function GenerateDDL($name, $attributes, $selectedValue, $valueColum, $displayTextColumn, $query, $extraOption = NULL, $extraOption2 = NULL)
{
$r = Query($query);
$result = "<select name='{$name}' id='{$name}' {$attributes}>";
if ($extraOption !== NULL) {
$selected = $selectedValue == 0 ? 'selected=selected ' : '';
$result .= "<option value='0' {$selected} >{$extraOption}</option>";
}
if ($extraOption2 !== NULL) {
$selected = $selectedValue == -1 ? 'selected=selected ' : '';
$result .= "<option value='-1' {$selected} >{$extraOption2}</option>";
}
if (Num($r) != 0) {
while ($row = mysql_fetch_array($r)) {
if (is_array($selectedValue) && in_array($row[$valueColum], $selectedValue) || $row[$valueColum] == $selectedValue) {
$result .= "<option selected value='" . $row[$valueColum] . "'>" . Decode($row[$displayTextColumn]) . "</option>";
} else {
$result .= "<option value='" . $row[$valueColum] . "'>" . Decode($row[$displayTextColumn]) . "</option>";
}
}
}
$result .= "</select>";
return $result;
}
function IsExist($table, $col, $val, $attr = '')
{
$where = "where `{$col}`='" . Encode($val) . "' ";
if (!empty($attr)) {
$where .= " and {$attr}";
}
$sql = "select `{$col}` from `{$table}` {$where} ";
$rp = Query($sql);
if (Num($rp) > 0) {
return true;
}
return false;
}
function greaterthanRows($from, $where = '', $select = '*', $sort_order = '', $join = '', $group_by = '', $do_paging = "N", $record_per_page = '20', $rewrite_url = false)
{
$order_by = "";
$sqlWhere = "";
$joinSql = "";
if (is_array($select)) {
$select = implode(",", $select);
}
$sqlWhere2 = array();
if (is_array($where) && count($where) > 0) {
foreach ($where as $col => $val) {
$sqlWhere2[] = $col . " >= '" . Encode($val) . "'";
}
} else {
if (!empty($where)) {
$sqlWhere = $where;
}
}
if ($sort_order != "") {
$order_by = "ORDER BY {$sort_order}";
}
if ($group_by != "") {
$group_by = "GROUP BY {$group_by}";
}
if (count($sqlWhere2)) {
$sqlWhere = " WHERE " . implode(' AND ', $sqlWhere2);
}
if (is_array($join) && !empty($join)) {
foreach ($join as $tbl => $con) {
$tmp = explode("|", $tbl);
if (isset($tmp[1])) {
$joinSql .= ' ' . strtoupper($tmp[0]) . ' JOIN ' . $tmp[1] . ' ON ' . $con;
} else {
$joinSql .= ' JOIN ' . $tbl . ' ON ' . $con;
}
}
} else {
if (!empty($join)) {
$joinSql = $join;
}
}
$sql = "SELECT " . $select . " FROM `" . $from . '` ' . $joinSql . " {$sqlWhere} {$group_by} {$order_by}";
//echo $sql; //exit;
if ($do_paging == "Y") {
return customPaging($sql, $record_per_page, $rewrite_url);
} else {
$r = Query($sql);
$num_rows = Num($r);
$data = array();
if ($num_rows > 0) {
while ($o = GetArr($r)) {
array_push($data, $o);
}
}
mysql_data_seek($r, 0);
return array('data' => $data, 'result' => $r, 'total_recs' => $num_rows);
}
}
<?php
include_once 'inc/config.inc.php';
include_once 'inc/class.phpmailer.php';
if ($_SESSION['Auth_user']) {
if (!empty($_POST)) {
$pid = $_POST["pid"];
$chk = 'select * from wishlist where id =' . $pid . ' and user_id = ' . $_SESSION['Auth_id'];
$chk_ret = Query($chk);
$obj_chk = Num($chk_ret);
if ($obj_chk > 0) {
echo "This product already exist in your wishlist";
exit;
} else {
$return = 'select * from product where id =' . $pid;
$ret = Query($return);
if ($ret) {
$i = 1;
$obj = GetArr($ret);
