Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Admin Order Number Is not showing in order list!


zeeshop

Recommended Posts

Hi All,

 

I dont know if this is set by default in Oscommerce, but I am sure there must be some fix of this.

In admin section orders are listed in list of order placed.

 

Customer gets email confirmation with order number. and also I recieved order number by email.

 

But in admin order page I dont have any order number on, I recognize orders by customer name and also email confirmation I recieved.

 

On top of order page it showing

"Orders no account!"

 

How can I see order number somewhere on order detail page in admin

 

thanks

 

zee

Link to comment
Share on other sites

when you highlight an order, you can see the order number in the right column, in the header, between the []

 

if you want the order number to be an extra column like the customers name, you will have to hack your code.

:-)

Monika

 

addicted to writing code ... can't get enough of databases either, LOL!

 

my toolbox: Textpad - Compare and Merge - phpMyAdmin - WS_FTP - Photoshop - How to search the forum

 

Interactive Media Award July 2007 ~ category E-Commerce

my advice on the forum is for free, PMs where you send me work are considered consultation which I charge for ...

Link to comment
Share on other sites

post your orders.php

:-)

Monika

 

addicted to writing code ... can't get enough of databases either, LOL!

 

my toolbox: Textpad - Compare and Merge - phpMyAdmin - WS_FTP - Photoshop - How to search the forum

 

Interactive Media Award July 2007 ~ category E-Commerce

my advice on the forum is for free, PMs where you send me work are considered consultation which I charge for ...

Link to comment
Share on other sites

post your orders.php

 

Hi Thanks

Please find this file as you adked. I hope there is no security problem for me in this file.

 

Regards

zee

 

 

<?php

/*

$Id: orders.php,v 1.112 2003/06/29 22:50:52 hpdl Exp $

 

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2003 osCommerce

 

Released under the GNU General Public License

*/

 

require('includes/application_top.php');

 

/* ** GOOGLE CHECKOUT **/

define('STATE_PENDING', "1");

define('STATE_PROCESSING', "2");

define('STATE_DELIVERED', "3");

 

/*

* Function which posts a request to the specified url.

* @param url Url where request is to be posted

* @param merid The merchant ID used for HTTP Basic Authentication

* @param merkey The merchant key used for HTTP Basic Authentication

* @param postargs The post arguments to be sent

* @param message_log An opened log file poitner for appending logs

*/

function send_google_req($url, $merid, $merkey, $postargs, $message_log) {

// Get the curl session object

$session = curl_init($url);

 

$header_string_1 = "Authorization: Basic ".base64_encode($merid.':'.$merkey);

$header_string_2 = "Content-Type: application/xml;charset=UTF-8";

$header_string_3 = "Accept: application/xml;charset=UTF-8";

 

// fwrite($message_log, sprintf("\r\n%s %s %s\n",$header_string_1, $header_string_2, $header_string_3));

// Set the POST options.

curl_setopt($session, CURLOPT_POST, true);

curl_setopt($session, CURLOPT_HTTPHEADER, array($header_string_1, $header_string_2, $header_string_3));

curl_setopt($session, CURLOPT_POSTFIELDS, $postargs);

curl_setopt($session, CURLOPT_HEADER, true);

curl_setopt($session, CURLOPT_RETURNTRANSFER, true);

// Uncomment the following and set the path to your CA-bundle.crt file if SSL verification fails

//curl_setopt($session, CURLOPT_CAINFO, "C:\\Program Files\\xampp\\apache\\conf\\ssl.crt\\ca-bundle.crt");

 

// Do the POST and then close the session

$response = curl_exec($session);

if (curl_errno($session)) {

die(curl_error($session));

} else {

curl_close($session);

}

 

fwrite($message_log, sprintf("\r\n%s\n",$response));

 

// Get HTTP Status code from the response

$status_code = array();

preg_match('/\d\d\d/', $response, $status_code);

 

fwrite($message_log, sprintf("\r\n%s\n",$status_code[0]));

// Check for errors

switch( $status_code[0] ) {

case 200:

// Success

break;

case 503:

die('Error 503: Service unavailable. An internal problem prevented us from returning data to you.');

break;

case 403:

die('Error 403: Forbidden. You do not have permission to access this resource, or are over your rate limit.');

break;

case 400:

die('Error 400: Bad request. The parameters passed to the service did not match as expected. The exact error is returned in the XML response.');

break;

default:

die('Error :' . $status_code[0]);

}

}

 

function google_checkout_state_change($check_status, $status, $oID, $cust_notify, $notify_comments) {

// If status update is from Pending -> Processing on the Admin UI

// this invokes the processing-order and charge-order commands

// 1->Pending, 2-> Processing

global $carrier_select, $tracking_number;

 

define('API_CALLBACK_MESSAGE_LOG', DIR_FS_CATALOG . "/googlecheckout/response_message.log");

define('API_CALLBACK_ERROR_LOG', DIR_FS_CATALOG. "/googlecheckout/response_error.log");

 

include_once(DIR_FS_CATALOG . '/includes/modules/payment/googlecheckout.php');

$googlepay = new googlecheckout();

 

//Setup the log file

if (!$message_log = fopen(API_CALLBACK_MESSAGE_LOG, "a")) {

error_func("Cannot open " . API_CALLBACK_MESSAGE_LOG . " file.\n", 0);

exit(1);

}

$google_answer = tep_db_fetch_array(tep_db_query("select google_order_number, order_amount from " . $googlepay->table_order . " where orders_id = " . (int)$oID ));

$google_order = $google_answer['google_order_number'];

$amt = $google_answer['order_amount'];

 

if($check_status['orders_status'] == STATE_PENDING && $status == STATE_PROCESSING) {

if($google_order != '') {

$postargs = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>

<charge-order xmlns=\"".$googlepay->schema_url."\" google-order-number=\"". $google_order. "\">

<amount currency=\"" . DEFAULT_CURRENCY . "\">" . $amt . "</amount>

</charge-order>";

fwrite($message_log, sprintf("\r\n%s\n",$postargs));

send_google_req($googlepay->request_url, $googlepay->merchantid, $googlepay->merchantkey,

$postargs, $message_log);

 

$postargs = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>

<process-order xmlns=\"".$googlepay->schema_url ."\" google-order-number=\"". $google_order. "\"/> ";

fwrite($message_log, sprintf("\r\n%s\n",$postargs));

send_google_req($googlepay->request_url, $googlepay->merchantid, $googlepay->merchantkey,

$postargs, $message_log);

}

}

 

// If status update is from Processing -> Delivered on the Admin UI

// this invokes the deliver-order and archive-order commands

// 2->Processing, 3-> Delivered

if($check_status['orders_status'] == STATE_PROCESSING && $status == STATE_DELIVERED) {

$send_mail = "false";

if($cust_notify == 1)

$send_mail = "true";

if($google_order != '') {

$postargs = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>

<deliver-order xmlns=\"".$googlepay->schema_url ."\" google-order-number=\"". $google_order. "\">

<send-email> " . $send_mail . "</send-email>";

if(isset($carrier_select) && ($carrier_select != 'select') && isset($tracking_number) && !empty($tracking_number)) {

$postargs .= "<tracking-data>

<carrier>" . $carrier_select . "</carrier>

<tracking-number>" . $tracking_number . "</tracking-number>

</tracking-data>";

$comments = "Shipping Tracking Data:\n Carrier: " . $carrier_select . "\n Tracking Number: " . $tracking_number . "";

tep_db_query("insert into " . TABLE_ORDERS_STATUS_HISTORY . " (orders_id, orders_status_id, date_added, customer_notified, comments) values ('" . (int)$oID . "', '" . tep_db_input($status) . "', now(), '" . tep_db_input($cust_notify) . "', '" . tep_db_input($comments) . "')");

}

$postargs .= "</deliver-order> ";

fwrite($message_log, sprintf("\r\n%s\n",$postargs));

send_google_req($googlepay->request_url, $googlepay->merchantid, $googlepay->merchantkey,

$postargs, $message_log);

 

$postargs = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>

<archive-order xmlns=\"".$googlepay->schema_url."\" google-order-number=\"". $google_order. "\"/>";

fwrite($message_log, sprintf("\r\n%s\n",$postargs));

send_google_req($googlepay->request_url, $googlepay->merchantid, $googlepay->merchantkey,

$postargs, $message_log);

}

}

 

if(isset($notify_comments)) {

$send_mail = "false";

if($cust_notify == 1)

$send_mail = "true";

$postargs = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>

<send-buyer-message xmlns=\"http://checkout.google.com/schema/2\" google-order-number=\"". $google_order. "\">

<send-email> " . $send_mail . "</send-email>

<message>". strip_tags($notify_comments) . "</message>

</send-buyer-message>";

fwrite($message_log, sprintf("\r\n%s\n",$postargs));

send_google_req($googlepay->request_url, $googlepay->merchantid, $googlepay->merchantkey,

$postargs, $message_log);

 

}

}

// ** END GOOGLE CHECKOUT **

 

require(DIR_WS_CLASSES . 'currencies.php');

$currencies = new currencies();

 

$orders_statuses = array();

$orders_status_array = array();

$orders_status_query = tep_db_query("select orders_status_id, orders_status_name from " . TABLE_ORDERS_STATUS . " where language_id = '" . (int)$languages_id . "'");

while ($orders_status = tep_db_fetch_array($orders_status_query)) {

$orders_statuses[] = array('id' => $orders_status['orders_status_id'],

'text' => $orders_status['orders_status_name']);

