function fn_get_gift_certificate_company_condition($field) { if (fn_allowed_for('ULTIMATE')) { return fn_get_company_condition($field); } return ''; }
function fn_api_auth_routines($request, $auth) { $status = true; $user_login = !empty($request['user_login']) ? trim($request['user_login']) : ''; $password = !empty($request['password']) ? $request['password'] : ''; $field = 'email'; $condition = ''; if (fn_allowed_for('ULTIMATE')) { if (Registry::get('settings.Stores.share_users') == 'N' && AREA != 'A') { $condition = fn_get_company_condition('?:users.company_id'); } } $user_data = db_get_row("SELECT * FROM ?:users WHERE {$field} = ?s" . $condition, $user_login); if (empty($user_data)) { $user_data = db_get_row("SELECT * FROM ?:users WHERE {$field} = ?s AND user_type IN ('A', 'V', 'P')", $user_login); } if (!empty($user_data)) { $user_data['usergroups'] = fn_get_user_usergroups($user_data['user_id']); } if (!empty($user_data['status']) && $user_data['status'] == 'D') { fn_set_notification('E', __('error'), __('error_account_disabled')); $status = false; } $salt = isset($user_data['salt']) ? $user_data['salt'] : ''; return array($status, $user_data, $user_login, $password, $salt); }
function fn_get_google_sitemap_company_condition($field) { if (fn_allowed_for('ULTIMATE')) { return fn_get_company_condition($field); } return ''; }
function fn_get_data_feeds_company_condition($field) { if (fn_allowed_for('ULTIMATE')) { return fn_get_company_condition($field); } return ''; }
function fn_get_discussion_company_condition($field) { if (fn_allowed_for('ULTIMATE')) { return fn_get_company_condition($field); } return ''; }
/** * Get promotions * * @param array $params array with search params * @param int $items_per_page * @param string $lang_code * @return array list of promotions in first element, filtered parameters in second */ function fn_get_promotions($params, $items_per_page = 0, $lang_code = CART_LANGUAGE) { // Init filter $params = LastView::instance()->update('promotions', $params); // Set default values to input params $default_params = array('page' => 1, 'items_per_page' => $items_per_page, 'get_hidden' => true); $params = array_merge($default_params, $params); // Define fields that should be retrieved $fields = array("?:promotions.*", "?:promotion_descriptions.name", "?:promotion_descriptions.detailed_description", "?:promotion_descriptions.short_description"); // Define sort fields $sortings = array('name' => "?:promotion_descriptions.name", 'priority' => "?:promotions.priority", 'zone' => "?:promotions.zone", 'status' => "?:promotions.status"); $condition = $join = $group = ''; $condition .= fn_get_company_condition('?:promotions.company_id'); $statuses = array('A'); if (!empty($params['get_hidden'])) { $statuses[] = 'H'; } if (!empty($params['promotion_id'])) { $condition .= db_quote(' AND ?:promotions.promotion_id IN (?n)', $params['promotion_id']); } if (!empty($params['active'])) { $condition .= db_quote(" AND IF(from_date, from_date <= ?i, 1) AND IF(to_date, to_date >= ?i, 1) AND status IN (?a)", TIME, TIME, $statuses); } if (fn_allowed_for('ULTIMATE:FREE')) { $params['zone'] = 'catalog'; } if (!empty($params['zone'])) { $condition .= db_quote(" AND ?:promotions.zone = ?s", $params['zone']); } if (!empty($params['coupon_code'])) { $condition .= db_quote(" AND (CONCAT(LOWER(?:promotions.conditions_hash), ';') LIKE ?l OR CONCAT(LOWER(?:promotions.conditions_hash), ';') LIKE ?l)", "%coupon_code={$params['coupon_code']};%", "%auto_coupons={$params['coupon_code']};%"); } if (!empty($params['coupons'])) { $condition .= db_quote(" AND ?:promotions.conditions_hash LIKE ?l", "%coupon_code=%"); } if (!empty($params['auto_coupons'])) { $condition .= db_quote(" AND ?:promotions.conditions_hash LIKE ?l", "%auto_coupons=%"); } $join .= db_quote(" LEFT JOIN ?:promotion_descriptions ON ?:promotion_descriptions.promotion_id = ?:promotions.promotion_id AND ?:promotion_descriptions.lang_code = ?s", $lang_code); fn_set_hook('get_promotions', $params, $fields, $sortings, $condition, $join); $sorting = db_sort($params, $sortings, 'name', 'desc'); $limit = ''; if (!empty($params['items_per_page'])) { $params['total_items'] = db_get_field("SELECT COUNT(*) FROM ?:promotions {$join} WHERE 1 {$condition} {$group}"); $limit = db_paginate($params['page'], $params['items_per_page'], $params['total_items']); } if (!empty($params['simple'])) { return db_get_hash_single_array("SELECT ?:promotions.promotion_id, ?:promotion_descriptions.name FROM ?:promotions {$join} WHERE 1 {$condition} {$group} {$sorting} {$limit}", array('promotion_id', 'name')); } else { $promotions = db_get_hash_array('SELECT ' . implode(', ', $fields) . " FROM ?:promotions {$join} WHERE 1 {$condition} {$group} {$sorting} {$limit}", 'promotion_id'); } if (!empty($params['expand'])) { foreach ($promotions as $k => $v) { $promotions[$k]['conditions'] = !empty($v['conditions']) ? unserialize($v['conditions']) : array(); $promotions[$k]['bonuses'] = !empty($v['bonuses']) ? unserialize($v['bonuses']) : array(); } } return array($promotions, $params); }
public function getCompanyCondition($db_field) { $company_id = $this->_company_id; if (!$this->_company_id) { $company_id = ''; } return fn_get_company_condition($db_field, true, $company_id); }
/** * Return list of product menus * @static * @param string $condition SQL condition * @param string $lang_code * @return array List of product menus sorted by position by menu_id */ public static function getList($condition = '', $lang_code = CART_LANGUAGE) { /** * Prepare params for sql query before get menus list * @param string $lang_code */ fn_set_hook('get_menus_pre', $join, $condition, $lang_code); $menus = db_get_hash_array("SELECT * FROM ?:menus " . "LEFT JOIN ?:menus_descriptions " . "ON ?:menus.menu_id = ?:menus_descriptions.menu_id " . "?p " . "WHERE ?:menus_descriptions.lang_code = ?s ?p ?p", 'menu_id', $join, $lang_code, fn_get_company_condition('?:menus.company_id'), $condition); /** * Process menus list after sql query * @param array $menus Array of menus data * @param string $lang_code */ fn_set_hook('get_menus_post', $menus, $lang_code); return $menus; }
