public function dataView($id)
{
$student = new student();
$result = $student->getviewData($id);
$view_form = new display();
$view = $view_form->view_student($result);
return $view;
}
function dataDropdown($name, $id, $currentValue, $sql)
{
include "test_lib_m.php";
$objThis_S = new data();
$q_data = $objThis_S->getData($sql = $sql);
include "test_lib_v.php";
$objThis_V = new display();
$tmpX = $objThis_V->showBox($name = $name, $id = $id, $q_query = $q_data, $currentValue = $currentValue);
return $tmpX;
}
/**
* Отображение списка логов
* @param string $type тип логов
* @param string $sort сортировка
* @return null
*/
protected function show($type = null, $sort = null)
{
tpl::o()->assign('curtype', $type);
$orderby = '';
if ($sort) {
$sort = explode(",", $sort);
$c = count($sort);
for ($i = 0; $i < $c; $i += 2) {
if (!$this->orderby[$sort[$i]]) {
continue;
}
$orderby .= ($orderby ? ', ' : '') . "`" . $this->orderby[$sort[$i]] . "` " . ($sort[$i + 1] ? "asc" : "desc");
}
}
if (!$orderby) {
$orderby = 'l.`time` DESC';
}
$count = db::o()->p($type)->count_rows("logs", $type ? 'type=?' : "");
list($pages, $limit) = display::o()->pages($count, config::o()->v('table_perpage'), 'switch_logs_page', 'page', 5, true);
$r = db::o()->p($type)->query('SELECT l.*, u.username, u.group, u2.username AS tusername, u2.group AS tgroup
FROM logs AS l LEFT JOIN users AS u ON u.id=l.byuid LEFT JOIN users AS u2 ON u2.id=l.touid
' . ($type ? ' WHERE l.type=?' : "") . '
' . ($orderby ? ' ORDER BY ' . $orderby : "") . '
' . ($limit ? ' LIMIT ' . $limit : ""));
tpl::o()->assign('res', db::o()->fetch2array($r));
tpl::o()->assign('log_types', $this->types);
tpl::o()->assign('pages', $pages);
tpl::o()->display('admin/logs/index.tpl');
}
/**
* Функция получения возраста пользователя
* @param int $birthdate дата рождения
* @return int возраст пользователя
*/
public function get_age($birthdate)
{
display::o()->time_diff($birthdate);
$age = explode('.', date('Y.m.d', $birthdate));
$current = explode('.', date('Y.m.d', time()));
return $current[0] - $age[0] - ($age[1] > $current[1] || $age[1] == $current[1] && $age[2] > $current[2] ? 1 : 0);
}
/**
* Отображение списка обратной связи
* @param string $sort сортировка
* @param string $type тип
* @return null
*/
protected function show($sort = null, $type = '')
{
$orderby = '';
if ($sort) {
$sort = explode(",", $sort);
$c = count($sort);
for ($i = 0; $i < $c; $i += 2) {
if (!$this->orderby[$sort[$i]]) {
continue;
}
$orderby .= ($orderby ? ', ' : '') . "`" . $this->orderby[$sort[$i]] . "` " . ($sort[$i + 1] ? "asc" : "desc");
}
}
if (!$orderby) {
$orderby = 'f.`time` DESC';
}
$where = $type ? 'f.type=?' : "";
$count = db::o()->p($type)->as_table('f')->count_rows("feedback", $where);
list($pages, $limit) = display::o()->pages($count, config::o()->v('table_perpage'), 'switch_feedback_page', 'page', 5, true);
$r = db::o()->p($type)->query('SELECT f.*, u.username, u.group
FROM feedback AS f LEFT JOIN users AS u ON u.id=f.uid
' . ($where ? ' WHERE ' . $where : "") . '
' . ($orderby ? ' ORDER BY ' . $orderby : "") . '
' . ($limit ? ' LIMIT ' . $limit : ""));
tpl::o()->assign('res', db::o()->fetch2array($r));
tpl::o()->assign('pages', $pages);
tpl::o()->assign('type', $type);
tpl::o()->display('admin/feedback/index.tpl');
}
/**
* @package chamilo.survey
* @author Arnaud Ligot <*****@*****.**>
* @version $Id: $
*
* A small peace of code to enable user to access images included into survey
* which are accessible by non authenticated users. This file is included
* by document/download.php
*/
function check_download_survey($course, $invitation, $doc_url)
{
require_once 'survey.lib.php';
// Getting all the course information
$_course = CourseManager::get_course_information($course);
$course_id = $_course['real_id'];
// Database table definitions
$table_survey = Database::get_course_table(TABLE_SURVEY);
$table_survey_question = Database::get_course_table(TABLE_SURVEY_QUESTION);
$table_survey_question_option = Database::get_course_table(TABLE_SURVEY_QUESTION_OPTION);
$table_survey_invitation = Database::get_course_table(TABLE_SURVEY_INVITATION);
// Now we check if the invitationcode is valid
$sql = "SELECT * FROM {$table_survey_invitation}\n\t WHERE\n\t c_id = {$course_id} AND\n\t invitation_code = '" . Database::escape_string($invitation) . "'";
$result = Database::query($sql);
if (Database::num_rows($result) < 1) {
Display::display_error_message(get_lang('WrongInvitationCode'), false);
