PageRenderTime 65ms CodeModel.GetById 31ms RepoModel.GetById 0ms app.codeStats 1ms

/application/views/pages/admin/hksearch.php

https://bitbucket.org/chadsaun/ifrogz-panel
PHP | 2017 lines | 1777 code | 43 blank | 197 comment | 271 complexity | fad700ead043ed0546b9fdc9e42bec87 MD5 | raw file

Large files files are truncated, but you can click here to view the full file

  1. <?php
  2. //This code is copyright (c) Internet Business Solutions SL, all rights reserved.
  3. //The contents of this file are protect under law as the intellectual property of Internet
  4. //Business Solutions SL. Any use, reproduction, disclosure or copying of any kind
  5. //without the express and written permission of Internet Business Solutions SL is forbidden.
  6. //Author: Vince Reid, vince@virtualred.net
  7. include('init.php');
  8. include(APPPATH.'views/pages/admin/cartmisc.php');
  9. include_once(IFZROOT.'kohana.php');
  10. session_register('order_id_commas');
  11. $lisuccess=0;
  12. if(@$dateadjust=="") $dateadjust=0;
  13. if(@$dateformatstr == "") $dateformatstr = "m/d/Y";
  14. $admindatestr="Y-m-d";
  15. if(@$admindateformat=="") $admindateformat=0;
  16. if($admindateformat==1)
  17. $admindatestr="m/d/Y";
  18. elseif($admindateformat==2)
  19. $admindatestr="d/m/Y";
  20. if(@$storesessionvalue=="") $storesessionvalue="virtualstore".time();
  21. $doedit=FALSE;
  22. function editfunc($data,$col,$size){
  23. global $doedit;
  24. if($doedit) return('<input type="text" id="' . $col . '" name="' . $col . '" value="' . str_replace('"','&quot;',$data) . '" size="' . $size . '">'); else return($data);
  25. }
  26. function editnumeric($data,$col,$size){
  27. global $doedit;
  28. if($doedit) return('<input type="text" id="' . $col . '" name="' . $col . '" value="' . number_format($data,2,'.','') . '" size="' . $size . '">'); else return(FormatEuroCurrency($data));
  29. }
  30. if(@$_SESSION["loggedon"] != $storesessionvalue && trim(@$_COOKIE["WRITECKL"])!=""){
  31. $config = RBI_Kohana::config('database.default_ifrogz');
  32. $config = $config['connection'];
  33. $db=mysql_connect($config['hostname'], $config['username'], $config['password']);
  34. mysql_select_db($config['database']) or die ('RBI connection failed.</td></tr></table></body></html>');
  35. $rbiSQL = 'SELECT *
  36. FROM employee
  37. WHERE username="'.mysql_real_escape_string(unstripslashes(trim(@$_COOKIE["WRITECKL"]))).'" and password="'.mysql_real_escape_string(unstripslashes(trim(@$_COOKIE["WRITECKP"]))).'"';
  38. $rs_rbi = mysql_query($rbiSQL);
  39. if(mysql_num_rows($rs_rbi) > 0) {
  40. @$_SESSION["loggedon"] = $storesessionvalue;
  41. }else{
  42. $lisuccess=2;
  43. }
  44. mysql_free_result($rs_rbi);
  45. include(APPPATH.'views/partials/admin/dbconnection.php');
  46. }
  47. if(($_SESSION["loggedon"] != $storesessionvalue && $lisuccess!=2) || @$disallowlogin==TRUE) exit();
  48. if($lisuccess==2){
  49. ?>
  50. <table border="0" cellspacing="0" cellpadding="0" width="100%" bgcolor="" align="center">
  51. <tr>
  52. <td width="100%">
  53. <table width="100%" border="0" cellspacing="0" cellpadding="2" bgcolor="">
  54. <tr>
  55. <td width="100%" colspan="4" align="center"><p>&nbsp;</p><p>&nbsp;</p>
  56. <p><strong><?php print $yyOpFai?></strong></p><p>&nbsp;</p>
  57. <p><?php print $yyCorCoo?> <?php print $yyCorLI?> <a href="/admin/login.php"><?php print $yyClkHer?></a>.</p>
  58. </td>
  59. </tr>
  60. </table>
  61. </td>
  62. </tr>
  63. </table>
  64. <?php
  65. }else{
  66. $success=true;
  67. $alreadygotadmin = getadminsettings();
  68. if(@$_GET["id"] != ""){
  69. $sSQL = "SELECT cartProdId,cartProdName,cartProdPrice,cartQuantity,cartID FROM cart WHERE cartOrderID=" . $_GET["id"];
  70. $allorders = mysql_query($sSQL) or print(mysql_error());
  71. }
  72. $numstatus=0;
  73. $sSQL = "SELECT statID,statPrivate FROM orderstatus WHERE statPrivate<>'' ORDER BY statID";
  74. $result = mysql_query($sSQL) or print(mysql_error());
  75. while($rs = mysql_fetch_assoc($result)){
  76. $allstatus[$numstatus++]=$rs;
  77. }
  78. mysql_free_result($result);
  79. if(@$_GET["id"] != ""){
  80. $statetaxrate=0;
  81. $countrytaxrate=0;
  82. $hsttaxrate=0;
  83. $countryorder=0;
  84. $sSQL = "SELECT ordID,ordName,ordAddress,ordAddress2,ordCity,ordState,ordZip,ordCountry,ordEmail,ordPhone,ordShipName,ordShipAddress,ordShipAddress2,ordShipCity,ordShipState,ordShipZip,ordShipCountry,ordPayProvider,ordAuthNumber,ordTransID,ordTotal,ordDate,ordStateTax,ordCountryTax,ordHSTTax,ordShipping,ordShipType,ordIP,ordAffiliate,ordDiscount,ordHandling,ordDiscountText,ordComLoc,ordExtra1,ordExtra2,ordAddInfo,ordCNum,ordStatusInfo,ordSupportInfo,order_changed,ordStatus,ord_cert_amt,ord_cert_id,ordPoApo,ordShipPoApo,ordEID FROM orders LEFT JOIN payprovider ON payprovider.payProvID=orders.ordPayProvider WHERE ordID='" . $_GET["id"] . "'
  85. AND ordEID!=34";
  86. $result = mysql_query($sSQL) or print(mysql_error());
  87. $alldata = mysql_fetch_array($result);
  88. $alldata["ordDate"] = strtotime($alldata["ordDate"]);
  89. mysql_free_result($result);
  90. if($doedit){
  91. print '<form method="post" name="editform" action="/admin/orders.php" onsubmit="return confirmedit()"><input type="hidden" name="orderid" value="' . $_GET["id"] . '" /><input type="hidden" name="doedit" value="true" />';
  92. $overridecurrency=TRUE;
  93. $orcsymbol="";
  94. $orcdecplaces=2;
  95. $orcpreamount=TRUE;
  96. $orcdecimals=".";
  97. $orcthousands="";
  98. }
  99. ?>
  100. <script language="JavaScript" type="text/javascript" src="http://assets.ifrogz.com/lib/packages/scriptaculous-js/1.5.1/prototype.js"></script>
  101. <script language="JavaScript" type="text/javascript" src="http://assets.ifrogz.com/lib/packages/scriptaculous-js/1.5.1/scriptaculous.js"></script>
  102. <script language="JavaScript" type="text/javascript">
  103. <!--
  104. var newwin="";
  105. var plinecnt=0;
  106. function openemailpopup(id) {
  107. popupWin = window.open('/admin/popupemail.php?'+id,'emailpopup','menubar=no, scrollbars=no, width=300, height=250, directories=no,location=no,resizable=yes,status=no,toolbar=no')
  108. }
  109. function updateoptions(id){
  110. prodid = document.getElementById('prodid'+id).value;
  111. if(prodid != ''){
  112. newwin = window.open('/admin/popupemail.php?prod='+prodid+'&index='+id,'updateopts','menubar=no, scrollbars=no, width=50, height=40, directories=no,location=no,resizable=yes,status=no,toolbar=no');
  113. }
  114. return(false);
  115. }
  116. function extraproduct(plusminus){
  117. var productspan=document.getElementById('productspan');
  118. if(plusminus=='+'){
  119. productspan.innerHTML=productspan.innerHTML.replace(/<!--NEXTPRODUCTCOMMENT-->/,'<!--PLINE'+plinecnt+'--><tr><td valign="top"><input type="button" value="..." onclick="updateoptions('+(plinecnt+1000)+')">&nbsp;<input name="prodid'+(plinecnt+1000)+'" size="18" id="prodid'+(plinecnt+1000)+'"></td><td valign="top"><input type="text" id="prodname'+(plinecnt+1000)+'" name="prodname'+(plinecnt+1000)+'" size="24"></td><td><span id="optionsspan'+(plinecnt+1000)+'">-</span></td><td valign="top"><input type="text" id="quant'+(plinecnt+1000)+'" name="quant'+(plinecnt+1000)+'" size="5" value="1"></td><td valign="top"><input type="text" id="price'+(plinecnt+1000)+'" name="price'+(plinecnt+1000)+'" value="0" size="7"><br /><input type="hidden" id="optdiffspan'+(plinecnt+1000)+'" value="0"></td><td>&nbsp;</td></tr><!--PLINEEND'+plinecnt+'--><!--NEXTPRODUCTCOMMENT-->');
  120. plinecnt++;
  121. }else{
  122. if(plinecnt>0){
  123. plinecnt--;
  124. var restr = '<!--PLINE'+plinecnt+'-->(.|\\n)+<!--PLINEEND'+plinecnt+'-->';
  125. //alert(restr);
  126. var re = new RegExp(restr);
  127. productspan.innerHTML=productspan.innerHTML.replace(re,'');
  128. }
  129. }
  130. }
  131. function confirmedit(){
  132. if(updateClicked) {
  133. if(confirm('<?php print str_replace("'","\'",$yyChkRec)?>'))
  134. return(true);
  135. return(false);
  136. }
  137. if(cloneClicked) {
  138. if(confirm('Are you sure you want to clone this order?'))
