public function HandleToDo($Do)
{
$GLOBALS['BreadcrumEntries'] = array(GetLang('Home') => "index.php", GetLang('Orders') => 'index.php?ToDo=viewOrders');
switch (isc_strtolower($Do)) {
case 'saveneworder':
$this->SaveNewOrder();
break;
case 'saveupdatedorder':
$this->SaveUpdatedOrder();
break;
case "addorder":
$this->AddOrder();
break;
case 'editorder':
$this->EditOrder();
break;
case "createorderview":
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Manage_Orders)) {
$GLOBALS['BreadcrumEntries'][GetLang('CreateOrderView')] = "index.php?ToDo=createOrderView";
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintHeader();
$this->CreateView();
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintFooter();
} else {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
}
break;
case "printmultiorderinvoices":
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Manage_Orders)) {
$this->PrintMultiInvoices();
} else {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
}
break;
case "deletecustomordersearch":
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Manage_Orders)) {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintHeader();
$this->DeleteCustomSearch();
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintFooter();
} else {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
}
break;
case "customordersearch":
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Manage_Orders)) {
$GLOBALS['BreadcrumEntries'][GetLang('CustomView')] = "index.php?ToDo=customOrderSearch";
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintHeader();
$this->CustomSearch();
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintFooter();
} else {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
}
break;
case "searchordersredirect":
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Manage_Orders)) {
$GLOBALS['BreadcrumEntries'][GetLang('SearchResults')] = "index.php?ToDo=searchOrders";
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintHeader();
$this->SearchOrdersRedirect();
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintFooter();
} else {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
}
break;
case "searchorders":
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Manage_Orders)) {
$GLOBALS['BreadcrumEntries'][GetLang('SearchResults')] = "index.php?ToDo=searchOrders";
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintHeader();
$this->SearchOrders();
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintFooter();
} else {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
}
break;
case "saveupdatedordermessage":
if (!gzte11(ISC_LARGEPRINT)) {
exit;
}
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Order_Messages)) {
$GLOBALS['BreadcrumEntries'] = array(GetLang('Home') => "index.php", GetLang('Orders') => "index.php?ToDo=viewOrders", GetLang('ViewMessages') => "index.php?ToDo=saveUpdatedOrderMessage");
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintHeader();
$this->SavedUpdatedOrderMessage();
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintFooter();
} else {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
}
break;
case "editordermessage":
if (!gzte11(ISC_LARGEPRINT)) {
exit;
}
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Order_Messages)) {
$GLOBALS['BreadcrumEntries'] = array(GetLang('Home') => "index.php", GetLang('Orders') => "index.php?ToDo=viewOrders", GetLang('ViewMessages') => "index.php?ToDo=viewOrderMessages&orderId=" . @(int) $_GET['orderId'], GetLang('EditMessage') => "index.php?ToDo=editOrderMessage");
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintHeader();
$this->EditOrderMessage();
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintFooter();
} else {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
}
break;
case "savenewordermessage":
if (!gzte11(ISC_LARGEPRINT)) {
exit;
}
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Order_Messages)) {
$GLOBALS['BreadcrumEntries'] = array(GetLang('Home') => "index.php", GetLang('Orders') => "index.php?ToDo=viewOrders", GetLang('ViewMessages') => "index.php?ToDo=saveUpdatedOrderMessage");
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintHeader();
$this->SaveNewOrderMessage();
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintFooter();
} else {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
}
break;
case "createordermessage":
