function place_temp_order($in_str, $price) { //global $b_row; if (session_id() == '') { return false; } // cannot place order if there is no session! $blocks = explode(',', $in_str); $quantity = sizeof($blocks) * (BLK_WIDTH * BLK_HEIGHT); $now = gmdate("Y-m-d H:i:s"); // preserve ad_id & block info... $sql = "SELECT ad_id, block_info FROM temp_orders WHERE session_id='" . addslashes(session_id()) . "' "; $result = mysql_query($sql) or die(mysql_error()); $row = mysql_fetch_array($result); $ad_id = $row['ad_id']; $block_info = addslashes($row['block_info']); // DAYS_EXPIRE comes form load_banner_constants() $sql = "REPLACE INTO `temp_orders` ( `session_id` , `blocks` , `order_date` , `price` , `quantity` , `days_expire`, `banner_id` , `currency` , `date_stamp` , `ad_id`, `block_info` ) VALUES ('" . addslashes(session_id()) . "', '" . $in_str . "', '" . $now . "', '0', '" . $quantity . "', '" . DAYS_EXPIRE . "', '" . $_REQUEST['BID'] . "', '" . get_default_currency() . "', '{$now}', '{$ad_id}', '{$block_info}' );"; mds_log('Placed Temp order. ' . $sql); mysql_query($sql) or die(mysql_error()); }
function update_blocks_with_ad($ad_id, $user_id) { global $prams; $prams = load_ad_values($ad_id); if ($prams['order_id'] > 0) { $sql = "UPDATE blocks SET alt_text='" . addslashes(get_template_value('ALT_TEXT', 1)) . "', url='" . addslashes(get_template_value('URL', 1)) . "' WHERE order_id='" . $prams['order_id'] . "' AND user_id='" . $user_id . "' "; mysql_query($sql) or die(mysql_error()); mds_log("Updated blocks with ad URL, ALT_TEXT", $sql); } }
function move_block($block_from, $block_to, $banner_id) { # reserve block_to if (!is_block_free($block_to, $banner_id)) { echo "<font color='red'>Cannot move the block - the space chosen is not empty!</font><br>"; return false; } #load block_from $sql = "SELECT * from blocks where block_id='{$block_from}' AND banner_id='{$banner_id}' "; //echo "$sql<br>"; $result = mysql_query($sql) or die(mysql_error()); $source_block = mysql_fetch_array($result); // get the position and check range, do not move if out of range $pos = get_block_position($block_to); //echo "pos is ($block_to): ";print_r($pos); echo "<br>"; $x = $pos['x']; $y = $pos['y']; if ($x === '' || $x > G_WIDTH * BLK_WIDTH || $x < 0) { echo "<b>x is {$x}</b><br>"; return false; } if ($y === '' || $y > G_HEIGHT * BLK_HEIGHT || $y < 0) { echo "<b>y is {$y}</b><br>"; return false; } $sql = "REPLACE INTO `blocks` ( `block_id` , `user_id` , `status` , `x` , `y` , `image_data` , `url` , `alt_text`, `file_name`, `mime_type`, `approved`, `published`, `banner_id`, `currency`, `price`, `order_id`, `click_count`, `ad_id`) VALUES ('{$block_to}', '" . $source_block['user_id'] . "' , '" . $source_block['status'] . "' , '" . $x . "' , '" . $y . "' , '" . $source_block['image_data'] . "' , '" . addslashes($source_block['url']) . "' , '" . addslashes($source_block['alt_text']) . "', '" . $source_block['file_name'] . "', '" . $source_block['mime_type'] . "', '" . $source_block['approved'] . "', '" . $source_block['published'] . "', '" . $banner_id . "', '" . $source_block['currency'] . "', '" . $source_block['price'] . "', '" . $source_block['order_id'] . "', '" . $source_block['click_count'] . "', '" . $source_block['ad_id'] . "')"; //echo "<p>$sql</p>"; mds_log("Moved Block - " . $sql); mysql_query($sql) or die(mysql_error()); # delete 'from' block $sql = "DELETE from blocks WHERE block_id='" . $block_from . "' AND banner_id='" . $banner_id . "' "; //echo "<p>$sql</p>"; mysql_query($sql) or die(mysql_error()); mds_log("Deleted block_from - " . $sql); // Update the order record $sql = "SELECT * from orders WHERE order_id='" . $source_block['order_id'] . "' AND banner_id='{$banner_id}' "; //echo "$sql<br>"; $result = mysql_query($sql) or die(mysql_error()); $order_row = mysql_fetch_array($result); $blocks = array(); $new_blocks = array(); $blocks = explode(',', $order_row['blocks']); //print_r($blocks); foreach ($blocks as $item) { //echo "<b>$item - block from: $block_from</b><br>"; if ($block_from == $item) { $item = $block_to; //echo '<b>found!</b>'; } $new_blocks[] = $item; } $sql = "UPDATE orders set blocks='" . implode(',', $new_blocks) . "' WHERE order_id='" . $source_block['order_id'] . "' "; # update the customer's order mysql_query($sql) or die(mysql_error()); mds_log("Updated order - " . $sql); return true; }