/**
* Upload a new image from the Image Manager or TinyMCE itself. Images are thrown in the uploaded_images
* directory. Invalid images (no dimensions available, mismatched type) are not accepted. Will output
* a JSON encoded array of details about the image just uploaded.
*/
private function UploadImage()
{
if (empty($_FILES['Filedata'])) {
exit;
}
$_FILES['Filedata']['filesize'] = NiceSize($_FILES['Filedata']['size']);
$_FILES['Filedata']['id'] = substr(md5($_FILES['Filedata']['name']), 0, 10);
$_FILES['Filedata']['errorfile'] = false;
// $_FILES['Filedata']['imagepath'] = GetConfig('AppPath').'/'.GetConfig('ImageDirectory').'/uploaded_images/';
// $_FILES['Filedata']['imagepath'] = GetConfig('AppPath').'/description_images/'.$this->foldername().'/';
$_FILES['Filedata']['imagepath'] = GetConfig('AppPath') . '/' . $this->foldername() . '/';
$_FILES['Filedata']['duplicate'] = false;
if ($_FILES['Filedata']['error'] != UPLOAD_ERR_OK) {
$_FILES['Filedata']['erorrfile'] = 'badupload';
die(isc_json_encode($_FILES));
}
$tmpName = $_FILES['Filedata']['tmp_name'];
$name = basename($_FILES['Filedata']['name']);
$name = str_replace(' ', '_', $name);
// $destination = ISC_BASE_PATH.'/'.GetConfig('ImageDirectory').'/uploaded_images/'.$name;
// $destination = ISC_BASE_PATH.'/description_images/'.$this->foldername().'/'.$name;
$destination = ISC_BASE_PATH . '/' . $this->foldername() . '/' . $name;
if (!$this->IsValidImageFile($tmpName, $_FILES['Filedata']['type'])) {
$_FILES['FileData']['errorfile'] = 'badtype';
} else {
if (!$this->IsImageFile(isc_strtolower($name))) {
$_FILES['Filedata']['errorfile'] = 'badname';
} else {
if (file_exists($destination)) {
$_FILES['Filedata']['duplicate'] = true;
} else {
if (!@move_uploaded_file($tmpName, $destination)) {
$_FILES['Filedata']['errorfile'] = 'badupload';
}
}
}
}
// Get the image dimensions so we can show a thumbnail
list($imgWidth, $imgHeight) = @getimagesize($destination);
if (!$imgWidth || !$imgHeight) {
$imgWidth = 200;
$imgHeight = 150;
}
$_FILES['Filedata']['origwidth'] = $imgWidth;
$_FILES['Filedata']['origheight'] = $imgHeight;
if ($imgWidth > 200) {
$imgHeight = 200 / $imgWidth * $imgHeight;
$imgWidth = 200;
}
if ($imgHeight > 150) {
$imgWidth = 150 / $imgHeight * $imgWidth;
$imgHeight = 150;
}
$_FILES['Filedata']['width'] = $imgWidth;
$_FILES['Filedata']['height'] = $imgHeight;
unset($_FILES['Filedata']['tmp_name']);
echo isc_json_encode($_FILES);
exit;
}
public function SetPanelSettings()
{
// Show "All prices are in [currency code]"
$currency = GetCurrencyById($GLOBALS['CurrentCurrency']);
if (is_array($currency) && $currency['currencycode']) {
$GLOBALS['AllPricesAreInCurrency'] = sprintf(GetLang('AllPricesAreInCurrency'), isc_html_escape($currency['currencyname']), isc_html_escape($currency['currencycode']));
}
if (GetConfig('DebugMode') == 1) {
$end_time = microtime_float();
$GLOBALS['ScriptTime'] = number_format($end_time - ISC_START_TIME, 4);
$GLOBALS['QueryCount'] = $GLOBALS['ISC_CLASS_DB']->NumQueries;
if (function_exists('memory_get_peak_usage')) {
$GLOBALS['MemoryPeak'] = "Memory usage peaked at " . NiceSize(memory_get_peak_usage(true));
} else {
$GLOBALS['MemoryPeak'] = '';
}
if (isset($_REQUEST['debug'])) {
$GLOBALS['QueryList'] = "<ol class='QueryList' style='font-size: 13px;'>\n";
foreach ($GLOBALS['ISC_CLASS_DB']->QueryList as $query) {
$GLOBALS['QueryList'] .= "<li style='line-height: 1.4; margin-bottom: 4px;'>" . isc_html_escape($query['Query']) . " — <em>" . number_format($query['ExecutionTime'], 4) . "seconds</em></li>\n";
}
$GLOBALS['QueryList'] .= "</ol>";
}
$GLOBALS['DebugDetails'] = "<p>Page built in " . $GLOBALS['ScriptTime'] . "s with " . $GLOBALS['QueryCount'] . " queries. " . $GLOBALS['MemoryPeak'] . "</p>";
} else {
$GLOBALS['DebugDetails'] = '';
}
// Do we have any live chat service code to show in the footer
$modules = GetConfig('LiveChatModules');
if (!empty($modules)) {
$liveChatClass = GetClass('ISC_LIVECHAT');
$GLOBALS['LiveChatFooterCode'] = $liveChatClass->GetPageTrackingCode('footer');
}
// Load our whitelabel file for the front end
require_once ISC_BASE_PATH . '/includes/whitelabel.php';
// Load the configuration file for this template
$poweredBy = 0;
require_once ISC_BASE_PATH . '/templates/' . GetConfig('template') . '/config.php';
if (isset($GLOBALS['TPL_CFG']['PoweredBy'])) {
if (!isset($GLOBALS['ISC_CFG']['TemplatePoweredByLines'][$GLOBALS['TPL_CFG']['PoweredBy']])) {
$GLOBALS['TPL_CFG']['PoweredBy'] = 0;
}
$poweredBy = $GLOBALS['TPL_CFG']['PoweredBy'];
}
// Showing the powered by?
