public function getOneDetail($po_id)
{
$sql = "\n\t\t\t\t\tSELECT\n\t\t\tps.thirtydays,\n\t\t\tps.fifteendays,\n\t\t\tps.sevendays,\n\t\t\tpd.id,\n\t\t\tps.sku,\n\t\t\tsku_id,\n\t\t\tcount,\n\t\t\tprice,\n\t\t\tstockqty,\n\t\t\twaiting_send,\n\t\t\tbooknums,\n\t\t\tinterceptnums,\n\t\t\tstock_qty,\n\t\t\taduit_num\n\t\tFROM\n\t\t\t" . C('DB_PREFIX') . "order_detail AS pd\n\t\tLEFT JOIN `" . C('DB_PREFIX') . "goods` AS pg ON pd.sku_id = pg.id\n\t\tLEFT JOIN `" . C('DB_PREFIX') . "sku_info_tmp` AS ps ON pg.sku = ps.sku\n\t\tWHERE\n\t\t\tps.is_delete = '0'\n\t\tAND pd.is_delete = '0'\n\t\tAND po_id = " . $po_id;
$ret = queryResult($sql);
if ($ret) {
return $ret;
}
return false;
}
function getLatestUpdate()
{
$query = "SELECT `update` FROM updated ORDER BY `update` DESC LIMIT 1";
$result = queryResult($query);
$updateDate = null;
if (mysql_num_rows($result) > 0)
{
while($row = mysql_fetch_row($result))
{
$updated[] = $row;
}
}
$date = strtotime($updated[0][0]);
$updateDate = date('m-d-Y', $date);
return $updateDate;
}
switch ($path_info['call_parts'][0]) {
case 'search':
//test to see if the search string has more than 1 character
if (strlen($term) > 0) {
$term = str_replace("_", "/", $term);
// if someone searches 'all fields' run the query for all possible searches
// otherwise, just run the query on the specified field
if ($field == "all_fields") {
$query12 = "SELECT field_url FROM field";
$query12result = mysqli_query($link, $query12);
while ($row = mysqli_fetch_array($query12result)) {
$searchfield = $row['field_url'];
queryResult($searchfield, $index, $term, $address, $exact, 0, $num_result_per_page);
}
} else {
queryResult($field, $index, $term, $address, $exact, 0, $num_result_per_page);
}
}
break;
case 'entity':
# show information about a specific entity
// first test that we have an entity number and proceed if yes
if ($id > 0) {
# 1) determine what view to query using the entity number
$query6 = "SELECT * FROM entity WHERE entity_code = {$entity}";
$query6result = mysqli_query($link, $query6);
$row = mysqli_fetch_object($query6result);
$count = mysqli_num_rows($query6result);
if (isset($row) && $row != null) {
$column = $row->entity_column;
$view = $row->entity_view;
<?php
if ($_POST) {
include_once 'config.inc.php';
include_once 'libs.php';
$login = mysqli_real_escape_string($link, $_POST['login']);
$pass = mysqli_real_escape_string($link, $_POST['password']);
$pass = md5($pass . SALT);
$res = queryResult($login, $pass, $link);
if (!$res) {
echo "<h2>Incorrect login or password</h2>";
} else {
loggedIn();
}
}
?>
<link rel="stylesheet" href="style.css">
<form action="<?php
echo htmlspecialchars($_SERVER["PHP_SELF"]);
?>
" method="post">
Login:<br>
<input type="text" name="login"><br>
Password:<br>
<input type="password" name="password"><br><br>
<input type="submit" value="Log in"><span> or <a href="register.php">Register</a></span>
</form>
<?php
if ($_POST) {
include_once 'config.inc.php';
include_once 'libs.php';
$res = queryResult($_POST['login'], null, $link);
if ($res) {
echo "<h2>Such user already exists</h2>";
