FishEye: file osCommerce/tags/oscommerce-2.2ms2-20060817/catalog/address_book

Annotated File View

hpdl	477	1	<?php
		2	/*
		3	$Id: address_book_process.php,v 1.79 2003/06/09 23:03:52 hpdl Exp $
		4
		5	osCommerce, Open Source E-Commerce Solutions
		6	http://www.oscommerce.com
		7
		8	Copyright (c) 2003 osCommerce
		9
		10	Released under the GNU General Public License
		11	*/
		12
		13	require('includes/application_top.php');
		14
		15	if (!tep_session_is_registered('customer_id')) {
		16	$navigation->set_snapshot();
		17	tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
		18	}
		19
		20	// needs to be included earlier to set the success message in the messageStack
		21	require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_ADDRESS_BOOK_PROCESS);
		22
		23	if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'deleteconfirm') && isset($HTTP_GET_VARS['delete']) && is_numeric($HTTP_GET_VARS['delete'])) {
		24	tep_db_query("delete from " . TABLE_ADDRESS_BOOK . " where address_book_id = '" . (int)$HTTP_GET_VARS['delete'] . "' and customers_id = '" . (int)$customer_id . "'");
		25
		26	$messageStack->add_session('addressbook', SUCCESS_ADDRESS_BOOK_ENTRY_DELETED, 'success');
		27
		28	tep_redirect(tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL'));
		29	}
		30
		31	// error checking when updating or adding an entry
		32	$process = false;
		33	if (isset($HTTP_POST_VARS['action']) && (($HTTP_POST_VARS['action'] == 'process') \|\| ($HTTP_POST_VARS['action'] == 'update'))) {
		34	$process = true;
		35	$error = false;
		36
		37	if (ACCOUNT_GENDER == 'true') $gender = tep_db_prepare_input($HTTP_POST_VARS['gender']);
		38	if (ACCOUNT_COMPANY == 'true') $company = tep_db_prepare_input($HTTP_POST_VARS['company']);
		39	$firstname = tep_db_prepare_input($HTTP_POST_VARS['firstname']);
		40	$lastname = tep_db_prepare_input($HTTP_POST_VARS['lastname']);
		41	$street_address = tep_db_prepare_input($HTTP_POST_VARS['street_address']);
		42	if (ACCOUNT_SUBURB == 'true') $suburb = tep_db_prepare_input($HTTP_POST_VARS['suburb']);
		43	$postcode = tep_db_prepare_input($HTTP_POST_VARS['postcode']);
		44	$city = tep_db_prepare_input($HTTP_POST_VARS['city']);
		45	$country = tep_db_prepare_input($HTTP_POST_VARS['country']);
		46	if (ACCOUNT_STATE == 'true') {
		47	if (isset($HTTP_POST_VARS['zone_id'])) {
		48	$zone_id = tep_db_prepare_input($HTTP_POST_VARS['zone_id']);
		49	} else {
		50	$zone_id = false;
		51	}
		52	$state = tep_db_prepare_input($HTTP_POST_VARS['state']);
		53	}
		54
		55	if (ACCOUNT_GENDER == 'true') {
		56	if ( ($gender != 'm') && ($gender != 'f') ) {
		57	$error = true;
		58
		59	$messageStack->add('addressbook', ENTRY_GENDER_ERROR);
		60	}
		61	}
		62
		63	if (strlen($firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) {
		64	$error = true;
65
66	$messageStack->add('addressbook', ENTRY_FIRST_NAME_ERROR);
67	}
68
69	if (strlen($lastname) < ENTRY_LAST_NAME_MIN_LENGTH) {
70	$error = true;
71
72	$messageStack->add('addressbook', ENTRY_LAST_NAME_ERROR);
73	}
74
75	if (strlen($street_address) < ENTRY_STREET_ADDRESS_MIN_LENGTH) {
76	$error = true;
77
78	$messageStack->add('addressbook', ENTRY_STREET_ADDRESS_ERROR);
79	}
80
81	if (strlen($postcode) < ENTRY_POSTCODE_MIN_LENGTH) {
82	$error = true;
83
84	$messageStack->add('addressbook', ENTRY_POST_CODE_ERROR);
85	}
86
87	if (strlen($city) < ENTRY_CITY_MIN_LENGTH) {
88	$error = true;
89
