<?php valid_auth('producer_admin'); // Show search box on product shopping pages $show_search = true; // Need to be able to look at all producers and all products $where_unlisted_producer = ''; $where_zero_inventory = ''; $where_auth_type = ''; $where_producer_pending = ''; // Look for cases of products needing confirmation // SEE the "RIGHT JOIN" in query for "confirmed" portion of the query $where_confirmed = ''; $order_by = ' ' . TABLE_CATEGORY . '.sort_order ASC, ' . TABLE_SUBCATEGORY . '.subcategory_name ASC, ' . TABLE_PRODUCER . '.business_name ASC, ' . NEW_TABLE_PRODUCTS . '.product_name ASC, ' . NEW_TABLE_PRODUCTS . '.unit_price ASC'; // Assign page tab and title information $page_title_html = '<span class="title">Products</span>'; $page_subtitle_html = '<span class="subtitle">Full List by Category</span>'; $page_title = 'Products: Full List by Category'; $page_tab = 'shopping_panel'; // Assign template file if ($_GET['output'] == 'csv') { $per_page = 1000000; $template_type = 'producer_list_csv'; } elseif ($_GET['output'] == 'pdf') { $per_page = 1000000; $template_type = 'producer_list_pdf';
<?php include_once 'config_openfood.php'; session_start(); valid_auth('route_admin'); if (isset($_GET['delivery_id'])) { $delivery_id = $_GET['delivery_id']; } else { $delivery_id = ActiveCycle::delivery_id(); } $query = ' SELECT ' . TABLE_ROUTE . '.route_id, ' . TABLE_ROUTE . '.route_name, ' . TABLE_ORDER_CYCLES . '.delivery_date, ' . NEW_TABLE_SITES . '.site_id, ' . NEW_TABLE_SITES . '.site_short, ' . NEW_TABLE_SITES . '.site_long, ' . NEW_TABLE_SITES . '.route_id, ' . NEW_TABLE_SITES . '.inactive, ' . TABLE_HUBS . '.hub_short, tangible_count.num_orders FROM (' . NEW_TABLE_SITES . ', ' . TABLE_ORDER_CYCLES . ') LEFT JOIN ' . TABLE_ROUTE . ' USING(route_id) LEFT JOIN ' . TABLE_HUBS . ' ON (' . TABLE_ROUTE . '.hub_id = ' . TABLE_HUBS . '.hub_id) LEFT JOIN ( SELECT site_id, COUNT(DISTINCT(basket_id)) AS num_orders
<?php include_once 'config_openfood.php'; session_start(); valid_auth('route_admin,member_admin,cashier,site_admin'); // EXPLANATION/PURPOSE OF THIS FILE // This is the basic entry-page for making payments to producers include 'func.delivery_selector.php'; // Set up the default delivery cycle $delivery_id = ActiveCycle::delivery_id(); // ... but if a targeted delivery is requested then use that. if (isset($_GET['delivery_id'])) { $delivery_id = $_GET['delivery_id']; } // Set the sort order if (isset($_GET['order'])) { switch ($_GET['order']) { case 'producer_id': $order_by = 'producer_id'; break; case 'payee': $order_by = 'payee'; break; default: $order_by = 'business_name'; break; } } else { $order_by = 'business_name'; } // This next line allow us to include the ajax routine and call it as a function
<?php include_once 'config_openfood.php'; session_start(); valid_auth('producer_admin,producer'); ?> <html> <head> <title>Editing Product Information</title> <style> h3 { margin-top:1.4em; color:#262; } h4 { display:inline; margin-right:0.5em; color:#642; } strong { color:#800; } </style> </head> <body bgcolor="#FFFFFF"> <font face="arial" size="-1"> <!-- CONTENT BEGINS HERE --> <h2>Admin Controls</h2>