} else {
if (isset($_POST['role']) && $_POST['role'] == 'admin') {
$login = mysqli_real_escape_string($link, $_POST['login']);
$pass = mysqli_real_escape_string($link, $_POST['password']);
$pass = md5($pass . SALT);
$sql = "INSERT INTO users SET\n login = '******',\n password = '******',\n role = 1";
$res = mysqli_query($link, $sql);
loggedIn();
} else {
$login = mysqli_real_escape_string($link, $_POST['login']);
$pass = mysqli_real_escape_string($link, $_POST['password']);
$pass = md5($pass);
$sql = "INSERT INTO users SET\n login = '******',\n password = '******'";
$res = mysqli_query($link, $sql);
loggedIn();
}
}
}
?>
<link rel="stylesheet" href="style.css">
<form action="<?php
echo htmlspecialchars($_SERVER["PHP_SELF"]);
?>
<?php
include('settings.php');
include('simplehtmldom/simple_html_dom.php');
if (strrpos($_SERVER['HTTP_USER_AGENT'], "acebookexternalhit")){
echo "<html><head>";
if (isset($_GET['inspect'])) {
$query = "SELECT restaurant_id, location
FROM restaurant WHERE restaurant_id = ".intval($_GET['inspect'])." AND active = 1";
$result = queryResult($query);
$locations = array();
if (mysql_num_rows($result) > 0){
$row = mysql_fetch_assoc($result);
$string = "Check out the latest Food Inspection information for {$row["location"]}";
} else {
$string = "eatsure - London Food Inspection Scores";
}
} else {
$string = "eatsure - London Food Inspection Scores";
}
echo "<title>$string<title>";
echo "<meta name='description' content='$string' />";
echo "</head><body>";
echo "<img src='/images/fbimage.png' />";
echo "<h1>eatsure - London Food Inspection Scores</h1>";
echo "<p>$string</p>";
echo "</body></html>";
exit(0);
} else {
if(isset($_GET['inspect'])) {
function getSkuNameBySku($sku)
{
$sql = "SELECT goodsName FROM " . C('DB_PREFIX') . "goods WHERE sku=" . $sku;
$ret = queryResult($sql);
if ($ret) {
return $ret[0]["goodsName"];
} else {
return false;
}
}
function updateGeocode()
{
$query = "SELECT restaurant_id, location, address, city, latitude, longitude FROM restaurant WHERE active = 1
AND ((latitude IS NULL OR latitude = 0) OR (longitude IS NULL OR longitude = 0))";
$result = queryResult($query);
if (mysql_num_rows($result) > 0)
{
// Initialize delay in geocode speed
$delay = 0;
$base_url = "http://maps.google.com/maps/geo?output=xml"; //. "&key=" . KEY;
// Iterate through the rows, geocoding each address
while ($row = @mysql_fetch_assoc($result)) {
$geocode_pending = true;
while ($geocode_pending) {
$address = $row["address"] . ', ' . $row["city"] . ', ON';
$id = $row["restaurant_id"];
$request_url = $base_url . "&q=" . urlencode($address);
$xml = simplexml_load_file($request_url) or die("url not loading");
$status = $xml->Response->Status->code;
if (strcmp($status, "200") == 0) {
// Successful geocode
$geocode_pending = false;
$coordinates = $xml->Response->Placemark->Point->coordinates;
$coordinatesSplit = split(",", $coordinates);
// Format: Longitude, Latitude, Altitude
$lat = $coordinatesSplit[1];
$lng = $coordinatesSplit[0];
$query = sprintf("UPDATE restaurant " .
" SET latitude = '%s', longitude = '%s' " .
