Ejemplo n.º 1
0
 /**
  * Method to handle cart Action - add product
  *
  * @param string forward destination
  * @param url parameters
  */
 function actionAddProduct($goto, $parameters)
 {
     global $db, $messageStack;
     if ($this->display_debug_messages) {
         $messageStack->add_session('header', 'A: FUNCTION ' . __FUNCTION__, 'caution');
     }
     if (isset($_POST['products_id']) && is_numeric($_POST['products_id'])) {
         // verify attributes and quantity first
         if ($this->display_debug_messages) {
             $messageStack->add_session('header', 'A2: FUNCTION ' . __FUNCTION__, 'caution');
         }
         $the_list = '';
         $adjust_max = 'false';
         if (isset($_POST['id'])) {
             foreach ($_POST['id'] as $key => $value) {
                 $check = zen_get_attributes_valid($_POST['products_id'], $key, $value);
                 if ($check == false) {
                     $the_list .= TEXT_ERROR_OPTION_FOR . '<span class="alertBlack">' . zen_options_name($key) . '</span>' . TEXT_INVALID_SELECTION . '<span class="alertBlack">' . ($value == (int) PRODUCTS_OPTIONS_VALUES_TEXT_ID ? TEXT_INVALID_USER_INPUT : zen_values_name($value)) . '</span>' . '<br />';
                 }
             }
         }
         if (!is_numeric($_POST['cart_quantity']) || $_POST['cart_quantity'] < 0) {
             // adjust quantity when not a value
             $chk_link = '<a href="' . zen_href_link(zen_get_info_page($_POST['products_id']), 'cPath=' . zen_get_generated_category_path_rev(zen_get_products_category_id($_POST['products_id'])) . '&products_id=' . $_POST['products_id']) . '">' . zen_get_products_name($_POST['products_id']) . '</a>';
             $messageStack->add_session('header', ERROR_CORRECTIONS_HEADING . ERROR_PRODUCT_QUANTITY_UNITS_SHOPPING_CART . $chk_link . ' ' . PRODUCTS_ORDER_QTY_TEXT . zen_output_string_protected($_POST['cart_quantity']), 'caution');
             $_POST['cart_quantity'] = 0;
         }
         // verify qty to add
         $add_max = zen_get_products_quantity_order_max($_POST['products_id']);
         $cart_qty = $this->in_cart_mixed($_POST['products_id']);
         if ($this->display_debug_messages) {
             $messageStack->add_session('header', 'B: FUNCTION ' . __FUNCTION__ . ' Products_id: ' . $_POST['products_id'] . ' cart_qty: ' . $cart_qty . ' $_POST[cart_quantity]: ' . $_POST['cart_quantity'] . ' <br>', 'caution');
         }
         $new_qty = $_POST['cart_quantity'];
         $new_qty = $this->adjust_quantity($new_qty, $_POST['products_id'], 'shopping_cart');
         // bof: adjust new quantity to be same as current in stock
         $chk_current_qty = zen_get_products_stock($_POST['products_id']);
         $this->flag_duplicate_msgs_set = FALSE;
         if (STOCK_ALLOW_CHECKOUT == 'false' && $cart_qty + $new_qty > $chk_current_qty) {
             $new_qty = $chk_current_qty;
             $messageStack->add_session('shopping_cart', ($this->display_debug_messages ? 'C: FUNCTION ' . __FUNCTION__ . ': ' : '') . WARNING_PRODUCT_QUANTITY_ADJUSTED . zen_get_products_name($_POST['products_id']), 'caution');
             $this->flag_duplicate_msgs_set = TRUE;
         }
         // eof: adjust new quantity to be same as current in stock
         if ($add_max == 1 and $cart_qty == 1) {
             // do not add
             $new_qty = 0;
             $adjust_max = 'true';
         } else {
             // bof: adjust new quantity to be same as current in stock
             if (STOCK_ALLOW_CHECKOUT == 'false' && $new_qty + $cart_qty > $chk_current_qty) {
                 $adjust_new_qty = 'true';
                 $alter_qty = $chk_current_qty - $cart_qty;
                 $new_qty = $alter_qty > 0 ? $alter_qty : 0;
                 if (!$this->flag_duplicate_msgs_set) {
                     $messageStack->add_session('shopping_cart', ($this->display_debug_messages ? 'D: FUNCTION ' . __FUNCTION__ . ': ' : '') . WARNING_PRODUCT_QUANTITY_ADJUSTED . zen_get_products_name($_POST['products_id']), 'caution');
                 }
             }
             // eof: adjust new quantity to be same as current in stock
             // adjust quantity if needed
             if ($new_qty + $cart_qty > $add_max and $add_max != 0) {
                 $adjust_max = 'true';
                 $new_qty = $add_max - $cart_qty;
             }
         }
         if (zen_get_products_quantity_order_max($_POST['products_id']) == 1 and $this->in_cart_mixed($_POST['products_id']) == 1) {
             // do not add
         } else {
             // process normally
             // bof: set error message
             if ($the_list != '') {
                 $messageStack->add('product_info', ERROR_CORRECTIONS_HEADING . $the_list, 'caution');
             } else {
                 // process normally
                 // iii 030813 added: File uploading: save uploaded files with unique file names
                 $real_ids = isset($_POST['id']) ? $_POST['id'] : "";
                 if (isset($_GET['number_of_uploads']) && $_GET['number_of_uploads'] > 0) {
                     /**
                      * Need the upload class for attribute type that allows user uploads.
