From f0ab673d3e00695cec9479bfe93f53c732e6b88f Mon Sep 17 00:00:00 2001 From: andryeyev Date: Wed, 2 Mar 2016 19:14:17 +0200 Subject: [PATCH] + правки по пользователям (admin, Veronika, Natalia) --- account/admin/orders.php | 1909 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- templates/admin/admin.tpl | 9 ++++++++- 2 files changed, 955 insertions(+), 963 deletions(-) diff --git a/account/admin/orders.php b/account/admin/orders.php index 81b75f0..1db5107 100644 --- a/account/admin/orders.php +++ b/account/admin/orders.php @@ -10,81 +10,81 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . "/account/func/func.php"); // ============ =============== // ====================================== // ====================================== - + if ($_GET['test'] == "1") - { + { // eMailing('order-new',"5172", "11181"); } - + if (isset ($_GET['orderID']) && isset ($_GET['paid'])) { $sql = sprintf ("UPDATE catalogs_orders SET paid=%d WHERE id=%d", $_GET['paid'], $_GET['orderID']); - + mysql_query ($sql); } elseif (isset ($_GET['label'])) - { + { $sql = sprintf ("UPDATE catalogs_orders SET label=%d WHERE id=%d", $_GET['label'], $_GET['orderID']); - + mysql_query ($sql); - + GoBack (1); } - + // ================= // ==== status ===== // ================= - + if ((isset ($_POST['action']) && $_POST['action'] == 'status') || trim ($_POST['status']) != '') { - + $sql = "UPDATE catalogs_orders SET status='" . $_POST['status'] . "' WHERE `id`='" . $_POST['order_id'] . "'"; $result = mysql_query ($sql) or die (mysql_error ()); // exit; } - + // ==================== // ===== order ======== // ==================== - + // ============== // ==== edit ==== // ============== - + if (isset ($_POST['sms_send'])) { $sql = "insert into sms_history(order_id,mktime,text,user) values('" . $_POST['order_id'] . "','" . mktime () . "','" . $_POST['sms_msg'] . "','" . $_SESSION['admin']['login'] . "')"; mysql_query ($sql); - + foreach ($_POST['sms_tel'] as $tel) { sendSMS ($tel, $_POST['sms_msg']); } - + GoBack (1); } elseif (isset ($_POST['send']) && $_POST['send'] == 'edit-order') { - + $error = ''; $error[] = ValidFormData ($_POST['user']['email'], 'email', 'email'); $error[] = ValidFormData ($_POST['user']['city'], '', 'require'); $error[] = ValidFormData ($_POST['user']['address'], '', 'require'); $error[] = ValidFormData ($_POST['user']['tel'], '.', 'mobile'); $error[] = ValidFormData ($_POST['user']['username'], '', 'require'); - + $alert = implode ('\r\n', $error); - + $mass = array_filter ($error); if (empty ($mass)) { - + $summary = 0; - + // $sql = "SELECT *, product_id as mod_id from catalogs_orders_products WHERE order_id='" . $_POST['order_id'] . "'"; $result = mysql_query ($sql) or die (mysql_error ()); - + if (mysql_affected_rows () != 0) { while ($item = mysql_fetch_assoc ($result)) @@ -92,20 +92,20 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . "/account/func/func.php"); $ordered[] = $item['mod_id']; } } - + // =========================================== // ======= =========== // =========================================== - + $ChangesOfOrder = ChangesOfMass ($_POST['item']['mod_id'], $ordered); - + // ============== // ==== same ==== // ============== - + if (isset ($ChangesOfOrder['same'])) { - + $mass = array_filter ($ChangesOfOrder['same']); if (! empty ($mass)) { @@ -114,23 +114,23 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . "/account/func/func.php"); // key() $i = array_keys ($_POST['item']['mod_id'], $value); $i = $i[0]; - + // // print_r($_POST);exit; $sql2 = "UPDATE catalogs_orders_products SET `count`='" . $_POST['item']['quant'][$i] . "',`reservation`='" . $_POST['item']['reservation'][$i] . "',`status`='" . $_POST['item']['status'][$i] . "',`vozvrat`='" . $_POST['item']['vozvrat'][$i] . "' WHERE order_id='" . $_POST['order_id'] . "' AND product_id='" . $_POST['item']['mod_id'][$i] . "'"; // print "
"; $result2 = mysql_query ($sql2) or die (mysql_error ()); - + // $summary = $summary + ($_POST['item']['quant'][$i] * $_POST['item']['price'][$i]); } } } - + // ============= // ==== add ==== // ============= - + if (isset ($ChangesOfOrder['add'])) { $mass = array_filter ($ChangesOfOrder['add']); @@ -141,7 +141,7 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . "/account/func/func.php"); // key() $i = array_keys ($_POST['item']['mod_id'], $value); $i = $i[0]; - + $r = mysql_query ("select count(*) from catalogs_orders_products where order_id='{$_POST['order_id']}' and product_id='{$_POST['item']['mod_id'][$i]}'"); $c = mysql_result ($r, 0); if (! $c) @@ -149,18 +149,18 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . "/account/func/func.php"); // $sql2 = sprintf ("INSERT INTO catalogs_orders_products (order_id,product_id,code,product_cine_id,count,reservation) VALUES (%s,%s,%s,%s,%s,%s)", GetSQLValueString ($_POST['order_id'], "text"), GetSQLValueString ($_POST['item']['mod_id'][$i], "text"), GetSQLValueString ($_POST['item']['code'][$i], "text"), GetSQLValueString ($_POST['item']['price'][$i], "text"), GetSQLValueString ($_POST['item']['quant'][$i], "text"), GetSQLValueString ($_POST['item']['reservation'][$i], "text")); $result2 = mysql_query ($sql2) or die (mysql_error ()); - + // $summary = $summary + ($_POST['item']['quant'][$i] * $_POST['item']['price'][$i]); } } } } - + // ========== // == del === // ========== - + /* * if (isset($ChangesOfOrder['del'])) { * @@ -176,19 +176,19 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . "/account/func/func.php"); * } * } */ - + // =========== // == == // =========== - + if (isset ($summary)) { // if(trim($_POST['label'])) $_POST['label'] = 1; // print_r($_POST); // $sql2 = sprintf (" - UPDATE catalogs_orders - SET + UPDATE catalogs_orders + SET cards=%s, insurance=%s, warehouse=%s, @@ -211,42 +211,42 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . "/account/func/func.php"); dedline=%s, sumn=%s, sends=%s, - work_user=%s - WHERE - id='" . $_POST['order_id'] . "'", - GetSQLValueString ($_POST['user']['cards'], "text"), - GetSQLValueString ($_POST['user']['insurance'], "text"), - GetSQLValueString ($_POST['user']['warehouse'], "text"), - GetSQLValueString ($_POST['user']['nakladnaya'], "text"), - GetSQLValueString ($_POST['cost_delivery'], "text"), - $_POST['paid'], - $_POST['cause'], - $_POST['label'], - $_POST['user']['delivery'], - GetSQLValueString ($_POST['user']['declaration'], "text"), - GetSQLValueString ($_POST['user']['payment'], "text"), - GetSQLValueString ($_POST['user']['city'], "text"), - GetSQLValueString ($_POST['user']['address'], "text"), - GetSQLValueString ($_POST['user']['comment'], "text"), - GetSQLValueString ($_POST['user']['mcomment'], "text"), - GetSQLValueString ($summary, "text"), - (int)$_POST['meneger'], - GetSQLValueString ($_POST['user']['check'], "text"), - GetSQLValueString ($_POST['user']['smst'], "text"), - GetSQLValueString ($_POST['user']['dedline'], "text"), - GetSQLValueString ($_POST['user']['sumn'], "text"), - GetSQLValueString ($_POST['user']['sends'], "text"), + work_user=%s + WHERE + id='" . $_POST['order_id'] . "'", + GetSQLValueString ($_POST['user']['cards'], "text"), + GetSQLValueString ($_POST['user']['insurance'], "text"), + GetSQLValueString ($_POST['user']['warehouse'], "text"), + GetSQLValueString ($_POST['user']['nakladnaya'], "text"), + GetSQLValueString ($_POST['cost_delivery'], "text"), + $_POST['paid'], + $_POST['cause'], + $_POST['label'], + $_POST['user']['delivery'], + GetSQLValueString ($_POST['user']['declaration'], "text"), + GetSQLValueString ($_POST['user']['payment'], "text"), + GetSQLValueString ($_POST['user']['city'], "text"), + GetSQLValueString ($_POST['user']['address'], "text"), + GetSQLValueString ($_POST['user']['comment'], "text"), + GetSQLValueString ($_POST['user']['mcomment'], "text"), + GetSQLValueString ($summary, "text"), + (int)$_POST['meneger'], + GetSQLValueString ($_POST['user']['check'], "text"), + GetSQLValueString ($_POST['user']['smst'], "text"), + GetSQLValueString ($_POST['user']['dedline'], "text"), + GetSQLValueString ($_POST['user']['sumn'], "text"), + GetSQLValueString ($_POST['user']['sends'], "text"), GetSQLValueString ('0', "text") ); - + $result2 = mysql_query ($sql2) or die (mysql_error ()); - + eMailing ('xml', $_POST['user_id'], $_POST['order_id']); - + $sql = sprintf ("INSERT INTO catalogs_orders_git (order_id,user_id,cost_delivery,cards,insurance,warehouse,paid,label,delivery,declaration,payment,name,email,city,adress,phone,phonemob,comment,mcomment,mktime,total,sumn,sends,status,work_user) VALUES (%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,1,%s)", $_POST['order_id'], GetSQLValueString ($_POST['user']['id'], "text"), GetSQLValueString ($_POST['cost_delivery'], "text"), GetSQLValueString ($_POST['user']['cards'], "text"), GetSQLValueString ($_POST['user']['insurance'], "text"), GetSQLValueString ($_POST['user']['warehouse'], "text"), GetSQLValueString ($_POST['paid'], "text"), GetSQLValueString ($_POST['label'], "text"), GetSQLValueString ($_POST['user']['delivery'], "text"), GetSQLValueString ($_POST['user']['declaration'], "text"), GetSQLValueString ($_POST['user']['payment'], "text"), GetSQLValueString ($_POST['user']['username'], "text"), GetSQLValueString ($_POST['user']['email'], "text"), GetSQLValueString ($_POST['user']['city'], "text"), GetSQLValueString ($_POST['user']['address'], "text"), GetSQLValueString ($_POST['user']['tel'], "text"), GetSQLValueString ($_POST['user']['tel2'], "text"), GetSQLValueString ($_POST['user']['comment'], "text"), GetSQLValueString ($_POST['user']['mcomment'], "text"), GetSQLValueString (mktime (), "text"), GetSQLValueString ($_POST['summary'], "text"), GetSQLValueString ($_POST['user']['sumn'], "text"), GetSQLValueString ($_POST['user']['sends'], "text"), $_SESSION['admin']['id']); $resultg = mysql_query ($sql) or die (mysql_error ()); $id_order_git = mysql_insert_id (); - + for ($i = 0; $i <= count ($_POST['item']); $i ++) { if (! empty ($_POST['item']['mod_id'][$i])) @@ -255,22 +255,22 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . "/account/func/func.php"); $result2 = mysql_query ($sql2) or die (mysql_error ()); } } - + // header("location:/admin.php/orders/?page=".$_GET['page']); } else { - + // $sql2="DELETE FROM catalogs_orders WHERE id='".$_POST['order_id']."'"; // $result2 = mysql_query($sql2) or die(mysql_error()); } - + // GoBack(1); // echo""; } else { - + echo ""; } } @@ -279,32 +279,32 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . "/account/func/func.php"); if (! empty ($_GET['exit_order_id'])) { $sql = sprintf ("UPDATE catalogs_orders SET work_user=0 WHERE id=%d", $_GET['exit_order_id']); - + mysql_query ($sql); } - + if (empty ($_SESSION['up'])) { $_SESSION['up'] = 2; } - + if (! empty ($_GET['order_ID'])) { $sql = sprintf ("UPDATE catalogs_orders SET work_user=%d WHERE id=%d AND work_user=0", $_SESSION['admin']['id'], $_GET['order_ID']); - + mysql_query ($sql); } } - + // ============== // ==== add ===== // ============== - + if (isset ($_POST['send']) && $_POST['send'] == 'add-order') - { + { // $debil == false; - + for ($i = 1; $i <= count ($_POST['item']); $i ++) { if (isset ($_POST['item']['mod_id'][$i]) && $_POST['item']['mod_id'][$i] == '') @@ -312,36 +312,36 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . "/account/func/func.php"); $debil = true; } } - + if ($debil == false) { - + // $error=''; // $error[] = ValidFormData($_POST['user']['email'],'email','email'); // $error[] = ValidFormData($_POST['user']['city'],'','require'); // $error[] = ValidFormData($_POST['user']['address'],'','require'); // $error[] = ValidFormData($_POST['user']['tel'],'.','mobile'); // $error[] = ValidFormData($_POST['user']['username'],'','require'); - + // $alert=implode('\r\n',$error); - + // $mass=array_filter($error); // if (empty($mass)) { - + // // $sql="SELECT * FROM zlo_users WHERE email='".$_POST['user']['email']."' "; // $result = mysql_query($sql) or die(mysql_error()); // if (mysql_affected_rows()!