$len = count($obj);
$insert1 = "insert into wishlist( ";
$insert2 = " VALUES ( ";
foreach ($obj as $key => $field) {
if ($i == $len) {
$insert1 .= $key . ",user_id)";
} else {
$insert1 .= $key . ',';
}
if ($i == $len) {
$field1 = mysql_real_escape_string($field);
$insert3 .= "'" . $field1 . "','" . $_SESSION['Auth_id'] . "')";
if ($_SESSION['rid'] == 2) {
$statusCondition = '';
$statusflag = ' o.status, ';
}
$query = "SELECT o.id, o.order_no,{$statusflag} u.first_name, DATE_FORMAT(o.created_date , " . SHORT_DATE_WITHTIME . " ) as order_date,o.credit, o.created_by FROM `[x]order` o ,`[x]user` u WHERE o.created_by = u.id " . $extra . " {$statusCondition} ORDER BY o.id desc";
$tpl->AssignValue("qry", $query);
}
$q = new splitResults($query);
$orders[] = '';
if (isset($_GET['page']) && $_GET['page'] != 1) {
$i = ($_GET['page'] - 1) * 10 + 1;
} else {
$i = 1;
}
$count = 0;
if (Num($q->out)) {
$tpl->Zone("export", "enabled");
while ($r = FetchAssoc($q->out)) {
$r['slno'] = $i;
if ($i % 2 == 0) {
$r['class'] = "two";
} else {
$r['class'] = "one";
}
$r['fname'] = $order->getordermadeby($r['id'], 'name');
$status = $order->getstatusname($order->getcurrentorderstatus($r['id']));
$order_status = $order->getcurrentorderstatus($r['id']);
if ($order_status == 8 || $order_status == 9 || $order_status == 10) {
$r['display'] = "block";
} else {
$r['display'] = "none";
extract($_POST);
if (!isset($new_password) && !isset($password_confirm)) {
if (empty($email)) {
enqueueMsg("Enter your email address");
} else {
if (empty($name)) {
enqueueMsg("Enter your name");
} else {
Query("UPDATE admin_user SET full_name = '" . Encode($name) . "', email = '" . Encode($email) . "' WHERE id = '" . Encode($_SESSION['S_ID']) . "'");
enqueueMsg("Profile has been updated successfully!", "success");
}
}
} else {
if (isset($new_password) && isset($password_confirm)) {
$r = Query("SELECT * FROM admin_user WHERE id = '" . Encode($_SESSION['S_ID']) . "' AND password = '******'");
if (Num($r) > 0) {
if ($new_password != $password_confirm) {
enqueueMsg("Password and confirm password does not match!");
} else {
Query("UPDATE admin_user SET password = '******' WHERE id = '" . Encode($_SESSION['S_ID']) . "'");
enqueueMsg("Your password has been updated successfully!", "success");
}
} else {
enqueueMsg("Invalid old Password!");
}
}
}
}
include 'header.php';
?>
<div>
<?php
include_once '../inc/config.inc.php';
$page_title = 'Login';
$msg = deQueueMsg();
if (!empty($_POST)) {
extract($_POST);
if (empty($username)) {
enqueueMsg("Enter Username", "error");
} else {
$res = Query("SELECT * FROM admin_user WHERE user_name = '" . Encode($username) . "' AND password = '******' AND is_deleted = 'N'");
if (Num($res) > 0) {
$o = GetObj($res);
if ($o->is_active == 'N') {
enqueueMsg("This is not an active user, please contact system administrator to activate!", "error");
} else {
$_SESSION["S_login"] = "******";
$_SESSION["S_ID"] = $o->id;
$_SESSION["S_username"] = $o->user_name;
$_SESSION["S_full_name"] = $o->full_name;
$_SESSION["S_email"] = $o->email;
header("location:dashboard.php");
exit;
}
} else {
enqueueMsg("Invalid User Name/Password!", "error");
}
}
}
if ($msg == '') {
//$msg = displayMsg('Please login with your Username and Password.');
