<?php
if (!($order_id = $_SESSION['order_id']) || !isset($_POST['field']) || !isset($_POST['value']) || !$_POST['value'] || !isset($_POST['id'])) {
die('no order');
}
$id = abs((int) $_POST['id']);
if ($id) {
$result = db_query_to_row("SELECT 1 FROM additional_orders_items WHERE id = {$id} AND order_id = {$order_id}");
if (!empty($result)) {
$field = $_POST['field'];
if (in_array($field, ['width', 'height', 'amount'])) {
$value = abs((int) $_POST['value']);
} elseif (in_array($field, ['hanging', 'material'])) {
if ($field == 'hanging') {
$field = 'ophaeng_id';
} else {
$field = 'material_id';
}
$value = abs((int) $_POST['value']);
} elseif ($field == 'week') {
$field = 'week_number';
$value = htmlspecialchars(trim($_POST['value']));
}
if ($value) {
update_in_db('additional_orders_items', [$field => $value], "id = {$id} AND order_id = {$order_id}");
}
}
}
<?php
if (!($order_id = $_SESSION['order_id']) || !isset($_SESSION['user'])) {
header('location: /');
exit;
}
import('checkout');
$full_price = 0;
if ($campaign_orders = get_campaign_orders($order_id)) {
$full_price += get_campaign_order_total_price($order_id, $campaign_orders);
}
if ($banner_orders = get_additional_orders_by_type($order_id, 1)) {
$full_price += get_additional_order_total_price($banner_orders, 1);
}
if ($poster_orders = get_additional_orders_by_type($order_id, 2)) {
$full_price += get_additional_order_total_price($poster_orders, 2);
}
if ($rollup_orders = get_additional_orders_by_type($order_id, 3)) {
$full_price += get_additional_order_total_price($rollup_orders, 3);
}
update_in_db('orders', array('total_price' => $full_price, 'status' => 1), "user_id = {$_SESSION['user']['id']} AND id = {$order_id}");
unset($_SESSION['order_id']);
header('location: /test/orders');
exit;
}
$valid_count = 7;
} else {
$valid_count = 6;
}
if (count($insert) == $valid_count) {
$insert_array[] = $insert;
}
}
//inserting order details to db
insert_multi_to_db('additional_orders_items', $insert_array);
$week_number = isset($_POST['week_number']) ? esc(htmlspecialchars(strip_tags(trim($_POST['week_number'])))) : 1;
if (empty($weeks)) {
insert_to_db('orders_weeks', array('order_id' => $order_id, 'week_number' => $week_number, 'type' => $type_key));
} else {
update_in_db('orders_weeks', array('week_number' => $week_number), 'id = ' . $weeks['id']);
}
$_SESSION['order_id'] = $order_id;
header('location: /test/checkout');
exit;
}
import('store');
import('checkout');
$template_name = 'additional_' . $type;
// if user clicked last button getting last order details and showing last order template
if ('last' == get_url_param(3)) {
$additional_orders = get_last_additional_banner_order($_SESSION['user']['id'], $type_key);
if ($additional_orders) {
$template_name .= '_last';
} else {
header('location: /test/additional/' . $type);
<?php
if (!($order_id = $_SESSION['order_id']) || !isset($_POST['week']) || !isset($_POST['type'])) {
die('no order');
}
$type = abs((int) $_POST['type']);
$week = htmlspecialchars(trim($_POST['week']));
if ($week) {
update_in_db('orders_weeks', array('week_number' => $week), "type = {$type} AND order_id = {$order_id}");
}
if ($sku) {
$command .= " -c " . escapeshellarg($sku);
}
if ($debug) {
$command .= " --debug";
}
$filename = str_replace(" ", "-", $title);
$filename = preg_replace("/[^-a-zA-Z0-9]/", "", $filename);
$filename = strtolower($filename) . ".pdf";
header("Content-Type: application/pdf");
header("Content-disposition: attachment; filename={$filename}");
passthru($command);
} else {
if ($_POST['store']) {
store_in_db($db, $title, $subtitle, $url, $sku);
$rowid = $db->lastInsertRowid();
show_id($rowid);
} else {
if ($_POST['update']) {
update_in_db($db, $id, $title, $subtitle, $url, $sku);
show_id($id);
} else {
if ($_POST['delete']) {
delete_from_db($db, $id);
show_id(-1);
} else {
show_id(-1);
}
}
}
}
if (!isset($url[2]) || !($id = abs((int) $url[2]))) {
die('bad link');
}
$store = db_query_to_row("SELECT * FROM `stores` WHERE id = {$id}");
if (!$store) {
die('store not found');
}
import('store');
if (isset($_POST['shop_name'])) {
$update = array();
if (!store_validate($update)) {
$error_msg = 'All fields must be filled';
} else {
$hanging_methods = $update['hanging_methods'];
unset($update['hanging_methods']);
if (update_in_db('stores', $update, '`id`=' . $id)) {
delete_from_db('stores_hanging_methods', '`store_id`=' . $id);
$store_hanging_methods = array();
foreach ($hanging_methods as $value) {
$store_hanging_methods[] = array('store_id' => $id, 'hanging_method_id' => $value);
}
insert_multi_to_db('stores_hanging_methods', $store_hanging_methods);
$_SESSION['edit_store_msg'] = 'Store Successfully Updated';
header('location: /store/edit/' . $id);
die;
}
}
}
$hanging_methods = get_hanging_methods();
$store_hanging_methods = db_query_to_list('SELECT `hanging_method_id` FROM `stores_hanging_methods` WHERE `store_id`=' . $id, 'hanging_method_id');
$template = set_template('store', 'edit');