function fn_get_seo_company_condition($field, $object_type = '', $company_id = null) { $condition = ''; if (fn_allowed_for('ULTIMATE')) { if ($company_id == null && Registry::get('runtime.company_id')) { $company_id = Registry::get('runtime.company_id'); } // Disable companies in for shared objects if (!empty($object_type)) { if (fn_get_seo_vars($object_type, 'not_shared')) { $condition = fn_get_company_condition($field, true, $company_id, true); } } else { $condition = fn_get_company_condition($field, false, $company_id); $condition = !empty($condition) ? " AND ({$condition} OR {$field} = 0)" : ''; } } return $condition; }
/** * Gets products default navigation * * @param array $params Request params * @return array navigation data */ function fn_lv_get_product_default_navigation($params) { if (empty($params['product_id'])) { return false; } $update_data = array(); $product_id = $params['product_id']; if (fn_allowed_for('ULTIMATE') && Registry::get('runtime.company_id')) { $company_condition = fn_get_company_condition('c.company_id'); $category_id = db_get_field("SELECT c.category_id, IF(pc.link_type = ?s, 1, 0) as is_main FROM ?:categories AS c LEFT JOIN ?:products_categories AS pc ON c.category_id = pc.category_id WHERE pc.product_id = ?i {$company_condition} ORDER BY is_main DESC", 'M', $product_id); } else { $category_id = db_get_field("SELECT category_id FROM ?:products_categories WHERE product_id = ?i AND link_type = ?s", $product_id, 'M'); } if (empty($category_id)) { return false; } $search_params = array('cid' => $category_id, 'get_conditions' => true); list($fields, $join, $condition) = fn_get_products($search_params); $sorting = "ORDER BY descr1.product asc"; // get product position in full list db_query("SET @r = 0;"); $product_position = db_get_field("SELECT a.row FROM (SELECT products.product_id, @r := @r + 1 as row FROM ?:products as products {$join} WHERE 1 {$condition} GROUP BY products.product_id {$sorting}) AS a WHERE a.product_id = ?i", $product_id); $items_per_page = Registry::get('settings.Appearance.products_per_page'); if (empty($product_position) || empty($items_per_page)) { return false; } $page = ceil($product_position / $items_per_page); $limit = db_paginate($page, $items_per_page); $stored_items_ids[$page] = db_get_fields("SELECT SQL_CALC_FOUND_ROWS products.product_id FROM ?:products as products {$join} WHERE 1 {$condition} GROUP BY products.product_id {$sorting} {$limit}"); $total_items = db_get_found_rows(); $total_pages = ceil($total_items / $items_per_page); unset($search_params['get_conditions']); $update_data['params'] = serialize($search_params); $update_data['view_results'] = array('items_ids' => $stored_items_ids, 'total_pages' => $total_pages, 'items_per_page' => $items_per_page, 'total_items' => $total_items); $update_data['view_results'] = serialize($update_data['view_results']); return $update_data; }
/** * Get promotions * * @param array $params array with search params * @param int $items_per_page * @param string $lang_code * @return array list of promotions in first element, filtered parameters in second */ function fn_get_promotions($params, $items_per_page = 0, $lang_code = CART_LANGUAGE) { // Init filter $params = fn_init_view('promotions', $params); // Set default values to input params $params['page'] = empty($params['page']) ? 1 : $params['page']; // default page is 1 $params['get_hidden'] = !isset($params['get_hidden']) ? true : $params['get_hidden']; // always get hidden promotions // Define fields that should be retrieved $fields = array("?:promotions.*", "?:promotion_descriptions.name", "?:promotion_descriptions.detailed_description", "?:promotion_descriptions.short_description"); // Define sort fields $sortings = array('name' => "?:promotion_descriptions.name", 'priority' => "?:promotions.priority", 'zone' => "?:promotions.zone", 'status' => "?:promotions.status"); $directions = array('asc' => 'asc', 'desc' => 'desc'); if (empty($params['sort_order']) || empty($directions[$params['sort_order']])) { $params['sort_order'] = 'desc'; } if (empty($params['sort_by']) || empty($sortings[$params['sort_by']])) { $params['sort_by'] = 'name'; } $sorting = (is_array($sortings[$params['sort_by']]) ? implode(' ' . $directions[$params['sort_order']] . ', ', $sortings[$params['sort_by']]) : $sortings[$params['sort_by']]) . " " . $directions[$params['sort_order']]; // Reverse sorting (for usage in view) $params['sort_order'] = $params['sort_order'] == 'asc' ? 'desc' : 'asc'; $condition = $join = $group = ''; $condition .= fn_get_company_condition('?:promotions.company_id'); $statuses = array('A'); if (!empty($params['get_hidden'])) { $statuses[] = 'H'; } if (!empty($params['promotion_id'])) { $condition .= db_quote(' AND ?:promotions.promotion_id IN (?n)', $params['promotion_id']); } if (!empty($params['active'])) { $condition .= db_quote(" AND IF(from_date, from_date <= ?i, 1) AND IF(to_date, to_date >= ?i, 1) AND status IN (?a)", TIME, TIME, $statuses); } if (!empty($params['zone'])) { $condition .= db_quote(" AND ?:promotions.zone = ?s", $params['zone']); } if (!empty($params['coupon_code'])) { $condition .= db_quote(" AND ?:promotions.conditions_hash LIKE ?l", "%{$params['coupon_code']}%"); // FIXME, more smart rules } if (!empty($params['coupons'])) { $condition .