function osc_currency_format($number, $calculate_currency_value = true, $currency_code = DEFAULT_CURRENCY, $value = '') { $currency_query = osc_db_query("select symbol_left, symbol_right, decimal_point, thousands_point, decimal_places, value from currencies where code = '" . $currency_code . "'"); $currency = osc_db_fetch_array($currency_query); if ($calculate_currency_value == true) { if (strlen($currency_code) == 3) { if ($value) { $rate = $value; } else { $rate = $currency['value']; } } else { $rate = 1; } $number2currency = $currency['symbol_left'] . number_format($number * $rate, $currency['decimal_places'], $currency['decimal_point'], $currency['thousands_point']) . $currency['symbol_right']; } else { $number2currency = $currency['symbol_left'] . number_format($number, $currency['decimal_places'], $currency['decimal_point'], $currency['thousands_point']) . $currency['symbol_right']; } return $number2currency; }
<div class="page-header"> <h2>Finished!</h2> </div> <?php $dir_fs_document_root = $_POST['DIR_FS_DOCUMENT_ROOT']; if (substr($dir_fs_document_root, -1) != '\\' && substr($dir_fs_document_root, -1) != '/') { if (strrpos($dir_fs_document_root, '\\') !== false) { $dir_fs_document_root .= '\\'; } else { $dir_fs_document_root .= '/'; } } osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . $dir_fs_document_root . 'includes/work/" where configuration_key = "DIR_FS_CACHE"'); osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . $dir_fs_document_root . 'includes/work/" where configuration_key = "SESSION_WRITE_DIRECTORY"'); if ($handle = opendir($dir_fs_document_root . 'includes/work/')) { while (false !== ($filename = readdir($handle))) { if (substr($filename, strrpos($filename, '.')) == '.cache') { @unlink($dir_fs_document_root . 'includes/work/' . $filename); } } closedir($handle); } $http_url = parse_url($_POST['HTTP_WWW_ADDRESS']); $http_server = $http_url['scheme'] . '://' . $http_url['host']; $http_catalog = $http_url['path']; if (isset($http_url['port']) && !empty($http_url['port'])) { $http_server .= ':' . $http_url['port']; } if (substr($http_catalog, -1) != '/') {
<?php session_start(); include "db.php"; if (isset($_POST['submit']) && $_POST['submit'] == 'Submit' && trim($_POST['site_title']) != '' && trim($_POST['site_admin_mail']) != '' && trim($_POST['admin_password']) != '') { osc_db_connect($_SESSION['mysql_host'], $_SESSION['mysql_uname'], $_SESSION['mysql_password']); osc_db_select_db($_SESSION['mysql_db']); osc_db_query('update settings set string_value = "' . trim($_POST['site_title']) . '",created = "' . time() . '" where code = "SITE_TITLE"'); osc_db_query('update settings set string_value = "' . trim($_POST['site_admin_mail']) . '",created = "' . time() . '" where code = "SITE_ADMIN_MAIL"'); osc_db_query('update settings set string_value = "' . trim($_SESSION['baseurl']) . '",created = "' . time() . '" where code = "BASE_URL"'); //echo 'select admin_name from admins where admin_name = "' . trim($HTTP_POST_VARS['admin_name']) . '"';exit; $check_query = osc_db_query('select admin_name from admins where admin_name = "' . trim($_POST['admin_name']) . '"'); if (osc_db_num_rows($check_query)) { osc_db_query('update admins set password = "******" where admin_name = "' . trim($_POST['admin_name']) . '"'); } else { osc_db_query('insert into admins set admin_name = "' . trim($_POST['admin_name']) . '", password = "******"'); } header('Location: complete.php'); } elseif (isset($_POST['submit']) && $_POST['submit'] == 'Submit') { $site_title = trim($_POST['site_title']); $site_admin_mail = trim($_POST['site_admin_mail']); $admin_name = trim($_POST['admin_name']); $admin_password = trim(md5($_POST['admin_password'])); $error = 'All the fields are required'; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <link href="css/common.css" rel="stylesheet" type="text/css" />
