orders.php | searchcode

/application/views/pages/admin/orders.php

https://bitbucket.org/chadsaun/ifrogz-panel
PHP | 3632 lines | 3378 code | 93 blank | 161 comment | 598 complexity | 5d53a8d440d44d051d9c45bcfbb6f31a MD5 | raw file

<?php
include('init.php');
if (strstr($_SERVER['HTTP_HOST'], ':8888')) {
	include_once('kohanabase/kohana.php');
} else {
	include_once(IFZROOT.'kohana.php');
}

if ($_POST["return_status_search"]=="")$_SESSION["return_status_search"]="";
else if ($_POST["return_status_search"]!="")$_SESSION["return_status_search"]=$_POST["return_status_search"];
//showarray($_POST);
//$_SESSION['counter']=0;
//$_SESSION['counter_id']=0;
//This code is copyright (c) Internet Business Solutions SL, all rights reserved.
//The contents of this file are protect under law as the intellectual property of Internet
//Business Solutions SL. Any use, reproduction, disclosure or copying of any kind 
//without the express and written permission of Internet Business Solutions SL is forbidden.
//Author: Vince Reid, vince@virtualred.net
include(APPPATH.'views/pages/admin/cartmisc.php');
//session_register('order_id_commas');
$lisuccess=0;
if(@$dateadjust=="") $dateadjust=0;
if(@$dateformatstr == "") $dateformatstr = "m/d/Y";
$admindatestr="Y-m-d";
if(@$admindateformat=="") $admindateformat=0;
if($admindateformat==1)
	$admindatestr="m/d/Y";
elseif($admindateformat==2)
	$admindatestr="d/m/Y";
if(@$storesessionvalue=="") $storesessionvalue="virtualstore".time();
if(@$_GET["doedit"]=="true") $doedit=TRUE; else $doedit=FALSE;
function editfunc($data,$col,$size){
	global $doedit;
	if($doedit) return('<input type="text" id="' . $col . '" name="' . $col . '" value="' . str_replace('"','&quot;',$data) . '" size="' . $size . '">'); else return($data);
}
function editnumeric($data,$col,$size){
	global $doedit;
	if($doedit) return('<input type="text" id="' . $col . '" name="' . $col . '" value="' . number_format($data,2,'.','') . '" size="' . $size . '">'); else return(FormatEuroCurrency($data));
}
if(@$_SESSION["loggedon"] != $storesessionvalue && trim(@$_COOKIE["WRITECKL"])!=""){
	$config_admin = RBI_Kohana::config('database.default_admin.connection');

	$db_admin = mysql_connect($config['hostname'], $config['username'], $config['password']);
	mysql_select_db($config['database']) or die ('DB Admin connection failed.</td></tr></table></body></html>');
	$rbiSQL = 'SELECT * 
			   FROM employee 
			   WHERE username="'.mysql_real_escape_string(unstripslashes(trim(@$_COOKIE["WRITECKL"]))).'" and password="'.mysql_real_escape_string(unstripslashes(trim(@$_COOKIE["WRITECKP"]))).'"';
	$rs_rbi = mysql_query($rbiSQL, $db_admin);
	if(mysql_num_rows($rs_rbi) > 0) {
		@$_SESSION["loggedon"] = $storesessionvalue;
	}else{
		$lisuccess=2;
	}
	mysql_free_result($rs_rbi);
	
	include(APPPATH.'views/partials/admin/dbconnection.php');
}
if(($_SESSION["loggedon"] != $storesessionvalue && $lisuccess!=2) || @$disallowlogin==TRUE) exit;
if(@$htmlemails==TRUE) $emlNl = "<br />"; else $emlNl="\n";
//old release_stock function was here
if($lisuccess==2){
?>
	  <table border="0" cellspacing="0" cellpadding="0" width="100%" bgcolor="" align="center">
        <tr>
          <td width="100%">
            <table width="100%" border="0" cellspacing="0" cellpadding="2" bgcolor="">
			  <tr> 
                <td width="100%" colspan="4" align="center"><p>&nbsp;</p><p>&nbsp;</p>
				  <p><strong><?php print $yyOpFai?></strong></p><p>&nbsp;</p>
				  <p><?php print $yyCorCoo?> <?php print $yyCorLI?> <a href="/admin/login.php"><?php print $yyClkHer?></a>.</p>
				</td>
			  </tr>
			</table>
		  </td>
		</tr>
	  </table>
<?php
}else{
$success=true;
$alreadygotadmin = getadminsettings();
if(@$_POST["updatestatus"]=="1"){
	// updates returns and adds to history
	$result_r=mysql_query("SELECT ordReturnID FROM orders WHERE ordID=".$_POST["orderid"]);
	$row_r=mysql_fetch_assoc($result_r);
	//echo $row_r["ordReturnID"]."=".$_POST["return_status"];
	//exit;
	if($row_r["ordReturnID"]!=$_POST["return_status"] && $_POST["return_status"]>0 ){
		$sql_return_history="INSERT INTO order_returns_history (ordID,reasonID,returnID,date_added) 
		VALUES(".$_POST["orderid"].",".$_POST["return_reason"].",".$_POST["return_status"].",'".date('Y-m-d H:i:s')."')";
		//echo $sql_return_history;
		//exit;
		mysql_query($sql_return_history);
	}
	// end
	mysql_query("UPDATE orders SET ordStatusInfo='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["ordStatusInfo"]))) ."', ordSupportInfo='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["ordSupportInfo"]))) . "' , ordReturnID='" . trim(@$_POST["return_status"]) . "' WHERE ordID=" . @$_POST["orderid"]) or print(mysql_error());
}elseif(@$_GET["id"] != ""){
	// Commented out below code because we put this into a cron job
	/*if(@$_POST["delccdets"] != ""){
		mysql_query("UPDATE orders SET ordCNum='' WHERE ordID=" . @$_GET["id"]);
	}*/
	$sSQL = "SELECT c.cartProdID,c.cartProdName,c.cartProdPrice,c.cartQuantity,c.cartID,p.pDownload,p.p_iscert,d.dsName,pInStock,pSell,c.cartReason,c.cartNote FROM cart c, products p LEFT JOIN dropshipper d ON p.pDropship=d.dsID WHERE c.cartProdID=p.pID AND c.cartOrderID=" . $_GET["id"];
	$allorders = mysql_query($sSQL) or print(mysql_error().$sSQL);
}else{
	// Delete old uncompleted orders.
	//   Commented out below code because we put this into a daily cron job (delcc.php)
	/*if($delccafter != 0){
		$sSQL = "UPDATE orders SET ordCNum='' WHERE ordDate<'" . date("Y-m-d H:i:s", time()-($delccafter*60*60*24)) . "'";
		mysql_query($sSQL) or print(mysql_error().$sSQL);
	}*/
	/*if($delAfter != 0){
		$sSQL = "SELECT cartOrderID,cartID FROM cart WHERE cartCompleted=0 AND cartDateAdded<'" . date("Y-m-d H:i:s", time()-($delAfter*60*60*24)) . "'";
		$result = mysql_query($sSQL) or print(mysql_error().$sSQL);
		if(mysql_num_rows($result)>0){
			$delStr="";
			$delOptions="";
			$addcomma = "";
			while($rs = mysql_fetch_assoc($result)){
				$delStr .= $addcomma . $rs["cartOrderID"];
				$delOptions .= $addcomma . $rs["cartID"];
				$addcomma = ",";
			}
			mysql_query("DELETE FROM orders WHERE ordID IN (" . $delStr . ")") or print(mysql_error());
			mysql_query("DELETE FROM cartoptions WHERE coCartID IN (" . $delOptions . ")") or print(mysql_error());
			mysql_query("DELETE FROM cart WHERE cartID IN (" . $delOptions . ")") or print(mysql_error());
		}
		mysql_free_result($result);
	}else{
		$sSQL = "SELECT cartOrderID,cartID FROM cart WHERE cartCompleted=0 AND cartOrderID=0 AND cartDateAdded<'" . date("Y-m-d H:i:s", time()-(3*60*60*24)) . "'";
		$result = mysql_query($sSQL) or print(mysql_error().$sSQL);
		if(mysql_num_rows($result)>0){
			$delStr="";
			$delOptions="";
			$addcomma = "";
			while($rs = mysql_fetch_assoc($result)){
				$delStr .= $addcomma . $rs["cartOrderID"];
				$delOptions .= $addcomma . $rs["cartID"];
				$addcomma = ",";
			}
			mysql_query("DELETE FROM cartoptions WHERE coCartID IN (" . $delOptions . ")") or print(mysql_error());
			mysql_query("DELETE FROM cart WHERE cartID IN (" . $delOptions . ")") or print(mysql_error());
		}
		mysql_free_result($result);
	}*/
	$numstatus=0;
	$sSQL = "SELECT statID,statPrivate FROM orderstatus WHERE statPrivate<>'' ORDER BY statID";
	$result = mysql_query($sSQL) or print(mysql_error().$sSQL);
	while($rs = mysql_fetch_assoc($result)){
		$allstatus[$numstatus++]=$rs;
	}
	mysql_free_result($result);
}
if(@$_POST["updatestatus"]=="1"){
?>
<script language="JavaScript" type="text/javascript">
<!--
setTimeout("history.go(-2);",1100);
// -->
</script>
	  <table border="0" cellspacing="0" cellpadding="0" width="100%" bgcolor="" align="center">
        <tr>
          <td width="100%">
            <table width="100%" border="0" cellspacing="0" cellpadding="2" bgcolor="">
			  <tr> 
                <td width="100%" colspan="4" align="center"><br /><strong><?php print $yyUpdSuc?></strong><br /><br /><?php print $yyNowFrd?><br /><br />
                        <?php print $yyNoAuto?> <a href="javascript:history.go(-2)"><strong><?php print $yyClkHer?></strong></a>.<br /><br />
						<img src="/lib/images/misc/clearpixel.gif" width="300" height="3" alt="" /></td>
			  </tr>
			</table>
		  </td>
		</tr>
	  </table>
<?php
}elseif(!empty($_POST["getdownload"])){
	$sql_down="SELECT * FROM digitaldownloads WHERE type='".$_POST['downloadtype']."' AND active=1 AND orderID=0 LIMIT ".$_POST['downQty'];
	$result_down=mysql_query($sql_down);
	$num_rows_download=mysql_num_rows($result_down);
	if($num_rows_download>0){
		$error=FALSE;
		while($row_download=mysql_fetch_assoc($result_down)){
			$sql_update="UPDATE digitaldownloads SET active=0, orderID=".$_POST['downOrder']." WHERE id=".$row_download['id'];
			$result_update=mysql_query($sql_update);
			if(!$result_update) $error=TRUE;
		}
		if(!$error) $pg_msg= 'Update Successful.';
		else $pg_msg= 'Update Unsuccessful.';
	} else $pg_msg= 'NO License and Password Available.';
	$auto_link = "/admin/orders.php?id=".$_POST['downOrder']."&doedit=true";
	if(!$clone_error) {
			
		}else{
			$auto_link = "/admin/orders.php";
		}
	
	?>
	 <script language="JavaScript" type="text/javascript">
	<!--
	setTimeout("window.location='/admin/orders.php?id=<?=$_POST['downOrder']?>&doedit=true'",4000);
	// -->
	</script>
	 <table border="0" cellspacing="0" cellpadding="0" width="100%" bgcolor="" align="center">
        <tr>
          <td width="100%">
            <table width="100%" border="0" cellspacing="0" cellpadding="2" bgcolor="">
			  <tr> 
                <td width="100%" colspan="4" align="center"><br /><strong><?=$pg_msg?></strong><br /><br />You will now be forwarded to view the order.<br /><br />
                        <?php print $yyNoAuto?> <a href="<?=$auto_link?>"><strong><?php print $yyClkHer?></strong></a>.<br /><br />
						<img src="/lib/images/misc/clearpixel.gif" width="300" height="3" alt="" /></td>
			  </tr>
			</table>
		  </td>
		</tr>
</table>
<? }elseif(!empty($_POST["giftcert"])){	  
	$giftcertOrderID=$_POST["giftcertOrderID"];
	$_SESSION['cert_prod']=$_POST["cert_prod"];
	create_certificate($giftcertOrderID);
	$auto_link = "/admin/orders.php?id=".$giftcertOrderID."&doedit=true";
	$pg_msg='Update Successful.';
	?>
	<script language="JavaScript" type="text/javascript">
	<!--
	setTimeout("window.location='/admin/orders.php?id=<?=$giftcertOrderID?>&doedit=true'",4000);
	// -->
	</script>
	 <table border="0" cellspacing="0" cellpadding="0" width="100%" bgcolor="" align="center">
        <tr>
          <td width="100%">
            <table width="100%" border="0" cellspacing="0" cellpadding="2" bgcolor="">
			  <tr> 
                <td width="100%" colspan="4" align="center"><br /><strong><?=$pg_msg?></strong><br /><br />You will now be forwarded to view the order.<br /><br />
                        <?php print $yyNoAuto?> <a href="<?=$auto_link?>"><strong><?php print $yyClkHer?></strong></a>.<br /><br />
						<img src="/lib/images/misc/clearpixel.gif" width="300" height="3" alt="" /></td>
			  </tr>
			</table>
		  </td>
		</tr>
</table>
<? }elseif(@$_POST["doedit"] == "true"){
	if(!empty($_POST['clone'])) {
		// update old order status after editing
		$ordstatusnew=$_POST["ordstatusnew"];
		$ordStatusInfo=mysql_real_escape_string(trim(unstripslashes($_POST["ordStatusInfo"])));
		$ordSupportInfo=mysql_real_escape_string(trim(unstripslashes($_POST["ordSupportInfo"])));
		$sql_status_update="UPDATE orders SET ordStatus=".$ordstatusnew.",ordStatusInfo='".$ordStatusInfo."',ordSupportInfo='".$ordSupportInfo."' WHERE ordID=".$_POST["orderid"];
		mysql_query($sql_status_update) or print(mysql_error().$sql_status_update);
		if(!setNewLocation( $ordstatusnew , $_POST["orderid"],'Manual' )) print("Unable to record status change.");

		// stock manage
		if($ordstatusnew>=3 && $ordstatusnew!=10 && $ordstatusnew!=17) {
			mysql_query("UPDATE cart SET cartCompleted=0 WHERE cartOrderID=" . $_POST["orderid"]) or print(mysql_error());
			do_stock_management($_POST["orderid"]); 
			mysql_query("UPDATE cart SET cartCompleted=1 WHERE cartOrderID=" . $_POST["orderid"]) or print(mysql_error());
		}
		// GET ALL THE INFORMATION TO CLONE THE ORDER
		//   - To clone an order we need to duplicate the order's information in the orders, cart, and cartoptions tables
		$aNewOrder = array();
		
		$sql_orders = "SELECT * FROM orders WHERE ordID = " . $_POST["orderid"] ;
		$res_orders = mysql_query($sql_orders) or print(mysql_error().$sql_orders);
		$row_orders = mysql_fetch_assoc($res_orders);
		$aNewOrder["orders"] = $row_orders;
		$aNewOrder["orders"]["ordName"]=mysql_real_escape_string($row_orders["ordName"]);
		$aNewOrder["orders"]["ordShipName"]=mysql_real_escape_string($row_orders["ordShipName"]);
		if ($row_orders["ordShipCountry"] != "") {
			 if ($row_orders["ordShipCountry"] == "United States of America") $aNewOrder["orders"]["ordShipType"]='Standard';
		} else {
			 if ($row_orders["ordCountry"] == "United States of America") $aNewOrder["orders"]["ordShipType"]='Standard';
		}
		
		$sql_cart = "SELECT * FROM cart c LEFT JOIN cartoptions co ON c.cartID = co.coCartID
					 WHERE c.cartOrderID = " . $_POST["orderid"] . "
					 ORDER BY c.cartID, c.cartProdID";
		
		//echo $sql_cart; exit;
		$res_cart = mysql_query($sql_cart) or print(mysql_error().$sql_cart);
		$prod_id = '';
		$i=0;
		$j=0;
		$isfirst = true;
		while($row_cart = mysql_fetch_assoc($res_cart)) {
			if($isfirst) {
				$prod_id = $row_cart["cartProdID"];
			}
			if(($prod_id != $row_cart["cartProdID"]) && !$isfirst) {
				$i++;
				$j=0;
				$prod_id = $row_cart["cartProdID"];
			
				$aNewOrder["cart"][$i]["cartID"] = $row_cart["cartID"];
				$aNewOrder["cart"][$i]["cartSessionID"] = $row_cart["cartSessionID"];
				$aNewOrder["cart"][$i]["cartProdID"] = $row_cart["cartProdID"];
				$aNewOrder["cart"][$i]["cartProdName"] = $row_cart["cartProdName"];
				$aNewOrder["cart"][$i]["cartProdPrice"] = $row_cart["cartProdPrice"];
				$aNewOrder["cart"][$i]["cartDateAdded"] = $row_cart["cartDateAdded"];
				$aNewOrder["cart"][$i]["cartQuantity"] = $row_cart["cartQuantity"];
				$aNewOrder["cart"][$i]["cartOrderID"] = $row_cart["cartOrderID"];
				$aNewOrder["cart"][$i]["cartCompleted"] = $row_cart["cartCompleted"];
				$aNewOrder["cart"][$i]["cartCustID"] = $row_cart["cartCustID"];
				
				if(!empty($row_cart["coID"])){
					$aNewOrder["cart"][$i]["cartoptions"][$j]["coID"] = $row_cart["coID"];
					$aNewOrder["cart"][$i]["cartoptions"][$j]["coCartID"] = $row_cart["coCartID"];
					$aNewOrder["cart"][$i]["cartoptions"][$j]["coOptID"] = $row_cart["coOptID"];
					$aNewOrder["cart"][$i]["cartoptions"][$j]["coOptGroup"] = $row_cart["coOptGroup"];
					$aNewOrder["cart"][$i]["cartoptions"][$j]["coCartOption"] = $row_cart["coCartOption"];
					$aNewOrder["cart"][$i]["cartoptions"][$j]["coPriceDiff"] = $row_cart["coPriceDiff"];
					$aNewOrder["cart"][$i]["cartoptions"][$j]["coWeightDiff"] = $row_cart["coWeightDiff"];
					$aNewOrder["cart"][$i]["cartoptions"][$j]["coExtendShipping"] = $row_cart["coExtendShipping"];
					$j++;
				}
			}else{
				$aNewOrder["cart"][$i]["cartID"] = $row_cart["cartID"];
				$aNewOrder["cart"][$i]["cartSessionID"] = $row_cart["cartSessionID"];
				$aNewOrder["cart"][$i]["cartProdID"] = $row_cart["cartProdID"];
				$aNewOrder["cart"][$i]["cartProdName"] = $row_cart["cartProdName"];
				$aNewOrder["cart"][$i]["cartProdPrice"] = $row_cart["cartProdPrice"];
				$aNewOrder["cart"][$i]["cartDateAdded"] = $row_cart["cartDateAdded"];
				$aNewOrder["cart"][$i]["cartQuantity"] = $row_cart["cartQuantity"];
				$aNewOrder["cart"][$i]["cartOrderID"] = $row_cart["cartOrderID"];
				$aNewOrder["cart"][$i]["cartCompleted"] = $row_cart["cartCompleted"];
				$aNewOrder["cart"][$i]["cartCustID"] = $row_cart["cartCustID"];
				
				if(!empty($row_cart["coID"])){
					$aNewOrder["cart"][$i]["cartoptions"][$j]["coID"] = $row_cart["coID"];
					$aNewOrder["cart"][$i]["cartoptions"][$j]["coCartID"] = $row_cart["coCartID"];
					$aNewOrder["cart"][$i]["cartoptions"][$j]["coOptID"] = $row_cart["coOptID"];
					$aNewOrder["cart"][$i]["cartoptions"][$j]["coOptGroup"] = $row_cart["coOptGroup"];
					$aNewOrder["cart"][$i]["cartoptions"][$j]["coCartOption"] = $row_cart["coCartOption"];
					$aNewOrder["cart"][$i]["cartoptions"][$j]["coPriceDiff"] = $row_cart["coPriceDiff"];
					$aNewOrder["cart"][$i]["cartoptions"][$j]["coWeightDiff"] = $row_cart["coWeightDiff"];
					$aNewOrder["cart"][$i]["cartoptions"][$j]["coExtendShipping"] = $row_cart["coExtendShipping"];
					$j++;
				}
			}
			$isfirst = false;
		}
		
		//showarray($aNewOrder); exit;
		
		// UPDATE SOME OF THE INFORMATION FOR THE CLONED ORDER
		$aNewOrder["orders"]["ordID"] = '';
		$aNewOrder["orders"]["ordSessionID"] = session_id();
		$aNewOrder["orders"]["ordAuthNumber"] = 'CLONED';
		$aNewOrder["orders"]["ordTransID"] = 0;
		$aNewOrder["orders"]["ordShipping"] = 0;
		$aNewOrder["orders"]["ordStateTax"] = 0;
		$aNewOrder["orders"]["ordCountryTax"] = 0;
		$aNewOrder["orders"]["ordHSTTax"] = 0;
		$aNewOrder["orders"]["ordHandling"] = 0;
		$aNewOrder["orders"]["ordTotal"] = 0;
		$aNewOrder["orders"]["ordDate"] = date("Y-m-d H:i:s");
		$aNewOrder["orders"]["ordIP"] = $_SERVER['REMOTE_ADDR'];
		$aNewOrder["orders"]["ordDiscount"] = 0;
		$aNewOrder["orders"]["ordDiscountText"] = '';
		$aNewOrder["orders"]["ordStatus"] = 2;
		$aNewOrder["orders"]["ordStatusDate"] = date("Y-m-d H:i:s");
		$aNewOrder["orders"]["ordStatusInfo"] = '';
		$aNewOrder["orders"]["ordSupportInfo"] = '';
		$aNewOrder["orders"]["order_changed"] = 'no';
		
		for($i=0; $i<count($aNewOrder["cart"]); $i++) {
			$aNewOrder["cart"][$i]["cartSessionID"] = session_id();
			$aNewOrder["cart"][$i]["cartDateAdded"] = date("Y-m-d H:i:s");
		}
		
		//showarray($aNewOrder); exit;
		
		// CREATE CLONED ORDER
		$clone_error = false;
		$sql_cr_ord = "INSERT INTO orders ( ordSessionID , ordName , ordAddress , ordAddress2 , ordCity , ordState , 
											ordZip , ordCountry , ordEmail , ordPhone , ordShipName , ordShipAddress , 
											ordShipAddress2 , ordShipCity , ordShipState , ordShipZip , ordShipCountry , 
											ordAuthNumber , ordAffiliate , ordPayProvider , ordTransID , ordShipping , 
											ordStateTax , ordCountryTax , ordHSTTax , ordHandling , ordShipType , ordTotal , 
											ordDate , ordIP , ordDiscount , ordDiscountText , ordExtra1 , ordExtra2 , ordAddInfo , 
											ordCNum , ordComLoc , ordStatus , ordStatusDate , ordStatusInfo , ordPoApo , 
											ordShipPoApo , ordHowFound , ordSupportInfo , order_changed , ordPmtMessage , 
											ordCCType , ord_cert_id , ord_cert_amt , ordExtra3 , ordExtra4 , ordExtra5 , ordEID , 
											ordEOrderID )
						VALUES ( '".$aNewOrder["orders"]["ordSessionID"]."' , 
								 '".$aNewOrder["orders"]["ordName"]."' , '".mysql_real_escape_string($aNewOrder["orders"]["ordAddress"])."' , 
								 '".mysql_real_escape_string($aNewOrder["orders"]["ordAddress2"])."' , '".$aNewOrder["orders"]["ordCity"]."' ,
								 '".mysql_real_escape_string($aNewOrder["orders"]["ordState"])."' , '".$aNewOrder["orders"]["ordZip"]."' ,
								 '".$aNewOrder["orders"]["ordCountry"]."' , '".$aNewOrder["orders"]["ordEmail"]."' , 
								 '".$aNewOrder["orders"]["ordPhone"]."' , '".$aNewOrder["orders"]["ordShipName"]."' , 
								 '".mysql_real_escape_string($aNewOrder["orders"]["ordShipAddress"])."' , '".mysql_real_escape_string($aNewOrder["orders"]["ordShipAddress2"])."' ,
								 '".mysql_real_escape_string($aNewOrder["orders"]["ordShipCity"])."' , '".mysql_real_escape_string($aNewOrder["orders"]["ordShipState"])."' ,
								 '".$aNewOrder["orders"]["ordShipZip"]."' , '".$aNewOrder["orders"]["ordShipCountry"]."' , 
								 '".$aNewOrder["orders"]["ordAuthNumber"]."' , '".$aNewOrder["orders"]["ordAffiliate"]."' , 
								 '".$aNewOrder["orders"]["ordPayProvider"]."' , '".$aNewOrder["orders"]["ordTransID"]."' , 
								 '".$aNewOrder["orders"]["ordShipping"]."' , '".$aNewOrder["orders"]["ordStateTax"]."' , 
								 '".$aNewOrder["orders"]["ordCountryTax"]."' , '".$aNewOrder["orders"]["ordHSTTax"]."' , 
								 '".$aNewOrder["orders"]["ordHandling"]."' , '".$aNewOrder["orders"]["ordShipType"]."' , 
								 '".$aNewOrder["orders"]["ordTotal"]."' , '".$aNewOrder["orders"]["ordDate"]."' , 
								 '".$aNewOrder["orders"]["ordIP"]."' , '".$aNewOrder["orders"]["ordDiscount"]."' , 
								 '".$aNewOrder["orders"]["ordDiscountText"]."' , '".$aNewOrder["orders"]["ordExtra1"]."' , 
								 '".$aNewOrder["orders"]["ordExtra2"]."' , '".mysql_real_escape_string($aNewOrder["orders"]["ordAddInfo"])."' , 
								 '".$aNewOrder["orders"]["ordCNum"]."' , '".$aNewOrder["orders"]["ordComLoc"]."' , 
								 '".$aNewOrder["orders"]["ordStatus"]."' , '".$aNewOrder["orders"]["ordStatusDate"]."' , 
								 '".mysql_real_escape_string($aNewOrder["orders"]["ordStatusInfo"])."' , '".$aNewOrder["orders"]["ordPoApo"]."' , 
								 '".$aNewOrder["orders"]["ordShipPoApo"]."' , '".$aNewOrder["orders"]["ordHowFound"]."' , 
								 '".mysql_real_escape_string($aNewOrder["orders"]["ordSupportInfo"])."' , '".$aNewOrder["orders"]["order_changed"]."' , 
								 '".$aNewOrder["orders"]["ordPmtMessage"]."' , '".$aNewOrder["orders"]["ordCCType"]."' , 
								 '".$aNewOrder["orders"]["ord_cert_id"]."' , '".$aNewOrder["orders"]["ord_cert_amt"]."' , 
								 '".$aNewOrder["orders"]["ordExtra3"]."' , '".$aNewOrder["orders"]["ordExtra4"]."' , 
								 '".$aNewOrder["orders"]["ordExtra5"]."' , '".$aNewOrder["orders"]["ordEID"]."' , 
								 '".$aNewOrder["orders"]["ordEOrderID"]."' )";
		//echo $sql_cr_ord; //exit;
		$res_cr_ord = mysql_query($sql_cr_ord);
		if(!$res_cr_ord) {
			print(mysql_error().$sql_cr_ord);
			$clone_error = true;
		}
		$ordID = mysql_insert_id();
		$aNewOrder["orders"]["ordID"] = $ordID;
		//showarray($aNewOrder);
		if(!$clone_error) {
			for($i=0; $i<count($aNewOrder["cart"]); $i++) {	
				$aNewOrder["cart"][$i]["cartOrderID"] = $ordID;
				$sql_cr_cart = "INSERT INTO cart ( cartSessionID , cartProdID , cartProdName , cartProdPrice , cartDateAdded , 
												   cartQuantity , cartOrderID , cartCompleted )
								VALUES ( '".session_id()."' , '".$aNewOrder["cart"][$i]["cartProdID"]."' , 
										 '".$aNewOrder["cart"][$i]["cartProdName"]."' , '".$aNewOrder["cart"][$i]["cartProdPrice"]."' , 
										 '".date("Y-m-d H:i:s")."' , '".$aNewOrder["cart"][$i]["cartQuantity"]."' , 
										 '".$aNewOrder["cart"][$i]["cartOrderID"]."' , 1 )";
				//echo $sql_cr_cart; //exit;
				$res_cr_cart = mysql_query($sql_cr_cart) or print(mysql_error().$sql_cr_cart);
				$cart_id = mysql_insert_id();
				$aNewOrder["cart"][$i]["cartID"] = $cart_id;
				