                      *
                      */
                     include DIR_WS_CLASSES . 'upload.php';
                     for ($i = 1, $n = $_GET['number_of_uploads']; $i <= $n; $i++) {
                         if (zen_not_null($_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]]) and $_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] != 'none') {
                             $products_options_file = new upload('id');
                             $products_options_file->set_destination(DIR_FS_UPLOADS);
                             $products_options_file->set_output_messages('session');
                             if ($products_options_file->parse(TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i])) {
                                 $products_image_extension = substr($products_options_file->filename, strrpos($products_options_file->filename, '.'));
                                 if ($_SESSION['customer_id']) {
                                     $db->Execute("insert into " . TABLE_FILES_UPLOADED . " (sesskey, customers_id, files_uploaded_name) values('" . zen_session_id() . "', '" . $_SESSION['customer_id'] . "', '" . zen_db_input($products_options_file->filename) . "')");
                                 } else {
                                     $db->Execute("insert into " . TABLE_FILES_UPLOADED . " (sesskey, files_uploaded_name) values('" . zen_session_id() . "', '" . zen_db_input($products_options_file->filename) . "')");
                                 }
                                 $insert_id = $db->Insert_ID();
                                 $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $insert_id . ". " . $products_options_file->filename;
                                 $products_options_file->set_filename("{$insert_id}" . $products_image_extension);
                                 if (!$products_options_file->save()) {
                                     break;
                                 }
                             } else {
                                 break;
                             }
                         } else {
                             // No file uploaded -- use previous value
                             $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $_POST[TEXT_PREFIX . UPLOAD_PREFIX . $i];
                         }
                     }
                 }
                 $this->add_cart($_POST['products_id'], $this->get_quantity(zen_get_uprid($_POST['products_id'], $real_ids)) + $new_qty, $real_ids);
                 // iii 030813 end of changes.
