Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

1064 - You have an error in your SQL syntax.


Graveyard666

Recommended Posts

in trying to update a customer's order status, I get this error:

 

1064 - You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near ' orders where orders_id = '661'' at line 1

select customers_name, customers_email_address, orders_status, ups_track_num, ipaddy, date_purchased from, orders where orders_id = '661'

[TEP STOP]

 

my code from admin/orders.php is:

 

<?php

/*

 $Id: orders.php,v 1.112 2003/06/29 22:50:52 hpdl Exp $

 modified by [email protected] 2003/12/31

 

 osCommerce, Open Source E-Commerce Solutions

 http://www.oscommerce.com

 

 Copyright (c) 2003 osCommerce

 

 Released under the GNU General Public License

*/

 

 require('includes/application_top.php');

 

 require(DIR_WS_CLASSES . 'currencies.php');

 $currencies = new currencies();

 

 $orders_statuses = array();

 $orders_status_array = array();

 $orders_status_query = tep_db_query("select orders_status_id, orders_status_name from " . TABLE_ORDERS_STATUS . " where language_id = '" . (int)$languages_id . "'");

 while ($orders_status = tep_db_fetch_array($orders_status_query)) {

   $orders_statuses[] = array('id' => $orders_status['orders_status_id'],

                              'text' => $orders_status['orders_status_name']);

   $orders_status_array[$orders_status['orders_status_id']] = $orders_status['orders_status_name'];

 }

 

 $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : '');

 

 if (tep_not_null($action)) {

   switch ($action) {

     case 'update_order':

       $oID = tep_db_prepare_input($HTTP_GET_VARS['oID']);

       $status = tep_db_prepare_input($HTTP_POST_VARS['status']);

       $comments = tep_db_prepare_input($HTTP_POST_VARS['comments']);

// begin UPS XML Tracking

       $ups_track_num = tep_db_prepare_input($HTTP_POST_VARS['ups_track_num']);

// end UPS XML Tracking

       $order_updated = false;

// begin UPS XML Tracking

// added the field 'ups_track_num' to $check_status_query

       $check_status_query = tep_db_query("select customers_name, customers_email_address, orders_status, ups_track_num, ipaddy, date_purchased from, " . TABLE_ORDERS . " where orders_id = '" . (int)$oID . "'");

// end UPS XML Tracking

       $check_status_query = tep_db_query("select customers_name, customers_email_address, orders_status, ipaddy, date_purchased from, " . TABLE_ORDERS . " where orders_id = '" . (int)$oID . "'");

       $check_status = tep_db_fetch_array($check_status_query);

 

       if ( ($check_status['orders_status'] != $status) || tep_not_null($comments)) {

         tep_db_query("update " . TABLE_ORDERS . " set orders_status = '" . tep_db_input($status) . "', last_modified = now() where orders_id = '" . (int)$oID . "'");

 

         $customer_notified = '0';

         if (isset($HTTP_POST_VARS['notify']) && ($HTTP_POST_VARS['notify'] == 'on')) {

           $notify_comments = '';

           if (isset($HTTP_POST_VARS['notify_comments']) && ($HTTP_POST_VARS['notify_comments'] == 'on')) {

             $notify_comments = sprintf(EMAIL_TEXT_COMMENTS_UPDATE, $comments) . "\n\n";

           }

 

           $email = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . tep_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id=' . $oID, 'SSL') . "\n" . EMAIL_TEXT_DATE_ORDERED . ' ' . tep_date_long($check_status['date_purchased']) . "\n\n" . $notify_comments . sprintf(EMAIL_TEXT_STATUS_UPDATE, $orders_status_array[$status]);

 

           tep_mail($check_status['customers_name'], $check_status['customers_email_address'], EMAIL_TEXT_SUBJECT, $email, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);

 

           $customer_notified = '1';

         }

 

         tep_db_query("insert into " . TABLE_ORDERS_STATUS_HISTORY . " (orders_id, orders_status_id, date_added, customer_notified, comments) values ('" . (int)$oID . "', '" . tep_db_input($status) . "', now(), '" . tep_db_input($customer_notified) . "', '" . tep_db_input($comments)  . "')");

 

         $order_updated = true;

