function cw_edit_on_place_product($token_data, $value)
{
$edited_language =& cw_session_register('edited_language');
if ($token_data['table'] == 'products' && $token_data['field'] == 'product' && !empty($token_data['pk'])) {
$lng_data = array('product' => $value);
cw_array2update('products_lng', $lng_data, "code='{$edited_language}' AND product_id='{$token_data['pk']}'");
}
}
function smarty_function_assign_session($params, &$smarty)
{
extract($params);
if (empty($assign)) {
$smarty->trigger_error("assign: missing 'assign' parameter");
return;
}
global ${$var};
$var = cw_session_register($var, array());
$smarty->assign($assign, $var);
}
function estimate_cart()
{
global $request_prepared;
$user_address =& cw_session_register('user_address', array());
// Declare session var for addresses
$user_address['current_address']['zipcode'] = $request_prepared['zipcode'];
$user_address['current_address']['state'] = $request_prepared['state'];
$user_address['current_address']['country'] = $request_prepared['country'];
if (empty($user_address['current_address']['state']) && $user_address['current_address']['country'] == 'US') {
cw_load('map');
$user_address['current_address']['state'] = cw_call('cw_map_get_state_by_zip', array($user_address['current_address']['zipcode']));
}
cw_header_location('index.php?target=cart');
}
function smarty_modifier_attribute_data($value)
{
cw_load('attributes');
$data = "";
$use_description =& cw_session_register('use_description', true);
if (preg_match('/(\\w+)\\.name/', $value, $matches)) {
// Get attribute name by field
$field_name = $matches[1];
if (!empty($field_name)) {
$attribute_id = cw_attributes_get_attribute_by_field($field_name);
$attribute = cw_func_call('cw_attributes_get_attribute', array('attribute_id' => $attribute_id));
$data = $attribute['name'];
}
} else {
if (preg_match('/(\\w+)\\.value/', $value, $matches)) {
// Get attribute value by field
global $product_filter;
$pf =& $product_filter;
$field_name = $matches[1];
if ($pf && $field_name) {
foreach ($pf as $pf_value) {
if ($pf_value['field'] == $field_name) {
if ($pf_value['selected']) {
foreach ($pf_value['selected'] as $pfs_value) {
if (isset($pf_value['values'][$pfs_value])) {
$data = $pf_value['values'][$pfs_value]['name'];
}
}
}
}
}
}
} else {
if ($use_description && preg_match('/(\\w+)\\.description/', $value, $matches)) {
// Get attribute value by field
$field_name = $matches[1];
if (!empty($field_name)) {
global $smarty;
$attribute_id = cw_attributes_get_attribute_by_field($field_name);
$attribute = cw_func_call('cw_attributes_get_attribute', array('attribute_id' => $attribute_id));
$use_description = false;
require_once $smarty->_get_plugin_filepath('function', 'eval');
$data = smarty_function_eval(array('var' => $attribute['description']), $smarty);
$use_description = true;
}
}
}
}
return $data;
}
function cw_unset_tokens_group($group)
{
$cw_tokens =& cw_session_register('cw_tokens', array());
if (isset($cw_tokens[$group])) {
foreach ($cw_tokens[$group] as $t) {
unset($cw_tokens[$t]);
}
unset($cw_tokens[$group]);
}
if (rand(1, 20) == 20) {
// every Xth call delete old tokens
foreach ($cw_tokens as $t => $v) {
if (CURRENT_TIME - $v['time'] > 60 * 20) {
unset($cw_tokens[$t]);
}
}
}
}
function cw_paypal_pro_payflow_request($params)
{
global $REMOTE_ADDR;
global $pp_final_action;
extract($params);
$is_extcard = false;
$cardtype = 8;
if (cw_payment_cc_is_visa($userinfo["card_number"])) {
$cardtype = 0;
} elseif (cw_payment_cc_is_mc($userinfo["card_number"])) {
$cardtype = 1;
} elseif (cw_payment_cc_is_dc($userinfo["card_number"])) {
$cardtype = 2;
} elseif (cw_payment_cc_is_amex($userinfo["card_number"])) {
$cardtype = 3;
} elseif (cw_payment_cc_is_diners($userinfo["card_number"])) {
$cardtype = 4;
} elseif (cw_payment_cc_is_jcb($userinfo["card_number"])) {
$cardtype = 5;
} elseif (cw_payment_cc_is_solo($userinfo["card_number"])) {
$is_extcard = true;
$cardtype = "S";
} elseif (cw_payment_cc_is_switch($userinfo["card_number"])) {
$is_extcard = true;
$cardtype = 9;
}
$cart =& cw_session_register('cart');
$secure_oid =& cw_session_register('secure_oid');
$post = array("tender" => "C", "trxtype" => $pp_final_action == 'Sale' ? 'S' : 'A', "acct" => $userinfo["card_number"], "accttype" => $cardtype, "amt" => $cart['info']['total'], "street" => $userinfo['main_address']['address'] . ($userinfo['main_address']['address_2'] ? $userinfo['main_address']['address_2'] : ''), "city" => $userinfo['main_address']['city'], "state" => $userinfo['main_address']['state'], "country" => $userinfo['main_address']['country'], "zip" => $userinfo['main_address']['zipcode'], "buttonsource" => '', "clientip" => cw_get_valid_ip($REMOTE_ADDR), "currency" => true, "custom" => implode(',', $secure_oid), "cvv2" => $userinfo['card_cvv2'], "email" => $userinfo['email'], "expdate" => $userinfo['card_expire'], "invnum" => $doc_ids[0], "shiptostreet" => $userinfo['current_address']['address'] . ($userinfo['current_address']['address_2'] ? $userinfo['current_address']['address_2'] : ''), "shiptocity" => $userinfo['current_address']['city'], "shiptostate" => $userinfo['current_address']['state'], "shiptocountry" => $userinfo['current_address']['country'], "shiptozip" => $userinfo['current_address']['zipcode'], "firstname" => $userinfo['current_address']['firstname'], "lastname" => $userinfo['current_address']['lastname']);