				for($j=0; $j<count($aNewOrder["cart"][$i]["cartoptions"]); $j++) {
					$sql_cr_cartoptions = "INSERT INTO cartoptions ( coCartID , coOptID , coOptGroup , coCartOption , coPriceDiff , 
																	 coWeightDiff , coExtendShipping )
										   VALUES ( ".$aNewOrder["cart"][$i]["cartID"]." , 
													".$aNewOrder["cart"][$i]["cartoptions"][$j]["coOptID"]." , 
													'".$aNewOrder["cart"][$i]["cartoptions"][$j]["coOptGroup"]."' , 
													'".$aNewOrder["cart"][$i]["cartoptions"][$j]["coCartOption"]."' , 
													".$aNewOrder["cart"][$i]["cartoptions"][$j]["coPriceDiff"]." , 
													".$aNewOrder["cart"][$i]["cartoptions"][$j]["coWeightDiff"]." , 
													'".$aNewOrder["cart"][$i]["cartoptions"][$j]["coExtendShipping"]."' )";
					//echo $sql_cr_cartoptions; //exit;
					$res_cr_cartoptions = mysql_query($sql_cr_cartoptions) or print(mysql_error().$sql_cr_cartoptions);
				}
			}
			//exit;
			// UPDATE INVENTORY
			$sSQL="SELECT cartID,cartProdID,cartQuantity,pSell FROM cart INNER JOIN products ON cart.cartProdID=products.pID WHERE cartOrderID='" . $ordID . "'";
			$result1 = mysql_query($sSQL) or print(mysql_error().$sSQL);
			while($rs1 = mysql_fetch_array($result1)){
				if(($rs1["pSell"] & 2) == 2){
					// Determine extended shipping
					$sSQL2 = "SELECT coID,optStock,cartQuantity,coOptID,optExtend_shipping,optMin FROM cart INNER JOIN cartoptions ON cart.cartID=cartoptions.coCartID INNER JOIN options ON cartoptions.coOptID=options.optID INNER JOIN optiongroup ON options.optGroup=optiongroup.optGrpID WHERE (optType=2 OR optType=-2";
					// ADDED by Chad - Fix to allow quantity change for custom screenz
					//if(eregi("^[a-z]{1,3}-Custom$",$pID)) {
					if(preg_match("/^[a-z]{1,3}-Custom$/i",$pID)) {
						$sSQL2 .= " OR optType=3";
					}
					// ADD ENDED
					$sSQL2 .= ") AND cartID='" . $rs1['cartID'] . "'";
					$result2 = mysql_query($sSQL2) or print(mysql_error().$sSQL2);
					if(mysql_num_rows($result2)>0){
						while($rs2 = mysql_fetch_assoc($result2)){
							$pInStock = (int)$rs2["optStock"]+1000;
							$actualpInStock = (int)$rs2["optStock"];
							$extend_shipping = $rs2["optExtend_shipping"];//extends shipping time, displayed in the cart
							$min = $rs2["optMin"];//sets how many in stock above zero the extend_shipping is displayed in the cart 
							$coID = $rs2["coID"];
							$totQuant = 0;
							$cartQuantity = (int)$rs2["cartQuantity"];
							$sSQL3 = "SELECT SUM(cartQuantity) AS cartQuant FROM cart INNER JOIN cartoptions ON cart.cartID=cartoptions.coCartID WHERE cartCompleted=0 AND cartCustID=0 AND coOptID=" . $rs2["coOptID"];
							$result3 = mysql_query($sSQL3) or print(mysql_error().$sSQL3);
							if($rs3 = mysql_fetch_assoc($result3))
								if(! is_null($rs3["cartQuant"])) $totQuant = (int)$rs3["cartQuant"];
							mysql_free_result($result3);
							$extend='';
							//echo '<div style"position:absolute; z-index:100;>actual='.$actualpInStock.' total qty='.$totQuant. ' cart qty='.$cartQuantity.' min='. $min. ' new qty='.abs((int)$objValue).'</div>';
							if(($actualpInStock - $totQuant + $cartQuantity - $min) < 0) {
								$extend = $extend_shipping;
							}
							$sql_co="UPDATE cartoptions SET coExtendShipping='$extend' WHERE coID=".$coID;
								mysql_query($sql_co);
						}
					}
					// End of Determine extended shipping
					// Inventory get subtracted when set to authorized
					/*$sSQL = "SELECT coOptID FROM cartoptions INNER JOIN options ON cartoptions.coOptID=options.optID INNER JOIN optiongroup ON options.optGroup=optiongroup.optGrpID WHERE (optType=2 OR optType=-2) AND coCartID=" . $rs1["cartID"];
					$result2 = mysql_query($sSQL) or print(mysql_error());
					while($rs2 = mysql_fetch_array($result2)){
						$sSQL = "UPDATE options SET optStock=optStock-" . $rs1["cartQuantity"] . " WHERE optID=" . $rs2["coOptID"];
						mysql_query($sSQL) or print(mysql_error());
					}
					mysql_free_result($result2);*/
				//}else{
					//$sSQL = "UPDATE products SET pInStock=pInStock-" . $rs1["cartQuantity"] . " WHERE pID='" . $rs1["cartProdID"] . "'";
					//mysql_query($sSQL) or print(mysql_error());
				}
			}
			mysql_free_result($result1);
					
			// INSERT LOCATION
			setNewLocation(2,$ordID,'Manual');
			$sql_insert="INSERT INTO orderssplit (orgOrder,newOrder,movedCardIDs,splitType) VALUES (".$_POST["orderid"].",".$ordID.",'','Cloned')";
			$result_insert = mysql_query($sql_insert);
			if(!$result_insert) {print(mysql_error().$sql_insert);exit;}
		}
		
		if($clone_error) {
			$pg_msg = "There was a problem cloning your order.";
		}else{
			$pg_msg = "Your order has been cloned successfully.";
?>
<script language="JavaScript" type="text/javascript">
<!--
//setTimeout("history.go(-2);",1100);
setTimeout("window.location='/admin/orders.php?id=<?=$ordID?>&doedit=true'",4000);
// -->
</script>
<?php
		}
		
		if(!$clone_error) {
			$auto_link = "/admin/orders.php?id=$ordID&doedit=true";
		}else{
			$auto_link = "/admin/orders.php";
		}
?>
	  <table border="0" cellspacing="0" cellpadding="0" width="100%" bgcolor="" align="center">
        <tr>
          <td width="100%">
            <table width="100%" border="0" cellspacing="0" cellpadding="2" bgcolor="">
			  <tr> 
                <td width="100%" colspan="4" align="center"><br /><strong><?=$pg_msg?></strong><br /><br />You will now be forwarded to view the order.<br /><br />
                        <?php print $yyNoAuto?> <a href="<?=$auto_link?>"><strong><?php print $yyClkHer?></strong></a>.<br /><br />
						<img src="/lib/images/misc/clearpixel.gif" width="300" height="3" alt="" /></td>
			  </tr>
			</table>
		  </td>
		</tr>
	  </table>
<?php
	}else{
		$OWSP = "";
		$sSQL = "SELECT ordSessionID FROM orders WHERE ordID='" . $_POST["orderid"] . "'";
		$result = mysql_query($sSQL) or print(mysql_error().$sSQL);
		$rs = mysql_fetch_array($result);
		$thesessionid = $rs["ordSessionID"];
		mysql_free_result($result);
		$sSQL = "UPDATE orders SET ";
		$sSQL .= "ordName='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["name"]))) . "',";
		$sSQL .= "ordAddress='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["address"]))) . "',";
		if(@$useaddressline2==TRUE) $sSQL .= "ordAddress2='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["address2"]))) . "',";
		$sSQL .= "ordCity='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["city"]))) . "',";
		$sSQL .= "ordPoApo='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["APO"]))) . "',";
		$sSQL .= "ordState='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["state"]))) . "',";
		$sSQL .= "ordZip='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["zip"]))) . "',";
		$sSQL .= "ordCountry='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["country"]))) . "',";
		$sSQL .= "ordEmail='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["email"]))) . "',";
		$sSQL .= "ordPhone='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["phone"]))) . "',";
		$sSQL .= "ordShipName='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["sname"]))) . "',";
		$sSQL .= "ordShipAddress='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["saddress"]))) . "',";
		if(@$useaddressline2==TRUE) $sSQL .= "ordShipAddress2='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["saddress2"]))) . "',";
		$sSQL .= "ordShipCity='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["scity"]))) . "',";
		$sSQL .= "ordShipPoApo='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["ShipAPO"]))) . "',";
		$sSQL .= "ordShipState='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["sstate"]))) . "',";
		$sSQL .= "ordShipZip='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["szip"]))) . "',";
		$sSQL .= "ordShipCountry='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["scountry"]))) . "',";
		$sSQL .= "ordShipType='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["shipmethod"]))) . "',";
		$sSQL .= "ordIP='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["ipaddress"]))) . "',";
		$ordComLoc = 0;
		if(trim(@$_POST["commercialloc"])=="Y") $ordComLoc = 1;
		if(trim(@$_POST["wantinsurance"])=="Y") $ordComLoc += 2;
		$sSQL .= "ordComLoc=" . $ordComLoc . ",";
		$sSQL .= "ordAffiliate='" . trim(@$_POST["PARTNER"]) . "',";
		$sSQL .= "ordAddInfo='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["ordAddInfo"]))) . "',";
		$sSQL .= "ordStatus=" . $ordstatusnew . ",";
		$sSQL .= "ordStatusInfo='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["ordStatusInfo"]))) . "',";
		$sSQL .= "ordReturnID=". trim(@$_POST["return_status"]) . ",";		
		$sSQL .= "ordSupportInfo='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["ordSupportInfo"]))) . "',";
		$sSQL .= "order_changed='yes',";
		$sSQL .= "ordDiscountText='" . mysql_real_escape_string(trim(unstripslashes(@$_POST["discounttext"]))) . "',";
		$sSQL .= "ordExtra1='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["ordextra1"]))) . "',";
		$sSQL .= "ordExtra2='" . mysql_real_escape_string(unstripslashes(trim(@$_POST["ordextra2"]))) . "',";
		$sSQL .= "ordShipping='" . mysql_real_escape_string(trim(@$_POST["ordShipping"])) . "',";
		$sSQL .= "ordStateTax='" . mysql_real_escape_string(trim(@$_POST["ordStateTax"])) . "',";
		$sSQL .= "ordCountryTax='" . mysql_real_escape_string(trim(@$_POST["ordCountryTax"])) . "',";
		if(@$canadataxsystem==TRUE) $sSQL .= "ordHSTTax='" . mysql_real_escape_string(trim(@$_POST["ordHSTTax"])) . "',";
		$sSQL .= "ordDiscount='" . mysql_real_escape_string(trim(@$_POST["ordDiscount"])) . "',";
		$sSQL .= "ordHandling='" . mysql_real_escape_string(trim(@$_POST["ordHandling"])) . "',";
		$sSQL .= "ordAuthNumber='" . mysql_real_escape_string(trim(@$_POST["ordAuthNumber"])) . "',";
		$sSQL .= "ordTransID='" . mysql_real_escape_string(trim(@$_POST["ordTransID"])) . "',";
		$sSQL .= "ordTotal='" . mysql_real_escape_string(trim(@$_POST["ordtotal"])) . "',";
		$sSQL .= "ord_cert_amt='" . mysql_real_escape_string(trim(@$_POST["ord_cert_amt"])) . "'";
		$sSQL .= " WHERE ordID='" . $_POST["orderid"] . "'";
		mysql_query($sSQL) or print(mysql_error().$sSQL);
		
		if(!setNewLocation( $ordstatusnew , $_POST["orderid"],'Manual' )) print("Unable to record status change.");
		$msg='';
		foreach($_POST as $objItem => $objValue){
			//print $objItem . " : " . $objValue . "<br>";
			if(substr($objItem,0,6)=="prodid"){
				$idno = (int)substr($objItem, 6);
				$cartid = trim(@$_POST["cartid" . $idno]);
				$prodid = trim(@$_POST["prodid" . $idno]);
				$quant = trim(@$_POST["quant" . $idno]);
				$theprice = trim(@$_POST["price" . $idno]);
				$prodname = trim(@$_POST["prodname" . $idno]);
				$delitem = trim(@$_POST["del_" . $idno]);
				$certID = trim(@$_POST["certID" . $idno]);
				$reason = trim(@$_POST["reason_" . $idno]);
				$note = trim(@$_POST["note_" . $idno]);
				
				if($delitem=="yes"){
					// Added By Blake
					// Deletes License ID and Password from downloads
					$sql_check="SELECT p.pDownload,p.p_iscert,c.cartOrderID FROM products p, cart c WHERE p.pID=c.cartProdID AND c.cartID=".$cartid;
					$result_check=mysql_query($sql_check);
					$rs_check=mysql_fetch_assoc($result_check);
					if(!empty($rs_check["pDownload"])){
						$sql_down="UPDATE digitaldownloads SET active=1, orderID=0 WHERE orderID=".$rs_check['cartOrderID']." AND type='".$prodid."'";
						mysql_query($sql_down) or print(mysql_error().$sql_down);
					}
					//deletes gift cert
					if($rs_check["p_iscert"]==1 && !empty($certID)){
						$sql_cert="DELETE FROM certificates WHERE cert_id=".$certID;
						mysql_query($sql_cert) or print(mysql_error().$sql_cert);
					}
					//end
					mysql_query("DELETE FROM cart WHERE cartID=" . $cartid) or print(mysql_error());
					mysql_query("DELETE FROM cartoptions WHERE coCartID=" . $cartid) or print(mysql_error());
					$cartid = "";
				}elseif($cartid != ""){
					$sSQL = "UPDATE cart SET cartProdID='" . mysql_real_escape_string(trim(unstripslashes($prodid))) . "',cartProdPrice=" . $theprice . ",cartProdName='" . mysql_real_escape_string(trim(unstripslashes($prodname))) . "',cartQuantity=" . $quant . ", cartReason=" . $reason . ", cartNote='" . $note . "' WHERE cartID=" . $cartid;
					mysql_query($sSQL) or print(mysql_error().$sSQL);
					mysql_query("DELETE FROM cartoptions WHERE coCartID=" . $cartid) or print(mysql_error());
					//download license ID and Password
					$sql_check2="SELECT p.pDownload,p.p_iscert,c.cartOrderID,pID FROM products p, cart c WHERE p.pID=c.cartProdID AND c.cartID=".$cartid;
					$result_check2=mysql_query($sql_check2);
					$rs_check2=mysql_fetch_assoc($result_check2);
					if(!empty($rs_check2["pDownload"])){
						$sql_down_check="SELECT * FROM digitaldownloads WHERE type='".$rs_check2["pID"]."' AND orderID=".$_POST["orderid"];
						$result_down_check=mysql_query($sql_down_check);
						$num_rows_download_check=mysql_num_rows($result_down_check);
						$quantdownloads=$quant-$num_rows_download_check;
						if($quantdownloads>0){
							$sql_down1="SELECT * FROM digitaldownloads WHERE type='".$rs_check2["pID"]."' AND active=1 AND orderID=0 LIMIT ".$quantdownloads;
							$result_down1=mysql_query($sql_down1);
							$num_rows_download1=mysql_num_rows($result_down1);
							if($num_rows_download1>0){
								$error=FALSE;

								while($row_download1=mysql_fetch_assoc($result_down1)){
									$sql_update1="UPDATE digitaldownloads SET active=0, orderID=".$_POST["orderid"]." WHERE id=".$row_download1['id'];
									$result_update1=mysql_query($sql_update1);
									if(!$result_update1) $error=TRUE;
								}
							}
						}elseif($quantdownloads<0){
							$thisquantdownloads=$quantdownloads;
							while($row_down_check=mysql_fetch_assoc($result_down_check)){
								$sql_update2="UPDATE digitaldownloads SET active=1, orderID=0 WHERE id=".$row_down_check["id"];
								$result_update2=mysql_query($sql_update2);
								$thisquantdownloads++;
								if($thisquantdownloads==0) break;
							}
						}
					}
				}else{
					$sSQL = "INSERT INTO cart (cartSessionID,cartProdID,cartQuantity,cartCompleted,cartProdName,cartProdPrice,cartOrderID,cartReason,cartDateAdded) VALUES (";
					$sSQL .= "'" . $thesessionid . "',";
					$sSQL .= "'" . mysql_real_escape_string(trim(unstripslashes($prodid))) . "',";
					$sSQL .= $quant . ",";
					$sSQL .= "1,";
					$sSQL .= "'" . mysql_real_escape_string(trim(unstripslashes($prodname))) . "',";
					$sSQL .= "'" . $theprice . "',";
					$sSQL .= @$_POST["orderid"] . ",";
					if($reason=="") $reason=0;
					$sSQL .= $reason . ",";
					$sSQL .= "'" . date("Y-m-d H:i:s", time() + ($dateadjust*60*60)) . "')";
					mysql_query($sSQL) or print(mysql_error().$sSQL);
					$cartid = mysql_insert_id();
					//download license ID and Password
					$sql_check2="SELECT p.pDownload,p.p_iscert,c.cartOrderID,pID FROM products p, cart c WHERE p.pID=c.cartProdID AND c.cartID=".$cartid;
					$result_check2=mysql_query($sql_check2);
					$rs_check2=mysql_fetch_assoc($result_check2);