$GLOBALS['PoweredBy'] = '';
if ($GLOBALS['ISC_CFG']['DisableFrontEndPoweredBy'] == false && isset($GLOBALS['ISC_CFG']['TemplatePoweredByLines'][$poweredBy])) {
$GLOBALS['PoweredBy'] = $GLOBALS['ISC_CFG']['TemplatePoweredByLines'][$poweredBy];
}
}
function GetMaxUploadSize()
{
$sizes = array("upload_max_filesize" => ini_get("upload_max_filesize"), "post_max_size" => ini_get("post_max_size"));
$max_size = -1;
foreach ($sizes as $size) {
if (!$size) {
continue;
}
$unit = isc_substr($size, -1);
$size = isc_substr($size, 0, -1);
switch (isc_strtolower($unit)) {
case "g":
$size *= 1024;
case "m":
$size *= 1024;
case "k":
$size *= 1024;
}
if ($max_size == -1 || $size > $max_size) {
$max_size = $size;
}
}
return NiceSize($max_size);
}
public function PrintFooter()
{
if (GetConfig('DebugMode') == 1) {
$end_time = microtime_float();
$GLOBALS['ScriptTime'] = number_format($end_time - ISC_START_TIME, 4);
$GLOBALS['QueryCount'] = $GLOBALS['ISC_CLASS_DB']->NumQueries;
if (function_exists('memory_get_peak_usage')) {
$GLOBALS['MemoryPeak'] = "Memory usage peaked at " . NiceSize(memory_get_peak_usage(true));
} else {
$GLOBALS['MemoryPeak'] = '';
}
if (isset($_REQUEST['debug'])) {
echo "<ol class='QueryList' style='font-size: 13px;'>\n";
foreach ($GLOBALS['ISC_CLASS_DB']->QueryList as $query) {
echo "<li style='line-height: 1.4; margin-bottom: 4px;'>" . isc_html_escape($query['Query']) . " — <em>" . number_format($query['ExecutionTime'], 4) . "seconds</em></li>\n";
}
echo "</ol>";
}
$GLOBALS['DebugDetails'] = "<p>Page built in " . $GLOBALS['ScriptTime'] . "s with " . $GLOBALS['QueryCount'] . " queries. " . $GLOBALS['MemoryPeak'] . "</p>";
} else {
$GLOBALS['DebugDetails'] = '';
}
$GLOBALS['AdminCopyright'] = str_replace('%%EDITION%%', $GLOBALS['AppEdition'], GetConfig('AdminCopyright'));
$GLOBALS["ISC_CLASS_TEMPLATE"]->SetTemplate("pagefooter");
$GLOBALS["ISC_CLASS_TEMPLATE"]->ParseTemplate();
}
public function GetDownloadsGrid($productId = 0, $productHash = '')
{
if ($productId > 0) {
$where = sprintf("pd.productid='%d'", $productId);
} else {
$where = sprintf("pd.prodhash='%s'", $productHash);
}
$query = sprintf("\n\t\t\t\tselect pd.*, sum(od.numdownloads) as numdownloads\n\t\t\t\tfrom [|PREFIX|]product_downloads pd\n\t\t\t\tleft join [|PREFIX|]order_downloads od on (od.downloadid=pd.downloadid)\n\t\t\t\twhere %s\n\t\t\t\tgroup by pd.downloadid", $where);
$grid = '';
$result = $GLOBALS['ISC_CLASS_DB']->Query($query);
while ($row = $GLOBALS['ISC_CLASS_DB']->Fetch($result)) {
$GLOBALS['DownloadId'] = $row['downloadid'];
$GLOBALS['DownloadFile'] = $row['downfile'];
$GLOBALS['NumDownloads'] = number_format($row['numdownloads']);
$GLOBALS['DownloadName'] = $row['downname'];
if ($row['downdescription']) {
$GLOBALS['DownloadName'] = sprintf("<span onmouseover=\"ShowQuickHelp(this, '%s', '%s');\" onmouseout=\"HideQuickHelp(this);\" class=\"HelpText\">%s</span>", $GLOBALS['DownloadName'], str_replace("'", "\\'", $row['downdescription']), $GLOBALS['DownloadName']);
}
$GLOBALS['DownloadSize'] = NiceSize($row['downfilesize']);
if ($row['downmaxdownloads'] == 0) {
$GLOBALS['MaxDownloads'] = GetLang('Unlimited');
} else {
$GLOBALS['MaxDownloads'] = $row['downmaxdownloads'];
}
if ($row['downexpiresafter']) {
$days = $row['downexpiresafter'] / 86400;
if ($days % 365 == 0) {
$GLOBALS['ExpiresAfter'] = number_format($days / 365) . " " . GetLang('YearsLower');
} else {
if ($days % 30 == 0) {
$GLOBALS['ExpiresAfter'] = number_format($days / 30) . " " . GetLang('MonthsLower');
} else {
if ($days % 7 == 0) {
$GLOBALS['ExpiresAfter'] = number_format($days / 7) . " " . GetLang('WeeksLower');
} else {
$GLOBALS['ExpiresAfter'] = number_format($days) . " " . GetLang('DaysLower');
}
}
}
} else {
$GLOBALS['ExpiresAfter'] = GetLang('Never');
}
$GLOBALS["ISC_CLASS_TEMPLATE"]->SetTemplate("product.form.downloadrow");
$grid .= $GLOBALS["ISC_CLASS_TEMPLATE"]->ParseTemplate(true);
}
return $grid;
}
/**
* Show the window to configure an item (variations, configurable fields) etc in the
* order that's being created/edited.