  139. return(true);
  140. return(false);
  141. }
  142. }
  143. function checkAIM(frm) {
  144. if(frm.aim_type.selectedIndex==0) {
  145. alert("Please choose a transaction type.");
  146. frm.aim_type.focus();
  147. return false;
  148. }else if(frm.aim_txn=='') {
  149. alert("A transaction number is required.");
  150. frm.aim_txn.focus();
  151. return false;
  152. }else if(frm.aim_amt=='') {
  153. alert("Please enter an amount.");
  154. frm.aim_amt.focus();
  155. return false;
  156. }
  157. return true;
  158. }
  159. function toggleTXN() {
  160. if($('div_trans').style.display=='' || $('div_trans').style.display==undefined) {
  161. //$('div_trans').style.display = 'none';
  162. Effect.BlindUp('div_trans');
  163. $('btn_add_txn').value = 'Credit or Void';
  164. }else if($('div_trans').style.display=='none') {
  165. //$('div_trans').style.display = '';
  166. Effect.BlindDown('div_trans');
  167. $('btn_add_txn').value = 'Hide Credit or Void';
  168. }
  169. }
  170. function toggleCharge() {
  171. if($('div_charge').style.display=='' || $('div_charge').style.display==undefined) {
  172. //$('div_charge').style.display = 'none';
  173. Effect.BlindUp('div_charge');
  174. $('btn_charge').value = 'Charge CC';
  175. }else if($('div_charge').style.display=='none') {
  176. //$('div_charge').style.display = '';
  177. Effect.BlindDown('div_charge');
  178. $('btn_charge').value = 'Hide Charge CC';
  179. }
  180. }
  181. function togglePrcAdd() {
  182. if($('div_prc_add').style.display=='' || $('div_prc_add').style.display==undefined) {
  183. //$('div_charge').style.display = 'none';
  184. Effect.BlindUp('div_prc_add');
  185. $('btn_prc_add').value = 'Add Price Adjustment';
  186. }else if($('div_prc_add').style.display=='none') {
  187. //$('div_charge').style.display = '';
  188. Effect.BlindDown('div_prc_add');
  189. $('btn_prc_add').value = 'Hide Price Adjustment';
  190. }
  191. }
  192. //-->
  193. </script>
  194. <style type="text/css">
  195. a img{
  196. border: 0;
  197. }
  198. </style>
  199. <span id="productspan">
  200. <table width="100%" border="0" cellspacing="0" cellpadding="2" bgcolor="">
  201. <?php if($isprinter && @$invoiceheader != ""){ ?>
  202. <tr>
  203. <td colspan="6"><?php print $invoiceheader?></td>
  204. </tr>
  205. <?php } ?>
  206. <tr <? if(!empty($alldata["ordEID"])) echo 'bgcolor="#FA6561"'?>>
  207. <td colspan="6" align="center"><strong><?php print $xxOrdNum . " " . $alldata["ordID"] . "<br /><br />" . date($dateformatstr, $alldata["ordDate"]) . " " . date("H:i", $alldata["ordDate"])?></strong></td>
  208. </tr>
  209. <?php if($isprinter && @$invoiceaddress != ""){ ?>
  210. <tr>
  211. <td colspan="6"><?php print $invoiceaddress?></td>
  212. </tr>
  213. <?php } ?>
  214. <?php if(trim(@$extraorderfield1)!=""){ ?>
  215. <tr>
  216. <td width="23%" align="right"><strong><?php print $extraorderfield1 ?>:</strong></td>
  217. <td align="left" colspan="5"><?php print editfunc($alldata["ordExtra1"],"ordextra1",25)?></td>
  218. </tr>
  219. <?php } ?>
  220. <tr>
  221. <td width="23%" align="right"><strong><?php print $xxName?>:</strong></td>
  222. <td colspan="3" align="left"><?php print editfunc($alldata["ordName"],"name",25)?></td>
  223. <td width="25%" align="right">
  224. <strong><?php print $xxEmail?>:</strong></td>
  225. <td width="24%" align="left"><?php
  226. if($isprinter || $doedit) print editfunc($alldata["ordEmail"],"email",25); else print '<a href="mailto:' . $alldata["ordEmail"] . '">' . $alldata["ordEmail"] . '</a>';?></td>
  227. </tr>
  228. <tr>
  229. <td align="right"><strong><?php print $xxAddress?>:</strong></td>
  230. <td colspan="3" align="left"<?php if(@$useaddressline2==TRUE) print ' colspan="3"'?>><?php print editfunc($alldata["ordAddress"],"address",25)?></td>
  231. <?php if(@$useaddressline2==TRUE){ ?>
  232. </tr>
  233. <tr>
  234. <td align="right"><strong><?php print $xxAddress2?>:</strong></td>
  235. <td colspan="3" align="left"><?php print editfunc($alldata["ordAddress2"],"address2",25)?></td>
  236. <?php } ?>
  237. <td align="right"><strong><?php print $xxCity?>:</strong></td>
  238. <td align="left"><?php print editfunc($alldata["ordCity"],"city",25)?></td>
  239. </tr>
  240. <tr>
  241. <td align="right"><strong><?php print $xxAllSta?>:</strong></td>
  242. <td align="left"><?php print editfunc($alldata["ordState"],"state",25)?></td>
  243. <td align="right"><strong>APO/PO:</strong></td>
  244. <td align="left"><input <?php if (!(strcmp($alldata["ordPoApo"],1))) {echo "checked=\"checked\"";} ?> <? if($doedit) echo ''; else echo 'disabled="disabled"'; ?> name="APO" type="checkbox" value="1" /></td>
  245. <td align="right"><strong><?php print $xxCountry?>:</strong></td>
  246. <td align="left"><?php
  247. if($doedit){
  248. $foundmatch=FALSE;
  249. print '<select name="country" size="1">';
  250. $sSQL = "SELECT countryName,countryTax,countryOrder FROM countries ORDER BY countryOrder DESC, countryName";
  251. $result = mysql_query($sSQL) or print(mysql_error());
  252. while($rs2 = mysql_fetch_array($result)){
  253. print '<option value="' . str_replace('"','&quot;',$rs2["countryName"]) . '"';
  254. if($alldata["ordCountry"]==$rs2["countryName"]){
  255. print ' selected';
  256. $foundmatch=TRUE;
  257. $countrytaxrate=$rs2["countryTax"];
  258. $countryorder=$rs2["countryOrder"];
  259. }
  260. print '>' . $rs2["countryName"] . "</option>\r\n"; }
  261. mysql_free_result($result);
  262. if(! $foundmatch) print '<option value="' . str_replace('"','&quot;',$alldata["ordCountry"]) . '" selected>' . $alldata["ordCountry"] . "</option>\r\n";
  263. print '</select>';
  264. if($countryorder==2){
  265. $sSQL = "SELECT stateTax FROM states WHERE stateAbbrev='" . mysql_real_escape_string($alldata["ordState"]) . "'";
  266. $result = mysql_query($sSQL) or print(mysql_error());
  267. if($rs2 = mysql_fetch_array($result))
  268. $statetaxrate = $rs2["stateTax"];
  269. }
  270. if($alldata["ordStateTax"]==0)$statetaxrate=0;
  271. }else
  272. print $alldata["ordCountry"];?></td>
  273. </tr>
  274. <tr>
