/**
 * Smarty debug_print_var modifier plugin
 *
 * Type:     modifier<br>
 * Name:     debug_print_var<br>
 * Purpose:  formats variable contents for display in the console
 * @link http://smarty.php.net/manual/en/language.modifier.debug.print.var.php
 *          debug_print_var (Smarty online manual)
 * @author   Monte Ohrt <monte at ohrt dot com>
 * @param array|object
 * @param integer
 * @param integer
 * @return string
 */
function smarty_modifier_debug_print_var($var, $depth = 0, $length = 40)
{
    $_replace = array("\n" => '<i>\\n</i>', "\r" => '<i>\\r</i>', "\t" => '<i>\\t</i>');
    switch (gettype($var)) {
        case 'array':
            $results = '<b>Array (' . count($var) . ')</b>';
            foreach ($var as $curr_key => $curr_val) {
                $results .= '<br>' . str_repeat('&nbsp;', $depth * 2) . '<b>' . strtr($curr_key, $_replace) . '</b> =&gt; ' . smarty_modifier_debug_print_var($curr_val, ++$depth, $length);
                $depth--;
            }
            break;
        case 'object':
            $object_vars = get_object_vars($var);
            $results = '<b>' . get_class($var) . ' Object (' . count($object_vars) . ')</b>';
            foreach ($object_vars as $curr_key => $curr_val) {
                $results .= '<br>' . str_repeat('&nbsp;', $depth * 2) . '<b> -&gt;' . strtr($curr_key, $_replace) . '</b> = ' . smarty_modifier_debug_print_var($curr_val, ++$depth, $length);
                $depth--;
            }
            break;
        case 'boolean':
        case 'NULL':
        case 'resource':
            if (true === $var) {
                $results = 'true';
            } elseif (false === $var) {
                $results = 'false';
            } elseif (null === $var) {
                $results = 'null';
            } else {
                //$results = htmlspecialchars((string) $var);
                $results = encode_htmlspecialchars((string) $var);
                // web28 2013-01-11 - use encode_htmlentities (PHP5.4 ready)
            }
            $results = '<i>' . $results . '</i>';
            break;
        case 'integer':
        case 'float':
            $results = htmlspecialchars((string) $var);
            break;
        case 'string':
            $results = strtr($var, $_replace);
            if (strlen($var) > $length) {
                $results = substr($var, 0, $length - 3) . '...';
            }
            //$results = htmlspecialchars('"' . $results . '"');
            $results = encode_htmlspecialchars('"' . $results . '"');
            // web28 2013-01-11 - use encode_htmlentities (PHP5.4 ready)
            break;
        case 'unknown type':
        default:
            $results = strtr((string) $var, $_replace);
            if (strlen($results) > $length) {
                $results = substr($results, 0, $length - 3) . '...';
            }
            //$results = htmlspecialchars($results);
            $results = encode_htmlspecialchars($results);
            // web28 2013-01-11 - use encode_htmlentities (PHP5.4 ready)
    }
    return $results;
}
/**
 * escape_special_chars common function
 *
 * Function: smarty_function_escape_special_chars<br>
 * Purpose:  used by other smarty functions to escape
 *           special chars except for already escaped ones
 * @author   Monte Ohrt <monte at ohrt dot com>
 * @param string
 * @return string
 */
function smarty_function_escape_special_chars($string)
{
    if (!is_array($string)) {
        $string = preg_replace('!&(#?\\w+);!', '%%%SMARTY_START%%%\\1%%%SMARTY_END%%%', $string);
        //$string = htmlspecialchars($string);
        $string = encode_htmlspecialchars($string);
        // web28 2013-01-11 - use encode_htmlentities (PHP5.4 ready)
        $string = str_replace(array('%%%SMARTY_START%%%', '%%%SMARTY_END%%%'), array('&', ';'), $string);
    }
    return $string;
}
/**
 * xtc_output_string()
 *
 * @param mixed $string
 * @param bool $translate
 * @param bool $protected
 * @return
 */
function xtc_output_string($string, $translate = false, $protected = false)
{
    if ($protected == true) {
        return encode_htmlspecialchars($string);
    } else {
        if ($translate == false) {
            return xtc_parse_input_field_data($string, array('"' => '&quot;'));
        } else {
            return xtc_parse_input_field_data($string, $translate);
        }
    }
}
function SendShopConfig()
{
    $schema = '<?xml version="1.0" encoding="' . CHARSET . '"?>' . "\n" . '<CONFIG>' . "\n" . '<CONFIG_DATA>' . "\n";
    echo $schema;
    $config_sql = 'select * from configuration';
    $config_res = xtc_db_query($config_sql);
    while ($config = xtc_db_fetch_array($config_res)) {
        $schema = '<ENTRY ID="' . $config['configuration_id'] . '">' . "\n" . '<PARAM>' . encode_htmlspecialchars($config['configuration_key']) . '</PARAM>' . "\n" . '<VALUE>' . encode_htmlspecialchars($config['configuration_value']) . '</VALUE>' . "\n" . '<TITLE>' . encode_htmlspecialchars($config['configuration_title']) . '</TITLE>' . "\n" . '<DESCRIPTION>' . encode_htmlspecialchars($config['configuration_description']) . '</DESCRIPTION>' . "\n" . '<GROUP_ID>' . encode_htmlspecialchars($config['config_group_id']) . '</GROUP_ID>' . "\n" . '<SORT_ORDER>' . encode_htmlspecialchars($config['sort_order']) . '</SORT_ORDER>' . "\n" . '<USE_FUNCTION>' . encode_htmlspecialchars($config['use_function']) . '</USE_FUNCTION>' . "\n" . '<SET_FUNCTION>' . encode_htmlspecialchars($config['set_function']) . '</SET_FUNCTION>' . "\n" . '</ENTRY>' . "\n";
        echo $schema;
    }
    $schema = '</CONFIG_DATA>' . "\n";
    echo $schema;
    $schema = '<TAX_CLASS>' . "\n";
    echo $schema;
    $tax_class_sql = 'select * from tax_class';
    $tax_class_res = xtc_db_query($tax_class_sql);
    while ($tax_class = xtc_db_fetch_array($tax_class_res)) {
        $schema = '<CLASS ID="' . $tax_class['tax_class_id'] . '">' . "\n" . '<TITLE>' . encode_htmlspecialchars($tax_class['tax_class_title']) . '</TITLE>' . "\n" . '<DESCRIPTION>' . encode_htmlspecialchars($tax_class['tax_class_description']) . '</DESCRIPTION>' . "\n" . '<LAST_MODIFIED>' . encode_htmlspecialchars($tax_class['last_modified']) . '</LAST_MODIFIED>' . "\n" . '<DATE_ADDED>' . encode_htmlspecialchars($tax_class['date_added']) . '</DATE_ADDED>' . "\n" . '</CLASS>' . "\n";
        echo $schema;
    }
    $schema = '</TAX_CLASS>' . "\n";
    echo $schema;
    $schema = '<TAX_RATES>' . "\n";
    echo $schema;
    $tax_rates_sql = 'select * from tax_rates';
    $tax_rates_res = xtc_db_query($tax_rates_sql);
    while ($tax_rates = xtc_db_fetch_array($tax_rates_res)) {
        $schema = '<RATES ID="' . $tax_rates['tax_rates_id'] . '">' . "\n" . '<ZONE_ID>' . encode_htmlspecialchars($tax_rates['tax_zone_id']) . '</ZONE_ID>' . "\n" . '<CLASS_ID>' . encode_htmlspecialchars($tax_rates['tax_class_id']) . '</CLASS_ID>' . "\n" . '<PRIORITY>' . encode_htmlspecialchars($tax_rates['tax_priority']) . '</PRIORITY>' . "\n" . '<RATE>' . encode_htmlspecialchars($tax_rates['tax_rate']) . '</RATE>' . "\n" . '<DESCRIPTION>' . encode_htmlspecialchars($tax_rates['tax_description']) . '</DESCRIPTION>' . "\n" . '<LAST_MODIFIED>' . encode_htmlspecialchars($tax_rates['last_modified']) . '</LAST_MODIFIED>' . "\n" . '<DATE_ADDED>' . encode_htmlspecialchars($tax_rates['date_added']) . '</DATE_ADDED>' . "\n" . '</RATES>' . "\n";
        echo $schema;
    }
    $schema = '</TAX_RATES>' . "\n";
    echo $schema;
    //Ausgabe ProductListingTemplates
    $schema = '<PRODUCT_LISTING_TEMPLATES>' . "\n";
