function smn_redirect($url)
{
global $logger;
if (strstr($url, "\n") != false || strstr($url, "\r") != false) {
smn_redirect(smn_href_link(FILENAME_DEFAULT, '', 'NONSSL', false));
}
header('Location: ' . $url);
if (STORE_PAGE_PARSE_TIME == 'true') {
if (!is_object($logger)) {
$logger = new logger();
}
$logger->timer_stop();
}
exit;
}
function smn_redirect($url)
{
if (strstr($url, "\n") != false || strstr($url, "\r") != false) {
smn_redirect(smn_href_link(FILENAME_DEFAULT, '', 'NONSSL', false));
}
if (ENABLE_SSL == true && getenv('HTTPS') == 'on') {
// We are loading an SSL page
if (substr($url, 0, strlen(HTTP_SERVER)) == HTTP_SERVER) {
// NONSSL url
$url = HTTPS_SERVER . substr($url, strlen(HTTP_SERVER));
// Change it to SSL
}
}
header('Location: ' . str_replace('&', '&', $url));
smn_exit();
}
/*
Copyright (c) 2002 - 2006 SystemsManager.Net
SystemsManager Technologies
oscMall System Version 4
http://www.systemsmanager.net
This source file is subject to version 2.0 of the GPL license,
that is bundled with this package in the file LICENSE. If you
did not receive a copy of the oscMall System license and are unable
to obtain it through the world-wide-web, please send a note to
license@systemsmanager.net so we can mail you a copy immediately.
*/
if (!smn_session_is_registered('customer_id')) {
//$navigation->set_snapshot();
smn_redirect(smn_href_link(FILENAME_LOGIN, 'ID=' . $store_id, 'SSL'));
}
$set = isset($_GET['set']) ? $_GET['set'] : 'payment';
$action = isset($_GET['action']) ? $_GET['action'] : '';
require DIR_WS_CLASSES . 'store_modules.php';
$paymentModules = new store_modules('payment');
$shippingModules = new store_modules('shipping');
$orderTotalModules = new store_modules('order_total');
if (smn_not_null($action)) {
$moduleType = $_GET['moduleType'];
$moduleName = $_GET['moduleName'];
require DIR_WS_LANGUAGES . 'install/' . $moduleType . '/' . $language . '.php';
switch ($action) {
case 'getInstallArray':
$moduleInfo = new store_modules($moduleType);
$notInstalled = $moduleInfo->getNotInstalledModules();
<?php
/*
Copyright (c) 2002 - 2006 SystemsManager.Net
SystemsManager Technologies
oscMall System Version 4
http://www.systemsmanager.net
Portions Copyright (c) 2002 osCommerce
This source file is subject to version 2.0 of the GPL license,
that is bundled with this package in the file LICENSE. If you
did not receive a copy of the oscMall System license and are unable
to obtain it through the world-wide-web, please send a note to
license@systemsmanager.net so we can mail you a copy immediately.
*/
global $page_name;
if (!smn_session_is_registered('affiliate_id')) {
$navigation->set_snapshot();
smn_redirect(smn_href_link(FILENAME_AFFILIATE, '', 'NONSSL'));
}
$breadcrumb->add(NAVBAR_TITLE, smn_href_link(FILENAME_AFFILIATE_CLICKS, '', 'NONSSL'));
$affiliate_clickthroughs_raw = "\n select a.*, pd.products_name from " . TABLE_AFFILIATE_CLICKTHROUGHS . " a \n left join " . TABLE_PRODUCTS . " p on (p.products_id = a.affiliate_products_id) \n left join " . TABLE_PRODUCTS_DESCRIPTION . " pd on (pd.products_id = p.products_id and pd.language_id = '" . $languages_id . "') \n where a.affiliate_id = '" . $affiliate_id . "' ORDER BY a.affiliate_clientdate desc\n ";
$affiliate_clickthroughs_split = new splitPageResults($affiliate_clickthroughs_raw, MAX_DISPLAY_SEARCH_RESULTS);
$affiliate_clickthroughs_numrows_raw = "select count(*) as count from " . TABLE_AFFILIATE_CLICKTHROUGHS . " where affiliate_id = '" . $affiliate_id . "'";
$affiliate_clickthroughs_query = smn_db_query($affiliate_clickthroughs_numrows_raw);
$affiliate_clickthroughs_numrows = smn_db_fetch_array($affiliate_clickthroughs_query);
$affiliate_clickthroughs_numrows = $affiliate_clickthroughs_numrows['count'];
?>
} elseif ($_GET['gID'] != 'edit_group') {
$check_groups_name_query = smn_db_query("select admin_groups_name as group_name_new from " . TABLE_ADMIN_GROUPS . " where admin_groups_name like '%" . $name_replace . "%'");
$check_duplicate = smn_db_num_rows($check_groups_name_query);
if ($check_duplicate > 0) {
smn_redirect(smn_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $_GET['gID'] . '&gName=used&action=new_group'));
} else {
$sql_product_data_array = array('products_quantity' => '1000', 'products_model' => 'mem_6_', 'products_price' => smn_db_prepare_input($_POST['admin_groups_cost']), 'products_date_available' => date('Y-m-d'), 'store_id' => 1, 'products_weight' => '0', 'products_status' => '1', 'products_tax_class_id' => '', 'products_date_added' => 'now()', 'products_image' => '', 'manufacturers_id' => '');
smn_db_perform(TABLE_PRODUCTS, $sql_product_data_array);
$products_id = smn_db_insert_id();
smn_db_query("insert into " . TABLE_PRODUCTS_TO_CATEGORIES . " (products_id, categories_id) values ('" . (int) $products_id . "', '1')");
$languages = smn_get_languages();
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
$language_id = $languages[$i]['id'];
$sql_data_array = array('products_id' => $products_id, 'products_name' => smn_db_prepare_input($admin_groups_name), 'language_id' => $language_id, 'products_url' => HTTP_CATALOG_SERVER);
smn_db_perform(TABLE_PRODUCTS_DESCRIPTION, $sql_data_array);
}
$sql_data_array = array('admin_groups_name' => $admin_groups_name, 'admin_groups_store_type' => smn_db_prepare_input($_POST['admin_groups_store_types']), 'admin_groups_products_id' => $products_id, 'admin_sales_cost' => smn_db_prepare_input($_POST['admin_sales_cost']), 'admin_groups_max_products' => smn_db_prepare_input($_POST['admin_groups_max_products']));
smn_db_perform(TABLE_ADMIN_GROUPS, $sql_data_array);
$admin_groups_id = smn_db_insert_id();
$set_groups_id = smn_db_prepare_input($_POST['set_groups_id']);
