<?php
if($pnconfig[Version_Sub] == "Rogue")
{
if (!eregi('admin.php', $PHP_SELF)) die ('Access Denied: You can\'t access this file directly.');
if (!authorised(0, "$ModName::", '::', ACCESS_ADMIN)) die ('Access Denied: No permissions');
}
else
{
if (!eregi("admin.php", $PHP_SELF)) die ("Access Denied");
}
include ("header.php");
GraphicAdmin($hlpfile);
cp_menu();
OpenTable();
$product_size_names = array(
'1' => 'Kids Small',
'2' => 'Kids Medium',
'3' => 'Kids Large',
'4' => 'Small',
'5' => 'Medium',
'6' => 'Large',
'7' => 'X-Large',
'8' => '2X-Large (+$3.00)',
'9' => '3X-Large (+$3.00)',
'10' => '4X-Large (+$3.00)',
'11' => 'X-Small'
);
// output an edit/delete box for current hosts
if (mysql_num_rows($result = mysql_query("SELECT prod, name FROM $pntable[cp_seasonal] ORDER BY expire"))) {
echo " <table border=0>\n"
." <tr>\n"
." <td>\n"
." <form action=\"admin.php\" method=\"post\" style=\"margin: 0;\">\n"
." <input type=hidden name=op value=add_seasonal_$ModName>\n"
." <input type=hidden name=cpop value=edit_product>\n"
." <b>Edit Product: </b>\n"
." </td>\n"
." <td>\n"
." <select name=editProd>\n";
while ($row = mysql_fetch_array($result)) echo " <option value=\"$row[prod]\">$row[name] - #$row[prod]</option>\n";
$result = mysql_query("SELECT prod, name FROM $pntable[cp_seasonal] ORDER BY expire");
echo " </select>\n"
." <input type=submit value=\"Edit\" style=\"width: 40px;\">\n"
." </form>\n"
." </td>\n"
." </tr>\n"
." <tr>\n"
." <td>\n"
." <form action=\"admin.php\" method=\"post\" style=\"margin: 0;\">\n"
." <input type=hidden name=op value=add_seasonal_$ModName>\n"
." <input type=hidden name=cpop value=delete_product>\n"
." <b>Delete Product: </b>\n"
." </td>\n"
." <td>\n"
." <select name=deleteProd>\n";
while ($row = mysql_fetch_array($result)) echo " <option value=\"$row[prod]\">$row[name] - #$row[prod]</option>\n";
echo " </select>\n"
." <input type=submit value=\"Delete\" style=\"width: 40px;\">\n"
." </form>\n"
." </td>\n"
." </tr>\n"
." </table>";
CloseTable();
echo " <br>\n";
OpenTable();
}
// shows form to add a store/also is where we redirect unfinnished forms
// prod name charge store description twosided def_view sizes expire active
function showAddForm($prod, $name, $charge, $store, $description, $twosided, $def_view, $sizes, $expire, $active, $error) {
global $ModName, $pntable, $product_size_names;
include "modules/$ModName/classes/months.php";
$stores = mysql_query("SELECT id, acct FROM $pntable[CP_Stores]");
if (!mysql_num_rows($stores)) die ("You must have at least one store to add a product.");
$charge = preg_replace("/\\$/", "", $charge);
echo " <form action=\"admin.php\" method=\"post\">\n"
." <input type=hidden name=op value=\"add_seasonal_$ModName\">\n"
." <input type=hidden name=cpop value=\"add_new\">\n"
." <table border=0 width=\"100%\">\n";
if ($error) echo " <tr>\n"
." <td colspan=2 align=center><b>ERROR: $error</b></td>\n"
." </tr>\n";
echo " <tr>\n"
." <td valign=top width=\"85%\"><h3>Add Seasonal Product</h3></td>\n"
." <td rowspan=2 valign=top align=center><a href=\"http://www.cafepress.com/cp/info/storeref.aspx?refby=rastafari\" target=\"_blank\"><img src=\"modules/$ModName/images/admin.gif\" alt=\"Don't have a store? Click to signup!\" border=0><br>Click to Get a Store!</a></td>\n"
." </tr>\n"
." <tr>\n"
." <td>\n"
." Product Number:<br>\n"
