function splitPageResults(&$current_page_number, $max_rows_per_page, &$sql_query, &$query_num_rows) { global $db; if ($max_rows_per_page == 0) { $max_rows_per_page = 20; } $sql_query = preg_replace("/\n\r|\r\n|\n|\r/", " ", $sql_query); if (empty($current_page_number)) { $current_page_number = 1; } $current_page_number = (int) $current_page_number; $pos_to = strlen($sql_query); // BOM by zen-cart.cn $query_lower = GBcase($sql_query, "lower"); // EOM by zen-cart.cn $pos_from = strpos($query_lower, ' from', 0); $pos_distinct_start = strpos($query_lower, ' distinct', 0); $pos_distinct_end = strpos(substr($query_lower, $pos_distinct_start), ',', 0); $pos_group_by = strpos($query_lower, ' group by', $pos_from); if ($pos_group_by < $pos_to && $pos_group_by != false) { $pos_to = $pos_group_by; } $pos_having = strpos($query_lower, ' having', $pos_from); if ($pos_having < $pos_to && $pos_having != false) { $pos_to = $pos_having; } $pos_order_by = strpos($query_lower, ' order by', $pos_from); if ($pos_order_by < $pos_to && $pos_order_by != false) { $pos_to = $pos_order_by; } $sql = $pos_distinct_start == 0 ? "select count(*) as total " : "select count(distinct " . substr($sql_query, $pos_distinct_start + 9, $pos_distinct_end - 9) . ") as total "; $sql .= substr($sql_query, $pos_from, $pos_to - $pos_from); $reviews_count = $db->Execute($sql); $query_num_rows = $reviews_count->fields['total']; if ($max_rows_per_page == '') { $max_rows_per_page = $query_num_rows; } if ($query_num_rows == 0) { $max_rows_per_page = 1; } $num_pages = ceil($query_num_rows / $max_rows_per_page); if ($current_page_number > $num_pages) { $current_page_number = $num_pages; } $offset = $max_rows_per_page * ($current_page_number - 1); // fix offset error on some versions if ($offset < 0) { $offset = 0; } $sql_query .= " limit " . $offset . ", " . $max_rows_per_page; }
function parse() { global $messageStack; if (isset($_FILES[$this->file])) { $file = array('name' => $_FILES[$this->file]['name'], 'type' => $_FILES[$this->file]['type'], 'size' => $_FILES[$this->file]['size'], 'tmp_name' => $_FILES[$this->file]['tmp_name']); } elseif (isset($GLOBALS['HTTP_POST_FILES'][$this->file])) { global $HTTP_POST_FILES; $file = array('name' => $HTTP_POST_FILES[$this->file]['name'], 'type' => $HTTP_POST_FILES[$this->file]['type'], 'size' => $HTTP_POST_FILES[$this->file]['size'], 'tmp_name' => $HTTP_POST_FILES[$this->file]['tmp_name']); } else { $file = array('name' => isset($GLOBALS[$this->file . '_name']) ? $GLOBALS[$this->file . '_name'] : '', 'type' => isset($GLOBALS[$this->file . '_type']) ? $GLOBALS[$this->file . '_type'] : '', 'size' => isset($GLOBALS[$this->file . '_size']) ? $GLOBALS[$this->file . '_size'] : '', 'tmp_name' => isset($GLOBALS[$this->file]) ? $GLOBALS[$this->file] : ''); } if (zen_not_null($file['tmp_name']) && $file['tmp_name'] != 'none' && is_uploaded_file($file['tmp_name'])) { if (sizeof($this->extensions) > 0) { // BOM by zen-cart.cn if (!in_array(GBcase(substr($file['name'], strrpos($file['name'], '.') + 1), "lower"), $this->extensions)) { // EOM by zen-cart.cn if ($this->message_location == 'direct') { $messageStack->add(ERROR_FILETYPE_NOT_ALLOWED, 'error'); } else { $messageStack->add_session(ERROR_FILETYPE_NOT_ALLOWED, 'error'); } return false; } } $this->set_file($file); $this->set_filename($file['name']); $this->set_tmp_filename($file['tmp_name']); return $this->check_destination(); } else { if ($file['name'] != '' && $file['tmp_name'] != '') { if ($this->message_location == 'direct') { $messageStack->add(WARNING_NO_FILE_UPLOADED, 'warning'); } else { $messageStack->add_session(WARNING_NO_FILE_UPLOADED, 'warning'); } } return false; } }
