<?php include '../scat.php'; include '../lib/person.php'; $person_id = (int) $_REQUEST['person']; $person = person_load($db, $person_id); if (!$person) { die_jsonp('No such person.'); } echo jsonp(array('person' => $person));
<?php include '../scat.php'; include '../lib/txn.php'; $id = (int) $_REQUEST['txn']; if (!$id) { die_jsonp("no transaction specified."); } if (!txn_apply_discounts($db, $id)) { die_jsonp("Unable to apply discounts."); } $txn = txn_load_full($db, $id); echo jsonp($txn);
<?php include '../scat.php'; include '../lib/txn.php'; $txn_id = (int) $_REQUEST['txn']; $txn = txn_load($db, $txn_id); if (!$txn['paid']) { die_jsonp("Can't return an order that hasn't been paid for!"); } $q = "SELECT 1 + MAX(number) AS number FROM txn WHERE type = 'customer'"; $r = $db->query($q); if (!$r) { die_query($db, $q); } $row = $r->fetch_assoc(); $q = "INSERT INTO txn\n SET created= NOW(),\n type = 'customer',\n number = {$row['number']},\n returned_from = {$txn_id},\n tax_rate = " . DEFAULT_TAX_RATE; $r = $db->query($q); if (!$r) { die_query($db, $q); } $new_txn_id = $db->insert_id; $q = "INSERT INTO txn_line (txn, item, ordered, allocated, override_name,\n retail_price, discount_type, discount, taxfree)\n SELECT {$new_txn_id} AS txn,\n item,\n -ordered AS ordered,\n -allocated AS allocated,\n override_name,\n retail_price, discount_type, discount,\n taxfree\n FROM txn_line WHERE txn = {$txn_id}"; $r = $db->query($q); if (!$r) { die_query($db, $q); } echo jsonp(array('txn' => txn_load($db, $new_txn_id), 'items' => txn_load_items($db, $new_txn_id), 'payments' => array(), 'notes' => array()));
$price = 'item.retail_price'; $discount_manual = 0; } else { die_jsonp("Did not understand price."); } $q = "UPDATE txn_line, item\n SET txn_line.retail_price = {$price},\n txn_line.discount_type = {$discount_type},\n txn_line.discount = {$discount},\n txn_line.discount_manual = {$discount_manual}\n WHERE txn = {$txn_id} AND txn_line.id = {$id} AND txn_line.item = item.id"; $r = $db->query($q) or die_query($db, $q); } if (!empty($_REQUEST['quantity'])) { /* special case: #/# lets us split line with two quantities */ if (preg_match('!^(\\d+)/(\\d+)$!', $_REQUEST['quantity'], $m)) { $quantity = (int) $m[2] * ($txn['type'] == 'customer' ? -1 : 1); $q = "INSERT INTO txn_line (txn, item, ordered, override_name,\n retail_price, discount_type, discount,\n discount_manual, taxfree)\n SELECT txn, item, {$quantity}, override_name,\n retail_price, discount_type, discount, discount_manual, taxfree\n FROM txn_line WHERE txn = {$txn_id} AND txn_line.id = {$id}"; $r = $db->query($q) or die_query($db, $q); $quantity = (int) $m[1]; } else { $quantity = (int) $_REQUEST['quantity']; } $q = "UPDATE txn_line\n SET ordered = -1 * {$quantity}\n WHERE txn = {$txn_id} AND txn_line.id = {$id}"; $r = $db->query($q) or die_query($db, $q); } if (isset($_REQUEST['name'])) { $name = $db->real_escape_string($_REQUEST['name']); $q = "UPDATE txn_line\n SET override_name = IF('{$name}' = '', NULL, '{$name}')\n WHERE txn = {$txn_id} AND txn_line.id = {$id}"; $r = $db->query($q) or die_query($db, $q); } txn_apply_discounts($db, $txn_id) or die_jsonp("Failed to apply discounts."); $db->commit() or die_query($db, "COMMIT"); $items = txn_load_items($db, $txn_id); $txn = txn_load($db, $txn_id); echo jsonp(array('txn' => $txn, 'items' => $items));