$orders_status_array[$orders_status['orders_status_id']] = $orders_status['orders_status_name'];

}

 

$action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : '');

 

if (tep_not_null($action)) {

switch ($action) {

case 'update_order':

$oID = tep_db_prepare_input($HTTP_GET_VARS['oID']);

$status = tep_db_prepare_input($HTTP_POST_VARS['status']);

$comments = tep_db_prepare_input($HTTP_POST_VARS['comments']);

 

$order_updated = false;

$check_status_query = tep_db_query("select customers_name, customers_email_address, orders_status, date_purchased, ipaddy, ipisp from " . TABLE_ORDERS . " where orders_id = '" . (int)$oID . "'");

$check_status = tep_db_fetch_array($check_status_query);

 

if ( ($check_status['orders_status'] != $status) || tep_not_null($comments)) {

tep_db_query("update " . TABLE_ORDERS . " set orders_status = '" . tep_db_input($status) . "', last_modified = now() where orders_id = '" . (int)$oID . "'");

 

$customer_notified = '0';

if (isset($HTTP_POST_VARS['notify']) && ($HTTP_POST_VARS['notify'] == 'on')) {

$notify_comments = '';

if (isset($HTTP_POST_VARS['notify_comments']) && ($HTTP_POST_VARS['notify_comments'] == 'on')) {

$notify_comments = sprintf(EMAIL_TEXT_COMMENTS_UPDATE, $comments) . "\n\n";

}

 

$email = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . tep_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id=' . $oID, 'SSL') . "\n" . EMAIL_TEXT_DATE_ORDERED . ' ' . tep_date_long($check_status['date_purchased']) . "\n\n" . $notify_comments . sprintf(EMAIL_TEXT_STATUS_UPDATE, $orders_status_array[$status]);

 

tep_mail($check_status['customers_name'], $check_status['customers_email_address'], EMAIL_TEXT_SUBJECT, $email, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);

 

$customer_notified = '1';

 

 

// ** GOOGLE CHECKOUT **

chdir("./..");

require_once('includes/languages/' . $language . '/' .'modules/payment/googlecheckout.php');

$payment_value= MODULE_PAYMENT_GOOGLECHECKOUT_TEXT_TITLE;

$num_rows = tep_db_num_rows(tep_db_query("select google_order_number from google_orders where orders_id= ". (int)$oID));

 

//Check if order is a Google Checkout order

if($num_rows == 0) {

$email = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . tep_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id=' . $oID, 'SSL') . "\n" . EMAIL_TEXT_DATE_ORDERED . ' ' . tep_date_long($check_status['date_purchased']) . "\n\n" . $notify_comments . sprintf(EMAIL_TEXT_STATUS_UPDATE, $orders_status_array[$status]);

tep_mail($check_status['customers_name'], $check_status['customers_email_address'], EMAIL_TEXT_SUBJECT, $email, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);

}else {

if($HTTP_POST_VARS['notify'] != 'on')

unset($notify_comments);

google_checkout_state_change($check_status, $status, $oID, $customer_notified, $notify_comments);

}

// ** END GOOGLE CHECKOUT **

 

}

 

tep_db_query("insert into " . TABLE_ORDERS_STATUS_HISTORY . " (orders_id, orders_status_id, date_added, customer_notified, comments) values ('" . (int)$oID . "', '" . tep_db_input($status) . "', now(), '" . tep_db_input($customer_notified) . "', '" . tep_db_input($comments) . "')");

 

$order_updated = true;

}

 

if ($order_updated == true) {

$messageStack->add_session(SUCCESS_ORDER_UPDATED, 'success');

} else {

$messageStack->add_session(WARNING_ORDER_NOT_UPDATED, 'warning');

}

 

tep_redirect(tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('action')) . 'action=edit'));

break;

case 'deleteconfirm':

$oID = tep_db_prepare_input($HTTP_GET_VARS['oID']);

 

tep_remove_order($oID, $HTTP_POST_VARS['restock']);

 

tep_redirect(tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action'))));

break;

}

}

 

if (($action == 'edit') && isset($HTTP_GET_VARS['oID'])) {

$oID = tep_db_prepare_input($HTTP_GET_VARS['oID']);

 

$orders_query = tep_db_query("select orders_id from " . TABLE_ORDERS . " where orders_id = '" . (int)$oID . "'");

$order_exists = true;

if (!tep_db_num_rows($orders_query)) {

$order_exists = false;

$messageStack->add(sprintf(ERROR_ORDER_DOES_NOT_EXIST, $oID), 'error');

}

}

 

include(DIR_WS_CLASSES . 'order.php');

?>

<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">

<html <?php echo HTML_PARAMS; ?>>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">

<title><?php echo TITLE; ?></title>

<link rel="stylesheet" type="text/css" href="includes/stylesheet.css">

<script language="javascript" src="includes/general.js"></script>

</head>

<body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" bgcolor="#FFFFFF">

<!-- header //-->

<?php

require(DIR_WS_INCLUDES . 'header.php');

?>

<!-- header_eof //-->

 

<!-- body //-->

<table border="0" width="100%" cellspacing="2" cellpadding="2">

<tr>

<td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="1" cellpadding="1" class="columnLeft">

<!-- left_navigation //-->

<?php require(DIR_WS_INCLUDES . 'column_left.php'); ?>

<!-- left_navigation_eof //-->

</table></td>

<!-- body_text //-->

<td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">

<?php

if (($action == 'edit') && ($order_exists == true)) {

$order = new order($oID);

?>

<tr>

<td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">

<tr>

<!-- PWA BOF -->

<td class="pageHeading"><?php echo HEADING_TITLE . (($order->customer['id']==0)? ' <b>no account!</b>':''); ?></td>

<!-- PWA EOF -->

<td class="pageHeading" align="right"><?php echo tep_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>

<td class="pageHeading" align="right"><?php echo '<a href="' . tep_href_link(FILENAME_ORDERS_EDIT, 'oID=' . $_GET['oID']) . '">' . tep_image_button('button_edit.gif', IMAGE_EDIT) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS_INVOICE, 'oID=' . $_GET['oID']) . '" TARGET="_blank">' . tep_image_button('button_invoice.gif', IMAGE_ORDERS_INVOICE) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $_GET['oID']) . '" TARGET="_blank">' . tep_image_button('button_packingslip.gif', IMAGE_ORDERS_PACKINGSLIP) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('action'))) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a> '; ?></td>

 

</tr>

</table></td>

</tr>

<tr>

<td><table width="100%" border="0" cellspacing="0" cellpadding="2">

<tr>

<td colspan="3"><?php echo tep_draw_separator(); ?></td>

</tr>

<tr>

<td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">

<tr>

<td class="main" valign="top"><b><?php echo ENTRY_CUSTOMER; ?></b></td>

<td class="main"><?php echo tep_address_format($order->customer['format_id'], $order->customer, 1, '', '<br>'); ?></td>

</tr>

<tr>

<td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '1', '5'); ?></td>

</tr>

<tr>

<td class="main"><b><?php echo ENTRY_TELEPHONE_NUMBER; ?></b></td>

<td class="main"><?php echo $order->customer['telephone']; ?></td>

</tr>

<tr>

<td class="main"><b><?php echo ENTRY_EMAIL_ADDRESS; ?></b></td>

<td class="main"><?php echo '<a href="mailto:' . $order->customer['email_address'] . '"><u>' . $order->customer['email_address'] . '</u></a>'; ?></td>

</tr>

<tr>

<td class="main"> </td>

</tr>

<tr>

<td class="main"><b><?php echo ENTRY_IPADDRESS; ?></b></td>

<td class="main"><?php echo $order->customer['ipaddy']; ?></td>

</tr>

<tr>

<td class="main"><b><?php echo ENTRY_IPISP; ?></b></td>

<td class="main"><?php echo $order->customer['ipisp']; ?></td>

</tr>

</table></td>

<td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">

<tr>

<td class="main" valign="top"><b><?php echo ENTRY_SHIPPING_ADDRESS; ?></b></td>

<td class="main"><?php echo tep_address_format($order->delivery['format_id'], $order->delivery, 1, '', '<br>'); ?></td>

</tr>

</table></td>

<td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">

<tr>

<td class="main" valign="top"><b><?php echo ENTRY_BILLING_ADDRESS; ?></b></td>

<td class="main"><?php echo tep_address_format($order->billing['format_id'], $order->billing, 1, '', '<br>'); ?></td>

</tr>

</table></td>

</tr>

</table></td>

</tr>

<tr>

<td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>

</tr>

<tr>

<td><table border="0" cellspacing="0" cellpadding="2">

<tr>

<td class="main"><b><?php echo ENTRY_PAYMENT_METHOD; ?></b></td>

<td class="main"><?php echo $order->info['payment_method']; ?></td>

</tr>

<?php

if (tep_not_null($order->info['cc_type']) || tep_not_null($order->info['cc_owner']) || tep_not_null($order->info['cc_number'])) {