function zen_field_type($tbl, $fld) { global $db; $rs = $db->MetaColumns($tbl); // BOM by zen-cart.cn $type = $rs[GBcase($fld, "upper")]->type; // EOM by zen-cart.cn return $type; }
function zen_cfg_select_multioption($select_array, $key_value, $key = '') { for ($i = 0; $i < sizeof($select_array); $i++) { $name = $key ? 'configuration[' . $key . '][]' : 'configuration_value'; $string .= '<br><input type="checkbox" name="' . $name . '" value="' . $select_array[$i] . '"'; $key_values = explode(", ", $key_value); if (in_array($select_array[$i], $key_values)) { $string .= ' CHECKED'; } // BOM by zen-cart.cn $string .= ' id="' . GBcase($select_array[$i] . '-' . $name, "lower") . '"> ' . '<label for="' . GBcase($select_array[$i] . '-' . $name, "lower") . '" class="inputSelect">' . $select_array[$i] . '</label>' . "\n"; // EOM by zen-cart.cn } $string .= '<input type="hidden" name="' . $name . '" value="--none--">'; return $string; }
$messageStack->add('create_account', ENTRY_STREET_ADDRESS_ERROR); } if (strlen($city) < ENTRY_CITY_MIN_LENGTH) { $error = true; $messageStack->add('create_account', ENTRY_CITY_ERROR); } if (ACCOUNT_STATE == 'true') { $check_query = "SELECT count(*) AS total\r\n FROM " . TABLE_ZONES . "\r\n WHERE zone_country_id = :zoneCountryID"; $check_query = $db->bindVars($check_query, ':zoneCountryID', $country, 'integer'); $check = $db->Execute($check_query); $entry_state_has_zones = $check->fields['total'] > 0; if ($entry_state_has_zones == true) { $zone_query = "SELECT distinct zone_id, zone_name, zone_code\r\n FROM " . TABLE_ZONES . "\r\n WHERE zone_country_id = :zoneCountryID\r\n AND " . (trim($state) != '' && $zone_id == 0 ? "(upper(zone_name) like ':zoneState%' OR upper(zone_code) like '%:zoneState%') OR " : "") . "zone_id = :zoneID\r\n ORDER BY zone_code ASC, zone_name"; $zone_query = $db->bindVars($zone_query, ':zoneCountryID', $country, 'integer'); // BOM by zen-cart.cn $zone_query = $db->bindVars($zone_query, ':zoneState', GBcase($state, "upper"), 'noquotestring'); // EOM by zen-cart.cn $zone_query = $db->bindVars($zone_query, ':zoneID', $zone_id, 'integer'); $zone = $db->Execute($zone_query); //look for an exact match on zone ISO code $found_exact_iso_match = $zone->RecordCount() == 1; if ($zone->RecordCount() > 1) { while (!$zone->EOF && !$found_exact_iso_match) { if (strtoupper($zone->fields['zone_code']) == strtoupper($state)) { $found_exact_iso_match = true; continue; } $zone->MoveNext(); } } if ($found_exact_iso_match) {
?> : </td> <td class="smallText"> <?php echo TABLE_HEADING_OPT_VALUE . '<br />'; ?> <select name="values_id" size="10"> <?php // FIX HERE 2 - editing $values_values = $db->Execute("select pov.* from " . TABLE_PRODUCTS_OPTIONS_VALUES . " pov left join " . TABLE_PRODUCTS_OPTIONS_VALUES_TO_PRODUCTS_OPTIONS . " povtpo on pov.products_options_values_id = povtpo.products_options_values_id\n where pov.language_id ='" . $_SESSION['languages_id'] . "'\n and povtpo.products_options_id='" . $attributes_values->fields['options_id'] . "'\n order by pov.products_options_values_name"); while (!$values_values->EOF) { // BOM by zen-cart.cn if ($show_value_numbers == false) { $show_option_name = ' [' . GBcase(zen_get_products_options_name_from_value($values_values->fields['products_options_values_id']), "upper") . ' ]'; } else { $show_option_name = ' [ #' . $values_values->fields['products_options_values_id'] . ' ] ' . ' [' . GBcase(zen_get_products_options_name_from_value($values_values->fields['products_options_values_id']), "upper") . ' ]'; } // EOM by zen-cart.cn if ($attributes_values->fields['options_values_id'] == $values_values->fields['products_options_values_id']) { echo "\n" . '<option name="' . $values_values->fields['products_options_values_name'] . '" value="' . $values_values->fields['products_options_values_id'] . '" SELECTED>' . $values_values->fields['products_options_values_name'] . $show_option_name . '</option>'; } else { echo "\n" . '<option name="' . $values_values->fields['products_options_values_name'] . '" value="' . $values_values->fields['products_options_values_id'] . '">' . $values_values->fields['products_options_values_name'] . $show_option_name . '</option>'; } $values_values->MoveNext(); } // set radio values attributes_display_only switch ($attributes_values->fields['attributes_display_only']) { case '0': $on_attributes_display_only = false; $off_attributes_display_only = true; break;
$file = $directory_array[$i]; $show_file = ''; if (file_exists($file)) { $show_file .= "\n" . '<table border="2" width="95%" cellspacing="2" cellpadding="1" align="center"><tr><td class="main">' . "\n"; $show_file .= '<tr class="infoBoxContent"><td class="dataTableHeadingContent">'; $show_file .= '<strong>' . $file . '</strong>'; $show_file .= '</td></tr>'; $show_file .= '<tr><td class="main">'; // put file into an array to be scanned $lines = file($file); $found_line = 'false'; // loop through the array, show line and line numbers foreach ($lines as $line_num => $line) { $cnt_lines++; // BOM by zen-cart.cn if (strstr(GBcase($line, "upper"), GBcase($configuration_key_lookup, "upper"))) { // EOM by zen-cart.cn $found_line = 'true'; $found = 'true'; $show_file .= "<br />Line #<strong>{$line_num}</strong> : " . htmlspecialchars($line) . "<br />\n"; } else { if ($cnt_lines >= 5) { // $show_file .= ' .'; $cnt_lines = 0; } } } } $show_file .= '</td></tr></table>' . "\n"; // if there was a match, show lines if ($found_line == 'true') {
$db->Execute("insert into " . TABLE_PRODUCTS_OPTIONS_VALUES_TO_PRODUCTS_OPTIONS . " (products_options_values_to_products_options_id, products_options_id, products_options_values_id) values (NULL, '" . $_POST['option_id'] . "', '" . PRODUCTS_OPTIONS_VALUES_TEXT_ID . "')"); } break; default: // if switched from file or text remove 0 $db->Execute("delete from " . TABLE_PRODUCTS_OPTIONS_VALUES_TO_PRODUCTS_OPTIONS . " where products_options_id='" . $_POST['option_id'] . "' and products_options_values_id = '" . PRODUCTS_OPTIONS_VALUES_TEXT_ID . "'"); break; } // alert if possible duplicate $duplicate_option = ''; for ($i = 0, $n = sizeof($languages); $i < $n; $i++) { $option_name = zen_db_prepare_input($option_name_array[$languages[$i]['id']]); $check = $db->Execute("select products_options_name\n from " . TABLE_PRODUCTS_OPTIONS . "\n where language_id= '" . $languages[$i]['id'] . "'\n and products_options_name='" . zen_db_input($option_name) . "'"); if ($check->RecordCount() > 1 and !empty($option_name)) { // BOM by zen-cart.cn $duplicate_option .= ' <b>' . GBcase(zen_get_language_name($languages[$i]['id']), "upper") . '</b> : ' . $option_name; // EOM by zen-cart.cn } } if (!empty($duplicate_option)) { $messageStack->add_session(ATTRIBUTE_POSSIBLE_OPTIONS_NAME_WARNING_DUPLICATE . ' ' . $option_id . ' - ' . $duplicate_option, 'caution'); } zen_redirect(zen_href_link(FILENAME_OPTIONS_NAME_MANAGER, $_SESSION['page_info'] . '&option_order_by=' . $option_order_by)); break; case 'delete_option': // demo active test if (zen_admin_demo()) { $_GET['action'] = ''; $messageStack->add_session(ERROR_ADMIN_DEMO, 'caution'); zen_redirect(zen_href_link(FILENAME_OPTIONS_NAME_MANAGER, $_SESSION['page_info'] . '&option_order_by=' . $option_order_by)); }
