private function findData($str)
{
if (empty($str)) {
return false;
}
//echo $str."\n";
$str = explode(' ', removeSpecialChars($str));
foreach ($str as $k => $v) {
$str[$k] = strtoupper($v);
}
$str_upper = implode(' ', $str);
//print_r($str);
$keywords = explode(' ', removeSpecialChars(stripUnicode($this->keywords)));
foreach ($keywords as $v) {
$v = strtoupper($v);
if (!in_array($v, $str) && !$this->match($v, $str_upper)) {
return false;
}
}
return true;
}
function add()
{
$title = WebApp::post('title') === NULL ? '' : WebApp::post('title');
$p_from = WebApp::post('p_from') === '' ? NULL : getSQLDate(WebApp::post('p_from'));
$p_to = WebApp::post('p_to') === '' ? NULL : getSQLDate(WebApp::post('p_to'));
$article = WebApp::post('article') === NULL ? '' : WebApp::post('article');
$user = $this->parent->parent->user->getUserID();
$group = $this->parent->parent->user->getGroup();
$aid = removeSpecialChars($title);
$article_add = $this->mySQL_w->prepare("INSERT INTO `news_articles` (`title`,`aid`,`user`,`group`,`article`,`date_p`,`publish_f`,`publish_u`) VALUES(?,?,?,?,?,NOW(),?,?)");
if ($article_add == false) {
return new ActionResult($this, '/admin/news/article_add', 0, 'Failed to save article.<br />Error: <code>Query failed</code>', B_T_FAIL);
}
$article_add->bind_param('ssiisss', $title, $aid, $user, $group, $article, $p_from, $p_to);
$article_add->execute();
$article_add->store_result();
if ($article_add->affected_rows == 1) {
$this->parent->parent->logEvent($this::name_space, 'Added article ' . $title);
return new ActionResult($this, '/admin/news/article_view', 1, 'Successfully saved article!', B_T_SUCCESS);
} else {
$this->parent->parent->logEvent($this::name_space, 'Failed to add article ' . $title);
return new ActionResult($this, '/admin/news/article_add', 0, 'Failed to add article.<br />Error: <code>' . $this->mySQL_w->error . '</code>', B_T_FAIL);
}
}
//load Httpful library
require_once './vendor/nategood/httpful/bootstrap.php';
use Httpful\Request;
//function to avoid injection of malicious code
function removeSpecialChars($string)
{
$string = str_replace(' ', '', $string);
//deletes all spaces
return preg_replace('/[^A-Za-z0-9\\-]/', '', $string);
//removes special chars
}
//GET credentials
$cred['couponId'] = (int) $_GET['coupon_id'];
$cred['passkey'] = substr(removeSpecialChars($_GET['passkey']), 0, 32);
//generated passkey is always 32 chars long
$cred['issuerGuid'] = removeSpecialChars($_GET['issuer_guid']);
//issuerGuid can have different length
//start http request
try {
//POST
$response = Request::post('http://dispatcher.onlinelabs4all.org/apis/engine/verifyCoupon')->body(json_encode($cred))->authenticateWith($authUser, $authPass)->addHeader('X-apikey', $X_apikey)->expectsJson()->send();
//check status code
if ($response->code === 401) {
echo '<b>Error!</b> Status Code: 401 (Unauthorized)';
exit;
} else {
if ($response->code === 415) {
echo '<b>Error!</b> Status Code: 415 (JSON not set)';
exit;
} else {
if (!($response->code === 200)) {
private function getSlug($slug, $column, $parent)
{
$count = 1;
$i = 0;
while ($count > 0) {
$new_slug = $slug;
if ($i == 0) {
$appendage = '';
} else {
$appendage = ' ' . $i;
}
$params = array('slug' => strtolower(removeSpecialChars(str_replace('-' . ($i - 1), '', $new_slug) . $appendage, '-', 'and')));
