PageRenderTime 64ms CodeModel.GetById 25ms RepoModel.GetById 0ms app.codeStats 0ms

/admin/orders.php

https://github.com/happyxlq/lt_svn
PHP | 1035 lines | 935 code | 58 blank | 42 comment | 150 complexity | a12592b859b8750739126eab7e22ed64 MD5 | raw file
Possible License(s): AGPL-1.0, BSD-3-Clause, LGPL-2.1
  1. <?php
  2. /**
  3. * @package admin
  4. * @copyright Copyright 2003-2007 Zen Cart Development Team
  5. * @copyright Portions Copyright 2003 osCommerce
  6. * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
  7. * @version $Id: orders.php 6864 2007-08-27 16:15:20Z drbyte $
  8. */
  9. require('includes/application_top.php');
  10. require(DIR_WS_CLASSES . 'currencies.php');
  11. $currencies = new currencies();
  12. include(DIR_WS_CLASSES . 'order.php');
  13. // prepare order-status pulldown list
  14. $orders_statuses = array();
  15. $orders_status_array = array();
  16. $orders_status = $db->Execute("select orders_status_id, orders_status_name
  17. from " . TABLE_ORDERS_STATUS . "
  18. where language_id = '" . (int)$_SESSION['languages_id'] . "'");
  19. while (!$orders_status->EOF)
  20. {
  21. $orders_statuses[] = array('id' => $orders_status->fields['orders_status_id'],
  22. 'text' => $orders_status->fields['orders_status_name'] . ' [' . $orders_status->fields['orders_status_id'] . ']');
  23. $orders_status_array[$orders_status->fields['orders_status_id']] = $orders_status->fields['orders_status_name'];
  24. $orders_status->MoveNext();
  25. }
  26. $action = (isset($_GET['action']) ? $_GET['action'] : '');
  27. $order_exists = false;
  28. if (isset($_GET['oID']) && trim($_GET['oID']) == '') unset($_GET['oID']);
  29. if ($action == 'edit' && !isset($_GET['oID'])) $action = '';
  30. if (isset($_GET['oID']))
  31. {
  32. $orderid = zen_db_prepare_input(trim($_GET['oID']));
  33. $oID = '';
  34. $orders = $db->Execute("select order_no,orders_id from " . TABLE_ORDERS . "
  35. where order_no = '" . $orderid . "' limit 1");
  36. $order_exists = true;
  37. if ($orders->RecordCount() <= 0)
  38. {
  39. $order_exists = false;
  40. if ($action != '') $messageStack->add(sprintf(ERROR_ORDER_DOES_NOT_EXIST, $orderid), 'error');
  41. }else {
  42. $oID = $orders->fields['orders_id'];
  43. }
  44. }
  45. if (zen_not_null($action) && $order_exists == true)
  46. {
  47. switch ($action)
  48. {
  49. case 'edit':
  50. // reset single download to on
  51. if ($_GET['download_reset_on'] > 0)
  52. {
  53. // adjust download_maxdays based on current date
  54. $check_status = $db->Execute("select customers_name, customers_email_address, orders_status,
  55. date_purchased from " . TABLE_ORDERS . "
  56. where orders_id = '" . $oID . "'");
  57. $zc_max_days = date_diff($check_status->fields['date_purchased'], date('Y-m-d H:i:s', time())) + DOWNLOAD_MAX_DAYS;
  58. $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays='" . $zc_max_days . "', download_count='" . DOWNLOAD_MAX_COUNT . "' where orders_id='" . $oID . "' and orders_products_download_id='" . $_GET['download_reset_on'] . "'";
  59. $db->Execute($update_downloads_query);
  60. unset($_GET['download_reset_on']);
  61. $messageStack->add_session(SUCCESS_ORDER_UPDATED_DOWNLOAD_ON, 'success');
  62. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  63. }
  64. // reset single download to off
  65. if ($_GET['download_reset_off'] > 0)
  66. {
  67. // adjust download_maxdays based on current date
  68. // *** fix: adjust count not maxdays to cancel download
  69. // $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays='0', download_count='0' where orders_id='" . $_GET['oID'] . "' and orders_products_download_id='" . $_GET['download_reset_off'] . "'";
  70. $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_count='0' where orders_id='" . $oID . "' and orders_products_download_id='" . $_GET['download_reset_off'] . "'";
  71. unset($_GET['download_reset_off']);
  72. $db->Execute($update_downloads_query);
  73. $messageStack->add_session(SUCCESS_ORDER_UPDATED_DOWNLOAD_OFF, 'success');
  74. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  75. }
  76. break;
  77. case 'update_order':
  78. // demo active test
  79. if (zen_admin_demo())
  80. {
  81. $_GET['action']= '';
  82. $messageStack->add_session(ERROR_ADMIN_DEMO, 'caution');
  83. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  84. }
  85. //$oID = zen_db_prepare_input($_GET['oID']);
  86. $status = zen_db_prepare_input($_POST['status']);
  87. $comments = zen_db_prepare_input($_POST['comments']);
  88. $order_updated = false;
  89. $check_status = $db->Execute("select customers_name, customers_email_address, orders_status,
  90. date_purchased from " . TABLE_ORDERS . "
  91. where orders_id = '" . (int)$oID . "'");
  92. if ( ($check_status->fields['orders_status'] != $status) || zen_not_null($comments))
  93. {
  94. $db->Execute("update " . TABLE_ORDERS . "
  95. set orders_status = '" . zen_db_input($status) . "', last_modified = now()
  96. where orders_id = '" . (int)$oID . "'");
  97. $notify_comments = '';
  98. if (isset($_POST['notify_comments']) && ($_POST['notify_comments'] == 'on') && zen_not_null($comments))
  99. {
  100. $notify_comments = EMAIL_TEXT_COMMENTS_UPDATE . $comments . "\n\n";
  101. }
  102. //send emails
  103. $message = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" .
  104. EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID . "\n\n" .
  105. EMAIL_TEXT_INVOICE_URL . ' ' . zen_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id=' . $oID, 'SSL') . "\n\n" .
  106. EMAIL_TEXT_DATE_ORDERED . ' ' . zen_date_long($check_status->fields['date_purchased']) . "\n\n" .
  107. strip_tags($notify_comments) .