       }

// begin UPS XML Tracking

       if (tep_not_null($ups_track_num)) {

         tep_db_query("update " . TABLE_ORDERS . " set ups_track_num = '" . tep_db_input($ups_track_num) . "' where orders_id = '" . tep_db_input($oID) . "'");

         $order_updated = true;

       }

// end UPS XML Tracking

if ($order_updated == true) {

 

        //+++AUCTIONBLOX.COM

     //+++: Set auction as completed.  Magic # 3 == Delivered order status

        if($status == 3)

        {

  require(DIR_WS_CLASSES . 'auction_helper.php');

    $auctionHelper = new auctionHelper();

    $auctionHelper->updateStatusByOrder($auctionHelper->COMPLETED, $oID);

  }

  //+++AUCTIONBLOX.COM

        $messageStack->add_session(SUCCESS_ORDER_UPDATED, 'success');

     } else {

       $messageStack->add_session(WARNING_ORDER_NOT_UPDATED, 'warning');

     }  

 

       tep_redirect(tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('action')) . 'action=edit'));

       break;

     case 'deleteconfirm':

       $oID = tep_db_prepare_input($HTTP_GET_VARS['oID']);

 

       tep_remove_order($oID, $HTTP_POST_VARS['restock']);

 

       tep_redirect(tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action'))));

       break;

// begin cvv contribution

   case 'deletecvv':

     $oID = tep_db_prepare_input($HTTP_GET_VARS['oID']);

     $cvvnumber = tep_db_prepare_input ($HTTP_POST_VARS['cvvnumber']);

 

     tep_db_query("update " . TABLE_ORDERS . " set cvvnumber  = null " . tep_db_input($cvvnumber) . " where orders_id = '" . tep_db_input($oID) . "'");

     $order_updated = true;

 

     if ($order_updated) {

      $messageStack->add_session(SUCCESS_ORDER_UPDATED, 'success');

     } else {

       $messageStack->add_session(WARNING_ORDER_NOT_UPDATED, 'warning');

     }

 

     tep_redirect(tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('action')) . 'action=edit'));

     break;

   }

 }

 

 if (($action == 'edit') && isset($HTTP_GET_VARS['oID'])) {

   $oID = tep_db_prepare_input($HTTP_GET_VARS['oID']);

 

   $orders_query = tep_db_query("select orders_id from " . TABLE_ORDERS . " where orders_id = '" . (int)$oID . "'");

   $order_exists = true;

   if (!tep_db_num_rows($orders_query)) {

     $order_exists = false;

     $messageStack->add(sprintf(ERROR_ORDER_DOES_NOT_EXIST, $oID), 'error');

   }

 }

 

 include(DIR_WS_CLASSES . 'order.php');

?>

<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">

<html <?php echo HTML_PARAMS; ?>>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">

<title><?php echo TITLE; ?></title>

<link rel="stylesheet" type="text/css" href="includes/stylesheet.css">

<script language="javascript" src="includes/general.js"></script>

</head>

<body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" bgcolor="#FFFFFF">

<!-- header //-->

<?php

 require(DIR_WS_INCLUDES . 'header.php');

?>

<!-- header_eof //-->

 

<!-- body //-->

<table border="0" width="100%" cellspacing="2" cellpadding="2">

 <tr>

   <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="1" cellpadding="1" class="columnLeft">

<!-- left_navigation //-->

<?php require(DIR_WS_INCLUDES . 'column_left.php'); ?>

<!-- left_navigation_eof //-->

   </table></td>

<!-- body_text //-->

   <td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">

<?php

 if (($action == 'edit') && ($order_exists == true)) {

   $order = new order($oID);

?>

     <tr>

       <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">

         <tr>

           <td class="pageHeading"><?php echo HEADING_TITLE; ?></td>

           <td class="pageHeading" align="right"><?php echo tep_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>

<?php

if ($order->info['payment_method'] == 'paypal'  && isset($HTTP_GET_VARS['refer']) && $HTTP_GET_VARS['refer'] == 'ipn'){

?>

          <td class="pageHeading" align="right"><?php echo '<a href="' . tep_href_link(FILENAME_PAYPAL_IPN, tep_get_all_get_params(array('action','oID','refer'))) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a>'; ?></td>

<?php

} else {

?>

           <td class="pageHeading" align="right"><?php echo '<a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('action','refer'))) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a>'; ?></td>