= db_quote(" AND ?:promotions.conditions_hash LIKE ?l", "%coupon_code=%"); // FIXME } if (!empty($params['auto_coupons'])) { $condition .= db_quote(" AND ?:promotions.conditions_hash LIKE ?l", "%auto_coupons=%"); } $join .= db_quote(" LEFT JOIN ?:promotion_descriptions ON ?:promotion_descriptions.promotion_id = ?:promotions.promotion_id AND ?:promotion_descriptions.lang_code = ?s", $lang_code); fn_set_hook('get_promotions', $params, $fields, $sortings, $condition, $join); $limit = ''; if (!empty($items_per_page)) { $total = db_get_field("SELECT COUNT(*) FROM ?:promotions {$join} WHERE 1 {$condition} {$group}"); $limit = fn_paginate($params['page'], $total, $items_per_page); } if (!empty($params['simple'])) { return db_get_hash_single_array("SELECT ?:promotions.promotion_id, ?:promotion_descriptions.name FROM ?:promotions {$join} WHERE 1 {$condition} {$group} ORDER BY {$sorting} {$limit}", array('promotion_id', 'name')); } else { $promotions = db_get_hash_array('SELECT ' . implode(', ', $fields) . " FROM ?:promotions {$join} WHERE 1 {$condition} {$group} ORDER BY {$sorting} {$limit}", 'promotion_id'); } if (!empty($params['expand'])) { foreach ($promotions as $k => $v) { $promotions[$k]['conditions'] = !empty($v['conditions']) ? unserialize($v['conditions']) : array(); $promotions[$k]['bonuses'] = !empty($v['bonuses']) ? unserialize($v['bonuses']) : array(); } } return array($promotions, $params); }
function fn_get_ult_company_condition($db_field = 'company_id', $and = true, $company_id = '', $show_admin = false, $area_c = false) { return fn_allowed_for('ULTIMATE') ? fn_get_company_condition($db_field, $and, $company_id, $show_admin, $area_c) : ''; }
fn_add_breadcrumb(__('catalog')); $root_categories = fn_get_subcategories(0); foreach ($root_categories as $k => $v) { $root_categories[$k]['main_pair'] = fn_get_image_pairs($v['category_id'], 'category', 'M'); } Tygh::$app['view']->assign('root_categories', $root_categories); } elseif ($mode == 'view') { $_statuses = array('A', 'H'); $_condition = fn_get_localizations_condition('localization', true); $preview = fn_is_preview_action($auth, $_REQUEST); if (!$preview) { $_condition .= ' AND (' . fn_find_array_in_set($auth['usergroup_ids'], 'usergroup_ids', true) . ')'; $_condition .= db_quote(' AND status IN (?a)', $_statuses); } if (fn_allowed_for('ULTIMATE')) { $_condition .= fn_get_company_condition('?:categories.company_id'); } $category_exists = db_get_field("SELECT category_id FROM ?:categories WHERE category_id = ?i ?p", $_REQUEST['category_id'], $_condition); if (!empty($category_exists)) { // Save current url to session for 'Continue shopping' button $_SESSION['continue_url'] = "categories.view?category_id={$_REQUEST['category_id']}"; // Save current category id to session $_SESSION['current_category_id'] = $_SESSION['breadcrumb_category_id'] = $_REQUEST['category_id']; // Get subcategories list for current category Tygh::$app['view']->assign('subcategories', fn_get_subcategories($_REQUEST['category_id'])); // Get full data for current category $category_data = fn_get_category_data($_REQUEST['category_id'], CART_LANGUAGE, '*', true, false, $preview); $category_parent_ids = fn_explode('/', $category_data['id_path']); array_pop($category_parent_ids); if (!empty($category_data['meta_description']) || !empty($category_data['meta_keywords'])) { Tygh::$app['view']->assign('meta_description', $category_data['meta_description']);
// Ajax content if ($mode == 'get_suppliers_list') { $params = $_REQUEST; $condition = ''; $pattern = !empty($params['pattern']) ? $params['pattern'] : ''; $start = !empty($params['start']) ? $params['start'] : 0; $limit = (!empty($params['limit']) ? $params['limit'] : 10) + 1; if (AREA == 'C') { $condition .= " AND ?:suppliers.status = 'A' "; } if (isset($params['exclude_supplier_id'])) { $condition .= db_quote(" AND ?:suppliers.supplier_id != ?i", intval($params['exclude_supplier_id'])); } if (isset($params['company_id']) || Registry::get('runtime.company_id')) { $copmpany_id = isset($params['company_id']) ? intval($params['company_id']) : Registry::get('runtime.company_id'); $condition .= fn_get_company_condition("?:suppliers.company_id", true, $copmpany_id); } $suppliers = db_get_hash_array("SELECT ?:suppliers.supplier_id as value, ?:suppliers.name FROM ?:suppliers WHERE 1 ?p AND ?:suppliers.name LIKE ?l ORDER BY ?:suppliers.name LIMIT ?i, ?i", 'value', $condition, $pattern . '%', $start, $limit); if (!$start) { array_unshift($suppliers, array('value' => 0, 'name' => '-' . __('none') . '-')); } if (defined('AJAX_REQUEST') && sizeof($suppliers) < $limit) { Tygh::$app['ajax']->assign('completed', true); } else { array_pop($suppliers); } Tygh::$app['view']->assign('objects', $suppliers); Tygh::$app['view']->assign('id', $params['result_ids']); Tygh::$app['view']->display('common/ajax_select_object.tpl'); exit; }
/** * Checks permission to work with the attachment * * @param array $request Array of query parameters * @return bool Permission to work with attachment */ function fn_attachments_check_permission($request) { /** * Changes input parameters for attachment permission check * * @param array $request Array of query parameters */ fn_set_hook('attachments_check_permission_pre', $request); $permission = false; if (!empty($request['object_type']) && !empty($request['object_id'])) { $table = "products"; $field = "product_id"; $condition = "AND {$field} = {$request['object_id']} " . fn_get_company_condition("?:{$table}.company_id"); /** * Checks permission to work with the attachment * * @param array $request Array of query parameters * @param string $table Table to perform check * @param string $field SQL field to be selected in an SQL-query * @param string $condition String containing SQL-query condition prepended with a logical operator (AND or OR) */ fn_set_hook('attachments_check_permission', $request, $table, $field, $condition); $object_id = db_get_field("SELECT ?f FROM ?:?f WHERE 1 ?p", $field, $table, $condition); if (!empty($object_id)) { $permission = true; } } /** * Changes result of attachment permission check * * @param array $request Array of query parameters */ fn_set_hook('attachments_check_permission_post', $request, $permission); return $permission; }