<?php include_once 'config_openfood.php'; session_start(); valid_auth('site_admin,producer_admin'); function prdcr_contact_info($start, $half) { global $connection; $sqlp = ' SELECT ' . TABLE_PRODUCER . '.producer_id, ' . TABLE_PRODUCER . '.member_id, ' . TABLE_PRODUCER . '.business_name, ' . TABLE_MEMBER . '.first_name, ' . TABLE_MEMBER . '.first_name, ' . TABLE_MEMBER . '.last_name, ' . TABLE_MEMBER . '.address_line1, ' . TABLE_MEMBER . '.address_line2, ' . TABLE_MEMBER . '.city, ' . TABLE_MEMBER . '.state, ' . TABLE_MEMBER . '.zip, ' . TABLE_MEMBER . '.email_address, ' . TABLE_MEMBER . '.email_address_2, ' . TABLE_MEMBER . '.home_phone, ' . TABLE_MEMBER . '.work_phone, ' . TABLE_MEMBER . '.mobile_phone, ' . TABLE_MEMBER . '.fax, ' . TABLE_MEMBER . '.toll_free, ' . TABLE_MEMBER . '.home_page, ' . TABLE_MEMBER . '.membership_date, ' . TABLE_PRODUCER . '.unlisted_producer
<?php include_once 'config_openfood.php'; session_start(); valid_auth('route_admin,producer,producer_admin'); $type = $_GET['type']; $delivery_id = $_GET['delivery_id']; $checkbox = '<img src="' . DIR_GRAPHICS . 'checkbox.gif" style="height:1em;vertical-align:text-top;">'; // Check how to restrict the results... if (isset($_GET['producer_id'])) { // Producers and Route Admins get the specified list, if requested. $and_producer_id = ' AND ' . NEW_TABLE_PRODUCTS . '.producer_id = "' . mysql_real_escape_string($_GET['producer_id']) . '"'; // Use only ONE checkbox on these listings $checkbox = ' <img src="' . DIR_GRAPHICS . 'checkbox.gif" style="height:1em;vertical-align:text-top;"> '; } elseif (CurrentMember::auth_type('route_admin')) { $and_producer_id = ''; } else { $and_producer_id = ' AND ' . NEW_TABLE_PRODUCTS . '.producer_id = ""'; } if ($type == 'pickup') { $output .= ' <h1>Producer Pick-up List</h1> <pre>'; $query = ' SELECT ' . TABLE_PRODUCT_STORAGE_TYPES . '.storage_code, ' . NEW_TABLE_BASKET_ITEMS . '.product_id, ' . NEW_TABLE_PRODUCTS . '.product_name, ' . NEW_TABLE_SITES . '.*,
<?php include_once 'config_openfood.php'; session_start(); valid_auth('route_admin,producer_admin,site_admin,cashier'); $i = 0; $query = ' SELECT ' . TABLE_PRODUCER . '.producer_id, ' . TABLE_PRODUCER . '.business_name, ' . TABLE_MEMBER . '.first_name, ' . TABLE_MEMBER . '.last_name, ' . TABLE_MEMBER . '.preferred_name, ' . TABLE_MEMBER . '.address_line1, ' . TABLE_MEMBER . '.city, ' . TABLE_MEMBER . '.state, ' . TABLE_MEMBER . '.zip, ' . TABLE_MEMBER . '.county, ' . TABLE_MEMBER . '.home_phone, ' . TABLE_MEMBER . '.work_phone, ' . TABLE_MEMBER . '.mobile_phone, ' . TABLE_MEMBER . '.email_address FROM ' . NEW_TABLE_BASKET_ITEMS . ' LEFT JOIN ' . NEW_TABLE_BASKETS . ' USING(basket_id) LEFT JOIN ' . NEW_TABLE_PRODUCTS . ' USING(product_id,product_version) LEFT JOIN ' . TABLE_PRODUCER . ' USING(producer_id) LEFT JOIN
<?php include_once 'config_openfood.php'; session_start(); valid_auth('producer_admin,site_admin'); if ($_POST['pending']) { foreach ($_POST['pending'] as $producer_id => $value) { $query = ' SELECT ' . TABLE_PRODUCER . '.business_name, ' . TABLE_MEMBER . '.first_name, ' . TABLE_MEMBER . '.last_name, ' . TABLE_MEMBER . '.email_address, ' . TABLE_MEMBER . '.member_id, ' . TABLE_MEMBER . '.auth_type FROM ' . TABLE_PRODUCER . ' LEFT JOIN ' . TABLE_MEMBER . ' ON ' . TABLE_PRODUCER . '.member_id = ' . TABLE_MEMBER . '.member_id WHERE producer_id = "' . mysql_real_escape_string($producer_id) . '"'; $sql = mysql_query($query, $connection) or die("Couldn't execute query 4."); $producer_info = mysql_fetch_object($sql); if ($value == 'approve') { $query = ' UPDATE ' . TABLE_PRODUCER . ' SET pending="0" WHERE producer_id="' . mysql_real_escape_string($producer_id) . '"'; $sql = mysql_query($query);
