// catch up warnings if no language-text defined for configuration-key $configuration_key_title = strtoupper($configuration['configuration_key'] . '_TITLE'); $configuration_key_desc = strtoupper($configuration['configuration_key'] . '_DESC'); if (defined($configuration_key_title)) { // if language definition $configuration_key_title = constant($configuration_key_title); $configuration_key_desc = constant($configuration_key_desc); } else { // if no language $configuration_key_title = $configuration['configuration_key']; // name = key $configuration_key_desc = ' '; // description = empty } if ($configuration_key_desc != str_replace("<meta ", "", $configuration_key_desc)) { $configuration_key_desc = encode_htmlentities($configuration_key_desc); } echo ' <div class="col-xs-12 text-left" style="border-bottom: 1px solid #aaaaaa;"> <div class=" col-sm-3 col-xs-12" ><b>' . $configuration_key_title . '</b></div> <div class=" col-sm-3 col-xs-12" >' . $value_field . '</div> <div class=" col-sm-6 col-xs-12" style="empty-cells: show;" >' . $configuration_key_desc . '</div> </div> '; } ?> </div> <?php echo '<input type="submit" class="btn btn-default xs_full_width" onclick="this.blur();" value="' . BUTTON_SAVE . '"/>'; ?> </form>
function xtc_href_link($page = '', $parameters = '', $connection = 'NONSSL', $add_session_id = true, $search_engine_safe = true, $urlencode = false, $meta = false) { global $request_type, $session_started, $http_domain, $https_domain, $truncate_session_id; $parameters = str_replace('&', '&', $parameters); // web28 - 2010-09-02 -- making link W3C-Conform if (!xtc_not_null($page)) { //die('</td></tr></table></td></tr></table><br /><br /><font color="#ff0000"><strong>Error!</strong></font><br /><br /><strong>Unable to determine the page link!<br /><br />'); $page = FILENAME_DEFAULT; } // GTB - 2012-04-10 - remove index.php from Startpage if ($page == FILENAME_DEFAULT && !xtc_not_null($parameters)) { $page = ''; } if ($connection == 'NONSSL' || $connection == '') { $link = HTTP_SERVER . DIR_WS_CATALOG; } elseif ($connection == 'SSL') { if (ENABLE_SSL == true) { $link = HTTPS_SERVER . DIR_WS_CATALOG; } else { $link = HTTP_SERVER . DIR_WS_CATALOG; } } else { die('</td></tr></table></td></tr></table><br /><br /><font color="#ff0000"><strong>Error!</strong></font><br /><br /><strong>Unable to determine connection method on a link!<br /><br />Known methods: NONSSL SSL</strong><br /><br />'); } if (xtc_not_null($parameters)) { $link .= $page . '?' . $parameters; $separator = '&'; } else { $link .= $page; $separator = '?'; } while (substr($link, -1) == '&' || substr($link, -1) == '?') { $link = substr($link, 0, -1); } // Add the session ID when moving from different HTTP and HTTPS servers, or when SID is defined if ($add_session_id == true && $session_started == true && SESSION_FORCE_COOKIE_USE == 'False') { if (defined('SID') && xtc_not_null(SID)) { $sid = SID; } elseif ($request_type == 'NONSSL' && $connection == 'SSL' && ENABLE_SSL == true || $request_type == 'SSL' && $connection == 'NONSSL') { if ($http_domain != $https_domain) { $sid = session_name() . '=' . session_id(); } } } //--- SEO Hartmut König -----------------------------------------// if (isset($_REQUEST['test']) && $_REQUEST['test'] || SEARCH_ENGINE_FRIENDLY_URLS == 'true' && $search_engine_safe == true) { require_once DIR_FS_INC . 'shopstat_functions.inc.php'; $seolink = shopstat_getSEO($page, $parameters, $connection, $add_session_id, $search_engine_safe, 'user', $meta); if ($seolink) { $link = $seolink; $elements = parse_url($link); isset($elements['query']) ? $separator = '&' : ($separator = '?'); } } //--- SEO Hartmut König -----------------------------------------// // remove session if useragent is a known Spider if (isset($truncate_session_id) && $truncate_session_id) { $sid = NULL; } if (isset($sid)) { $link .= $separator . $sid; } /* if ( (SEARCH_ENGINE_FRIENDLY_URLS == 'true') && ($search_engine_safe == true) ) { while (strstr($link, '&&')) $link = str_replace('&&', '&', $link); $link = str_replace('?', '/', $link); $link = str_replace('&', '/', $link); $link = str_replace('=', '/', $link); $separator = '?'; } */ //-- W3C-Conform if ($urlencode) { $link = encode_htmlentities($link); } else { $link = str_replace('&', '&', $link); // web28 - 2010-09-02 -- making link W3C-Conform } return $link; }