*/
private function OrderConfigureProduct()
{
if (!isset($_REQUEST['cartItemId']) || !isset($_REQUEST['orderSession'])) {
exit;
}
// Initialize the cart management API
$orderClass = GetClass('ISC_ADMIN_ORDERS');
$orderClass->GetCartApi($_REQUEST['orderSession']);
$existingProduct = $orderClass->GetCartApi()->GetProductInCart($_REQUEST['cartItemId']);
if (is_array($existingProduct)) {
if (isset($_REQUEST['productId']) && $existingProduct['product_id'] != $_REQUEST['productId']) {
$existingProduct = false;
} else {
$_REQUEST['productId'] = $existingProduct['product_id'];
}
}
// Fetch the product class on the front end as it'll be doing most of the work for this page
$productClass = new ISC_PRODUCT($_REQUEST['productId']);
if (!$productClass->GetProductId()) {
exit;
}
if (!is_array($existingProduct) && !isset($_REQUEST['productId'])) {
exit;
} else {
if (is_array($existingProduct)) {
$GLOBALS['EditingExistingProduct'] = 1;
$GLOBALS['Intro'] = GetLang('OrderConfigureProductEdit');
$GLOBALS['ButtonLabel'] = GetLang('OrderConfigureProductEditButton');
$productPrice = $existingProduct['product_price'];
$GLOBALS['VariationId'] = $existingProduct['variation_id'];
} else {
$GLOBALS['Intro'] = GetLang('OrderConfigureProduct');
$GLOBALS['ButtonLabel'] = GetLang('AddProductToOrder');
// Finally, determine the price based on the customer group
$product = $productClass->GetProduct();
$productPrice = CalcProdCustomerGroupPrice($product, $product['prodcalculatedprice']);
}
}
$GLOBALS['ProductPrice'] = FormatPrice($productPrice);
$productVariations = $productClass->GetProductVariations();
$GLOBALS['ProductName'] = isc_html_escape($productClass->GetProductName());
$GLOBALS['ProductId'] = (int) $productClass->GetProductId();
$GLOBALS['OrderSession'] = isc_html_escape($_REQUEST['orderSession']);
$GLOBALS['CartItemId'] = isc_html_escape($_REQUEST['cartItemId']);
$GLOBALS['Quantity'] = (int) $_REQUEST['quantity'];
$GLOBALS['ProductOptionRequired'] = 0;
$GLOBALS['VariationList'] = '';
if (!empty($productVariations)) {
// If we have an existing variation already, look up the combination
$existingCombination = array();
if (is_array($existingProduct) && $existingProduct['variation_id']) {
$query = "\n\t\t\t\t\t\tSELECT vcoptionids\n\t\t\t\t\t\tFROM [|PREFIX|]product_variation_combinations\n\t\t\t\t\t\tWHERE combinationid='" . (int) $existingProduct['variation_id'] . "'\n\t\t\t\t\t";
$existingCombination = explode(',', $GLOBALS['ISC_CLASS_DB']->FetchOne($query));
}
if ($productClass->IsOptionRequired()) {
$GLOBALS['ProductOptionRequired'] = 1;
$GLOBALS['VariationRequired'] = '*';
} else {
$GLOBALS['VariationRequired'] = ' ';
}
$GLOBALS['VariationNumber'] = 0;
foreach ($productVariations as $name => $options) {
$GLOBALS['VariationNumber']++;
$optionList = '';
foreach ($options as $option) {
$sel = '';
if (in_array($option['voptionid'], $existingCombination)) {
$sel = 'selected="selected"';
}
$optionList .= '<option value="' . $option['voptionid'] . '" ' . $sel . '>' . isc_html_escape($option['vovalue']) . '</option>';
}
$GLOBALS['VariationOptions'] = $optionList;
$GLOBALS['VariationName'] = isc_html_escape($name);
$GLOBALS['VariationList'] .= $GLOBALS['ISC_CLASS_TEMPLATE']->GetSnippet('OrderProductConfigurationVariation');
}
$GLOBALS['ProductVariationJavascript'] = $productClass->GetProductVariationCombinationJavascript();
} else {
$GLOBALS['HideVariationList'] = 'display: none';
}
$fields = $productClass->GetProductFields($_REQUEST['productId']);
$GLOBALS['ProductFields'] = '';
if (!empty($fields)) {
foreach ($fields as $field) {
$GLOBALS['FieldId'] = $field['id'];
$GLOBALS['FieldRequired'] = ' ';
$requiredClass = '';
$GLOBALS['FieldName'] = isc_html_escape($field['name']) . ':';
$GLOBALS['HideFieldHelp'] = 'display: none';
$GLOBALS['FieldHelp'] = '';