if (!empty($parent) && isset($this->parent_column)) {
$parent_sql = ' AND ' . $this->parent_column . ' = :' . $this->parent_column . ' ';
$params[$this->parent_column] = $parent;
} else {
$parent_sql = '';
}
$sql = ' SELECT ' . $column . ' FROM ' . $this->table . ' WHERE ' . $this->slug_value_column . ' = :slug ' . $parent_sql . ' ';
$statement = $this->dbh->prepare($sql);
$statement->execute($params);
$count = count($statement->fetchAll());
++$i;
}
return $params['slug'];
}
/**
* This functions send a PAYMENT_CHANGE request with the sub operation goodwill
* to the RatePAY API and saves all necessary informations in the DB
* @param string $oID
* @param string $paymentType
*
* @return array
*/
function voucherRequest($oID, $paymentType)
{
$cab = new pi_ratepay_rechnung();
if (isset($_POST)) {
$operation = 'PAYMENT_CHANGE';
if ($paymentType == "pi_ratepay_rechnung") {
$pi_ratepay = new pi_ratepay_rechnung();
$pi_table_prefix = 'pi_ratepay_rechnung';
$pi_payment_type = 'INVOICE';
} else {
$pi_ratepay = new pi_ratepay_rate();
$pi_table_prefix = 'pi_ratepay_rate';
$pi_payment_type = 'INSTALLMENT';
}
$profileId = $pi_ratepay->profileId;
$securityCode = $pi_ratepay->securityCode;
$systemId = $_SERVER['SERVER_ADDR'];
$query = xtc_db_query("select customers_id,customers_country,billing_country,delivery_country from orders where orders_id = '" . xtc_db_input($oID) . "'");
$customerIdArray = xtc_db_fetch_array($query);
$customerId = $customerIdArray['customers_id'];
$subOperation = 'credit';
$query = xtc_db_query("select customers_gender, date_format(customers_dob, '%Y-%m-%d') as customers_dob, customers_email_address, customers_telephone from " . TABLE_CUSTOMERS . " where customers_id ='" . xtc_db_input($customerId) . "'");
$customerXTC = xtc_db_fetch_array($query);
$email = $customerXTC['customers_email_address'];
$query = xtc_db_query("select transaction_id, transaction_short_id from " . $pi_table_prefix . "_orders where order_number = '" . xtc_db_input($oID) . "'");
$transactionArray = xtc_db_fetch_array($query);
$query = xtc_db_query("select * from orders a, orders_total b where a.orders_id = '" . xtc_db_input($oID) . "' and a.orders_id = b.orders_id and class = 'ot_total'");
$order = xtc_db_fetch_array($query);
if (isset($_POST['voucherAmount'])) {
if (preg_match("/^[0-9]{1,4}\$/", $_POST['voucherAmount'])) {
$piRatepayVoucher = $_POST['voucherAmount'];
if (isset($_POST['voucherAmountKomma']) && $_POST['voucherAmountKomma'] != '') {
if (preg_match("/^[0-9]{2}\$/", $_POST['voucherAmountKomma'])) {
$piRatepayVoucher = $piRatepayVoucher . "." . $_POST['voucherAmountKomma'];
} else {
if (preg_match("/^[0-9]{1}\$/", $_POST['voucherAmountKomma'])) {
$piRatepayVoucher = $piRatepayVoucher . "." . $_POST['voucherAmountKomma'] . "0";
} else {
$piRatepayVoucher = $piRatepayVoucher . ".00";
$message = PI_RATEPAY_ERRORVOUCHER;
return array('result' => 'ERROR', 'message' => $message);
}
}
} else {
$piRatepayVoucher = $piRatepayVoucher . ".00";
$message = PI_RATEPAY_ERRORVOUCHER;
return array('result' => 'ERROR', 'message' => $message);
}
if ($piRatepayVoucher > $order['value']) {
$message = PI_RATEPAY_ERRORVOUCHER;
return array('result' => 'ERROR', 'message' => $message);
} else {
$piRatepayVoucher = $piRatepayVoucher * -1;
