<?php
valid_auth('producer_admin');
// Show search box on product shopping pages
$show_search = true;
// Need to be able to look at all producers and all products
$where_unlisted_producer = '';
$where_zero_inventory = '';
$where_auth_type = '';
$where_producer_pending = '';
// Look for cases of products needing confirmation
// SEE the "RIGHT JOIN" in query for "confirmed" portion of the query
$where_confirmed = '';
$order_by = '
' . TABLE_CATEGORY . '.sort_order ASC,
' . TABLE_SUBCATEGORY . '.subcategory_name ASC,
' . TABLE_PRODUCER . '.business_name ASC,
' . NEW_TABLE_PRODUCTS . '.product_name ASC,
' . NEW_TABLE_PRODUCTS . '.unit_price ASC';
// Assign page tab and title information
$page_title_html = '<span class="title">Products</span>';
$page_subtitle_html = '<span class="subtitle">Full List by Category</span>';
$page_title = 'Products: Full List by Category';
$page_tab = 'shopping_panel';
// Assign template file
if ($_GET['output'] == 'csv') {
$per_page = 1000000;
$template_type = 'producer_list_csv';
} elseif ($_GET['output'] == 'pdf') {
$per_page = 1000000;
$template_type = 'producer_list_pdf';
<?php
include_once 'config_openfood.php';
session_start();
valid_auth('route_admin');
if (isset($_GET['delivery_id'])) {
$delivery_id = $_GET['delivery_id'];
} else {
$delivery_id = ActiveCycle::delivery_id();
}
$query = '
SELECT
' . TABLE_ROUTE . '.route_id,
' . TABLE_ROUTE . '.route_name,
' . TABLE_ORDER_CYCLES . '.delivery_date,
' . NEW_TABLE_SITES . '.site_id,
' . NEW_TABLE_SITES . '.site_short,
' . NEW_TABLE_SITES . '.site_long,
' . NEW_TABLE_SITES . '.route_id,
' . NEW_TABLE_SITES . '.inactive,
' . TABLE_HUBS . '.hub_short,
tangible_count.num_orders
FROM
(' . NEW_TABLE_SITES . ',
' . TABLE_ORDER_CYCLES . ')
LEFT JOIN ' . TABLE_ROUTE . ' USING(route_id)
LEFT JOIN ' . TABLE_HUBS . ' ON (' . TABLE_ROUTE . '.hub_id = ' . TABLE_HUBS . '.hub_id)
LEFT JOIN (
SELECT
site_id,
COUNT(DISTINCT(basket_id)) AS num_orders
<?php
include_once 'config_openfood.php';
session_start();
valid_auth('route_admin,member_admin,cashier,site_admin');
// EXPLANATION/PURPOSE OF THIS FILE
// This is the basic entry-page for making payments to producers
include 'func.delivery_selector.php';
// Set up the default delivery cycle
$delivery_id = ActiveCycle::delivery_id();
// ... but if a targeted delivery is requested then use that.
