?> </b></td> </tr> <?php } else { ?> <tr class="Stil1"> <td><?php echo $VM_LANG->_($field->title) ? $VM_LANG->_($field->title) : $field->title; ?> :</td> <td><?php switch ($field->name) { case 'country': require_once CLASSPATH . 'ps_country.php'; $country = new ps_country(); $dbc = $country->get_country_by_code($dbst->f($field->name)); if ($dbc !== false) { echo $dbc->f('country_name'); } break; default: echo $dbst->f($field->name); break; } ?> </td> </tr> <?php } ?>
function change_order_data() { $result = array(); global $auth; $order_id = intval($_REQUEST['order_id']); if (!$order_id) { return array('mess' => 'no order id', 'result' => false); } require_once CLASSPATH . 'ps_country.php'; $db = new ps_DB(); $db->query('SELECT COUNT(*) AS cnt FROM address_log WHERE order_id = "' . $order_id . '"'); $db->next_record(); if (!$db->f('cnt')) { // записали авторские данные $sql = 'SELECT first_name, phone_1, address_1, country, state, zip, user_email FROM jos_vm_order_user_info WHERE order_id = "' . $order_id . '"'; $db->query($sql); $db->next_record(); $country = new ps_country(); $dbc = $country->get_country_by_code($db->f('country')); $country_name = $dbc->f('country_name'); $dbc = $country->get_state_by_code($db->f('state'), $db->f('country')); $state_name = $dbc->f('state_name'); $sql = 'INSERT INTO address_log (order_id, first_name, phone_1, address_1, country, state, zip, user_email, user_id, date) VALUES ( "' . $order_id . '", "' . mysql_escape_string($db->f('first_name')) . '", "' . mysql_escape_string($db->f('phone_1')) . '", "' . mysql_escape_string($db->f('address_1')) . '", "' . mysql_escape_string($country_name) . '", "' . mysql_escape_string($state_name) . '", "' . mysql_escape_string($db->f('zip')) . '", "' . mysql_escape_string($db->f('user_email')) . '", "0", NOW())'; $db->query($sql); } // апдейтнули $sql = 'UPDATE jos_vm_order_user_info SET first_name = "' . mysql_escape_string($_REQUEST['first_name']) . '", phone_1 = "' . mysql_escape_string($_REQUEST['phone_1']) . '", address_1 = "' . mysql_escape_string($_REQUEST['address_1']) . '", country = "' . mysql_escape_string($_REQUEST['country']) . '", state = "' . mysql_escape_string($_REQUEST['state']) . '", zip = "' . mysql_escape_string($_REQUEST['zip']) . '", user_email = "' . mysql_escape_string($_REQUEST['user_email']) . '" WHERE order_id = "' . mysql_escape_string($_REQUEST['order_id']) . '"'; $db = new ps_DB(); $db->query($sql); // записали ещё раз $sql = 'SELECT first_name, phone_1, address_1, country, state, zip, user_email FROM jos_vm_order_user_info WHERE order_id = "' . $order_id . '"'; $db->query($sql); $db->next_record(); $country = new ps_country(); $dbc = $country->get_country_by_code($db->f('country')); $country_name = $dbc->f('country_name'); $dbc = $country->get_state_by_code($db->f('state'), $db->f('country')); $state_name = $dbc->f('state_name'); $sql = 'INSERT INTO address_log (order_id, first_name, phone_1, address_1, country, state, zip, user_email, user_id, date) VALUES ( "' . $order_id . '", "' . mysql_escape_string($db->f('first_name')) . '", "' . mysql_escape_string($db->f('phone_1')) . '", "' . mysql_escape_string($db->f('address_1')) . '", "' . mysql_escape_string($country_name) . '", "' . mysql_escape_string($state_name) . '", "' . mysql_escape_string($db->f('zip')) . '", "' . mysql_escape_string($db->f('user_email')) . '", "' . mysql_escape_string($auth['user_id']) . '", NOW())'; $db->query($sql); $result['mess'] = 'OK'; $result['result'] = true; return $result; }
/** * Validates the input values before updating an item * * @param arry $d The _REQUEST array * @return boolean True on success, false on failure */ function validate_update(&$d) { global $vmLogger, $VM_LANG; $db = new ps_DB(); if (!$d["tax_rate_id"]) { $vmLogger->err($VM_LANG->_('VM_TAX_ERR_UPDATE_SELECT')); return False; } /** if (!$d["tax_state"]) { $vmLogger->err( 'You must enter a state or region for this tax rate.' ); return False; */ if (empty($d["tax_country"])) { $vmLogger->err($VM_LANG->_('VM_TAX_ERR_COUNTRY')); return False; } require_once CLASSPATH . 'ps_country.php'; $ps_country = new ps_country(); $country_db = $ps_country->get_country_by_code($d["tax_country"]); if ($country_db === false) { $vmLogger->err($VM_LANG->_('VM_TAX_ERR_COUNTRY_NOTEXIST')); return false; } if (empty($d["tax_rate"])) { $vmLogger->err($VM_LANG->_('VM_TAX_ERR_TAXRATE')); return False; } $d["tax_rate"] = floatval(str_replace(',', '.', $d['tax_rate'])); if ($d["tax_rate"] > 1.0) { $d["tax_rate"] = $d["tax_rate"] / 100; } return True; }
?> :</td> <td width="65%" align="left"><?php switch ($field->name) { case 'country': $country = new ps_country(); $dbc = $country->get_country_by_code($dbt->f($field->name)); $country_id = $dbt->f($field->name); //if ($dbc !== false) // echo $dbc->f('country_name'); $ps_html = new ps_html(); $onchange = "onchange=\"changeStateList();\""; $ps_html->list_country("country", $country_id, "id=\"country_field\" {$onchange}"); break; case 'state': $country = new ps_country(); $state = $dbt->f($field->name); $dbc = $country->get_state_by_code($state, $country_id); //if ($dbc !== false) // echo $dbc->f('state_name'); echo $ps_html->dynamic_state_lists("country", "state", $country_id, $state); break; default: $fieldvalue = $dbt->f($field->name); if (0) { echo " "; } else { echo '<input type="text" name="' . $field->name . '" value="' . htmlspecialchars($fieldvalue) . '" class="order_user_filed">'; } break; }