." <input type=text size=30 maxlength=11 name=prod value=\"$prod\"><br>\n"
." Product Name:<br>\n"
." <input type=text size=30 maxlength=50 name=name value=\"$name\"><br>\n"
." Charge:<br>\n"
." <input type=text size=30 maxlength=10 name=charge value=\"$charge\"><br>\n"
." Store Name/Account:<br>\n"
." <select name=store>";
while ($row = mysql_fetch_array($stores)) {
if ($store == $row[id]) echo " <option value=\"$row[id]\" SELECTED>$row[acct]</option>\n";
else echo " <option value=\"$row[id]\">$row[acct]</option>\n";
}
echo " </select><br>\n"
." Description:<br>\n"
." <textarea name=description style=\"width: 75%; height: 100px;\">".stripslashes($description)."</textarea><br>\n"
." How Many Sides:<br>\n"
." <table border=0>\n"
." <tr><td width=50px> <b>1</b></td><td><input type=radio name=twosided value=0";
if ($twosided == '0') echo " CHECKED";
echo "></td></tr>\n"
." <tr><td width=50px> 2</td><td><input type=radio name=twosided value=1";
if ($twosided == '1') echo " CHECKED";
echo "></td></tr>\n"
." </table><br>\n"
." Defalut View:<br>\n"
." <table border=0>\n"
." <tr><td width=50px> <b>Front</b></td><td><input type=radio name=def_view value=F";
if ($def_view == 'F') echo " CHECKED";
echo "></td></tr>\n"
." <tr><td width=50px> Back</td><td><input type=radio name=def_view value=B";
if ($def_view == 'B') echo " CHECKED";
echo "></td></tr>\n"
." </table><br>\n"
." Availible Sizes:<br>\n"
." <table border=0>\n";
foreach ($product_size_names as $id => $text) {
echo " <tr><td width=125px> $text:</td><td><input type=checkbox name=sizes[$id] value=$id";
if ($sizes[$id] == $id) echo " CHECKED";
echo "></td></tr>\n";
}
echo " </table><br>\n"
." Item Expires:<br>\n"
." <select name=expire[month]>\n";
foreach ($months as $num => $text) {
echo " <option value=$num";
if ($expire[month] == $num) echo " SELECTED";
echo ">$text</option>\n";
}
echo " </select> <select name=expire[day]>\n";
for ($i = 1; $i <= 31; $i++) {
echo " <option value=$i";
if ($expire[day] == $i) echo " SELECTED";
echo ">$i</option>\n";
}
echo " </select> <input type=text size=4 maxlength=4 name=expire[year] value=\"$expire[year]\"><br>\n"
." Enabled?<br>\n"
." <table border=0>\n"
." <tr><td width=50px> <b>Enabled</b></td><td><input type=radio name=active value=1";
if ($active == '1') echo " CHECKED";
echo "></td></tr>\n"
." <tr><td width=50px> Disabled</td><td><input type=radio name=active value=0";
if ($active == '0') echo " CHECKED";
echo "></td></tr>\n"
." </table><br>\n"
." <br>\n"
." <input type=submit value=\"Add Product\">\n"
." </td>\n"
." </tr>\n"
." </table>\n"
." </form>\n";
}
// this allows us to edit a host
function cpedit($editProd, $error) {
global $pntable, $ModName, $products, $product_size_names;
if (!$prod = mysql_fetch_array(mysql_query("SELECT * FROM $pntable[cp_seasonal] WHERE prod='$editProd'"))) die ("Could not access database, or product #$editProd doesn't exist.");
include "modules/$ModName/classes/months.php";
$stores = mysql_query("SELECT id, acct FROM $pntable[CP_Stores]");
$charge = preg_replace("/\\$/", "", $charge);
echo " <form action=\"admin.php\" method=\"post\">\n"
." <input type=hidden name=op value=\"add_seasonal_$ModName\">\n"
." <input type=hidden name=cpop value=\"update_product\">\n"
." <table border=0 width=\"100%\">\n";
if ($error) echo " <tr>\n"
." <td colspan=2 align=center><b>ERROR: $error</b></td>\n"
." </tr>\n";
echo " <tr>\n"