             }
             // eof: set error message
         }
         // eof: quantity maximum = 1
         if ($adjust_max == 'true') {
             $messageStack->add_session('shopping_cart', ERROR_MAXIMUM_QTY . zen_get_products_name($_POST['products_id']), 'caution');
             if ($this->display_debug_messages) {
                 $messageStack->add_session('header', 'E: FUNCTION ' . __FUNCTION__ . '<br>' . ERROR_MAXIMUM_QTY . zen_get_products_name($_POST['products_id']), 'caution');
             }
         }
     }
     if ($the_list == '') {
         // no errors
         // display message if all is good and not on shopping_cart page
         if (DISPLAY_CART == 'false' && $_GET['main_page'] != FILENAME_SHOPPING_CART && $messageStack->size('shopping_cart') == 0) {
             $messageStack->add_session('header', ($this->display_debug_messages ? 'FUNCTION ' . __FUNCTION__ . ': ' : '') . SUCCESS_ADDED_TO_CART_PRODUCT, 'success');
             zen_redirect(zen_href_link($goto, zen_get_all_get_params($parameters)));
         } else {
             zen_redirect(zen_href_link(FILENAME_SHOPPING_CART));
         }
     } else {
         // errors found with attributes - perhaps display an additional message here, using an observer class to add to the messageStack
         $this->notify('NOTIFIER_CART_OPTIONAL_ATTRIBUTE_ERROR_MESSAGE_HOOK', $_POST, $the_list);
     }
 }
Ejemplo n.º 2
0
 function actionAJAXAddProduct()
 {
     global $messageStack, $db;
     if (isset($_POST['products_id']) && is_numeric($_POST['products_id'])) {
         // verify attributes and quantity first
         $the_list = '';
         $adjust_max = 'false';
         if (isset($_POST['id'])) {
             foreach ($_POST['id'] as $key => $value) {
                 $check = zen_get_attributes_valid($_POST['products_id'], $key, $value);
                 if ($check == false) {
                     $the_list .= TEXT_ERROR_OPTION_FOR . '<span class="alertBlack">' . zen_options_name($key) . '</span>' . TEXT_INVALID_SELECTION . '<span class="alertBlack">' . (zen_values_name($value) == 'TEXT' ? TEXT_INVALID_USER_INPUT : zen_values_name($value)) . '</span>' . '<br />';
                 }
             }
         }
         // verify qty to add
         //          $real_ids = $_POST['id'];
         //die('I see Add to Cart: ' . $_POST['products_id'] . 'real id ' . zen_get_uprid($_POST['products_id'], $real_ids) . ' add qty: ' . $add_max . ' - cart qty: ' . $cart_qty . ' - newqty: ' . $new_qty);
         $add_max = zen_get_products_quantity_order_max($_POST['products_id']);
         $cart_qty = $this->in_cart_mixed($_POST['products_id']);
         $new_qty = $_POST['cart_quantity'];
         if ($new_qty > 400000) {
             $new_qty = 400000;
         }
         //echo 'I SEE actionAddProduct: ' . $_POST['products_id'] . '<br>';
         $new_qty = $this->adjust_quantity($new_qty, $_POST['products_id'], 'shopping_cart');
         if ($add_max == 1 and $cart_qty == 1) {
             // do not add
             $new_qty = 0;
             $adjust_max = 'true';
         } else {
             // adjust quantity if needed
             if ($new_qty + $cart_qty > $add_max and $add_max != 0) {
                 $adjust_max = 'true';
                 $new_qty = $add_max - $cart_qty;
             }
         }
         if (zen_get_products_quantity_order_max($_POST['products_id']) == 1 and $this->in_cart_mixed($_POST['products_id']) == 1) {
             // do not add
         } else {
             // process normally
             // bof: set error message
             if ($the_list != '') {
                 $messageStack->add('product_info', ERROR_CORRECTIONS_HEADING . $the_list, 'caution');
                 //          $messageStack->add('header', 'REMOVE ME IN SHOPPING CART CLASS BEFORE RELEASE<br/><BR />' . ERROR_CORRECTIONS_HEADING . $the_list, 'error');
             } else {
                 // process normally
                 // iii 030813 added: File uploading: save uploaded files with unique file names
                 $real_ids = isset($_POST['id']) ? $_POST['id'] : "";
                 if (isset($_GET['number_of_uploads']) && $_GET['number_of_uploads'] > 0) {
                     /**
                      * Need the upload class for attribute type that allows user uploads.
                      *
                      */
                     include DIR_WS_CLASSES . 'upload.php';
                     for ($i = 1, $n = $_GET['number_of_uploads']; $i <= $n; $i++) {
                         if (zen_not_null($_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]]) and $_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] != 'none') {
                             $products_options_file = new upload('id');
                             $products_options_file->set_destination(DIR_FS_UPLOADS);
                             $products_options_file->set_output_messages('session');
                             if ($products_options_file->parse(TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i])) {
                                 $products_image_extension = substr($products_options_file->filename, strrpos($products_options_file->filename, '.'));
                                 if ($_SESSION['customer_id']) {
                                     $db->Execute("insert into " . TABLE_FILES_UPLOADED . " (sesskey, customers_id, files_uploaded_name) values('" . zen_session_id() . "', '" . $_SESSION['customer_id'] . "', '" . zen_db_input($products_options_file->filename) . "')");
                                 } else {
                                     $db->Execute("insert into " . TABLE_FILES_UPLOADED . " (sesskey, files_uploaded_name) values('" . zen_session_id() . "', '" . zen_db_input($products_options_file->filename) . "')");
                                 }
                                 $insert_id = $db->Insert_ID();
                                 $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $insert_id . ". " . $products_options_file->filename;
                                 $products_options_file->set_filename("{$insert_id}" . $products_image_extension);
                                 if (!$products_options_file->save()) {
                                     break;
                                 }
                             } else {
                                 break;
                             }
                         } else {
                             // No file uploaded -- use previous value
                             $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $_POST[TEXT_PREFIX . UPLOAD_PREFIX . $i];
                         }
                     }
                 }
                 $this->add_cart($_POST['products_id'], $this->get_quantity(zen_get_uprid($_POST['products_id'], $real_ids)) + $new_qty, $real_ids);
                 // iii 030813 end of changes.
