File: D:/HostingSpaces/SBogers10/verrassendveel.komma.pro/wwwroot/admin/php/discounts.php
<?php
function initDiscounts(){
$output = '';
if(isset($_POST['back'])){
if(isset($_POST['location'])){
$location = $_POST['location'];
header('location: '.$location);
}
else{
$output .= showDashboard();
}
}
else if(isset($_POST['sbm-add-action'])){
$output .= validateAddEdit('add');
}
else if(isset($_POST['sbm-edit-action'])){
$output .= validateAddEdit('edit');
}
else if(isset($_POST['askMoveToTrash'])){
$output .= askMoveToTrash();
}
else if(isset($_POST['moveToTrash'])){
$output .= moveToTrash();
}
else if(isset($_GET['sub'])){
$action = $_GET['sub'];
switch($action){
case 'add-action':
$output .= showFormAddEditAction('add');
break;
case 'edit-action':
$output .= showFormAddEditAction('edit');
break;
default:
$output .= showDashboard();
}
}
else{
$output .= showDashboard();
}
return $output;
}
function showDashboard(){
/*
shows list of actions
button to add or remove actions
*/
if(isset($_SESSION['addedit-discount'])) unset($_SESSION['addedit-discount']);
global $mysqli;
$siteLabels = getLanguage();
$output = '';
/* title */
$output .= '<h1>'.$siteLabels['discount-title'].'</h1>';
$output .= '<form action="" name="chkForm" method="post">';
/* buttons */
$output .= '<div class="submenu">';
//buttons
$output .= '<a href="./discounts/add-action/"><span class="btn176 btn176a proceed">'.$siteLabels['discount-addaction'].'</span></a>';
$output .= '<input type="submit" name="askMoveToTrash" value="'.$siteLabels['discount-removeactions'].'" class="btn176 btn176b"/>';
$output .= '</div>';
/* top row */
$output .= '<div class="itemlist-row itemlist-heading">';
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-double-column"><input type="checkbox" name="checkCtrl" value="checkAll" onClick="check_all(this);" class="itemlist-cbox">title</div>';
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-single-column status-column">status</div>';
$output .= '<div class="itemlist-single-column itemlist-edit">edit</div>';
$output .= '</div>';
/* get info */
$query = 'SELECT d.id, d.title, d.manual, d.active, d.period, d.starts, d.expires
FROM discount_action as d, content_status as s
WHERE s.active = 1
AND s.itemId = d.id
AND s.linkname = "discount_action"
ORDER BY d.timest DESC';
if($result = $mysqli->query($query)){
while($record = $result->fetch_assoc()){
//create productid
$actionId = $record['id'];
//title
$title = fromDatabase($record['title']);
//bereken status
if($record['manual'] == 1){
$status = $record['active'];
}
else{
$now = time();
if($now >= $record['starts'] && $now <= $record['expires']){
$status = 1;
}
else{
$status = 0;
}
}
$output .= '<div class="itemlist-row">';
/* product id */
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-double-column"><input type="checkbox" name="option[]" id="option" value="'.$actionId.'" class="itemlist-cbox"/>'.$title.'</div>';
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-single-column status-column">'.$status.'</div>';
$output .= '<div class="itemlist-single-column itemlist-edit">';
$output .= '<a href="./discounts/edit-action/'.$actionId.'/" class="itemlist-btn" id="itemlist-btn-edit"></a>';
$output .= '</div>';
$output .= '<div class="clear"></div>';
$output .= '</div>';
}
}
else{
$output .= $mysqli->error;
}
$output .= '</form>';
return $output;
}
function showFormAddEditAction($method){
/*
shows the form when you add or edit an action
*/
global $mysqli;
// language \\
$siteLabels = getLanguage();
// set up session \\
if(!isset($_SESSION['addedit-discount'])){
$_SESSION['addedit-discount']['title'] = '';
//when does the action start / stop
$_SESSION['addedit-discount']['when-start'] = '';
$_SESSION['addedit-discount']['when-expire'] = '';
$_SESSION['addedit-discount']['when-manual'] = 1;
$_SESSION['addedit-discount']['when-active'] = 0;
$_SESSION['addedit-discount']['when-afterbuy'] = '';
$_SESSION['addedit-discount']['when-ones'] = '';
//which products
$_SESSION['addedit-discount']['which-allproducts'] = 1;
$_SESSION['addedit-discount']['which-category'] = '';
$_SESSION['addedit-discount']['which-searchtag'] = '';
$_SESSION['addedit-discount']['which-allorders'] = '';
$_SESSION['addedit-discount']['which-minamount'] = '';
$_SESSION['addedit-discount']['which-code'] = '';
//discount products
$_SESSION['addedit-discount']['discount-percentage'] = '';
$_SESSION['addedit-discount']['discount-noshippingcostNL'] = 1;
}
// if edit, fill session with current values \\
if($method == 'edit'){
$editId = $_GET['sub2'];
if($result = $mysqli->query('SELECT da.id, da.title, da.manual, da.active, da.period, da.starts, da.expires, da.type, da.discountCode, dd.percentage, dd.catId, dd.searchtag, dd.minamount
FROM discount_action as da, discount_details as dd
WHERE da.id = '.$editId.'
