[code]
<?php
/**
* @package admin
* @copyright Copyright 2003-2006 Zen Cart Development Team
* @copyright Portions Copyright 2003 osCommerce
* @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
* @version $Id: orders.php 6247 2007-04-21 21:34:47Z wilt $
* @version $Id: orders.php 5342 2007-06-04 14:58:57Z ropu - added google checkout code$
*/
require('includes/application_top.php');
require(DIR_WS_CLASSES . 'currencies.php');
$currencies = new currencies();
include(DIR_WS_CLASSES . 'order.php');
// prepare order-status pulldown list
$orders_statuses = array();
$orders_status_array = array();
$orders_status = $db->Execute("select orders_status_id, orders_status_name
from " . TABLE_ORDERS_STATUS . "
where language_id = '" . (int)$_SESSION['languages_id'] . "'");
while (!$orders_status->EOF) {
$orders_statuses[] = array('id' => $orders_status->fields['orders_status_id'],
'text' => $orders_status->fields['orders_status_name'] . ' [' . $orders_status->fields['orders_status_id'] . ']');
$orders_status_array[$orders_status->fields['orders_status_id']] = $orders_status->fields['orders_status_name'];
$orders_status->MoveNext();
}
$action = (isset($_GET['action']) ? $_GET['action'] : '');
if (isset($_GET['oID'])) {
$oID = zen_db_prepare_input($_GET['oID']);
$orders = $db->Execute("select orders_id from " . TABLE_ORDERS . "
where orders_id = '" . (int)$oID . "'");
$order_exists = true;
if ($orders->RecordCount() <= 0) {
$order_exists = false;
if ($action != '') $messageStack->add(sprintf(ERROR_ORDER_DOES_NOT_EXIST, $oID), 'error');
}
}
if (zen_not_null($action) && $order_exists == true) {
switch ($action) {
case 'edit':
// reset single download to on
if ($_GET['download_reset_on'] > 0) {
// adjust download_maxdays based on current date
$check_status = $db->Execute("select customers_name, customers_email_address, orders_status,
date_purchased from " . TABLE_ORDERS . "
where orders_id = '" . $_GET['oID'] . "'");
$zc_max_days = date_diff($check_status->fields['date_purchased'], date('Y-m-d H:i:s', time())) + DOWNLOAD_MAX_DAYS;
$update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays='" . $zc_max_days . "', download_count='" . DOWNLOAD_MAX_COUNT . "' where orders_id='" . $_GET['oID'] . "' and orders_products_download_id='" . $_GET['download_reset_on'] . "'";
$db->Execute($update_downloads_query);
unset($_GET['download_reset_on']);
$messageStack->add_session(SUCCESS_ORDER_UPDATED_DOWNLOAD_ON, 'success');
zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
}
// reset single download to off
if ($_GET['download_reset_off'] > 0) {
// adjust download_maxdays based on current date
// $update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays='0', download_count='0' where orders_id='" . $_GET['oID'] . "' and orders_products_download_id='" . $_GET['download_reset_off'] . "'";
$update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_count='0' where orders_id='" . $_GET['oID'] . "' and orders_products_download_id='" . $_GET['download_reset_off'] . "'";
unset($_GET['download_reset_off']);
$db->Execute($update_downloads_query);
$messageStack->add_session(SUCCESS_ORDER_UPDATED_DOWNLOAD_OFF, 'success');
zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
}
break;
case 'update_order':
// demo active test
if (zen_admin_demo()) {
$_GET['action']= '';
$messageStack->add_session(ERROR_ADMIN_DEMO, 'caution');
zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
}
$oID = zen_db_prepare_input($_GET['oID']);
$status = zen_db_prepare_input($_POST['status']);
$comments = zen_db_prepare_input($_POST['comments']);
$order_updated = false;
$check_status = $db->Execute("select customers_name, customers_email_address, orders_status,
date_purchased from " . TABLE_ORDERS . "
where orders_id = '" . (int)$oID . "'");
if ( ($check_status->fields['orders_status'] != $status) || zen_not_null($comments)) {
$db->Execute("update " . TABLE_ORDERS . "
set orders_status = '" . zen_db_input($status) . "', last_modified = now()
where orders_id = '" . (int)$oID . "'");
$customer_notified = '0';
if (isset($_POST['notify']) && ($_POST['notify'] == 'on')) {
$notify_comments = '';
if (isset($_POST['notify_comments']) && ($_POST['notify_comments'] == 'on') && zen_not_null($comments)) {
$notify_comments = EMAIL_TEXT_COMMENTS_UPDATE . $comments . "nn";
}
//send emails
$message = STORE_NAME . "n" . EMAIL_SEPARATOR . "n" .
EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID . "nn" .
EMAIL_TEXT_INVOICE_URL . ' ' . zen_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id=' . $oID, 'SSL') . "nn" .
EMAIL_TEXT_DATE_ORDERED . ' ' . zen_date_long($check_status->fields['date_purchased']) . "nn" .
strip_tags($notify_comments) .