function zen_display_files($include_root = false, $filetypesincluded = 1) { global $check_directory, $found, $configuration_key_lookup; global $db; $directory_array = array(); for ($i = 0, $n = sizeof($check_directory); $i < $n; $i++) { // echo 'I SEE ' . $check_directory[$i] . '<br>'; $dir_check = $check_directory[$i]; switch ($filetypesincluded) { case 1: $file_extensions = array('.php'); break; case 2: $file_extensions = array('.php', '.css'); break; case 3: $file_extensions = array('.css'); break; case 4: $file_extensions = array('.html', '.txt'); break; case 5: $file_extensions = array('.js'); break; default: $file_extensions = array('.php', '.css'); break; } if ($dir = @dir($dir_check)) { while ($file = $dir->read()) { if (!is_dir($dir_check . $file)) { foreach ($file_extensions as $extension) { if (preg_match('/\\' . $extension . '$/', $file) > 0) { $directory_array[] = $dir_check . $file; } } } } if (sizeof($directory_array)) { sort($directory_array); } $dir->close(); unset($dir); } } if ($include_root == true) { $original_array = $directory_array; $root_array = array(); // if not html/txt if ($filetypesincluded != 3 && $filetypesincluded != 4 && $filetypesincluded != 5) { $root_array[] = DIR_FS_CATALOG . 'index.php'; $root_array[] = DIR_FS_CATALOG . 'ipn_main_handler.php'; $root_array[] = DIR_FS_CATALOG . 'page_not_found.php'; } $root_array[] = DIR_FS_CATALOG . 'nddbc.html'; $new_array = array_merge($root_array, $original_array); $directory_array = $new_array; } // show path and filename if (strtoupper($configuration_key_lookup) == $configuration_key_lookup) { while (strstr($configuration_key_lookup, '"')) { $configuration_key_lookup = str_replace('"', '', $configuration_key_lookup); } while (strstr($configuration_key_lookup, "'")) { $configuration_key_lookup = str_replace("'", '', $configuration_key_lookup); } // if appears to be a constant ask about configuration table $check_database = true; $sql = "select * from " . TABLE_CONFIGURATION . " where configuration_key=:zcconfigkey:"; $sql = $db->BindVars($sql, ':zcconfigkey:', strtoupper($configuration_key_lookup), 'string'); $check_configure = $db->Execute($sql); if ($check_configure->RecordCount() < 1) { $sql = "select * from " . TABLE_PRODUCT_TYPE_LAYOUT . " where configuration_key=:zcconfigkey:"; $sql = $db->BindVars($sql, ':zcconfigkey:', strtoupper($configuration_key_lookup), 'string'); $check_configure = $db->Execute($sql); } if ($check_configure->RecordCount() >= 1) { $links = '<strong><span class="alert">' . TEXT_SEARCH_DATABASE_TABLES . '</span></strong> ' . '<a href="' . zen_href_link(FILENAME_DEVELOPERS_TOOL_KIT, 'action=' . 'locate_configuration' . '&configuration_key_lookup=' . $configuration_key_lookup) . '">' . $configuration_key_lookup . '</a><br /><br />'; } else { // do nothing } } else { // don't ask about configuration table } // die('I SEE ' . $check_configure->RecordCount() . ' vs ' . $check_database); echo '<table border="0" width="100%" cellspacing="2" cellpadding="1" align="center">' . "\n"; if (isset($check_database) && ($check_database == true && $check_configure->RecordCount() >= 1)) { // only ask if found echo '<tr><td>' . $links . '</td></tr>'; } echo '<tr class="infoBoxContent"><td class="dataTableHeadingContent">' . ' ' . TEXT_INFO_SEARCHING . sizeof($directory_array) . TEXT_INFO_FILES_FOR . $configuration_key_lookup . '</td></tr></table>' . "\n\n"; echo '<tr><td> </td></tr>'; // check all files located $file_cnt = 0; $cnt_found = 0; for ($i = 0, $n = sizeof($directory_array); $i < $n; $i++) { // build file content of matching lines $file_cnt++; $file = $directory_array[$i]; // echo 'I SEE ' . $directory_array[$i] . '<br>'; // clean path name while (strstr($file, '//')) { $file = str_replace('//', '/', $file); } $show_file = ''; if (file_exists($file)) { $show_file .