?>

<tr>

<td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>

</tr>

<tr>

<td class="main"><?php echo ENTRY_CREDIT_CARD_TYPE; ?></td>

<td class="main"><?php echo $order->info['cc_type']; ?></td>

</tr>

<tr>

<td class="main"><?php echo ENTRY_CREDIT_CARD_OWNER; ?></td>

<td class="main"><?php echo $order->info['cc_owner']; ?></td>

</tr>

<tr>

<td class="main"><?php echo ENTRY_CREDIT_CARD_NUMBER; ?></td>

<td class="main"><?php echo $order->info['cc_number']; ?></td>

</tr>

<tr>

<td class="main"><?php echo ENTRY_CREDIT_CARD_EXPIRES; ?></td>

<td class="main"><?php echo $order->info['cc_expires']; ?></td>

</tr>

<?php

}

?>

</table></td>

</tr>

<tr>

<td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>

</tr>

<tr>

<td><table border="0" width="100%" cellspacing="0" cellpadding="2">

<tr class="dataTableHeadingRow">

<td class="dataTableHeadingContent" colspan="2"><?php echo TABLE_HEADING_PRODUCTS; ?></td>

<td class="dataTableHeadingContent"><?php echo TABLE_HEADING_PRODUCTS_MODEL; ?></td>

<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TAX; ?></td>

<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_PRICE_EXCLUDING_TAX; ?></td>

<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_PRICE_INCLUDING_TAX; ?></td>

<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TOTAL_EXCLUDING_TAX; ?></td>

<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TOTAL_INCLUDING_TAX; ?></td>

</tr>

<?php

for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {

//BEGIN RMA MODULE

$returns_check_query = tep_db_query("SELECT r.rma_value, rp.products_id FROM " . TABLE_RETURNS . " r, " . TABLE_RETURNS_PRODUCTS_DATA . " rp where r.returns_id = rp.returns_id and r.order_id = '" . $oID . "' and rp.products_id = '" . $order->products[$i]['id'] . "' ");

if (!tep_db_num_rows($returns_check_query)){

 

if ($order->products[$i]['return'] != '1') {

$return_link = '<a href="' . tep_href_link(FILENAME_RETURN, 'order_id=' . $oID . '&products_id=' . ($order->products[$i]['id']), 'NONSSL') . '"><u>' . '<font color="818180">Schedule Return</font>' .'</a></u>';

}

// Don't show Return link if order is still pending or processing

// You can change this or comment it out as best fits your store configuration

if (($orders_status == '1') OR ($orders_status == '2') ) {

$return_link = '';

}

} else {

$returns = tep_db_fetch_array($returns_check_query);

$return_link = '<a href=' . tep_href_link(FILENAME_RETURNS, 'cID=' . $returns['rma_value']) . '><font color=red><b><i>Returns</b></i></font></a>';

}

//END RMA MODULE

echo ' <tr class="dataTableRow">' . "\n" .

' <td class="dataTableContent" valign="top" align="right">' . $order->products[$i]['qty'] . ' x</td>' . "\n" .

' <td class="dataTableContent" valign="top">' . $order->products[$i]['name'] . '  ' . $return_link;

 

if (isset($order->products[$i]['attributes']) && (sizeof($order->products[$i]['attributes']) > 0)) {

for ($j = 0, $k = sizeof($order->products[$i]['attributes']); $j < $k; $j++) {

echo '<br><nobr><small> <i> - ' . $order->products[$i]['attributes'][$j]['option'] . ': ' . $order->products[$i]['attributes'][$j]['value'];

if ($order->products[$i]['attributes'][$j]['price'] != '0') echo ' (' . $order->products[$i]['attributes'][$j]['prefix'] . $currencies->format($order->products[$i]['attributes'][$j]['price'] * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) . ')';

echo '</i></small></nobr>';

}

}

 

echo ' </td>' . "\n" .

' <td class="dataTableContent" valign="top">' . $order->products[$i]['model'] . '</td>' . "\n" .

' <td class="dataTableContent" align="right" valign="top">' . tep_display_tax_value($order->products[$i]['tax']) . '%</td>' . "\n" .

' <td class="dataTableContent" align="right" valign="top"><b>' . $currencies->format($order->products[$i]['final_price'], true, $order->info['currency'], $order->info['currency_value']) . '</b></td>' . "\n" .

' <td class="dataTableContent" align="right" valign="top"><b>' . $currencies->format(tep_add_tax($order->products[$i]['final_price'], $order->products[$i]['tax']), true, $order->info['currency'], $order->info['currency_value']) . '</b></td>' . "\n" .

' <td class="dataTableContent" align="right" valign="top"><b>' . $currencies->format($order->products[$i]['final_price'] * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) . '</b></td>' . "\n" .

' <td class="dataTableContent" align="right" valign="top"><b>' . $currencies->format(tep_add_tax($order->products[$i]['final_price'], $order->products[$i]['tax']) * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) . '</b></td>' . "\n";

echo ' </tr>' . "\n";

}

?>

<tr>

<td align="right" colspan="8"><table border="0" cellspacing="0" cellpadding="2">

<?php

for ($i = 0, $n = sizeof($order->totals); $i < $n; $i++) {

echo ' <tr>' . "\n" .

' <td align="right" class="smallText">' . $order->totals[$i]['title'] . '</td>' . "\n" .

' <td align="right" class="smallText">' . $order->totals[$i]['text'] . '</td>' . "\n" .

' </tr>' . "\n";

}

?>

</table></td>

</tr>

</table></td>

</tr>

<tr>

<td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>

</tr>

<tr>

<td class="main"><table border="1" cellspacing="0" cellpadding="5">

<tr>

<td class="smallText" align="center"><b><?php echo TABLE_HEADING_DATE_ADDED; ?></b></td>

<td class="smallText" align="center"><b><?php echo TABLE_HEADING_CUSTOMER_NOTIFIED; ?></b></td>

<td class="smallText" align="center"><b><?php echo TABLE_HEADING_STATUS; ?></b></td>

<td class="smallText" align="center"><b><?php echo TABLE_HEADING_COMMENTS; ?></b></td>

</tr>

<?php

$orders_history_query = tep_db_query("select orders_status_id, date_added, customer_notified, comments from " . TABLE_ORDERS_STATUS_HISTORY . " where orders_id = '" . tep_db_input($oID) . "' order by date_added");

if (tep_db_num_rows($orders_history_query)) {

while ($orders_history = tep_db_fetch_array($orders_history_query)) {

echo ' <tr>' . "\n" .

' <td class="smallText" align="center">' . tep_datetime_short($orders_history['date_added']) . '</td>' . "\n" .

' <td class="smallText" align="center">';

if ($orders_history['customer_notified'] == '1') {

echo tep_image(DIR_WS_ICONS . 'tick.gif', ICON_TICK) . "</td>\n";

} else {

echo tep_image(DIR_WS_ICONS . 'cross.gif', ICON_CROSS) . "</td>\n";

}

echo ' <td class="smallText">' . $orders_status_array[$orders_history['orders_status_id']] . '</td>' . "\n" .

' <td class="smallText">' . nl2br(tep_db_output($orders_history['comments'])) . ' </td>' . "\n" .

' </tr>' . "\n";

}

} else {

echo ' <tr>' . "\n" .

' <td class="smallText" colspan="5">' . TEXT_NO_ORDER_HISTORY . '</td>' . "\n" .

' </tr>' . "\n";

}

?>

</table></td>

</tr>

<tr>

<td class="main"><br><b><?php echo TABLE_HEADING_COMMENTS; ?></b></td>

</tr>

<tr>

<td><?php echo tep_draw_separator('pixel_trans.gif', '1', '5'); ?></td>

</tr>

<tr><?php echo tep_draw_form('status', FILENAME_ORDERS, tep_get_all_get_params(array('action')) . 'action=update_order'); ?>

<td class="main"><?php echo tep_draw_textarea_field('comments', 'soft', '60', '5'); ?></td>

</tr>

<tr>

<td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>

</tr>

<tr>

<td><table border="0" cellspacing="0" cellpadding="2">

<tr>

<td><table border="0" cellspacing="0" cellpadding="2">

<tr>

<td class="main"><b><?php echo ENTRY_STATUS; ?></b> <?php echo tep_draw_pull_down_menu('status', $orders_statuses, $order->info['orders_status']); ?></td>

</tr>

<tr>

<td class="main"><b><?php echo ENTRY_NOTIFY_CUSTOMER; ?></b> <?php echo tep_draw_checkbox_field('notify', '', true); ?></td>

<td class="main"><b><?php echo ENTRY_NOTIFY_COMMENTS; ?></b> <?php echo tep_draw_checkbox_field('notify_comments', '', true); ?></td>

</tr>

</table></td>

<td valign="top"><?php echo tep_image_submit('button_update.gif', IMAGE_UPDATE); ?></td>

<!-- googlecheckout Tracking Number -->

<?php

// orders_status == STATE_PROCESSING -> Processing before delivery

if($order->info['payment_method'] == 'Google Checkout' && $order->info['orders_status'] == STATE_PROCESSING){

echo '<td><table border="0" cellpadding="3" cellspacing="0" width="100%">

<tbody>

<tr>

<td style="border-top: 2px solid rgb(255, 255, 255); border-right: 2px solid rgb(255, 255, 255);" nowrap="nowrap" colspan="2">

<b>Shipping Information</b>

</td>

</tr>

<tr>

<td nowrap="nowrap" valign="middle" width="1%">

<font size="2">

<b>Tracking:</b>

</font>

</td>

<td style="border-right: 2px solid rgb(255, 255, 255); border-bottom: 2px solid rgb(255, 255, 255);" nowrap="nowrap">

<input name="tracking_number" style="color: rgb(0, 0, 0);" id="trackingBox" size="20" type="text">

</td>

</tr>

<tr>

<td nowrap="nowrap" valign="middle" width="1%">

<font size="2">

<b>Carrier:</b>

</font>

</td>

<td style="border-right: 2px solid rgb(255, 255, 255);" nowrap="nowrap">

<select name="carrier_select" style="color: rgb(0, 0, 0);" id="carrierSelect">

<option value="select" selected="selected">

Select ...