=0) { - + // } - + $time = mktime (); $date = date ('Y-m-d H:i:s', $time); - + // if ($_POST['user']['user_id'] == '' || $_POST['user']['user_id'] == 0 || $_POST['user']['user_id'] == '0') { - + if (strpos ($_POST['user']['email'], "@user.com")) { $_POST['user']['group'] = 1; @@ -350,25 +350,25 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . "/account/func/func.php"); { $_POST['user']['group'] = 2; } - + // $pass = generate_password (6); $sql = sprintf ("INSERT INTO zlo_users (pass, email, city, address, tel, registered, username, tel2, `group`) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)", GetSQLValueString ($pass, "text"), GetSQLValueString ($_POST['user']['email'], "text"), GetSQLValueString ($_POST['user']['city'], "text"), GetSQLValueString ($_POST['user']['address'], "text"), GetSQLValueString ($_POST['user']['tel'], "text"), GetSQLValueString ($date, "text"), GetSQLValueString ($_POST['user']['username'], "text"), GetSQLValueString ($_POST['user']['tel2'], "text"), GetSQLValueString ($_POST['user']['group'], "int")); $result = mysql_query ($sql) or die (mysql_error ()); - + // ID $sql = "SELECT id FROM zlo_users WHERE registered='$date' AND tel='" . $_POST['user']['tel'] . "'"; $result = mysql_query ($sql) or die (mysql_error ()); if (mysql_affected_rows () != 0) { $user = mysql_fetch_assoc ($result); - + // if ($user['group'] != 1) { eMailing ('reg', $user['id']); } - + $_POST['user']['user_id'] = $user['id']; } else @@ -376,11 +376,11 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . "/account/func/func.php"); echo " "; } } - + // $sql = sprintf ("INSERT INTO catalogs_orders (cost_delivery,cards,insurance,warehouse,paid,label,delivery,declaration,payment,user_id,name,email,city,adress,phone,phonemob,comment,mcomment,mktime,total,sumn,sends,status) VALUES (%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,1)", GetSQLValueString ($_POST['cost_delivery'], "text"), GetSQLValueString ($_POST['user']['cards'], "text"), GetSQLValueString ($_POST['user']['insurance'], "text"), GetSQLValueString ($_POST['user']['warehouse'], "text"), GetSQLValueString ($_POST['paid'], "text"), GetSQLValueString ($_POST['label'], "text"), GetSQLValueString ($_POST['user']['delivery'], "text"), GetSQLValueString ($_POST['user']['declaration'], "text"), GetSQLValueString ($_POST['user']['payment'], "text"), GetSQLValueString ($_POST['user']['user_id'], "text"), GetSQLValueString ($_POST['user']['username'], "text"), GetSQLValueString ($_POST['user']['email'], "text"), GetSQLValueString ($_POST['user']['city'], "text"), GetSQLValueString ($_POST['user']['address'], "text"), GetSQLValueString ($_POST['user']['tel'], "text"), GetSQLValueString ($_POST['user']['tel2'], "text"), GetSQLValueString ($_POST['user']['comment'], "text"), GetSQLValueString ($_POST['user']['mcomment'], "text"), GetSQLValueString ($time, "text"), GetSQLValueString ($_POST['summary'], "text"), GetSQLValueString ($_POST['user']['sumn'], "text"), GetSQLValueString ($_POST['user']['sends'], "text")); $result = mysql_query ($sql) or die (mysql_error ()); - + // $sql = "SELECT id FROM catalogs_orders WHERE mktime='$time' AND user_id='" . $_POST['user']['user_id'] . "'"; $result = mysql_query ($sql) or die (mysql_error ()); @@ -392,7 +392,7 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . "/account/func/func.php"); { echo ""; } - + // for ($i = 0; $i <= count ($_POST['item']); $i ++) { @@ -408,26 +408,26 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . "/account/func/func.php"); } } } - + mysql_query ("update catalogs_orders set total='$summary' where id='{$order['id']}'"); - + // if ($user['group'] != 1) { eMailing ('order-new', $_POST['user']['user_id'], $order['id']); } - + echo ""; - + // } else { - + // echo""; - + // } } else { - + echo ""; } } @@ -435,9 +435,9 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . "/account/func/func.php"); // ============= // ==== Del ==== // ============= - + if (isset ($_GET['del_order']) && $_GET['del_order'] == 1) - { + { function delOrder (array $orders_id, $del_user = false) { foreach ($orders_id as $order_id) @@ -446,12 +446,12 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . "/account/func/func.php"); if ($del_user) { mysql_query (' - DELETE `zlo_users` FROM `zlo_users` + DELETE `zlo_users` FROM `zlo_users` INNER JOIN `catalogs_orders` as `order` ON `order`.user_id = `zlo_users`.id AND `order`.id = '.(int)$order_id ) or die (mysql_error ()); } - + // mysql_query (' DELETE `catalogs_orders_products` FROM `catalogs_orders_products` @@ -461,21 +461,21 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . "/account/func/func.php"); // mysql_query (' - DELETE FROM `catalogs_orders` + DELETE FROM `catalogs_orders` WHERE `id` = '.(int)$order_id - ) or die (mysql_error ()); + ) or die (mysql_error ()); } } - + if ($_SESSION['admin']['group'] == 1) // { delOrder (array ( 'order_id' => $_GET['order_id']) ); - + echo ""; } - else + else { echo ""; } @@ -484,16 +484,16 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . "/account/func/func.php"); // ================= // ==== NOTIFY ===== // ================= - + // ================== // ==== changed ===== // ================== - + if (isset ($_GET['notify']) && $_GET['notify'] == 'order-changed') { - + eMailing ('order-changed', $_GET['user'], $_GET['order']); - + echo ""; } @@ -502,26 +502,26 @@ include_once ($_SERVER['DOCUMENT_ROOT'] . "/account/func/func.php"); // ============== ================= // ====================================== // ====================================== - - // ===== javascript ==== - + + // ===== javascript ==== + echo " "; - + // modal echo " "; - + // validator echo " - + "; @@ -539,13 +539,15 @@ if (! isset ($_GET['action'])) echo ""; } // *********************** - + // ============== // === report === // ============== - + $time = ''; + $time['day'] = "o.`mktime` >= " . mktime (0, 0, 0, date ('n'), date ('j'), date ('Y')); + if (date ('w') == 1) { $time['week'] = " o.`mktime` >=" . mktime (0, 0, 0, date ('n'), date ('j'), date ('Y')) . " "; @@ -554,54 +556,12 @@ if (! isset ($_GET['action'])) { $time['week'] = "( o.`mktime` BETWEEN " . strtotime ("last Monday") . " AND " . mktime (0, 0, 0, date ('n'), date ('j') + 1, date ('Y')) . ") "; } + $time['month'] = "o.`mktime` >= " . mktime (0, 0, 0, date ('n'), 1, date ('Y')); - + Report::put_time ($time); Report::make (); - /* - * echo"
"; - * - * // === === - * - * echo"
"; - * - * echo" : "; - * echo Report::html_report(Report::get_mass_client()); - * echo"
"; - * - * echo"
"; - * - * // === === - * - * echo"
"; - * - * echo" : "; - * echo Report::html_report(Report::get_mass_order()); - * echo"
"; - * - * echo"
"; - * - * // === === - * - * echo"
"; - * - * echo": "; - * echo""; - * - * // - * echo"
"; - * echo"
"; - * echo"
"; - * echo"
"; - * echo"
"; - * echo"
"; - * echo"
"; - * - * echo"
"; - * - * echo"
"; - */ - + if (! isset ($_GET['status'])) { $_GET['status'] = "1"; @@ -610,20 +570,19 @@ if (! isset ($_GET['action'])) { $_GET['page'] = "1"; } - + + $WHERE = array(); + $WHERE_DATE = ''; + if (isset ($_GET['user'])) { - $AND = "AND u.id=" . $_GET['user']; - } - else - { - $AND = ''; + $WHERE[] = "u.id=" . $_GET['user']; } - + // ============= // === === // ============= - + $th = array ( "id" => " ", "username" => "", @@ -632,9 +591,9 @@ if (! isset ($_GET['action'])) "declaration" => " ", "nakladnaya" => " ", "code" => "", - "mcomment" => "" + "mcomment" => "" ); - + // if (isset ($_REQUEST['search'])) { @@ -670,239 +629,203 @@ if (! isset ($_GET['action'])) { $pre = "o"; } - $AND = ''; + if (trim ($_REQUEST['look']) != '') { if ($_REQUEST['field'] == "id") - $AND .= "AND $pre.`" . $_REQUEST['field'] . "` LIKE '" . trim ($_REQUEST['look']) . "' "; + $WHERE[] = "$pre.`" . $_REQUEST['field'] . "` LIKE '" . trim ($_REQUEST['look']) . "' "; else - $AND .= "AND $pre.`" . $_REQUEST['field'] . "` LIKE '%" . trim ($_REQUEST['look']) . "%' "; + $WHERE[] = "$pre.`" . $_REQUEST['field'] . "` LIKE '%" . trim ($_REQUEST['look']) . "%' "; } + if (($_REQUEST['form']['date_start'] != '') && ($_REQUEST['form']['date_end'] != '')) { - $dateStart = $_REQUEST['form']['date_start']; - $dateEnd = $_REQUEST['form']['date_end']; - + $dateEnd = $_REQUEST['form']['date_end']; + $mkdate = ExtractDate ($_REQUEST['form']['date_start']); $_REQUEST['form']['date_start'] = mktime (0, 0, 0, $mkdate[1], $mkdate[2], $mkdate[0]); - + $mkdate = ExtractDate ($_REQUEST['form']['date_end']); $_REQUEST['form']['date_end'] = mktime (0, 0, 0, $mkdate[1], $mkdate[2], $mkdate[0]); - - $AND .= " AND (o.`mktime` BETWEEN '" . $_REQUEST['form']['date_start'] . "' AND '" . $_REQUEST['form']['date_end'] . "') "; + + $WHERE_DATE = "(o.`mktime` BETWEEN '" . $_REQUEST['form']['date_start'] . "' AND '" . $_REQUEST['form']['date_end'] . "') "; + + $WHERE[] = $WHERE_DATE; } } - // ============= - // === ==== - // ============= - - echo " -
-
-
- - + + + +
"; + + echo " +
+
+ + +
+
+ + +
+
"; + + echo ' + '; + + echo ' + '; - echo " - - -
"; - echo " -
-
- - -
-
- - -
-
"; - - echo ' - '; - - echo ' - '; - - echo " - - - "; - + + + "; + + } // =========== =========== - - $eshka = ""; - $eshka2 = ""; - $eshka3 = ""; + $lll = ""; - /* - * if(trim(@$_REQUEST['da'])=='1'){ - * $eshka = "o.mktime<'1341090000' AND "; - * $eshka2 = "o.mktime<'1341090000' AND "; - * $lll = "font-weight:bold;"; - * }else{ - * $eshka = "o.mktime>'1341090000' AND "; - * $eshka2 = "o.mktime>'1341090000' AND "; - * $lll = ""; - * } - */ - + if (trim (@$_REQUEST['pr']) == '1') { $tim = (time () - 86400); - $eshka3 = "o.upd<'" . date ("Y-m-d H:i:s", $tim) . "' AND "; - } - else - { - $eshka3 = ""; + $WHERE[] = "o.upd<'" . date ("Y-m-d H:i:s", $tim) . "'"; } - + if (trim (@$_REQUEST['prs']) == '1') { $tim = (time () - 172800); - $eshka4 = "o.upd<'" . date ("Y-m-d H:i:s", $tim) . "' AND "; - } - else - { - $eshka4 = ""; + $WHERE[] = "o.upd<'" . date ("Y-m-d H:i:s", $tim) . "'"; } - + $order = ((isset ($_GET['order'])) ? $_GET['order'] : 'mktime'); $type = ((isset ($_GET['type'])) ? $_GET['type'] : 'DESC'); - + + // if (isset ($_GET['stat']) && $_GET['stat'] == 1) { - $AND .= " AND o.status IN(4,5) AND o.mktime<'" . mktime (0, 0, 0, "01", "01", "2013") . "' "; + //$WHERE[] = "o.status IN(4,5)"; + $WHERE[] = "o.mktime<'" . mktime (0, 0, 0, "01", "01", "2013") . "' "; } else { - // $mk_and = $AND = "AND o.mktime>='".mktime(0, 0, 0, date("m"), date("d"), date("Y"))."' and o.mktime<='".mktime(0, 0, 0, date("m"), date("d")+1, date("Y"))."' "; - $AND .= " AND o.status IN(1,2) AND o.mktime>='" . mktime (0, 0, 0, "01", "01", "2013") . "' "; - $mk_and = " AND o.status IN(1,2) AND o.mktime>='" . mktime (0, 0, 0, "01", "01", "2013") . "' "; + //$WHERE[] = "o.status IN(1,2)"; + $WHERE[] = "o.mktime>='" . mktime (0, 0, 0, "01", "01", "2013") . "' "; } - + if (isset ($_GET['sort_label']) && $_GET['sort_label'] != '') { - $AND .= " AND o.label='" . $_GET['sort_label'] . "' "; + $WHERE[] = "o.label = '" . $_GET['sort_label'] . "' "; } if (isset ($_GET['lab'])) { - $AND .= " AND o.label IN(" . implode (',', $_GET['lab']) . ")"; + $WHERE[] = "o.`label` IN (" . implode (',', $_GET['lab']) . ")"; } if (isset ($_GET['delivery'])) { - $AND .= " AND o.delivery IN(" . implode (',', $_GET['delivery']) . ")"; + $WHERE[] = "o.delivery IN (" . implode (',', $_GET['delivery']) . ")"; } if (isset ($_GET['meneger']) && $_GET['meneger'] > 0) { - $AND .= " AND o.meneger='" . $_GET['meneger'] . "'"; + $WHERE[] = "o.meneger='" . $_GET['meneger'] . "'"; } - - $sql = "SELECT o.*, o.name as username, o.adress as address, o.phone as tel, o.phonemob as tel2, o.`mktime` as order_date, u.group, o.id as order_id, m.*, m.product_id as mod_id, op.* , p.*, g.color as group_color,za.username as meneger_name - FROM catalogs_orders as o - LEFT JOIN catalogs_orders_products as op ON op.order_id=o.id - LEFT JOIN catalogs_modifications AS m ON m.id = op.product_id - LEFT JOIN catalogs_products AS p ON p.id = m.product_id - LEFT JOIN zlo_users as u ON u.id=o.user_id - LEFT JOIN zlo_users_group as g ON g.id=u.group - LEFT JOIN zlo_admin as za ON za.id=o.meneger - WHERE " . $eshka3 . $eshka4 . $eshka./*((!isset($_GET['search']))?"o.status='".$_GET['status']."'":"o.status>'0'").*/"1=1 $AND GROUP BY o.id ORDER BY o.$order $type "; - + + // ***** ***** + if (! in_array ($_SESSION['admin']['id'], array (1, 19, 20))) + { + $WHERE[] = "o.`label` NOT IN (9,10)"; + } + + $sql = " + SELECT + o.*, o.name as username, o.adress as address, o.phone as tel, o.phonemob as tel2, o.`mktime` as order_date, + u.group, o.id as order_id, + m.product_id as mod_id, + op.* , + g.color as group_color, + za.username as meneger_name + FROM catalogs_orders as o + LEFT JOIN catalogs_orders_products as op ON op.order_id=o.id + LEFT JOIN catalogs_modifications AS m ON m.id = op.product_id + LEFT JOIN catalogs_products AS p ON p.id = m.product_id + LEFT JOIN zlo_users as u ON u.id=o.user_id + LEFT JOIN zlo_users_group as g ON g.id=u.group + LEFT JOIN zlo_admin as za ON za.id=o.meneger + WHERE ".(! empty ($WHERE) ? implode (' AND ', $WHERE) : ''). " + GROUP BY o.id + ORDER BY o.$order $type + "; + $pager['sql'] = $sql; // echo $pager['sql']; $pager = pagerGetRun ($pager, 50, 15); + $result = mysql_query ($pager['sql']) or die (mysql_error ()); - if (mysql_affected_rows () != 90800) + if (mysql_affected_rows () != 0) { - // ============= // === ==== // ============= - + echo "
"; echo "
"; - // ////$eshka2.$eshka - $sql0 = "SELECT * FROM zlo_book_status WHERE id IN (1,2,4,5)"; - $result0 = mysql_query ($sql0) or die (mysql_error ()); - if (mysql_affected_rows () != 0) - { - while ($rows = mysql_fetch_assoc ($result0)) - { - - // $AND - - // - $sql2 = "SELECT count(o.id) AS calc, o . * , m.*, m.product_id as mod_id, op.* , p.* - FROM catalogs_orders as o - LEFT JOIN catalogs_orders_products as op ON op.order_id=o.id - LEFT JOIN catalogs_modifications AS m ON m.id = op.product_id - LEFT JOIN catalogs_products AS p ON p.id = m.product_id - LEFT JOIN zlo_users as u ON u.id=o.user_id - LEFT JOIN zlo_users_group as g ON g.id=u.group - WHERE " . $eshka2 . "o.status='" . $rows['id'] . "' $AND"; - - // if(trim($_REQUEST['test'])=="1") echo $sql2; - - /* - * $sql2 = "SELECT count(o.id) AS calc FROM catalogs_orders as o WHERE ".$eshka2."o.status='".$rows['id']."'"; - * - * - * $result2 = mysql_query($sql2) or die(mysql_error()); - * $row2=mysql_fetch_assoc($result2); - * $yyyyyy = str_replace("prs=1","prs=0",str_replace("pr=1","pr=0",urlQueryChange2('status',$rows['id']))); - * echo"
".$rows['title']."(".$row2['calc'].")
"; - */ - } - } - + $array_label = array ( - 0 => " ", - 1 => "", + 0 => " ", + 1 => "", 110 => "", - 2 => "", - 3 => "", - 4 => "", - 5 => "", - 510 => "", - 6 => "", - 610 => "", - 7 => "", - 8 => "", - 9 => "", - 10 => "" + 2 => "", + 3 => "", + 4 => "", + 5 => "5", + 510 => "510", + 6 => "6", + 610 => "610", + 7 => "", + 8 => "8", + 9 => "", + 10 => "", ); + print '
@@ -914,43 +837,63 @@ if (! isset ($_GET['action'])) '; - for ($i = 0; $i <= 10; $i ++) - foreach ($array_label as $i => $v) + + $WHERE = array (); + + foreach ($array_label as $label_id => $label_title) { - $sql = "select count(*) from catalogs_orders o where o.label='" . $i . "'"; - if (isset ($_GET['stat']) && $_GET['stat'] == 1) + // ***** ***** + if (in_array ($label_id, array (9, 10)) && ! in_array ($_SESSION['admin']['id'], array (1, 19, 20))) { - $sql .= " AND o.status IN(4,5)"; + CONTINUE; } - else + + $WHERE[] = "o.`label` = " . $label_id; + + if (! empty ($WHERE_DATE)) { - $sql .= $mk_and; + $WHERE[] = $WHERE_DATE; } + + // + $sql = " + SELECT count(*) as count + FROM catalogs_orders o + WHERE " . (! empty ($WHERE) ? implode (' AND ', $WHERE) : ''); + $r = mysql_query ($sql) or die (mysql_error ()); $count = mysql_result ($r, 0); - print ''; + + $label_id = ($label_id == 110) ? 1.1 : $label_id; + $label_id = ($label_id == 510) ? 5.1 : $label_id; + $label_id = ($label_id == 610) ? 6.1 : $label_id; + + print ''; } + print "