Display::display_footer();
exit;
}
$survey_invitation = Database::fetch_assoc($result);
// Now we check if the user already filled the survey
if ($survey_invitation['answered'] == 1) {
Display::display_error_message(get_lang('YouAlreadyFilledThisSurvey'), false);
Display::display_footer();
exit;
}
// Very basic security check: check if a text field from a survey/answer/option contains the name of the document requested
// Fetch survey ID
// If this is the case there will be a language choice
$sql = "SELECT * FROM {$table_survey}\n\t WHERE\n\t c_id = {$course_id} AND\n\t code='" . Database::escape_string($survey_invitation['survey_code']) . "'";
$result = Database::query($sql);
if (Database::num_rows($result) > 1) {
if ($_POST['language']) {
$survey_invitation['survey_id'] = $_POST['language'];
} else {
echo '<form id="language" name="language" method="POST" action="' . api_get_self() . '?course=' . $_GET['course'] . '&invitationcode=' . $_GET['invitationcode'] . '">';
echo ' <select name="language">';
while ($row = Database::fetch_assoc($result)) {
echo '<option value="' . $row['survey_id'] . '">' . $row['lang'] . '</option>';
}
echo '</select>';
echo ' <input type="submit" name="Submit" value="' . get_lang('Ok') . '" />';
echo '</form>';
display::display_footer();
exit;
}
} else {
$row = Database::fetch_assoc($result);
$survey_invitation['survey_id'] = $row['survey_id'];
}
$sql = "SELECT count(*)\n\t FROM {$table_survey}\n\t WHERE\n\t c_id = {$course_id} AND\n\t survey_id = " . $survey_invitation['survey_id'] . " AND (\n title LIKE '%{$doc_url}%'\n or subtitle LIKE '%{$doc_url}%'\n or intro LIKE '%{$doc_url}%'\n or surveythanks LIKE '%{$doc_url}%'\n )\n\t\t UNION\n\t\t SELECT count(*)\n\t\t FROM {$table_survey_question}\n\t\t WHERE\n\t\t c_id = {$course_id} AND\n\t\t survey_id = " . $survey_invitation['survey_id'] . " AND (\n survey_question LIKE '%{$doc_url}%'\n or survey_question_comment LIKE '%{$doc_url}%'\n )\n\t\t UNION\n\t\t SELECT count(*)\n\t\t FROM {$table_survey_question_option}\n\t\t WHERE\n\t\t c_id = {$course_id} AND\n\t\t survey_id = " . $survey_invitation['survey_id'] . " AND (\n option_text LIKE '%{$doc_url}%'\n )";
$result = Database::query($sql);
if (Database::num_rows($result) == 0) {
Display::display_error_message(get_lang('WrongInvitationCode'), false);
Display::display_footer();
exit;
}
return $_course;
}
function showremscfrompgcatid()
{
$catlist = $this->getPGCategories();
$prodcodes = new products();
$prodcodelist = $prodcodes->getProductCodeList();
display::header();
pgdisplay::remfromcat($prodcodelist, $catlist);
}
static function getPanels()
{
$pa = Panel::cacheTags('panels')->remember(1440)->get();
$panel_list = array();
foreach ($pa as $panel) {
$panel_list[$panel->slot] = array('img' => $panel->img, 'text' => $panel->text, 'link' => $panel->link, 'title' => $panel->title, 'updated_at' => display::formatDate($panel->updated_at));
}
return $panel_list;
}
/**
* Функция для инициализации блока
* @return null
*/
public function init()
{
$content = $this->settings['content'];
if ($this->settings['type'] == 'bbcode') {
$content = bbcodes::o()->format_text($content);
} else {
$content = display::o()->html_decode($content);
}
print $content;
}
/**
* Добавление/редактирование доп. полей
* @param string $id имя поля
* @return null
*/
protected function add($id = null)
{
if ($id) {
$r = db::o()->p($id)->query('SELECT * FROM users_fields WHERE field=? LIMIT 1');
$row = db::o()->fetch_assoc($r);
if ($row['allowed']) {
$values = @unserialize($row['allowed']);
}
tpl::o()->assign('row', $row);
}
if (!$values) {
$values = array('', '');
}
/* @var $uf userfields */
$uf = n("userfields");
tpl::o()->assign('types', array_keys($uf->get_var('types')));
tpl::o()->assign('types_array', display::o()->array_export_to_js($uf->get_var('types')));
tpl::o()->assign('values', $values);
tpl::o()->display('admin/userfields/add.tpl');
}
</head>
<body>
<?php
include "../../settings.php";
include "../../language/{$cfg_language}";
include "../../classes/db_functions.php";
include "../../classes/security_functions.php";
include "../../classes/form.php";
include "../../classes/display.php";
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Admin', $lang);
$display = new display($dbf->conn, $cfg_theme, $cfg_currency_symbol, $lang);
if (!$sec->isLoggedIn()) {
header("location: ../../login.php");
exit;
}
//set default values, these will change if $action==update.