    if ($dir = opendir(DIR_FS_CATALOG . 'templates/' . CURRENT_TEMPLATE . '/module/product_listing/')) {
        while (($file = readdir($dir)) != false) {
            // BOF - Tomcraft - 2010-02-04 - Prevent modified eCommerce Shopsoftware from fetching other files than *.html
            /*
                      if (is_file(DIR_FS_CATALOG.'templates/'.CURRENT_TEMPLATE.'/module/product_listing/'.$file) and
                         ($file != "index.html"))
                     {
            */
            if (is_file(DIR_FS_CATALOG . 'templates/' . CURRENT_TEMPLATE . '/module/product_listing/' . $file) and substr($file, -5) == ".html" and $file != "index.html" and substr($file, 0, 1) != ".") {
                // EOF - Tomcraft - 2010-02-04 - Prevent modified eCommerce Shopsoftware from fetching other files than *.html
                $schema .= "<TEMPLATE>" . $file . "</TEMPLATE>\n";
            }
            //if
        }
        // while
        closedir($dir);
    }
    $schema .= '</PRODUCT_LISTING_TEMPLATES>' . "\n";
    echo $schema;
    //Ausgabe ProductInfoTemplates
    $schema = '<PRODUCT_DETAILS_TEMPLATES>' . "\n";
    if ($dir = opendir(DIR_FS_CATALOG . 'templates/' . CURRENT_TEMPLATE . '/module/product_info/')) {
        while (($file = readdir($dir)) != false) {
            // BOF - Tomcraft - 2010-02-04 - Prevent modified eCommerce Shopsoftware from fetching other files than *.html
            /*
                      if (is_file(DIR_FS_CATALOG.'templates/'.CURRENT_TEMPLATE.'/module/product_info/'.$file) and
                         ($file != "index.html"))
                     {
            */
            if (is_file(DIR_FS_CATALOG . 'templates/' . CURRENT_TEMPLATE . '/module/product_info/' . $file) and substr($file, -5) == ".html" and $file != "index.html" and substr($file, 0, 1) != ".") {
                // EOF - Tomcraft - 2010-02-04 - Prevent modified eCommerce Shopsoftware from fetching other files than *.html
                $schema .= "<TEMPLATE>" . $file . "</TEMPLATE>\n";
            }
            //if
        }
        // while
        closedir($dir);
    }
    $schema .= '</PRODUCT_DETAILS_TEMPLATES>' . "\n";
    echo $schema;
    //Ausgabe ProductOptionsTemplates
    $schema = '<PRODUCT_OPTIONS_TEMPLATES>' . "\n";
    if ($dir = opendir(DIR_FS_CATALOG . 'templates/' . CURRENT_TEMPLATE . '/module/product_options/')) {
        while (($file = readdir($dir)) != false) {
            // BOF - Tomcraft - 2010-02-04 - Prevent modified eCommerce Shopsoftware from fetching other files than *.html
            /*
                      if (is_file(DIR_FS_CATALOG.'templates/'.CURRENT_TEMPLATE.'/module/product_options/'.$file) and
                         ($file != "index.html"))
                     {
            */
            if (is_file(DIR_FS_CATALOG . 'templates/' . CURRENT_TEMPLATE . '/module/product_options/' . $file) and substr($file, -5) == ".html" and $file != "index.html" and substr($file, 0, 1) != ".") {
                // EOF - Tomcraft - 2010-02-04 - Prevent modified eCommerce Shopsoftware from fetching other files than *.html
                $schema .= "<TEMPLATE>" . $file . "</TEMPLATE>\n";
            }
            //if
        }
        // while
        closedir($dir);
    }
    $schema .= '</PRODUCT_OPTIONS_TEMPLATES>' . "\n";
    echo $schema;
    $schema = '</CONFIG>' . "\n";
    echo $schema;
}
            </table>
    ');	        
    */
    $smarty->assign('NAVBAR', '
	<div style="width:100%;font-size:smaller">
		<div style="float:left">' . $reviews_split->display_count(TEXT_DISPLAY_NUMBER_OF_REVIEWS) . '</div>
		<div style="float:right">' . TEXT_RESULT_PAGE . ' ' . $reviews_split->display_links(MAX_DISPLAY_PAGE_LINKS, xtc_get_all_get_params(array('page', 'info', 'x', 'y'))) . '</div>
	<br style="clear:both" /></div>
	');
    //EOF - Dokuman - 2009-06-05 - replace table with div
}
$module_data = array();
if ($reviews_split->number_of_rows > 0) {
    $reviews_query = xtc_db_query($reviews_split->sql_query);
    while ($reviews = xtc_db_fetch_array($reviews_query)) {
        $module_data[] = array('PRODUCTS_IMAGE' => DIR_WS_THUMBNAIL_IMAGES . $reviews['products_image'], $reviews['products_name'], 'PRODUCTS_LINK' => xtc_href_link(FILENAME_PRODUCT_REVIEWS_INFO, 'products_id=' . $reviews['products_id'] . '&reviews_id=' . $reviews['reviews_id']), 'PRODUCTS_NAME' => $reviews['products_name'], 'AUTHOR' => $reviews['customers_name'], 'TEXT' => '(' . sprintf(TEXT_REVIEW_WORD_COUNT, xtc_word_count($reviews['reviews_text'], ' ')) . ')<br />' . nl2br(encode_htmlspecialchars($reviews['reviews_text'])) . '..', 'RATING' => xtc_image('templates/' . CURRENT_TEMPLATE . '/img/stars_' . $reviews['reviews_rating'] . '.gif', sprintf(TEXT_OF_5_STARS, $reviews['reviews_rating'])));
    }
    $smarty->assign('module_content', $module_data);
}
$smarty->assign('language', $_SESSION['language']);
// set cache ID
if (!CacheCheck()) {
    $smarty->caching = 0;
    $main_content = $smarty->fetch(CURRENT_TEMPLATE . '/module/reviews.html');
} else {
    $smarty->caching = 1;
    $smarty->cache_lifetime = CACHE_LIFETIME;
    $smarty->cache_modified_check = CACHE_CHECK;
    $cache_id = $_SESSION['language'];
    $main_content = $smarty->fetch(CURRENT_TEMPLATE . '/module/reviews.html', $cache_id);
}
 /**
  * compile a resource
  *
  * sets $compiled_content to the compiled source
  * @param string $resource_name
  * @param string $source_content
  * @param string $compiled_content
  * @return true
  */
 function _compile_file($resource_name, $source_content, &$compiled_content)
 {
     if ($this->security) {
         // do not allow php syntax to be executed unless specified
         if ($this->php_handling == SMARTY_PHP_ALLOW && !$this->security_settings['PHP_HANDLING']) {
             $this->php_handling = SMARTY_PHP_PASSTHRU;
         }
     }
     $this->_load_filters();
     $this->_current_file = $resource_name;
     $this->_current_line_no = 1;
     $ldq = preg_quote($this->left_delimiter, '~');
     $rdq = preg_quote($this->right_delimiter, '~');
     // run template source through prefilter functions
     if (count($this->_plugins['prefilter']) > 0) {
         foreach ($this->_plugins['prefilter'] as $filter_name => $prefilter) {
             if ($prefilter === false) {
                 continue;
             }
             if ($prefilter[3] || is_callable($prefilter[0])) {
                 $source_content = call_user_func_array($prefilter[0], array($source_content, &$this));
                 $this->_plugins['prefilter'][$filter_name][3] = true;
             } else {
                 $this->_trigger_fatal_error("[plugin] prefilter '{$filter_name}' is not implemented");
             }
         }
     }
     /* fetch all special blocks */
     $search = "~{$ldq}\\*(.*?)\\*{$rdq}|{$ldq}\\s*literal\\s*{$rdq}(.*?){$ldq}\\s*/literal\\s*{$rdq}|{$ldq}\\s*php\\s*{$rdq}(.*?){$ldq}\\s*/php\\s*{$rdq}~s";
     preg_match_all($search, $source_content, $match, PREG_SET_ORDER);
     $this->_folded_blocks = $match;
     reset($this->_folded_blocks);
     /* replace special blocks by "{php}" */
     $source_content = preg_replace($search . 'e', "'" . $this->_quote_replace($this->left_delimiter) . 'php' . "' . str_repeat(\"\n\", substr_count('\\0', \"\n\")) .'" . $this->_quote_replace($this->right_delimiter) . "'", $source_content);
     /* Gather all template tags. */
     preg_match_all("~{$ldq}\\s*(.*?)\\s*{$rdq}~s", $source_content, $_match);
     $template_tags = $_match[1];