EMAIL_TEXT_STATUS_UPDATED . sprintf(EMAIL_TEXT_STATUS_LABEL, $orders_status_array[$status] ) .
EMAIL_TEXT_STATUS_PLEASE_REPLY;
$html_msg['EMAIL_CUSTOMERS_NAME'] = $check_status->fields['customers_name'];
$html_msg['EMAIL_TEXT_ORDER_NUMBER'] = EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID;
$html_msg['EMAIL_TEXT_INVOICE_URL'] = '
'.str_replace(':','',EMAIL_TEXT_INVOICE_URL).'';
$html_msg['EMAIL_TEXT_DATE_ORDERED'] = EMAIL_TEXT_DATE_ORDERED . ' ' . zen_date_long($check_status->fields['date_purchased']);
$html_msg['EMAIL_TEXT_STATUS_COMMENTS'] = nl2br($notify_comments);
$html_msg['EMAIL_TEXT_STATUS_UPDATED'] = str_replace('n','', EMAIL_TEXT_STATUS_UPDATED);
$html_msg['EMAIL_TEXT_STATUS_LABEL'] = str_replace('n','', sprintf(EMAIL_TEXT_STATUS_LABEL, $orders_status_array[$status] ));
$html_msg['EMAIL_TEXT_NEW_STATUS'] = $orders_status_array[$status];
$html_msg['EMAIL_TEXT_STATUS_PLEASE_REPLY'] = str_replace('n','', EMAIL_TEXT_STATUS_PLEASE_REPLY);
zen_mail($check_status->fields['customers_name'], $check_status->fields['customers_email_address'], EMAIL_TEXT_SUBJECT . ' #' . $oID, $message, STORE_NAME, EMAIL_FROM, $html_msg, 'order_status');
$customer_notified = '1';
//send extra emails
if (SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO_STATUS == '1' and SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO != '') {
zen_mail('', SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO, SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO_SUBJECT . ' ' . EMAIL_TEXT_SUBJECT . ' #' . $oID, $message, STORE_NAME, EMAIL_FROM, $html_msg, 'order_status_extra');
}
}
$db->Execute("insert into " . TABLE_ORDERS_STATUS_HISTORY . "
(orders_id, orders_status_id, date_added, customer_notified, comments)
values ('" . (int)$oID . "',
'" . zen_db_input($status) . "',
now(),
'" . zen_db_input($customer_notified) . "',
'" . zen_db_input($comments) . "')");
$order_updated = true;
}
// ** WITH: **
if ( ($check_status->fields['orders_status'] != $status) || zen_not_null($comments)) {
$db->Execute("update " . TABLE_ORDERS . "
set orders_status = '" . zen_db_input($status) . "', last_modified = now()
where orders_id = '" . (int)$oID . "'");
// ** GOOGLE CHECKOUT **
chdir("./..");
require_once(DIR_WS_LANGUAGES . $_SESSION['language'] . '/modules/payment/googlecheckout.php');
$payment_value= MODULE_PAYMENT_GOOGLECHECKOUT_TEXT_TITLE;
$result = $db->Execute("select google_order_number from google_orders where orders_id= ". (int)$oID);
$num_rows = $result->RecordCount();
if($num_rows != 0) {
$customer_notified = google_checkout_state_change($check_status, $status, $oID,
(@$_POST['notify']=='on'?1:0),
(@$_POST['notify_comments']=='on'?$comments:''));
}
$customer_notified = isset($customer_notified)?$customer_notified:'0';
// ** END GOOGLE CHECKOUT **
if (isset($_POST['notify']) && ($_POST['notify'] == 'on')) {
$notify_comments = '';
if (isset($_POST['notify_comments']) && ($_POST['notify_comments'] == 'on') && zen_not_null($comments)) {
$notify_comments = EMAIL_TEXT_COMMENTS_UPDATE . $comments . "nn";
}
// ** GOOGLE CHECKOUT **
$force_email = false;
if($num_rows != 0 && (strlen(htmlentities(strip_tags($notify_comments))) > GOOGLE_MESSAGE_LENGTH && MODULE_PAYMENT_GOOGLECHECKOUT_USE_CART_MESSAGING == 'True')) {
$force_email = true;
$messageStack->add_session(GOOGLECHECKOUT_WARNING_SYSTEM_EMAIL_SENT, 'warning');
}
if($num_rows == 0 || $force_email) {
// ** END GOOGLE CHECKOUT **
//send emails, not a google order or configured to use both messaging systems
$message = STORE_NAME . "n" . EMAIL_SEPARATOR . "n" .
EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID . "nn" .
EMAIL_TEXT_INVOICE_URL . ' ' . zen_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id=' . $oID, 'SSL') . "nn" .
EMAIL_TEXT_DATE_ORDERED . ' ' . zen_date_long($check_status->fields['date_purchased']) . "nn" .
strip_tags($notify_comments) .
