Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- include('config.php');
- include('functions.php');
- include('db.php');
- #destination = "";
- if ($_REQUEST['request'] == "add" or $_REQUEST['request'] == "new" or $_REQUEST['request'] == "create") {
- // add: customer
- if ($_REQUEST['request_type'] == "customer") {
- // get next auto increment ID
- $new_storeid = "0";
- $query = $db->select("SELECT `storeid` FROM ".$dbdb.".`equate_customers` ORDER BY `storeid` DESC LIMIT 0,1");
- foreach ($query as $row) {
- $new_storeid = $row['storeid'];
- }
- $new_storeid++;
- if ($_REQUEST['limit'] == "") { $limit = "0"; } else { $limit = $_REQUEST['limit']; }
- $query = $db->query("INSERT INTO ".$dbdb.".equate_customers (`storeid`, `storegroups`, `first`, `last`, `company`, `address1`, `address2`, `city`, `province`, `postalcode`, `country`, `homephone`, `busphone`, `cellphone`, `limit`, `available`, `sku`, `enabled`, `lastupdated`, `c1`, `c2`, `c3`, `c4`, `c5`, `c6`, `c7`, `c8`, `c9`, `c10`, `collect_loyalty`, `groups`) VALUES ('".$new_storeid."', '".$db->quote($_REQUEST['popup'])."', '".$db->quote($_REQUEST['first'])."', '".$db->quote($_REQUEST['last'])."', '".$db->quote($_REQUEST['company'])."', '".$db->quote($_REQUEST['address'])."', '".$db->quote($_REQUEST['address2'])."', '".$db->quote($_REQUEST['city'])."', '".$db->quote($_REQUEST['province'])."', '".$db->quote($_REQUEST['postalcode'])."', '".$db->quote($_REQUEST['country'])."', '".$db->quote(Filter('phone',$_REQUEST['homephone']))."', '".$db->quote(Filter('phone',$_REQUEST['busphone']))."', '".$db->quote(Filter('phone',$_REQUEST['cellphone']))."', '".$db->quote($limit)."', '".$db->quote($limit)."', '".$db->quote($_REQUEST['sku'])."', '".$db->quote($_REQUEST['enabled'])."', '".time()."', '".$db->quote($_REQUEST['c1'])."', '".$db->quote($_REQUEST['c2'])."', '".$db->quote($_REQUEST['c3'])."', '".$db->quote($_REQUEST['c4'])."', '".$db->quote($_REQUEST['c5'])."', '".$db->quote($_REQUEST['c6'])."', '".$db->quote($_REQUEST['c7'])."', '".$db->quote($_REQUEST['c8'])."', '".$db->quote($_REQUEST['c9'])."', '".$db->quote($_REQUEST['c10'])."', '".$db->quote($_REQUEST['collect_loyalty'])."', '".serialize($_REQUEST['edit_list'])."')");
- $destination = "dialog,Info,customer,".$query[1].",lg";
- }
- // add: product
- if ($_REQUEST['request_type'] == "product") {
- if ($_REQUEST['stock_min'] > $_REQUEST['stock_max']) { echo "error,Check the minimum, required, and maximum quantities in the supply tab."; exit; }
- // get next auto increment ID
- $new_storeid = time();
- $query = $db->query("INSERT INTO ".$dbdb.".equate_products (`storeid`, `sku`, `ean13`, `desc`, `weight`, `price`, `tax`, `total`, `batched`, `enabled`, `notes`, `cid`, `mid`, `type`, `parent`, `taxid`, `cost`, `availonline`, `origprice`, `adddate`, `adduser`, `moddate`, `moduser`, `grouped`, `loyalty`, `reference`, `c1`, `c2`, `c3`, `c4`, `c5`, `c6`, `c7`, `c8`, `c9`, `c10`, `supply`) VALUES ('".$new_storeid."', '".$db->quote($_REQUEST['sku'])."', '".$db->quote($_REQUEST['ean13'])."', '".$db->quote($_REQUEST['desc'])."', '".$db->quote($_REQUEST['weight'])."', '".$db->quote($_REQUEST['price'])."', '".$db->quote($_REQUEST['tax'])."', '".$db->quote($_REQUEST['total'])."', '".time()."', '".$db->quote($_REQUEST['enabled'])."', '".$db->quote($_REQUEST['notes'])."', '".$db->quote($_REQUEST['cid'])."', '".$db->quote($_REQUEST['mid'])."', 'p', '".$db->quote($_REQUEST['parent'])."', '".$db->quote($_REQUEST['taxid'])."', '".$db->quote($_REQUEST['cost'])."', '".$db->quote($_REQUEST['availonline'])."', '".$db->quote($_REQUEST['origprice'])."', '".time()."', '".$_SESSION['equate_auth']."', '', '', '".$db->quote($_REQUEST['grouped'])."', '".$db->quote($_REQUEST['loyalty'])."', '".$db->quote($_REQUEST['reference'])."', '".$db->quote($_REQUEST['c1'])."', '".$db->quote($_REQUEST['c2'])."', '".$db->quote($_REQUEST['c3'])."', '".$db->quote($_REQUEST['c4'])."', '".$db->quote($_REQUEST['c5'])."', '".$db->quote($_REQUEST['c6'])."', '".$db->quote($_REQUEST['c7'])."', '".$db->quote($_REQUEST['c8'])."', '".$db->quote($_REQUEST['c9'])."', '".$db->quote($_REQUEST['c10'])."', '".$db->quote($_REQUEST['supply'])."')");
- $pid = $query[1];
- // insert supply information if activated
- if ($_REQUEST['supply'] == "1") {
- if ($_REQUEST['expire'] == "0") { $expiration = ""; } else { $expiration = $_REQUEST['expiration']; }
- $query = $db->query("INSERT INTO ".$dbdb.".equate_inventory_supply (`pid`, `sid`, `type`, `stock_min`, `stock_required`, `stock_max`, `expiration`, `lastupdated`) VALUES ('".$pid."', '".$db->quote($_REQUEST['sid'])."', '".$db->quote($_REQUEST['supply_type'])."', '".$db->quote($_REQUEST['stock_min'])."', '".$db->quote($_REQUEST['stock_required'])."', '".$db->quote($_REQUEST['stock_max'])."', '".strtotime($expiration)."', '".time()."') ON DUPLICATE KEY UPDATE `type` = '".$db->quote($_REQUEST['supply_type'])."', `stock_min` = '".$db->quote($_REQUEST['stock_min'])."', `stock_required` = '".$db->quote($_REQUEST['stock_required'])."', `stock_max` = '".$db->quote($_REQUEST['stock_max'])."', `expiration` = '".strtotime($expiration)."', `lastupdated` = '".time()."'");
- }
- // add stock quantities
- $query = $db->select("SELECT `id` FROM ".$dbdb.".`equate_inventory_warehouse`");
- foreach ($query as $row) {
- $wid = $row['id'];
- $query2 = $db->query("INSERT INTO ".$dbdb.".equate_batching (`type`, `identifier`, `value`, `batched`, `lbatched`, `wid`, `reason`, `ref`, `time`) VALUES ('stock', '".$new_storeid."', '".$_REQUEST['w'.$wid]."', 'n', 'y', '".$wid."', '', '".md5(time().Random())."', '".time()."')");
- $query2 = $db->query("INSERT INTO `".$dbdb."`.`equate_inventory_warehouse_stock` (`wid`, `stockid`, `storeid`, `pid`, `paid`, `stock`, `lastupdated`) VALUES ('".$wid."', '".$new_storeid. "', '".$new_storeid."', '".$new_storeid."', '0', '".$_REQUEST['w'.$wid]."', '".time()."') ON DUPLICATE KEY UPDATE stock='".$_REQUEST['w'.$wid]."', lastupdated='".time()."'");
- }
- // add product descriptions
- $query = $db->query("INSERT INTO ".$dbdb.".equate_product_descriptions (`pid`, `short`, `long`) VALUES ('".$pid."', '".$db->quote($_REQUEST['short'])."', '".$db->quote($_REQUEST['long'])."') ON DUPLICATE KEY UPDATE `short` = '".$db->quote($_REQUEST['short'])."', `long` = '".$db->quote($_REQUEST['long'])."'");
- $destination = "dialog,Info,product,".$query[1].",lg";
- }
- // add: group
- if ($_REQUEST['request_type'] == "group") {
- $query = $db->query("INSERT INTO ".$dbdb.".equate_customer_groups (`name`, `desc`, `enabled`, `lastupdated`) VALUES ('".$db->quote($_REQUEST['name'])."', '".$db->quote($_REQUEST['desc'])."', '".$db->quote($_REQUEST['enabled'])."', '".time()."')");
- }
- // add: workgroup
- if ($_REQUEST['request_type'] == "workgroup") {
- $query = $db->query("INSERT INTO ".$dbdb.".equate_tickets_groups (`name`, `members`) VALUES ('".$db->quote($_REQUEST['name'])."', '".serialize($_REQUEST['members'])."')");
- }
- // add: security group
- if ($_REQUEST['request_type'] == "security") {
- $query = $db->query("INSERT INTO ".$dbdb.".equate_system_accessgroups (`name`, `desc`, `access`, `lastupdated`) VALUES ('".$db->quote($_REQUEST['name'])."', '".$db->quote($_REQUEST['desc'])."', '".$db->quote($_REQUEST['access'])."', '".time()."')");
- }
- // add: reason
- if ($_REQUEST['request_type'] == "reason") {
- $query = $db->query("INSERT INTO ".$dbdb.".equate_system_refundreasons (`name`, `type`, `enabled`, `lastupdated`, `ref`) VALUES ('".$db->quote($_REQUEST['name'])."', '".$db->quote($_REQUEST['type'])."', '".$db->quote($_REQUEST['enabled'])."', '".time()."', '".md5($_REQUEST['name'].$_REQUEST['type'].Random())."')");
- }
- // add: user
- if ($_REQUEST['request_type'] == "user") {