$add_group_id = $set_groups_id . ',\'' . $admin_groups_id . '\'';
smn_db_query("alter table " . TABLE_ADMIN_FILES . " change admin_groups_id admin_groups_id set( " . $add_group_id . ") NOT NULL DEFAULT '1' ");
smn_redirect(smn_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $admin_groups_id));
}
}
break;
}
}
$content_page = basename($_SERVER['PHP_SELF']);
require 'templates/default/layout.php';
require DIR_WS_INCLUDES . 'application_bottom.php';
$entry = smn_db_fetch_array($entry_query);
} elseif (isset($_GET['delete']) && is_numeric($_GET['delete'])) {
if ($_GET['delete'] == $customer_default_address_id) {
$messageStack->add_session('addressbook', WARNING_PRIMARY_ADDRESS_DELETION, 'warning');
smn_redirect(smn_href_link(FILENAME_ADDRESS_BOOK, '', 'NONSSL'));
} else {
$check_query = smn_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where address_book_id = '" . (int) $_GET['delete'] . "' and customers_id = '" . (int) $customer_id . "'");
$check = smn_db_fetch_array($check_query);
if ($check['total'] < 1) {
$messageStack->add_session('addressbook', ERROR_NONEXISTING_ADDRESS_BOOK_ENTRY);
smn_redirect(smn_href_link(FILENAME_ADDRESS_BOOK, '', 'NONSSL'));
}
}
} else {
$entry = array();
}
if (!isset($_GET['delete']) && !isset($_GET['edit'])) {
if (smn_count_customer_address_book_entries() >= MAX_ADDRESS_BOOK_ENTRIES) {
$messageStack->add_session('addressbook', ERROR_ADDRESS_BOOK_FULL);
smn_redirect(smn_href_link(FILENAME_ADDRESS_BOOK, '', 'NONSSL'));
}
}
$breadcrumb->add(NAVBAR_TITLE_1, smn_href_link(FILENAME_ACCOUNT, '', 'NONSSL'));
$breadcrumb->add(NAVBAR_TITLE_2, smn_href_link(FILENAME_ADDRESS_BOOK, '', 'NONSSL'));
if (isset($_GET['edit']) && is_numeric($_GET['edit'])) {
$breadcrumb->add(NAVBAR_TITLE_MODIFY_ENTRY, smn_href_link(FILENAME_ADDRESS_BOOK_PROCESS, 'edit=' . $_GET['edit'], 'NONSSL'));
} elseif (isset($_GET['delete']) && is_numeric($_GET['delete'])) {
$breadcrumb->add(NAVBAR_TITLE_DELETE_ENTRY, smn_href_link(FILENAME_ADDRESS_BOOK_PROCESS, 'delete=' . $_GET['delete'], 'NONSSL'));
} else {
$breadcrumb->add(NAVBAR_TITLE_ADD_ENTRY, smn_href_link(FILENAME_ADDRESS_BOOK_PROCESS, '', 'NONSSL'));
}
function pre_confirmation_check()
{
global $_POST;
include DIR_WS_CLASSES . 'cc_validation.php';
$cc_validation = new cc_validation();
$result = $cc_validation->validate($_POST['ipayment_cc_number'], $_POST['ipayment_cc_expires_month'], $_POST['ipayment_cc_expires_year']);
$error = '';
switch ($result) {
case -1:
$error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = TEXT_CCVAL_ERROR_INVALID_DATE;
break;
case false:
$error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
break;
}
if ($result == false || $result < 1) {
$payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&ipayment_cc_owner=' . urlencode($_POST['ipayment_cc_owner']) . '&ipayment_cc_expires_month=' . $_POST['ipayment_cc_expires_month'] . '&ipayment_cc_expires_year=' . $_POST['ipayment_cc_expires_year'] . '&ipayment_cc_checkcode=' . $_POST['ipayment_cc_checkcode'];
smn_redirect(smn_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'NONSSL', true, false));
}
$this->cc_card_type = $cc_validation->cc_type;
$this->cc_card_number = $cc_validation->cc_number;
$this->cc_expiry_month = $cc_validation->cc_expiry_month;
$this->cc_expiry_year = $cc_validation->cc_expiry_year;
}
<?php
/*
Copyright (c) 2002 - 2006 SystemsManager.Net
SystemsManager Technologies
oscMall System Version 4
http://www.systemsmanager.net
Portions Copyright (c) 2002 osCommerce
This source file is subject to version 2.0 of the GPL license,
that is bundled with this package in the file LICENSE. If you
did not receive a copy of the oscMall System license and are unable
to obtain it through the world-wide-web, please send a note to
license@systemsmanager.net so we can mail you a copy immediately.
*/
global $page_name;
if (!smn_session_is_registered('customer_id')) {
//$navigation->set_snapshot();
smn_redirect(smn_href_link(FILENAME_LOGIN, '', 'NONSSL'));
}
$breadcrumb->add(NAVBAR_TITLE, smn_href_link(FILENAME_ACCOUNT, 'ID=' . $store_id, 'NONSSL'));
if (isset($_POST['action']) && $_POST['action'] == 'process') {
$password_current = smn_db_prepare_input($_POST['password_current']);
$password_new = smn_db_prepare_input($_POST['password_new']);
$password_confirmation = smn_db_prepare_input($_POST['password_confirmation']);
$error = false;
if (strlen($password_current) < ENTRY_PASSWORD_MIN_LENGTH) {
$error = true;
$messageStack->add('account_password', ENTRY_PASSWORD_CURRENT_ERROR);
} elseif (strlen($password_new) < ENTRY_PASSWORD_MIN_LENGTH) {
$error = true;
$messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR);
} elseif ($password_new != $password_confirmation) {
$error = true;
$messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR_NOT_MATCHING);
}
if ($error == false) {
$check_customer_query = smn_db_query("select customers_password from " . TABLE_CUSTOMERS . " where customers_id = '" . (int) $customer_id . "'");
$check_customer = smn_db_fetch_array($check_customer_query);
if (smn_validate_password($password_current, $check_customer['customers_password'])) {
smn_db_query("update " . TABLE_CUSTOMERS . " set customers_password = '******' where customers_id = '" . (int) $customer_id . "'");
smn_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_account_last_modified = now() where customers_info_id = '" . (int) $customer_id . "'");
$messageStack->add_session('account', SUCCESS_PASSWORD_UPDATED, 'success');
smn_redirect(smn_href_link(FILENAME_DEFAULT, '', 'NONSSL'));
} else {
$error = true;
$messageStack->add('account_password', ERROR_CURRENT_PASSWORD_NOT_MATCHING);
}
}
}