EMAIL_TEXT_STATUS_UPDATED . sprintf(EMAIL_TEXT_STATUS_LABEL, $orders_status_array[$status] ) .
EMAIL_TEXT_STATUS_PLEASE_REPLY;
$html_msg['EMAIL_CUSTOMERS_NAME'] = $check_status->fields['customers_name'];
$html_msg['EMAIL_TEXT_ORDER_NUMBER'] = EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID;
$html_msg['EMAIL_TEXT_INVOICE_URL'] = '
'.str_replace(':','',EMAIL_TEXT_INVOICE_URL).'';
$html_msg['EMAIL_TEXT_DATE_ORDERED'] = EMAIL_TEXT_DATE_ORDERED . ' ' . zen_date_long($check_status->fields['date_purchased']);
$html_msg['EMAIL_TEXT_STATUS_COMMENTS'] = nl2br($notify_comments);
$html_msg['EMAIL_TEXT_STATUS_UPDATED'] = str_replace('n','', EMAIL_TEXT_STATUS_UPDATED);
$html_msg['EMAIL_TEXT_STATUS_LABEL'] = str_replace('n','', sprintf(EMAIL_TEXT_STATUS_LABEL, $orders_status_array[$status] ));
$html_msg['EMAIL_TEXT_NEW_STATUS'] = $orders_status_array[$status];
$html_msg['EMAIL_TEXT_STATUS_PLEASE_REPLY'] = str_replace('n','', EMAIL_TEXT_STATUS_PLEASE_REPLY);
zen_mail($check_status->fields['customers_name'], $check_status->fields['customers_email_address'], EMAIL_TEXT_SUBJECT . ' #' . $oID, $message, STORE_NAME, EMAIL_FROM, $html_msg, 'order_status');
$customer_notified = '1';
//send extra emails
if (SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO_STATUS == '1' and SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO != '') {
zen_mail('', SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO, SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO_SUBJECT . ' ' . EMAIL_TEXT_SUBJECT . ' #' . $oID, $message, STORE_NAME, EMAIL_FROM, $html_msg, 'order_status_extra');
}
// ** GOOGLE CHECKOUT **
}
// ** END GOOGLE CHECKOUT **
}
$db->Execute("insert into " . TABLE_ORDERS_STATUS_HISTORY . "
(orders_id, orders_status_id, date_added, customer_notified, comments)
values ('" . (int)$oID . "',
'" . zen_db_input($status) . "',
now(),
'" . zen_db_input($customer_notified) . "',
'" . zen_db_input($comments) . "')");
$order_updated = true;
}
// ** GOOGLE CHECKOUT **
chdir("./..");
require_once(DIR_WS_LANGUAGES . $_SESSION['language'] . '/modules/payment/googlecheckout.php');
$payment_value= MODULE_PAYMENT_GOOGLECHECKOUT_TEXT_TITLE;
$result = $db->Execute("select google_order_number from google_orders where orders_id= ". (int)$oID);
$num_rows = $result->RecordCount();
if($num_rows != 0) {
$customer_notified = google_checkout_state_change($check_status, $status, $oID,
(@$_POST['notify']=='on'?1:0),
(@$_POST['notify_comments']=='on'?$comments:''));
}
$customer_notified = isset($customer_notified)?$customer_notified:'0';
// ** END GOOGLE CHECKOUT **
if (isset($_POST['notify']) && ($_POST['notify'] == 'on')) {
$notify_comments = '';
if (isset($_POST['notify_comments']) && ($_POST['notify_comments'] == 'on') && zen_not_null($comments)) {
$notify_comments = EMAIL_TEXT_COMMENTS_UPDATE . $comments . "nn";
}
// ** GOOGLE CHECKOUT **
$force_email = false;
if($num_rows != 0 && (strlen(htmlentities(strip_tags($notify_comments))) > GOOGLE_MESSAGE_LENGTH && MODULE_PAYMENT_GOOGLECHECKOUT_USE_CART_MESSAGING == 'True')) {
$force_email = true;
$messageStack->add_session(GOOGLECHECKOUT_WARNING_SYSTEM_EMAIL_SENT, 'warning');
}
if($num_rows == 0 || $force_email) {
// ** END GOOGLE CHECKOUT **
//send emails, not a google order or configured to use both messaging systems
$message = STORE_NAME . "n" . EMAIL_SEPARATOR . "n" .
EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID . "nn" .
EMAIL_TEXT_INVOICE_URL . ' ' . zen_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id=' . $oID, 'SSL') . "nn" .
EMAIL_TEXT_DATE_ORDERED . ' ' . zen_date_long($check_status->fields['date_purchased']) . "nn" .
strip_tags($notify_comments) .
EMAIL_TEXT_STATUS_UPDATED . sprintf(EMAIL_TEXT_STATUS_LABEL, $orders_status_array[$status] ) .
