/** * getting array of all orders * @return array $orders */ function get_all_orders(&$pag_info) { $orders = array(); $total = db_query_to_row("SELECT COUNT(id) as total FROM orders WHERE status > 0"); if ($total) { $count = $total['total']; $p = new Pagination(); $page = isset($_GET['page']) ? abs((int) $_GET['page']) : 1; $pag_info = $p->calculate_pages($count, 10, $page); $orders = db_query_to_array("SELECT o.*, u.first_name, u.last_name FROM orders as o LEFT JOIN users as u ON u.id = o.user_id WHERE o.status > 0 ORDER BY o.id DESC " . $pag_info['limit']); if ($orders) { foreach ($orders as &$order) { $week_numbers = get_order_weeks($order['id']); $order['week_number'] = ''; foreach ($week_numbers as $week) { $order['week_number'] = $week; break; } } } } return $orders; }
function contact_mech_get_attribute($contact_mech_id, $attr_name) { $query = "SELECT ATTR_VALUE\n\t\t\t FROM contact_mech_attribute\n\t\t\t WHERE CONTACT_MECH_ID = '" . esc($contact_mech_id) . "' AND ATTR_NAME = '" . esc($attr_name) . "'"; $data = db_query_to_row($query); return $data['ATTR_VALUE']; }
/** * Gets catalog data * * @param string $catalog_id the id of the product catalog * @return array the catalog data or empty array */ function catalog_get($catalog_id) { $query = "SELECT *\n\t\t\t FROM prod_catalog\n\t\t\t WHERE PROD_CATALOG_ID = '" . esc($catalog_id) . "'"; return db_query_to_row($query); }
/** * * Checks if a party exists in the database * @param str $party_id - id of the party that is being checked * @return bool T/F */ function party_exists($party_id) { $query = "SELECT COUNT(*) FROM party WHERE PARTY_ID='" . esc($party_id) . "'"; $data = db_query_to_row($query); return $data['COUNT(*)'] > 0; }
function product_assoc_get_price($unit_list_price, $feature, $party_id) { $query = "SELECT PRODUCT_ID\n\t\t\t FROM product_feature_appl\n\t\t\t WHERE PRODUCT_FEATURE_APPL_ID = '" . $unit_list_price . "'\n\t\t\t LIMIT 1"; $data = db_query_to_row($query); $run_id = $data['PRODUCT_ID'] . '-COPY'; $query = "SELECT PRODUCT_FEATURE_APPL_ID\n\t\t\t FROM product_feature_appl\n\t\t\t WHERE PRODUCT_ID = '{$run_id}' AND PRODUCT_FEATURE_ID = '{$feature}'\n\t\t\t LIMIT 1"; $data = db_query_to_row($query); $feature_price = product_feature_price_get($data['PRODUCT_FEATURE_APPL_ID'], CUSTOMER_PRICE, $party_id); if (empty($feature_price)) { $feature_price = product_feature_price_get($data['PRODUCT_FEATURE_APPL_ID'], GENERAL_PRICE, ''); } return $feature_price['PRICE']; }
<?php if (!($order_id = $_SESSION['order_id']) || !isset($_POST['field']) || !isset($_POST['value']) || !$_POST['value'] || !isset($_POST['id'])) { die('no order'); } $id = abs((int) $_POST['id']); if ($id) { $result = db_query_to_row("SELECT 1 FROM additional_orders_items WHERE id = {$id} AND order_id = {$order_id}"); if (!empty($result)) { $field = $_POST['field']; if (in_array($field, ['width', 'height', 'amount'])) { $value = abs((int) $_POST['value']); } elseif (in_array($field, ['hanging', 'material'])) { if ($field == 'hanging') { $field = 'ophaeng_id'; } else { $field = 'material_id'; } $value = abs((int) $_POST['value']); } elseif ($field == 'week') { $field = 'week_number'; $value = htmlspecialchars(trim($_POST['value'])); } if ($value) { update_in_db('additional_orders_items', [$field => $value], "id = {$id} AND order_id = {$order_id}"); } } }
function shipment_get_max_break() { $query = "SELECT MAX(THRU_QUANTITY) as max_units FROM quantity_break"; $data = db_query_to_row($query); return $data['max_units']; }
