예제 #1
0
    function change_order_data()
    {
        $result = array();
        global $auth;
        $order_id = intval($_REQUEST['order_id']);
        if (!$order_id) {
            return array('mess' => 'no order id', 'result' => false);
        }
        require_once CLASSPATH . 'ps_country.php';
        $db = new ps_DB();
        $db->query('SELECT COUNT(*) AS cnt FROM address_log WHERE order_id = "' . $order_id . '"');
        $db->next_record();
        if (!$db->f('cnt')) {
            // записали авторские данные
            $sql = 'SELECT first_name, phone_1, address_1, country, state, zip, user_email FROM jos_vm_order_user_info
				WHERE order_id = "' . $order_id . '"';
            $db->query($sql);
            $db->next_record();
            $country = new ps_country();
            $dbc = $country->get_country_by_code($db->f('country'));
            $country_name = $dbc->f('country_name');
            $dbc = $country->get_state_by_code($db->f('state'), $db->f('country'));
            $state_name = $dbc->f('state_name');
            $sql = 'INSERT INTO address_log (order_id, first_name, phone_1, address_1, country, state, zip, user_email, user_id, date)
					VALUES (
					"' . $order_id . '",
					"' . mysql_escape_string($db->f('first_name')) . '",
					"' . mysql_escape_string($db->f('phone_1')) . '",
					"' . mysql_escape_string($db->f('address_1')) . '",
					"' . mysql_escape_string($country_name) . '",
					"' . mysql_escape_string($state_name) . '",
					"' . mysql_escape_string($db->f('zip')) . '",
					"' . mysql_escape_string($db->f('user_email')) . '",
					"0",
					NOW())';
            $db->query($sql);
        }
        // апдейтнули
        $sql = 'UPDATE jos_vm_order_user_info SET
			first_name = "' . mysql_escape_string($_REQUEST['first_name']) . '",
			phone_1 = "' . mysql_escape_string($_REQUEST['phone_1']) . '",
			address_1 = "' . mysql_escape_string($_REQUEST['address_1']) . '",
			country = "' . mysql_escape_string($_REQUEST['country']) . '",
			state = "' . mysql_escape_string($_REQUEST['state']) . '",
			zip = "' . mysql_escape_string($_REQUEST['zip']) . '",
			user_email = "' . mysql_escape_string($_REQUEST['user_email']) . '"
			WHERE order_id = "' . mysql_escape_string($_REQUEST['order_id']) . '"';
        $db = new ps_DB();
        $db->query($sql);
        // записали ещё раз
        $sql = 'SELECT first_name, phone_1, address_1, country, state, zip, user_email FROM jos_vm_order_user_info
				WHERE order_id = "' . $order_id . '"';
        $db->query($sql);
        $db->next_record();
        $country = new ps_country();
        $dbc = $country->get_country_by_code($db->f('country'));
        $country_name = $dbc->f('country_name');
        $dbc = $country->get_state_by_code($db->f('state'), $db->f('country'));
        $state_name = $dbc->f('state_name');
        $sql = 'INSERT INTO address_log (order_id, first_name, phone_1, address_1, country, state, zip, user_email, user_id, date)
			VALUES (
			"' . $order_id . '",
			"' . mysql_escape_string($db->f('first_name')) . '",
			"' . mysql_escape_string($db->f('phone_1')) . '",
			"' . mysql_escape_string($db->f('address_1')) . '",
			"' . mysql_escape_string($country_name) . '",
			"' . mysql_escape_string($state_name) . '",
			"' . mysql_escape_string($db->f('zip')) . '",
			"' . mysql_escape_string($db->f('user_email')) . '",
			"' . mysql_escape_string($auth['user_id']) . '",
			NOW())';
        $db->query($sql);
        $result['mess'] = 'OK';
        $result['result'] = true;
        return $result;
    }
예제 #2
0
			  		    <td width="65%" align="left"><?php 
            switch ($field->name) {
                case 'country':
                    $country = new ps_country();
                    $dbc = $country->get_country_by_code($dbt->f($field->name));
                    $country_id = $dbt->f($field->name);
                    //if ($dbc !== false)
                    //    echo $dbc->f('country_name');
                    $ps_html = new ps_html();
                    $onchange = "onchange=\"changeStateList();\"";
                    $ps_html->list_country("country", $country_id, "id=\"country_field\" {$onchange}");
                    break;
                case 'state':
                    $country = new ps_country();
                    $state = $dbt->f($field->name);
                    $dbc = $country->get_state_by_code($state, $country_id);
                    //if ($dbc !== false)
                    //   echo $dbc->f('state_name');
                    echo $ps_html->dynamic_state_lists("country", "state", $country_id, $state);
                    break;
                default:
                    $fieldvalue = $dbt->f($field->name);
                    if (0) {
                        echo "&nbsp;";
                    } else {
                        echo '<input type="text" name="' . $field->name . '" value="' . htmlspecialchars($fieldvalue) . '" class="order_user_filed">';
                    }
                    break;
            }
            ?>
			  		    </td>