-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathproductview.php
70 lines (68 loc) · 3.43 KB
/
productview.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
<?php
/*
* quoteview.php
*
* Copyright 2018 Krzysztof Hrybacz <[email protected]>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301, USA.
*
*
*/
?>
<?php
require_once('config.php');
session_start();
if ($_GET['c']!=md5($_GET['id'] . $_GET['company'] . 'PGW'))
die('Wrong checksum.');
if ($_GET['id']!='') {
$link = mysqli_connect($sql, $sqluser, $sqlpass, $sqldb);
mysqli_set_charset($link,'utf8');
$result = mysqli_query($link,'SELECT * FROM `' . $_GET['company'] . '_products` WHERE id=' . $_GET['id'] . ';');
$row = mysqli_fetch_array($result);
$result = mysqli_query($link,'SELECT * FROM `' . $_GET['company'] . '_info`;');
$info = mysqli_fetch_array($result);
mysqli_free_result($result);
$html = '<body>
<div style="position: absolute; text-align: right; top: 55mm; width: 180mm; margin: 0 auto; line-height: 16px; font-size: 14px;">
<span style="color: ' . $info['color'] . '; font-weight: bold;">' . $info['display'] . '</span><br />' . str_replace("\n","<br />",$info['contact']) . '</div>
<div style="text-align: center; height: 200px;"><img class="logo" src="logo/' . $_GET['company'] . '.png" /></div>
<table class="top"><tr><td style="background: lightgray;">Product</td><td style="background: #e7e7e8;">' . 'PR' . sprintf('%04d',$_GET['id']) . '</td><td></td><td></td><td style="background: lightgray;">Date</td><td style="background: #e7e7e8;">' . date('Y-m-d') . '</td></table>
<table class="main description">';
if (file_exists('products/' . $_SESSION['company'] . '_PR' . sprintf('%04d',$row['id'])))
$html .= '<tr><td><img id="product" src="' . 'products/' . $_SESSION['company'] . '_PR' . sprintf('%04d',$row['id']) . '" /></td></tr>';
if ($row['name']!='') $html .= '
<tr><th style="background: ' . $info['color'] . ';">Name</th></tr>
<tr><td style="text-align: center;">' . $row['name'] . '</td></tr>';
if ($row['sku']!='') $html .= '
<tr><th style="background: ' . $info['color'] . ';">SKU</th></tr>
<tr><td style="text-align: center;">' . $row['sku'] . '</td></tr>';
if ($row['price']!='') $html .= '
<tr><th style="background: ' . $info['color'] . ';">Price</th></tr>
<tr><td style="text-align: center;">' . number_format($row['price'],2,'.',',') . '</td></tr>';
if ($row['vat']!='') $html .= '
<tr><th style="background: ' . $info['color'] . ';">VAT</th></tr>
<tr><td style="text-align: center;">' . $row['vat'] . '</td></tr>';
if ($row['category']!='') $html .= '
<tr><th style="background: ' . $info['color'] . ';">Category</th></tr>
<tr><td style="text-align: center;">' . $row['category'] . '</td></tr>';
if ($row['description']!='') $html .= '
<tr><th style="background: ' . $info['color'] . ';">Description</th></tr>
<tr><td style="text-align: center;">' . nl2br($row['description']) . '</td></tr>';
$html .= '
</td></tr>
</table>
</body>';
}