$supplier_value = '';
$address_value = '';
$phone_number_value = '';
$contact_value = '';
$email_value = '';
$other_value = '';
$id = -1;
//decides if the form will be used to update or add a user.
if (isset($_GET['action'])) {
$action = $_GET['action'];
include "../settings.php";
include "../language/{$cfg_language}";
include "../classes/db_functions.php";
include "../classes/security_functions.php";
include "../classes/display.php";
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Report Viewer', $lang);
if (!$sec->isLoggedIn()) {
header("location: ../login.php");
exit;
}
if (isset($_GET['sale_id'])) {
$sale_id = $_GET['sale_id'];
$customer_id = $_GET['sale_customer_id'];
$sale_date = $_GET['sale_date'];
$temp_first_name = $dbf->idToField("{$cfg_tableprefix}" . 'customers', 'first_name', $customer_id);
$temp_last_name = $dbf->idToField("{$cfg_tableprefix}" . 'customers', 'last_name', $customer_id);
$sale_customer_name = $temp_first_name . ' ' . $temp_last_name;
}
$display = new display($dbf->conn, $cfg_theme, $cfg_currency_symbol, $lang);
$display->displayTitle("{$lang->saleDetails}");
$tableheaders = array("{$lang->rowID}", "{$lang->itemName}", "{$lang->brand}", "{$lang->category}", "{$lang->supplier}", "{$lang->quantityPurchased}", "{$lang->unitPrice}", "{$lang->totalItemCost}");
$tablefields = array('id', 'item_id', 'brand_id', 'category_id', 'supplier_id', 'quantity_purchased', 'item_unit_price', 'item_total_cost');
$display->displayReportTable("{$cfg_tableprefix}", 'sales_items', $tableheaders, $tablefields, 'sale_id', "{$sale_id}", '', '', 'id', "{$sale_customer_name}<br>{$sale_date}<br><br>Items in sale<br>");
?>
</body>
</html>
</head>
<body>
<?php
include "../settings.php";
include "../language/{$cfg_language}";
include "../classes/db_functions.php";
include "../classes/security_functions.php";
include "../classes/form.php";
include "../classes/display.php";
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Admin', $lang);
$display = new display($dbf->conn, $cfg_theme, $cfg_currency_symbol, $lang);
if (!$sec->isLoggedIn()) {
header("location: ../login.php");
exit;
}
//set default values, these will change if $action==update.
$paid_with_value = '';
$comment_value = '';
$id = -1;
//decides if the form will be used to update or add a user.
$display->displayTitle("Update Sale");
if (isset($_GET['id'])) {
$id = $_GET['id'];
$tablename = "{$cfg_tableprefix}" . 'sales';
$result = mysql_query("SELECT * FROM {$tablename} WHERE id=\"{$id}\"", $dbf->conn);
$row = mysql_fetch_assoc($result);
/**
* Assign a layout to the $title. Child pages without a layout assigned will inherit this setting
* @param string $title
*/
function SetLayout()
{
global $gp_index, $gp_titles, $langmessage, $gpLayouts;
$index = $_POST['index'];
$title = common::IndexToTitle($index);
if (!$title) {
message($langmessage['OOPS']);
return;
}
$this->title = $title;
$layout = $_POST['layout'];
if (!isset($gpLayouts[$layout])) {
message($langmessage['OOPS']);
return;
}
if (!common::verify_nonce('use_' . $layout)) {
message($langmessage['OOPS']);
return;
}
//unset, then reset if needed
unset($gp_titles[$index]['gpLayout']);
$currentLayout = display::OrConfig($index, 'gpLayout');
if ($currentLayout != $layout) {
$gp_titles[$index]['gpLayout'] = $layout;
}
if (!admin_tools::SavePagesPHP()) {
message($langmessage['OOPS'] . '(3)');
return false;
}
message($langmessage['SAVED']);
}
<body>
<?php
include "../settings.php";
include "../language/{$cfg_language}";
include "../classes/db_functions.php";
include "../classes/security_functions.php";
include "../classes/display.php";
include "../classes/form.php";
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Sales Clerk', $lang);
if (!$sec->isLoggedIn()) {
header("location: ../login.php");
exit;
}
$display = new display($dbf->conn, $cfg_theme, $cfg_currency_symbol, $lang);
$display->displayTitle("{$lang->manageCustomers}");