} } } } if (!empty($updated_products)) { fn_set_notification('N', __('notice'), __('options_have_been_applied_to_products')); } } $suffix = ".apply"; } if ($mode == 'update') { fn_trusted_vars('option_data', 'regexp'); if (fn_allowed_for('MULTIVENDOR')) { $option_data = array(); if (!empty($_REQUEST['option_id'])) { $condition = fn_get_company_condition('?:product_options.company_id'); $option_data = db_get_row("SELECT * FROM ?:product_options WHERE option_id = ?i {$condition}", $_REQUEST['option_id']); if (empty($option_data)) { fn_set_notification('W', __('warning'), __('access_denied')); return array(CONTROLLER_STATUS_REDIRECT, 'product_options.manage'); } } $_REQUEST['option_data'] = array_merge($option_data, $_REQUEST['option_data']); fn_set_company_id($_REQUEST['option_data']); } $option_id = fn_update_product_option($_REQUEST['option_data'], $_REQUEST['option_id'], DESCR_SL); if (!empty($_REQUEST['object']) && $_REQUEST['object'] == 'product') { // FIXME (when assigning page and current url will be removed from ajax) return array(CONTROLLER_STATUS_OK, $_SERVER['HTTP_REFERER'] . '&selected_section=options'); } $suffix = ".manage";
* and use this program. * * * **************************************************************************** * PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE * * "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. * ****************************************************************************/ // // $Id: attachments.php 10229 2010-07-27 14:21:39Z 2tl $ // if (!defined('AREA')) { die('Access denied'); } if (defined('COMPANY_ID')) { $permission = false; if (!empty($_REQUEST['object_type']) && $_REQUEST['object_type'] == 'product' && !empty($_REQUEST['object_id'])) { $product_id = db_get_field("SELECT product_id FROM ?:products WHERE product_id = ?i " . fn_get_company_condition(), $_REQUEST['object_id']); if (!empty($product_id)) { $permission = true; } } if (!$permission) { fn_set_notification('W', fn_get_lang_var('warning'), fn_get_lang_var('access_denied')); if (defined('AJAX_REQUEST')) { exit; } else { return array(CONTROLLER_STATUS_DENIED); } } } if ($_SERVER['REQUEST_METHOD'] == 'POST') { //
/** * Get sitemap links * * @param int $section_id Section identifier * @return array $links */ function fn_get_sitemap_links($section_id) { $links_fields = array('link_id', 'link_href', 'section_id', 'status', 'position', 'link_type', 'description', 'object as link'); $links_tables = array('?:sitemap_links'); $links_left_join = array(db_quote("?:common_descriptions ON ?:common_descriptions.object_id = ?:sitemap_links.link_id AND ?:common_descriptions.object_holder = 'sitemap_links' AND ?:common_descriptions.lang_code = ?s", DESCR_SL)); $links_condition = array(db_quote('section_id = ?i', $section_id)); $company_condition = fn_get_company_condition('?:sitemap_links.company_id', false); if (!empty($company_condition)) { $links_condition[] = $company_condition; } fn_set_hook('sitemap_get_links', $links_fields, $links_tables, $links_left_join, $links_condition); $links = db_get_array('SELECT ' . implode(', ', $links_fields) . ' FROM ' . implode(', ', $links_tables) . ' LEFT JOIN ' . implode(', ', $links_left_join) . ' WHERE ' . implode(' AND ', $links_condition) . ' ORDER BY position, link'); return $links; }
function fn_hybrid_auth_get_user_data($auth_data) { $condition = db_quote('?:hybrid_auth_users.identifier = ?s', $auth_data->identifier); if (fn_allowed_for('ULTIMATE')) { if (Registry::get('settings.Stores.share_users') == 'N' && AREA != 'A') { $condition .= fn_get_company_condition('?:users.company_id'); } } $join = 'JOIN ?:hybrid_auth_users ON ?:hybrid_auth_users.user_id = ?:users.user_id'; return db_get_row("SELECT ?:users.user_id, password FROM ?:users ?p WHERE ?p", $join, $condition); }
function fn_yml_get_price_lists($price_ids = array()) { $condition = ''; if (!empty($price_ids)) { $condition .= db_quote(" AND param_id IN (?a)", $price_ids); } $condition .= fn_get_company_condition('?:yml_param.company_id'); $price_lists = db_get_hash_array("SELECT param_id, param_key, param_data, status, company_id FROM ?:yml_param WHERE param_type = 'price_list' {$condition}", 'param_id'); foreach ($price_lists as $price_id => $price_data) { $price_lists[$price_id]['param_data'] = unserialize($price_data['param_data']); } return $price_lists; }
function fn_export_build_conditions($pattern, $options) { $conditions = array(); if (!empty($pattern['condition'])) { $_cond = array(); if (!empty($pattern['condition']['conditions'])) { $values = fn_exim_get_values($pattern['condition']['conditions'], $pattern, $options); foreach ($pattern['condition']['conditions'] as $field => $value) { $_val = $values[$field]; if (strpos($field, '&') !== false) { $_field = substr($field, 1); } else { $_field = $pattern['table'] . '.' . $field; } if (is_array($_val)) { $_val = implode(",", $_val); $_cond[] = "{$_field} IN ({$_val})"; } else { $_cond[] = "{$_field} = {$_val}"; } } } if (!empty($pattern['condition']['use_company_condition'])) { $company_condition = fn_get_company_condition($pattern['table'] . '.company_id', false); if (!empty($company_condition)) { $_cond[] = $company_condition; } } if (!empty($_cond)) { $conditions[] = implode(' AND ', $_cond); } } return $conditions; }