$GLOBALS['HideFileCurrentValue'] = 'display: none';
$existingValue = '';
if (isset($existingProduct['product_fields'][$field['id']])) {
if ($field['type'] == 'file') {
$existingValue = isc_html_escape($existingProduct['product_fields'][$field['id']]['fileOriginName']);
$existingFileName = $existingProduct['product_fields'][$field['id']]['fileName'];
} else {
$existingValue = isc_html_escape($existingProduct['product_fields'][$field['id']]['fieldValue']);
}
}
if ($field['required'] == 1) {
$requiredClass = 'FieldRequired';
$GLOBALS['FieldRequired'] = '*';
}
switch ($field['type']) {
case 'textarea':
$inputField = '<textarea cols="30" rows="3" name="productFields[' . $field['id'] . ']" class="Field300 ' . $requiredClass . '">' . $existingValue . '</textarea>';
break;
case 'file':
if ($existingValue) {
$requiredClass .= 'HasExistingValue';
}
$inputField = '<input type="file" name="productFields[' . $field['id'] . ']" class="Field300 ' . $requiredClass . '" />';
$help = array();
if ($field['fileSize'] > 0) {
$help[] = GetLang('MaximumSize') . ': ' . NiceSize($field['fileSize'] * 1024);
}
if ($field['fileType'] != '') {
$help[] = GetLang('AllowedTypes') . ': ' . '<span class="FileTypes">' . isc_strtoupper(isc_html_escape($field['fileType']) . '</span>');
}
$help = implode('. ', $help);
if ($help != '') {
$GLOBALS['HideFieldHelp'] = '';
$GLOBALS['FieldHelp'] = '<em>(' . $help . ')</em>';
}
if ($existingValue) {
$GLOBALS['HideFileCurrentValue'] = '';
if (!$field['required']) {
$GLOBALS['HideRemoveFile'] = 'display: none';
}
$GLOBALS['CurrentFileName'] = $existingValue;
if (isset($existingProduct['product_fields'][$field['id']]['fieldExisting'])) {
$fileDirectory = 'configured_products';
} else {
$fileDirectory = 'configured_products_tmp';
}
$GLOBALS['CurrentFileLink'] = GetConfig('ShopPath') . '/' . GetConfig('ImageDirectory') . '/' . $fileDirectory . '/' . $existingFileName;
}
break;
case 'checkbox':
$checked = '';
if ($existingValue) {
$checked = 'checked="checked"';
}
$inputField = '<label><input type="checkbox" name="productFields[' . $field['id'] . ']" ' . $checked . ' value="1" /> ' . GetLang('TickToSelect') . '</label>';
break;
default:
$inputField = '<input type="text" name="productFields[' . $field['id'] . ']" class="Field300 ' . $requiredClass . '" value="' . $existingValue . '"/>';
}
$GLOBALS['InputField'] = $inputField;
$GLOBALS['ProductFields'] .= $GLOBALS['ISC_CLASS_TEMPLATE']->GetSnippet('OrderProductConfigurationField');
}
} else {
$GLOBALS['HideConfigurableFields'] = 'display: none';
}
if ($productClass->GetEventDateRequired() == 1) {
$this->LoadEventDate($productClass, $existingProduct);
} else {
$GLOBALS['EventDate'] = '';
$GLOBALS['HideEventDate'] = 'display : none;';
}
echo $GLOBALS['ISC_CLASS_TEMPLATE']->GetSnippet('OrderProductConfiguration');
exit;
}
public function EditConfigurableFieldsInCart()
{
if (!isset($_REQUEST['itemid'])) {
return false;
}
$itemId = (int) $_REQUEST['itemid'];
$output = '';
$cartItem = $_SESSION['CART']['ITEMS'][$itemId];
$cartItemFields = $_SESSION['CART']['ITEMS'][$itemId]['product_fields'];
$GLOBALS['ItemId'] = $itemId;
$GLOBALS['ISC_CLASS_PRODUCT'] = GetClass('ISC_PRODUCT');
$GLOBALS['CartProductName'] = isc_html_escape($cartItem['product_name']);
$fields = $GLOBALS['ISC_CLASS_PRODUCT']->GetProductFields($cartItem['product_id']);
foreach ($fields as $field) {
$GLOBALS['ProductFieldType'] = isc_html_escape($field['type']);
$GLOBALS['ProductFieldId'] = (int) $field['id'];
$GLOBALS['ProductFieldName'] = isc_html_escape($field['name']);
$GLOBALS['ProductFieldRequired'] = '';
$GLOBALS['FieldRequiredClass'] = '';
$GLOBALS['ProductFieldValue'] = '';
$GLOBALS['ProductFieldFileValue'] = '';
$GLOBALS['HideCartFileName'] = 'display: none';
$GLOBALS['CheckboxFieldNameLeft'] = '';
$GLOBALS['CheckboxFieldNameRight'] = '';