$breadcrumb->add(NAVBAR_TITLE_1, smn_href_link(FILENAME_ACCOUNT, '', 'NONSSL'));
$breadcrumb->add(NAVBAR_TITLE_2, smn_href_link(FILENAME_ACCOUNT_PASSWORD, '', 'NONSSL'));
smn_redirect(smn_href_link(FILENAME_AFFILIATE_BANNER_MANAGER, 'selected_box=affiliate&page=' . $_GET['page'] . '&abID=' . $affiliate_banners_id));
} else {
$_GET['action'] = 'new';
}
break;
case 'deleteconfirm':
$affiliate_banners_id = smn_db_prepare_input($_GET['abID']);
$delete_image = smn_db_prepare_input($_POST['delete_image']);
if ($delete_image == 'on') {
$affiliate_banner_query = smn_db_query("select affiliate_banners_image from " . TABLE_AFFILIATE_BANNERS . " where affiliate_banners_id = '" . smn_db_input($affiliate_banners_id) . "'");
$affiliate_banner = smn_db_fetch_array($affiliate_banner_query);
if (is_file(DIR_FS_CATALOG_IMAGES . $affiliate_banner['affiliate_banners_image'])) {
if (is_writeable(DIR_FS_CATALOG_IMAGES . $affiliate_banner['affiliate_banners_image'])) {
unlink(DIR_FS_CATALOG_IMAGES . $affiliate_banner['affiliate_banners_image']);
} else {
$messageStack->add_session(ERROR_IMAGE_IS_NOT_WRITEABLE, 'error');
}
} else {
$messageStack->add_session(ERROR_IMAGE_DOES_NOT_EXIST, 'error');
}
}
smn_db_query("delete from " . TABLE_AFFILIATE_BANNERS . " where affiliate_banners_id = '" . smn_db_input($affiliate_banners_id) . "'");
smn_db_query("delete from " . TABLE_AFFILIATE_BANNERS_HISTORY . " where affiliate_banners_id = '" . smn_db_input($affiliate_banners_id) . "'");
$messageStack->add_session(SUCCESS_BANNER_REMOVED, 'success');
smn_redirect(smn_href_link(FILENAME_AFFILIATE_BANNER_MANAGER, 'selected_box=affiliate&page=' . $_GET['page']));
break;
}
}
$content_page = basename($_SERVER['PHP_SELF']);
require 'templates/default/layout.php';
require DIR_WS_INCLUDES . 'application_bottom.php';
for ($i = 0, $n = sizeof($order_totals); $i < $n; $i++) {
$email_order .= strip_tags($order_totals[$i]['title']) . ' ' . strip_tags($order_totals[$i]['text']) . "\n";
}
if ($order->content_type != 'virtual') {
$email_order .= "\n" . EMAIL_TEXT_DELIVERY_ADDRESS . "\n" . EMAIL_SEPARATOR . "\n" . smn_address_label($customer_id, $sendto, 0, '', "\n") . "\n";
}
$email_order .= "\n" . EMAIL_TEXT_BILLING_ADDRESS . "\n" . EMAIL_SEPARATOR . "\n" . smn_address_label($customer_id, $billto, 0, '', "\n") . "\n\n";
if (is_object(${$payment})) {
$email_order .= EMAIL_TEXT_PAYMENT_METHOD . "\n" . EMAIL_SEPARATOR . "\n";
$payment_class = ${$payment};
$email_order .= $order->info['payment_method'] . "\n\n";
if ($payment_class->email_footer) {
$email_order .= $payment_class->email_footer . "\n\n";
}
}
smn_mail($order->customer['firstname'] . ' ' . $order->customer['lastname'], $order->customer['email_address'], EMAIL_TEXT_SUBJECT, $email_order, $store->get_store_owner(), $store->get_store_owner_email_address());
// load the after_process function from the payment modules
$payment_modules->after_process();
// unregister session variables used during checkout
smn_session_unregister('sendto');
smn_session_unregister('billto');
smn_session_unregister('shipping');
smn_session_unregister('shipping_store');
smn_session_unregister('payment');
smn_session_unregister('comments');
if (smn_session_is_registered('credit_covers')) {
smn_session_unregister('credit_covers');
}
$order_total_modules->clear_posts();
smn_redirect(smn_href_link(FILENAME_CHECKOUT_SUCCESS, 'orders_id=' . $insert_id, 'NONSSL'));
$entry = smn_db_fetch_array($entry_query);
} elseif (isset($_GET['delete']) && is_numeric($_GET['delete'])) {
if ($_GET['delete'] == $customer_default_address_id) {
$messageStack->add_session('addressbook', WARNING_PRIMARY_ADDRESS_DELETION, 'warning');
smn_redirect(smn_href_link(FILENAME_ADDRESS_BOOK, 'ID=' . $store_id, 'NONSSL'));
} else {
$check_query = smn_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where address_book_id = '" . (int) $_GET['delete'] . "' and customers_id = '" . (int) $customer_id . "'");
$check = smn_db_fetch_array($check_query);
if ($check['total'] < 1) {
$messageStack->add_session('addressbook', ERROR_NONEXISTING_ADDRESS_BOOK_ENTRY);
smn_redirect(smn_href_link(FILENAME_ADDRESS_BOOK, 'ID=' . $store_id, 'NONSSL'));
}
}
} else {
$entry = array();
}
if (!isset($_GET['delete']) && !isset($_GET['edit'])) {
if (smn_count_customer_address_book_entries() >= MAX_ADDRESS_BOOK_ENTRIES) {
$messageStack->add_session('addressbook', ERROR_ADDRESS_BOOK_FULL);
smn_redirect(smn_href_link(FILENAME_ADDRESS_BOOK, 'ID=' . $store_id, 'NONSSL'));
}
}
$breadcrumb->add(NAVBAR_TITLE_1, smn_href_link(FILENAME_ACCOUNT, 'ID=' . $store_id, 'NONSSL'));
$breadcrumb->add(NAVBAR_TITLE_2, smn_href_link(FILENAME_ADDRESS_BOOK, 'ID=' . $store_id, 'NONSSL'));
if (isset($_GET['edit']) && is_numeric($_GET['edit'])) {
$breadcrumb->add(NAVBAR_TITLE_MODIFY_ENTRY, smn_href_link(FILENAME_ADDRESS_BOOK_PROCESS, 'edit=' . $_GET['edit'] . '&ID=' . $store_id, 'NONSSL'));
} elseif (isset($_GET['delete']) && is_numeric($_GET['delete'])) {
$breadcrumb->add(NAVBAR_TITLE_DELETE_ENTRY, smn_href_link(FILENAME_ADDRESS_BOOK_PROCESS, 'delete=' . $_GET['delete'] . '&ID=' . $store_id, 'NONSSL'));
} else {
$breadcrumb->add(NAVBAR_TITLE_ADD_ENTRY, smn_href_link(FILENAME_ADDRESS_BOOK_PROCESS, 'ID=' . $store_id, 'NONSSL'));
}
SystemsManager Technologies
oscMall System Version 4
http://www.systemsmanager.net
Portions Copyright (c) 2002 osCommerce
This source file is subject to version 2.0 of the GPL license,
that is bundled with this package in the file LICENSE. If you
did not receive a copy of the oscMall System license and are unable
to obtain it through the world-wide-web, please send a note to
license@systemsmanager.net so we can mail you a copy immediately.