"; - - print ""; - + + print ""; + $sql = "select * from zlo_book_delivery"; $r = mysql_query ($sql) or die (mysql_error ()); $i = 0; @@ -966,7 +909,7 @@ if (! isset ($_GET['action'])) $i ++; } print '
'; - + $tim = (time () - 86400); $sql3 = " SELECT count(*) count FROM catalogs_orders WHERE `status`=1 AND `upd`<'" . date ("Y-m-d H:i:s", $tim) . "';"; @@ -975,7 +918,7 @@ if (! isset ($_GET['action'])) $yyyyyt = ""; if (trim ($_REQUEST['pr']) == "1") $yyyyyt = "font-weight:bold; "; - + $tim2 = (time () - 172800); $sql4 = " SELECT count(*) count FROM catalogs_orders WHERE `status`=2 AND `upd`<'" . date ("Y-m-d H:i:s", $tim2) . "';"; @@ -984,27 +927,33 @@ if (! isset ($_GET['action'])) $yyyyyt2 = ""; if (trim ($_REQUEST['prs']) == "1") $yyyyyt2 = "font-weight:bold; "; - - echo " - -
"; + + // ***** ***** + if (in_array ($_SESSION['admin']['id'], array (1, 19, 20))) + { + echo " +
"; + + echo " +
+ +
"; + } + echo " -
- -
-
+ +
+ . (" . $row3['count'] . ") +
+ +
+ . (" . $row4['count'] . ") +
-->
 