if (isset($_GET['delivery_id'])) {
$delivery_id = $_GET['delivery_id'];
}
// Set the sort order
if (isset($_GET['order'])) {
switch ($_GET['order']) {
case 'producer_id':
$order_by = 'producer_id';
break;
case 'payee':
$order_by = 'payee';
break;
default:
$order_by = 'business_name';
break;
}
} else {
$order_by = 'business_name';
}
// This next line allow us to include the ajax routine and call it as a function
<?php
include_once 'config_openfood.php';
session_start();
valid_auth('producer_admin,producer');
?>
<html>
<head>
<title>Editing Product Information</title>
<style>
h3 {
margin-top:1.4em;
color:#262;
}
h4 {
display:inline;
margin-right:0.5em;
color:#642;
}
strong {
color:#800;
}
</style>
</head>
<body bgcolor="#FFFFFF">
<font face="arial" size="-1">
<!-- CONTENT BEGINS HERE -->
<h2>Admin Controls</h2>
<?php
include_once 'config_openfood.php';
session_start();
valid_auth('site_admin,producer_admin');
function prdcr_contact_info($start, $half)
{
global $connection;
$sqlp = '
SELECT
' . TABLE_PRODUCER . '.producer_id,
' . TABLE_PRODUCER . '.member_id,
' . TABLE_PRODUCER . '.business_name,
' . TABLE_MEMBER . '.first_name,
' . TABLE_MEMBER . '.first_name,
' . TABLE_MEMBER . '.last_name,
' . TABLE_MEMBER . '.address_line1,
' . TABLE_MEMBER . '.address_line2,
' . TABLE_MEMBER . '.city,
' . TABLE_MEMBER . '.state,
' . TABLE_MEMBER . '.zip,
' . TABLE_MEMBER . '.email_address,
' . TABLE_MEMBER . '.email_address_2,
' . TABLE_MEMBER . '.home_phone,
' . TABLE_MEMBER . '.work_phone,
' . TABLE_MEMBER . '.mobile_phone,
' . TABLE_MEMBER . '.fax,
' . TABLE_MEMBER . '.toll_free,
' . TABLE_MEMBER . '.home_page,
' . TABLE_MEMBER . '.membership_date,
' . TABLE_PRODUCER . '.unlisted_producer
<?php
include_once 'config_openfood.php';
session_start();
valid_auth('route_admin,producer,producer_admin');
$type = $_GET['type'];
$delivery_id = $_GET['delivery_id'];
$checkbox = '<img src="' . DIR_GRAPHICS . 'checkbox.gif" style="height:1em;vertical-align:text-top;">';
// Check how to restrict the results...
if (isset($_GET['producer_id'])) {
// Producers and Route Admins get the specified list, if requested.
$and_producer_id = '
AND ' . NEW_TABLE_PRODUCTS . '.producer_id = "' . mysql_real_escape_string($_GET['producer_id']) . '"';
// Use only ONE checkbox on these listings
$checkbox = ' <img src="' . DIR_GRAPHICS . 'checkbox.gif" style="height:1em;vertical-align:text-top;"> ';
} elseif (CurrentMember::auth_type('route_admin')) {
$and_producer_id = '';
} else {
$and_producer_id = '
AND ' . NEW_TABLE_PRODUCTS . '.producer_id = ""';
}
if ($type == 'pickup') {
$output .= '
<h1>Producer Pick-up List</h1>
<pre>';
$query = '
SELECT
' . TABLE_PRODUCT_STORAGE_TYPES . '.storage_code,
' . NEW_TABLE_BASKET_ITEMS . '.product_id,
' . NEW_TABLE_PRODUCTS . '.product_name,
' . NEW_TABLE_SITES . '.*,
<?php
include_once 'config_openfood.php';
session_start();
valid_auth('route_admin,producer_admin,site_admin,cashier');
$i = 0;
$query = '
SELECT
' . TABLE_PRODUCER . '.producer_id,
' . TABLE_PRODUCER . '.business_name,
' . TABLE_MEMBER . '.first_name,
' . TABLE_MEMBER . '.last_name,
' . TABLE_MEMBER . '.preferred_name,
' . TABLE_MEMBER . '.address_line1,
' . TABLE_MEMBER . '.city,
' . TABLE_MEMBER . '.state,
' . TABLE_MEMBER . '.zip,
' . TABLE_MEMBER . '.county,
' . TABLE_MEMBER . '.home_phone,
' . TABLE_MEMBER . '.work_phone,
' . TABLE_MEMBER . '.mobile_phone,
' . TABLE_MEMBER . '.email_address
FROM
' . NEW_TABLE_BASKET_ITEMS . '
LEFT JOIN