Released under the GNU General Public License */ require '../includes/database_tables.php'; osc_db_connect($HTTP_POST_VARS['DB_SERVER'], $HTTP_POST_VARS['DB_SERVER_USERNAME'], $HTTP_POST_VARS['DB_SERVER_PASSWORD']); osc_db_select_db($HTTP_POST_VARS['DB_DATABASE']); osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . $HTTP_POST_VARS['CFG_STORE_NAME'] . '" where configuration_key = "STORE_NAME"'); osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . $HTTP_POST_VARS['CFG_STORE_OWNER_NAME'] . '" where configuration_key = "STORE_OWNER"'); osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . $HTTP_POST_VARS['CFG_STORE_OWNER_EMAIL_ADDRESS'] . '" where configuration_key = "STORE_OWNER_EMAIL_ADDRESS"'); if (!empty($HTTP_POST_VARS['CFG_STORE_OWNER_NAME']) && !empty($HTTP_POST_VARS['CFG_STORE_OWNER_EMAIL_ADDRESS'])) { osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "\\"' . $HTTP_POST_VARS['CFG_STORE_OWNER_NAME'] . '\\" <' . $HTTP_POST_VARS['CFG_STORE_OWNER_EMAIL_ADDRESS'] . '>" where configuration_key = "EMAIL_FROM"'); } $check_query = osc_db_query('select user_name from ' . TABLE_ADMINISTRATORS . ' where user_name = "' . $HTTP_POST_VARS['CFG_ADMINISTRATOR_USERNAME'] . '"'); if (osc_db_num_rows($check_query)) { osc_db_query('update ' . TABLE_ADMINISTRATORS . ' set user_password = "******" where user_name = "' . $HTTP_POST_VARS['CFG_ADMINISTRATOR_USERNAME'] . '"'); } else { osc_db_query('insert into ' . TABLE_ADMINISTRATORS . ' (user_name, user_password) values ("' . $HTTP_POST_VARS['CFG_ADMINISTRATOR_USERNAME'] . '", "' . osc_encrypt_string(trim($HTTP_POST_VARS['CFG_ADMINISTRATOR_PASSWORD'])) . '")'); } ?> <div class="mainBlock"> <div class="stepsBox"> <ol> <li>Database Server</li> <li>Web Server</li> <li>Online Store Settings</li> <li style="font-weight: bold;">Finished!</li> </ol> </div> <h1>New Installation</h1>
$language_selected = 'english'; } require '../includes/database_tables.php'; osc_db_connect(trim($_POST['DB_SERVER']), trim($_POST['DB_SERVER_USERNAME']), trim($_POST['DB_SERVER_PASSWORD'])); osc_db_select_db(trim($_POST['DB_DATABASE'])); osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . trim($_POST['CFG_STORE_NAME']) . '" where configuration_key = "STORE_NAME"'); osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . trim($_POST['CFG_STORE_OWNER_FIRSTNAME']) . ' ' . trim($_POST['CFG_STORE_OWNER_LASTNAME']) . '" where configuration_key = "STORE_OWNER"'); osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "' . trim($_POST['CFG_STORE_OWNER_EMAIL_ADDRESS']) . '" where configuration_key = "STORE_OWNER_EMAIL_ADDRESS"'); if (!empty($_POST['CFG_STORE_OWNER_NAME']) && !empty($_POST['CFG_STORE_OWNER_EMAIL_ADDRESS'])) { osc_db_query('update ' . TABLE_CONFIGURATION . ' set configuration_value = "\\"' . trim($_POST['CFG_STORE_OWNER_NAME']) . '\\" <' . trim($_POST['CFG_STORE_OWNER_EMAIL_ADDRESS']) . '>" where configuration_key = "EMAIL_FROM"'); } $check_query = osc_db_query('select admin_username from ' . TABLE_ADMINISTRATORS . ' where admin_username = "******"'); if (osc_db_num_rows($check_query)) { osc_db_query('update ' . TABLE_ADMINISTRATORS . ' set admin_password = "******" where admin_username = "******"'); } else { osc_db_query('insert