$f1 = new form('manage_customers.php', 'POST', 'customers', '450', $cfg_theme, $lang);
$f1->createInputField("<b>{$lang->searchForCustomer}</b>", 'text', 'search', '', '24', '150');
$option_values2 = array('first_name', 'last_name', 'account_number', 'id');
$option_titles2 = array("{$lang->firstName}", "{$lang->lastName}", "{$lang->accountNumber}", 'ID');
$f1->createSelectField("<b>{$lang->searchBy}</b>", 'searching_by', $option_values2, $option_titles2, 100);
$f1->endForm();
$tableheaders = array("{$lang->rowID}", "{$lang->lastName}", "{$lang->firstName}", "{$lang->accountNumber}", "{$lang->phoneNumber}", "{$lang->email}", "{$lang->streetAddress}", "{$lang->commentsOrOther}", "{$lang->updateCustomer}", "{$lang->deleteCustomer}");
$tablefields = array('id', 'last_name', 'first_name', 'account_number', 'phone_number', 'email', 'street_address', 'comments');
if (isset($_POST['search'])) {
$search = $_POST['search'];
$searching_by = $_POST['searching_by'];
echo "<center>{$lang->searchedForItem}: <b>{$search}</b> {$lang->searchBy} <b>{$searching_by}</b></center>";
$display->displayManageTable("{$cfg_tableprefix}", 'customers', $tableheaders, $tablefields, "{$searching_by}", "{$search}", 'last_name');
} else {
/**
* Функция для превращения имени пользователя в ссылку
* @param string $text имя пользователя либо HTML текст
* @param string $subtext имя пользователя
* @param bool $bbcode BBCode?
* @return string HTML код ссылки
*/
function smarty_user_link($text, $subtext = "", $bbcode = false)
{
if (!$subtext) {
if (!users::o()->check_login($text)) {
$gr = users::o()->get_group(users::o()->find_group('guest'));
$subtext = $gr["name"];
}
}
$quote = display::o()->html_encode('"');
$aopen = $bbcode ? '[url=' . $quote : "<a class='profile_link' href='";
$aopen2 = $bbcode ? $quote . ']' : "'>";
$aclose = $bbcode ? '[/url]' : '</a>';
return (users::o()->perm('profile') ? $aopen . furl::o()->construct("users", array("user" => !$subtext ? $text : $subtext)) . $aopen2 : "") . $text . (users::o()->perm('profile') ? $aclose : "");
}
/**
* Метод обработки параметров для ЧПУ контента
* @param string $param имя параметра
* @param mixed $value значение параметра
* @return string часть ЧПУ
*/
protected function content_furl_rules($param, $value)
{
switch ($param) {
//case "attr" :
// return $value;
case "year":
case "month":
case "day":
return (preg_match('/^\\$([1-3])$/siu', $value) ? $value : longval($value)) . '/';
case "act":
return $value;
case "id":
return "-id" . longval($value);
break;
case "cid":
return "-cid" . longval($value);
break;
case "title":
return display::o()->translite($value, 100);
break;
case "cat":
return $value . "/";
case "comments_page":
case "page":
return "page" . $value;
default:
return;
break;
}
}
/**
* Получение объекта класса
* @return display $this
*/
public static function o()
{
if (!self::$o) {
$cn = __CLASS__;
$c = n($cn, true);
self::$o = new $c();
}
return self::$o;
}
<body>
<?php
include "../settings.php";
include "../language/{$cfg_language}";
include "../classes/db_functions.php";
include "../classes/security_functions.php";
include "../classes/display.php";
include "../classes/form.php";
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Admin', $lang);
if (!$sec->isLoggedIn()) {
header("location: ../login.php");
exit;
}
$display = new display($dbf->conn, $cfg_theme, $cfg_currency_symbol, $lang);
$display->displayTitle("{$lang->manageItems}");
$f1 = new form('manage_items.php', 'POST', 'items', '400', $cfg_theme, $lang);
$f1->createInputField("<b>{$lang->searchForItemBy}</b>", 'text', 'search', '', '24', '150');
$option_values2 = array('item_name', 'item_number', 'id', 'quantity', 'supplier_catalogue_number');
$option_titles2 = array("{$lang->itemName}", "{$lang->itemNumber}", 'ID', "{$lang->quantityStock}", "{$lang->supplierCatalogue}");
$f1->createSelectField("<b>{$lang->searchBy}</b>", 'searching_by', $option_values2, $option_titles2, 100);