<?php

}//else not paypal

?>

         </tr>

       </table></td>

     </tr>

     <tr>

       <td><table width="100%" border="0" cellspacing="0" cellpadding="2">

         <tr>

           <td colspan="3"><?php echo tep_draw_separator(); ?></td>

         </tr>

         <tr>

           <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">

             <tr>

               <td class="main" valign="top"><b><?php echo ENTRY_CUSTOMER; ?></b></td>

               <td class="main"><?php echo tep_address_format($order->customer['format_id'], $order->customer, 1, '', '<br>'); ?></td>

             </tr>

             <tr>

               <td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '1', '5'); ?></td>

             </tr>

             <tr>

               <td class="main"><b><?php echo ENTRY_TELEPHONE_NUMBER; ?></b></td>

               <td class="main"><?php echo $order->customer['telephone']; ?></td>

             </tr>

<tr>

               <td class="main"><b><?php echo ENTRY_EMAIL_ADDRESS; ?></b></td>

               <td class="main"><?php echo '<a href="mailto:' . $order->customer['email_address'] . '"><u>' . $order->customer['email_address'] . '</u></a>'; ?></td>

             </tr>

              <tr>

               <td class="main"> </td>

              </tr>

              <tr>

               <td class="main"><b><?php echo ENTRY_IPADDRESS; ?></b></td>

               <td class="main"><?php echo $order->customer['ipaddy']; ?></td>

              </tr>

           </table></td>

           <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">

             <tr>

               <td class="main" valign="top"><b><?php echo ENTRY_SHIPPING_ADDRESS; ?></b></td>

               <td class="main"><?php echo tep_address_format($order->delivery['format_id'], $order->delivery, 1, '', '<br>'); ?></td>

             </tr>

           </table></td>

           <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="2">

             <tr>

               <td class="main" valign="top"><b><?php echo ENTRY_BILLING_ADDRESS; ?></b></td>

               <td class="main"><?php echo tep_address_format($order->billing['format_id'], $order->billing, 1, '', '<br>'); ?></td>

             </tr>

           </table></td>

         </tr>

       </table></td>

     </tr>

     <tr>

       <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>

     </tr>

     <tr>

<?php

 

 if (strtolower($order->info['payment_method']) == 'paypal') {

 

   include 'paypal_ipn_order.php';

 

 } else {

 

?>

       <td><table border="0" cellspacing="0" cellpadding="2">

         <tr>

           <td class="main"><b><?php echo ENTRY_PAYMENT_METHOD; ?></b></td>

           <td class="main"><?php echo $order->info['payment_method']; ?></td>

         </tr>

<?php

}//else not paypal

 

// begin cvv contribution

     if (tep_not_null($order->info['cc_type']) || tep_not_null($order->info['cc_owner']) || tep_not_null($order->info['cc_number']) || tep_not_null($order->info['cvvnumber']))  {

// end cvv contribution?>

         <tr>

           <td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>

         </tr>

         <tr>

           <td class="main"><?php echo ENTRY_CREDIT_CARD_TYPE; ?></td>

           <td class="main"><?php echo $order->info['cc_type']; ?></td>

         </tr>

         <tr>

           <td class="main"><?php echo ENTRY_CREDIT_CARD_OWNER; ?></td>

           <td class="main"><?php echo $order->info['cc_owner']; ?></td>

         </tr>

         <tr>

           <td class="main"><?php echo ENTRY_CREDIT_CARD_NUMBER; ?></td>

           <td class="main"><?php echo $order->info['cc_number']; ?></td>

         </tr>

         <tr>

           <td class="main"><?php echo ENTRY_CREDIT_CARD_EXPIRES; ?></td>

           <td class="main"><?php echo $order->info['cc_expires']; ?></td>

         </tr>

<?php // begin cvv contribution ?>

         <tr>

           <td class="main"><?php echo ENTRY_CREDIT_CARD_CVVNUMBER; ?></td>

           <td class="main"><?php echo $order->info['cvvnumber']; ?></td>

                       <td colspan="2"> <?php echo '<a href="' . tep_href_link(FILENAME_ORDERS, 'oID=' . $HTTP_GET_VARS['oID'] . '&action=deletecvv') . '">' . tep_image_button('button_removecvv.gif', RemoveCVV) . ' </a>';?></td>

