Please tell me what could be the problem, can not get the variable order_id when the query is refreshed, if not specified, then all the request passes, but updates all records in the table, give advice where to look or what to read.
Thank you!
controller:
public function edit(){
if (isset($this->request->get['order_id'])) {
$order_id = $this->request->get['order_id'];
} else {
$order_id = 0;
}
if ($this->request->server['REQUEST_METHOD'] == 'POST') {
$this->model_account_order->update($order_id, $this->request->post);
$this->redirect($this->url->link('account/myorders', '', 'SSL'));
}
....
$this->data['action'] = $this->url->link('account/myorders/edite', '', 'SSL');
if (isset($this->request->get['order_id']) && ($this->request->server['REQUEST_METHOD'] != 'POST')) {
$edit_order = $this->model_account_order->getOrderData($this->request->get['order_id']);
}
if (isset($this->request->post['linkto'])) {
$this->data['linkto'] = $this->request->post['linkto'];
} elseif (isset($edit_order)) {
$this->data['linkto'] = $edit_order['linkto'];
} else {
$this->data['linkto'] = '';
}
if (isset($this->request->post['description'])) {
$this->data['description'] = $this->request->post['description'];
} elseif (isset($edit_order)) {
$this->data['description'] = $edit_order['description'];
} else {
$this->data['description'] = '';
}
Model:
public function update($order_id,$data){
$this->db->query("UPDATE " . DB_PREFIX . "order SET forma = '" . $this->db->escape($data['forma']) . "', linkto = '" . $this->db->escape($data['linkto']) . "', description = '" . $this->db->escape($data['description']) . "', cvet = '" . $this->db->escape($data['cvet']) . "', sizes = '" . (int)$data['sizes'] . "', counts = '" . (int)$data['counts'] . "', tcena = '" .(int)$data['tcena'] . "', sposob = '" . $this->db->escape($data['sposob']) . "' , delivery_usa = '" . $this->db->escape($data['delivery_usa']) . "', hint = '" . $this->db->escape($data['hint']) . "', novapochta ='" . $this->db->escape($data['novapochta']) . "' WHERE order_id = '" . (int)$order_id . "'");
}
Just very simple yet powerful solution - $order_id checking in the model:
public function update($order_id, $data) {
if (!$order_id) {
return false;
}
return $this->db->query("UPDATE " . DB_PREFIX . "order SET forma = '" . $this->db->escape($data['forma']) . "', linkto = '" . $this->db->escape($data['linkto']) . "', description = '" . $this->db->escape($data['description']) . "', cvet = '" . $this->db->escape($data['cvet']) . "', sizes = '" . (int)$data['sizes'] . "', counts = '" . (int)$data['counts'] . "', tcena = '" .(int)$data['tcena'] . "', sposob = '" . $this->db->escape($data['sposob']) . "' , delivery_usa = '" . $this->db->escape($data['delivery_usa']) . "', hint = '" . $this->db->escape($data['hint']) . "', novapochta ='" . $this->db->escape($data['novapochta']) . "' WHERE order_id = '" . (int)$order_id . "'");
}
Related
Im having some issues will my queries in my model. I have this edit function and inside that is a foreach that controls what gets updated and inserted where. the problem Im having is the last set of else statements that write to the communication table.
The records being written are tied to an overall campaign id. that id is stored to each record. So each record may have its own communication_id but they all would have the same campaign_id.
So currently setting the WHERE to campaign_id edits all records. I need to use the communication_id in this instance but how do I get it before the communication queries? Say a record has communication_id 50 I want to get that id and then use that in the WHERE. Im not sure how to do that though.