' . NEW_TABLE_BASKETS . ' USING(basket_id)
LEFT JOIN
' . NEW_TABLE_PRODUCTS . ' USING(product_id,product_version)
LEFT JOIN
' . TABLE_PRODUCER . ' USING(producer_id)
LEFT JOIN
<?php
include_once 'config_openfood.php';
session_start();
valid_auth('producer_admin,site_admin');
if ($_POST['pending']) {
foreach ($_POST['pending'] as $producer_id => $value) {
$query = '
SELECT
' . TABLE_PRODUCER . '.business_name,
' . TABLE_MEMBER . '.first_name,
' . TABLE_MEMBER . '.last_name,
' . TABLE_MEMBER . '.email_address,
' . TABLE_MEMBER . '.member_id,
' . TABLE_MEMBER . '.auth_type
FROM
' . TABLE_PRODUCER . '
LEFT JOIN ' . TABLE_MEMBER . ' ON ' . TABLE_PRODUCER . '.member_id = ' . TABLE_MEMBER . '.member_id
WHERE
producer_id = "' . mysql_real_escape_string($producer_id) . '"';
$sql = mysql_query($query, $connection) or die("Couldn't execute query 4.");
$producer_info = mysql_fetch_object($sql);
if ($value == 'approve') {
$query = '
UPDATE
' . TABLE_PRODUCER . '
SET
pending="0"
WHERE
producer_id="' . mysql_real_escape_string($producer_id) . '"';
$sql = mysql_query($query);
<?php
valid_auth('member');
$view = 'adjusted';
if ($_GET['view'] == 'original') {
$view = 'original';
} elseif ($_GET['view'] == 'editable' && CurrentMember::auth_type('cashier') && $member_id != $_SESSION['member_id']) {
$view = 'editable';
}
if ($view == 'original') {
$view_original = '
AND ' . NEW_TABLE_LEDGER . '.transaction_group_id = ""
OR ( ' . NEW_TABLE_LEDGER . '.replaced_by IS NOT NULL
AND ' . NEW_TABLE_LEDGER . '.replaced_datetime <= delivery_date )';
} else {
$view_original = '';
}
// Do not paginate invoices under any circumstances (web pages)
$per_page = 1000000;
// Assign page tab and title information
$page_title_html = '<span class="title">Basket</span>';
$page_subtitle_html = '<span class="subtitle">Basket Items</span>';
$page_title = 'Basket: Basket Items';
$page_tab = 'shopping_panel';
// Set display groupings
$major_product = 'producer_id';
$major_product_prior = $major_product . '_prior';
$minor_product = 'product_id';
$minor_product_prior = $minor_product . '_prior';
$show_major_product = true;
$show_minor_product = true;
<?php
include_once 'config_openfood.php';
session_start();
valid_auth('route_admin,site_admin,member_admin');
$delivery_id = $_GET['delivery_id'];
if (!$delivery_id) {
$delivery_id = ActiveCycle::delivery_id();
}
// Initialize with column headers
$home_phone_display = '<span><strong>Home Phone</strong></span><br>';
$mobile_phone_display = '<span><strong>Mobile Phone</strong></span><br>';
$work_phone_display = '<span><strong>Work Phone</strong></span><br>';
$fancy_display = '<strong>Name <E-mail Address></strong><br>';
$plain_display = '<span><strong>E-mail Address</strong></span><br>';
$sql = '
SELECT
' . TABLE_MEMBER . '.*,
COUNT(' . NEW_TABLE_BASKET_ITEMS . '.product_id) AS prod_qty
FROM
' . TABLE_MEMBER . '
LEFT JOIN
' . NEW_TABLE_BASKETS . ' ON ' . TABLE_MEMBER . '.member_id = ' . NEW_TABLE_BASKETS . '.member_id
LEFT JOIN
' . NEW_TABLE_BASKET_ITEMS . ' ON ' . NEW_TABLE_BASKET_ITEMS . '.basket_id = ' . NEW_TABLE_BASKETS . '.basket_id
WHERE
' . NEW_TABLE_BASKETS . '.member_id = ' . TABLE_MEMBER . '.member_id
AND ' . NEW_TABLE_BASKETS . '.delivery_id = "' . mysql_real_escape_string($delivery_id) . '"
GROUP BY
' . NEW_TABLE_BASKETS . '.member_id
ORDER BY
<?php
include_once 'config_openfood.php';
session_start();
valid_auth('site_admin,member_admin');
// Disable this line to allow member access to their own information