     /* Split content by template tags to obtain non-template content. */
     $text_blocks = preg_split("~{$ldq}.*?{$rdq}~s", $source_content);
     /* loop through text blocks */
     for ($curr_tb = 0, $for_max = count($text_blocks); $curr_tb < $for_max; $curr_tb++) {
         /* match anything resembling php tags */
         if (preg_match_all('~(<\\?(?:\\w+|=)?|\\?>|language\\s*=\\s*[\\"\']?\\s*php\\s*[\\"\']?)~is', $text_blocks[$curr_tb], $sp_match)) {
             /* replace tags with placeholders to prevent recursive replacements */
             $sp_match[1] = array_unique($sp_match[1]);
             usort($sp_match[1], '_smarty_sort_length');
             for ($curr_sp = 0, $for_max2 = count($sp_match[1]); $curr_sp < $for_max2; $curr_sp++) {
                 $text_blocks[$curr_tb] = str_replace($sp_match[1][$curr_sp], '%%%SMARTYSP' . $curr_sp . '%%%', $text_blocks[$curr_tb]);
             }
             /* process each one */
             for ($curr_sp = 0, $for_max2 = count($sp_match[1]); $curr_sp < $for_max2; $curr_sp++) {
                 if ($this->php_handling == SMARTY_PHP_PASSTHRU) {
                     /* echo php contents */
                     $text_blocks[$curr_tb] = str_replace('%%%SMARTYSP' . $curr_sp . '%%%', '<?php echo \'' . str_replace("'", "\\'", $sp_match[1][$curr_sp]) . '\'; ?>' . "\n", $text_blocks[$curr_tb]);
                 } else {
                     if ($this->php_handling == SMARTY_PHP_QUOTE) {
                         /* quote php tags */
                         //$text_blocks[$curr_tb] = str_replace('%%%SMARTYSP'.$curr_sp.'%%%', htmlspecialchars($sp_match[1][$curr_sp]), $text_blocks[$curr_tb]);
                         $text_blocks[$curr_tb] = str_replace('%%%SMARTYSP' . $curr_sp . '%%%', encode_htmlspecialchars($sp_match[1][$curr_sp]), $text_blocks[$curr_tb]);
                         // web28 2013-01-11 - use encode_htmlentities (PHP5.4 ready)
                     } else {
                         if ($this->php_handling == SMARTY_PHP_REMOVE) {
                             /* remove php tags */
                             $text_blocks[$curr_tb] = str_replace('%%%SMARTYSP' . $curr_sp . '%%%', '', $text_blocks[$curr_tb]);
                         } else {
                             /* SMARTY_PHP_ALLOW, but echo non php starting tags */
                             $sp_match[1][$curr_sp] = preg_replace('~(<\\?(?!php|=|$))~i', '<?php echo \'\\1\'?>' . "\n", $sp_match[1][$curr_sp]);
                             $text_blocks[$curr_tb] = str_replace('%%%SMARTYSP' . $curr_sp . '%%%', $sp_match[1][$curr_sp], $text_blocks[$curr_tb]);
                         }
                     }
                 }
             }
         }
     }
     /* Compile the template tags into PHP code. */
     $compiled_tags = array();
     for ($i = 0, $for_max = count($template_tags); $i < $for_max; $i++) {
         $this->_current_line_no += substr_count($text_blocks[$i], "\n");
         $compiled_tags[] = $this->_compile_tag($template_tags[$i]);
         $this->_current_line_no += substr_count($template_tags[$i], "\n");
     }
     if (count($this->_tag_stack) > 0) {
         list($_open_tag, $_line_no) = end($this->_tag_stack);
         $this->_syntax_error("unclosed tag \\{{$_open_tag}} (opened line {$_line_no}).", E_USER_ERROR, __FILE__, __LINE__);
         return;
     }
     /* Reformat $text_blocks between 'strip' and '/strip' tags,
        removing spaces, tabs and newlines. */
     $strip = false;
     for ($i = 0, $for_max = count($compiled_tags); $i < $for_max; $i++) {
         if ($compiled_tags[$i] == '{strip}') {
             $compiled_tags[$i] = '';
             $strip = true;
             /* remove leading whitespaces */
             $text_blocks[$i + 1] = ltrim($text_blocks[$i + 1]);
         }
         if ($strip) {
             /* strip all $text_blocks before the next '/strip' */
             for ($j = $i + 1; $j < $for_max; $j++) {
                 /* remove leading and trailing whitespaces of each line */
                 $text_blocks[$j] = preg_replace('![\\t ]*[\\r\\n]+[\\t ]*!', '', $text_blocks[$j]);
                 if ($compiled_tags[$j] == '{/strip}') {
                     /* remove trailing whitespaces from the last text_block */
                     $text_blocks[$j] = rtrim($text_blocks[$j]);
                 }
                 $text_blocks[$j] = "<?php echo '" . strtr($text_blocks[$j], array("'" => "\\'", "\\" => "\\\\")) . "'; ?>";
                 if ($compiled_tags[$j] == '{/strip}') {
                     $compiled_tags[$j] = "\n";
                     /* slurped by php, but necessary
                        if a newline is following the closing strip-tag */
                     $strip = false;
                     $i = $j;
                     break;
                 }
             }
         }
     }
     $compiled_content = '';
     $tag_guard = '%%%SMARTYOTG' . md5(uniqid(rand(), true)) . '%%%';
     /* Interleave the compiled contents and text blocks to get the final result. */
     for ($i = 0, $for_max = count($compiled_tags); $i < $for_max; $i++) {
         if ($compiled_tags[$i] == '') {
             // tag result empty, remove first newline from following text block
             $text_blocks[$i + 1] = preg_replace('~^(\\r\\n|\\r|\\n)~', '', $text_blocks[$i + 1]);
         }
         // replace legit PHP tags with placeholder
         $text_blocks[$i] = str_replace('<?', $tag_guard, $text_blocks[$i]);
         $compiled_tags[$i] = str_replace('<?', $tag_guard, $compiled_tags[$i]);
         $compiled_content .= $text_blocks[$i] . $compiled_tags[$i];
     }
     $compiled_content .= str_replace('<?', $tag_guard, $text_blocks[$i]);
     // escape php tags created by interleaving
     $compiled_content = str_replace('<?', "<?php echo '<?' ?>\n", $compiled_content);
     $compiled_content = preg_replace("~(?<!')language\\s*=\\s*[\"\\']?\\s*php\\s*[\"\\']?~", "<?php echo 'language=php' ?>\n", $compiled_content);
     // recover legit tags
     $compiled_content = str_replace($tag_guard, '<?', $compiled_content);
     // remove \n from the end of the file, if any
     if (strlen($compiled_content) && substr($compiled_content, -1) == "\n") {
         $compiled_content = substr($compiled_content, 0, -1);
     }
     if (!empty($this->_cache_serial)) {
         $compiled_content = "<?php \$this->_cache_serials['" . $this->_cache_include . "'] = '" . $this->_cache_serial . "'; ?>" . $compiled_content;
     }
     // run compiled template through postfilter functions
     if (count($this->_plugins['postfilter']) > 0) {
         foreach ($this->_plugins['postfilter'] as $filter_name => $postfilter) {
             if ($postfilter === false) {
                 continue;
             }
             if ($postfilter[3] || is_callable($postfilter[0])) {
                 $compiled_content = call_user_func_array($postfilter[0], array($compiled_content, &$this));
                 $this->_plugins['postfilter'][$filter_name][3] = true;
             } else {
                 $this->_trigger_fatal_error("Smarty plugin error: postfilter '{$filter_name}' is not implemented");
             }
         }
     }
     // put header at the top of the compiled template
     $template_header = "<?php /* Smarty version " . $this->_version . ", created on " . strftime("%Y-%m-%d %H:%M:%S") . "\n";
     $template_header .= "         compiled from " . strtr(urlencode($resource_name), array('%2F' => '/', '%3A' => ':')) . " */ ?>\n";
     /* Emit code to load needed plugins. */