$GLOBALS['HideDeleteFileLink'] = 'display: none';
$GLOBALS['HideFileHelp'] = "display:none";
$cartItemField = array("fieldType" => '', "fieldName" => '', "fileType" => '', "fileOriginName" => '', "fileName" => '', "fieldValue" => '');
if (isset($cartItemFields[$field['id']])) {
$cartItemField = $cartItemFields[$field['id']];
}
$snippetFile = 'ProductFieldInput';
switch ($field['type']) {
case 'textarea':
$GLOBALS['ProductFieldValue'] = isc_html_escape($cartItemField['fieldValue']);
$snippetFile = 'ProductFieldTextarea';
break;
case 'file':
$fieldValue = isc_html_escape($cartItemField['fileOriginName']);
$GLOBALS['HideDeleteCartFieldFile'] = '';
$GLOBALS['CurrentProductFile'] = $fieldValue;
$GLOBALS['ProductFieldFileValue'] = $fieldValue;
$GLOBALS['HideFileHelp'] = "";
$GLOBALS['FileSize'] = NiceSize($field['fileSize'] * 1024);
if ($fieldValue != '') {
$GLOBALS['HideCartFileName'] = '';
}
if (!$field['required']) {
$GLOBALS['HideDeleteFileLink'] = '';
}
$GLOBALS['FileTypes'] = isc_html_escape($field['fileType']);
break;
case 'checkbox':
$GLOBALS['CheckboxFieldNameLeft'] = $GLOBALS['ProductFieldName'];
if ($cartItemField['fieldValue'] == 'on') {
$GLOBALS['ProductFieldValue'] = 'checked';
}
$snippetFile = 'ProductFieldCheckbox';
break;
default:
$GLOBALS['ProductFieldValue'] = isc_html_escape($cartItemField['fieldValue']);
break;
}
if ($field['required']) {
$GLOBALS['ProductFieldRequired'] = '<span class="Required">*</span>';
$GLOBALS['FieldRequiredClass'] = 'FieldRequired';
}
$output .= $GLOBALS['ISC_CLASS_TEMPLATE']->GetSnippet($snippetFile);
}
$GLOBALS['SNIPPETS']['ProductFieldsList'] = $output;
$editProductFields = $GLOBALS['ISC_CLASS_TEMPLATE']->GetSnippet('CartEditProductFieldsForm');
echo $GLOBALS['ISC_CLASS_TEMPLATE']->ParseSnippets($editProductFields, $GLOBALS['SNIPPETS']);
}
public function ManageBackups($MsgDesc = "", $MsgStatus = "")
{
if (isset($_GET['complete'])) {
$MsgStatus = MSG_SUCCESS;
if ($_GET['complete'] == "remote") {
$MsgDesc = GetLang('RemoteBackupComplete');
} else {
$MsgDesc = sprintf(GetLang('LocalBackupComplete'), $_GET['complete']);
}
} else {
if (isset($_GET['failed'])) {
$MsgStatus = MSG_ERROR;
if ($_GET['failed'] == 'local') {
$MsgDesc = GetLang('LocalBackupFailed');
} else {
$MsgDesc = GetLang('RemoteBackupFailed');
}
}
}
if ($MsgDesc != "") {
$GLOBALS["Message"] = MessageBox($MsgDesc, $MsgStatus);
}
$dir = realpath(ISC_BACKUP_DIRECTORY);
$dir = isc_substr($dir, isc_strpos($dir, realpath(ISC_BASE_PATH)));
$backups = $this->_GetBackupList();
$GLOBALS['BackupGrid'] = '';
// Loop through all of the existing backups
foreach ($backups as $file => $details) {
$GLOBALS['FileName'] = isc_html_escape($file);
$GLOBALS['ModifiedTime'] = NiceTime($details['mtime']);
if (isset($details['directory'])) {
$GLOBALS['FileSize'] = "N/A";
$GLOBALS['DownloadOpen'] = GetLang('OpenBackup');
$GLOBALS['BackupImage'] = "backup_folder";
$GLOBALS['BackupType'] = GetLang('BackupFolder');
$GLOBALS['ViewLink'] = "backups/" . $GLOBALS['FileName'];
} else {
$GLOBALS['FileSize'] = NiceSize($details['size']);
$GLOBALS['DownloadOpen'] = GetLang('DownloadBackup');
$GLOBALS['BackupImage'] = "backup";
$GLOBALS['BackupType'] = GetLang('BackupFile');
$GLOBALS['ViewLink'] = "index.php?ToDo=viewBackup&file=" . $GLOBALS['FileName'];
}
$GLOBALS['ISC_CLASS_TEMPLATE']->SetTemplate("backup.manage.row");
$GLOBALS["BackupGrid"] .= $GLOBALS['ISC_CLASS_TEMPLATE']->ParseTemplate(true);
}
if ($GLOBALS['BackupGrid'] == "") {
$GLOBALS['DisplayGrid'] = "none";
$GLOBALS["Message"] = MessageBox(GetLang('NoBackups'), MSG_SUCCESS);
$GLOBALS["DisableDelete"] = "DISABLED";
}
$GLOBALS["ISC_CLASS_TEMPLATE"]->SetTemplate("backups.manage");
$GLOBALS["ISC_CLASS_TEMPLATE"]->ParseTemplate();
}
/**
* Strem the product for download as defined by the values in the $_GET['data'] variable.