$f1->endForm();
echo "<a href='manage_items.php?outofstock=go'>{$lang->showOutOfStock}</a><br>";
echo "<a href='manage_items.php?reorder=go'>{$lang->showReorder}</a>";
$tableheaders = array("{$lang->rowID}", "{$lang->itemName}", "{$lang->itemNumber}", "{$lang->description}", "{$lang->brand}", "{$lang->category}", "{$lang->supplier}", "{$lang->buyingPrice}", "{$lang->sellingPrice}", "{$lang->tax} {$lang->percent}", "{$lang->finalSellingPricePerUnit}", "{$lang->quantityStock}", "{$lang->reorderLevel}", "{$lang->supplierCatalogue}", "{$lang->updateItem}", "{$lang->deleteItem}");
$tablefields = array('id', 'item_name', 'item_number', 'description', 'brand_id', 'category_id', 'supplier_id', 'buy_price', 'unit_price', 'tax_percent', 'total_cost', 'quantity', 'reorder_level', 'supplier_catalogue_number');
if (isset($_POST['search'])) {
$search = $_POST['search'];
$searching_by = $_POST['searching_by'];
echo "<center>{$lang->searchedForItem}: <b>{$search}</b> {$lang->searchBy} <b>{$searching_by}</b></center>";
function editOrder($a, $items, $pageNav)
{
global $mainframe, $mosConfig_list_limit, $mosConfig_absolute_path;
display::header();
$cid = JRequest::getVar('cid', array(0), '', 'array');
$edit = $cid != array(0);
$text = $edit ? JText::_('Edit') : JText::_('New');
JToolBarHelper::title(JText::_("SimpleCaddy {$text}"), 'generic.png');
JToolBarHelper::save('save', 'Save');
JToolBarHelper::apply();
if ($edit) {
// for existing items the button is renamed `close`
JToolBarHelper::cancel('cancel', 'Close');
} else {
JToolBarHelper::cancel();
}
$cfg = new sc_configuration();
$currency = $cfg->get("currency");
$tsep = $cfg->get("thousand_sep");
$decsep = $cfg->get("decimal_sep");
$decs = $cfg->get("decimals");
$align = $cfg->get("curralign");
// before amount==1
// hardcoded fields from old simplecaddy <1.7
$standardfields = array("name", "email", "address", "codepostal", "city", "telephone", "ipaddress");
$statuses = explode("\n", $cfg->get("ostatus"));
?>
<form method="post" name="adminForm" action="index2.php">
<table class="adminform" width="100%"><tr><th class="title"><?php
echo JText::_('SC_ORDER');
?>
</th><th><?php
echo $a->id;
?>
</th></tr>
<tr>
<td width="185"><?php
echo JText::_('SC_DATE');
?>
</td>
<td>
<?php
echo date("d-m-Y H:i:s", $a->orderdt);
?>
</td>
</tr>
<tr>
<td width="185"><?php
echo JText::_('SC_USERID');
?>
</td>
<td><?php
echo $a->j_user_id;
?>
</td>
</tr>
<tr>
<td width="185"><?php
echo JText::_('SC_NAME');
?>
</td>
<td><?php
echo $a->name;
?>
</td>
</tr>
<tr>
<td width="185"><?php
echo JText::_('SC_EMAIL');
?>
</td>
<td><?php
echo "<a href='mailto:{$a->email}'>{$a->email}</a>";
?>
</td>
</tr>
<tr>
<td width="185"><?php
echo JText::_('SC_ADDRESS');
?>
</td>
<td>
<?php
echo $a->address;
?>
</td>
</tr>
<tr>
<td width="185"><?php
echo JText::_('SC_ZIPCODE');
?>
</td>
<td>
<?php
echo $a->codepostal;
?>
</td>
</tr>
<tr>
<td width="185"><?php
echo JText::_('SC_CITY');
?>
</td>
<td>
<?php
echo $a->city;
?>
</td>
</tr>
<tr>
<td width="185"><?php
echo JText::_('SC_PHONE');
?>
</td>
<td>
<?php
echo $a->telephone;
?>
</td>
</tr>
<tr>
<td width="185"><?php
echo JText::_('SC_IP_ADDRESS');
?>
</td>
<td>
<?php
$iplink = ' <a href="http://whois.domaintools.com/' . $a->ipaddress . '" target="_blank" class="scbutton">' . JText::_("SC_CHECKIP") . "</a>";
echo $a->ipaddress;
echo $iplink;
?>
<input type="hidden" name="ipaddress" value="<?php
echo $a->ipaddress;
?>
" />
</td>
</tr>
<tr>
<td width="185"><?php
echo JText::_('SC_SHIP_REGION');
?>
</td>
<td>
<?php
echo $a->shipRegion;
?>
</td>
</tr>
<tr>
<td width="185"><?php
echo JText::_('SC_SHIP_COST');
?>
</td>
<td>
<?php
if ($align == 1) {
echo $currency . " ";
}
echo number_format($a->shipCost, $decs, $decsep, $tsep);
if ($align == 0) {
echo " " . $currency;
}
?>
</td>
</tr>
<tr>
<td width="185"><?php
echo JText::_('SC_SUBTOTAL');
?>
</td>
<td>
<?php
if ($align == 1) {
echo $currency . " ";