</option>

<option value="USPS">

USPS

</option>

<option value="DHL">

DHL

</option>

<option value="UPS">

UPS

</option>

<option value="Other">

Other

</option>

<option value="FedEx">

FedEx

</option>

</select>

</td>

</tr>

</tbody>

</table></td>';

 

}

?>

<!-- end googlecheckout Tracking Number -->

</tr>

</table></td>

</form></tr>

<tr>

<td colspan="2" align="right"><?php echo '<a href="' . tep_href_link(FILENAME_ORDERS_EDIT, 'oID=' . $_GET['oID']) . '">' . tep_image_button('button_edit.gif', IMAGE_EDIT) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS_INVOICE, 'oID=' . $_GET['oID']) . '" TARGET="_blank">' . tep_image_button('button_invoice.gif', IMAGE_ORDERS_INVOICE) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $_GET['oID']) . '" TARGET="_blank">' . tep_image_button('button_packingslip.gif', IMAGE_ORDERS_PACKINGSLIP) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('action'))) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a> '; ?></td>

</tr>

<?php

} else {

?>

<tr>

<td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">

<tr>

<td class="pageHeading"><?php echo HEADING_TITLE; ?></td>

<td class="pageHeading" align="right"><?php echo tep_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>

<td align="right"><table border="0" width="100%" cellspacing="0" cellpadding="0">

<tr><?php echo tep_draw_form('orders', FILENAME_ORDERS, '', 'get'); ?>

<td class="smallText" align="right"><?php echo HEADING_TITLE_SEARCH . ' ' . tep_draw_input_field('oID', '', 'size="12"') . tep_draw_hidden_field('action', 'edit'); ?></td>

</form></tr>

<tr><?php echo tep_draw_form('status', FILENAME_ORDERS, '', 'get'); ?>

<td class="smallText" align="right"><?php echo HEADING_TITLE_STATUS . ' ' . tep_draw_pull_down_menu('status', array_merge(array(array('id' => '', 'text' => TEXT_ALL_ORDERS)), $orders_statuses), '', 'onChange="this.form.submit();"'); ?></td>

</form></tr>

</table></td>

</tr>

</table></td>

</tr>

<tr>

<td><table border="0" width="100%" cellspacing="0" cellpadding="0">

<tr>

<td valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">

<tr class="dataTableHeadingRow">

<td class="dataTableHeadingContent"><?php echo TABLE_HEADING_CUSTOMERS; ?></td>

<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ORDER_TOTAL; ?></td>

<td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_DATE_PURCHASED; ?></td>

<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_STATUS; ?></td>

<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACTION; ?> </td>

</tr>

<?php

if (isset($HTTP_GET_VARS['cID'])) {

$cID = tep_db_prepare_input($HTTP_GET_VARS['cID']);

$orders_query_raw = "select o.orders_id, o.customers_name, o.customers_id, o.payment_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where o.customers_id = '" . (int)$cID . "' and o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and ot.class = 'ot_total' order by orders_id DESC";

} elseif (isset($HTTP_GET_VARS['status']) && is_numeric($HTTP_GET_VARS['status']) && ($HTTP_GET_VARS['status'] > 0)) {

$status = tep_db_prepare_input($HTTP_GET_VARS['status']);

$orders_query_raw = "select o.orders_id, o.customers_id, o.customers_name, o.payment_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and s.orders_status_id = '" . (int)$status . "' and ot.class = 'ot_total' order by o.orders_id DESC";

} else {

$orders_query_raw = "select o.orders_id, o.customers_id, o.customers_name, o.payment_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and ot.class = 'ot_total' order by o.orders_id DESC";

}

$orders_split = new splitPageResults($HTTP_GET_VARS['page'], MAX_DISPLAY_SEARCH_RESULTS, $orders_query_raw, $orders_query_numrows);

$orders_query = tep_db_query($orders_query_raw);

while ($orders = tep_db_fetch_array($orders_query)) {

// PWA BOF

if ($orders['customers_id']==0) $orders['customers_name'] = '<b>!!</b> ' . $orders['customers_name'];

// PWA EOF

if ((!isset($HTTP_GET_VARS['oID']) || (isset($HTTP_GET_VARS['oID']) && ($HTTP_GET_VARS['oID'] == $orders['orders_id']))) && !isset($oInfo)) {

$oInfo = new objectInfo($orders);

}

 

if (isset($oInfo) && is_object($oInfo) && ($orders['orders_id'] == $oInfo->orders_id)) {

echo ' <tr id="defaultSelected" class="dataTableRowSelected" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=edit') . '\'">' . "\n";

} else {

echo ' <tr class="dataTableRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID')) . 'oID=' . $orders['orders_id']) . '\'">' . "\n";

}

?>

<td class="dataTableContent"><?php echo '<a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $orders['orders_id'] . '&action=edit') . '">' . tep_image(DIR_WS_ICONS . 'preview.gif', ICON_PREVIEW) . '</a> ' . $orders['customers_name']; ?></td>

<td class="dataTableContent" align="right"><?php echo strip_tags($orders['order_total']); ?></td>

<td class="dataTableContent" align="center"><?php echo tep_datetime_short($orders['date_purchased']); ?></td>

<td class="dataTableContent" align="right"><?php echo $orders['orders_status_name']; ?></td>

<td class="dataTableContent" align="right"><?php if (isset($oInfo) && is_object($oInfo) && ($orders['orders_id'] == $oInfo->orders_id)) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '<a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID')) . 'oID=' . $orders['orders_id']) . '">' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . '</a>'; } ?> </td>

</tr>

<?php

}

?>

<tr>

<td colspan="5"><table border="0" width="100%" cellspacing="0" cellpadding="2">

<tr>

<td class="smallText" valign="top"><?php echo $orders_split->display_count($orders_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_ORDERS); ?></td>

<td class="smallText" align="right"><?php echo $orders_split->display_links($orders_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page'], tep_get_all_get_params(array('page', 'oID', 'action'))); ?></td>

</tr>

</table></td>

</tr>

</table></td>

<?php

$heading = array();

$contents = array();

 

switch ($action) {

case 'delete':

$heading[] = array('text' => '<b>' . TEXT_INFO_HEADING_DELETE_ORDER . '</b>');

 

$contents = array('form' => tep_draw_form('orders', FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=deleteconfirm'));

$contents[] = array('text' => TEXT_INFO_DELETE_INTRO . '<br><br><b>' . $cInfo->customers_firstname . ' ' . $cInfo->customers_lastname . '</b>');

$contents[] = array('text' => '<br>' . tep_draw_checkbox_field('restock') . ' ' . TEXT_INFO_RESTOCK_PRODUCT_QUANTITY);

$contents[] = array('align' => 'center', 'text' => '<br>' . tep_image_submit('button_delete.gif', IMAGE_DELETE) . ' <a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id) . '">' . tep_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>');

break;

default:

if (isset($oInfo) && is_object($oInfo)) {

$heading[] = array('text' => '<b>[' . $oInfo->orders_id . ']  ' . tep_datetime_short($oInfo->date_purchased) . '</b>');

 

$contents[] = array('align' => 'center', 'text' => '<a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=edit') . '">' . tep_image_button('button_edit.gif', IMAGE_EDIT) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=delete') . '">' . tep_image_button('button_delete.gif', IMAGE_DELETE) . '</a>');

$contents[] = array('align' => 'center', 'text' => '<a href="' . tep_href_link(FILENAME_ORDERS_INVOICE, 'oID=' . $oInfo->orders_id) . '" TARGET="_blank">' . tep_image_button('button_invoice.gif', IMAGE_ORDERS_INVOICE) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $oInfo->orders_id) . '" TARGET="_blank">' . tep_image_button('button_packingslip.gif', IMAGE_ORDERS_PACKINGSLIP) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS_EDIT, 'oID=' . $oInfo->orders_id) . '">' . tep_image_button('button_edit.gif', IMAGE_EDIT) . '</a>');

$contents[] = array('text' => '<br>' . TEXT_DATE_ORDER_CREATED . ' ' . tep_date_short($oInfo->date_purchased));

if (tep_not_null($oInfo->last_modified)) $contents[] = array('text' => TEXT_DATE_ORDER_LAST_MODIFIED . ' ' . tep_date_short($oInfo->last_modified));

$contents[] = array('text' => '<br>' . TEXT_INFO_PAYMENT_METHOD . ' ' . $oInfo->payment_method);

}

break;

}

 

if ( (tep_not_null($heading)) && (tep_not_null($contents)) ) {

echo ' <td width="25%" valign="top">' . "\n";

 

$box = new box;

echo $box->infoBox($heading, $contents);

 

echo ' </td>' . "\n";

}

?>

</tr>

</table></td>

</tr>

<?php

}

?>

</table></td>

<!-- body_text_eof //-->

</tr>

</table>

<!-- body_eof //-->

 

<!-- footer //-->

<?php require(DIR_WS_INCLUDES . 'footer.php'); ?>

<!-- footer_eof //-->

<br>

</body>

</html>

<?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>

Link to comment
Share on other sites

nope, this file is not a security issue. Make a backup of your file and see if all is well in this one.