     $this->_plugins_code = '';
     if (count($this->_plugin_info)) {
         $_plugins_params = "array('plugins' => array(";
         foreach ($this->_plugin_info as $plugin_type => $plugins) {
             foreach ($plugins as $plugin_name => $plugin_info) {
                 $_plugins_params .= "array('{$plugin_type}', '{$plugin_name}', '" . strtr($plugin_info[0], array("'" => "\\'", "\\" => "\\\\")) . "', {$plugin_info['1']}, ";
                 $_plugins_params .= $plugin_info[2] ? 'true),' : 'false),';
             }
         }
         $_plugins_params .= '))';
         $plugins_code = "<?php require_once(SMARTY_CORE_DIR . 'core.load_plugins.php');\nsmarty_core_load_plugins({$_plugins_params}, \$this); ?>\n";
         $template_header .= $plugins_code;
         $this->_plugin_info = array();
         $this->_plugins_code = $plugins_code;
     }
     if ($this->_init_smarty_vars) {
         $template_header .= "<?php require_once(SMARTY_CORE_DIR . 'core.assign_smarty_interface.php');\nsmarty_core_assign_smarty_interface(null, \$this); ?>\n";
         $this->_init_smarty_vars = false;
     }
     $compiled_content = $template_header . $compiled_content;
     return true;
 }
    $order_total_modules->process();
    $total_block = $order_total_modules->output();
    $smarty->assign('TOTAL_BLOCK', $total_block);
}
if (is_array($payment_modules->modules)) {
    if ($confirmation = $payment_modules->confirmation()) {
        $payment_info = '';
        //$confirmation['title'];
        if (isset($confirmation['fields'])) {
            //DokuMan - 2010-09-17 - Undefined index
            $smarty->assign('PAYMENT_INFORMATION', $confirmation['fields']);
        }
    }
}
if (xtc_not_null($order->info['comments'])) {
    $smarty->assign('ORDER_COMMENTS', nl2br(encode_htmlspecialchars($order->info['comments'])) . xtc_draw_hidden_field('comments', $order->info['comments']));
}
if (isset(${$_SESSION}['payment']->form_action_url) && (!isset(${$_SESSION}['payment']->tmpOrders) || !${$_SESSION}['payment']->tmpOrders)) {
    $form_action_url = ${$_SESSION}['payment']->form_action_url;
} else {
    $form_action_url = xtc_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL');
}
$smarty->assign('CHECKOUT_FORM', xtc_draw_form('checkout_confirmation', $form_action_url, 'post'));
$payment_button = '';
if (is_array($payment_modules->modules)) {
    $payment_button .= $payment_modules->process_button();
}
$smarty->assign('MODULE_BUTTONS', $payment_button);
$smarty->assign('CHECKOUT_BUTTON', xtc_image_submit('button_confirm_order.gif', IMAGE_BUTTON_CONFIRM_ORDER) . '</form>' . "\n");
//check if display conditions on checkout page is true
if (DISPLAY_REVOCATION_ON_CHECKOUT == 'true') {
function xtc_db_output($string)
{
    return encode_htmlspecialchars($string);
}
function get_sqlbefehl()
{
    global $restore, $config, $databases, $lang;
    //Init
    $restore['fileEOF'] = false;
    $restore['EOB'] = false;
    $complete_sql = '';
    $sqlparser_status = 0;
    if (!isset($restore['eintraege_ready'])) {
        $restore['eintraege_ready'] = 0;
    }
    //Parsen
    while ($sqlparser_status != 100 && !$restore['fileEOF'] && !$restore['EOB']) {
        //nächste Zeile lesen
        $zeile = $restore['compressed'] ? gzgets($restore['filehandle']) : fgets($restore['filehandle']);
        if (DEBUG) {
            echo "<br><br>Zeile: " . encode_htmlspecialchars($zeile);
        }
        /******************* Setzen des Parserstatus *******************/
        // herausfinden um was für einen Befehl es sich handelt
        if ($sqlparser_status == 0) {
            //Vergleichszeile, um nicht bei jedem Vergleich strtoupper ausführen zu müssen
            $zeile2 = strtoupper(trim($zeile));
            // pre-built compare strings - so we need the CPU power only once :)
            $sub9 = substr($zeile2, 0, 9);
            $sub7 = substr($sub9, 0, 7);
            $sub6 = substr($sub7, 0, 6);
            $sub4 = substr($sub6, 0, 4);
            $sub3 = substr($sub4, 0, 3);
            $sub2 = substr($sub3, 0, 2);
            $sub1 = substr($sub2, 0, 1);
            if ($sub7 == 'INSERT ') {
                $sqlparser_status = 3;
                //Datensatzaktion
                $restore['actual_table'] = get_tablename($zeile);
            } elseif ($sub7 == 'LOCK TA') {
                $sqlparser_status = 4;
            } elseif ($sub6 == 'COMMIT') {
                $sqlparser_status = 7;
            } elseif (substr($sub6, 0, 5) == 'BEGIN') {
                $sqlparser_status = 7;
            } elseif ($sub9 == 'UNLOCK TA') {
                $sqlparser_status = 4;
            } elseif ($sub3 == 'SET') {
                $sqlparser_status = 4;
            } elseif ($sub6 == 'START ') {
                $sqlparser_status = 4;
            } elseif ($sub3 == '/*!') {
                $sqlparser_status = 5;
            } elseif ($sub9 == 'ALTER TAB') {
                $sqlparser_status = 4;
            } elseif ($sub9 == 'CREATE TA') {
                $sqlparser_status = 2;
            } elseif ($sub9 == 'CREATE AL') {
                $sqlparser_status = 2;
            } elseif ($sub9 == 'CREATE IN') {
                $sqlparser_status = 4;
            } elseif ($sqlparser_status != 5 && substr($zeile2, 0, 2) == '/*') {
                $sqlparser_status = 6;
            } elseif ($sub9 == 'DROP TABL') {
                $sqlparser_status = 1;
            } elseif ($sub9 == 'DROP VIEW') {
                $sqlparser_status = 1;
            } elseif ($sub9 == 'CREATE DA ') {
                $sqlparser_status = 7;
            } elseif ($sub9 == 'DROP DATA ') {
                $sqlparser_status = 7;
            } elseif ($sub3 == 'USE') {
                $sqlparser_status = 7;
            } elseif ($sub6 == '-- EOB' || $sub4 == '# EO') {
                $restore['EOB'] = true;
                $restore['fileEOF'] = true;
                $zeile = '';
                $zeile2 = '';
                $sqlparser_status = 100;
            } elseif ($sub2 == '--' || $sub1 == '#') {
                $zeile = '';
                $zeile2 = '';
                $sqlparser_status = 0;
            }
            // Fortsetzung von erweiterten Inserts
            if ($restore['flag'] == 1) {
                $sqlparser_status = 3;
            }
            if ($sqlparser_status == 0 && trim($complete_sql) > '' && $restore['flag'] == -1) {
                // Unbekannten Befehl entdeckt
                v($restore);
                echo "<br>Sql: " . encode_htmlspecialchars($complete_sql);
                echo "<br>Erweiterte Inserts: " . $restore['erweiterte_inserts'];
                die('<br>' . $lang['L_UNKNOWN_SQLCOMMAND'] . ': ' . $zeile . '<br><br>' . $complete_sql);
            }
            /******************* Ende von Setzen des Parserstatus *******************/
        }
        $last_char = substr(rtrim($zeile), -1);
        // Zeilenumbrüche erhalten - sonst werden Schlüsselwörter zusammengefügt
        // z.B. 'null' und in der nächsten Zeile 'check' wird zu 'nullcheck'
        $complete_sql .= $zeile . "\n";
        if ($sqlparser_status == 3) {
            //INSERT
            if (SQL_Is_Complete($complete_sql)) {
                $sqlparser_status = 100;
                $complete_sql = trim($complete_sql);
                if (substr($complete_sql, -2) == '*/') {
                    $complete_sql = remove_comment_at_eol($complete_sql);
                }
                // letzter Ausdruck des erweiterten Inserts erreicht?