}
echo number_format($a->total, $decs, $decsep, $tsep);
if ($align == 0) {
echo " " . $currency;
}
?>
</td>
</tr>
<tr>
<td width="185"><?php
echo JText::_('SC_TAX');
?>
</td>
<td>
<?php
if ($align == 1) {
echo $currency . " ";
}
echo number_format($a->tax, $decs, $decsep, $tsep);
if ($align == 0) {
echo " " . $currency;
}
?>
</td>
</tr>
<tr>
<td width="185"><?php
echo JText::_('SC_TOTAL');
?>
</td>
<td>
<?php
if ($align == 1) {
echo $currency . " ";
}
echo number_format($a->total + $a->tax, $decs, $decsep, $tsep);
if ($align == 0) {
echo " " . $currency;
}
?>
</td>
</tr>
<tr>
<td width="185"><?php
echo JText::_('SC_PAYMENT_ID');
?>
</td>
<td>
<?php
echo $a->ordercode;
?>
</td>
</tr>
<?php
if (@$a->customfields) {
echo "<tr><th>" . JText::_('Custom fields') . "</th><th> </th></tr>";
$fields = new fields();
$fieldlist = $fields->getPublishedFieldsArray();
$acfields = unserialize($a->customfields);
foreach ($fieldlist as $key => $cfield) {
if (!in_array($cfield, $standardfields)) {
// show only the fields that are not hardcoded
if (isset($acfields[$cfield])) {
echo "<tr>";
echo "<td width=\"185\">{$cfield}</td>";
echo "<td>" . $acfields[$cfield] . "</td>";
echo "</tr>";
}
}
}
}
?>
<tr>
<td><a href="index.php?option=com_caddy&action=orders&task=email&oid=<?php
echo $a->id;
?>
" class="scbutton"><?php
echo JText::_('Resend order confirmation email');
?>
</a></td>
</tr>
<tr>
<td width="185"><?php
echo JText::_('SC_ORDER_STATUS');
?>
</td>
<td>
<?php
echo "<select name='edtostatus'>";
foreach ($statuses as $status) {
$selected = strtolower($a->status) == strtolower(trim($status)) ? " selected" : "";
echo "<option value='" . trim($status) . "' {$selected}>{$status}</option>\n";
}
echo "</select>";
?>
</td>
</tr>
</table>
<table class="adminlist" width="100%" cellpadding="4" cellspacing="0" border="0" >
<tr><th colspan="7"><?php
echo JText::_('SC_DETAILS');
?>
</th></tr>
<tr>
<th class="title"><?php
echo JText::_('SC_CODE');
?>
</th>
<th class="title"><?php
echo JText::_('SC_QUANTITY');
?>
</th>
<th class="title tdright"><?php
echo JText::_('SC_PRICE_PER_UNIT');
?>
</th>
<th class="title tdright"><?php
echo JText::_('SC_TOTAL');
?>
</th>
<th class="title"><?php
echo JText::_('SC_PRODUCT_NAME');
?>
</th>
<th class="title"><?php
echo JText::_('SC_PRODUCT_OPTION');
?>
</th>
<th class="title"><?php
echo JText::_('SC_ACTION');
?>
</th>
<th class="title"> </th>
</tr>
<?php
$k = 0;
for ($i = 0, $n = count($items); $i < $n; $i++) {
$row =& $items[$i];
?>
<tr class="<?php
echo "row{$k}";
?>
">
<td width="10%">
<?php
echo $row->prodcode;
?>
</td>
<td width="30">
<?php
echo $row->qty;
?>
</td>
<td width="10%" class="tdright">
<?php
echo number_format($row->unitprice, $decs, $decsep, $tsep);
?>
</td>
<td class="tdright">
<?php
echo number_format($row->total, $decs, $decsep, $tsep);
?>
</td>
<td width="40%">
<?php
echo $row->shorttext;
?>
</td>
<td>
<?php
echo $row->option;
?>
</td>
<td>
<?php
echo "<a class=\"scbutton\" href=\"index2.php?option=com_caddy&action=products&task=decstore&pid={$row->prodcode}&qty={$row->qty}&order={$a->id}\">" . JText::_('SC_DECSTORE') . "</a>";
?>
</td>
<td>
</td>
<?php
$k = 1 - $k;
}
?>
</tr>
<?php
$field = JRequest::getVar('field', '');
$order = JRequest::getVar('order', '');
?>
</table>
<input type="hidden" name="id" value="<?php
echo $a->id ? "{$a->id}" : "-1";
?>
">
<input type="hidden" name="option" value="com_caddy" />
<input type="hidden" name="action" value="orders" />
<input type="hidden" name="task" value="" />
<input type="hidden" name="order" value="<?php
echo $order;
?>
" />
<input type="hidden" name="field" value="<?php
echo $field;
?>
" />
<input type="hidden" name="boxchecked" value="0" />
<input type="hidden" name="hidemainmenu" value="0" />
</form>
<?php
}
/**
* Анти-флуд проверка
* @param string $table таблица
* @param string $where условие
* @param array $columns столбецы автора и времени постинга соотв.
