/inc/amfphp/Amfphp/Services/ec_admin_pricetiers.php
PHP | 143 lines | 84 code | 18 blank | 41 comment | 21 complexity | f8a9b8eba4dda937acb6d168abaee9f2 MD5 | raw file
- <?php
- /*
- ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
- ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
- //All Code and Design is copyrighted by Level Four Development, llc
- //
- //Level Four Development, LLC provides this code "as is" without warranty of any kind, either express or implied,
- //including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.
- //
- //Only licnesed users may use this code and storfront for live purposes. All other use is prohibited and may be
- //subject to copyright violation laws. If you have any questions regarding proper use of this code, please
- //contact Level Four Development, llc and EasyCart prior to use.
- //
- //All use of this storefront is subject to our terms of agreement found on Level Four Development, llc's website.
- ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
- ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
- */
- class ec_admin_pricetiers
- {
-
- function ec_admin_pricetiers() {
- /*load our connection settings
- if( file_exists( '../../../../wp-easycart-data/connection/ec_conn.php' ) ) {
- require_once('../../../../wp-easycart-data/connection/ec_conn.php');
- } else {
- require_once('../../../connection/ec_conn.php');
- };*/
-
- //set our connection variables
- $dbhost = DB_HOST;
- $dbname = DB_NAME;
- $dbuser = DB_USER;
- $dbpass = DB_PASSWORD;
- global $wpdb;
- define ('WP_PREFIX', $wpdb->prefix);
- //make a connection to our database
- $this->conn = mysql_connect($dbhost, $dbuser, $dbpass);
- mysql_select_db ($dbname);
- mysql_query("SET CHARACTER SET utf8", $this->conn);
- mysql_query("SET NAMES 'utf8'", $this->conn);
- }
-
-
- //secure all of the services for logged in authenticated users only
- public function _getMethodRoles($methodName){
- if ($methodName == 'getpricetier') return array('admin');
- else if($methodName == 'updatepricetier') return array('admin');
- else if($methodName == 'deletepricetier') return array('admin');
- else if($methodName == 'addpricetier') return array('admin');
- else return null;
- }
-
- //HELPER - used to escape out SQL calls
- function escape($sql)
- {
- $args = func_get_args();
- foreach($args as $key => $val)
- {
- $args[$key] = mysql_real_escape_string($val);
- }
-
- $args[0] = $sql;
- return call_user_func_array('sprintf', $args);
- }
-
-
- //price tier functions
- function getpricetier($productid) {
- //Create SQL Query
- $sql = sprintf("SELECT ec_pricetier.* FROM ec_pricetier WHERE ec_pricetier.product_id = '%s' ORDER BY ec_pricetier.quantity ASC", mysql_real_escape_string($productid));
-
- $result = mysql_query($sql);
- //if results, convert to an array for use in flash
- if(mysql_num_rows($result) > 0) {
- while ($row=mysql_fetch_object($result)) {
- $returnArray[] = $row;
- }
- return($returnArray); //return array results if there are some
- } else {
- $returnArray[] = "noresults";
- return $returnArray; //return noresults if there are no results
- }
- }
-
- function updatepricetier($id, $price, $quantity) {
- //Create SQL Query
- $sql = $this->escape("UPDATE ec_pricetier SET ec_pricetier.price = '%s', ec_pricetier.quantity = '%s' WHERE ec_pricetier.pricetier_id = '%s'", $price, $quantity, $id);
- //Run query on database;
- mysql_query($sql);
- //if no errors, return their current Client ID
- //if results, convert to an array for use in flash
- if(!mysql_error()) {
- $returnArray[] ="success";
- return($returnArray); //return array results if there are some
- } else {
- $returnArray[] = "error";
- return $returnArray; //return noresults if there are no results
- }
- }
- function deletepricetier($tierid, $productid) {
- //Create SQL Query
- $sql = $this->escape("DELETE FROM ec_pricetier WHERE ec_pricetier.pricetier_id = %s", $tierid);
- //Run query on database;
- mysql_query($sql);
- //if no errors, return their current Client ID
- //if results, convert to an array for use in flash
- if(!mysql_error()) {
- $returnArray[] = $productid;
- return($returnArray); //return array results if there are some
- } else {
- $returnArray[] = "error";
- return $returnArray; //return noresults if there are no results
- }
- }
- function addpricetier($price, $quantity, $productid) {
-
-
- //Create SQL Query
- $sql = sprintf("Insert into ec_pricetier(ec_pricetier.pricetier_id, ec_pricetier.price, ec_pricetier.quantity, ec_pricetier.product_id)
- values(null, '%s', '%s', '%s')",
- mysql_real_escape_string($price),
- mysql_real_escape_string($quantity),
- mysql_real_escape_string($productid));
- //Run query on database;
- mysql_query($sql);
- //if no errors, return their current Client ID
- //if results, convert to an array for use in flash
- if(!mysql_error()) {
- $returnArray[] = $productid;
- return($returnArray); //return array results if there are some
- } else {
- $returnArray[] = "error";
- return $returnArray; //return noresults if there are no results
- }
- }
-
- }//close class
- ?>