*/
global $page_name;
if (!smn_session_is_registered('affiliate_id')) {
$navigation->set_snapshot();
smn_redirect(smn_href_link(FILENAME_AFFILIATE, '', 'NONSSL'));
}
$error = false;
if (isset($_GET['action']) && $_GET['action'] == 'send') {
if (smn_validate_email(trim($_POST['email']))) {
smn_mail($store->get_store_owner(), AFFILIATE_EMAIL_ADDRESS, EMAIL_SUBJECT, $_POST['enquiry'], $_POST['name'], $_POST['email']);
smn_redirect(smn_href_link(FILENAME_AFFILIATE_CONTACT, 'action=success'));
} else {
$error = true;
}
}
$breadcrumb->add(NAVBAR_TITLE, smn_href_link(FILENAME_AFFILIATE_CONTACT));
$affiliate_values = smn_db_query("select * from " . TABLE_AFFILIATE . " where affiliate_id = '" . $affiliate_id . "'");
$affiliate = smn_db_fetch_array($affiliate_values);
?>
$navigation->set_snapshot();
smn_redirect(smn_href_link(FILENAME_LOGIN, '', 'NONSSL'));
}
if (isset($_GET['action']) && $_GET['action'] == 'update_notifications') {
$products = $_POST['products'];
$remove = '';
for ($i = 0, $n = sizeof($products); $i < $n; $i++) {
$remove .= '\'' . $products[$i] . '\',';
}
$remove = substr($remove, 0, -1);
if (smn_not_null($remove)) {
smn_db_query("delete from " . TABLE_PRODUCTS_NOTIFICATIONS . " where customers_id = '" . $customer_id . "' and products_id in (" . $remove . ")");
}
smn_redirect(smn_href_link(FILENAME_PRODUCT_NOTIFICATIONS, '', 'NONSSL'));
} elseif (isset($_GET['action']) && $_GET['action'] == 'global_notify') {
if (isset($_POST['global']) && $_POST['global'] == 'enable') {
smn_db_query("update " . TABLE_CUSTOMERS_INFO . " set global_product_notifications = '1' where customers_info_id = '" . $customer_id . "'");
} else {
$check_query = smn_db_query("select count(*) as count from " . TABLE_CUSTOMERS_INFO . " where customers_info_id = '" . $customer_id . "' and global_product_notifications = '1'");
$check = smn_db_fetch_array($check_query);
if ($check['count'] > 0) {
smn_db_query("update " . TABLE_CUSTOMERS_INFO . " set global_product_notifications = '0' where customers_info_id = '" . $customer_id . "'");
}
}
smn_redirect(smn_href_link(FILENAME_PRODUCT_NOTIFICATIONS, '', 'NONSSL'));
}
//require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_PRODUCT_NOTIFICATIONS);
$breadcrumb->add(NAVBAR_TITLE_1, smn_href_link(FILENAME_ACCOUNT, '', 'NONSSL'));
$breadcrumb->add(NAVBAR_TITLE_2, smn_href_link(FILENAME_PRODUCT_NOTIFICATIONS, '', 'NONSSL'));
$global_status_query = smn_db_query("select global_product_notifications from " . TABLE_CUSTOMERS_INFO . " where customers_info_id = '" . $customer_id . "'");
$global_status = smn_db_fetch_array($global_status_query);
oscMall System Version 4
http://www.systemsmanager.net
Portions Copyright (c) 2002 osCommerce
This source file is subject to version 2.0 of the GPL license,
that is bundled with this package in the file LICENSE. If you
did not receive a copy of the oscMall System license and are unable
to obtain it through the world-wide-web, please send a note to
license@systemsmanager.net so we can mail you a copy immediately.
*/
global $page_name;
$error = false;
/*
if ( (isset($_POST['store_category']) && empty($_POST['store_category'])) &&
(isset($_POST['dfrom']) && (empty($_POST['dfrom']) || ($_POST['dfrom'] == DOB_FORMAT_STRING))) &&
(isset($_POST['dto']) && (empty($_POST['dto']) || ($_POST['dto'] == DOB_FORMAT_STRING))) &&
(isset($_POST['pfrom']) && !is_numeric($_POST['pfrom'])) &&
(isset($_POST['pto']) && !is_numeric($_POST['pto'])) ) {
*/
//echo "store:".$_POST['store_category'].":category:".$_POST['product_category'].":descrip:".$_POST['product_description'].":<br>";
if (isset($_POST['store_category']) && $_POST['store_category'] == 0 && (isset($_POST['product_category']) && $_POST['product_category'] == 0) && (isset($_POST['product_description']) && empty($_POST['product_description']))) {
$error = true;
$messageStack->add_session('search', ERROR_AT_LEAST_ONE_INPUT);
} else {
}
if ($error == true) {
smn_redirect(smn_href_link(FILENAME_ADVANCED_SEARCH, 'ID=' . $store_id . '&' . smn_get_all_get_params(), 'NONSSL', true, false));
}
$breadcrumb->add(NAVBAR_TITLE_1, smn_href_link(FILENAME_ADVANCED_SEARCH));
$breadcrumb->add(NAVBAR_TITLE_2, smn_href_link(FILENAME_ADVANCED_SEARCH_RESULT, smn_get_all_get_params(), 'NONSSL', true, false));
}
}
} else {
smn_session_register('sendto');
}
$sendto = $_POST['address'];
$check_address_query = smn_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int) $customer_id . "' and address_book_id = '" . (int) $sendto . "'");
$check_address = smn_db_fetch_array($check_address_query);
if ($check_address['total'] == '1') {
if ($reset_shipping == true) {
smn_session_unregister('shipping');
}
smn_redirect(smn_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'NONSSL'));
} else {
smn_session_unregister('sendto');
}
} else {
if (!smn_session_is_registered('sendto')) {
smn_session_register('sendto');
}
$sendto = $customer_default_address_id;
smn_redirect(smn_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'NONSSL'));
}
}
// if no shipping destination address was selected, use their own address as default
if (!smn_session_is_registered('sendto')) {
$sendto = $customer_default_address_id;
}
$breadcrumb->add(NAVBAR_TITLE_1, smn_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'NONSSL'));
$breadcrumb->add(NAVBAR_TITLE_2, smn_href_link(FILENAME_CHECKOUT_SHIPPING_ADDRESS, '', 'NONSSL'));
$addresses_count = smn_count_customer_address_book_entries();
if ($_GET['filename'] == $_GET['lngdir'] . '.php') {
$file = DIR_FS_CATALOG_LANGUAGES . $_GET['filename'];
} else {
$file = DIR_FS_CATALOG_LANGUAGES . $_GET['lngdir'] . '/' . $_GET['filename'];