             }
             // eof: set error message
         }
         // eof: quantity maximum = 1
         if ($adjust_max == 'true') {
             //        $messageStack->add_session('shopping_cart', ERROR_MAXIMUM_QTY . ' B: - ' . zen_get_products_name($_POST['products_id']), 'caution');
             $messageStack->add_session('shopping_cart', ERROR_MAXIMUM_QTY . zen_get_products_name($_POST['products_id']), 'caution');
         }
     }
 }
Ejemplo n.º 3
0
 /**
  * Method to handle cart Action - add product
  *
  * @param string forward destination
  * @param url parameters
  */
 public function actionAddProduct($goto, $parameters)
 {
     if (isset($_POST['products_id']) && is_numeric($_POST['products_id'])) {
         // verify attributes and quantity first
         $the_list = '';
         $adjust_max = 'false';
         if (isset($_POST['id'])) {
             foreach ($_POST['id'] as $key => $value) {
                 $check = zen_get_attributes_valid($_POST['products_id'], $key, $value);
                 if ($check == false) {
                     $the_list .= TEXT_ERROR_OPTION_FOR . '<span class="alertBlack">' . zen_options_name($key) . '</span>' . TEXT_INVALID_SELECTION . '<span class="alertBlack">' . (zen_values_name($value) == 'TEXT' ? TEXT_INVALID_USER_INPUT : zen_values_name($value)) . '</span>' . '<br />';
                 }
             }
         }
         // verify qty to add
         $add_max = zen_get_products_quantity_order_max($_POST['products_id']);
         $cart_qty = $this->in_cart_mixed($_POST['products_id']);
         $new_qty = $_POST['cart_quantity'];
         $new_qty = $this->adjust_quantity($new_qty, $_POST['products_id'], 'shopping_cart');
         if ($add_max == 1 and $cart_qty == 1) {
             // do not add
             $new_qty = 0;
             $adjust_max = 'true';
         } else {
             // adjust quantity if needed
             if ($new_qty + $cart_qty > $add_max and $add_max != 0) {
                 $adjust_max = 'true';
                 $new_qty = $add_max - $cart_qty;
             }
         }
         if (zen_get_products_quantity_order_max($_POST['products_id']) == 1 and $this->in_cart_mixed($_POST['products_id']) == 1) {
             // do not add
         } else {
             // process normally
             // bof: set error message
             if ($the_list != '') {
                 $this->getMessageStack()->add('product_info', ERROR_CORRECTIONS_HEADING . $the_list, 'caution');
             } else {
                 // process normally
                 // iii 030813 added: File uploading: save uploaded files with unique file names
                 $real_ids = isset($_POST['id']) ? $_POST['id'] : "";
                 if (isset($_GET['number_of_uploads']) && $_GET['number_of_uploads'] > 0) {
                     /**
                      * Need the upload class for attribute type that allows user uploads.
