQL="SELECT optID," . getlangid("optName",32) . ",optPriceDiff,optType,optFlags,optStock,optPriceDiff AS optDims FROM options INNER JOIN optiongroup ON options.optGroup=optiongroup.optGrpID WHERE optGroup=" . $rs2["optGroup"] . ' ORDER BY optID';
- $result2 = mysql_query($sSQL) or print(mysql_error());
- if($rsl = mysql_fetch_assoc($result2)){
- if(abs($rsl["optType"])==2){
- print '<select onchange="dorecalc(true)" name="optn' . $rowcounter . '_' . $rs2["coOptID"] . '" id="optn' . $rowcounter . '_' . $rs2["coOptID"] . '" size="1">';
- do {
- print '<option value="' . $rsl["optID"] . "|" . (($rsl["optFlags"] & 1) == 1 ? ($rsOrders["cartProdPrice"]*$rsl["optPriceDiff"])/100.0 : $rsl["optPriceDiff"]) . '"';
- if($rsl["optID"]==$rs2["coOptID"]) print ' selected';
- print '>' . $rsl[getlangid("optName",32)];
- if((double)$rsl["optPriceDiff"] != 0){
- print ' ';
- if((double)$rsl["optPriceDiff"] > 0) print '+';
- if(($rsl["optFlags"] & 1) == 1)
- print number_format(($rsOrders["cartProdPrice"]*$rsl["optPriceDiff"])/100.0,2,'.','');
- else
- print number_format($rsl["optPriceDiff"],2,'.','');
- }
- print '</option>';
- } while($rsl = mysql_fetch_array($result2));
- print '</select>';
- }else{
- print "<input type='hidden' name='optn" . $rowcounter . '_' . $rs2["coOptID"] . "' value='" . $rsl["optID"] . "' /><textarea wrap='virtual' name='voptn" . $rowcounter . '_' . $rs2["coOptID"] . "' id='voptn". $rowcounter. '_' . $rs2["coOptID"] . "' cols='30' rows='3'>";
- print $rs2["coCartOption"] . '</textarea>';
- }
- }
- }
- print "</td></tr>";
- }else{
- $extend_shipping='';
- if(!empty($rs2["coExtendShipping"])) $extend_shipping=' <span style="color:#FF0000;font-weight:bold;">(This option increases shipping time by '.$rs2["coExtendShipping"]. ' days)</span>';
- print '<strong>' . $rs2["coOptGroup"] . ':</strong> ' . str_replace(array("\r\n","\n"),array("<br />","<br />"),$rs2["coCartOption"]) .$cert_code. $extend_shipping . '<br />';
- }
- if($doedit)
- $optpricediff += $rs2["coPriceDiff"];
- else
- $rsOrders["cartProdPrice"] += $rs2["coPriceDiff"];
- }
- if($doedit) print '</table>';
- }else{
- print '-';
- }
- mysql_free_result($result);
- if($doedit) print '</span>' ?></td>
- <td valign="top"><?php print editfunc($rsOrders["cartQuantity"],'quant' . $rowcounter . '" onchange="dorecalc(true)',5)?></td>
- <td valign="top"><?php if($doedit) print editnumeric($rsOrders["cartProdPrice"],'price' . $rowcounter . '" onchange="dorecalc(true)',7); else print FormatEuroCurrency($rsOrders["cartProdPrice"]*$rsOrders["cartQuantity"])?>
- <?php if($doedit){
- print '<input type="hidden" id="optdiffspan' . $rowcounter . '" value="' . $optpricediff . '">';
- $totoptpricediff += ($optpricediff*$rsOrders["cartQuantity"]);
- }
- ?></td>
- <?php if($doedit) print '<td align="center"><input type="checkbox" name="del_' . $rowcounter . '" id="del_' . $rowcounter . '" value="yes" /></td>' ?>
- </tr>
- <?php $rowcounter++;
- }
- }
- ?>
- <!--NEXTPRODUCTCOMMENT-->
- <?php if($doedit){ ?>
- <tr>
- <td align="right" colspan="4">
- <table width="100%" border="0" cellspacing="0" cellpadding="0">
- <tr>
- <td align="center"><?php if($doedit) print '<input style="width:30px;" type="button" value="-" onclick="extraproduct(\'-\')"> ' . $yyMoProd . ' <input style="width:30px;" type="button" value="+" onclick="extraproduct(\'+\')"> <input type="button" value="' . $yyRecal . '" onclick="dorecalc(false)">'?></td>
- <td align="right"><strong>Options Total:</strong></td>