public function editCampaign($campaign_id, $data) {
$this->db->query("UPDATE " . DB_PREFIX . "campaigns SET campaign_name = '" . $this->db->escape($data['campaign_name']) . "', campaign_giving_goal = '" . (float)$data['campaign_giving_goal']
. "', code = '" . $this->db->escape($data['code']) . "', campaign_active = '" . $this->db->escape($data['campaign_active']) . "', campaign_giving_count_goal = '" . (float)$data['campaign_giving_count_goal'] . "', campaign_owner = '" . $this->db->escape($data['campaign_owner']). "'
, date_beginning = '" . $this->db->escape($data['date_beginning']). "', date_ending = '" . $this->db->escape($data['date_ending']). "' WHERE campaign_id = '" . (int)$campaign_id . "'");
$parent_id = 0;
$this->db->query("DELETE FROM " . DB_PREFIX . "campaign_components WHERE campaign_id = '" . (int)$campaign_id . "'");
//$this->db->query("DELETE FROM " . DB_PREFIX . "communication WHERE campaign_id = '" . (int)$campaign_id . "'");
foreach($data['component_module'] as $component_data) {
if ($component_data['component_type'] =='EVENT'){
if(isset($component_data['component_parent_id'])){
$parent_id = $component_data['component_parent_id'];
$this->db->query("UPDATE " . DB_PREFIX . "product SET model = '" . $this->db->escape($component_data['component_type']) . "', date_starting = '" . $this->db->escape($component_data['component_start_date']). "', date_ending = '" . $this->db->escape($data['date_ending']). "', date_added = NOW() WHERE product_id = '" . (int)$parent_id . "'");
$this->db->query("UPDATE " . DB_PREFIX . "product_description SET name = '" . $this->db->escape($component_data['component_name']) . "', language_id = '1' WHERE product_id ='" . (int)$parent_id . "'");
}else{
$this->db->query("INSERT INTO " . DB_PREFIX . "product SET model = '" . $this->db->escape($component_data['component_type']) . "', date_starting = '" . $this->db->escape($data['date_beginning']). "', date_ending = '" . $this->db->escape($data['date_ending']). "', date_added = NOW()");
$parent_id = $this->db->getLastId();
$this->db->query("INSERT INTO " . DB_PREFIX . "product_description SET name = '" . $this->db->escape($component_data['component_name']) . "', language_id = '1', product_id ='" . (int)$parent_id . "'");
$this->db->query("INSERT INTO " . DB_PREFIX . "product_to_category SET category_id = '82', product_id ='" . (int)$parent_id . "' ");
}
}else{
$this->db->query("UPDATE " . DB_PREFIX . "communication SET subject = '" . $this->db->escape($component_data['component_name']) . "', channel = '" . $this->db->escape($component_data['component_type']) . "', status = '" . $this->db->escape($component_data['component_status']) . "'
, status_date = '" . $this->db->escape($component_data['component_start_date']). "', status = '" . $this->db->escape($component_data['component_status']) . "', created_by = '" . $this->db->escape($component_data['component_owner']) . "', date_added = NOW(), campaign_id = '" . (int)$campaign_id . "'");
}
$this->db->query("INSERT INTO " . DB_PREFIX . "campaign_components SET component_name = '" . $this->db->escape($component_data['component_name']) . "', component_type = '" . $this->db->escape($component_data['component_type']) . "', component_status = '" . $this->db->escape($component_data['component_status']) . "'
, component_owner = '" . $this->db->escape($component_data['component_owner']). "', component_start_date = '" . $this->db->escape($component_data['component_start_date']). "', campaign_id = '" . (int)$campaign_id . "', parent_id = '" . (int)$parent_id . "'");
}
$this->cache->delete('parent_id');
return $campaign_id;
}
Join with the communication table:
UPDATE campaigns AS ca
JOIN communication AS co ON ca.communication_id = co.communication_id
SET ca.col1 = val1, ca.col2 = val2, ...
WHERE co.campaign_id = $campaign_id
(I've left out all the PHP variables so you can see the general structure of the query.)