* The variable contains the item id, product id and order id which, if valid, will
* be used to find and then stream the file for the product to the customer
*/
private function DownloadOrderItem()
{
if (isset($_GET['data'])) {
$data = $this->DecryptDownloadKey($_GET['data']);
$data_vals = explode(",", $data);
if (count($data_vals) >= 5) {
$item_id = (int) $data_vals[0];
$product_id = (int) $data_vals[1];
$order_id = (int) $data_vals[2];
$order_token = $data_vals[3];
// Select the number of downloads for this order item
$query = sprintf("\n\t\t\t\t\t\tselect pd.downloadid, o.ordstatus\n\t\t\t\t\t\tfrom [|PREFIX|]product_downloads pd\n\t\t\t\t\t\tleft join [|PREFIX|]order_products op on pd.productid=op.ordprodid\n\t\t\t\t\t\tinner join [|PREFIX|]orders o on op.orderorderid=o.orderid\n\t\t\t\t\t\twhere pd.productid='%d' and o.orderid='%d' and op.orderprodid='%d'", $GLOBALS['ISC_CLASS_DB']->Quote($product_id), $GLOBALS['ISC_CLASS_DB']->Quote($order_id), $GLOBALS['ISC_CLASS_DB']->Quote($item_id));
$query .= " AND o.ordtoken = '" . $GLOBALS['ISC_CLASS_DB']->Quote($order_token) . "'";
$query .= $GLOBALS['ISC_CLASS_DB']->AddLimit(0, 1);
$result = $GLOBALS['ISC_CLASS_DB']->Query($query);
$product_downloads = $GLOBALS['ISC_CLASS_DB']->Fetch($result);
// We have a valid ordered product with downloads
if ($product_downloads && OrderIsComplete($product_downloads['ordstatus'])) {
// Downloading a particular file
if (count($data_vals) == 6) {
$download_id = (int) $data_vals[4];
// Fetch the file we're downloading
$query = sprintf("\n\t\t\t\t\t\t\t\tSELECT orddate, pd.downfile, od.numdownloads, od.downloadexpires, od.maxdownloads, ordstatus, pd.downexpiresafter, pd.downmaxdownloads, od.orddownid\n\t\t\t\t\t\t\t\tFROM [|PREFIX|]product_downloads pd\n\t\t\t\t\t\t\t\tINNER JOIN [|PREFIX|]products p ON pd.productid=p.productid\n\t\t\t\t\t\t\t\tLEFT JOIN [|PREFIX|]order_downloads od ON (od.orderid='%s' AND od.downloadid=pd.downloadid)\n\t\t\t\t\t\t\t\tINNER JOIN [|PREFIX|]orders o ON (o.orderid='%d')\n\t\t\t\t\t\t\t\tWHERE pd.downloadid='%d' AND p.productid='%d'", $GLOBALS['ISC_CLASS_DB']->Quote($order_id), $GLOBALS['ISC_CLASS_DB']->Quote($order_id), $GLOBALS['ISC_CLASS_DB']->Quote($download_id), $GLOBALS['ISC_CLASS_DB']->Quote($product_id));
$query .= " AND o.ordtoken = '" . $GLOBALS['ISC_CLASS_DB']->Quote($order_token) . "'";
$result = $GLOBALS['ISC_CLASS_DB']->Query($query);
$row = $GLOBALS['ISC_CLASS_DB']->Fetch($result);
if ($row && OrderIsComplete($row['ordstatus'])) {
// If there is no matching row in the order_downloads table for this download, we need to create it
if (!$row['orddownid']) {
// If this download has an expiry date, set it to now + expiry time
$expiryDate = 0;
if ($row['downexpiresafter'] > 0) {
$expiryDate = $row['orddate'] + $row['downexpiresafter'];
}
$newDownload = array('orderid' => (int) $order_id, 'downloadid' => (int) $download_id, 'numdownloads' => 0, 'downloadexpires' => $expiryDate, 'maxdownloads' => $row['downmaxdownloads']);
$row['maxdownloads'] = $row['downmaxdownloads'];
$row['downloadexpires'] = $expiryDate;
$GLOBALS['ISC_CLASS_DB']->InsertQuery('order_downloads', $newDownload);
}
$expired = false;
// Have we reached the download limit for this item?
if ($row['maxdownloads'] != 0 && $row['numdownloads'] >= $row['maxdownloads']) {
$expired = true;
}
// Have we reached the expiry limit for this item?
if ($row['downloadexpires'] > 0 && time() >= $row['downloadexpires']) {
$expired = true;
}
// Download has expired
if ($expired == true) {
$GLOBALS['ErrorMessage'] = GetLang('DownloadItemExpired');
$GLOBALS['ISC_CLASS_TEMPLATE']->SetTemplate("error");
$GLOBALS['ISC_CLASS_TEMPLATE']->ParseTemplate();
return;
}
$query = "\n\t\t\t\t\t\t\t\t\tUPDATE [|PREFIX|]order_downloads\n\t\t\t\t\t\t\t\t\tSET numdownloads=numdownloads + 1\n\t\t\t\t\t\t\t\t\tWHERE orderid='" . (int) $order_id . "' AND downloadid='" . (int) $download_id . "'\n\t\t\t\t\t\t\t\t";
$GLOBALS['ISC_CLASS_DB']->Query($query);
$filename = basename($row['downfile']);
$filepath = realpath(ISC_BASE_PATH . '/' . GetConfig('DownloadDirectory')) . "/" . $row['downfile'];
if (file_exists($filepath)) {
// Strip the underscores and random numbers that are added when a file is uploaded
$filename = preg_replace("#__[0-9]+#", "", $filename);
ob_end_clean();
@ini_set('max_execution_time', 0);
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Content-Type: application/force-download");
header("Content-Type: application/octet-stream");
header("Content-Type: application/download");
header("Content-Disposition: attachment; filename=\"" . $filename . "\";");
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . sprintf('%u', filesize($filepath)));
$fp = fopen($filepath, "rb");
while (!feof($fp)) {
echo fread($fp, 16384);
@flush();
}
fclose($fp);
die;
} else {
// File doesn't exist
$GLOBALS['ErrorMessage'] = GetLang('DownloadItemErrorMessage');
$GLOBALS['ISC_CLASS_TEMPLATE']->SetTemplate("error");
$GLOBALS['ISC_CLASS_TEMPLATE']->ParseTemplate();
}
} else {
// Product doesn't exist or the download doesn't exist.