* @return null
* @throws EngineException
*/
public function anti_flood($table, $where, $columns = array("poster_id", "posted_time"))
{
if (!is_array($columns) || !config::o()->v('antispam_time')) {
return;
}
list($author, $time_var) = $columns;
$time = time() - config::o()->v('antispam_time');
$lang_var = 'anti_flood_subj';
$uid = users::o()->v('id') ? users::o()->v('id') : -1;
$c = db::o()->no_parse()->query('SELECT `' . $time_var . '` FROM `' . db::table($table) . '` WHERE ' . ($where ? $where . " AND " : "") . '`' . $author . "`=" . $uid . "\n AND `" . $time_var . "` >= " . $time . '
ORDER BY `' . $time_var . '` DESC LIMIT 1');
$c = db::o()->fetch_assoc($c);
if ($c) {
$intrvl_time = display::o()->estimated_time(config::o()->v('antispam_time') + 1, time() - $c[$time_var]);
throw new EngineException($lang_var, $intrvl_time);
}
}
include "../classes/security_functions.php";
include "../classes/display.php";
include "../classes/form.php";
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Report Viewer', $lang);
if (!$sec->isLoggedIn()) {
header("location: ../login.php");
exit;
}
if (isset($_POST['selected_employee'])) {
$selected_employee = $_POST['selected_employee'];
$date_range = $_POST['date_range'];
$dates = explode(':', $date_range);
$date1 = $dates[0];
$date2 = $dates[1];
}
$first_name = $dbf->idToField($cfg_tableprefix . 'users', 'first_name', $selected_employee);
$last_name = $dbf->idToField($cfg_tableprefix . 'users', 'last_name', $selected_employee);
$display_name = $first_name . ' ' . $last_name;
$display = new display($dbf->conn, $cfg_theme, $cfg_currency_symbol, $lang);
$display->displayTitle("{$cfg_company} {$lang->employeeReport}");
$tableheaders = array("{$lang->rowID}", "{$lang->date}", "{$lang->customer}", "{$lang->itemsPurchased}", "{$lang->paidWith}", "{$lang->saleSubTotal}", "{$lang->saleTotalCost}", "{$lang->showSaleDetails}");
$tablefields = array('id', 'date', 'customer_id', 'items_purchased', 'paid_with', 'sale_sub_total', 'sale_total_cost', 'sale_details');
$display->displayReportTable("{$cfg_tableprefix}", 'sales', $tableheaders, $tablefields, 'sold_by', "{$selected_employee}", "{$date1}", "{$date2}", 'date', "{$lang->listOfSaleBy} {$display_name}<br>{$lang->between} {$date1} and {$date2}");
?>
</body>
</html>
/**
* Return the most relevant configuration value for a configuration option ($var)
* Check configuration for a page ($id) first, then parent pages (determined by main menu), then the site $config
*
* @return mixed
*
*/
static function OrConfig($id, $var)
{
global $config, $gp_titles;
if ($id) {
if (!empty($gp_titles[$id][$var])) {
return $gp_titles[$id][$var];
}
if (display::ParentConfig($id, $var, $value)) {
return $value;
}
}
if (isset($config[$var])) {
return $config[$var];
}
return false;
}
$sec = new security_functions($dbf, 'Report Viewer', $lang);
if (!$sec->isLoggedIn()) {
header("location: ../login.php");
exit;
}
if (isset($_POST['date_range'])) {
$date_range = $_POST['date_range'];
$dates = explode(':', $date_range);
$date1 = $dates[0];
$date2 = $dates[1];
$tax_percent = $_POST['selected_tax'];
}
$sales_table = $cfg_tableprefix . 'sales';
$sales_items_table = $cfg_tableprefix . 'sales_items';
$display_name = $tax_percent . '%';
$display = new display($dbf->conn, $cfg_theme, $cfg_currency_symbol, $lang);
$display->displayTitle("{$cfg_company} {$lang->taxReport}");
$tableheaders = array("{$lang->saleID}", "{$lang->itemName}", "{$lang->tax}", "{$lang->saleTotalCost}");
$tablefields = array('sale_id', 'item_id', 'item_total_tax', 'item_total_cost');
$result = mysql_query("SELECT * FROM {$sales_table} WHERE date between \"{$date1}\" and \"{$date2}\" ORDER BY id DESC", $dbf->conn);
$result2 = mysql_query("SELECT * FROM {$sales_table} WHERE date between \"{$date1}\" and \"{$date2}\" ORDER BY id ASC", $dbf->conn);
$row = mysql_fetch_assoc($result);
$high_id = $row['id'];
$row = mysql_fetch_assoc($result2);
$low_id = $row['id'];
$result3 = mysql_query("SELECT * FROM {$sales_items_table} WHERE sale_id BETWEEN \"{$low_id}\" and \"{$high_id}\" ORDER BY id DESC", $dbf->conn);
echo "<center><h4><font color='{$display->list_of_color}'>{$lang->listOfSalesFor} {$display_name}<br>{$lang->between} {$date1} {$lang->and} {$date2}</font></h4></center>";
echo '<hr>';