}
if (file_exists($file)) {
if (file_exists('bak' . $file)) {
@unlink('bak' . $file);
}
@rename($file, 'bak' . $file);
$new_file = fopen($file, 'w');
$file_contents = stripslashes($_POST['file_contents']);
fwrite($new_file, $file_contents, strlen($file_contents));
fclose($new_file);
}
smn_redirect(smn_href_link(FILENAME_DEFINE_LANGUAGE, 'lngdir=' . $_GET['lngdir']));
}
break;
}
}
$languages_array = array();
$languages = smn_get_languages();
$lng_exists = false;
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
if ($languages[$i]['directory'] == $_GET['lngdir']) {
$lng_exists = true;
}
$languages_array[] = array('id' => $languages[$i]['directory'], 'text' => $languages[$i]['name']);
}
if (!$lng_exists) {
$_GET['lngdir'] = $language;
break;
}
}
$action = isset($_GET['action']) ? $_GET['action'] : '';
if (smn_not_null($action)) {
switch ($action) {
case 'insert_zone':
$geo_zone_name = smn_db_prepare_input($_POST['geo_zone_name']);
$geo_zone_description = smn_db_prepare_input($_POST['geo_zone_description']);
smn_db_query("insert into " . TABLE_GEO_ZONES . " (store_id, geo_zone_name, geo_zone_description, date_added) values ('" . smn_db_input($store_id) . "', '" . smn_db_input($geo_zone_name) . "', '" . smn_db_input($geo_zone_description) . "', now())");
$new_zone_id = smn_db_insert_id();
smn_redirect(smn_href_link(FILENAME_GEO_ZONES, 'zpage=' . $_GET['zpage'] . '&zID=' . $new_zone_id));
break;
case 'save_zone':
$zID = smn_db_prepare_input($_GET['zID']);
$geo_zone_name = smn_db_prepare_input($_POST['geo_zone_name']);
$geo_zone_description = smn_db_prepare_input($_POST['geo_zone_description']);
smn_db_query("update " . TABLE_GEO_ZONES . " set geo_zone_name = '" . smn_db_input($geo_zone_name) . "', geo_zone_description = '" . smn_db_input($geo_zone_description) . "', last_modified = now() where geo_zone_id = '" . (int) $zID . "' and store_id = '" . $store_id . "'");
smn_redirect(smn_href_link(FILENAME_GEO_ZONES, 'zpage=' . $_GET['zpage'] . '&zID=' . $_GET['zID']));
break;
case 'deleteconfirm_zone':
$zID = smn_db_prepare_input($_GET['zID']);
smn_db_query("delete from " . TABLE_GEO_ZONES . " where geo_zone_id = '" . (int) $zID . "' and store_id = '" . $store_id . "'");
smn_db_query("delete from " . TABLE_ZONES_TO_GEO_ZONES . " where geo_zone_id = '" . (int) $zID . "' and store_id = '" . $store_id . "'");
smn_redirect(smn_href_link(FILENAME_GEO_ZONES, 'zpage=' . $_GET['zpage']));
break;
}
}
$content_page = basename($_SERVER['PHP_SELF']);
require 'templates/default/layout.php';
require DIR_WS_INCLUDES . 'application_bottom.php';
switch ($action) {
case 'delete':
$error = ERROR_REMOVE_UNLOCKED_NEWSLETTER;
break;
case 'new':
$error = ERROR_EDIT_UNLOCKED_NEWSLETTER;
break;
case 'send':
$error = ERROR_SEND_UNLOCKED_NEWSLETTER;
break;
case 'confirm_send':
$error = ERROR_SEND_UNLOCKED_NEWSLETTER;
break;
}
$messageStack->add_session($error, 'error');
smn_redirect(smn_href_link(FILENAME_NEWSLETTERS, 'page=' . $HTTP_GET_VARS['page'] . '&nID=' . $HTTP_GET_VARS['nID']));
}
break;
}
}
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php
echo HTML_PARAMS;
?>
>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php
echo CHARSET;
?>
">
header('Content-disposition: attachment; filename=' . $_GET['file']);
echo $buffer;
exit;
}
} else {
$messageStack->add(ERROR_DOWNLOAD_LINK_NOT_ACCEPTABLE, 'error');
}
break;
case 'deleteconfirm':
if (strstr($_GET['file'], '..')) {
smn_redirect(smn_href_link(FILENAME_BACKUP));
}
smn_remove(DIR_FS_BACKUP . '/' . $_GET['file']);
if (!$smn_remove_error) {
$messageStack->add_session(SUCCESS_BACKUP_DELETED, 'success');
smn_redirect(smn_href_link(FILENAME_BACKUP));
}
break;
}
}
// check if the backup directory exists
$dir_ok = false;
if (is_dir(DIR_FS_BACKUP)) {
if (is_writeable(DIR_FS_BACKUP)) {
$dir_ok = true;
} else {
$messageStack->add(ERROR_BACKUP_DIRECTORY_NOT_WRITEABLE, 'error');
}
} else {
$messageStack->add(ERROR_BACKUP_DIRECTORY_DOES_NOT_EXIST, 'error');
}
if ($gender == 'm') {
$email_text = sprintf(EMAIL_GREET_MR, $lastname);
} else {
$email_text = sprintf(EMAIL_GREET_MS, $lastname);
}
} else {
$email_text = sprintf(EMAIL_GREET_NONE, $firstname);
}
$email_text .= EMAIL_WELCOME . EMAIL_CONTACT . EMAIL_WARNING;
if (NEW_SIGNUP_GIFT_VOUCHER_AMOUNT > 0) {
$coupon_code = create_coupon_code();
$insert_query = smn_db_query("insert into " . TABLE_COUPONS . " (coupon_code, coupon_type, coupon_amount, date_created) values ('" . $coupon_code . "', 'G', '" . NEW_SIGNUP_GIFT_VOUCHER_AMOUNT . "', now())");
$insert_id = smn_db_insert_id($insert_query);
$insert_query = smn_db_query("insert into " . TABLE_COUPON_EMAIL_TRACK . " (coupon_id, customer_id_sent, sent_firstname, emailed_to, date_sent) values ('" . $insert_id . "', '0', 'Admin', '" . $email_address . "', now() )");
$email_text .= sprintf(EMAIL_GV_INCENTIVE_HEADER, $currencies->format(NEW_SIGNUP_GIFT_VOUCHER_AMOUNT)) . "\n\n" . sprintf(EMAIL_GV_REDEEM, $coupon_code) . "\n\n" . EMAIL_GV_LINK . smn_href_link(FILENAME_GV_REDEEM, 'gv_no=' . $coupon_code, 'NONSSL', false) . "\n\n";
}
if (NEW_SIGNUP_DISCOUNT_COUPON != '') {
$coupon_code = NEW_SIGNUP_DISCOUNT_COUPON;
$coupon_query = smn_db_query("select * from " . TABLE_COUPONS . " where coupon_code = '" . $coupon_code . "'");
$coupon = smn_db_fetch_array($coupon_query);
$coupon_id = $coupon['coupon_id'];
$coupon_desc_query = smn_db_query("select * from " . TABLE_COUPONS_DESCRIPTION . " where coupon_id = '" . $coupon_id . "' and language_id = '" . (int) $languages_id . "'");
$coupon_desc = smn_db_fetch_array($coupon_desc_query);