/** * Gets the megamedia person in charge of a customer * * @param string $party_id the id of the customer * @return array with in charge person data */ function person_affiliate_get($party_id) { $query = "SELECT AFFILIATE_NAME, AFFILIATE_DESCRIPTION, AFFILIATE_EMAIL\n\t\t\t FROM affiliate\n\t\t\t WHERE PARTY_ID = '" . esc($party_id) . "'\n\t\t\t LIMIT 1"; return db_query_to_row($query); }
/** * * Checks whether an order already exists * @param str $order_id - id of the order * @return boll - T/F */ function order_exists($order_id) { $query = "SELECT COUNT(*)\n\t\t\t FROM order_header\n\t\t\t WHERE ORDER_ID = '" . esc($order_id) . "'"; $data = db_query_to_row($query); return $data['COUNT(*)'] > 0; }
<?php if (!isset($_SESSION['user'])) { header('location: /'); exit; } $type = get_url_param(2); if (!($type_key = array_search($type, array(1 => 'banners', 2 => 'posters', 3 => 'rollups')))) { header('location: /test/'); } $weeks = array(); if (isset($_SESSION['order_id'])) { $order_id = $_SESSION['order_id']; $weeks = db_query_to_row('SELECT id, week_number FROM orders_weeks WHERE type = ' . $type_key . ' AND order_id = ' . $order_id); if (!empty($weeks)) { $week_number = $weeks['week_number']; } } if (isset($_POST['store']) && ($count = count($_POST['store']))) { // if not isset order in session then creating new order $order_id = isset($_SESSION['order_id']) ? $_SESSION['order_id'] : insert_to_db('orders', array('user_id' => $_SESSION['user']['id'])); $insert_array = array(); //init order data for inserting to db for ($i = 0; $i < $count; $i++) { $insert = array(); $insert['order_id'] = $order_id; $insert['type'] = $type_key; if ($var = abs((int) $_POST['store'][$i])) { $insert['store_id'] = $var; } if ($var = abs((int) $_POST['width'][$i])) {
/** * * Gets user login information by party id * @param str $party_id - party id of the user * @return array - data about the user login */ function users_get_login($party_id) { $query = "SELECT USER_LOGIN_ID, CURRENT_PASSWORD FROM user_login WHERE party_id='" . esc($party_id) . "'"; $data = db_query_to_row($query); return $data; }
<?php $url = explode('/', $_GET['url']); if (!isset($url[2]) || !($id = abs((int) $url[2]))) { die('bad link'); } $store = db_query_to_row("SELECT * FROM `stores` WHERE id = {$id}"); if (!$store) { die('store not found'); } import('store'); if (isset($_POST['shop_name'])) { $update = array(); if (!store_validate($update)) { $error_msg = 'All fields must be filled'; } else { $hanging_methods = $update['hanging_methods']; unset($update['hanging_methods']); if (update_in_db('stores', $update, '`id`=' . $id)) { delete_from_db('stores_hanging_methods', '`store_id`=' . $id); $store_hanging_methods = array(); foreach ($hanging_methods as $value) { $store_hanging_methods[] = array('store_id' => $id, 'hanging_method_id' => $value); } insert_multi_to_db('stores_hanging_methods', $store_hanging_methods); $_SESSION['edit_store_msg'] = 'Store Successfully Updated'; header('location: /store/edit/' . $id); die; } } }
/** * * Gets the current role of a party * @param str $party_id - id of the party * @return arr - current party role */ function roles_get_party_role($party_id) { $query = "SELECT pr.PARTY_ID, rt.ROLE_TYPE_ID, rt.DESCRIPTION\n\t\t\t FROM `party_role` pr JOIN role_type rt\n\t\t\t ON pr.ROLE_TYPE_ID = rt.ROLE_TYPE_ID\n\t\t\t WHERE pr.PARTY_ID = '" . esc($party_id) . "'"; return db_query_to_row($query); }