orders.php

全新且完善的强大网上商店系统

<?php
/*
  [SOOBIC!] admin/orders.php 

	Version: 1.5
	Author: Soolan (soolan@qq.com)
	Copyright: soolan (www.soobic.com)
	Last Modified: 2005/4/17 18:032

*/

if(!defined('IN_SOOBIC')) {
        exit('Access Denied');
}

cpheader();

include ("admin/languages/".$language."/orders.php");

$orders_statuses = array();
$orders_status_array = array();
$orders_status_query = $db->query("select orders_status_id, orders_status_name from $table_orders_status where language_id = '" . (int)$languages_id . "'");
while ($orders_status = $db->fetch_array($orders_status_query)) {
    $orders_statuses[] = array('id' => $orders_status['orders_status_id'],
                               'text' => $orders_status['orders_status_name']);
    $orders_status_array[$orders_status['orders_status_id']] = $orders_status['orders_status_name'];
}
$error = false;
$processed = false;

if ($action) {
  switch($action){
     case 'update':
        $order_updated = false;
        $check_status_query = $db->query("select customers_name, customers_id, customers_email_address, orders_status, date_purchased from $table_orders where orders_id = '" . (int)$oID . "'");
        $check_status = $db->fetch_array($check_status_query);


        if ( ($check_status['orders_status'] != $new_orders_status) || tep_not_null($comments) || tep_not_null($do_member_mark)) {
            $db->query("update $table_orders set orders_status = '" . ($new_orders_status) . "', last_modified = now() where orders_id = '" . (int)$oID . "'");

            $customer_notified = '0';
            if (isset($HTTP_POST_VARS['notify']) && ($HTTP_POST_VARS['notify'] == 'on')) {
                $notify_comments = '';
                if (isset($HTTP_POST_VARS['notify_comments']) && ($HTTP_POST_VARS['notify_comments'] == 'on')) {
                    $notify_comments = sprintf(EMAIL_TEXT_COMMENTS_UPDATE, $comments) . "\n\n";
                }

                $email = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . tep_catalog_href_link('account_history_info.php', 'order_id=' . $oID, 'SSL') . "\n" . EMAIL_TEXT_DATE_ORDERED . ' ' . tep_date_long($check_status['date_purchased']) . "\n\n" . $notify_comments.EMAIL_TEXT_STATUS_UPDATE.$orders_status_array[$new_orders_status];

                tep_mail($check_status['customers_name'], $check_status['customers_email_address'], EMAIL_TEXT_SUBJECT, $email, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);

                $customer_notified = '1';
            }
            
            $db->query("insert into $table_orders_status_history (orders_id, orders_status_id, date_added, customer_notified, comments) values ('" . (int)$oID . "', '" . ($new_orders_status) . "', now(), '" . safe_input($customer_notified) . "', '" . safe_input($comments)  . "')");
            $orders_status_history_id=$db->insert_id();
            
            if(tep_not_null($do_member_mark) && tep_not_null($oID)){
                include('admin/includes/order.php');
								$order = new order($oID);
								$do_member_mark=($do_member_mark==1) ? 1 : 0;
								$order->totals[0]['value'];
								$nt_credit=(is_numeric(NT_TO_TOTAL_MARK) && NT_TO_TOTAL_MARK>0) ? NT_TO_TOTAL_MARK : '10';
								$member_get_mark=round($order->totals[0]['value']/$nt_credit);
								if($do_member_mark==1){
								   $db->query("update $table_customers set credit=credit+$member_get_mark where customers_id='".$check_status['customers_id']."'");
								   $db->query("update $table_orders_status_history set total_mark='1' where orders_status_history_id='$orders_status_history_id'");
								}else{
								   $db->query("update $table_customers set credit=credit-$member_get_mark where customers_id='".$check_status['customers_id']."'");
								   $db->query("update $table_orders_status_history set total_mark='0' where orders_status_history_id='$orders_status_history_id'");
								}
								
            }else{
                if($member_mark_status!=''){
                   $db->query("update $table_orders_status_history set total_mark='$member_mark_status' where orders_status_history_id='$orders_status_history_id'");
                }
            }
            
            $order_updated = true;
        }

        if ($order_updated == true) {
            $messageStack->add_session('orders',SUCCESS_ORDER_UPDATED, 'success');
        } else {
            $messageStack->add_session('orders',WARNING_ORDER_NOT_UPDATED, 'warning');
        }

        tep_redirect(tep_href_link('admincp.php', tep_get_all_get_params(array('action')) . 'act=orders&type=edit&oID='.$oID));
        break;
     case 'delete': 
        $order_id = tep_db_prepare_input($HTTP_GET_VARS['oID']);
        if ($restock == 'on') {
            $order_query = $db->query("select products_id, products_quantity from $table_orders_products where orders_id = '" . (int)$order_id . "'");
            while ($order = $db->fetch_array($order_query)) {
                $db->query("update $table_products set products_quantity = products_quantity + " . $order['products_quantity'] . ", products_ordered = products_ordered - " . $order['products_quantity'] . " where products_id = '" . (int)$order['products_id'] . "'");
           }
        }
        $db->query("delete from $table_orders where orders_id = '" . (int)$order_id . "'");
        $db->query("delete from $table_orders_products where orders_id = '" . (int)$order_id . "'");
        $db->query("delete from $table_orders_products_attributes where orders_id = '" . (int)$order_id . "'");
        $db->query("delete from $table_orders_status_history where orders_id = '" . (int)$order_id . "'");
        $db->query("delete from $table_orders_total where orders_id = '" . (int)$order_id . "'");