                if (substr($complete_sql, -2) == ');') {
                    $restore['flag'] = -1;
                } else {
                    if (substr($complete_sql, -2) == '),') {
                        // letztes Komme gegen Semikolon tauschen
                        $complete_sql = substr($complete_sql, 0, -1) . ';';
                        $restore['erweiterte_inserts'] = 1;
                        $restore['flag'] = 1;
                    }
                }
                if (substr(strtoupper($complete_sql), 0, 7) != 'INSERT ') {
                    // wenn der Syntax aufgrund eines Reloads verloren ging - neu ermitteln
                    if (!isset($restore['insert_syntax'])) {
                        $restore['insert_syntax'] = get_insert_syntax($restore['actual_table']);
                    }
                    $complete_sql = $restore['insert_syntax'] . ' VALUES ' . $complete_sql . ';';
                } else {
                    // INSERT Syntax ermitteln und merken
                    $ipos = strpos(strtoupper($complete_sql), ' VALUES');
                    if (!$ipos === false) {
                        $restore['insert_syntax'] = substr($complete_sql, 0, $ipos);
                    } else {
                        $restore['insert_syntax'] = 'INSERT INTO `' . $restore['actual_table'] . '`';
                    }
                }
            }
        } else {
            if ($sqlparser_status == 1) {
                //Löschaktion
                if ($last_char == ';') {
                    $sqlparser_status = 100;
                }
                //Befehl komplett
                $restore['actual_table'] = get_tablename($complete_sql);
            } else {
                if ($sqlparser_status == 2) {
                    // Createanweisung ist beim Finden eines ; beendet
                    if ($last_char == ';') {
                        if ($config['minspeed'] > 0) {
                            $restore['anzahl_zeilen'] = $config['minspeed'];
                        }
                        // Soll die Tabelle hergestellt werden?
                        $do_it = true;
                        if (is_array($restore['tables_to_restore'])) {
                            $do_it = false;
                            if (in_array($restore['actual_table'], $restore['tables_to_restore'])) {
                                $do_it = true;
                            }
                        }
                        if ($do_it) {
                            $tablename = submit_create_action($complete_sql);
                            $restore['actual_table'] = $tablename;
                            $restore['table_ready']++;
                        }
                        // Zeile verwerfen, da CREATE jetzt bereits ausgefuehrt wurde und naechsten Befehl suchen
                        $complete_sql = '';
                        $sqlparser_status = 0;
                    }
                } else {
                    if ($sqlparser_status == 4) {
                        //Createindex
                        if ($last_char == ';') {
                            if ($config['minspeed'] > 0) {
                                $restore['anzahl_zeilen'] = $config['minspeed'];
                            }
                            $complete_sql = del_inline_comments($complete_sql);
                            $sqlparser_status = 100;
                        }
                    } else {
                        if ($sqlparser_status == 5) {
                            //Anweisung
                            $t = strrpos($zeile, '*/;');
                            if (!$t === false) {
                                $restore['anzahl_zeilen'] = $config['minspeed'];
                                $sqlparser_status = 100;
                            }
                        } else {
                            if ($sqlparser_status == 6) {
                                $t = strrpos($zeile, '*/');
                                if (!$t === false) {
                                    $complete_sql = '';
                                    $sqlparser_status = 0;
                                }
                            } else {
                                if ($sqlparser_status == 7) {
                                    //Anweisung
                                    if ($last_char == ';') {
                                        if ($config['minspeed'] > 0) {
                                            $restore['anzahl_zeilen'] = $config['minspeed'];
                                        }
                                        $complete_sql = '';
                                        $sqlparser_status = 0;
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
        if ($restore['compressed'] && gzeof($restore['filehandle'])) {
            $restore['fileEOF'] = true;
        }
        if (!$restore['compressed'] && feof($restore['filehandle'])) {
            $restore['fileEOF'] = true;
        }
    }
    // wenn bestimmte Tabellen wiederhergestellt werden sollen -> pruefen
    if (is_array($restore['tables_to_restore']) && !in_array($restore['actual_table'], $restore['tables_to_restore'])) {
        $complete_sql = '';
    }
    return trim($complete_sql);
}
         }
         $cfgValue = xtc_call_function($class_method[1], $configuration['configuration_value'], ${$class_method[0]});
     } else {
         $cfgValue = xtc_call_function($use_function, $configuration['configuration_value']);
     }
 } else {
     $cfgValue = $configuration['configuration_value'];
 }
 if ((!isset($_GET['cID']) || isset($_GET['cID']) && $_GET['cID'] == $configuration['configuration_id']) && !isset($cInfo) && substr($action, 0, 3) != 'new') {
     $cfg_extra_query = xtc_db_query("select configuration_key,configuration_value, date_added, last_modified, use_function, set_function from " . TABLE_CONFIGURATION . " where configuration_id = '" . $configuration['configuration_id'] . "'");
     $cfg_extra = xtc_db_fetch_array($cfg_extra_query);
     $cInfo_array = xtc_array_merge($configuration, $cfg_extra);
     $cInfo = new objectInfo($cInfo_array);
 }
 if ($configuration['set_function']) {
     eval('$value_field = ' . $configuration['set_function'] . '"' . encode_htmlspecialchars($configuration['configuration_value']) . '");');
 } else {
     if ($configuration['configuration_key'] == 'SMTP_PASSWORD') {
         $value_field = xtc_draw_password_field($configuration['configuration_key'], $configuration['configuration_value']);
     } else {
         $value_field = xtc_draw_input_field($configuration['configuration_key'], $configuration['configuration_value'], 'style="width:380px;"');
     }
 }
 if (strstr($value_field, 'configuration_value')) {
     $value_field = str_replace('configuration_value', $configuration['configuration_key'], $value_field);
 }
 // catch up warnings if no language-text defined for configuration-key
 $configuration_key_title = strtoupper($configuration['configuration_key'] . '_TITLE');
 $configuration_key_desc = strtoupper($configuration['configuration_key'] . '_DESC');
 if (defined($configuration_key_title)) {
     // if language definition
    echo sprintf(TEXT_OF_5_STARS, $rInfo->reviews_rating);
    ?>
]</small></td>
      </tr>
      <tr>
        <td><?php 
    echo xtc_draw_separator('pixel_trans.gif', '1', '10');
    ?>
</td>
      </tr>
<?php 
    if ($_POST) {
        // Re-Post all POST'ed variables