					if(!empty($rs_check2["pDownload"])){
						$sql_down1="SELECT * FROM digitaldownloads WHERE type='".$rs_check2["pID"]."' AND active=1 AND orderID=0 LIMIT ".$quant;
						$result_down1=mysql_query($sql_down1);
						$num_rows_download1=mysql_num_rows($result_down1);
						if($num_rows_download1>0){
							$error=FALSE;
							while($row_download1=mysql_fetch_assoc($result_down1)){
								$sql_update1="UPDATE digitaldownloads SET active=0, orderID=".$_POST["orderid"]." WHERE id=".$row_download1['id'];
								$result_update1=mysql_query($sql_update1);
								if(!$result_update1) $error=TRUE;
							}
						} else $pg_msg= 'NO License and Password Available.';
					}
				}
				if($cartid != ""){
					$optprefix = "optn" . $idno . '_';					
					$prefixlen = strlen($optprefix);
					$isemailcert=FALSE;
					foreach($_POST as $kk => $kkval){
						if(substr($kk,0,$prefixlen)==$optprefix && trim($kkval) != ''){
							$optidarr = explode('|', $kkval);
							$optid = $optidarr[0];
							if(@$_POST["v" . $kk] == ""){
								$sSQL="SELECT optID,".getlangid("optGrpName",16).",".getlangid("optName",32)."," . $OWSP . "optPriceDiff,optWeightDiff,optType,optFlags FROM options LEFT JOIN optiongroup ON options.optGroup=optiongroup.optGrpID WHERE optID='" . mysql_real_escape_string($kkval) . "'";
								$result = mysql_query($sSQL) or print(mysql_error().$sSQL);
								if($rs = mysql_fetch_array($result)){
									if($rs["optName"]=='Email') $isemailcert=TRUE;
									if(abs($rs["optType"]) != 3){
										$sSQL = "INSERT INTO cartoptions (coCartID,coOptID,coOptGroup,coCartOption,coPriceDiff,coWeightDiff) VALUES (" . $cartid . "," . $rs["optID"] . ",'" . mysql_real_escape_string($rs[getlangid("optGrpName",16)]) . "','" . mysql_real_escape_string($rs[getlangid("optName",32)]) . "',";
										$sSQL .= $optidarr[1] . ",0)";
									}else
										$sSQL = "INSERT INTO cartoptions (coCartID,coOptID,coOptGroup,coCartOption,coPriceDiff,coWeightDiff) VALUES (" . $cartid . "," . $rs["optID"] . ",'" . mysql_real_escape_string($rs[getlangid("optGrpName",16)]) . "','',0,0)";
									mysql_query($sSQL) or print(mysql_error().$sSQL);
								}
								mysql_free_result($result);
							}else{
								$sSQL="SELECT optID,".getlangid("optGrpName",16).",".getlangid("optName",32)." FROM options LEFT JOIN optiongroup ON options.optGroup=optiongroup.optGrpID WHERE optID='" . mysql_real_escape_string($kkval) . "'";
								$result = mysql_query($sSQL) or print(mysql_error().$sSQL);
								$rs = mysql_fetch_array($result);
								if($rs["optName"]=='Email') $isemailcert=TRUE;
								$sSQL = "INSERT INTO cartoptions (coCartID,coOptID,coOptGroup,coCartOption,coPriceDiff,coWeightDiff) VALUES (" . $cartid . "," . $rs["optID"] . ",'" . mysql_real_escape_string($rs[getlangid("optGrpName",16)]) . "','" . mysql_real_escape_string(unstripslashes(trim(@$_POST["v" . $kk]))) . "',0,0)";
								mysql_query($sSQL) or print(mysql_error().$sSQL);
								mysql_free_result($result);
							}
							//gift cert
							if($isemailcert){
								$giftcertOrderID=$_POST["orderid"];
								$_SESSION['cert_prod']=$prodid;
								create_certificate($giftcertOrderID);
							}
						}
					}
				}
			}			
		}
		//echo 'edit new='.$ordstatusnew.' '.$_POST["orderid"];
		$ordstatusnew=$_POST["ordstatusnew"];
		// stock manage
		if($ordstatusnew>=3 && $ordstatusnew!=10 && $ordstatusnew!=17) {
			mysql_query("UPDATE cart SET cartCompleted=0 WHERE cartOrderID=" . $_POST["orderid"]) or print(mysql_error());
			do_stock_management($_POST["orderid"]); //echo 'do_stock_management 2';
			mysql_query("UPDATE cart SET cartCompleted=1 WHERE cartOrderID=" . $_POST["orderid"]) or print(mysql_error());
		}
?>
	<script language="JavaScript" type="text/javascript">
	<!--
	//setTimeout("history.go(-2);",1100);
	setTimeout("window.location='/admin/orders.php?ordid=<?=$_POST["orderid"]?>'",1100);
	// -->
	</script>
	  <table border="0" cellspacing="0" cellpadding="0" width="100%" bgcolor="" align="center">
        <tr>
          <td width="100%">
            <table width="100%" border="0" cellspacing="0" cellpadding="2" bgcolor="">
			  <tr> 
                <td width="100%" colspan="4" align="center"><br /><strong><?php print $yyUpdSuc?></strong><br /><br /><?php print $yyNowFrd?><br /><br />
                        <?php print $yyNoAuto?> <a href="javascript:history.go(-2)"><strong><?php print $yyClkHer?></strong></a>.<br /><br />
						<img src="/lib/images/misc/clearpixel.gif" width="300" height="3" alt="" /></td>
			  </tr>
			</table>
		  </td>
		</tr>
	  </table>
<?php
	}
}elseif(@$_GET["id"] != ""){
	$statetaxrate=0;
	$countrytaxrate=0;
	$hsttaxrate=0;
	$countryorder=0;
	$sSQL = "SELECT ordID,ordName,ordAddress,ordAddress2,ordCity,ordState,ordZip,ordCountry,ordEmail,ordPhone,ordShipName,ordShipAddress,ordShipAddress2,ordShipCity,ordShipState,ordShipZip,ordShipCountry,ordPayProvider,ordAuthNumber,ordTransID,ordTotal,ordDate,ordStateTax,ordCountryTax,ordHSTTax,ordShipping,ordShipType,ordIP,ordAffiliate,ordDiscount,ordHandling,ordDiscountText,ordComLoc,ordExtra1,ordExtra2,ordAddInfo,ordCNum,ordStatusInfo,ordSupportInfo,order_changed,ordStatus,ord_cert_amt,ord_cert_id,ordPoApo,ordShipPoApo,ordEID,ordReturnID,ordReturnReasonID FROM orders LEFT JOIN payprovider ON payprovider.payProvID=orders.ordPayProvider WHERE ordID='" . $_GET["id"] . "' AND ordEID!=34";
	//echo $sSQL;
	$result = mysql_query($sSQL) or print(mysql_error().$sSQL);
	$alldata = mysql_fetch_array($result);
	$alldata["ordDate"] = strtotime($alldata["ordDate"]);	
	$oldordstatusedit=$alldata["ordStatus"];
	mysql_free_result($result);
	//all stutuses
	$numstatus=0;
	$sSQL = "SELECT statID,statPrivate FROM orderstatus WHERE statPrivate<>'' ORDER BY statID";
	$result = mysql_query($sSQL) or print(mysql_error().$sSQL);
	while($rs = mysql_fetch_assoc($result)){
		$allstatus[$numstatus++]=$rs;
	}
	mysql_free_result($result);
?>
	<table border="0" cellspacing="0" cellpadding="0" width="100%" bgcolor="">
        <tr>
          <td width="100%" align="center">
<?php	$themask = 'yyyy-mm-dd';
		if($admindateformat==1)
			$themask='mm/dd/yyyy';
		elseif($admindateformat==2)
			$themask='dd/mm/yyyy';
		if(! $success) print "<p><font color='#FF0000'>" . $errmsg . "</font></p>"; ?>
			<span name="searchspan" id="searchspan" <?php //if($usepowersearch) print 'style="display:block"'; else print 'style="display:none"'?>>
            <table width="100%" border="0" cellspacing="1" cellpadding="2" bgcolor="">
			  <form method="post" action="/admin/orders.php" name="psearchform">
			  <input type="hidden" name="powersearch" value="1" />
			  <tr bgcolor="#030133"><td colspan="6"><strong><font color="#E7EAEF">&nbsp;<?php print $yyPowSea?></font></strong></td></tr>
			  <tr bgcolor="#E7EAEF"> 
                <td align="right" width="15%"><strong><?php print $yyOrdFro?>:</strong></td>
				<td width="15%" align="left" nowrap="nowrap">&nbsp;
			    <input type="text" size="14" name="fromdate" value="<?php print $fromdate?>" /> <input type=button onclick="popUpCalendar(this, document.forms.psearchform.fromdate, '<?php print $themask?>', 0)" value='DP' /></td>
				<td width="15%" align="right"><strong>E-tailers:</strong></td>
				<td align="left" width="15%">
				<select name="custID">
				 	<option value="" <?=(empty($_POST['custID']))?' selected="selected"':''?>>None Selected</option>
				 <? 
				 $sql_EID="SELECT custID, Name FROM customers WHERE active=1";
				 $result_EID=mysql_query($sql_EID);
				 while($rs_EID=mysql_fetch_array($result_EID)){ ?>
					  	<option value="<?=$rs_EID['custID']?>" <? if($_POST['custID']==$rs_EID['custID']) echo " selected"?>><?= str_replace('<br />',' ',$rs_EID['Name'])?></option>
				<? } ?> 
				 </select>				</td>
				<td align="right" width="20%"><strong><?php print $yyOrdTil?>:</strong></td>
				<td align="left" width="25%">&nbsp;<input type="text" size="14" name="todate" value="<?php print $todate?>" /> <input type=button onclick="popUpCalendar(this, document.forms.psearchform.todate, '<?php print $themask?>', -205)" value='DP' /></td>
			  </tr>
			  <tr bgcolor="#EAECEB">
				<td align="right"><strong><?php print $yyOrdId?>:</strong></td>
				<td align="left">&nbsp;<input type="text" size="14" name="ordid" value="<?php print $ordid?>" /><img src="/lib/images/misc/info_icon.png" id="myfrogz_info" align="absmiddle" /></td>
				<td align="right"><strong>PO/APOs:</strong></td>
				<td align="left">
					<select id="ordPOAPOs" name="ordPOAPOs">
						<option value="none"<?=(empty($_POST['ordPOAPOs']))?' selected="selected"':''?>>None Selected</option>
						<option value="APOs"<?=($_POST['ordPOAPOs'] == 'APOs')?' selected="selected"':''?>>APOs</option>
						<option value="PO_APO"<?=($_POST['ordPOAPOs'] == 'PO_APO')?' selected="selected"':''?>>PO/APOs</option>
						<option value="POs"<?=($_POST['ordPOAPOs'] == 'POs')?' selected="selected"':''?>>POs</option>
						<option value="shipping_APOs"<?=($_POST['ordPOAPOs'] == 'shipping_APOs')?' selected="selected"':''?>>Shipping to APOs</option>
						<option value="shipping_PO_APO"<?=($_POST['ordPOAPOs'] == 'shipping_PO_APO')?' selected="selected"':''?>>Shipping to PO/APOs</option>
						<option value="shipping_POs"<?=($_POST['ordPOAPOs'] == 'shipping_POs')?' selected="selected"':''?>>Shipping to POs</option>
					</select>				</td>
				<td align="right"><strong><?php print $yySeaTxt?>:</strong></td>
				<td align="left" valign="middle">&nbsp;
				  <input type="text" size="24" name="searchtext" value="<?php print $origsearchtext?>" /></td>
			  </tr>
			  <tr bgcolor="#E7EAEF">
				<td rowspan="2" align="right"><strong><?php print $yyOrdSta?>:</strong></td>
				<td rowspan="2" align="left">&nbsp;<select name="ordstatus[]" size="5" multiple><option value="9999" <?php if(strpos($ordstatus,"9999") !== FALSE) print "selected"?>><?php print $yyAllSta?></option><?php
						$ordstatus="";
						$addcomma = "";
						if(is_array(@$_REQUEST["ordstatus"])){
							foreach($_REQUEST["ordstatus"] as $objValue){
								if(is_array($objValue))$objValue=$objValue[0];
								$ordstatus .= $addcomma . $objValue;
								$addcomma = ",";
							}
						}else
							$ordstatus = trim(@$_REQUEST["ordstatus"]);
						$ordstatusarr = explode(",", $ordstatus);
						for($index=0; $index < $numstatus; $index++){
							print '<option value="' . $allstatus[$index]["statID"] . '"';
							if(is_array($ordstatusarr)){
								foreach($ordstatusarr as $objValue)
									if($objValue==$allstatus[$index]["statID"]) print " selected";
							}
							print ">" . $allstatus[$index]["statPrivate"] . "</option>";
						} ?></select>				</td>
				<td rowspan="2" align="right"><strong><?=$yyOrdCou?>:</strong></td>
				<td rowspan="2" align="left">
				<? $sSQL2="SELECT DISTINCT cpnID,cpnName,cpnNumber FROM orders o LEFT JOIN coupons c ON o.ordCoupon=c.cpnID WHERE ordDiscount>0 ORDER BY cpnNumber,cpnName";
					$result2=mysql_query($sSQL2) or die(mysql_error().$sSQL2);
					$total2=mysql_num_rows($result2);?>
					<select name="ordcoupon" size="5" style="width:250px; font-size:10px; ">
					 	<? while($rs2=mysql_fetch_array($result2)){ ?>
					  	<option value="<?=$rs2['cpnID']?>" <?=$rs2['cpnNumber']==""?"":'style="font-weight:bold;"'?> <? if($ordcoupon==$rs2['cpnID']) echo " selected"?>><?=$rs2['cpnNumber']==""?"":$rs2['cpnNumber'].' | '?> <?= str_replace('<br />',' ',$rs2['cpnName'])?></option>
						<? } ?>
					</select>
					<div style="font-size:9px;">Coupons are in bold</div>
					</td>
				<td align="right" valign="middle"><strong>Return Status:</strong></td>
				<td align="left" valign="middle">
						<?
						$sql_return="SELECT * FROM returns ORDER BY status_order";
						$result_return=mysql_query($sql_return);
						?>
						<select name="return_status_search">
						  <option value="" <?php if ($_SESSION['return_status_search']=="") {echo "selected=\"selected\"";} ?>></option>
						  <? while($row_return=mysql_fetch_assoc($result_return)){?>
						  <option value="<?=$row_return["id"]?>" <?php if (!(strcmp($row_return["id"], $_SESSION['return_status_search']))) {echo "selected=\"selected\"";} ?>>
						  <?=$row_return["status"]?>
						  </option>
						  <? } ?>
					  </select></td>
			  </tr>	
			  <tr bgcolor="#E7EAEF">
			    <td align="right" valign="top">&nbsp;</td>
			    <td align="left">			</td>
			    </tr>		  
			  <tr bgcolor="#E7EAEF">
				<td colspan="3" align="left"><input type="checkbox" name="startwith" value="1" <?php if($usepowersearch) print "checked"?> />				  <strong><?php print $yyStaPow?></strong></td>
				<td align="left" valign="center"><img src="/lib/images/misc/info_icon.png" id="myfrogz_info" /><input type="checkbox" name="myfrogz" value="myfrogz" id="myfrogz"<?=(!empty($isMyFrogz)) ? ' checked="checked"' : ''?> />&nbsp;MyFrogz Orders</td>
				<td colspan="2" align="center">
				  <input type="submit" value="<?php print $yySearch?>" /> <input type="button" value="Stats" onclick="document.forms.psearchform.action='/admin/stats1.php';document.forms.psearchform.submit();" /></td>
			  </tr>
			  
			  <tr>
			  	<td colspan="6">
				<?
					$sql_status =  "SELECT count( * ) as statcount , os.statPrivate , os.statID
									FROM orders o, orderstatus os
									WHERE o.ordStatus = os.statID
									AND (o.ordStatus BETWEEN 0 AND 10 OR o.ordStatus = 17)
									AND o.ordName != ''
									GROUP BY os.statID,os.statPrivate";
					$result_status=mysql_query($sql_status);
					while($row_status=mysql_fetch_assoc($result_status)){?>
			  		<div style="color:#000066; font-weight:bold; border:#030133 solid 1px; margin:2px; float:left; width:146px;padding:2px; text-align:center; background-color:#E7EAEF;"><a href="/admin/orders.php?powersearch=1&ordstatus=<?=$row_status['statID']?>"><?=$row_status['statID'].'-'.$row_status['statPrivate'].': '.$row_status['statcount'] ?></a></div>
			  	<? } ?>			  	</td>
			  </tr>
			  </form>
			</table>
            <div>&nbsp;</div>
		</span>
<?	
	
	
	if($doedit){
		// change status to edit order while editing order
		//exit;
		print '<form method="post" name="editform" action="/admin/orders.php" onsubmit="return confirmedit()"><input type="hidden" name="orderid" value="' . $_GET["id"] . '" /><input type="hidden" name="doedit" value="true" />';
		$overridecurrency=TRUE;
		$orcsymbol="";
		$orcdecplaces=2;
		$orcpreamount=TRUE;
		$orcdecimals=".";
		$orcthousands="";
	}
?>
<script language="JavaScript" type="text/javascript" src="http://assets.ifrogz.com/lib/packages/scriptaculous-js/1.9.0/lib/prototype.js"></script>
<script language="JavaScript" type="text/javascript" src="http://assets.ifrogz.com/lib/packages/scriptaculous-js/1.9.0/src/scriptaculous.js"></script>
<script language="JavaScript" type="text/javascript">
<!--
var newwin="";
var plinecnt=0;
function openemailpopup(id) {
  popupWin = window.open('/admin/popupemail.php?'+id,'emailpopup','menubar=no, scrollbars=no, width=300, height=250, directories=no,location=no,resizable=yes,status=no,toolbar=no')
}
function updateoptions(id){
	prodid = document.getElementById('prodid'+id).value;
	if(prodid != ''){
		newwin = window.open('/admin/popupemail.php?prod='+prodid+'&index='+id,'updateopts','menubar=no, scrollbars=no, width=50, height=40, directories=no,location=no,resizable=yes,status=no,toolbar=no');
	}
	return(false);
}
function extraproduct(plusminus){
var productspan=document.getElementById('productspan');
if(plusminus=='+'){
productspan.innerHTML=productspan.innerHTML.replace(/<!--NEXTPRODUCTCOMMENT-->/,'<!--PLINE'+plinecnt+'--><tr><td valign="top"><input type="button" value="..." onclick="updateoptions('+(plinecnt+1000)+')">&nbsp;<input name="prodid'+(plinecnt+1000)+'" size="18" id="prodid'+(plinecnt+1000)+'"></td><td valign="top"><input type="text" id="prodname'+(plinecnt+1000)+'" name="prodname'+(plinecnt+1000)+'" size="24"></td><td><span id="optionsspan'+(plinecnt+1000)+'">-</span></td><td valign="top"><input type="text" id="quant'+(plinecnt+1000)+'" name="quant'+(plinecnt+1000)+'" size="5" value="1"></td><td valign="top"><input type="text" id="price'+(plinecnt+1000)+'" name="price'+(plinecnt+1000)+'" value="0" size="7"><br /><input type="hidden" id="optdiffspan'+(plinecnt+1000)+'" value="0"></td><td>&nbsp;</td></tr><!--PLINEEND'+plinecnt+'--><!--NEXTPRODUCTCOMMENT-->');
plinecnt++;
}else{
if(plinecnt>0){
plinecnt--;
var restr = '<!--PLINE'+plinecnt+'-->(.|\\n)+<!--PLINEEND'+plinecnt+'-->';
//alert(restr);
var re = new RegExp(restr);
productspan.innerHTML=productspan.innerHTML.replace(re,'');
}
}
}
function confirmedit(){
	if(updateClicked) {
		if(confirm('<?php print str_replace("'","\'",$yyChkRec)?>'))
			return(true);
		return(false);
	}
	if(cloneClicked) {
		if(confirm('Are you sure you want to clone this order?'))
			return(true);
		return(false);
	}
}


function checkAIM(frm) {
	if(frm.aim_type.selectedIndex==0) {
		alert("Please choose a transaction type.");
		frm.aim_type.focus();
		return false;
	}else if(frm.aim_txn=='') {
		alert("A transaction number is required.");
		frm.aim_txn.focus();
		return false;
	}else if(frm.aim_amt=='') {
		alert("Please enter an amount.");
		frm.aim_amt.focus();
		return false;
	}
	
	return true;
}

function toggleTXN() {
	if($('div_trans').style.display=='' || $('div_trans').style.display==undefined) {
		//$('div_trans').style.display = 'none';
		Effect.BlindUp('div_trans');
		$('btn_add_txn').value = 'Credit or Void';
	}else if($('div_trans').style.display=='none') {
		//$('div_trans').style.display = '';
		Effect.BlindDown('div_trans');
		$('btn_add_txn').value = 'Hide Credit or Void';
	}
}

function toggleCharge() {
	if($('div_charge').style.display=='' || $('div_charge').style.display==undefined) {
		//$('div_charge').style.display = 'none';
		Effect.BlindUp('div_charge');
		$('btn_charge').value = 'Charge CC';
	}else if($('div_charge').style.display=='none') {
		//$('div_charge').style.display = '';
		Effect.BlindDown('div_charge');
		$('btn_charge').value = 'Hide Charge CC';
	}
}

function togglePrcAdd() {
	if($('div_prc_add').style.display=='' || $('div_prc_add').style.display==undefined) {
		//$('div_charge').style.display = 'none';
		Effect.BlindUp('div_prc_add');
		$('btn_prc_add').value = 'Add Price Adjustment';
	}else if($('div_prc_add').style.display=='none') {
		//$('div_charge').style.display = '';
		Effect.BlindDown('div_prc_add');
		$('btn_prc_add').value = 'Hide Price Adjustment';
	}
}
function createGiftCert(ordID,prodID){
	if(ordID!='' && prodID!=''){
		var params = "ordID="+ordID+"&prodID="+prodID;
		var url = "/admin/ordersgiftcertaj.php";
		var ajax = new Ajax.Updater(
			{success: "giftcertholder"},
					url,
					{
						method: "post", 
						parameters: params,
						//onLoading: function() { Element.show("miniCartWorking"); },
						onComplete: function() { Element.show("giftcertholder");Element.hide("cert_button"); }
						//onComplete: showResponse
					});
	}
}
//-->
</script>
<style type="text/css">
a img{
	border: 0;
}
</style>
	  <table border="0" cellspacing="0" cellpadding="0" width="100%" bgcolor="" align="center">
        <tr>
          <td width="100%">
            <table width="100%" border="0" cellspacing="0" cellpadding="2" bgcolor="">
<?php		if($isprinter && @$invoiceheader != ""){ ?>
			  <tr> 
                <td colspan="5"><?php print $invoiceheader?></td>
			  </tr>
<?php		} ?>
			  <tr 	<? if(!empty($alldata["ordEID"])) echo 'bgcolor="#FA6561"'?>> 
                <td colspan="5" align="center"><strong><?php print $xxOrdNum . " " . $alldata["ordID"] . "<br /><br />" . date($dateformatstr, $alldata["ordDate"]) . " " . date("H:i", $alldata["ordDate"])?></strong></td>
			  </tr>
<?php		if($isprinter && @$invoiceaddress != ""){ ?>
			  <tr> 
                <td colspan="5"><?php print $invoiceaddress?></td>
			  </tr>
<?php		} ?>
<?php		if(trim(@$extraorderfield1)!=""){ ?>
			<tr>
			  <td width="20%" align="right"><strong><?php print $extraorderfield1 ?>:</strong></td>
			  <td align="left" colspan="4"><?php print editfunc($alldata["ordExtra1"],"ordextra1",25)?></td>
			</tr>
<?php		} ?>
			<tr>
			  <td width="20%" align="right"><strong><?php print $xxName?>:</strong></td>
			  <td colspan="2" align="left"><?php print editfunc($alldata["ordName"],"name",25)?></td>
			  <td width="20%" align="right"><?php if(! $isprinter && $alldata["ordAuthNumber"] != "" && ! $doedit) print '<input type="button" value="Resend" onclick="javascript:openemailpopup(\'id=' . $alldata["ordID"] . '\')" />' ?>
			  <strong><?php print $xxEmail?>:</strong></td>
			  <td width="30%" align="left"><?php
				if($isprinter || $doedit) print editfunc($alldata["ordEmail"],"email",25); else print '<a href="mailto:' . $alldata["ordEmail"] . '">' . $alldata["ordEmail"] . '</a>';?>
				<?
			  		$sql_order = "SELECT * FROM orders WHERE ordID <> ". $alldata["ordID"] ." AND ordStatus BETWEEN 11 AND 12 AND ordEmail = '".$alldata["ordEmail"]."' ORDER BY ordID DESC";
			  		//echo $sql_order;
					$result_order = mysql_query($sql_order) or print(mysql_error().$sql_order);
					$num_rows_order = mysql_num_rows($result_order);
					if ($num_rows_order > 0) {
				?>
					<input name="cust_orders" type="button" value="View All Customer Orders (<?=$num_rows_order?>)" onclick="Element.toggle('cust_orders');" />
					<div style="position:relative;">
						<div id="cust_orders" style="position:absolute; left:-280px; width:470px; display:none; background-color:#FFFFFF; border: solid 1px #BFC9E0;padding:6px;">
						<?	
						while ($rs_ord = mysql_fetch_assoc($result_order)) { ?>
							<div style="float:left;margin:4px;"><a href="javascript:void(0)" onclick="getOrderInfo(<?=$rs_ord['ordID']?>)"><?=$rs_ord['ordID']?></a></div>
						<?	}
						?>
						<div id="working" style="display:none;"><img src="/lib/images/indicator.gif"  alt="Working..." width="20" height="20" /></div>
						<div id="order_info" style="display:none; clear:both; padding:10px 6px;"></div>
						
						<script language="JavaScript" type="text/javascript">
							function getOrderInfo(ordID) {
								var url = "/admin/getorder.php";
								var params = "ordID="+ordID;
								var ajax = new Ajax.Updater (
									{success: 'order_info'},
									url,
									{method: "post", 
									parameters: params,
									onLoading: function(){ Element.show('working');},
									onComplete: function(){ Element.hide('working'); new Effect.Appear('order_info');}
									})
							}
						</script>
						</div>
					</div>	
				<? } ?>				</td>
			</tr>
			<tr>
			  <td width="20%" align="right"><strong><?php print $xxAddress?>:</strong></td>
			  <td colspan="2" align="left"<?php if(@$useaddressline2==TRUE) print ' colspan="3"'?>><?php print editfunc($alldata["ordAddress"],"address",25)?></td>
<?php	if(@$useaddressline2==TRUE){ ?>
			</tr>
			<tr>
			  <td width="20%" align="right"><strong><?php print $xxAddress2?>:</strong></td>
			  <td colspan="2" align="left"><?php print editfunc($alldata["ordAddress2"],"address2",25)?></td>
<?php	} ?>
			  <td align="right"><strong><?php print $xxCity?>:</strong></td>
			  <td align="left"><?php print editfunc($alldata["ordCity"],"city",25)?></td>
			</tr>
			<tr>
			  <td width="20%" align="right"><strong><?php print $xxAllSta?>:</strong></td>
			  <td width="10%" align="left"><?php print editfunc($alldata["ordState"],"state",25)?></td>
			  <td width="20%" align="left"><strong>APO/PO:</strong>			    <input <?php if (!(strcmp($alldata["ordPoApo"],1))) {echo "checked=\"checked\"";} ?> <? if($doedit) echo ''; else echo 'disabled="disabled"'; ?> name="APO" type="checkbox" value="1" /></td>
			  <td align="right"><strong><?php print $xxCountry?>:</strong></td>
			  <td align="left"><?php
			if($doedit){
				$foundmatch=FALSE;
				print '<select name="country" size="1">';
				$sSQL = "SELECT countryName,countryTax,countryOrder FROM countries ORDER BY countryOrder DESC, countryName";
				$result = mysql_query($sSQL) or print(mysql_error().$sSQL);
				while($rs2 = mysql_fetch_array($result)){
					print '<option value="' . str_replace('"','&quot;',$rs2["countryName"]) . '"';
					if($alldata["ordCountry"]==$rs2["countryName"]){
						print ' selected';
						$foundmatch=TRUE;
						$countrytaxrate=$rs2["countryTax"];
						$countryorder=$rs2["countryOrder"];
					}
					print '>' . $rs2["countryName"] . "</option>\r\n";			}
				mysql_free_result($result);
				if(! $foundmatch) print '<option value="' . str_replace('"','&quot;',$alldata["ordCountry"]) . '" selected>' . $alldata["ordCountry"] . "</option>\r\n";
				print '</select>';
				if($countryorder==2){
					$sSQL = "SELECT stateTax FROM states WHERE stateAbbrev='" . mysql_real_escape_string($alldata["ordState"]) . "'";
					$result = mysql_query($sSQL) or print(mysql_error().$sSQL);
					if($rs2 = mysql_fetch_array($result))
						$statetaxrate = $rs2["stateTax"];
				}
				if($alldata["ordStateTax"]==0)$statetaxrate=0; 
			}else
				print $alldata["ordCountry"];?></td>
			</tr>
			<tr>
			  <td width="20%" align="right"><strong><?php print $xxZip?>:</strong></td>
			  <td colspan="2" align="left"><?php print editfunc($alldata["ordZip"],"zip",15)?></td>
			  <td align="right"><strong><?php print $xxPhone?>:</strong></td>
			  <td align="left"><?php print editfunc($alldata["ordPhone"],"phone",25)?></td>
			</tr>
<?php if(trim(@$extraorderfield2)!=""){ ?>
			<tr>
			  <td width="20%" align="right"><strong><?php print @$extraorderfield2 ?>:</strong></td>
			  <td align="left" colspan="4"><?php print editfunc($alldata["ordExtra2"],"ordextra2",25)?></td>
			</tr>
<?php } ?>
<?php if(! $isprinter){ ?>
			<tr>
			  <td width="20%" align="right"><strong>IP Address:</strong></td>
			  <td colspan="2" align="left"><?php print editfunc($alldata["ordIP"],"ipaddress",15)?></td>
			  <td align="right"><strong><?php print $yyAffili?>:</strong></td>
			  <td align="left"><?php print editfunc($alldata["ordAffiliate"],"PARTNER",15)?></td>
			</tr>
<?php }
	  if(trim($alldata["ordDiscountText"])!=""){ ?>
			<tr>
			  <td width="20%" align="right" valign="top"><strong><?php print $xxAppDs?>:</strong></td>
			  <td align="left" colspan="4"><?php print editfunc($alldata["ordDiscountText"],"discounttext",25)?></td>
			</tr>
<?php }
	  if(trim($alldata["ordShipName"]) != "" || trim($alldata["ordShipAddress"]) != "" || trim($alldata["ordShipCity"]) != "" || $doedit){ ?>
			<tr>
			  <td align="center" colspan="5"><strong><?php print $xxShpDet?>.</strong></td>
			</tr>
			<tr>
			  <td width="20%" align="right"><strong><?php print $xxName?>:</strong></td>
			  <td align="left" colspan="4"><?php print editfunc($alldata["ordShipName"],"sname",25)?></td>
			</tr>
			<tr>
			  <td width="20%" align="right"><strong><?php print $xxAddress?>:</strong></td>
			  <td colspan="2" align="left"<?php if(@$useaddressline2==TRUE) print ' colspan="3"'?>><?php print editfunc($alldata["ordShipAddress"],"saddress",25)?></td>
<?php	if(@$useaddressline2==TRUE){ ?>
			</tr>
			<tr>
			  <td width="20%" align="right"><strong><?php print $xxAddress2?>:</strong></td>
			  <td colspan="2" align="left"><?php print editfunc($alldata["ordShipAddress2"],"saddress2",25)?></td>
<?php	} ?>
			  <td align="right"><strong><?php print $xxCity?>:</strong></td>
			  <td align="left"><?php print editfunc($alldata["ordShipCity"],"scity",25)?></td>
			</tr>
			<tr>
			  <td width="20%" align="right"><strong><?php print $xxAllSta?>:</strong></td>
			  <td align="left"><?php print editfunc($alldata["ordShipState"],"sstate",25)?></td>
			  <td align="left"><strong>APO/PO:</strong>			    <input name="ShipAPO" type="checkbox" id="ShipAPO" value="1" <?php if (!(strcmp($alldata["ordShipPoApo"],1))) {echo "checked=\"checked\"";} ?> <? if($doedit) echo ''; else echo 'disabled="disabled"'; ?>  /></td>
			  <td align="right"><strong><?php print $xxCountry?>:</strong></td>
			  <td align="left"><?php
			if($doedit){
				if(trim($alldata["ordShipName"]) != "" || trim($alldata["ordShipAddress"]) != "") $usingshipcountry=TRUE; else $usingshipcountry=FALSE;
				$foundmatch=FALSE;
				print '<select name="scountry" size="1">';
				$sSQL = "SELECT countryName,countryTax,countryOrder FROM countries ORDER BY countryOrder DESC, countryName";
				$result = mysql_query($sSQL) or print(mysql_error().$sSQL);
				while($rs2 = mysql_fetch_array($result)){
					print '<option value="' . str_replace('"','&quot;',$rs2["countryName"]) . '"';
					if($alldata["ordShipCountry"]==$rs2["countryName"]){
						print ' selected';
						$foundmatch=TRUE;
						if($usingshipcountry) $countrytaxrate=$rs2["countryTax"];
						$countryorder=$rs2["countryOrder"];
					}
					print '>' . $rs2["countryName"] . "</option>\r\n";			}
				mysql_free_result($result);
				if(! $foundmatch) print '<option value="' . str_replace('"','&quot;',$alldata["ordShipCountry"]) . '" selected>' . $alldata["ordShipCountry"] . "</option>\r\n";
				print '</select>';
				if($countryorder==2 && $usingshipcountry){
					$sSQL = "SELECT stateTax FROM states WHERE stateName='" . mysql_real_escape_string($alldata["ordShipState"]) . "'";
					$result = mysql_query($sSQL) or print(mysql_error().$sSQL);
					if($rs2 = mysql_fetch_array($result))
						$statetaxrate = $rs2["stateTax"];
				}
			}else
				print $alldata["ordShipCountry"]?></td>
			</tr>
			<tr>
			  <td width="20%" align="right"><strong><?php print $xxZip?>:</strong></td>
			  <td align="left" colspan="4"><?php print editfunc($alldata["ordShipZip"],"szip",15)?></td>
			</tr>
<?php }
	  if($alldata["ordShipType"] != "" || $alldata["ordComLoc"]>0 || $doedit){ ?>
			<tr>
			  <td width="20%" align="right"><strong><?php print $xxShpMet?>:</strong></td>
			  <td colspan="2" align="left">
			  <?php 
			    if($doedit && ($alldata["ordStatus"]<=5 || $alldata["ordStatus"]==17) ){
					print editfunc($alldata["ordShipType"],"shipmethod",25);?>			
					<br />
					<a href="javascript:void(0);" onclick="$('shipmethod').value='Standard';">Standard</a> |
                    <a href="javascript:void(0);" onclick="$('shipmethod').value='Priority Mail';">Priority Mail</a> |  
					<a href="javascript:void(0);" onclick="$('shipmethod').value='FedEx Express';">FedEx</a> | 
					<a href="javascript:void(0);" onclick="$('shipmethod').value='FedEx Overnight';">FedEx Overnight</a> 			
					<a href="javascript:void(0);" onclick="$('shipmethod').value='International';">Int</a>				
				<? }else{
					echo $alldata["ordShipType"].'<input type="hidden" name="shipmethod" value="'.$alldata["ordShipType"].'" />';
				}
				if(! $doedit && ($alldata["ordComLoc"]&2)==2) print $xxWtIns?>			  </td>
			  <td align="right"><strong><?php print $xxCLoc?>:</strong></td>
			  <td align="left"><?php	if($doedit){
											print '<select name="commercialloc" size="1">';
											print '<option value="N">' . $yyNo . '</option>';
											print '<option value="Y"' . (($alldata["ordComLoc"]&1)==1 ? ' selected' : '') . '>' . $yyYes . '</option>';
											print '</select>';
										}else{
											if(($alldata["ordComLoc"]&1)==1) print $yyYes; else print $yyNo;
										}?></td>
			</tr>
<?php	if($doedit){ ?>
			<tr>
			  <td width="20%" align="right"><strong><?php print $xxShpIns?>:</strong></td>
			  <td align="left" colspan="4"><?php
										print '<select name="wantinsurance" size="1">';
										print '<option value="N">' . $yyNo . '</option>';
										print '<option value="Y"' . (($alldata["ordComLoc"]&2)==2 ? ' selected' : '') . '>' . $yyYes . '</option>';
										print '</select>';
			?></td>
			</tr>
<?php	}
	  }
		$ordAuthNumber = trim($alldata["ordAuthNumber"]);
		$ordTransID = trim($alldata["ordTransID"]);
		if(! $isprinter && ($ordAuthNumber != "" || $ordTransID != "" || $doedit)){ ?>
			<tr>
			  <td width="20%" align="right"><strong><?php print $yyAutCod?>:</strong></td>
			  <td colspan="2" align="left"><?php print editfunc($ordAuthNumber,"ordAuthNumber",15) ?></td>
			  <td align="right"><strong><?php print $yyTranID?>:</strong></td>
			  <td align="left"><?php print editfunc($ordTransID,"ordTransID",15) ?></td>
			</tr>
<?php
			// Look up any MyFrogz Code
			$sql = "SELECT * FROM att_codes WHERE code_order_id = '" . $alldata["ordID"] . "'";
			$res = mysql_query($sql) or print(mysql_error());
			if ($res) {
				if (mysql_num_rows($res) > 0) {
					$row = mysql_fetch_assoc($res);
?>
			<tr>
				<td width="20%" align="right"><strong>MyFrogz Code:</strong></td>
				<td colspan="4" align="left" style="font-family: Courier; font-size: 125%;"><?=$row['code']?></td>
			</tr>
<?php
				}
			}
		}

