<?
//eCanteen file
//Copyright David Byrne 2007
//All rights reserved
?>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<Title>Processing</Title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<?
list($iYear,$iMonth,$iDay)=explode("-",$_GET["date"]);
list($Nowdate,$NowTime)=explode(" ",date("Y-m-d"));
//echo date("Y-m-d");
//echo "<br>";
//echo "<br>";
//echo $Nowdate;
//echo "<br>";
//echo "<br>";
//break;
if (strlen($_GET["TargetVals"])>0)
{
if ($_GET["dDate"]<$Nowdate)
{
//Error for wrong date here
?>
<script type="text/javascript">
window.alert('Wrong Date');
window.close();
</script>
<body >
</body>
</html>
<?
}
else
{
// $objConnection1 is of type "ADODB.Connection"
// $MenuList is of type "ADODB.Recordset"
// $objRecordset1 is of type "ADODB.Recordset"
include("../include/constants.php");
mysql_free_result();
session_start();
$objConnection1 =mysql_connect(DB_SERVER, DB_USER, DB_PASS);
mysql_select_db(DB_NAME);
//Some check for whether the date is active through both specialdates and open //days in site details.
$closed=0;
if ($_GET["Repeat"]==1)
{ //check if repeating orders
$sqlstmnt = "select `SpecialDateFrom`, `SpecialDateTo`, `Active_L2`, `~SiteID\$` from `specialdate` where `~SiteID\$`=".$_SESSION['SiteID']." and `SpecialDateFrom`>='".$_GET["dDate"]."'";
$SpecialDate=mysql_query($sqlstmnt);
$SpecialDatenum=mysql_numrows($SpecialDate);
//echo $SpecialDatenum."numbers";echo mysql_error();
$i=0;
//echo mysql_result($SpecialDate,$i,"Active_L2");
while ($i < $SpecialDatenum)
{
if (mysql_result($SpecialDate,$i,"Active_L2")==0)
{
list($Fromdate,$FromTime)=explode(" ",mysql_result($SpecialDate,$i,"SpecialDateFrom"));
list($Todate,$ToTime)=explode(" ",mysql_result($SpecialDate,$i,"SpecialDateTo"));
echo $_GET["dDate"];
echo mysql_result($SpecialDate,$i,"SpecialDateFrom");
if ($_GET["dDate"]>=$Fromdate&&$_GET["dDate"]<=$Todate)
{
$closed=1;
//echo $closed."closed";
}
}
$i++;
}
}
// end date open check
//break;
if ($closed==0)
{
//This data check is for existing orders
$sqlstmnt="SELECT transactions.`TargetDate`, transactions.`BreakID`, transactions.`MinorAccountID` FROM transactions WHERE (((transactions.`TargetDate`)='".$_GET["dDate"]." 00:00:00') AND ((transactions.`BreakID`)=".$_GET["BreakID"].") AND ((transactions.`MinorAccountID`)=".$_GET["CustID"].") AND ((transactions.`TransactionNumber`)>0));";
//echo $sqlstmnt;
//break;
$objRecordset1=mysql_query($sqlstmnt);
$objRecordset1num=mysql_numrows($objRecordset1);
//echo "<br>";
//echo "test=".$objRecordset1num;
//echo "<br>";
if ($objRecordset1num > 0)
{
//Error for existing record here
?>
<script type="text/javascript">
window.alert('Existing Order');
window.close();
</script>
<body >
</body>
</html>
<?
