HEX
Server: Microsoft-IIS/8.5
System: Windows NT YDAWBH120 6.3 build 9600 (Windows Server 2012 R2 Standard Edition) AMD64
User: tentjecom_web (0)
PHP: 7.4.14
Disabled: NONE
$ pwd: D:/HostingSpaces/SBogers10/deensekroon.komma-mediadesign.nl/wwwroot/admin/php/
Upload Files
File: D:/HostingSpaces/SBogers10/deensekroon.komma-mediadesign.nl/wwwroot/admin/php/countries.php
<?php

	
/* 
	stock.php 

	Mike Ontwerpt 2012
	www.mikeontwerpt.nl
	
*/

function initCountries(){
	
	$output = '';
	
	if(isset($_POST['editSelectedCountries'])){
		updateCountries();	
	}
	else{
		$output .= showDashboard();
	}
	return $output;
	
}


function showDashboard(){
	global $mysqli;	
	/* language */
	$siteLabels = getLanguage();

	$output = '';
	/* title */
	$output .= '<h1>Beheer landen en verzending</h1>';
	
	//start with form for checkboxes
	$output .= '<form action="" name="chkForm"  method="post" class="margin-bottom-40">';
		
		//EDIT
		$output .= '<div class="itemlist-row itemlist-heading">';
			$output .= '<div class="itemlist-single-column"></div>';
			$output .= '<div class="itemlist-double-column">&nbsp;</div>';
			$output .= '<div class="itemlist-single-column">&nbsp;</div>';
			$output .= '<div class="itemlist-single-column">Verzendkosten</div>';
			$output .= '<div class="itemlist-single-column">leverdagen<br /> (voorraad)</div>';
			$output .= '<div class="itemlist-single-column">leverdagen<br /> (uitverkocht)</div>';
			$output .= '<div class="itemlist-single-column status-column">BTW</div>';
			$output .= '<div class="itemlist-single-column itemlist-edit">&nbsp;</div>';
		$output .= '</div>';	
		$output .= '<div class="itemlist-row">';
			$output .= '<div class="itemlist-single-column"><h2>Bewerk:</h2></div>';
			$output .= '<div class="itemlist-double-column">&nbsp;</div>';
			$output .= '<div class="itemlist-single-column">&nbsp;</div>';
			$output .= '<div class="itemlist-single-column"><input type="text" name="shippingCost" value="" class="itemlist-txt" /></div>';
			$output .= '<div class="itemlist-single-column"><input type="text" name="delivery_instock" value="" class="itemlist-txt" /></div>';
			$output .= '<div class="itemlist-single-column"><input type="text" name="delivery_outofstock" value="" class="itemlist-txt" /></div>';
			$output .= '<div class="itemlist-single-column status-column"><input type="text" name="vat" value="" class="itemlist-txt" /></div>';
			$output .= '<div class="itemlist-single-column itemlist-edit"><input type="submit" name="editSelectedCountries" value="opslaan" class="btn80 btn80"/></div>';
		$output .= '</div>';
				
		/* top row */
		$output .= '<div class="itemlist-row itemlist-heading">';
			$output .= '<div class="itemlist-single-column">&nbsp;</div>';
			$output .= '<div class="itemlist-double-column"><input type="checkbox" name="checkCtrl" value="checkAll" onClick="check_all(this);" class="itemlist-cbox">naam</div>';
			$output .= '<div class="itemlist-single-column">ISO 3166</div>';
			$output .= '<div class="itemlist-single-column">Verzendkosten</div>';
			$output .= '<div class="itemlist-single-column">leverdagen<br /> (voorraad)</div>';
			$output .= '<div class="itemlist-single-column">leverdagen<br /> (uitverkocht)</div>';
			$output .= '<div class="itemlist-single-column status-column">BTW</div>';
			$output .= '<div class="itemlist-single-column itemlist-edit"></div>';
		$output .= '</div>';	
		
		/* get info */
		$query =  'SELECT DISTINCT c.id AS countryId, c.name, c.isocode, c.shippingCost, c.deliveryInStock, c.deliverySoldOut, c.VAT
						FROM countries AS c
						ORDER BY c.name ASC';
		if($result = $mysqli->query($query)){
			while($record = $result->fetch_assoc()){
				//create productid
				$countryId = $record['countryId'];
				$name = fromDatabase($record['name']);
				$isoCode = $record['isocode'];
				$shippingCost = $record['shippingCost'];
				$deliveryInStock = fromDatabase($record['deliveryInStock']);
				$deliverySoldOut = fromDatabase($record['deliverySoldOut']);
				$vat = $record['VAT'];
				