<?php valid_auth('member'); $view = 'adjusted'; if ($_GET['view'] == 'original') { $view = 'original'; } elseif ($_GET['view'] == 'editable' && CurrentMember::auth_type('cashier') && $member_id != $_SESSION['member_id']) { $view = 'editable'; } if ($view == 'original') { $view_original = ' AND ' . NEW_TABLE_LEDGER . '.transaction_group_id = "" OR ( ' . NEW_TABLE_LEDGER . '.replaced_by IS NOT NULL AND ' . NEW_TABLE_LEDGER . '.replaced_datetime <= delivery_date )'; } else { $view_original = ''; } // Do not paginate invoices under any circumstances (web pages) $per_page = 1000000; // Assign page tab and title information $page_title_html = '<span class="title">Basket</span>'; $page_subtitle_html = '<span class="subtitle">Basket Items</span>'; $page_title = 'Basket: Basket Items'; $page_tab = 'shopping_panel'; // Set display groupings $major_product = 'producer_id'; $major_product_prior = $major_product . '_prior'; $minor_product = 'product_id'; $minor_product_prior = $minor_product . '_prior'; $show_major_product = true; $show_minor_product = true;
<?php include_once 'config_openfood.php'; session_start(); valid_auth('route_admin,site_admin,member_admin'); $delivery_id = $_GET['delivery_id']; if (!$delivery_id) { $delivery_id = ActiveCycle::delivery_id(); } // Initialize with column headers $home_phone_display = '<span><strong>Home Phone</strong></span><br>'; $mobile_phone_display = '<span><strong>Mobile Phone</strong></span><br>'; $work_phone_display = '<span><strong>Work Phone</strong></span><br>'; $fancy_display = '<strong>Name <E-mail Address></strong><br>'; $plain_display = '<span><strong>E-mail Address</strong></span><br>'; $sql = ' SELECT ' . TABLE_MEMBER . '.*, COUNT(' . NEW_TABLE_BASKET_ITEMS . '.product_id) AS prod_qty FROM ' . TABLE_MEMBER . ' LEFT JOIN ' . NEW_TABLE_BASKETS . ' ON ' . TABLE_MEMBER . '.member_id = ' . NEW_TABLE_BASKETS . '.member_id LEFT JOIN ' . NEW_TABLE_BASKET_ITEMS . ' ON ' . NEW_TABLE_BASKET_ITEMS . '.basket_id = ' . NEW_TABLE_BASKETS . '.basket_id WHERE ' . NEW_TABLE_BASKETS . '.member_id = ' . TABLE_MEMBER . '.member_id AND ' . NEW_TABLE_BASKETS . '.delivery_id = "' . mysql_real_escape_string($delivery_id) . '" GROUP BY ' . NEW_TABLE_BASKETS . '.member_id ORDER BY
<?php include_once 'config_openfood.php'; session_start(); valid_auth('site_admin,member_admin'); // Disable this line to allow member access to their own information include_once 'func.check_membership.php'; // Restrict view to member_admin and cashier except for a person's own information if (CurrentMember::auth_type('member_admin,cashier') && isset($_GET['member_id'])) { $member_id = $_GET['member_id']; } else { $member_id = $_SESSION['member_id']; } // Process any updates // --- NONE --- // Do queries and create content $query_member_info = ' SELECT * FROM ' . TABLE_MEMBER . ' LEFT JOIN ' . TABLE_MEMBERSHIP_TYPES . ' USING (membership_type_id) WHERE member_id = "' . mysql_real_escape_string($member_id) . '"'; $result_member_info = @mysql_query($query_member_info, $connection) or die(debug_print("ERROR: 785033 ", array($query, mysql_error()), basename(__FILE__) . ' LINE ' . __LINE__)); $member_data_found = false; if ($row_member_info = mysql_fetch_array($result_member_info)) { $member_data_found = true; } $renewal_info = check_membership_renewal(get_membership_info($member_id)); $member_content = ' <div id="member_info_main">