= "\n" . '<table border="2" width="95%" cellspacing="2" cellpadding="1" align="center"><tr><td class="main">' . "\n"; $show_file .= '<tr class="infoBoxContent"><td class="dataTableHeadingContent">'; $show_file .= '<strong>' . $file . '</strong>'; $show_file .= '</td></tr>'; $show_file .= '<tr><td class="main">'; // put file into an array to be scanned $lines = file($file); $found_line = 'false'; // loop through the array, show line and line numbers $cnt_lines = 0; foreach ($lines as $line_num => $line) { $cnt_lines++; if (isset($_POST['case_sensitive']) && $_POST['case_sensitive']) { $check_case = strstr($line, $configuration_key_lookup); } else { // BOM by zen-cart.cn $check_case = strstr(GBcase($line, "upper"), GBcase($configuration_key_lookup, "upper")); // EOM by zen-cart.cn } if ($check_case) { $found_line = 'true'; $found = 'true'; $cnt_found++; $show_file .= "<br />Line #<strong>{$line_num}</strong> : "; // prevent db pwd from being displayed, for sake of security $show_file .= substr_count($line, "'DB_SERVER_PASSWORD'") ? '***HIDDEN***' : htmlspecialchars($line, ENT_QUOTES, CHARSET); $show_file .= "<br />\n"; } else { if ($cnt_lines >= 5) { // $show_file .= ' .'; $cnt_lines = 0; } } } } $show_file .= '</td></tr></table>' . "\n"; // if there was a match, show lines if ($found_line == 'true') { echo $show_file . '<table><tr><td> </td></tr></table>'; } // show file } echo '<table border="0" width="100%" cellspacing="2" cellpadding="1" align="center"><tr class="infoBoxContent"><td class="dataTableHeadingContent">' . TEXT_INFO_MATCHES_FOUND . $cnt_found . '</td></tr></table>'; }
/** * Function to filter a string and remove punctuation and white space. * * @param string $string input text * @return string filtered text */ function filter($string) { $retval = $string; // First filter using PCRE Rules if (is_array($this->filter_pcre)) { $retval = preg_replace(array_keys($this->filter_pcre), array_values($this->filter_pcre), $retval); } // Next run Character Conversion Sets over the string if (is_array($this->filter_char)) { $retval = strtr($retval, $this->filter_char); } // Next run character filters over the string $pattern = ''; // Remove Special Characters from the strings switch (SEO_URLS_REMOVE_CHARS) { case 'non-alphanumerical': // Remove all non alphanumeric characters if (!self::$unicodeEnabled) { // POSIX named classes are not supported by preg_replace $pattern = '/[^a-zA-Z0-9\\s]/'; } else { // Each language's alphabet. $pattern = '/[^\\p{L}\\p{N}\\s]/u'; } break; case 'punctuation': // Remove all punctuation if (!self::$unicodeEnabled) { // POSIX named classes are not supported by preg_replace $pattern = '/[!"#$%&\'()*+,.\\/:;<=>?@[\\\\]^_`{|}~]/'; } else { // Each language's punctuation. $pattern = '/[\\p{P}\\p{S}]/u'; } break; default: } // modified by zen-cart.cn // $retval = preg_replace($pattern, '', strtolower($retval)); $pattern = '/[\\p{P}\\p{S}]/u'; $retval = preg_replace($pattern, '', GBcase($retval, "lower")); // Replace any remaining whitespace with a - // $retval = preg_replace('/\s/', '-', $retval); $retval = str_replace(" ", "-", $retval); // 替换英文空格 $retval = str_replace(chr(32), "-", $retval); // 替换中文空格 $retval = str_replace(chr(227), "-", $retval); // 替换utf-8空格 return $this->short_name($retval); // return the short filtered name }