if (!gzte11(ISC_LARGEPRINT)) {
exit;
}
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Order_Messages)) {
$GLOBALS['BreadcrumEntries'] = array(GetLang('Home') => "index.php", GetLang('Orders') => "index.php?ToDo=viewOrders", GetLang('ViewMessages') => "index.php?ToDo=viewOrderMessages&orderId=" . @(int) $_GET['orderId'], GetLang('CreateMessage') => "index.php?ToDo=createOrderMessage");
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintHeader();
$this->CreateOrderMessage();
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintFooter();
} else {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
}
break;
case "deleteordermessages":
if (!gzte11(ISC_LARGEPRINT)) {
exit;
}
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Order_Messages)) {
$GLOBALS['BreadcrumEntries'] = array(GetLang('Home') => "index.php", GetLang('Orders') => "index.php?ToDo=viewOrders", GetLang('ViewMessages') => "index.php?ToDo=saveUpdatedOrderMessage");
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintHeader();
$this->DeleteOrderMessages();
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintFooter();
} else {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
}
break;
case "flagordermessage":
if (!gzte11(ISC_LARGEPRINT)) {
exit;
}
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Order_Messages)) {
$GLOBALS['BreadcrumEntries'] = array(GetLang('Home') => "index.php", GetLang('Orders') => "index.php?ToDo=viewOrders", GetLang('ViewMessages') => "index.php?ToDo=viewOrderMessages");
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintHeader();
$this->FlagOrderMessage();
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintFooter();
} else {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
}
break;
case "updateordermessagestatus":
if (!gzte11(ISC_LARGEPRINT)) {
exit;
}
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Order_Messages)) {
$GLOBALS['BreadcrumEntries'] = array(GetLang('Home') => "index.php", GetLang('Orders') => "index.php?ToDo=viewOrders", GetLang('ViewMessages') => "index.php?ToDo=viewOrderMessages");
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintHeader();
$this->UpdateOrderMessageStatus();
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintFooter();
} else {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
}
break;
case "viewordermessages":
if (!gzte11(ISC_LARGEPRINT)) {
exit;
}
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Order_Messages)) {
$GLOBALS['BreadcrumEntries'] = array(GetLang('Home') => "index.php", GetLang('Orders') => "index.php?ToDo=viewOrders", GetLang('ViewMessages') => "index.php?ToDo=viewOrderMessages");
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintHeader();
$this->ViewOrderMessages();
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintFooter();
} else {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
}
break;
case "deleteorders":
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Delete_Orders)) {
$GLOBALS['BreadcrumEntries'] = array(GetLang('Home') => "index.php", GetLang('Orders') => "index.php?ToDo=viewOrders");
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintHeader();
$this->DeleteOrders();
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintFooter();
} else {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
}
break;
case "printorderinvoice":
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Manage_Orders)) {
$this->PrintInvoice();
} else {
echo "<script type=\"text/javascript\">window.close();</script>";
}
break;
case "importordertrackingnumbers":
if (gzte11(ISC_MEDIUMPRINT)) {
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Import_Order_Tracking_Numbers)) {
if (!gzte11(ISC_MEDIUMPRINT)) {
exit;
}
$this->ImportTrackingNumbers();
} else {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
}
}
break;
case "viewsingleorder":
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Manage_Orders)) {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintHeader();
$output = ISC_ADMIN_REMOTE::GetOrderQuickView();
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintFooter();
echo $output;
}
break;
case "updatemultiorderstatus":
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Manage_Orders)) {
$GLOBALS['ISC_CLASS_TEMPLATE']->SetTemplate("pageheader.popup");
$GLOBALS['ISC_CLASS_TEMPLATE']->ParseTemplate();
$this->updateOrderStatusBox();
$GLOBALS['ISC_CLASS_TEMPLATE']->SetTemplate("pagefooter.popup");