<?php include_once 'config_openfood.php'; session_start(); valid_auth('producer'); $producer_admin_true = 0; if (CurrentMember::auth_type('producer_admin')) { $producer_admin_true = 1; } // Check if we need to change the unlisted_producer status if (isset($_REQUEST['list_producer']) && $_SESSION['producer_id_you'] != '' && $_REQUEST['list_producer'] != "suspend") { if ($_REQUEST['list_producer'] == 'relist') { $unlisted_producer = 0; } elseif ($_REQUEST['list_producer'] == "unlist") { $unlisted_producer = 1; } // Update the unlisted value but not if *suspended* (nonotlist_producer = 2) $sqlr = ' UPDATE ' . TABLE_PRODUCER . ' SET unlisted_producer = "' . mysql_real_escape_string($unlisted_producer) . '" WHERE producer_id = "' . mysql_real_escape_string($_SESSION['producer_id_you']) . '" AND unlisted_producer != "2"'; $resultr = @mysql_query($sqlr, $connection) or die(debug_print("ERROR: 906897 ", array($sqlr, mysql_error()), basename(__FILE__) . ' LINE ' . __LINE__)); $message = "Producer # {$producer_id} has been updated.<br>"; } if ($_GET['producer_id_you']) { // Make sure we are authorized to "become" this producer // Either we are the member who is the producer or we are a producer admin
<?php valid_auth('institution,cashier,member_admin'); // Show search box on product shopping pages $show_search = true; $where_misc = ' AND ' . NEW_TABLE_PRODUCTS . '.listing_auth_type = "institution"'; if (isset($_SESSION['member_id'])) { $where_auth = ' AND ' . TABLE_MEMBER . '.member_id = "' . mysql_real_escape_string($_SESSION['member_id']) . '" AND FIND_IN_SET(listing_auth_type, auth_type) > 0'; } else { // Cases where there is no member_id (someone who is not logged in) use just "member" auth $where_auth = ' AND FIND_IN_SET(listing_auth_type, "member") > 0'; } $order_by = ' ' . TABLE_CATEGORY . '.sort_order ASC, ' . TABLE_SUBCATEGORY . '.subcategory_name ASC, ' . TABLE_PRODUCER . '.business_name ASC, ' . NEW_TABLE_PRODUCTS . '.product_name ASC, ' . NEW_TABLE_PRODUCTS . '.unit_price ASC'; // Assign page tab and title information $page_title_html = '<span class="title">Products</span>'; $page_subtitle_html = '<span class="subtitle">Wholesale Products</span>'; $page_title = 'Products: Wholesale Products'; $page_tab = 'shopping_panel'; // Assign template file if ($_GET['output'] == 'csv') { $per_page = 1000000; $template_type = 'customer_list_csv';
<?php include_once 'config_openfood.php'; session_start(); valid_auth('cashier'); // How was this script called? if (isset($_REQUEST['type'])) { $type = $_REQUEST['type']; } if (isset($_REQUEST['target'])) { $target = $_REQUEST['target']; } if (isset($_REQUEST['method'])) { $method = $_REQUEST['method']; } if ($type == 'reserve_transaction_group_id') { // Reserve a group adjustment value using the transaction_group_enum table (similar to an auto-increment) $query = ' INSERT INTO ' . NEW_TABLE_ADJUSTMENT_GROUP_ENUM . ' VALUES (NULL)'; $result = mysql_query($query, $connection) or die(debug_print("ERROR: 752930 ", array($query, mysql_error()), basename(__FILE__) . ' LINE ' . __LINE__)); $inserted_row = mysql_insert_id(); // Return the row to the ajax query echo $inserted_row; } if ($type == 'single') { // Get the target transaction $transaction_data = get_transaction($target); // Check if this transaction replaced another $replaced_data = get_replaced($transaction_data['transaction_id']);