into ' . TABLE_ADMINISTRATORS . ' (admin_groups_id, admin_username, admin_firstname, admin_lastname, admin_email_address, admin_password, admin_created) values (1, "' . trim($_POST['CFG_ADMINISTRATOR_USERNAME']) . '", "' . trim($_POST['CFG_STORE_OWNER_FIRSTNAME']) . '", "' . trim($_POST['CFG_STORE_OWNER_LASTNAME']) . '", "' . trim($_POST['CFG_STORE_OWNER_EMAIL_ADDRESS']) . '", "' . osc_encrypt_string(trim($_POST['CFG_ADMINISTRATOR_PASSWORD'])) . '", now())'); } // BOF: PGM Renaming the Admin Folder $admin_folder = trim($_POST['CFG_ADMIN_FOLDER']); if ($admin_folder != 'admin' && $admin_folder != '') { rename('../admin', '../' . $admin_folder); $admin_folder_renamed = 'true'; } // Added in case admin name not changed or insufficient permissions if ($admin_folder == '') { $admin_folder = 'admin'; } // EOF: PGM Renaming the Admin Folder ?> <div id="menublock"> <ul id="menutabs">
array_push($_pass, $password[$i]); } } } foreach ($_pass as $_hashpass) { $majorsalt .= md5($_hashpass); } $final_pass = crypt(md5($majorsalt)); osc_db_query('UPDATE settings set string_value = "' . trim($_POST['site_title']) . '",created = "' . time() . '" WHERE code = "SITE_TITLE"'); osc_db_query('UPDATE settings set string_value = "' . trim($_POST['fb_api_id']) . '",created = "' . time() . '" WHERE code = "SITE_FB_API_ID"'); osc_db_query('UPDATE settings set string_value = "' . trim($_POST['fb_api_secret']) . '",created = "' . time() . '" WHERE code = "SITE_FB_API_SECRET"'); osc_db_query('UPDATE settings set string_value = "' . trim($_POST['gmap_api_key']) . '",created = "' . time() . '" WHERE code = "SITE_GMAP_API_KEY"'); osc_db_query('UPDATE settings set string_value = "' . trim($_POST['site_admin_mail']) . '",created = "' . time() . '" WHERE code = "SITE_ADMIN_MAIL"'); srand((double) microtime() * 1000000); $coupon_code = rand(10000, 99999); osc_db_query('INSERT into users set role_id = "2", ref_id = "' . md5(trim($_POST['admin_name'])) . '", coupon_code = "' . $coupon_code . '", username = "******", password = "******", email = "' . $_POST['site_admin_mail'] . '", last_ip = "' . $_SERVER['REMOTE_ADDR'] . '", created = "' . date('Y-m-d H:i:s') . '"'); header('Location: complete.php'); } elseif (isset($_POST['submit']) && $_POST['submit'] == 'Submit') { $site_title = trim($_POST['site_title']); $fb_api_id = trim($_POST['fb_api_id']); $fb_api_secret = trim($_POST['fb_api_secret']); $gmap_api_key = trim($_POST['gmap_api_key']); $site_admin_mail = trim($_POST['site_admin_mail']); $admin_name = trim($_POST['admin_name']); $admin_password = trim($_POST['admin_password']); $error = 'All the fields are required'; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head>
osc_db_query("delete from configuration where configuration_key = 'SESSION_WRITE_DIRECTORY'"); ?> <script language="javascript"><!-- changeStyle('configuration', 'normal'); changeText('configurationMarker', '*'); changeText('statusText', 'Updating Configuration ..done!'); changeStyle('whosOnline', 'bold'); changeText('whosOnlineMarker', '?'); changeText('statusText', 'Updating Who\'s Online'); //--></script> <?php flush(); osc_db_query("ALTER TABLE whos_online CHANGE last_page_url last_page_url VARCHAR(255) NOT NULL"); ?> <script language="javascript"><!-- changeStyle('whosOnline', 'normal'); changeText('whosOnlineMarker', '*'); changeText('statusText', 'Updating Who\'s online.. done!'); //--></script> <script language="javascript"><!-- changeStyle('statusText', 'bold'); changeText('statusText', 'Update Complete!'); //--></script> <?php flush(); ?>