 

<?php
/*
$Id: orders.php,v 1.112 2003/06/29 22:50:52 hpdl Exp $

osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com

Copyright © 2003 osCommerce

Released under the GNU General Public License
*/

require('includes/application_top.php');

/* ** GOOGLE CHECKOUT **/
define('STATE_PENDING', "1");
define('STATE_PROCESSING', "2");
define('STATE_DELIVERED', "3");

/*
* Function which posts a request to the specified url.
* @param url Url where request is to be posted
* @param merid The merchant ID used for HTTP Basic Authentication
* @param merkey The merchant key used for HTTP Basic Authentication
* @param postargs The post arguments to be sent
* @param message_log An opened log file poitner for appending logs
*/
function send_google_req($url, $merid, $merkey, $postargs, $message_log) {
// Get the curl session object
$session = curl_init($url);

$header_string_1 = "Authorization: Basic ".base64_encode($merid.':'.$merkey);
$header_string_2 = "Content-Type: application/xml;charset=UTF-8"; 
$header_string_3 = "Accept: application/xml;charset=UTF-8";

// fwrite($message_log, sprintf("\r\n%s %s %s\n",$header_string_1, $header_string_2, $header_string_3));
// Set the POST options.
curl_setopt($session, CURLOPT_POST, true);
curl_setopt($session, CURLOPT_HTTPHEADER, array($header_string_1, $header_string_2, $header_string_3));
curl_setopt($session, CURLOPT_POSTFIELDS, $postargs);
curl_setopt($session, CURLOPT_HEADER, true);
curl_setopt($session, CURLOPT_RETURNTRANSFER, true);
// Uncomment the following and set the path to your CA-bundle.crt file if SSL verification fails
//curl_setopt($session, CURLOPT_CAINFO, "C:\\Program Files\\xampp\\apache\\conf\\ssl.crt\\ca-bundle.crt");

// Do the POST and then close the session
$response = curl_exec($session);
if (curl_errno($session)) {
die(curl_error($session));
} else {
curl_close($session);
}

fwrite($message_log, sprintf("\r\n%s\n",$response));

// Get HTTP Status code from the response
$status_code = array();
preg_match('/\d\d\d/', $response, $status_code);

fwrite($message_log, sprintf("\r\n%s\n",$status_code[0]));
// Check for errors
switch( $status_code[0] ) {
case 200:
// Success
break;
case 503:
die('Error 503: Service unavailable. An internal problem prevented us from returning data to you.');
break;
case 403:
die('Error 403: Forbidden. You do not have permission to access this resource, or are over your rate limit.');
break;
case 400:
die('Error 400: Bad request. The parameters passed to the service did not match as expected. The exact error is returned in the XML response.');
break;
default:
die('Error :' . $status_code[0]);
}
}

function google_checkout_state_change($check_status, $status, $oID, $cust_notify, $notify_comments) {
// If status update is from Pending -> Processing on the Admin UI
// this invokes the processing-order and charge-order commands
// 1->Pending, 2-> Processing
global $carrier_select, $tracking_number;

define('API_CALLBACK_MESSAGE_LOG', DIR_FS_CATALOG . "/googlecheckout/response_message.log");
define('API_CALLBACK_ERROR_LOG', DIR_FS_CATALOG. "/googlecheckout/response_error.log");

include_once(DIR_FS_CATALOG . '/includes/modules/payment/googlecheckout.php');
$googlepay = new googlecheckout();

//Setup the log file
if (!$message_log = fopen(API_CALLBACK_MESSAGE_LOG, "a")) {
error_func("Cannot open " . API_CALLBACK_MESSAGE_LOG . " file.\n", 0);
exit(1);
}
$google_answer = tep_db_fetch_array(tep_db_query("select google_order_number, order_amount from " . $googlepay->table_order . " where orders_id = " . (int)$oID ));
$google_order = $google_answer['google_order_number']; 
$amt = $google_answer['order_amount']; 

if($check_status['orders_status'] == STATE_PENDING && $status == STATE_PROCESSING) {
if($google_order != '') { 
$postargs = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>
<charge-order xmlns=\"".$googlepay->schema_url."\" google-order-number=\"". $google_order. "\">
<amount currency=\"" . DEFAULT_CURRENCY . "\">" . $amt . "</amount>
</charge-order>";
fwrite($message_log, sprintf("\r\n%s\n",$postargs));
send_google_req($googlepay->request_url, $googlepay->merchantid, $googlepay->merchantkey, 
$postargs, $message_log); 

$postargs = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>
<process-order xmlns=\"".$googlepay->schema_url ."\" google-order-number=\"". $google_order. "\"/> ";
fwrite($message_log, sprintf("\r\n%s\n",$postargs));
send_google_req($googlepay->request_url, $googlepay->merchantid, $googlepay->merchantkey, 
$postargs, $message_log); 
}
} 

// If status update is from Processing -> Delivered on the Admin UI
// this invokes the deliver-order and archive-order commands
// 2->Processing, 3-> Delivered
if($check_status['orders_status'] == STATE_PROCESSING && $status == STATE_DELIVERED) {
$send_mail = "false";
if($cust_notify == 1) 
$send_mail = "true";
if($google_order != '') { 
$postargs = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>
<deliver-order xmlns=\"".$googlepay->schema_url ."\" google-order-number=\"". $google_order. "\"> 
<send-email> " . $send_mail . "</send-email>";
if(isset($carrier_select) && ($carrier_select != 'select') && isset($tracking_number) && !empty($tracking_number)) {
$postargs .= "<tracking-data>
<carrier>" . $carrier_select . "</carrier>
<tracking-number>" . $tracking_number . "</tracking-number>
</tracking-data>";
$comments = "Shipping Tracking Data:\n Carrier: " . $carrier_select . "\n Tracking Number: " . $tracking_number . "";
tep_db_query("insert into " . TABLE_ORDERS_STATUS_HISTORY . " (orders_id, orders_status_id, date_added, customer_notified, comments) values ('" . (int)$oID . "', '" . tep_db_input($status) . "', now(), '" . tep_db_input($cust_notify) . "', '" . tep_db_input($comments) . "')");
}
$postargs .= "</deliver-order> ";
fwrite($message_log, sprintf("\r\n%s\n",$postargs));
send_google_req($googlepay->request_url, $googlepay->merchantid, $googlepay->merchantkey, 
$postargs, $message_log); 

$postargs = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>
<archive-order xmlns=\"".$googlepay->schema_url."\" google-order-number=\"". $google_order. "\"/>";
fwrite($message_log, sprintf("\r\n%s\n",$postargs));
send_google_req($googlepay->request_url, $googlepay->merchantid, $googlepay->merchantkey, 
$postargs, $message_log); 
}
}

if(isset($notify_comments)) {
$send_mail = "false";
if($cust_notify == 1) 
$send_mail = "true";
$postargs = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>
<send-buyer-message xmlns=\"http://checkout.google.com/schema/2\" google-order-number=\"". $google_order. "\">
<send-email> " . $send_mail . "</send-email>
<message>". strip_tags($notify_comments) . "</message>
</send-buyer-message>"; 
fwrite($message_log, sprintf("\r\n%s\n",$postargs));
send_google_req($googlepay->request_url, $googlepay->merchantid, $googlepay->merchantkey,
$postargs, $message_log);

}
}
// ** END GOOGLE CHECKOUT ** 

require(DIR_WS_CLASSES . 'currencies.php');
$currencies = new currencies();

$orders_statuses = array();
$orders_status_array = array();
$orders_status_query = tep_db_query("select orders_status_id, orders_status_name from " . TABLE_ORDERS_STATUS . " where language_id = '" . (int)$languages_id . "'");
while ($orders_status = tep_db_fetch_array($orders_status_query)) {
$orders_statuses[] = array('id' => $orders_status['orders_status_id'],
'text' => $orders_status['orders_status_name']);
$orders_status_array[$orders_status['orders_status_id']] = $orders_status['orders_status_name'];
}

$action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : '');

if (tep_not_null($action)) {
switch ($action) {
case 'update_order':
$oID = tep_db_prepare_input($HTTP_GET_VARS['oID']);
$status = tep_db_prepare_input($HTTP_POST_VARS['status']);
$comments = tep_db_prepare_input($HTTP_POST_VARS['comments']);

$order_updated = false;
$check_status_query = tep_db_query("select customers_name, customers_email_address, orders_status, date_purchased, ipaddy, ipisp from " . TABLE_ORDERS . " where orders_id = '" . (int)$oID . "'");
$check_status = tep_db_fetch_array($check_status_query);

if ( ($check_status['orders_status'] != $status) || tep_not_null($comments)) {
tep_db_query("update " . TABLE_ORDERS . " set orders_status = '" . tep_db_input($status) . "', last_modified = now() where orders_id = '" . (int)$oID . "'");

$customer_notified = '0';
if (isset($HTTP_POST_VARS['notify']) && ($HTTP_POST_VARS['notify'] == 'on')) {
$notify_comments = '';
if (isset($HTTP_POST_VARS['notify_comments']) && ($HTTP_POST_VARS['notify_comments'] == 'on')) {
$notify_comments = sprintf(EMAIL_TEXT_COMMENTS_UPDATE, $comments) . "\n\n";
}