  275. <td align="right"><strong><?php print $xxZip?>:</strong></td>
  276. <td colspan="3" align="left"><?php print editfunc($alldata["ordZip"],"zip",15)?></td>
  277. <td align="right"><strong><?php print $xxPhone?>:</strong></td>
  278. <td align="left"><?php print editfunc($alldata["ordPhone"],"phone",25)?></td>
  279. </tr>
  280. <?php if(trim(@$extraorderfield2)!=""){ ?>
  281. <tr>
  282. <td align="right"><strong><?php print @$extraorderfield2 ?>:</strong></td>
  283. <td align="left" colspan="5"><?php print editfunc($alldata["ordExtra2"],"ordextra2",25)?></td>
  284. </tr>
  285. <?php } ?>
  286. <?php if(! $isprinter){ ?>
  287. <tr>
  288. <td align="right"><strong>IP Address:</strong></td>
  289. <td colspan="3" align="left"><?php print editfunc($alldata["ordIP"],"ipaddress",15)?></td>
  290. <td align="right"><strong><?php print $yyAffili?>:</strong></td>
  291. <td align="left"><?php print editfunc($alldata["ordAffiliate"],"PARTNER",15)?></td>
  292. </tr>
  293. <?php }
  294. if(trim($alldata["ordDiscountText"])!=""){ ?>
  295. <tr>
  296. <td align="right" valign="top"><strong><?php print $xxAppDs?>:</strong></td>
  297. <td align="left" colspan="5"><?php print editfunc($alldata["ordDiscountText"],"discounttext",25)?></td>
  298. </tr>
  299. <?php }
  300. if(trim($alldata["ordShipName"]) != "" || trim($alldata["ordShipAddress"]) != "" || trim($alldata["ordShipCity"]) != "" || $doedit){ ?>
  301. <tr>
  302. <td align="center" colspan="6"><strong><?php print $xxShpDet?>.</strong></td>
  303. </tr>
  304. <tr>
  305. <td align="right"><strong><?php print $xxName?>:</strong></td>
  306. <td align="left" colspan="5"><?php print editfunc($alldata["ordShipName"],"sname",25)?></td>
  307. </tr>
  308. <tr>
  309. <td align="right"><strong><?php print $xxAddress?>:</strong></td>
  310. <td colspan="3" align="left"<?php if(@$useaddressline2==TRUE) print ' colspan="3"'?>><?php print editfunc($alldata["ordShipAddress"],"saddress",25)?></td>
  311. <?php if(@$useaddressline2==TRUE){ ?>
  312. </tr>
  313. <tr>
  314. <td align="right"><strong><?php print $xxAddress2?>:</strong></td>
  315. <td colspan="3" align="left"><?php print editfunc($alldata["ordShipAddress2"],"saddress2",25)?></td>
  316. <?php } ?>
  317. <td align="right"><strong><?php print $xxCity?>:</strong></td>
  318. <td align="left"><?php print editfunc($alldata["ordShipCity"],"scity",25)?></td>
  319. </tr>
  320. <tr>
  321. <td align="right"><strong><?php print $xxAllSta?>:</strong></td>
  322. <td align="left"><?php print editfunc($alldata["ordShipState"],"sstate",25)?></td>
  323. <td align="right"><strong>APO/PO:</strong></td>
  324. <td align="left"><input name="ShipAPO" type="checkbox" id="ShipAPO" value="1" <?php if (!(strcmp($alldata["ordShipPoApo"],1))) {echo "checked=\"checked\"";} ?> <? if($doedit) echo ''; else echo 'disabled="disabled"'; ?>></td>
  325. <td align="right"><strong><?php print $xxCountry?>:</strong></td>
  326. <td align="left"><?php
  327. if($doedit){
  328. if(trim($alldata["ordShipName"]) != "" || trim($alldata["ordShipAddress"]) != "") $usingshipcountry=TRUE; else $usingshipcountry=FALSE;
  329. $foundmatch=FALSE;
  330. print '<select name="scountry" size="1">';
  331. $sSQL = "SELECT countryName,countryTax,countryOrder FROM countries ORDER BY countryOrder DESC, countryName";
  332. $result = mysql_query($sSQL) or print(mysql_error());
  333. while($rs2 = mysql_fetch_array($result)){
  334. print '<option value="' . str_replace('"','&quot;',$rs2["countryName"]) . '"';
  335. if($alldata["ordShipCountry"]==$rs2["countryName"]){
  336. print ' selected';
  337. $foundmatch=TRUE;
  338. if($usingshipcountry) $countrytaxrate=$rs2["countryTax"];
  339. $countryorder=$rs2["countryOrder"];
  340. }
  341. print '>' . $rs2["countryName"] . "</option>\r\n"; }
  342. mysql_free_result($result);
  343. if(! $foundmatch) print '<option value="' . str_replace('"','&quot;',$alldata["ordShipCountry"]) . '" selected>' . $alldata["ordShipCountry"] . "</option>\r\n";
  344. print '</select>';
  345. if($countryorder==2 && $usingshipcountry){
  346. $sSQL = "SELECT stateTax FROM states WHERE stateName='" . mysql_real_escape_string($alldata["ordShipState"]) . "'";
  347. $result = mysql_query($sSQL) or print(mysql_error());
  348. if($rs2 = mysql_fetch_array($result))
  349. $statetaxrate = $rs2["stateTax"];
  350. }
  351. }else
  352. print $alldata["ordShipCountry"]?></td>
  353. </tr>
  354. <tr>
  355. <td align="right"><strong><?php print $xxZip?>:</strong></td>
  356. <td align="left" colspan="5"><?php print editfunc($alldata["ordShipZip"],"szip",15)?></td>
  357. </tr>
  358. <?php }
  359. if($alldata["ordShipType"] != "" || $alldata["ordComLoc"]>0 || $doedit){ ?>
  360. <tr>
  361. <td align="right"><strong><?php print $xxShpMet?>:</strong></td>
  362. <td colspan="3" align="left"><?php
  363. if($doedit && $alldata["ordStatus"]<=3){
  364. print editfunc($alldata["ordShipType"],"shipmethod",25);?>
  365. <a href="javascript:void(0);" onclick="$('shipmethod').value='Standard';">Standard</a> <a href="javascript:void(0);" onclick="$('shipmethod').value='FedEx Express';">FedEx</a> <a href="javascript:void(0);" onclick="$('shipmethod').value='International';">Int</a>
  366. <? }else{
  367. echo $alldata["ordShipType"].'<input type="hidden" name="shipmethod" value="'.$alldata["ordShipType"].'" />';
  368. }
  369. if(! $doedit && ($alldata["ordComLoc"]&2)==2) print $xxWtIns?>
  370. </td>
  371. <td align="right"><strong><?php print $xxCLoc?>:</strong></td>
  372. <td align="left"><?php if($doedit){
  373. print '<select name="commercialloc" size="1">';
  374. print '<option value="N">' . $yyNo . '</option>';
  375. print '<option value="Y"' . (($alldata["ordComLoc"]&1)==1 ? ' selected' : '') . '>' . $yyYes . '</option>';
  376. print '</select>';
  377. }else{
  378. if(($alldata["ordComLoc"]&1)==1) print $yyYes; else print $yyNo;
  379. }?></td>
  380. </tr>
  381. <?php if($doedit){ ?>
  382. <tr>
  383. <td align="right"><strong><?php print $xxShpIns?>:</strong></td>
  384. <td align="left" colspan="5"><?php
  385. print '<select name="wantinsurance" size="1">';