." <td valign=top width=\"85%\"><h3>Edit Seasonal Product</h3></td>\n"
." <td rowspan=2 valign=top align=center><a href=\"http://www.cafepress.com/cp/info/storeref.aspx?refby=rastafari\" target=\"_blank\"><img src=\"modules/$ModName/images/admin.gif\" alt=\"Don't have a store? Click to signup!\" border=0><br>Click to Get a Store!</a></td>\n"
." </tr>\n"
." <tr>\n"
." <td>\n"
." <input type=hidden name=prod value=\"$prod[prod]\">\n"
." Product Name:<br>\n"
." <input type=text size=30 maxlength=50 name=name value=\"$prod[name]\"><br>\n"
." Charge:<br>\n"
." <input type=text size=30 maxlength=10 name=charge value=\"$prod[charge]\"><br>\n"
." Store Name/Account:<br>\n"
." <select name=store>";
while ($row = mysql_fetch_array($stores)) {
if ($prod[store] == $row[id]) echo " <option value=\"$row[id]\" SELECTED>$row[acct]</option>\n";
else echo " <option value=\"$row[id]\">$row[acct]</option>\n";
}
echo " </select><br>\n"
." Description:<br>\n"
." <textarea name=description style=\"width: 75%; height: 100px;\">".stripslashes($prod[description])."</textarea><br>\n"
." How Many Sides:<br>\n"
." <table border=0>\n"
." <tr><td width=50px> 1</td><td><input type=radio name=twosided value=0";
if ($prod[twosided] == '0') echo " CHECKED";
echo "></td></tr>\n"
." <tr><td width=50px> 2</td><td><input type=radio name=twosided value=1";
if ($prod[twosided] == '1') echo " CHECKED";
echo "></td></tr>\n"
." </table><br>\n"
." Defalut View:<br>\n"
." <table border=0>\n"
." <tr><td width=50px> Front</td><td><input type=radio name=def_view value=F";
if ($prod[def_view] == 'F') echo " CHECKED";
echo "></td></tr>\n"
." <tr><td width=50px> Back</td><td><input type=radio name=def_view value=B";
if ($prod[def_view] == 'B') echo " CHECKED";
echo "></td></tr>\n"
." </table><br>\n"
." Availible Sizes:<br>\n"
." <table border=0>\n";
$sizes = explode("|", $prod[sizes]);
foreach ($product_size_names as $id => $text) {
echo " <tr><td width=125px> $text:</td><td><input type=checkbox name=sizes[$id] value=$id";
foreach ($sizes as $size) if ($size == $id) echo " CHECKED";
echo "></td></tr>\n";
}
echo " </table><br>\n"
." Item Expires:<br>\n"
." <select name=expire[month]>\n";
list($year,$month,$day) = explode("-", $prod[expire]);
foreach ($months as $num => $text) {
echo " <option value=$num";
if ($month == $num) echo " SELECTED";
echo ">$text</option>\n";
}
echo " </select> <select name=expire[day]>\n";
for ($i = 1; $i <= 31; $i++) {
echo " <option value=$i";
if ($day == $i) echo " SELECTED";
echo ">$i</option>\n";
}
echo " </select> <input type=text size=4 maxlength=4 name=expire[year] value=\"$year\"><br>\n"
." Enabled?<br>\n"
." <table border=0>\n"
." <tr><td width=50px> <b>Enabled</b></td><td><input type=radio name=active value=1";
if ($prod[active] == '1') echo " CHECKED";
echo "></td></tr>\n"
." <tr><td width=50px> Disabled</td><td><input type=radio name=active value=0";
if ($prod[active] == '0') echo " CHECKED";
echo "></td></tr>\n"
." </table><br>\n"
." <br>\n"
." <input type=submit value=\"Update Product\">\n"
." </td>\n"
." </tr>\n"
." </table>\n"
." </form>\n";
}
// adds the product to database
function cpadd($prod, $name, $charge, $store, $description, $twosided, $def_view, $sizes, $expire, $active) {
global $pntable;
$charge = preg_replace("/\\$/", "", $charge);
if ($expire[month] || $expire[day] || $expire[year]) $expires = "$expire[year]-$expire[month]-$expire[day]";