         </tr>

<?php // end cvv contribution ?>

<?php

   }

?>

       </table></td>

     </tr>

     <tr>

       <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>

     </tr>

     <tr>

       <td><table border="0" width="100%" cellspacing="0" cellpadding="2">

         <tr class="dataTableHeadingRow">

           <td class="dataTableHeadingContent" colspan="2"><?php echo TABLE_HEADING_PRODUCTS; ?></td>

           <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_PRODUCTS_MODEL; ?></td>

           <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TAX; ?></td>

           <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_PRICE_EXCLUDING_TAX; ?></td>

           <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_PRICE_INCLUDING_TAX; ?></td>

           <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TOTAL_EXCLUDING_TAX; ?></td>

           <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_TOTAL_INCLUDING_TAX; ?></td>

         </tr>

<?php

   for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {

$returns_check_query = tep_db_query("SELECT r.rma_value, rp.products_id FROM " . TABLE_RETURNS . " r, " . TABLE_RETURNS_PRODUCTS_DATA . " rp where r.returns_id = rp.returns_id and r.order_id = '" . $oID . "' and rp.products_id = '" . $order->products[$i]['id'] . "' ");

if (!tep_db_num_rows($returns_check_query)){

$return = ' ';

} else {

$returns = tep_db_fetch_array($returns_check_query);

$return_link = '<a href=' . tep_href_link(FILENAME_RETURNS, 'cID=' . $returns['rma_value']) . '><font color=red><b><i>Returns</b></i></font></a>';

}

     echo '          <tr class="dataTableRow">' . "\n" .

          '            <td class="dataTableContent" valign="top" align="right">' . $order->products[$i]['qty'] . ' x</td>' . "\n" .

          '            <td class="dataTableContent" valign="top">' . $order->products[$i]['name'] . '  ' . $return_link;

 

     if (isset($order->products[$i]['attributes']) && (sizeof($order->products[$i]['attributes']) > 0)) {

       for ($j = 0, $k = sizeof($order->products[$i]['attributes']); $j < $k; $j++) {

         echo '<br><nobr><small> <i> - ' . $order->products[$i]['attributes'][$j]['option'] . ': ' . $order->products[$i]['attributes'][$j]['value'];

         if ($order->products[$i]['attributes'][$j]['price'] != '0') echo ' (' . $order->products[$i]['attributes'][$j]['prefix'] . $currencies->format($order->products[$i]['attributes'][$j]['price'] * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) . ')';

         echo '</i></small></nobr>';

       }

     }

 

     echo '            </td>' . "\n" .

          '            <td class="dataTableContent" valign="top">' . $order->products[$i]['model'] . '</td>' . "\n" .

          '            <td class="dataTableContent" align="right" valign="top">' . tep_display_tax_value($order->products[$i]['tax']) . '%</td>' . "\n" .

          '            <td class="dataTableContent" align="right" valign="top"><b>' . $currencies->format($order->products[$i]['final_price'], true, $order->info['currency'], $order->info['currency_value']) . '</b></td>' . "\n" .

          '            <td class="dataTableContent" align="right" valign="top"><b>' . $currencies->format(tep_add_tax($order->products[$i]['final_price'], $order->products[$i]['tax']), true, $order->info['currency'], $order->info['currency_value']) . '</b></td>' . "\n" .

          '            <td class="dataTableContent" align="right" valign="top"><b>' . $currencies->format($order->products[$i]['final_price'] * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) . '</b></td>' . "\n" .

          '            <td class="dataTableContent" align="right" valign="top"><b>' . $currencies->format(tep_add_tax($order->products[$i]['final_price'], $order->products[$i]['tax']) * $order->products[$i]['qty'], true, $order->info['currency'], $order->info['currency_value']) . '</b></td>' . "\n";

     echo '          </tr>' . "\n";

   }

?>

         <tr>

           <td align="right" colspan="8"><table border="0" cellspacing="0" cellpadding="2">

<?php

   for ($i = 0, $n = sizeof($order->totals); $i < $n; $i++) {

     echo '              <tr>' . "\n" .

          '                <td align="right" class="smallText">' . $order->totals[$i]['title'] . '</td>' . "\n" .

          '                <td align="right" class="smallText">' . $order->totals[$i]['text'] . '</td>' . "\n" .