if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($mode == 'login') { $redirect_url = ''; if (!empty($_REQUEST['token'])) { $auth =& $auth; $_request = array(); $_request['apiKey'] = Registry::get('addons.janrain.apikey'); $_request['token'] = $_REQUEST['token']; $_result = Http::post('https://rpxnow.com/api/v2/auth_info', $_request); $data = json_decode($_result, true); if (isset($data['stat']) && $data['stat'] == 'ok') { $user_data = array(); $condition = db_quote(" AND janrain_identifier = ?s", md5($data['profile']['identifier'])); if (fn_allowed_for('ULTIMATE')) { if (Registry::get('settings.Stores.share_users') == 'N' && AREA != 'A') { $condition .= fn_get_company_condition('?:users.company_id'); } } $user_data = db_get_row("SELECT user_id, password FROM ?:users WHERE 1 {$condition}"); if (empty($user_data['user_id'])) { Registry::get('settings.Checkout.address_position') == 'billing_first' ? $address_zone = 'b' : ($address_zone = 's'); $user_data = array(); $user_data['janrain_identifier'] = md5($data['profile']['identifier']); $user_data['email'] = !empty($data['profile']['verifiedEmail']) ? $data['profile']['verifiedEmail'] : (!empty($data['profile']['email']) ? $data['profile']['email'] : $data['profile']['displayName'] . '@' . $data['profile']['preferredUsername'] . '.com'); $user_data['user_login'] = !empty($data['profile']['verifiedEmail']) ? $data['profile']['verifiedEmail'] : (!empty($data['profile']['email']) ? $data['profile']['email'] : $data['profile']['displayName'] . '@' . $data['profile']['preferredUsername'] . '.com'); $user_data['user_type'] = 'C'; $user_data['is_root'] = 'N'; $user_data['password1'] = $user_data['password2'] = ''; $user_data['title'] = !empty($data['profile']['honorificPrefix']) ? $data['profile']['honorificPrefix'] : 'mr'; $user_data[$address_zone . '_firstname'] = !empty($data['profile']['name']['givenName']) ? $data['profile']['name']['givenName'] : $data['profile']['displayName']; $user_data[$address_zone . '_lastname'] = !empty($data['profile']['name']['familyName']) ? $data['profile']['name']['familyName'] : '';
/** * Gets required products for products * * @param int $product_id Product identifier * @return array Reuired products identifiers */ function fn_get_required_products_ids($product_id) { $join = db_quote(' LEFT JOIN ?:products ON req_prod.required_id = ?:products.product_id'); $condition = db_quote(' req_prod.product_id = ?i AND ?:products.status != ?s', $product_id, 'D'); if (fn_allowed_for('ULTIMATE') && Registry::get('runtime.company_id')) { $join .= db_quote(' LEFT JOIN ?:products_categories ON req_prod.required_id = ?:products_categories.product_id'); $join .= db_quote(' LEFT JOIN ?:categories ON ?:products_categories.category_id = ?:categories.category_id'); $condition .= fn_get_company_condition('?:categories.company_id'); } $ids = db_get_fields("SELECT req_prod.required_id FROM ?:product_required_products as req_prod {$join} WHERE {$condition} GROUP BY req_prod.required_id"); return $ids; }
} } exit; } return array(CONTROLLER_STATUS_OK, 'suppliers' . $suffix); } if ($mode == 'manage') { list($suppliers, $search) = fn_get_suppliers($_REQUEST, Registry::get('settings.Appearance.admin_elements_per_page')); $view = Tygh::$app['view']; $view->assign('search', $search); $view->assign('suppliers', $suppliers); $view->assign('countries', fn_get_simple_countries(true, CART_LANGUAGE)); $view->assign('states', fn_get_all_states()); } elseif ($mode == 'update' || $mode == 'add') { Registry::set('navigation.tabs', array('general' => array('title' => __('general'), 'js' => true), 'products' => array('title' => __('products'), 'js' => true), 'shippings' => array('title' => __('shippings'), 'js' => true))); $supplier = !empty($_REQUEST['supplier_id']) ? fn_get_supplier_data($_REQUEST['supplier_id']) : array(); $condition = " AND ?:shippings.status = 'A'"; if (Registry::get('runtime.company_id') && !fn_allowed_for('ULTIMATE')) { $condition = fn_get_company_condition('?:shippings.company_id'); $company_data = Registry::get('runtime.company_data'); if (!empty($company_data['shippings'])) { $condition .= db_quote(" OR ?:shippings.shipping_id IN (?n)", explode(',', $company_data['shippings'])); } } $shippings = db_get_hash_array("SELECT ?:shippings.shipping_id, ?:shipping_descriptions.shipping FROM ?:shippings LEFT JOIN ?:shipping_descriptions ON ?:shippings.shipping_id = ?:shipping_descriptions.shipping_id AND ?:shipping_descriptions.lang_code = ?s LEFT JOIN ?:companies ON ?:companies.company_id = ?:shippings.company_id WHERE 1 {$condition} ORDER BY ?:shippings.position", 'shipping_id', CART_LANGUAGE); $view = Tygh::$app['view']; $view->assign('shippings', $shippings); $view->assign('countries', fn_get_simple_countries(true, CART_LANGUAGE)); $view->assign('states', fn_get_all_states()); $view->assign('supplier', $supplier); }