		// BOL#s ADDED BY CHAD JUL 27,06
		$sql_bol = "SELECT * FROM bol WHERE ordID = " . $alldata["ordID"];
		$res_bol = mysql_query($sql_bol) or print(mysql_error().$sql_bol);
		if(mysql_num_rows($res_bol) > 0) {
			$row_bol = mysql_fetch_assoc($res_bol);
?>
			<tr>
				<td width="20%" align="right"><strong>Express BOL#:</strong></td>
				<td colspan="2"><?=$row_bol['exBOL']?></td>
<?php
			if(!empty($row_bol['smBOL'])) {
?>
				<td align="right"><strong>Smart Mail BOL#:</strong></td>
				<td><?=$row_bol['smBOL']?></td>
<?php
			}
			if(!empty($row_bol['gmBOL'])) {
?>
				<td align="right"><strong>Global Mail BOL#:</strong></td>
				<td><?=$row_bol['gmBOL']?></td>
<?php
			}
?>
			</tr>
<?php
		}
		// ADD ENDED

		$ordAddInfo = Trim($alldata["ordAddInfo"]);
		if($ordAddInfo != "" || $doedit){ ?>
			<tr>
			  <td width="20%" align="right" valign="top"><strong><?php print $xxAddInf?>:</strong></td>
			  <td align="left" colspan="4"><?php
			if($doedit)
				print '<textarea name="ordAddInfo" cols="80" rows="4" wrap=virtual>' . $ordAddInfo . '</textarea>';
			else
				print str_replace(array("\r\n","\n"),array("<br />","<br />"),$ordAddInfo); ?></td>
			</tr>
<?php	}
if(! $isprinter){
		if(! $doedit) print '<form method="post" action="/admin/orders.php"><input type="hidden" name="updatestatus" value="1" /><input type="hidden" name="orderid" value="' . @$_GET["id"] . '" />';
?>			
<tr>
  <td width="20%" align="right" valign="top"><strong><?php print $yyStaInf?>:</strong></td>
  <td colspan="2" align="left"><textarea name="ordStatusInfo" id="ordStatusInfo" cols="50" rows="3" wrap=virtual><?php print $alldata["ordStatusInfo"]?></textarea>
    <?php if($alldata['ordPayProvider']==20 ) print '<input type="button" value="Google Send Email To Customer" ' . ($alldata['ordPayProvider']==20 ? 'onclick="updategooglestatus(\'message\',' . $_GET['id'] . ')" ' : '') . '/>'?></td>
  <td height="12" colspan="2" valign="top" align="center">
    
<?
	$sql_reason="SELECT * FROM reasons ORDER BY reason";
	$result_reason=mysql_query($sql_reason);
			
	while($row_reason=mysql_fetch_assoc($result_reason)){
		$arrReasons[] = $row_reason;
   } 
?>
    
	<? $sql_his="SELECT * FROM order_returns_history orh LEFT JOIN `returns`r ON orh.returnID=r.id LEFT JOIN reasons rs ON orh.reasonID=rs.id WHERE ordID=".$alldata["ordID"]." ORDER BY date_added DESC";
		$result_his=mysql_query($sql_his);
		if(mysql_num_rows($result_his)>0){
	?>
	<div style="font-size:10px; position:relative;"><a href="javascript:void(0);" onclick="Element.toggle('reason_history');">View History</a>
		<div id="reason_history" style="display:none;position:absolute; top:20px; left:-9px; background-color:#FFFFFF; border: 1px solid #828177; padding:10px; width:295px;">
			<table width="100%" cellspacing="0" cellpadding="2">
				  <tr>
					<th>Status</th>
					<th>Reason</th>
					<th>Date</th>
				  </tr>			
				<? 
				$his=1;
				$bgcolor_his='';
				while($row_his=mysql_fetch_assoc($result_his)){
					//if($his%2==0)$bgcolor_his='#E6E9F5';
				?>
				  <tr <?=($his%2==0?'':' style="background-color: #E6E9F5"')?>>
					<td><?=$row_his["status"]?></td>
					<td><?=$row_his["reason"]?></td>
					<td><?=$row_his["date_added"]?></td>
				  </tr>				
				<? $his++;
				} ?>
			</table>
		</div>
	</div>
	<? }?>
	</fieldset>	  </td>
  </tr>


			<? //if($doedit) { ?>
			<tr>
			  <td width="20%" align="right" valign="top"><strong><?php print $yySupInf?>:</strong></td>
			  <td colspan="4" align="left"><textarea name="ordSupportInfo" cols="80" rows="3" wrap=virtual><?php print $alldata["ordSupportInfo"]?></textarea> </td>
			  </tr>
			
            <tr>
			  <td align="right" valign="top"><strong>Returns/Exchanges:</strong></td>
			  <td colspan="4" align="left">
<?				
				$sql_return="SELECT * FROM returns ORDER BY status_order";
				$result_return=mysql_query($sql_return);
?>
				<script type="text/javascript">
                
                function show_buttons() {
                    var dis;
                    var val = $('return_status').value;
                    if ( val == "0" ) {
                        dis = 'none';
                    } else {
                        dis = 'inline';
                    }
                    buttons = document.getElementsByClassName('reason_button');
                    for(var i = 0; i < buttons.length; i++) {
                        buttons[i].style.display = dis;
                    }
                }
                
                </script>
<? if ($doedit) { ?>
                <select id="return_status" name="return_status" onchange="show_buttons()">
                  <option value="0" <?php if (!(strcmp("0", $alldata["ordReturnID"]))) {echo "selected=\"selected\"";} ?>>none</option>
                  <? while($row_return=mysql_fetch_assoc($result_return)){?>
                  <option value="<?=$row_return["id"]?>" <?php if (!(strcmp($row_return["id"], $alldata["ordReturnID"]))) {echo "selected=\"selected\"";} ?>>
                  <?=$row_return["status"]?>
                  </option>
                  <? } ?>
                </select>
<? }  else {
	while($row_return=mysql_fetch_assoc($result_return)){
		if (!(strcmp($row_return["id"], $alldata["ordReturnID"]))) $strreturn = $row_return["status"];
	}
	echo $strreturn;
}?>
                </td>
			  </tr>
		
			<tr>
			  <td width="20%">&nbsp;</td>
			  <td align="center" colspan="3"><?php if(! $doedit) print '<input type="submit" value="' . $yyUpdate . '" />'?></td>
			  <td>&nbsp;</td>
			  </tr>
			<? //} ?>
<?php	if(($alldata["ordPayProvider"]==3 || $alldata["ordPayProvider"]==13 || $alldata['ordPayProvider']==20) && $alldata["ordAuthNumber"] != ""){ 
			if($alldata['ordPayProvider']==20 && $doedit){ ?>
			<tr>
			  <td align="center" colspan="5">
				<strong>Update Google Account Status:</strong> <span id="googleupdatespan"></span>			  </td>
			</tr>
			<tr>
			  <td align="center" colspan="5">
				<input type="button" value="Charge Order" onclick="updategoogleorder('charge',<?php print $alldata['ordID']?>)" />
				<input type="button" value="Cancel Order" onclick="updategoogleorder('cancel',<?php print $alldata['ordID']?>)" />
				<input type="button" value="Refund Order" onclick="updategoogleorder('refund',<?php print $alldata['ordID']?>)" />
				<input type="button" value="Ship Order" onclick="updategoogleorder('ship',<?php print $alldata['ordID']?>)" />			  </td>
			</tr>
<?php		} ?>
			<!--<tr>
			  <td align="center" colspan="6">
				<input type="button" value="Capture Funds" onclick="javascript:openemailpopup('oid=<?php print $alldata["ordID"]?>')" />			  </td>
			</tr>-->
<?php	}
		if(! $doedit) print '</form>';
	if((int)$alldata["ordPayProvider"]==10){ ?>
			<tr>
			  <td align="center" colspan="5"><hr width="50%">			  </td>
			</tr>
<?php	if(@$_SERVER["HTTPS"] != "on" && (@$_SERVER["SERVER_PORT"] != "443") && @$nochecksslserver != TRUE){ ?>
			<tr>
			  <td align="center" colspan="5"><strong><font color="#FF0000">You do not appear to be viewing this page on a secure (https) connection. Credit card information cannot be shown.</font></strong></td>
			</tr>
<?php	}else{
			$ordCNum = $alldata["ordCNum"];
			if($ordCNum != ""){
				$cnumarr = "";
				$encryptmethod = strtolower(@$encryptmethod);
				if($encryptmethod=="none"){
					$cnumarr = explode("&",$ordCNum);
				}elseif($encryptmethod=="mcrypt"){
					if(@$mcryptalg == "") $mcryptalg = MCRYPT_BLOWFISH;
					$td = mcrypt_module_open($mcryptalg, '', 'cbc', '');
					$thekey = @$ccencryptkey;
					$thekey = substr($thekey, 0, mcrypt_enc_get_key_size($td));
					$cnumarr = explode(" ", $ordCNum);
					$iv = @$cnumarr[0];
					$iv = @pack("H" . strlen($iv), $iv);
					$ordCNum = @pack("H" . strlen(@$cnumarr[1]), @$cnumarr[1]);
					mcrypt_generic_init($td, $thekey, $iv);
					$cnumarr = explode("&", mdecrypt_generic($td, $ordCNum));
					mcrypt_generic_deinit($td);
					mcrypt_module_close($td);
				}else{
					print '<tr><td colspan="4">WARNING: $encryptmethod is not set. Please see http://www.ecommercetemplates.com/phphelp/ecommplus/parameters.asp#encryption</td></tr>';
				}
			} ?>
			<tr>
			  <td align="right" colspan="3"><strong><?php print $xxCCName?>:</strong></td>
			  <td align="left" colspan="2"><?php
			if(@$encryptmethod!=""){
					if(is_array(@$cnumarr)) print URLDecode(@$cnumarr[4]);
			} ?></td>
			</tr>
			<tr>
			  <td align="right" colspan="3"><strong><?php print $yyCarNum?>:</strong></td>
			  <td align="left" colspan="2"><?php
			if($ordCNum != ""){
				if(is_array($cnumarr)) print $cnumarr[0];
			}else{
				print "(no data)";
			} ?></td>
			</tr>
			<tr>
			  <td align="right" colspan="3"><strong><?php print $yyExpDat?>:</strong></td>
			  <td align="left" colspan="2"><?php
			if(@$encryptmethod!=""){
					if(is_array(@$cnumarr)) print @$cnumarr[1];
			} ?></td>
			</tr>
			<tr>
			  <td align="right" colspan="3"><strong>CVV Code:</strong></td>
			  <td align="left" colspan="2"><?php
			if(@$encryptmethod!=""){
					if(is_array(@$cnumarr)) print @$cnumarr[2];
			} ?></td>
			</tr>
			<tr>
			  <td align="right" colspan="3"><strong>Issue Number:</strong></td>
			  <td align="left" colspan="2"><?php
			if(@$encryptmethod!=""){
					if(is_array(@$cnumarr)) print @$cnumarr[3];
			} ?></td>
			</tr>
<?php		if($ordCNum != "" && !$doedit){ ?>
		  <form method="POST" action="/admin/orders.php?id=<?php print $_GET["id"]?>">
			<input type="hidden" name="delccdets" value="<?php print $_GET["id"]?>" />
			<tr>
			  <td align="center" colspan="5"><input type=submit value="<?php print $yyDelCC?>" /></td>
			</tr>
		  </form>
<?php		}
		}
	}
} // isprinter ?>
			<tr>
			  <td align="center" colspan="5">&nbsp;<br /></td>
			</tr>
		  </table>
<span id="productspan">
			<? if(!empty($pg_msg)) echo $pg_msg;?>
		  <table width="100%" border="1" cellspacing="0" cellpadding="4" bordercolor="#999999" style="border-collapse: collapse">
			<tr>
			  <td><strong><?php print $xxPrId?></strong></td>
			  <td><strong><?php print $xxPrNm?></strong></td>
			  <td><strong><?php print $xxPrOpts?></strong></td>
			  <td><strong><?php print $xxQuant?></strong></td>
			  <td><strong><?php if($doedit) print $xxUnitPr; else print $xxPrice?></strong></td>
<?php	if($doedit) print '<td align="center"><strong>DEL</strong></td>' ?>
			</tr>
<?php
	$totoptpricediff = 0;
	if(mysql_num_rows($allorders)>0){
		$totoptpricediff = 0;
		$rowcounter=0;
		while($rsOrders = mysql_fetch_assoc($allorders)){
			$optpricediff = 0;
?>
			<tr>
			  <td valign="top" nowrap>
			  <span style="float:right; font-weight:bold;"><?=$rsOrders["dsName"]?></span>
			  <?php if($doedit) {
			  			print '<input type="button" value="..." onclick="updateoptions(' . $rowcounter . ')">&nbsp;<input type="hidden" name="cartid' . $rowcounter . '" value="' . str_replace('"','&quot;',$rsOrders["cartID"]) . '" />'?><strong><?php print editfunc($rsOrders["cartProdID"],'prodid' . $rowcounter,18)
				?>		
			  <span class="reason_button" style="position:relative; z-index:1; <? if($alldata["ordReturnID"]==0) echo 'display:none;';?> ">
           	  <input style="z-index:0; <? if($rsOrders["cartReason"]>0) echo 'font-weight:bold;';?>" name="reason" type="button" value="Reason" onclick="Element.toggle('r_<?=$rowcounter?>');" />
              <div id="r_<?=$rowcounter?>" style="position:absolute; display:none; background-color:#FFFFFF; border: 1px solid #CCCCCC; padding:6px; margin:-18px 0px 4px 240px">
                              <table width="100%" border="0" cellspacing="0" cellpadding="2">
                                  <tr>
                                    <td>Reason:</td>
                                    <td>
                                      <select name="reason_<?=$rowcounter?>">
                                          <option value="0" <?php if (!(strcmp("0", $rsOrders["cartReason"]))) {echo "selected=\"selected\"";} ?>>none</option>
                                          <? for($k=0; $k<count($arrReasons); $k++){?>
                                          <option value="<?=$arrReasons[$k]["id"]?>" <?php if (!(strcmp($arrReasons[$k]["id"], $rsOrders["cartReason"]))) {echo "selected=\"selected\"";} ?>>
                                          <?=$arrReasons[$k]["reason"]?>
                                          </option>
                                          <? } ?>
                                      </select>
                                 
                                    </td>
                                  </tr>
                                  <tr>
                                    <td valign="top">Note:</td>
                                    <td><textarea  name="note_<?=$rowcounter?>" cols="26" rows="3"><?=$rsOrders["cartNote"]?></textarea></td>
                                  </tr>                                  
                </table>
			  </div>
						</span>
				<?	} else { 
                		echo $rsOrders["cartProdID"];
						for($k=0; $k<count($arrReasons); $k++){
							if (!(strcmp($arrReasons[$k]["id"], $rsOrders["cartReason"]))) echo '<strong> - ' . $strreturn .' Reason: ' . $arrReasons[$k]["reason"] . '</strong>';
						}
               		} ?>
                </strong>
			  <? if ($rsOrders["pSell"]==1 && $doedit) echo  '('.$rsOrders["pInStock"].')';?>
			  </td>
			  <td valign="top">
			  	<?php print editfunc($rsOrders["cartProdName"],'prodname' . $rowcounter,24)?><br />
				<? 
				$isemailcert=FALSE;
				$sql_opt="SELECT coCartOption FROM cartoptions WHERE coCartID=".$rsOrders["cartID"];
				$result_opt=mysql_query($sql_opt);
				if($result_opt) {
					while($row_opt=mysql_fetch_assoc($result_opt)){
						if($row_opt['coCartOption']=='Email' || $row_opt['coCartOption']=='Card via Mail')$isemailcert=TRUE;
					}	
				}	
				if($rsOrders["p_iscert"]=='1'){
					$sql_cert="SELECT cert_id,cert_code FROM certificates WHERE cert_order_id=".$_GET["id"]." AND cert_prod_id='".$rsOrders["cartProdID"]."'";
					$result_cert=mysql_query($sql_cert);
					if(mysql_num_rows($result_cert)>0 && $isemailcert) {
						while($row_cert=mysql_fetch_assoc($result_cert)){?>					
						<stong>(<?=$row_cert['cert_code']?>)</strong><input name="certID<?=$rowcounter?>" type="hidden" value="<?=$row_cert['cert_id']?>" /> <a href="/admin/certs.php?mode=1&amp;sbcode=<?=$row_cert['cert_id']?>">view</a> | <a href="/admin/certs.php?mode=2&amp;sbcode=<?=$row_cert['cert_id']?>">history</a><br />
					<? } 
					}elseif($doedit && $isemailcert){?>
						<div id="cert_button">
<!--					<form action="/admin/orders.php" method="post" name="giftcert" id="giftcertform" >
-->						<input name="giftcertOrderID" type="hidden" value="<?=$_GET["id"]?>" />
						<input id="cert_prod" name="cert_prod" type="hidden" value="<?=$rsOrders["cartProdID"]?>" />
						<input name="giftcert" type="button" value="Create Gift Cert Code" onclick="createGiftCert('<?=$_GET["id"]?>','<?=$rsOrders["cartProdID"]?>');" />
<!--					</form>						
-->						</div>
						<div id="giftcertholder" style="display:none;"></div>					
					<? }elseif($isemailcert) echo "Edit order to generate gift certificate."; 
				}?>	
				<? 
				if(!empty($rsOrders["pDownload"])){
					$sql_down="SELECT * FROM digitaldownloads WHERE orderID=".$_GET["id"]." AND type='".$rsOrders["cartProdID"]."'";
					//echo $sql_down;
					$result_down=mysql_query($sql_down);
					if(mysql_num_rows($result_down)>0) {?>
						<ol style="margin:2px;">
						<? while($row_down=mysql_fetch_assoc($result_down)){?>					
						