- $query = $db->query("INSERT INTO ".$dbdb.".equate_admins (`first`, `last`, `phone`, `email`, `username`, `password`, `address`, `city`, `province`, `country`, `postalcode`, `lastupdated`, `security_group`, `pay_rate`, `enabled`) VALUES ('".$db->quote($_REQUEST['first'])."', '".$db->quote($_REQUEST['last'])."', '".$db->quote(Filter('phone',$_REQUEST['phone']))."', '".$db->quote($_REQUEST['email'])."', '".$db->quote($_REQUEST['username'])."', '".md5($_REQUEST['password'])."', '".$db->quote($_REQUEST['address'])."', '".$db->quote($_REQUEST['city'])."', '".$db->quote($_REQUEST['province'])."', '".$db->quote($_REQUEST['country'])."', '".$db->quote($_REQUEST['postal'])."', '".time()."', '".$db->quote($_REQUEST['security_group'])."', '".$db->quote($_REQUEST['pay_rate'])."', '".$db->quote($_REQUEST['enabled'])."')");
- $destination = "dialog,Info,user,".$query[1].",lg";
- }
- // add: operator
- if ($_REQUEST['request_type'] == "operator") {
- $query = $db->select("SELECT first,last FROM ".$dbdb.".`equate_admins` WHERE `id` = '".$_REQUEST['request_id']."'");
- foreach ($query as $row) {
- $name = $row['first']." ".$row['last'];
- }
- $query = $db->query("INSERT INTO ".$dbdb.".equate_operators (`name`, `operator`, `pass`, `enabled`, `lastupdated`, `user_id`) VALUES ('".$db->quote($name)."', '".$db->quote($_REQUEST['operator'])."', '".$db->quote($_REQUEST['password'])."', '".$db->quote($_REQUEST['enabled'])."', '".time()."', '".$db->quote($_REQUEST['request_id'])."')");
- $destination = "dialog,Edit,user,".$_REQUEST['request_id'].",lg";
- }
- // add: category
- if ($_REQUEST['request_type'] == "category") {
- $query = $db->query("INSERT INTO ".$dbdb.".equate_inventory_categories (`name`, `pid`, `enabled`, `lastupdated`) VALUES ('".$db->quote($_REQUEST['name'])."', '".$db->quote($_REQUEST['pid'])."', '".$db->quote($_REQUEST['enabled'])."', '".time()."')");
- }
- // add: attribute
- if ($_REQUEST['request_type'] == "attribute") {
- $query = $db->query("INSERT INTO ".$dbdb.".equate_attributes (`name`, `type`, `lastupdated`) VALUES ('".$db->quote($_REQUEST['name'])."', '".$db->quote($_REQUEST['type'])."', '".time()."')");
- }
- // add: value
- if ($_REQUEST['request_type'] == "value") {
- $query = $db->query("INSERT INTO ".$dbdb.".equate_attribute_values (`name`, `group_id`, `lastupdated`) VALUES ('".$db->quote($_REQUEST['name'])."', '".$db->quote($_REQUEST['group_id'])."', '".time()."')");
- }
- // add: payment method
- if ($_REQUEST['request_type'] == "payment_method") {
- $query = $db->query("INSERT INTO ".$dbdb.".equate_invoicing_paymethods (`name`, `alias`, `enabled`, `showonpos`, `lastupdated`) VALUES ('".$db->quote($_REQUEST['name'])."', '".$db->quote(seo($_REQUEST['name']))."', '".$db->quote($_REQUEST['enabled'])."', '1', '".time()."')");
- }
- // add: coupon
- if ($_REQUEST['request_type'] == "coupon") {
- if ($_REQUEST['expire_control'] == "1") {
- $date = explode(' - ',$_REQUEST['range']);
- $to = strtotime($date[1]);
- $from = strtotime($date[0]);
- } else {
- $to = "0";
- $from = "0";
- }
- if ($_REQUEST['type'] == "1") { $value = $_REQUEST['percentage']; }
- if ($_REQUEST['type'] == "2") { $value = $_REQUEST['dollar']; }
- $query = $db->query("INSERT INTO ".$dbdb.".equate_invoicing_coupons (`name`, `sku`, `enabled`, `wid`, `type`, `template`, `value`, `criteria`, `to`, `from`, `lastupdated`) VALUES ('".$db->quote($_REQUEST['name'])."', '".$db->quote($_REQUEST['sku'])."', '".$db->quote($_REQUEST['enabled'])."', '".$db->quote($_REQUEST['wid'])."', '".$db->quote($_REQUEST['type'])."', '".$db->quote($_REQUEST['template'])."', '".$db->quote($value)."', '".serialize($_REQUEST['criteria'])."', '".$db->quote($to)."', '".$db->quote($from)."', '".time()."')");
- }
- // add: tax
- if ($_REQUEST['request_type'] == "tax") {
- $query = $db->query("INSERT INTO ".$dbdb.".equate_tax (`name`, `rate`, `enabled`, `default`, `lastupdated`) VALUES ('".$db->quote($_REQUEST['name'])."', '".$db->quote(($_REQUEST['rate'] / 100))."', '".$db->quote($_REQUEST['enabled'])."', '".$db->quote($_REQUEST['default'])."', '".time()."')");
- }
- // add: entry (timecard)
- if ($_REQUEST['request_type'] == "entry") {
- $date = explode(' - ',$_REQUEST['date']);
- $query = $db->query("INSERT INTO ".$dbdb.".equate_timecard (`op_id`, `time`, `outtime`, `total`, `lastupdated`, `ref`) VALUES ('".$db->quote($_REQUEST['request_id'])."', '".$db->quote(strtotime($date[0]))."', '".$db->quote(strtotime($date[1]))."', '".$db->quote((strtotime($date[1]) - strtotime($date[0])))."', '".time()."', '".md5(strtotime($date[1]).strtotime($date[0]).$_REQUEST['request_id'])."')");
- $destination = "dialog,Info,timecard,".$_REQUEST['request_id'].",lg";
- }
- // add: currency
- if ($_REQUEST['request_type'] == "currency") {
- $query = $db->query("INSERT INTO ".$dbdb.".equate_system_currency (`name`, `code`, `symbol`, `rate`, `lastupdated`, `enabled`, `autoupdate`) VALUES ('".$db->quote($_REQUEST['name'])."', '".$db->quote($_REQUEST['code'])."', '".$db->quote($_REQUEST['symbol'])."', '".$db->quote($_REQUEST['rate'])."', '".time()."', '".$db->quote($_REQUEST['enabled'])."', '".$db->quote($_REQUEST['autoupdate'])."')");
- }
- // add: ticket
- if ($_REQUEST['request_type'] == "ticket") {
- $query = $db->query("INSERT INTO ".$dbdb.".equate_tickets (`subject`, `owner`, `author`, `status`, `lastupdated`, `severity`, `details`, `custid`, `tranid`) VALUES ('".$db->quote($_REQUEST['subject'])."', '".$db->quote($_REQUEST['owner'])."', '".$db->quote($_REQUEST['owner'])."', '".$db->quote($_REQUEST['status'])."', '".time()."', '".$db->quote($_REQUEST['severity'])."', '".$db->quote($_REQUEST['details'])."', '".$db->quote($_REQUEST['customer'])."', '".$db->quote($_REQUEST['transaction'])."')");
- }
- // add: gift card
- if ($_REQUEST['request_type'] == "gift_card") {
- if ($_REQUEST['expire_control'] == "1" ) { $expire = strtotime($_REQUEST['expire']); } else { $expire = ""; }
- $query = $db->query("INSERT INTO ".$dbdb.".equate_giftcards (`sku`, `total`, `balance`, `expire`, `lastupdated`, `enabled`, `user`) VALUES ('".$db->quote($_REQUEST['sku'])."', '".$db->quote(HumanDollar($_REQUEST['total']))."', '".$db->quote(HumanDollar($_REQUEST['total']))."', '".$db->quote($expire)."', '".time()."', '".$db->quote($_REQUEST['enabled'])."', '".$db->quote($_REQUEST['customer'])."')");
- }
- // add: calendar
- if ($_REQUEST['request_type'] == "calendar") {
- $labels['label'] = $_REQUEST['label'];
- $labels['label_color'] = $_REQUEST['label_color'];
- $query = $db->query("INSERT INTO ".$dbdb.".equate_calendar_calendars (`name`, `desc`, `view`, `view_list`, `edit`, `edit_list`, `labels`, `enabled`, `type`, `lastupdated`) VALUES ('".$db->quote($_REQUEST['name'])."', '".$db->quote($_REQUEST['desc'])."', '".$db->quote($_REQUEST['view'])."', '".serialize($_REQUEST['view_list'])."', '".$db->quote($_REQUEST['edit'])."', '".serialize($_REQUEST['edit_list'])."', '".serialize($labels)."', '".$db->quote($_REQUEST['enabled'])."', '".$db->quote($_REQUEST['type'])."', '".time()."')");
- }
- // add: event
- if ($_REQUEST['request_type'] == "event") {
- // explode date/time field
- // if (isset($_REQUEST['start'])) { $stmt_start = "`start` = '".$db->quote(strtotime(str_replace("T", " ", $_REQUEST['start'])))."', "; }
- $date = explode(' - ',$_REQUEST['date']);
- $query = $db->select("SELECT * FROM ".$dbdb.".equate_calendar_calendars WHERE `id` = '".$_REQUEST['request_id']."'");
- foreach ($query as $row) {
- $labels = unserialize($row['labels']);
- }
- foreach($labels['label'] as $index => $label) {
- if ($label == $_REQUEST['label']) { $type = $labels['label_color']{$index}; }
- }
- if ($_REQUEST['request_event_type'] == "schedule") {
- $query = $db->select("SELECT * FROM ".$dbdb.".equate_admins WHERE `id` = '".$_REQUEST['value']."'");
- foreach ($query as $row) {
- $title = $row['first']." ".$row['last']." (".$_REQUEST['label'].")";
- }
- } else { $title = $_REQUEST['title']; }