90	$messageStack->add('addressbook', ENTRY_CITY_ERROR);
91	}
92
93	if (!is_numeric($country)) {
94	$error = true;
95
96	$messageStack->add('addressbook', ENTRY_COUNTRY_ERROR);
97	}
98
99	if (ACCOUNT_STATE == 'true') {
100	$zone_id = 0;
101	$check_query = tep_db_query("select count(*) as total from " . TABLE_ZONES . " where zone_country_id = '" . (int)$country . "'");
102	$check = tep_db_fetch_array($check_query);
103	$entry_state_has_zones = ($check['total'] > 0);
104	if ($entry_state_has_zones == true) {
105	$zone_query = tep_db_query("select distinct zone_id from " . TABLE_ZONES . " where zone_country_id = '" . (int)$country . "' and (zone_name like '" . tep_db_input($state) . "%' or zone_code like '%" . tep_db_input($state) . "%')");
106	if (tep_db_num_rows($zone_query) == 1) {
107	$zone = tep_db_fetch_array($zone_query);
108	$zone_id = $zone['zone_id'];
109	} else {
110	$error = true;
111
112	$messageStack->add('addressbook', ENTRY_STATE_ERROR_SELECT);
113	}
114	} else {
115	if (strlen($state) < ENTRY_STATE_MIN_LENGTH) {
116	$error = true;
117
118	$messageStack->add('addressbook', ENTRY_STATE_ERROR);
119	}
120	}
121	}
122
123	if ($error == false) {
124	$sql_data_array = array('entry_firstname' => $firstname,
125	'entry_lastname' => $lastname,
126	'entry_street_address' => $street_address,
127	'entry_postcode' => $postcode,
128	'entry_city' => $city,
129	'entry_country_id' => (int)$country);
130
131	if (ACCOUNT_GENDER == 'true') $sql_data_array['entry_gender'] = $gender;
132	if (ACCOUNT_COMPANY == 'true') $sql_data_array['entry_company'] = $company;
133	if (ACCOUNT_SUBURB == 'true') $sql_data_array['entry_suburb'] = $suburb;
134	if (ACCOUNT_STATE == 'true') {
135	if ($zone_id > 0) {
136	$sql_data_array['entry_zone_id'] = (int)$zone_id;
137	$sql_data_array['entry_state'] = '';
138	} else {
139	$sql_data_array['entry_zone_id'] = '0';
140	$sql_data_array['entry_state'] = $state;
141	}
142	}
143
144	if ($HTTP_POST_VARS['action'] == 'update') {
145	tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array, 'update', "address_book_id = '" . (int)$HTTP_GET_VARS['edit'] . "' and customers_id ='" . (int)$customer_id . "'");
146
147	// reregister session variables
148	if ( (isset($HTTP_POST_VARS['primary']) && ($HTTP_POST_VARS['primary'] == 'on')) \|\| ($HTTP_GET_VARS['edit'] == $customer_default_address_id) ) {
149	$customer_first_name = $firstname;
150	$customer_country_id = $country;
151	$customer_zone_id = (($zone_id > 0) ? (int)$zone_id : '0');
152	$customer_default_address_id = (int)$HTTP_GET_VARS['edit'];
153
154	$sql_data_array = array('customers_firstname' => $firstname,
155	'customers_lastname' => $lastname,
156	'customers_default_address_id' => (int)$HTTP_GET_VARS['edit']);
157
158	if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $gender;
159
160	tep_db_perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id = '" . (int)$customer_id . "'");
161	}
162	} else {
163	$sql_data_array['customers_id'] = (int)$customer_id;
164	tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array);
165
166	$new_address_book_id = tep_db_insert_id();
167
168	// reregister session variables
169	if (isset($HTTP_POST_VARS['primary']) && ($HTTP_POST_VARS['primary'] == 'on')) {
170	$customer_first_name = $firstname;
171	$customer_country_id = $country;
172	$customer_zone_id = (($zone_id > 0) ? (int)$zone_id : '0');