  108. EMAIL_TEXT_STATUS_UPDATED . sprintf(EMAIL_TEXT_STATUS_LABEL, $orders_status_array[$status] ) .
  109. EMAIL_TEXT_STATUS_PLEASE_REPLY;
  110. $html_msg['EMAIL_CUSTOMERS_NAME'] = $check_status->fields['customers_name'];
  111. $html_msg['EMAIL_TEXT_ORDER_NUMBER'] = EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID;
  112. $html_msg['EMAIL_TEXT_INVOICE_URL'] = '<a href="' . zen_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id=' . $oID, 'SSL') .'">'.str_replace(':','',EMAIL_TEXT_INVOICE_URL).'</a>';
  113. $html_msg['EMAIL_TEXT_DATE_ORDERED'] = EMAIL_TEXT_DATE_ORDERED . ' ' . zen_date_long($check_status->fields['date_purchased']);
  114. $html_msg['EMAIL_TEXT_STATUS_COMMENTS'] = nl2br($notify_comments);
  115. $html_msg['EMAIL_TEXT_STATUS_UPDATED'] = str_replace('\n','', EMAIL_TEXT_STATUS_UPDATED);
  116. $html_msg['EMAIL_TEXT_STATUS_LABEL'] = str_replace('\n','', sprintf(EMAIL_TEXT_STATUS_LABEL, $orders_status_array[$status] ));
  117. $html_msg['EMAIL_TEXT_NEW_STATUS'] = $orders_status_array[$status];
  118. $html_msg['EMAIL_TEXT_STATUS_PLEASE_REPLY'] = str_replace('\n','', EMAIL_TEXT_STATUS_PLEASE_REPLY);
  119. $customer_notified = '0';
  120. if (isset($_POST['notify']) && ($_POST['notify'] == 'on'))
  121. {
  122. zen_mail($check_status->fields['customers_name'], $check_status->fields['customers_email_address'], EMAIL_TEXT_SUBJECT . ' #' . $orderid, $message, STORE_NAME, EMAIL_FROM, $html_msg, 'order_status');
  123. $customer_notified = '1';
  124. //send extra emails
  125. if (SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO_STATUS == '1' and SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO != '')
  126. {
  127. zen_mail('', SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO, SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO_SUBJECT . ' ' . EMAIL_TEXT_SUBJECT . ' #' . $orderid, $message, STORE_NAME, EMAIL_FROM, $html_msg, 'order_status_extra');
  128. }
  129. }
  130. $db->Execute("insert into " . TABLE_ORDERS_STATUS_HISTORY . "
  131. (orders_id, orders_status_id, date_added, customer_notified, comments)
  132. values ('" . (int)$oID . "',
  133. '" . zen_db_input($status) . "',
  134. now(),
  135. '" . zen_db_input($customer_notified) . "',
  136. '" . zen_db_input($comments) . "')");
  137. $order_updated = true;
  138. }
  139. if ($order_updated == true)
  140. {
  141. if ($status == DOWNLOADS_ORDERS_STATUS_UPDATED_VALUE)
  142. {
  143. // adjust download_maxdays based on current date
  144. $zc_max_days = date_diff($check_status->fields['date_purchased'], date('Y-m-d H:i:s', time())) + DOWNLOAD_MAX_DAYS;
  145. $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays='" . $zc_max_days . "', download_count='" . DOWNLOAD_MAX_COUNT . "' where orders_id='" . (int)$oID . "'";
  146. $db->Execute($update_downloads_query);
  147. }
  148. $messageStack->add_session(SUCCESS_ORDER_UPDATED, 'success');
  149. } else
  150. {
  151. $messageStack->add_session(WARNING_ORDER_NOT_UPDATED, 'warning');
  152. }
  153. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  154. break;
  155. case 'deleteconfirm':
  156. // demo active test
  157. if (zen_admin_demo())
  158. {
  159. $_GET['action']= '';
  160. $messageStack->add_session(ERROR_ADMIN_DEMO, 'caution');
  161. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')), 'NONSSL'));
  162. }
  163. //$oID = zen_db_prepare_input($_GET['oID']);
  164. zen_remove_order($oID, $_POST['restock']);
  165. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')), 'NONSSL'));
  166. break;
  167. case 'delete_cvv':
  168. $delete_cvv = $db->Execute("update " . TABLE_ORDERS . " set cc_cvv = '" . TEXT_DELETE_CVV_REPLACEMENT . "' where orders_id = '" . (int)$oID . "'");
  169. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  170. break;
  171. case 'mask_cc':
  172. $result = $db->Execute("select cc_number from " . TABLE_ORDERS . " where orders_id = '" . (int)$oID . "'");
  173. $old_num = $result->fields['cc_number'];
  174. $new_num = substr($old_num, 0, 4) . str_repeat('*', (strlen($old_num) - 8)) . substr($old_num, -4);
  175. $mask_cc = $db->Execute("update " . TABLE_ORDERS . " set cc_number = '" . $new_num . "' where orders_id = '" . (int)$oID . "'");
  176. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  177. break;
  178. case 'doRefund':
  179. $order = new order($oID);
  180. if ($order->info['payment_module_code'])
  181. {
  182. if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php'))
  183. {
  184. require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
  185. require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
  186. $module = new $order->info['payment_module_code'];
  187. if (method_exists($module, '_doRefund'))
  188. {
  189. $module->_doRefund($oID);
  190. }
  191. }
  192. }
  193. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  194. break;
  195. case 'doAuth':
  196. $order = new order($oID);
  197. if ($order->info['payment_module_code'])
  198. {
  199. if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php'))
  200. {
  201. require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
  202. require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
  203. $module = new $order->info['payment_module_code'];
  204. if (method_exists($module, '_doAuth'))
  205. {
  206. $module->_doAuth($oID, $order->info['total'], $order->info['currency']);
  207. }
  208. }
  209. }
  210. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  211. break;
  212. case 'doCapture':
  213. $order = new order($oID);
  214. if ($order->info['payment_module_code'])
  215. {
  216. if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php'))
  217. {
  218. require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
  219. require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
  220. $module = new $order->info['payment_module_code'];
  221. if (method_exists($module, '_doCapt'))
  222. {
  223. $module->_doCapt($oID, 'Complete', $order->info['total'], $order->info['currency']);
  224. }
  225. }
  226. }
  227. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  228. break;
  229. case 'doVoid':
  230. $order = new order($oID);
  231. if ($order->info['payment_module_code'])
  232. {
  233. if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php'))
  234. {
  235. require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
  236. require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
  237. $module = new $order->info['payment_module_code'];
  238. if (method_exists($module, '_doVoid'))
  239. {
  240. $module->_doVoid($oID);
  241. }
  242. }
  243. }
  244. zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
  245. break;
  246. }
  247. }
  248. ?>
  249. <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
  250. <html <?php echo HTML_PARAMS; ?>>
  251. <head>
  252. <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
  253. <title><?php echo TITLE; ?></title>
  254. <link rel="stylesheet" type="text/css" href="includes/stylesheet.css">