if ($is_extcard) {
$post['cardissue'] = $userinfo['card_issue_no'];
$post['cardstart'] = $userinfo["card_valid_from"];
}
//cw_log_add('payflow_pro', array('post'=>$post));
$res = cw_paypal_pro_payflow_do($post);
$err = cw_paypal_pro_payflow_prepare_errors($res);
if ($err) {
return $err;
}
$res = $res[2];
$res['status'] = 'success';
return $res;
}
function cw_googleplus_on_logout()
{
$googleplus_login_info =& cw_session_register('googleplus_login_info');
unset($googleplus_login_info['token']);
$google_client_id = '376787991969-2c127o3n2vollhqfla26q1mfu1qi7n8s.apps.googleusercontent.com';
$google_client_secret = '25mdbO_DAlPE_aST_hErSzDN';
$google_redirect_url = 'http://dev.cartworks.com/product_stages/index.php';
//path to your script
$google_developer_key = 'AIzaSyAOCvjaVfFFiL4OnlI8du8pHHNZGPsY3iU';
cw_include('addons/googleplus_login/include/src/Google_Client.php');
cw_include('addons/googleplus_login/include/src/contrib/Google_Oauth2Service.php');
$gClient = new Google_Client();
$gClient->setApplicationName('Test Google+ Login CW');
$gClient->setClientId($google_client_id);
$gClient->setClientSecret($google_client_secret);
$gClient->setRedirectUri($google_redirect_url);
$gClient->setDeveloperKey($google_developer_key);
$gClient->revokeToken();
}
function cw_fbauth_user_logout()
{
global $action;
$fb_access_token = cw_session_register('fb_access_token');
$fb_referer = cw_session_register('fb_referer');
$referer_url = !empty($fb_referer) ? $fb_referer : 'index.php';
cw_session_unregister('fb_referer');
if ($fb_access_token) {
$graph_url = "https://graph.facebook.com/me/permissions?method=delete&access_token=" . $fb_access_token;
$result = cw_fbauth_get_ssl_page($graph_url);
if ($result['error']) {
$top_message = array('type' => 'E', 'content' => $result['error']);
cw_header_location($referer_url, TRUE);
}
$result = json_decode($result['result']);
if ($result) {
cw_session_unregister('fb_access_token');
}
}
}
function cw_image_verification_on_register_validate($register, $usertype)
{
global $config;
$result = false;
$page = "on_registration";
$antibot_err =& cw_session_register("antibot_err");
global $antibot_validation_val, $antibot_input_str;
if ($config['image_verification']['spambot_arrest_on_registration'] == "Y") {
$antibot_err = false;
if (isset($antibot_input_str) && !empty($antibot_input_str)) {
$antibot_err = cw_validate_image($antibot_validation_val[$page], $antibot_input_str);
} else {
$antibot_err = true;
}
if ($antibot_err) {
$result = array('image_verification' => 'Please enter correct graphic code');
}
}
return $result;
}
function cw_payment_authorize_sim_run_processor($params, $return)
{
if ($params['payment_data']['processor'] == authorize_sim_addon_name) {
global $config, $tables, $current_location, $cart, $APP_SESS_ID;
$addon_name = str_replace("-", "_", authorize_sim_addon_name);
$asim_api_login_id = $config[$addon_name]['asim_api_login_id'];
$asim_transaction_key = $config[$addon_name]['asim_transaction_key'];
$asim_md5_hash = $config[$addon_name]['asim_md5_hash'];
$asim_mode = $config[$addon_name]['asim_test_live_mode'];
$asim_currency = $config[$addon_name]['asim_currency'];
$asim_prefix = intval($config[$addon_name]['asim_prefix']);
if (empty($asim_api_login_id) || empty($asim_transaction_key)) {
$top_message = array("content" => "Enter your merchant credentials on settings page before running the payment.", "type" => "E");
cw_header_location($current_location . "index.php?target=cart&mode=checkout");
}
define("AUTHORIZENET_API_LOGIN_ID", $asim_api_login_id);
define("AUTHORIZENET_TRANSACTION_KEY", $asim_transaction_key);
define("AUTHORIZENET_SANDBOX", $asim_mode == "live" ? FALSE : TRUE);
define("AUTHORIZENET_MD5_SETTING", $asim_md5_hash);
$payment_data = $params['payment_data'];
$userinfo = $params['userinfo'];
$doc_ids = $params['doc_ids'];
$cart =& cw_session_register('cart');
$time = time();
$asim_amount = price_format($cart['info']['total']);
$asim_fp_sequence = $asim_prefix . $time;
$asim_fp_hash = AuthorizeNetDPM::getFingerprint($asim_api_login_id, $asim_transaction_key, $asim_amount, $asim_fp_sequence, $time);
$asim_fp_timestamp = $time;
$asim_relay_url = $current_location . '/index.php?target=' . authorize_sim_addon_target;
// save $APP_SESS_ID
$unique_id = strtolower(md5($asim_md5_hash . $asim_api_login_id . $userinfo['email']));
