if (!defined('CC_INI_SET')) {
die('Access Denied');
}
Admin::getInstance()->permissions('settings', CC_PERM_READ, true);
global $lang;
if (isset($_GET['delete']) && Admin::getInstance()->permissions('settings', CC_PERM_DELETE)) {
## Purge database
if ($GLOBALS['language']->deleteLanguage($_GET['delete'])) {
$GLOBALS['main']->setACPNotify($lang['translate']['notify_language_delete']);
} else {
$GLOBALS['main']->setACPWarning($lang['translate']['error_language_delete']);
}
httpredir(currentPage(array('delete')));
}
if (isset($_GET['download']) && Admin::getInstance()->permissions('settings', CC_PERM_READ)) {
deliverFile(CC_ROOT_DIR . '/language/' . $_GET['download'] . '.xml');
exit;
}
if (isset($_POST['save']) && isset($_POST['string']) && Admin::getInstance()->permissions('settings', CC_PERM_EDIT)) {
## Load all existing language strings
$GLOBALS['language']->loadDefinitions($_GET['language']);
$base_strings = $GLOBALS['language']->loadLanguageXML($_GET['language']);
# Save strings to Database
$clear = false;
foreach ($GLOBALS['RAW']['POST']['string'] as $type => $data) {
foreach ($data as $name => $value) {
$record = array('language' => $_GET['language'], 'type' => $type, 'name' => $name);
$basic = htmlspecialchars($base_strings[$type][$name], ENT_COMPAT, 'UTF-8', false);
if ($basic != $value) {
$GLOBALS['db']->delete('CubeCart_lang_strings', $record);
$record['value'] = htmlspecialchars_decode($value, ENT_COMPAT);
$member['long_name'] = implode(' ', $long_name);
$member['short_name'] = implode(' ', $short_name);
}
}
$replace = array($member['email'], $member['long_name'], $member['short_name'], $member['title'], $member['first_name'], $member['last_name']);
/* Start Fixing Bug 2884 */
if ($_POST['maillist_extension'] == "txt") {
$file_data .= str_replace($find, $replace, $GLOBALS['RAW']['POST']['maillist_format']) . ",";
} else {
$file_data .= str_replace($find, $replace, $GLOBALS['RAW']['POST']['maillist_format']) . "\n";
}
/* End Fixing Bug 2884 */
unset($customer, $replace, $member, $long_name, $short_name);
}
$GLOBALS['debug']->supress(true);
deliverFile(false, false, $file_data, $lang['email']['export_filename'] . '.' . $_POST['maillist_extension']);
exit;
} else {
$GLOBALS['main']->setACPWarning($lang['email']['error_news_export_empty']);
}
}
$GLOBALS['gui']->addBreadcrumb($lang['email']['title_newsletters'], currentPage(array('action', 'newsletter_id')));
$seo = SEO::getInstance();
$newsletter = Newsletter::getInstance();
if (isset($_POST['newsletter']) && !empty($_POST['newsletter'])) {
$redirect = false;
$proceed = true;
if (empty($_POST['newsletter']['subject'])) {
$proceed = false;
$GLOBALS['main']->setACPWarning($lang['email']['error_no_subject']);
}
} else {
httpredir(CC_ROOT_REL . 'setup/index.php?autoupdate=1');
}
}
}
// end if $contents
}
if (isset($_GET['delete']) && file_exists('backup/' . $_GET['delete'])) {
## Generic error message for logs delete specific for backup
$message = preg_match('/\\_error_log$/', $_GET['delete']) ? $lang['filemanager']['notify_file_delete'] : $lang['maintain']['backup_deleted'];
$GLOBALS['main']->setACPWarning($message);
unlink('backup/' . $_GET['delete']);
httpredir('?_g=maintenance&node=index#backup');
}
if (isset($_GET['download']) && file_exists('backup/' . $_GET['download'])) {
deliverFile('backup/' . $_GET['download']);
httpredir('?_g=maintenance&node=index#backup');
}
########## Rebuild ##########
$clear_post = false;
if (isset($_POST['truncate_seo_custom'])) {
if ($GLOBALS['db']->delete('CubeCart_seo_urls', array('custom' => 1))) {
$GLOBALS['main']->setACPNotify($lang['maintain']['seo_urls_emptied']);
} else {
$GLOBALS['main']->setACPWarning($lang['maintain']['seo_urls_not_emptied']);
}
$clear_post = true;
}
if (isset($_POST['truncate_seo_auto'])) {
if ($GLOBALS['db']->delete('CubeCart_seo_urls', array('custom' => 0))) {
$GLOBALS['main']->setACPNotify($lang['maintain']['seo_urls_emptied']);
unset($formatted_field, $exploded_fields);
$data_fields[] = in_array($field, $field_keys_to_wrap) && isset($result[$field]) ? $field_wrapper . $result[$field] . $field_wrapper : $result[$field];