$ratepay = new Ratepay_XML();
$ratepay->live = $pi_ratepay->testOrLive();
$request = $ratepay->getXMLObject();
$request->addChild('head');
$head = $request->{'head'};
$head->addChild('system-id', $systemId);
$head->addChild('transaction-id', $transactionArray['transaction_id']);
$head->addChild('transaction-short-id', $transactionArray['transaction_short_id']);
$operation = $head->addChild('operation', $operation);
$operation->addAttribute('subtype', $subOperation);
$credential = $head->addChild('credential');
$credential->addChild('profile-id', $profileId);
$credential->addChild('securitycode', $securityCode);
$external = $head->addChild('external');
$external->addChild('order-id', $oID);
$content = $request->addChild('content');
$content->addChild('customer');
if (strtoupper($customerXTC['customers_gender']) == "F") {
$gender = "F";
} else {
if (strtoupper($customerXTC['customers_gender']) == "M") {
$gender = "M";
} else {
$gender = "U";
}
}
$customer = $content->customer;
$customer->addCDataChild('first-name', removeSpecialChars(utf8_encode($order['customers_firstname'])));
$customer->addCDataChild('last-name', removeSpecialChars(utf8_encode($order['customers_lastname'])));
$customer->addChild('gender', $gender);
$customer->addChild('date-of-birth', (string) utf8_encode($customerXTC['customers_dob']));
$customer->addChild('contacts');
$contacts = $customer->contacts;
$contacts->addChild('email', utf8_encode($email));
$contacts->addChild('phone');
$phone = $contacts->phone;
$phone->addChild('direct-dial', utf8_encode($customerXTC['customers_telephone']));
$customer->addChild('addresses');
$addresses = $customer->addresses;
$addresses->addChild('address');
$addresses->addChild('address');
$billingAddress = $addresses->address[0];
$shippingAddress = $addresses->address[1];
$billingAddress->addAttribute('type', 'BILLING');
$shippingAddress->addAttribute('type', 'DELIVERY');
$billingAddress->addCDataChild('street', removeSpecialChars(utf8_encode($order['delivery_street_address'])));
$billingAddress->addChild('zip-code', utf8_encode($order['delivery_postcode']));
$billingAddress->addCDataChild('city', removeSpecialChars(utf8_encode($order['delivery_city'])));
$billingAddress->addChild('country-code', utf8_encode($order['delivery_country_iso_code_2']));
$shippingAddress->addCDataChild('street', removeSpecialChars(utf8_encode($order['delivery_street_address'])));
$shippingAddress->addChild('zip-code', utf8_encode($order['delivery_postcode']));
$shippingAddress->addCDataChild('city', removeSpecialChars(utf8_encode($order['delivery_city'])));
$shippingAddress->addChild('country-code', utf8_encode($order['delivery_country_iso_code_2']));
$customer->addChild('nationality', utf8_encode($order['delivery_country_iso_code_2']));
$customer->addChild('customer-allow-credit-inquiry', 'yes');
$shoppingBasket = $content->addChild('shopping-basket');
$shoppingBasket->addAttribute('currency', 'EUR');
$items = $shoppingBasket->addChild('items');
$sql = "select * from " . $pi_table_prefix . "_orderdetails a left join orders_products b on b.orders_id = a.order_number and a.article_number = b.orders_products_id where a.order_number = '" . xtc_db_input($oID) . "' and article_number != ''";
$query = xtc_db_query($sql);
$i = 0;
$shippingCost = 0;
$couponTax = 0;