AND da.id = dd.actionId LIMIT 1')){
$record = $result->fetch_assoc();
//title
$_SESSION['addedit-discount']['title'] = fromDatabase($record['title']);
if($record['starts'] != 0){
$start = date('d-m-Y',$record['starts']);
$_SESSION['addedit-discount']['when-start'] = $start;
}
if($record['expires'] != 0){
$expires = date('d-m-Y',$record['expires']);
$_SESSION['addedit-discount']['when-expire'] = $expires;
}
if($record['manual'] != 0){
$_SESSION['addedit-discount']['when-manual'] = 1;
$_SESSION['addedit-discount']['when-active'] = $record['active'];
}
$type = $record['type'];
$temp = explode('-',$type);
switch($temp[0]){
case 'allproducts':
$_SESSION['addedit-discount']['which-allproducts'] = 1;
break;
case 'category':
$_SESSION['addedit-discount']['which-category'] = $record['catId'];
break;
case 'searchtag':
$_SESSION['addedit-discount']['which-searchtag'] = $record['searchtag'];
break;
case 'allorders':
$_SESSION['addedit-discount']['which-allorders'] = 1;
break;
case 'minamount':
$_SESSION['addedit-discount']['which-minamount'] = $record['minamount'];
break;
}
if(!empty($record['discountCode'])){
$_SESSION['addedit-discount']['which-code'] = $record['discountCode'];
}
switch($temp[1]){
case 'per':
$_SESSION['addedit-discount']['discount-percentage'] = $record['percentage'];
break;
case 'freeshipnl':
$_SESSION['addedit-discount']['discount-noshippingcostNL'] = 1;
break;
}
}
}
////////// start output \\\\\\\\\\
$output = '';
/* title */
$output .= '<h1>'.$siteLabels['discount-title'].' › ';
if($method == 'add') $output .= $siteLabels['discount-addaction'].'</h1>';
if($method == 'edit') $output .= $siteLabels['discount-editaction'].'</h1>';
$i = 1;
////////// start form \\\\\\\\\\
$output .= '<form action="" method="post">';
//left top column
$output .= '<div class="double-column addproduct-lefttop margin-bottom-40">';
// title
$output .= $siteLabels['discount-formaddedit-title'].' *<br />';
$output .= '<input type="text" name="discount-title" value="'.$_SESSION['addedit-discount']['title'].'" class="txt" />';
$output .= '<hr class="discount-form" />';
//when does the action start
$output .= $siteLabels['discount-formaddedit-wheninfo'].' *<br /><br />';
$output .= '<input type="radio" name="whenstart" value="start-manually" ';
//checked?
if($_SESSION['addedit-discount']['when-manual'] == 1) $output .= 'checked ';
$output .= '/> '.$siteLabels['discount-formaddedit-whenstartmanual'].'<br />';
$output .= '<div class="discount-hidden-temp" id="discountbox'.$i.'">';
$output .= '<input type="checkbox" name="when-active" value="when-active" ';
//checked?