include_once 'func.check_membership.php';
// Restrict view to member_admin and cashier except for a person's own information
if (CurrentMember::auth_type('member_admin,cashier') && isset($_GET['member_id'])) {
$member_id = $_GET['member_id'];
} else {
$member_id = $_SESSION['member_id'];
}
// Process any updates
// --- NONE ---
// Do queries and create content
$query_member_info = '
SELECT
*
FROM ' . TABLE_MEMBER . '
LEFT JOIN ' . TABLE_MEMBERSHIP_TYPES . ' USING (membership_type_id)
WHERE
member_id = "' . mysql_real_escape_string($member_id) . '"';
$result_member_info = @mysql_query($query_member_info, $connection) or die(debug_print("ERROR: 785033 ", array($query, mysql_error()), basename(__FILE__) . ' LINE ' . __LINE__));
$member_data_found = false;
if ($row_member_info = mysql_fetch_array($result_member_info)) {
$member_data_found = true;
}
$renewal_info = check_membership_renewal(get_membership_info($member_id));
$member_content = '
<div id="member_info_main">
<?php
include_once 'config_openfood.php';
session_start();
valid_auth('producer');
$producer_admin_true = 0;
if (CurrentMember::auth_type('producer_admin')) {
$producer_admin_true = 1;
}
// Check if we need to change the unlisted_producer status
if (isset($_REQUEST['list_producer']) && $_SESSION['producer_id_you'] != '' && $_REQUEST['list_producer'] != "suspend") {
if ($_REQUEST['list_producer'] == 'relist') {
$unlisted_producer = 0;
} elseif ($_REQUEST['list_producer'] == "unlist") {
$unlisted_producer = 1;
}
// Update the unlisted value but not if *suspended* (nonotlist_producer = 2)
$sqlr = '
UPDATE
' . TABLE_PRODUCER . '
SET
unlisted_producer = "' . mysql_real_escape_string($unlisted_producer) . '"
WHERE
producer_id = "' . mysql_real_escape_string($_SESSION['producer_id_you']) . '"
AND unlisted_producer != "2"';
$resultr = @mysql_query($sqlr, $connection) or die(debug_print("ERROR: 906897 ", array($sqlr, mysql_error()), basename(__FILE__) . ' LINE ' . __LINE__));
$message = "Producer # {$producer_id} has been updated.<br>";
}
if ($_GET['producer_id_you']) {
// Make sure we are authorized to "become" this producer
// Either we are the member who is the producer or we are a producer admin
<?php
valid_auth('institution,cashier,member_admin');
// Show search box on product shopping pages
$show_search = true;
$where_misc = '
AND ' . NEW_TABLE_PRODUCTS . '.listing_auth_type = "institution"';
if (isset($_SESSION['member_id'])) {
$where_auth = '
AND ' . TABLE_MEMBER . '.member_id = "' . mysql_real_escape_string($_SESSION['member_id']) . '"
AND FIND_IN_SET(listing_auth_type, auth_type) > 0';
} else {
// Cases where there is no member_id (someone who is not logged in) use just "member" auth
$where_auth = '
AND FIND_IN_SET(listing_auth_type, "member") > 0';
}
$order_by = '
' . TABLE_CATEGORY . '.sort_order ASC,
' . TABLE_SUBCATEGORY . '.subcategory_name ASC,
' . TABLE_PRODUCER . '.business_name ASC,
' . NEW_TABLE_PRODUCTS . '.product_name ASC,
' . NEW_TABLE_PRODUCTS . '.unit_price ASC';
// Assign page tab and title information
$page_title_html = '<span class="title">Products</span>';
$page_subtitle_html = '<span class="subtitle">Wholesale Products</span>';
$page_title = 'Products: Wholesale Products';
$page_tab = 'shopping_panel';
// Assign template file
if ($_GET['output'] == 'csv') {
$per_page = 1000000;
$template_type = 'customer_list_csv';
<?php
include_once 'config_openfood.php';
session_start();
valid_auth('cashier');
// How was this script called?
