approve_product_new.php

通达OA部分源代码

<?php 
include_once"logincheck.php";
include_once"myconnect.php";

if( isset($_REQUEST["sb_id"]) && ($_REQUEST["sb_id"] != 0) )//&& isset($_REQUEST["sbapp"]) )
{		
	$sb_id=$_REQUEST["sb_id"];
	
//		$sbq_res="select * from sbbleads_offers where sb_id=$sb_id";
//		$sbrow_res=mysql_fetch_array(mysql_query($sbq_res));

			$sbmsg_part="approved";
//			$sb_approved='yes';
			$sbfail_msg='approve';

		$query_ope="update sbbleads_products set sb_approved='yes', sb_new='no' where sb_id=$sb_id";
//		die($query_ope);
		$rs_ope=mysql_query($query_ope);
		if(mysql_affected_rows() == 1)
		{
			//SENDING MAIL TO MEMBER////////////////////////
		$sbq_res="select * from sbbleads_products where sb_id=$sb_id";
		$sbrow_res=mysql_fetch_array(mysql_query($sbq_res));
		
		$sbq_mem="select * from sbbleads_members where sb_id=".$sbrow_res["sb_uid"];
		$sbrow_mem=mysql_fetch_array(mysql_query($sbq_mem));
				
		$rs_con=mysql_fetch_array(mysql_query("select * from sbbleads_config where sb_id=1"));
		$sb_null_char=$rs_con["sb_null_char"];
		$login_url=$rs_con["sb_site_root"]."/signin.php";
		$sb_offer_url=$rs_con["sb_site_root"]."/view_product?id=$sb_id";

//Reads email to be sebt
		$sbq_mail="SELECT * FROM sbbleads_mails where sb_mailid=2";
		$sbrs_mail=mysql_query($sbq_mail);
		if ( $sbrow_mail=mysql_fetch_array($sbrs_mail)  )
  		{
			$from =$sbrow_mail["sb_fromid"];
			$to = $sbrow_mem["sb_email"];
			$subject =$sbrow_mail["sb_subject"];
		    $header="From:" . $from . "\r\n" ."Reply-To:". $from  ;

			$body=str_replace("%email%", $sbrow_mem["sb_email"],str_replace("%password%",$sbrow_mem["sb_password"],str_replace("%lname%", $sbrow_mem["sb_lastname"],str_replace("%fname%",$sbrow_mem["sb_firstname"],str_replace("%username%",$sbrow_mem["sb_username"], $sbrow_mail["sb_mail"]) )))); 
				
			$body=str_replace("%signup_url%",$sb_null_char,str_replace("%login_url%",$login_url,$body));

		 	$body=str_replace("%message_text%",$sb_null_char,str_replace("%message_title%",$sb_null_char,str_replace("%sender_username%",$sb_null_char,str_replace("%message_date%",$sb_null_char,$body))));	
 
 			$body=str_replace("%visitor_name%",$sb_null_char,$body);
		
			$body=str_replace("%offer_title%",$sbrow_res["sb_title"],str_replace("%offer_url%",$sb_offer_url,str_replace("%offer_id%",$sb_id,$body)));
	
			$body=str_replace("%category%",$sb_null_char,$body);
		

	 	if(isset($sbrow_mail["sb_html_format"])&&($sbrow_mail["sb_html_format"]=="yes"))
		{
			$header .= "\r\nMIME-Version: 1.0";
			$header .= "\r\nContent-type: text/html; charset=iso-8859-1\r\n";
//			$body=str_replace("\n","<br>",$body);
		}
	 
 //	echo "--from:-$from----to:-$to---sub:-$subject----head:-$header----";
//	echo "<pre>$body</pre>";
//	 die();
	if( $sbrow_mail["sb_status"]=='yes')
 		mail($to,$subject,$body,$header);
  }

//////-------mail to fav cats but if approval is auto 'coz otherwise it would be unapproved
//////////////////////////////////////////////////////////
/*	$sbq_mail="SELECT * FROM sbbleads_mails where sb_mailid=24";
	$sbrs_mail=mysql_query($sbq_mail);
	if ( ($sbrow_mail=mysql_fetch_array($sbrs_mail))  && ($sbrow_mail['sb_status']=='yes'))
	{
	
		$sbq5_cat="select * from sbbleads_product_cats where sb_offer_id=$sb_id";
		$sbrs5_cat=mysql_query($sbq5_cat);
		$cid_list="-1";
		while($sbrow5_cat=mysql_fetch_array($sbrs5_cat))
			$cid_list.=",".$sbrow5_cat["sb_cid"];
////////----------getting full path ids 
  	$cat_query=mysql_query("Select * from sbbleads_categories where sb_id in ($cid_list)");
	$temp_cid_list=-1;
	while ($rs=mysql_fetch_array($cat_query))
    {
	