" WHERE restaurant_id = '%s' LIMIT 1;",
mysql_real_escape_string($lat),
mysql_real_escape_string($lng),
mysql_real_escape_string($id));
$update_result = mysql_query($query);
if (!$update_result) {
die("Invalid query: " . mysql_error());
}
} else if (strcmp($status, "620") == 0) {
// sent geocodes too fast
$delay += 100000;
} else {
// failure to geocode
$geocode_pending = false;
echo "Address " . $address . " failed to geocoded. ";
echo "Received status " . $status . "
\n";
}
usleep($delay);
}
}
}
}
function GetLocationsByInspectionResult($inspResult, $latitude = 0.000, $longitude = 0.000, $radius = 0.000)
{
// Open the JSON string
$json = "{\"locations\":[";
$query = "";
if ($inspResult == "closed")
{
$query = "SELECT r.restaurant_id, r.location as title, r.address, r.city,
UNIX_TIMESTAMP(r.inspected) as inspected, r.closed,
(r.critical + r.noncritical) as infraction,
r.latitude, r.longitude, r.updated,
CASE UNIX_TIMESTAMP(r.inspected) WHEN 0 THEN 0 ELSE COUNT(a.restaurant_id) END as inspections
FROM
(
SELECT res.restaurant_id, i.inspected
FROM restaurant res
LEFT JOIN inspection i on res.restaurant_id = i.restaurant_id
WHERE res.closed > 0 AND res.inspected != '0000-00-00'
GROUP BY res.restaurant_id, i.inspected
) AS a
RIGHT JOIN restaurant r on a.restaurant_id = r.restaurant_id
WHERE r.active = 1";
}
else
{
$query = "SELECT r.restaurant_id, r.location as title, r.address, r.city,
UNIX_TIMESTAMP(r.inspected) As inspected, r.closed,
(r.critical + r.noncritical) as infraction,
r.latitude, r.longitude, r.updated, -1 as inspections
FROM restaurant AS r
WHERE r.active = 1";
}
if($inspResult == "passed")
{
$query .= " AND r.noncritical = 0 AND r.critical = 0";
$query .= " AND r.inspected != '0000-00-00'";
}
else if($inspResult == "infraction")
{
$query .= " AND r.noncritical > 0 OR r.critical > 0";
$query .= " AND r.inspected != '0000-00-00'";
}
else if($inspResult == "closed")
{
$query .= " AND r.closed > 0";
$query .= " AND r.inspected != '0000-00-00'";
}
else if($inspResult == "notinspected")
{
$query .= " AND r.inspected = '0000-00-00'";
}
else if($inspResult == "allinspected")
{
$query .= " AND r.inspected != '0000-00-00'";
}
if($latitude != 0 && $longitude != 0 && $radius != 0)
{
// The radius of the earth is 6371Km and 3959miles
$query .= " AND (6371 * acos(cos(radians(".$latitude.")) * cos(radians(latitude)) * cos(radians(longitude) - radians(".$longitude.")) + sin(radians(".$latitude.")) * sin(radians(latitude)))) < ".$radius;
}
$query .= " ORDER BY r.inspected DESC";
$result = queryResult($query);
if (mysql_num_rows($result) > 0)
{
while($row = mysql_fetch_assoc($result))
{
$json .= LocationRecordToJson($row, $inspResult);
$json .= ",";
}
$json = substr($json, 0, strlen($json)-1); // remove the trailing comma
}
// Close the JSON string
$json .= "]}";
return $json;
}
switch ($path_info['call_parts'][0]) {
case 'search':
//test to see if the search string has more than 1 character
if (strlen($term) > 0) {
$term = str_replace("_", "/", $term);
// if someone searches 'all fields' run the query for all possible searches
// otherwise, just run the query on the specified field
if ($field == "all_fields") {
$query12 = "SELECT field_url FROM field";
$query12result = pg_query($query12);
while ($row = pg_fetch_array($query12result)) {
$searchfield = $row[field_url];
queryResult($searchfield, $index, $term, $address, $exact);
}
} else {
queryResult($field, $index, $term, $address, $exact);
}
}
break;
case 'entity':
# show information about a specific entity
// first test that we have an entity number and proceed if yes
if ($id > 0) {
# 1) determine what view to query using the entity number
$query6 = "SELECT * FROM entity WHERE entity_code = {$entity}";
$query6result = pg_query($query6);
$row = pg_fetch_object($query6result);
$column = $row->entity_column;
$view = $row->entity_view;
# 2) formulate and return the basic search string
$query8 = "SELECT * FROM {$view} WHERE {$column} = {$id}";