- $query = $db->query("INSERT INTO ".$dbdb.".equate_calendar (`type`, `value`, `class`, `title`, `start`, `end`, `cid`, `ref`, `lastupdated`) VALUES ('".$type."', '".$db->quote($_REQUEST['value'])."', '".$label."', '".$db->quote($title)."', '".$db->quote(strtotime($date[0]))."', '".$db->quote(strtotime($date[1]))."', '".$db->quote($_REQUEST['request_id'])."', '".$db->quote(md5(Random().$_REQUEST['date'].$_REQUEST['title']))."', '".time()."')");
- $destination = "calendarrefresh,".$_REQUEST['request_id'];
- }
- // add: adapter
- if ($_REQUEST['request_type'] == "adapter") {
- if (strpos($_REQUEST['ip'], ':') == true) { $explode = explode(":", $_REQUEST['ip']); $host = $explode[0]; $port = $explode[1]; } else { $host = $_REQUEST['ip']; $port = null; }
- $link = mysqli_connect($host, $_REQUEST['username'], $_REQUEST['password'], $_REQUEST['database'], $port);
- if (!$link) {
- echo "error,Cannot connect to SQL server: ".mysqli_connect_error();
- exit;
- } else {
- if ($_REQUEST['type'] == "ps1") {
- $querytest = $link->query("SELECT * FROM `".$_REQUEST['database']."`.`".$_REQUEST['prefix']."shop`");
- }
- if ($_REQUEST['type'] == "vm2") {
- $querytest = $link->query("SELECT * FROM INFORMATION_SCHEMA.TABLES WHERE `TABLE_NAME` LIKE '".$prefix."virtuemart_%'");
- if ($querytest->num_rows == "0") { return false; } else { return true; }
- }
- if ($querytest) {
- $query = $db->query("INSERT INTO ".$dbdb.".equate_adapters (`name`, `type`, `enabled`, `ip`, `database`, `username`, `password`, `prefix`, `lastupdated`) VALUES ('".$db->quote($_REQUEST['name'])."', '".$db->quote($_REQUEST['type'])."', '".$db->quote($_REQUEST['enabled'])."', '".$db->quote($_REQUEST['ip'])."', '".$db->quote($_REQUEST['database'])."', '".$db->quote($_REQUEST['username'])."', '".$_REQUEST['password']."', '".$db->quote($_REQUEST['prefix'])."', '".time()."')");
- $destination = "dialog,Info,adapter,".$query[1]."";
- } else { echo "error,Cannot locate adapter tables. Please check adapter type or table prefix settings."; exit; }
- }
- }
- // add: terminal
- if ($_REQUEST['request_type'] == "terminal") {
- $query = $db->query("INSERT INTO ".$dbdb.".equate_system (`register`, `company`, `address`, `address2`, `city`, `province`, `country`, `postalcode`, `phone`, `phone2`, `web`, `email`, `enabled`, `wid`, `lastupdated`) VALUES ('".$db->quote($_REQUEST['register'])."', '".$db->quote($_REQUEST['company'])."', '".$db->quote($_REQUEST['address'])."', '".$db->quote($_REQUEST['address2'])."', '".$db->quote($_REQUEST['city'])."', '".$db->quote($_REQUEST['province'])."', '".$db->quote($_REQUEST['country'])."', '".$db->quote($_REQUEST['postalcode'])."', '".$db->quote(Filter('phone',$_REQUEST['phone']))."', '".$db->quote(Filter('phone',$_REQUEST['phone2']))."', '".$db->quote($_REQUEST['web'])."', '".$db->quote($_REQUEST['email'])."', '".$db->quote($_REQUEST['enabled'])."', '".$db->quote($_REQUEST['wid'])."', '".time()."')");
- }
- // add: warehouse
- if ($_REQUEST['request_type'] == "warehouse") {
- $query = $db->query("INSERT INTO ".$dbdb.".equate_inventory_warehouse (`name`, `contact`, `address`, `city`, `province`, `country`, `postalcode`, `phone1`, `phone2`, `email`, `enabled`, `lastupdated`) VALUES ('".$db->quote($_REQUEST['name'])."', '".$db->quote($_REQUEST['contact'])."', '".$db->quote($_REQUEST['address'])."', '".$db->quote($_REQUEST['city'])."', '".$db->quote($_REQUEST['province'])."', '".$db->quote($_REQUEST['country'])."', '".$db->quote($_REQUEST['postalcode'])."', '".$db->quote(Filter('phone',$_REQUEST['phone']))."', '".$db->quote(Filter('phone',$_REQUEST['phone2']))."', '".$db->quote($_REQUEST['email'])."', '".$db->quote($_REQUEST['enabled'])."', '".time()."')");
- }
- // add: manufacturer
- if ($_REQUEST['request_type'] == "manufacturer") {
- $query = $db->query("INSERT INTO ".$dbdb.".equate_inventory_manufacturers (`name`, `contact`, `address`, `city`, `province`, `country`, `postalcode`, `phone1`, `phone2`, `website`, `email`, `enabled`, `lastupdated`) VALUES ('".$db->quote($_REQUEST['name'])."', '".$db->quote($_REQUEST['contact'])."', '".$db->quote($_REQUEST['address'])."', '".$db->quote($_REQUEST['city'])."', '".$db->quote($_REQUEST['province'])."', '".$db->quote($_REQUEST['country'])."', '".$db->quote($_REQUEST['postalcode'])."', '".$db->quote($_REQUEST['phone'])."', '".$db->quote($_REQUEST['phone2'])."', '".$db->quote($_REQUEST['web'])."', '".$db->quote($_REQUEST['email'])."', '".$db->quote($_REQUEST['enabled'])."', '".time()."')");
- }
- // add: manufacturer
- if ($_REQUEST['request_type'] == "supplier") {
- $query = $db->query("INSERT INTO ".$dbdb.".equate_po_suppliers (`name`, `contact`, `address`, `city`, `province`, `country`, `postalcode`, `phone1`, `phone2`, `website`, `email`, `enabled`, `lastupdated`) VALUES ('".$db->quote($_REQUEST['name'])."', '".$db->quote($_REQUEST['contact'])."', '".$db->quote($_REQUEST['address'])."', '".$db->quote($_REQUEST['city'])."', '".$db->quote($_REQUEST['province'])."', '".$db->quote($_REQUEST['country'])."', '".$db->quote($_REQUEST['postalcode'])."', '".$db->quote($_REQUEST['phone'])."', '".$db->quote($_REQUEST['phone2'])."', '".$db->quote($_REQUEST['web'])."', '".$db->quote($_REQUEST['email'])."', '".$db->quote($_REQUEST['enabled'])."', '".time()."')");
- }
- // add: custom field
- if ($_REQUEST['request_type'] == "custom_field") {
- // get next available available custom field position (lowest number first)
- $used = array();
- $query = $db->select("SELECT `position` FROM ".$dbdb.".`equate_system_customfields` WHERE `type` = '".$_REQUEST['field_type']."'");
- if ($query->num_rows != "0") { foreach ($query as $row) { array_push($used,$row['position']); } }
- $i = "1";
- while (in_array($i, $used) && $i < 11) { $i++; }
- if ($i == "11") { echo "error,There are no more custom fields available for this type."; exit; } else { $position = $i; }
- $query = $db->query("INSERT INTO ".$dbdb.".equate_system_customfields (`type`, `label`, `position`, `enabled`, `required`, `lastupdated`) VALUES ('".$db->quote($_REQUEST['field_type'])."', '".$db->quote($_REQUEST['label'])."', '".$db->quote($position)."', '".$db->quote($_REQUEST['enabled'])."', '".$db->quote($_REQUEST['required'])."', '".time()."')");
- }
- }
- if ($_REQUEST['request'] == "edit") {
- // edit: customer
- if ($_REQUEST['request_type'] == "customer") {
- if ($_REQUEST['limit'] == "") {
- $limit = "";
- } else {
- $query = $db->select("SELECT * FROM ".$dbdb.".`equate_customers` WHERE `id` = '".$_REQUEST['request_id']."'");
- foreach ($query as $row) {
- $current_limit = $row['limit'];
- $current_available = $row['available'];
- }
- $current_difference = $current_limit - $_REQUEST['limit'];
- $new_limit = $current_limit - $current_difference;
- $new_available = $current_available - $current_difference;
- $limit = ", `limit` = '".$db->quote(HumanDollar($new_limit))."', `available` = '".$db->quote(HumanDollar($new_available))."'";
- }
- $query = $db->query("UPDATE ".$dbdb.".equate_customers SET `storegroups` = '".$db->quote($_REQUEST['popup'])."', `first` = '".$db->quote($_REQUEST['first'])."', `last` = '".$db->quote($_REQUEST['last'])."', `company` = '".$db->quote($_REQUEST['company'])."', `address1` = '".$db->quote($_REQUEST['address1'])."', `address2` = '".$db->quote($_REQUEST['address2'])."', `city` = '".$db->quote($_REQUEST['city'])."', `province` = '".$db->quote($_REQUEST['province'])."', `postalcode` = '".$db->quote($_REQUEST['postalcode'])."', `country` = '".$db->quote($_REQUEST['country'])."', `homephone` = '".$db->quote(Filter('phone',$_REQUEST['homephone']))."', `busphone` = '".$db->quote(Filter('phone',$_REQUEST['busphone']))."', `cellphone` = '".$db->quote(Filter('phone',$_REQUEST['cellphone']))."', `sku` = '".$db->quote($_REQUEST['sku'])."', `enabled` = '".$db->quote($_REQUEST['enabled'])."', `collect_loyalty` = '".$db->quote($_REQUEST['collect_loyalty'])."', `c1` = '".$db->quote($_REQUEST['c1'])."', `c2` = '".$db->quote($_REQUEST['c2'])."', `c3` = '".$db->quote($_REQUEST['c3'])."', `c4` = '".$db->quote($_REQUEST['c4'])."', `c5` = '".$db->quote($_REQUEST['c5'])."', `c6` = '".$db->quote($_REQUEST['c6'])."', `c7` = '".$db->quote($_REQUEST['c7'])."', `c8` = '".$db->quote($_REQUEST['c8'])."', `c9` = '".$db->quote($_REQUEST['c9'])."', `c10` = '".$db->quote($_REQUEST['c10'])."', `groups` = '".serialize($_REQUEST['groups'])."', `lastupdated` = '".time()."'".$limit." WHERE `id` = '".$_REQUEST['request_id']."'");