}
if (isset($header_fields)) {
$output[] = implode($delimiter, $header_fields);
unset($header_fields);
}
$output[] = implode($delimiter, $data_fields);
unset($data_fields);
}
if (isset($output) && !empty($output)) {
$filename = $_GET['format'] . '_' . date('Ymd') . '_' . $_GET['page'] . '.' . $extension;
$output = is_array($output) ? implode($glue, $output) : $output;
$GLOBALS['debug']->supress();
if (!isset($_GET['access'])) {
deliverFile(false, false, $output, $filename);
} else {
echo $output;
}
exit;
}
} else {
$GLOBALS['main']->setACPWarning($lang['category']['no_products']);
}
}
$GLOBALS['main']->addTabControl($lang['common']['export'], 'export');
$formats = array('cubecart' => 'CubeCart');
foreach ($GLOBALS['hooks']->load('admin.product.import.list') as $hook) {
include $hook;
}
$page_limits = array(50, 100, 250, 500, 1000, 5000, 10000, 25000);
foreach ($zones as $zone) {
$zone_name[$zone['id']] = $zone['name'];
}
}
foreach ($customers_export as $customer) {
// Find default address
$address = $GLOBALS['db']->select('CubeCart_addressbook', array('company_name', 'line1', 'line2', 'town', 'state', 'postcode', 'country'), array('customer_id' => $customer['customer_id'], 'billing' => 1));
// Get state name if it is numeric
$address[0]['state'] = is_numeric($address[0]['state']) ? $zone_name[$address[0]['state']] : $address[0]['state'];
$data = array_merge($address[0], $customer);
$external_report->report_customer_data($data);
}
}
$file_name = ucfirst($module_name[0]) . ' ' . $lang['customer']['customer_export'] . ' ' . date("Ymd") . '.csv';
$GLOBALS['debug']->supress(true);
deliverFile(false, false, $external_report->_report_data, $file_name);
exit;
}
if (isset($_POST['customer']) && is_array($_POST['customer']) && Admin::getInstance()->permissions('customers', CC_PERM_EDIT)) {
$customer = $_POST['customer'];
$customer_added = $customer_not_added = $customer_updated = false;
// Reset password
if (isset($customer['password']) && !empty($customer['password'])) {
if ($customer['password'] === $customer['passconf']) {
$salt = Password::getInstance()->createSalt();
$customer['salt'] = $salt;
$customer['new_password'] = 1;
$customer['password'] = Password::getInstance()->getSalted($customer['password'], $salt);
}
//Or not
} else {
/**
* Deliver a file
*/
public function deliver($kind)
{
$file_info = $this->getDocFileInfoByFileId($this->file_id);
if ($file_info === false) {
$errorMessage = _("Documento non trovato");
echo "<script language=\"javascript\">\r\n document.write(\"{$errorMessage}\");\r\n </script>";
die;
}
$name = $this->getDocFullName($file_info['doc_file'], $kind, '', $file_info['doc_file_id'], false);
if ($this->hasVirus($name) === true) {
$virusMessage = _("ATTENZIONE! E' stato impedito lo scaricamento del file desiderato in quanto si ritiene che possa contenere un virus");
echo "<script language=\"javascript\">\r\n document.write(\"{$virusMessage}\");\r\n </script>";
die;
}
deliverFile($name, array('name' => $file_info['doc_file'], 'disposition' => $this->disposition, 'cacheable' => $this->auth->getConfigValue('APPLICATION', 'DOCUMENT_CACHE_TTL') > 0, 'cache_ttl' => $this->auth->getConfigValue('APPLICATION', 'DOCUMENT_CACHE_TTL')));
}
exit;
}
// For security reason, we strip all leading points, slashes, and backslashes from pathInfo
$pathInfo = preg_replace('/^[.\\/\\\\]/', '', $pathInfo);
// Determine accept encoding
$acceptEncodings = split(',', strtolower($acceptEncoding));
if ($acceptEncoding === false) {
$acceptEncoding = array();
}
if (in_array('pack200-gzip', $acceptEncodings) && file_exists($pathInfo . '.pack.gz')) {
deliverFile($pathInfo . '.pack.gz', 'pack200-gzip');
} else {
if (in_array('gzip', $acceptEncodings) && file_exists($pathInfo . '.gz')) {
deliverFile($pathInfo . '.gz', 'gzip');
} else {
deliverFile($pathInfo, null);
}
}
function deliverFile($file, $contentEncoding)
{
if (file_exists($file) && ($filehandle = fopen($file, 'r'))) {
$fileCTime = filectime($file);
// We don't need to deliver the file, if it hasn't been modified
// since the last time it has been requested.
if (array_key_exists('HTTP_IF_MODIFIED_SINCE', $_SERVER)) {
$sinceTime = strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']);
if ($sinceTime !== false && $sinceTime >= $fileCTime) {
# header('Debug-Requested-File: ' . $file);
header('Debug-Last-Modified: ' . date('r', $fileCTime));
header('Debug-If-Modified-Since: ' . date('r', $sinceTime));
header('HTTP/1.0 304 Not Modified');
case 'logo':
$path = R3_UPLOAD_DATA_DIR . $domain . 'logo/';
$ttl = 7 * 24 * 60 * 60;
break;
case 'reference':
$path = R3_CONFIG_DIR . $domain . 'map/';
$ttl = 7 * 24 * 60 * 60;
$file = 'reference.png';
break;
case 'download':
$path = R3_WEB_DIR . 'download/';
$ttl = 7 * 24 * 60 * 60;
break;
case 'tmp':
$path = R3_TMP_DIR;
$ttl = 24 * 60 * 60;
break;
default:
throw new Exception("Invalid type \"{$type}\"");
}
// Search file in the appropriate path
$fileName = $path . $file;
if (!file_exists($fileName)) {
header($_SERVER["SERVER_PROTOCOL"] . " 404 Not Found");
header("Status: 404 Not Found");
echo "<html><head>\r\n <title>404 Not Found</title>\r\n </head><body>\r\n <h1>Not Found</h1>\r\n <p>The requested URL {$_SERVER['REQUEST_URI']} was not found on this server.</p>\r\n <hr>\r\n <address>See http and application configuration</address>\r\n </body></html>";
die;
}
$downloadName = $name == '' ? $file : $name;
deliverFile($fileName, array('name' => $downloadName, 'disposition' => $disposition, 'purge' => false, 'cacheable' => $ttl > 0, 'cache_ttl' => $ttl, 'header' => array('etag' => null), 'die' => true));
}
$data[] = implode(',', $values);
$smarty_data['report_date'][] = $order_summary;
$i++;
}
$GLOBALS['smarty']->assign('REPORT_DATE', $smarty_data['report_date']);
if (isset($_POST['download']) || isset($_POST['external_report']) && is_array($_POST['external_report'])) {
$GLOBALS['debug']->supress(true);
if (isset($_POST['download'])) {
$file_content = implode("\r\n", $data);
$file_name = $lang['reports']['sales_data'] . ' ' . $download_range;
} else {
$file_content = $external_report->_report_data;
$file_name = ucfirst($module_name[0]) . ' ' . $lang['reports']['data'] . ' ' . $download_range;
}
deliverFile(false, false, $file_content, $file_name . '.csv');
exit;
}
## Show table footer
$tally['orders'] = count($orders);
foreach ($tally as $key => $value) {
$tallyformatted[$key] = $key == 'orders' ? $value : sprintf('%.2F', $value);
}
$smarty_data['tally'] = $tallyformatted;
$GLOBALS['smarty']->assign('DOWNLOAD', true);
## Get external module export code
$where = array('module' => 'external', 'status' => '1');
## Start classes for external reports
if (($module = $GLOBALS['db']->select('CubeCart_modules', 'folder', $where)) !== false) {
foreach ($module as $module_data) {
if (file_exists(CC_ROOT_DIR . '/modules/external/' . $module_data['folder'])) {
unlink($file);
httpredir('?_g=maintenance&node=index#backup');
} else {
if (file_exists($file) && preg_match('/^.*\\.(sql|zip)$/i', $file)) {
## Generic error message for logs delete specific for backup
$message = preg_match('/\\_error_log$/', $file) ? $lang['filemanager']['notify_file_delete'] : sprintf($lang['maintain']['backup_deleted'], basename($file));
$GLOBALS['main']->setACPNotify($message);
unlink($file);
httpredir('?_g=maintenance&node=index#backup');
}
}
}
if (isset($_GET['download'])) {
$file = 'backup/' . basename($_GET['download']);
if (file_exists($file)) {
deliverFile($file);
httpredir('?_g=maintenance&node=index#backup');
}
}
########## Rebuild ##########
$clear_post = false;
if (isset($_POST['truncate_seo_custom'])) {
if ($GLOBALS['db']->delete('CubeCart_seo_urls', array('custom' => 1))) {
$GLOBALS['main']->setACPNotify($lang['maintain']['seo_urls_emptied']);
} else {
$GLOBALS['main']->setACPWarning($lang['maintain']['seo_urls_not_emptied']);
}
$clear_post = true;
}
if (isset($_POST['truncate_seo_auto'])) {
if ($GLOBALS['db']->delete('CubeCart_seo_urls', array('custom' => 0))) {