  386. print '<option value="N">' . $yyNo . '</option>';
  387. print '<option value="Y"' . (($alldata["ordComLoc"]&2)==2 ? ' selected' : '') . '>' . $yyYes . '</option>';
  388. print '</select>';
  389. ?></td>
  390. </tr>
  391. <?php }
  392. }
  393. $ordAuthNumber = trim($alldata["ordAuthNumber"]);
  394. $ordTransID = trim($alldata["ordTransID"]);
  395. if(! $isprinter && ($ordAuthNumber != "" || $ordTransID != "" || $doedit)){ ?>
  396. <tr>
  397. <td align="right"><strong><?php print $yyAutCod?>:</strong></td>
  398. <td colspan="3" align="left"><?php print editfunc($ordAuthNumber,"ordAuthNumber",15) ?></td>
  399. <td align="right"><strong><?php print $yyTranID?>:</strong></td>
  400. <td align="left"><?php print editfunc($ordTransID,"ordTransID",15) ?></td>
  401. </tr>
  402. <?php }
  403. // BOL#s ADDED BY CHAD JUL 27,06
  404. $sql_bol = "SELECT * FROM bol WHERE ordID = " . $alldata["ordID"];
  405. $res_bol = mysql_query($sql_bol) or print(mysql_error());
  406. if(mysql_num_rows($res_bol) > 0) {
  407. $row_bol = mysql_fetch_assoc($res_bol);
  408. ?>
  409. <tr>
  410. <td align="right"><strong>Express BOL#:</strong></td>
  411. <td colspan="3"><?=$row_bol['exBOL']?></td>
  412. <?php
  413. if(!empty($row_bol['smBOL'])) {
  414. ?>
  415. <td align="right"><strong>Smart Mail BOL#:</strong></td>
  416. <td><?=$row_bol['smBOL']?></td>
  417. <?php
  418. }
  419. if(!empty($row_bol['gmBOL'])) {
  420. ?>
  421. <td align="right"><strong>Global Mail BOL#:</strong></td>
  422. <td><?=$row_bol['gmBOL']?></td>
  423. <?php
  424. }
  425. ?>
  426. </tr>
  427. <?php
  428. }
  429. // ADD ENDED
  430. $ordAddInfo = Trim($alldata["ordAddInfo"]);
  431. if($ordAddInfo != "" || $doedit){ ?>
  432. <tr>
  433. <td align="right" valign="top"><strong><?php print $xxAddInf?>:</strong></td>
  434. <td align="left" colspan="5"><?php
  435. if($doedit)
  436. print '<textarea name="ordAddInfo" cols="50" rows="4" wrap=virtual>' . $ordAddInfo . '</textarea>';
  437. else
  438. print str_replace(array("\r\n","\n"),array("<br />","<br />"),$ordAddInfo); ?></td>
  439. </tr>
  440. <?php }
  441. if(! $isprinter){
  442. if(! $doedit) print '<form method="post" action="/admin/orders.php"><input type="hidden" name="updatestatus" value="1" /><input type="hidden" name="orderid" value="' . @$_GET["id"] . '" />';
  443. ?>
  444. <tr>
  445. <td align="right" valign="top"><strong><?php print $yyStaInf?>:</strong></td>
  446. <td align="left" colspan="5"><textarea name="ordStatusInfo" cols="50" rows="4" wrap="virtual"><?php print $alldata["ordStatusInfo"]?></textarea>
  447. <?php if(! $doedit) print '<input type="submit" value="' . $yyUpdate . '" />'?></td>
  448. </tr>
  449. <? if($doedit) { ?>
  450. <tr>
  451. <td align="right" valign="top"><strong><?php print $yySupInf?>:</strong></td>
  452. <td align="left" colspan="5"><textarea name="ordSupportInfo" cols="50" rows="4" wrap="virtual"><?php print $alldata["ordSupportInfo"]?></textarea>
  453. <?php if(! $doedit) print '<input type="submit" value="' . $yyUpdate . '" />'?></td>
  454. </tr>
  455. <? } ?>
  456. <?php if(($alldata["ordPayProvider"]==3 || $alldata["ordPayProvider"]==13) && $alldata["ordAuthNumber"] != ""){ ?>
  457. <!--<tr>
  458. <td align="center" colspan="6">
  459. <input type="button" value="Capture Funds" onclick="javascript:openemailpopup('oid=<?php print $alldata["ordID"]?>')" /> </td>
  460. </tr>-->
  461. <?php }
  462. if(! $doedit) print '</form>';
  463. if((int)$alldata["ordPayProvider"]==10){ ?>
  464. <tr>
  465. <td align="center" colspan="6"><hr width="50%" />
  466. </td>
  467. </tr>
  468. <?php if(@$_SERVER["HTTPS"] != "on" && (@$_SERVER["SERVER_PORT"] != "443") && @$nochecksslserver != TRUE){ ?>
  469. <tr>
  470. <td align="center" colspan="6"><strong><font color="#FF0000">You do not appear to be viewing this page on a secure (https) connection. Credit card information cannot be shown.</font></strong></td>
  471. </tr>
  472. <?php }else{
  473. $ordCNum = $alldata["ordCNum"];
  474. if($ordCNum != ""){
  475. $cnumarr = "";
  476. $encryptmethod = strtolower(@$encryptmethod);
  477. if($encryptmethod=="none"){
  478. $cnumarr = explode("&",$ordCNum);
  479. }elseif($encryptmethod=="mcrypt"){
  480. if(@$mcryptalg == "") $mcryptalg = MCRYPT_BLOWFISH;
  481. $td = mcrypt_module_open($mcryptalg, '', 'cbc', '');
  482. $thekey = @$ccencryptkey;
  483. $thekey = substr($thekey, 0, mcrypt_enc_get_key_size($td));
  484. $cnumarr = explode(" ", $ordCNum);
  485. $iv = @$cnumarr[0];
  486. $iv = @pack("H" . strlen($iv), $iv);
  487. $ordCNum = @pack("H" . strlen(@$cnumarr[1]), @$cnumarr[1]);
  488. mcrypt_generic_init($td, $thekey, $iv);
  489. $cnumarr = explode("&", mdecrypt_generic($td, $ordCNum));
  490. mcrypt_generic_deinit($td);
  491. mcrypt_module_close($td);
  492. }else{
  493. print '<tr><td colspan="4">WARNING: $encryptmethod is not set. Please see http://www.ecommercetemplates.com/phphelp/ecommplus/parameters.asp#encryption</td></tr>';
  494. }
  495. } ?>
  496. <tr>
  497. <td align="right" colspan="4"><strong><?php print $xxCCName?>:</strong></td>
  498. <td align="left" colspan="2"><?php
  499. if(@$encryptmethod!=""){
  500. if(is_array(@$cnumarr)) print URLDecode(@$cnumarr[4]);
  501. } ?></td>
  502. </tr>
  503. <tr>
  504. <td align="right" colspan="4"><strong><?php print $yyCarNum?>:</strong></td>
  505. <td align="left" colspan="2"><?php
  506. if($ordCNum != ""){
  507. if(is_array($cnumarr)) print $cnumarr[0];
  508. }else{
  509. print "(no data)";
  510. } ?></td>
  511. </tr>
  512. <tr>
  513. <td align="right" colspan="4"><strong><?php print $yyExpDat?>:</strong></td>
  514. <td align="left" colspan="2"><?php
  515. if(@$encryptmethod!=""){
  516. if(is_array(@$cnumarr)) print @$cnumarr[1];
  517. } ?></td>
  518. </tr>
  519. <tr>
  520. <td align="right" colspan="4"><strong>CVV Code:</strong></td>
  521. <td align="left" colspan="2"><?php
  522. if(@$encryptmethod!=""){
  523. if(is_array(@$cnumarr)) print @$cnumarr[2];
  524. } ?></td>
  525. </tr>
  526. <tr>
  527. <td align="right" colspan="4"><strong>Issue Number:</strong></td>