    $temp_cid_list .=",".$rs["sb_id"]; 
	$cid=$rs["sb_id"]; 
	
		$cat_query1=mysql_query("Select * from sbbleads_categories where sb_id=" . $cid );
		while ($rs1=mysql_fetch_array($cat_query1))
		{
		$temp_cid_list.="," .$rs1["sb_id"]; 
		$cat_query1=mysql_query("Select * from sbbleads_categories where sb_id=" . $rs1["sb_pid"] );
		}
	}
		
		$cid_list=$temp_cid_list;
//echo "<br>cats----".$temp_cid_list."----<br>";
//die();
//////-----------------------------------------
		$rs_con=mysql_fetch_array(mysql_query("select * from sbbleads_config where sb_id=1"));
		$sb_null_char=$rs_con["sb_null_char"];
		$login_url=$rs_con["sb_site_root"]."/signin.php";
		$sb_offer_url=$rs_con["sb_site_root"]."/view_product?id=$sb_id";
		
					
		$sbuser_id_list="-1";
		$sbq_fav_cat="select * from sbbleads_fav_cats where sb_type='product' and cid in ($cid_list)";
			//echo $sbq_off_cat;
		$sbrs_fav_cat=mysql_query($sbq_fav_cat);
		while($sbrow_fav_cat=mysql_fetch_array($sbrs_fav_cat))
		{
			$sbuser_id_list.=",".$sbrow_fav_cat["mid"];
		}
			
		$sbq3_mem="select * from sbbleads_members where sb_id in ($sbuser_id_list)";
		$sbrs3_mem=mysql_query($sbq3_mem);
		while($sbrow3_mem=mysql_fetch_array($sbrs3_mem))
		{	//send mail 
//////---getting category name only first matching cat for a user
			$sbq1_fav_cat="select * from sbbleads_fav_cats where cid in ($cid_list) and mid=".$sbrow3_mem["sb_id"];
			//echo $sbq_off_cat;
			$sbrs1_fav_cat=mysql_query($sbq1_fav_cat);
			$sbrow_fav_cat=mysql_fetch_array($sbrs1_fav_cat);
			
			$sbq4_cat="select * from sbbleads_categories where sb_id=".$sbrow_fav_cat["cid"];
			//echo $sbq_off_cat;
			$sbrow4_cat=mysql_fetch_array(mysql_query($sbq4_cat));
			$sb_cat_name=$sbrow4_cat["sb_cat_name"];
///////----------------------			
			$from =$sbrow_mail["sb_fromid"];
			$to = $sbrow3_mem["sb_email"];
			$subject =$sbrow_mail["sb_subject"];
			$header="From:" . $from . "\r\n" ."Reply-To:". $from  ;
		
	$body=str_replace("%email%", $sb_null_char,str_replace("%password%",$sb_null_char,str_replace("%lname%", $sbrow3_mem["sb_lastname"],str_replace("%fname%",$sbrow3_mem["sb_firstname"],str_replace("%username%",$sbrow3_mem["sb_username"], $sbrow_mail["sb_mail"]) )))); 
						
	$body=str_replace("%signup_url%",$sb_null_char,str_replace("%login_url%",$login_url,$body));
		
	$body=str_replace("%message_text%",$sb_null_char,str_replace("%message_title%",$sb_null_char,str_replace("%sender_username%",$sb_null_char,str_replace("%message_date%",$sb_null_char,$body))));	
		 
	$body=str_replace("%visitor_name%",$sb_null_char,$body);
				
	$body=str_replace("%offer_title%",$sbrow_res["sb_title"],str_replace("%offer_url%",$sb_offer_url,str_replace("%offer_id%",$sb_id,$body)));
	
	$body=str_replace("%category%",$sb_cat_name,$body);
	
			if(isset($sbrow_mail["sb_html_format"])&&($sbrow_mail["sb_html_format"]=="yes"))
			{
				$header .= "\r\nMIME-Version: 1.0";
				$header .= "\r\nContent-type: text/html; charset=iso-8859-1\r\n";
//				$body=str_replace("\n","<br>",$body);
			}
		 
//		 	echo "--from:-$from----to:-$to---sub:-$subject----head:-$header----";
//			echo "<pre>$body</pre>";
//		 die();
					if( $sbrow_mail["sb_status"]=='yes')
						mail($to,$subject,$body,$header);
		}		//end while sbrow3_mem
//////////////////////////////////////////////////////////
	}	// end if */
///////////----------------------

			header ("Location: products.php?msg=".urlencode("Product catalog has been $sbmsg_part"));
			die();	
		}	
		else	
		{		
			header("Location: products.php?msg=".urlencode("Unable to $sbfail_msg, please try again"));
			die();
		}
}		//end if top most
	//if nothing came
	header("Location: adminhome.php?msg=".urlencode("Invalid operation, denied"));
	die();

?>