function GenerateDDL($name, $attributes, $selectedValue, $valueColum, $displayTextColumn, $query, $extraOption = NULL, $extraOption2 = NULL) { $r = Query($query); $result = "<select name='{$name}' id='{$name}' {$attributes}>"; if ($extraOption !== NULL) { $selected = $selectedValue == 0 ? 'selected=selected ' : ''; $result .= "<option value='0' {$selected} >{$extraOption}</option>"; } if ($extraOption2 !== NULL) { $selected = $selectedValue == -1 ? 'selected=selected ' : ''; $result .= "<option value='-1' {$selected} >{$extraOption2}</option>"; } if (Num($r) != 0) { while ($row = mysql_fetch_array($r)) { if (is_array($selectedValue) && in_array($row[$valueColum], $selectedValue) || $row[$valueColum] == $selectedValue) { $result .= "<option selected value='" . $row[$valueColum] . "'>" . Decode($row[$displayTextColumn]) . "</option>"; } else { $result .= "<option value='" . $row[$valueColum] . "'>" . Decode($row[$displayTextColumn]) . "</option>"; } } } $result .= "</select>"; return $result; }
function IsExist($table, $col, $val, $attr = '') { $where = "where `{$col}`='" . Encode($val) . "' "; if (!empty($attr)) { $where .= " and {$attr}"; } $sql = "select `{$col}` from `{$table}` {$where} "; $rp = Query($sql); if (Num($rp) > 0) { return true; } return false; }
function greaterthanRows($from, $where = '', $select = '*', $sort_order = '', $join = '', $group_by = '', $do_paging = "N", $record_per_page = '20', $rewrite_url = false) { $order_by = ""; $sqlWhere = ""; $joinSql = ""; if (is_array($select)) { $select = implode(",", $select); } $sqlWhere2 = array(); if (is_array($where) && count($where) > 0) { foreach ($where as $col => $val) { $sqlWhere2[] = $col . " >= '" . Encode($val) . "'"; } } else { if (!empty($where)) { $sqlWhere = $where; } } if ($sort_order != "") { $order_by = "ORDER BY {$sort_order}"; } if ($group_by != "") { $group_by = "GROUP BY {$group_by}"; } if (count($sqlWhere2)) { $sqlWhere = " WHERE " . implode(' AND ', $sqlWhere2); } if (is_array($join) && !empty($join)) { foreach ($join as $tbl => $con) { $tmp = explode("|", $tbl); if (isset($tmp[1])) { $joinSql .= ' ' . strtoupper($tmp[0]) . ' JOIN ' . $tmp[1] . ' ON ' . $con; } else { $joinSql .= ' JOIN ' . $tbl . ' ON ' . $con; } } } else { if (!empty($join)) { $joinSql = $join; } } $sql = "SELECT " . $select . " FROM `" . $from . '` ' . $joinSql . " {$sqlWhere} {$group_by} {$order_by}"; //echo $sql; //exit; if ($do_paging == "Y") { return customPaging($sql, $record_per_page, $rewrite_url); } else { $r = Query($sql); $num_rows = Num($r); $data = array(); if ($num_rows > 0) { while ($o = GetArr($r)) { array_push($data, $o); } } mysql_data_seek($r, 0); return array('data' => $data, 'result' => $r, 'total_recs' => $num_rows); } }
<?php include_once 'inc/config.inc.php'; include_once 'inc/class.phpmailer.php'; if ($_SESSION['Auth_user']) { if (!empty($_POST)) { $pid = $_POST["pid"]; $chk = 'select * from wishlist where id =' . $pid . ' and user_id = ' . $_SESSION['Auth_id']; $chk_ret = Query($chk); $obj_chk = Num($chk_ret); if ($obj_chk > 0) { echo "This product already exist in your wishlist"; exit; } else { $return = 'select * from product where id =' . $pid; $ret = Query($return); if ($ret) { $i = 1; $obj = GetArr($ret); $len = count($obj); $insert1 = "insert into wishlist( "; $insert2 = " VALUES ( "; foreach ($obj as $key => $field) { if ($i == $len) { $insert1 .= $key . ",user_id)"; } else { $insert1 .= $key . ','; } if ($i == $len) { $field1 = mysql_real_escape_string($field); $insert3 .= "'" . $field1 . "','" . $_SESSION['Auth_id'] . "')";
if ($_SESSION['rid'] == 2) { $statusCondition = ''; $statusflag = ' o.status, '; } $query = "SELECT o.id, o.order_no,{$statusflag} u.first_name, DATE_FORMAT(o.created_date , " . SHORT_DATE_WITHTIME . " ) as order_date,o.credit, o.created_by FROM `[x]order` o ,`[x]user` u WHERE o.created_by = u.id " . $extra . " {$statusCondition} ORDER BY o.id desc"; $tpl->AssignValue("qry", $query); } $q = new splitResults($query); $orders[] = ''; if (isset($_GET['page']) && $_GET['page'] != 1) { $i = ($_GET['page'] - 1) * 10 + 1; } else { $i = 1; } $count = 0; if (Num($q->out)) { $tpl->Zone("export", "enabled"); while ($r = FetchAssoc($q->out)) { $r['slno'] = $i; if ($i % 2 == 0) { $r['class'] = "two"; } else { $r['class'] = "one"; } $r['fname'] = $order->getordermadeby($r['id'], 'name'); $status = $order->getstatusname($order->getcurrentorderstatus($r['id'])); $order_status = $order->getcurrentorderstatus($r['id']); if ($order_status == 8 || $order_status == 9 || $order_status == 10) { $r['display'] = "block"; } else { $r['display'] = "none";
extract($_POST); if (!isset($new_password) && !isset($password_confirm)) { if (empty($email)) { enqueueMsg("Enter your email address"); } else { if (empty($name)) { enqueueMsg("Enter your name"); } else { Query("UPDATE admin_user SET full_name = '" . Encode($name) . "', email = '" . Encode($email) . "' WHERE id = '" . Encode($_SESSION['S_ID']) . "'"); enqueueMsg("Profile has been updated successfully!", "success"); } } } else { if (isset($new_password) && isset($password_confirm)) { $r = Query("SELECT * FROM admin_user WHERE id = '" . Encode($_SESSION['S_ID']) . "' AND password = '******'"); if (Num($r) > 0) { if ($new_password != $password_confirm) { enqueueMsg("Password and confirm password does not match!"); } else { Query("UPDATE admin_user SET password = '******' WHERE id = '" . Encode($_SESSION['S_ID']) . "'"); enqueueMsg("Your password has been updated successfully!", "success"); } } else { enqueueMsg("Invalid old Password!"); } } } } include 'header.php'; ?> <div>
<?php include_once '../inc/config.inc.php'; $page_title = 'Login'; $msg = deQueueMsg(); if (!empty($_POST)) { extract($_POST); if (empty($username)) { enqueueMsg("Enter Username", "error"); } else { $res = Query("SELECT * FROM admin_user WHERE user_name = '" . Encode($username) . "' AND password = '******' AND is_deleted = 'N'"); if (Num($res) > 0) { $o = GetObj($res); if ($o->is_active == 'N') { enqueueMsg("This is not an active user, please contact system administrator to activate!", "error"); } else { $_SESSION["S_login"] = "******"; $_SESSION["S_ID"] = $o->id; $_SESSION["S_username"] = $o->user_name; $_SESSION["S_full_name"] = $o->full_name; $_SESSION["S_email"] = $o->email; header("location:dashboard.php"); exit; } } else { enqueueMsg("Invalid User Name/Password!", "error"); } } } if ($msg == '') { //$msg = displayMsg('Please login with your Username and Password.');