while ($mItem = xtc_db_fetch_array($query)) {
$qty = $mItem['ordered'] - $mItem['returned'] - $mItem['canceled'];
if ($mItem['article_name'] != 'pi-Merchant-Voucher' && $mItem['article_number'] != 'SHIPPING' && $mItem['article_number'] != 'DISCOUNT' && $mItem['article_number'] != 'COUPON') {
$items->addCDataChild('item', removeSpecialChars(utf8_encode($mItem['article_name'])));
$items->item[$i]->addAttribute('article-number', $mItem['products_id']);
$items->item[$i]->addAttribute('quantity', $qty);
$items->item[$i]->addAttribute('unit-price', number_format($mItem['products_price'] / (100 + $mItem['products_tax']) * 100, 2, '.', ''));
$items->item[$i]->addAttribute('total-price', number_format($mItem['products_price'] / (100 + $mItem['products_tax']) * 100 * $qty, 2, '.', ''));
$items->item[$i]->addAttribute('tax', number_format($qty * ($mItem['products_price'] / (100 + $mItem['products_tax']) * $mItem['products_tax']), 2, '.', ''));
} else {
if ($mItem['article_name'] == 'pi-Merchant-Voucher') {
$items->addChild('item', PI_RATEPAY_VOUCHER);
$items->item[$i]->addAttribute('article-number', $mItem['article_number']);
$items->item[$i]->addAttribute('quantity', $qty);
$items->item[$i]->addAttribute('unit-price', number_format($mItem['article_netUnitPrice'], 2, '.', ''));
$items->item[$i]->addAttribute('total-price', number_format($qty * $mItem['article_netUnitPrice'], 2, '.', ''));
$items->item[$i]->addAttribute('tax', number_format(0, 2, '.', ''));
} elseif ($mItem['article_number'] == 'SHIPPING') {
$shippingCost = $mItem['article_netUnitPrice'];
$items->addChild('item', utf8_encode($mItem['article_name']));
$items->item[$i]->addAttribute('article-number', $mItem['article_number']);
$items->item[$i]->addAttribute('quantity', $qty);
$items->item[$i]->addAttribute('unit-price', number_format($shippingCost, 2, '.', ''));
$items->item[$i]->addAttribute('total-price', number_format($qty * $shippingCost, 2, '.', ''));
$items->item[$i]->addAttribute('tax', number_format(getShippingTaxAmount($qty * $shippingCost), 2, '.', ''));
} elseif ($mItem['article_number'] == 'DISCOUNT') {
$items->addChild('item', utf8_encode($mItem['article_name']));
$items->item[$i]->addAttribute('article-number', $mItem['article_number']);
$items->item[$i]->addAttribute('quantity', $qty);
$items->item[$i]->addAttribute('unit-price', number_format($mItem['article_netUnitPrice'], 2, '.', ''));
$items->item[$i]->addAttribute('total-price', number_format($qty * $mItem['article_netUnitPrice'], 2, '.', ''));
$items->item[$i]->addAttribute('tax', number_format(0, 2, '.', ''));
} elseif ($mItem['article_number'] == 'COUPON') {
$couponTax = ($mItem['article_netUnitPrice'] / (100 + $cab->getCouponTaxRate()) * 100 - $mItem['article_netUnitPrice']) * -1;
$items->addChild('item', utf8_encode($mItem['article_name']));
$items->item[$i]->addAttribute('article-number', $mItem['article_number']);
$items->item[$i]->addAttribute('quantity', $qty);
$items->item[$i]->addAttribute('unit-price', number_format($cab->getCouponAmount($mItem['article_netUnitPrice'] * -1), 2, '.', ''));
$items->item[$i]->addAttribute('total-price', number_format($qty * $cab->getCouponAmount($mItem['article_netUnitPrice'] * -1), 2, '.', ''));
$items->item[$i]->addAttribute('tax', number_format($cab->getCouponTaxAmount($mItem['article_netUnitPrice'] * -1), 2, '.', ''));