- "; - + "; + // =================== // === === // =================== @@ -1020,40 +969,38 @@ if (! isset ($_GET['action'])) } // print $url_l; print " - - - - - - - - - - - - - - "; + + + + + + + + + + + + + + "; $i1 = 0; while ($order = mysql_fetch_assoc ($result)) { - // print_r($order); if (empty ($order['order_id'])) $order['order_id'] = 0; - print " - - - - - - + + + + + + - - - + + - - + - "; + "; print ""; - + // ***** ***** if (isset ($_SESSION['admin']['edit1'])) { - + // if ($order['status'] != 6) { @@ -1145,42 +1096,46 @@ if (! isset ($_GET['action'])) echo $row4['title']; } } - echo " + echo " "; } } + print ""; + if ($order['order_id'] == $_GET['order_ID']) { - print ''; } else @@ -1844,23 +1810,23 @@ if (! isset ($_GET['action'])) echo "
"; // echo "
"; - // + // if ($_SESSION['admin']['group'] == 1) // { echo "
"; } } - + /* * if (is_file($_SERVER['DOCUMENT_ROOT']."/xml/".$dateFromDate[0]."/".$dateFromDate[1]."/order_".$order['order_id'].".xml")) { * echo"
"; * } */ - + echo ""; } echo ""; - + echo ""; } } @@ -1868,19 +1834,19 @@ if (! isset ($_GET['action'])) { echo "