}
else
{
//
//This data check is that all items are within from/to dates
print $_GET["TargetVals"];
$testarray=explode("*",$_GET["TargetVals"]);
print "counttest=".count($testarray)."<BR>";
print "0=".$testarray[0]."<BR>";
print "1=".$testarray[1]."<BR>";
if (strlen($testarray[1])==0)
{
$OrderRow=explode("/",$testarray[0]);
print $OrderRow[0]."<BR>";
$OrString="(((menuitem.`MenuItemID`)=".$OrderRow[0]."));";
}
else
{
$OrderRow=explode("/",$testarray[0]);
$OrString="(((menuitem.`MenuItemID`)=".$OrderRow[0]."))";
print $OrderRow[0]."<BR>";
for ($x=1; $x<=count($testarray)-3; $x=$x+1)
{
$OrderRow=explode("/",$testarray[$x]);
$OrString=$OrString." OR (((menuitem.`MenuItemID`)=".$OrderRow[0].")) ";
print $OrderRow[0]."<BR>";
}
$OrderRow=explode("/",$testarray[count($testarray)-2]);
$OrString=$OrString." OR (((menuitem.`MenuItemID`)=".$OrderRow[0]."));";
print $OrderRow[0]."<BR>";
}
$sqlstmnt="SELECT menuitem.`MenuItemID`, menuitem.`FromDate`, menuitem.`ToDate` FROM menuitem WHERE ".$OrString;
//response.write sqlstmnt&"<br>"
$objRecordset1=mysql_query($sqlstmnt);
$i=0;
$objRecordset1num=mysql_numrows($objRecordset1);
$Continue=true;
if (!($objRecordset1num==0))
{
while($i < $objRecordset1num)
{
if (mysql_result($objRecordset1,$i,"FromDate")<=$_GET["dDate"] || mysql_result($objRecordset1,$i,"ToDate")>=$_GET["dDate"])
{
}
else
{
$Continue=false;
}
$i++;
}
}
if (!$Continue)
{
//Error for out of date range for order item here
?>
<script type="text/javascript">
window.alert('Order Item not available on this date');
window.close();
</script>
<body >
</body>
</html>
<?
}
else
{
session_start();
$sqlstmt="SELECT break.`BreakID`, break.`Break`, break.`BreakShortName`, break.`SortOrder`, break.`OrderCloseTime`, break.`Minutes`, break.`~SiteID$` FROM break WHERE (((break.`BreakID`)=".$_GET["BreakID"].") AND ((break.`~SiteID$`)=".$_SESSION['SiteID'].")) ORDER BY break.`SortOrder`;";
print $sqlstmt."<br>";
//break;
$SiteBreaks=mysql_query($sqlstmt);
$SiteBreaksnum=mysql_numrows($SiteBreaks);
;//response.write timevalue(cstr(time)) > SiteBreaks.fields("OrderCloseTime") and datevalue(Request.QueryString("dDate")) = datevalue(datestr)&"<br>"
//response.end
//mysql_result($SiteBreaks,$i,"OrderCloseTime");
//list($Nowdate,$NowTime)=explode(" ",date());
list($sbdate,$sbTime)=explode(" ",mysql_result($SiteBreaks,0,"OrderCloseTime"));
if (time()>strtotime($sbTime) && $_GET["dDate"]==$Nowdate)
{
//Error for out of time range here
}
else
{
//response.write timevalue(cstr(time)) > (SiteBreaks.fields("OrderCloseTime"))
$sqlstmt="SELECT minorcustomer.`CustomerID`, minorcustomer.`MajorCustomerExtract$`, minorcustomer.`Active_L2`, majorcustomer.`Credit_L2` FROM majorcustomer INNER JOIN minorcustomer ON majorcustomer.`CustomerID` = minorcustomer.`MajorCustomerExtract$` WHERE (((minorcustomer.`CustomerID`)=".$_GET["CustID"]."));";
$CheckMajor=mysql_query($sqlstmt);
//echo $sqlstmt;
// break;
if (mysql_result($CheckMajor,0,"MajorCustomerExtract$")!=$_SESSION['CustomerID'])
{
//Error for not your kid here
?>
<script type="text/javascript">
window.alert('This is not your account');
window.close();
</script>
<body >
</body>
</html>
<?