$email = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . tep_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id=' . $oID, 'SSL') . "\n" . EMAIL_TEXT_DATE_ORDERED . ' ' . tep_date_long($check_status['date_purchased']) . "\n\n" . $notify_comments . sprintf(EMAIL_TEXT_STATUS_UPDATE, $orders_status_array[$status]);

tep_mail($check_status['customers_name'], $check_status['customers_email_address'], EMAIL_TEXT_SUBJECT, $email, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);

$customer_notified = '1';


// ** GOOGLE CHECKOUT **
chdir("./..");
require_once('includes/languages/' . $language . '/' .'modules/payment/googlecheckout.php');
$payment_value= MODULE_PAYMENT_GOOGLECHECKOUT_TEXT_TITLE;
$num_rows = tep_db_num_rows(tep_db_query("select google_order_number from google_orders where orders_id= ". (int)$oID));

//Check if order is a Google Checkout order
if($num_rows == 0) {
$email = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . tep_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id=' . $oID, 'SSL') . "\n" . EMAIL_TEXT_DATE_ORDERED . ' ' . tep_date_long($check_status['date_purchased']) . "\n\n" . $notify_comments . sprintf(EMAIL_TEXT_STATUS_UPDATE, $orders_status_array[$status]);
tep_mail($check_status['customers_name'], $check_status['customers_email_address'], EMAIL_TEXT_SUBJECT, $email, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
}else {
if($HTTP_POST_VARS['notify'] != 'on')
unset($notify_comments);
google_checkout_state_change($check_status, $status, $oID, $customer_notified, $notify_comments);
}
// ** END GOOGLE CHECKOUT **

}

tep_db_query("insert into " . TABLE_ORDERS_STATUS_HISTORY . " (orders_id, orders_status_id, date_added, customer_notified, comments) values ('" . (int)$oID . "', '" . tep_db_input($status) . "', now(), '" . tep_db_input($customer_notified) . "', '" . tep_db_input($comments) . "')");

$order_updated = true;
}

if ($order_updated == true) {
$messageStack->add_session(SUCCESS_ORDER_UPDATED, 'success');
} else {
$messageStack->add_session(WARNING_ORDER_NOT_UPDATED, 'warning');
}

tep_redirect(tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('action')) . 'action=edit'));
break;
case 'deleteconfirm':
$oID = tep_db_prepare_input($HTTP_GET_VARS['oID']);

tep_remove_order($oID, $HTTP_POST_VARS['restock']);

tep_redirect(tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action'))));
break;
}
}

if (($action == 'edit') && isset($HTTP_GET_VARS['oID'])) {
$oID = tep_db_prepare_input($HTTP_GET_VARS['oID']);

$orders_query = tep_db_query("select orders_id from " . TABLE_ORDERS . " where orders_id = '" . (int)$oID . "'");
$order_exists = true;
if (!tep_db_num_rows($orders_query)) {
$order_exists = false;
$messageStack->add(sprintf(ERROR_ORDER_DOES_NOT_EXIST, $oID), 'error');
}
}

include(DIR_WS_CLASSES . 'order.php');
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php echo HTML_PARAMS; ?>>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
<title><?php echo TITLE; ?></title>
<link rel="stylesheet" type="text/css" href="includes/stylesheet.css">
<script language="javascript" src="includes/general.js"></script>
</head>
<body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" bgcolor="#FFFFFF">
<!-- header //-->
<?php
require(DIR_WS_INCLUDES . 'header.php');
?>
<!-- header_eof //-->

<!-- body //-->
<table border="0" width="100%" cellspacing="2" cellpadding="2">
<tr>
<td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="1" cellpadding="1" class="columnLeft">
<!-- left_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_left.php'); ?>
<!-- left_navigation_eof //-->
</table></td>
<!-- body_text //-->
<td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
<?php
if (($action == 'edit') && ($order_exists == true)) {
$order = new order($oID);
?>
<tr>
<td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr>
<!-- PWA BOF -->
<td class="pageHeading"><?php echo HEADING_TITLE . (($order->customer['id']==0)? ' <b>no account!</b>':''); ?></td>
<!-- PWA EOF -->
<td class="pageHeading" align="right"><?php echo tep_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
<td class="pageHeading" align="right"><?php echo '<a href="' . tep_href_link(FILENAME_ORDERS_EDIT, 'oID=' . $_GET['oID']) . '">' . tep_image_button('button_edit.gif', IMAGE_EDIT) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS_INVOICE, 'oID=' . $_GET['oID']) . '" TARGET="_blank">' . tep_image_button('button_invoice.gif', IMAGE_ORDERS_INVOICE) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $_GET['oID']) . '" TARGET="_blank">' . tep_image_button('button_packingslip.gif', IMAGE_ORDERS_PACKINGSLIP) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('action'))) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a> '; ?></td>

</tr>
</table></td>
</tr>
<tr>
<td><table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td colspan="3"><?php echo tep_draw_separator(); ?></td>
</tr>
<tr>
<td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td class="main" valign="top"><b>Order #</b></td>
<td class="main"><?php echo $HTTP_GET_VARS['oID']; ?></td>
</tr>
<tr>
<td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '1', '5'); ?></td>
</tr>

<tr>
<td class="main" valign="top"><b><?php echo ENTRY_CUSTOMER; ?></b></td>
<td class="main"><?php echo tep_address_format($order->customer['format_id'], $order->customer, 1, '', '<br>'); ?></td>
</tr>
<tr>
<td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '1', '5'); ?></td>
</tr>
<tr>
<td class="main"><b><?php echo ENTRY_TELEPHONE_NUMBER; ?></b></td>
<td class="main"><?php echo $order->customer['telephone']; ?></td>
</tr>
<tr>
<td class="main"><b><?php echo ENTRY_EMAIL_ADDRESS; ?></b></td>
<td class="main"><?php echo '<a href="mailto:' . $order->customer['email_address'] . '"><u>' . $order->customer['email_address'] . '</u></a>'; ?></td>
</tr>
<tr>
<td class="main"> </td>
</tr>
<tr>
<td class="main"><b><?php echo ENTRY_IPADDRESS; ?></b></td>
<td class="main"><?php echo $order->customer['ipaddy']; ?></td>
</tr>
<tr>
<td class="main"><b><?php echo ENTRY_IPISP; ?></b></td>
<td class="main"><?php echo $order->customer['ipisp']; ?></td>
</tr>
</table></td>
<td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td class="main" valign="top"><b><?php echo ENTRY_SHIPPING_ADDRESS; ?></b></td>
<td class="main"><?php echo tep_address_format($order->delivery['format_id'], $order->delivery, 1, '', '<br>'); ?></td>
</tr>
</table></td>
<td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td class="main" valign="top"><b><?php echo ENTRY_BILLING_ADDRESS; ?></b></td>
<td class="main"><?php echo tep_address_format($order->billing['format_id'], $order->billing, 1, '', '<br>'); ?></td>
</tr>
</table></td>
</tr>
</table></td>
</tr>
<tr>
<td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
</tr>
<tr>
<td><table border="0" cellspacing="0" cellpadding="2">
<tr>
<td class="main"><b><?php echo ENTRY_PAYMENT_METHOD; ?></b></td>
<td class="main"><?php echo $order->info['payment_method']; ?></td>
</tr>
<?php
if (tep_not_null($order->info['cc_type']) || tep_not_null($order->info['cc_owner']) || tep_not_null($order->info['cc_number'])) {
?>
<tr>
<td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
</tr>
<tr>
<td class="main"><?php echo ENTRY_CREDIT_CARD_TYPE; ?></td>
<td class="main"><?php echo $order->info['cc_type']; ?></td>
</tr>
<tr>
<td class="main"><?php echo ENTRY_CREDIT_CARD_OWNER; ?></td>
<td class="main"><?php echo $order->info['cc_owner']; ?></td>
</tr>
<tr>
<td class="main"><?php echo ENTRY_CREDIT_CARD_NUMBER; ?></td>
<td class="main"><?php echo $order->info['cc_number']; ?></td>
</tr>
<tr>
<td class="main"><?php echo ENTRY_CREDIT_CARD_EXPIRES; ?></td>
<td class="main"><?php echo $order->info['cc_expires']; ?></td>
</tr>
<?php
}
?>
</table></td>
</tr>
<tr>
<td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
</tr>
<tr>
<td><table border="0" width="100%" cellspacing="0" cellpadding="2">
<tr class="dataTableHeadingRow">
<td class="dataTableHeadingContent" colspan="2"><?php echo TABLE_HEADING_PRODUCTS; ?></td>
<td class="dataTableHeadingContent"><?php echo TABLE_HEADING_PRODUCTS_MODEL; ?></td>
<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TAX; ?></td>
<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_PRICE_EXCLUDING_TAX; ?></td>
<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_PRICE_INCLUDING_TAX; ?></td>
<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TOTAL_EXCLUDING_TAX; ?></td>
<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TOTAL_INCLUDING_TAX; ?></td>
</tr>
<?php
for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {
//BEGIN RMA MODULE
$returns_check_query = tep_db_query("SELECT r.rma_value, rp.products_id FROM " . TABLE_RETURNS . " r, " . TABLE_RETURNS_PRODUCTS_DATA . " rp where r.returns_id = rp.returns_id and r.order_id = '" . $oID . "' and rp.products_id = '" . $order->products[$i]['id'] . "' ");
if (!tep_db_num_rows($returns_check_query)){