"; } - + print ''; } - + $i1 ++; } - + echo "
{$order['order_id']}
{$order['meneger_name']}		" . date ('Y-m-d H:i:s', $order['order_date']) . "" . $order['dedline'] . "" . $order['username'] . "{$order['total']}"; - + print "
{$order['order_id']}
{$order['meneger_name']}		" . date ('Y-m-d H:i:s', $order['order_date']) . "" . $order['dedline'] . "" . $order['username'] . "{$order['total']}"; if ($_SESSION['admin']['group'] == 1 || $_SESSION['admin']['group'] == 4 || $_SESSION['admin']['group'] == 6) { echo ""; + + + "; } else { @@ -1062,15 +1009,12 @@ if (! isset ($_GET['action'])) else print ""; } - echo " {$order['tel']}
CMC		{$order['city']}, {$order['address']}"; - + {$order['tel']}
CMC		{$order['city']}, {$order['address']}"; // if($_SESSION['admin']['group']==1 || $_SESSION['admin']['group']==4){ - if ($_SESSION['admin']['group'] == 2 and ($order['label'] == 9 or $order['label'] == 10)) { print $order['label']; @@ -1078,9 +1022,14 @@ if (! isset ($_GET['action'])) else { echo " "; } - - // }else{ + + // }else{ // print $order['label']; // } - + $s = "select * from catalogs_orders_products where order_id=" . $order['order_id']; $r = mysql_query ($s) or die (mysql_error ()); $status = array (); @@ -1118,18 +1069,18 @@ if (! isset ($_GET['action'])) $status[] = $op['status']; } echo "" . implode (', ', $status) . ""; + " . implode (', ', $status) . ""; if (strlen ($order['mcomment']) > 0) print "" . substr ($order['mcomment'], 0, 30) . "..."; print "" . $order['smst'] . " -
+
'; + // =========== =========== - - $sql = "SELECT o.*, o.name as username, o.adress as address, o.phone as tel, o.phonemob as tel2, u.group, o.id as order_id, o.adress as address, g.name as user_group, g.color as user_color + + $sql = " + SELECT + o.*, o.name as username, o.adress as address, o.phone as tel, o.phonemob as tel2, u.group, o.id as order_id, o.adress as address, + g.name as user_group, g.color as user_color FROM catalogs_orders as o - LEFT JOIN zlo_users as u ON u.id=o.user_id - LEFT JOIN zlo_users_group as g ON g.id=u.group + LEFT JOIN zlo_users as u ON u.id=o.user_id + LEFT JOIN zlo_users_group as g ON g.id=u.group WHERE o.id='" . $_GET['order_ID'] . "'"; $result1 = mysql_query ($sql) or die (mysql_error ()); if (mysql_affected_rows () != 0) { - $order = mysql_fetch_assoc ($result1); - + $r = mysql_query ("select * from card where user_id='" . $order['user_id'] . "'") or die (mysql_error ()); $c = mysql_fetch_assoc ($r); $order['cards'] = $c['card']; - + echo "
"; echo "
"; - + echo "
- #" . $order['order_id'] . "    : " . $order['user_group'] . "    C: " . $order['total'] . " . + #" . $order['order_id'] . "    : " . $order['user_group'] . "    C: " . $order['total'] . " .
" . date ('d-m-Y H:i:s', $order['mktime']) . "
@@ -1196,17 +1151,17 @@ if (! isset ($_GET['action'])) } ); -
- - -
"; - +
+ + +
"; + if ($_SESSION['admin']['group'] == 1 || $_SESSION['admin']['group'] == 4 || $_SESSION['admin']['group'] == 6) { echo ""; + + + "; } else { @@ -1216,17 +1171,23 @@ if (! isset ($_GET['action'])) print ""; echo ""; } - + echo "
- -
- -
"; - + +
+ +
"; + // ////////if($_SESSION['admin']['group']==1 || $_SESSION['admin']['group']==4){ echo ""; // //////////}else{ // ////////////echo $order['label']; // ///} - - echo "
+ + echo "
-
- - -
- -
- -
- +
+ + +
+ +
+ +
+
- +
@@ -1303,43 +1264,43 @@ if (! isset ($_GET['action']))
"; - + // ==== TEL ==== - + $disabled_tel = $_SESSION['admin']['group'] == 1 ? '' : "disabled='disabled'"; - + echo "
- +
- +
- +
"; - - echo " + + echo "
- -
+ +
- - "; + + "; global $setup; $res = $setup->db->getAll ("select * from sms_tpl", array (), DB_FETCHMODE_ASSOC); echo "
"; $sms_count = $setup->db->getOne ("select count(*) from sms_history where order_id=?", array ( - $order['id'] + $order['id'] )); echo "