173	if (isset($HTTP_POST_VARS['primary']) && ($HTTP_POST_VARS['primary'] == 'on')) $customer_default_address_id = $new_address_book_id;
174
175	$sql_data_array = array('customers_firstname' => $firstname,
176	'customers_lastname' => $lastname);
177
178	if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $gender;
179	if (isset($HTTP_POST_VARS['primary']) && ($HTTP_POST_VARS['primary'] == 'on')) $sql_data_array['customers_default_address_id'] = $new_address_book_id;
180
181	tep_db_perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id = '" . (int)$customer_id . "'");
182	}
183	}
184
185	$messageStack->add_session('addressbook', SUCCESS_ADDRESS_BOOK_ENTRY_UPDATED, 'success');
186
187	tep_redirect(tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL'));
188	}
189	}
190
191	if (isset($HTTP_GET_VARS['edit']) && is_numeric($HTTP_GET_VARS['edit'])) {
192	$entry_query = tep_db_query("select entry_gender, entry_company, entry_firstname, entry_lastname, entry_street_address, entry_suburb, entry_postcode, entry_city, entry_state, entry_zone_id, entry_country_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int)$customer_id . "' and address_book_id = '" . (int)$HTTP_GET_VARS['edit'] . "'");
193
194	if (!tep_db_num_rows($entry_query)) {
195	$messageStack->add_session('addressbook', ERROR_NONEXISTING_ADDRESS_BOOK_ENTRY);
196
197	tep_redirect(tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL'));
198	}
199
200	$entry = tep_db_fetch_array($entry_query);
201	} elseif (isset($HTTP_GET_VARS['delete']) && is_numeric($HTTP_GET_VARS['delete'])) {
202	if ($HTTP_GET_VARS['delete'] == $customer_default_address_id) {
203	$messageStack->add_session('addressbook', WARNING_PRIMARY_ADDRESS_DELETION, 'warning');
204
205	tep_redirect(tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL'));
206	} else {
207	$check_query = tep_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where address_book_id = '" . (int)$HTTP_GET_VARS['delete'] . "' and customers_id = '" . (int)$customer_id . "'");
208	$check = tep_db_fetch_array($check_query);
209
210	if ($check['total'] < 1) {
211	$messageStack->add_session('addressbook', ERROR_NONEXISTING_ADDRESS_BOOK_ENTRY);
212
213	tep_redirect(tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL'));
214	}
215	}
216	} else {
217	$entry = array();
218	}
219
220	if (!isset($HTTP_GET_VARS['delete']) && !isset($HTTP_GET_VARS['edit'])) {
221	if (tep_count_customer_address_book_entries() >= MAX_ADDRESS_BOOK_ENTRIES) {
222	$messageStack->add_session('addressbook', ERROR_ADDRESS_BOOK_FULL);
223
224	tep_redirect(tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL'));
225	}
226	}
227
228	$breadcrumb->add(NAVBAR_TITLE_1, tep_href_link(FILENAME_ACCOUNT, '', 'SSL'));
229	$breadcrumb->add(NAVBAR_TITLE_2, tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL'));
230
231	if (isset($HTTP_GET_VARS['edit']) && is_numeric($HTTP_GET_VARS['edit'])) {
232	$breadcrumb->add(NAVBAR_TITLE_MODIFY_ENTRY, tep_href_link(FILENAME_ADDRESS_BOOK_PROCESS, 'edit=' . $HTTP_GET_VARS['edit'], 'SSL'));
233	} elseif (isset($HTTP_GET_VARS['delete']) && is_numeric($HTTP_GET_VARS['delete'])) {
234	$breadcrumb->add(NAVBAR_TITLE_DELETE_ENTRY, tep_href_link(FILENAME_ADDRESS_BOOK_PROCESS, 'delete=' . $HTTP_GET_VARS['delete'], 'SSL'));
235	} else {
236	$breadcrumb->add(NAVBAR_TITLE_ADD_ENTRY, tep_href_link(FILENAME_ADDRESS_BOOK_PROCESS, '', 'SSL'));
237	}
238	?>
239	<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
240	<html <?php echo HTML_PARAMS; ?>>