<?php include '../scat.php'; include '../lib/item.php'; $item_id = (int) $_REQUEST['item']; $item = item_load($db, $item_id); if (!$item) { die_jsonp('No such item.'); } if (!$_REQUEST['code']) { die_jsonp('No barcode.'); } $quantity = (int) $_REQUEST['quantity']; if (!$quantity) { $quantity = 1; } $code = $db->escape($_REQUEST['code']); $q = "INSERT INTO barcode\n SET item = {$item_id}, code = '{$code}', quantity = {$quantity}\n ON DUPLICATE KEY\n UPDATE quantity = VALUES(quantity)"; $db->query($q) or die_query($db, $q); $item = item_load($db, $item_id); echo jsonp(array('item' => $item));
<?php include '../scat.php'; include '../lib/eps-express.php'; $person = (int) $_REQUEST['person']; $payment_account_id = $_REQUEST['payment_account_id']; if (!$person) { die_jsonp("Person was not specified."); } $ReturnURL = ($_SERVER['HTTPS'] ? "https://" : "http://") . $_SERVER['HTTP_HOST'] . dirname($_SERVER['REQUEST_URI']) . '/cc-attach-finish.php'; $eps = new EPS_Express(); if ($payment_account_id) { $response = $eps->PaymentAccountUpdateHosted($person, $payment_account_id, $ReturnURL); } else { $response = $eps->PaymentAccountCreateHosted($person, $ReturnURL); } $payment = $db->escape($response->Transaction->TransactionSetupID); $valid = $db->escape($response->TransactionSetup->ValidationCode); $q = "INSERT INTO hostedpayment_txn\n SET txn = {$person},\n hostedpayment = '{$payment}',\n validationcode = '{$valid}',\n created = NOW()"; $db->query($q) or die_query($db, $q); $url = "https://certtransaction.hostedpayments.com/?TransactionSetupID=" . $response->Transaction->TransactionSetupID; echo jsonp(array('url' => $url, 'response' => $response));
<?php include '../scat.php'; include '../lib/txn.php'; include '../lib/eps-express.php'; $id = (int) $_REQUEST['id']; $amount = $_REQUEST['amount']; $partial = (int) $_REQUEST['partial']; if (!$id || !$amount) { die_jsonp("Either transaction or amount was not specified."); } $txn = new Transaction($db, $id); if (!$txn->canPay('credit', $amount)) { die_jsonp("Amount is too much."); } $ReturnURL = ($_SERVER['HTTPS'] ? "https://" : "http://") . $_SERVER['HTTP_HOST'] . dirname($_SERVER['REQUEST_URI']) . '/cc-paid.php'; $eps = new EPS_Express(); $response = $eps->CreditCardSaleHosted($id, $amount, $partial, $ReturnURL); $xml = new SimpleXMLElement($response); $payment = $db->escape($xml->Response->Transaction->TransactionSetupID); $valid = $db->escape($xml->Response->TransactionSetup->ValidationCode); $q = "INSERT INTO hostedpayment_txn\n SET txn = {$id},\n hostedpayment = '{$payment}',\n validationcode = '{$valid}',\n created = NOW()"; $db->query($q) or die_query($db, $q); $url = "https://certtransaction.hostedpayments.com/?TransactionSetupID=" . $xml->Response->Transaction->TransactionSetupID; $dom = dom_import_simplexml($xml); $dom->ownerDocument->preserveWhiteSpace = false; $dom->ownerDocument->formatOutput = true; echo jsonp(array('url' => $url, 'xml' => $dom->ownerDocument->saveXML()));