EMAIL_TEXT_STATUS_PLEASE_REPLY;
$html_msg['EMAIL_CUSTOMERS_NAME'] = $check_status->fields['customers_name'];
$html_msg['EMAIL_TEXT_ORDER_NUMBER'] = EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID;
$html_msg['EMAIL_TEXT_INVOICE_URL'] = '
'.str_replace(':','',EMAIL_TEXT_INVOICE_URL).'';
$html_msg['EMAIL_TEXT_DATE_ORDERED'] = EMAIL_TEXT_DATE_ORDERED . ' ' . zen_date_long($check_status->fields['date_purchased']);
$html_msg['EMAIL_TEXT_STATUS_COMMENTS'] = nl2br($notify_comments);
$html_msg['EMAIL_TEXT_STATUS_UPDATED'] = str_replace('n','', EMAIL_TEXT_STATUS_UPDATED);
$html_msg['EMAIL_TEXT_STATUS_LABEL'] = str_replace('n','', sprintf(EMAIL_TEXT_STATUS_LABEL, $orders_status_array[$status] ));
$html_msg['EMAIL_TEXT_NEW_STATUS'] = $orders_status_array[$status];
$html_msg['EMAIL_TEXT_STATUS_PLEASE_REPLY'] = str_replace('n','', EMAIL_TEXT_STATUS_PLEASE_REPLY);
zen_mail($check_status->fields['customers_name'], $check_status->fields['customers_email_address'], EMAIL_TEXT_SUBJECT . ' #' . $oID, $message, STORE_NAME, EMAIL_FROM, $html_msg, 'order_status');
$customer_notified = '1';
//send extra emails
if (SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO_STATUS == '1' and SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO != '') {
zen_mail('', SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO, SEND_EXTRA_ORDERS_STATUS_ADMIN_EMAILS_TO_SUBJECT . ' ' . EMAIL_TEXT_SUBJECT . ' #' . $oID, $message, STORE_NAME, EMAIL_FROM, $html_msg, 'order_status_extra');
}
// ** GOOGLE CHECKOUT **
}
// ** END GOOGLE CHECKOUT **
}
$db->Execute("insert into " . TABLE_ORDERS_STATUS_HISTORY . "
(orders_id, orders_status_id, date_added, customer_notified, comments)
values ('" . (int)$oID . "',
'" . zen_db_input($status) . "',
now(),
'" . zen_db_input($customer_notified) . "',
'" . zen_db_input($comments) . "')");
$order_updated = true;
}
if ($order_updated == true) {
if ($status == DOWNLOADS_ORDERS_STATUS_UPDATED_VALUE) {
// adjust download_maxdays based on current date
$zc_max_days = date_diff($check_status->fields['date_purchased'], date('Y-m-d H:i:s', time())) + DOWNLOAD_MAX_DAYS;
$update_downloads_query = "update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays='" . $zc_max_days . "', download_count='" . DOWNLOAD_MAX_COUNT . "' where orders_id='" . (int)$oID . "'";
$db->Execute($update_downloads_query);
}
$messageStack->add_session(SUCCESS_ORDER_UPDATED, 'success');
} else {
$messageStack->add_session(WARNING_ORDER_NOT_UPDATED, 'warning');
}
zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
break;
case 'deleteconfirm':
// demo active test
if (zen_admin_demo()) {
$_GET['action']= '';
$messageStack->add_session(ERROR_ADMIN_DEMO, 'caution');
zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')), 'NONSSL'));
}
$oID = zen_db_prepare_input($_GET['oID']);
zen_remove_order($oID, $_POST['restock']);
zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')), 'NONSSL'));
break;
case 'delete_cvv':
$delete_cvv = $db->Execute("update " . TABLE_ORDERS . " set cc_cvv = '" . TEXT_DELETE_CVV_REPLACEMENT . "' where orders_id = '" . (int)$_GET['oID'] . "'");
zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
break;
case 'mask_cc':
$result = $db->Execute("select cc_number from " . TABLE_ORDERS . " where orders_id = '" . (int)$_GET['oID'] . "'");
$old_num = $result->fields['cc_number'];
$new_num = substr($old_num, 0, 4) . str_repeat('*', (strlen($old_num) - 8)) . substr($old_num, -4);
$mask_cc = $db->Execute("update " . TABLE_ORDERS . " set cc_number = '" . $new_num . "' where orders_id = '" . (int)$_GET['oID'] . "'");
zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
break;
case 'doRefund':
$order = new order($oID);
if ($order->info['payment_module_code']) {
if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php')) {
require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
$module = new $order->info['payment_module_code'];
if (method_exists($module, '_doRefund')) {
$module->_doRefund($oID);
}
}
}
zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
break;
case 'doAuth':
$order = new order($oID);
if ($order->info['payment_module_code']) {
if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php')) {
require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
$module = new $order->info['payment_module_code'];
if (method_exists($module, '_doAuth')) {
$module->_doAuth($oID, $order->info['total'], $order->info['currency']);
}
}
}
zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
break;
case 'doCapture':
$order = new order($oID);
if ($order->info['payment_module_code']) {