241	<head>
242	<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
243	<title><?php echo TITLE; ?></title>
244	<base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>">
245	<link rel="stylesheet" type="text/css" href="stylesheet.css">
246	<?php
247	if (!isset($HTTP_GET_VARS['delete'])) {
248	include('includes/form_check.js.php');
249	}
250	?>
251	</head>
252	<body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0">
253	<!-- header //-->
254	<?php require(DIR_WS_INCLUDES . 'header.php'); ?>
255	<!-- header_eof //-->
256
257	<!-- body //-->
258	<table border="0" width="100%" cellspacing="3" cellpadding="3">
259	<tr>
260	<td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2">
261	<!-- left_navigation //-->
262	<?php require(DIR_WS_INCLUDES . 'column_left.php'); ?>
263	<!-- left_navigation_eof //-->
264	</table></td>
265	<!-- body_text //-->
266	<td width="100%" valign="top"><?php if (!isset($HTTP_GET_VARS['delete'])) echo tep_draw_form('addressbook', tep_href_link(FILENAME_ADDRESS_BOOK_PROCESS, (isset($HTTP_GET_VARS['edit']) ? 'edit=' . $HTTP_GET_VARS['edit'] : ''), 'SSL'), 'post', 'onSubmit="return check_form(addressbook);"'); ?><table border="0" width="100%" cellspacing="0" cellpadding="0">
267	<tr>
268	<td><table border="0" width="100%" cellspacing="0" cellpadding="0">
269	<tr>
270	<td class="pageHeading"><?php if (isset($HTTP_GET_VARS['edit'])) { echo HEADING_TITLE_MODIFY_ENTRY; } elseif (isset($HTTP_GET_VARS['delete'])) { echo HEADING_TITLE_DELETE_ENTRY; } else { echo HEADING_TITLE_ADD_ENTRY; } ?></td>
271	<td class="pageHeading" align="right"><?php echo tep_image(DIR_WS_IMAGES . 'table_background_address_book.gif', (isset($HTTP_GET_VARS['edit']) ? HEADING_TITLE_MODIFY_ENTRY : HEADING_TITLE_ADD_ENTRY), HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT); ?></td>
272	</tr>
273	</table></td>
274	</tr>
275	<tr>
276	<td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
277	</tr>
278	<?php
279	if ($messageStack->size('addressbook') > 0) {
280	?>
281	<tr>
282	<td><?php echo $messageStack->output('addressbook'); ?></td>
283	</tr>
284	<tr>
285	<td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
286	</tr>
287	<?php
288	}
289
290	if (isset($HTTP_GET_VARS['delete'])) {
291	?>
292	<tr>
293	<td class="main"><b><?php echo DELETE_ADDRESS_TITLE; ?></b></td>
294	</tr>
295	<tr>
296	<td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">
297	<tr class="infoBoxContents">
298	<td><table border="0" width="100%" cellspacing="0" cellpadding="2">
299	<tr>
300	<td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
301	<td class="main" width="50%" valign="top"><?php echo DELETE_ADDRESS_DESCRIPTION; ?></td>
302	<td align="right" width="50%" valign="top"><table border="0" cellspacing="0" cellpadding="2">
303	<tr>
304	<td class="main" align="center" valign="top"><b><?php echo SELECTED_ADDRESS; ?></b><br><?php echo tep_image(DIR_WS_IMAGES . 'arrow_south_east.gif'); ?></td>
305	<td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
306	<td class="main" valign="top"><?php echo tep_address_label($customer_id, $HTTP_GET_VARS['delete'], true, ' ', '<br>'); ?></td>
307	<td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
308	</tr>
309	</table></td>
310	</tr>
311	</table></td>
312	</tr>
313	</table></td>
314	</tr>
315	<tr>
316	<td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
317	</tr>
318	<tr>
319	<td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">