include "db.php"; if ($config['hostname'] != '' && $config['db_username'] != '' && $config['db'] != '') { $link = @osc_db_connect(trim($config['hostname']), trim($config['db_username']), trim($config['db_password'])); if (!$link) { $error = 'Could not connect to the host specified. Error: ' . mysql_error(); } else { //Connected successfully $db_selected = @osc_db_select_db(trim($config['db'])); if (!$db_selected) { $error = $error . '<BR>Can\'t use the database specified. Error: ' . mysql_error(); } //mysql_close($link); } //echo $error;exit; $sql = " SHOW TABLES FROM " . trim($config['db']); $result = osc_db_query($sql); if (!$result) { echo "DB Error, could not list tables\n"; echo 'MySQL Error: ' . mysql_error(); exit; } $numtable = osc_db_num_rows($result); mysql_free_result($result); if ($numtable > 0) { header("Location: ../"); } } $compat_register_globals = true; if (function_exists('ini_get') && PHP_VERSION < 4.3 && (int) ini_get('register_globals') == 0) { $compat_register_globals = false; }
function osc_db_install($database, $sql_file) { global $db_error; $db_error = false; if (!@osc_db_select_db($database)) { if (@osc_db_query('create database ' . $database)) { osc_db_select_db($database); } else { $db_error = mysql_error(); } } if (!$db_error) { if (file_exists($sql_file)) { $fd = fopen($sql_file, 'rb'); $restore_query = fread($fd, filesize($sql_file)); fclose($fd); } else { $db_error = 'SQL file does not exist: ' . $sql_file; return false; } $sql_array = array(); $sql_length = strlen($restore_query); $pos = strpos($restore_query, ';'); for ($i = $pos; $i < $sql_length; $i++) { if ($restore_query[0] == '#') { $restore_query = ltrim(substr($restore_query, strpos($restore_query, "\n"))); $sql_length = strlen($restore_query); $i = strpos($restore_query, ';') - 1; continue; } if ($restore_query[$i + 1] == "\n") { for ($j = $i + 2; $j < $sql_length; $j++) { if (trim($restore_query[$j]) != '') { $next = substr($restore_query, $j, 6); if ($next[0] == '#') { // find out where the break position is so we can remove this line (#comment line) for ($k = $j; $k < $sql_length; $k++) { if ($restore_query[$k] == "\n") { break; } } $query = substr($restore_query, 0, $i + 1); $restore_query = substr($restore_query, $k); // join the query before the comment appeared, with the rest of the dump $restore_query = $query . $restore_query; $sql_length = strlen($restore_query); $i = strpos($restore_query, ';') - 1; continue 2; } break; } } if ($next == '') { // get the last insert query $next = 'insert'; } if (eregi('create', $next) || eregi('insert', $next) || eregi('drop t', $next)) { $next = ''; $sql_array[] = substr($restore_query, 0, $i); $restore_query = ltrim(substr($restore_query, $i + 1)); $sql_length = strlen($restore_query); $i = strpos($restore_query, ';') - 1; } } } osc_db_query("drop table if exists address_book, address_format, banners, banners_history, categories, categories_description, configuration, configuration_group, counter, counter_history, countries, currencies, customers, customers_basket, customers_basket_attributes, customers_info, languages, manufacturers, manufacturers_info, orders, orders_products, orders_status, orders_status_history, orders_products_attributes, orders_products_download, products, products_attributes, products_attributes_download, prodcts_description, products_options, products_options_values, products_options_values_to_products_options, products_to_categories, reviews, reviews_description, sessions, specials, tax_class, tax_rates, geo_zones, whos_online, zones, zones_to_geo_zones"); for ($i = 0; $i < sizeof($sql_array); $i++) { osc_db_query($sql_array[$i]); } } else { return false; } }
