function place_temp_order($in_str, $price)
{
//global $b_row;
if (session_id() == '') {
return false;
}
// cannot place order if there is no session!
$blocks = explode(',', $in_str);
$quantity = sizeof($blocks) * (BLK_WIDTH * BLK_HEIGHT);
$now = gmdate("Y-m-d H:i:s");
// preserve ad_id & block info...
$sql = "SELECT ad_id, block_info FROM temp_orders WHERE session_id='" . addslashes(session_id()) . "' ";
$result = mysql_query($sql) or die(mysql_error());
$row = mysql_fetch_array($result);
$ad_id = $row['ad_id'];
$block_info = addslashes($row['block_info']);
// DAYS_EXPIRE comes form load_banner_constants()
$sql = "REPLACE INTO `temp_orders` ( `session_id` , `blocks` , `order_date` , `price` , `quantity` , `days_expire`, `banner_id` , `currency` , `date_stamp` , `ad_id`, `block_info` ) VALUES ('" . addslashes(session_id()) . "', '" . $in_str . "', '" . $now . "', '0', '" . $quantity . "', '" . DAYS_EXPIRE . "', '" . $_REQUEST['BID'] . "', '" . get_default_currency() . "', '{$now}', '{$ad_id}', '{$block_info}' );";
mds_log('Placed Temp order. ' . $sql);
mysql_query($sql) or die(mysql_error());
}
function update_blocks_with_ad($ad_id, $user_id)
{
global $prams;
$prams = load_ad_values($ad_id);
if ($prams['order_id'] > 0) {
$sql = "UPDATE blocks SET alt_text='" . addslashes(get_template_value('ALT_TEXT', 1)) . "', url='" . addslashes(get_template_value('URL', 1)) . "' WHERE order_id='" . $prams['order_id'] . "' AND user_id='" . $user_id . "' ";
mysql_query($sql) or die(mysql_error());
mds_log("Updated blocks with ad URL, ALT_TEXT", $sql);
}
}
function move_block($block_from, $block_to, $banner_id)
{
# reserve block_to
if (!is_block_free($block_to, $banner_id)) {
echo "<font color='red'>Cannot move the block - the space chosen is not empty!</font><br>";
return false;
}
#load block_from
$sql = "SELECT * from blocks where block_id='{$block_from}' AND banner_id='{$banner_id}' ";
//echo "$sql<br>";
$result = mysql_query($sql) or die(mysql_error());
$source_block = mysql_fetch_array($result);
// get the position and check range, do not move if out of range
$pos = get_block_position($block_to);
//echo "pos is ($block_to): ";print_r($pos); echo "<br>";
$x = $pos['x'];
$y = $pos['y'];
if ($x === '' || $x > G_WIDTH * BLK_WIDTH || $x < 0) {
echo "<b>x is {$x}</b><br>";
return false;
}
if ($y === '' || $y > G_HEIGHT * BLK_HEIGHT || $y < 0) {
echo "<b>y is {$y}</b><br>";
return false;
}
$sql = "REPLACE INTO `blocks` ( `block_id` , `user_id` , `status` , `x` , `y` , `image_data` , `url` , `alt_text`, `file_name`, `mime_type`, `approved`, `published`, `banner_id`, `currency`, `price`, `order_id`, `click_count`, `ad_id`) VALUES ('{$block_to}', '" . $source_block['user_id'] . "' , '" . $source_block['status'] . "' , '" . $x . "' , '" . $y . "' , '" . $source_block['image_data'] . "' , '" . addslashes($source_block['url']) . "' , '" . addslashes($source_block['alt_text']) . "', '" . $source_block['file_name'] . "', '" . $source_block['mime_type'] . "', '" . $source_block['approved'] . "', '" . $source_block['published'] . "', '" . $banner_id . "', '" . $source_block['currency'] . "', '" . $source_block['price'] . "', '" . $source_block['order_id'] . "', '" . $source_block['click_count'] . "', '" . $source_block['ad_id'] . "')";
//echo "<p>$sql</p>";
mds_log("Moved Block - " . $sql);
mysql_query($sql) or die(mysql_error());
# delete 'from' block
$sql = "DELETE from blocks WHERE block_id='" . $block_from . "' AND banner_id='" . $banner_id . "' ";
//echo "<p>$sql</p>";
mysql_query($sql) or die(mysql_error());
mds_log("Deleted block_from - " . $sql);
// Update the order record
$sql = "SELECT * from orders WHERE order_id='" . $source_block['order_id'] . "' AND banner_id='{$banner_id}' ";
//echo "$sql<br>";
$result = mysql_query($sql) or die(mysql_error());
$order_row = mysql_fetch_array($result);
$blocks = array();
$new_blocks = array();
$blocks = explode(',', $order_row['blocks']);
//print_r($blocks);
foreach ($blocks as $item) {
//echo "<b>$item - block from: $block_from</b><br>";
if ($block_from == $item) {
$item = $block_to;
//echo '<b>found!</b>';
}
$new_blocks[] = $item;
}
$sql = "UPDATE orders set blocks='" . implode(',', $new_blocks) . "' WHERE order_id='" . $source_block['order_id'] . "' ";
# update the customer's order
mysql_query($sql) or die(mysql_error());
mds_log("Updated order - " . $sql);
return true;
}