Hey Guys I am trying to pass data to my model, but for some reason I keep getting an "undefined customitem_id" in my model file. I am testing to see if it will even send to the model so:
the code is as follows. My controller file from customer.php file
$data['customitem_id']= 19;
if(isset($this->request->post['customitem_id'])) {
$this->request->post['customitem_id'];
}
My code from:
public function editCustomer($customer_id, $data) {
if (!isset($data['custom_field'])) {
$data['custom_field'] = array();
}
$this->db->query("UPDATE " . DB_PREFIX . "customer SET customer_group_id = '" . (int)$data['customer_group_id'] . "', sales_representative = '" . $this->db->escape($data['username']) . "', firstname = '" . $this->db->escape($data['firstname']) . "', lastname = '" . $this->db->escape($data['lastname']) . "', email = '" . $this->db->escape($data['email']) . "', telephone = '" . $this->db->escape($data['telephone']) . "', fax = '" . $this->db->escape($data['fax']) . "', custom_field = '" . $this->db->escape(isset($data['custom_field']) ? serialize($data['custom_field']) : '') . "', newsletter = '" . (int)$data['newsletter'] . "', status = '" . (int)$data['status'] . "', approved = '" . (int)$data['approved'] . "', safe = '" . (int)$data['safe'] . "' WHERE customer_id = '" . (int)$customer_id . "'");
$this->db->query("UPDATE " . DB_PREFIX . "custom_item SET customer_id = '" . (int)$customer_id . "' WHERE customitem_id = '" . (int)$customitem_id . "'");
it keeps giving me an undefined variable in the model file. How would I go about making sure it sends the data?
Thanks for your help.
Looks like you're passing an array $data to your editCustomer($customer_id, $data) right?
Try changing this from:
$this->db->query("UPDATE " . DB_PREFIX . "custom_item SET customer_id = '" . (int)$customer_id . "' WHERE customitem_id = '" . (int)$customitem_id . "'")
to
$this->db->query("UPDATE " . DB_PREFIX . "custom_item SET customer_id = '" . (int)$customer_id . "' WHERE customitem_id = '" . (int)$data['customitem_id'] . "'")
note that I changed (int)$customitem_id to (int)$data['customitem_id']
You're using variable $customitem_id in your model but in your controller it is $data['customitem_id']. You likely just need to change $customitem_id to $data['customitem_id'] in your model.
I have a website in opencart the order id is jumping up.
means if a person has order something on website and his order id is 49 the order id of the next order should be 50 but it is shown as 51 or 52.
When I check in the database table oc_order it shown the same order for the missing order no.
class ModelCheckoutOrder extends Model {
public function addOrder($data) {
$this->db->query("INSERT INTO `" . DB_PREFIX . "order` SET invoice_prefix = '" . $this->db->escape($data['invoice_prefix']) . "', store_id = '" . (int)$data['store_id'] . "', store_name = '" . $this->db->escape($data['store_name']) . "', store_url = '" . $this->db->escape($data['store_url']) . "', customer_id = '" . (int)$data['customer_id'] . "', customer_group_id = '" . (int)$data['customer_group_id'] . "', emp_name = '" . $this->db->escape($data['emp_name']) . "', emp_ID = '" . $this->db->escape($data['emp_ID']) . "', email = '" . $this->db->escape($data['email']) . "', mobile_no = '" . $this->db->escape($data['mobile_no']) . "', fax = '" . $this->db->escape($data['fax']) . "', payment_emp_name = '" . $this->db->escape($data['payment_emp_name']) . "', payment_emp_ID = '" . $this->db->escape($data['payment_emp_ID']) . "', payment_company = '" . $this->db->escape($data['payment_company']) . "', payment_company_id = '" . $this->db->escape($data['payment_company_id']) . "', payment_tax_id = '" . $this->db->escape($data['payment_tax_id']) . "', payment_address_1 = '" . $this->db->escape($data['payment_address_1']) . "', payment_address_2 = '" . $this->db->escape($data['payment_address_2']) . "', payment_city = '" . $this->db->escape($data['payment_city']) . "', payment_postcode = '" . $this->db->escape($data['payment_postcode']) . "', payment_country = '" . $this->db->escape($data['payment_country']) . "', payment_country_id = '" . (int)$data['payment_country_id'] . "', payment_zone = '" . $this->db->escape($data['payment_zone']) . "', payment_zone_id = '" . (int)$data['payment_zone_id'] . "', payment_address_format = '" . $this->db->escape($data['payment_address_format']) . "', payment_method = '" . $this->db->escape($data['payment_method']) . "', payment_code = '" . $this->db->escape($data['payment_code']) . "', shipping_emp_name = '" . $this->db->escape($data['shipping_emp_name']) . "', shipping_emp_ID = '" . $this->db->escape($data['shipping_emp_ID']) . "', shipping_company = '" . $this->db->escape($data['shipping_company']) . "', shipping_address_1 = '" . $this->db->escape($data['shipping_address_1']) . "', shipping_address_2 = '" . $this->db->escape($data['shipping_address_2']) . "', shipping_city = '" . $this->db->escape($data['shipping_city']) . "', shipping_postcode = '" . $this->db->escape($data['shipping_postcode']) . "', shipping_country = '" . $this->db->escape($data['shipping_country']) . "', shipping_country_id = '" . (int)$data['shipping_country_id'] . "', shipping_zone = '" . $this->db->escape($data['shipping_zone']) . "', shipping_zone_id = '" . (int)$data['shipping_zone_id'] . "', shipping_address_format = '" . $this->db->escape($data['shipping_address_format']) . "', shipping_method = '" . $this->db->escape($data['shipping_method']) . "', shipping_code = '" . $this->db->escape($data['shipping_code']) . "', comment = '" . $this->db->escape($data['comment']) . "', total = '" . (float)$data['total'] . "', affiliate_id = '" . (int)$data['affiliate_id'] . "', commission = '" . (float)$data['commission'] . "', language_id = '" . (int)$data['language_id'] . "', currency_id = '" . (int)$data['currency_id'] . "', currency_code = '" . $this->db->escape($data['currency_code']) . "', currency_value = '" . (float)$data['currency_value'] . "', ip = '" . $this->db->escape($data['ip']) . "', forwarded_ip = '" . $this->db->escape($data['forwarded_ip']) . "', user_agent = '" . $this->db->escape($data['user_agent']) . "', accept_language = '" . $this->db->escape($data['accept_language']) . "', date_added = NOW(), date_modified = NOW()");
$this->db->query("INSERT INTO " . DB_PREFIX . "order_history SET order_id = '" . (int)$order_id . "', order_status_id = '" . (int)$order_status_id . "', notify = '1', comment = '" . $this->db->escape(($comment && $notify) ? $comment : '') . "', date_added = NOW()");
$order_product_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_product WHERE order_id = '" . (int)$order_id . "'");
foreach ($order_product_query->rows as $order_product) {
$this->db->query("UPDATE " . DB_PREFIX . "product SET quantity = (quantity - " . (int)$order_product['quantity'] . ") WHERE product_id = '" . (int)$order_product['product_id'] . "' AND subtract = '1'");
$order_option_query = $this->db->query("SELECT * FROM " . DB_PREFIX . "order_option WHERE order_id = '" . (int)$order_id . "' AND order_product_id = '" . (int)$order_product['order_product_id'] . "'");
foreach ($order_option_query->rows as $option) {
$this->db->query("UPDATE " . DB_PREFIX . "product_option_value SET quantity = (quantity - " . (int)$order_product['quantity'] . ") WHERE product_option_value_id = '" . (int)$option['product_option_value_id'] . "' AND subtract = '1'");
}
}
this is because there is a difference between what you see in the database itself and what you see in the orders admin page. and this difference is due to the fact that opencart stores something called a missing order id, and that happens for example one someone fills all the details and then by mistake he just reloads the checkout page and then he just press the "confirm" button. at this case for example in the orders admin page he booked two orders number and you will only see the second number - ofc the number of order ids skipped is the same as the number of missing orders stored by opencart itself.
if you want to test this go to checkout page and fill all orders and then confirm it, at this case you wont see any difference, however if you go to checkout page fill all info and then reload the page and then just press confirm you will see that the order id will skip one number.
in opencart database you wont see missing order ids, because opencart insert an order in the database only if it was confirmed.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
I just got my last question answered but now I'm stuck again.. I'm using OpenCart and I want to change the style of my email you'll get when you register on my OpenCart webshop. But when I use add this for example, it just shows it in the email as normal text:
$message .= '<img src="logo.png" />' "\n";
When I searched it on Google, on every site it says that I have to use this:
$headers .= "MIME-Version: 1.0\r\n";
$headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n";
I pasted it on a few places in my code but it never worked, it was still showing the HTML Tags as text in the email.