if (isset($_REQUEST['type'])) {
$type = $_REQUEST['type'];
}
if (isset($_REQUEST['target'])) {
$target = $_REQUEST['target'];
}
if (isset($_REQUEST['method'])) {
$method = $_REQUEST['method'];
}
if ($type == 'reserve_transaction_group_id') {
// Reserve a group adjustment value using the transaction_group_enum table (similar to an auto-increment)
$query = '
INSERT INTO
' . NEW_TABLE_ADJUSTMENT_GROUP_ENUM . '
VALUES (NULL)';
$result = mysql_query($query, $connection) or die(debug_print("ERROR: 752930 ", array($query, mysql_error()), basename(__FILE__) . ' LINE ' . __LINE__));
$inserted_row = mysql_insert_id();
// Return the row to the ajax query
echo $inserted_row;
}
if ($type == 'single') {
// Get the target transaction
$transaction_data = get_transaction($target);
// Check if this transaction replaced another
$replaced_data = get_replaced($transaction_data['transaction_id']);
<?php
include_once 'config_openfood.php';
session_start();
valid_auth('member_admin');
$delivery_id = ActiveCycle::delivery_id();
$sql = '
SELECT
' . TABLE_MEMBER . '.*,
' . TABLE_MEMBERSHIP_TYPES . '.membership_class
FROM
' . TABLE_MEMBER . '
LEFT JOIN ' . TABLE_MEMBERSHIP_TYPES . ' on ' . TABLE_MEMBER . '.membership_type_id = ' . TABLE_MEMBERSHIP_TYPES . '.membership_type_id
WHERE
' . TABLE_MEMBER . '.pending = "0"
AND ' . TABLE_MEMBER . '.membership_discontinued != "1"
ORDER BY
member_id DESC,
last_name ASC,
first_name ASC';
$rs = @mysql_query($sql, $connection) or die(debug_print("ERROR: 785033 ", array($sql, mysql_error()), basename(__FILE__) . ' LINE ' . __LINE__));
$num = mysql_numrows($rs);
while ($row = mysql_fetch_array($rs)) {
$member_id = $row['member_id'];
$first_name = $row['first_name'];
$last_name = $row['last_name'];
$first_name_2 = $row['first_name_2'];
$last_name_2 = $row['last_name_2'];
$business_name = $row['business_name'];
$address_line1 = $row['address_line1'];
$address_line2 = $row['address_line2'];
<?php
include_once 'config_openfood.php';
session_start();
valid_auth('site_admin,cashier,producer_admin,producer');
if (isset($_GET['producer_id']) && is_numeric($_GET['producer_id'])) {
// If not authorized then force to member's own member_id
if (!CurrentMember::auth_type('cashier') && !CurrentMember::auth_type('site_admin') && !CurrentMember::auth_type('producer_admin')) {
$producer_id = $_SESSION['producer_id_you'];
} else {
$producer_id = $_GET['producer_id'];
}
$query_where = '
WHERE ' . NEW_TABLE_PRODUCTS . '.producer_id = "' . mysql_real_escape_string($producer_id) . '"';
$query_business_name = '
SELECT
business_name
FROM
' . TABLE_PRODUCER . '
WHERE
producer_id = "' . mysql_real_escape_string($producer_id) . '"';
$result_business_name = @mysql_query($query_business_name, $connection) or die("Couldn't execute query.");
if ($row = mysql_fetch_array($result_business_name)) {
$business_name = $row['business_name'];
}
} else {
$producer_id = 0;
}
$content = '
<table width="80%">
<tr>
<?php
include_once 'config_openfood.php';
session_start();
valid_auth('member_admin,site_admin,cashier');
include_once 'func.get_ledger_row_markup.php';
//echo '<tr><td colspan="9" style="text-align:left;">';
////////////////////////////////////////////////////////////////////////////////////
// //
// This is the main ajax call to get ledger information for display of //
// accounting information. //
// REQUIRED arguments: action=get_ledger_info //
// account_spec=[account_type]:[account_id] //
// //
// OPTIONAL arguments: group_customer_fee_with=[product|order] //
// group_producer_fee_with=[product|order] //
// group_weight_cost_with=[product|order] //
// group_quantity_cost_with=[product|order] //
// group_extra_charge_with=[product|order] //
// group_taxes_with=[product|order] //
// include_header=[true|false] //
// delivery_id=[delivery_id] //
// //
////////////////////////////////////////////////////////////////////////////////////
// These are text_key values used in transactions.