if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php')) {
require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
$module = new $order->info['payment_module_code'];
if (method_exists($module, '_doCapt')) {
$module->_doCapt($oID, 'Complete', $order->info['total'], $order->info['currency']);
}
}
}
zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
break;
case 'doVoid':
$order = new order($oID);
if ($order->info['payment_module_code']) {
if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php')) {
require_once(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
require_once(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
$module = new $order->info['payment_module_code'];
if (method_exists($module, '_doVoid')) {
$module->_doVoid($oID);
}
}
}
zen_redirect(zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=edit', 'NONSSL'));
break;
}
}
?>
<!doctype html public “-//W3C//DTD HTML 4.01 Transitional//EN”>
>
<?php echo TITLE; ?>
<?php
require(DIR_WS_INCLUDES . 'header.php');
?>
<?php if (empty($action)) { ?>
<td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
<tr>
<td><table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr><?php echo zen_draw_form('search', FILENAME_ORDERS, '', 'get', '', true); ?>
<td class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
<td colspan="2" class="smallText" align="right">
<?php
// show reset search
if ((isset($_GET['search']) && zen_not_null($_GET['search'])) or $_GET['cID'] !='') {
echo '' . zen_image_button('button_reset.gif', IMAGE_RESET) . '
';
}
?>
<?php
echo HEADING_TITLE_SEARCH_DETAIL . ' ' . zen_draw_input_field('search') . zen_hide_session_id();
if (isset($_GET['search']) && zen_not_null($_GET['search'])) {
$keywords = zen_db_input(zen_db_prepare_input($_GET['search']));
echo '
' . TEXT_INFO_SEARCH_DETAIL_FILTER . $keywords;
}
?>
</td>
</form></tr>
</table></td>
</tr>
<?php } ?>
<?php
if (($action == 'edit') && ($order_exists == true)) {
$order = new order($oID);
if ($order->info['payment_module_code']) {
if (file_exists(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php')) {
require(DIR_FS_CATALOG_MODULES . 'payment/' . $order->info['payment_module_code'] . '.php');
require(DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_module_code'] . '.php');
$module = new $order->info['payment_module_code'];
// echo $module->admin_notification($oID);
}
}
?>
<tr>
<td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr>
<td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
<td class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
<td class="pageHeading" align="right"><?php echo '<a href="javascript:history.back()">' . zen_image_button('button_back.gif', IMAGE_BACK) . '</a>'; ?></td>
</tr>
</table></td>
</tr>
<tr>
<td><table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td colspan="3"><?php echo zen_draw_separator(); ?></td>
</tr>
<tr>
<td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td class="main" valign="top"><strong><?php echo ENTRY_CUSTOMER; ?></strong></td>
<td class="main"><?php echo zen_address_format($order->customer['format_id'], $order->customer, 1, '', '<br />'); ?></td>
</tr>
<tr>
<td colspan="2"><?php echo zen_draw_separator('pixel_trans.gif', '1', '5'); ?></td>
</tr>
<tr>
<td class="main"><strong><?php echo ENTRY_TELEPHONE_NUMBER; ?></strong></td>
<td class="main"><?php echo $order->customer['telephone']; ?></td>
</tr>
<tr>
<td class="main"><strong><?php echo ENTRY_EMAIL_ADDRESS; ?></strong></td>
<td class="main"><?php echo '<a href="mailto:' . $order->customer['email_address'] . '">' . $order->customer['email_address'] . '</a>'; ?></td>
</tr>
<tr>
<td class="main"><strong><?php echo TEXT_INFO_IP_ADDRESS; ?></strong></td>
<td class="main"><?php echo $order->info['ip_address']; ?></td>
</tr>
</table></td>
<td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td class="main" valign="top"><strong><?php echo ENTRY_SHIPPING_ADDRESS; ?></strong></td>
<td class="main"><?php echo zen_address_format($order->delivery['format_id'], $order->delivery, 1, '', '<br />'); ?></td>
</tr>
</table></td>
<td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td class="main" valign="top"><strong><?php echo ENTRY_BILLING_ADDRESS; ?></strong></td>
<td class="main"><?php echo zen_address_format($order->billing['format_id'], $order->billing, 1, '', '<br />'); ?></td>
</tr>
</table></td>
</tr>
</table></td>
</tr>
<tr>
<td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
</tr>
<tr>
<td class="main"><strong><?php echo ENTRY_ORDER_ID . $oID; ?></strong></td>
</tr>
<tr>
<td><table border="0" cellspacing="0" cellpadding="2">