          '              </tr>' . "\n";

   }

?>

           </table></td>

         </tr>

       </table></td>

     </tr>

     <tr>

       <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>

     </tr>

     <tr>

       <td class="main"><table border="1" cellspacing="0" cellpadding="5">

         <tr>

           <td class="smallText" align="center"><b><?php echo TABLE_HEADING_DATE_ADDED; ?></b></td>

           <td class="smallText" align="center"><b><?php echo TABLE_HEADING_CUSTOMER_NOTIFIED; ?></b></td>

           <td class="smallText" align="center"><b><?php echo TABLE_HEADING_STATUS; ?></b></td>

           <td class="smallText" align="center"><b><?php echo TABLE_HEADING_COMMENTS; ?></b></td>

         </tr>

<?php

  $orders_history_query = tep_db_query("select orders_status_id, date_added, customer_notified, comments, pre_orders from " . TABLE_ORDERS_STATUS_HISTORY . " where orders_id = '" . tep_db_input($oID) . "' order by date_added");

   if (tep_db_num_rows($orders_history_query)) {

     while ($orders_history = tep_db_fetch_array($orders_history_query)) {

       echo '          <tr>' . "\n" .

            '            <td class="smallText" align="center">' . tep_datetime_short($orders_history['date_added']) . '</td>' . "\n" .

            '            <td class="smallText" align="center">';

       if ($orders_history['customer_notified'] == '1') {

         echo tep_image(DIR_WS_ICONS . 'tick.gif', ICON_TICK) . "</td>\n";

       } else {

         echo tep_image(DIR_WS_ICONS . 'cross.gif', ICON_CROSS) . "</td>\n";

       }

       echo '            <td class="smallText">' . $orders_status_array[$orders_history['orders_status_id']] . '</td>' . "\n" .

            '            <td class="smallText">' . nl2br(tep_db_output($orders_history['comments'])) . ' </td>' . "\n" .

            '          </tr>' . "\n";

     }

   } else {

       echo '          <tr>' . "\n" .

            '            <td class="smallText" colspan="5">' . TEXT_NO_ORDER_HISTORY . '</td>' . "\n" .

            '          </tr>' . "\n";

   }

?>

       </table></td>

     </tr>

<!-- preorder addition -->

    <tr>

      <td class="main"><br><b><?php echo HEADING_PRE_ORDERS; ?></b>

<?php

  $orders_history_pre_orders_query = tep_db_query("select pre_orders from " . TABLE_ORDERS_STATUS_HISTORY . " where orders_id = '" . tep_db_input($oID). "'");

 

  $orders_history_pre_orders = tep_db_fetch_array($orders_history_pre_orders_query);

      echo tep_db_output($orders_history_pre_orders['pre_orders']) . '</td>' . "\n";

?>

    </tr>

    <tr>

      <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '5'); ?></td>

    </tr>

<!-- end preorder addition -->

     <tr>

       <td class="main"><br><b><?php echo TABLE_HEADING_COMMENTS; ?></b></td>

     </tr>

     <tr>

       <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '5'); ?></td>

     </tr>

     <tr><?php echo tep_draw_form('status', FILENAME_ORDERS, tep_get_all_get_params(array('action')) . 'action=update_order'); ?>

       <td class="main"><?php echo tep_draw_textarea_field('comments', 'soft', '60', '5'); ?></td>

     </tr>

     <tr>

       <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>

     </tr>

<?php

// begin UPS XML Tracking

?>

     <tr>

       <td class="main"><b><?php echo TABLE_HEADING_UPS_TRACKING; ?></b>  <?php echo tep_draw_textbox_field('ups_track_num', '20', '18', '', $order->info['ups_track_num']); ?></td>

     </tr>

     <tr>

       <td><?php echo tep_draw_separator('pixel_trans.gif', '1', '10'); ?></td>

     </tr>

<?php

// end UPS XML Tracking

?>

     <tr>

       <td><table border="0" cellspacing="0" cellpadding="2">

         <tr>

           <td><table border="0" cellspacing="0" cellpadding="2">

             <tr>

               <td class="main"><b><?php echo ENTRY_STATUS; ?></b> <?php echo tep_draw_pull_down_menu('status', $orders_statuses, $order->info['orders_status']); ?></td>