I will paste my code (from OpenCart) here and can somebody tell me then where I have to paste that code or just another way to use HTML in email via PHP?
<?php
class ModelAccountCustomer extends Model {
public function addCustomer($data) {
if (isset($data['customer_group_id']) && is_array($this->config->get('config_customer_group_display')) && in_array($data['customer_group_id'], $this->config->get('config_customer_group_display'))) {
$customer_group_id = $data['customer_group_id'];
} else {
$customer_group_id = $this->config->get('config_customer_group_id');
}
$this->load->model('account/customer_group');
$customer_group_info = $this->model_account_customer_group->getCustomerGroup($customer_group_id);
$this->db->query("INSERT INTO " . DB_PREFIX . "customer SET store_id = '" . (int)$this->config->get('config_store_id') . "', firstname = '" . $this->db->escape($data['firstname']) . "', lastname = '" . $this->db->escape($data['lastname']) . "', email = '" . $this->db->escape($data['email']) . "', telephone = '" . $this->db->escape($data['telephone']) . "', fax = '" . $this->db->escape($data['fax']) . "', salt = '" . $this->db->escape($salt = substr(md5(uniqid(rand(), true)), 0, 9)) . "', password = '" . $this->db->escape(sha1($salt . sha1($salt . sha1($data['password'])))) . "', newsletter = '" . (isset($data['newsletter']) ? (int)$data['newsletter'] : 0) . "', customer_group_id = '" . (int)$customer_group_id . "', ip = '" . $this->db->escape($this->request->server['REMOTE_ADDR']) . "', status = '1', approved = '" . (int)!$customer_group_info['approval'] . "', date_added = NOW()");
$customer_id = $this->db->getLastId();
$this->db->query("INSERT INTO " . DB_PREFIX . "address SET customer_id = '" . (int)$customer_id . "', firstname = '" . $this->db->escape($data['firstname']) . "', lastname = '" . $this->db->escape($data['lastname']) . "', company = '" . $this->db->escape($data['company']) . "', company_id = '" . $this->db->escape($data['company_id']) . "', tax_id = '" . $this->db->escape($data['tax_id']) . "', address_1 = '" . $this->db->escape($data['address_1']) . "', address_2 = '" . $this->db->escape($data['address_2']) . "', city = '" . $this->db->escape($data['city']) . "', postcode = '" . $this->db->escape($data['postcode']) . "', country_id = '" . (int)$data['country_id'] . "', zone_id = '" . (int)$data['zone_id'] . "'");
$address_id = $this->db->getLastId();
$this->db->query("UPDATE " . DB_PREFIX . "customer SET address_id = '" . (int)$address_id . "' WHERE customer_id = '" . (int)$customer_id . "'");
$this->language->load('mail/customer');
Here starts the part of the code what is going to be visible in the email itself.