- }
- // edit: product
- if ($_REQUEST['request_type'] == "product") {
- if ($_REQUEST['stock_min'] > $_REQUEST['stock_max']) { echo "error,Check the minimum, required, and maximum quantities in the supply tab."; exit; }
- $query = $db->query("UPDATE ".$dbdb.".equate_products SET `sku` = '".$db->quote($_REQUEST['sku'])."', `ean13` = '".$db->quote($_REQUEST['ean13'])."', `desc` = '".$db->quote($_REQUEST['desc'])."', `weight` = '".$db->quote($_REQUEST['weight'])."', `price` = '".$db->quote($_REQUEST['price'])."', `tax` = '".$db->quote($_REQUEST['tax'])."', `total` = '".$db->quote($_REQUEST['total'])."', `batched` = '".time()."', `enabled` = '".$db->quote($_REQUEST['enabled'])."', `notes` = '".$db->quote($_REQUEST['notes'])."', `cid` = '".$db->quote($_REQUEST['cid'])."', `mid` = '".$db->quote($_REQUEST['mid'])."', `parent` = '".$db->quote($_REQUEST['parent'])."', `taxid` = '".$db->quote($_REQUEST['taxid'])."', `cost` = '".$db->quote($_REQUEST['cost'])."', `availonline` = '".$db->quote($_REQUEST['availonline'])."', `origprice` = '".$db->quote($_REQUEST['origprice'])."', `moduser` = '".$_SESSION['equate_auth']."', `moddate` = '".time()."', `grouped` = '".$db->quote($_REQUEST['grouped'])."', `loyalty` = '".$db->quote($_REQUEST['loyalty'])."', `reference` = '".$db->quote($_REQUEST['reference'])."', `c1` = '".$db->quote($_REQUEST['c1'])."', `c2` = '".$db->quote($_REQUEST['c2'])."', `c3` = '".$db->quote($_REQUEST['c3'])."', `c4` = '".$db->quote($_REQUEST['c4'])."', `c5` = '".$db->quote($_REQUEST['c5'])."', `c6` = '".$db->quote($_REQUEST['c6'])."', `c7` = '".$db->quote($_REQUEST['c7'])."', `c8` = '".$db->quote($_REQUEST['c8'])."', `c9` = '".$db->quote($_REQUEST['c9'])."', `c10` = '".$db->quote($_REQUEST['c10'])."', `supply` = '".$db->quote($_REQUEST['supply'])."' WHERE `id` = '".$_REQUEST['request_id']."'");
- if ($_REQUEST['supply'] == "1") {
- if ($_REQUEST['expire'] == "0") { $expiration = ""; } else { $expiration = $_REQUEST['expiration']; }
- $query = $db->query("INSERT INTO ".$dbdb.".equate_inventory_supply (`pid`, `sid`, `type`, `stock_min`, `stock_required`, `stock_max`, `expiration`, `lastupdated`) VALUES ('".$_REQUEST['request_id']."', '".$db->quote($_REQUEST['sid'])."', '".$db->quote($_REQUEST['supply_type'])."', '".$db->quote($_REQUEST['stock_min'])."', '".$db->quote($_REQUEST['stock_required'])."', '".$db->quote($_REQUEST['stock_max'])."', '".strtotime($expiration)."', '".time()."') ON DUPLICATE KEY UPDATE `sid` = '".$db->quote($_REQUEST['sid'])."', `type` = '".$db->quote($_REQUEST['supply_type'])."', `stock_min` = '".$db->quote($_REQUEST['stock_min'])."', `stock_required` = '".$db->quote($_REQUEST['stock_required'])."', `stock_max` = '".$db->quote($_REQUEST['stock_max'])."', `expiration` = '".strtotime($expiration)."', `lastupdated` = '".time()."'");
- }
- $query = $db->query("INSERT INTO ".$dbdb.".equate_product_descriptions (`pid`, `short`, `long`) VALUES ('".$_REQUEST['request_id']."', '".$db->quote($_REQUEST['short'])."', '".$db->quote($_REQUEST['long'])."') ON DUPLICATE KEY UPDATE `short` = '".$db->quote($_REQUEST['short'])."', `long` = '".$db->quote($_REQUEST['long'])."'");
- }
- // edit: user
- if ($_REQUEST['request_type'] == "user") {
- if ($_REQUEST['password'] == "") { $password = ""; } else { $password = ", `password` = '".$db->quote(md5($_REQUEST['password']))."'"; }
- $query = $db->query("UPDATE ".$dbdb.".equate_admins SET `first` = '".$db->quote($_REQUEST['first'])."', `last` = '".$db->quote($_REQUEST['last'])."', `phone` = '".$db->quote($_REQUEST['phone'])."', `email` = '".$db->quote($_REQUEST['email'])."', `address` = '".$db->quote($_REQUEST['address'])."', `city` = '".$db->quote($_REQUEST['city'])."', `province` = '".$db->quote($_REQUEST['province'])."', `country` = '".$db->quote($_REQUEST['country'])."', `postalcode` = '".$db->quote($_REQUEST['postal'])."', `username` = '".$db->quote($_REQUEST['username'])."', `lastupdated` = '".time()."', `security_group` = '".$db->quote($_REQUEST['security_group'])."', `pay_rate` = '".$db->quote($_REQUEST['pay_rate'])."', `enabled` = '".$db->quote($_REQUEST['enabled'])."'".$password." WHERE id = '".$_REQUEST['request_id']."'");
- $destination = "dialog,Info,user,".$_REQUEST['request_id'].",lg";
- }
- // edit: group
- if ($_REQUEST['request_type'] == "group") {
- $query = $db->query("UPDATE ".$dbdb.".equate_customer_groups SET `name` = '".$db->quote($_REQUEST['name'])."', `desc` = '".$db->quote($_REQUEST['desc'])."', `enabled` = '".$db->quote($_REQUEST['enabled'])."', `lastupdated` = '".time()."' WHERE `id` = '".$_REQUEST['request_id']."'");
- }
- // edit: workgroup
- if ($_REQUEST['request_type'] == "workgroup") {
- $query = $db->query("UPDATE ".$dbdb.".equate_tickets_groups SET `name` = '".$db->quote($_REQUEST['name'])."', `members` = '".serialize($_REQUEST['members'])."' WHERE `id` = '".$_REQUEST['request_id']."'");
- }
- // edit: security group
- if ($_REQUEST['request_type'] == "security") {
- $query = $db->query("UPDATE ".$dbdb.".equate_system_accessgroups SET `name` = '".$db->quote($_REQUEST['name'])."', `desc` = '".$db->quote($_REQUEST['desc'])."', `access` = '".serialize($_REQUEST['access'])."', `lastupdated` = '".time()."' WHERE `id` = '".$_REQUEST['request_id']."'");
- }
- // edit: reason
- if ($_REQUEST['request_type'] == "reason") {
- $query = $db->query("UPDATE ".$dbdb.".equate_system_refundreasons SET `name` = '".$db->quote($_REQUEST['name'])."', `type` = '".$db->quote($_REQUEST['type'])."', `enabled` = '".$db->quote($_REQUEST['enabled'])."', `lastupdated` = '".time()."' WHERE `id` = '".$_REQUEST['request_id']."'");
- }
- // edit: operator
- if ($_REQUEST['request_type'] == "operator") {
- if ($_REQUEST['password'] == "") { $password = ""; } else { $password = ", `pass` = '".$db->quote($_REQUEST['password'])."'"; }
- $query = $db->query("UPDATE ".$dbdb.".equate_operators SET `operator` = '".$db->quote($_REQUEST['operator'])."', `enabled` = '".$db->quote($_REQUEST['enabled'])."', `lastupdated` = '".time()."'".$password." WHERE `operator` = '".$_REQUEST['request_id']."'");
- }
- // edit: category
- if ($_REQUEST['request_type'] == "category") {
- $query = $db->query("UPDATE ".$dbdb.".equate_inventory_categories SET `name` = '".$db->quote($_REQUEST['name'])."', `pid` = '".$db->quote($_REQUEST['pid'])."', `enabled` = '".$db->quote($_REQUEST['enabled'])."', `lastupdated` = '".time()."' WHERE `id` = '".$_REQUEST['request_id']."'");
- }
- // edit: attribute
- if ($_REQUEST['request_type'] == "attribute") {
- $query = $db->query("UPDATE ".$dbdb.".equate_attributes SET `name` = '".$db->quote($_REQUEST['name'])."', `type` = '".$db->quote($_REQUEST['type'])."' `lastupdated` = '".time()."' WHERE `id` = '".$_REQUEST['request_id']."'");
- }
- // edit: value
- if ($_REQUEST['request_type'] == "value") {
- $query = $db->query("UPDATE ".$dbdb.".equate_attribute_values SET `name` = '".$db->quote($_REQUEST['name'])."', `group_id` = '".$db->quote($_REQUEST['group_id'])."' `lastupdated` = '".time()."' WHERE `id` = '".$_REQUEST['request_id']."'");
- }
- // edit: payment method
- if ($_REQUEST['request_type'] == "payment_method") {
- $query = $db->query("UPDATE ".$dbdb.".equate_invoicing_paymethods SET `name` = '".$db->quote($_REQUEST['name'])."', `enabled` = '".$db->quote($_REQUEST['enabled'])."', `lastupdated` = '".time()."' WHERE `id` = '".$_REQUEST['request_id']."'");
- }