include '../scat.php'; include '../lib/txn.php'; include '../lib/pole.php'; $id = (int) $_REQUEST['txn']; if (!$id) { die_jsonp("no transaction specified."); } $txn = txn_load($db, $id); if ($txn['paid']) { die_jsonp("This order is already paid!"); } $line = (int) $_REQUEST['line']; if ($line) { $q = "UPDATE txn_line SET allocated = ordered WHERE txn = {$id} AND id = {$line}"; $r = $db->query($q) or die_jsonp($db->error); $lines = $db->affected_rows; } else { $q = "UPDATE txn_line SET allocated = ordered WHERE txn = {$id}"; $r = $db->query($q) or die_jsonp($db->error); $lines = $db->affected_rows; if ($lines || !$txn['filled']) { $q = "UPDATE txn SET filled = NOW() WHERE id = {$id}"; $r = $db->query($q) or die_jsonp($db->error); } } $txn = txn_load($db, $id); if ($txn['total']) { pole_display_price('Total Due', $txn['total']); } echo jsonp(array("success" => "Allocated all lines.", "txn" => $txn, "lines" => $lines, "items" => txn_load_items($db, $id)));
<?php include '../scat.php'; $name = $_REQUEST['name']; $company = $_REQUEST['company']; if (empty($name) && empty($company)) { die_jsonp("You need to supply at least a name or company."); } if ($name) { $q = "SELECT id\n FROM person\n WHERE name = '" . $db->escape($name) . "'"; $r = $db->query($q) or die_query($db, $q); if ($r->num_rows) { die_jsonp("Someone by that name already exists."); } } $list = array(); foreach (array('name', 'company', 'address', 'email', 'phone', 'tax_id') as $field) { $list[] = "{$field} = '" . $db->real_escape_string($_REQUEST[$field]) . "', "; } $fields = join('', $list); // add payment record $q = "INSERT INTO person\n SET {$fields}\n active = 1"; $r = $db->query($q) or die_query($db, $q); echo jsonp(array('person' => $db->insert_id));
<?php include '../scat.php'; include '../lib/txn.php'; include '../lib/item.php'; $txn_id = (int) $_REQUEST['txn']; if ($txn_id) { $txn = txn_load($db, $txn_id); if ($txn['paid']) { die_jsonp("This order is already paid!"); } } foreach ($_REQUEST['items'] as $item => $qty) { $q = "INSERT INTO txn_line (txn, item, ordered, retail_price, taxfree)\n SELECT {$txn_id} AS txn, {$item} AS item, {$qty} AS ordered,\n (SELECT net_price\n FROM vendor_item\n WHERE item = {$item} AND vendor = {$txn['person']}), taxfree\n FROM item WHERE id = {$item}"; $r = $db->query($q); if (!$r) { die_query($db, $q); } } $txn = txn_load($db, $txn_id); $items = txn_load_items($db, $txn_id); echo jsonp(array('txn' => $txn, 'items' => $items));
<?php include '../scat.php'; include '../lib/txn.php'; $id = (int) $_REQUEST['id']; if (!$id) { die_jsonp("No transaction specified."); } $note = $_REQUEST['note']; if (!$note) { die_jsonp("No note given."); } $note = $db->escape($note); $q = "INSERT INTO txn_note SET entered = NOW(), txn = {$id}, content = '{$note}'"; $db->query($q) or die_query($db, $q); echo jsonp(array('txn' => txn_load($db, $id), 'notes' => txn_load_notes($db, $id)));
function die_query($db, $query) { die_jsonp(array('error' => 'Query failed.', 'explain' => $db->error, 'query' => $query)); }
$db->query($q) or die_query($db, $q); # Make sure we have all the items $q = "INSERT IGNORE INTO item (code, brand, name, retail_price, active)\n SELECT item_no AS code,\n {$new_item} AS brand,\n description AS name,\n msrp AS retail_price,\n 1 AS active\n FROM vendor_order\n WHERE msrp > 0 AND IFNULL(unit,'') != 'AS'"; $db->query($q) or die_query($db, $q); echo "Loaded ", $db->affected_rows, " items from order.<br>"; # Make sure all the items are active and update order with item ids $q = "UPDATE item, vendor_order\n SET item.active = 1,\n vendor_order.item = item.id\n WHERE item_no = code"; $db->query($q) or die_query($db, $q); echo "Activated ", $db->affected_rows, " items from order.