  528. <td align="left" colspan="2"><?php
  529. if(@$encryptmethod!=""){
  530. if(is_array(@$cnumarr)) print @$cnumarr[3];
  531. } ?></td>
  532. </tr>
  533. <?php if($ordCNum != "" && !$doedit){ ?>
  534. <form method="post" action="/admin/orders.php?id=<?php print $_GET["id"]?>">
  535. <input type="hidden" name="delccdets" value="<?php print $_GET["id"]?>" />
  536. <tr>
  537. <td align="center" colspan="6"><input name="submit" type="submit" value="<?php print $yyDelCC?>" /></td>
  538. </tr>
  539. </form>
  540. <?php }
  541. }
  542. }
  543. } // isprinter ?>
  544. <tr>
  545. <td align="center" colspan="6">&nbsp;<br /></td>
  546. </tr>
  547. </table>
  548. <tr>
  549. <table width="100%" border="1" cellspacing="0" cellpadding="4" bordercolor="#999999" style="border-collapse: collapse">
  550. <tr>
  551. <td><strong><?php print $xxPrId?></strong></td>
  552. <td><strong><?php print $xxPrNm?></strong></td>
  553. <td><strong><?php print $xxPrOpts?></strong></td>
  554. <td><strong><?php print $xxQuant?></strong></td>
  555. <td><strong>&nbsp;</strong></td>
  556. <?php if($doedit) print '<td align="center"><strong>DEL</strong></td>' ?>
  557. </tr>
  558. <?php
  559. $totoptpricediff = 0;
  560. if(mysql_num_rows($allorders)>0){
  561. $totoptpricediff = 0;
  562. $rowcounter=0;
  563. while($rsOrders = mysql_fetch_assoc($allorders)){
  564. $optpricediff = 0;
  565. ?>
  566. <tr>
  567. <td valign="top" nowrap><?php if($doedit) print '<input type="button" value="..." onclick="updateoptions(' . $rowcounter . ')">&nbsp;<input type="hidden" name="cartid' . $rowcounter . '" value="' . str_replace('"','&quot;',$rsOrders["cartID"]) . '" />'?><strong><?php print editfunc($rsOrders["cartProdId"],'prodid' . $rowcounter,18)?></strong></td>
  568. <td valign="top">
  569. <?php print editfunc($rsOrders["cartProdName"],'prodname' . $rowcounter,24)?><br />
  570. <?
  571. $sql_cert="SELECT cert_id,cert_code FROM certificates WHERE cert_order_id=".$_GET["id"]." AND cert_prod_id='".$rsOrders["cartProdId"]."'";
  572. //echo $sql_cert;
  573. $result_cert=mysql_query($sql_cert);
  574. if(mysql_num_rows($result_cert)>0) {
  575. while($row_cert=mysql_fetch_assoc($result_cert)){?>
  576. <stong>(<?=$row_cert['cert_code']?>)</strong> <a href="/admin/certs.php?mode=1&amp;sbcode=<?=$row_cert['cert_id']?>">view</a> | <a href="/admin/certs.php?mode=2&amp;sbcode=<?=$row_cert['cert_id']?>">history</a><br />
  577. <? }
  578. }?>
  579. <?
  580. $sql_down="SELECT * FROM digitaldownloads WHERE orderID=".$_GET["id"]." AND type='".$rsOrders["cartProdId"]."'";
  581. //echo $sql_cert;
  582. $result_down=mysql_query($sql_down);
  583. if(mysql_num_rows($result_down)>0) {?>
  584. <ol style="margin:2px;">
  585. <? while($row_down=mysql_fetch_assoc($result_down)){?>
  586. <li style="margin:1px; font-weight:bold;">License ID: <?=$row_down['licenseID']?><br />
  587. Password: <?=$row_down['password']?></li>
  588. <? } ?>
  589. </ol>
  590. <? }?> </td>
  591. <td valign="top"><?php
  592. if($doedit) print '<span id="optionsspan' . $rowcounter . '">';
  593. $sSQL = "SELECT coOptGroup,coCartOption,coPriceDiff,coOptID,optGroup,optStyleID,coExtendShipping,ui.display_image,ui.org_img_name FROM cartoptions LEFT JOIN options ON cartoptions.coOptID=options.optID LEFT JOIN uploaded_images ui ON cartoptions.coCartOption=ui.id WHERE coCartID=" . $rsOrders["cartID"] . " ORDER BY coID";
  594. $result = mysql_query($sSQL) or print(mysql_error());
  595. if(mysql_num_rows($result) > 0){
  596. if($doedit) print '<table border="0" cellspacing="0" cellpadding="1" width="100%">';
  597. while($rs2 = mysql_fetch_array($result)){
  598. $imgsrc='';
  599. $imgname='';
  600. if(!empty($rs2["display_image"])) {
  601. $imgsrc='<br /><img src="/imguploads/img_screen/'.$rs2["display_image"].'.gif" align="top"><div style="font-size:9px;">(If the image does not appear there is a problem with the custom screen upload)</div>';
  602. $imgname='<br />&nbsp;&nbsp;&nbsp;-Image Name: '.$rs2["org_img_name"];
  603. }
  604. if($doedit){
  605. print '<tr><td align="right"><strong>' . $rs2["coOptGroup"] . ':</strong></td><td>';
  606. if(is_null($rs2["optGroup"])){
  607. print 'xxxxxx';
  608. }else{
  609. $sSQL="SELECT optID," . getlangid("optName",32) . ",optPriceDiff,optType,optFlags,optStock,optPriceDiff AS optDims FROM options INNER JOIN optiongroup ON options.optGroup=optiongroup.optGrpID WHERE optGroup=" . $rs2["optGroup"] . ' ORDER BY optID';
  610. $result2 = mysql_query($sSQL) or print(mysql_error());
  611. if($rsl = mysql_fetch_assoc($result2)){
  612. if(abs($rsl["optType"])==2){
  613. print '<select onchange="dorecalc(true)" name="optn' . $rowcounter . '_' . $rs2["coOptID"] . '" id="optn' . $rowcounter . '_' . $rs2["coOptID"] . '" size="1">';
  614. do {
  615. print '<option value="' . $rsl["optID"] . "|" . (($rsl["optFlags"] & 1) == 1 ? ($rsOrders["cartProdPrice"]*$rsl["optPriceDiff"])/100.0 : $rsl["optPriceDiff"]) . '"';
  616. if($rsl["optID"]==$rs2["coOptID"]) print ' selected';
  617. print '>' . $rsl[getlangid("optName",32)];
  618. if((double)$rsl["optPriceDiff"] != 0){
  619. print ' ';
  620. if((double)$rsl["optPriceDiff"] > 0) print '+';
  621. if(($rsl["optFlags"] & 1) == 1)
  622. print number_format(($rsOrders["cartProdPrice"]*$rsl["optPriceDiff"])/100.0,2,'.','');
  623. else
  624. print number_format($rsl["optPriceDiff"],2,'.','');
  625. }
  626. print '</option>';
  627. } while($rsl = mysql_fetch_array($result2));
  628. print '</select>';
  629. }else{
  630. print "<input type='hidden' name='optn" . $rowcounter . '_' . $rs2["coOptID"] . "' value='" . $rsl["optID"] . "' /><textarea wrap='virtual' name='voptn" . $rowcounter . '_' . $rs2["coOptID"] . "' id='voptn". $rowcounter. '_' . $rs2["coOptID"] . "' cols='30' rows='3'>";
  631. print $rs2["coCartOption"] . '</textarea>';
  632. }
  633. }
  634. }
  635. print "</td></tr>";
  636. }else{
  637. $extend_shipping='';
  638. if(!empty($rs2["coExtendShipping"])) $extend_shipping=' <span style="color:#FF0000;font-weight:bold;">(This option increases shipping time by '.$rs2["coExtendShipping"]. ' days)</span>';
