use Tygh\Pdf;
use Tygh\Registry;
use Tygh\Storage;
use Tygh\Settings;
if (!defined('BOOTSTRAP')) {
die('Access denied');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$suffix = '';
if ($mode == 'm_delete' && !empty($_REQUEST['order_ids'])) {
foreach ($_REQUEST['order_ids'] as $v) {
fn_delete_order($v);
}
}
if ($mode == 'update_details') {
fn_trusted_vars('update_order');
// Update customer's email if its changed in customer's account
if (!empty($_REQUEST['update_customer_details']) && $_REQUEST['update_customer_details'] == 'Y') {
$u_id = db_get_field("SELECT user_id FROM ?:orders WHERE order_id = ?i", $_REQUEST['order_id']);
$current_email = db_get_field("SELECT email FROM ?:users WHERE user_id = ?i", $u_id);
db_query("UPDATE ?:orders SET email = ?s WHERE order_id = ?i", $current_email, $_REQUEST['order_id']);
}
// Log order update
fn_log_event('orders', 'update', array('order_id' => $_REQUEST['order_id']));
db_query('UPDATE ?:orders SET ?u WHERE order_id = ?i', $_REQUEST['update_order'], $_REQUEST['order_id']);
//Update shipping info
if (!empty($_REQUEST['update_shipping'])) {
foreach ($_REQUEST['update_shipping'] as $group_key => $shipment) {
$shipment['shipment_data']['order_id'] = $_REQUEST['order_id'];
$shipment_id = isset($shipment['shipment_id']) ? $shipment['shipment_id'] : 0;
fn_update_shipment($shipment['shipment_data'], $shipment_id, $group_key, true);
if (!empty($_REQUEST['dynamic_object']['object_id']) && !empty($_REQUEST['dynamic_object']['object_type'])) {
$scheme = SchemesManager::getDynamicObjectByType($_REQUEST['dynamic_object']['object_type']);
$return_url = $scheme['admin_dispatch'] . '?' . $scheme['key'] . '=' . $_REQUEST['dynamic_object']['object_id'];
if (!empty($_REQUEST['tab_redirect'])) {
$return_url .= '&selected_section=product_tabs';
} else {
$return_url .= '&selected_section=blocks';
}
return array(CONTROLLER_STATUS_OK, $return_url);
}
$selected_location = fn_get_selected_location($_REQUEST);
$suffix .= "&selected_location=" . $selected_location['location_id'];
}
}
if ($mode == 'update_location') {
fn_trusted_vars('location_data');
$_REQUEST['location_data']['lang_code'] = DESCR_SL;
$location_id = Location::instance()->update($_REQUEST['location_data']);
$suffix .= "&selected_location=" . $location_id;
}
if ($mode == 'export_layout') {
$location_ids = isset($_REQUEST['location_ids']) ? $_REQUEST['location_ids'] : array();
$layout_id = Registry::get('runtime.layout.layout_id');
$content = Exim::instance()->export($layout_id, $location_ids, $_REQUEST);
$filename = empty($_REQUEST['filename']) ? date_format(TIME, "%m%d%Y") . 'xml' : $_REQUEST['filename'];
if (Registry::get('runtime.company_id')) {
$filename = Registry::get('runtime.company_id') . '/' . $filename;
}
fn_mkdir(dirname(Registry::get('config.dir.layouts') . $filename));
fn_put_contents(Registry::get('config.dir.layouts') . $filename, $content);
fn_set_notification('N', __('notice'), __('text_exim_data_exported'));
* *
* This is commercial software, only users who have purchased a valid *
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
use Tygh\Registry;
if (!defined('BOOTSTRAP')) {
die('Access denied');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// Define trusted variables that shouldn't be stripped
fn_trusted_vars('gift_cert_data');
if ($mode == 'update') {
$min = Registry::get('addons.gift_certificates.min_amount') * 1;
$max = Registry::get('addons.gift_certificates.max_amount') * 1;
if ($_REQUEST['gift_cert_data']['amount'] < $min || $_REQUEST['gift_cert_data']['amount'] > $max) {
fn_set_notification('E', __('error'), __('gift_cert_error_amount', array('[min]' => $min, '[max]' => $max)));
} else {
$gift_cert_id = fn_update_gift_certificate($_REQUEST['gift_cert_data'], $_REQUEST['gift_cert_id'], $_REQUEST);
}
$suffix = ".update?gift_cert_id={$gift_cert_id}";
}
if ($mode == 'preview') {
if (!empty($_REQUEST['gift_cert_data'])) {
fn_correct_gift_certificate($_REQUEST['gift_cert_data']);
fn_show_postal_card($_REQUEST['gift_cert_data']);
exit;
* This is commercial software, only users who have purchased a valid *
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
//
// $Id: product_groups.php 10229 2010-07-27 14:21:39Z 2tl $
//
if (!defined('AREA')) {
die('Access denied');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
fn_trusted_vars('group', 'groups_data');
$suffix = '';
if ($mode == 'delete') {
if (!empty($_REQUEST['group_ids'])) {
fn_delete_affiliate_groups($_REQUEST['group_ids']);
} else {
fn_set_notification('E', fn_get_lang_var('error'), fn_get_lang_var('error_no_data'));
}
$suffix = '.manage';
}
if ($mode == 'update') {
$group_id = fn_update_affiliate_group($_REQUEST['group'], $_REQUEST['group_id'], DESCR_SL);