if($_SESSION['addedit-discount']['when-active'] == 1) $output .= 'checked';
$output .= '/> '.$siteLabels['discount-formaddedit-active'].'';
$output .= '<div class="clear"></div>';
$output .= '</div>';
$i++;
$output .= '<input type="radio" name="whenstart" value="start-period" ';
//checked?
if(!empty($_SESSION['addedit-discount']['when-start']) || !empty($_SESSION['addedit-discount']['when-expire'])) $output .= 'checked ';
$output .= '/> '.$siteLabels['discount-formaddedit-whenperiod'].'';
//hidden period box
$output .= '<div class="discount-hidden-temp" id="discountbox'.$i.'">';
$output .= '<div class="single-column-row">Start: (dd-mm-yyyy)<br /><input type="text" name="when-start-value" value="'.$_SESSION['addedit-discount']['when-start'].'" class="txt" /></div>';
$output .= '<div class="single-column-row">Expire: (dd-mm-yyyy)<br /><input type="text" name="when-expire-value" value="'.$_SESSION['addedit-discount']['when-expire'].'" class="txt" /></div>';
$output .= '<div class="clear"></div>';
$output .= '</div>';
$i++;
$output .= '<hr class="discount-form" />';
//on which products / orders
$output .= $siteLabels['discount-formaddedit-whichinfo'].' *<br /><br />';
$output .= '<input type="radio" name="which" value="allproducts" ';
//checked?
if($_SESSION['addedit-discount']['which-allproducts'] == 1) $output .= 'checked ';
$output .= '/> '.$siteLabels['discount-formaddedit-whichallproducts'].'<br />';
$output .= '<input type="radio" name="which" value="category" ';
//checked?
if(!empty($_SESSION['addedit-discount']['which-category'])) $output .= 'checked';
$output .= '/> '.$siteLabels['discount-formaddedit-whichcategory'].'<br />';
//hidden category box
$output .= '<div class="discount-hidden-temp" id="discountbox'.$i.'">';
$output .= 'category:<br />';
$output .= '<select name="which-category-value">';
/* display categories */
$catquery = 'SELECT id,category
FROM product_categories
ORDER BY category';
if(!$catresult = $mysqli->query($catquery)){
//handle errors
$errors[] = $siteLabels['fm-somethingwentwrong'];
displayErrors($errors);
}
else{
//display output
while($catrecord = $catresult->fetch_assoc()){
$catId = $catrecord['id'];
$category = $catrecord['category'];
$output .= '<option value="'.$catId.'"';
if($catId == $_SESSION['addedit-discount']['which-category']) $output .= ' selected';
$output .= '>'.$category.'</option>';
}
}
$output .= '</select>';
$output .= '</div>';
$i++;
$output .= '<input type="radio" name="which" value="searchtag" ';
//checked?
if(!empty($_SESSION['addedit-discount']['which-searchtag'])) $output .= 'checked';
$output .= '/> '.$siteLabels['discount-formaddedit-whichsearchtag'].'<br />';
//hidden searchtag box
$output .= '<div class="discount-hidden-temp" id="discountbox'.$i.'">';
$output .= 'searchtag:<br /><input type="text" name="which-searchtag-value" value="'.$_SESSION['addedit-discount']['which-searchtag'].'" class="txt" />';
$output .= '</div>';
$i++;
$output .= '<input type="radio" name="which" value="allorders" ';
//checked?
if($_SESSION['addedit-discount']['which-allorders'] == 1) $output .= 'checked ';
$output .= '/> '.$siteLabels['discount-formaddedit-whichallorders'].'<br />';
$output .= '<input type="radio" name="which" value="minamount" ';
//checked?
if(!empty($_SESSION['addedit-discount']['which-minamount'])) $output .= 'checked';
$output .= '/> '.$siteLabels['discount-formaddedit-whichminamount'].'<br />';
//hidden minamount box
$output .= '<div class="discount-hidden-temp" id="discountbox'.$i.'">';
$output .= 'amount in euros:<br /><input type="text" name="which-minamount-value" value="'.$_SESSION['addedit-discount']['which-minamount'].'" class="txt" />';
$output .= '</div>';
$i++;
$output .= '<br /><input type="checkbox" name="code-needed" value="code-needed" ';
//checked?