  639. print '<strong>' . $rs2["coOptGroup"] . ':</strong> ' . str_replace(array("\r\n","\n"),array("<br />","<br />"),$rs2["coCartOption"]).' ' .$imgname.' '.$imgsrc.$cert_code. $extend_shipping . '<br />';
  640. }
  641. if($doedit)
  642. $optpricediff += $rs2["coPriceDiff"];
  643. else
  644. $rsOrders["cartProdPrice"] += $rs2["coPriceDiff"];
  645. }
  646. if($doedit) print '</table>';
  647. }else{
  648. print '-';
  649. }
  650. mysql_free_result($result);
  651. if($doedit) print '</span>' ?></td>
  652. <td valign="top"><?php print editfunc($rsOrders["cartQuantity"],'quant' . $rowcounter . '" onchange="dorecalc(true)',5)?></td>
  653. <td valign="top"><?php /*?><?php if($doedit) print editnumeric($rsOrders["cartProdPrice"],'price' . $rowcounter . '" onchange="dorecalc(true)',7); else print FormatEuroCurrency($rsOrders["cartProdPrice"]*$rsOrders["cartQuantity"])?>
  654. <?php if($doedit){
  655. print '<input type="hidden" id="optdiffspan' . $rowcounter . '" value="' . $optpricediff . '">';
  656. $totoptpricediff += ($optpricediff*$rsOrders["cartQuantity"]);
  657. }
  658. ?><?php */?></td>
  659. <?php if($doedit) print '<td align="center"><input type="checkbox" name="del_' . $rowcounter . '" id="del_' . $rowcounter . '" value="yes" /></td>' ?>
  660. </tr>
  661. <?php $rowcounter++;
  662. }
  663. }
  664. ?>
  665. <!--NEXTPRODUCTCOMMENT-->
  666. <?php /*?><?php if($doedit){ ?>
  667. <tr>
  668. <td align="right" colspan="4">
  669. <table width="100%" border="0" cellspacing="0" cellpadding="0">
  670. <tr>
  671. <td align="center"><?php if($doedit) print '<input style="width:30px;" type="button" value="-" onclick="extraproduct(\'-\')"> ' . $yyMoProd . ' <input style="width:30px;" type="button" value="+" onclick="extraproduct(\'+\')"> &nbsp; <input type="button" value="' . $yyRecal . '" onclick="dorecalc(false)">'?></td>
  672. <td align="right"><strong>Options Total:</strong></td>
  673. </tr>
  674. </table></td>
  675. <td align="left" colspan="2"><span id="optdiffspan"><?php print number_format($totoptpricediff, 2, '.', '')?></span></td>
  676. </tr>
  677. <?php } ?>
  678. <tr>
  679. <td align="right" colspan="4"><strong><?php print $xxOrdTot?>:</strong></td>
  680. <td align="left"><div id="ordTot"><?php echo sprintf("%.2f",$alldata["ordTotal"]); ?></div><input name="ordtotal" id="ordtotal" type="hidden" value="<?php echo $alldata["ordTotal"] ?>" /></td>
  681. <?php if($doedit) print '<td align="center">&nbsp;</td>' ?>
  682. </tr>
  683. <?php
  684. $runTot = $alldata["ordTotal"];
  685. $sql = "SELECT * FROM price_adj WHERE ordID = " . $_GET['id'] . " ORDER BY ordering";
  686. $res = mysql_query($sql) or print(mysql_error());
  687. if(mysql_num_rows($res) > 0) {
  688. $k=1;
  689. $prcTot = 0;
  690. ?>
  691. <tr>
  692. <td>&nbsp;</td>
  693. <td>&nbsp;</td>
  694. <td>&nbsp;</td>
  695. <td>&nbsp;</td>
  696. <td>&nbsp;</td>
  697. </tr>
  698. <?php
  699. while($row=mysql_fetch_assoc($res)) {
  700. $price = 0;
  701. $disp_price = 0;
  702. $amount = '';
  703. if($row['type'] == 'credit') {
  704. if($row['amt_type'] == 'percentage') {
  705. $price = $runTot * ($row['amt'] * .01);
  706. $runTot -= $price;
  707. $prcTot -= $price;
  708. $disp_price = '-'.(int)$row['amt'].'%';
  709. $amount = '-'.money_format("%!.2n",$price);
  710. }else{
  711. $price = '$-'.money_format("%!.2n",$row['amt']);
  712. $runTot -= $row['amt'];
  713. $prcTot -= $row['amt'];
  714. $disp_price = $price;
  715. $amount = '-'.money_format("%!.2n",$row['amt']);
  716. }
  717. }else{
  718. if($row['amt_type'] == 'percentage') {
  719. $price = $runTot * ($row['amt'] * .01);
  720. $runTot += $price;
  721. $prcTot += $price;
  722. $disp_price = (int)$row['amt'].'%';
  723. $amount = money_format("%.2n",$price);
  724. }else{
  725. $price = money_format("%.2n",$row['amt']);
  726. $runTot += $row['amt'];
  727. $prcTot += $row['amt'];
  728. $disp_price = $price;
  729. $amount = money_format("%.2n",$row['amt']);
  730. }
  731. }
  732. ?>
  733. <tr>
  734. <td colspan="3" style="font-weight: bold; text-align: right">Price Adjustment <?=$k?>:</td>
  735. <td align="left"<?=(strstr($disp_price,"-"))?' style="color: red"':''?>><?=$disp_price?></td>
  736. <td align="left"<?=(strstr($disp_price,"-"))?' style="color: red"':''?>><?=$amount?></td>
  737. </tr>
  738. <?php
  739. $k++;
  740. }
  741. ?>
  742. <tr>
  743. <td>&nbsp;</td>
  744. <td>&nbsp;</td>
  745. <td>&nbsp;</td>
  746. <td>&nbsp;</td>
  747. <td>&nbsp;</td>
  748. </tr>
  749. <?php
  750. }
  751. ?>
  752. <?php if((double)$alldata["ordShipping"]!=0.0 || $doedit){ ?>
  753. <tr>
  754. <td align="right" colspan="4"><strong><?php print $xxShippg?>:</strong></td>
  755. <td align="left"><?php print editnumeric($alldata["ordShipping"],"ordShipping",7)?></td>
  756. <?php if($doedit) print '<td align="center">&nbsp;</td>' ?>
  757. </tr>
  758. <?php }
  759. if((double)$alldata["ordHandling"]!=0.0 || $doedit){ ?>
  760. <tr>
  761. <td align="right" colspan="4"><strong><?php print $xxHndlg?>:</strong></td>
  762. <td align="left"><?php print editnumeric($alldata["ordHandling"],"ordHandling",7)?></td>
  763. <?php if($doedit) print '<td align="center">&nbsp;</td>' ?>
  764. </tr>
  765. <?php }
  766. if((double)$alldata["ordDiscount"]!=0.0 || $doedit){ ?>
  767. <tr>
  768. <td align="right" colspan="4"><strong><?php print $xxDscnts?>:</strong></td>
  769. <td align="left"><font color="#FF0000"><?php print editnumeric($alldata["ordDiscount"],"ordDiscount",7)?></font></td>
  770. <?php if($doedit) print '<td align="center">&nbsp;</td>' ?>
  771. </tr>
  772. <?php }
  773. if((double)$alldata["ord_cert_amt"]!=0.0 || $doedit){
  774. $sqlcert="SELECT cert_code FROM certificates WHERE cert_id=".$alldata["ord_cert_id"];
  775. $resultcert=mysql_query($sqlcert);
  776. $rowcert=mysql_fetch_assoc($resultcert);
  777. ?>
  778. <tr>
  779. <td align="right" colspan="4"><strong><?='('.$rowcert["cert_code"].')'?> <?php print $xxGCerts?>:</strong></td>
  780. <td align="left"><font color="#FF0000"><?php print editnumeric($alldata["ord_cert_amt"],"ord_cert_amt",7)?></font></td>