$GLOBALS['ISC_CLASS_TEMPLATE']->ParseTemplate();
} else {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
}
break;
case "refundorder":
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Manage_Orders)) {
$GLOBALS['BreadcrumEntries'] = array(GetLang('Home') => "index.php", GetLang('Orders') => "index.php?ToDo=viewOrders");
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintHeader();
$this->RefundOrder();
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintFooter();
} else {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
}
break;
/* Added for Save and Pay -- Baskaran */
/* Added for Save and Pay -- Baskaran */
case "payorder":
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Manage_Orders)) {
$GLOBALS['BreadcrumEntries'] = array(GetLang('Home') => "index.php", GetLang('Orders') => "index.php?ToDo=viewOrders", GetLang('PayOrder') => "index.php?ToDo=viewOrderMessages");
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintHeader();
$this->payOrder();
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintFooter();
} else {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
}
break;
case "paymentorder":
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Manage_Orders)) {
$GLOBALS['BreadcrumEntries'] = array(GetLang('Home') => "index.php", GetLang('Orders') => "index.php?ToDo=viewOrders", GetLang('PayOrder') => "index.php?ToDo=viewOrderMessages");
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintHeader();
$this->PaymentOrder();
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintFooter();
} else {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
}
break;
//Wirror_20110301: confirm the order
//Wirror_20110301: confirm the order
case "confirmorder":
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Manage_Orders)) {
$GLOBALS['BreadcrumEntries'] = array(GetLang('Home') => "index.php", GetLang('Orders') => "index.php?ToDo=viewOrders", GetLang('ConfirmOrder') => 'index.php?ToDo=confirmOrder');
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintHeader();
$this->ConfirmOrder();
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintFooter();
} else {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
}
break;
/* Baskaran */
/* Baskaran */
default:
if ($GLOBALS['ISC_CLASS_ADMIN_AUTH']->HasPermission(AUTH_Manage_Orders)) {
if (isset($_GET['searchQuery'])) {
$GLOBALS['BreadcrumEntries'] = array(GetLang('Home') => "index.php", GetLang('Orders') => "index.php?ToDo=viewOrders", GetLang('SearchResults') => "index.php?ToDo=viewOrders");
} else {
$GLOBALS['BreadcrumEntries'] = array(GetLang('Home') => "index.php", GetLang('Orders') => "index.php?ToDo=viewOrders");
}
if (GetSession('ordersearch') > 0) {
if (!isset($_GET['searchId'])) {
$_GET['searchId'] = GetSession('ordersearch');
$_REQUEST['searchId'] = GetSession('ordersearch');
}
if ($_GET['searchId'] > 0) {
$GLOBALS['BreadcrumEntries'] = array_merge($GLOBALS['BreadcrumEntries'], array(GetLang('CustomView') => "index.php?ToDo=customOrderSearch"));
}
}
if (!isset($_REQUEST['ajax'])) {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintHeader();
}
if (GetSession('ordersearch') > 0) {
$this->CustomSearch();
} else {
UnsetSession('ordersearch');
$this->ManageOrders();
}
if (!isset($_REQUEST['ajax'])) {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->PrintFooter();
}
} else {
$GLOBALS['ISC_CLASS_ADMIN_ENGINE']->DoHomePage(GetLang('Unauthorized'), MSG_ERROR);
}
}
}
/**
* Takes a product id and product image id and modifies the sorting values of all affected product images to "move this image after another image"
*
* @param ISC_ADMIN_REMOTE $remote
*/
public function remoteMoveImageAfterOtherImage(ISC_ADMIN_REMOTE $remote)
{
// this method is used instead of simply receiving a full serialize of the new product order, it allows us to update more efficiently by knowing which image was moved and only updating the affected sort orders
$response = array();
$productId = false;
$productHash = false;
if (isset($_POST['product'])) {
$productId = (int)@$_POST['product'];
if (!isId($productId) || !ProductExists($productId)) {
$response[] = $remote->MakeXMLTag('error', GetLang('ProductDoesntExist'), true);
} else if (!$GLOBALS["ISC_CLASS_ADMIN_AUTH"]->HasPermission(AUTH_Edit_Products)) {
$response[] = $remote->MakeXMLTag('error', GetLang('Unauthorized'), true);
}
} else if (isset($_POST['hash']) && $_POST['hash']) {