             </tr>

             <tr>

               <td class="main"><b><?php echo ENTRY_NOTIFY_CUSTOMER; ?></b> <?php echo tep_draw_checkbox_field('notify', '', true); ?></td>

               <td class="main"><b><?php echo ENTRY_NOTIFY_COMMENTS; ?></b> <?php echo tep_draw_checkbox_field('notify_comments', '', true); ?></td>

             </tr>

           </table></td>

           <td valign="top"><?php echo tep_image_submit('button_update.gif', IMAGE_UPDATE); ?></td>

         </tr>

       </table></td>

     </form></tr>

     <tr>

<?php

if ($order->info['payment_method'] == 'paypal'  && isset($HTTP_GET_VARS['refer']) && $HTTP_GET_VARS['refer'] == 'ipn'){

?>

          <td colspan="2" align="right"><?php echo '<a href="' . tep_href_link(FILENAME_ORDERS_INVOICE, 'oID=' . $HTTP_GET_VARS['oID']) . '" TARGET="_blank">' . tep_image_button('button_invoice.gif', IMAGE_ORDERS_INVOICE) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $HTTP_GET_VARS['oID']) . '" TARGET="_blank">' . tep_image_button('button_packingslip.gif', IMAGE_ORDERS_PACKINGSLIP) . '</a> <a href="' . tep_href_link(FILENAME_PAYPAL_IPN, tep_get_all_get_params(array('action','oID','refer'))) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a>'; ?></td>

<?php

} else {

?>

           <td colspan="2" align="right"><?php echo '<a href="' . tep_href_link(FILENAME_ORDERS_INVOICE, 'oID=' . $HTTP_GET_VARS['oID']) . '" TARGET="_blank">' . tep_image_button('button_invoice.gif', IMAGE_ORDERS_INVOICE) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $HTTP_GET_VARS['oID']) . '" TARGET="_blank">' . tep_image_button('button_packingslip.gif', IMAGE_ORDERS_PACKINGSLIP) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('action','refer'))) . '">' . tep_image_button('button_back.gif', IMAGE_BACK) . '</a>'; ?></td>

<?php

}//else not paypal

?>

     </tr>

<?php

 } else {

?>

     <tr>

       <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">

         <tr>

           <td class="pageHeading"><?php echo HEADING_TITLE; ?></td>

           <td class="pageHeading" align="right"><?php echo tep_draw_separator('pixel_trans.gif', 1, HEADING_IMAGE_HEIGHT); ?></td>

           <td align="right"><table border="0" width="100%" cellspacing="0" cellpadding="0">

             <tr><?php echo tep_draw_form('orders', FILENAME_ORDERS, '', 'get'); ?>

               <td class="smallText" align="right"><?php echo HEADING_TITLE_SEARCH . ' ' . tep_draw_input_field('oID', '', 'size="12"') . tep_draw_hidden_field('action', 'edit'); ?></td>

             </form></tr>

             <tr><?php echo tep_draw_form('status', FILENAME_ORDERS, '', 'get'); ?>

               <td class="smallText" align="right"><?php echo HEADING_TITLE_STATUS . ' ' . tep_draw_pull_down_menu('status', array_merge(array(array('id' => '', 'text' => TEXT_ALL_ORDERS)), $orders_statuses), '', 'onChange="this.form.submit();"'); ?></td>

             </form></tr>

           </table></td>

         </tr>

       </table></td>

     </tr>

     <tr>

       <td><table border="0" width="100%" cellspacing="0" cellpadding="0">

         <tr>

           <td valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">

             <tr class="dataTableHeadingRow">

               <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_CUSTOMERS; ?></td>

<td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_EDIT_ORDERS; ?></td>

               <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ORDER_TOTAL; ?></td>

               <td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_DATE_PURCHASED; ?></td>

               <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_STATUS; ?></td>

               <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACTION; ?> </td>

             </tr>

<?php

   if (isset($HTTP_GET_VARS['cID'])) {

     $cID = tep_db_prepare_input($HTTP_GET_VARS['cID']);

     $orders_query_raw = "select o.orders_id, o.customers_name, o.customers_id, o.payment_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where o.customers_id = '" . (int)$cID . "' and o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and ot.class = 'ot_total' order by orders_id DESC";