  781. <?php if($doedit) print '<td align="center">&nbsp;</td>' ?>
  782. </tr>
  783. <?php }
  784. if((double)$alldata["ordStateTax"]!=0.0 || $doedit){ ?>
  785. <tr>
  786. <td align="right" colspan="4"><strong><?php print $xxStaTax?>:</strong></td>
  787. <td align="left"><?php print editnumeric($alldata["ordStateTax"],"ordStateTax",7)//$alldata["ordStateTax"]?></td>
  788. <?php if($doedit) print '<td align="center" nowrap><input type="text" name="staterate" id="staterate" size="1" value="' . $statetaxrate . '">%</td>' ?>
  789. </tr>
  790. <?php }
  791. if((double)$alldata["ordCountryTax"]!=0.0 || $doedit){ ?>
  792. <tr>
  793. <td align="right" colspan="4"><strong><?php print $xxCntTax?>:</strong></td>
  794. <td align="left"><?php print editnumeric($alldata["ordCountryTax"],"ordCountryTax",7)?></td>
  795. <?php if($doedit) print '<td align="center" nowrap><input type="text" name="countryrate" id="countryrate" size="1" value="' . $countrytaxrate . '">%</td>' ?>
  796. </tr>
  797. <?php }
  798. if((double)$alldata["ordHSTTax"]!=0.0 || ($doedit && @$canadataxsystem)){ ?>
  799. <tr>
  800. <td align="right" colspan="4"><strong><?php print $xxHST?>:</strong></td>
  801. <td align="left"><?php print editnumeric($alldata["ordHSTTax"],"ordHSTTax",7)?></td>
  802. <?php if($doedit) print '<td align="center" nowrap><input type="text" name="hstrate" id="hstrate" size="1" value="' . $hsttaxrate . '">%</td>' ?>
  803. </tr>
  804. <?php } ?>
  805. <tr>
  806. <td align="right" colspan="4"><strong><?php print $xxGndTot?>:</strong></td>
  807. <td align="left"><span id="grandtotalspan"><?php print FormatEuroCurrency(($alldata["ordTotal"]+$alldata["ordStateTax"]+$alldata["ordCountryTax"]+$alldata["ordHSTTax"]+$alldata["ordShipping"]+$alldata["ordHandling"]+$prcTot)-$alldata["ordDiscount"]-$alldata["ord_cert_amt"])?></span></td>
  808. <?php if($doedit) print '<td align="center">&nbsp;</td>' ?>
  809. </tr>
  810. </table>
  811. </span>
  812. </td>
  813. </tr>
  814. <?php if($isprinter && @$invoicefooter != ""){ ?>
  815. <tr>
  816. <td width="100%"><?php print $invoicefooter?></td>
  817. </tr>
  818. <?php }elseif($doedit){ ?>
  819. <tr>
  820. <td align="center" width="100%">&nbsp;<br /><input type="submit" value="<?php print $yyUpdate?>" onclick="updateClicked=true; cloneClicked=false;" />&nbsp;<input type="submit" name="clone" value="Clone Order" onclick="updateClicked=false; cloneClicked=true;" /><br />&nbsp;</td>
  821. </tr>
  822. <?php } ?><?php */?>
  823. </table>
  824. <?php
  825. if($doedit) print '</form>';
  826. if($doedit){
  827. // ADDED by Chad Jun-06-06
  828. // PRICE ADJUSTMENTS
  829. ?>
  830. <h2><a name="prc_adj"></a>Price Adjustments</h2>
  831. <?php
  832. if(!empty($_GET['adj_err'])) {
  833. ?>
  834. <div style="margin: 5px auto; color: #FF0000; font-weight: bold; text-align: center"><?=$_GET['adj_err']?>
  835. </div>
  836. <?php
  837. }elseif(!empty($_GET['adj_msg'])) {
  838. ?>
  839. <div style="margin: 5px auto; color: #009900; font-weight: bold; text-align: center"><?=$_GET['adj_msg']?>
  840. </div>
  841. <?php
  842. }
  843. ?>
  844. <table width="95%" cellpadding="3" cellspacing="0" border="1" style="margin: 0 auto 5px auto; border: 1px solid #BFC9E0; border-collapse: collapse">
  845. <tr style="background-color: #BFC9E0; color: #194C7F">
  846. <th width="60" style="text-align: center">Type</th>
  847. <th width="80" style="text-align: center">Amount Type</th>
  848. <th width="80" style="text-align: center">Amount</th>
  849. <th width="150" style="text-align: center">Date</th>
  850. <th>Note</th>
  851. <?php
  852. if(strstr($_SESSION['employee']['permissions'],"all") || $_SESSION['employee']['id']==19 || $_SESSION['employee']['id']==12 || $_SESSION['employee']['id']==2) {
  853. ?>
  854. <th width="28">Edit</th>
  855. <th width="28">Delete</th>
  856. <th width="28">Move Up</th>
  857. <th width="28">Move Down</th>
  858. <?php
  859. }
  860. ?>
  861. </tr>
  862. <?php
  863. $sql = "SELECT * FROM price_adj WHERE ordID = " . $_GET["id"] . " ORDER BY ordering";
  864. $res = mysql_query($sql) or print(mysql_error());
  865. $num_rows = mysql_num_rows($res);
  866. if($num_rows > 0) {
  867. $j=0;
  868. while($row=mysql_fetch_assoc($res)) {
  869. ?>
  870. <tr<?=($j%0==0?'':' style="background-color: #E6E9F5"')?>>
  871. <td style="text-align: center"><?=$row['type']?></td>
  872. <td style="text-align: center"><?=$row['amt_type']?></td>
  873. <td style="text-align: right"><?=$row['amt']?></td>
  874. <td style="text-align: left"><?=date("n/j/Y g:i a",strtotime($row['date']))?></td>
  875. <td style="text-align: left"><?=$row['note']?></td>
  876. <?php
  877. if(strstr($_SESSION['employee']['permissions'],"all") || $_SESSION['employee']['id']==19 || $_SESSION['employee']['id']==12 || $_SESSION['employee']['id']==2) {
  878. ?>
  879. <td style="text-align: center"><a href="/admin/editprcadj.php?pa_id=<?=$row['id']?>&action=edit" onclick="window.open(this.href,'edit_txn','left=700,top=100,width=550,height=150,toolbar=0'); return false;"><img src="/lib/images/misc/edit.gif" height="24" width="24" /></a></td>
  880. <td style="text-align: center"><a href="/admin/editprcadj.php?pa_id=<?=$row['id']?>&action=delete" onclick="window.open(this.href,'edit_txn','left=700,top=100,width=550,height=150,toolbar=0'); return false;"><img src="/lib/images/misc/delete.gif" width="24" height="24" /></a></td>
  881. <td style="text-align: center"><? if($row['ordering']!=1){?><a href="/admin/mvprcadj.php?pa_id=<?=$row['id']?>&pa_ordID=<?=$row['ordID']?>&position=<?=$row['ordering']?>&action=moveup" onclick=""><img src="/lib/images/misc/arrow_up.png" width="24" height="24" /></a><? } ?></td>
  882. <td style="text-align: center"><? if($row['ordering']!=$num_rows){?><a href="/admin/mvprcadj.php?pa_id=<?=$row['id']?>&pa_ordID=<?=$row['ordID']?>&position=<?=$row['ordering']?>&action=movedown" onclick=""><img src="/lib/images/misc/arrow_down.png" width="24" height="24" /></a><? } ?></td>
  883. <?php
  884. }
  885. ?>
  886. </tr>
  887. <?php
  888. $j++;