$insert_query = smn_db_query("insert into " . TABLE_COUPON_EMAIL_TRACK . " (coupon_id, customer_id_sent, sent_firstname, emailed_to, date_sent) values ('" . $coupon_id . "', '0', 'Admin', '" . $email_address . "', now() )");
$email_text .= EMAIL_COUPON_INCENTIVE_HEADER . "\n" . sprintf("%s", $coupon_desc['coupon_description']) . "\n\n" . sprintf(EMAIL_COUPON_REDEEM, $coupon['coupon_code']) . "\n\n" . "\n\n";
}
smn_mail($name, $email_address, EMAIL_SUBJECT, $email_text, $store->get_store_owner(), $store->get_store_owner_email_address());
smn_redirect(smn_href_link(FILENAME_CREATE_ACCOUNT_SUCCESS, '', 'NONSSL'));
}
}
$breadcrumb->add(NAVBAR_TITLE, smn_href_link(FILENAME_CREATE_ACCOUNT, '', 'NONSSL'));
/*End of code*/
$customer_id = $check_customer['customers_id'];
$customer_default_address_id = $check_customer['customers_default_address_id'];
$customer_first_name = $check_customer['customers_firstname'];
$customer_country_id = $check_country['entry_country_id'];
$customer_zone_id = $check_country['entry_zone_id'];
smn_session_register('customer_id');
smn_session_register('customer_default_address_id');
smn_session_register('customer_first_name');
smn_session_register('customer_country_id');
smn_session_register('customer_zone_id');
smn_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_of_last_logon = now(), customers_info_number_of_logons = customers_info_number_of_logons+1 where customers_info_id = '" . (int) $customer_id . "'");
// restore cart contents
$cart->restore_contents();
if (smn_session_is_registered('customer_store_id')) {
smn_redirect(smn_href_link(FILENAME_ACCOUNT, 'ID=' . $customer_store_id));
}
if (sizeof($navigation->snapshot) > 0) {
$origin_href = smn_href_link($navigation->snapshot['page'], smn_array_to_string($navigation->snapshot['get'], array(smn_session_name())), $navigation->snapshot['mode']);
$navigation->clear_snapshot();
smn_redirect($origin_href);
} else {
smn_redirect(smn_href_link(FILENAME_DEFAULT));
}
}
}
}
if ($error == true) {
$messageStack->add('login', TEXT_LOGIN_ERROR);
}
$breadcrumb->add(NAVBAR_TITLE, smn_href_link(FILENAME_LOGIN, '', 'NONSSL'));
$email = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . EMAIL_TEXT_AFFILIATE_PAYMENT_NUMBER . ' ' . $pID . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . smn_catalog_href_link(FILENAME_CATALOG_AFFILIATE_PAYMENT_INFO, 'payment_id=' . $pID, 'NONSSL') . "\n" . EMAIL_TEXT_PAYMENT_BILLED . ' ' . smn_date_long($check_status['affiliate_payment_date']) . "\n\n" . sprintf(EMAIL_TEXT_STATUS_UPDATE, $payments_status_array[$status]);
smn_mail($check_status['affiliate_firstname'] . ' ' . $check_status['affiliate_lastname'], $check_status['affiliate_email_address'], EMAIL_TEXT_SUBJECT, nl2br($email), STORE_OWNER, AFFILIATE_EMAIL_ADDRESS);
$affiliate_notified = '1';
}
smn_db_query("insert into " . TABLE_AFFILIATE_PAYMENT_STATUS_HISTORY . " (affiliate_payment_id, affiliate_new_value, affiliate_old_value, affiliate_date_added, affiliate_notified) values ('" . smn_db_input($pID) . "', '" . smn_db_input($status) . "', '" . $check_status['affiliate_payment_status'] . "', now(), '" . $affiliate_notified . "')");
$order_updated = true;
}
if ($order_updated) {
$messageStack->add_session(SUCCESS_PAYMENT_UPDATED, 'success');
}
smn_redirect(smn_href_link(FILENAME_AFFILIATE_PAYMENT, smn_get_all_get_params(array('action')) . 'action=edit'));
break;
case 'deleteconfirm':
$pID = smn_db_prepare_input($_GET['pID']);
smn_db_query("delete from " . TABLE_AFFILIATE_PAYMENT . " where affiliate_payment_id = '" . smn_db_input($pID) . "'");
smn_db_query("delete from " . TABLE_AFFILIATE_PAYMENT_STATUS_HISTORY . " where affiliate_payment_id = '" . smn_db_input($pID) . "'");
smn_redirect(smn_href_link(FILENAME_AFFILIATE_PAYMENT, smn_get_all_get_params(array('pID', 'action'))));
break;
}
if ($_GET['action'] == 'edit' && smn_not_null($_GET['pID'])) {
$pID = smn_db_prepare_input($_GET['pID']);
$payments_query = smn_db_query("select p.*, a.affiliate_payment_check, a.affiliate_payment_paypal, a.affiliate_payment_bank_name, a.affiliate_payment_bank_branch_number, a.affiliate_payment_bank_swift_code, a.affiliate_payment_bank_account_name, a.affiliate_payment_bank_account_number from " . TABLE_AFFILIATE_PAYMENT . " p, " . TABLE_AFFILIATE . " a where affiliate_payment_id = '" . smn_db_input($pID) . "' and a.affiliate_id = p.affiliate_id");
$payments_exists = true;
if (!($payments = smn_db_fetch_array($payments_query))) {
$payments_exists = false;
$messageStack->add(sprintf(ERROR_PAYMENT_DOES_NOT_EXIST, $pID), 'error');
}
}
$content_page = basename($_SERVER['PHP_SELF']);
require 'templates/default/layout.php';
require DIR_WS_INCLUDES . 'application_bottom.php';
}
if (!smn_validate_email($from_email_address)) {
$error = true;
$messageStack->add('friend', ERROR_FROM_ADDRESS);
}
if (empty($to_name)) {
$error = true;
$messageStack->add('friend', ERROR_TO_NAME);
}
if (!smn_validate_email($to_email_address)) {
$error = true;
$messageStack->add('friend', ERROR_TO_ADDRESS);
}
if ($error == false) {
$email_subject = sprintf(TEXT_EMAIL_SUBJECT, $from_name, $store->get_store_name());
$email_body = sprintf(TEXT_EMAIL_INTRO, $to_name, $from_name, $product_info['products_name'], $store->get_store_name()) . "\n\n";
if (smn_not_null($message)) {
$email_body .= $message . "\n\n";
}
$email_body .= sprintf(TEXT_EMAIL_LINK, smn_href_link(FILENAME_PRODUCT_INFO, 'ID=' . $product_info['store_id'] . '&products_id=' . $_GET['products_id'])) . "\n\n" . sprintf(TEXT_EMAIL_SIGNATURE, $store->get_store_name() . "\n" . HTTP_SERVER . DIR_WS_CATALOG . "\n");
