ruạṛ
<?php /** * List orders * @version 0.9 * @author Robert Urquhart <programmer@activatedesign.co.nz> * @package WEP-CMS */ session_start(); require_once 'scripts-includes/universal.php'; require_once 'scripts-includes/display.php'; $connID= connect_to_db(); $dpp = 25; if(!$start = is_numeric_id($_GET['start'],false)) { $start=0; } $search = false; $append = $where = $filter = $order = $sorted = ''; /* if($time_id = is_numeric_id($_GET['time'],false)) { $where .= " and time_id = '$time_id'"; } $append = 'time='.$time_id; */ if($w = clean_plain_data($_GET['searchby'])) { $search = true; $where .= "and (order_ref LIKE '%$w%' OR payment_ref LIKE '%$w%' OR customer_name LIKE '%$w%' OR customer_email LIKE '%$w%') "; $append .= '&searchby='.urlencode($w); $filter .= " $w "; } /* if($w = clean_plain_data($_GET['type'])) { $search = true; switch($w) { case 'Workshop': $where .= " and lesson_type = 'Workshop' "; break; case 'Private': $where .= " and lesson_type = 'Private' "; break; case 'Party': $where .= " and (lesson_type IN ('Bridal Party','Hen Party')) "; break; default: //other $where .= " and (lesson_type NOT IN ('Workshop','Private','Bridal Party','Hen Party')) "; } $append .= '&type='.urlencode($w); $filter .= " [in] $w; "; } if(!$order = clean_plain_data($_GET['order'],false)) { $order = ''; } if($search) { $filter = 'Search for: '.$filter; } $append .= '&order='.$order; */ $query = "select * from orders where 1=1 $where order by "; /* switch($order) { default: } */ $query .= "order_ref desc limit $start, $dpp"; $get_num = mysql_query("select count(*) from orders where 1=1 $where"); $get = mysql_fetch_row($get_num); $num = $get[0]; $orders = mysql_query($query); if(!$orders || mysql_num_rows($orders)<1) { $table = '<p class="center">No orders found</p>'; } else { $table = '<table class="control_panel"> <thead> <tr> <th class="pad"></th> <th>Reference</th> <th>Date</th> <th>Customer</th> <th>Description</th> <th>Value</th> <th class="control">Paid</th> <th class="control">Manage</th> <th class="control">Delete</th> <th class"pad"></th> </tr> </thead> <tfoot></tfoot> '; while($o = mysql_fetch_assoc($orders)) { $oid = $o['order_id']; $ref = '<td>'.$o['order_ref'].'</td>'; $date = '<td>'.date('d-m-Y',$o['order_ref']).'</td>'; $customer = '<td class="left">'.$o['customer_name'].'</td>'; $description = '<td class="left">'.$o['order_description'].'</td>'; $value = '<td class="right">'.format_price($o['order_total']-$o['discount_amount']+$o['shipping_cost'],2).'</td>'; $edit = '<td><a href="edit-order.php?order='.$oid.'">Manage</a></td>'; $paid = '<td><a href="processes/process-switch.php?f=paid&order='.$oid.'" class="toggle">'.onOrOff($o['paid']).'</a></td>'; $delete = '<td><a href="processes/process-order-delete.php?order='.$oid.'" onClick="if(confirm(\'Delete '.$o['order_ref'].'?\')){return true}else{return false}" class="delete"><img src="images/img-del.png" alt="Delete" /></a></td>'; $rows .= "<tr> <td> </td> $ref $date $customer $description $value $paid $edit $delete <td> </td> </tr> "; } $table .= $rows.' </table> '; } head('orders','Administration Panel'); ?> <form name="search_form" id="search_form" action="<? echo $_SERVER['PHP_SELF']; ?>"> <p class="center">Search: <input name="searchby" id="searchby" type="text" size="30" value="" /> <input type="submit" value="Search" /> <span title="Searches reference, customer name, customer email, DPS transaction ID (not visible in table)">[?]</span> | <?php /* ?> <a href="export-customer-details.php">Export customer details</a> <?php // */ ?> <a href="shipping.php">Shipping</a> <?php if(MODULE_DISCOUNT_VOUCHERS): ?> | <a href="discounts.php">Discount codes</a> <?php endif; ?> </p> </form> <?php echo $table; paging($num,$dpp,$start,$append); footer(); exit; ?>
cải xoăn