  255. <link rel="stylesheet" type="text/css" media="print" href="includes/stylesheet_print.css">
  256. <link rel="stylesheet" type="text/css" href="includes/cssjsmenuhover.css" media="all" id="hoverJS">
  257. <script language="javascript" src="includes/menu.js"></script>
  258. <script language="javascript" src="includes/general.js"></script>
  259. <script type="text/javascript">
  260. <!--
  261. function init()
  262. {
  263. cssjsmenu('navbar');
  264. if (document.getElementById)
  265. {
  266. var kill = document.getElementById('hoverJS');
  267. kill.disabled = true;
  268. }
  269. }
  270. // -->
  271. </script>
  272. <script language="javascript" type="text/javascript"><!--
  273. function couponpopupWindow(url) {
  274. window.open(url,'popupWindow','toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=yes,resizable=yes,copyhistory=no,width=450,height=280,screenX=150,screenY=150,top=150,left=150')
  275. }
  276. //--></script>
  277. </head>
  278. <body onLoad="init()">
  279. <!-- header //-->
  280. <div class="header-area">
  281. <?php
  282. require(DIR_WS_INCLUDES . 'header.php');
  283. ?>
  284. </div>
  285. <!-- header_eof //-->
  286. <!-- body //-->
  287. <table border="0" width="100%" cellspacing="2" cellpadding="2">
  288. <tr>
  289. <!-- body_text //-->
  290. <?php if ($action == '')
  291. { ?>
  292. <!-- search -->
  293. <td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
  294. <tr>
  295. <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
  296. <tr><?php echo zen_draw_form('search', FILENAME_ORDERS, '', 'get', '', true); ?>
  297. <td width="65%" class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
  298. <td colspan="2" class="smallText" align="right">
  299. <?php
  300. // show reset search
  301. if ((isset($_GET['search']) && zen_not_null($_GET['search'])) or $_GET['cID'] !='')
  302. {
  303. echo '<a href="' . zen_href_link(FILENAME_ORDERS, '', 'NONSSL') . '">' . zen_image_button('button_reset.gif', IMAGE_RESET) . '</a><br />';
  304. }
  305. ?>
  306. <?php
  307. echo HEADING_TITLE_SEARCH_DETAIL . ' ' . zen_draw_input_field('search') . zen_hide_session_id();
  308. if (isset($_GET['search']) && zen_not_null($_GET['search']))
  309. {
  310. $keywords = zen_db_input(zen_db_prepare_input($_GET['search']));
  311. echo '<br/ >' . TEXT_INFO_SEARCH_DETAIL_FILTER . $keywords;
  312. }
  313. ?>
  314. </td>
  315. </form>
  316. <?php echo zen_draw_form('search_orders_products', FILENAME_ORDERS, '', 'get', '', true); ?>
  317. <td class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
  318. <td colspan="2" class="smallText" align="right">
  319. <?php
  320. // show reset search orders_products
  321. if ((isset($_GET['search_orders_products']) && zen_not_null($_GET['search_orders_products'])) or $_GET['cID'] !='')
  322. {
  323. echo '<a href="' . zen_href_link(FILENAME_ORDERS, '', 'NONSSL') . '">' . zen_image_button('button_reset.gif', IMAGE_RESET) . '</a><br />';
  324. }
  325. ?>
  326. <?php
  327. echo HEADING_TITLE_SEARCH_DETAIL_ORDERS_PRODUCTS . ' ' . zen_draw_input_field('search_orders_products') . zen_hide_session_id();
  328. if (isset($_GET['search_orders_products']) && zen_not_null($_GET['search_orders_products']))
  329. {
  330. $keywords_orders_products = zen_db_input(zen_db_prepare_input($_GET['search_orders_products']));
  331. echo '<br/ >' . TEXT_INFO_SEARCH_DETAIL_FILTER_ORDERS_PRODUCTS . zen_db_prepare_input($keywords_orders_products);
  332. }
  333. ?>
  334. </td>
  335. </form>
  336. </table></td>
  337. </tr>
  338. <!-- search -->
  339. <?php } ?>
  340. <?php
  341. if (($action == 'edit') && ($order_exists == true))
  342. {
  343. $order = new order($oID);
  344. if ($order->info['payment_module_code'])
  345. {
  346. if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php'))
  347. {
  348. require(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
  349. require(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
  350. $module = new $order->info['payment_module_code'];
  351. // echo $module->admin_notification($oID);
  352. }
  353. }
  354. ?>
  355. <tr>
  356. <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
  357. <tr>
  358. <td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
  359. <td class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
  360. <td class="pageHeading" align="right"><?php echo '<a href="javascript:history.back()">' . zen_image_button('button_back.gif', IMAGE_BACK) . '</a>'; ?></td>
  361. </tr>
  362. </table></td>
  363. </tr>
  364. <tr>
  365. <td><table width="100%" border="0" cellspacing="0" cellpadding="2">
  366. <tr>
  367. <td colspan="3"><?php echo zen_draw_separator(); ?></td>
  368. </tr>
  369. <tr>
  370. <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">
  371. <tr>
  372. <td class="main" valign="top"><strong><?php echo ENTRY_CUSTOMER; ?></strong></td>
  373. <td class="main"><?php echo zen_address_format($order->customer['format_id'], $order->customer, 1, '', '<br />'); ?></td>
  374. </tr>
  375. <tr>
  376. <td colspan="2"><?php echo zen_draw_separator('pixel_trans.gif', '1', '5'); ?></td>
  377. </tr>
  378. <tr>
  379. <td class="main"><strong><?php echo ENTRY_TELEPHONE_NUMBER; ?></strong></td>
  380. <td class="main"><?php echo $order->customer['telephone']; ?></td>
  381. </tr>
  382. <tr>
  383. <td class="main"><strong><?php echo ENTRY_EMAIL_ADDRESS; ?></strong></td>
  384. <td class="main"><?php echo '<a href="mailto:' . $order->customer['email_address'] . '">' . $order->customer['email_address'] . '</a>'; ?></td>
  385. </tr>
  386. <tr>
  387. <td class="main"><strong><?php echo TEXT_INFO_IP_ADDRESS; ?></strong></td>
  388. <td class="main"><?php echo $order->info['ip_address']; ?></td>
  389. </tr>
  390. </table></td>
  391. <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">
  392. <tr>
  393. <td class="main" valign="top"><strong><?php echo ENTRY_SHIPPING_ADDRESS; ?></strong></td>
  394. <td class="main"><?php echo zen_address_format($order->delivery['format_id'], $order->delivery, 1, '', '<br />'); ?></td>
  395. </tr>
  396. </table></td>
  397. <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">
  398. <tr>
  399. <td class="main" valign="top"><strong><?php echo ENTRY_BILLING_ADDRESS; ?></strong></td>
  400. <td class="main"><?php echo zen_address_format($order->billing['format_id'], $order->billing, 1, '', '<br />'); ?></td>
  401. </tr>
  402. </table></td>
  403. </tr>
  404. </table></td>
  405. </tr>
  406. <tr>
  407. <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  408. </tr>
  409. <tr>
  410. <td class="main"><strong><?php echo ENTRY_ORDER_ID . $orderid; ?></strong></td>
  411. </tr>
  412. <tr>
  413. <td><table border="0" cellspacing="0" cellpadding="2">
  414. <tr>
  415. <td class="main"><strong><?php echo ENTRY_DATE_PURCHASED; ?></strong></td>
  416. <td class="main"><?php echo zen_date_long($order->info['date_purchased']); ?></td>