db_query("INSERT INTO {$tables['payment_data']} (ref_id, session_id) VALUES ('{$unique_id}', '{$APP_SESS_ID}')");
$card_expire_Month = intval($_POST['card_expire_Month']);
$card_expire_Year = intval($_POST['card_expire_Year']);
cw_func_call('cw_payment_create_form', array('url' => AUTHORIZENET_SANDBOX ? AuthorizeNetDPM::SANDBOX_URL : AuthorizeNetDPM::LIVE_URL, 'fields' => array('x_relay_response' => "FALSE", 'x_version' => "3.1", 'x_delim_char' => ",", 'x_delim_data' => "TRUE", 'x_amount' => $asim_amount, 'x_fp_sequence' => $asim_fp_sequence, 'x_fp_hash' => $asim_fp_hash, 'x_fp_timestamp' => $time, 'x_relay_response' => "TRUE", 'x_relay_url' => $asim_relay_url, 'x_login' => $asim_api_login_id, 'x_card_num' => $_POST['card_number'], 'x_exp_date' => date("m/y", mktime(0, 0, 0, $card_expire_Month, 1, $card_expire_Year)), 'x_card_code' => $_POST['card_cvv2'], 'x_first_name' => $_POST['first_name'], 'x_last_name' => $_POST['last_name'], 'x_address' => $_POST['address'], 'x_city' => $_POST['city'], 'x_state' => $_POST['state'], 'x_zip' => $_POST['zipcode'], 'x_country' => $_POST['country'], 'x_email' => $userinfo['email']), 'name' => $payment_data['title']));
exit;
}
return $return;
}
function cw_payment_paypal_run_processor($params, $return)
{
if ($params['payment_data']['processor'] == 'paypal') {
global $config, $tables, $current_location;
$cart =& cw_session_register('cart');
$skey = cw_call('cw_payment_start');
cw_call('cw_payment_put_data', array($skey, array('state' => 'GO', 'doc_ids' => $params['doc_ids'])));
if ($params['userinfo']['current_address']['country'] == "US") {
$_customer_state = $params['userinfo']['current_address']['state'];
} else {
$_customer_state = $params['userinfo']['current_address']['statename'];
}
$u_phone = preg_replace('![^\\d]+!', '', $params['userinfo']['current_address']['phone']);
$pp_ordr = $config['paypal']['prefix'] . join("-", $params['doc_ids']);
$fields = array("charset" => 'UTF-8', "cmd" => "_ext-enter", "custom" => $skey, "invoice" => $pp_ordr, "redirect_cmd" => "_xclick", 'item_name' => $config['paypal']['pp_payment_for'] . ' (Order #' . $pp_ordr . ')', "mrb" => "R-2JR83330TB370181P", "pal" => "RDGQCFJTT6Y6A", "rm" => "2", "email" => $params['userinfo']['email'], "first_name" => $params['userinfo']['current_address']['firstname'], "last_name" => $params['userinfo']['current_address']['firstname'], "country" => $params['userinfo']['current_address']['country'], "address1" => $params['userinfo']['current_address']['address'], "address2" => $params['userinfo']['current_address']['address_2'], "city" => $params['userinfo']['current_address']['city'], "zip" => $params['userinfo']['current_address']['zipcode'], "state" => $_customer_state, "day_phone_a" => substr($u_phone, -10, -7), "day_phone_b" => substr($u_phone, -7, -4), "day_phone_c" => substr($u_phone, -4), "night_phone_a" => substr($u_phone, -10, -7), "night_phone_b" => substr($u_phone, -7, -4), "night_phone_c" => substr($u_phone, -4), "business" => $config['paypal']['pp_account'], "item_name" => $config['paypal']['pp_payment_for'], "amount" => sprintf("%0.2f", $cart['info']['total']), "currency_code" => $config['paypal']['pp_currency'], "return" => $current_location . '/index.php?target=paypal&mode=success&secureid=' . $skey, 'cancel_return' => $current_location . '/index.php?target=paypal&mode=cancel&secureid=' . $skey, 'shopping_url' => $current_location . '/index.php?target=paypal&mode=cancel&secureid=' . $skey, "notify_url" => $current_location . '/index.php?target=paypal', "bn" => "cartworks");
if ($config['paypal']['use_preauth'] == 'Y') {
$fields['paymentaction'] = 'authorization';
}
cw_func_call('cw_payment_create_form', array('url' => 'https://' . ($config['paypal']['test_mode'] == 'N' ? "www.paypal.com" : "www.sandbox.paypal.com") . '/cgi-bin/webscr', 'fields' => $fields, 'name' => $params['payment_data']['title']));
die;
}
return $return;
}
<?php
if (cw_query_first_cell("SELECT COUNT(*) FROM {$tables['categories']} WHERE category_id='{$cat}'") == 0) {
cw_header_location('index.php?target=categories');
}
$category_page =& cw_session_register('category_page');
$data = array();
$data['flat_search'] = 1;
$data['category_id'] = $cat;
$data['category_main'] = "Y";
$data['category_extra'] = "Y";
$data['page'] = $page;
$data['objects_per_page'] = $category_page['objects_per_page'];
$data['sort_field'] = $category_page['sort_field'];
$data['sort_direction'] = $category_page['sort_direction'];
list($products, $navigation) = cw_func_call('cw_product_search', array('data' => $data, 'user_account' => $user_account, 'current_area' => $current_area, 'info_type' => 0));
$navigation['script'] = 'index.php?target=' . $target . '&mode=' . $mode . '&cat=' . $cat;
$smarty->assign('navigation', $navigation);
$smarty->assign('products', $products);
$smarty->assign('current_category', cw_func_call('cw_category_get', array('cat' => $cat)));