$productHash = $_POST['hash'];
if (!$GLOBALS["ISC_CLASS_ADMIN_AUTH"]->HasPermission(AUTH_Create_Product)) {
$response[] = $remote->MakeXMLTag('error', GetLang('Unauthorized'), true);
}
} else {
$response[] = $remote->MakeXMLTag('error', GetLang('ProductDoesntExist'), true);
}
if (!empty($response)) {
$remote->SendXMLHeader();
$remote->SendXMLResponse($response);
die();
}
$moveId = (int)$_POST['move'];
try {
$moveImage = new ISC_PRODUCT_IMAGE($moveId);
} catch (ISC_PRODUCT_IMAGE_INVALIDID_EXCEPTION $e) {
$response[] = $remote->MakeXMLTag('error', sprintf(GetLang('ProductImageInvalidId'), $moveId), true);
} catch (ISC_PRODUCT_IMAGE_RECORDNOTFOUND_EXCEPTION $e) {
$response[] = $remote->MakeXMLTag('error', sprintf(GetLang('ProductImageNotFound'), $moveId), true);
} catch (Exception $e) {
$response[] = $remote->MakeXMLTag('error', GetLang('ProductImageMoveDatabaseError'), true);
}
if (!empty($response)) {
$remote->SendXMLHeader();
$remote->SendXMLResponse($response);
die();
}
$moveSort = $moveImage->getSort();
if ($productId && $moveImage->getProductId() !== $productId || $productHash && $moveImage->getProductHash() !== $productHash) {
// provided image id does not belong to provided product id
$response[] = $remote->MakeXMLTag('error', sprintf(GetLang('ProductImageMismatchError'), $moveId, $productId), true);
$remote->SendXMLHeader();
$remote->SendXMLResponse($response);
die();
}
if (isset($_POST['after'])) {
$afterId = (int)$_POST['after'];
try {
$afterImage = new ISC_PRODUCT_IMAGE($afterId);
} catch (ISC_PRODUCT_IMAGE_INVALIDID_EXCEPTION $e) {
$response[] = $remote->MakeXMLTag('error', sprintf(GetLang('ProductImageInvalidId'), $afterId), true);
$remote->SendXMLHeader();
$remote->SendXMLResponse($response);
die();
} catch (ISC_PRODUCT_IMAGE_RECORDNOTFOUND_EXCEPTION $e) {
$response[] = $remote->MakeXMLTag('error', sprintf(GetLang('ProductImageNotFound'), $afterId), true);
$remote->SendXMLHeader();
$remote->SendXMLResponse($response);
die();
} catch (Exception $e) {
$response[] = $remote->MakeXMLTag('error', GetLang('ProductImageMoveDatabaseError'), true);
$remote->SendXMLHeader();
$remote->SendXMLResponse($response);
die();
}
if ($productId && $afterImage->getProductId() !== $productId || $productHash && $afterImage->getProductHash() !== $productHash) {
// provided image id does not belong to provided product id
$response[] = $remote->MakeXMLTag('error', sprintf(GetLang('ProductImageMismatchError'), $afterId, $productId), true);
$remote->SendXMLHeader();
$remote->SendXMLResponse($response);
die();
}
$afterSort = $afterImage->getSort();
} else {
$after = false;
$afterSort = -1;
}
if ($moveImage->getProductHash()) {
if (!$GLOBALS["ISC_CLASS_ADMIN_AUTH"]->HasPermission(AUTH_Create_Product)) {
$response[] = GetLang('Unauthorized');
$remote->SendXMLHeader();
$remote->SendXMLResponse($response);
die();
}
} else {
if (!$GLOBALS["ISC_CLASS_ADMIN_AUTH"]->HasPermission(AUTH_Edit_Products)) {
$response[] = GetLang('Unauthorized');
$remote->SendXMLHeader();
$remote->SendXMLResponse($response);
die();
}
}
// create an sql query to shift all sorting values between the two anchor points
if ($moveSort > $afterSort) {
$sql = "UPDATE `[|PREFIX|]product_images` SET imagesort = imagesort + 1 WHERE imageprodid = " . $moveImage->getProductId() . " AND imagesort > " . $afterSort . " AND imagesort < " . $moveSort;
$newSort = $afterSort + 1;
} else {
$sql = "UPDATE `[|PREFIX|]product_images` SET imagesort = imagesort - 1 WHERE imageprodid = " . $moveImage->getProductId() . " AND imagesort > " . $moveSort . " AND imagesort <= " . $afterSort;
$newSort = $afterSort;
}
$db = $GLOBALS['ISC_CLASS_DB'];
$db->Query("SET autocommit = 0");
$db->Query("LOCK TABLES `[|PREFIX|]product_images` WRITE");
$result = $db->Query($sql);
if ($result) {
$moveImage->setSort($newSort);
try {
$moveImage->saveToDatabase(false);
$db->Query("COMMIT");
$response[] = $remote->MakeXMLTag('success', GetLang('ProductImagesSortOrderChanged'), true);
} catch (Exception $e) {
$db->Query("ROLLBACK");
$response[] = $remote->MakeXMLTag('success', GetLang('ProductImageMoveDatabaseError'), true);
}
$db->Query("UNLOCK TABLES");
} else {
$db->Query("ROLLBACK");
$db->Query("UNLOCK TABLES");
$response[] = $remote->MakeXMLTag('success', GetLang('ProductImageMoveDatabaseError'), true);
}
$remote->SendXMLHeader();
$remote->SendXMLResponse($response);
die();
}