  417. </tr>
  418. <tr>
  419. <td class="main"><strong><?php echo ENTRY_PAYMENT_METHOD; ?></strong></td>
  420. <td class="main"><?php echo $order->info['payment_method']; ?></td>
  421. </tr>
  422. <?php
  423. if (zen_not_null($order->info['cc_type']) || zen_not_null($order->info['cc_owner']) || zen_not_null($order->info['cc_number']))
  424. {
  425. ?>
  426. <tr>
  427. <td colspan="2"><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  428. </tr>
  429. <tr>
  430. <td class="main"><?php echo ENTRY_CREDIT_CARD_TYPE; ?></td>
  431. <td class="main"><?php echo $order->info['cc_type']; ?></td>
  432. </tr>
  433. <tr>
  434. <td class="main"><?php echo ENTRY_CREDIT_CARD_OWNER; ?></td>
  435. <td class="main"><?php echo $order->info['cc_owner']; ?></td>
  436. </tr>
  437. <tr>
  438. <td class="main"><?php echo ENTRY_CREDIT_CARD_NUMBER; ?></td>
  439. <td class="main"><?php echo $order->info['cc_number'] . (zen_not_null($order->info['cc_number']) && !strstr($order->info['cc_number'],'X') && !strstr($order->info['cc_number'],'********') ? '&nbsp;&nbsp;<a href="' . zen_href_link(FILENAME_ORDERS, '&action=mask_cc&oID=' . $oID, 'NONSSL') . '" class="noprint">' . TEXT_MASK_CC_NUMBER . '</a>' : ''); ?><td>
  440. </tr>
  441. <tr>
  442. <td class="main"><?php echo ENTRY_CREDIT_CARD_CVV; ?></td>
  443. <td class="main"><?php echo $order->info['cc_cvv'] . (zen_not_null($order->info['cc_cvv']) && !strstr($order->info['cc_cvv'],TEXT_DELETE_CVV_REPLACEMENT) ? '&nbsp;&nbsp;<a href="' . zen_href_link(FILENAME_ORDERS, '&action=delete_cvv&oID=' . $oID, 'NONSSL') . '" class="noprint">' . TEXT_DELETE_CVV_FROM_DATABASE . '</a>' : ''); ?><td>
  444. </tr>
  445. <tr>
  446. <td class="main"><?php echo ENTRY_CREDIT_CARD_EXPIRES; ?></td>
  447. <td class="main"><?php echo $order->info['cc_expires']; ?></td>
  448. </tr>
  449. <?php
  450. }
  451. ?>
  452. </table></td>
  453. </tr>
  454. <?php
  455. if (method_exists($module, 'admin_notification'))
  456. {
  457. ?>
  458. <tr>
  459. <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  460. </tr>
  461. <tr>
  462. <?php echo $module->admin_notification($oID); ?>
  463. </tr>
  464. <tr>
  465. <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  466. </tr>
  467. <?php
  468. }
  469. ?>
  470. <tr>
  471. <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
  472. <tr class="dataTableHeadingRow">
  473. <td class="dataTableHeadingContent" colspan="2"><?php echo TABLE_HEADING_PRODUCTS; ?></td>
  474. <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_PRODUCTS_MODEL; ?></td>
  475. <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TAX; ?></td>
  476. <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_PRICE_EXCLUDING_TAX; ?></td>
  477. <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_PRICE_INCLUDING_TAX; ?></td>
  478. <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TOTAL_EXCLUDING_TAX; ?></td>
  479. <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TOTAL_INCLUDING_TAX; ?></td>
  480. </tr>
  481. <?php
  482. for ($i=0, $n=sizeof($order->products); $i<$n; $i++)
  483. {
  484. echo ' <tr class="dataTableRow">' . "\n" .
  485. ' <td class="dataTableContent" valign="top" align="right">' . $order->products[$i]['qty'] . '&nbsp;x</td>' . "\n" .
  486. ' <td class="dataTableContent" valign="top">' . $order->products[$i]['name'];
  487. if (isset($order->products[$i]['attributes']) && (sizeof($order->products[$i]['attributes']) > 0))
  488. {
  489. for ($j = 0, $k = sizeof($order->products[$i]['attributes']); $j < $k; $j++)
  490. {
  491. echo '<br /><nobr><small>&nbsp;<i> - ' . $order->products[$i]['attributes'][$j]['option'] . ': ' . nl2br(zen_output_string_protected($order->products[$i]['attributes'][$j]['value']));
  492. if ($order->products[$i]['attributes'][$j]['price'] != '0') echo ' (' . $order->products[$i]['attributes'][$j]['prefix'] . $currencies->format($order->products[$i]['attributes'][$j]['price'] * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) . ')';
  493. if ($order->products[$i]['attributes'][$j]['product_attribute_is_free'] == '1' and $order->products[$i]['product_is_free'] == '1') echo TEXT_INFO_ATTRIBUTE_FREE;
  494. echo '</i></small></nobr>';
  495. }
  496. }
  497. echo ' </td>' . "\n" .
  498. ' <td class="dataTableContent" valign="top">' . $order->products[$i]['model'] . '</td>' . "\n" .
  499. ' <td class="dataTableContent" align="right" valign="top">' . zen_display_tax_value($order->products[$i]['tax']) . '%</td>' . "\n" .
  500. ' <td class="dataTableContent" align="right" valign="top"><strong>' .
  501. $currencies->format($order->products[$i]['final_price'], true, $order->info['currency'], $order->info['currency_value']) .
  502. ($order->products[$i]['onetime_charges'] != 0 ? '<br />' . $currencies->format($order->products[$i]['onetime_charges'], true, $order->info['currency'], $order->info['currency_value']) : '') .
  503. '</strong></td>' . "\n" .
  504. ' <td class="dataTableContent" align="right" valign="top"><strong>' .
  505. $currencies->format(zen_add_tax($order->products[$i]['final_price'], $order->products[$i]['tax']), true, $order->info['currency'], $order->info['currency_value']) .
  506. ($order->products[$i]['onetime_charges'] != 0 ? '<br />' . $currencies->format(zen_add_tax($order->products[$i]['onetime_charges'], $order->products[$i]['tax']), true, $order->info['currency'], $order->info['currency_value']) : '') .
  507. '</strong></td>' . "\n" .
  508. ' <td class="dataTableContent" align="right" valign="top"><strong>' .
  509. $currencies->format($order->products[$i]['final_price'] * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) .
  510. ($order->products[$i]['onetime_charges'] != 0 ? '<br />' . $currencies->format($order->products[$i]['onetime_charges'], true, $order->info['currency'], $order->info['currency_value']) : '') .
  511. '</strong></td>' . "\n" .
  512. ' <td class="dataTableContent" align="right" valign="top"><strong>' .
  513. $currencies->format(zen_add_tax($order->products[$i]['final_price'], $order->products[$i]['tax']) * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) .
  514. ($order->products[$i]['onetime_charges'] != 0 ? '<br />' . $currencies->format(zen_add_tax($order->products[$i]['onetime_charges'], $order->products[$i]['tax']), true, $order->info['currency'], $order->info['currency_value']) : '') .
  515. '</strong></td>' . "\n";
  516. echo ' </tr>' . "\n";
  517. }
  518. ?>
  519. <tr>
  520. <td align="right" colspan="8"><table border="0" cellspacing="0" cellpadding="2">
  521. <?php
  522. for ($i = 0, $n = sizeof($order->totals); $i < $n; $i++)
  523. {
  524. echo ' <tr>' . "\n" .
  525. ' <td align="right" class="'. str_replace('_', '-', $order->totals[$i]['class']) . '-Text">' . $order->totals[$i]['title'] . '</td>' . "\n" .
  526. ' <td align="right" class="'. str_replace('_', '-', $order->totals[$i]['class']) . '-Amount">' . $order->totals[$i]['text'] . '</td>' . "\n" .