$smarty->assign('main', 'category_products');
<?php
include $app_main_dir . '/include/security.php';
$search =& cw_session_register('search', array());
if (isset($_GET['substring'])) {
$search['products_orders']['substring'] = $substring;
}
if (isset($_GET['fromdate'])) {
$search['products_orders']['fromdate'] = cw_core_strtotime($fromdate);
}
if (isset($_GET['dateto'])) {
$search['products_orders']['todate'] = cw_core_strtotime($todate) + 86399;
}
if (isset($_GET['doc_type'])) {
$search['products_orders']['doc_type'] = $doc_type;
}
if ($mode == 'search_orders') {
$conditions = '';
$data = $search['products_orders'];
if ($data['substring']) {
$conditions .= " and (di.product like '%{$data['substring']}%' or di.productcode like '%{$data['substring']}%')";
}
if ($data['fromdate']) {
$conditions .= " and date >= '{$data['fromdate']}'";
}
if ($data['todate']) {
$conditions .= " and date <= '{$data['todate']}'";
}
$query = "from {$tables['docs']} as d, {$tables['docs_items']} as di, {$tables['docs_info']} as dim where di.doc_id=d.doc_id and d.type='{$data['doc_type']}' and dim.doc_info_id=d.doc_info_id and di.product_id='{$product_id}' " . $conditions . " group by d.doc_id";
$_res = db_query("select count(*) {$query}");
$total_items = db_num_rows($_res);
<?php
# [TOFIX]
# kornev, fix the whole area - move to addon
define('AREA_TYPE', 'B');
$current_area = AREA_TYPE;
$customer_id =& cw_session_register('customer_id');
$top_message =& cw_session_register('top_message', array());
if (!empty($top_message)) {
$smarty->assign('top_message', $top_message);
$top_message = '';
}
cw_include('init/lng.php');
cw_include('include/check_useraccount.php');
cw_include('include/area_sections.php');
$smarty->assign('current_target', $target);
if (!$addons['salesman']) {
cw_header_location($app_catalogs['customer']);
}
$location = array();
$location[] = array(cw_get_langvar_by_name('lbl_area_salesman'), 'index.php');
cw_call('cw_auth_security');
$smarty->assign('message', $message);
$smarty->assign('messageid', $messageid);
}
$messages = cw_query("SELECT * FROM {$tables['newsletter']} WHERE list_id='{$list_id}'");
$smarty->assign('messages', $messages);
$smarty->assign('main', 'management');
} else {
$smarty->assign('main', 'details');
$list['usertype'] = 'C';
$smarty->assign('list', $list);
// default values of new list
}
$smarty->assign('memberships', cw_user_get_memberships(array('C', 'R')));
$location[] = array($list['name'], '');
} else {
$lists = cw_query("SELECT * FROM {$tables['newslists']} WHERE lngcode='{$current_language}' {$salesman_condition}");
$smarty->assign('lists', $lists);
$smarty->assign('main', 'lists_select');
}
if (cw_session_is_registered('nwslt_object')) {
$nwslt_object =& cw_session_register('nwslt_object');
if (is_array($nwslt_object)) {
foreach ($nwslt_object as $k => $v) {
$smarty->assign($k, $v);
}
}
cw_session_unregister("nwslt_object");
}
$smarty->assign('action', $action);
$smarty->assign('mode', $mode);
$smarty->assign('js_tab', $js_tab);
<?php
global $docs_type;
$docs_type = 'O';
cw_load('doc');
$search_data =& cw_session_register('search_data');
$search_data['orders'][$docs_type]['warehouse_area'] = $customer_id;
if ($doc_id) {
$doc_data = cw_call('cw_doc_get', array($request_prepared['doc_id'], 0));
if ($customer_id != $doc_data['info']['warehouse_customer_id']) {
cw_header_location("index.php?target=error_message&error=access_denied&id=40");
}
cw_include('include/orders/order.php');
} else {
cw_include('include/orders/orders.php');
}
$smarty->assign('page_acl', '__18');
$smarty->assign('current_section_dir', 'orders');
<?php
global $product_id;
if ($mode == 'wishlist') {
$tmp = cw_query_first("SELECT product_id, amount FROM {$tables['wishlist']} WHERE wishlist_id = '{$id}' AND event_id = '{$eventid}'");
$product_id = $tmp['product_id'];
$min_avail = $tmp['amount'];
} else {
$cart =& cw_session_register('cart', array());
if (is_array($cart['products'])) {
foreach ($cart['products'] as $k => $p) {
if ($p['cartid'] == $id) {
$cartindex = $k;
break;
}
}
}
if (isset($cartindex)) {
$product_id = $cart['products'][$cartindex]['product_id'];
# kornev, we will need to alert customer if the stock of some option is less then current amount
$min_avail = $cart['products'][$cartindex]['amount'];
}
}
if (empty($product_id)) {
cw_close_window();
}
if (!$eventid) {
$eventid = '0';
}
if ($mode == 'wishlist') {
$options = unserialize(cw_query_first_cell("SELECT options FROM {$tables['wishlist']} WHERE wishlist_id = '{$id}' AND event_id = '{$eventid}'"));
<?php
cw_load('files');
$logging_search =& cw_session_register('logging_search');
$logging_filter =& cw_session_register('logging_filter');
if (empty($logging_search)) {
$logging_search = array('sortby' => 'date', 'sortdir' => 0);
}
$log_columns =& cw_session_register('log_columns');
if (empty($log_columns)) {