<br>"; # Make sure we know all the barcodes $q = "INSERT IGNORE INTO barcode (item, code, quantity)\n SELECT (SELECT id FROM item WHERE item_no = code) AS item,\n REPLACE(REPLACE(barcode, 'E-', ''), 'U-', '') AS code,\n 1 AS quantity\n FROM vendor_order\n WHERE barcode != ''"; $db->query($q) or die_query($db, $q); echo "Loaded ", $db->affected_rows, " new barcodes from order.<br>"; # Link items to vendor items $q = "UPDATE vendor_item, vendor_order\n SET vendor_item.item = vendor_order.item\n WHERE vendor_item.code = vendor_order.item_no"; $db->query($q) or die_query($db, $q); echo "Linked ", $db->affected_rows, " items to vendor items.<br>"; # Add items to order $q = "INSERT INTO txn_line (txn, item, ordered, allocated, retail_price)\n SELECT {$txn_id} txn, item,\n ordered, shipped, net\n FROM vendor_order\n WHERE (shipped OR backordered) AND item IS NOT NULL"; $db->query($q) or die_query($db, $q); echo "Loaded ", $db->affected_rows, " rows into purchase order.<br>"; $db->commit() or die_jsonp($db->error); $q = "SELECT CAST((SUM(shipped) / SUM(ordered)) * 100 AS DECIMAL(9,1))\n FROM vendor_order"; $item_rate = $db->get_one($q); $q = "SELECT CAST((SUM(shipped > 0) / SUM(ordered > 0)) * 100 AS DECIMAL(9,1))\n FROM vendor_order"; $sku_rate = $db->get_one($q); echo "Fill rate by item: {$item_rate}%, by SKU: {$sku_rate}%."; $out = ob_get_contents(); ob_end_clean(); $db->query("INSERT INTO txn_note\n SET txn = {$txn_id},\n entered = NOW(),\n content = '" . $db->escape($out) . "'") or die_jsonp($db->error); echo jsonp(array("result" => $out));
<?php include '../scat.php'; include '../lib/txn.php'; $txn_id = (int) $_REQUEST['txn']; if (!$txn_id) { die_jsonp("No transaction specified."); } $txn = txn_load($db, $txn_id); $person = (int) $_REQUEST['person']; if (!$person) { die_jsonp("No person specified."); } $q = "SELECT id FROM person WHERE id = {$person}"; $r = $db->query($q) or die_query($db, $q); if (!$r->num_rows) { die_jsonp("No such person."); } $q = "UPDATE txn SET person = {$person} WHERE id = {$txn_id}"; $r = $db->query($q) or die_query($db, $q); $txn = txn_load($db, $txn_id); $person = person_load($db, $person); echo jsonp(array("success" => "Updated person.", "txn" => $txn, "person" => $person));
$discount = preg_replace('/^\\$/', '', $_REQUEST['discount']); $discount = $db->real_escape_string($discount); if (preg_match('/^(\\d*)(\\/|%)( off)?$/', $discount, $m)) { $discount = (double) $m[1]; $discount_type = "'percentage'"; } elseif (preg_match('/^(\\d*\\.?\\d*)$/', $discount, $m)) { $discount = (double) $m[1]; $discount_type = "'fixed'"; } elseif (preg_match('/^\\$?(\\d*\\.?\\d*)( off)?$/', $discount, $m)) { $discount = (double) $m[1]; $discount_type = "'relative'"; } elseif (preg_match('/^(def|\\.\\.\\.)$/', $discount)) { $discount = 'NULL'; $discount_type = 'NULL'; } else { die_jsonp("Did not understand discount."); } $q = "UPDATE item\n SET \n discount_type = {$discount_type},\n discount = {$discount} \n WHERE id = {$item_id}"; $r = $db->query($q) or die_query($db, $q); } if (isset($_REQUEST['minimum_quantity'])) { $minimum_quantity = (int) $_REQUEST['minimum_quantity']; $q = "UPDATE item\n SET minimum_quantity = {$minimum_quantity}\n WHERE id = {$item_id}"; $r = $db->query($q) or die_query($db, $q); } if (isset($_REQUEST['active'])) { $active = (int) $_REQUEST['active']; $q = "UPDATE item\n SET active = {$active}\n WHERE id = {$item_id}"; $r = $db->query($q) or die_query($db, $q); } if (isset($_REQUEST['stock'])) {