smn_mail($to_name, $to_email_address, $email_subject, $email_body, $from_name, $from_email_address);
$messageStack->add_session('header', sprintf(TEXT_EMAIL_SUCCESSFUL_SENT, $product_info['products_name'], smn_output_string_protected($to_name)), 'success');
smn_redirect(smn_href_link(FILENAME_PRODUCT_INFO, 'ID=' . $product_info['store_id'] . '&products_id=' . $_GET['products_id']));
}
} elseif (smn_session_is_registered('customer_id')) {
$account_query = smn_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_id = '" . (int) $customer_id . "'");
$account = smn_db_fetch_array($account_query);
$from_name = $account['customers_firstname'] . ' ' . $account['customers_lastname'];
$from_email_address = $account['customers_email_address'];
}
$breadcrumb->add(NAVBAR_TITLE, smn_href_link(FILENAME_TELL_A_FRIEND, 'ID=' . $product_info['store_id'] . '&products_id=' . $_GET['products_id']));
$mail_query = smn_db_query("select distinct(customers.customers_email_address), customers_firstname, customers_lastname from " . TABLE_CUSTOMERS . ", " . TABLE_ORDERS . " where customers.customers_id = orders.customers_id and orders.store_id = " . $store_id . " and customers_newsletter = '1' group by customers.customers_id");
$mail_sent_to = TEXT_NEWSLETTER_CUSTOMERS;
break;
default:
$customers_email_address = smn_db_prepare_input($_POST['customers_email_address']);
$mail_query = smn_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_email_address = '" . smn_db_input($customers_email_address) . "'");
$mail_sent_to = $_POST['customers_email_address'];
break;
}
$from = smn_db_prepare_input($_POST['from']);
$subject = smn_db_prepare_input($_POST['subject']);
$message = smn_db_prepare_input($_POST['message']);
//Let's build a message object using the email class
$mimemessage = new email(array('X-Mailer: osCommerce'));
// add the message to the object
$mimemessage->add_text($message);
$mimemessage->build_message();
while ($mail = smn_db_fetch_array($mail_query)) {
$mimemessage->send($mail['customers_firstname'] . ' ' . $mail['customers_lastname'], $mail['customers_email_address'], '', $from, $subject);
}
smn_redirect(smn_href_link(FILENAME_MAIL, 'mail_sent_to=' . urlencode($mail_sent_to)));
}
if ($action == 'preview' && !isset($_POST['customers_email_address'])) {
$messageStack->add(ERROR_NO_CUSTOMER_SELECTED, 'error');
}
if (isset($_GET['mail_sent_to'])) {
$messageStack->add(sprintf(NOTICE_EMAIL_SENT_TO, $_GET['mail_sent_to']), 'success');
}
$content_page = basename($_SERVER['PHP_SELF']);
require 'templates/default/layout.php';
require DIR_WS_INCLUDES . 'application_bottom.php';
This source file is subject to version 2.0 of the GPL license,
that is bundled with this package in the file LICENSE. If you
did not receive a copy of the oscMall System license and are unable
to obtain it through the world-wide-web, please send a note to
license@systemsmanager.net so we can mail you a copy immediately.
*/
global $page_name;
if (!smn_session_is_registered('customer_id')) {
$navigation->set_snapshot();
smn_redirect(smn_href_link(FILENAME_LOGIN, '', 'NONSSL'));
}
$newsletter_query = smn_db_query("select customers_newsletter from " . TABLE_CUSTOMERS . " where customers_id = '" . (int) $customer_id . "'");
$newsletter = smn_db_fetch_array($newsletter_query);
if (isset($_POST['action']) && $_POST['action'] == 'process') {
if (isset($_POST['newsletter_general']) && is_numeric($_POST['newsletter_general'])) {
$newsletter_general = smn_db_prepare_input($_POST['newsletter_general']);
} else {
$newsletter_general = '0';
}
if ($newsletter_general != $newsletter['customers_newsletter']) {
$newsletter_general = $newsletter['customers_newsletter'] == '1' ? '0' : '1';
smn_db_query("update " . TABLE_CUSTOMERS . " set customers_newsletter = '" . (int) $newsletter_general . "' where customers_id = '" . (int) $customer_id . "'");
}
$messageStack->add_session('account', SUCCESS_NEWSLETTER_UPDATED, 'success');
smn_redirect(smn_href_link(FILENAME_ACCOUNT, '', 'NONSSL'));
}
$breadcrumb->add(NAVBAR_TITLE_1, smn_href_link(FILENAME_ACCOUNT, '', 'NONSSL'));
$breadcrumb->add(NAVBAR_TITLE_2, smn_href_link(FILENAME_ACCOUNT_NEWSLETTERS, '', 'NONSSL'));
?>
$product = smn_db_fetch_array($product_query);
smn_db_query("insert into " . TABLE_PRODUCTS . " (store_id, products_quantity, products_model,products_image, products_price, products_date_added, products_date_available, products_weight, products_status, products_tax_class_id, manufacturers_id) values ('" . (int)$store_id . "', '" . smn_db_input($product['products_quantity']) . "', '" . smn_db_input($product['products_model']) . "', '" . smn_db_input($product['products_image']) . "', '" . smn_db_input($product['products_price']) . "', now(), '" . smn_db_input($product['products_date_available']) . "', '" . smn_db_input($product['products_weight']) . "', '0', '" . (int)$product['products_tax_class_id'] . "', '" . (int)$product['manufacturers_id'] . "')");
$dup_products_id = smn_db_insert_id();
$description_query = smn_db_query("select language_id, products_name, products_description, products_head_title_tag, products_head_desc_tag, products_head_keywords_tag, products_url from " . TABLE_PRODUCTS_DESCRIPTION . " where products_id = '" . (int)$products_id . "'");
while ($description = smn_db_fetch_array($description_query)) {