function fn_dashboard_get_graphs_data($time_from, $time_to, $is_day) { $company_condition = fn_get_company_condition('?:orders.company_id'); $graphs = array(); $graph_tabs = array(); $time_to = mktime(23, 59, 59, date("n", $time_to), date("j", $time_to), date("Y", $time_to)); if (fn_check_view_permissions("sales_reports.view", "GET")) { $graphs['dashboard_statistics_sales_chart'] = array(); $paid_statuses = array('P', 'C'); for ($i = $time_from; $i <= $time_to; $i = $i + ($is_day ? 60 * 60 : SECONDS_IN_DAY)) { $date = !$is_day ? date("Y, (n-1), j", $i) : date("H", $i); if (empty($graphs['dashboard_statistics_sales_chart'][$date])) { $graphs['dashboard_statistics_sales_chart'][$date] = array('cur' => 0, 'prev' => 0); } } $sales = db_get_array("SELECT " . "?:orders.timestamp, " . "?:orders.total " . "FROM ?:orders " . "WHERE ?:orders.timestamp BETWEEN ?i AND ?i " . "AND ?:orders.status IN (?a) " . "?p ", $time_from, $time_to, $paid_statuses, $company_condition); foreach ($sales as $sale) { $date = !$is_day ? date("Y, (n-1), j", $sale['timestamp']) : date("H", $sale['timestamp']); $graphs['dashboard_statistics_sales_chart'][$date]['cur'] += $sale['total']; } $sales_prev = db_get_array("SELECT " . "?:orders.timestamp, " . "?:orders.total " . "FROM ?:orders " . "WHERE ?:orders.timestamp BETWEEN ?i AND ?i " . "AND ?:orders.status IN (?a) " . "?p ", $time_from - ($time_to - $time_from), $time_from, $paid_statuses, $company_condition); foreach ($sales_prev as $sale) { $date = $sale['timestamp'] + ($time_to - $time_from); $date = !$is_day ? date("Y, (n-1), j", $date) : date("H", $date); $graphs['dashboard_statistics_sales_chart'][$date]['prev'] += $sale['total']; } $graph_tabs['sales_chart'] = array('title' => __('sales'), 'js' => true); } fn_set_hook('dashboard_get_graphs_data', $time_from, $time_to, $graphs, $graph_tabs, $is_day); Registry::set('navigation.tabs', $graph_tabs); return $graphs; }
function fn_export($pattern, $export_fields, $options) { if (!empty($pattern['pre_processing'])) { $func = $pattern['pre_processing']; $function = array_shift($func); $args = $func; foreach ($args as $k => $v) { if (strpos($v, '@') !== false) { $_opt = str_replace('@', '', $v); $args[$k] = isset($options[$_opt]) ? $options[$_opt] : ''; } } call_user_func_array($function, $args); } if (isset($options['fields_names'])) { if ($options['fields_names']) { $fields_names = $export_fields; $export_fields = array_keys($export_fields); } } $primary_key = $pattern['key']; array_walk($primary_key, 'fn_attach_value_helper', $pattern['table'] . '.'); $table_fields = $primary_key; $joins = array(); $processes = array(); $conditions = array(); // Build list of fields that should be retrieved from the database foreach ($pattern['export_fields'] as $field => $data) { if (!in_array($field, $export_fields)) { continue; } // Do no link this field if (isset($data['linked']) && $data['linked'] == false) { // do something? } elseif (empty($data['table']) || $data['table'] == $pattern['table']) { $table_fields[] = $pattern['table'] . '.' . (!empty($data['db_field']) ? $data['db_field'] . ' as "' . $field . '"' : $field); // Linked object tables } else { $table_fields[] = $data['table'] . '.' . (!empty($data['db_field']) ? $data['db_field'] . ' as "' . $field . '"' : $field); } if (!empty($data['process_get'])) { $processes[$field]['function'] = array_shift($data['process_get']); $processes[$field]['args'] = $data['process_get']; } } // Build the list of joins if (!empty($pattern['references'])) { foreach ($pattern['references'] as $table => $data) { $ref = array(); foreach ($data['reference_fields'] as $k => $v) { if (strval($v) == 'key' || strval($v) == '#key') { $_val = sizeof($primary_key) == 1 ? reset($primary_key) : ''; } elseif ($v[0] == '&') { $_val = $pattern['table'] . '.' . substr($v, 1); } elseif (strpos($v, '@') !== false) { $_opt = str_replace('@', '', $v); $_val = "'" . $options[$_opt] . "'"; } else { $_val = "'{$v}'"; } $ref[] = "{$table}.{$k} = {$_val}"; // fixme } $joins[] = $data['join_type'] . ' JOIN ?:' . $table . " as {$table} ON " . implode(' AND ', $ref); } } // Add retrieve conditions if (!empty($pattern['condition'])) { $_cond = array(); foreach ($pattern['condition'] as $field => $value) { if (is_array($value)) { $_val = implode("','", $value); } elseif (strpos($value, '@') !== false) { $_opt = str_replace('@', '', $value); $_val = $options[$_opt]; } else { $_val = $value; } $_cond[] = $pattern['table'] . ".{$field} IN ('{$_val}')"; } $conditions[] = implode(' AND ', $_cond); } // Limit scope to the current vendor's products only (if in vendor mode) $company_condition = fn_get_company_condition('products.company_id', false); if (!empty($company_condition)) { $conditions[] = $company_condition; } // Build main query $query = "SELECT " . implode(', ', $table_fields) . " FROM ?:" . $pattern['table'] . " as " . $pattern['table'] . ' ' . implode(' ', $joins) . (!empty($conditions) ? ' WHERE ' . implode(' AND ', $conditions) : ''); $step = 30; // define number of rows to get from database $iterator = 0; // start retrieving from $data_exported = false; fn_start_scroller(); fn_echo(fn_get_lang_var('exporting_data') . '<br />'); while ($data = db_get_array($query . " LIMIT {$iterator}, {$step}")) { $data_exported = true; $iterator += $step; $result = array(); foreach ($data as $k => $v) { $result[$k] = fn_array_key_intersect($v, $pattern['export_fields']); foreach ($processes as $field => $process_data) { $args = array(); foreach ($process_data['args'] as $ak => $av) { if ($av == '#this') { $args[$ak] = $v[$field]; } elseif ($av == '#key') { $args[$ak] = sizeof($pattern['key']) == 1 ? $v[reset($pattern['key'])] : ''; } elseif (strpos($av, '@') !== false) { $_opt = str_replace('@', '', $av); $args[$ak] = $options[$_opt]; } elseif ($av == '#field') { $args[$ak] = $field; } else { $args[$ak] = $av; } } $result[$k][$field] = call_user_func_array($process_data['function'], $args); } } // Sort result array $_result = array(); foreach ($result as $k => $v) { foreach ($export_fields as $field) { if (isset($fields_names[$field])) { $_result[$k][$fields_names[$field]] = $v[$field]; } else { $_result[$k][$field] = $v[$field]; } } } unset($result); // Put data $enclosure = isset($pattern['enclosure']) ? $pattern['enclosure'] : '"'; fn_echo(' .'); fn_put_csv($_result, $options, $enclosure); unset($_result); } fn_stop_scroller(); if (!empty($pattern['post_processing'])) { $func = $pattern['post_processing']; if (file_exists(DIR_EXIM . $options['filename'])) { $function = array_shift($func); $args = $func; foreach ($args as $k => $v) { if (strpos($v, '@') !== false) { $_opt = str_replace('@', '', $v); $args[$k] = $options[$_opt]; } } $data_exported = call_user_func_array($function, $args); } } echo '<br/>'; echo '<a href="/var/exim/' . $options['filename'] . '">' . $options['filename'] . '</a>'; return $data_exported; }