$log_columns = array('current_area' => array('title' => "Area", 'fixed' => 1), 'date' => array('title' => "Date", 'fixed' => 1), 'is_logged' => array('title' => "User Is Logged"), 'REQUEST_URI' => array('title' => "URI", 'fixed' => 1), 'REQUEST_METHOD' => array('title' => "Method"), 'GET_POST' => array('title' => "GET/POST"), 'target_code' => array('title' => "target/code"), 'cwsid' => array('title' => "session id"), 'HTTP_REFERER' => array('title' => "REFERER"), 'REDIRECT_URL' => array('title' => "REDIRECT_URL"));
}
//accept filter/grouping params and reload with filtered list
if (isset($_GET['sortby']) || isset($_GET['sortdir'])) {
if (isset($_GET['sortby'])) {
if (in_array($_GET['sortby'], array('date', 'is_logged', 'current_area', 'REQUEST_URI', 'REQUEST_METHOD', 'GET_POST', 'target_code', 'cwsid', 'HTTP_REFERER', 'REDIRECT_URL'))) {
$logging_search['sortby'] = $_GET['sortby'];
} else {
$logging_search['sortby'] = 'date';
}
}
if (isset($_GET['sortdir'])) {
if (in_array($_GET['sortdir'], array(0, 1))) {
$logging_search['sortdir'] = $_GET['sortdir'];
} else {
$logging_search['sortdir'] = 0;
}
}
cw_header_location('index.php?target=logging');
}
$where_conditions = array();
}
cw_payment_header();
global $userinfo, $app_catalogs;
if ($customer_id) {
$userinfo = cw_user_get_info($customer_id, 65535);
}
if (empty($userinfo) || cw_is_cart_empty($cart)) {
cw_header_location($current_location . '/index.php?target=error_message&error=ccprocessor_baddata');
}
$userinfo = cw_array_merge($userinfo, $_POST);
$userinfo = cw_array_merge($userinfo, $user_address);
$order_type = 'O';
if ($action == 'request_for_quote') {
$order_type = 'I';
}
$secure_oid =& cw_session_register("secure_oid");
if (!$secure_oid) {
$doc_ids = cw_func_call('cw_doc_place_order', array('order_type' => $order_type, 'order_status' => 'I', 'order_details' => $order_details, 'customer_notes' => $customer_notes, 'userinfo' => $userinfo, 'prefix' => $config[$payment_data['processor']]['prefix']));
if (!$doc_ids) {
cw_header_location('index.php?target=error_message&error=product_in_cart_expired');
}
if (!empty($cart['info']['quote_doc_id'])) {
// Change invoice status to "paid"
$doc_id = $cart['info']['quote_doc_id'];
$status = 'C';
cw_call('cw_doc_change_status', array($doc_id, $status));
// Make relation
$doc_data = cw_call('cw_doc_get', array($doc_id));
foreach ($doc_ids as $relation_doc_id) {
if ($doc_data['products']) {
foreach ($doc_data['products'] as $v) {
<?php
cw_load('files');
$action = preg_replace("/[^a-zA-Z0-9]/", "", $action);
$template_name = "help/hlp_" . strtolower($action) . ".tpl";
if ($action == "TSTLBL") {
$status =& cw_session_register("status");
$error =& cw_session_register("error");
if (!empty($status)) {
$smarty->assign('status', $status);
$status = false;
}
if (!empty($error)) {
$smarty->assign('error', $error);
$error = false;
}
$smarty->assign('tmp_dir', $var_dirs['tmp'] . '/usps_test_labels/');
}
if (file_exists(cw_realpath($smarty->template_dir . DIRECTORY_SEPARATOR . $template_name))) {
$smarty->assign('template_name', $template_name);
}
<?php
cw_load('profile_fields', 'map', 'check_user_field');
$fill_error =& cw_session_register('fill_error');
$prefilled_contact_list =& cw_session_register('prefilled_contact_list');
$area = cw_profile_fields_get_area($user);
list($profile_sections, $profile_fields) = cw_profile_fields_get_sections('U', true, $area);
$smarty->assign('profile_fields', $profile_fields);
if ($action == 'update_contact_list') {
$fill_error = array();
cw_array_map('trim', $contact_list);
foreach ($profile_fields['contact_list'] as $k => $v) {
if ($v['type'] == 'D' && empty($contact_list[$k]) && $v['is_avail'] && $v['is_required']) {
$fill_error[$k] = true;
} elseif ($v['type'] != 'D' && empty($contact_list['custom_fields'][$k]) && $v['is_avail'] && $v['is_required']) {
$fill_error[$k] = true;
}
}
$prefilled_contact_list = array();
if (count($fill_error)) {
$top_message = array('type' => 'E', 'content' => cw_check_user_get_error($fill_error));
$prefilled_contact_list = $contact_list;
cw_header_location("index.php?target={$target}&mode={$mode}&user={$user}&contact_list_id={$contact_list_id}");
} else {
cw_user_update_contact_list($user, $contact_list_id, $contact_list);
cw_header_location("index.php?target={$target}&mode={$mode}&user={$user}");
}
}
if ($action == 'delete' && is_array($del)) {
foreach ($del as $contact_list_id => $val) {
cw_user_delete_contact_list($user, $contact_list_id);
<?php
if (empty($product_id)) {
return true;
}
global $smarty, $tables;
$current_target = 'index.php?target=products&mode=details&js_tab=reviews&product_id=' . $product_id;
$review_session_data =& cw_session_register('review_session_data', array());
$top_message =& cw_session_register('top_message');
$review_data['page'] = $review_session_data['page'] = !empty($page) ? $page : 1;
$review_data['sort_field'] = "";
