Example #1
0
function remove($cp_id, $order_id)
{
    $val = Validation::own_cus_product($cp_id, $_SESSION["user_id"]);
    if ($val) {
        $cus_pro = CusProduct::find($cp_id);
        $order = Order::find($order_id);
        $order->remove_product($cus_pro);
        $order->update();
    }
}
Example #2
0
<?php

include 'inc.php';
if (!$user->is_admin()) {
    set_msg("You do not have enough permission.");
    header("Location: index.php");
    exit;
}
$products = Product::get_all_products();
if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $product_ids = $_POST["product_ids"];
}
if (empty($product_ids)) {
    $product_ids = array();
}
$cus_products = CusProduct::search($product_ids);
include 'header.php';
include 'menu.php';
?>
<div id="content">
  <div id="ajax-popup" style="display: none;">
    <div id="ajax-close"><a onclick="close_ajax()">Close</a></div>
    <div id="ajax-title">Cart Details for Customized Product ID <span id="ajax-id"> </span></div>
    <div id="ajax-loading">
      <p>Loading...</p>
      <img src="images/ajax-loader.gif" width="220" height="19" alt="Loading" />
    </div>
    <div id="ajax-body" style=""> </div>
  </div>
  <div id="admin-menu">
    <h2>Admin Panel</h2>
Example #3
0
 static function search($product_ids)
 {
     for ($i = 0; $i < count($product_ids); $i++) {
         $product_ids[$i] = intval($product_ids[$i]);
     }
     $str = empty($product_ids) ? "" : "AND c.product_id IN (" . implode(",", $product_ids) . ")";
     $query = "SELECT c.id FROM cus_products c, orders o, order_products p\n              WHERE c.id = p.cus_product_id AND o.id = p.order_id AND o.status='completed' {$str}";
     $result = sql($query, SQL_SINGLE_COL);
     if (!$result) {
         log2("sql error! -- " . mysql_error() . ": {$query}");
         return array();
     }
     $ret = array();
     foreach ($result as $id) {
         $obj = CusProduct::find($id);
         if ($obj instanceof CusProduct) {
             $ret[] = $obj;
         }
     }
     return $ret;
 }
Example #4
0
<?php

include 'inc.php';
$cp_id = $_GET["id"];
$val = Validation::own_cus_product($cp_id, $_SESSION["user_id"]);
if (!$val or empty($cp_id)) {
    header("Location: cart.php");
    exit;
}
$cp = CusProduct::find($cp_id);
if ($_SERVER["REQUEST_METHOD"] == "GET") {
    $_POST["attr"]["quantity"] = $cp->get_quantity();
    foreach ($cp->get_custom() as $type => $value) {
        $_POST["attr"][$type] = $value;
    }
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $_POST["attr"]["image"] = intval($_POST["attr"]["image"]);
    //handle add product request
    if ($_POST["attr"]["image"] <= 0) {
        $_POST["attr"]["image"] = Image::process_image($_FILES['upload'], $user);
    }
    if ($_POST["attr"]["image"] <= 0) {
        set_msg("Image Error: " . get_error_msg($_POST["attr"]["image"]));
    } else {
        $result = modify_product($user, $cp, $_POST["attr"]);
        if ($result) {
            header("Location: cart.php");
            exit;
        }
    }
Example #5
0
 static function find($id, $isCommitted = false)
 {
     if (!$id) {
         return false;
     }
     if ((string) (int) $id != (string) $id) {
         return false;
     }
     $id = intval($id);
     $committed_sql = $isCommitted ? "AND status='completed'" : "";
     $info = sql("SELECT * FROM orders WHERE id = {$id} {$committed_sql}", SQL_SINGLE_ROW);
     if (!$info) {
         log2("failed to find the order with id {$id}");
         return false;
     }
     $order = new Order();
     $order->info = $info;
     $order->info["user"] = new User($info["user_id"]);
     $cus_product_ids = sql("SELECT cus_product_id FROM order_products WHERE order_id= {$id}", SQL_SINGLE_COL);
     foreach ($cus_product_ids as $cp_id) {
         $obj = CusProduct::find(intval($cp_id));
         if ($obj instanceof CusProduct) {
             $order->cus_products[] = $obj;
         }
     }
     return $order;
 }