if (!$sizes) $finalsizes = '0';
else {
for ($i = 1; $i <= 11; $i++) {
if ($sizes[$i]) {
$finalsizes .= "$i";
$doneone = true;
}
if ($sizes[$i+1] && $doneone) $finalsizes .= "|";
}
}
if ($twosided) $twosidedquery = ", twosided='$twosided'";
if ($def_view) $def_viewquery = ", def_view='$def_view'";
if ($active == '0' || $active == '1') $active_query = ", active='$active'";
$query = "INSERT INTO $pntable[cp_seasonal] SET prod='$prod', name='$name', charge='$charge', store='$store', description='$description', sizes='$finalsizes', expire='$expires'$twosidedquery$def_viewquery$active_query";
if (!$prod || !$name || !$charge || !$store || !$description || !$expires) showAddForm($prod, $name, $charge, $store, $description, $twosided, $def_view, $sizes, $expire, $active, "Please make sure all feilds are filled in.");
elseif (mysql_num_rows(mysql_query("SELECT prod FROM $pntable[cp_seasonal] WHERE prod='$prod'"))) showAddForm($prod, $name, $charge, $store, $description, $twosided, $def_view, $sizes, $expire, $active, "Product ID#$prod is already in the database, please try another.");
elseif (!mysql_query($query)) die ("Could not insert into database.<br>".mysql_errno().": ".mysql_error()."<br>$query");
else echo "<center><h2>Product ID# $prod Added!</h2></center>";
}
// updates a prodcut
function cpupdate($prod, $name, $charge, $store, $description, $twosided, $def_view, $sizes, $expire, $active) {
global $pntable;
$charge = preg_replace("/\\$/", "", $charge);
if ($expire[month] || $expire[day] || $expire[year]) $expires = "$expire[year]-$expire[month]-$expire[day]";
if (!$sizes) $finalsizes = '0';
else {
for ($i = 1; $i <= 11; $i++) {
if ($sizes[$i]) {
$finalsizes .= "$i";
$doneone = true;
}
if ($sizes[$i+1] && $doneone) $finalsizes .= "|";
}
}
if ($twosided) $twosidedquery = ", twosided='$twosided'";
if ($def_view) $def_viewquery = ", def_view='$def_view'";
if ($active == '0' || $active == '1') $active_query = ", active='$active'";
$query = "UPDATE $pntable[cp_seasonal] SET name='$name', charge='$charge', store='$store', description='$description', sizes='$finalsizes', expire='$expires'$twosidedquery$def_viewquery$active_query WHERE prod='$prod'";
if (!$prod || !$name || !$charge || !$store || !$description || !$expires) cpedit($prod, "Please make sure all feilds are filled in.");
elseif (!mysql_query($query)) die ("Could not update database.<br>".mysql_errno().": ".mysql_error()."<br>$query");
else echo "<center><h2>Product ID# $prod Edited!</h2></center>";
}
function cpdelete($deleteProd) {
global $pntable;
if (!mysql_query("DELETE FROM $pntable[cp_seasonal] WHERE prod='$deleteProd'")) $error .= "Couldn't delete product # $deleteProd from table.<br>";
else echo "<center><h2>Product # $deleteProd Deleted</h2></center>";
echo $error;
}
switch ($cpop) {
case "add_new":
cpadd($prod, $name, $charge, $store, $description, $twosided, $def_view, $sizes, $expire, $active);
break;
case "update_product":
cpupdate($prod, $name, $charge, $store, $description, $twosided, $def_view, $sizes, $expire, $active);
break;
case "edit_product":
cpedit($editProd, '');
break;
case "delete_product":
cpdelete($deleteProd);
break;
default:
showAddForm($prod, $name, $charge, $store, $description, $twosided, $def_view, $sizes, $expire, $active, $error);
break;
}
CloseTable();
include ("footer.php");
?>