$review_data['sort_direction'] = "";
$where = "WHERE {$tables['products_reviews']}.product_id = {$product_id}";
$orderby = "ORDER BY {$tables['products_reviews']}.ctime";
$limit = "";
$mandatory_where = array("{$tables['products_reviews']}.product_id = {$product_id}");
if ($action == 'delete') {
if (!empty($checked_review)) {
foreach ($checked_review as $review_id => $_review) {
cw_review_delete_review($review_id);
}
$top_message = array('content' => cw_get_langvar_by_name('txt_review_nas_been_deleted'), 'type' => 'I');
cw_header_location($current_target . "&action=process");
}
}
if ($action == 'add_reviews') {
if (!empty($review_new['message'])) {
cw_call('cw_review_add_new_review_manual', array($review_new, $product_id));
$top_message = array('content' => cw_get_langvar_by_name('msg_adm_products_reviews_upd'), 'type' => 'I');
}
cw_header_location($current_target . "&action=process");
<?php
if ($action == 'generate_group') {
cw_load('doc');
cw_doc_generate_group(array_keys($docs));
cw_header_location("index.php?target={$target}&mode={$mode}&user={$user}");
}
$search =& cw_session_register('search');
if (isset($_GET['doc_type'])) {
$search['placed_docs']['doc_type'] = $doc_type;
}
if (isset($_GET['fromdate'])) {
if (empty($fromdate)) {
$search['placed_docs']['basic']['creation_date_start'] = 0;
} else {
$search['placed_docs']['basic']['creation_date_start'] = cw_core_strtotime($fromdate);
}
}
if (isset($_GET['todate'])) {
if (empty($fromdate)) {
$search['placed_docs']['basic']['creation_date_end'] = 0;
} else {
$search['placed_docs']['basic']['creation_date_end'] = cw_core_strtotime($todate) + 86399;
}
}
$search['placed_docs']['basic']['customer_id'] = $user;
$_tmp_cond = $search_data['orders'];
if ($search['placed_docs']['doc_type']) {
$docs_type = $search['placed_docs']['doc_type'];
} else {
$docs_type = 'O';
function ResetAccessToken()
{
if ($this->debug) {
$this->OutputDebug('Resetting the access token status for OAuth server located at ' . $this->access_token_url);
}
if (!$this->session_started) {
return $this->SetPHPError('it was not possible to start the PHP session', $php_error_message);
}
$this->session_started = true;
$linkedin_login_session =& cw_session_register('linkedin_login_session', array());
if (isset($linkedin_login_session['OAUTH_ACCESS_TOKEN'][$this->access_token_url])) {
unset($linkedin_login_session['OAUTH_ACCESS_TOKEN'][$this->access_token_url]);
}
return true;
}
}
if ($mode == 'friends') {
cw_include('addons/estore_gift/wishlist.php');
$smarty->assign('allow_edit', false);
$smarty->assign('main', 'friends');
} elseif ($mode == 'giftcert' || $mode == 'preview' || $mode == 'gc2cart' || $mode == 'modify_gc' || $action == 'delgc' || $action == "addgc2wl") {
cw_include('addons/estore_gift/cert.php');
} elseif ($mode == 'gifts') {
$access_status =& cw_session_register('access_status', array());
if (!empty($cc)) {
cw_include("addons/estore_gift/giftreg_confirm.php");
}
if (!empty($eventid)) {
if (!empty($wlid)) {
if (cw_query_first_cell("SELECT event_id FROM {$tables['wishlist']} WHERE wishlist_id='{$wild}'") == $eventid) {
$wlid_eventid =& cw_session_register("wlid_eventid");
$wlid_eventid = $eventid;
cw_session_save("wlid_eventid");
}
}
cw_include("addons/estore_gift/event_guestbook.php");
cw_include("addons/estore_gift/giftreg_display.php");
} else {
cw_include("addons/estore_gift/giftreg_search.php");
}
} elseif ($mode == 'events') {
if (isset($_GET['event_id'])) {
cw_include('addons/estore_gift/event.php');
} else {
cw_include('addons/estore_gift/events.php');
}
function dod_modify_bonuses($generator_id)
{
global $tables, $bonus_names;
global $dod_bonuses, $dod_bonus;
if (empty($generator_id)) {
$GLOBALS['_dod_bonuses'] =& $dod_bonuses;
cw_session_register('_dod_bonuses');
$GLOBALS['_dod_bonus'] =& $dod_bonus;
cw_session_register('_dod_bonus');
return array(true, null);
//return array(false, 'generator Id was not provided');
}
db_query("DELETE FROM {$tables['dod_bonuses']} WHERE generator_id = '{$generator_id}'");
db_query("DELETE FROM {$tables['dod_bonus_details']} WHERE generator_id = '{$generator_id}'");
$available_fields = array('bonus_id' => 'int', 'generator_id' => 'int', 'type' => 'string', 'apply' => 'int', 'coupon' => 'string', 'discount' => 'float', 'disctype' => 'int');
$excl_from_base_list = array('bonus_id');
foreach ($excl_from_base_list as $field) {
if (isset($available_fields[$field])) {
unset($available_fields[$field]);
}
}
$optional_fields = array('discount', 'disctype');
$date_fields = array();
$skip_striptags_fields = array();
if (empty($dod_bonuses[DOD_DISCOUNT])) {
$dod_bonuses[DOD_DISCOUNT] = 1;
$unused_dod_discount_bonus = 1;
} else {
$unused_dod_discount_bonus = 0;
}
if (empty($dod_bonuses) || !is_array($dod_bonuses)) {
return array(true, null);
}
$available_btypes = array(DOD_DISCOUNT, DOD_FREE_PRODS, DOD_FREE_SHIP, DOD_COUPON);