                      *
                      */
                     include DIR_WS_CLASSES . 'upload.php';
                     for ($i = 1, $n = $_GET['number_of_uploads']; $i <= $n; $i++) {
                         if (zen_not_null($_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]]) and $_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] != 'none') {
                             $products_options_file = new \upload('id');
                             $products_options_file->set_destination(DIR_FS_UPLOADS);
                             $products_options_file->set_output_messages('session');
                             if ($products_options_file->parse(TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i])) {
                                 $products_image_extension = substr($products_options_file->filename, strrpos($products_options_file->filename, '.'));
                                 if ($this->getSessionVar('customer_id')) {
                                     $this->getDb()->Execute("insert into %table.files_uploaded% (sesskey, customers_id, files_uploaded_name) values('" . zen_session_id() . "', '" . $this->getSessionVar('customer_id') . "', '" . addslashes($products_options_file->filename) . "')");
                                 } else {
                                     $this->getDb()->Execute("insert into %table.files_uploaded% (sesskey, files_uploaded_name) values('" . zen_session_id() . "', '" . addslashes($products_options_file->filename) . "')");
                                 }
                                 $insert_id = $this->getDb()->Insert_ID();
                                 $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $insert_id . ". " . $products_options_file->filename;
                                 $products_options_file->set_filename("{$insert_id}" . $products_image_extension);
                                 if (!$products_options_file->save()) {
                                     break;
                                 }
                             } else {
                                 break;
                             }
                         } else {
                             // No file uploaded -- use previous value
                             $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $_POST[TEXT_PREFIX . UPLOAD_PREFIX . $i];
                         }
                     }
                 }
                 $this->add_cart($_POST['products_id'], $this->get_quantity(zen_get_uprid($_POST['products_id'], $real_ids)) + $new_qty, $real_ids);
                 // iii 030813 end of changes.
             }
             // eof: set error message
         }
         // eof: quantity maximum = 1
         if ($adjust_max == 'true') {
             $this->getMessageStack()->add_session('shopping_cart', ERROR_MAXIMUM_QTY . zen_get_products_name($_POST['products_id']), 'caution');
         }
     }
     if ($the_list == '') {
         // no errors
         // display message if all is good and not on shopping_cart page
         if (DISPLAY_CART == 'false' && $this->getMainPage() != 'shopping_cart') {
             $this->getMessageStack()->add_session('header', SUCCESS_ADDED_TO_CART_PRODUCT, 'success');
         }
         zen_redirect(zen_href_link($goto, zen_get_all_get_params($parameters)));
     } else {
         // errors - display popup message
     }
 }
Ejemplo n.º 4
0
 $value = isset($_POST['value']) ? tep_db_prepare_input($_POST['value']) : '';
 $order = isset($_POST['sort_order']) ? tep_db_prepare_input($_POST['sort_order']) : 0;
 $depends_on = isset($_POST['depends_on']) ? tep_db_prepare_input($_POST['depends_on']) : 0;
 $excludes = isset($_POST['excludes']) ? $_POST['excludes'] : array();
 if (!tep_not_null($value)) {
     $error = true;
     $messages[] = ERROR_VALUE;
     $action = 'edit';
 }
 $check = tep_db_query("select value_image from " . TABLE_EPF_VALUES . " where value_id = " . (int) $vid);
 $current = tep_db_fetch_array($check);
 $data_array = array('sort_order' => (int) $order, 'value_depends_on' => (int) $depends_on, 'epf_value' => $value);
 $value_image = new upload('values_image');
 $webimgetypes = array('jpg', 'jpeg', 'gif', 'png');
 $value_image->set_extensions($webimgtypes);
 $value_image->set_output_messages('session');
 $value_image->set_destination(DIR_FS_CATALOG_IMAGES . 'epf/');
 if ($value_image->parse()) {
     $check_query = tep_db_query('select value_id from ' . TABLE_EPF_VALUES . ' where value_image = "' . tep_db_input($value_image->filename) . '"');
     $num_found = tep_db_num_rows($check_query);
     $check = tep_db_fetch_array($check_query);
     if ($num_found > 0 && $check['value_id'] != $vid) {
         $error = true;
         $messages[] = ERROR_FILENAME_USED;
         $action = 'edit';
     } elseif ($value_image->save()) {
         $data_array['value_image'] = $value_image->filename;
         if ($current['value_image'] != '' && $value_image->filename != $current['value_image']) {
             // image file name has changed, remove old file
             if (file_exists(DIR_FS_CATALOG_IMAGES . 'epf/' . $current['value_image'])) {
                 @unlink(DIR_FS_CATALOG_IMAGES . 'epf/' . $current['value_image']);
Ejemplo n.º 5
0
 function restore($filename = false)
 {
     global $osC_Database, $osC_Session;
     osc_set_time_limit(0);
     if ($filename !== false) {
         if (file_exists(DIR_FS_BACKUP . $filename)) {
             $restore_file = DIR_FS_BACKUP . $filename;
             $extension = substr($filename, -3);
             if ($extension == 'sql' || $extension == '.gz' || $extension == 'zip') {
                 switch ($extension) {
                     case 'sql':
                         $restore_from = $restore_file;
                         $remove_raw = false;
                         break;
                     case '.gz':