<?php include_once 'config_openfood.php'; session_start(); valid_auth('member_admin'); $delivery_id = ActiveCycle::delivery_id(); $sql = ' SELECT ' . TABLE_MEMBER . '.*, ' . TABLE_MEMBERSHIP_TYPES . '.membership_class FROM ' . TABLE_MEMBER . ' LEFT JOIN ' . TABLE_MEMBERSHIP_TYPES . ' on ' . TABLE_MEMBER . '.membership_type_id = ' . TABLE_MEMBERSHIP_TYPES . '.membership_type_id WHERE ' . TABLE_MEMBER . '.pending = "0" AND ' . TABLE_MEMBER . '.membership_discontinued != "1" ORDER BY member_id DESC, last_name ASC, first_name ASC'; $rs = @mysql_query($sql, $connection) or die(debug_print("ERROR: 785033 ", array($sql, mysql_error()), basename(__FILE__) . ' LINE ' . __LINE__)); $num = mysql_numrows($rs); while ($row = mysql_fetch_array($rs)) { $member_id = $row['member_id']; $first_name = $row['first_name']; $last_name = $row['last_name']; $first_name_2 = $row['first_name_2']; $last_name_2 = $row['last_name_2']; $business_name = $row['business_name']; $address_line1 = $row['address_line1']; $address_line2 = $row['address_line2'];
<?php include_once 'config_openfood.php'; session_start(); valid_auth('site_admin,cashier,producer_admin,producer'); if (isset($_GET['producer_id']) && is_numeric($_GET['producer_id'])) { // If not authorized then force to member's own member_id if (!CurrentMember::auth_type('cashier') && !CurrentMember::auth_type('site_admin') && !CurrentMember::auth_type('producer_admin')) { $producer_id = $_SESSION['producer_id_you']; } else { $producer_id = $_GET['producer_id']; } $query_where = ' WHERE ' . NEW_TABLE_PRODUCTS . '.producer_id = "' . mysql_real_escape_string($producer_id) . '"'; $query_business_name = ' SELECT business_name FROM ' . TABLE_PRODUCER . ' WHERE producer_id = "' . mysql_real_escape_string($producer_id) . '"'; $result_business_name = @mysql_query($query_business_name, $connection) or die("Couldn't execute query."); if ($row = mysql_fetch_array($result_business_name)) { $business_name = $row['business_name']; } } else { $producer_id = 0; } $content = ' <table width="80%"> <tr>
<?php include_once 'config_openfood.php'; session_start(); valid_auth('member_admin,site_admin,cashier'); include_once 'func.get_ledger_row_markup.php'; //echo '<tr><td colspan="9" style="text-align:left;">'; //////////////////////////////////////////////////////////////////////////////////// // // // This is the main ajax call to get ledger information for display of // // accounting information. // // REQUIRED arguments: action=get_ledger_info // // account_spec=[account_type]:[account_id] // // // // OPTIONAL arguments: group_customer_fee_with=[product|order] // // group_producer_fee_with=[product|order] // // group_weight_cost_with=[product|order] // // group_quantity_cost_with=[product|order] // // group_extra_charge_with=[product|order] // // group_taxes_with=[product|order] // // include_header=[true|false] // // delivery_id=[delivery_id] // // // //////////////////////////////////////////////////////////////////////////////////// // These are text_key values used in transactions. $text_key_array = array(); $summarize_by = array(); $css_trans_array = array(); $query = ' SELECT DISTINCT(text_key) AS text_key