if(!empty($_SESSION['addedit-discount']['which-code'])) $output .= 'checked';
$output .= '/> '.$siteLabels['discount-formaddedit-codeneeded'].'';
//hidden code box
$output .= '<div class="discount-hidden-temp" id="discountbox'.$i.'">';
$output .= 'discount code:<br /><input type="text" name="which-code-value" value="'.$_SESSION['addedit-discount']['which-code'].'" class="txt" />';
$output .= '</div>';
$i++;
$output .= '<hr class="discount-form" />';
//discount
$output .= $siteLabels['discount-formaddedit-discountinfo'].' *<br /><br />';
$output .= '<input type="radio" name="discount" value="noshippingcostNL" ';
//checked?
if($_SESSION['addedit-discount']['discount-noshippingcostNL'] == 1) $output .= 'checked ';
$output .= '/> '.$siteLabels['discount-formaddedit-discountnoshippingnl'].'<br />';
$output .= '<input type="radio" name="discount" value="percentage" ';
//checked?
if(!empty($_SESSION['addedit-discount']['discount-percentage'])) $output .= 'checked';
$output .= '/> '.$siteLabels['discount-formaddedit-discountpercentage'].'<br />';
//hidden percentage box
$output .= '<div class="discount-hidden-temp" id="discountbox'.$i.'">';
$output .= 'percentage:<br /><input type="text" name="discount-percentage-value" value="'.$_SESSION['addedit-discount']['discount-percentage'].'" class="txt" />';
$output .= '</div>';
$i++;
$output .= '<br /><br />';
//submit
if($method == 'add') $output .= '<input type="submit" name="sbm-add-action" value="'.$siteLabels['discount-addaction'].'" class="btn176 proceed"/>';
if($method == 'edit') $output .= '<input type="hidden" name="editId" value="'.$editId.'"/>';
if($method == 'edit') $output .= '<input type="submit" name="sbm-edit-action" value="'.$siteLabels['discount-editaction'].'" class="btn176 proceed"/>';
if($method == 'add') $output .= '<input type="hidden" name="location" value="../"/>';
if($method == 'edit') $output .= '<input type="hidden" name="location" value="../../"/>';
$output .= '<input type="submit" name="back" value="'.$siteLabels['form-cancel'].'" class="btn176"/>';
$output .= '</div>';
$output .= '</form>';
$output .= '<div class="clear"></div>';
////////// end form \\\\\\\\\\
return $output;
}
function validateAddEdit($method){
/*
validate discount;
*/
global $mysqli;
// language \\
$siteLabels = getLanguage();
////////// get input variables en store them in sessions \\\\\\\\\\
$title = $_SESSION['addedit-discount']['title'] = $_POST['discount-title'];
// VALID title ?
if(empty($title)){ $errors[] = $siteLabels['fm-emptyrequiredfields']; }
switch($_POST['whenstart']){
case 'start-manually':
$whenmanual = $_SESSION['addedit-discount']['when-manual'] = 1;
isset($_POST['when-active']) ? $active = $_SESSION['addedit-discount']['when-active'] = 1 : $active = $_SESSION['addedit-discount']['when-active'] = 0;
$_SESSION['addedit-discount']['when-start'] = '' ;
$_SESSION['addedit-discount']['when-expire'] = '';
break;
case 'start-period':
$whenstart = $_SESSION['addedit-discount']['when-start'] = $_POST['when-start-value'];
$whenexpire = $_SESSION['addedit-discount']['when-expire'] = $_POST['when-expire-value'];
// VALID start ?
