73 lines
2.5 KiB
PHP
73 lines
2.5 KiB
PHP
<?php
|
|
/** loads unpaid orders
|
|
*
|
|
* @version 2.0.0
|
|
* @since 2008-02-13
|
|
* @author Martin Lenzelbauer
|
|
*
|
|
*/
|
|
define("ROOT", "../");
|
|
require_once(ROOT."include/config.inc.php");
|
|
require_once(ROOT."include/db.inc.php");
|
|
require_once(ROOT."include/xml.inc.php");
|
|
|
|
dbQuery("SET NAMES utf8");
|
|
|
|
switch($_GET['action']){
|
|
case "loadUnpaidOrders": loadUnpaidOrders($_GET['dateId']);
|
|
break;
|
|
}
|
|
|
|
|
|
|
|
/** loads unpaid orders
|
|
* @param dateId date id or undefined, if all unpaid orders should be loaded
|
|
*/
|
|
########################################
|
|
function loadUnpaidOrders($dateId){
|
|
########################################
|
|
|
|
// load event titles
|
|
$events = array();
|
|
$query = sprintf("SELECT DISTINCT dateId FROM bruckm_ticketorder WHERE paid = 'false'");
|
|
if(!empty($dateId)){
|
|
$query = sprintf("SELECT DISTINCT dateId FROM bruckm_ticketorder WHERE dateId = %d AND paid = 'false'", sqlnum($dateId));
|
|
}
|
|
$result = dbQuery($query);
|
|
while($line = mysqli_fetch_array($result, MYSQLI_ASSOC)){
|
|
$query = sprintf("SELECT eventId, `date` FROM bruckm_ticketdate WHERE id = %d", sqlnum($line['dateId']));
|
|
$date = dbQuery($query);
|
|
$d = mysqli_fetch_array($date, MYSQLI_ASSOC);
|
|
$query = sprintf("SELECT name FROM bruckm_ticketevent WHERE id = %d", sqlnum($d['eventId']));
|
|
$event = dbQuery($query);
|
|
$e = mysqli_fetch_array($event, MYSQLI_ASSOC);
|
|
$events[$line['dateId']]['title'] = $e['name'];
|
|
$events[$line['dateId']]['date'] = $d['date'];
|
|
}
|
|
|
|
// load orders
|
|
$query = sprintf("SELECT id, orderDate, customerId, dateId FROM bruckm_ticketorder WHERE paid = 'false' ORDER BY id ASC");
|
|
if(isset($dateId)){
|
|
$query = sprintf("SELECT id, orderDate, customerId, dateId FROM bruckm_ticketorder WHERE dateId = %d AND paid = 'false' ORDER BY id ASC",
|
|
sqlnum($dateId));
|
|
}
|
|
$result = dbQuery($query);
|
|
|
|
$xml = '<?xml version="1.0" encoding="utf-8"?>';
|
|
$xml .= '<orders>';
|
|
while($line = mysqli_fetch_array($result, MYSQLI_ASSOC)){
|
|
// load customer name
|
|
$query = sprintf("SELECT firstname, surname FROM bruckm_ticketcustomer WHERE id = %d", sqlnum($line['customerId']));
|
|
$customer = dbQuery($query);
|
|
$c = mysqli_fetch_array($customer, MYSQLI_ASSOC);
|
|
$xml .= '<order id="' . $line['id'] . '" timestamp="' . strtotime($line['orderDate']) . '" event="' . xmlstring($events[$line['dateId']]['title']) . '" ';
|
|
$xml .= 'date="' . strtotime($events[$line['dateId']]['date']) . '" firstname="' . xmlstring($c['firstname']) . '" surname="' . xmlstring($c['surname']) . '" />';
|
|
}
|
|
$xml .= '</orders>';
|
|
|
|
header('Content-Type: text/xml');
|
|
echo $xml;
|
|
|
|
}
|
|
|
|
?>
|