<tr>
<td class="main"><strong><?php echo ENTRY_DATE_PURCHASED; ?></strong></td>
<td class="main"><?php echo zen_date_long($order->info['date_purchased']); ?></td>
</tr>
<tr>
<td class="main"><strong><?php echo ENTRY_PAYMENT_METHOD; ?></strong></td>
<td class="main"><?php echo $order->info['payment_method']; ?></td>
</tr>
<?php
if (zen_not_null($order->info['cc_type']) || zen_not_null($order->info['cc_owner']) || zen_not_null($order->info['cc_number'])) {
?>
<tr>
<td colspan="2"><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
</tr>
<tr>
<td class="main"><?php echo ENTRY_CREDIT_CARD_TYPE; ?></td>
<td class="main"><?php echo $order->info['cc_type']; ?></td>
</tr>
<tr>
<td class="main"><?php echo ENTRY_CREDIT_CARD_OWNER; ?></td>
<td class="main"><?php echo $order->info['cc_owner']; ?></td>
</tr>
<tr>
<td class="main"><?php echo ENTRY_CREDIT_CARD_NUMBER; ?></td>
<td class="main"><?php echo $order->info['cc_number'] . (zen_not_null($order->info['cc_number']) && !strstr($order->info['cc_number'],'X') && !strstr($order->info['cc_number'],'********') ? ' <a href="' . zen_href_link(FILENAME_ORDERS, '&action=mask_cc&oID=' . $oID, 'NONSSL') . '" class="noprint">' . TEXT_MASK_CC_NUMBER . '</a>' : ''); ?><td>
</tr>
<tr>
<td class="main"><?php echo ENTRY_CREDIT_CARD_CVV; ?></td>
<td class="main"><?php echo $order->info['cc_cvv'] . (zen_not_null($order->info['cc_cvv']) && !strstr($order->info['cc_cvv'],TEXT_DELETE_CVV_REPLACEMENT) ? ' <a href="' . zen_href_link(FILENAME_ORDERS, '&action=delete_cvv&oID=' . $oID, 'NONSSL') . '" class="noprint">' . TEXT_DELETE_CVV_FROM_DATABASE . '</a>' : ''); ?><td>
</tr>
<tr>
<td class="main"><?php echo ENTRY_CREDIT_CARD_EXPIRES; ?></td>
<td class="main"><?php echo $order->info['cc_expires']; ?></td>
</tr>
<?php
}
?>
</table></td>
</tr>
<?php
if (method_exists($module, 'admin_notification')) {
?>
<tr>
<td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
</tr>
<tr>
<?php echo $module->admin_notification($oID); ?>
</tr>
<tr>
<td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
</tr>
<?php
}
?>
<tr>
<td><table border="0" width="100%" cellspacing="0" cellpadding="2">
<tr class="dataTableHeadingRow">
<td class="dataTableHeadingContent" colspan="2"><?php echo TABLE_HEADING_PRODUCTS; ?></td>
<td class="dataTableHeadingContent"><?php echo TABLE_HEADING_PRODUCTS_MODEL; ?></td>
<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TAX; ?></td>
<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_PRICE_EXCLUDING_TAX; ?></td>
<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_PRICE_INCLUDING_TAX; ?></td>
<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TOTAL_EXCLUDING_TAX; ?></td>
<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TOTAL_INCLUDING_TAX; ?></td>
</tr>
<?php
for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {
echo '
' . "n" .
' ' . $order->products[$i]['qty'] . ' x | ' . "n" .
' ' . $order->products[$i]['name'];
if (isset($order->products[$i]['attributes']) && (sizeof($order->products[$i]['attributes']) > 0)) {
for ($j = 0, $k = sizeof($order->products[$i]['attributes']); $j < $k; $j++) {
echo ' - ' . $order->products[$i]['attributes'][$j]['option'] . ': ' . nl2br(zen_output_string_protected($order->products[$i]['attributes'][$j]['value']));
if ($order->products[$i]['attributes'][$j]['price'] != '0') echo ' (' . $order->products[$i]['attributes'][$j]['prefix'] . $currencies->format($order->products[$i]['attributes'][$j]['price'] * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) . ')';
if ($order->products[$i]['attributes'][$j]['product_attribute_is_free'] == '1' and $order->products[$i]['product_is_free'] == '1') echo TEXT_INFO_ATTRIBUTE_FREE;
echo '';
}
}
echo ' | ' . "n" .
' ' . $order->products[$i]['model'] . ' | ' . "n" .
' ' . zen_display_tax_value($order->products[$i]['tax']) . '% | ' . "n" .
' ' .
$currencies->format($order->products[$i]['final_price'], true, $order->info['currency'], $order->info['currency_value']) .
($order->products[$i]['onetime_charges'] != 0 ? ' ' . $currencies->format($order->products[$i]['onetime_charges'], true, $order->info['currency'], $order->info['currency_value']) : '') .
' | ' . "n" .
' ' .
$currencies->format(zen_add_tax($order->products[$i]['final_price'], $order->products[$i]['tax']), true, $order->info['currency'], $order->info['currency_value']) .
($order->products[$i]['onetime_charges'] != 0 ? ' ' . $currencies->format(zen_add_tax($order->products[$i]['onetime_charges'], $order->products[$i]['tax']), true, $order->info['currency'], $order->info['currency_value']) : '') .
' | ' . "n" .
' ' .