if(empty($whenstart)){ $errors[] = $siteLabels['fm-emptyrequiredfields']; }
$temp = explode('-',$whenstart);
isset($temp[1]) ? $startmonth = intval($temp[1]) : $startmonth = 0;
isset($temp[0]) ? $startday = intval($temp[0]) : $startday = 0;
isset($temp[2]) ? $startyear = intval($temp[2]) : $startyear = 0;
if(checkdate($startmonth, $startday, $startyear)){
$whenstartTimest = mktime(1,0,0,$startmonth,$startday,$startyear);
}
else{
$errors[] = '<span class="icon-fm-err"></span> U heeft een niet-bestaande datum ingevuld.';
}
// VALID expire ?
if(empty($whenexpire)){ $errors[] = $siteLabels['fm-emptyrequiredfields']; }
$temp = explode('-',$whenexpire);
isset($temp[1]) ? $expiremonth = intval($temp[1]) : $expiremonth = 0;
isset($temp[0]) ? $expireday = intval($temp[0]) : $expireday = 0;
isset($temp[2]) ? $expireyear = intval($temp[2]) : $expireyear = 0;
if(checkdate($expiremonth, $expireday, $expireyear)){
$whenexpireTimest = mktime(23,55,0,$expiremonth,$expireday,$expireyear);
}
else{
$errors[] = '<span class="icon-fm-err"></span> U heeft een niet-bestaande datum ingevuld.';
}
break;
}
//$whenafterbuy = $_SESSION['addedit-discount']['when-afterbuy'] = $POST['title'];
switch($_POST['which']){
case 'allproducts':
$whichallproducts = $_SESSION['addedit-discount']['which-allproducts'] = 1;
break;
case 'category':
$whichcategory = $_SESSION['addedit-discount']['which-category'] = $_POST['which-category-value'];
break;
case 'searchtag':
$whichsearchtag = $_SESSION['addedit-discount']['which-searchtag'] = $_POST['which-searchtag-value'];
//VALID searchtag ?
if(empty($whichsearchtag)){ $errors[] = $siteLabels['fm-emptyrequiredfields']; }
break;
case 'allorders':
$whichallorders = $_SESSION['addedit-discount']['which-allorders'] = 1;
break;
case 'minamount':
$whichminamount = $_SESSION['addedit-discount']['which-minamount'] = $_POST['which-minamount-value'];
//VALID minamount ?
if(empty($whichminamount)){ $errors[] = $siteLabels['fm-emptyrequiredfields']; }
$forbidden = array('!','@','#','$','%','^','&','*','(',')','-','+','=','_','{','}','[',']',':',';','"','\'','<','>','?','/');
foreach($forbidden as $i => $val){
$whichminamount=str_replace($val,'',$whichminamount); //replaces "," with "."
}
if(!empty($whichminamount)){
$whichminamount=str_replace(',','.',$whichminamount); //replaces "," with "."
$whichminamount=str_replace('€','',$whichminamount); //replaces "," with "."
$whichminamount = trim($whichminamount);
$whichminamount = $_SESSION['addedit-discount']['which-minamount'] = number_format($whichminamount, 2, '.', '');
$pricecheckpattern = "#^[0-9]{1,3}\.[0-9]{2}$#";
if (preg_match($pricecheckpattern,$whichminamount)==0){
$errors[] = 'err: '.$whichminamount;
}
}
break;
}
if(isset($_POST['code-needed'])){
$whichcode = $_SESSION['addedit-discount']['which-code'] = $_POST['which-code-value'];
//VALID code ?
if(empty($whichcode)){ $errors[] = $siteLabels['fm-emptyrequiredfields']; }
if(!empty($whichcode) && $method == 'add'){
// check if exists
if($existsResult = $mysqli->query('SELECT discountCode FROM discount_action WHERE discountCode = "'.$whichcode.'"')){
if($existsResult->num_rows > 0){
$errors[] = 'code moet uniek zijn';
}
}
else{
$errors[] = 'sorry, er ging iets mis';
}
}
}
switch($_POST['discount']){
case 'noshippingcostNL':
$discountnoshippingnl = $_SESSION['addedit-discount']['discount-noshippingcostNL'] = 1;
break;
case 'percentage':
$discountpercentage = $_SESSION['addedit-discount']['discount-percentage'] = $_POST['discount-percentage-value'];
// VALID percentage ?