- // edit: coupon
- if ($_REQUEST['request_type'] == "coupon") {
- if ($_REQUEST['expire_control'] == "1") {
- $date = explode(' - ',$_REQUEST['range']);
- $to = strtotime($date[1]);
- $from = strtotime($date[0]);
- } else {
- $to = "0";
- $from = "0";
- }
- if ($_REQUEST['type'] == "1") { $value = $_REQUEST['percentage']; }
- if ($_REQUEST['type'] == "2") { $value = $_REQUEST['dollar']; }
- $query = $db->select("SELECT * FROM ".$dbdb.".equate_invoicing_coupons WHERE `id` = '".$_REQUEST['request_id']."'");
- foreach ($query as $row) {
- $value_chk = $row['value'];
- }
- if ($value_chk != $value && $value != "") { $value = $value; } else { $value = $value_chk; }
- $query = $db->query("UPDATE ".$dbdb.".equate_invoicing_coupons SET `name` = '".$db->quote($_REQUEST['name'])."', `sku` = '".$db->quote($_REQUEST['sku'])."', `enabled` = '".$db->quote($_REQUEST['enabled'])."', `wid` = '".$db->quote($_REQUEST['wid'])."', `type` = '".$db->quote($_REQUEST['type'])."', `template` = '".$db->quote($_REQUEST['template'])."', `value` = '".$db->quote($value)."', `criteria` = '".serialize($_REQUEST['criteria'])."', `to` = '".$db->quote($to)."', `from` = '".$db->quote($from)."', `lastupdated` = '".time()."' WHERE `id` = '".$_REQUEST['request_id']."'");
- }
- // edit: tax
- if ($_REQUEST['request_type'] == "tax") {
- $query = $db->query("UPDATE ".$dbdb.".equate_tax SET `name` = '".$db->quote($_REQUEST['name'])."', `rate` = '".$db->quote(($_REQUEST['rate'] / 100))."', `enabled` = '".$db->quote($_REQUEST['enabled'])."', `default` = '".$db->quote($_REQUEST['default'])."', `lastupdated` = '".time()."' WHERE `id` = '".$_REQUEST['request_id']."'");
- }
- // edit: entry (timecard)
- if ($_REQUEST['request_type'] == "entry") {
- $date = explode(' - ',$_REQUEST['date']);
- $query = $db->query("UPDATE ".$dbdb.".equate_timecard SET `op_id` = '".$db->quote($_REQUEST['value'])."', `time` = '".$db->quote(strtotime($date[0]))."', `outtime` = '".$db->quote(strtotime($date[1]))."', `total` = '".$db->quote((strtotime($date[1]) - strtotime($date[0])))."', `lastupdated` = '".time()."' WHERE `ref` = '".$_REQUEST['request_id']."'");
- $destination = "dialog,Info,timecard,".$_REQUEST['value'].",lg";
- }
- // edit: currency
- if ($_REQUEST['request_type'] == "currency") {
- $query = $db->query("UPDATE ".$dbdb.".equate_system_currency SET `name` = '".$db->quote($_REQUEST['name'])."', `code` = '".$db->quote($_REQUEST['code'])."', `symbol` = '".$db->quote($_REQUEST['symbol'])."', `rate` = '".$db->quote($_REQUEST['rate'])."', `lastupdated` = '".time()."', `enabled` = '".$db->quote($_REQUEST['enabled'])."', `autoupdate` = '".$db->quote($_REQUEST['autoupdate'])."' WHERE `id` = '".$_REQUEST['request_id']."'");
- }
- // edit: ticket
- if ($_REQUEST['request_type'] == "ticket") {
- $query = $db->query("UPDATE ".$dbdb.".equate_tickets SET `subject` = '".$db->quote($_REQUEST['subject'])."', `owner` = '".$db->quote($_REQUEST['owner'])."', `status` = '".$db->quote($_REQUEST['status'])."', `severity` = '".$db->quote($_REQUEST['severity'])."', `lastupdated` = '".time()."', `details` = '".$db->quote($_REQUEST['details'])."', `custid` = '".$db->quote($_REQUEST['customer'])."', `tranid` = '".$db->quote($_REQUEST['transaction'])."' WHERE `id` = '".$_REQUEST['request_id']."'");
- }
- // edit: gift card
- if ($_REQUEST['request_type'] == "gift_card") {
- $query = $db->select("SELECT * FROM ".$dbdb.".equate_giftcards WHERE `id` = '".$_REQUEST['request_id']."'");
- foreach ($query as $row) {
- $original_total = $row['total'];
- $original_balance = $row['balance'];
- }
- if ($_REQUEST['total'] == "") { $_REQUEST['total'] = $original_total; }
- $total_difference = $original_total - $_REQUEST['total'];
- $total = $original_total - $total_difference;
- $balance = $original_balance - $total_difference;
- if ($_REQUEST['expire_control'] == "1" ) { $expire = strtotime($_REQUEST['expire']); } else { $expire = ""; }
- $query = $db->query("UPDATE ".$dbdb.".equate_giftcards SET `sku` = '".$db->quote($_REQUEST['sku'])."', `total` = '".$db->quote(HumanDollar($total))."', `balance` = '".$db->quote(HumanDollar($balance))."', `expire` = '".$db->quote($expire)."', `lastupdated` = '".time()."', `enabled` = '".$db->quote($_REQUEST['enabled'])."', `user` = '".$db->quote($_REQUEST['customer'])."' WHERE `id` = '".$_REQUEST['request_id']."'");
- }
- // edit: calendar
- if ($_REQUEST['request_type'] == "calendar") {
- $labels['label'] = $_REQUEST['label'];
- $labels['label_color'] = $_REQUEST['label_color'];
- $query = $db->query("UPDATE ".$dbdb.".equate_calendar_calendars SET `name` = '".$db->quote($_REQUEST['name'])."', `desc` = '".$db->quote($_REQUEST['desc'])."', `view` = '".$db->quote($_REQUEST['view'])."', `view_list` = '".serialize($_REQUEST['view_list'])."', `edit` = '".$db->quote($_REQUEST['edit'])."', `edit_list` = '".serialize($_REQUEST['edit_list'])."', `labels` = '".serialize($labels)."', `enabled` = '".$db->quote($_REQUEST['enabled'])."', `type` = '".$db->quote($_REQUEST['type'])."', `lastupdated` = '".time()."' WHERE `id` = '".$_REQUEST['request_id']."'");
- }
- // add: event
- if ($_REQUEST['request_type'] == "event") {
- // explode date/time field
- // if (isset($_REQUEST['start'])) { $stmt_start = "`start` = '".$db->quote(strtotime(str_replace("T", " ", $_REQUEST['start'])))."', "; }
- $date = explode(' - ',$_REQUEST['date']);
- $query = $db->select("SELECT * FROM ".$dbdb.".equate_calendar WHERE `ref` = '".$_REQUEST['request_id']."'");
- foreach ($query as $row) {
- $cid = $row['cid'];
- }
- $query = $db->select("SELECT * FROM ".$dbdb.".equate_calendar_calendars WHERE `id` = '".$cid."'");
- foreach ($query as $row) {
- $labels = unserialize($row['labels']);
- }
- foreach($labels['label'] as $index => $label) {
- if ($label == $_REQUEST['label']) { $type = $labels['label_color']{$index}; }
- }
- if ($_REQUEST['request_event_type'] == "schedule") {
- $query = $db->select("SELECT * FROM ".$dbdb.".equate_admins WHERE `id` = '".$_REQUEST['value']."'");
- foreach ($query as $row) {
- $title = $row['first']." ".$row['last']." (".$_REQUEST['label'].")";
- }
- } else { $title = $_REQUEST['title']; }
- $query = $db->query("UPDATE ".$dbdb.".equate_calendar SET `class` = '".$db->quote($_REQUEST['label'])."', `value` = '".$db->quote($_REQUEST['value'])."', `type` = '".$db->quote($type)."', `title` = '".$db->quote($title)."', `details` = '".$db->quote(seo($_REQUEST['desc']))."', `start` = '".strtotime($date[0])."', `end` = '".strtotime($date[1])."', `lastupdated` = '".time()."' WHERE `ref` = '".$_REQUEST['request_id']."'");
- $destination = "calendarrefresh,".$_REQUEST['request_id'];
- }
- // edit: adapter
- if ($_REQUEST['request_type'] == "adapter") {
- $query = $db->select("SELECT `password` FROM ".$dbdb.".`equate_adapters` WHERE `id` = '".$_REQUEST['request_id']."'");
- if ($query->num_rows != "0") {
- foreach ($query as $row) {
- $current_password = $row['password'];
- }
- }
- if ($_REQUEST['password'] == "") { $current_password = $current_password; } else { $current_password = $_REQUEST['password']; }
- if (strpos($_REQUEST['ip'], ':') == true) { $explode = explode(":", $_REQUEST['ip']); $host = $explode[0]; $port = $explode[1]; } else { $host = $_REQUEST['ip']; $port = null; }
- $link = mysqli_connect($host, $_REQUEST['username'], $current_password, $_REQUEST['database'], $port);
- if (!$link) {
- echo "error,Cannot connect to SQL server: ".mysqli_connect_error();
- exit;
- } else {
- if ($_REQUEST['type'] == "ps1") {
- $querytest = $link->query("SELECT * FROM `".$_REQUEST['database']."`.`".$_REQUEST['prefix']."shop`");
- }
- if ($_REQUEST['type'] == "vm2") {
- $querytest = $link->query("SELECT * FROM INFORMATION_SCHEMA.TABLES WHERE `TABLE_NAME` LIKE '".$prefix."virtuemart_%'");
- if ($querytest->num_rows == "0") { return false; } else { return true; }
- }
- if ($querytest) {
