item_id = get_param("item_id");
// Validate fields
if($sAction == "insert" || $sAction == "update")
{
if(!strlen($fldquantity))
$sOrderErr .= "The value in field Quantity is required.<br>";
if(!is_number($fldquantity))
$sOrderErr .= "The value in field Quantity is incorrect.<br>";
if(!is_number($flditem_id))
$sOrderErr .= "The value in field item_id is incorrect.<br>";
if(strlen($sOrderErr)) return;
}
$sSQL = "";
// Create SQL statement
switch(strtolower($sAction))
{
case "insert":
$sSQL = "insert into orders (" .
"member_id," .
"quantity," .
"item_id)" .
" values (" .
tosql($fldUserID, "Number") . "," .
to
sql($fldquantity, "Number") . "," .
tosql($flditem_id, "Number") . ")";
break;
}
// Execute SQL statement
if(strlen($sOrderErr)) return;
$db->query($sSQL);
header("Location: " . $sActionFileName);
}
function Order_show()
{
global $db;
global $tpl;
global $sAction;
global $sForm;
global $sOrderErr;
$sWhere = "";
$bPK = true;
$fldorder_id = "";
$fldquantity = "";
$flditem_id = "";
if($sOrderErr == "")
{
// Load primary key and form parameters
$flditem_id = get_param("item_id");
$porder_id = get_param("order_id");
$tpl->set_var("OrderError", "");
}
else
{
// Load primary key, form parameters and form fields
$fldorder_id = strip(get_param("order_id"));
$fldquantity = strip(get_param("quantity"));
$flditem_id = strip(get_param("item_id"));
$porder_id = get_param("PK_order_id");
$tpl->set_var("sOrderErr", $sOrderErr);
$tpl->parse("OrderError", false);
}
if( !strlen($porder_id)) $bPK = false;
$sWhere .= "order_id=" . tosql($porder_id, "Number");
$tpl->set_var("PK_order_id", $porder_id);
$sSQL = "select * from orders where " . $sWhere;
if($bPK && !($sAction == "insert" && $sForm == "Order"))
{
// Execute SQL statement
$db->query($sSQL);
$db->next_record();
$fldorder_id = $db->f("order_id");
$flditem_id = $db->f("item_id");
if($sOrderErr == "")
{
// Load data from recordset when form displayed first time
$fldquantity = $db->f("quantity");
}
$tpl->set_var("OrderDelete", "");
$tpl->set_var("OrderUpdate", "");
$tpl->set_var("OrderInsert", "");
}
else
{
if($sOrderErr == "")
{
$flditem_id = tohtml(get_param("item_id"));
$fldquantity= "1";
}
$tpl->set_var("OrderEdit", "");
$tpl->parse("OrderInsert", false);
}
$tpl->set_var("OrderCancel", "");
// Show form field
$tpl->set_var("order_id", tohtml($fldorder_id));
$tpl->set_var("quantity", tohtml($fldquantity));
$tpl->set_var("item_id", tohtml($flditem_id));
$tpl->parse("FormOrder", false);
}
function Rating_action($sAction)
{
global $db;
global $tpl;
global $sForm;
global $sRatingErr;
$sParams = "";
$sActionFileName = "BookDetail.php";
$sParams = "?";
$sParams .= "item_id=" . tourl(get_param("Trn_item_id"));
$sWhere = "";