$bonuses = array();
foreach ($dod_bonuses as $bonus_type => $trash) {
if (!isset($dod_bonus[$bonus_type]) || empty($dod_bonus[$bonus_type]) || !in_array($bonus_type, $available_btypes)) {
unset($dod_bonuses[$bonus_type]);
} else {
$bonuses[$bonus_type] = $dod_bonus[$bonus_type];
}
}
unset($dod_bonus);
if (empty($dod_bonuses) || empty($bonuses)) {
return array(true, null);
}
$GLOBALS['_dod_bonuses'] =& $dod_bonuses;
cw_session_register('_dod_bonuses');
$errors = array();
$tmp_optional_fields = $optional_fields;
foreach ($bonuses as $bonus_type => $input_data) {
$optional_fields = $tmp_optional_fields;
$additional_lang_data = array();
$pids = $cids = array();
$input_data['generator_id'] = $generator_id;
$input_data['type'] = $bonus_type;
if ($bonus_type != DOD_COUPON) {
$input_data['coupon'] = 1;
if ($input_data['apply'] == DOD_APPLY_PRODS || $bonus_type == DOD_FREE_PRODS || $bonus_type == DOD_DISCOUNT) {
if (!isset($input_data['products']) && !isset($input_data['cats']) && !isset($input_data['mans']) && !isset($input_data['attr']) || empty($input_data['products']) && empty($input_data['cats']) && empty($input_data['mans']) && empty($input_data['attr'])) {
$additional_lang_data = array('bonus' => cw_get_langvar_by_name($bonus_names[$bonus_type]));
$errors[] = cw_get_langvar_by_name('msg_dod_bonus_incorrect', $additional_lang_data);
continue;
}
if (isset($input_data['products']) && !empty($input_data['products'])) {
$products_data = array();
foreach ($input_data['products'] as $product_data) {
$product_data['id'] = trim($product_data['id']);
$products_data[$product_data['id']] = $product_data['quantity'];
}
$pids = array_keys($products_data);
$pids = cw_query_column("SELECT product_id as id FROM {$tables['products']} WHERE product_id IN ('" . implode("','", $pids) . "')");
}
if (isset($input_data['cats']) && !empty($input_data['cats'])) {
$cats_data = array();
foreach ($input_data['cats'] as $cat_data) {
$cat_data['id'] = trim($cat_data['id']);
$cats_data[$cat_data['id']] = $cat_data['quantity'];
}
$cids = array_keys($cats_data);
$cids = cw_query_column("SELECT category_id as id FROM {$tables['categories']} WHERE category_id IN ('" . implode("','", $cids) . "')");
}
if (isset($input_data['mans']) && !empty($input_data['mans'])) {
$mids = array_values($input_data['mans']);
}
if (isset($input_data['attr'])) {
// Prepare attributes data
if (isset($input_data['attr']) && !empty($input_data['attr'])) {
$attr_data = array();
foreach ($input_data['attr'] as $a_data) {
$attr_data[trim($a_data['attribute_id'])] = array('quantity' => $a_data['quantity'], 'value' => current($a_data['value']), 'operation' => $a_data['operation']);
}
$attrids = array_keys($attr_data);
$attrids = cw_query_column("SELECT attribute_id as id FROM {$tables['attributes']} WHERE attribute_id IN ('" . implode("','", $attrids) . "')");
}
}
if (empty($pids) && empty($cids) && empty($mids) && empty($attrids)) {
$additional_lang_data = array('bonus' => cw_get_langvar_by_name($bonus_names[$bonus_type]));
$errors[] = cw_get_langvar_by_name('msg_dod_bonus_incorrect', $additional_lang_data);
continue;
}
}
}
if ($bonus_type != DOD_DISCOUNT && $bonus_type != DOD_FREE_SHIP) {
$input_data['discount'] = $input_data['disctype'] = null;
} elseif ($bonus_type == DOD_FREE_SHIP) {
$input_data['disctype'] = null;
} else {
$optional_fields = array();
}
if (in_array($bonus_type, array(DOD_FREE_PRODS, DOD_COUPON))) {
$optional_fields[] = 'apply';
}
$data = array();
foreach ($date_fields as $field) {
if (isset($input_data[$field]) && !empty($input_data[$field])) {
$input_data[$field] = cw_core_strtotime($input_data[$field]);
}
}
$error = null;
foreach ($available_fields as $field => $field_type) {
if (isset($input_data[$field])) {
$result = settype($input_data[$field], $field_type);
if ($result === false) {
$error = 'msg_dod_incorrect_field_type';
$additional_lang_data = array('field_name' => $field);
break;
}
if (empty($input_data[$field]) && !($bonus_type == DOD_DISCOUNT && $unused_dod_discount_bonus)) {
if (in_array($field, $optional_fields)) {
$data[$field] = null;
} else {
$additional_lang_data = array('bonus' => cw_get_langvar_by_name($bonus_names[$bonus_type]));
$error = 'msg_dod_bonus_incorrect';
break;
}
} else {
if ($field_type == 'string' && !in_array($field, $skip_striptags_fields)) {
$input_data[$field] = cw_strip_tags($input_data[$field]);
}
$data[$field] =& $input_data[$field];
}
} else {
if ($field_type == 'bool') {
$data[$field] = 0;
} else {
if (in_array($field, $optional_fields)) {
$data[$field] = null;
} else {
$additional_lang_data = array('bonus' => cw_get_langvar_by_name($bonus_names[$bonus_type]));
$error = 'msg_dod_bonus_incorrect';
break;
}
}
}
}
if (!empty($error)) {
$errors[] = cw_get_langvar_by_name($error, $additional_lang_data);
continue;
}
if (empty($data)) {
continue;
}
if ($data['type'] == DOD_DISCOUNT) {