  527. ' </tr>' . "\n";
  528. }
  529. ?>
  530. </table></td>
  531. </tr>
  532. </table></td>
  533. </tr>
  534. <?php
  535. // show downloads
  536. require(DIR_WS_MODULES . 'orders_download.php');
  537. ?>
  538. <tr>
  539. <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  540. </tr>
  541. <tr>
  542. <td class="main"><table border="1" cellspacing="0" cellpadding="5">
  543. <tr>
  544. <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_DATE_ADDED; ?></strong></td>
  545. <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_CUSTOMER_NOTIFIED; ?></strong></td>
  546. <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_STATUS; ?></strong></td>
  547. <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_COMMENTS; ?></strong></td>
  548. </tr>
  549. <?php
  550. $orders_history = $db->Execute("select orders_status_id, date_added, customer_notified, comments
  551. from " . TABLE_ORDERS_STATUS_HISTORY . "
  552. where orders_id = '" . zen_db_input($oID) . "'
  553. order by date_added");
  554. if ($orders_history->RecordCount() > 0)
  555. {
  556. while (!$orders_history->EOF)
  557. {
  558. echo ' <tr>' . "\n" .
  559. ' <td class="smallText" align="center">' . zen_datetime_short($orders_history->fields['date_added']) . '</td>' . "\n" .
  560. ' <td class="smallText" align="center">';
  561. if ($orders_history->fields['customer_notified'] == '1')
  562. {
  563. echo zen_image(DIR_WS_ICONS . 'tick.gif', ICON_TICK) . "</td>\n";
  564. } else
  565. {
  566. echo zen_image(DIR_WS_ICONS . 'cross.gif', ICON_CROSS) . "</td>\n";
  567. }
  568. echo ' <td class="smallText">' . $orders_status_array[$orders_history->fields['orders_status_id']] . '</td>' . "\n";
  569. echo ' <td class="smallText">' . nl2br(zen_db_output($orders_history->fields['comments'])) . '&nbsp;</td>' . "\n" .
  570. ' </tr>' . "\n";
  571. $orders_history->MoveNext();
  572. }
  573. } else
  574. {
  575. echo ' <tr>' . "\n" .
  576. ' <td class="smallText" colspan="5">' . TEXT_NO_ORDER_HISTORY . '</td>' . "\n" .
  577. ' </tr>' . "\n";
  578. }
  579. ?>
  580. </table></td>
  581. </tr>
  582. <tr>
  583. <td class="main noprint"><br /><strong><?php echo TABLE_HEADING_COMMENTS; ?></strong></td>
  584. </tr>
  585. <tr>
  586. <td class="noprint"><?php echo zen_draw_separator('pixel_trans.gif', '1', '5'); ?></td>
  587. </tr>
  588. <tr><?php echo zen_draw_form('status', FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=update_order', 'post', '', true); ?>
  589. <td class="main noprint"><?php echo zen_draw_textarea_field('comments', 'soft', '60', '5'); ?></td>
  590. </tr>
  591. <tr>
  592. <td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
  593. </tr>
  594. <tr>
  595. <td><table border="0" cellspacing="0" cellpadding="2" class="noprint">
  596. <tr>
  597. <td><table border="0" cellspacing="0" cellpadding="2">
  598. <tr>
  599. <td class="main"><strong><?php echo ENTRY_STATUS; ?></strong> <?php echo zen_draw_pull_down_menu('status', $orders_statuses, $order->info['orders_status']); ?></td>
  600. </tr>
  601. <tr>
  602. <td class="main"><strong><?php echo ENTRY_NOTIFY_CUSTOMER; ?></strong> <?php echo zen_draw_checkbox_field('notify', '', true); ?></td>
  603. <td class="main"><strong><?php echo ENTRY_NOTIFY_COMMENTS; ?></strong> <?php echo zen_draw_checkbox_field('notify_comments', '', true); ?></td>
  604. </tr>
  605. </table></td>
  606. <td valign="top"><?php echo zen_image_submit('button_update.gif', IMAGE_UPDATE); ?></td>
  607. </tr>
  608. </table></td>
  609. </form></tr>
  610. <tr>
  611. <td colspan="2" align="right" class="noprint"><?php echo '<a href="' . zen_href_link(FILENAME_ORDERS_INVOICE, 'oID=' . $oID) . '" TARGET="_blank">' . zen_image_button('button_invoice.gif', IMAGE_ORDERS_INVOICE) . '</a> <a href="' . zen_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $oID) . '" TARGET="_blank">' . zen_image_button('button_packingslip.gif', IMAGE_ORDERS_PACKINGSLIP) . '</a> <a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action'))) . '">' . zen_image_button('button_orders.gif', IMAGE_ORDERS) . '</a>'; ?></td>
  612. </tr>
  613. <?php
  614. // check if order has open gv
  615. $gv_check = $db->Execute("select order_id, unique_id
  616. from " . TABLE_COUPON_GV_QUEUE ."
  617. where order_id = '" . $oID . "' and release_flag='N' limit 1");
  618. if ($gv_check->RecordCount() > 0)
  619. {
  620. $goto_gv = '<a href="' . zen_href_link(FILENAME_GV_QUEUE, 'order=' . $oID) . '">' . zen_image_button('button_gift_queue.gif',IMAGE_GIFT_QUEUE) . '</a>';
  621. echo ' <tr><td align="right"><table width="225"><tr>';
  622. echo ' <td align="center">';
  623. echo $goto_gv . '&nbsp;&nbsp;';
  624. echo ' </td>';
  625. echo ' </tr></table></td></tr>';
  626. }
  627. ?>
  628. <?php
  629. } else
  630. {
  631. ?>
  632. <tr>
  633. <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
  634. <tr>
  635. <td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
  636. <td class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
  637. <td align="right"><table border="0" width="100%" cellspacing="0" cellpadding="0">
  638. <tr><?php echo zen_draw_form('orders', FILENAME_ORDERS, '', 'get', '', true); ?>
  639. <td class="smallText" align="right"><?php echo HEADING_TITLE_SEARCH . ' ' . zen_draw_input_field('oID', '', 'size="12"') . zen_draw_hidden_field('action', 'edit') . zen_hide_session_id(); ?></td>
  640. </form></tr>
  641. <tr><?php echo zen_draw_form('status', FILENAME_ORDERS, '', 'get', '', true); ?>
  642. <td class="smallText" align="right">
  643. <?php
  644. echo HEADING_TITLE_STATUS . ' ' . zen_draw_pull_down_menu('status', array_merge(array(array('id' => '', 'text' => TEXT_ALL_ORDERS)), $orders_statuses), $_GET['status'], 'onChange="this.form.submit();"');
  645. echo zen_hide_session_id();
  646. ?>
  647. </td>
  648. </form></tr>
  649. </table></td>
  650. </tr>
  651. </table></td>
  652. </tr>
  653. <tr>
  654. <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
  655. <tr>
  656. <td class="smallText"><?php echo TEXT_LEGEND . ' ' . zen_image(DIR_WS_IMAGES . 'icon_status_red.gif', TEXT_BILLING_SHIPPING_MISMATCH, 10, 10) . ' ' . TEXT_BILLING_SHIPPING_MISMATCH; ?>
  657. </td>
  658. <tr>
  659. <td valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
  660. <tr class="dataTableHeadingRow">
  661. <?php
  662. // Sort Listing
  663. switch ($_GET['list_order'])
  664. {
  665. case "id-asc":
  666. $disp_order = "c.customers_id";
  667. break;
  668. case "firstname":
  669. $disp_order = "c.customers_firstname";
  670. break;
  671. case "firstname-desc":
  672. $disp_order = "c.customers_firstname DESC";
  673. break;