0 ()
"; echo "
"; echo "
-
(" . $sms_count . ")
"; +
(" . $sms_count . ")
"; echo "
"; - + echo "
"; @@ -1365,31 +1326,31 @@ if (! isset ($_GET['action'])) viewBookSelectValue ('zlo_book_delivery', 'id', 'title', $order['delivery']); echo "
"; - - echo " + + echo "
"; - - echo " + + echo "
"; - - echo " + + echo "
"; - + $array_method = array ( " ", " ", " ", " -", " ", - " " + " " ); echo " -
- - "; foreach ($array_method as $method) { echo '
"; - + echo "
"; - if ($_SESSION['admin']['id'] == 22 - || $_SESSION['admin']['id'] == 7 - || $_SESSION['admin']['id'] == 1 + if ($_SESSION['admin']['id'] == 22 + || $_SESSION['admin']['id'] == 7 + || $_SESSION['admin']['id'] == 1 || $_SESSION['admin']['id'] == 19 || $_SESSION['admin']['id'] == 20 ) { $sumn_disabled = ''; } - else + else { $sumn_disabled = "disabled"; } @@ -1421,33 +1382,33 @@ if (! isset ($_GET['action']))
"; - + if ($sumn_disabled != '') { echo ""; } - + echo "

-
- - + "; + // foreach ( array ( "", - "" + "" ) as $method) { echo ''; } - + echo "
"; - + echo "
@@ -1456,8 +1417,8 @@ if (! isset ($_GET['action']))
- - "; + + "; $disabled = ""; if ($order['meneger'] > 0) { @@ -1466,11 +1427,11 @@ if (! isset ($_GET['action'])) $disabled = "disabled"; } } - + // ==== ==== - + $disabled = ""; - + if ($_SESSION['admin']['group'] != 1) { $disabled = "disabled"; @@ -1478,11 +1439,11 @@ if (! isset ($_GET['action'])) echo " -
- "; + $mass_manager = array (); - + $result_1 = mysql_query ("select * from zlo_admin"); while ($row = mysql_fetch_assoc ($result_1)) { @@ -1491,52 +1452,52 @@ if (! isset ($_GET['action'])) $manager_id = $_SESSION['admin']['id']; $disabled = $row["id"] != $manager_id ? 'disabled' : ''; } - else + else { $manager_id = $order['meneger']; $disabled = 'disabled'; } - + if ($manager_id == $row["id"] || $_SESSION['admin']['group'] == 1) { $disabled = ''; } echo ""; - } + } echo ""; - + echo "
"; - + // ==== ==== - + $disabled = ""; - + if ($_SESSION['admin']['id'] != 7 and $_SESSION['admin']['id'] != 17) { $disabled = "disabled"; } - + echo "
"; - + if ($disabled == "disabled") { echo ""; } - + echo "
"; - + echo "
"; - + // - + $sql3 = "SELECT * FROM catalogs_orders_products WHERE `order_id`='" . $order['order_id'] . "' "; $result3 = mysql_query ($sql3) or die (mysql_error ()); @@ -1556,9 +1517,9 @@ if (! isset ($_GET['action']))
.
-
-
-
+
+
+
@@ -1575,7 +1536,7 @@ if (! isset ($_GET['action']))
- +
 
 
 
@@ -1583,88 +1544,90 @@ if (! isset ($_GET['action']))
0
0
-
+
"; echo ' -
-
    -
  • ?
    • -
  • ?
    • -
  • ?
    • -
  • ?
    • -
  • ?
    • -
  • ?
    • -
  • ?
    • -
  • ?
    • -
  • 2?
    • -
  • ?
    • -
  • -
  • -
  • -
    • -
-
'; +
+
    +
  • ?
    • +
  • ?
    • +
  • ?
    • +
  • ?
    • +
  • ?
    • +
  • ?
    • +
  • ?
    • +
  • ?
    • +
  • 2?
    • +
  • ?
    • +
  • +
  • +
  • +
    • +
+
'; echo "
"; - + echo "
+ + + +
"; echo " -
- +
+ - +
- +
- + "; - + while ($item_id = mysql_fetch_assoc ($result3)) { $i ++; - + // $sql4 = "SELECT m.*, m.id as mod_id, p.*,IF(m.cine>0,m.cine,p.cine) as cine from catalogs_modifications as m - LEFT JOIN catalogs_products as p - ON p.id=m.product_id - WHERE m.id='" . $item_id['product_id'] . "' "; + LEFT JOIN catalogs_products as p + ON p.id=m.product_id + WHERE m.id='" . $item_id['product_id'] . "' "; $result4 = mysql_query ($sql4) or die (mysql_error ()); if (mysql_affected_rows () == 11110) { $sql4 = "SELECT m.*, m.id as mod_id, p.*,IF(m.cine>0,m.cine,p.cine) as cine from catalogs_modifications as m - LEFT JOIN catalogs_products as p - ON p.id=m.product_id + LEFT JOIN catalogs_products as p + ON p.id=m.product_id WHERE m.code='" . $item_id['code'] . "' "; $result4 = mysql_query ($sql4) or die (mysql_error ()); } if (mysql_affected_rows () != 0) { $item = mysql_fetch_assoc ($result4); - + if (! empty ($item['code'])) { // - $sql5 = "SELECT c.name as city, o.count + $sql5 = " + SELECT c.name as city, o.count FROM catalogs_keys_products_cities as o - LEFT JOIN catalogs_cities as c - ON o.city_id=c.id - WHERE o.mod_code='" . $item['code'] . "' AND o.count>0 "; + LEFT JOIN catalogs_cities as c + ON o.city_id=c.id + WHERE o.mod_code='" . $item['code'] . "' + AND o.count>0 "; // print $sql5; $result5 = mysql_query ($sql5) or die (mysql_error ()); if (mysql_affected_rows () != 0) @@ -1692,7 +1655,7 @@ if (! isset ($_GET['action'])) else { echo " - +
@@ -1700,8 +1663,8 @@ if (! isset ($_GET['action'])) "; echo ""; } - echo " -
+ echo " +
" . viewBook ('catalogs_brends', $item['brend_id'], 'id', 'name') . " 
" . $item['size'] . " 
@@ -1709,7 +1672,7 @@ if (! isset ($_GET['action']))
" . "(" . $item_id['product_cine_id'] . ") " . $item['cine'] . "
" . ($item['cine'] * $item_id['count']) . "
-
"; +
"; if ($item_id['count'] == 0) { echo ""; @@ -1719,86 +1682,86 @@ if (! isset ($_GET['action'])) { // echo""; echo ""; + + + + + + + + + + + + "; } echo "
"; echo ' -
-
    -
  • ?
    • -
  • ?
    • -
  • ?
    • -
  • ?
    • -
  • ?
    • -
  • ?
    • -
  • ?
    • -
  • ?
    • -
  • 2?
    • -
  • ?
    • -
  • -
  • -
  • -
    • -
    • -
-
'; +
+
    +
  • ?
    • +
  • ?
    • +
  • ?
    • +
  • ?
    • +
  • ?
    • +
  • ?
    • +
  • ?
    • +
  • ?
    • +
  • 2?
    • +
  • ?
    • +
  • +
  • +
  • +
    • +
    • +
+
'; echo "
"; echo "
"; + + + +
"; echo " -
$onStockDesc
+
$onStockDesc
+ - - + - +
- +
- +
"; } } - + echo " - +
- - : 0 0 . + + : 0 0 .
- + "; - + echo "
"; - + // XML $dateFromDate = ExtractDate ((date ('Y-m-d H:i:s', $order['mktime']))); - + // if ($order['status'] != 6) { @@ -1828,10 +1791,13 @@ if (! isset ($_GET['action'])) // ================= // ==== CONTROL ==== // ================= - + if ($order['work_user'] > 0 && $order['work_user'] != $_SESSION['admin']['id']) { - $r = mysql_query ('select login from zlo_admin where id=' . $order['work_user']); + $r = mysql_query (' + select login + from zlo_admin + where id=' . $order['work_user']); print '
' . mysql_result ($r, 0) . '
"; - + echo ""; - + // === Pager - + echo "
" . pagerGetShow ($pager) . " @@ -1894,105 +1860,115 @@ if (! isset ($_GET['action'])) if (isset ($_GET['action']) && $_GET['action'] == 'show') { - + // - + echo "
"; - $sql = "SELECT * FROM zlo_book_status WHERE id IN (1,2,4,5)"; + $sql = " + SELECT * + FROM zlo_book_status + WHERE id IN (1,2,4,5)"; $result = mysql_query ($sql) or die (mysql_error ()); if (mysql_affected_rows () != 0) { while ($row = mysql_fetch_assoc ($result)) { - + // - $sql2 = "SELECT count(`id`) AS calc FROM catalogs_orders WHERE status='" . $row['id'] . "' AND user_id=" . $_GET['user'] . ""; + $sql2 = " + SELECT count(`id`) AS calc + FROM catalogs_orders + WHERE status='" . $row['id'] . "' + AND user_id=" . $_GET['user']; $result2 = mysql_query ($sql2) or die (mysql_error ()); $row2 = mysql_fetch_assoc ($result2); - + echo "
" . $row['title'] . "(" . $row2['calc'] . ")
"; } } echo "
"; - + if (! isset ($_GET['status'])) { $_GET['status'] = 1; } - + // =========== =========== - - $sql = "SELECT o.*, o.name as username, o.adress as address, o.phone as tel, o.phonemob as tel2, u.group, o.id as order_id - FROM catalogs_orders as o - LEFT JOIN zlo_users as u on u.id=o.user_id - WHERE u.id=" . $_GET['user'] . " AND o.status=" . $_GET['status'] . " ORDER BY mktime DESC "; + + $sql = " + SELECT o.*, o.name as username, o.adress as address, o.phone as tel, o.phonemob as tel2, u.group, o.id as order_id + FROM catalogs_orders as o + LEFT JOIN zlo_users as u on u.id=o.user_id + WHERE u.id=" . $_GET['user'] . " + AND o.status=" . $_GET['status'] . " + ORDER BY mktime DESC "; $pager['sql'] = $sql; $pager = pagerGetRun ($pager, 10, 15); // echo$pager['sql']; $result = mysql_query ($pager['sql']) or die (mysql_error ()); if (mysql_affected_rows () != 0) { - + // =================== // === === // =================== - + while ($order = mysql_fetch_assoc ($result)) { - + echo "
"; - + echo "
- +