$forbidden = array('!','@','#','$','€','^','&','*','(',')','-','+','=','_','{','}','[',']',':',';','"','\'','<','>','?','/');
foreach($forbidden as $i => $val){
$discountpercentage = str_replace($val,'',$discountpercentage); //replaces "," with "."
}
$discountpercentage = intval($discountpercentage);
$discountpercentage = round($discountpercentage);
if($discountpercentage <= 0 || $discountpercentage >= 100){
$errors[] = 'Er is iets mis met het percentage';
}
$discountpercentage = $_SESSION['addedit-discount']['discount-percentage'] = $discountpercentage;
break;
}
////////// VALID ?? \\\\\\\\\\
if(isset($errors)){
displayErrors($errors);
return showFormAddEditAction($method);
}
else{
//prepare for database
$dbtitle = inDatabase($title);
$dbsearchtag = inDatabase($title);
//generate type
$percentage = 0;
$catId = 0;
$searchtag = 0;
$minamount = 0;
$type = '';
switch($_POST['which']){
case 'allproducts':
$type .= 'allproducts';
break;
case 'category':
$type .= 'category';
$catId = $whichcategory;
break;
case 'searchtag':
$type .= 'searchtag';
$searchtag = $whichsearchtag;
break;
case 'allorders':
$type .= 'allorders';
break;
case 'minamount':
$type .= 'minamount';
$minamount = $whichminamount;
break;
}
$type .= '-';
switch($_POST['discount']){
case 'noshippingcostNL':
$type .= 'freeshipnl';
break;
case 'percentage':
$type .= 'per';
$percentage = $discountpercentage;
break;
}
//when starts
$manual = 0;
$active = 0;
$period = 0;
$starts = 0;
$expires = 0;
switch($_POST['whenstart']){
case 'start-manually':
$manual = 1;
$active = $_SESSION['addedit-discount']['when-active'];
break;
case 'start-period':
$period = 1;
$starts = $whenstartTimest;
$expires = $whenexpireTimest;
break;
}
$timest = time();
//limit & code
$limit = 0;
$dbcode = '';
if(isset($_POST['code-needed'])){
$limit = 1;
$dbcode = inDatabase($whichcode);
}
if($method == 'add'){
if($insertResult = $mysqli->query('INSERT INTO discount_action(title, manual, active, period, starts, expires, maxlimit, discountCode, type, timest)
VALUES ("'.$dbtitle.'",'.$manual.','.$active.','.$period.','.$starts.','.$expires.','.$limit.',"'.$dbcode.'","'.$type.'",'.$timest.')')){
$actionId = $mysqli->insert_id;
if($detailResult = $mysqli->query('INSERT INTO discount_details(actionId, percentage, catId, searchtag, minamount)
VALUES ('.$actionId.','.$percentage.',"'.$catId.'","'.$searchtag.'",'.$minamount.')')){
$mysqli->query('INSERT INTO content_status ( linkname, itemId, active, timest) VALUES("discount_action","'.$actionId.'","1",'.time().')');
//succes!
unset($_SESSION['addedit-discount']);
header('location: ../');
}
else{
echo $mysqli->error;
}
}
else{
echo $mysqli->error;
}
}
else if($method == 'edit'){
$editId = $_POST['editId'];
if($mysqli->query('UPDATE discount_action SET title="'.$dbtitle.'", manual='.$manual.', active='.$active.', period='.$period.', starts='.$starts.', expires='.$expires.',
maxlimit='.$limit.', discountCode="'.$dbcode.'", type="'.$type.'" WHERE id = '.$editId.' LIMIT 1')){
if($mysqli->query('UPDATE discount_details SET percentage='.$percentage.', catId='.$catId.', searchtag="'.$searchtag.'", minamount='.$minamount.'
WHERE actionId = '.$editId.' LIMIT 1')){
//succes update!
unset($_SESSION['addedit-discount']);
header('location: ../../');
}
else{
echo $mysqli->error.'<br />UPDATE discount_details SET percentage='.$percentage.', catId='.$catId.', searchtag="'.$searchtag.'", minamount='.$minamount.'