$GLOBALS['ErrorMessage'] = GetLang('DownloadItemErrorMessage');
$GLOBALS['ISC_CLASS_TEMPLATE']->SetTemplate("error");
$GLOBALS['ISC_CLASS_TEMPLATE']->ParseTemplate();
}
} else {
$GLOBALS['SNIPPETS']['AccountDownloadItemList'] = '';
$query = sprintf("select prodname from [|PREFIX|]products where productid='%s'", $GLOBALS['ISC_CLASS_DB']->Quote($product_id));
$result = $GLOBALS['ISC_CLASS_DB']->Query($query);
$prodName = $GLOBALS['ISC_CLASS_DB']->FetchOne($result);
$GLOBALS['DownloadTitle'] = sprintf(GetLang('ProductDownloads'), $prodName);
$GLOBALS['DownloadIntro'] = sprintf(GetLang('ProductDownloadsIntro'), $prodName);
// Show a listing of the downloadable files within this product
$query = sprintf("\n\t\t\t\t\t\t\t\tselect orddate, orderprodid, ordprodid, o.orderid, o.ordtoken, pd.downloadid, pd.downfile, pd.downname, pd.downfilesize, pd.downdescription, pd.downmaxdownloads, pd.downexpiresafter, od.numdownloads, od.maxdownloads, od.downloadexpires, od.orddownid, ordprodqty\n\t\t\t\t\t\t\t\tfrom [|PREFIX|]product_downloads pd\n\t\t\t\t\t\t\t\tleft join [|PREFIX|]order_products op on pd.productid=op.ordprodid\n\t\t\t\t\t\t\t\tinner join [|PREFIX|]orders o on op.orderorderid=o.orderid\n\t\t\t\t\t\t\t\tleft join [|PREFIX|]order_downloads od on od.downloadid=pd.downloadid and od.orderid=o.orderid\n\t\t\t\t\t\t\t\twhere pd.productid='%d' and o.orderid='%d' and op.orderprodid='%d' order by downname", $product_id, $order_id, $item_id);
$result = $GLOBALS['ISC_CLASS_DB']->Query($query);
while ($row = $GLOBALS['ISC_CLASS_DB']->Fetch($result)) {
$expired = false;
$Color = $ExpiresDownloads = $ExpiresDays = $GLOBALS['ExpiryInfo'] = '';
if (!$row['orddownid']) {
$row['maxdownloads'] = $row['downmaxdownloads'];
if ($row['downexpiresafter'] > 0) {
$row['downloadexpires'] = $row['downexpiresafter'] + $row['orddate'];
}
} else {
}
// Have we reached the expiry limit for this item?
if ($row['downexpiresafter'] > 0) {
$diff = $row['downloadexpires'];
if ($row['downloadexpires'] <= time()) {
$expired = true;
} else {
$remaining_days = ceil(($diff - time()) / 86400);
if ($remaining_days > 0 && $remaining_days % 365 == 0) {
if ($remaining_days / 365 > 1) {
$ExpiresDays = number_format($remaining_days / 365) . " " . GetLang('YearsLower');
} else {
$ExpiresDays = number_format($remaining_days / 365) . " " . GetLang('YearLower');
}
} else {
if ($remaining_days > 0 && $remaining_days % 30 == 0) {
if ($remaining_days / 30 > 1) {
$ExpiresDays = number_format($remaining_days / 30) . " " . GetLang('MonthsLower');
} else {
$ExpiresDays = number_format($remaining_days / 30) . " " . GetLang('MonthLower');
}
} else {
if ($remaining_days > 0 && $remaining_days % 7 == 0) {
if ($remaining_days / 7 > 1) {
$ExpiresDays = number_format($remaining_days / 7) . " " . GetLang('WeeksLower');
} else {
$ExpiresDays = number_format($remaining_days / 7) . " " . GetLang('WeekLower');
}
} else {
if ($remaining_days > 1) {
$ExpiresDays = number_format($remaining_days) . " " . GetLang('DaysLower');
} else {
$ExpiresDays = number_format($remaining_days) . " " . GetLang('TodayLower');
$Color = "DownloadExpiresToday";
}
}
}
}
}
}
// Have we reached the download limit for this item?