				cpmsg("Soobic!提示 此订单已成功删除。",tep_href_link('admincp.php', 'act=orders&page=' . $HTTP_GET_VARS['page'])); 
     break;      
     default:
  }
}

if($type){
  switch($type){
     case 'search':
        $orders_statuses = '<select name="status_id">';
        $orders_status_array = array();
        $query = $db->query("select orders_status_id, orders_status_name from $table_orders_status where language_id = '" . (int)$languages_id . "' order by orders_status_id");
        while ($orders_status = $db->fetch_array($query)) {
						 $orders_statuses.= '<option value="'.$orders_status['orders_status_id'].'" >' .$orders_status['orders_status_name']. '</option>';
        }
        $orders_statuses.= '</select>';
?>
<br><form method="post" action="<?=tep_href_link('admincp.php','act=orders')?>">
<table cellspacing="0" cellpadding="0" border="0" width="80%" align="center">
<tr><td bgcolor="<?=BORDERCOLOR?>">
<table border="0" cellspacing="<?=BORDERWIDTH?>" cellpadding="<?=TABLESPACE?>" width="100%">

<tr><td class="header" colspan="2">搜索订单</td></tr>

<tr><td bgcolor="<?=ALTBG1?>">订单号包含：</td>
<td align="right" bgcolor="<?=ALTBG2?>"><input type="text" name="orders_id" size="40"></td></tr>

<tr><td bgcolor="<?=ALTBG1?>">订单状态：</td>
<td align="right" bgcolor="<?=ALTBG2?>"><?=$orders_statuses?></td></tr>


<tr><td bgcolor="<?=ALTBG1?>">顾客名包含：</td>
<td align="right" bgcolor="<?=ALTBG2?>"><input type="text" name="customers_name" size="40"></td></tr>

<tr><td bgcolor="<?=ALTBG1?>">顾客email包含：</td>
<td align="right" bgcolor="<?=ALTBG2?>"><input type="text" name="customers_email" size="40"></td></tr>


</table></td></tr></table><br><center>
<input type="submit" name="searchsubmit" value="搜索订单"> &nbsp; </center></form>
<?         
     break;
		 case 'delete':
?>
<br><br><br><br><br><br><table cellspacing="0" cellpadding="0" border="0" width="80%" align="center">
<tr><td bgcolor="<?=BORDERCOLOR?>"><table border="0" cellspacing="<?=BORDERWIDTH?>" cellpadding="<?=TABLESPACE?>" width="100%">
<tr class="header"><td>Soobic! 提示</td></tr><tr><td bgcolor="<?=ALTBG2?>" align="center">
<table border="0" width="90%" cellspacing="0" cellpadding="0"><tr><td width="100%" align="center">
<form method="post" action="<?=tep_href_link('admincp.php','act=orders&page='.$page.'&oID='.$oID.'&action=delete')?>"><br><br><br>本操作不可恢复，您确定要删除该订单？<br><br><br>
<?=TEXT_INFO_RESTOCK_PRODUCT_QUANTITY?><input type="checkbox" name="restock" value="on"><br><br>
<input type="submit" name="confirmed" value="确 定"> &nbsp; 
<input type="button" value="返 回" onClick="history.go(-1);"></form><br><br>
</td></tr></table></td></tr></table></td></tr></table><br><br><br>
<?				 
		 break;
     case 'edit':
         include('admin/includes/order.php');
         $oID = addslashes($HTTP_GET_VARS['oID']);

         $query = $db->query("select orders_id from $table_orders where orders_id = '" . (int)$oID . "'");
         $order_exists = true;
         if (!$db->num_rows($query)) {
             $order_exists = false;
             $messageStack->add(sprintf(ERROR_ORDER_DOES_NOT_EXIST, $oID), 'error');
         }
         if (($type == 'edit') && ($order_exists == true)) {
             $order = new order($oID);

if ($messageStack->size('orders') > 0) {
    $message_all=$messageStack->output('orders');
}

if (is_array($message_all)) {
?>
<br>
<table border="0" cellspacing="0" cellpadding="0" width="95%" align="center">
<tr><td bgcolor="<?=BORDERCOLOR?>"><table border="0" cellspacing="<?=BORDERWIDTH?>" cellpadding="<?=TABLESPACE?>" width="100%">
<tr bgcolor="<?=ALTBG1?>"><td><table border="0" cellspacing="0" cellpadding="0" width="<?=TABLEWIDTH?>"  align="center">
<?
foreach($message_all as $key=>$value){
?>
<tr><td style="color:red"><?=$value['text']?></td></tr>
<?php
  }
?>
</table></td></tr></table></td></tr></table>
<?	
	}
?>