smn_db_query("insert into " . TABLE_PRODUCTS_DESCRIPTION . " (products_id, language_id, products_name, products_description, products_head_title_tag, products_head_desc_tag, products_head_keywords_tag, products_url, products_viewed) values ('" . (int)$dup_products_id . "', '" . (int)$description['language_id'] . "', '" . smn_db_input($description['products_name']) . "', '" . smn_db_input($description['products_description']) . "', '" . smn_db_input($description['products_head_title_tag']) . "', '" . smn_db_input($description['products_head_desc_tag']) . "', '" . smn_db_input($description['products_head_keywords_tag']) . "', '" . smn_db_input($description['products_url']) . "', '0')");
}
smn_db_query("insert into " . TABLE_PRODUCTS_TO_CATEGORIES . " (store_id, products_id, categories_id) values ('" . (int)$store_id . "', '" . (int)$dup_products_id . "', '" . (int)$categories_id . "')");
$products_id = $dup_products_id;
}
if (USE_CACHE == 'true') {
smn_reset_cache_block('categories');
smn_reset_cache_block('also_purchased');
}
}
smn_redirect(html_entity_decode(smn_href_link(FILENAME_STORE_PRODUCT_CATEGORIES, 'cPath=' . $categories_id . '&ID='.$store_id.'&pID=' . $products_id)));
break;
case 'new_product_preview':
if (! checkVoucherPermissions($store_id, $_POST['products_model'])) {
$messageStack->add(ERROR_VENDORS_CANT_ADD_VOUCHERS, 'error');
$allow_insert = 'false';
} else {
// copy image only if modified
$allowed_files_types = array('gif', 'jpg', 'jpeg', 'png');
$products_image = new upload('products_image');
$products_image->set_destination(DIR_FS_CATALOG_IMAGES);
$products_image->set_extensions($allowed_files_types);
if ($products_image->parse() && $products_image->save()) {
$products_image_name = $products_image->filename;
} else {
$products_image_name = (isset($_POST['products_previous_image']) ? $_POST['products_previous_image'] : '');
<?php
/*
Copyright (c) 2002 - 2006 SystemsManager.Net
SystemsManager Technologies
oscMall System Version 4
http://www.systemsmanager.net
Portions Copyright (c) 2002 osCommerce
This source file is subject to version 2.0 of the GPL license,
that is bundled with this package in the file LICENSE. If you
did not receive a copy of the oscMall System license and are unable
to obtain it through the world-wide-web, please send a note to
license@systemsmanager.net so we can mail you a copy immediately.
*/
global $page_name;
$switch_store = 'TRUE';
smn_session_unregister('switch_store_id');
smn_session_register('switch_store_id');
$switch_store_id = intval($_GET['newID']);
if ($store_id == 1) {
smn_redirect(smn_href_link(FILENAME_GOTO_STORE, 'newID=' . $switch_store_id));
}
$breadcrumb->add(NAVBAR_TITLE, smn_href_link(FILENAME_THANK_YOU));
}
} elseif ($_GET['type'] == 'save_mainpage') {
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
$language_id = $languages[$i]['id'];
$store_description = addslashes($_POST['mainpage']);
smn_db_query("update " . TABLE_STORE_DESCRIPTION . " set store_description = '" . $store_description . "' where language_id='" . $language_id . "' and store_id = '" . $store_id . "'");
}
} else {
$languages = smn_get_languages();
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
$language_id = $languages[$i]['id'];
$sql_data_array = array('text_content' => addslashes($_POST['file_content'][$language_id]), 'date_modified' => 'now()');
smn_db_perform($db_table, $sql_data_array, 'update', "page_id='" . $_POST['page_id'] . "' and language_id='" . $language_id . "' and store_id = '" . $store_id . "'");
}
}
smn_redirect(smn_href_link(FILENAME_TEXT_EDITOR));
break;
}
}
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php
echo HTML_PARAMS;
?>
>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php
echo CHARSET;
?>
">
<title><?php
if (smn_not_null($action)) {
switch ($action) {
case 'insert':
$tax_zone_id = smn_db_prepare_input($_POST['tax_zone_id']);
$tax_class_id = smn_db_prepare_input($_POST['tax_class_id']);
$tax_rate = smn_db_prepare_input($_POST['tax_rate']);
$tax_description = smn_db_prepare_input($_POST['tax_description']);
$tax_priority = smn_db_prepare_input($_POST['tax_priority']);
smn_db_query("insert into " . TABLE_TAX_RATES . " (store_id, tax_zone_id, tax_class_id, tax_rate, tax_description, tax_priority, date_added) values ('" . (int) $store_id . "', '" . (int) $tax_zone_id . "', '" . (int) $tax_class_id . "', '" . smn_db_input($tax_rate) . "', '" . smn_db_input($tax_description) . "', '" . smn_db_input($tax_priority) . "', now())");
smn_redirect(smn_href_link(FILENAME_TAX_RATES));
break;
case 'save':
$tax_rates_id = smn_db_prepare_input($_GET['tID']);
$tax_zone_id = smn_db_prepare_input($_POST['tax_zone_id']);
$tax_class_id = smn_db_prepare_input($_POST['tax_class_id']);
$tax_rate = smn_db_prepare_input($_POST['tax_rate']);
$tax_description = smn_db_prepare_input($_POST['tax_description']);
$tax_priority = smn_db_prepare_input($_POST['tax_priority']);
smn_db_query("update " . TABLE_TAX_RATES . " set tax_rates_id = '" . (int) $tax_rates_id . "', tax_zone_id = '" . (int) $tax_zone_id . "', tax_class_id = '" . (int) $tax_class_id . "', tax_rate = '" . smn_db_input($tax_rate) . "', tax_description = '" . smn_db_input($tax_description) . "', tax_priority = '" . smn_db_input($tax_priority) . "', last_modified = now() where tax_rates_id = '" . (int) $tax_rates_id . "' and store_id = '" . $store_id . "'");
smn_redirect(smn_href_link(FILENAME_TAX_RATES, 'page=' . $_GET['page'] . '&tID=' . $tax_rates_id));
break;
case 'deleteconfirm':
$tax_rates_id = smn_db_prepare_input($_GET['tID']);
smn_db_query("delete from " . TABLE_TAX_RATES . " where tax_rates_id = '" . (int) $tax_rates_id . "' and store_id = '" . $store_id . "'");
smn_redirect(smn_href_link(FILENAME_TAX_RATES, 'page=' . $_GET['page']));
break;
}
}
$content_page = basename($_SERVER['PHP_SELF']);
require 'templates/default/layout.php';
require DIR_WS_INCLUDES . 'application_bottom.php';