- </tr>
- </table></td>
- <td align="left" colspan="2"><span id="optdiffspan"><?php print number_format($totoptpricediff, 2, '.', '')?></span></td>
- </tr>
- <?php } ?>
- <tr>
- <td align="right" colspan="4"><strong><?php print $xxOrdTot?>:</strong></td>
- <td align="left"><div id="ordTot"><?php echo sprintf("%.2f",$alldata["ordTotal"]); ?></div><input name="ordtotal" id="ordtotal" type="hidden" value="<?php echo $alldata["ordTotal"] ?>" /></td>
- <?php if($doedit) print '<td align="center"> </td>' ?>
- </tr>
- <?php
- $runTot = $alldata["ordTotal"];
- $sql = "SELECT * FROM price_adj WHERE ordID = " . $_GET['id'] . " ORDER BY ordering";
- $res = mysql_query($sql) or print(mysql_error());
- if(mysql_num_rows($res) > 0) {
- $k=1;
- $prcTot = 0;
- ?>
- <tr>
- <td> </td>
- <td> </td>
- <td> </td>
- <td> </td>
- <td> </td>
- </tr>
- <?php
- while($row=mysql_fetch_assoc($res)) {
- $price = 0;
- $disp_price = 0;
- $amount = '';
-
- if($row['type'] == 'credit') {
- if($row['amt_type'] == 'percentage') {
- $price = $runTot * ($row['amt'] * .01);
- $runTot -= $price;
- $prcTot -= $price;
- $disp_price = '-'.(int)$row['amt'].'%';
- $amount = '-'.money_format("%!.2n",$price);
- }else{
- $price = '$-'.money_format("%!.2n",$row['amt']);
- $runTot -= $row['amt'];
- $prcTot -= $row['amt'];
- $disp_price = $price;
- $amount = '-'.money_format("%!.2n",$row['amt']);
- }
- }else{
- if($row['amt_type'] == 'percentage') {
- $price = $runTot * ($row['amt'] * .01);
- $runTot += $price;
- $prcTot += $price;
- $disp_price = (int)$row['amt'].'%';
- $amount = money_format("%.2n",$price);
- }else{
- $price = money_format("%.2n",$row['amt']);
- $runTot += $row['amt'];
- $prcTot += $row['amt'];
- $disp_price = $price;
- $amount = money_format("%.2n",$row['amt']);
- }
- }
- ?>
- <tr>
- <td colspan="3" style="font-weight: bold; text-align: right">Price Adjustment <?=$k?>:</td>
- <td align="left"<?=(strstr($disp_price,"-"))?' style="color: red"':''?>><?=$disp_price?></td>
- <td align="left"<?=(strstr($disp_price,"-"))?' style="color: red"':''?>><?=$amount?></td>
- </tr>
- <?php
- $k++;
- }
- ?>
- <tr>
- <td> </td>
- <td> </td>
- <td> </td>
- <td> </td>
- <td> </td>
- </tr>
- <?php
- }
- ?>
- <?php if((double)$alldata["ordShipping"]!=0.0 || $doedit){ ?>
- <tr>
- <td align="right" colspan="4"><strong><?php print $xxShippg?>:</strong></td>
- <td align="left"><?php print editnumeric($alldata["ordShipping"],"ordShipping",7)?></td>
- <?php if($doedit) print '<td align="center"> </td>' ?>
- </tr>
- <?php }
- if((double)$alldata["ordHandling"]!=0.0 || $doedit){ ?>
- <tr>
- <td align="right" colspan="4"><strong><?php print $xxHndlg?>:</strong></td>
- <td align="left"><?php print editnumeric($alldata["ordHandling"],"ordHandling",7)?></td>
- <?php if($doedit) print '<td align="center"> </td>' ?>
- </tr>
- <?php }
- if((double)$alldata["ordDiscount"]!=0.0 || $doedit){ ?>
- <tr>
- <td align="right" colspan="4"><strong><?php print $xxDscnts?>:</strong></td>
- <td align="left"><font color="#FF0000"><?php print editnumeric($alldata["ordDiscount"],"ordDiscount",7)?></font></td>
- <?php if($doedit) print '<td align="center"> </td>' ?>
- </tr>
- <?php }
- if((double)$alldata["ord_cert_amt"]!=0.0 || $doedit){
- $sqlcert="SELECT cert_code FROM certificates WHERE cert_id=".$alldata["ord_cert_id"];
- $resultcert=mysql_query($sqlcert);
- $rowcert=mysql_fetch_assoc($resultcert);
- ?>
- <tr>
- <td align="right" colspan="4"><strong><?='('.$rowcert["cert_code"].')'?> <?php print $xxGCerts?>:</strong></td>
