get_order_table_name(); $last_order_status = $db->get_var("SELECT MAX(`Message_ID`) FROM `$order_table`"); if ($text_filter <= $last_order_status) { $query_where_conditions[] = "a.`Message_ID` = " . (int)$text_filter; $order_status = -1; } } // (б) Возможно, номер телефона (начиная с четырёх символов) if (strlen($text_filter) > 3 && preg_match('/^[\d\s\-\.\(\)\+]+$/', $text_filter)) { $phone_digits = preg_split('//', preg_replace('/\D/', '', $text_filter)); $phone_regexp = join('[^0-9]*', $phone_digits); $query_where_conditions[] = "a.`Phone` REGEXP '$phone_regexp'"; } $text_filter_escaped = $db->escape($text_filter); // (в) Email? if (strlen($text_filter) >= 3 && preg_match('/^\w[\w\d@\.\-\_]+$/i', $text_filter)) { $query_where_conditions[] = "a.`Email` LIKE '%$text_filter_escaped%'"; } // (г) может, это логин? $auth_by = nc_core('AUTHORIZE_BY'); $user_id = $db->get_var("SELECT `User_ID` FROM `User` WHERE `$auth_by` = '$text_filter_escaped'"); if ($user_id) { $query_where_conditions[] = "a.`User_ID` = $user_id"; } // (д) имя клиента? if (!is_numeric($text_filter)) { $query_where_conditions[] = "a.`ContactName` LIKE '%$text_filter_escaped%'"; } $query_where = "(" . join(" OR ", $query_where_conditions) . ")"; } /* * order_status: * -1: любые заказы * 0: новые заказы * >0: ID статуса заказа */ if (!isset($order_status)) { $order_status = -1; // "ANY" } if ($order_status != -1) { if ($order_status > 0) { $query_where .= " AND a.Status = " . (int)$order_status; } else { $query_where .= " AND (a.Status IS NULL OR a.Status = 0)"; // new orders } } /* * delivery_method: * -1: любые * >0: ID метода */ if (!isset($delivery_method)) { $delivery_method = -1; // "NEW" } if ($delivery_method != -1) { if ($delivery_method > 0) { $query_where .= " AND a.DeliveryMethod = " . (int)$delivery_method; } else { $query_where .= " AND (a.DeliveryMethod IS NULL OR a.DeliveryMethod = 0)"; } } /* * price_from - price_to */ $price_from = abs((float)(isset($price_from) ? $price_from : 0)); $price_to = abs((float)(isset($price_to) ? $price_to : 0)); if (($price_to && ($price_from > $price_to)) || (!$price_from && !$price_to)) { $price_from = ''; $price_to = ''; } else { if ($price_from && !$price_to) { $query_where .= " AND a.TotalPrice > {$price_from} "; } else if ($price_to && !$price_from) { $query_where .= " AND a.TotalPrice < {$price_to} "; } else { $query_where .= " AND a.TotalPrice BETWEEN {$price_from} AND {$price_to} "; } $price_from = $price_from ? $price_from : ''; $price_to = $price_to ? $price_to : ''; } /* * date_from - date_to */ $date_from_raw = explode('.', isset($date_from) ? $date_from : ''); $date_to_raw = explode('.', isset($date_to) ? $date_to : ''); if (count($date_from_raw) == 3) { $date_from_raw = "{$date_from_raw[2]}-{$date_from_raw[1]}-{$date_from_raw[0]}"; $date_from_raw = strtotime($date_from_raw); if ($date_from_raw) { $date_from_raw = date('Y-m-d', $date_from_raw); } else { $date_from_raw = ''; $date_from = ''; } } else { $date_from_raw = ''; $date_from = ''; } if (count($date_to_raw) == 3) { $date_to_raw = "{$date_to_raw[2]}-{$date_to_raw[1]}-{$date_to_raw[0]}"; $date_to_raw = strtotime($date_to_raw); if ($date_to_raw) { $date_to_raw = date('Y-m-d', $date_to_raw); } else { $date_to_raw = ''; $date_to = ''; } } else { $date_to_raw = ''; $date_to = ''; } if ($date_from_raw || $date_to_raw) { if (!$date_from_raw && !$date_to_raw) { $date_from_raw = ''; $date_to_raw = ''; $date_from = ''; $date_to = ''; } else { if ($date_from_raw && !$date_to_raw) { $query_where .= " AND a.Created > '{$date_from_raw} 00:00:00' "; } else if ($date_to_raw && !$date_from_raw) { $query_where .= " AND a.Created < '{$date_to_raw} 23:59:59' "; } else { $query_where .= " AND a.Created BETWEEN '{$date_from_raw} 00:00:00' AND '{$date_to_raw} 23:59:59' "; } if (!$date_from_raw) { $date_from = ''; } if (!$date_to_raw) { $date_to = ''; } } } /** @var Permission $perm */ if (!is_object($perm) || !$perm->isSubClass($cc, MASK_MODERATE)) { if ($AUTH_USER_ID) { $query_where .= " AND a.User_ID = {$AUTH_USER_ID} "; } else { $query_where .= " AND 1 = 0"; } }