}
}
$i++;
}
$sql = "SELECT count( * ) as nr FROM " . $pi_table_prefix . "_orderdetails WHERE article_name = 'pi-Merchant-Voucher'";
$query = xtc_db_query($sql);
$nr = xtc_db_fetch_array($query);
if (!empty($_POST['voucherAmount']) && !empty($_POST['voucherAmountKomma'])) {
$items->addChild('item', PI_RATEPAY_VOUCHER);
$items->item[$i]->addAttribute('article-number', "pi-Merchant-Voucher-" . $nr['nr']);
$items->item[$i]->addAttribute('quantity', '1');
$items->item[$i]->addAttribute('unit-price', number_format($piRatepayVoucher, 2, ".", ""));
$items->item[$i]->addAttribute('total-price', number_format($piRatepayVoucher, 2, ".", ""));
$items->item[$i]->addAttribute('tax', number_format(0, 2, ".", ""));
}
$content->addChild('payment');
$payment = $content->payment;
$payment->addAttribute('method', $pi_payment_type);
$payment->addAttribute('currency', 'EUR');
$total = $order['value'] + $piRatepayVoucher;
// Add the shopping basket amoutn later because we need the shipping cost
$shoppingBasket->addAttribute('amount', number_format($total, 2, '.', ''));
$payment->addChild('amount', number_format($total, 2, '.', ''));
$payment->addChild('usage', utf8_encode($pi_ratepay->testOrLiveUsage()));
if ($pi_payment_type == "INSTALLMENT") {
$payment->addChild('installment-details');
$payment->addChild('debit-pay-type', 'BANK-TRANSFER');
}
$response = $ratepay->paymentOperation($request);
$first_name = removeSpecialChars(utf8_encode($order['customers_firstname']));
$last_name = removeSpecialChars(utf8_encode($order['customers_lastname']));
if ($response) {
$resultCode = (string) $response->head->processing->result->attributes()->code;
$result = (string) $response->head->processing->result;
$pi_ratepay->piRatepayLog($oID, $transactionArray['transaction_id'], $operation, $subOperation, $request, $response, $first_name, $last_name);
if ((string) $response->head->processing->status->attributes()->code == "OK" && (string) $response->head->processing->result->attributes()->code == "403") {
$sql = "INSERT INTO " . $pi_table_prefix . "_orderdetails\n\t\t\t\t\t\t\t\t\t\t(order_number, article_number,\n\t\t\t\t\t\t\t\t\t\tarticle_name, ordered, article_netUnitPrice) VALUES\n\t\t\t\t\t\t\t\t\t\t('" . $oID . "', 'pi-Merchant-Voucher-" . xtc_db_input($nr['nr']) . "',\n\t\t\t\t\t\t\t\t\t\t'pi-Merchant-Voucher',1," . xtc_db_input($piRatepayVoucher) . ")";
xtc_db_query($sql);
$sql = "INSERT INTO " . $pi_table_prefix . "_history\n\t\t\t\t\t\t\t\t\t\t(order_number, article_number,\n\t\t\t\t\t\t\t\t\t\tquantity, method, submethod) VALUES\n\t\t\t\t\t\t\t\t\t\t('" . xtc_db_input($oID) . "', 'pi-Merchant-Voucher-" . xtc_db_input($nr['nr']) . "',\n\t\t\t\t\t\t\t\t\t\t'1',\n\t\t\t\t\t\t\t\t\t\t'Credit created', 'added')";
xtc_db_query($sql);
$discountSql = "SELECT * FROM `orders_total` WHERE class='pi_ratepay_voucher' and orders_id = '" . xtc_db_input($oID) . "'";
$discountResult = xtc_db_query($discountSql);
$discountCount = xtc_db_num_rows($discountResult);
if ($discountCount > 0) {
$discountArray = xtc_db_fetch_array($discountResult);
$value = $discountArray['value'];
$value = $value + $piRatepayVoucher;
$value = number_format($value, 4, ".", "");