<?php include_once 'config_openfood.php'; session_start(); valid_auth('site_admin,cashier,member'); if (isset($_GET['member_id']) && is_numeric($_GET['member_id'])) { // If not authorized then force to member's own member_id if (!CurrentMember::auth_type('cashier') && !CurrentMember::auth_type('site_admin')) { $member_id = $_SESSION['member_id']; } else { $member_id = $_GET['member_id']; } $query_where = ' WHERE ' . NEW_TABLE_BASKETS . '.member_id = "' . mysql_real_escape_string($member_id) . '"'; $query_member_name = ' SELECT preferred_name FROM ' . TABLE_MEMBER . ' WHERE member_id = "' . mysql_real_escape_string($member_id) . '"'; $result_member_name = @mysql_query($query_member_name, $connection) or die("Couldn't execute query."); if ($row = mysql_fetch_array($result_member_name)) { $preferred_name = $row['preferred_name']; } } else { $member_id = 0; } $content = ' <table width="80%"> <tr>
$post_changes_to_database = true; $status_message .= ' Saving changes to the Database. By the time you see this message, the database should already be updated. However, it would be a good idea to <a href="' . $_SERVER['SCRIPT_NAME'] . '">reload this page</a> just to be sure. Names for changed values are shown in <span class="changed"> this</span> color.'; } // If we need the old configuration values, then include old configuration instead of new one if ($preload_from_old_config) { @(include_once 'config_openfood.php'); $database_config['db_prefix'] = DB_PREFIX; $database_config['openfood_config'] = 'openfood_config'; } include_once 'config_openfood.php'; session_start(); valid_auth('site_admin'); // Set the query for updating the database function set_update_query($update_queries, $name, $value) { global $database_config; // Create an array of update queries, to be run later $query = ' UPDATE ' . $database_config['db_prefix'] . $database_config['openfood_config'] . ' SET value = "' . mysql_real_escape_string($value) . '" WHERE name = "' . mysql_real_escape_string($name) . '"'; array_push($update_queries, $query); return $update_queries; } // Begin content generation $content = ' <p class="status_message">Make changes and press "' . $save_button_text . '" at the bottom
<?php include_once 'config_openfood.php'; session_start(); valid_auth('cashier,site_admin'); // Use any valid delivery_id that was passed or else use current value if (round($_GET['delivery_id']) && $_GET['delivery_id'] <= ActiveCycle::delivery_id() && $_GET['delivery_id'] > 0) { $delivery_id = $_GET['delivery_id']; } else { $delivery_id = ActiveCycle::delivery_id(); } // Get the target delivery date $query = ' SELECT delivery_date FROM ' . TABLE_ORDER_CYCLES . ' WHERE delivery_id = "' . mysql_real_escape_string($delivery_id) . '"'; $result = @mysql_query($query, $connection) or die(debug_print("ERROR: 893032 ", array($query, mysql_error()), basename(__FILE__) . ' LINE ' . __LINE__)); if ($row = mysql_fetch_array($result)) { $delivery_date = date("F j, Y", strtotime($row['delivery_date'])); } $page_specific_javascript = ' <script type="text/javascript" src="' . PATH . 'ajax/jquery.js"></script> <script type="text/javascript"> var c_arrElements; var p_arrElements; var i;