WHERE actionId = '.$editId.' LIMIT 1';
}
}
else{
echo $mysqli->error.'<br />UPDATE discount_action SET title="'.$dbtitle.'", manual='.$manual.', active='.$active.', period='.$period.', starts='.$starts.', expires='.$expires.',
maxlimit='.$limit.', discountCode="'.$dbcode.'", type='.$type.' WHERE id = '.$editId.' LIMIT 1';
}
}
}
}
function askMoveToTrash(){
/* access the global sql object */
global $mysqli;
/* language */
$siteLabels = getLanguage();
if(isset($_POST['option'])){
$output = '';
//ask the question
$output .= $siteLabels['products-movetotrash-areyousure'].'<br /><br />';
$output .= '<div class="itemlist-row itemlist-heading">';
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-double-column"><input type="checkbox" name="checkCtrl" value="checkAll" onClick="check_all(this);" class="itemlist-cbox">title</div>';
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-single-column status-column">status</div>';
$output .= '<div class="itemlist-single-column itemlist-edit"></div>';
$output .= '</div>';
foreach($_POST['option'] as $actionId){
//get info
/* get info */
$query = 'SELECT d.id, d.title, d.manual, d.active, d.period, d.starts, d.expires
FROM discount_action as d, content_status as s
WHERE d.id = '.$actionId.' LIMIT 1';
if($result = $mysqli->query($query)){
$record = $result->fetch_assoc();
//create productid
$actionId = $record['id'];
//title
$title = fromDatabase($record['title']);
//bereken status
if($record['manual'] == 1){
$status = $record['active'];
}
else{
$now = time();
if($now >= $record['starts'] && $now <= $record['expires']){
$status = 1;
}
else{
$status = 0;
}
}
$output .= '<div class="itemlist-row">';
/* product id */
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-double-column"><input type="checkbox" name="option[]" id="option" value="'.$actionId.'" class="itemlist-cbox"/>'.$title.'</div>';
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-single-column"> </div>';
$output .= '<div class="itemlist-single-column status-column">'.$status.'</div>';
$output .= '<div class="itemlist-single-column itemlist-edit">';
$output .= '</div>';
$output .= '<div class="clear"></div>';
$output .= '</div>';
}
}
$output .= '<div class="clear"></div>';
$output .= '<br /><br />';
$output .= '<form action="" name="moveToTrash" method="post" enctype="multipart/form-data">';
foreach($_POST['option'] as $actionId){
$output .= '<input type="hidden" name="sel_actions[]" value="'.$actionId.'" />';
}
$output .= '<input type="submit" name="moveToTrash" value="'.$siteLabels['form-yes'].'" class="btn176"/>';
$output .= '<input type="hidden" name="location" value="./"/>';
$output .= '<input type="submit" name="back" value="'.$siteLabels['form-no'].'" class="btn176 proceed"/>';
$output .= '</form>';
return $output;
}
else{
$errors[] = $siteLabels['fm-nothingselected'];
displayErrors($errors);
//return showDashboard();
header('location: ./');
}
}
function moveToTrash(){
/* access the global sql object */
global $mysqli;
/* language */
$siteLabels = getLanguage();
if(isset($_POST['sel_actions'])){
$output = '';
foreach($_POST['sel_actions'] as $activeId){
/* For each product; change content status to 0 */
$queries[] = 'UPDATE content_status SET active = 0 WHERE itemId ='.$activeId.' AND linkname = "discount_action"';
}
// Set autocommit to FALSE
$mysqli->autocommit(FALSE);
foreach($queries as $query)
{
if(!$mysqli->query($query))
{
$errors[] = $siteLabels['fm-somethingwentwrong'];
}
}
// ROLLBACK of COMMIT
if(isset($errors))
{
$mysqli->rollback();
displayErrors($errors);
}
else
{
$mysqli->commit();
$msg = str_replace('[numitems]', count($_POST['sel_actions']), $siteLabels['fm-itemsmovedtotrash']);
$_SESSION['feed-msg'] = '<span class="fm-suc"><span class="fm-suc-v">√</span>'.$msg.'</span>';
//return showDashboard();
header('location: ./');
}
}
}
?>