$data['unused'] = $unused_dod_discount_bonus;
}
$bonus_id = cw_array2insert($tables['dod_bonuses'], cw_addslashes($data));
if ($bonus_type == DOD_FREE_SHIP) {
foreach ($input_data['methods'] as $trash => $shipping_id) {
$data = array('generator_id' => $generator_id, 'bonus_id' => $bonus_id, 'object_id' => $shipping_id, 'object_type' => DOD_OBJ_TYPE_SHIPPING);
cw_array2insert($tables['dod_bonus_details'], cw_addslashes($data));
}
}
if ($bonus_type != DOD_COUPON) {
if ($input_data['apply'] == DOD_APPLY_PRODS || $bonus_type == DOD_FREE_PRODS || $bonus_type == DOD_DISCOUNT) {
if (!empty($pids)) {
$data = array();
$data['generator_id'] = $generator_id;
$data['bonus_id'] = $bonus_id;
foreach ($pids as $pid) {
$data['object_id'] = $pid;
$data['object_type'] = DOD_OBJ_TYPE_PRODS;
$data['quantity'] = $products_data[$pid];
if (empty($data['quantity'])) {
$data['quantity'] = 1;
}
cw_array2insert($tables['dod_bonus_details'], cw_addslashes($data));
}
}
if (!empty($cids)) {
$data = array();
$data['generator_id'] = $generator_id;
$data['bonus_id'] = $bonus_id;
foreach ($cids as $cid) {
$data['object_id'] = $cid;
$data['object_type'] = DOD_OBJ_TYPE_CATS;
$data['quantity'] = $cats_data[$cid];
if (empty($data['quantity'])) {
$data['quantity'] = 1;
}
cw_array2insert($tables['dod_bonus_details'], cw_addslashes($data));
}
}
if (!empty($mids)) {
$data = array();
$data['generator_id'] = $generator_id;
$data['bonus_id'] = $bonus_id;
$data['quantity'] = 1;
foreach ($mids as $mid) {
$data['object_id'] = $mid;
$data['object_type'] = DOD_OBJ_TYPE_MANS;
cw_array2insert($tables['dod_bonus_details'], cw_addslashes($data));
}
}
// Save attributes to condition details
if (!empty($attrids)) {
$data = array();
$data['generator_id'] = $generator_id;
$data['bonus_id'] = $bonus_id;
$data['quantity'] = 1;
foreach ($attrids as $aid) {
$data['object_id'] = $aid;
$data['object_type'] = DOD_OBJ_TYPE_ATTR;
$data['param1'] = $attr_data[$aid]['value'];
$data['param2'] = $attr_data[$aid]['operation'];
cw_array2insert($tables['dod_bonus_details'], cw_addslashes($data));
}
}
}
}
unset($bonuses[$bonus_type]);
}
if (!empty($bonuses)) {
$GLOBALS['_dod_bonus'] =& $bonuses;
cw_session_register('_dod_bonus');
}
if (!empty($errors)) {
$error = implode("<br />\n", $errors);
return array(false, $error);
}
return array(true, null);
}
<?php
$salesman =& cw_session_register("salesman");
$salesman_click_id =& cw_session_register("salesman_click_id");
$salesman_saleman =& cw_session_register("salesman_saleman");
$salesman_membership =& cw_session_register("salesman_membership");
if ($_GET['saleman']) {
$salesman_saleman = $saleman;
}
if ($_GET['level'] && $_GET['saleman']) {
$salesman_membership = $level;
}
if ($customer_id) {
$possible_salesman = cw_query_first_cell("select salesman_customer_id from {$tables['customers_relations']} where customer_id='{$customer_id}'");
if ($possible_salesman) {
$salesman = $possible_salesman;
}
}
$_tmp_current_host = $app_http_host;
$_tmp = parse_url($current_location);
if (!empty($_tmp['host'])) {
$_tmp_current_host = $_tmp['host'];
}
if (empty($salesman) && (!empty($_GET['salesman']) || !empty($_POST['salesman_customer_id']))) {
#
# Assign current salesman value
#
if (isset($_POST['salesman_customer_id']) && !empty($_POST['salesman_customer_id'])) {
$salesman = $_POST['salesman_customer_id'];
} else {
$salesman = $_GET['salesman'];
<?php
if (empty($customer_id) && $target != 'mslive_login') {
$mslive_login_info =& cw_session_register('mslive_login_info');
$mslive_login_authUrl = $http_location . '/index.php?target=mslive_login';
$smarty->assign('mslive_login_authUrl', $mslive_login_authUrl);
if (!$is_ajax) {
$mslive_login_info['return_url'] = $current_host_location . $_SERVER['REQUEST_URI'];
}
}
<?php
cw_load('files');
$login_type =& cw_session_register("login_type");
$is_substitute = $login_type == 'A' || $login_type == 'P' ? false : true;
if (empty($id)) {
$id = false;
}
if (empty($type)) {
$type = 'products_images_thumb';
}
$image_type = '';
$image_path = '';
$image_size = 0;
if (isset($_GET['tmp'])) {
$file_upload_data =& cw_session_register('file_upload_data', array());
if ($available_images[$type]['multiple'] && is_array($file_upload_data)) {
if ($file_upload_data[$type][$imgid]) {
$image_posted = $file_upload_data[$type][intval($imgid)];
}
} else {
$image_posted = $file_upload_data[$type];
}
if (!empty($image_posted)) {
if ($image_posted['date'] == 0 || time() - $image_posted['date'] > USE_SESSION_LENGTH) {
cw_unset($file_upload_data, $type);
unset($image_posted);
} elseif (!empty($image_posted['file_path']) && $image_posted['id'] == $id && $image_posted['type'] == $type) {
$image_type = $image_posted['image_type'];
$image_path = $image_posted['file_path'];
$image_type = $image_posted['image_type'];
function cw_ps_on_collect_shipping_rates_hash()
{
return cw_session_register('special_offers_apply');
}