<br>
<table cellspacing="0" cellpadding="0" border="0" width="95%" align="center">
<tr><td bgcolor="<?=BORDERCOLOR?>">
<table border="0" cellspacing="<?=BORDERWIDTH?>" cellpadding="<?=TABLESPACE?>" width="100%">
<tr class="header"><td>特别提示</td></tr>
<tr bgcolor="<?=ALTBG1?>"><td><table border="0" width="100%" cellspacing="0" cellpadding="2">
<tr><td><li>给顾客留言且将通知顾客框打钩将会发送email到此顾客的邮箱</td>

<td align="right"><?php echo '<a href="' . tep_href_link('admincp.php', 'act=orders&action='.$action.'&page='.$page) . '" class="bold">'.IMAGE_BACK.'</a>'; ?></td>

</tr></table></td></tr></table></td></tr></table>
<br>

<table cellspacing="0" cellpadding="0" border="0" width="95%" align="center">
<tr><td bgcolor="<?=BORDERCOLOR?>"> 
<table border="0" cellspacing="<?=BORDERWIDTH?>" cellpadding="<?=TABLESPACE?>" width="100%" style="word-break:break-all;"> 
<tr class="header" align="center">
<td align="left"><?=ENTRY_CUSTOMER; echo $order->customer['name']?></td>
</tr>	
<tr>
<td bgcolor="<?=ALTBG1?>" valign="top">
<table cellspacing="0" cellpadding="0" border="0" width="100%" align="center">
<tr align="left"><td width="60%"><?php echo '<li>'.$order->customer['country_name'].'&nbsp;&nbsp;'.$order->customer['state'].'&nbsp;&nbsp;'.$order->customer['city'].'&nbsp;&nbsp;'.$order->customer['suburb'].'<br>';  ?></td><td align="left"><?php echo '<li>电邮：'.$order->customer['email_address'];?></td></tr>
<tr align="left"><td><?php echo '<li>详细地址：'.$order->customer['street_address'];?></td><td><?php echo '<li>邮编：'.$order->customer['postcode'];?></td></tr>
<tr align="left"><td><?php echo '<li>电话：'.$order->customer['tel_regular'];?></td><td><?php echo '<li>手机：'.$order->customer['tel_mobile'];?></td></tr>
</table></td></tr></table></td></tr></table>

<table cellspacing="0" cellpadding="0" border="0" width="95%" align="center">
<tr><td bgcolor="<?=BORDERCOLOR?>"> 
<table border="0" cellspacing="<?=BORDERWIDTH?>" cellpadding="<?=TABLESPACE?>" width="100%" style="word-break:break-all;"> 
<tr class="header" align="center">
<td align="left"><?=ENTRY_SHIPPING_ADDRESS; echo $order->delivery['name'].$order->delivery['lastname']?></td>
</tr>	
<tr>
<td bgcolor="<?=ALTBG1?>" valign="top">
<table cellspacing="0" cellpadding="0" border="0" width="100%" align="center">
<tr align="left"><td width="60%"><?php echo '<li>'.$order->delivery['country_name'].'&nbsp;&nbsp;'.$order->delivery['state'].'&nbsp;&nbsp;'.$order->delivery['city'].'&nbsp;&nbsp;'.$order->delivery['suburb'].'<br>';  ?></td><td align="left"></td></tr>
<tr align="left"><td><?php echo '<li>详细地址：'.$order->delivery['street_address'];?></td><td><?php echo '<li>邮编：'.$order->delivery['postcode'];?></td></tr>
<tr align="left"><td><?php echo '<li>电话：'.$order->delivery['tel_regular'];?></td><td><?php echo '<li>手机：'.$order->delivery['tel_mobile'];?></td></tr>
</table></td></tr></table></td></tr></table>

<table cellspacing="0" cellpadding="0" border="0" width="95%" align="center">
<tr><td bgcolor="<?=BORDERCOLOR?>"> 
<table border="0" cellspacing="<?=BORDERWIDTH?>" cellpadding="<?=TABLESPACE?>" width="100%" style="word-break:break-all;"> 
<tr class="header" align="center">
<td align="left"><?=ENTRY_BILLING_ADDRESS; echo $order->delivery['name'].$order->delivery['lastname']?></td>
</tr>	
<tr>
<td bgcolor="<?=ALTBG1?>" valign="top">
<table cellspacing="0" cellpadding="0" border="0" width="100%" align="center">
<tr align="left"><td width="60%"><?php echo '<li>'.$order->billing['country_name'].'&nbsp;&nbsp;'.$order->billing['state'].'&nbsp;&nbsp;'.$order->billing['city'].'&nbsp;&nbsp;'.$order->billing['suburb'].'<br>';  ?></td><td align="left"></td></tr>
<tr align="left"><td><?php echo '<li>详细地址：'.$order->billing['street_address'];?></td><td><?php echo '<li>邮编：'.$order->billing['postcode'];?></td></tr>
<tr align="left"><td><?php echo '<li>电话：'.$order->billing['tel_regular'];?></td><td><?php echo '<li>手机：'.$order->billing['tel_mobile'];?></td></tr>
</table></td></tr></table></td></tr></table>
<br>