if ($row['maxdownloads'] > 0) {
$remaining_downloads = $row['maxdownloads'] - $row['numdownloads'];
if ($remaining_downloads <= 0) {
$expired = true;
} else {
$string = 'DownloadExpiresInX';
if ($ExpiresDays) {
$string .= 'Download';
} else {
$string .= 'Time';
}
if ($remaining_downloads != 1) {
$string .= 's';
} else {
$Color = "DownloadExpiresToday";
}
$ExpiresDownloads = sprintf(GetLang($string), $remaining_downloads);
}
}
$GLOBALS['DownloadColor'] = $Color;
$GLOBALS['DownloadName'] = isc_html_escape($row['downname']);
if ($expired == true) {
$GLOBALS['DisplayDownloadExpired'] = '';
$GLOBALS['DisplayDownloadLink'] = 'none';
} else {
$GLOBALS['DisplayDownloadExpired'] = 'none';
$GLOBALS['DisplayDownloadLink'] = '';
$GLOBALS['DownloadItemEncrypted'] = $this->EncryptDownloadKey($row['orderprodid'], $row['ordprodid'], $row['orderid'], $row['ordtoken'], $row['downloadid']);
$GLOBALS['DownloadName'] = sprintf("<a href=\"%s/account.php?action=download_item&data=%s\">%s</a>", $GLOBALS['ShopPathSSL'], $GLOBALS['DownloadItemEncrypted'], $GLOBALS['DownloadName']);
if ($ExpiresDays && $ExpiresDownloads) {
$GLOBALS['ExpiryInfo'] = sprintf(GetLang('DownloadExpiresBoth'), $ExpiresDays, $ExpiresDownloads);
} else {
if ($ExpiresDays) {
$GLOBALS['ExpiryInfo'] = sprintf(GetLang('DownloadExpiresTime'), $ExpiresDays);
if ($Color == "DownloadExpiresToday") {
$GLOBALS['ExpiryInfo'] = GetLang('DownloadExpiresTimeToday');
}
} else {
if ($ExpiresDownloads) {
$GLOBALS['ExpiryInfo'] = sprintf(GetLang('DownloadExpires'), $ExpiresDownloads);
}
}
}
}
if ($row['ordprodqty'] > 1) {
$GLOBALS['DownloadName'] = $row['ordprodqty'] . ' X ' . $GLOBALS['DownloadName'];
}
$GLOBALS['DownloadSize'] = NiceSize($row['downfilesize']);
$GLOBALS['DownloadDescription'] = isc_html_escape($row['downdescription']);
$GLOBALS['OrderId'] = $row['orderid'];
$GLOBALS['SNIPPETS']['AccountDownloadItemList'] .= $GLOBALS['ISC_CLASS_TEMPLATE']->GetSnippet("AccountDownloadItemList");
}
$GLOBALS['ISC_LANG']['OrderId'] = sprintf(GetLang('OrderId'), $order_id);
$GLOBALS['ISC_CLASS_TEMPLATE']->SetPageTitle(sprintf("%s - %s", GetConfig('StoreName'), GetLang('DownloadItems')));
$GLOBALS['ISC_CLASS_TEMPLATE']->SetTemplate("account_downloaditem");
$GLOBALS['ISC_CLASS_TEMPLATE']->ParseTemplate();
}
} else {
// This order does not have any downloadable products that exist
$GLOBALS['ErrorMessage'] = GetLang('DownloadItemErrorMessage');
$GLOBALS['ISC_CLASS_TEMPLATE']->SetTemplate("error");
$GLOBALS['ISC_CLASS_TEMPLATE']->ParseTemplate();
}
} else {
// Bad download details in the URL
$GLOBALS['ErrorMessage'] = GetLang('DownloadItemErrorMessage');
$GLOBALS['ISC_CLASS_TEMPLATE']->SetTemplate("error");
$GLOBALS['ISC_CLASS_TEMPLATE']->ParseTemplate();
}
} else {
$this->ViewOrders();
}
}
public function LoadProductFieldsLayout($position = 'middle')
{
$output = '';
$productId = $GLOBALS['ISC_CLASS_PRODUCT']->GetProductId();
$fields = $GLOBALS['ISC_CLASS_PRODUCT']->GetProductFields($productId);
if (!empty($fields)) {
foreach ($fields as $field) {
$GLOBALS['ProductFieldType'] = isc_html_escape($field['type']);
$GLOBALS['ItemId'] = 0;
$GLOBALS['ProductFieldId'] = (int) $field['id'];
$GLOBALS['ProductFieldName'] = isc_html_escape($field['name']);
$GLOBALS['ProductFieldInputSize'] = '';
$GLOBALS['ProductFieldRequired'] = '';
$GLOBALS['FieldRequiredClass'] = '';
$GLOBALS['CheckboxFieldNameLeft'] = '';
$GLOBALS['CheckboxFieldNameRight'] = '';
$GLOBALS['HideCartFileName'] = 'display:none';
$GLOBALS['HideDeleteFileLink'] = 'display:none';
$GLOBALS['HideFileHelp'] = "display:none";
$snippetFile = 'ProductFieldInput';
switch ($field['type']) {
case 'textarea':
$snippetFile = 'ProductFieldTextarea';
break;
case 'file':
$GLOBALS['HideFileHelp'] = "";
$GLOBALS['FileSize'] = NiceSize($field['fileSize'] * 1024);
$GLOBALS['FileTypes'] = $field['fileType'];
if ($position == 'side') {
$GLOBALS['ProductFieldInputSize'] = 10;
}
break;
case 'checkbox':
if ($position == 'side') {
$GLOBALS['CheckboxFieldNameRight'] = isc_html_escape($field['name']);
} else {
$GLOBALS['CheckboxFieldNameLeft'] = isc_html_escape($field['name']);
}
$snippetFile = 'ProductFieldCheckbox';
break;
default:
break;
}
if ($field['required']) {
$GLOBALS['ProductFieldRequired'] = '<span class="Required">*</span>';
$GLOBALS['FieldRequiredClass'] = 'FieldRequired';
}
$output .= $GLOBALS['ISC_CLASS_TEMPLATE']->GetSnippet($snippetFile);
}
}
$GLOBALS['SNIPPETS']['ProductFieldsList'] = $output;
}
