$opera = check_action($operation, getPOST('opera')); $act = $act == '' ? 'view' : $act; //=============================================================================== if ('express_info' == $opera) { $order_sn = getPOST('order_sn'); $response = array('error' => 1, 'msg' => ''); if ($order_sn == '') { $response['msg'] = '参数错误'; } else { $order_sn = $db->escape($order_sn); } $get_order_info = 'select `express_id`,`status`,`express_sn` from ' . $db->table('order') . ' where `order_sn`=\'' . $order_sn . '\''; $order = $db->fetchRow($get_order_info); if ($order && $order['status'] == 6) { $get_express_code = 'select `code` from ' . $db->table('express') . ' where `id`=' . $order['express_id']; $express_info = query_express($db->fetchOne($get_express_code), $order['express_sn']); $express_info = json_decode($express_info, true); assign('order_info', $express_info); $response['error'] = 0; $response['msg'] = $smarty->fetch('public/express_info.phtml'); } else { $response['msg'] = '当前没有任何信息'; } echo json_encode($response); exit; } if ('deliver' == $opera) { if (!check_purview('pur_order_edit', $_SESSION['business_purview'])) { show_system_message('权限不足', array()); exit; }
} if ('express_info' == $act) { $express_state = array(0 => '在途', 1 => '揽件', 2 => '疑难', 3 => '签收', 4 => '退签', 5 => '派件', 6 => '退回'); assign('express_state', $express_state); $order_sn = getGET('order_sn'); if ($order_sn == '') { $response['msg'] = '参数错误'; } else { $order_sn = $db->escape($order_sn); } $get_order_info = 'select * from ' . $db->table('order') . ' where `order_sn`=\'' . $order_sn . '\''; $order = $db->fetchRow($get_order_info); if ($order && $order['status'] == 6) { $get_express_info = 'select `code`,`name` from ' . $db->table('express') . ' where `id`=' . $order['express_id']; $express_info = $db->fetchRow($get_express_info); $express_flow = query_express($express_info['code'], $order['express_sn']); $express_flow = json_decode($express_flow, true); assign('express_flow', $express_flow); assign('express_info', $express_info); } assign('order', $order); $get_order_detail = 'select p.`img` from ' . $db->table('order_detail') . ' as od join ' . $db->table('product') . ' as p using(`product_sn`) where od.`order_sn`=\'' . $order_sn . '\''; assign('product_img', $db->fetchOne($get_order_detail)); $template = 'track.phtml'; } if ($act == 'list') { $status = intval(getGET('status')); $status = $status < 0 || $status > 12 ? 0 : $status; $where = ''; if ($status > 0 && $status < 8) { $where .= ' and o.`status`=' . $status;
} if ('express_info' == $act) { $express_state = array(0 => '在途', 1 => '揽件', 2 => '疑难', 3 => '签收', 4 => '退签', 5 => '派件', 6 => '退回'); assign('express_state', $express_state); $order_sn = getGET('order_sn'); if ($order_sn == '') { $response['msg'] = '参数错误'; } else { $order_sn = $db->escape($order_sn); } $get_order_info = 'select * from ' . $db->table('order') . ' where `order_sn`=\'' . $order_sn . '\''; $order = $db->fetchRow($get_order_info); if ($order && $order['status'] == 6) { $get_express_info = 'select `code`,`name` from ' . $db->table('express') . ' where `code`=' . $order['delivery_code']; $express_info = $db->fetchRow($get_express_info); $express_flow = query_express($order['delivery_code'], $order['delivery_sn']); $express_flow = json_decode($express_flow, true); assign('express_flow', $express_flow); assign('express_info', $express_info); } assign('order', $order); $get_order_detail = 'select p.`img` from ' . $db->table('order_detail') . ' as od join ' . $db->table('product') . ' as p using(`product_sn`) where od.`order_sn`=\'' . $order_sn . '\''; assign('product_img', $db->fetchOne($get_order_detail)); $template = 'track.phtml'; } if ('detail' == $act) { $order_sn = getGET('sn'); if ($order_sn == '') { redirect('order.php'); } $order_sn = $db->escape($order_sn);