- if ($_REQUEST['password'] == "") { $password = ""; } else { $password = ", `password` = '".$db->quote($_REQUEST['password'])."'"; }
- $query = $db->query("UPDATE ".$dbdb.".equate_adapters SET `name` = '".$db->quote($_REQUEST['name'])."', `type` = '".$db->quote($_REQUEST['type'])."', `enabled` = '".$db->quote($_REQUEST['enabled'])."', `ip` = '".$db->quote($_REQUEST['ip'])."', `database` = '".$db->quote($_REQUEST['database'])."', `username` = '".$db->quote($_REQUEST['username'])."', `prefix` = '".$db->quote($_REQUEST['prefix'])."', `lastupdated` = '".time()."'".$password." WHERE id = '".$_REQUEST['request_id']."'");
- $destination = "dialog,Info,adapter,".$_REQUEST['request_id']."";
- } else { echo "error,Cannot locate adapter tables. Please check adapter type or table prefix settings."; exit; }
- }
- }
- // edit: terminals
- if ($_REQUEST['request_type'] == "terminal") {
- $query = $db->query("UPDATE ".$dbdb.".equate_system SET `company` = '".$db->quote($_REQUEST['company'])."', `address` = '".$db->quote($_REQUEST['address'])."', `address2` = '".$db->quote($_REQUEST['address2'])."', `city` = '".$db->quote($_REQUEST['city'])."', `province` = '".$db->quote($_REQUEST['province'])."', `country` = '".$db->quote($_REQUEST['country'])."', `postalcode` = '".$db->quote($_REQUEST['postalcode'])."', `phone` = '".$db->quote($_REQUEST['phone'])."', `phone2` = '".$db->quote($_REQUEST['phone2'])."', `web` = '".$db->quote($_REQUEST['web'])."', `email` = '".$db->quote($_REQUEST['email'])."', `enabled` = '".$db->quote($_REQUEST['enabled'])."', `wid` = '".$db->quote($_REQUEST['wid'])."', `lastupdated` = '".time()."' WHERE `register` = '".$_REQUEST['request_id']."'");
- }
- // edit: warehouse
- if ($_REQUEST['request_type'] == "warehouse") {
- $query = $db->query("UPDATE ".$dbdb.".equate_inventory_warehouse SET `name` = '".$db->quote($_REQUEST['name'])."', `contact` = '".$db->quote($_REQUEST['contact'])."', `address` = '".$db->quote($_REQUEST['address'])."', `city` = '".$db->quote($_REQUEST['city'])."', `province` = '".$db->quote($_REQUEST['province'])."', `country` = '".$db->quote($_REQUEST['country'])."', `postalcode` = '".$db->quote($_REQUEST['postalcode'])."', `phone1` = '".$db->quote($_REQUEST['phone'])."', `phone2` = '".$db->quote($_REQUEST['phone2'])."', `email` = '".$db->quote($_REQUEST['email'])."', `enabled` = '".$db->quote($_REQUEST['enabled'])."', `lastupdated` = '".time()."' WHERE `id` = '".$_REQUEST['request_id']."'");
- }
- // edit: manufacturer
- if ($_REQUEST['request_type'] == "manufacturer") {
- $query = $db->query("UPDATE ".$dbdb.".equate_inventory_manufacturers SET `name` = '".$db->quote($_REQUEST['name'])."', `contact` = '".$db->quote($_REQUEST['contact'])."', `address` = '".$db->quote($_REQUEST['address'])."', `city` = '".$db->quote($_REQUEST['city'])."', `province` = '".$db->quote($_REQUEST['province'])."', `country` = '".$db->quote($_REQUEST['country'])."', `postalcode` = '".$db->quote($_REQUEST['postalcode'])."', `phone1` = '".$db->quote($_REQUEST['phone'])."', `phone2` = '".$db->quote($_REQUEST['phone2'])."', `email` = '".$db->quote($_REQUEST['email'])."', `website` = '".$db->quote($_REQUEST['web'])."', `enabled` = '".$db->quote($_REQUEST['enabled'])."', `lastupdated` = '".time()."' WHERE `id` = '".$_REQUEST['request_id']."'");
- }
- // edit: supplier
- if ($_REQUEST['request_type'] == "supplier") {
- $query = $db->query("UPDATE ".$dbdb.".equate_po_suppliers SET `name` = '".$db->quote($_REQUEST['name'])."', `contact` = '".$db->quote($_REQUEST['contact'])."', `address` = '".$db->quote($_REQUEST['address'])."', `city` = '".$db->quote($_REQUEST['city'])."', `province` = '".$db->quote($_REQUEST['province'])."', `country` = '".$db->quote($_REQUEST['country'])."', `postalcode` = '".$db->quote($_REQUEST['postalcode'])."', `phone1` = '".$db->quote($_REQUEST['phone'])."', `phone2` = '".$db->quote($_REQUEST['phone2'])."', `email` = '".$db->quote($_REQUEST['email'])."', `website` = '".$db->quote($_REQUEST['web'])."', `enabled` = '".$db->quote($_REQUEST['enabled'])."', `lastupdated` = '".time()."' WHERE `id` = '".$_REQUEST['request_id']."'");
- }
- // edit: custom field
- if ($_REQUEST['request_type'] == "custom_field") {
- $query = $db->query("UPDATE ".$dbdb.".equate_system_customfields SET `label` = '".$db->quote($_REQUEST['label'])."', `enabled` = '".$db->quote($_REQUEST['enabled'])."', `required` = '".$db->quote($_REQUEST['required'])."', `lastupdated` = '".time()."' WHERE `id` = '".$_REQUEST['request_id']."'");
- }
- }
- if ($_REQUEST['request'] == "settings") {
- if ($_REQUEST['request_type'] == "locale") {
- $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('billing_tax', '".$db->quote($_REQUEST['set_pref_billing_tax'])."', '') ON DUPLICATE KEY UPDATE `value` = '".$db->quote($_REQUEST['set_pref_billing_tax'])."'");
- $query = $db->query("UPDATE ".$dbdb.".equate_preferences SET `value` = '".$db->quote($_REQUEST['set_pref_date_display'])."' WHERE `property` = 'date_display'");
- $query = $db->query("UPDATE ".$dbdb.".equate_preferences SET `value` = '".$db->quote($_REQUEST['set_pref_date_time'])."' WHERE `property` = 'date_time'");
- $query = $db->query("UPDATE ".$dbdb.".equate_preferences SET `value` = '".$db->quote($_REQUEST['set_pref_date_timezone'])."' WHERE `property` = 'date_timezone'");
- $query = $db->query("UPDATE ".$dbdb.".equate_preferences SET `value` = '".$db->quote($_REQUEST['set_pref_billing_currency_decimal'])."' WHERE `property` = 'billing_currency_decimal'");
- $query = $db->query("UPDATE ".$dbdb.".equate_preferences SET `value` = '".$db->quote($_REQUEST['set_pref_billing_currency_position'])."' WHERE `property` = 'billing_currency_position'");
- $query = $db->query("UPDATE ".$dbdb.".equate_preferences SET `value` = '".$db->quote($_REQUEST['set_pref_billing_currency_thousand'])."' WHERE `property` = 'billing_currency_thousand'");
- $query = $db->query("UPDATE ".$dbdb.".equate_preferences SET `value` = '".$db->quote($_REQUEST['set_pref_billing_currency'])."' WHERE `property` = 'billing_currency'");
- $query = $db->query("UPDATE ".$dbdb.".equate_preferences SET `value` = '".$db->quote($_REQUEST['set_pref_billing_currency_autoupdate'])."' WHERE `property` = 'billing_currency_autoupdate'");
- $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('display_name', '".$db->quote($_REQUEST['set_pref_display_name'])."', '') ON DUPLICATE KEY UPDATE `value` = '".$db->quote($_REQUEST['set_pref_display_name'])."'");
- $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('display_product', '".$db->quote($_REQUEST['set_pref_display_product'])."', '') ON DUPLICATE KEY UPDATE `value` = '".$db->quote($_REQUEST['set_pref_display_product'])."'");
- // get new currency rates from base currency
- $query = $db->select("SELECT * FROM ".$dbdb.".`equate_system_currency`");
- foreach ($query as $row) {
- $curr_avail[] = $row['code'];
- }
- // get currency rates
- $json_url = "http://api.fixer.io/latest?base=".$_REQUEST['set_pref_billing_currency'];
- $data = json_decode(file_get_contents($json_url), TRUE);
- $array = $data['rates'];
- // update base rate to 1.000000
- $query = $db->query("UPDATE ".$dbdb.".equate_system_currency SET `rate` = '1.000000', lastupdated = '".time()."' WHERE `code` = '".$_REQUEST['set_pref_billing_currency']."'");
- // update other rates
- foreach ($array as $iso => $rate) {
- if (in_array($iso, $curr_avail)) {
- $query = $db->query("UPDATE ".$dbdb.".equate_system_currency SET `rate` = '".$rate."', lastupdated = '".strtotime($data['date'])."' WHERE `code` = '".$iso."'");
- }
- }
- }
- if ($_REQUEST['request_type'] == "system") {
- $query = $db->query("UPDATE ".$dbdb.".equate_preferences SET `value` = '".$db->quote($_REQUEST['set_pref_billing_pricedisplay'])."' WHERE `property` = 'billing_pricedisplay'");
- $query = $db->query("UPDATE ".$dbdb.".equate_preferences SET `value` = '".$db->quote($_REQUEST['set_pref_display_disabled'])."' WHERE `property` = 'display_disabled'");