/** * Updates product option * * @param array $option_data option data array * @param int $option_id option ID (empty if we're adding the option) * @param string $lang_code language code to add/update option for * @return int ID of the added/updated option */ function fn_update_product_option($option_data, $option_id = 0, $lang_code = DESCR_SL) { /** * Changes parameters before update option data * * @param array $option_data Option data * @param int $option_id Option identifier * @param string $lang_code Two-letter language code (e.g. 'en', 'ru', etc.) */ fn_set_hook('update_product_option_pre', $option_data, $option_id, $lang_code); // Add option if (empty($option_id)) { if (empty($option_data['product_id'])) { $option_data['product_id'] = 0; } $option_data['option_id'] = $option_id = db_query('INSERT INTO ?:product_options ?e', $option_data); foreach (fn_get_translation_languages() as $option_data['lang_code'] => $_v) { db_query("INSERT INTO ?:product_options_descriptions ?e", $option_data); } $create = true; // Update option } else { // if option inventory changed from Y to N, we should clear option combinations if (!empty($option_data['product_id']) && !empty($option_data['inventory']) && $option_data['inventory'] == 'N') { $condition = fn_get_company_condition('?:product_options.company_id'); $old_option_inventory = db_get_field("SELECT inventory FROM ?:product_options WHERE option_id = ?i {$condition}", $option_id); if ($old_option_inventory == 'Y') { $inventory_filled = db_get_field('SELECT COUNT(*) FROM ?:product_options_inventory WHERE product_id = ?i', $option_data['product_id']); if ($inventory_filled) { fn_delete_product_option_combinations($option_data['product_id']); } } } if (fn_allowed_for('ULTIMATE') && !empty($option_data['product_id']) && fn_ult_is_shared_product($option_data['product_id']) == 'Y') { $product_company_id = db_get_field('SELECT company_id FROM ?:products WHERE product_id = ?i', $option_data['product_id']); $option_id = fn_ult_update_shared_product_option($option_data, $option_id, Registry::ifGet('runtime.company_id', $product_company_id), $lang_code); if (Registry::get('runtime.company_id') && Registry::get('runtime.company_id') != $product_company_id) { $deleted_variants = array(); fn_set_hook('update_product_option_post', $option_data, $option_id, $deleted_variants, $lang_code); return $option_id; } } db_query("UPDATE ?:product_options SET ?u WHERE option_id = ?i", $option_data, $option_id); db_query("UPDATE ?:product_options_descriptions SET ?u WHERE option_id = ?i AND lang_code = ?s", $option_data, $option_id, $lang_code); } if (fn_allowed_for('ULTIMATE')) { // options of shared product under the shared store hasn't a company_id. No necessary for updating. if (!empty($option_data['company_id'])) { fn_ult_update_share_object($option_id, 'product_options', $option_data['company_id']); } if (!empty($option_data['product_id'])) { fn_ult_share_product_option($option_id, $option_data['product_id']); } } if (!empty($option_data['variants'])) { $var_ids = array(); // Generate special variants structure for checkbox (2 variants, 1 hidden) if ($option_data['option_type'] == 'C') { $option_data['variants'] = array_slice($option_data['variants'], 0, 1); // only 1 variant should be here reset($option_data['variants']); $_k = key($option_data['variants']); $option_data['variants'][$_k]['position'] = 1; // checked variant $v_id = db_get_field("SELECT variant_id FROM ?:product_option_variants WHERE option_id = ?i AND position = 0", $option_id); $option_data['variants'][] = array('position' => 0, 'variant_id' => $v_id); } $variant_images = array(); foreach ($option_data['variants'] as $k => $v) { if ((!isset($v['variant_name']) || $v['variant_name'] == '') && $option_data['option_type'] != 'C') { continue; } // Update product options variants if (isset($v['modifier'])) { $v['modifier'] = floatval($v['modifier']); if (floatval($v['modifier']) > 0) { $v['modifier'] = '+' . $v['modifier']; } } if (isset($v['weight_modifier'])) { $v['weight_modifier'] = floatval($v['weight_modifier']); if (floatval($v['weight_modifier']) > 0) { $v['weight_modifier'] = '+' . $v['weight_modifier']; } } // if (isset($v['set_by_user'])) { // // } $v['option_id'] = $option_id; if (empty($v['variant_id']) || !empty($v['variant_id']) && !db_get_field("SELECT variant_id FROM ?:product_option_variants WHERE variant_id = ?i", $v['variant_id'])) { $v['variant_id'] = db_query("INSERT INTO ?:product_option_variants ?e", $v); foreach (fn_get_translation_languages() as $v['lang_code'] => $_v) { db_query("INSERT INTO ?:product_option_variants_descriptions ?e", $v); } } else { db_query("DELETE FROM ?:product_option_variants_disabled WHERE product_id=?i AND option_id =?i AND variant_id=?i", $option_data['extraProductId'], $option_id, $v['variant_id']); if ($v['status'] == 'Y') { $vd = array('product_id' => $option_data['extraProductId'], 'option_id' => $option_id, 'variant_id' => $v['variant_id']); db_query("INSERT INTO ?:product_option_variants_disabled ?e", $vd); unset($v['status']); } db_query("UPDATE ?:product_option_variants SET ?u WHERE variant_id = ?i", $v, $v['variant_id']); db_query("UPDATE ?:product_option_variants_descriptions SET ?u WHERE variant_id = ?i AND lang_code = ?s", $v, $v['variant_id'], $lang_code); } $var_ids[] = $v['variant_id']; if ($option_data['option_type'] == 'C') { fn_delete_image_pairs($v['variant_id'], 