320	<tr class="infoBoxContents">
321	<td><table border="0" width="100%" cellspacing="0" cellpadding="2">
322	<tr>
323	<td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
324	<td><?php echo '<a href="' . tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL') . '">' . tep_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'; ?></td>
325	<td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_ADDRESS_BOOK_PROCESS, 'delete=' . $HTTP_GET_VARS['delete'] . '&action=deleteconfirm', 'SSL') . '">' . tep_image_button('button_delete.gif', IMAGE_BUTTON_DELETE) . '</a>'; ?></td>
326	<td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
327	</tr>
328	</table></td>
329	</tr>
330	</table></td>
331	</tr>
332	<?php
333	} else {
334	?>
335	<tr>
336	<td><?php include(DIR_WS_MODULES . 'address_book_details.php'); ?></td>
337	</tr>
338	<tr>
339	<td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
340	</tr>
341	<?php
342	if (isset($HTTP_GET_VARS['edit']) && is_numeric($HTTP_GET_VARS['edit'])) {
343	?>
344	<tr>
345	<td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">
346	<tr class="infoBoxContents">
347	<td><table border="0" width="100%" cellspacing="0" cellpadding="2">
348	<tr>
349	<td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
350	<td><?php echo '<a href="' . tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL') . '">' . tep_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'; ?></td>
351	<td align="right"><?php echo tep_draw_hidden_field('action', 'update') . tep_draw_hidden_field('edit', $HTTP_GET_VARS['edit']) . tep_image_submit('button_update.gif', IMAGE_BUTTON_UPDATE); ?></td>
352	<td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
353	</tr>
354	</table></td>
355	</tr>
356	</table></td>
357	</tr>
358	<?php
359	} else {
360	if (sizeof($navigation->snapshot) > 0) {
361	$back_link = tep_href_link($navigation->snapshot['page'], tep_array_to_string($navigation->snapshot['get'], array(tep_session_name())), $navigation->snapshot['mode']);
362	} else {
363	$back_link = tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL');
364	}
365	?>
366	<tr>
367	<td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">
368	<tr class="infoBoxContents">
369	<td><table border="0" width="100%" cellspacing="0" cellpadding="2">
370	<tr>
371	<td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
372	<td><?php echo '<a href="' . $back_link . '">' . tep_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'; ?></td>
373	<td align="right"><?php echo tep_draw_hidden_field('action', 'process') . tep_image_submit('button_continue.gif', IMAGE_BUTTON_CONTINUE); ?></td>
374	<td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
375	</tr>
376	</table></td>
377	</tr>
378	</table></td>
379	</tr>
380
381	<?php
382	}
383	}
384	?>
385	</table><?php if (!isset($HTTP_GET_VARS['delete'])) echo '</form>'; ?></td>
386	<!-- body_text_eof //-->
387	<td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2">
388	<!-- right_navigation //-->
389	<?php require(DIR_WS_INCLUDES . 'column_right.php'); ?>
390	<!-- right_navigation_eof //-->
391	</table></td>
392	</tr>
393	</table>
394	<!-- body_eof //-->
395
396	<!-- footer //-->
397	<?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
398	<!-- footer_eof //-->
399	<br>
400	</body>
401	</html>
402	<?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>

FishEye

View

Diff

Annotations

Annotated File View