        reset($_POST);
        while (list($key, $value) = each($_POST)) {
            echo '<input type="hidden" name="' . $key . '" value="' . encode_htmlspecialchars(stripslashes($value)) . '">';
        }
        ?>
      <tr>
        <td align="right" class="smallText"><?php 
        echo '<a class="btn btn-default" onclick="this.blur();" href="' . xtc_href_link(FILENAME_REVIEWS, 'page=' . $_GET['page'] . '&rID=' . $rInfo->reviews_id . '&action=edit') . '">' . BUTTON_BACK . '</a> <input type="submit" class="btn btn-default" onclick="this.blur();" value="' . BUTTON_UPDATE . '"/> <a class="btn btn-default" onclick="this.blur();" href="' . xtc_href_link(FILENAME_REVIEWS, 'page=' . $_GET['page'] . '&rID=' . $rInfo->reviews_id) . '">' . BUTTON_CANCEL . '</a>';
        ?>
</td>
      </form></tr>
<?php 
    } else {
        if ($_GET['origin']) {
            $back_url = $_GET['origin'];
            $back_url_params = '';
        } else {
            $back_url = FILENAME_REVIEWS;
              <tr>
                <td class="smallText"><b><?php 
        echo TEXT_MESSAGE;
        ?>
</b><br /><?php 
        echo stripslashes($_POST['message']);
        ?>
</td>
              </tr>
                <div class="col-xs-12"><br></div>
<?php 
        /* Re-Post all POST'ed variables */
        reset($_POST);
        while (list($key, $value) = each($_POST)) {
            if (!is_array($_POST[$key])) {
                echo xtc_draw_hidden_field($key, encode_htmlspecialchars(stripslashes($value)));
            }
        }
        ?>

        <div class="col-xs-12"><?php 
        echo '<a class="btn btn-default" onclick="this.blur();" href="' . xtc_href_link(FILENAME_COUPON_ADMIN) . '">' . BUTTON_CANCEL . '</a> <input type="submit" class="btn btn-default" onclick="this.blur();" value="' . BUTTON_SEND_EMAIL . '"/>';
        ?>
</div>

         </form>
         </div>
<?php 
        break;
    case 'email':
        $coupon_query = xtc_db_query("select coupon_code from " . TABLE_COUPONS . " where coupon_id = '" . (int) $_GET['cid'] . "'");
$fsk_lock = '';
if ($_SESSION['customers_status']['customers_fsk18_display'] == '0') {
    $fsk_lock = ' and p.products_fsk18!=1';
}
$random_select = "select r.reviews_id, r.reviews_rating, p.products_id, p.products_image, pd.products_name from " . TABLE_REVIEWS . " r, " . TABLE_REVIEWS_DESCRIPTION . " rd, " . TABLE_PRODUCTS . " p, " . TABLE_PRODUCTS_DESCRIPTION . " pd where p.products_status = '1' and p.products_id = r.products_id " . $fsk_lock . " and r.reviews_id = rd.reviews_id and rd.languages_id = '" . (int) $_SESSION['languages_id'] . "' and p.products_id = pd.products_id and pd.language_id = '" . (int) $_SESSION['languages_id'] . "'";
if ($product->isProduct()) {
    $random_select .= " and p.products_id = '" . $product->data['products_id'] . "'";
}
$random_select .= " order by r.reviews_id desc limit " . MAX_RANDOM_SELECT_REVIEWS;
$random_product = xtc_random_select($random_select);
if ($random_product) {
    // display random review box
    $review_query = "select substring(reviews_text, 1, 60) as reviews_text from " . TABLE_REVIEWS_DESCRIPTION . " where reviews_id = '" . $random_product['reviews_id'] . "' and languages_id = '" . $_SESSION['languages_id'] . "'";
    $review_query = xtDBquery($review_query);
    $review = xtc_db_fetch_array($review_query, true);
    $review = encode_htmlspecialchars($review['reviews_text']);
    $review = xtc_break_string($review, 15, '-<br />');
    //BOF - Dokuman - 2010-01-29 - show review stars in box
    //$box_content = '<div align="center" class="bewert"><a href="' . xtc_href_link(FILENAME_PRODUCT_REVIEWS_INFO, 'products_id=' . $random_product['products_id'] . '&reviews_id=' . $random_product['reviews_id']) . '">' . xtc_image(DIR_WS_THUMBNAIL_IMAGES . $random_product['products_image'], $random_product['products_name']) . '</a></div><a href="' . xtc_href_link(FILENAME_PRODUCT_REVIEWS_INFO, 'products_id=' . $random_product['products_id'] . '&reviews_id=' . $random_product['reviews_id']) . '">' . $review . ' ..</a><br />';
    $box_content = '<div align="center" class="bewert"><a href="' . xtc_href_link(FILENAME_PRODUCT_REVIEWS_INFO, 'products_id=' . $random_product['products_id'] . '&amp;reviews_id=' . $random_product['reviews_id']) . '">' . xtc_image(DIR_WS_THUMBNAIL_IMAGES . $random_product['products_image'], $random_product['products_name']) . '</a></div><a href="' . xtc_href_link(FILENAME_PRODUCT_REVIEWS_INFO, 'products_id=' . $random_product['products_id'] . '&amp;reviews_id=' . $random_product['reviews_id']) . '">' . $review . ' ..</a><br /><div align="center">' . xtc_image('templates/' . CURRENT_TEMPLATE . '/img/stars_' . $random_product['reviews_rating'] . '.gif', sprintf(BOX_REVIEWS_TEXT_OF_5_STARS, $random_product['reviews_rating'])) . '</div>';
    //EOF - Dokuman - 2010-01-29 - show review stars in box
} elseif ($product->isProduct()) {
    // Verhindern das Gäste oder Spamer bewerten können. www.aranowa.de
    if (isset($_SESSION['customer_id'])) {
        // display 'write a review' box
        $box_content = '<table border="0" cellspacing="0" cellpadding="2"><tr><td align="left" class="infoBoxContents"><a href="' . xtc_href_link(FILENAME_PRODUCT_REVIEWS_WRITE, xtc_product_link($product->data['products_id'], $product->data['products_name'])) . '">' . BOX_REVIEWS_WRITE_REVIEW . '</a></td></tr></table>';
    }
}
if ($box_content != '') {
    $box_smarty->assign('REVIEWS_LINK', xtc_href_link(FILENAME_REVIEWS));
    $box_smarty->assign('BOX_CONTENT', $box_content);
            }
        }
        $smarty->assign('BUTTON_RELOAD', xtc_image_submit('button_update_cart.gif', IMAGE_BUTTON_UPDATE_CART));
        $smarty->assign('BUTTON_CHECKOUT', '<a href="' . xtc_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL') . '">' . xtc_image_button('button_checkout.gif', IMAGE_BUTTON_CHECKOUT) . '</a>');
    }
    // EOF - Tomcraft - 2009-10-03 - Paypal Express Modul
} else {
    // empty cart
    $cart_empty = true;
    //if ($_GET['info_message'])
    //  $smarty->assign('info_message', str_replace('+', ' ', encode_htmlspecialchars($_GET['info_message'])));
    $smarty->assign('cart_empty', $cart_empty);
    $smarty->assign('BUTTON_CONTINUE', '<a href="' . xtc_href_link(FILENAME_DEFAULT) . '">' . xtc_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>');
}
if (isset($_GET['info_message'])) {
    $smarty->assign('info_message', str_replace('+', ' ', encode_htmlspecialchars($_GET['info_message'])));
}
//BOF - web28 - 2011-05-15 - new continue shopping link
if (!empty($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], FILENAME_SHOPPING_CART) === false && strpos($_SERVER['HTTP_REFERER'], 'in_cart') === false) {
    $_SESSION['continue_link'] = $_SERVER['HTTP_REFERER'];
}
if (!empty($_SESSION['continue_link'])) {
    $smarty->assign('CONTINUE_LINK', $_SESSION['continue_link']);
}
$smarty->assign('BUTTON_CONTINUE_SHOPPING', xtc_image_button('button_continue_shopping.gif', IMAGE_BUTTON_CONTINUE_SHOPPING));
//EOF - web28 - 2011-05-15 - new continue shopping link
$smarty->assign('language', $_SESSION['language']);
$main_content = $smarty->fetch(CURRENT_TEMPLATE . '/module/shopping_cart.html');
$smarty->assign('main_content', $main_content);
$smarty->caching = 0;
if (!defined('RM')) {
// include needed functions
require_once DIR_FS_INC . 'xtc_break_string.inc.php';
require_once DIR_FS_INC . 'xtc_date_long.inc.php';
// lets retrieve all $HTTP_GET_VARS keys and values..