<--From here-->
**$subject = sprintf($this->language->get('text_subject'), $this->config->get('config_name'));
$message = sprintf($this->language->get('text_welcome'), $this->config->get('config_name')) . "\n\n";
if (!$customer_group_info['approval']) {
$message .= $this->language->get('text_login') . "\n";
} else {
$message .= $this->language->get('text_approval') . "\n";
}
$message .= $this->url->link('account/login', '', 'SSL') . "\n\n";
$message .= $this->language->get('text_services') . "\n\n";
$message .= $this->language->get('text_thanks') . "\n";
$message .= $this->config->get('config_name');**
<--Till here-->
$mail = new Mail();
$mail->protocol = $this->config->get('config_mail_protocol');
$mail->parameter = $this->config->get('config_mail_parameter');
$mail->hostname = $this->config->get('config_smtp_host');
$mail->username = $this->config->get('config_smtp_username');
$mail->password = $this->config->get('config_smtp_password');
$mail->port = $this->config->get('config_smtp_port');
$mail->timeout = $this->config->get('config_smtp_timeout');
$mail->setTo($data['email']);
$mail->setFrom($this->config->get('config_email'));
$mail->setSender($this->config->get('config_name'));
$mail->setSubject(html_entity_decode($subject, ENT_QUOTES, 'UTF-8'));
$mail->setText(html_entity_decode($message, ENT_QUOTES, 'UTF-8'));
$mail->send();
// Send to main admin email if new account email is enabled
if ($this->config->get('config_account_mail')) {
$message = $this->language->get('text_signup') . "\n\n";
$message .= $this->language->get('text_website') . ' ' . $this->config->get('config_name') . "\n";
$message .= $this->language->get('text_firstname') . ' ' . $data['firstname'] . "\n";
$message .= $this->language->get('text_lastname') . ' ' . $data['lastname'] . "\n";
$message .= $this->language->get('text_customer_group') . ' ' . $customer_group_info['name'] . "\n";
if ($data['company']) {
$message .= $this->language->get('text_company') . ' ' . $data['company'] . "\n";
}
$message .= $this->language->get('text_email') . ' ' . $data['email'] . "\n";
$message .= $this->language->get('text_telephone') . ' ' . $data['telephone'] . "\n";
$mail->setTo($this->config->get('config_email'));
$mail->setSubject(html_entity_decode($this->language->get('text_new_customer'), ENT_QUOTES, 'UTF-8'));
$mail->setText(html_entity_decode($message, ENT_QUOTES, 'UTF-8'));
$mail->send();
// Send to additional alert emails if new account email is enabled
$emails = explode(',', $this->config->get('config_alert_emails'));
foreach ($emails as $email) {
if (strlen($email) > 0 && preg_match('/^[^\#]+#.*\.[a-z]{2,6}$/i', $email)) {
$mail->setTo($email);
$mail->send();
}
}
}
}
public function editCustomer($data) {
$this->db->query("UPDATE " . DB_PREFIX . "customer SET firstname = '" . $this->db->escape($data['firstname']) . "', lastname = '" . $this->db->escape($data['lastname']) . "', email = '" . $this->db->escape($data['email']) . "', telephone = '" . $this->db->escape($data['telephone']) . "', fax = '" . $this->db->escape($data['fax']) . "' WHERE customer_id = '" . (int)$this->customer->getId() . "'");
}
public function editPassword($email, $password) {
$this->db->query("UPDATE " . DB_PREFIX . "customer SET salt = '" . $this->db->escape($salt = substr(md5(uniqid(rand(), true)), 0, 9)) . "', password = '" . $this->db->escape(sha1($salt . sha1($salt . sha1($password)))) . "' WHERE LOWER(email) = '" . $this->db->escape(utf8_strtolower($email)) . "'");
}
public function editNewsletter($newsletter) {
$this->db->query("UPDATE " . DB_PREFIX . "customer SET newsletter = '" . (int)$newsletter . "' WHERE customer_id = '" . (int)$this->customer->getId() . "'");