}
else
{
//testarray=split(request.QueryString("TargetVals"),"*")
//MatchArray=split(request.QueryString("TargetVals"),"*")
//response.write request.QueryString("TargetVals")&"<br>"
//response.End
//response.write OrString&"<BR>"&"<BR>"
$sqlstmnt="SELECT menuitem.`Abbreviation`, menuitem.`Cost`, menuitem.`MenuItemID` FROM menuitem WHERE ".$OrString;
print $sqlstmnt;
$TotalCost=0;
$objRecordset1=mysql_query($sqlstmnt);
$i=0;
$objRecordset1num=mysql_numrows($objRecordset1);
while($i < $objRecordset1num)
{
//response.write "<BR>"&objRecordset1.fields("MenuItemID")&"<BR>"
for ($x=0; $x<=count($testarray); $x=$x+1)
{
//echo "testlen=".strlen($testarray[$x])."<br>";
if (strlen($testarray[$x])>0)
{
$OrderRow=explode("/",$testarray[$x]);
if (intval($OrderRow[0])==mysql_result($objRecordset1,$i,"MenuItemID"))
{
//print $CCur[$TotalCost]."<br/>";
//print $CCur[("Cost")]."<br/>";
//print intval($OrderRow[1])."<br/>";
//print $CCur[("Cost")]*$OrderRow[1]; $TotalCost;
//response.end
$TotalCost=(mysql_result($objRecordset1,$i,"Cost")*$OrderRow[1])+$TotalCost;
//response.write objRecordset1.fields("Cost")*OrderRow(1)
$TransactionDescr=$TransactionDescr.mysql_result($objRecordset1,$i,"Abbreviation")."(".$OrderRow[1].")"."$".mysql_result($objRecordset1,$i,"cost")."/".mysql_result($objRecordset1,$i,"MenuItemID")."*";
}
}
}
$i++;
}
//echo "total=".$TotalCost."<br>";
//echo "total=".mysql_result($CheckMajor,0,"Credit_L2")."<br>";
//response.end
//response.write "*** "&TotalCost&" ***"
//response.end
//sqlstmnt="DELETE CustomersAndOrders.* FROM CustomersAndOrders WHERE (((CustomersAndOrders.[MinorCustomerC$])="&Request.QueryString("CustID")&") AND ((CustomersAndOrders.[Break$])="&Request.QueryString("BreakID")&") AND ((CustomersAndOrders.OrderDate)=#"&Request.QueryString("dDate")&"#));"
//objConnection1.execute(sqlstmnt)
if ($TotalCost>mysql_result($CheckMajor,0,"Credit_L2"))
{
//Error for no money here
?>
<script type="text/javascript">
window.alert('Insufficient Funds');
window.close();
</script>
<body >
</body>
</html>
<?
}
else
{
//echo "These are the Customer Orders ".count($testarray)."<br>";
for ($x=0; $x<=count($testarray)-2; $x=$x+1)
{
//echo $x." X value <br>";
$OrderRow=explode("/",$testarray[$x]);
$sqlstmnt="INSERT INTO customersandorders (`MinorCustomerC$`, `MenuItem$`, `Break$`, `Quantity`, `OrderDate`, `Active_L2` ) ";
$sqlstmnt2=$sqlstmnt." VALUES(".$_GET["CustID"].", ".$OrderRow[0].", ".$_GET["BreakID"].", ".$OrderRow[1].",'".$_GET["dDate"]."', 1 )";
mysql_query(($sqlstmnt2),$objConnection1);
}
;
$sqlstmnt="UPDATE majorcustomer INNER JOIN minorcustomer ON majorcustomer.`CustomerID` = minorcustomer.`MajorCustomerExtract$` SET majorcustomer.`Credit_L2` = `Credit_L2`-".$TotalCost." WHERE (((minorcustomer.`CustomerID`)=".$_GET["CustID"]."));";
//response.write sqlstmnt
//response.End
mysql_query(($sqlstmnt),$objConnection1);
$_SESSION['credit']=$_SESSION['credit']-$TotalCost;
$sqlstmnt="INSERT INTO transactions (`TransactionNumber`,`TargetDate` ,`TransactionDate`, `TransactionDescription`, `AdminID`, `MajorAccountID`, `MinorAccountID`, `BreakID`, `WithdrawalAmount`, `DepositAmount`,`~SiteID\$`) ";
//
$sqlstmnt=$sqlstmnt." VALUES(1, '".$_GET["dDate"]."','".$Nowdate."', '".$TransactionDescr."',0, ".$_SESSION['CustomerID'].",".$_GET["CustID"].", ".$_GET["BreakID"].", ".$TotalCost.", 0 ,".$_SESSION['SiteID'].") ";
//echo "<br>";
//echo "<br>";
//echo $sqlstmnt;
mysql_query(($sqlstmnt),$objConnection1);
//response.end
}
mysql_close($objConnection1);
$objConnection1=null;
$objRecordset1=null;
}
}
}
}
}else{
?>
<script type="text/javascript">
window.alert('Canteen Closed');
window.close();
</script>
<body >
</body>
</html>
<?
}
}
}
?>
<img src="../Figures/processing.gif">
<?
//print "<script>";
//echo "test=".$_GET["Repeat"];
if ($_GET["Repeat"]!=1)
{
?>
<script>
xc=window.opener.location.href='usercalendar-sdates3.php?minor=<?echo $_GET["CustID"];?>&date=<?echo $_GET["dDate"];?>&minorname=<?echo $_GET["minorname"];?>';
window.close();
</script>
<?}else{?>
<script>
window.close();
</script>
<?}?>
<body >
</body>
</html>