$currencies->format($order->products[$i]['final_price'] * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) .
($order->products[$i]['onetime_charges'] != 0 ? ' ' . $currencies->format($order->products[$i]['onetime_charges'], true, $order->info['currency'], $order->info['currency_value']) : '') .
' | ' . "n" .
' ' .
$currencies->format(zen_add_tax($order->products[$i]['final_price'], $order->products[$i]['tax']) * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) .
($order->products[$i]['onetime_charges'] != 0 ? ' ' . $currencies->format(zen_add_tax($order->products[$i]['onetime_charges'], $order->products[$i]['tax']), true, $order->info['currency'], $order->info['currency_value']) : '') .
' | ' . "n";
echo '
' . "n";
}
?>
<tr>
<td align="right" colspan="8"><table border="0" cellspacing="0" cellpadding="2">
<?php
for ($i = 0, $n = sizeof($order->totals); $i < $n; $i++) {
echo ' ' . "n" .
' ' . $order->totals[$i]['title'] . ' | ' . "n" .
' ' . $order->totals[$i]['text'] . ' | ' . "n" .
'
' . "n";
}
?>
</table></td>
</tr>
</table></td>
</tr>
<?php
// show downloads
require(DIR_WS_MODULES . 'orders_download.php');
?>
<tr>
<td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
</tr>
<tr>
<td class="main"><table border="1" cellspacing="0" cellpadding="5">
<tr>
<td class="smallText" align="center"><strong><?php echo TABLE_HEADING_DATE_ADDED; ?></strong></td>
<td class="smallText" align="center"><strong><?php echo TABLE_HEADING_CUSTOMER_NOTIFIED; ?></strong></td>
<td class="smallText" align="center"><strong><?php echo TABLE_HEADING_STATUS; ?></strong></td>
<td class="smallText" align="center"><strong><?php echo TABLE_HEADING_COMMENTS; ?></strong></td>
</tr>
<?php
$orders_history = $db->Execute("select orders_status_id, date_added, customer_notified, comments
from " . TABLE_ORDERS_STATUS_HISTORY . "
where orders_id = '" . zen_db_input($oID) . "'
order by date_added");
if ($orders_history->RecordCount() > 0) {
while (!$orders_history->EOF) {
echo ' ' . "n" .
' ' . zen_datetime_short($orders_history->fields['date_added']) . ' | ' . "n" .
' ';
if ($orders_history->fields['customer_notified'] == '1') {
echo zen_image(DIR_WS_ICONS . 'tick.gif', ICON_TICK) . " | n";
} else {
echo zen_image(DIR_WS_ICONS . 'cross.gif', ICON_CROSS) . "n";
}
echo ' ' . $orders_status_array[$orders_history->fields['orders_status_id']] . ' | ' . "n";
echo ' ' . nl2br(zen_db_output($orders_history->fields['comments'])) . ' | ' . "n" .
'
' . "n";
$orders_history->MoveNext();
}
} else {
echo ' ' . "n" .
' ' . TEXT_NO_ORDER_HISTORY . ' | ' . "n" .
'
' . "n";
}
?>
</table></td>
</tr>
<tr>
<td class="main noprint"><br /><strong><?php echo TABLE_HEADING_COMMENTS; ?></strong></td>
</tr>
<tr>
<td class="noprint"><?php echo zen_draw_separator('pixel_trans.gif', '1', '5'); ?></td>
</tr>
<tr><?php echo zen_draw_form('status', FILENAME_ORDERS, zen_get_all_get_params(array('action')) . 'action=update_order', 'post', '', true); ?>
<td class="main noprint"><?php echo zen_draw_textarea_field('comments', 'soft', '60', '5'); ?></td>
</tr>
<tr>
<td><?php echo zen_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
</tr>
<tr>
<td><table border="0" cellspacing="0" cellpadding="2" class="noprint">
<tr>
<td><table border="0" cellspacing="0" cellpadding="2">
<tr>
<td class="main"><strong><?php echo ENTRY_STATUS; ?></strong> <?php echo zen_draw_pull_down_menu('status', $orders_statuses, $order->info['orders_status']); ?></td>
</tr>
<tr>
<td class="main"><strong><?php echo ENTRY_NOTIFY_CUSTOMER; ?></strong> <?php echo zen_draw_checkbox_field('notify', '', true); ?></td>
<td class="main"><strong><?php echo ENTRY_NOTIFY_COMMENTS; ?></strong> <?php echo zen_draw_checkbox_field('notify_comments', '', true); ?></td>
</tr>
</table></td>
<?php echo zen_image_submit('button_update.gif', IMAGE_UPDATE); ?> |
<?php
// orders_status == STATE_PROCESSING -> Processing before delivery
if($order->info['payment_method'] == 'Google Checkout' && $order->info['orders_status'] == STATE_PROCESSING){
echo '
Shipping Information
|
Tracking:
|
|
Carrier:
|
Select ...