}
public function getCustomer($customer_id) {
$query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer WHERE customer_id = '" . (int)$customer_id . "'");
return $query->row;
}
public function getCustomerByEmail($email) {
$query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer WHERE LOWER(email) = '" . $this->db->escape(utf8_strtolower($email)) . "'");
return $query->row;
}
public function getCustomerByToken($token) {
$query = $this->db->query("SELECT * FROM " . DB_PREFIX . "customer WHERE token = '" . $this->db->escape($token) . "' AND token != ''");
$this->db->query("UPDATE " . DB_PREFIX . "customer SET token = ''");
return $query->row;
}
public function getCustomers($data = array()) {
$sql = "SELECT *, CONCAT(c.firstname, ' ', c.lastname) AS name, cg.name AS customer_group FROM " . DB_PREFIX . "customer c LEFT JOIN " . DB_PREFIX . "customer_group cg ON (c.customer_group_id = cg.customer_group_id) ";
$implode = array();
if (isset($data['filter_name']) && !is_null($data['filter_name'])) {
$implode[] = "LCASE(CONCAT(c.firstname, ' ', c.lastname)) LIKE '" . $this->db->escape(utf8_strtolower($data['filter_name'])) . "%'";
}
if (isset($data['filter_email']) && !is_null($data['filter_email'])) {
$implode[] = "LCASE(c.email) = '" . $this->db->escape(utf8_strtolower($data['filter_email'])) . "'";
}
if (isset($data['filter_customer_group_id']) && !is_null($data['filter_customer_group_id'])) {
$implode[] = "cg.customer_group_id = '" . $this->db->escape($data['filter_customer_group_id']) . "'";
}
if (isset($data['filter_status']) && !is_null($data['filter_status'])) {
$implode[] = "c.status = '" . (int)$data['filter_status'] . "'";
}
if (isset($data['filter_approved']) && !is_null($data['filter_approved'])) {
$implode[] = "c.approved = '" . (int)$data['filter_approved'] . "'";
}
if (isset($data['filter_ip']) && !is_null($data['filter_ip'])) {
$implode[] = "c.customer_id IN (SELECT customer_id FROM " . DB_PREFIX . "customer_ip WHERE ip = '" . $this->db->escape($data['filter_ip']) . "')";
}
if (isset($data['filter_date_added']) && !is_null($data['filter_date_added'])) {
$implode[] = "DATE(c.date_added) = DATE('" . $this->db->escape($data['filter_date_added']) . "')";
}
if ($implode) {
$sql .= " WHERE " . implode(" AND ", $implode);
}
$sort_data = array(
'name',
'c.email',
'customer_group',
'c.status',
'c.ip',
'c.date_added'
);
if (isset($data['sort']) && in_array($data['sort'], $sort_data)) {
$sql .= " ORDER BY " . $data['sort'];
} else {
$sql .= " ORDER BY name";
}
if (isset($data['order']) && ($data['order'] == 'DESC')) {
$sql .= " DESC";
} else {
$sql .= " ASC";
}
if (isset($data['start']) || isset($data['limit'])) {
if ($data['start'] < 0) {
$data['start'] = 0;
}
if ($data['limit'] < 1) {
$data['limit'] = 20;
}
$sql .= " LIMIT " . (int)$data['start'] . "," . (int)$data['limit'];
}
$query = $this->db->query($sql);
return $query->rows;
}
public function getTotalCustomersByEmail($email) {
$query = $this->db->query("SELECT COUNT(*) AS total FROM " . DB_PREFIX . "customer WHERE LOWER(email) = '" . $this->db->escape(utf8_strtolower($email)) . "'");
return $query->row['total'];
}
public function getIps($customer_id) {
$query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "customer_ip` WHERE customer_id = '" . (int)$customer_id . "'");
return $query->rows;
}
public function isBanIp($ip) {
$query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "customer_ban_ip` WHERE ip = '" . $this->db->escape($ip) . "'");
return $query->num_rows;
}
}
?>
The one that reads this, thank you for your time!
$mail->setText(html_entity_decode($message, ENT_QUOTES, 'UTF-8'));
Your setting it as text.
Try setting has HTML.