				$displayShippingCost = displayPrice($shippingCost);
				
				$output .= '<div class="itemlist-row">';
					/* stock code */
					$output .= '<div class="itemlist-single-column">';
					$output .= '</div>';
					$output .= '<div class="itemlist-double-column">';
									$output .= '<input type="checkbox" name="option[]" id="option'.$countryId.'" value="'.$countryId.'" class="itemlist-cbox" />
									<label for="option'.$countryId.'">'.$name.'</label>';
					$output .= '</div>';
					$output .= '<div class="itemlist-single-column">'.$isoCode.'</div>';
					$output .= '<div class="itemlist-single-column">'.$displayShippingCost.'</div>';
					$output .= '<div class="itemlist-single-column">'.$deliveryInStock.'</div>';
					$output .= '<div class="itemlist-single-column">'.$deliverySoldOut.'</div>';
					$output .= '<div class="itemlist-single-column status-column">'.$vat.'%</div>';
					$output .= '<div class="itemlist-single-column itemlist-edit"></div>';
					$output .= '<div class="clear"></div>';	
				$output .= '</div>';
			}
		}
		else{
			$output .= $mysqli->error;	
		}
	$output .= '</form>';
	
	return $output; 
}


function updateCountries(){
	/* access the global sql object */
	global $mysqli;	
	/* language */
	$siteLabels = getLanguage();
	if(isset($_POST['option'])){
		//validate fields
		
		if(!empty($_POST['shippingCost'])){
			$price = $_POST['shippingCost'];
			// validate shipping costs
			$forbidden = array('!','@','#','$','%','^','&','*','(',')','-','+','=','_','{','}','[',']',':',';','"','\'','<','>','?','/');
			foreach($forbidden as $i => $val){
				$price=str_replace($val,'',$price);   //replaces "," with "."
			}
			if(!empty($price)){
				$price=str_replace(',','.',$price);   //replaces "," with "."
				$price=str_replace('€','',$price);   //replaces "," with "."
				$price = trim($price);
				$price = $_SESSION['addedit-product']['price'] = number_format($price, 2, '.', '');
				$pricecheckpattern	= "#^[0-9]{1,3}\.[0-9]{2}$#";
				if (preg_match($pricecheckpattern,$price)==0){
					$errors[] = 'err: '.$price;
				}
				else{
					//update shippingCosts
					foreach($_POST['option'] as $countryId){	
						$queries[] = 'UPDATE countries SET shippingCost = "'.$price.'"WHERE id ='.$countryId.' LIMIT 1';
					}
				}				
			}
		}
		
		if(!empty($_POST['delivery_instock'])){
			$deliveryInStock = inDatabase($_POST['delivery_instock']);
			foreach($_POST['option'] as $countryId){	
				$queries[] = 'UPDATE countries SET deliveryInStock = "'.$deliveryInStock.'" WHERE id ='.$countryId.' LIMIT 1';
			}
		}
		
		if(!empty($_POST['delivery_outofstock'])){
			$deliverySoldOut = inDatabase($_POST['delivery_outofstock']);
			foreach($_POST['option'] as $countryId){	
				$queries[] = 'UPDATE countries SET deliverySoldOut = "'.$deliverySoldOut.'" WHERE id ='.$countryId.' LIMIT 1';
			}
		}
		
		if(!empty($_POST['vat'])){
			$vat = $_POST['vat'];
			//validate vat
			$forbidden = array('!','@','#','$','%','^','&','*','(',')','-','+','=','_','{','}','[',']',':',';','"','\'','<','>','?','/',',','.');
			foreach($forbidden as $i => $val){
				$vat=str_replace($val,'',$vat);   //replaces "," with "."
			}
			if(is_numeric($vat)){
				foreach($_POST['option'] as $countryId){	
					$queries[] = 'UPDATE countries SET VAT = "'.$vat.'" WHERE id ='.$countryId.' LIMIT 1';
				}
			}
		}
		
		// Set autocommit to FALSE
		$mysqli->autocommit(FALSE);
		foreach($queries as $query)
		{
			if(!$mysqli->query($query))
			{
				$errors[] = $siteLabels['fm-somethingwentwrong'].$mysqli->error;
			}
		}
		
		// ROLLBACK of COMMIT
		if(isset($errors))
		{
			$mysqli->rollback();
			displayErrors($errors);
		}
		else
		{
			//$mysqli->commit();
			$_SESSION['feed-msg'] = '<span class="fm-suc"><span class="fm-suc-v">&radic;</span>Countries updated!</span>';
			//return showDashboard();
			header('location: ./');
		}
	}
	else{
		header('location: ./');
	}
}
	
	
?>
@ Telegram