- // update general preferences
- $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('default_calendar', '".$db->quote($_REQUEST['set_pref_default_calendar'])."', '') ON DUPLICATE KEY UPDATE `value` = '".$db->quote($_REQUEST['set_pref_default_calendar'])."'");
- $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('default_schedule', '".$db->quote($_REQUEST['set_pref_default_schedule'])."', '') ON DUPLICATE KEY UPDATE `value` = '".$db->quote($_REQUEST['set_pref_default_schedule'])."'");
- }
- if ($_REQUEST['request_type'] == "terminals") {
- $query = $db->query("UPDATE ".$dbdb.".equate_system SET `receiptnotes` = '".$db->quote($_REQUEST['set_pref_pos_footer'])."', `oplogin` = '".$db->quote($_REQUEST['set_pref_pos_oplogin'])."', `stockcontrol` = '".$db->quote($_REQUEST['set_pref_pos_stockcontrol'])."', `action` = '".$db->quote($_REQUEST['set_pref_pos_action'])."'");
- // update default register data
- $query = $db->query("UPDATE ".$dbdb.".equate_system SET `wid` = '".$db->quote($_REQUEST['wid'])."' WHERE `register` = '000'");
- }
- if ($_REQUEST['request_type'] == "general") {
- $query = $db->query("UPDATE ".$dbdb.".equate_system SET `company` = '".$db->quote($_REQUEST['set_pref_company_name'])."', `address` = '".$db->quote($_REQUEST['set_pref_company_address'])."', `address2` = '".$db->quote($_REQUEST['set_pref_company_address2'])."', `city` = '".$db->quote($_REQUEST['set_pref_company_city'])."', `province` = '".$db->quote($_REQUEST['set_pref_company_province'])."', `country` = '".$db->quote($_REQUEST['set_pref_company_country'])."', `postalcode` = '".$db->quote($_REQUEST['set_pref_company_postalcode'])."', `phone` = '".$db->quote($_REQUEST['set_pref_company_phone'])."', `phone2` = '".$db->quote($_REQUEST['set_pref_company_phone2'])."', `web` = '".$db->quote($_REQUEST['set_pref_company_web'])."', `email` = '".$db->quote($_REQUEST['set_pref_company_email'])."' WHERE `register` = '000'");
- $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('groups_users', '".$db->quote($_REQUEST['set_pref_groups_users'])."', '') ON DUPLICATE KEY UPDATE `value` = '".$db->quote($_REQUEST['set_pref_groups_users'])."'");
- $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('groups_customer', '".serialize($_REQUEST['set_pref_groups_customer'])."', '') ON DUPLICATE KEY UPDATE `value` = '".serialize($_REQUEST['set_pref_groups_customer'])."'");
- }
- if ($_REQUEST['request_type'] == "security") {
- $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('security_expire', '".$db->quote($_REQUEST['set_pref_security_expire'])."', '') ON DUPLICATE KEY UPDATE `value` = '".$db->quote($_REQUEST['set_pref_security_expire'])."'");
- $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('security_username', '".$db->quote($_REQUEST['set_pref_security_username'])."', '') ON DUPLICATE KEY UPDATE `value` = '".$db->quote($_REQUEST['set_pref_security_username'])."'");
- }
- if ($_REQUEST['request_type'] == "data") {
- $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('data_customer_name', '".$db->quote($_REQUEST['set_pref_data_customer_name'])."', '') ON DUPLICATE KEY UPDATE `value` = '".$db->quote($_REQUEST['set_pref_data_customer_name'])."'");
- $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('data_customer_phone', '".$db->quote($_REQUEST['set_pref_data_customer_phone'])."', '') ON DUPLICATE KEY UPDATE `value` = '".$db->quote($_REQUEST['set_pref_data_customer_phone'])."'");
- $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('data_customer_email', '".$db->quote($_REQUEST['set_pref_data_customer_email'])."', '') ON DUPLICATE KEY UPDATE `value` = '".$db->quote($_REQUEST['set_pref_data_customer_email'])."'");
- $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('data_customer_address', '".$db->quote($_REQUEST['set_pref_data_customer_address'])."', '') ON DUPLICATE KEY UPDATE `value` = '".$db->quote($_REQUEST['set_pref_data_customer_address'])."'");
- $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('data_product_name', '".$db->quote($_REQUEST['set_pref_data_product_name'])."', '') ON DUPLICATE KEY UPDATE `value` = '".$db->quote($_REQUEST['set_pref_data_product_name'])."'");
- $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('data_product_short', '".$db->quote($_REQUEST['set_pref_data_product_short'])."', '') ON DUPLICATE KEY UPDATE `value` = '".$db->quote($_REQUEST['set_pref_data_product_short'])."'");
- $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('data_product_long', '".$db->quote($_REQUEST['set_pref_data_product_long'])."', '') ON DUPLICATE KEY UPDATE `value` = '".$db->quote($_REQUEST['set_pref_data_product_long'])."'");
- $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('data_product_cost', '".$db->quote($_REQUEST['set_pref_data_product_cost'])."', '') ON DUPLICATE KEY UPDATE `value` = '".$db->quote($_REQUEST['set_pref_data_product_cost'])."'");
- }
- }
- if ($_REQUEST['request'] == "settings_personal") {
- if ($_REQUEST['password'] == "") { $password = ""; } else { $password = ", `password` = '".$db->quote(md5($_REQUEST['password']))."'"; }
- $query = $db->query("UPDATE ".$dbdb.".equate_admins SET `first` = '".$db->quote($_REQUEST['first'])."', `last` = '".$db->quote($_REQUEST['last'])."', `phone` = '".$db->quote($_REQUEST['phone'])."', `email` = '".$db->quote($_REQUEST['email'])."', `address` = '".$db->quote($_REQUEST['address'])."', `city` = '".$db->quote($_REQUEST['city'])."', `province` = '".$db->quote($_REQUEST['province'])."', `country` = '".$db->quote($_REQUEST['country'])."', `postalcode` = '".$db->quote($_REQUEST['postal'])."'".$password." WHERE username = '".$_SESSION['equate_auth']."'");
- if ($_REQUEST['set_pref_billing_currency'] != $pref_billing_currency_user) { $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('billing_currency', '".$_REQUEST['set_pref_billing_currency']. "', '".$_SESSION['equate_auth_id']."') ON DUPLICATE KEY UPDATE value = '".$_REQUEST['set_pref_billing_currency']."'"); }
- if ($_REQUEST['set_pref_billing_currency_decimal'] != $pref_billing_currency_decimal_user) { $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('billing_currency_decimal', '".$_REQUEST['set_pref_billing_currency_decimal']. "', '".$_SESSION['equate_auth_id']."') ON DUPLICATE KEY UPDATE value = '".$_REQUEST['set_pref_billing_currency_decimal']."'"); }
- if ($_REQUEST['set_pref_billing_currency_position'] != $pref_billing_currency_position_user) { $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('billing_currency_position', '".$_REQUEST['set_pref_billing_currency_position']. "', '".$_SESSION['equate_auth_id']."') ON DUPLICATE KEY UPDATE value = '".$_REQUEST['set_pref_billing_currency_position']."'"); }
- if ($_REQUEST['set_pref_billing_currency_thousand'] != $pref_billing_currency_thousand_user) { $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('billing_currency_thousand', '".$_REQUEST['set_pref_billing_currency_thousand']. "', '".$_SESSION['equate_auth_id']."') ON DUPLICATE KEY UPDATE value = '".$_REQUEST['set_pref_billing_currency_thousand']."'"); }
- if ($_REQUEST['set_pref_billing_pricedisplay'] != $pref_billing_pricedisplay_user) { $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('billing_pricedisplay', '".$_REQUEST['set_pref_billing_pricedisplay']. "', '".$_SESSION['equate_auth_id']."') ON DUPLICATE KEY UPDATE value = '".$_REQUEST['set_pref_billing_pricedisplay']."'"); }
- if ($_REQUEST['set_pref_display_disabled'] != $pref_display_disabled_user) { $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('display_disabled', '".$_REQUEST['set_pref_display_disabled']. "', '".$_SESSION['equate_auth_id']."') ON DUPLICATE KEY UPDATE value = '".$_REQUEST['set_pref_display_disabled']."'"); }