'variant_image'); // force deletion of variant image for "checkbox" option } else { $variant_images[$k] = $v['variant_id']; } } if ($option_data['option_type'] != 'C' && !empty($variant_images)) { fn_attach_image_pairs('variant_image', 'variant_image', 0, $lang_code, $variant_images); } // Delete obsolete variants $condition = !empty($var_ids) ? db_quote('AND variant_id NOT IN (?n)', $var_ids) : ''; $deleted_variants = db_get_fields("SELECT variant_id FROM ?:product_option_variants WHERE option_id = ?i {$condition}", $option_id, $var_ids); if (!empty($deleted_variants)) { db_query("DELETE FROM ?:product_option_variants WHERE variant_id IN (?n)", $deleted_variants); db_query("DELETE FROM ?:product_option_variants_descriptions WHERE variant_id IN (?n)", $deleted_variants); foreach ($deleted_variants as $v_id) { fn_delete_image_pairs($v_id, 'variant_image'); } } } if (!fn_allowed_for('ULTIMATE:FREE')) { // Rebuild exceptions if (!empty($create) && !empty($option_data['product_id'])) { fn_update_exceptions($option_data['product_id']); } } /** * Update product option (running after fn_update_product_option() function) * * @param array $option_data Array with option data * @param int $option_id Option identifier * @param array $deleted_variants Array with deleted variants ids * @param string $lang_code Language code to add/update option for */ fn_set_hook('update_product_option_post', $option_data, $option_id, $deleted_variants, $lang_code); return $option_id; }
function fn_delete_company($company_id) { if (empty($company_id)) { return false; } //TODO log_event // Log user deletion /*fn_log_event('companies', 'delete', array ( 'company_id' => $company_id ));*/ $condition = fn_get_company_condition('company_id'); $company_id = db_get_field("SELECT company_id FROM ?:companies WHERE 1 {$condition} AND company_id = ?i", $company_id); if (empty($company_id)) { return false; } db_query("DELETE FROM ?:companies WHERE company_id = ?i", $company_id); // deleting products $product_ids = db_get_fields("SELECT product_id FROM ?:products WHERE company_id = ?i", $company_id); foreach ($product_ids as $product_id) { fn_delete_product($product_id); } // deleting shipping $shipping_ids = db_get_fields("SELECT shipping_id FROM ?:shippings WHERE company_id = ?i", $company_id); foreach ($shipping_ids as $shipping_id) { fn_delete_shipping($shipping_id); } if (PRODUCT_TYPE == 'MULTIVENDOR') { db_query("DELETE FROM ?:company_descriptions WHERE company_id = ?i", $company_id); // deleting product_options $option_ids = db_get_fields("SELECT option_id FROM ?:product_options WHERE company_id = ?i", $company_id); foreach ($option_ids as $option_id) { fn_delete_product_option($option_id); } // deleting orders $order_ids = db_get_fields("SELECT order_id FROM ?:orders WHERE company_id = ?i", $company_id); foreach ($order_ids as $order_id) { fn_delete_order($order_id); } // deleting users $user_ids = db_get_fields("SELECT user_id FROM ?:users WHERE company_id = ?i", $company_id); foreach ($user_ids as $user_id) { fn_delete_user($user_id); } // deleting pages $page_ids = db_get_fields("SELECT page_id FROM ?:pages WHERE company_id = ?i", $company_id); foreach ($page_ids as $page_id) { fn_delete_page($page_id); } // deleting promotions $promotion_ids = db_get_fields("SELECT promotion_id FROM ?:promotions WHERE company_id = ?i", $company_id); fn_delete_promotions($promotion_ids); } //db_query("UPDATE ?:orders SET user_id = 0 WHERE company_id = ?i", $company_id); fn_set_hook('delete_company', $company_id); return true; }
/** * @return integer */ function fn_twg_get_default_layout_id() { $condition = ""; if (fn_allowed_for('ULTIMATE')) { $company_id = Registry::get('runtime.company_id'); $condition = fn_get_company_condition('?:bm_layouts.company_id', true, $company_id); } $theme_name = Settings::instance()->getValue('theme_name', ''); $condition .= db_quote(" AND is_default = 1 AND theme_name = ?s", $theme_name); $layout_id = db_get_field("SELECT layout_id FROM ?:bm_layouts WHERE 1 ?p LIMIT 1", $condition); return $layout_id; }
function fn_tools_update_status($params) { if (!preg_match("/^[a-z_]+\$/", $params['table'])) { return false; } $old_status = db_get_field("SELECT status FROM ?:{$params['table']} WHERE ?w", array($params['id_name'] => $params['id'])); $permission = true; if (Registry::get('runtime.company_id')) { $cols = db_get_fields("SHOW COLUMNS FROM ?:{$params['table']}"); if (in_array('company_id', $cols)) { if (fn_allowed_for('ULTIMATE')) { $disable_sharing = false; if (fn_allowed_for('ULTIMATE')) { $sharing_scheme = fn_get_schema('sharing', 'schema'); $disable_sharing = !empty($sharing_scheme[$params['table']]['skip_checking_status']) ? true : false; if ($disable_sharing) { Registry::set('runtime.skip_sharing_selection', true); } } } $condition = fn_get_company_condition('?:' . $params['table'] . '.company_id'); $permission = db_get_field("SELECT company_id FROM ?:{$params['table']} WHERE ?w {$condition}", array($params['id_name'] => $params['id'])); if (fn_allowed_for('ULTIMATE')) { if ($disable_sharing) { Registry::set('runtime.skip_sharing_selection', false); } } } } if (empty($permission)) { fn_set_notification('W', __('warning'), __('access_denied')); if (defined('AJAX_REQUEST')) { Tygh::$app['ajax']->assign('return_status', $old_status); } return false; } $result = db_query("UPDATE ?:{$params['table']} SET status = ?s WHERE ?w", $params['status'], array($params['id_name'] => $params['id'])); fn_set_hook('tools_change_status', $params, $result); if ($result) { fn_set_notification('N', __('notice'), __('status_changed')); } else { fn_set_notification('E', __('error'), __('error_status_not_changed')); Tygh::$app['ajax']->assign('return_status', $old_status); } return true; }