						<li style="margin:1px; font-weight:bold;">License ID: <?=$row_down['licenseID']?><br />
						Password: <?=$row_down['password']?></li>
					<? 	  } ?>
						</ol>
					<? } elseif($doedit) {?>
					<form action="/admin/orders.php" method="post" name="download">
						<input name="downOrder" type="hidden" value="<?=$_GET["id"]?>" />
						<input name="downQty" type="hidden" value="<?=$rsOrders["cartQuantity"]?>" />
						<input name="downloadtype" type="hidden" value="<?=$rsOrders["cartProdID"]?>" />
						<input name="getdownload" type="submit" value="Get License ID and Password" />
					</form>				
					<? 
						} else echo "Edit order to get License ID and Password."; 				
				}?>				
			  </td>
			  <td valign="top"><?php
			if($doedit) print '<span id="optionsspan' . $rowcounter . '">';
			$sSQL = "SELECT coOptGroup,coCartOption,coPriceDiff,coOptID,optGroup,optStock,optStyleID,coExtendShipping,ui.display_image,ui.org_img_name FROM cartoptions LEFT JOIN options ON cartoptions.coOptID=options.optID LEFT JOIN uploaded_images ui ON cartoptions.coCartOption=ui.id WHERE coCartID=" . $rsOrders["cartID"] . " ORDER BY coID";
			$result = mysql_query($sSQL) or print(mysql_error().$sSQL);
			if(mysql_num_rows($result) > 0){
				if($doedit) print '<table border="0" cellspacing="0" cellpadding="1" width="100%">';
				while($rs2 = mysql_fetch_array($result)){
					$extend_shipping='';
					if(!empty($rs2["coExtendShipping"])){ 
						if($rs2["coExtendShipping"]>19999999) {
							$thisyeart=substr($rs2["coExtendShipping"],0,4);
							$thismontht=substr($rs2["coExtendShipping"],4,2);
							$thisdayt=substr($rs2["coExtendShipping"],6,2);
							$extend_shipping=' <span style="color:#FF0000;font-weight:bold;">(PRE-ORDER. Will ship after '.$thismontht.'-'.$thisdayt.'-'.$thisyeart. ')</span>';
						}else $extend_shipping=' <span style="color:#FF0000;font-weight:bold;">(This option increases shipping time by '.$rs2["coExtendShipping"]. ' days)</span>';
					}
					$imgsrc='';
					$imgname='';
					if(!empty($rs2["display_image"])) {
						$imgsrc='<br /><img src="/imguploads/img_screen/'.$rs2["display_image"].'.gif" align="top"><div style="font-size:9px;">(If the image does not appear there is a problem with the custom screen upload)</div>';
						$imgname='<br />&nbsp;&nbsp;&nbsp;-Image Name: '.$rs2["org_img_name"];
					}
					if($doedit){
						print '<tr><td align="right" valign="top"><strong>' . $rs2["coOptGroup"] . ':</strong></td><td>';
						if(is_null($rs2["optGroup"])){
							print 'xxxxxx';
						}else{
							$sSQL="SELECT optID," . getlangid("optName",32) . ",optPriceDiff,optType,optStock,optFlags,optStock,optPriceDiff AS optDims FROM options INNER JOIN optiongroup ON options.optGroup=optiongroup.optGrpID WHERE optGroup=" . $rs2["optGroup"] . ' ORDER BY optID';
							$result2 = mysql_query($sSQL) or print(mysql_error().$sSQL);
							if($rsl = mysql_fetch_assoc($result2)){
								if(abs($rsl["optType"])==2){
									print '<select onchange="dorecalc(true)" name="optn' . $rowcounter . '_' . $rs2["coOptID"].'" id="optn' . $rowcounter . '_' . $rs2["coOptID"] . '" size="1">';
									do {
										print '<option value="' . $rsl["optID"] . "|" . (($rsl["optFlags"] & 1) == 1 ? ($rsOrders["cartProdPrice"]*$rsl["optPriceDiff"])/100.0 : $rsl["optPriceDiff"]) . '"';
										if($rsl["optID"]==$rs2["coOptID"]) print ' selected';
										print '>' . $rsl[getlangid("optName",32)].' ('.$rsl["optStock"].')';
										if((double)$rsl["optPriceDiff"] != 0){
											print ' ';
											if((double)$rsl["optPriceDiff"] > 0) print '+';
											if(($rsl["optFlags"] & 1) == 1)
												print number_format(($rsOrders["cartProdPrice"]*$rsl["optPriceDiff"])/100.0,2,'.','');
											else
												print number_format($rsl["optPriceDiff"],2,'.','');
										}
										print '</option>';
									} while($rsl = mysql_fetch_array($result2));
									print '</select>';
								}else{
									print "<input type='hidden' name='optn" . $rowcounter . '_' . $rs2["coOptID"] . "' value='" . $rsl["optID"] . "' /><textarea wrap='virtual' name='voptn" . $rowcounter . '_' . $rs2["coOptID"] . "' id='voptn". $rowcounter. '_' . $rs2["coOptID"] . "' cols='30' rows='3'>";
									print $rs2["coCartOption"] . '</textarea>'.' '.$imgname.' '.$imgsrc.$cert_code. $extend_shipping ;
								}
							}
						}
						print "</td></tr>";
					}else{						
						print '<strong>' . $rs2["coOptGroup"] . ':</strong> ' . str_replace(array("\r\n","\n"),array("<br />","<br />"),$rs2["coCartOption"]) .' '.$rs2["optStyleID"].' '.$imgname.' '.$imgsrc.$cert_code. $extend_shipping . '<br />';
					}
					if($doedit)
						$optpricediff += $rs2["coPriceDiff"];
					else
						$rsOrders["cartProdPrice"] += $rs2["coPriceDiff"];
				}
				if($doedit) print '</table>';
			}else{
				print '-';
			}
			mysql_free_result($result);
			if($doedit) print '</span>' ?></td>
			  <td valign="top"><?php print editfunc($rsOrders["cartQuantity"],'quant' . $rowcounter . '" onchange="dorecalc(true)',5)?></td>
			  <td valign="top"><?php if($doedit) print editnumeric($rsOrders["cartProdPrice"],'price' . $rowcounter . '" onchange="dorecalc(true)',7); else print FormatEuroCurrency($rsOrders["cartProdPrice"]*$rsOrders["cartQuantity"])?>
<?php				if($doedit){
						print '<input type="hidden" id="optdiffspan' . $rowcounter . '" value="' . $optpricediff . '">';
						$totoptpricediff += ($optpricediff*$rsOrders["cartQuantity"]);
					}
			?></td>
<?php		if($doedit) print '<td align="center"><input type="checkbox" name="del_' . $rowcounter . '" id="del_' . $rowcounter . '" value="yes" /></td>' ?>
			</tr>
<?php		$rowcounter++;
		}
	}
?>
<!--NEXTPRODUCTCOMMENT-->
<?php if($doedit){ ?>
			<tr>
			  <td align="right" colspan="4">
				<table width="100%" border="0" cellspacing="0" cellpadding="0">
				  <tr>
					<td align="center"><?php if($doedit) print '<input style="width:30px;" type="button" value="-" onclick="extraproduct(\'-\')"> ' . $yyMoProd . ' <input style="width:30px;" type="button" value="+" onclick="extraproduct(\'+\')"> &nbsp; <input type="button" value="' . $yyRecal . '" onclick="dorecalc(false)">'?></td>
					<td align="right"><strong>Options Total:</strong></td>
				  </tr>
				</table></td>
			  <td align="left" colspan="2"><span id="optdiffspan"><?php print number_format($totoptpricediff, 2, '.', '')?></span></td>
			</tr>
<?php } ?>

			<tr>
			  <td align="right" colspan="4"><strong><?php print $xxOrdTot?>:</strong></td>
			  <td align="left"><div id="ordTot"><?php echo sprintf("%.2f",$alldata["ordTotal"]); ?></div><input name="ordtotal" id="ordtotal" type="hidden" value="<?php echo $alldata["ordTotal"] ?>" /></td>
<?php		if($doedit) print '<td align="center">&nbsp;</td>' ?>
			</tr>
			<?php
	$runTot = $alldata["ordTotal"];
	$sql = "SELECT * FROM price_adj WHERE ordID = " . $_GET['id'] . " ORDER BY ordering";
	$res = mysql_query($sql) or print(mysql_error().$sql);
	if(mysql_num_rows($res) > 0) {
		$k=1;
		$prcTot = 0;
?>
			<tr>
				<td>&nbsp;</td>
				<td>&nbsp;</td>
				<td>&nbsp;</td>
				<td>&nbsp;</td>
				<td>&nbsp;</td>
			</tr>
<?php
		while($row=mysql_fetch_assoc($res)) {
			$price = 0;
			$disp_price = 0;
			$amount = '';
			
			if($row['type'] == 'credit') {
				if($row['amt_type'] == 'percentage') {
					$price = $runTot * ($row['amt'] * .01);
					$runTot -= $price;
					$prcTot -= $price;
					$disp_price = '-'.(int)$row['amt'].'%';
					$amount = '-'.money_format("%!.2n",$price);
				}else{
					$price = '$-'.money_format("%!.2n",$row['amt']);
					$runTot -= $row['amt'];
					$prcTot -= $row['amt'];
					$disp_price = $price;
					$amount = '-'.money_format("%!.2n",$row['amt']);
				}
			}else{
				if($row['amt_type'] == 'percentage') {
					$price = $runTot * ($row['amt'] * .01);
					$runTot += $price;
					$prcTot += $price;
					$disp_price = (int)$row['amt'].'%';
					$amount = money_format("%.2n",$price);
				}else{
					$price = money_format("%.2n",$row['amt']);
					$runTot += $row['amt'];
					$prcTot += $row['amt'];
					$disp_price = $price;
					$amount = money_format("%.2n",$row['amt']);
				}
			}
?>
			<tr>
				<td colspan="3" style="font-weight: bold; text-align: right">Price Adjustment <?=$k?>:</td>
				<td align="left"<?=(strstr($disp_price,"-"))?' style="color: red"':''?>><?=$disp_price?></td>
				<td align="left"<?=(strstr($disp_price,"-"))?' style="color: red"':''?>><?=$amount?></td>
			</tr>
<?php
			$k++;
		}
?>
			<tr>
				<td>&nbsp;</td>
				<td>&nbsp;</td>
				<td>&nbsp;</td>
				<td>&nbsp;</td>
				<td>&nbsp;</td>
			</tr>
<?php
	}
?>
<?php if((double)$alldata["ordShipping"]!=0.0 || $doedit){ ?>
			<tr>
			  <td align="right" colspan="4"><strong><?php print $xxShippg?>:</strong></td>
			  <td align="left"><?php print editnumeric($alldata["ordShipping"],"ordShipping",7)?></td>
<?php		if($doedit) print '<td align="center">&nbsp;</td>' ?>
			</tr>
<?php }
	  if((double)$alldata["ordHandling"]!=0.0 || $doedit){ ?>
			<tr>
			  <td align="right" colspan="4"><strong><?php print $xxHndlg?>:</strong></td>
			  <td align="left"><?php print editnumeric($alldata["ordHandling"],"ordHandling",7)?></td>
<?php		if($doedit) print '<td align="center">&nbsp;</td>' ?>
			</tr>
<?php }
	  if((double)$alldata["ordDiscount"]!=0.0 || $doedit){ ?>
			<tr>
			  <td align="right" colspan="4"><strong><?php print $xxDscnts?>:</strong></td>
			  <td align="left"><font color="#FF0000"><?php print editnumeric($alldata["ordDiscount"],"ordDiscount",7)?></font></td>
<?php		if($doedit) print '<td align="center">&nbsp;</td>' ?>
			</tr>
<?php }
	  if((double)$alldata["ord_cert_amt"]!=0.0 || $doedit){ 
			$sqlcert="SELECT cert_code FROM certificates WHERE cert_id=".$alldata["ord_cert_id"];
			$resultcert=mysql_query($sqlcert);
			if(mysql_num_rows($resultcert)>0) $rowcert=mysql_fetch_assoc($resultcert);
			?>
			<tr>
			  <td align="right" colspan="4"><strong><? if(!empty($rowcert["cert_code"])) echo '('.$rowcert["cert_code"].')';?> <?php print $xxGCerts?>:</strong></td>
			  <td align="left"><font color="#FF0000"><?php print editnumeric($alldata["ord_cert_amt"],"ord_cert_amt",7)?></font></td>
<?php		if($doedit) print '<td align="center">&nbsp;</td>' ?>
			</tr>
<?php }
	  if((double)$alldata["ordStateTax"]!=0.0 || $doedit){ ?>
			<tr>
			  <td align="right" colspan="4"><strong><?php print $xxStaTax?>:</strong></td>
			  <td align="left"><?php print editnumeric($alldata["ordStateTax"],"ordStateTax",7)//$alldata["ordStateTax"]?></td>
<?php		if($doedit) print '<td align="center" nowrap><input type="text" name="staterate" id="staterate" size="1" value="' . $statetaxrate . '">%</td>' ?>
			</tr>
<?php }
	  if((double)$alldata["ordCountryTax"]!=0.0 || $doedit){ ?>
			<tr>
			  <td align="right" colspan="4"><strong><?php print $xxCntTax?>:</strong></td>
			  <td align="left"><?php print editnumeric($alldata["ordCountryTax"],"ordCountryTax",7)?></td>
<?php		if($doedit) print '<td align="center" nowrap><input type="text" name="countryrate" id="countryrate" size="1" value="' . $countrytaxrate . '">%</td>' ?>
			</tr>
<?php }
	  if((double)$alldata["ordHSTTax"]!=0.0 || ($doedit && @$canadataxsystem)){ ?>
			<tr>
			  <td align="right" colspan="4"><strong><?php print $xxHST?>:</strong></td>
			  <td align="left"><?php print editnumeric($alldata["ordHSTTax"],"ordHSTTax",7)?></td>
<?php		if($doedit) print '<td align="center" nowrap><input type="text" name="hstrate" id="hstrate" size="1" value="' . $hsttaxrate . '">%</td>' ?>
			</tr>
<?php } ?>
			<tr>
			  <td align="right" colspan="4"><strong><?php print $xxGndTot?>:</strong></td>
			  <td align="left"><span id="grandtotalspan"><?php print FormatEuroCurrency(($alldata["ordTotal"]+$alldata["ordStateTax"]+$alldata["ordCountryTax"]+$alldata["ordHSTTax"]+$alldata["ordShipping"]+$alldata["ordHandling"]+$prcTot)-$alldata["ordDiscount"]-$alldata["ord_cert_amt"])?></span></td>
<?php		if($doedit) print '<td align="center">&nbsp;</td>' ?>
			</tr>
	  </table>
</span>
		  </td>
		</tr>
<?php	if($isprinter && @$invoicefooter != ""){ ?>
		<tr> 
          <td width="100%"><?php print $invoicefooter?></td>
		</tr>
<?php	}elseif($doedit){ 
			
			//echo 'old status='.$alldata["ordStatus"]." ".$_GET["id"];
		
			if(! ($oldordstatusedit==999) && ($oldordstatusedit >=3 && $oldordstatusedit!=10 && $oldordstatusedit!=17)) release_stock($_GET["id"]);//echo 'edit release_stock';$_SESSION['counter_id']++;}

			if($oldordstatusedit!=17 && $oldordstatusedit!=''){
			$sql_status_change="UPDATE orders SET ordStatus=17 WHERE ordID=".$_GET["id"];
			//echo $sql_status_change;
			mysql_query($sql_status_change) or print(mysql_error());
			if(!setNewLocation( 17 , $_GET["id"],'Manual', 'Edit Order' )) print("Unable to record status change.");
		}
?>
		<tr> 
          <td align="center" width="100%">
		<br />
			<div style="font-weight:bold;">
				 Set This Orders Status To:  
				 <select name="ordstatusnew" size="1"><?php
					for($index=0; $index<$numstatus; $index++){
						//if(! $isauthorized && $allstatus[$index]["statID"]>2) break;
						if(! ($oldordstatusedit != 2 && $allstatus[$index]["statID"]==2)){
							print '<option value="' . $allstatus[$index]["statID"] . '"';
							if($oldordstatusedit==$allstatus[$index]["statID"]){
								print " selected";
							}
							print ">" . $allstatus[$index]["statPrivate"] . "</option>";
						}
					}
					?>
			  </select>
					 <p>And</p>
					  <input accesskey="u" type="submit" value="    <?php print $yyUpdate?>     " onclick="updateClicked=true; cloneClicked=false;"  />
				OR <input type="submit" name="clone" value="Clone Order" onclick="updateClicked=false; cloneClicked=true;" /><br />
			</div>
			 		  </td>
		</tr>
<?php	} ?>
	  </table>
<?php
	if($doedit) print '</form>';

	// ADDED by Chad Jun-06-06
	// PRICE ADJUSTMENTS
?>
	
	<h2><a name="prc_adj"></a>Price Adjustments</h2>
	
<?php
	if(!empty($_GET['adj_err'])) {
?>
		<div style="margin: 5px auto; color: #FF0000; font-weight: bold; text-align: center"><?=$_GET['adj_err']?></div>
<?php
	}elseif(!empty($_GET['adj_msg'])) {
?>
		<div style="margin: 5px auto; color: #009900; font-weight: bold; text-align: center"><?=$_GET['adj_msg']?></div>
<?php
	}
?>
	<table width="95%" cellpadding="3" cellspacing="0" border="1" style="margin: 0 auto 5px auto; border: 1px solid #BFC9E0; border-collapse: collapse">
		<tr style="background-color: #BFC9E0; color: #194C7F">
			<th width="60" style="text-align: center">Type</th>
			<th width="80" style="text-align: center">Amount Type</th>
			<th width="80" style="text-align: center">Amount</th>
			<th width="150" style="text-align: center">Date</th>
			<th>Note</th>
<?php
if($doedit) {	
	if(strstr($_SESSION['employee']['permissions'],"all") || $_SESSION['employee']['id']==19 || $_SESSION['employee']['id']==12 || $_SESSION['employee']['id']==2) {
?>
			<th width="28">Edit</th>
			<th width="28">Delete</th>
			<th width="28">Move Up</th>
			<th width="28">Move Down</th>
<?php
	}
}
?>
		</tr>
<?php
	$sql = "SELECT * FROM price_adj WHERE ordID = " . $_GET["id"] . " ORDER BY ordering";
	$res = mysql_query($sql) or print(mysql_error().$sql);
	
	$num_rows = mysql_num_rows($res);
	if($num_rows > 0) {
		$j=0;
		while($row=mysql_fetch_assoc($res)) {
?>
		<tr<?=($j%2==0?'':' style="background-color: #E6E9F5"')?>>
			<td style="text-align: center"><?=$row['type']?></td>
			<td style="text-align: center"><?=$row['amt_type']?></td>
			<td style="text-align: right"><?=$row['amt']?></td>
			<td style="text-align: left"><?=date("n/j/Y g:i a",strtotime($row['date']))?></td>
			<td style="text-align: left"><?=$row['note']?></td>
<?php
if($doedit) {	
	if(strstr($_SESSION['employee']['permissions'],"all") || $_SESSION['employee']['id']==19 || $_SESSION['employee']['id']==12 || $_SESSION['employee']['id']==2) {
?>
			<td style="text-align: center"><a href="/admin/editprcadj.php?pa_id=<?=$row['id']?>&action=edit" onclick="window.open(this.href,'edit_txn','left=700,top=100,width=550,height=150,toolbar=0'); return false;"><img src="/lib/images/misc/edit.gif" height="24" width="24"  /></a></td>
			<td style="text-align: center"><a href="/admin/editprcadj.php?pa_id=<?=$row['id']?>&action=delete" onclick="window.open(this.href,'edit_txn','left=700,top=100,width=550,height=150,toolbar=0'); return false;"><img src="/lib/images/misc/delete.gif" width="24" height="24" /></a></td>
			<td style="text-align: center"><? if($row['ordering']!=1){?><a href="/admin/mvprcadj.php?pa_id=<?=$row['id']?>&pa_ordID=<?=$row['ordID']?>&position=<?=$row['ordering']?>&action=moveup" onclick=""><img src="/lib/images/misc/arrow_up.png" width="24" height="24" /></a><? } ?></td>
			<td style="text-align: center"><? if($row['ordering']!=$num_rows){?><a href="/admin/mvprcadj.php?pa_id=<?=$row['id']?>&pa_ordID=<?=$row['ordID']?>&position=<?=$row['ordering']?>&action=movedown" onclick=""><img src="/lib/images/misc/arrow_down.png" width="24" height="24" /></a><? } ?></td>
<?php
	}
}
?>
		</tr>
<?php
			$j++;
		}
	}else{
?>
		<tr>
			<td colspan="9" style="text-align: center; font-weight: bold">No Price Adjustments Found</td>
		</tr>
<?php
	}
?>
	</table>
	
<?php
if($doedit) {	
	if(strstr($_SESSION['employee']['permissions'],"all") || $_SESSION['employee']['id']==19 || $_SESSION['employee']['id']==12 || $_SESSION['employee']['id']==2) {
?>
	
	<input type="button" id="btn_prc_add" value="Add Price Adjustment" onclick="togglePrcAdd();" />
	
	<div id="div_prc_add" style="display: none">
		<form id="adj_frm" name="adj_frm" method="post" action="/admin/ordersprocess.php">
		<table cellpadding="3" cellspacing="0" border="1" style="margin: 0 auto 5px auto; border: 1px solid #BFC9E0; border-collapse: collapse">
			<tr style="background-color: #BFC9E0; color: #194C7F">
				<td colspan="2" style="text-align: center; font-weight: bold; font-size: 14px">Add Price Adjustment</td>
			</tr>
			<tr>
				<td style="font-weight: bold">Type:</td>
				<td>
					<select id="adj_type" name="adj_type">
						<option value="" selected="selected">Choose...</option>
						<option value="credit">Credit</option>
						<option value="debit">Debit</option>
					</select>
				</td>
			</tr>
			<tr>
				<td style="font-weight: bold">Amt Type:</td>
				<td>
					<select id="adj_amt_type" name="adj_amt_type">
						<option value="" selected="selected">Choose...</option>
						<option value="fixed">Fixed</option>
						<option value="percentage">Percentage</option>
					</select>
				</td>
			</tr>
			<tr>
				<td style="font-weight: bold">Amount:</td>
				<td><input id="adj_amt" name="adj_amt" type="text" value="" /></td>
			</tr>
			<tr>
				<td style="font-weight: bold">Note:</td>
				<td><textarea id="adj_note" name="adj_note"></textarea></td>
			</tr>
			<tr>
				<td colspan="2" style="text-align: center"><input type="submit" id="adj_submit" name="adj_submit" value="Add" /></td>
			</tr>
		</table>
		<input type="hidden" id="adj_ordID" name="adj_ordID" value="<?=$_GET["id"]?>" />
		<input type="hidden" id="adj_doedit" name="adj_doedit" value="<?=$_GET["doedit"]?>" />
		</form>
	</div>
<?php
	}
}
	// ADD ENDED

	// ADDED by Chad Jun-05-06
	// TRANSACTIONS
	$sql = "SELECT * FROM transactions WHERE ordID = " . $_GET["id"];
	$res = mysql_query($sql) or print(mysql_error().$sql);
?>
	<h2><a name="aim"></a>Transactions</h2>
<?php
	if(!empty($_GET['aim_err'])) {
?>
		<div style="margin: 5px auto; color: #FF0000; font-weight: bold; text-align: center"><?=$_GET['aim_err']?></div>
<?php
	}elseif(!empty($_GET['aim_msg'])) {
?>
		<div style="margin: 5px auto; color: #009900; font-weight: bold; text-align: center"><?=$_GET['aim_msg']?></div>
<?php
	}
?>
	<table width="95%" cellpadding="3" cellspacing="0" border="1" style="margin: 0 auto 5px auto; border: 1px solid #BFC9E0; border-collapse: collapse">
		<tr style="background-color: #BFC9E0; color: #194C7F">
			<th width="85" style="text-align: center">Type</th>
			<th width="60" style="text-align: right">Amount</th>
			<th width="80" style="text-align: center">TXN</th>
			<th width="120" style="text-align: left">Date</th>
			<th>Note</th>
		</tr>
<?php
	while($row=mysql_fetch_assoc($res)) {
?>
		<tr>
			<td style="text-align: center"><?=$row['type']?></td>
			<td style="text-align: center"><?=money_format("%.2n",$row['amt'])?></td>
			<td style="text-align: center"><?=$row['txn']?></td>
			<td style="text-align: center"><?=date("n/j/Y g:i a",strtotime($row['date_received']))?></td>
			<td><?=$row['note']?></td>
		</tr>
<?php	
	}
?>
	</table>
<?php
if($doedit) {	
	if(strstr($_SESSION['employee']['permissions'],"all") || $_SESSION['employee']['id']==9 || $_SESSION['employee']['id']==12 || $_SESSION['employee']['id']==2 || in_array($_SESSION['employee']['id'], array(9, 12, 2, 48, 117, 88))) {
?>
<input type="button" id="btn_add_txn" value="Credit or Void" onclick="toggleTXN();" />

<div id="div_trans" style="display: none">
	<form id="aim_frm" name="aim_frm" method="post" action="/admin/ordersprocess.php" onsubmit="return checkAIM(this);">
	<table cellpadding="3" cellspacing="0" border="1" style="margin: 5px auto 5px auto; border: 1px solid #BFC9E0; border-collapse: collapse">
		<tr style="background-color: #BFC9E0; color: #194C7F">
			<td colspan="4" style="text-align: center; font-weight: bold; font-size: 14px">Credit or Void a Transaction</td>
		</tr>
		<tr>
			<th style="text-align: center">Type</th>
			<th style="text-align: center">TXN</th>
			<th style="text-align: center">Amount</th>
			<th>Note</th>
		</tr>
		<tr>
			<td valign="top">
				<select name="aim_type" id="aim_type">
					<option value="" selected="selected">Choose...</option>
					<option value="CREDIT">Credit</option>
					<option value="VOID">Void</option>
				</select>
			</td>
			<td valign="top"><input type="text" id="aim_txn" name="aim_txn" value="" autocomplete="off" /></td>
			<td valign="top"><input type="text" id="aim_amt" name="aim_amt" value="" autocomplete="off" /></td>
			<td valign="top"><textarea id="aim_note" name="aim_note"></textarea></td>
		</tr>
		<tr>
			<td colspan="4" style="text-align: right"><input type="submit" id="aim_submit" name="aim_submit" value="Submit" /></td>
		</tr>
	</table>
	<input type="hidden" id="aim_inv" name="aim_inv" value="<?=$_GET["id"]?>" />
<?php
$tmp = explode(" ",$alldata["ordName"]);
?>
	<input type="hidden" id="aim_fname" name="aim_fname" value="<?=$tmp[0]?>" />
	<input type="hidden" id="aim_lname" name="aim_lname" value="<?=(!empty($tmp[1]))?$tmp[1]:''?>" />
	<input type="hidden" id="aim_doedit" name="aim_doedit" value="<?=$_GET['doedit']?>" />
	</form>
</div>

<input type="button" id="btn_charge" value="Charge CC" onclick="toggleCharge();" style="display: block; margin: 5px 5px 5px 0" />

<div id="div_charge" style="display: none">
	<form id="frmCharge" name="frmCharge" method="post" action="/admin/ordersprocess.php">
	<table cellpadding="3" cellspacing="0" border="1" style="margin: 5px auto 5px auto; border: 1px solid #BFC9E0; border-collapse: collapse">
		<tr style="background-color: #BFC9E0; color: #194C7F">
			<td colspan="2" style="font-size: 14px; font-weight: bold; text-align: center">Authorize &amp; Capture</td>
		</tr>
		<tr>
			<td>First Name:</td>
			<td><input type="text" id="am_fname" name="am_fname" value="<?=$alldata['ordName']?>" /></td>
		</tr>
		<tr>
			<td>Last Name:</td>
			<td><input type="text" id="am_lname" name="am_lname" value="" /></td>
		</tr>
		<tr>
			<td>Address:</td>
			<td><input type="text" id="am_address" name="am_address" value="<?=$alldata['ordAddress']?>" /></td>
		</tr>
		<tr>
			<td>Address 2:</td>
			<td><input type="text" id="am_address2" name="am_address2" value="<?=$alldata['ordAddress2']?>" /></td>
		</tr>
		<tr>
			<td>City:</td>
			<td><input type="text" id="am_city" name="am_city" value="<?=$alldata['ordCity']?>" /></td>
		</tr>
		<tr>
			<td>State:</td>
			<td><input type="text" id="am_state" name="am_state" value="<?=$alldata['ordState']?>" /></td>
		</tr>
		<tr>
			<td>Zip:</td>
			<td><input type="text" id="am_zip" name="am_zip" value="<?=$alldata['ordZip']?>" /></td>
		</tr>
		<tr>
			<td>Amount:</td>
			<td><input type="text" id="am_amt" name="am_amt" value="" autocomplete="off" /></td>
		</tr>
		<tr>
			<td>CC#:</td>
			<td><input type="text" id="am_cc_num" name="am_cc_num" value="<?=Decrypt($row_eid['ccNum'], $cart_misc)?>" autocomplete="off" /></td>
		</tr>
		<tr>
			<td>Exp. Date:</td>
			<td> 
				<select id="am_exp_mon" name="am_exp_mon">
<?
		$ccexp=explode('/',$row_eid['ccExp']);
		for($i=1; $i<=12; $i++)
		{
			if($i<10)
				$i = '0'.$i;
			if($i == $ccexp[0])
				echo '<option value="'.$i.'" selected="selected">'.$i.'</option>';
			else if(date('n') == $i )
				echo '<option value="'.$i.'" selected="selected">'.$i.'</option>';
			else
				echo '<option value="'.$i.'">'.$i.'</option>';
		}
?>
				</select>&nbsp;/&nbsp;
				<select id="am_exp_year" name="am_exp_year">
<?
		$cur_year = date('Y');
		for($i=($cur_year); $i<=$cur_year+10; $i++)
		{
			if($i == $ccexp[1])
				echo '<option value="'.$i.'" selected="selected">'.$i.'</option>';
			elseif(date('Y') == $i || $i==$ccexp[1])
				echo '<option value="'.$i.'" selected="selected">'.$i.'</option>';
			else
				echo '<option value="'.$i.'">'.$i.'</option>';
		}
?>				
				</select>
			</td>
		</tr>
		<tr>
			<td>CCV:</td>
			<td><input type="text" id="am_ccv" name="am_ccv" value="<?=$row_eid['ccCCV']?>" autocomplete="off" /></td>
		</tr>
		<tr>
			<td colspan="2" style="text-align: center"><input type="submit" id="am_submit" name="am_submit" value="Submit" /></td>
		</tr>
	</table>
	<input type="hidden" id="am_inv" name="am_inv" value="<?=$_GET["id"]?>" />
	<input type="hidden" id="am_type" name="am_type" value="AUTH_CAPTURE" />
	<input type="hidden" id="am_doedit" name="am_doedit" value="<?=$_GET['doedit']?>" />
	</form>
</div>
<?php
	}
}