- if ($_REQUEST['set_pref_date_display'] != $pref_date_display_user) { $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('date_display', '".$_REQUEST['set_pref_date_display']. "', '".$_SESSION['equate_auth_id']."') ON DUPLICATE KEY UPDATE value = '".$_REQUEST['set_pref_date_display']."'"); }
- if ($_REQUEST['set_pref_date_time'] != $pref_date_time_user) { $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('date_time', '".$_REQUEST['set_pref_date_time']. "', '".$_SESSION['equate_auth_id']."') ON DUPLICATE KEY UPDATE value = '".$_REQUEST['set_pref_date_time']."'"); }
- if ($_REQUEST['set_pref_date_timezone'] != $pref_date_timezone_user) { $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('date_timezone', '".$_REQUEST['set_pref_date_timezone']. "', '".$_SESSION['equate_auth_id']."') ON DUPLICATE KEY UPDATE value = '".$_REQUEST['set_pref_date_timezone']."'"); }
- if ($_REQUEST['set_pref_default_calendar'] != $pref_default_calendar_user) { $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('default_calendar', '".$db->quote($_REQUEST['set_pref_default_calendar'])."', '".$_SESSION['equate_auth_id']."') ON DUPLICATE KEY UPDATE `value` = '".$db->quote($_REQUEST['set_pref_default_calendar'])."'"); }
- if ($_REQUEST['set_pref_default_schedule'] != $pref_default_schedule_user) { $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('default_schedule', '".$db->quote($_REQUEST['set_pref_default_schedule'])."', '".$_SESSION['equate_auth_id']."') ON DUPLICATE KEY UPDATE `value` = '".$db->quote($_REQUEST['set_pref_default_schedule'])."'"); }
- if ($_REQUEST['set_pref_display_name'] != $pref_display_name_user) { $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('display_name', '".$db->quote($_REQUEST['set_pref_display_name'])."', '".$_SESSION['equate_auth_id']."') ON DUPLICATE KEY UPDATE `value` = '".$db->quote($_REQUEST['set_pref_display_name'])."'"); }
- if ($_REQUEST['set_pref_display_product'] != $pref_display_product_user) { $query = $db->query("INSERT INTO ".$dbdb.".equate_preferences (`property`, `value`, `owner`) VALUES ('display_product', '".$db->quote($_REQUEST['set_pref_display_product'])."', '".$_SESSION['equate_auth_id']."') ON DUPLICATE KEY UPDATE `value` = '".$db->quote($_REQUEST['set_pref_display_product'])."'"); }
- }
- if ($_REQUEST['request'] == "settings_adapter") {
- // parse parms
- $params = "?sync_customers=".$_REQUEST['sync_customers']."&sync_inventory=".$_REQUEST['sync_inventory']."&sync_orders=".$_REQUEST['sync_orders']."&sync_purchasing=".$_REQUEST['sync_purchasing'];
- $query = $db->query("UPDATE ".$dbdb.".equate_adapters SET `timezone` = '".$db->quote($_REQUEST['timezone'])."', `currency` = '".$db->quote($_REQUEST['currency'])."', `shop` = '".$db->quote($_REQUEST['shop'])."', `lang` = '".$db->quote($_REQUEST['lang'])."', `params` = '".$db->quote($params)."', `interval` = '".$db->quote($_REQUEST['sync_interval'])."', `configured` = '1' WHERE `id` = '".$_REQUEST['request_id']."'");
- }
- if ($_REQUEST['request'] == "calendar_event") {
- // parse parms
- if (isset($_REQUEST['start'])) { $stmt_start = "`start` = '".$db->quote(strtotime(str_replace("T", " ", $_REQUEST['start'])))."', "; }
- $query = $db->query("UPDATE ".$dbdb.".equate_calendar SET ".$stmt_start."`end` = '".$db->quote(strtotime(str_replace("T", " ", $_REQUEST['end'])))."', `lastupdated` = '".time()."' WHERE `ref` = '".$_REQUEST['request_id']."'");
- }
- if ($_REQUEST['request'] == "timecard_entry") {
- $query = $db->select("SELECT `time` FROM ".$dbdb.".`equate_timecard` WHERE `ref` = '".$_REQUEST['request_id']."'");
- if ($query->num_rows != "0") {
- foreach ($query as $row) {
- $start_time = $row['time'];
- }
- }
- // parse parms
- if (isset($_REQUEST['start'])) { $stmt_start = "`time` = '".$db->quote(strtotime(str_replace("T", " ", $_REQUEST['start'])))."', "; $start_time = strtotime(str_replace("T", " ", $_REQUEST['start'])); }
- $query = $db->query("UPDATE ".$dbdb.".equate_timecard SET ".$stmt_start."`outtime` = '".$db->quote(strtotime(str_replace("T", " ", $_REQUEST['end'])))."', `total` = '".$db->quote((strtotime(str_replace("T", " ", $_REQUEST['end'])) - $start_time))."', `lastupdated` = '".time()."' WHERE `ref` = '".$_REQUEST['request_id']."'");
- $destination = "dialog,Info,timecard,".$_REQUEST['request_id'].",lg";
- }
- if ($_REQUEST['request'] == "delete") {
- if ($_REQUEST['table'] == "equate_products") {
- $query = $db->select("SELECT `id` FROM ".$dbdb.".`equate_products` WHERE `storeid` = '".$_REQUEST['id']."'");
- foreach ($query as $row) {
- $pid = $row['id'];
- }
- $query = $db->query("DELETE FROM ".$dbdb.".equate_product_descriptions WHERE `pid` = '".$pid."'");
- $query = $db->query("DELETE FROM ".$dbdb.".equate_inventory_supply WHERE `pid` = '".$pid."'");
- $query = $db->query("DELETE FROM ".$dbdb.".equate_inventory_warehouse_stock WHERE `storeid` = '".$_REQUEST['id']."'");
- }
- if ($_REQUEST['table'] == "equate_attributes") {
- // delete all sub values
- $query = $db->query("DELETE FROM ".$dbdb.".equate_attribute_values WHERE `group_id` = '".$_REQUEST['id']."'");
- }
- $query = $db->query("DELETE FROM ".$dbdb.".".$_REQUEST['table']." WHERE `".$_REQUEST['column']."` = '".$_REQUEST['id']."'");
- $query = $db->query("INSERT INTO ".$dbdb.".equate_deleted (`table`, `column`, `identifier`, `lastupdated`) VALUES ('".str_replace('equate_', '', $_REQUEST['table'])."', '".$_REQUEST['column']."', '".$_REQUEST['id']."', '".time()."')");
- }
- if ($_REQUEST['request'] == "toggle") {
- $query = $db->select("SELECT `enabled` FROM ".$dbdb.".`".$_REQUEST['table']."` WHERE `".$_REQUEST['column']."` = '".$_REQUEST['id']."'");
- if ($query->num_rows != "0") {
- foreach ($query as $row) {
- $status = $row['enabled'];
- }
- } else { echo "error"; }
- if ($status == "1") {
- // disable
- $new_status = "0";
- } else {
- // enabled
- $new_status = "1";
- }
- $query = $db->query("UPDATE ".$dbdb.".`".$_REQUEST['table']."` SET `lastupdated` = '".time()."', `enabled` = '".$db->quote($new_status)."' WHERE `".$_REQUEST['column']."` = '".$_REQUEST['id']."'");
- }
- if ($_REQUEST['request'] == "ajax_customers") {
- $row = array();
- $return_arr = array();
- $row_array = array();
- $query = $db->select("SELECT storeid,first,last FROM ".$dbdb.".`equate_customers` WHERE `first` LIKE '%".$_REQUEST['q']."%' OR `last` LIKE '%".$_REQUEST['q']."%' OR `sku` = '".$_REQUEST['q']."' OR `address2` = '".$_REQUEST['q']."'");
- foreach ($query as $row) {
- $row_array['id'] = $row['storeid'];
- $row_array['text'] = utf8_encode(Name('customer','storeid',$row['storeid']));
- array_push($return_arr,$row_array);
- }
- $ret = array();
- $ret['items'] = $return_arr;
- echo json_encode($ret);
- $query = "1";
- }
- if ($_REQUEST['request'] == "ajax_transactions") {
- $row = array();
- $return_arr = array();
- $row_array = array();
- $query = $db->select("SELECT id FROM ".$dbdb.".`equate_transactions` WHERE `id` LIKE '%".$_REQUEST['q']."%'");
- foreach ($query as $row) {
- $row_array['id'] = $row['id'];
- $row_array['text'] = $row['id'];
- array_push($return_arr,$row_array);
- }
- $ret = array();
- $ret['items'] = $return_arr;
- echo json_encode($ret);
- $query = "1";
- }
- if ($_REQUEST['request'] == "ajax_products") {
- $row = array();
- $return_arr = array();
- $row_array = array();
- $query = $db->select("SELECT `desc`,id,storeid FROM ".$dbdb.".`equate_products` WHERE `desc` LIKE '%".$_REQUEST['q']."%' ORDER BY storeid ASC");
- foreach ($query as $row) {
- $row_array['id'] = $row['storeid'];
- $row_array['text'] = utf8_encode(Name('product','id',$row['id']));
- array_push($return_arr,$row_array);
- }
- $ret = array();
- $ret['items'] = $return_arr;
- echo json_encode($ret);
- $query = "1";
- }
- // check and return errors
- if (is_array($query)) { $query = $query[0]; } else { $query = $query; }
- if ($query != "1") {
- echo "error,".$query;
- } else {
- echo $destination;
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement