}
// For updating product,orders and customers details.
if (isset($_POST['cmd']) && $_POST['cmd'] == 'saveData') {
check_ajax_referer('smart-manager-security', 'security');
//For encoding the string in UTF-8 Format
// $charset = "EUC-JP, ASCII, UTF-8, ISO-8859-1, JIS, SJIS";
$charset = get_bloginfo('charset') === 'UTF-8' ? null : get_bloginfo('charset');
if (!is_null($charset)) {
$_POST['edited'] = mb_convert_encoding(stripslashes($_POST['edited']), "UTF-8", $charset);
} else {
$_POST['edited'] = stripslashes($_POST['edited']);
}
if ($active_module == 'Products') {
$result = data_for_insert_update($_POST);
} elseif ($active_module == 'Orders') {
$result = data_for_update_orders($_POST);
} elseif ($active_module == 'Customers') {
$result = update_customers($_POST);
}
if ($result['result']) {
if ($result['updated'] && $result['inserted']) {
if ($result['updateCnt'] == 1 && $result['insertCnt'] == 1) {
$encoded['msg'] = "<b>" . $result['updateCnt'] . "</b> " . __('Record Updated and', $sm_text_domain) . "<br><b>" . $result['insertCnt'] . "</b> " . __('New Record Inserted Successfully', $sm_text_domain);
} elseif ($result['updateCnt'] == 1 && $result['insertCnt'] != 1) {
$encoded['msg'] = "<b>" . $result['updateCnt'] . "</b> " . __('Record Updated and', $sm_text_domain) . "<br><b>" . $result['insertCnt'] . "</b> " . __('New Records Inserted Successfully', $sm_text_domain);
} elseif ($result['updateCnt'] != 1 && $result['insertCnt'] == 1) {
$encoded['msg'] = "<b>" . $result['updateCnt'] . "</b> " . __('Records Updated and', $sm_text_domain) . "<br><b>" . $result['insertCnt'] . "</b> " . __('New Record Inserted Successfully', $sm_text_domain);
} else {
$encoded['msg'] = "<b>" . $result['updateCnt'] . "</b> " . __('Records Updated and', $sm_text_domain) . "<br><b>" . $result['insertCnt'] . "</b> " . __('New Records Inserted Successfully', $sm_text_domain);
}
} else {
function batchUpdateWpsc($post)
{
global $post_status_update, $table_prefix, $wpdb;
$_POST = $post;
// Fix: PHP 5.4
if (!empty($wpdb->prefix)) {
$wp_table_prefix = $wpdb->prefix;
}
$ids = json_decode(stripslashes($_POST['ids']));
$fupdatecount_value = json_decode(stripslashes($_POST['fupdatecnt']));
// code to handle the message for different number of max. records
if ($_POST['activeModule'] == 'Products') {
$active_module = 'Products';
$actions = json_decode($_POST['updateDetails']);
$sel_records = json_decode($_POST['selected']);
$radioData = $wpdb->_real_escape($_POST['radio']);
$flag = $wpdb->_real_escape($_POST['flag']);
$result = data_for_insert_update($_POST);
//save new products and update modified products before doing batch update.
// create an array of ids (newly added products & modified products)
$count = 0;
for ($i = 0; $i < count($ids); $i++) {
if (strstr($ids[$i], 'ext-record') != '') {
$ids_temp[$i] = $result['productId'][$count];
$count++;
}
}
if (isset($sel_records) && $sel_records != null) {
//collectin the variation product's id
foreach ($sel_records as $record) {
if ($record->post_parent != 0) {
$children_ids[] = $record->id;
} else {
$parent_ids[] = $record->id;
}
}
}
$variation_action = array();
foreach ($actions as $action) {
if (substr($action->colFilter, 0, 9) == 'Variation') {
$variation_action[] = $action;
}
}
if (!empty($parent_ids) && !empty($variation_action)) {
process_product_variation($actions, $parent_ids);
// Function call to process product variations
}
} else {
if ($_POST['activeModule'] == 'Customers') {
$active_module = 'Customers';
$result = update_customers($_POST);
} else {
$active_module = 'Orders';
$result = data_for_update_orders($_POST);
}
$actions = json_decode($_POST['values']);
}
//$idLength = count ( $ids );
$idLength = $fupdatecount_value;
$selected_ids = $wpdb->_real_escape(implode(',', $ids));
$length = count($actions);
$query = "SELECT meta_id,meta_value FROM `{$wp_table_prefix}postmeta`\n WHERE `meta_key` = '_wpsc_product_metadata'\n AND `post_id` in (" . $wpdb->_real_escape(implode(',', $ids)) . ")";
$records = $wpdb->get_results($query);
$num_rows = $wpdb->num_rows;
if ($num_rows > 0) {
foreach ($records as &$record) {
$wpsc_product_metadata[$record->meta_id] = unserialize($record->meta_value);
}
}
//Function to handle the batch update for Registered Customers
function update_customer_user($action_name, $old_value, $new_value)
{
switch ($action_name) {
case 'SET_TO':
$update_value = $new_value;
break;
case 'PREPEND':
$update_value = $new_value . $old_value;
break;
case 'APPEND':
$update_value = $old_value . $new_value;
break;
}
return $update_value;
}
// Building queries
for ($i = 0; $i < $length; $i++) {
if ($active_module == 'Products') {
if (substr($actions[$i]->colFilter, 0, 9) == 'Variation') {
continue;
}
// To skip updation of Variation
$action_name = $wpdb->_real_escape($actions[$i]->action);
$column_name = "{$wpdb->_real_escape($actions[$i]->colName)}";
$update_column = $actions[$i]->updateColName != '' ? "{$wpdb->_real_escape($actions[$i]->updateColName)}" : "{$wpdb->_real_escape($actions[$i]->colName)}";
$table_name = "`{$wpdb->_real_escape($actions[$i]->tableName)}`";
$col_filter = "{$wpdb->_real_escape($actions[$i]->colFilter)}";
$drop_down3_value = "{$wpdb->_real_escape($actions[$i]->unit)}";
//@todo for state code for customers
$col_id = $wpdb->_real_escape($actions[$i]->colId);
$is_category = strstr($col_id, 'group') != '' ? true : false;
if ($update_column == 'thumbnail') {
for ($j = 0; $j < sizeof($ids); $j++) {
update_post_meta($ids[$j], '_thumbnail_id', $actions[$i]->colValue);
}
}
$row_filter = '';
$filter_col = '';
if ($col_filter != '') {
$col_filter_arr = explode(':', $col_filter);
$filter_col = " {$wpdb->_real_escape($col_filter_arr[0])} ";
$row_filter = $wpdb->_real_escape($col_filter_arr[1]);
}
$text_cmp_value = $wpdb->_real_escape($actions[$i]->colValue);
} else {
$actions[$i][0] = explode(',', $actions[$i][0]);
$actions_index = 0;
foreach ($actions[$i][0] as $action) {
// trimming the field names & table names
$actions[$i][0][$action_index] = trim($actions[$i][0][$action_index]);
$action_index++;
}
// getting values from POST
$is_category = $wpdb->_real_escape((int) $actions[$i][0][0]);
$action_name = $wpdb->_real_escape(trim($actions[$i][1]));
$update_column = $wpdb->_real_escape(trim($actions[$i][0][0]));
$table_name = $wpdb->_real_escape(trim($actions[$i][0][1]));
$meta_value = $wpdb->_real_escape(trim($actions[$i][0][2]));
// form_id
$drop_down3_value = $wpdb->_real_escape(trim($actions[$i][3]));
// countryID
$drop_down4_value = $wpdb->_real_escape(trim($actions[$i][4]));
// region_id
$country_reg = array();
//reinitializaton
$text_cmp_value = trim($actions[$i][2]) == '' ? $drop_down3_value : $wpdb->_real_escape(trim($actions[$i][2]));
if ($table_name == WPSC_TABLE_SUBMITED_FORM_DATA) {
if ($active_module == 'Orders') {
$log_ids = $wpdb->_real_escape(implode(',', $ids));
} else {
$selected_objects = json_decode($_POST['selected']);
$k = 0;
$l = 0;
foreach ($selected_objects as $obj) {
if ($obj->id > 0) {
$user_ids[$l] = $obj->id;
$l++;
} else {
$log_id[$k] = $obj->last_order_id;
$k++;
}
}
if (!is_null($log_id)) {
$log_ids = implode(",", $log_id);
}
if (!is_null($user_ids)) {
$log_users = implode(",", $user_ids);
$query = "SELECT users.ID,users.user_email, GROUP_CONCAT(usermeta.meta_value \n ORDER BY usermeta.umeta_id SEPARATOR '###' ) AS name\n FROM {$wpdb->users} AS users\n JOIN {$wpdb->usermeta} AS usermeta ON usermeta.user_id = users.id\n WHERE usermeta.meta_key IN ('first_name','last_name','wpshpcrt_usr_profile')\n AND users.ID IN ({$log_users})\n GROUP BY users.id DESC";
$reg_user = $wpdb->get_results($query, 'ARRAY_A');
for ($k = 0; $k < sizeof($reg_user); $k++) {
$user_details = explode("###", $reg_user[$k]['name']);
if ($meta_value == 2) {
$old_value = $user_details[0];
$update = $text_cmp_value;
$updated_value = update_customer_user($action_name, $old_value, $update);
$query_user = "******" . $updated_value . "'\n WHERE meta_key='first_name' AND user_id =" . $reg_user[$k]['ID'];
$result_user = $wpdb->query($query_user);
} else {
if ($meta_value == 3) {
$old_value = $user_details[1];
$update = $text_cmp_value;
$updated_value = update_customer_user($action_name, $old_value, $update);
$query_user = "******" . $updated_value . "'\n WHERE meta_key='last_name'AND user_id =" . $reg_user[$k]['ID'];
$result_user = $wpdb->query($query_user);
} else {
if ($meta_value == 9) {
$old_value = $reg_user[$k]['user_email'];
$update = $text_cmp_value;
$updated_value = update_customer_user($action_name, $old_value, $update);
$query_user = "******" . $updated_value . "'\n WHERE id =" . $reg_user[$k]['ID'];
$result_user = $wpdb->query($query_user);
} else {
$old_value = unserialize($user_details[2]);
$update = $text_cmp_value;
// Code for handling the batch update for Country of the Customer
if ($meta_value == 7) {
$old_country = $old_value[$meta_value][0];
$updated_value = update_customer_user($action_name, $old_country, $update);
$old_value[$meta_value][0] = $updated_value;
$old_value[6] = $drop_down4_value;
} else {
$updated_value = update_customer_user($action_name, $old_value[$meta_value], $update);
$old_value[$meta_value] = $updated_value;
}
$updated_final = serialize($old_value);
$query_user = "******" . $updated_final . "'\n WHERE meta_key='wpshpcrt_usr_profile'AND user_id =" . $reg_user[$k]['ID'];
$result_user = $wpdb->query($query_user);
}
}
}
}
}
}
}
}
$flag_query = 0;
switch ($action_name) {
case 'SET_TO':
if ($row_filter != '_wpsc_product_metadata') {
//version 3.8
$update_value[] = $update_column . ' = \'' . $text_cmp_value . '\'';
//is array for weight
}
if ($is_category) {
$query = "DELETE FROM " . $table_name . " WHERE `object_id` in (" . $wpdb->_real_escape(implode(',', $ids)) . ")";
$sql_result = $wpdb->query($query);
$sub_query = array();
for ($j = 0; $j < count($ids); $j++) {
$sub_query[] = "(" . $wpdb->_real_escape($ids[$j]) . "," . $text_cmp_value . ")";
}
$sub_query = implode(',', $sub_query);
$query = "INSERT INTO " . $table_name . " (object_id,`{$update_column}`) VALUES " . $sub_query;
$sql_result = $wpdb->query($query);
}
break;
case 'PREPEND':
if ($row_filter != '_wpsc_product_metadata') {
//version 3.8
$update_value = $update_column . ' = concat(\'' . $text_cmp_value . '\',' . $update_column . ')';
}
break;
case 'APPEND':
if ($row_filter != '_wpsc_product_metadata') {
//version 3.8
$update_value = $update_column . ' = concat(' . $update_column . ',\'' . $text_cmp_value . '\')';
}
break;
case 'INCREASE_BY_NUMBER':
if ($row_filter != '_wpsc_product_metadata') {
//version 3.8
$update_value[] = $update_column . ' = ' . $update_column . '+' . $text_cmp_value;
}
break;
case 'DECREASE_BY_NUMBER':
if ($row_filter != '_wpsc_product_metadata') {
//version 3.8
$update_value[] = $update_column . ' = ' . $update_column . '-' . $text_cmp_value;
}
break;
case 'INCREASE_BY_%':
if ($row_filter != '_wpsc_product_metadata') {
//version 3.8
$update_value[] = $update_column . ' = ' . $update_column . '+' . ($update_column . '*' . $text_cmp_value / 100);
}
break;
case 'DECREASE_BY_%':
if ($row_filter != '_wpsc_product_metadata') {
//version 3.8
$update_value[] = $update_column . ' = ' . $update_column . '-' . ($update_column . '*' . $text_cmp_value / 100);
}
break;
case 'YES':
if ($column_name == 'post_status') {
$update_value = $update_column . ' = \'publish\'';
} elseif ($column_name == '_wpsc_stock') {
$update_value = $update_column . ' = 0';
} else {
$update_value = $update_column . ' = 1';
}
break;
case 'NO':
if ($column_name == 'post_status') {
$update_value = $update_column . ' = \'draft\'';
} elseif ($column_name == '_wpsc_stock') {
$update_value = $update_column . ' = ""';
} else {
$update_value = $update_column . ' = 0';
}
break;
case 'ADD_TO':
$sub_query = array();
for ($j = 0; $j < count($ids); $j++) {
$sub_query[] = "( " . $wpdb->_real_escape($ids[$j]) . "," . $text_cmp_value . ")";
}
$sub_query = implode(',', $sub_query);
$query = "INSERT INTO " . $table_name . " (object_id,`{$update_column}`) VALUES " . $sub_query;
$sql_result = $wpdb->query($query);
break;
case 'REMOVE_FROM':
$query = "DELETE FROM " . $table_name . " WHERE object_id in (" . $wpdb->_real_escape(implode(',', $ids)) . ")\n AND `{$update_column}` = " . $text_cmp_value;
$sql_result = $wpdb->query($query);
break;
case 'SET_TO_SALES_PRICE':
for ($j = 0; $j < sizeof($ids); $j++) {
// $query = "SELECT meta_value FROM `{$wpdb->prefix}postmeta`
// WHERE meta_key = '_wpsc_special_price' AND post_id = ". $ids[$j];
// $result = $wpdb->get_col($query);
// $query = "UPDATE `{$wpdb->prefix}postmeta` SET meta_value =" . $result[0] . " WHERE meta_key = '_wpsc_price' AND post_id = ". $ids[$j];
// $result1 = $wpdb->query ($query);
$sale_price = get_post_meta($ids[$j], '_wpsc_special_price', true);
update_post_meta($ids[$j], '_wpsc_price', $sale_price);
}
$flag_query = 1;
break;
case 'SET_TO_REGULAR_PRICE':
for ($j = 0; $j < sizeof($ids); $j++) {
// $query = "SELECT meta_value FROM `{$wpdb->prefix}postmeta`
// WHERE meta_key = '_wpsc_price' AND post_id = ". $ids[$j];
// $result = $wpdb->get_col($query);
// $query = "UPDATE `{$wpdb->prefix}postmeta` SET meta_value =" . $result[0] . " WHERE meta_key = '_wpsc_special_price' AND post_id = ". $ids[$j];
// $result1 = $wpdb->query ($query);
$regular_price = get_post_meta($ids[$j], '_wpsc_price', true);
update_post_meta($ids[$j], '_wpsc_special_price', $regular_price);
}
$flag_query = 1;
break;
}
if (is_array($update_value)) {
$update_value = implode(',', $update_value);
}
$query = "UPDATE {$table_name} SET {$update_value} ";
if (isset($row_filter) && !empty($row_filter)) {
if ($row_filter == '_wpsc_product_metadata') {
//version 3.8
$query = '';
$params['value'] = $text_cmp_value;
// getting the text value
$params['unit'] = '';
if (!empty($drop_down3_value)) {
$params['unit'] = $drop_down3_value;
}
// getting the weight unit,