<?php require '../scat.php'; $vendor_id = (int) $_REQUEST['vendor']; if (!$vendor_id) { die_jsonp("No vendor specified."); } $fn = $_FILES['src']['tmp_name']; if (!$fn) { die_jsonp("No file uploaded"); } $file = fopen($fn, 'r'); $line = fgets($file); fclose($file); ob_start(); if (preg_match('/MACITEM.*\\.zip$/i', $_FILES['src']['name'])) { $q = "CREATE TEMPORARY TABLE macitem (\n item_no VARCHAR(32),\n sku VARCHAR(10),\n name VARCHAR(255),\n retail_price DECIMAL(9,2),\n net_price DECIMAL(9,2),\n promo_price DECIMAL(9,2),\n pending_msrp DECIMAL(9,2),\n pending_date VARCHAR(32),\n pending_net DECIMAL(9,2),\n barcode VARCHAR(32),\n purchase_quantity INT,\n category VARCHAR(64))"; $db->query($q) or die_query($db, $q); $base = basename($_FILES['src']['name'], '.zip'); $q = "LOAD DATA LOCAL INFILE 'zip://{$fn}#{$base}.txt'\n INTO TABLE macitem\n FIELDS TERMINATED BY '\t'\n IGNORE 1 LINES\n (@changed, @change_date, item_no, sku, name, @unit_of_sale,\n retail_price, net_price, @customer, @product_code_type,\n barcode, @reno, @elgin, @atl, @catalog_code,\n @purchase_unit, purchase_quantity,\n @customer_item_no, pending_msrp, pending_date, pending_net,\n promo_price, @promo_name,\n @abc_flag, @vendor, @group_code, category)"; $r = $db->query($q) or die_query($db, $q); } elseif (preg_match('/\\.zip$/i', $_FILES['src']['name'])) { /* Update pricing from Mac */ $q = "CREATE TEMPORARY TABLE macitem (\n item_no VARCHAR(32),\n sku VARCHAR(10),\n name VARCHAR(255),\n retail_price DECIMAL(9,2),\n promo_price DECIMAL(9,2),\n PRIMARY KEY (item_no))"; $db->query($q) or die_query($db, $q); $base = basename($_FILES['src']['name'], '.zip'); $q = "LOAD DATA LOCAL INFILE 'zip://{$fn}#{$base}.txt'\n INTO TABLE macitem\n FIELDS TERMINATED BY '\t'\n IGNORE 1 LINES\n (item_no, sku, name, @retail_price, @unit,\n @reno, @atlanta,\n @minimum_qty, @sale_discount_pct, @cost_factor, @promo_price)\n SET retail_price = SUBSTRING(@retail_price, 2),\n promo_price = SUBSTRING(@promo_price, 2)"; $r = $db->query($q) or die_query($db, $q); // Find by barcode $q = "UPDATE vendor_item, macitem\n SET vendor_item.promo_price = macitem.promo_price\n WHERE vendor = {$vendor_id} AND vendor_item.code = macitem.item_no\n AND macitem.promo_price"; $r = $db->query($q) or die_query($db, $q);
<?php include '../scat.php'; include '../lib/item.php'; $code = $_REQUEST['code']; $name = $_REQUEST['name']; $msrp = $_REQUEST['retail_price']; if (!$code) { die_jsonp('Must specify a code.'); } if (!$name) { die_jsonp('Must specify a name.'); } if (!$msrp) { die_jsonp('Must specify a price.'); } $code = $db->escape($code); $name = $db->escape($name); $msrp = $db->escape($msrp); $brand = $db->get_one("SELECT id FROM brand WHERE name = 'New Item'"); $q = "INSERT INTO item\n SET code = '{$code}', name = '{$name}', retail_price = '{$msrp}',\n brand = {$brand},\n taxfree = 0, minimum_quantity = 1, active = 1"; $r = $db->query($q) or die_query($db, $q); $item_id = $db->insert_id; if ($_REQUEST['barcode']) { $bar = $db->escape($_REQUEST['barcode']); $q = "INSERT INTO barcode SET code = '{$bar}', item = {$item_id}, quantity = 1"; $r = $db->query($q) or die_query($db, $q); } /* Link to vendor items */ $q = "UPDATE vendor_item\n SET vendor_item.item = {$item_id}\n WHERE vendor_item.code = '{$code}'"; $db->query($q) or die_query($db, $q);