if ($order->products[$i]['return'] != '1') {
$return_link = '<a href="' . tep_href_link(FILENAME_RETURN, 'order_id=' . $oID . '&products_id=' . ($order->products[$i]['id']), 'NONSSL') . '"><u>' . '<font color="818180">Schedule Return</font>' .'</a></u>';
}
// Don't show Return link if order is still pending or processing
// You can change this or comment it out as best fits your store configuration
if (($orders_status == '1') OR ($orders_status == '2') ) {
$return_link = '';
}
} else {
$returns = tep_db_fetch_array($returns_check_query);
$return_link = '<a href=' . tep_href_link(FILENAME_RETURNS, 'cID=' . $returns['rma_value']) . '><font color=red><b><i>Returns</b></i></font></a>';
}
//END RMA MODULE
echo ' <tr class="dataTableRow">' . "\n" .
' <td class="dataTableContent" valign="top" align="right">' . $order->products[$i]['qty'] . ' x</td>' . "\n" .
' <td class="dataTableContent" valign="top">' . $order->products[$i]['name'] . '  ' . $return_link;

if (isset($order->products[$i]['attributes']) && (sizeof($order->products[$i]['attributes']) > 0)) {
for ($j = 0, $k = sizeof($order->products[$i]['attributes']); $j < $k; $j++) {
echo '<br><nobr><small> <i> - ' . $order->products[$i]['attributes'][$j]['option'] . ': ' . $order->products[$i]['attributes'][$j]['value'];
if ($order->products[$i]['attributes'][$j]['price'] != '0') echo ' (' . $order->products[$i]['attributes'][$j]['prefix'] . $currencies->format($order->products[$i]['attributes'][$j]['price'] * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) . ')';
echo '</i></small></nobr>';
}
}

echo ' </td>' . "\n" .
' <td class="dataTableContent" valign="top">' . $order->products[$i]['model'] . '</td>' . "\n" .
' <td class="dataTableContent" align="right" valign="top">' . tep_display_tax_value($order->products[$i]['tax']) . '%</td>' . "\n" .
' <td class="dataTableContent" align="right" valign="top"><b>' . $currencies->format($order->products[$i]['final_price'], true, $order->info['currency'], $order->info['currency_value']) . '</b></td>' . "\n" .
' <td class="dataTableContent" align="right" valign="top"><b>' . $currencies->format(tep_add_tax($order->products[$i]['final_price'], $order->products[$i]['tax']), true, $order->info['currency'], $order->info['currency_value']) . '</b></td>' . "\n" .
' <td class="dataTableContent" align="right" valign="top"><b>' . $currencies->format($order->products[$i]['final_price'] * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) . '</b></td>' . "\n" .
' <td class="dataTableContent" align="right" valign="top"><b>' . $currencies->format(tep_add_tax($order->products[$i]['final_price'], $order->products[$i]['tax']) * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) . '</b></td>' . "\n";
echo ' </tr>' . "\n";
}
?>
<tr>
<td align="right" colspan="8"><table border="0" cellspacing="0" cellpadding="2">
<?php
for ($i = 0, $n = sizeof($order->totals); $i < $n; $i++) {
echo ' <tr>' . "\n" .
' <td align="right" class="smallText">' . $order->totals[$i]['title'] . '</td>' . "\n" .
' <td align="right" class="smallText">' . $order->totals[$i]['text'] . '</td>' . "\n" .
' </tr>' . "\n";
}
?>
</table></td>
</tr>
</table></td>
</tr>
<tr>
<td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
</tr>
<tr>
<td class="main"><table border="1" cellspacing="0" cellpadding="5">
<tr>
<td class="smallText" align="center"><b><?php echo TABLE_HEADING_DATE_ADDED; ?></b></td>
<td class="smallText" align="center"><b><?php echo TABLE_HEADING_CUSTOMER_NOTIFIED; ?></b></td>
<td class="smallText" align="center"><b><?php echo TABLE_HEADING_STATUS; ?></b></td>
<td class="smallText" align="center"><b><?php echo TABLE_HEADING_COMMENTS; ?></b></td>
</tr>
<?php
$orders_history_query = tep_db_query("select orders_status_id, date_added, customer_notified, comments from " . TABLE_ORDERS_STATUS_HISTORY . " where orders_id = '" . tep_db_input($oID) . "' order by date_added");
if (tep_db_num_rows($orders_history_query)) {
while ($orders_history = tep_db_fetch_array($orders_history_query)) {
echo ' <tr>' . "\n" .
' <td class="smallText" align="center">' . tep_datetime_short($orders_history['date_added']) . '</td>' . "\n" .
' <td class="smallText" align="center">';
if ($orders_history['customer_notified'] == '1') {
echo tep_image(DIR_WS_ICONS . 'tick.gif', ICON_TICK) . "</td>\n";
} else {
echo tep_image(DIR_WS_ICONS . 'cross.gif', ICON_CROSS) . "</td>\n";
}
echo ' <td class="smallText">' . $orders_status_array[$orders_history['orders_status_id']] . '</td>' . "\n" .
' <td class="smallText">' . nl2br(tep_db_output($orders_history['comments'])) . ' </td>' . "\n" .
' </tr>' . "\n";
}
} else {
echo ' <tr>' . "\n" .
' <td class="smallText" colspan="5">' . TEXT_NO_ORDER_HISTORY . '</td>' . "\n" .
' </tr>' . "\n";
}
?>
</table></td>
</tr>
<tr>
<td class="main"><br><b><?php echo TABLE_HEADING_COMMENTS; ?></b></td>
</tr>
<tr>
<td><?php echo tep_draw_separator('pixel_trans.gif', '1', '5'); ?></td>
</tr>
<tr><?php echo tep_draw_form('status', FILENAME_ORDERS, tep_get_all_get_params(array('action')) . 'action=update_order'); ?>
<td class="main"><?php echo tep_draw_textarea_field('comments', 'soft', '60', '5'); ?></td>
</tr>
<tr>
<td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
</tr>
<tr>
<td><table border="0" cellspacing="0" cellpadding="2">
<tr>
<td><table border="0" cellspacing="0" cellpadding="2">
<tr>
<td class="main"><b><?php echo ENTRY_STATUS; ?></b> <?php echo tep_draw_pull_down_menu('status', $orders_statuses, $order->info['orders_status']); ?></td>
</tr>
<tr>
<td class="main"><b><?php echo ENTRY_NOTIFY_CUSTOMER; ?></b> <?php echo tep_draw_checkbox_field('notify', '', true); ?></td>
<td class="main"><b><?php echo ENTRY_NOTIFY_COMMENTS; ?></b> <?php echo tep_draw_checkbox_field('notify_comments', '', true); ?></td>
</tr>
</table></td>
<td valign="top"><?php echo tep_image_submit('button_update.gif', IMAGE_UPDATE); ?></td>
<!-- googlecheckout Tracking Number -->
<?php 
// orders_status == STATE_PROCESSING -> Processing before delivery
if($order->info['payment_method'] == 'Google Checkout' && $order->info['orders_status'] == STATE_PROCESSING){
echo '<td><table border="0" cellpadding="3" cellspacing="0" width="100%"> 
<tbody>
<tr> 
<td style="border-top: 2px solid rgb(255, 255, 255); border-right: 2px solid rgb(255, 255, 255);" nowrap="nowrap" colspan="2">
<b>Shipping Information</b> 
</td> 
</tr>
<tr> 
<td nowrap="nowrap" valign="middle" width="1%"> 
<font size="2"> 
<b>Tracking:</b> 
</font> 
</td> 
<td style="border-right: 2px solid rgb(255, 255, 255); border-bottom: 2px solid rgb(255, 255, 255);" nowrap="nowrap"> 
<input name="tracking_number" style="color: rgb(0, 0, 0);" id="trackingBox" size="20" type="text"> 
</td> 
</tr> 
<tr> 
<td nowrap="nowrap" valign="middle" width="1%"> 
<font size="2"> 
<b>Carrier:</b> 
</font> 
</td> 
<td style="border-right: 2px solid rgb(255, 255, 255);" nowrap="nowrap"> 
<select name="carrier_select" style="color: rgb(0, 0, 0);" id="carrierSelect"> 
<option value="select" selected="selected">
Select ... 
</option> 
<option value="USPS">
USPS 
</option> 
<option value="DHL">
DHL 
</option> 
<option value="UPS">
UPS 
</option> 
<option value="Other">
Other 
</option> 
<option value="FedEx">
FedEx 
</option> 
</select> 
</td> 
</tr> 
</tbody> 
</table></td>';