update_record_metadata($update_column, $wpsc_product_metadata, $params, $action_name);
foreach ($wpsc_product_metadata as $key => $value) {
$sz_postId_data[$key] = serialize($value);
}
} else {
$post_col = $table_name == "{$wp_table_prefix}_posts" ? 'id' : 'post_id';
$query .= " WHERE {$post_col} in (" . $wpdb->_real_escape(implode(',', $ids)) . ")";
if ($col_filter != '') {
$query .= " AND {$filter_col} = '{$row_filter}'";
}
}
} else {
if ($update_column == 'value' || $table_name == WPSC_TABLE_SUBMITED_FORM_DATA) {
//BOF non-filter columns
$query .= ' WHERE form_id = ' . $meta_value . ' AND log_id in (' . $log_ids . ');';
$get_form_id_query = "SELECT id,unique_name FROM " . WPSC_TABLE_CHECKOUT_FORMS . " \n\t\t\t\tWHERE unique_name in ('billingstate','billingcountry','shippingstate','shippingcountry')";
$form_ids = $wpdb->get_results($get_form_id_query, 'ARRAY_A');
foreach ($form_ids as $form_id) {
$ctry_reg_ids[$form_id['unique_name']] = $form_id['id'];
}
if (empty($drop_down4_value)) {
//*Note: when non-usa & non-canada country has been selected
$drop_down4_value = '';
}
if ($active_module == 'Customers') {
if ($meta_value == $ctry_reg_ids['billingcountry']) {
$sql = "UPDATE " . WPSC_TABLE_PURCHASE_LOGS . " SET billing_country = '{$drop_down3_value}' WHERE id in ({$log_ids})";
$sql_result = $wpdb->query($sql);
$update_region_name_query = "UPDATE {$table_name} SET value = '{$drop_down4_value}'\n\t\t\t\t\t\t\t WHERE form_id = {$ctry_reg_ids['billingstate']} \n\t\t\t\t\t\t\t AND log_id in ({$log_ids})";
$update_region_name_result = $wpdb->query($update_region_name_query);
$sql = "UPDATE " . WPSC_TABLE_PURCHASE_LOGS . " SET billing_region = '{$drop_down4_value}'\n\t\t\t\t\t\t\t WHERE id in ({$log_ids});";
}
} elseif ($active_module == 'Orders') {
if ($meta_value == $ctry_reg_ids['shippingcountry']) {
$sql = "UPDATE " . WPSC_TABLE_PURCHASE_LOGS . " SET shipping_country = '{$drop_down3_value}' WHERE id in ({$log_ids});";
$sql_result = $wpdb->query($sql);
//@todo need to be checked that if the country is usa save the region to purchlogs else to submitted form data
$update_region_name_query = "UPDATE {$table_name} SET value = '{$drop_down4_value}'\n\t\t\t\t\t\t\t WHERE form_id = {$ctry_reg_ids['shippingstate']} \n\t\t\t\t\t\t\t AND log_id in ({$log_ids})";
$update_region_name_result = $wpdb->query($update_region_name_query);
$sql = "UPDATE " . WPSC_TABLE_PURCHASE_LOGS . " SET shipping_region = '{$drop_down4_value}'\n\t\t\t\t\t\t\t WHERE id in ({$log_ids});";
}
}
$sql_result = $wpdb->query($sql);
$drop_down4_value = '';
} else {
$query .= " WHERE `id` in (" . $wpdb->_real_escape(implode(",", $ids)) . ")";
}
if (is_null($log_id) && $active_module == 'Customers') {
$query = "";
}
}
if ($flag_query == 0 && !empty($query)) {
$result = $wpdb->query($query);
}
$update_value = '';
if ($column_name == 'post_status') {
$post_status_col = $column_name;
$post_status_update = true;
}
if (isset($post_status_update) && $post_status_update && $i == $length - 1 && !empty($children_ids)) {
$query = "UPDATE {$table_name} SET {$post_status_col} = 'inherit' where id in (" . implode(',', $children_ids) . ")";
$result = $wpdb->query($query);
}
if ($active_module == 'Products' && !empty($row_filter)) {
foreach ((array) $sz_postId_data as $meta_id => $meta_value) {
//batch update sub part query
$sub_part_values[] .= "('{$meta_id}','{$meta_value}')";
}
if (is_array($sub_part_values)) {
$query = "insert into `{$wp_table_prefix}postmeta` (`meta_id`,`meta_value`) values " . implode(',', $sub_part_values) . "on duplicate key update meta_value = VALUES(meta_value)";
$records = $wpdb->query($query);
}
}
}
if ($radioData == 2 && $flag == 1) {
$updated_rows_cnt = 'All';
} else {
$updated_rows_cnt = $idLength;
}
return $updated_rows_cnt;
}