  674. case "lastname":
  675. $disp_order = "c.customers_lastname, c.customers_firstname";
  676. break;
  677. case "lastname-desc":
  678. $disp_order = "c.customers_lastname DESC, c.customers_firstname";
  679. break;
  680. case "company":
  681. $disp_order = "a.entry_company";
  682. break;
  683. case "company-desc":
  684. $disp_order = "a.entry_company DESC";
  685. break;
  686. default:
  687. $disp_order = "c.customers_id DESC";
  688. }
  689. ?>
  690. <td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_ORDERS_ID; ?></td>
  691. <td class="dataTableHeadingContent" align="left" width="50"><?php echo TABLE_HEADING_PAYMENT_METHOD; ?></td>
  692. <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_CUSTOMERS; ?></td>
  693. <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ORDER_TOTAL; ?></td>
  694. <td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_DATE_PURCHASED; ?></td>
  695. <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_STATUS; ?></td>
  696. <td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_CUSTOMER_COMMENTS; ?></td>
  697. <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACTION; ?>&nbsp;</td>
  698. </tr>
  699. <?php
  700. // Only one or the other search
  701. // create search_orders_products filter
  702. $search = '';
  703. $new_table = '';
  704. $new_fields = '';
  705. if (isset($_GET['search_orders_products']) && zen_not_null($_GET['search_orders_products']))
  706. {
  707. $new_fields = '';
  708. $search_distinct = ' distinct ';
  709. $new_table = " left join " . TABLE_ORDERS_PRODUCTS . " op on (op.orders_id = o.orders_id) ";
  710. $keywords = zen_db_input(zen_db_prepare_input($_GET['search_orders_products']));
  711. $search = " and (op.products_model like '%" . $keywords . "%' or op.products_name like '" . $keywords . "%')";
  712. if (substr(strtoupper($_GET['search_orders_products']), 0, 3) == 'ID:')
  713. {
  714. $keywords = TRIM(substr($_GET['search_orders_products'], 3));
  715. $search = " and op.products_id ='" . (int)$keywords . "'";
  716. }
  717. } else
  718. {
  719. ?>
  720. <?php
  721. // create search filter
  722. $search = '';
  723. if (isset($_GET['search']) && zen_not_null($_GET['search']))
  724. {
  725. $search_distinct = ' ';
  726. $keywords = zen_db_input(zen_db_prepare_input($_GET['search']));
  727. $search = " and (o.customers_city like '%" . $keywords . "%' or o.customers_postcode like '%" . $keywords . "%' or o.date_purchased like '%" . $keywords . "%' or o.billing_name like '%" . $keywords . "%' or o.billing_company like '%" . $keywords . "%' or o.billing_street_address like '%" . $keywords . "%' or o.delivery_city like '%" . $keywords . "%' or o.delivery_postcode like '%" . $keywords . "%' or o.delivery_name like '%" . $keywords . "%' or o.delivery_company like '%" . $keywords . "%' or o.delivery_street_address like '%" . $keywords . "%' or o.billing_city like '%" . $keywords . "%' or o.billing_postcode like '%" . $keywords . "%' or o.customers_email_address like '%" . $keywords . "%' or o.customers_name like '%" . $keywords . "%' or o.customers_company like '%" . $keywords . "%' or o.customers_street_address like '%" . $keywords . "%' or o.customers_telephone like '%" . $keywords . "%' or o.ip_address like '%" . $keywords . "%')";
  728. $new_table = '';
  729. // $new_fields = ", o.customers_company, o.customers_email_address, o.customers_street_address, o.delivery_company, o.delivery_name, o.delivery_street_address, o.billing_company, o.billing_name, o.billing_street_address, o.payment_module_code, o.shipping_module_code, o.ip_address ";
  730. }
  731. } // eof: search orders or orders_products
  732. $new_fields = ", o.customers_company, o.customers_email_address, o.customers_street_address, o.delivery_company, o.delivery_name, o.delivery_street_address, o.billing_company, o.billing_name, o.billing_street_address, o.payment_module_code, o.shipping_module_code, o.ip_address ";
  733. ?>
  734. <?php
  735. if (isset($_GET['cID']))
  736. {
  737. $cID = zen_db_prepare_input($_GET['cID']);
  738. $orders_query_raw = "select o.orders_id, o.order_no,o.customers_id, o.customers_name, o.payment_method, o.shipping_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total" .
  739. $new_fields . "
  740. from ((" . TABLE_ORDERS . " o, " .
  741. TABLE_ORDERS_STATUS . " s) " .
  742. $new_table . ")
  743. left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id) " . "
  744. where o.customers_id = '" . (int)$cID . "' and o.orders_status = s.orders_status_id and s.language_id = '" . (int)$_SESSION['languages_id'] . "' and ot.class = 'ot_total' order by orders_id DESC";
  745. //echo '<BR><BR>I SEE A: ' . $orders_query_raw . '<BR><BR>';
  746. } elseif ($_GET['status'] != '')
  747. {
  748. $status = zen_db_prepare_input($_GET['status']);
  749. $orders_query_raw = "select o.orders_id, o.order_no,o.customers_id, o.customers_name, o.payment_method, o.shipping_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total" .
  750. $new_fields . "
  751. from ((" . TABLE_ORDERS . " o, " .
  752. TABLE_ORDERS_STATUS . " s) " .
  753. $new_table . ")
  754. left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id) " . "
  755. where o.orders_status = s.orders_status_id and s.language_id = '" . (int)$_SESSION['languages_id'] . "' and s.orders_status_id = '" . (int)$status . "' and ot.class = 'ot_total' " .
  756. $search . " order by o.orders_id DESC";
  757. //echo '<BR><BR>I SEE B: ' . $orders_query_raw . '<BR><BR>';
  758. } else //relate with ips order id
  759. {
  760. $check_ips = $db->Execute("show tables like '%ips_transactions%'");
  761. if($check_ips->RecordCount()>0)
  762. {
  763. $orders_query_raw = "select " . $search_distinct . " o.orders_id, o.order_no,o.customers_id, o.customers_name, o.payment_method, o.shipping_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total, t.ips_order_id" .
  764. $new_fields . "
  765. from ((" . TABLE_ORDERS . " o, " .
  766. TABLE_ORDERS_STATUS . " s) " .
  767. $new_table . ")
  768. left join " . TABLE_ORDERS_TOTAL . " ot on o.orders_id = ot.orders_id " . "
  769. left join " . DB_PREFIX . "ips_transactions t on o.orders_id = t.order_id
  770. where (o.orders_status = s.orders_status_id and s.language_id = '" . (int)$_SESSION['languages_id'] . "' and ot.class = 'ot_total') " .
  771. $search . " order by o.orders_id DESC";
  772. }
  773. else
  774. {
  775. $orders_query_raw = "select " . $search_distinct . " o.orders_id,o.order_no, o.customers_id, o.customers_name, o.payment_method, o.shipping_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total" .
  776. $new_fields . "
  777. from ((" . TABLE_ORDERS . " o, " .