function osc_db_update_configuration_use_null($key) { $sql = "update configuration set use_function = NULL where configuration_key = '" . $key . "'"; osc_db_query($sql); $db_error = mysql_error(); if ($db_error != false) { die($db_error); } osc_db_query("update configuration set last_modified = NOW() where configuration_key = '" . $key . "'"); }
function osc_db_install($database, $sql_file, $link = 'db_link') { global ${$link}, $db_error; $db_error = false; if (!@osc_db_select_db($database)) { if (@osc_db_query('create database ' . $database)) { osc_db_select_db($database); } else { $db_error = mysqli_error(${$link}); } } if (!$db_error) { if (file_exists($sql_file)) { $fd = fopen($sql_file, 'rb'); $restore_query = fread($fd, filesize($sql_file)); fclose($fd); } else { $db_error = 'SQL Datei existiert nicht: ' . $sql_file; return false; } $sql_array = array(); $sql_length = strlen($restore_query); $pos = strpos($restore_query, ';'); for ($i = $pos; $i < $sql_length; $i++) { if ($restore_query[0] == '#') { $restore_query = ltrim(substr($restore_query, strpos($restore_query, "\n"))); $sql_length = strlen($restore_query); $i = strpos($restore_query, ';') - 1; continue; } if ($restore_query[$i + 1] == "\n") { for ($j = $i + 2; $j < $sql_length; $j++) { if (trim($restore_query[$j]) != '') { $next = substr($restore_query, $j, 6); if ($next[0] == '#') { // find out where the break position is so we can remove this line (#comment line) for ($k = $j; $k < $sql_length; $k++) { if ($restore_query[$k] == "\n") { break; } } $query = substr($restore_query, 0, $i + 1); $restore_query = substr($restore_query, $k); // join the query before the comment appeared, with the rest of the dump $restore_query = $query . $restore_query; $sql_length = strlen($restore_query); $i = strpos($restore_query, ';') - 1; continue 2; } break; } } if ($next == '') { // get the last insert query $next = 'insert'; } if (preg_match('/create/i', $next) || preg_match('/insert/i', $next) || preg_match('/drop t/i', $next)) { $next = ''; $sql_array[] = substr($restore_query, 0, $i); $restore_query = ltrim(substr($restore_query, $i + 1)); $sql_length = strlen($restore_query); $i = strpos($restore_query, ';') - 1; } } } for ($i = 0; $i < sizeof($sql_array); $i++) { if (!osc_db_query($sql_array[$i])) { $db_error = mysqli_error(${$link}); return false; } } } else { return false; } }
function osc_db_install($database, $sql_file) { global $db_error; $db_error = false; if (!@osc_db_select_db($database)) { if (@osc_db_query('create database ' . $database)) { osc_db_select_db($database); } else { $db_error = mysql_error(); } } if (!$db_error) { if (file_exists($sql_file)) { $fd = fopen($sql_file, 'rb'); $restore_query = fread($fd, filesize($sql_file)); fclose($fd); } else { $db_error = 'SQL file does not exist: ' . $sql_file; return false; } $sql_array = array(); $sql_length = strlen($restore_query); $pos = strpos($restore_query, ';'); for ($i = $pos; $i < $sql_length; $i++) { if ($restore_query[0] == '#') { $restore_query = ltrim(substr($restore_query, strpos($restore_query, "\n"))); $sql_length = strlen($restore_query); $i = strpos($restore_query, ';') - 1; continue; } if ($restore_query[$i + 1] == "\n") { for ($j = $i + 2; $j < $sql_length; $j++) { if (trim($restore_query[$j]) != '') { $next = substr($restore_query, $j, 6); if ($next[0] == '#') { // find out where