	// ADDED by Chad Apr-04-06
	// LOCATION HISTORY
	$qry = "SELECT * FROM location WHERE ordID = '".$_GET["id"]."' ORDER BY stamp";
	$res = mysql_query($qry) or print(mysql_error().$qry);
	$i=0;
	while($row = mysql_fetch_assoc($res)) {
		$locations[$i++]=$row;
	}
?>
		<table width="600" cellpadding="3" cellspacing="0" style="margin: 10px auto; font-family: Verdana, Arial, Helvetica, sans-serif; border: 1px solid #4B1610; border-collapse: collapse">
			<tr style="border-bottom: 1px solid #4B1610">
				<td style="background-color: #4B1610; color: #FFFFFF; font-weight: bold">Location</td>
				<td style="background-color: #4B1610; color: #FFFFFF; font-weight: bold">Date Changed</td>
				<td style="background-color: #4B1610; color: #FFFFFF; font-weight: bold">Employee</td>
				<td style="background-color: #4B1610; color: #FFFFFF; font-weight: bold">Type</td>
				<td style="background-color: #4B1610; color: #FFFFFF; font-weight: bold">Reason</td>
			</tr>
<?php
	if(is_array($locations)) { 
		$count=count($locations);
		for($i=0;$i<$count;$i++){
			$config_admin = RBI_Kohana::config('database.default_admin.connection');

			$db_admin = mysql_connect($config['hostname'], $config['username'], $config['password']);
			mysql_select_db($config['database']) or die ('DB Admin connection failed.</td></tr></table></body></html>');
			if($locations[$i]["employeeID"]!=0){			
				$rbiSQL = 'select * from employee where id="'.$locations[$i]["employeeID"].'" ';
				$rs_rbi = mysql_query($rbiSQL, $db_admin);
				$rbi_row = mysql_fetch_assoc($rs_rbi);
			} else $rbi_row['firstname']=0;
?>
			<tr style="background-color: #<?=($i%2==0)?'903E36':'903E36'?>; border-bottom: 1px solid #4B1610">
				<td style="color: #FFFFFF"><?=$locations[$i]['location']?></td>
				<td style="color: #FFFFFF"><?=$locations[$i]['stamp']?></td>
				<td style="color: #FFFFFF"><?=$rbi_row['firstname']?></td>
				<td style="color: #FFFFFF"><?=$locations[$i]['locType']?></td>
				<td style="color: #FFFFFF"><?=$locations[$i]['locTypeReason']?></td>
			</tr>
<?php
		}
	}else{
?>
			<tr>
				<td colspan="2" style="text-align: center">No location found</td>
			</tr>
<?php
	}
?>
		</table>
<?php
	include(APPPATH.'views/partials/admin/dbconnection.php');
	// ADD ENDED
	
	// ADDED by Chad Apr-04-06
	// FEDEX TRACKING
	$qry = "SELECT * FROM fedex WHERE ordID = '".$_GET["id"]."' ORDER BY id DESC";
	$res = mysql_query($qry);
	if(mysql_num_rows($res) > 0) {
		$row = mysql_fetch_assoc($res);
		$trackNum = $row['trackNum'];
		if(!empty($trackNum)) {
			// See Customer Service Page for displaying results
?>
				<div style="margin: 10px auto; border: 2px solid #2C578A; width: 550px">
				<table align="center" width="550" border="0" cellpadding="3" cellspacing="0" style="font-size: 10px; font-family: Verdana, Arial, Helvetica, sans-serif">
					<tr>
						<th colspan="2" style="font-size: 18px; background-color: #2C578A; color: #FFF; font-weight: bold; text-align: left">Fed<span style="margin-left: -3px; color: #FF6600">Ex</span></th>
						<th colspan="3" style="font-size: 14px; text-align: right; background-color: #2C578A; color: #FFF; font-weight: bold">Tracking# <?=$trackNum?></th>
					</tr>
			
<?php
			include(DOCROOT.'includes/fedex/fedexdc.php');
			$fed = new FedExDC();
			$track_Ret = $fed->track(
				array(
					'1537' => $trackNum, //Tracking Number
					'1534' =>'Y' // detail_scan_indicator (Show me all the tracking data)
				)
			);
			
			$ctr = 0;
			$hasChanged = false;
			$isDelivered = false;
			for($i=1; $i<=$track_Ret[1584]; $i++) {

			if(!empty($track_Ret['1339-'.$i]))
			{
				$tmp_date = $track_Ret['1339-'.$i];
				$est_del = substr($tmp_date,0,4).'-'.substr($tmp_date,4,2).'-'.substr($tmp_date,6,2);
	?>
			<tr>
				<td colspan="5" style="background-color: #2C578A; height: 15px">&nbsp;</td>
			</tr>
			<tr>
				<td colspan="5" style="background-color: #DFE7FF"><strong>Estimated Delivery Date:</strong> <?=date('M j, Y',strtotime($est_del))?></td>
			</tr>
	<?php
			}
	?>
			<tr>
				<th align="left" width="150" colspan="2" style="background-color: #2C578A; color: #FFF; font-weight: bold">Date/Time</th>
				<th align="left" style="background-color: #2C578A; color: #FFF; font-weight: bold">Activity</th>
				<th align="left" style="background-color: #2C578A; color: #FFF; font-weight: bold">Location</th>
				<th align="left" style="background-color: #2C578A; color: #FFF; font-weight: bold">Details</th>
			</tr>
	<?php
				for($j=1; $j<=$track_Ret['1715-'.$i]; $j++)
				{
					$date = $track_Ret['1162-'.$i.'-'.$j];
					$year = substr($date,0,4);
					$mon = substr($date,4,2);
					$day = substr($date,6,2);
					$hrs = substr($track_Ret['1163-'.$i.'-'.$j],0,2);
					$min = substr($track_Ret['1163-'.$i.'-'.$j],2,2);
					$sec = substr($track_Ret['1163-'.$i.'-'.$j],4,2);
					
					$date = $year.'-'.$mon.'-'.$day.' '.$hrs.':'.$min.':'.$sec;
					$unixDate = strtotime($date);
					
					if(empty($track_Ret['1161-'.$i.'-'.$j]))
					{
						$state = $track_Ret['1164-'.$i.'-'.$j];
					}
					else
					{
						$state = $track_Ret['1161-'.$i.'-'.$j];
					}
										
					if(date('Ymd',$unixDate) != date('Ymd',$last_date))
					{
						$ctr++;
						$hasChanged = true;
					}
					
					if($track_Ret['1159-'.$i.'-'.$j] == 'Delivered' && empty($track_Ret['1711-'.$i.'-'.$j]))
					{
						$isDelivered = true;
					}
	?>
					<tr style="background-color: #<?=($ctr%2==0)?'FFF':'DFE7FF'?>">
			<?php
						if($hasChanged)
						{
			?>
						<td style="text-align: left" valign="top">
							<span style="font-weight: bold"><?=date('M j, Y',$unixDate)?></span>
						</td>
						<td valign="top" style="text-align: right; border-right: 1px solid #<?=($ctr%2!=0)?'FFF':'DFE7FF'?>"><?=date('g:i A',$unixDate)?></td>
			<?php
							$hasChanged = false;
						}
						else
						{
			?>
						<td valign="top" colspan="2" style="text-align: right; border-right: 1px solid #<?=($ctr%2!=0)?'FFF':'DFE7FF'?>"><?=date('g:i A',$unixDate)?></td>
			<?php
						}
			?>		
						</td>
						<td valign="top" style="border-right: 1px solid #<?=($ctr%2!=0)?'FFF':'DFE7FF'?>"><?=($isDelivered)?'<strong>':''?><?=$track_Ret['1159-'.$i.'-'.$j]?><?=($isDelivered)?'</strong>':''?></td>
						<td valign="top" style="border-right: 1px solid #<?=($ctr%2!=0)?'FFF':'DFE7FF'?>"><?=$track_Ret['1160-'.$i.'-'.$j]?>, <?=$state?></td>
						<td valign="top"><?=$track_Ret['1711-'.$i.'-'.$j]?></td>
					</tr>
	<?php
					if($isDelivered)
					{
						$isDelivered = false;
					}
					
					$last_date = $unixDate;
				}
			}
		}
?>
		  </table>
</div>
<?php
	}
	// ADD ENDED
	
	// ADDED by Chad Apr-03-06
	// DHL AND USPS TRACKING
	$qry = "SELECT * FROM dhl WHERE custPackID = '".$_GET["id"]."' ORDER BY id DESC";
	$res = mysql_query($qry) or print(mysql_error().$qry);
	if(mysql_num_rows($res) > 0) {
		$row = mysql_fetch_assoc($res);
		$trackNum = $row['DHLGMTrackNum'];
		$uspsTrack = $row['custDelConfIDUSPS'];
		if(!empty($trackNum)) {
			$ch = curl_init();
			curl_setopt($ch,CURLOPT_URL,"http://api.smartmail.com/tnt2.cfm?number=$trackNum&criteria=3&type=wddx&custid=rband&passwd=sm36732");
			//curl_setopt($ch, CURLOPT_POST, 1);
			curl_setopt($ch,CURLOPT_HEADER,0);
			curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
			//curl_setopt($ch, CURLOPT_POSTFIELDS, "number=$trackNum&criteria=3&type=wddx&custid=rband&passwd=sm36732");
			$res = curl_exec($ch);
			curl_close($ch);
			$info = wddx_deserialize($res);
			//showarray($info);
			if(empty($info['Detail'][0])) { //If no errors
?>
			<div style="height: 20px"></div>
			<table align="center" width="500" cellpadding="3" cellspacing="0" style="border: 1px solid #FFFFFF">
				<tr>
					<td colspan="2" style="color: #FFFFFF; background-color: #CC0000; text-align: center; font-weight: bold; font-size: 18px">DHL Tracking</td>
				</tr>
<?php
				if(!empty($info['TRACK_PKUP_DATE'][0])) {
?>
				<tr>
					<td style="background-color: #FFCC00; text-align: left; font-weight: bold"><?=$info['TRACK_PKUP_DATE'][0]?></td>
					<td bordercolor="#FFFFFF" style="background-color: #FFCC00">Picked Up by SmartMail</td>
				</tr>
<?php
				}
				if(!empty($info['TRACK_RECV_DATE'][0])) {
?>
				<tr>
					<td style="background-color: #FFCC00; text-align: left; font-weight: bold"><?=$info['TRACK_RECV_DATE'][0]?></td>
					<td bordercolor="#FFFFFF" style="background-color: #FFCC00">Arrived at Smart Center</td>
				</tr>
<?php
				}
				if(!empty($info['TRACK_ENCD_DATE'][0])) {
?>
				<tr>
					<td style="background-color: #FFCC00; text-align: left; font-weight: bold"><?=$info['TRACK_ENCD_DATE'][0]?></td>
					<td bordercolor="#FFFFFF" style="background-color: #FFCC00">Processed and Verified</td>
				</tr>
<?php
				}
				if(!empty($info['TRACK_DNSD_DATE'][0])) {
?>
				<tr>
					<td style="background-color: #FFCC00; text-align: left; font-weight: bold"><?=$info['TRACK_DNSD_DATE'][0]?></td>
					<td bordercolor="#FFFFFF" style="background-color: #FFCC00">Sent via <?=(!empty($info['TRACK_DNDC'][0]))?$info['TRACK_DNDC'][0]:"SmartMail"?></td>
				</tr>
<?php
				}
				if(!empty($info['TRACK_DNRC_DATE'][0])) {
?>
				<tr>
					<td style="background-color: #FFCC00; text-align: left; font-weight: bold"><?=$info['TRACK_DNRC_DATE'][0]?></td>
					<td bordercolor="#FFFFFF" style="background-color: #FFCC00">Received</td>
				</tr>
<?php
				}
				if(!empty($info['TRACK_MFST_DATE'][0])) {
?>
				<tr>
					<td style="background-color: #FFCC00; text-align: left; font-weight: bold"><?=$info['TRACK_MFST_DATE'][0]?></td>
					<td bordercolor="#FFFFFF" style="background-color: #FFCC00">Mail Delivered to Post Office</td>
				</tr>
<?php
				}
?>
			</table>
<?php
			
				}
			}
		}
				// CHECK USPS TRACKING INFO
				//echo 'Track='.$uspsTrack;
				if(!empty($uspsTrack)) {
					$ch = curl_init();
					curl_setopt($ch,CURLOPT_URL,"http://Production.ShippingAPIs.com/ShippingAPI.dll");
					curl_setopt($ch, CURLOPT_POST, 1);
					curl_setopt($ch,CURLOPT_HEADER,0);
					curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
					curl_setopt($ch, CURLOPT_POSTFIELDS, 'API=TrackV2&XML=<TrackFieldRequest USERID="268REMIN3619"><TrackID ID="'.$uspsTrack.'"></TrackID></TrackFieldRequest>');
					$res = curl_exec($ch);
					curl_close($ch);
					
					include(APPPATH.'views/pages/admin/xml2array.php');
					
					$xmlData = new xml2array();
					
					$uspsData = $xmlData->parseXMLintoarray($res);
					
					//showarray($uspsData);
?>
			<div style="margin: 5px auto; width: 500px">
			
				<div style="margin: 0; height: 5px; background-color: #CC0000"></div>
				<div style="margin: 0; padding: 2px; background-color: #0066CB; color: #FFFFFF; font-weight: bold; font-size: 18px; text-align: center">USPS Tracking<br /><span style="font-size: 11px">Tracking # <?=$uspsTrack?></span></div>
				<div style="margin: 0; height: 7px; background-color: #98CCFF"></div>
				<div style="margin: 2px 0 0 0; background-color: #E3F1FC; border: 1px solid #89B9E7">
<?php				
					if (is_array($uspsData['TrackResponse']['TrackInfo']['Error'])) {
					    // echo '<div style="margin: 0; text-align: center; font-weight: bold">Error Getting USPS Tracking Information</div>';
						echo '<div style="margin: 0; text-align: center; font-weight: bold">';
						echo 'USPS Tracking Information is currently not available,<br />';
						echo 'please check-back in 24-48 hours.';
						echo '</div>';
					}
					else {
						if(is_array($uspsData['TrackResponse']['TrackInfo']['TrackSummary'])) {
							$eventTime = $uspsData['TrackResponse']['TrackInfo']['TrackSummary']['EventDate'].' '.$uspsData['TrackResponse']['TrackInfo']['TrackSummary']['EventTime'];
?>
					<div style="margin: 0; padding: 3px; background-color: #89B9E7; color: #FFFFFF; font-weight: bold">Event Summary</div>
					<div style="margin: 0">
					<table width="500" border="0" cellpadding="3" cellspacing="0" style="margin: 2px;">
						<tr>
							<td valign="top" style="font-weight: bold"><?=$eventTime?></td>
							<td valign="top"><?=$uspsData['TrackResponse']['TrackInfo']['TrackSummary']['EventCity']?>, <?=$uspsData['TrackResponse']['TrackInfo']['TrackSummary']['EventState']?></td>
							<td valign="top"><?=$uspsData['TrackResponse']['TrackInfo']['TrackSummary']['Event']?></td>
						</tr>
					</table>
					</div>
<?php
						}
						if(is_array($uspsData['TrackResponse']['TrackInfo']['TrackDetail'])) {
?>
					<div style="margin: 0; padding: 3px; background-color: #89B9E7; color: #FFFFFF; font-weight: bold">Tracking Details</div>
					<table width="500" border="0" align="center" cellpadding="3" cellspacing="0" style="margin: 2px;">
<?php
							if(is_array($uspsData['TrackResponse']['TrackInfo']['TrackDetail'][0])){
								for($i=0; $i<count($uspsData['TrackResponse']['TrackInfo']['TrackDetail']); $i++) {
									$eventTime = $uspsData['TrackResponse']['TrackInfo']['TrackDetail'][$i]['EventDate'].' '.$uspsData['TrackResponse']['TrackInfo']['TrackDetail'][$i]['EventTime'];
?>
						<tr>
							<td valign="top" style="font-weight: bold"><?=$eventTime?></td>
							<td valign="top"><?=$uspsData['TrackResponse']['TrackInfo']['TrackDetail'][$i]['EventCity']?>, <?=$uspsData['TrackResponse']['TrackInfo']['TrackDetail'][$i]['EventState']?></td>
							<td valign="top"><?=$uspsData['TrackResponse']['TrackInfo']['TrackDetail'][$i]['Event']?></td>
						</tr>
<?php
								} // End of TrackDetail Loop
							}else{
								$eventTime = $uspsData['TrackResponse']['TrackInfo']['TrackDetail']['EventDate'].' '.$uspsData['TrackResponse']['TrackInfo']['TrackDetail']['EventTime'];
?>
						<tr>
							<td valign="top" style="font-weight: bold"><?=$eventTime?></td>
							<td valign="top"><?=$uspsData['TrackResponse']['TrackInfo']['TrackDetail']['EventCity']?>, <?=$uspsData['TrackResponse']['TrackInfo']['TrackDetail']['EventState']?></td>
							<td valign="top"><?=$uspsData['TrackResponse']['TrackInfo']['TrackDetail']['Event']?></td>
						</tr>
<?php
							}
?>
					</table>
<?php
						} // End of displaying all Tracking Details
					} // End of displaying all USPS tracking information
?>
				</div>
			
			</div>
<?php
		
	}
	
	// ADD ENDED
	
}else{
	$sSQL = "SELECT ordID FROM orders WHERE ordStatus=1";
	if(@$_POST["act"] != "purge") $sSQL .= " AND ordStatusDate<'" . date("Y-m-d H:i:s", time()-(3*60*60*24)) . "'";
	else $sSQL .= " OR ordStatus=0 AND ordStatusDate<'" . date("Y-m-d H:i:s", time()-(14*60*60*24)) . "'";
	$result = mysql_query($sSQL) or print(mysql_error().$sSQL);
	while($rs = mysql_fetch_assoc($result)){
		$theid = $rs["ordID"];
		$delOptions = "";
		$addcomma = "";
		$result2 = mysql_query("SELECT cartID FROM cart WHERE cartOrderID=" . $theid) or print(mysql_error());
		while($rs2 = mysql_fetch_assoc($result2)){
			$delOptions .= $addcomma . $rs2["cartID"];
			$addcomma = ",";
		}
		if($delOptions != ""){
			$sSQL = "DELETE FROM cartoptions WHERE coCartID IN (" . $delOptions . ")";
			mysql_query($sSQL) or print(mysql_error().$sSQL);
		}
		mysql_query("DELETE FROM cart WHERE cartOrderID=" . $theid) or print(mysql_error());
		mysql_query("DELETE FROM orders WHERE ordID=" . $theid) or print(mysql_error());
	}
	if(@$_POST["act"]=="authorize"){
		do_stock_management(trim($_POST["id"]));
		if(trim($_POST["authcode"]) != "")
			$sSQL = "UPDATE orders set ordAuthNumber='" . mysql_real_escape_string(trim($_POST["authcode"])) . "',ordStatus=3 WHERE ordID=" . $_POST["id"];
		else
			$sSQL = "UPDATE orders set ordAuthNumber='" . mysql_real_escape_string($yyManAut) . "',ordStatus=3 WHERE ordID=" . $_POST["id"];
		if(mysql_query($sSQL)) {
			if(!setNewLocation( 3 , $_POST["id"],'Manual' )) print("Unable to record status change.");
		}else{
			print(mysql_error().$sSQL);
		}
		mysql_query("UPDATE cart SET cartCompleted=1 WHERE cartOrderID=" . $_POST["id"]) or print(mysql_error());
	}elseif(@$_POST["act"]=="status"){
		//echo 'This is the problem';
		$maxitems=(int)($_POST["maxitems"]);
		//for($index=0; $index < $maxitems; $index++){
		if (is_array($_POST['selected'])) {	
			foreach($_POST['selected'] as $key => $value) {
				$index = $value;
				$iordid = trim($_POST["ordid" . $index]);
				$ordstatus = trim($_POST["ordstatus" . $index]);
				$ordauthno = "";
				$oldordstatus=999;
				$result = mysql_query("SELECT ordStatus,ordAuthNumber,ordEmail,ordDate,".getlangid("statPublic",64).",ordStatusInfo,ordName FROM orders INNER JOIN orderstatus ON orders.ordStatus=orderstatus.statID WHERE ordID=" . $iordid) or print(mysql_error());
				if($rs = mysql_fetch_assoc($result)){
					$oldordstatus=$rs["ordStatus"];
					$ordauthno=$rs["ordAuthNumber"];
					$ordemail=$rs["ordEmail"];
					$orddate=strtotime($rs["ordDate"]);
					$oldstattext=$rs[getlangid("statPublic",64)];
					$ordstatinfo=$rs["ordStatusInfo"];
					$ordername=$rs["ordName"];
				}
				if(! ($oldordstatus==999) && ($oldordstatus < 3 && $ordstatus >=3 && $ordstatus !=10 && $ordstatus !=17) || ($oldordstatus==10 && $ordstatus >=3 && $ordstatus !=17) || ($oldordstatus==17 && $ordstatus >=3 && $ordstatus !=10)){
					// This is to force stock management
					mysql_query("UPDATE cart SET cartCompleted=0 WHERE cartOrderID=" . $iordid) or print(mysql_error());
					do_stock_management($iordid);
					//echo 'do_stock_management';
					mysql_query("UPDATE cart SET cartCompleted=1 WHERE cartOrderID=" . $iordid) or print(mysql_error());
					if($ordauthno=="") mysql_query("UPDATE orders SET ordAuthNumber='". mysql_real_escape_string($yyManAut) . "' WHERE ordID=" . $iordid) or print(mysql_error());
				}
				if(! ($oldordstatus==999) && ($oldordstatus!=10 && $oldordstatus!=17 && $oldordstatus >=3 && $ordstatus < 3) || ($oldordstatus >=3 && $oldordstatus!=10 && $oldordstatus!=17 && $ordstatus==10) || ($oldordstatus >=3 && $oldordstatus!=10 && $oldordstatus!=17 && $ordstatus==17)) release_stock($iordid);//echo 'status change release_stock';
				if($iordid != "" && $ordstatus != ""){
					if($oldordstatus != (int)$ordstatus && @$_POST["emailstat"]=="1"){
						$result = mysql_query("SELECT ".getlangid("statPublic",64)." FROM orderstatus WHERE statID=" . $ordstatus);
						if($rs = mysql_fetch_assoc($result))
							$newstattext = $rs[getlangid("statPublic",64)];
						$emailsubject = "Order status updated";
						if(@$orderstatussubject != "") $emailsubject=$orderstatussubject;
						$ose = $orderstatusemail;
						$ose = str_replace("%orderid%", $iordid, $ose);
						$ose = str_replace("%orderdate%", date($dateformatstr, $orddate), $ose);// . " " . date("H:i", $orddate), $ose);
						$ose = str_replace("%oldstatus%", $oldstattext, $ose);
						$ose = str_replace("%newstatus%", $newstattext, $ose);
						$thetime = time() + ($dateadjust*60*60);
						$ose = str_replace("%date%", date($dateformatstr, $thetime), $ose);// . " " . date("H:i", $thetime), $ose);
						$ose = str_replace("%statusinfo%", $ordstatinfo, $ose);
						$ose = str_replace("%ordername%", $ordername, $ose);
						$ose = str_replace("%nl%", $emlNl, $ose);
						if(@$customheaders == ""){
							$customheaders = "MIME-Version: 1.0\n";
							$customheaders .= "From: %from% <%from%>\n";
							if(@$htmlemails==TRUE)
								$customheaders .= "Content-type: text/html; charset=".$emailencoding."\n";
							else
								$customheaders .= "Content-type: text/plain; charset=".$emailencoding."\n";
						}
						$headers = str_replace('%from%',$emailAddr,$customheaders);
						$headers = str_replace('%to%',$ordemail,$headers);
						if((int)$ordstatus==9) {
							$ose = $orderstatusshippedemail;
							$ose = str_replace("%orderid%", $iordid, $ose);
							$ose = str_replace("%orderdate%", date($dateformatstr, $orddate) . " " . date("H:i", $orddate), $ose);
							$emailsubject = $orderstatusshippedsubject;
						}
						mail($ordemail, $emailsubject, $ose, $headers);
					}
					if($oldordstatus != (int)$ordstatus) {
						$sql = "UPDATE orders SET ordStatus=" . $ordstatus . ",ordStatusDate='" . date("Y-m-d H:i:s", time() + ($dateadjust*60*60)) . "' WHERE ordID=" . $iordid;
						$res = mysql_query($sql);
						//echo $sql."<br />";
						if($res) {
							if(!setNewLocation( $ordstatus , $iordid ,'Manual' )) print("Unable to record status change.");
						}else{
							print(mysql_error());
						}
					}
				}
			} // End of loop
		}
	}
	if(@$_POST["sd"] != "")
		$sd = @$_POST["sd"];
	elseif(@$_GET["sd"] != "")
		$sd = @$_GET["sd"];
	else
		$sd = date($admindatestr, time() + ($dateadjust*60*60));
	if(@$_POST["ed"] != "")
		$ed = @$_POST["ed"];
	elseif(@$_GET["ed"] != "")
		$ed = @$_GET["ed"];
	else
		$ed = date($admindatestr, time() + ($dateadjust*60*60));
	$sd = parsedate($sd);
	$ed = parsedate($ed);
	if($sd > $ed) $ed = $sd;
	$fromdate = trim(@$_REQUEST["fromdate"]);
	$todate = trim(@$_REQUEST["todate"]);
	$ordid = trim(str_replace('"',"",str_replace("'","",@$_REQUEST["ordid"])));
	$origsearchtext = trim(unstripslashes(@$_POST["searchtext"]));
	$isMyFrogz = @$_REQUEST['myfrogz'];
	$searchtext = trim(mysql_real_escape_string(unstripslashes(@$_POST["searchtext"])));
	$ordstatus = "";
	
	
	if(@$_POST["powersearch"]=="1" || $_GET["powersearch"]=="1"){
		$sSQL = "SELECT DISTINCT ordID,ordName,ordPayProvider,payProvName,ordAuthNumber,ordDate,ordStatus,ordShipType,ordTotal-ordDiscount AS ordTot,ordStateTax,ordShipping,ordTransID,order_changed,ordDiscountText,ordEID,ordAffiliate,ordPrinted_logan";
		$sSQL .= " FROM orders o LEFT JOIN payprovider pp ON pp.payProvID = o.ordPayProvider ";
		$sSQL .= ' WHERE ordStatus >= 0 ';
		$addcomma = "";
		if(is_array(@$_POST["ordstatus"])){
			foreach($_POST["ordstatus"] as $objValue){
				if(is_array($objValue))$objValue=$objValue[0];
				$ordstatus .= $addcomma . $objValue;
				$addcomma = ",";
			}
		}else{
			$ordstatus = trim((string)@$_REQUEST["ordstatus"]);
		}
		//discounts
		$ordcoupon = trim((string)$_POST["ordcoupon"]);
		if($ordid != ""){
			if(is_numeric($ordid)){
				$sSQL .= " AND ordID=" . $ordid;			
			}elseif(is_array(explode(',',$ordid))){
				$sSQL .= " AND ordID IN ('" . str_replace(',',"','",$ordid) ."')";
			}else{
				$success=FALSE;
				$errmsg="The order id you specified seems to be invalid - " . $ordid;
				$sSQL .= " AND ordID=0";
			}
		}else{
			if($fromdate != ""){
				if(is_numeric($fromdate))
					$thefromdate = time()-($fromdate*60*60*24);
				else
					$thefromdate = parsedate($fromdate);
				if($todate=="")
					$thetodate = $thefromdate;
				elseif(is_numeric($todate))
					$thetodate = time()-($todate*60*60*24);
				else
					$thetodate = parsedate($todate);
				if($thefromdate > $thetodate){
					$tmpdate = $thetodate;
					$thetodate = $thefromdate;
					$thefromdate = $tmpdate;
				}
				$sd = $thefromdate;
				$ed = $thetodate;
				$sSQL .= " AND ordDate BETWEEN '" . date("Y-m-d", $sd) . "' AND '" . date("Y-m-d", $ed) . " 23:59:59'";
			}
			