   } elseif (isset($HTTP_GET_VARS['status'])) {

     $status = tep_db_prepare_input($HTTP_GET_VARS['status']);

     $orders_query_raw = "select o.orders_id, o.customers_name, o.payment_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and s.orders_status_id = '" . (int)$status . "' and ot.class = 'ot_total' order by o.orders_id DESC";

   } else {

     $orders_query_raw = "select o.orders_id, o.customers_name, o.payment_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and ot.class = 'ot_total' order by o.orders_id DESC";

   }

   $orders_split = new splitPageResults($HTTP_GET_VARS['page'], MAX_DISPLAY_SEARCH_RESULTS, $orders_query_raw, $orders_query_numrows);

   $orders_query = tep_db_query($orders_query_raw);

   while ($orders = tep_db_fetch_array($orders_query)) {

   if ((!isset($HTTP_GET_VARS['oID']) || (isset($HTTP_GET_VARS['oID']) && ($HTTP_GET_VARS['oID'] == $orders['orders_id']))) && !isset($oInfo)) {

       $oInfo = new objectInfo($orders);

     }

 

     if (isset($oInfo) && is_object($oInfo) && ($orders['orders_id'] == $oInfo->orders_id)) {

       echo '              <tr id="defaultSelected" class="dataTableRowSelected" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '& action=edit') . '\'">' . "\n";

     } else {

       echo '              <tr class="dataTableRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID')) . 'oID=' . $orders['orders_id']) . '\'">' . "\n";

     }

?>

               <td class="dataTableContent"><?php echo '<a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $orders['orders_id'] . '& action=edit') . '">' . tep_image(DIR_WS_ICONS . 'preview.gif', ICON_PREVIEW) . '</a> ' . $orders['customers_name']; ?></td>

<td class="dataTableContent" align="right"><?php echo '<a href="' . tep_href_link(FILENAME_EDIT_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID='. $orders['orders_id']) . '">' . tep_image(DIR_WS_ICONS . 'preview.gif', ICON_PREVIEW) . '</a>'  ?></td>

               <td class="dataTableContent" align="right"><?php echo strip_tags($orders['order_total']); ?></td>

               <td class="dataTableContent" align="center"><?php echo tep_datetime_short($orders['date_purchased']); ?></td>

               <td class="dataTableContent" align="right"><?php echo $orders['orders_status_name']; ?></td>

               <td class="dataTableContent" align="right"><?php if (isset($oInfo) && is_object($oInfo) && ($orders['orders_id'] == $oInfo->orders_id)) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '<a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID')) . 'oID=' . $orders['orders_id']) . '">' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . '</a>'; } ?> </td>

             </tr>

<?php

   }

?>

             <tr>

               <td colspan="5"><table border="0" width="100%" cellspacing="0" cellpadding="2">

                 <tr>

                   <td class="smallText" valign="top"><?php echo $orders_split->display_count($orders_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_ORDERS); ?></td>

                   <td class="smallText" align="right"><?php echo $orders_split->display_links($orders_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page'], tep_get_all_get_params(array('page', 'oID', 'action'))); ?></td>

                 </tr>

               </table></td>

             </tr>

           </table></td>

<?php

 $heading = array();

 $contents = array();

 

 switch ($action) {

   case 'delete':

     $heading[] = array('text' => '<b>' . TEXT_INFO_HEADING_DELETE_ORDER . '</b>');

 

     $contents = array('form' => tep_draw_form('orders', FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=deleteconfirm'));

     $contents[] = array('text' => TEXT_INFO_DELETE_INTRO . '<br><br><b>' . $cInfo->customers_firstname . ' ' . $cInfo->customers_lastname . '</b>');

     $contents[] = array('text' => '<br>' . tep_draw_checkbox_field('restock') . ' ' . TEXT_INFO_RESTOCK_PRODUCT_QUANTITY);

     $contents[] = array('align' => 'center', 'text' => '<br>' . tep_image_submit('button_delete.gif', IMAGE_DELETE) . ' <a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id) . '">' . tep_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>');

     break;

   default:

     if (isset($oInfo) && is_object($oInfo)) {

       $heading[] = array('text' => '<b>[' . $oInfo->orders_id . ']  ' . tep_datetime_short($oInfo->date_purchased) . '</b>');

 