$discountTotalUpdate = "update orders_total set value = " . xtc_db_input($value) . " where class='pi_ratepay_voucher' and orders_id = '" . xtc_db_input($oID) . "'";
xtc_db_query($discountTotalUpdate);
$value = number_format($value, 2, ",", "");
$discountTotalUpdate = "update orders_total set text = '<font color=\"ff0000\">" . xtc_db_input($value) . " EUR</font>' where class='pi_ratepay_voucher' and orders_id = '" . xtc_db_input($oID) . "'";
xtc_db_query($discountTotalUpdate);
} else {
$value = number_format($piRatepayVoucher, 4, ".", "");
$valueFormat = number_format($value, 2, ",", "");
$discountTotalInsert = "INSERT INTO `orders_total` (`orders_id`, `title`, `text`, `value`, `class`, `sort_order`) VALUES ('" . xtc_db_input($oID) . "', 'Gutschein:', '<font color=\"ff0000\"> " . xtc_db_input($valueFormat) . " EUR</font>', " . xtc_db_input($value) . ", 'pi_ratepay_voucher', 98)";
xtc_db_query($discountTotalInsert);
}
$sql = "update orders_total set value = value+{$piRatepayVoucher} where class = 'ot_total' and orders_id = '" . xtc_db_input($oID) . "'";
xtc_db_query($sql);
$sql = "select value from orders_total where class = 'ot_total' and orders_id = '" . xtc_db_input($oID) . "'";
$totalq = xtc_db_query($sql);
$total = xtc_db_fetch_array($totalq);
$totalText = number_format($total['value'], 2, ",", ".");
$sql = "update orders_total set text = '<b>" . xtc_db_input($totalText) . " EUR</b>' where class = 'ot_total' and orders_id = '" . xtc_db_input($oID) . "'";
xtc_db_query($sql);
$message = PI_RATEPAY_SUCCESSVOUCHER;
return array('result' => 'SUCCESS', 'message' => $message);
} else {
$message = PI_RATEPAY_ERRORVOUCHER;
return array('result' => 'ERROR', 'message' => $message);
}
} else {
$message = PI_RATEPAY_SERVICE;
return array('result' => 'ERROR', 'message' => $message);
}
}
} else {
$message = PI_RATEPAY_ERRORVOUCHER;
return array('result' => 'ERROR', 'message' => $message);
}
}
}
}
/**
* tries to fetch location information out of text in html
*/
function getLocation($href)
{
global $counter;
$unknown = array('country' => 'unknown', 'continent' => 'unknown');
if (!$href || $href == "") {
return $unknown;
}
// check store for known
$store = getData("* FROM swdata where link LIKE '{$href}'");
if ($store && count(array_diff_assoc($store, $unknown))) {
return array('country' => $store[0]['country'], 'continent' => $store[0]['continent']);
}
$counter++;
$list = getCountryList();
$html = scraperWiki::scrape("http://www.who.int/{$href}");
$dom = new simple_html_dom();
$dom->load($html);
// seek location in text
foreach ($dom->find("div[@id='primary']") as $data) {
$text = removeSpecialChars(strtolower($data->plaintext));
// tries to find a country name in the text
foreach ($list as $key => $value) {
// stripos = case insensitive strpos
if (stripos($text, $key) !== false) {
return array('country' => $key, 'continent' => $value);
}
}
}
// seek location in link
foreach ($dom->find("div[@id='primary'] a") as $data) {
$result = getLocation($data->href);
if (count(array_diff_assoc($result, $unknown))) {
return $result;
}
}
return $unknown;
}
/**
* returns a randomly generated password of length $maxlen. inspired by
* {@link http://www.phpbuilder.com/columns/jesus19990502.php3} and
* {@link http://es2.php.net/manual/en/function.str-shuffle.php#73254}
*
* @param int $maxlen The maximum size of the password being generated.