                         $restore_from = substr($restore_file, 0, -3);
                         exec(CFG_APP_GUNZIP . ' ' . $restore_file . ' -c > ' . $restore_from);
                         $remove_raw = true;
                         break;
                     case 'zip':
                         $restore_from = substr($restore_file, 0, -4);
                         exec(CFG_APP_UNZIP . ' ' . $restore_file . ' -d ' . DIR_FS_BACKUP);
                         $remove_raw = true;
                         break;
                 }
                 if (isset($restore_from) && file_exists($restore_from)) {
                     $fd = fopen($restore_from, 'rb');
                     $restore_query = fread($fd, filesize($restore_from));
                     fclose($fd);
                 }
             }
         }
     } else {
         $sql_file = new upload('sql_file');
         $sql_file->set_output_messages('session');
         if ($sql_file->parse()) {
             $restore_query = fread(fopen($sql_file->tmp_filename, 'r'), filesize($sql_file->tmp_filename));
             $filename = $sql_file->filename;
         }
     }
     if (isset($restore_query) && !empty($restore_query)) {
         $sql_array = array();
         $sql_length = strlen($restore_query);
         $pos = strpos($restore_query, ';');
         for ($i = $pos; $i < $sql_length; $i++) {
             if ($restore_query[0] == '#') {
                 $restore_query = ltrim(substr($restore_query, strpos($restore_query, "\n")));
                 $sql_length = strlen($restore_query);
                 $i = strpos($restore_query, ';') - 1;
                 continue;
             }
             if ($restore_query[$i + 1] == "\n") {
                 for ($j = $i + 2; $j < $sql_length; $j++) {
                     if (trim($restore_query[$j]) != '') {
                         $next = substr($restore_query, $j, 6);
                         if ($next[0] == '#') {
                             // find out where the break position is so we can remove this line (#comment line)
                             for ($k = $j; $k < $sql_length; $k++) {
                                 if ($restore_query[$k] == "\n") {
                                     break;
                                 }
                             }
                             $query = substr($restore_query, 0, $i + 1);
                             $restore_query = substr($restore_query, $k);
                             // join the query before the comment appeared, with the rest of the dump
                             $restore_query = $query . $restore_query;
                             $sql_length = strlen($restore_query);
                             $i = strpos($restore_query, ';') - 1;
                             continue 2;
                         }
                         break;
                     }
                 }
                 if ($next == '') {
                     // get the last insert query
                     $next = 'insert';
                 }
                 if (eregi('create', $next) || eregi('insert', $next) || eregi('drop t', $next)) {
                     $next = '';
                     $sql_array[] = substr($restore_query, 0, $i);
                     $restore_query = ltrim(substr($restore_query, $i + 1));
                     $sql_length = strlen($restore_query);
                     $i = strpos($restore_query, ';') - 1;
                 }
             }
         }
         // drop all tables defined in oscommerce/includes/database_tables.php
         $tables_array = array();
         foreach (get_defined_constants() as $key => $value) {
             if (substr($key, 0, 6) == 'TABLE_') {
                 $tables_array[] = $value;
             }
         }
         if (!empty($tables_array)) {
             $Qdrop = $osC_Database->query('drop table if exists :tables');
             $Qdrop->bindRaw(':tables', implode(', ', $tables_array));
             $Qdrop->execute();
         }
         for ($i = 0, $n = sizeof($sql_array); $i < $n; $i++) {
             $osC_Database->simpleQuery($sql_array[$i]);
         }
         $osC_Session->close();
         // empty the sessions table
         $Qsessions = $osC_Database->query('delete from :table_sessions');
         $Qsessions->bindTable(':table_sessions', TABLE_SESSIONS);
         $Qsessions->execute();
         // empty the who's online table
         $Qwho = $osC_Database->query('delete from :table_whos_online');
         $Qwho->bindTable(':table_whos_online', TABLE_WHOS_ONLINE);
         $Qwho->execute();
         $Qcfg = $osC_Database->query('delete from :table_configuration where configuration_key = :configuration_key');
         $Qcfg->bindTable(':table_configuration', TABLE_CONFIGURATION);
         $Qcfg->bindValue(':configuration_key', 'DB_LAST_RESTORE');
         $Qcfg->execute();
         $Qcfg = $osC_Database->query('insert into :table_configuration values ("", "Last Database Restore", "DB_LAST_RESTORE", :filename, "Last database restore file", "6", "", "", now(), "", "")');
         $Qcfg->bindTable(':table_configuration', TABLE_CONFIGURATION);
         $Qcfg->bindValue(':filename', $filename);
         $Qcfg->execute();
         osC_Cache::clear('configuration');
         if (isset($remove_raw) && $remove_raw === true) {
             unlink($restore_from);
         }
         return true;
     }
     return false;
 }
     $messageStack->add('product_info', ERROR_CORRECTIONS_HEADING . $the_list, 'caution');
 } else {
     // process normally
     // iii 030813 added: File uploading: save uploaded files with unique file names
     $real_ids = isset($_POST['id']) ? $_POST['id'] : "";
     if (isset($_GET['number_of_uploads']) && $_GET['number_of_uploads'] > 0) {
         /**
          * Need the upload class for attribute type that allows user uploads.