  778. TABLE_ORDERS_STATUS . " s) " .
  779. $new_table . ")
  780. left join " . TABLE_ORDERS_TOTAL . " ot on o.orders_id = ot.orders_id " . "
  781. where (o.orders_status = s.orders_status_id and s.language_id = '" . (int)$_SESSION['languages_id'] . "' and ot.class = 'ot_total') " .
  782. $search . " order by o.orders_id DESC";
  783. }
  784. //echo '<BR><BR>I SEE C: ' . $orders_query_raw . '<BR><BR>';
  785. }
  786. // Split Page
  787. // reset page when page is unknown
  788. if (($_GET['page'] == '' or $_GET['page'] <= 1) and $oID != '')
  789. {
  790. $check_page = $db->Execute($orders_query_raw);
  791. $check_count=1;
  792. if ($check_page->RecordCount() > MAX_DISPLAY_SEARCH_RESULTS_ORDERS)
  793. {
  794. while (!$check_page->EOF)
  795. {
  796. if ($check_page->fields['orders_id'] == $oID)
  797. {
  798. break;
  799. }
  800. $check_count++;
  801. $check_page->MoveNext();
  802. }
  803. $_GET['page'] = round((($check_count/MAX_DISPLAY_SEARCH_RESULTS_ORDERS)+(fmod_round($check_count,MAX_DISPLAY_SEARCH_RESULTS_ORDERS) !=0 ? .5 : 0)),0);
  804. } else
  805. {
  806. $_GET['page'] = 1;
  807. }
  808. }
  809. // $orders_query_numrows = '';
  810. $orders_split = new splitPageResults($_GET['page'], MAX_DISPLAY_SEARCH_RESULTS_ORDERS, $orders_query_raw, $orders_query_numrows);
  811. $orders = $db->Execute($orders_query_raw);
  812. while (!$orders->EOF)
  813. {
  814. if ((!isset($oID) || (isset($oID) && ($oID == $orders->fields['orders_id']))) && !isset($oInfo))
  815. {
  816. $oInfo = new objectInfo($orders->fields);
  817. }
  818. if (isset($oInfo) && is_object($oInfo) && ($orders->fields['orders_id'] == $oInfo->orders_id))
  819. {
  820. echo ' <tr id="defaultSelected" class="dataTableRowSelected" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->order_no . '&action=edit', 'NONSSL') . '\'">' . "\n";
  821. } else
  822. {
  823. echo ' <tr class="dataTableRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID')) . 'oID=' . $orders->fields['order_no'], 'NONSSL') . '\'">' . "\n";
  824. }
  825. $show_difference = '';
  826. if (($orders->fields['delivery_name'] != $orders->fields['billing_name'] and $orders->fields['delivery_name'] != ''))
  827. {
  828. $show_difference = zen_image(DIR_WS_IMAGES . 'icon_status_red.gif', TEXT_BILLING_SHIPPING_MISMATCH, 10, 10) . '&nbsp;';
  829. }
  830. if (($orders->fields['delivery_street_address'] != $orders->fields['billing_street_address'] and $orders->fields['delivery_street_address'] != ''))
  831. {
  832. $show_difference = zen_image(DIR_WS_IMAGES . 'icon_status_red.gif', TEXT_BILLING_SHIPPING_MISMATCH, 10, 10) . '&nbsp;';
  833. }
  834. $show_payment_type = $orders->fields['payment_module_code'] . '<br />' . $orders->fields['shipping_module_code'];
  835. ?>
  836. <td class="dataTableContent" align="left"><?php echo $orders->fields['order_no'];//echo $show_difference . $orders->fields['orders_id'] . ($orders->fields['ips_order_id']? "<br>" . $orders->fields['ips_order_id'] : ""); ?></td>
  837. <td class="dataTableContent" align="left" width="50"><?php echo $show_payment_type; ?></td>
  838. <td class="dataTableContent"><?php echo '<a href="' . zen_href_link(FILENAME_CUSTOMERS, 'cID=' . $orders->fields['customers_id'], 'NONSSL') . '">' . zen_image(DIR_WS_ICONS . 'preview.gif', ICON_PREVIEW . ' ' . TABLE_HEADING_CUSTOMERS) . '</a>&nbsp;' . $orders->fields['customers_name'] . ($orders->fields['customers_company'] != '' ? '<br />' . $orders->fields['customers_company'] : ''); ?></td>
  839. <td class="dataTableContent" align="right"><?php echo strip_tags($orders->fields['order_total']); ?></td>
  840. <td class="dataTableContent" align="center"><?php echo zen_datetime_short($orders->fields['date_purchased']); ?></td>
  841. <td class="dataTableContent" align="right"><?php echo $orders->fields['orders_status_name']; ?></td>
  842. <td class="dataTableContent" align="center"><?php echo (zen_get_orders_comments($orders->fields['orders_id']) == '' ? '' : zen_image(DIR_WS_IMAGES . 'icon_yellow_on.gif', TEXT_COMMENTS_YES, 16, 16)); ?></td>
  843. <td class="dataTableContent" align="right"><?php echo '<a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $orders->fields['order_no'] . '&action=edit', 'NONSSL') . '">' . zen_image(DIR_WS_IMAGES . 'icon_edit.gif', ICON_EDIT) . '</a>'; ?><?php if (isset($oInfo) && is_object($oInfo) && ($orders->fields['orders_id'] == $oInfo->orders_id))
  844. {
  845. echo zen_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', '');
  846. } else
  847. {
  848. echo '<a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID')) . 'oID=' . $orders->fields['orders_id'], 'NONSSL') . '">' . zen_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . '</a>';
  849. } ?>&nbsp;</td>
  850. </tr>
  851. <?php
  852. $orders->MoveNext();
  853. }
  854. ?>
  855. <tr>
  856. <td colspan="5"><table border="0" width="100%" cellspacing="0" cellpadding="2">
  857. <tr>
  858. <td class="smallText" valign="top"><?php echo $orders_split->display_count($orders_query_numrows, MAX_DISPLAY_SEARCH_RESULTS_ORDERS, $_GET['page'], TEXT_DISPLAY_NUMBER_OF_ORDERS); ?></td>
  859. <td class="smallText" align="right"><?php echo $orders_split->display_links($orders_query_numrows, MAX_DISPLAY_SEARCH_RESULTS_ORDERS, MAX_DISPLAY_PAGE_LINKS, $_GET['page'], zen_get_all_get_params(array('page', 'oID', 'action'))); ?></td>
  860. </tr>
  861. <?php
  862. if (isset($_GET['search']) && zen_not_null($_GET['search']))
  863. {
  864. ?>
  865. <tr>
  866. <td class="smallText" align="right" colspan="2">
  867. <?php
  868. echo '<a href="' . zen_href_link(FILENAME_ORDERS, '', 'NONSSL') . '">' . zen_image_button('button_reset.gif', IMAGE_RESET) . '</a>';
  869. if (isset($_GET['search']) && zen_not_null($_GET['search']))
  870. {
  871. $keywords = zen_db_input(zen_db_prepare_input($_GET['search']));
  872. echo '<br/ >' . TEXT_INFO_SEARCH_DETAIL_FILTER . $keywords;
  873. }
  874. ?>
  875. </td>
  876. </tr>
  877. <?php
  878. }
  879. ?>
  880. </table></td>
  881. </tr>