  889. }
  890. }else{
  891. ?>
  892. <tr>
  893. <td colspan="9" style="text-align: center; font-weight: bold">No Price Adjustments Found</td>
  894. </tr>
  895. <?php
  896. }
  897. ?>
  898. </table>
  899. <?php
  900. if(strstr($_SESSION['employee']['permissions'],"all") || $_SESSION['employee']['id']==19 || $_SESSION['employee']['id']==12 || $_SESSION['employee']['id']==2) {
  901. ?>
  902. <input type="button" id="btn_prc_add" value="Add Price Adjustment" onclick="togglePrcAdd();" />
  903. <div id="div_prc_add" style="display: none">
  904. <form id="adj_frm" name="adj_frm" method="post" action="/admin/ordersprocess.php">
  905. <table cellpadding="3" cellspacing="0" border="1" style="margin: 0 auto 5px auto; border: 1px solid #BFC9E0; border-collapse: collapse">
  906. <tr style="background-color: #BFC9E0; color: #194C7F">
  907. <td colspan="2" style="text-align: center; font-weight: bold; font-size: 14px">Add Price Adjustment</td>
  908. </tr>
  909. <tr>
  910. <td style="font-weight: bold">Type:</td>
  911. <td>
  912. <select id="adj_type" name="adj_type">
  913. <option value="" selected="selected">Choose...</option>
  914. <option value="credit">Credit</option>
  915. <option value="debit">Debit</option>
  916. </select> </td>
  917. </tr>
  918. <tr>
  919. <td style="font-weight: bold">Amt Type:</td>
  920. <td>
  921. <select id="adj_amt_type" name="adj_amt_type">
  922. <option value="" selected="selected">Choose...</option>
  923. <option value="fixed">Fixed</option>
  924. <option value="percentage">Percentage</option>
  925. </select> </td>
  926. </tr>
  927. <tr>
  928. <td style="font-weight: bold">Amount:</td>
  929. <td><input id="adj_amt" name="adj_amt" type="text" value="" /></td>
  930. </tr>
  931. <tr>
  932. <td style="font-weight: bold">Note:</td>
  933. <td><textarea id="adj_note" name="adj_note"></textarea></td>
  934. </tr>
  935. <tr>
  936. <td colspan="2" style="text-align: center"><input type="submit" id="adj_submit" name="adj_submit" value="Add" /></td>
  937. </tr>
  938. </table>
  939. <input type="hidden" id="adj_ordID" name="adj_ordID" value="<?=$_GET["id"]?>" />
  940. <input type="hidden" id="adj_doedit" name="adj_doedit" value="<?=$_GET["doedit"]?>" />
  941. </form>
  942. </div>
  943. <?php
  944. }
  945. // ADD ENDED
  946. // ADDED by Chad Jun-05-06
  947. // TRANSACTIONS
  948. $sql = "SELECT * FROM transactions WHERE ordID = " . $_GET["id"];
  949. $res = mysql_query($sql) or print(mysql_error());
  950. ?>
  951. <h2><a name="aim"></a>Transactions</h2>
  952. <?php
  953. if(!empty($_GET['aim_err'])) {
  954. ?>
  955. <div style="margin: 5px auto; color: #FF0000; font-weight: bold; text-align: center"><?=$_GET['aim_err']?>
  956. </div>
  957. <?php
  958. }elseif(!empty($_GET['aim_msg'])) {
  959. ?>
  960. <div style="margin: 5px auto; color: #009900; font-weight: bold; text-align: center"><?=$_GET['aim_msg']?>
  961. </div>
  962. <?php
  963. }
  964. ?>
  965. <table width="95%" cellpadding="3" cellspacing="0" border="1" style="margin: 0 auto 5px auto; border: 1px solid #BFC9E0; border-collapse: collapse">
  966. <tr style="background-color: #BFC9E0; color: #194C7F">
  967. <th width="85" style="text-align: center">Type</th>
  968. <th width="60" style="text-align: right">Amount</th>
  969. <th width="80" style="text-align: center">TXN</th>
  970. <th width="120" style="text-align: left">Date</th>
  971. <th>Note</th>
  972. </tr>
  973. <?php
  974. while($row=mysql_fetch_assoc($res)) {
  975. ?>
  976. <tr>
  977. <td style="text-align: center"><?=$row['type']?></td>
  978. <td style="text-align: center"><?=money_format("%.2n",$row['amt'])?></td>
  979. <td style="text-align: center"><?=$row['txn']?></td>
  980. <td style="text-align: center"><?=date("n/j/Y g:i a",strtotime($row['date_received']))?></td>
  981. <td><?=$row['note']?></td>
  982. </tr>
  983. <?php
  984. }
  985. ?>
  986. </table>
  987. <?php
  988. if(strstr($_SESSION['employee']['permissions'],"all") || $_SESSION['employee']['id']==9 || $_SESSION['employee']['id']==12 || $_SESSION['employee']['id']==2) {
  989. ?>
  990. <input type="button" id="btn_add_txn" value="Credit or Void" onclick="toggleTXN();" />
  991. <div id="div_trans" style="display: none">
  992. <form id="aim_frm" name="aim_frm" method="post" action="/admin/ordersprocess.php" onsubmit="return checkAIM(this);">
  993. <table cellpadding="3" cellspacing="0" border="1" style="margin: 5px auto 5px auto; border: 1px solid #BFC9E0; border-collapse: collapse">
  994. <tr style="background-color: #BFC9E0; color: #194C7F">
  995. <td colspan="4" style="text-align: center; font-weight: bold; font-size: 14px">Credit or Void a Transaction</td>
  996. </tr>
  997. <tr>
  998. <th style="text-align: center">Type</th>
  999. <th style="text-align: center">TXN</th>
  1000. <th style="text-align: center">Amount</th>
  1001. <th>Note</th>
  1002. </tr>
  1003. <tr>
  1004. <td valign="top">
  1005. <select name="aim_type" id="aim_type">
  1006. <option value="" selected="selected">Choose...</option>
  1007. <option value="CREDIT">Credit</option>
  1008. <option value="VOID">Void</option>
  1009. </select> </td>
  1010. <td valign="top"><input type="text" id="aim_txn" name="aim_txn" value="" autocomplete="off" /></td>
  1011. <td valign="top"><input type="text" id="aim_amt" name="aim_amt" value="" autocomplete="off" /></td>
  1012. <td valign="top"><textarea id="aim_note" name="aim_note"></textarea></td>
  1013. </tr>
  1014. <tr>
  1015. <td colspan="4" style="text-align: right"><input type="submit" id="aim_submit" name="aim_submit" value="Submit" /></td>
  1016. </tr>
  1017. </table>
  1018. <input type="hidden" id="aim_inv" name="aim_inv" value="<?=$_GET["id"]?>" />
  1019. <?php
  1020. $tmp = explode(" ",$alldata["ordName"]);
  1021. ?>
  1022. <input type="hidden" id="aim_fname" name="aim_fname" value="<?=$tmp[0]?>" />
  1023. <input type="hidden" id="aim_lname" name="aim_lname" value="<?=(!empty($tmp[1]))?$tmp[1]:''?>" />
  1024. <input type="hidden" id="aim_doedit" n

Large files files are truncated, but you can click here to view the full file