if (@mysql_num_rows($result) == 0) {
echo "<div align='center'>{$lang->noDataInTable} <b>{$sales_table}</b> {$lang->table}.</div>";
exit;
/**
* Выбор языкового файла
* @param string $name языковой пакет
* @param string $folder выбранная дирректория
* @return null
*/
protected function files($name, $folder = null)
{
display::o()->filechooser(LANGUAGES_PATH, $name, $folder);
}
/**
* Вывод поля конфигурации для данного типа
* @param array $row массив параметров
* @return string html код поля
*/
public function show_type($row)
{
if (!is_array($row) || !$row) {
return null;
}
$type = $row['type'];
$allowed = $row['allowed'];
$name = $row['name'];
$value = display::o()->html_encode($row['value']);
if ($type == 'other') {
$f = self::method_show_prefix . $name;
return $this->call_method($f, array($value));
} elseif ($type == 'radio' || $type == 'select') {
$a = explode(";", $allowed);
$allowed = array();
$c = count($a);
for ($i = 0; $i < $c; $i++) {
if (lang::o()->visset("config_field_" . $name . "_" . $a[$i])) {
$l = lang::o()->v("config_field_" . $name . "_" . $a[$i]);
} else {
$l = lang::o()->v("config_value_" . $a[$i]);
}
$allowed[$a[$i]] = $l;
}
} else {
input::o()->ssize(35);
}
return input::o()->stype($type)->scurrent($value)->skeyed()->standart_types(config_man::config_prefix . $name, $allowed);
}
/**
* Создание условия для выборки всего из данной категории и всех подкатегорий
* @param integer|string $cur имя или ID данной категории
* @param array $cat_row массив верхней категории
* @return string условие, если есть данные
*/
public function condition($cur, &$cat_row = null)
{
if (!$cur) {
return null;
}
if (is_numeric($cur)) {
$cat = (int) $cur;
} else {
$cat = mb_strtolower(display::o()->strip_subpath($cur));
if (preg_match('/^(.*?)\\//siu', $cat, $matches)) {
$cat = $matches[1];
}
}
$c = $this->get($cat);
if (!$c) {
return;
}
$cat_row = array($c['name'], $c['descr'], $c['transl_name'], $c['id']);
$ids = array();
$this->get_children_ids($c['id'], $ids);
$ids[] = $c['id'];
$where = $this->cat_where($ids, true);
return $where;
}
/**
* Finishes parent display then closes div and hides it.
*
* @see \core\progress\display::end_html()
*/
public function end_html()
{
parent::end_html();
echo \html_writer::end_div();
echo \html_writer::script('document.getElementById("' . $this->id . '").style.display = "none"');
}
<head>
</head>
<body>
<?php
include "../settings.php";
include "../language/{$cfg_language}";
include "../classes/db_functions.php";
include "../classes/security_functions.php";
include "../classes/form.php";
include "../classes/display.php";
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Sales Clerk', $lang);
$display = new display($dbf->conn, $cfg_theme, $cfg_currency_symbol, $lang);
if (!$sec->isLoggedIn()) {
header("location: ../login.php");
exit;
}
//set default values, these will change if $action==update.
$first_name_value = '';
$last_name_value = '';
$account_number_value = '';
$phone_number_value = '';
$email_value = '';
$street_address_value = '';
$comments_value = '';
$id = -1;
//decides if the form will be used to update or add a user.
if (isset($_GET['action'])) {
<head>
</head>
<body>
<?php
include "../settings.php";
include "../language/{$cfg_language}";
include "../classes/db_functions.php";
include "../classes/security_functions.php";
include "../classes/form.php";
include "../classes/display.php";
//creates 3 objects needed for this script.
$lang = new language();
$dbf = new db_functions($cfg_server, $cfg_username, $cfg_password, $cfg_database, $cfg_tableprefix, $cfg_theme, $lang);
$sec = new security_functions($dbf, 'Admin', $lang);
$display = new display($dbf->conn, $cfg_theme, $cfg_currency_symbol, $lang);
//checks if user is logged in.
if (!$sec->isLoggedIn()) {
header("location: ../login.php");
exit;
}
$display->displayTitle("{$lang->updateItem}");
if (isset($_GET['item_id']) and isset($_GET['sale_id']) and isset($_GET['row_id'])) {
$item_id = $_GET['item_id'];
$sale_id = $_GET['sale_id'];
$row_id = $_GET['row_id'];
$tablename = "{$cfg_tableprefix}" . 'sales_items';
$result = mysql_query("SELECT * FROM {$tablename} WHERE id=\"{$row_id}\"", $dbf->conn);
$row = mysql_fetch_assoc($result);
$quantity_purchased_value = $row['quantity_purchased'];
$item_unit_price_value = $row['item_unit_price'];