}
?>
<!-- end googlecheckout Tracking Number -->
</tr>
</table></td>
</form></tr>
<tr>
<td colspan="2" align="right"><?php echo '<a href="' . tep_href_link(FILENAME_ORDERS_EDIT, 'oID=' . $_GET['oID']) . '">' . tep_image_button('button_edit.gif', IMAGE_EDIT) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS_INVOICE, 'oID=' . $_GET['oID']) . '" TARGET="_blank">' . tep_image_button('button_invoice.gif', IMAGE_ORDERS_INVOICE) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $_GET['oID']) . '" TARGET="_blank">' . tep_image_button('button_packingslip.gif', IMAGE_ORDERS_PACKINGSLIP) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('action'))) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a> '; ?></td>
</tr>
<?php
} else {
?>
<tr>
<td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr>
<td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
<td class="pageHeading" align="right"><?php echo tep_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>
<td align="right"><table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr><?php echo tep_draw_form('orders', FILENAME_ORDERS, '', 'get'); ?>
<td class="smallText" align="right"><?php echo HEADING_TITLE_SEARCH . ' ' . tep_draw_input_field('oID', '', 'size="12"') . tep_draw_hidden_field('action', 'edit'); ?></td>
</form></tr>
<tr><?php echo tep_draw_form('status', FILENAME_ORDERS, '', 'get'); ?>
<td class="smallText" align="right"><?php echo HEADING_TITLE_STATUS . ' ' . tep_draw_pull_down_menu('status', array_merge(array(array('id' => '', 'text' => TEXT_ALL_ORDERS)), $orders_statuses), '', 'onChange="this.form.submit();"'); ?></td>
</form></tr>
</table></td>
</tr>
</table></td>
</tr>
<tr>
<td><table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr>
<td valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
<tr class="dataTableHeadingRow">
			<td class="dataTableHeadingContent">Order #</td>
<td class="dataTableHeadingContent"><?php echo TABLE_HEADING_CUSTOMERS; ?></td>
<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ORDER_TOTAL; ?></td>
<td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_DATE_PURCHASED; ?></td>
<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_STATUS; ?></td>
<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACTION; ?> </td>
</tr>
<?php
if (isset($HTTP_GET_VARS['cID'])) {
$cID = tep_db_prepare_input($HTTP_GET_VARS['cID']);
$orders_query_raw = "select o.orders_id, o.customers_name, o.customers_id, o.payment_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where o.customers_id = '" . (int)$cID . "' and o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and ot.class = 'ot_total' order by orders_id DESC";
} elseif (isset($HTTP_GET_VARS['status']) && is_numeric($HTTP_GET_VARS['status']) && ($HTTP_GET_VARS['status'] > 0)) {
$status = tep_db_prepare_input($HTTP_GET_VARS['status']);
$orders_query_raw = "select o.orders_id, o.customers_id, o.customers_name, o.payment_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and s.orders_status_id = '" . (int)$status . "' and ot.class = 'ot_total' order by o.orders_id DESC";
} else {
$orders_query_raw = "select o.orders_id, o.customers_id, o.customers_name, o.payment_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and ot.class = 'ot_total' order by o.orders_id DESC";
}
$orders_split = new splitPageResults($HTTP_GET_VARS['page'], MAX_DISPLAY_SEARCH_RESULTS, $orders_query_raw, $orders_query_numrows);
$orders_query = tep_db_query($orders_query_raw);
while ($orders = tep_db_fetch_array($orders_query)) {
// PWA BOF
if ($orders['customers_id']==0) $orders['customers_name'] = '<b>!!</b> ' . $orders['customers_name'];
// PWA EOF
if ((!isset($HTTP_GET_VARS['oID']) || (isset($HTTP_GET_VARS['oID']) && ($HTTP_GET_VARS['oID'] == $orders['orders_id']))) && !isset($oInfo)) {
$oInfo = new objectInfo($orders);
}

if (isset($oInfo) && is_object($oInfo) && ($orders['orders_id'] == $oInfo->orders_id)) {
echo ' <tr id="defaultSelected" class="dataTableRowSelected" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=edit') . '\'">' . "\n";
} else {
echo ' <tr class="dataTableRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID')) . 'oID=' . $orders['orders_id']) . '\'">' . "\n";
}
?>
			<td class="dataTableContent"><?php echo '<a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $orders['orders_id'] . '&action=edit') . '">' . tep_image(DIR_WS_ICONS . 'preview.gif', ICON_PREVIEW) . ' <b>#' . $orders['orders_id'] . '</b></a>'; ?></td>
			<td class="dataTableContent"><?php echo $orders['customers_name']; ?></td>
<td class="dataTableContent" align="right"><?php echo strip_tags($orders['order_total']); ?></td>
<td class="dataTableContent" align="center"><?php echo tep_datetime_short($orders['date_purchased']); ?></td>
<td class="dataTableContent" align="right"><?php echo $orders['orders_status_name']; ?></td>
<td class="dataTableContent" align="right"><?php if (isset($oInfo) && is_object($oInfo) && ($orders['orders_id'] == $oInfo->orders_id)) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '<a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID')) . 'oID=' . $orders['orders_id']) . '">' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . '</a>'; } ?> </td>
</tr>
<?php
}
?>
<tr>
<td colspan="6"><table border="0" width="100%" cellspacing="0" cellpadding="2">
<tr>
<td class="smallText" valign="top"><?php echo $orders_split->display_count($orders_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_ORDERS); ?></td>
<td class="smallText" align="right"><?php echo $orders_split->display_links($orders_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page'], tep_get_all_get_params(array('page', 'oID', 'action'))); ?></td>
</tr>
</table></td>
</tr>
</table></td>
<?php
$heading = array();
$contents = array();

switch ($action) {
case 'delete':
$heading[] = array('text' => '<b>' . TEXT_INFO_HEADING_DELETE_ORDER . '</b>');

$contents = array('form' => tep_draw_form('orders', FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=deleteconfirm'));
$contents[] = array('text' => TEXT_INFO_DELETE_INTRO . '<br><br><b>' . $cInfo->customers_firstname . ' ' . $cInfo->customers_lastname . '</b>');
$contents[] = array('text' => '<br>' . tep_draw_checkbox_field('restock') . ' ' . TEXT_INFO_RESTOCK_PRODUCT_QUANTITY);
$contents[] = array('align' => 'center', 'text' => '<br>' . tep_image_submit('button_delete.gif', IMAGE_DELETE) . ' <a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id) . '">' . tep_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>');
break;
default:
if (isset($oInfo) && is_object($oInfo)) {
$heading[] = array('text' => '<b>[' . $oInfo->orders_id . ']  ' . tep_datetime_short($oInfo->date_purchased) . '</b>');

$contents[] = array('align' => 'center', 'text' => '<a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=edit') . '">' . tep_image_button('button_edit.gif', IMAGE_EDIT) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=delete') . '">' . tep_image_button('button_delete.gif', IMAGE_DELETE) . '</a>');
$contents[] = array('align' => 'center', 'text' => '<a href="' . tep_href_link(FILENAME_ORDERS_INVOICE, 'oID=' . $oInfo->orders_id) . '" TARGET="_blank">' . tep_image_button('button_invoice.gif', IMAGE_ORDERS_INVOICE) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $oInfo->orders_id) . '" TARGET="_blank">' . tep_image_button('button_packingslip.gif', IMAGE_ORDERS_PACKINGSLIP) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS_EDIT, 'oID=' . $oInfo->orders_id) . '">' . tep_image_button('button_edit.gif', IMAGE_EDIT) . '</a>');
$contents[] = array('text' => '<br>' . TEXT_DATE_ORDER_CREATED . ' ' . tep_date_short($oInfo->date_purchased));
if (tep_not_null($oInfo->last_modified)) $contents[] = array('text' => TEXT_DATE_ORDER_LAST_MODIFIED . ' ' . tep_date_short($oInfo->last_modified));
$contents[] = array('text' => '<br>' . TEXT_INFO_PAYMENT_METHOD . ' ' . $oInfo->payment_method);
}
break;
}

if ( (tep_not_null($heading)) && (tep_not_null($contents)) ) {
echo ' <td width="25%" valign="top">' . "\n";

$box = new box;
echo $box->infoBox($heading, $contents);

echo ' </td>' . "\n";
}
?>
</tr>
</table></td>
</tr>
<?php
}
?>
</table></td>
<!-- body_text_eof //-->
</tr>
</table>
<!-- body_eof //-->

<!-- footer //-->
<?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
<!-- footer_eof //-->
<br>
</body>
</html>
<?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>

:-)

Monika

 

addicted to writing code ... can't get enough of databases either, LOL!

 

my toolbox: Textpad - Compare and Merge - phpMyAdmin - WS_FTP - Photoshop - How to search the forum

 

Interactive Media Award July 2007 ~ category E-Commerce

my advice on the forum is for free, PMs where you send me work are considered consultation which I charge for ...

Link to comment
Share on other sites

Hi

 

Thanks alot Monica,,,,, YOu are Great programmer.....

it is working

That's exactly what i was looking for... you Fixed it...Great..

 

Can I request you to look on my other post I posted today about Shipping prices in customer shopping cart or somewhere customer can see estimated delivery price before create account....

 

 

Thanks again for all help and favors you doing here......

 

 

Kinds regards

 

zee

Link to comment
Share on other sites

:-). happy that your are happy!

 

To show shipping on the product page, each item would have to have a separate cost ... like individual shipping. There are contributions out tehre for that.

 

But I think for you it would be perfectly fine to show estimated shipping on the cart page

http://www.oscommerce.com/community/contri...ch,ship+in+cart

:-)

Monika

 

addicted to writing code ... can't get enough of databases either, LOL!

 

my toolbox: Textpad - Compare and Merge - phpMyAdmin - WS_FTP - Photoshop - How to search the forum

 

Interactive Media Award July 2007 ~ category E-Commerce

my advice on the forum is for free, PMs where you send me work are considered consultation which I charge for ...

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...