<?php
require_once 'back_functions.php';
session_start();
do_html_header('Rama网上书店管理系统');
check_admin_user();
do_html_top();
display_admin_menu();
display_order();
?>
">
<?php
display_package_options_table($BID, $_REQUEST['pack'], true);
echo "<input type='button' value='" . $label['advertiser_pack_prev_button'] . "' onclick='window.location=\"select.php?&jEditOrder=true&BID={$BID}&order_id=" . $order_row['order_id'] . "\"' >";
echo " <input type='submit' value='" . $label['advertiser_pack_select_button'] . "'>";
echo "<form>";
if ($cannot_get_package) {
$sql = "SELECT * from packages where package_id='" . $selected_pack . "'";
$result = mysql_query($sql) or die(mysql_error());
$row = mysql_fetch_array($result);
$label['pack_cannot_select'] = str_replace("%MAX_ORDERS%", $row['max_orders'], $label['pack_cannot_select']);
echo "<p>" . $label['pack_cannot_select'] . "</p>";
}
} else {
display_order($_SESSION['MDS_order_id'], $BID);
$sql = "select * from users where ID='" . $_SESSION['MDS_ID'] . "'";
$result = mysql_query($sql) or die(mysql_error() . $sql);
$u_row = mysql_fetch_array($result);
?>
<?php
display_edit_order_button($order_row['order_id']);
?>
<?php
if ($order_row['price'] == 0 || $u_row['Rank'] == 2) {
?>
<input type='button' value="<?php
echo $label['advertiser_o_completebutton'];
?>
" Onclick="window.location='publish.php?action=complete&order_id=<?php
">
<?php
display_package_options_table($BID, $_REQUEST['pack'], true);
echo "<input class='big_button' type='button' value='" . $label['advertiser_pack_prev_button'] . "' onclick='window.location=\"write_ad.php?&BID={$BID}&ad_id=" . $order_row['ad_id'] . "\"' >";
echo " <input class='big_button' type='submit' value='" . $label['advertiser_pack_select_button'] . "'>";
echo "<form>";
if ($cannot_get_package) {
$sql = "SELECT * from packages where package_id='" . $selected_pack . "'";
$p_result = mysql_query($sql) or die(mysql_error());
$p_row = mysql_fetch_array($p_result);
$p_max_ord = $p_row['max_orders'];
$label['pack_cannot_select'] = str_replace("%MAX_ORDERS%", $p_row['max_orders'], $label['pack_cannot_select']);
echo "<p>" . $label['pack_cannot_select'] . "</p>";
}
} else {
display_order(session_id(), $BID);
$sql = "select * from users where ID='" . $_SESSION['MDS_ID'] . "'";
$result = mysql_query($sql) or die(mysql_error() . $sql);
$u_row = mysql_fetch_array($result);
?>
<p>
<?php
display_edit_order_button('temp');
?>
<?php
//echo "can ordr:".can_user_order($b_row, $_SESSION['MDS_ID'], $_REQUEST['pack']);
if (!can_user_order($b_row, $_SESSION['MDS_ID'], $_REQUEST['pack'])) {
// one more check before continue
if (!$p_max_ord) {
$max = G_MAX_ORDERS;
// If the user is in the purchases admin area, but hasn't viewed a particular order.
if (isset($_GET['admin']) && $_GET['admin'] == 5 && !isset($_GET['order'])) {
$purchases_display = admin_purchases_display();
echo '<div class="admin_wrapper">
<a href="http://petertwickler.com/cart/index.php?admin=3">Edit Accounts</a><br />
<a href="http://petertwickler.com/cart/index.php?admin=4">Edit Products</a><br />
<a href="http://petertwickler.com/cart/index.php?admin=5">View Purchases</a>
</div>
<div class="purchases_display">
' . $purchases_display . '
</div>';
}
// If the user is in the display purchases admin area and HAS viewed a particular order, display
// the same as above, but add the order info, too.
if (isset($_GET['order']) && $_GET['order'] == 1) {
$order_display = display_order($_POST);
$order_display;
$purchases_display = admin_purchases_display();
echo '<div class="admin_wrapper">
<a href="http://petertwickler.com/cart/index.php?admin=3">Edit Accounts</a><br />
<a href="http://petertwickler.com/cart/index.php?admin=4">Edit Products</a><br />
<a href="http://petertwickler.com/cart/index.php?admin=5">View Purchases</a>
</div>
<div class="order_display">
' . $purchases_display . '
</div>
<div class="order_display_wrapper">' . $order_display . '</div>';
}
// This if statement tests for the username and passwords in the POST variable. If they are there, it activates the
// login.
if (isset($_POST['username']) && isset($_POST['password'])) {