#" . $order['order_id'] . "
: " . date ('Y-m-d H:i:s', $order['mktime']) . "

- - + +
" . $order['username'] . " 
" . $order['tel'] . " 
- +
" . $order['tel2'] . " 
- +
" . viewBook ('zlo_users_group', $order['group'], 'id', 'name') . " 
- +
[ ] - +
- +
" . viewBook ('zlo_book_delivery', $order['delivery'], 'id', 'title') . " 
- +
" . $order['city'] . " 
- +
" . $order['address'] . " 
- +
" . $order['comment'] . " 
- +
- +
"; - + // - + echo "
@@ -2011,68 +1987,66 @@ if (isset ($_GET['action']) && $_GET['action'] == 'show') "; - + $sql3 = " SELECT o . * , m.*, m.product_id as mod_id, op.* , p.* - FROM catalogs_orders AS o + FROM catalogs_orders AS o LEFT JOIN catalogs_orders_products as op ON op.order_id=o.id - LEFT JOIN catalogs_modifications AS m ON m.id = op.product_id - LEFT JOIN catalogs_products AS p ON p.id = m.product_id + LEFT JOIN catalogs_modifications AS m ON m.id = op.product_id + LEFT JOIN catalogs_products AS p ON p.id = m.product_id WHERE o.id='" . $order['order_id'] . "'"; $result3 = mysql_query ($sql3) or die (mysql_error ()); if (mysql_affected_rows () != 0) { while ($item = mysql_fetch_assoc ($result3)) { + $i ++; + + // + $sql5 = "SELECT c.name as city, o.count + FROM catalogs_keys_products_cities as o + LEFT JOIN catalogs_cities as c + ON o.city_id=c.id + WHERE o.mod_code='" . $item['code'] . "' AND o.count>0 "; + $result5 = mysql_query ($sql5) or die (mysql_error ()); + if (mysql_affected_rows () != 0) { - $i ++; - - // - $sql5 = "SELECT c.name as city, o.count - FROM catalogs_keys_products_cities as o - LEFT JOIN catalogs_cities as c - ON o.city_id=c.id - WHERE o.mod_code='" . $item['code'] . "' AND o.count>0 "; - $result5 = mysql_query ($sql5) or die (mysql_error ()); - if (mysql_affected_rows () != 0) - { - $onStockDesc = ''; - while ($onStock = mysql_fetch_assoc ($result5)) - { - $onStockDesc .= $onStock['city'] . "(" . $onStock['count'] . ") "; - } - } - else + $onStockDesc = ''; + while ($onStock = mysql_fetch_assoc ($result5)) { - $onStockDesc = ''; + $onStockDesc .= $onStock['city'] . "(" . $onStock['count'] . ") "; } - - echo " - $i . - " . $item['code'] . " - " . viewBook ('catalogs_brends', $item['brend_id'], 'id', 'name') . " - " . $item['name'] . " - " . $item['size'] . " - " . $item['color'] . " - " . $item['count'] . " - " . $item['cine'] . " - " . ($item['cine'] * $item['count']) . " - " . $onStockDesc . " - - "; } + else + { + $onStockDesc = ''; + } + + echo " + $i . + " . $item['code'] . " + " . viewBook ('catalogs_brends', $item['brend_id'], 'id', 'name') . " + " . $item['name'] . " + " . $item['size'] . " + " . $item['color'] . " + " . $item['count'] . " + " . $item['cine'] . " + " . ($item['cine'] * $item['count']) . " + " . $onStockDesc . " + + "; } } - + echo " - : " . $order['total'] . " . + : " . $order['total'] . " .
"; - + echo "
"; } - + // === Pager - + echo "
" . pagerGetShow ($pager) . "
"; @@ -2085,9 +2059,9 @@ if (isset ($_GET['action']) && $_GET['action'] == 'show') if (isset ($_GET['action']) && $_GET['action'] == 'edit') { - + // - + if (! isset ($_GET['status'])) { $status = 1; @@ -2096,7 +2070,7 @@ if (isset ($_GET['action']) && $_GET['action'] == 'edit') { $status = $_GET['status']; } - + echo "
"; $sql = "SELECT * FROM zlo_book_status WHERE id IN (1,2,4,5)"; $result = mysql_query ($sql) or die (mysql_error ()); @@ -2104,21 +2078,21 @@ if (isset ($_GET['action']) && $_GET['action'] == 'edit') { while ($row = mysql_fetch_assoc ($result)) { - + // $sql2 = "SELECT count(`id`) AS calc FROM catalogs_orders WHERE status='" . $row['id'] . "' AND user_id=" . $_GET['user'] . ""; $result2 = mysql_query ($sql2) or die (mysql_error ()); $row2 = mysql_fetch_assoc ($result2); - + echo "
" . $row['title'] . "(" . $row2['calc'] . ")
"; } } echo "
"; - + // =========== =========== - + $sql = "SELECT o.*, o.name as username, o.adress as address, o.phone as tel, o.phonemob as tel2, u.group, o.id as order_id, o.adress as address, g.color FROM catalogs_orders as o LEFT JOIN zlo_users as u ON u.id=o.user_id @@ -2127,39 +2101,45 @@ if (isset ($_GET['action']) && $_GET['action'] == 'edit') $result = mysql_query ($sql) or die (mysql_error ()); if (mysql_affected_rows () != 0) { - + $order = mysql_fetch_assoc ($result); - + echo ""; echo "
"; - + echo "
- #" . $order['order_id'] . " C: " . $order['total'] . " . - + #" . $order['order_id'] . " C: " . $order['total'] . " . +
" . date ('Y-m-d H:i:s', $order['mktime']) . "
- - -
-
- -
- - -
-
+ +
+ + +
+ -
- - + + echo " +
+ +
  @@ -2170,19 +2150,19 @@ if (isset ($_GET['action']) && $_GET['action'] == 'edit')  
- +
 