$text_key_array = array();
$summarize_by = array();
$css_trans_array = array();
$query = '
SELECT
DISTINCT(text_key) AS text_key
<?php
include_once 'config_openfood.php';
session_start();
valid_auth('site_admin,cashier,member');
if (isset($_GET['member_id']) && is_numeric($_GET['member_id'])) {
// If not authorized then force to member's own member_id
if (!CurrentMember::auth_type('cashier') && !CurrentMember::auth_type('site_admin')) {
$member_id = $_SESSION['member_id'];
} else {
$member_id = $_GET['member_id'];
}
$query_where = '
WHERE ' . NEW_TABLE_BASKETS . '.member_id = "' . mysql_real_escape_string($member_id) . '"';
$query_member_name = '
SELECT
preferred_name
FROM
' . TABLE_MEMBER . '
WHERE
member_id = "' . mysql_real_escape_string($member_id) . '"';
$result_member_name = @mysql_query($query_member_name, $connection) or die("Couldn't execute query.");
if ($row = mysql_fetch_array($result_member_name)) {
$preferred_name = $row['preferred_name'];
}
} else {
$member_id = 0;
}
$content = '
<table width="80%">
<tr>
$post_changes_to_database = true;
$status_message .= '
Saving changes to the Database. By the time you see this message, the database should already
be updated. However, it would be a good idea to <a href="' . $_SERVER['SCRIPT_NAME'] . '">reload
this page</a> just to be sure. Names for changed values are shown in <span class="changed">
this</span> color.';
}
// If we need the old configuration values, then include old configuration instead of new one
if ($preload_from_old_config) {
@(include_once 'config_openfood.php');
$database_config['db_prefix'] = DB_PREFIX;
$database_config['openfood_config'] = 'openfood_config';
}
include_once 'config_openfood.php';
session_start();
valid_auth('site_admin');
// Set the query for updating the database
function set_update_query($update_queries, $name, $value)
{
global $database_config;
// Create an array of update queries, to be run later
$query = '
UPDATE ' . $database_config['db_prefix'] . $database_config['openfood_config'] . '
SET value = "' . mysql_real_escape_string($value) . '"
WHERE name = "' . mysql_real_escape_string($name) . '"';
array_push($update_queries, $query);
return $update_queries;
}
// Begin content generation
$content = '
<p class="status_message">Make changes and press "' . $save_button_text . '" at the bottom
<?php
include_once 'config_openfood.php';
session_start();
valid_auth('cashier,site_admin');
// Use any valid delivery_id that was passed or else use current value
if (round($_GET['delivery_id']) && $_GET['delivery_id'] <= ActiveCycle::delivery_id() && $_GET['delivery_id'] > 0) {
$delivery_id = $_GET['delivery_id'];
} else {
$delivery_id = ActiveCycle::delivery_id();
}
// Get the target delivery date
$query = '
SELECT
delivery_date
FROM
' . TABLE_ORDER_CYCLES . '
WHERE
delivery_id = "' . mysql_real_escape_string($delivery_id) . '"';
$result = @mysql_query($query, $connection) or die(debug_print("ERROR: 893032 ", array($query, mysql_error()), basename(__FILE__) . ' LINE ' . __LINE__));
if ($row = mysql_fetch_array($result)) {
$delivery_date = date("F j, Y", strtotime($row['delivery_date']));
}
$page_specific_javascript = '
<script type="text/javascript" src="' . PATH . 'ajax/jquery.js"></script>
<script type="text/javascript">
var c_arrElements;
var p_arrElements;
var i;