* @return string
*/
function generate_password($maxlen = 10)
{
global $CFG;
if (empty($CFG->passwordpolicy)) {
$fillers = PASSWORD_DIGITS;
$wordlist = file($CFG->wordlist);
$word1 = trim($wordlist[rand(0, count($wordlist) - 1)]);
$word2 = trim($wordlist[rand(0, count($wordlist) - 1)]);
$filler1 = $fillers[rand(0, strlen($fillers) - 1)];
$password = $word1 . $filler1 . $word2;
} else {
$maxlen = !empty($CFG->minpasswordlength) ? $CFG->minpasswordlength : 0;
$digits = $CFG->minpassworddigits;
$lower = $CFG->minpasswordlower;
$upper = $CFG->minpasswordupper;
$nonalphanum = $CFG->minpasswordnonalphanum;
$additional = $maxlen - ($lower + $upper + $digits + $nonalphanum);
// Make sure we have enough characters to fulfill
// complexity requirements
$passworddigits = PASSWORD_DIGITS;
while ($digits > strlen($passworddigits)) {
$passworddigits .= PASSWORD_DIGITS;
}
$passwordlower = PASSWORD_LOWER;
while ($lower > strlen($passwordlower)) {
$passwordlower .= PASSWORD_LOWER;
}
$passwordupper = PASSWORD_UPPER;
while ($upper > strlen($passwordupper)) {
$passwordupper .= PASSWORD_UPPER;
}
$passwordnonalphanum = PASSWORD_NONALPHANUM;
while ($nonalphanum > strlen($passwordnonalphanum)) {
$passwordnonalphanum .= PASSWORD_NONALPHANUM;
}
// Now mix and shuffle it all
$password = str_shuffle(substr(str_shuffle($passwordlower), 0, $lower) . substr(str_shuffle($passwordupper), 0, $upper) . substr(str_shuffle($passworddigits), 0, $digits) . substr(str_shuffle($passwordnonalphanum), 0, $nonalphanum) . substr(str_shuffle($passwordlower . $passwordupper . $passworddigits . $passwordnonalphanum), 0, $additional));
}
// Added by SMS: 8/7/2011
// To make sure that the newly generated passwork does not have any special characters.
$password = removeSpecialChars($password);
return substr($password, 0, $maxlen);
}
/**
* Sets content basket articles for payment change request
*
* @param Object $items Request items object
* @param String $subtype Payment subtype
* @param Array $articles Current articles
*/
function setRatepayContentBasketItemsItemChange($items, $subtype, $articles)
{
foreach ($articles as $article) {
$quant = $article['bestellt'] - $article['storniert'] - $article['retourniert'];
if ($quant > 0) {
$tax = ($article['einzelpreis'] * $quant) - (round($article['einzelpreis_net'] * $quant,2));
$title = '';
$title = removeSpecialChars(html_entity_decode($article['name']));
$item = $items->addCDataChild('item', $title);
$item->addAttribute('article-number', $article['bestellnr']);
$item->addAttribute('quantity', $quant);
$item->addAttribute('unit-price', number_format($article['einzelpreis_net'],2,".",""));
$item->addAttribute('total-price', number_format($article['einzelpreis_net']*$quant,2,".",""));
$item->addAttribute('tax', number_format($tax,2,".",""));
}
}
}
<?php
/**
* Este arquivo tem por objetivo mover as imagens recebidas no $_FILES para o destino
* recebido no $_GET. É chamado pelo Uploadify das galerias (CodeIgniter>>backend)
*/
$ok = false;
$dest = urldecode(base64_decode($_GET['path']));
$file = $_FILES['Filedata'];
if (is_array($file) && count($file) > 0) {
if (move_uploaded_file($file['tmp_name'], $dest . removeSpecialChars(strtolower($file['name'])))) {
$ok = true;
}
}
echo $ok;
/**
* Script para remover acentos e caracteres especiais:
*/
function removeSpecialChars($oldText)
{
// Se corrige os acentos com iso, taca iso
if (strlen($oldText) > strlen(utf8_decode($oldText))) {
$oldText = utf8_decode($oldText);
}
/*
* A função "strtr" substitui os caracteres acentuados pelos não acentuados.
* A função "ereg_replace" utiliza uma expressão regular que remove todos os
* caracteres que não são letras, números e são diferentes de "_" (underscore).
*/
$newText = preg_replace('[^a-zA-Z0-9_-.]', '', strtr($oldText, 'áàãâéêíóôõúüçÁÀÃÂÉÊÍÓÔÕÚÜÇ ', 'aaaaeeiooouucAAAAEEIOOOUUC_'));
if (!(strlen($newText) > 0)) {