$where_str = " WHERE pd.language_id = '" . (int) $_SESSION['languages_id'] . "'"; $where_str .= $current_category_id != '' ? " AND p2c.categories_id = '" . (int) $current_category_id . "'" : ''; //go for keywords... this is the main search process if (isset($_GET['search']) && xtc_not_null($_GET['search'])) { if (xtc_parse_search_string(stripslashes($_GET['search']), $search_keywords)) { $where_str .= " AND ( "; for ($i = 0, $n = sizeof($search_keywords); $i < $n; $i++) { switch ($search_keywords[$i]) { case '(': case ')': case 'and': case 'or': $where_str .= " " . $search_keywords[$i] . " "; break; default: $ent_keyword = encode_htmlentities($search_keywords[$i]); $ent_keyword = $ent_keyword != $search_keywords[$i] ? addslashes($ent_keyword) : false; $keyword = addslashes($search_keywords[$i]); $where_str .= " ( "; $where_str .= "pd.products_keywords LIKE ('%" . $keyword . "%') "; $where_str .= $ent_keyword ? "OR pd.products_keywords LIKE ('%" . $ent_keyword . "%') " : ''; if (ADMIN_SEARCH_IN_DESC == 'true') { $where_str .= "OR pd.products_description LIKE ('%" . $keyword . "%') "; $where_str .= $ent_keyword ? "OR pd.products_description LIKE ('%" . $ent_keyword . "%') " : ''; $where_str .= "OR pd.products_short_description LIKE ('%" . $keyword . "%') "; $where_str .= $ent_keyword ? "OR pd.products_short_description LIKE ('%" . $ent_keyword . "%') " : ''; } $where_str .= "OR pd.products_name LIKE ('%" . $keyword . "%') "; $where_str .= $ent_keyword ? "OR pd.products_name LIKE ('%" . $ent_keyword . "%') " : ''; $where_str .= "OR p.products_model LIKE ('%" . $keyword . "%') "; $where_str .= $ent_keyword ? "OR p.products_model LIKE ('%" . $ent_keyword . "%') " : '';
function sitemap_curl($notify_url, $mixed = array()) { $result = ''; $allow_url_fopen = ini_get("allow_url_fopen"); foreach ($mixed as $value) { if ($allow_url_fopen == 0 || function_exists('curl_exec') == true) { ob_start(); $ch = curl_init(); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, MAX_TIMEOUT); curl_setopt($ch, CURLOPT_URL, $value . urlencode($notify_url)); $user_agent = 'Mozilla/4.0 (compatible; xtc; sitemap-submitter) xt:commerce sitemap-submitter'; curl_setopt($ch, CURLOPT_USERAGENT, $user_agent); $test = curl_exec($ch); curl_close($ch); $ob_get_contents = ob_get_contents(); ob_end_clean(); $out = sitemap_replace($ob_get_contents); $result[] = '<div>' . $value . encode_htmlentities($notify_url) . '</div>' . $out; } elseif ($allow_url_fopen == 1) { $fs = fopen($value . urlencode($notify_url), 'r'); stream_set_timeout($fs, MAX_TIMEOUT); $response = file_get_contents($value . urlencode($notify_url)); $result[] = '<div>' . $value . encode_htmlentities($notify_url) . '</div>' . sitemap_replace($response); } } return $result; }
?> </td--> <td class="dataTableContent hidden-xs" align="center"><?php echo date('H:i:s', $whos_online['time_entry']); ?> </td> <td class="dataTableContent hidden-xs" align="center"><?php echo date('H:i:s', $whos_online['time_last_click']); ?> </td> <td class="dataTableContent hidden-xs"><?php echo $last_page_url; ?> </td> <td class="dataTableContent hidden-xs"><?php echo encode_htmlentities($whos_online['http_referer']); ?> </td> </tr> <?php } ?> </table> <div class='col-xs-12'> <?php echo sprintf(TEXT_NUMBER_OF_CUSTOMERS, xtc_db_num_rows($whos_online_query)); ?> </div> </div> <?php
/** * trigger Smarty error * * @param string $error_msg * @param integer $error_type */ function trigger_error($error_msg, $error_type = E_USER_WARNING) { //$msg = htmlentities($error_msg); $msg = encode_htmlentities($error_msg); // web28 2013-01-11 - use encode_htmlentities (PHP5.4 ready) trigger_error("Smarty error: {$msg}", $error_type); }