       $contents[] = array('align' => 'center', 'text' => '<a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '& action=edit') . '">' . tep_image_button('button_edit.gif', IMAGE_EDIT) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS, tep_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '& action=delete') . '">' . tep_image_button('button_delete.gif', IMAGE_DELETE) . '</a>');

       $contents[] = array('align' => 'center', 'text' => '<a href="' . tep_href_link(FILENAME_ORDERS_INVOICE, 'oID=' . $oInfo->orders_id) . '" TARGET="_blank">' . tep_image_button('button_invoice.gif', IMAGE_ORDERS_INVOICE) . '</a> <a href="' . tep_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $oInfo->orders_id) . '" TARGET="_blank">' . tep_image_button('button_packingslip.gif', IMAGE_ORDERS_PACKINGSLIP) . '</a>');

       $contents[] = array('text' => '<br>' . TEXT_DATE_ORDER_CREATED . ' ' . tep_date_short($oInfo->date_purchased));

       if (tep_not_null($oInfo->last_modified)) $contents[] = array('text' => TEXT_DATE_ORDER_LAST_MODIFIED . ' ' . tep_date_short($oInfo->last_modified));

       $contents[] = array('text' => '<br>' . TEXT_INFO_PAYMENT_METHOD . ' '  . $oInfo->payment_method);

$contents[] = array('align' => 'center', 'text' => '<BR><a href="' . tep_href_link('restore_order.php', 'oID=' . $oInfo->orders_id) . '"><font color=red>Restore Order</font></a>');

     }

     break;

 }

 

 if ( (tep_not_null($heading)) && (tep_not_null($contents)) ) {

   echo '            <td width="25%" valign="top">' . "\n";

 

   $box = new box;

   echo $box->infoBox($heading, $contents);

 

   echo '            </td>' . "\n";

 }

?>

         </tr>

       </table></td>

     </tr>

<?php

 }

?>

   </table></td>

<!-- body_text_eof //-->

 </tr>

</table>

<!-- body_eof //-->

 

<!-- footer //-->

<?php require(DIR_WS_INCLUDES . 'footer.php'); ?>

<!-- footer_eof //-->

<br>

 

</body>

</html>

<?php require(DI

Link to comment
Share on other sites

My guess is that the comma after "from" should not be there. It comes from:

 // added the field 'ups_track_num' to $check_status_query
? ? ? ?$check_status_query = tep_db_query("select customers_name, customers_email_address, orders_status, ups_track_num, ipaddy, date_purchased from, " . TABLE_ORDERS . " where orders_id = '" . (int)$oID . "'");

Link to comment
Share on other sites

thanks for your help, but that isn't it. I just tried it and I get the same error message. It looks like its an error with a ' but I don't know which one

 

 

My guess is that the comma after "from" should not be there. It comes from:

 // added the field 'ups_track_num' to $check_status_query
      $check_status_query = tep_db_query("select customers_name, customers_email_address, orders_status, ups_track_num, ipaddy, date_purchased from, " . TABLE_ORDERS . " where orders_id = '" . (int)$oID . "'");

Link to comment
Share on other sites

Actually, that might not be all of the problems, but it is certainly one of them. That code will not run wit hthe coma after the from. Also, this doesn't look correct.

 

(int)$oID

 

I don't see how that would interpolate into an order ID.

-------------------------------------------------------------------------------------------------------------------------

NOTE: As of Oct 2006, I'm not as active in this forum as I used to be, but I still work with osC quite a bit.

If you have a question about any of my posts here, your best bet is to contact me though either Email or PM in my profile, and I'll be happy to help.

Link to comment
Share on other sites

I don't see anything else, but did you notice that there are 2 places where you have a comma after "from" that shouldn't be there:

// added the field 'ups_track_num' to $check_status_query

      $check_status_query = tep_db_query("select customers_name, customers_email_address, orders_status, ups_track_num, ipaddy, date_purchased from, " . TABLE_ORDERS . " where orders_id = '" . (int)$oID . "'");

// end UPS XML Tracking

      $check_status_query = tep_db_query("select customers_name, customers_email_address, orders_status, ipaddy, date_purchased from, " . TABLE_ORDERS . " where orders_id = '" . (int)$oID . "'");

... if you want to REALLY see something that doesn't set up right out of the box without some tweaking,

try being a Foster Parent!

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...