- <td align="left"><font color="#FF0000"><?php print editnumeric($alldata["ord_cert_amt"],"ord_cert_amt",7)?></font></td>
- <?php if($doedit) print '<td align="center"> </td>' ?>
- </tr>
- <?php }
- if((double)$alldata["ordStateTax"]!=0.0 || $doedit){ ?>
- <tr>
- <td align="right" colspan="4"><strong><?php print $xxStaTax?>:</strong></td>
- <td align="left"><?php print editnumeric($alldata["ordStateTax"],"ordStateTax",7)//$alldata["ordStateTax"]?></td>
- <?php if($doedit) print '<td align="center" nowrap><input type="text" name="staterate" id="staterate" size="1" value="' . $statetaxrate . '">%</td>' ?>
- </tr>
- <?php }
- if((double)$alldata["ordCountryTax"]!=0.0 || $doedit){ ?>
- <tr>
- <td align="right" colspan="4"><strong><?php print $xxCntTax?>:</strong></td>
- <td align="left"><?php print editnumeric($alldata["ordCountryTax"],"ordCountryTax",7)?></td>
- <?php if($doedit) print '<td align="center" nowrap><input type="text" name="countryrate" id="countryrate" size="1" value="' . $countrytaxrate . '">%</td>' ?>
- </tr>
- <?php }
- if((double)$alldata["ordHSTTax"]!=0.0 || ($doedit && @$canadataxsystem)){ ?>
- <tr>
- <td align="right" colspan="4"><strong><?php print $xxHST?>:</strong></td>
- <td align="left"><?php print editnumeric($alldata["ordHSTTax"],"ordHSTTax",7)?></td>
- <?php if($doedit) print '<td align="center" nowrap><input type="text" name="hstrate" id="hstrate" size="1" value="' . $hsttaxrate . '">%</td>' ?>
- </tr>
- <?php } ?>
- <tr>
- <td align="right" colspan="4"><strong><?php print $xxGndTot?>:</strong></td>
- <td align="left"><span id="grandtotalspan"><?php print FormatEuroCurrency(($alldata["ordTotal"]+$alldata["ordStateTax"]+$alldata["ordCountryTax"]+$alldata["ordHSTTax"]+$alldata["ordShipping"]+$alldata["ordHandling"]+$prcTot)-$alldata["ordDiscount"]-$alldata["ord_cert_amt"])?></span></td>
- <?php if($doedit) print '<td align="center"> </td>' ?>
- </tr>
- </table>
- </span>
- </td>
- </tr>
- <?php if($isprinter && @$invoicefooter != ""){ ?>
- <tr>
- <td width="100%"><?php print $invoicefooter?></td>
- </tr>
- <?php }elseif($doedit){ ?>
- <tr>
- <td align="center" width="100%"> <br /><input type="submit" value="<?php print $yyUpdate?>" /><br /> </td>
- </tr>
- <?php } ?>
- </table>
- <?php
- if($doedit) print '</form>';
- if($doedit){
- // ADDED by Chad Jun-06-06
- // PRICE ADJUSTMENTS
- ?>
-
- <h2><a name="prc_adj"></a>Price Adjustments</h2>
-
- <?php
- if(!empty($_GET['adj_err'])) {
- ?>
- <div style="margin: 5px auto; color: #FF0000; font-weight: bold; text-align: center"><?=$_GET['adj_err']?></div>
- <?php
- }elseif(!empty($_GET['adj_msg'])) {
- ?>
- <div style="margin: 5px auto; color: #009900; font-weight: bold; text-align: center"><?=$_GET['adj_msg']?></div>
- <?php
- }
- ?>
- <table width="95%" cellpadding="3" cellspacing="0" border="1" style="margin: 0 auto 5px auto; border: 1px solid #BFC9E0; border-collapse: collapse">
- <tr style="background-color: #BFC9E0; color: #194C7F">
- <th width="60" style="text-align: center">Type</th>
- <th width="80" style="text-align: center">Amount Type</th>
- <th width="80" style="text-align: center">Amount</th>
- <th width="150" style="text-align: center">Date</th>
- <th>Note</th>
- <?php
- if(strstr($_SESSION['employee']['permissions'],"all") || $_SESSION['employee']['id']==19 || $_SESSION['employee']['id']==12 …
Large files files are truncated, but you can click here to view the full file