function GB_replace_i($needle, $str_f, $str_b, $haystack) { $l = strlen($haystack); $l2 = strlen($needle); $l3 = strlen($string); $news = ""; $skip = 0; $a = 0; while ($a < $l) { $ch = substr($haystack, $a, 1); $ch2 = substr($haystack, $a + 1, 1); if (ord($ch) >= HexDec("0x81") && ord($ch2) >= HexDec("0x40")) { if (GBcase(substr($haystack, $a, $l2), "lower") == GBcase($needle, "lower")) { $news .= $str_f . substr($haystack, $a, $l2) . $str_b; $a += $l2; } else { $news .= $ch . $ch2; $a += 2; } } else { if (GBcase(substr($haystack, $a, $l2), "lower") == GBcase($needle, "lower")) { $news .= $str_f . substr($haystack, $a, $l2) . $str_b; $a += $l2; } else { $news .= $ch; $a++; } } // END IF } // END WHILE return $news; }
* @copyright Copyright 2003-2006 Zen Cart Development Team * @copyright Portions Copyright 2003 osCommerce * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0 * @version $Id: htmlarea.php 4245 2006-08-24 14:07:50Z drbyte $ */ if (!defined('IS_ADMIN_FLAG')) { die('Illegal Access'); } define('BR', "\n"); // INSERTS <SCRIPT> TAGS IN <HEAD> FOR HTMLAREA TO BE CALLED if ($_SESSION['html_editor_preference_status'] == "HTMLAREA") { //define URL and LANG parameters echo '<script type="text/javascript">' . BR; echo ' _editor_url = "' . DIR_WS_CATALOG . 'editors/htmlarea/";' . BR; // BOM by zen-cart.cn echo ' _editor_lang = "' . GBcase($_SESSION['languages_code'], "lower") . '";' . BR; // EOM by zen-cart.cn echo '</script>' . BR; //<!-- load the main HTMLArea files --> echo '<script type="text/javascript" src="' . DIR_WS_CATALOG . 'editors/htmlarea/htmlarea.js"></script>' . BR; // echo '<script type="text/javascript" src="' . DIR_WS_CATALOG . 'editors/htmlarea/lang/'.strtolower(DEFAULT_LANGUAGE).'.js"></script>' .BR; // echo '<script type="text/javascript" src="' . DIR_WS_CATALOG . 'editors/htmlarea/dialog.js"></script>' .BR; // echo '<script type="text/javascript" src="' . DIR_WS_CATALOG . 'editors/htmlarea/popupdiv.js"></script>' .BR; // echo '<script type="text/javascript" src="' . DIR_WS_CATALOG . 'editors/htmlarea/popupwin.js"></script>' .BR; //<!-- load the plugins --> echo '<script type="text/javascript">' . BR; // WARNING: using this interface to load plugin // will _NOT_ work if plugins do not have the language // loaded by HTMLArea. // In other words, this function generates SCRIPT tags // that load the plugin and the language file, based on the
function zen_get_show_product_switch($lookup, $field, $suffix = 'SHOW_', $prefix = '_INFO', $field_prefix = '_', $field_suffix = '') { global $db; $sql = "select products_type from " . TABLE_PRODUCTS . " where products_id='" . $lookup . "'"; $type_lookup = $db->Execute($sql); $sql = "select type_handler from " . TABLE_PRODUCT_TYPES . " where type_id = '" . $type_lookup->fields['products_type'] . "'"; $show_key = $db->Execute($sql); // BOM by zen-cart.cn $zv_key = GBcase($suffix . $show_key->fields['type_handler'] . $prefix . $field_prefix . $field . $field_suffix, "upper"); // EOM by zen-cart.cn $sql = "select configuration_key, configuration_value from " . TABLE_PRODUCT_TYPE_LAYOUT . " where configuration_key='" . $zv_key . "'"; $zv_key_value = $db->Execute($sql); if ($zv_key_value->RecordCount() > 0) { return $zv_key_value->fields['configuration_value']; } else { $sql = "select configuration_key, configuration_value from " . TABLE_CONFIGURATION . " where configuration_key='" . $zv_key . "'"; $zv_key_value = $db->Execute($sql); if ($zv_key_value->RecordCount() > 0) { return $zv_key_value->fields['configuration_value']; } else { return false; } } }
function metaColumns($zp_table) { $res = @mysql_query("select * from " . $zp_table . " limit 1", $this->link); $num_fields = @mysql_num_fields($res); for ($i = 0; $i < $num_fields; $i++) { // BOM by zen-cart.cn $obj[GBcase(@mysql_field_name($res, $i), "upper")] = new queryFactoryMeta($i, $res); // EOM by zen-cart.cn } return $obj; }