          *
          */
         include DIR_WS_CLASSES . 'upload.php';
         for ($i = 1, $n = $_GET['number_of_uploads']; $i <= $n; $i++) {
             if (zen_not_null($_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]]) and $_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] != 'none') {
                 $products_options_file = new upload('id');
                 $products_options_file->set_destination(DIR_FS_UPLOADS);
                 $products_options_file->set_output_messages('session');
                 if ($products_options_file->parse(TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i])) {
                     $products_image_extension = substr($products_options_file->filename, strrpos($products_options_file->filename, '.'));
                     if ($_SESSION['customer_id']) {
                         $db->Execute("insert into " . TABLE_FILES_UPLOADED . " (sesskey, customers_id, files_uploaded_name) values('" . zen_session_id() . "', '" . $_SESSION['customer_id'] . "', '" . zen_db_input($products_options_file->filename) . "')");
                     } else {
                         $db->Execute("insert into " . TABLE_FILES_UPLOADED . " (sesskey, files_uploaded_name) values('" . zen_session_id() . "', '" . zen_db_input($products_options_file->filename) . "')");
                     }
                     $insert_id = $db->Insert_ID();
                     $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $insert_id . ". " . $products_options_file->filename;
                     $products_options_file->set_filename("{$insert_id}" . $products_image_extension);
                     if (!$products_options_file->save()) {
                         break;
                     }
                 } else {
                     break;
 function upload($name, $img_dir, $overwrite, &$image_name)
 {
     $image = new upload($name);
     $image->set_output_messages('direct');
     $image->set_destination(DIR_FS_CATALOG_IMAGES . $img_dir);
     if ($image->parse() && $image->save($overwrite)) {
         $image_name = $img_dir . $image->filename;
         return true;
     } else {
         return false;
     }
 }
Ejemplo n.º 8
0
                     break;
                 case 'zip':
                     $restore_from = substr($restore_file, 0, -4);
                     exec(LOCAL_EXE_UNZIP . ' ' . $restore_file . ' -d ' . DIR_FS_BACKUP);
                     $remove_raw = true;
             }
             if (isset($restore_from) && file_exists($restore_from) && filesize($restore_from) > 15000) {
                 $fd = fopen($restore_from, 'rb');
                 $restore_query = fread($fd, filesize($restore_from));
                 fclose($fd);
             }
         }
     }
 } elseif ($action == 'restorelocalnow') {
     $sql_file = new upload('sql_file');
     $sql_file->set_output_messages('session');
     if ($sql_file->parse() == true) {
         $restore_query = fread(fopen($sql_file->tmp_filename, 'r'), filesize($sql_file->tmp_filename));
         $read_from = $sql_file->filename;
     }
 }
 if (isset($restore_query)) {
     $sql_array = array();
     $sql_length = strlen($restore_query);
     $pos = strpos($restore_query, ';');
     for ($i = $pos; $i < $sql_length; $i++) {
         if ($restore_query[0] == '#') {
             $restore_query = ltrim(substr($restore_query, strpos($restore_query, "\n")));
             $sql_length = strlen($restore_query);
             $i = strpos($restore_query, ';') - 1;
             continue;