the break position is so we can remove this line (#comment line) for ($k = $j; $k < $sql_length; $k++) { if ($restore_query[$k] == "\n") { break; } } $query = substr($restore_query, 0, $i + 1); $restore_query = substr($restore_query, $k); // join the query before the comment appeared, with the rest of the dump $restore_query = $query . $restore_query; $sql_length = strlen($restore_query); $i = strpos($restore_query, ';') - 1; continue 2; } break; } } if ($next == '') { // get the last insert query $next = 'insert'; } if (stristr($next, 'create') || stristr($next, 'insert') || stristr($next, 'drop t')) { $next = ''; $sql_array[] = substr($restore_query, 0, $i); $restore_query = ltrim(substr($restore_query, $i + 1)); $sql_length = strlen($restore_query); $i = strpos($restore_query, ';') - 1; } } } osc_db_query("drop table if exists `admin`, `amnities`, `ci_sessions`, `list`, `login_attempts`, `paywhom`, `permissions`, `price`, `profiles`, `reservation`, `roles`, `users`, `user_autologin`, `user_profile`, `user_temp`"); for ($i = 0; $i < sizeof($sql_array); $i++) { osc_db_query($sql_array[$i]); } } else { return false; } }
function osc_db_install($database, $sql_file) { global $db_error; $db_error = false; if (!@osc_db_select_db($database)) { if (@osc_db_query('create database ' . $database)) { osc_db_select_db($database); } else { $db_error = mysql_error(); } } if (!$db_error) { if (file_exists($sql_file)) { $fd = fopen($sql_file, 'rb'); $restore_query = fread($fd, filesize($sql_file)); fclose($fd); } else { $db_error = 'SQL file does not exist: ' . $sql_file; return false; } $sql_array = array(); $sql_length = strlen($restore_query); $pos = strpos($restore_query, ';'); for ($i = $pos; $i < $sql_length; $i++) { if ($restore_query[0] == '#') { $restore_query = ltrim(substr($restore_query, strpos($restore_query, "\n"))); $sql_length = strlen($restore_query); $i = strpos($restore_query, ';') - 1; continue; } if ($restore_query[$i + 1] == "\n") { for ($j = $i + 2; $j < $sql_length; $j++) { if (trim($restore_query[$j]) != '') { $next = substr($restore_query, $j, 6); if ($next[0] == '#') { // find out where the break position is so we can remove this line (#comment line) for ($k = $j; $k < $sql_length; $k++) { if ($restore_query[$k] == "\n") { break; } } $query = substr($restore_query, 0, $i + 1); $restore_query = substr($restore_query, $k); // join the query before the comment appeared, with the rest of the dump $restore_query = $query . $restore_query; $sql_length = strlen($restore_query); $i = strpos($restore_query, ';') - 1; continue 2; } break; } } if ($next == '') { // get the last insert query $next = 'insert'; } if (eregi('create', $next) || eregi('insert', $next) || eregi('drop t', $next)) { $next = ''; $sql_array[] = substr($restore_query, 0, $i); $restore_query = ltrim(substr($restore_query, $i + 1)); $sql_length = strlen($restore_query); $i = strpos($restore_query, ';') - 1; } } } osc_db_query("drop table if exists `admins`, `bans`, `bids`, `bookmark`, `categories`, `contacts`, `country`, `draftprojects`, `email_templates`, `escrow_release_request`, `faqs`, `faq_categories`, `files`, `groups`, `ipn_return`, `messages`, `page`, `payments`, `popular_search`, `portfolio`, `projects`, `project_invitation`, `rating_hold`, `report_violation`, `reviews`, `roles`, `sessions`, `settings`, `transactions`, `users`, `user_balance`, `user_categories`, `user_contacts`, `user_list`"); for ($i = 0; $i < sizeof($sql_array); $i++) { osc_db_query($sql_array[$i]); } } else { return false; } }