			
			
			//discount
			if ($ordcoupon != "") {
				$sSQL .= " AND (ordCoupon LIKE '" . $ordcoupon . ",%' OR ordCoupon LIKE '%," . $ordcoupon . ",%' OR ordCoupon LIKE '%," . $ordcoupon . "' OR ordCoupon = '" . $ordcoupon . "')";
			}
			if($_SESSION["return_status_search"]!="") $sSQL .= " AND ordReturnID=".$_SESSION["return_status_search"]; 
			if($ordstatus != "" && strpos($ordstatus,"9999")===FALSE) $sSQL .= " AND ordStatus IN (" . $ordstatus . ")";
			if($searchtext != "") $sSQL .= " AND (payProvShow LIKE '%" . $searchtext . "%' OR ordTransID LIKE '%" . $searchtext . "%' OR ordAuthNumber LIKE '%" . $searchtext . "%' OR ordName LIKE '%" . $searchtext . "%' OR ordEmail LIKE '%" . $searchtext . "%' OR ordAddress LIKE '%" . $searchtext . "%' OR ordCity LIKE '%" . $searchtext . "%' OR ordState LIKE '%" . $searchtext . "%' OR ordZip LIKE '%" . $searchtext . "%' OR ordPhone LIKE '%" . $searchtext . "%' OR ordShipType LIKE '%" . $searchtext . "%' OR ordShipName LIKE '%" . $searchtext . "%')";
			if($_POST['ordPOAPOs'] == 'shipping_APOs') {
				$sSQL .= " AND IF(ordShipAddress != '',ordShipState IN('AA','AE','AP') AND ordShipPoApo = 1,ordState IN('AA','AE','AP') AND ordPoApo = 1)";
			}elseif($_POST['ordPOAPOs'] == 'shipping_POs') {
				$sSQL .= " AND IF(ordShipAddress != '',ordShipState NOT IN('AA','AE','AP') AND ordShipPoApo = 1,ordState NOT IN('AA','AE','AP') AND ordPoApo = 1)";
			}elseif($_POST['ordPOAPOs'] == 'shipping_PO_APO') {
				$sSQL .= " AND IF(ordShipAddress != '',ordShipPoApo = 1,ordPoApo = 1)";
			}elseif($_POST['ordPOAPOs'] == 'APOs') {
				$sSQL .= " AND ((ordPoApo = 1 AND ordState IN('AA','AE','AP')) OR (ordPoApo = 1 AND ordState IN('AA','AE','AP')))";
			}elseif($_POST['ordPOAPOs'] == 'PO_APO') {
				$sSQL .= " AND (ordPoApo = 1 OR ordShipPoApo = 1)";
			}elseif($_POST['ordPOAPOs'] == 'POs') {
				$sSQL .= " AND ((ordPoApo = 1 AND ordState NOT IN('AA','AE','AP')) OR (ordPoApo = 1 AND ordState NOT IN('AA','AE','AP')))";
			}
			if($_POST['custID'] !="") $sSQL .= " AND ordEID=".$_POST['custID'];
			/*if($_POST['optName'] != 'none') {
				$sSQL .= " AND co.coCartOption = '".$_POST['optName']."'";
			}
			if($_POST['prodName'] != 'none') {
				$sSQL .= " AND c.CartProdID = '".$_POST['prodName']."'";
			}*/
			if ($_POST['custID'] !="") {
			    $sSQL .= " AND ordEID=".$_POST['custID'];
			} else {
			    $sSQL .= " AND ordEID!=34";
			}
			if (!empty($_REQUEST['myfrogz'])) {
				$sSQL .= " AND ( ordAuthNumber LIKE 'AT&T-%' OR ordAuthNumber LIKE 'KC_%' )";
			} else {
				$sSQL .= " AND ( ordAuthNumber NOT LIKE 'AT&T-%' AND ordAuthNumber NOT LIKE 'KC_%' )";
			}
			if ($_POST['ship_type']) {
				$sSQL .= " AND ordShipType = '" . $_POST['ship_type'] . "'";
			}
		}
		$sSQL .= " ORDER BY ordID";
	}
	else {
		$sSQL = "SELECT ordID,ordName,ordPayProvider,payProvName,ordAuthNumber,ordDate,ordStatus,ordShipType,ordTotal-ordDiscount AS ordTot,ordStateTax,ordShipping,ordTransID,order_changed,ordEID,ordAffiliate,ordPrinted_logan FROM orders LEFT JOIN payprovider ON payprovider.payProvID=orders.ordPayProvider 
				 WHERE ordStatus <> 1 
				 AND ordEID !=34
				 AND ordAuthNumber NOT LIKE 'AT&T-%'
				 AND ordDate BETWEEN '" . date("Y-m-d", $sd) . "' AND '" . date("Y-m-d", $ed) . " 23:59:59' 
				 ORDER BY ordID";
	}
	$alldata = mysql_query($sSQL) or print(mysql_error().'<br />'.$sSQL);
	echo "<!-- Chad \n".$sSQL." -->";
	$hasdeleted=false;
	$sSQL = "SELECT COUNT(*) AS NumDeleted FROM orders WHERE ordStatus=1";
	$result = mysql_query($sSQL) or print(mysql_error().$sSQL);
	$rs = mysql_fetch_assoc($result);
	if($rs["NumDeleted"] > 0) $hasdeleted=true;
	mysql_free_result($result);
?>
<link type="text/css" href="http://assets.ifrogz.com/lib/packages/jquery-ui/1.7.2/ui-lightness/jquery-ui.custom.css" rel="Stylesheet" />
<script language="JavaScript" type="text/javascript" charset="utf-8" src="http://assets.ifrogz.com/lib/packages/jquery/1.3.2/jquery.min.js"></script>
<script language="JavaScript" type="text/javascript" charset="utf-8" src="http://assets.ifrogz.com/lib/packages/jquery-ui/1.7.2/jquery-ui.custom.min.js"></script>
<script language="JavaScript" type="text/javascript" charset="utf-8">
<!--
	jQuery.noConflict();
	
	jQuery(document).ready(function() {
		jQuery("input.calendar").datepicker({ 
							showOn: 'button', 
							buttonImage: '/lib/images/misc/calendar.png', 
							buttonImageOnly: true, 
							dateFormat: 'yy-mm-dd', 
							showButtonPanel: true,
							changeMonth: true,
							changeYear: true,
							minDate: '-5Y',
							maxDate: '+5Y'
							}).css('margin-right', '5px');
							
		jQuery('img.ui-datepicker-trigger').css({'vertical-align' : 'middle', 'cursor' : 'pointer'});
		
		jQuery('#select_all').click(function() {
			var g = 0;
			var j=0;
			if (jQuery(this).is(':checked')) {
				jQuery.each(jQuery('.ord_checkbox'), function(i, val){
					jQuery(val).attr('checked', true);
				});
			} else {
				jQuery.each(jQuery('.ord_checkbox'), function(i, val){
					jQuery(val).attr('checked', false);
				});
			}
		});
		
		jQuery(".sel_location").change(function() {
			var row = jQuery(this).attr('rowcounter');
			var original = jQuery('input[type=hidden][name^=orig_location][rowcounter=' + row + ']').val();
			var val = jQuery('.sel_location[rowcounter=' + row + ']').val();
			if (original != val) {
				jQuery('.ord_checkbox[rowcounter=' + row + ']').attr('checked', true);
				jQuery('.undo_location[rowcounter=' + row + ']').fadeIn('fast');
				jQuery('.undo_location[rowcounter=' + row + ']').bind('click', function(event) {
					jQuery('.undo_location[rowcounter=' + row + ']').fadeOut('fast');
					jQuery('.sel_location[rowcounter=' + row + ']').val(original);
					jQuery('.ord_checkbox[rowcounter=' + row + ']').attr('checked', false);
					jQuery('.undo_location[rowcounter=' + row + ']').unbind('click');
				});
			} else {
				jQuery('.ord_checkbox[rowcounter=' + row + ']').attr('checked', false);				
			}
		});
		
		jQuery("#myfrogz_dialog").dialog({
					bgiframe: true,
					autoOpen: false,
					modal: true,
					closeOnEscape: true
		});
		
		jQuery("#myfrogz_info").css('cursor', 'pointer').click(function() {
			jQuery("#myfrogz_dialog").dialog('open');
		});
	});
	

function delrec(id) {
cmsg = "<?php print $yyConDel?>\n"
if (confirm(cmsg)) {
	document.mainform.id.value = id;
	document.mainform.act.value = "delete";
	document.mainform.sd.value="<?php print date($admindatestr, $sd)?>";
	document.mainform.ed.value="<?php print date($admindatestr, $ed)?>";
	document.mainform.submit();
}
}
function authrec(id) {
var aucode;
cmsg = "<?php print $yyEntAuth?>"
if ((aucode=prompt(cmsg,'<?php print $yyManAut?>'))!=null) {
	document.mainform.id.value = id;
	document.mainform.act.value = "authorize";
	document.mainform.authcode.value = aucode;
	document.mainform.sd.value="<?php print date($admindatestr, $sd)?>";
	document.mainform.ed.value="<?php print date($admindatestr, $ed)?>";
	document.mainform.submit();
}
}
function checkcontrol(tt,evt){
<?php if(strstr(@$HTTP_SERVER_VARS["HTTP_USER_AGENT"], "Gecko")){ ?>
theevnt = evt;
return;
<?php }else{ ?>
theevnt=window.event;
<?php } ?>
if(theevnt.ctrlKey){
	maxitems=document.mainform.maxitems.value;
	for(index=0;index<maxitems;index++){
		if(eval('document.mainform.ordstatus'+index+'.length') > tt.selectedIndex){
			eval('document.mainform.ordstatus'+index+'.selectedIndex='+tt.selectedIndex);
			eval('document.mainform.ordstatus'+index+'.options['+tt.selectedIndex+'].selected=true');
		}
	}
}
}
function displaysearch(){
thestyle = document.getElementById('searchspan').style;
if(thestyle.display=='none')
	thestyle.display = 'block';
else
	thestyle.display = 'none';
}
function checkprinter(tt,evt,cnt){

<?php if(strstr(@$HTTP_SERVER_VARS["HTTP_USER_AGENT"], "Gecko")){ ?>
if(evt.ctrlKey || evt.altKey || document.mainform.ctrlmod[document.mainform.ctrlmod.selectedIndex].value=="1"){
	tt.href += "&printer=true";
	window.location.href = tt.href;
}
if(document.mainform.ctrlmod[document.mainform.ctrlmod.selectedIndex].value=="2"){
	//if($('ordstatus'+cnt).value>5 && $('ordstatus'+cnt).value<10 && $('ordstatus'+cnt).value!=17 && $('ordstatus'+cnt).value!=10) {
		//alert("Orders the have been set to packing cannot be changed.");
		//return(false);
	//} else 
	tt.href += "&doedit=true"; 
	window.location.href = tt.href;
}
<?php }else{ ?>
theevnt=window.event;
if(theevnt.ctrlKey || document.mainform.ctrlmod[document.mainform.ctrlmod.selectedIndex].value=="1")tt.href += "&printer=true";
//if($('ordstatus'+cnt).value>5 && $('ordstatus'+cnt).value!=1 && $('ordstatus'+cnt).value!=17) {
	//alert("Orders the have been set to packing cannot be changed.");
	//return(false);
//} else {
	if(document.mainform.ctrlmod[document.mainform.ctrlmod.selectedIndex].value=="2")tt.href += "&doedit=true";
//}
<?php } ?>
return(true);
}

function checkforedit(ele){
	if($(ele).value==2){
		alert("If you are add/deleting or changing an item in the order please change status of the order to cancelled first. This is to keep the inventory accurate. After you have made the changes please set the status back to the old status. Please don't edit orders that have already been set to packing.");
		
	}
}
// -->
</script>
      <table border="0" cellspacing="0" cellpadding="0" width="100%" bgcolor="">
        <tr>
          <td width="100%" align="center">
<?php	$themask = 'yyyy-mm-dd';
		if($admindateformat==1)
			$themask='mm/dd/yyyy';
		elseif($admindateformat==2)
			$themask='dd/mm/yyyy';
		if(! $success) print "<p><font color='#FF0000'>" . $errmsg . "</font></p>"; ?>
			<span name="searchspan" id="searchspan" <?php //if($usepowersearch) print 'style="display:block"'; else print 'style="display:none"'?>>
            <table width="100%" border="0" cellspacing="1" cellpadding="2" bgcolor="">
			  <form method="post" action="/admin/orders.php" name="psearchform">
			  <input type="hidden" name="powersearch" value="1" />
			  <tr bgcolor="#030133"><td colspan="6"><strong><font color="#E7EAEF">&nbsp;<?php print $yyPowSea?></font></strong></td></tr>
			  <tr bgcolor="#E7EAEF"> 
                <td align="right" width="15%"><strong><?php print $yyOrdFro?>:</strong></td>
				<td width="15%" align="left" nowrap="nowrap">&nbsp;
			    	<input type="text" size="14" name="fromdate" id="fromdate" class="calendar" value="<?php print $fromdate?>" />
				</td>
				<td width="15%" align="right"><strong>E-tailers:</strong></td>
				<td align="left" width="15%">
				<select name="custID">
				 	<option value="" <?=(empty($_POST['custID']))?' selected="selected"':''?>>None Selected</option>
				 <? 
				 $sql_EID="SELECT custID, Name FROM customers WHERE active=1";
				 $result_EID=mysql_query($sql_EID);
				 while($rs_EID=mysql_fetch_array($result_EID)){ ?>
					  	<option value="<?=$rs_EID['custID']?>" <? if($_POST['custID']==$rs_EID['custID']) echo " selected"?>><?= str_replace('<br />',' ',$rs_EID['Name'])?></option>
				<? } ?> 
				 </select>				</td>
				<td align="right" width="20%"><strong><?php print $yyOrdTil?>:</strong></td>
				<td align="left" width="25%">
					<input type="text" size="14" name="todate" id="todate" class="calendar" value="<?php print $todate?>" />
				</td>
			  </tr>
			  <tr bgcolor="#EAECEB">
				<td align="right"><strong><?php print $yyOrdId?>:</strong></td>
				<td align="left">&nbsp;<input type="text" size="14" name="ordid" value="<?php print $ordid?>" /><img src="/lib/images/misc/info_icon.png" id="myfrogz_info" align="absmiddle" /></td>
				<td align="right"><strong>PO/APOs:</strong></td>
				<td align="left">
					<select id="ordPOAPOs" name="ordPOAPOs">
						<option value="none"<?=(empty($_POST['ordPOAPOs']))?' selected="selected"':''?>>None Selected</option>
						<option value="APOs"<?=($_POST['ordPOAPOs'] == 'APOs')?' selected="selected"':''?>>APOs</option>
						<option value="PO_APO"<?=($_POST['ordPOAPOs'] == 'PO_APO')?' selected="selected"':''?>>PO/APOs</option>
						<option value="POs"<?=($_POST['ordPOAPOs'] == 'POs')?' selected="selected"':''?>>POs</option>
						<option value="shipping_APOs"<?=($_POST['ordPOAPOs'] == 'shipping_APOs')?' selected="selected"':''?>>Shipping to APOs</option>
						<option value="shipping_PO_APO"<?=($_POST['ordPOAPOs'] == 'shipping_PO_APO')?' selected="selected"':''?>>Shipping to PO/APOs</option>
						<option value="shipping_POs"<?=($_POST['ordPOAPOs'] == 'shipping_POs')?' selected="selected"':''?>>Shipping to POs</option>
					</select>				</td>
				<td align="right"><strong><?php print $yySeaTxt?>:</strong></td>
				<td align="left" valign="middle">
				  <input type="text" size="30" name="searchtext" value="<?php print $origsearchtext?>" /></td>
			  </tr>
			  <tr bgcolor="#E7EAEF">
				<td rowspan="2" align="right"><strong><?php print $yyOrdSta?>:</strong></td>
				<td rowspan="2" align="left">&nbsp;<select name="ordstatus[]" size="5" multiple><option value="9999" <?php if(strpos($ordstatus,"9999") !== FALSE) print "selected"?>><?php print $yyAllSta?></option><?php
						$ordstatus="";
						$addcomma = "";
						if(is_array(@$_REQUEST["ordstatus"])){
							foreach($_REQUEST["ordstatus"] as $objValue){
								if(is_array($objValue))$objValue=$objValue[0];
								$ordstatus .= $addcomma . $objValue;
								$addcomma = ",";
							}
						}else
							$ordstatus = trim(@$_REQUEST["ordstatus"]);
						$ordstatusarr = explode(",", $ordstatus);
						for($index=0; $index < $numstatus; $index++){
							print '<option value="' . $allstatus[$index]["statID"] . '"';
							if(is_array($ordstatusarr)){
								foreach($ordstatusarr as $objValue)
									if($objValue==$allstatus[$index]["statID"]) print " selected";
							}
							print ">" . $allstatus[$index]["statPrivate"] . "</option>";
						} ?></select>				</td>
				<td rowspan="2" align="right"><strong><?=$yyOrdCou?>:</strong></td>
				<td rowspan="2" align="left">
				<? $sSQL2="SELECT DISTINCT cpnID,cpnName,cpnNumber FROM orders o LEFT JOIN coupons c ON o.ordCoupon=c.cpnID WHERE ordDiscount>0 ORDER BY cpnNumber,cpnName";
					$result2=mysql_query($sSQL2) or die(mysql_error().$sSQL2);
					$total2=mysql_num_rows($result2);?>
					<select name="ordcoupon" size="5" style="width:250px; font-size:10px; ">
					 	<? while($rs2=mysql_fetch_array($result2)){ ?>
					  	<option value="<?=$rs2['cpnID']?>" <?=$rs2['cpnNumber']==""?"":'style="font-weight:bold;"'?> <? if($ordcoupon==$rs2['cpnID']) echo " selected"?>><?=$rs2['cpnNumber']==""?"":$rs2['cpnNumber'].' | '?> <?= str_replace('<br />',' ',$rs2['cpnName'])?></option>
						<? } ?>
					</select>
					<div style="font-size:9px;">Coupons are in bold</div>
					</td>
				<td align="right" valign="middle"><strong>Return Status:</strong></td>
				<td align="left" valign="middle">
						<?
						$sql_return="SELECT * FROM returns ORDER BY status_order";
						$result_return=mysql_query($sql_return);
						?>
						<select name="return_status_search">
						  <option value="" <?php if ($_SESSION['return_status_search']=="") {echo "selected=\"selected\"";} ?>></option>
						  <? while($row_return=mysql_fetch_assoc($result_return)){?>
						  <option value="<?=$row_return["id"]?>" <?php if (!(strcmp($row_return["id"], $_SESSION['return_status_search']))) {echo "selected=\"selected\"";} ?>>
						  <?=$row_return["status"]?>
						  </option>
						  <? } ?>
					  </select></td>
			  </tr>
			  <tr bgcolor="#E7EAEF">
			    <td align="right"><strong>Shipping Method:</strong></td>
			    <td align="left">
					<select name="ship_type">
			    	<?php
					$allowed_types = "'Standard','Priority Mail','FedEx Express','FedEx Overnight','International','International HK'";
			    	$sql_ship = "SELECT DISTINCT ordShipType FROM orders WHERE ordShipType IN($allowed_types)";
					$res_ship = mysql_query($sql_ship) or print(mysql_error());
					$p = 0;
					while ($row_ship = mysql_fetch_assoc($res_ship)) {
						if ($_POST['ship_type'] == $row_ship['ordShipType']) {
							$selected = ' selected="selected"';
						} else {
							$selected = '';
						}
						if ($p == 0) {
							echo "<option value=''>None</option>";
						}
					?>
						<option value="<?=$row_ship['ordShipType']?>"<?=$selected?>><?=$row_ship['ordShipType']?></option>
					<?php
						$p++;
					}
			    	?>
					</select>
			    </td>
			    </tr>
			  
			  <tr bgcolor="#E7EAEF">
				<td colspan="3" align="left"><input type="checkbox" name="startwith" value="1" <?php if($usepowersearch) print "checked"?> />				  <strong><?php print $yyStaPow?></strong></td>
				<td align="left" valign="center"><input type="checkbox" name="myfrogz" value="myfrogz" id="myfrogz"<?=(!empty($isMyFrogz)) ? ' checked="checked"' : ''?> />&nbsp;MyFrogz Orders</td>
				<td colspan="2" align="center">
				  <input type="submit" value="<?php print $yySearch?>" /> <input type="button" value="Stats" onclick="document.forms.psearchform.action='/admin/stats1.php';document.forms.psearchform.submit();" /></td>
			  </tr>
			  
			  <tr>
			  	<td colspan="6">
				<?
					$sql_status =  "SELECT count( * ) as statcount , os.statPrivate , os.statID
									FROM orders o, orderstatus os
									WHERE o.ordStatus = os.statID
									AND (o.ordStatus BETWEEN 0 AND 10 OR o.ordStatus = 17)
									AND o.ordName != ''
									AND o.ordDate BETWEEN '" . date("Y-m-d", $sd) . "' AND '" . date("Y-m-d", $ed) . " 23:59:59'";
				if (!empty($_REQUEST['myfrogz'])) {
					$sql_status .= " AND ordAuthNumber LIKE 'AT&T-%'";
				} else {
					$sql_status .= " AND ordAuthNumber NOT LIKE 'AT&T-%'";
				}
					$sql_status .= " GROUP BY os.statID,os.statPrivate";
					$result_status=mysql_query($sql_status);
					while($row_status=mysql_fetch_assoc($result_status)){?>
			  		<div style="color:#000066; font-weight:bold; border:#030133 solid 1px; margin:2px; float:left; width:146px;padding:2px; text-align:center; background-color:#E7EAEF;"><a href="/admin/orders.php?powersearch=1&ordstatus=<?=$row_status['statID']?>&fromdate=<?=date("Y-m-d", $sd)?>&todate=<?=date("Y-m-d", $ed)?>&myfrogz=<?=$_REQUEST['myfrogz']?>"><?=$row_status['statID'].'-'.$row_status['statPrivate'].': '.$row_status['statcount'] ?></a></div>
			  	<? } ?>			  	</td>
			  </tr>
			  </form>
			</table>
			
			<div id="myfrogz_dialog" title="Update">
				Whenever you put in an order number, the "MyFrogz" checkbox will be ignored
			</div>
			