  882. </table></td>
  883. <?php
  884. $heading = array();
  885. $contents = array();
  886. switch ($action)
  887. {
  888. case 'delete':
  889. $heading[] = array('text' => '<strong>' . TEXT_INFO_HEADING_DELETE_ORDER . '</strong>');
  890. $contents = array('form' => zen_draw_form('orders', FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->order_no . '&action=deleteconfirm', 'post', '', true));
  891. // $contents[] = array('text' => TEXT_INFO_DELETE_INTRO . '<br /><br /><strong>' . $cInfo->customers_firstname . ' ' . $cInfo->customers_lastname . '</strong>');
  892. $contents[] = array('text' => TEXT_INFO_DELETE_INTRO . '<br /><br /><strong>' . ENTRY_ORDER_ID . $oInfo->orders_id . '<br />' . $oInfo->order_total . '<br />' . $oInfo->customers_name . ($oInfo->customers_company != '' ? '<br />' . $oInfo->customers_company : '') . '</strong>');
  893. $contents[] = array('text' => '<br />' . zen_draw_checkbox_field('restock') . ' ' . TEXT_INFO_RESTOCK_PRODUCT_QUANTITY);
  894. $contents[] = array('align' => 'center', 'text' => '<br />' . zen_image_submit('button_delete.gif', IMAGE_DELETE) . ' <a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->order_no, 'NONSSL') . '">' . zen_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>');
  895. break;
  896. default:
  897. if (isset($oInfo) && is_object($oInfo))
  898. {
  899. $heading[] = array('text' => '<strong>[' . $oInfo->orders_id . ']&nbsp;&nbsp;' . zen_datetime_short($oInfo->date_purchased) . '</strong>');
  900. $contents[] = array('align' => 'center', 'text' => '<a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->order_no . '&action=edit', 'NONSSL') . '">' . zen_image_button('button_edit.gif', IMAGE_EDIT) . '</a> <a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->order_no . '&action=delete', 'NONSSL') . '">' . zen_image_button('button_delete.gif', IMAGE_DELETE) . '</a>');
  901. $contents[] = array('align' => 'center', 'text' => '<a href="' . zen_href_link(FILENAME_ORDERS_INVOICE, 'oID=' . $oInfo->orders_id) . '" TARGET="_blank">' . zen_image_button('button_invoice.gif', IMAGE_ORDERS_INVOICE) . '</a> <a href="' . zen_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $oInfo->orders_id) . '" TARGET="_blank">' . zen_image_button('button_packingslip.gif', IMAGE_ORDERS_PACKINGSLIP) . '</a>');
  902. $contents[] = array('text' => '<br />' . TEXT_DATE_ORDER_CREATED . ' ' . zen_date_short($oInfo->date_purchased));
  903. $contents[] = array('text' => '<br />' . $oInfo->customers_email_address);
  904. $contents[] = array('text' => TEXT_INFO_IP_ADDRESS . ' ' . $oInfo->ip_address);
  905. if (zen_not_null($oInfo->last_modified)) $contents[] = array('text' => TEXT_DATE_ORDER_LAST_MODIFIED . ' ' . zen_date_short($oInfo->last_modified));
  906. $contents[] = array('text' => '<br />' . TEXT_INFO_PAYMENT_METHOD . ' ' . $oInfo->payment_method);
  907. $contents[] = array('text' => '<br />' . ENTRY_SHIPPING . ' ' . $oInfo->shipping_method);
  908. // check if order has open gv
  909. $gv_check = $db->Execute("select order_id, unique_id
  910. from " . TABLE_COUPON_GV_QUEUE ."
  911. where order_id = '" . $oInfo->orders_id . "' and release_flag='N' limit 1");
  912. if ($gv_check->RecordCount() > 0)
  913. {
  914. $goto_gv = '<a href="' . zen_href_link(FILENAME_GV_QUEUE, 'order=' . $oInfo->orders_id) . '">' . zen_image_button('button_gift_queue.gif',IMAGE_GIFT_QUEUE) . '</a>';
  915. $contents[] = array('text' => '<br />' . zen_image(DIR_WS_IMAGES . 'pixel_black.gif','','100%','3'));
  916. $contents[] = array('align' => 'center', 'text' => $goto_gv);
  917. }
  918. }
  919. // indicate if comments exist
  920. $orders_history_query = $db->Execute("select orders_status_id, date_added, customer_notified, comments from " . TABLE_ORDERS_STATUS_HISTORY . " where orders_id = '" . $oInfo->orders_id . "' and comments !='" . "'" );
  921. if ($orders_history_query->RecordCount() > 0)
  922. {
  923. $contents[] = array('align' => 'left', 'text' => '<br />' . TABLE_HEADING_COMMENTS);
  924. }
  925. $contents[] = array('text' => '<br />' . zen_image(DIR_WS_IMAGES . 'pixel_black.gif','','100%','3'));
  926. $order = new order($oInfo->orders_id);
  927. $contents[] = array('text' => 'Products Ordered: ' . sizeof($order->products) );
  928. for ($i=0; $i<sizeof($order->products); $i++)
  929. {
  930. $contents[] = array('text' => $order->products[$i]['qty'] . '&nbsp;x&nbsp;' . $order->products[$i]['name']);
  931. if (sizeof($order->products[$i]['attributes']) > 0)
  932. {
  933. for ($j=0; $j<sizeof($order->products[$i]['attributes']); $j++)
  934. {
  935. $contents[] = array('text' => '&nbsp;<i> - ' . $order->products[$i]['attributes'][$j]['option'] . ': ' . nl2br(zen_output_string_protected($order->products[$i]['attributes'][$j]['value'])) . '</i></nobr>' );
  936. }
  937. }
  938. if ($i > MAX_DISPLAY_RESULTS_ORDERS_DETAILS_LISTING and MAX_DISPLAY_RESULTS_ORDERS_DETAILS_LISTING != 0)
  939. {
  940. $contents[] = array('align' => 'left', 'text' => TEXT_MORE);
  941. break;
  942. }
  943. }
  944. if (sizeof($order->products) > 0)
  945. {
  946. $contents[] = array('align' => 'center', 'text' => '<a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->order_no . '&action=edit', 'NONSSL') . '">' . zen_image_button('button_edit.gif', IMAGE_EDIT) . '</a>');
  947. }
  948. break;
  949. }
  950. if ( (zen_not_null($heading)) && (zen_not_null($contents)) )
  951. {
  952. echo ' <td width="25%" valign="top">' . "\n";
  953. $box = new box;
  954. echo $box->infoBox($heading, $contents);
  955. echo ' </td>' . "\n";
  956. }
  957. ?>
  958. </tr>
  959. </table></td>
  960. </tr>
  961. <?php
  962. }
  963. ?>
  964. </table></td>
  965. <!-- body_text_eof //-->
  966. </tr>
  967. </table>
  968. <!-- body_eof //-->
  969. <!-- footer //-->
  970. <div class="footer-area">
  971. <?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
  972. </div>
  973. <!-- footer_eof //-->
  974. <br />
  975. </body>
  976. </html>
  977. <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>