USPS
DHL
UPS
Other
FedEx
|
| ';
}
?>
</tr>
</table></td>
</form></tr>
<tr>
<td colspan="2" align="right" class="noprint"><?php echo '<a href="' . zen_href_link(FILENAME_ORDERS_INVOICE, 'oID=' . $_GET['oID']) . '" TARGET="_blank">' . zen_image_button('button_invoice.gif', IMAGE_ORDERS_INVOICE) . '</a> <a href="' . zen_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $_GET['oID']) . '" TARGET="_blank">' . zen_image_button('button_packingslip.gif', IMAGE_ORDERS_PACKINGSLIP) . '</a> <a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('action'))) . '">' . zen_image_button('button_orders.gif', IMAGE_ORDERS) . '</a>'; ?></td>
</tr>
<?php
// check if order has open gv
$gv_check = $db->Execute("select order_id, unique_id
from " . TABLE_COUPON_GV_QUEUE ."
where order_id = '" . $_GET['oID'] . "' and release_flag='N' limit 1");
if ($gv_check->RecordCount() > 0) {
$goto_gv = '' . zen_image_button('button_gift_queue.gif',IMAGE_GIFT_QUEUE) . '';
echo ' ';
echo ' ';
echo $goto_gv . ' ';
echo ' | ';
echo '
|
';
}
?>
<?php
} else {
?>
<tr>
<td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr>
<td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
<td class="pageHeading" align="right"><?php echo zen_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
<td align="right"><table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr><?php echo zen_draw_form('orders', FILENAME_ORDERS, '', 'get', '', true); ?>
<td class="smallText" align="right"><?php echo HEADING_TITLE_SEARCH . ' ' . zen_draw_input_field('oID', '', 'size="12"') . zen_draw_hidden_field('action', 'edit') . zen_hide_session_id(); ?></td>
</form></tr>
<tr><?php echo zen_draw_form('status', FILENAME_ORDERS, '', 'get', '', true); ?>
<td class="smallText" align="right">
<?php
echo HEADING_TITLE_STATUS . ' ' . zen_draw_pull_down_menu('status', array_merge(array(array('id' => '', 'text' => TEXT_ALL_ORDERS)), $orders_statuses), $_GET['status'], 'onChange="this.form.submit();"');
echo zen_hide_session_id();
?>
</td>
</form></tr>
</table></td>
</tr>
</table></td>
</tr>
<tr>
<td><table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr>
<td class="smallText"><?php echo TEXT_LEGEND . ' ' . zen_image(DIR_WS_IMAGES . 'icon_status_red.gif', TEXT_BILLING_SHIPPING_MISMATCH, 10, 10) . ' ' . TEXT_BILLING_SHIPPING_MISMATCH; ?>
</td>
<tr>
<td valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
<tr class="dataTableHeadingRow">
<?php
// Sort Listing
switch ($_GET['list_order']) {
case "id-asc":
$disp_order = "c.customers_id";
break;
case "firstname":
$disp_order = "c.customers_firstname";
break;
case "firstname-desc":
$disp_order = "c.customers_firstname DESC";
break;
case "lastname":
$disp_order = "c.customers_lastname, c.customers_firstname";
break;
case "lastname-desc":
$disp_order = "c.customers_lastname DESC, c.customers_firstname";
break;
case "company":
$disp_order = "a.entry_company";
break;
case "company-desc":
$disp_order = "a.entry_company DESC";
break;
default:
$disp_order = "c.customers_id DESC";
}
?>
<td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_ORDERS_ID; ?></td>
<td class="dataTableHeadingContent" align="left" width="50"><?php echo TABLE_HEADING_PAYMENT_METHOD; ?></td>
<td class="dataTableHeadingContent"><?php echo TABLE_HEADING_CUSTOMERS; ?></td>
<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ORDER_TOTAL; ?></td>
<td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_DATE_PURCHASED; ?></td>
<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_STATUS; ?></td>
<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACTION; ?> </td>
</tr>
<?php
// create search filter
$search = '';
if (isset($_GET['search']) && zen_not_null($_GET['search'])) {
$keywords = zen_db_input(zen_db_prepare_input($_GET['search']));
$search = " and (o.customers_city like '%" . $keywords . "%' or o.customers_postcode like '%" . $keywords . "%' or o.date_purchased like '%" . $keywords . "%' or o.billing_name like '%" . $keywords . "%' or o.billing_company like '%" . $keywords . "%' or o.billing_street_address like '%" . $keywords . "%' or o.delivery_city like '%" . $keywords . "%' or o.delivery_postcode like '%" . $keywords . "%' or o.delivery_name like '%" . $keywords . "%' or o.delivery_company like '%" . $keywords . "%' or o.delivery_street_address like '%" . $keywords . "%' or o.billing_city like '%" . $keywords . "%' or o.billing_postcode like '%" . $keywords . "%' or o.customers_email_address like '%" . $keywords . "%' or o.customers_name like '%" . $keywords . "%' or o.customers_company like '%" . $keywords . &q