			</span>
            <table width="100%" border="0" cellspacing="0" cellpadding="2" bgcolor="">
			  <form method="post" action="/admin/orders.php">
			   <tr>
			    <td width="37%" align="center"> <input type="button" value="<?php print $yyPowSea?>" onclick="displaysearch()" /></td><td width="37%" colspan="2" align="center"><p><strong><?php print $yyShoFrm?>:</strong> <select name="sd" size="1"><?php
					$gotmatch=FALSE;
					$thetime = time() + ($dateadjust*60*60);
					$dayToday = date("d",$thetime);
					$monthToday = date("m",$thetime);
					$yearToday = date("Y",$thetime);
					for($index=$dayToday; $index > 0; $index--){
						$thedate = mktime(0, 0, 0, $monthToday, $index, $yearToday);
						$thedatestr = date($admindatestr, $thedate);
						print "<option value='" . $thedatestr . "'";
						if($thedate==$sd){
							print " selected";
							$gotmatch=TRUE;
						}
						print ">" . $thedatestr . "</option>\n";
					}
					for($index=1; $index<=12; $index++){
						$thedatestr = date($admindatestr, $thedate = mktime(0,0,0,date("m",$thetime)-$index,1,date("Y",$thetime)));
						if(! $gotmatch && $thedate < $sd){
							print "<option value='" . date($admindatestr, $sd) . "' selected>" . date($admindatestr, $sd) . "</option>";
							$gotmatch=TRUE;
						}
						print "<option value='" . $thedatestr . "'";
						if($thedate==$sd){
							print " selected";
							$gotmatch=TRUE;
						}
						print ">" . $thedatestr . "</option>\n";
					}
					if(!$gotmatch) print "<option value='" . date($admindatestr, $sd) . "' selected>" . date($admindatestr, $sd) . "</option>";
				?></select> <strong><?php print $yyTo?>:</strong> <select name="ed" size="1"><?php
					$gotmatch=FALSE;
					$dayToday = date("d",$thetime);
					$monthToday = date("m",$thetime);
					$yearToday = date("Y",$thetime);
					for($index=$dayToday; $index > 0; $index--){
						$thedate = mktime(0, 0, 0, $monthToday, $index, $yearToday);
						$thedatestr = date($admindatestr, $thedate);
						print "<option value='" . $thedatestr . "'";
						if($thedate==$ed){
							print " selected";
							$gotmatch=TRUE;
						}
						print ">" . $thedatestr . "</option>\n";
					}
					for($index=1; $index<=12; $index++){

						if(! $gotmatch && $thedate < $ed){
							print "<option value='" . date($admindatestr, $ed) . "' selected>" . date($admindatestr, $ed) . "</option>";
							$gotmatch=TRUE;
						}
						$thedatestr = date($admindatestr, $thedate = mktime(0,0,0,date("m",$thetime)-$index,1,date("Y",$thetime)));
						print "<option value='" . $thedatestr . "'";
						if($thedate==$ed){
							print " selected";
							$gotmatch=TRUE;
						}
						print ">" . $thedatestr . "</option>\n";
					}
					if(!$gotmatch) print "<option value='" . date($admindatestr, $sd) . "' selected>" . date($admindatestr, $sd) . "</option>";
				?></select> <input type="submit" value="Go" /></td>
			  </tr>
			  <tr>
			    <td colspan="3">
				* Order has Custom Screenz | 
				<span style="color:#00CC00;">order has been changed</span> | 
				<span style="background-color:#FA6561; padding:2px;">etailer</span> |
				<span style="color:#FF0000;">unauthorized</span> |	<span style="background-color: #FFC58A; padding:2px;">affiliate</span> | <img src="/lib/images/misc/icon_headphones.png" /> Order has custom headphones</td>
			    </tr>
			  </form>
			</table>
			<table width="100%" border="0" cellspacing="1" cellpadding="2" bgcolor="">
			  <tr bgcolor="#030133"> 
                <td align="center" align="center"><input type="checkbox" name="select_all" value="yes" id="select_all" /></td>
				<td align="center"><strong><font color="#E7EAEF"><?php print $yyOrdId?></font></strong></td>
				<td align="center"><strong><font color="#E7EAEF"><?php print $yyName?></font></strong></td>
				<td align="center"><strong><font color="#E7EAEF"><?php print $yyMethod?></font></strong></td>
				<td align="center"><strong><font color="#E7EAEF"><?php print $yyAutCod?></font></strong></td>
				<td align="center"><strong><font color="#E7EAEF">Order Amt</font></strong></td>
				<td align="center"><strong><font color="#E7EAEF"><?php print $yyDate?></font></strong></td>
				<td align="center"><strong><font color="#E7EAEF"><?php print $yyStatus?></font></strong></td>
		        <td align="center">&nbsp;</td>
			  </tr>
			  <form method="post" name="mainform" action="/admin/orders.php">
			  <?php if(@$_POST["powersearch"]=="1"){ ?>
			  <input type="hidden" name="powersearch" value="1" />
			  <input type="hidden" name="fromdate" value="<?php print trim(@$_POST["fromdate"])?>" />
			  <input type="hidden" name="todate" value="<?php print trim(@$_POST["todate"])?>" />
			  <input type="hidden" name="ordid" value="<?php print trim(str_replace('"','',str_replace("'",'',@$_POST["ordid"])))?>" />
			  <input type="hidden" name="origsearchtext" value="<?php print trim(str_replace('"','&quot;',@$_POST["searchtext"]))?>" />
			  <input type="hidden" name="searchtext" value="<?php print trim(str_replace('"',"&quot;",@$_POST["searchtext"]))?>" />
			  <input type="hidden" name="ordstatus[]" value="<?php print $ordstatus?>" />
			  <input type="hidden" name="startwith" value="<?php if($usepowersearch) print "1"?>" />
			  <input type="hidden" name="myfrogz" value="<?php print $isMyFrogz?>" />
			  <?php } ?>
			  <input type="hidden" name="act" value="xxx" />
			  <input type="hidden" name="id" value="xxx" />
			  <input type="hidden" name="authcode" value="xxx" />
			  <input type="hidden" name="ed" value="<?php print date($admindatestr, $ed)?>" />
			  <input type="hidden" name="sd" value="<?php print date($admindatestr, $sd)?>" />
<?php
	if(mysql_num_rows($alldata) > 0){
		$rowcounter=0;
		$ordTot=0;
		$i=0;
		$num_rows_order=mysql_num_rows($alldata);
		while($rs = mysql_fetch_assoc($alldata)){
			$order_id_array[$i]=$rs["ordID"];			
			//check for split order
			$splitstr='';
			$sql_split="SELECT * FROM orderssplit WHERE orgOrder=".$rs["ordID"]." OR newOrder=".$rs["ordID"];
			$result_split=mysql_query($sql_split);
			if(mysql_num_rows($result_split)>0) {
				$row_split=mysql_fetch_assoc($result_split);
				$splitstr=$row_split['orgOrder'].','.$row_split['newOrder'];
				$splitType=$row_split['splitType'];
			}
			
			//check for custom screenz
			$hascustomscreen='';
			$sql_check="SELECT * FROM cart WHERE cartOrderID=".$rs["ordID"]." AND cartProdID LIKE '%-Custom'";
			$result_check=mysql_query($sql_check);
			if(mysql_num_rows($result_check)>0) $hascustomscreen='*';
			
			//check for dropshipper
			$dropshipper='';
			$sql_check_ds="SELECT p.pDropship FROM cart c JOIN products p ON c.cartProdID=p.pID WHERE p.pDropship>0 AND cartOrderID=".$rs["ordID"];
			$result_check_ds=mysql_query($sql_check_ds);
			$comma='';
			while($row_check_ds=mysql_fetch_assoc($result_check_ds)) {
				$sql_get_ds="SELECT dsName FROM dropshipper WHERE dsID=".$row_check_ds["pDropship"];
				$result_get_ds=mysql_query($sql_get_ds);
				if(mysql_num_rows($result_get_ds)>0){
					$row_get_ds=mysql_fetch_assoc($result_get_ds);
					if(!strstr($dropshipper,$row_get_ds['dsName']))$dropshipper.=$comma.$row_get_ds['dsName'];
				}
				$comma=', ';
			}
			
			// Check for custom headphones
			$hasCustomHeadphones = false;
			$arrCustHeadphones = array('customnervepipe', 'customfallout', 'customhype');
			$strCustHeadphones = "'".implode("','",$arrCustHeadphones)."'";
			$sql_check_cust_headphones = "SELECT * 
										  FROM cart 
										  WHERE cartProdID IN($strCustHeadphones) 
										  AND cartOrderID = ".$rs["ordID"];
			$res_check_cust_headphones = mysql_query($sql_check_cust_headphones);
			if (mysql_num_rows($res_check_cust_headphones) > 0) {
				$hasCustomHeadphones = true;
			}
			
			$i++;			
			$total_tax_shipping=$rs["ordTot"]+$rs["ordStateTax"]+$rs["ordShipping"];
			if($rs["ordStatus"]>=3) $ordTot += $total_tax_shipping;
			if($rs["ordStatus"]>=3) $num_auth_order += 1;
			if($rs["ordAuthNumber"]=="" || is_null($rs["ordAuthNumber"])){
				$startfont="<font color='#FF0000'>";
				$endfont="</font>";
			} else{
				$startfont="";
				$endfont="";
			}
			if($rs["order_changed"]=='yes'){ 
				$startfont="<font color='#00CC00'>";
				$endfont="</font>";
			}
			if(@$bgcolor=="#E7EAEF") $bgcolor="#EAECEB"; else $bgcolor="#E7EAEF";
			if(!empty($rs["ordAffiliate"]) && isset($rs["ordAffiliate"])) $bgcolor="#FFC58A";
			if(!empty($rs["ordEID"])) $bgcolor="#FA6561";
			//if($hascustomscreen) $bgcolor="#FFFF99";
			
            if ($hasCustomHeadphones) {
            	$strCH = 'style="background: url(\'/lib/images/misc/icon_headphones.png\') no-repeat right;"';
            } else {
            	$strCH = '';
            }
?>
			  <tr bgcolor="<?php print $bgcolor?>"> 
                <td align="center" style="width: 10px;"><input type="checkbox" rowcounter="<?=$rowcounter?>" class="ord_checkbox" name="selected[]" value="<?=$rowcounter?>" id="selected<?=$rs["ordID"]?>" /></td>
				<td align="center" <?=$strCH?>>
				<span style="float:left;"><a href="/admin/orders.php?powersearch=1&ordid=<?=$rs["ordID"]?>">[go]</a></span>
				<a onclick="return(checkprinter(this,event,<?=$rowcounter?>));" href="/admin/orders.php?id=<?php print $rs["ordID"]?>"><?php print "<strong>" . $startfont . $hascustomscreen.$rs["ordID"] . $endfont . "</strong>"?></a>
				<? if(!empty($splitstr)){
						if($splitType=='Cloned'){
							if($rs["ordAuthNumber"]=='CLONED') $linktext='View Orig';
							else $linktext='View Cloned';
						} else {
							if($rs["ordAuthNumber"]=='Split Order') {$num_auth_order--; $linktext='View Orig';}
							else $linktext='View Split';
					 	}?>
					 <a href="/admin/orders.php?powersearch=1&ordid=<?=$splitstr?>"><?=$linktext?></a>
				<? } ?>				</td>
				<td align="center"><a onclick="return(checkprinter(this,event,<?=$rowcounter?>));" href="/admin/orders.php?id=<?php print $rs["ordID"]?>"><?php print $startfont . $rs["ordName"] . $endfont?></a></td>
				<td align="center"><?php print $startfont . $rs["payProvName"] . ($rs["payProvName"]=='PayPal' && trim($rs["ordTransID"]) != '' ? ' CC' : '') . $endfont?></td>
				<td align="center"><?php
					if($rs["ordAuthNumber"]=="" || is_null($rs["ordAuthNumber"])){
						$isauthorized=FALSE;
						print '<input type="button" name="auth" value="' . $yyAuthor . '" onclick="authrec(\'' . $rs["ordID"] . '\')" />';
					}else{
						print '<a href="#" title="' . FormatEuroCurrency($rs["ordTot"]) . '" onclick="authrec(\'' . $rs["ordID"] . '\');return(false);">' . $startfont . $rs["ordAuthNumber"] . $endfont . '</a>';
						$isauthorized=TRUE;
					}
				?></td>
				<td align="center"><?=FormatEuroCurrency($total_tax_shipping)?></td>
				<td align="center"><font size="1"><?php print $startfont . date($admindatestr . "\<\\b\\r\>H:i:s", strtotime($rs["ordDate"])) . $endfont?></font></td>
				<td align="center" nowrap="nowrap">
					<input type="hidden" name="ordid<?php print $rowcounter?>" value="<?php print $rs["ordID"]?>" />
					<input type="hidden" name="orig_location[]" rowcounter="<?=$rowcounter?>" value="<?=$rs["ordStatus"]?>" id="orig_location<?php print $rowcounter?>" />
					<select id="ordstatus<?php print $rowcounter?>" rowcounter="<?=$rowcounter?>" class="sel_location" name="ordstatus<?php print $rowcounter?>" size="1" onchange="checkcontrol(this,event)" <?php if($rs['ordPayProvider']==20) print ' disabled'?>><?php
						$gotitem=FALSE;
						for($index=0; $index<$numstatus; $index++){
							if(! $isauthorized && $allstatus[$index]["statID"]>2) break;
							if(! ($rs["ordStatus"] != 2 && $allstatus[$index]["statID"]==2)){
								print '<option value="' . $allstatus[$index]["statID"] . '"';
								if($rs["ordStatus"]==$allstatus[$index]["statID"]){
									print " selected";
									$gotitem=TRUE;
								}
								print ">" . $allstatus[$index]["statPrivate"] . "</option>";
							}
						}
						if(! $gotitem) print '<option value="" selected>' . $yyUndef . '</option>' ?></select>
						<span class="undo_location" rowcounter="<?=$rowcounter?>" style="display: none; cursor: pointer;"><img src="/lib/images/misc/undo.png" /></span>
						<? if($dropshipper!='') echo '<br />'.$dropshipper;?>
				</td>
			    <td align="center">
			        <?php
			            if ($rs["ordShipType"] == 'International'):
			                $shiptype = 'Standard';
			            else:
			                $shiptype = trim($rs["ordShipType"]);
			            endif;
			        ?>
					<img style="width: 34px; height: 22;" src="/lib/images/shiptypes/<?= (!empty($shiptype)) ? $shiptype . '.jpg' : 'clearpixel.gif'; ?>" /></td>
			  </tr>
<?php		$rowcounter++;
			if($rowcounter>=10000){
				print "<tr><td colspan='9' align='center'><strong>Limit of " . $rowcounter . " orders reached. Please refine your search.</strong></td></tr>";
				break;
			}
		}
?>
			  <tr>
				<td colspan="4" align="left"><select id="ctrlmod" name="ctrlmod" size="1">
				<option value="0">View Order Details</option><option value="1"><?php print $yyPPSlip?></option><option value="2"><?php print $yyEdOrd?></option>
				</select>
&nbsp;&nbsp;&nbsp;
<?php if(@$orderstatusemail != ""){ ?>
<input type="checkbox" name="emailstat" value="1" <?php if(@$_POST["emailstat"]=="1" || @$alwaysemailstatus==TRUE) print "checked"?>/> 
<?php print $yyEStat?><?php } ?></td>
				<td align="left"><div align="right"><strong>Total:</strong></div></td>
				<td align="center"><?php print FormatEuroCurrency($ordTot)?></td>
				<td colspan="3" align="center"><input type="hidden" name="maxitems" value="<?php print $rowcounter?>" />
			    <input type="submit" value="<?php print $yyUpdate?>" onclick="document.mainform.act.value='status';" />				  <input type="reset" value="<?php print $yyReset?>" /></td>
				</tr>
			  </form>
			  <form method="post" action="/admin/dumporders.php" name="dumpform">
			  <?php if(@$_POST["powersearch"]=="1"){ ?>
			  <input type="hidden" name="powersearch" value="1" />
			  <input type="hidden" name="fromdate" value="<?php print trim(@$_POST["fromdate"])?>" />
			  <input type="hidden" name="todate" value="<?php print trim(@$_POST["todate"])?>" />
			  <input type="hidden" name="ordid" value="<?php print trim(str_replace('"','',str_replace("'",'',@$_POST["ordid"])))?>" />
			  <input type="hidden" name="origsearchtext" value="<?php print trim(str_replace('"','&quot;',@$_POST["searchtext"]))?>" />
			  <input type="hidden" name="searchtext" value="<?php print trim(str_replace('"',"&quot;",@$_POST["searchtext"]))?>" />
			  <input type="hidden" name="ordstatus[]" value="<?php print $ordstatus?>" />
			  <input type="hidden" name="startwith" value="<?php if($usepowersearch) print "1"?>" />
			  <input type="hidden" name="myfrogz" value="<?php print $_REQUEST['myfrogz']?>" />
			  <input type="hidden" name="ship_type" value="<?php print $_REQUEST['ship_type']?>" />
			  <?php } ?>
			  <input type="hidden" name="sd" value="<?php print date($admindatestr, $sd)?>" />
			  <input type="hidden" name="ed" value="<?php print date($admindatestr, $ed)?>" />
			  <input type="hidden" name="details" value="false" />
			  <tr> 
                <td colspan="2" align="center"><?=$num_rows_order?> Orders</td>
				<td colspan="2" align="center"><?=$num_auth_order?> Authorized Orders</td>
				<td colspan="5" align="right"><input type="submit" value="<?php print $yyDmpOrd?>" onclick="document.dumpform.details.value='false';" />				  <input name="submit" type="submit" onclick="document.dumpform.details.value='true';" value="<?php print $yyDmpDet?>" /></td>
				</tr>
			  </form>
<?php
	}else{
?>
			  <tr> 
                <td width="100%" colspan="9" align="center">
					<p><?php
					if(@$_POST["powersearch"]=="1")
						print $yyNoMat1;
					elseif($sd==$ed)
						print $yyNoMat2 . " " . date($admindatestr, $sd) . ".";
					else
						print $yyNoMat3 . " " . date($admindatestr, $sd) . " and " . date($admindatestr, $ed) . ".";
					?></p>				</td>
			  </tr>
			  <?php if($hasdeleted){ ?>
			  <tr> 
			  <td colspan="8"><input type="submit" value="<?php print $yyPurDel?>" onclick="document.mainform.act.value='purge';" />			  </tr>
			  <?php } ?>
			  </form>
<?php
	} ?>
			  <tr> 
                <td width="100%" colspan="8" align="center">
				  <p><br />
					<a href="/admin/orders.php?sd=<?php print date($admindatestr,mktime(0,0,0,date("m",$sd)-1,date("d",$sd),date("Y",$sd)))?>&ed=<?php print date($admindatestr,mktime(0,0,0,date("m",$ed)-1,date("d",$ed),date("Y",$ed)))?>"><strong>- <?php print $yyMonth?></strong></a> | 
					<a href="/admin/orders.php?sd=<?php print date($admindatestr,mktime(0,0,0,date("m",$sd),date("d",$sd)-7,date("Y",$sd)))?>&ed=<?php print date($admindatestr,mktime(0,0,0,date("m",$ed),date("d",$ed)-7,date("Y",$ed)))?>"><strong>- <?php print $yyWeek?></strong></a> | 
					<a href="/admin/orders.php?sd=<?php print date($admindatestr,mktime(0,0,0,date("m",$sd),date("d",$sd)-1,date("Y",$sd)))?>&ed=<?php print date($admindatestr,mktime(0,0,0,date("m",$ed),date("d",$ed)-1,date("Y",$ed)))?>"><strong>- <?php print $yyDay?></strong></a> | 
					<a href="/admin/orders.php"><strong><?php print $yyToday?></strong></a> | 
					<a href="/admin/orders.php?sd=<?php print date($admindatestr,mktime(0,0,0,date("m",$sd),date("d",$sd)+1,date("Y",$sd)))?>&ed=<?php print date($admindatestr,mktime(0,0,0,date("m",$ed),date("d",$ed)+1,date("Y",$ed)))?>"><strong><?php print $yyDay?> +</strong></a> | 
					<a href="/admin/orders.php?sd=<?php print date($admindatestr,mktime(0,0,0,date("m",$sd),date("d",$sd)+7,date("Y",$sd)))?>&ed=<?php print date($admindatestr,mktime(0,0,0,date("m",$ed),date("d",$ed)+7,date("Y",$ed)))?>"><strong><?php print $yyWeek?> +</strong></a> | 
					<a href="/admin/orders.php?sd=<?php print date($admindatestr,mktime(0,0,0,date("m",$sd)+1,date("d",$sd),date("Y",$sd)))?>&ed=<?php print date($admindatestr,mktime(0,0,0,date("m",$ed),date("d",$ed)+1,date("Y",$ed)))?>"><strong><?php print $yyMonth?> +</strong></a>				  </p>				</td>
			  </tr>
			</table>
		  </td>
		</tr>
      </table>
<?php
}
}

?>
<script language="JavaScript" type="text/javascript">
function dorecalc(onlytotal){
var thetotal=0,totoptdiff=0;
for(var i in document.forms.editform){
if(i.substr(0,5)=="quant"){
	theid = i.substr(5);
	totopts=0;
	delbutton = document.getElementById("del_"+theid);
	if(delbutton==null)
		isdeleted=false;
	else
		isdeleted=delbutton.checked;
	if(! isdeleted){
	for(var ii in document.forms.editform){
		var opttext="optn"+theid+"_";
		if(ii.substr(0,opttext.length)==opttext){
			theitem = document.getElementById(ii);
			if(document.getElementById('v'+ii)==null){
				thevalue = theitem[theitem.selectedIndex].value;
				if(thevalue.indexOf('|')>0){
					totopts += parseFloat(thevalue.substr(thevalue.indexOf('|')+1));
				}
			}
		}
	}
	thequant = parseInt(document.getElementById(i).value);
	if(isNaN(thequant)) thequant=0;
	theprice = parseFloat(document.getElementById("price"+theid).value);
	if(isNaN(theprice)) theprice=0;
	document.getElementById("optdiffspan"+theid).value=totopts;
	optdiff = parseFloat(document.getElementById("optdiffspan"+theid).value);
	if(isNaN(optdiff)) optdiff=0;
	thetotal += thequant * (theprice + optdiff);
	totoptdiff += thequant * optdiff;
	}
}
}
document.getElementById("optdiffspan").innerHTML=totoptdiff.toFixed(2);
//document.getElementById("ordtotal").value = thetotal.toFixed(2);
document.getElementById("ordTot").innerHTML = thetotal.toFixed(2);
document.getElementById("ordtotal").value = thetotal.toFixed(2);

if(onlytotal==true) return;
<? if(!empty($prcTot)){?>
thetotal+=<?=$prcTot?>;
<? } ?>
statetaxrate = parseFloat(document.getElementById("staterate").value);
if(isNaN(statetaxrate)) statetaxrate=0;
countrytaxrate = parseFloat(document.getElementById("countryrate").value);
if(isNaN(countrytaxrate)) countrytaxrate=0;
discount = parseFloat(document.getElementById("ordDiscount").value);
if(isNaN(discount)){
	discount=0;
	document.getElementById("ordDiscount").value=0;
}
statetaxtotal = (statetaxrate * (thetotal-discount)) / 100.0;
countrytaxtotal = (countrytaxrate * (thetotal-discount)) / 100.0;
shipping = parseFloat(document.getElementById("ordShipping").value);
if(isNaN(shipping)){
	//shipping=0;
	//document.getElementById("ordShipping").value=0;
}
handling = parseFloat(document.getElementById("ordHandling").value);
if(isNaN(handling)){
	handling=0;
	document.getElementById("ordHandling").value=0;
}
<?php	if(@$taxShipping==2){ ?>
statetaxtotal += (statetaxrate * shipping) / 100.0;
countrytaxtotal += (countrytaxrate * shipping) / 100.0;
<?php	}
		if(@$taxHandling==2){ ?>
statetaxtotal += (statetaxrate * handling) / 100.0;
countrytaxtotal += (countrytaxrate * handling) / 100.0;
<?php	} ?>
document.getElementById("ordStateTax").value = statetaxtotal.toFixed(2);
document.getElementById("ordCountryTax").value = countrytaxtotal.toFixed(2);
hstobj = document.getElementById("ordHSTTax");
hsttax=0;
if(! (hstobj==null)){
	hsttax = parseFloat(hstobj.value);
}
grandtotal = (thetotal + shipping + handling + statetaxtotal + countrytaxtotal + hsttax) - discount;
document.getElementById("grandtotalspan").innerHTML = grandtotal.toFixed(2);
}
function ajaxcallback() {
	if(ajaxobj.readyState==4){
		document.getElementById("googleupdatespan").innerHTML = ajaxobj.responseText;
	}
}
function updategoogleorder(theact,ordid){
	if(confirm('Inform Google of change to order id ' + ordid + "?")){
		document.getElementById("googleupdatespan").innerHTML = '';
		if(window.XMLHttpRequest){
			ajaxobj = new XMLHttpRequest();
		}else{
			ajaxobj = new ActiveXObject("MSXML2.XMLHTTP");
		}
		ajaxobj.onreadystatechange = ajaxcallback;
		extraparams='';
		if(theact=='ship'){
			shipcar = document.getElementById("shipcarrier");
			if(shipcar!= null){
				trackno=document.getElementById("ordTrackNum").value
				if(trackno!='' && confirm('Include tracking and carrier info?')){
					extraparams='&carrier='+(shipcar.options[shipcar.selectedIndex].value)+'&trackno='+document.getElementById("ordTrackNum").value;
				}
			}
		}
		document.getElementById("googleupdatespan").innerHTML = 'Connecting...';
		ajaxobj.open("GET", "/admin/ajaxservice.php?gid="+ordid+"&act="+theact+extraparams, true);
		ajaxobj.send(null);
	}
}
function updategooglestatus(theact,ordid){
	if(confirm('Update Google account status and inform customer of this status change?')){
		document.getElementById("googleupdatespan").innerHTML = '';
		if(window.XMLHttpRequest){
			ajaxobj = new XMLHttpRequest();
		}else{
			ajaxobj = new ActiveXObject("MSXML2.XMLHTTP");
		}
		ajaxobj.onreadystatechange = ajaxcallback;
		themessage="googlemessage=" + encodeURI(document.getElementById("ordStatusInfo").value);
		document.getElementById("googleupdatespan").innerHTML = 'Connecting...';
		ajaxobj.open("POST", "/admin/ajaxservice.php?gid="+ordid+"&act="+theact, true);
		ajaxobj.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
		ajaxobj.setRequestHeader('Content-Length', themessage.length);
		ajaxobj.send(themessage);
	}
}
</script>