} else { if (isLoggedIn() && $_GET['view_id']) { //display order view_id $query = "SELECT id FROM " . $tables['orderlines'] . " WHERE order_id=" . $_GET['view_id']; $result = mysqlQuery($query); $number = 1; while ($result_array = mysql_fetch_array($result)) { echo "<div class='cart_item'>Item #" . $number . "</div>"; displayPreviouslySelectedComponentList($result_array[0], 'cart.php'); echo "<br/>"; $number++; } } else { if (isLoggedIn() && $_GET['edit_id']) { //edit order edit_id displayShippingInfo($_GET['edit_id']); } else { if (isLoggedIn()) { $database = connectToDatabase(); $query = "SELECT *\r\n FROM " . $tables['orders'] . "\r\n WHERE account_id=" . $_SESSION['id'] . " AND placed_date IS NOT NULL"; $result = mysqlQuery($query, $database); $rows = mysql_num_rows($result); if ($rows < 1) { renderError("You have not placed any orders yet."); } else { if ($rows >= 1) { echo "\r\n <table border='1' width='100%'>\r\n <thead>\r\n <tr>\r\n <th><span class='edit_account_table_header'>Shipping Name</span></th>\r\n <th><span class='edit_account_table_header'>Shipping Address</span></th>\r\n <th><span class='edit_account_table_header'>Created Date</span></th>\r\n <th><span class='edit_account_table_header'>Placed Date</span></th>\r\n <th><span class='edit_account_table_header'>Payment Date</span></th>\r\n <th><span class='edit_account_table_header'>Shipped Date</span></th>\r\n <th><span class='edit_account_table_header'>Subtotal</span></th>\r\n <th/>\r\n <th/>\r\n </tr>\r\n </thead><tbody>"; for ($row = 0; $row < $rows; $row++) { $result_array = mysql_fetch_array($result); $name = $result_array['shipping_last_name'] . ", " . $result_array['shipping_first_name'] . " " . $result_array['shipping_middle_initial']; $address = $result_array['shipping_address'] . "<br/>" . $result_array['shipping_city'] . ", " . $result_array['shipping_state'] . " " . $result_array['shipping_zip_code'];
<?php require_once 'utilities.php'; require_once 'header.php'; require_once 'login.php'; require_once 'customer_functions.php'; $_GET = array_map('mysql_real_escape_string', $_GET); $_POST = array_map('mysql_real_escape_string', $_POST); if (isLoggedIn() && $_POST['CO']) { displayShippingInfo($_POST['order_id']); } else { if (isLoggedIn() && $_POST['ship_submit']) { if (!$_POST['last_name']) { renderError("You must enter a last name."); $my_error++; } if (!$_POST['first_name']) { renderError("You must enter a first name."); $my_error++; } if (strlen($_POST['middle_initial']) > 1) { renderError("You may not have more than one letter for middle initial"); $my_error++; } if (!validateZipCode($_POST['zip_code'])) { renderError("error"); $my_error++; } if (!$_POST['street_address']) { renderError("error2"); $my_error++;