示例#1
0
function can_user_order($b_row, $user_id, $package_id = 0)
{
    // check rank
    $sql = "select Rank from users where ID='" . $user_id . "'";
    $result = mysql_query($sql) or die(mysql_error() . $sql);
    $u_row = mysql_fetch_array($result);
    if ($u_row['Rank'] == '2') {
        return true;
    }
    if (banner_get_packages($b_row['banner_id'])) {
        // if user has package, check if the user can order this package
        if ($package_id == 0) {
            // don't know the package id, assume true.
            return true;
        } else {
            return can_user_get_package($user_id, $package_id);
        }
    } else {
        // check againts the banner. (Banner has no packages)
        if ($b_row['max_orders'] > 0) {
            $sql = "SELECT order_id FROM orders where `banner_id`='" . $b_row['banner_id'] . "' and `status` <> 'deleted' and `status` <> 'new' AND user_id='" . $user_id . "'";
            $result = mysql_query($sql) or die(mysql_error() . $sql);
            $count = mysql_num_rows($result);
            if ($count >= $b_row['max_orders']) {
                return false;
            } else {
                return true;
            }
        } else {
            return true;
            // can make unlimited orders
        }
    }
}
    ?>

<p>
<?php 
    show_nav_status(3);
    ?>

</p>
	

	<?php 
    $cannot_get_package = false;
    if ($has_packages && $_REQUEST['pack'] != '') {
        // has packages, and a package was selected...
        // check to make sure this advertiser can order this package
        if (can_user_get_package($_SESSION['MDS_ID'], $_REQUEST['pack'])) {
            $sql = "SELECT quantity FROM temp_orders WHERE session_id='" . addslashes(session_id()) . "'";
            $result = mysql_query($sql) or die(mysql_error() . $sql);
            $row = mysql_fetch_array($result);
            $quantity = $row['quantity'];
            $block_count = $quantity / (BLK_WIDTH * BLK_HEIGHT);
            // Now update the order (overwite the total & days_expire with the package)
            $pack = get_package($_REQUEST['pack']);
            $total = $pack['price'] * $block_count;
            // convert & round off
            $total = convert_to_default_currency($pack['currency'], $total);
            $sql = "UPDATE temp_orders SET package_id='" . $_REQUEST['pack'] . "', price='" . $total . "',  days_expire='" . $pack['days_expire'] . "', currency='" . get_default_currency() . "' WHERE session_id='" . addslashes(session_id()) . "'";
            mysql_query($sql) or die(mysql_error() . $sql);
            $order_row['price'] = $total;
            $order_row['pack'] = $_REQUEST['pack'];
            $order_row['days_expire'] = $pack['days_expire'];