$mail->setHTML($message);
<?php
if(isset($_POST['update']))
$dbhost = 'localhost';
$dbuser = 'XXXXX';
$dbpass = 'XXXXX';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
if(! get_magic_quotes_gpc() )
{
$OrderID=addslashes ($_POST['OrderID']);
$trackingnumber= addslashes ($_POST['trackingnumber']);
$trackingURL=addslashes ($_POST['trackingURL']);
$CustomerName=addslashes ($_POST['CustomerName']);
$LocationShipped=addslashes ($_POST['LocationShipped']);
$user_email=addslashes ($_POST['user_email']);
$ShipmentDate=addslashes ($_POST['ShipmentDate']);
$ShipmentMode=addslashes ($_POST['ShipmentMode']);
$CurrentStatus=addslashes ($_POST['CurrentStatus']);
}
else
{
$trackingnumber= $_POST['trackingnumber'];
$trackingURL=$_POST['trackingURL'];
$OrderID=$_POST['OrderID'];
$CustomerName=$_POST['CustomerName'];
$user_email=$_POST['user_email'];
$LocationShipped=$_POST['LocationShipped'];
$ShipmentDate=$_POST['ShipmentDate'];
$ShipmentMode=$_POST['ShipmentMode'];
$CurrentStatus=$_POST['CurrentStatus'];
}
$sql = "
UPDATE
ordertracking
SET
trackingnumber =$trackingnumber,
`trackingURL` = '" . $trackingURL . "',
`CustomerName` = '" . $CustomerName . "',
`LocationShipped` = '" . $LocationShipped . "',
`user_email` = '" . $user_email . "',
`ShipmentDate` = '" . $ShipmentDate . "',
`ShipmentMode` = '" . $ShipmentMode . "',
`CurrentStatus` = '" . $CurrentStatus . "',
WHERE
OrderNo = $OrderID,
$result1 = mysql_query($query1);
mysql_select_db('XXXXXXX');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not enter data: ' . mysql_error());
}
echo "Entered data successfully\n";
mysql_close($conn);
?>
Parse error: syntax error, unexpected T_STRING in /home/buyerhel/public_html/ordertracking/backend/processeditship.php on line 46
Any help please ?
Not sure what the problem is but it is really frustrating since I am on my last step for the Edit Section of the my project and it is allowing me to update the table.
I purposely left out the quotes here - trackingnumber =$trackingnumber,
So that is not the problem..
The
There is no ending symbol " in your $sql. Should be:
$sql = "
UPDATE
ordertracking
SET
trackingnumber =$trackingnumber,
`trackingURL` = '" . $trackingURL . "',
`CustomerName` = '" . $CustomerName . "',
`LocationShipped` = '" . $LocationShipped . "',
`user_email` = '" . $user_email . "',
`ShipmentDate` = '" . $ShipmentDate . "',
`ShipmentMode` = '" . $ShipmentMode . "',
`CurrentStatus` = '" . $CurrentStatus . "'
WHERE
OrderNo = $OrderID"; // < missing ";
You've used , instead of ; and forgot some ".
$sql = "
UPDATE
`ordertracking`
SET
`trackingnumber` = " . $trackingnumber . ",
`trackingURL` = '" . $trackingURL . "',
`CustomerName` = '" . $CustomerName . "',
`LocationShipped` = '" . $LocationShipped . "',
`user_email` = '" . $user_email . "',
`ShipmentDate` = '" . $ShipmentDate . "',
`ShipmentMode` = '" . $ShipmentMode . "',
`CurrentStatus` = '" . $CurrentStatus . "',
WHERE
`OrderNo` = " . $OrderID; // ; instead of ,
$result1 = mysql_query($query1);
Just replace Line no 50
OrderNo = $OrderID";
by this code
Two problems
Close the double qoutes
Remove the trailing comma after $OrderID
So change
$sql = "
UPDATE
ordertracking
SET
trackingnumber =$trackingnumber,
`trackingURL` = '" . $trackingURL . "',
`CustomerName` = '" . $CustomerName . "',
`LocationShipped` = '" . $LocationShipped . "',
`user_email` = '" . $user_email . "',
`ShipmentDate` = '" . $ShipmentDate . "',
`ShipmentMode` = '" . $ShipmentMode . "',
`CurrentStatus` = '" . $CurrentStatus . "',
WHERE
OrderNo = $OrderID,
to
$sql = "
UPDATE
ordertracking
SET
trackingnumber =$trackingnumber,
`trackingURL` = '" . $trackingURL . "',
`CustomerName` = '" . $CustomerName . "',
`LocationShipped` = '" . $LocationShipped . "',
`user_email` = '" . $user_email . "',
`ShipmentDate` = '" . $ShipmentDate . "',
`ShipmentMode` = '" . $ShipmentMode . "',
`CurrentStatus` = '" . $CurrentStatus . "',
WHERE
OrderNo = $OrderID";