- +
 
- + "; echo "
@@ -2190,8 +2170,8 @@ if (isset ($_GET['action']) && $_GET['action'] == 'edit') viewBookSelectValue ('zlo_book_delivery', 'id', 'title', $order['delivery']); echo "
"; - - echo " + + echo "
 
@@ -2200,19 +2180,19 @@ if (isset ($_GET['action']) && $_GET['action'] == 'edit')
- +
- "; - + "; + echo "
"; - + // - + $sql3 = "SELECT * FROM catalogs_orders_products WHERE `order_id`='" . $order['order_id'] . "' "; $result3 = mysql_query ($sql3) or die (mysql_error ()); @@ -2248,7 +2228,7 @@ if (isset ($_GET['action']) && $_GET['action'] == 'edit')
- +
 
 
 
@@ -2257,43 +2237,43 @@ if (isset ($_GET['action']) && $_GET['action'] == 'edit')
0
0
- + - +
- +
"; - + while ($item_id = mysql_fetch_assoc ($result3)) { $i ++; - + // $sql4 = "SELECT m.*, m.id as mod_id, p.* from catalogs_modifications as m - LEFT JOIN catalogs_products as p - ON p.id=m.product_id + LEFT JOIN catalogs_products as p + ON p.id=m.product_id WHERE m.id='" . $item_id['product_id'] . "' "; - + $result4 = mysql_query ($sql4) or die (mysql_error ()); if (mysql_affected_rows () != 0) { $item = mysql_fetch_assoc ($result4); - + // $sql5 = "SELECT c.name as city, o.count FROM catalogs_keys_products_cities as o LEFT JOIN catalogs_cities as c - ON o.city_id=c.id + ON o.city_id=c.id WHERE o.mod_code='" . $item['code'] . "' AND o.count>0 "; $result5 = mysql_query ($sql5) or die (mysql_error ()); if (mysql_affected_rows () != 0) @@ -2308,7 +2288,7 @@ if (isset ($_GET['action']) && $_GET['action'] == 'edit') { $onStock = ''; } - + echo "
$i
@@ -2319,7 +2299,7 @@ if (isset ($_GET['action']) && $_GET['action'] == 'edit')
-
+
" . viewBook ('catalogs_brends', $item['brend_id'], 'id', 'name') . " 
" . $item['name'] . " 
" . $item['size'] . " 
@@ -2334,47 +2314,47 @@ if (isset ($_GET['action']) && $_GET['action'] == 'edit') - +
- +
- +
"; } } - + echo " - +
: 0 0 .
- + "; - + echo "
"; - + // XML $dateFromDate = ExtractDate ((date ('Y-m-d H:i:s', $order['mktime']))); - + // if ($order['status'] != 6) { echo "
- + "; } - + echo ""; - + echo "
"; - + if (is_file ($_SERVER['DOCUMENT_ROOT'] . "/xml/" . $dateFromDate[0] . "/" . $dateFromDate[1] . "/order_" . $order['order_id'] . ".xml")) { echo "
"; } - + echo "
"; } echo ""; - + echo ""; } } @@ -2419,16 +2399,16 @@ if (isset ($_GET['action']) && $_GET['action'] == 'edit') if (isset ($_GET['action']) && $_GET['action'] == 'add') { - + if (isset ($_POST['user'])) { } - + $user = array (); - + if (isset ($_GET['user'])) { - + $sql = "SELECT * FROM zlo_users WHERE id='" . $_GET['user'] . "'"; $result = mysql_query ($sql) or die (mysql_error ()); if (mysql_affected_rows () != 0) @@ -2438,17 +2418,17 @@ if (isset ($_GET['action']) && $_GET['action'] == 'add') } else { - + if (isset ($_POST)) { $user = $_POST['user']; } } - + echo "
"; echo "
"; echo "
"; - + echo "
@@ -2456,36 +2436,42 @@ if (isset ($_GET['action']) && $_GET['action'] == 'add')
" . date ('d-m-Y H:i:s') . "
"; - + echo " -
- -
-
- -
- + + + +
+
+ +
+ -
+ echo " +
"; - + if (! isset ($_GET['user'])) { echo "
"; } - + if (isset ($_GET['user'])) { - + $readonly = 'readonly="readonly"'; $disabled = 'disabled="disabled"'; } @@ -2494,7 +2480,7 @@ if (isset ($_GET['action']) && $_GET['action'] == 'add') $readonly = ''; $disabled = ''; } - + echo "
@@ -2502,8 +2488,8 @@ if (isset ($_GET['action']) && $_GET['action'] == 'add')
- - + +
@@ -2511,39 +2497,39 @@ if (isset ($_GET['action']) && $_GET['action'] == 'add')
- - + +
- +
"; - + echo "
"; - - echo " + + echo "
"; - + // echo ""; - + echo ""; - + // hidden if (isset ($_GET['user'])) { echo ""; } - + echo ""; - + echo "
@@ -2551,29 +2537,29 @@ if (isset ($_GET['action']) && $_GET['action'] == 'add') viewBookSelectValue ('zlo_book_delivery', 'id', 'title', $user['delivery']); echo "
"; - - echo " + + echo "
"; - - echo " + + echo "
"; - + $array_method = array ( " ", " ", " ", " -", " ", - " " + " " ); - + echo " -
- - "; + foreach ($array_method as $method) { echo ''; } - + echo "
"; - + echo "
"; - + echo "
"; $array_method = array ( "", - "" + "" ); echo " -
- - "; + foreach ($array_method as $method) { echo '
- "; - +
+ "; + echo "
"; - + echo "
@@ -2643,7 +2629,7 @@ if (isset ($_GET['action']) && $_GET['action'] == 'add')
.
-
+
@@ -2660,7 +2646,7 @@ if (isset ($_GET['action']) && $_GET['action'] == 'add')
- +
 
 
 
@@ -2668,20 +2654,20 @@ if (isset ($_GET['action']) && $_GET['action'] == 'add')
0
0
-
+
- + - +
- +
@@ -2696,7 +2682,7 @@ if (isset ($_GET['action']) && $_GET['action'] == 'add')
- +
 
 
 
@@ -2704,30 +2690,30 @@ if (isset ($_GET['action']) && $_GET['action'] == 'add')
0
0
-
+
- + - +
- +
- +
- - : 0 0 . + + : 0 0 .
- + @@ -2735,12 +2721,12 @@ if (isset ($_GET['action']) && $_GET['action'] == 'add')
"; - + // ===================== // ===== javascript ==== // ===================== - - echo " + + echo "