$get_params = xtc_get_all_get_params(array('reviews_id'));
$get_params = substr($get_params, 0, -1);
//remove trailing &
$reviews_query = "select rd.reviews_text,\n                         r.reviews_rating,\n                         r.reviews_id,\n                         r.products_id,\n                         r.customers_name,\n                         r.date_added,\n                         r.last_modified,\n                         r.reviews_read,\n                         p.products_id,\n                         pd.products_name,\n                         p.products_image\n                  from " . TABLE_REVIEWS . " r\n                  left join " . TABLE_PRODUCTS . " p on (r.products_id = p.products_id)\n                  left join " . TABLE_PRODUCTS_DESCRIPTION . " pd on (p.products_id = pd.products_id \n                  and pd.language_id = '" . (int) $_SESSION['languages_id'] . "'), " . TABLE_REVIEWS_DESCRIPTION . " rd \n                  where r.reviews_id = '" . (int) $_GET['reviews_id'] . "'\n                  and r.reviews_id = rd.reviews_id\n                  and p.products_status = '1'";
$reviews_query = xtc_db_query($reviews_query);
if (!xtc_db_num_rows($reviews_query)) {
    xtc_redirect(xtc_href_link(FILENAME_REVIEWS));
}
$reviews = xtc_db_fetch_array($reviews_query);
$breadcrumb->add(NAVBAR_TITLE_PRODUCT_REVIEWS, xtc_href_link(FILENAME_PRODUCT_REVIEWS, $get_params));
xtc_db_query("update " . TABLE_REVIEWS . " set reviews_read = reviews_read+1 where reviews_id = '" . $reviews['reviews_id'] . "'");
$reviews_text = xtc_break_string(encode_htmlspecialchars($reviews['reviews_text']), 60, '-<br />');
require DIR_WS_INCLUDES . 'header.php';
$smarty->assign('PRODUCTS_NAME', $reviews['products_name']);
$smarty->assign('AUTHOR', $reviews['customers_name']);
$smarty->assign('DATE', xtc_date_long($reviews['date_added']));
$smarty->assign('REVIEWS_TEXT', nl2br($reviews_text));
$smarty->assign('RATING', xtc_image('templates/' . CURRENT_TEMPLATE . '/img/stars_' . $reviews['reviews_rating'] . '.gif', sprintf(TEXT_OF_5_STARS, $reviews['reviews_rating'])));
$smarty->assign('PRODUCTS_LINK', xtc_href_link(FILENAME_PRODUCT_INFO, xtc_product_link($reviews['products_id'], $reviews['products_name'])));
$smarty->assign('BUTTON_BACK', '<a href="' . xtc_href_link(FILENAME_PRODUCT_REVIEWS, $get_params) . '">' . xtc_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>');
$smarty->assign('BUTTON_BUY_NOW', '<a href="' . xtc_href_link(FILENAME_DEFAULT, 'action=buy_now&BUYproducts_id=' . $reviews['products_id']) . '">' . xtc_image_button('button_in_cart.gif', IMAGE_BUTTON_IN_CART) . '</a>');
$smarty->assign('IMAGE', '<a href="javascript:popupImageWindow(\'' . xtc_href_link(FILENAME_POPUP_IMAGE, 'pID=' . $reviews['products_id']) . '\')">' . xtc_image(DIR_WS_THUMBNAIL_IMAGES . $reviews['products_image'], $reviews['products_name'], '', '', 'align="center" hspace="5" vspace="5"') . '<br /></a>');
$smarty->assign('language', $_SESSION['language']);
// set cache ID
if (!CacheCheck()) {
    $smarty->caching = 0;
    $main_content = $smarty->fetch(CURRENT_TEMPLATE . '/module/product_reviews_info.html');
Example #16
0
    $smarty->assign('navtrail', $breadcrumb->trail('', '<li>', '</li>', '<li class="active">'));
} else {
    $smarty->assign('navtrail', $breadcrumb->trail(' &raquo; '));
}
if (isset($_SESSION['customer_id'])) {
    $smarty->assign('logoff', xtc_href_link(FILENAME_LOGOFF, '', 'SSL'));
} else {
    $smarty->assign('login', xtc_href_link(FILENAME_LOGIN, '', 'SSL'));
}
$smarty->assign('index', xtc_href_link(FILENAME_DEFAULT));
if ($_SESSION['account_type'] == '0') {
    $smarty->assign('account', xtc_href_link(FILENAME_ACCOUNT, '', 'SSL'));
}
$smarty->assign('cart', xtc_href_link(FILENAME_SHOPPING_CART, '', 'NONSSL'));
$smarty->assign('checkout', xtc_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'));
$smarty->assign('store_name', encode_htmlspecialchars(TITLE));
if (isset($_GET['error_message']) && xtc_not_null($_GET['error_message'])) {
    $smarty->assign('error', '<p class="errormessage alert alert-danger">' . utf8_encode(urldecode($_GET['error_message'])) . '</p>');
}
if (isset($_GET['info_message']) && xtc_not_null($_GET['info_message'])) {
    $smarty->assign('error', '<p class="errormessage alert alert-warning">' . utf8_encode($_GET['info_message']) . '</p>');
}
include DIR_WS_INCLUDES . FILENAME_BANNER;
//SHOP OFFLINE INFO
if (xtc_get_shop_conf('SHOP_OFFLINE') == 'checked' && $_SESSION['customers_status']['customers_status_id'] != 0) {
    $smarty->assign('language', $_SESSION['language']);
    $smarty->assign('shop_offline_msg', xtc_get_shop_conf('SHOP_OFFLINE_MSG'));
    $smarty->display(CURRENT_TEMPLATE . '/offline.html');
    exit;
}
//BOF - Dokuman - 2012-06-19 - BILLSAFE payment module (BillSAFE-Layer Start)
    if ($paypal->get_config('MODULE_PAYMENT_' . strtoupper($order->info['payment_method']) . '_USE_ACCOUNT') == 1) {
        $button = $paypal->create_paypal_link($order->info['order_id']);
        if ($button != '') {
            $smarty->assign('PAYPAL_LINK', sprintf(constant('MODULE_PAYMENT_' . strtoupper($order->info['payment_method']) . '_TEXT_SUCCESS'), $button));
        }
        if ($messageStack->size($order->info['payment_method']) > 0) {
            $smarty->assign('info_message', $messageStack->output($order->info['payment_method']));
        }
    }
}
// Order History
$history_block = '';
//DokuMan - 2010-09-18 - set undefined variable
$statuses_query = xtc_db_query("-- /account_history_info.php\n                                SELECT os.orders_status_name,\n                                       osh.date_added,\n                                       osh.comments,\n                                       osh.comments_sent\n                                FROM " . TABLE_ORDERS_STATUS . " os,\n                                     " . TABLE_ORDERS_STATUS_HISTORY . " osh\n                                WHERE osh.orders_id = '" . $order->info['order_id'] . "'\n                                  AND osh.customer_notified = 1\n                                  AND osh.orders_status_id = os.orders_status_id\n                                  AND os.language_id = '" . (int) $_SESSION['languages_id'] . "'\n                                ORDER BY osh.date_added");