<?php include '../scat.php'; include '../lib/txn.php'; $txn_id = (int) $_REQUEST['txn']; $id = (int) $_REQUEST['id']; $admin = (int) $_REQUEST['admin']; if (!$txn_id || !$id) { die_jsonp("No transaction or payment specified."); } $txn = new Transaction($db, $txn_id); try { $txn->removePayment($id, $admin); } catch (Exception $e) { die_jsonp($e->getMessage()); } echo jsonp(array('txn' => txn_load($db, $txn_id), 'payments' => txn_load_payments($db, $txn_id)));
<?php include '../scat.php'; include '../lib/txn.php'; $id = (int) $_REQUEST['txn']; if (!$id) { die_jsonp("No transaction specified."); } $txn = new Transaction($db, $id); if (!$txn) { die_jsonp("No such transaction.."); } if ($txn->hasPayments()) { die_jsonp("Can't delete transaction with payments."); } if ($txn->hasItems()) { die_jsonp("Can't delete transaction with items."); } $q = "DELETE FROM txn WHERE id = {$id}"; $r = $db->query($q) or die_query($db, $q); echo jsonp(array('message' => 'Transaction deleted.'));
<?php include '../scat.php'; include '../lib/txn.php'; $id = (int) $_REQUEST['id']; $type = $_REQUEST['type']; $number = (int) $_REQUEST['number']; if (!$id && $type) { $q = "SELECT id FROM txn\n WHERE type = '" . $db->real_escape_string($type) . "'\n AND number = {$number}"; $r = $db->query($q); if (!$r->num_rows) { die_jsonp("No such transaction."); } $row = $r->fetch_row(); $id = $row[0]; } if (!$id) { die_jsonp("No transaction specified."); } echo jsonp(txn_load_full($db, $id));
<?php include '../scat.php'; include '../lib/txn.php'; $details = array(); $txn_id = (int) $_REQUEST['txn']; $id = (int) $_REQUEST['id']; if (!$txn_id || !$id) { die_jsonp('No transaction or item specified'); } $txn = txn_load($db, $txn_id); if ($txn['paid']) { die_jsonp("This order is already paid!"); } $q = "DELETE FROM txn_line WHERE txn = {$txn_id} AND id = {$id}"; $r = $db->query($q); if (!$r) { die_query($db, $q); } if (!$db->affected_rows) { die_jsonp("Unable to delete line."); } // XXX error handling txn_apply_discounts($db, $txn_id); $txn = txn_load_full($db, $txn_id); $txn['removed'] = $id; echo jsonp($txn);
<?php include '../scat.php'; include '../lib/item.php'; $id = (int) $_REQUEST['id']; $code = $_REQUEST['code']; if (!$id && $code) { $code = $db->escape($code); $q = "SELECT id FROM item WHERE code = '{$code}'"; $id = $db->get_one($q); } if (!$id) { die_jsonp("No item specified."); } $item = item_load($db, $id); echo jsonp(array('item' => $item));
<?php include '../scat.php'; include '../lib/person.php'; include '../lib/eps-express.php'; $person_id = (int) $_REQUEST['person']; $person = $person_id ? person_load($db, $person_id) : false; if (!$person_id || !$person || !$person['payment_account_id']) { die_jsonp("No person specified or no card stored for person."); } $eps = new EPS_Express(); $response = $eps->PaymentAccountDelete($person['payment_account_id']); if ($response->ExpressResponseCode != 0) { die_jsonp((string) $response->ExpressResponseMessage); } // remove payment account info from person $q = "UPDATE person\n SET payment_account_id = NULL\n WHERE id = {$person_id}"; $r = $db->query($q) or die_query($db, $q); echo jsonp(array('person' => person_load($db, $person_id), 'response' => $response));