while ($statuses = xtc_db_fetch_array($statuses_query)) {
    $history_block .= xtc_date_short($statuses['date_added']) . '&nbsp;<strong>' . $statuses['orders_status_name'] . '</strong>&nbsp;' . (empty($statuses['comments']) || empty($statuses['comments_sent']) ? '&nbsp;' : nl2br(encode_htmlspecialchars($statuses['comments']))) . '<br />';
}
$smarty->assign('HISTORY_BLOCK', $history_block);
// Download-Products
if (DOWNLOAD_ENABLED == 'true') {
    include DIR_WS_MODULES . 'downloads.php';
}
require_once DIR_FS_INC . 'xtc_get_tracking_link.php';
$smarty->assign('TRACKING_LINKS', xtc_get_tracking_link($order->info['order_id']));
// --- bof -- ipdfbill --------
require 'admin/includes/ipdfbill/pdfbill_lib.php';
// pdfbill
$pdffile = 'admin/' . PDFBILL_FOLDER . PDFBILL_PREFIX . ($_GET['order_id'] . '.pdf');
if (file_exists($pdffile)) {
    $pdflink = xtc_href_link(FILENAME_PDFBILL_DISPLAY, 'oID=' . $_GET['order_id']);
    $pdflink = sprintf('<a href="%s">' . PDFBILL_DOWNLOAD_INVOICE . '</a>', $pdflink);
function xtc_draw_small_input_field($name, $value = '', $parameters = '', $required = false, $type = 'text', $reinsert_value = true)
{
    $field = '<input type="' . $type . '" class="form-control" size="3" name="' . $name . '"';
    if (isset($GLOBALS[$name]) && $reinsert_value) {
        $field .= ' value="' . encode_htmlspecialchars(trim($GLOBALS[$name])) . '"';
    } elseif ($value != '') {
        $field .= ' value="' . encode_htmlspecialchars(trim($value)) . '"';
    }
    if ($parameters != '') {
        $field .= ' ' . $parameters;
    }
    $field .= '>';
    if ($required) {
        $field .= TEXT_FIELD_REQUIRED;
    }
    return $field;
}
                            $quotes[$i]['tax'] = 0;
                        }
                        $quotes[$i]['methods'][$j]['price'] = $xtPrice->xtcFormat(xtc_add_tax($quotes[$i]['methods'][$j]['cost'], $quotes[$i]['tax']), true, 0, true) . xtc_draw_hidden_field('shipping', $quotes[$i]['id'] . '_' . $quotes[$i]['methods'][$j]['id']);
                    }
                    $radio_buttons++;
                }
            }
        }
        $module_smarty->assign('module_content', $quotes);
    }
    $module_smarty->caching = 0;
    $shipping_block = $module_smarty->fetch(CURRENT_TEMPLATE . '/module/checkout_shipping_block.html');
}
if ($order->info['total'] > 0) {
    if (isset($_GET['payment_error']) && is_object(${$_GET['payment_error']}) && ($error = ${$_GET['payment_error']}->get_error())) {
        $smarty->assign('error', encode_htmlspecialchars($error['error']));
    }
    $selection = $payment_modules->selection();
    $radio_buttons = 0;
    //BOF - DokuMan - 2011-12-19 - precount for performance
    //for($i = 0, $n = sizeof($selection); $i < $n; $i++) {
    $n = sizeof($selection);
    for ($i = 0; $i < $n; $i++) {
        //EOF - DokuMan - 2011-12-19 - precount for performance
        $selection[$i]['radio_buttons'] = $radio_buttons;
        if (isset($payment)) {
            //Dokuman - 2012-05-31 - fix paypal_checkout notices
            if ($selection[$i]['id'] == $payment || $n == 1) {
                $selection[$i]['checked'] = 1;
            }
        }
 function process_button()
 {
     global $order, $xtPrice;
     $worldpay_url = xtc_session_name() . '=' . xtc_session_id();
     $total = number_format($xtPrice->xtcCalculateCurr($order->info['total']), $xtPrice->get_decimal_places($_SESSION['currency']), '.', '');
     $process_button_string = xtc_draw_hidden_field('instId', MODULE_PAYMENT_WORLDPAY_ID) . xtc_draw_hidden_field('currency', $_SESSION['currency']) . xtc_draw_hidden_field('desc', 'Purchase from ' . STORE_NAME) . xtc_draw_hidden_field('cartId', $worldpay_url) . xtc_draw_hidden_field('amount', $total);
     // Pre Auth Mod 3/1/2002 - Graeme Conkie
     if (MODULE_PAYMENT_WORLDPAY_USEPREAUTH == 'true') {
         $process_button_string .= xtc_draw_hidden_field('authMode', MODULE_PAYMENT_WORLDPAY_PREAUTH);
     }
     // Ian-san: Create callback and language links here 6/4/2003:
     $language_code_raw = xtc_db_query("select code from " . TABLE_LANGUAGES . " where languages_id ='" . $_SESSION['languages_id'] . "'");
     $language_code_array = xtc_db_fetch_array($language_code_raw);
     $language_code = $language_code_array['code'];
     $address = encode_htmlspecialchars($order->customer['street_address'] . "\n" . $order->customer['suburb'] . "\n" . $order->customer['city'] . "\n" . $order->customer['state'], ENT_QUOTES);
     $process_button_string .= xtc_draw_hidden_field('testMode', MODULE_PAYMENT_WORLDPAY_MODE) . xtc_draw_hidden_field('name', $order->customer['firstname'] . ' ' . $order->customer['lastname']) . xtc_draw_hidden_field('address', $address) . xtc_draw_hidden_field('postcode', $order->customer['postcode']) . xtc_draw_hidden_field('country', $order->customer['country']['iso_code_2']) . xtc_draw_hidden_field('tel', $order->customer['telephone']) . xtc_draw_hidden_field('myvar', 'Y') . xtc_draw_hidden_field('fax', $order->customer['fax']) . xtc_draw_hidden_field('email', $order->customer['email_address']) . xtc_draw_hidden_field('lang', $language_code) . xtc_draw_hidden_field('MC_callback', xtc_href_link(wpcallback) . '.php') . xtc_draw_hidden_field('MC_XTCsid', $XTCsid);
     // Ian-san: Added MD5 here 6/4/2003:
     if (MODULE_PAYMENT_WORLDPAY_USEMD5 == '1') {
         $md5_signature_fields = 'amount:language:email';
         $md5_signature = MODULE_PAYMENT_WORLDPAY_MD5KEY . ':' . number_format($order->info['total'] * $currencies->get_value($currency), $currencies->get_decimal_places($currency), '.', '') . ':' . $language_code . ':' . $order->customer['email_address'];
         $md5_signature_md5 = md5($md5_signature);
         $process_button_string .= xtc_draw_hidden_field('signatureFields', $md5_signature_fields) . xtc_draw_hidden_field('signature', $md5_signature_md5);
     }
     return $process_button_string;
 }