$suffix = ".update?group_id={$group_id}";
}
return array(CONTROLLER_STATUS_OK, "product_groups{$suffix}");
}
} else {
db_query("REPLACE INTO ?:product_global_option_links (option_id, product_id) VALUES (?i, ?i)", $value, $k);
if (fn_allowed_for('ULTIMATE')) {
fn_ult_share_product_option($value, $k);
}
}
}
}
if (!empty($updated_products)) {
fn_set_notification('N', __('notice'), __('options_have_been_applied_to_products'));
}
}
$suffix = ".apply";
}
if ($mode == 'update') {
fn_trusted_vars('option_data', 'regexp');
if (fn_allowed_for('MULTIVENDOR')) {
$option_data = array();
if (!empty($_REQUEST['option_id'])) {
$condition = fn_get_company_condition('?:product_options.company_id');
$option_data = db_get_row("SELECT * FROM ?:product_options WHERE option_id = ?i {$condition}", $_REQUEST['option_id']);
if (empty($option_data)) {
fn_set_notification('W', __('warning'), __('access_denied'));
return array(CONTROLLER_STATUS_REDIRECT, 'product_options.manage');
}
}
$_REQUEST['option_data'] = array_merge($option_data, $_REQUEST['option_data']);
fn_set_company_id($_REQUEST['option_data']);
}
$option_id = fn_update_product_option($_REQUEST['option_data'], $_REQUEST['option_id'], DESCR_SL);
if (!empty($_REQUEST['object']) && $_REQUEST['object'] == 'product') {
* *
* This is commercial software, only users who have purchased a valid *
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
use Tygh\Registry;
if (!defined('BOOTSTRAP')) {
die('Access denied');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$suffix = '';
fn_trusted_vars('store_locations', 'store_location_data');
if ($mode == 'update') {
$store_location_id = fn_update_store_location($_REQUEST['store_location_data'], $_REQUEST['store_location_id'], DESCR_SL);
//die();
if (empty($store_location_id)) {
$suffix = ".manage";
} else {
$suffix = ".update?store_location_id={$store_location_id}";
}
}
return array(CONTROLLER_STATUS_OK, 'store_locator' . $suffix);
}
if ($mode == 'delete') {
if (!empty($_REQUEST['store_location_id'])) {
if (fn_delete_store_location($_REQUEST['store_location_id'])) {
$count = db_get_field("SELECT COUNT(*) FROM ?:store_locations");
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
use Tygh\Registry;
use Tygh\Settings;
use Tygh\BlockManager\Layout;
use Tygh\Themes\Styles;
if (!defined('BOOTSTRAP')) {
die('Access denied');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$suffix = '';
// Define trusted variables that shouldn't be stripped
fn_trusted_vars('company_data');
//
// Processing additon of new company
//
if ($mode == 'add') {
if (fn_allowed_for('ULTIMATE:FREE')) {
return array(CONTROLLER_STATUS_DENIED);
}
$suffix = '.add';
if (!empty($_REQUEST['company_data']['company'])) {
// Checking for required fields for new company
if (Registry::get('runtime.simple_ultimate')) {
Registry::set('runtime.simple_ultimate', false);
}
if (isset($_REQUEST['company_data']['is_create_vendor_admin']) && $_REQUEST['company_data']['is_create_vendor_admin'] == 'Y') {
if (!empty($_REQUEST['company_data']['admin_username']) && db_get_field("SELECT COUNT(*) FROM ?:users WHERE user_login = ?s", $_REQUEST['company_data']['admin_username']) > 0) {
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
use Tygh\Registry;
use Tygh\Enum\ProductFeatures;
if (!defined('BOOTSTRAP')) {
die('Access denied');
}
fn_define('KEEP_UPLOADED_FILES', true);
fn_define('NEW_FEATURE_GROUP_ID', 'OG');
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
fn_trusted_vars('feature_data');
// Update features
if ($mode == 'update') {
$feature_id = fn_update_product_feature($_REQUEST['feature_data'], $_REQUEST['feature_id'], DESCR_SL);
if ($_REQUEST['feature_data']['feature_type'] == ProductFeatures::EXTENDED) {
return array(CONTROLLER_STATUS_OK, 'product_features.update?feature_id=' . $feature_id);
}
}
if ($mode == 'update_status') {
fn_tools_update_status($_REQUEST);
if (!empty($_REQUEST['status']) && $_REQUEST['status'] == 'D') {
$filter_ids = db_get_fields("SELECT filter_id FROM ?:product_filters WHERE feature_id = ?i AND status = 'A'", $_REQUEST['id']);
if (!empty($filter_ids)) {
db_query("UPDATE ?:product_filters SET status = 'D' WHERE filter_id IN (?n)", $filter_ids);
$filter_names_array = db_get_fields("SELECT filter FROM ?:product_filter_descriptions WHERE filter_id IN (?n) AND lang_code = ?s", $filter_ids, DESCR_SL);
fn_set_notification('W', __('warning'), __('text_product_filters_were_disabled', array('[url]' => fn_url('product_filters.manage'), '[filters_list]' => implode(', ', $filter_names_array))));
* *
* This is commercial software, only users who have purchased a valid *
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
use Tygh\Registry;
if (!defined('BOOTSTRAP')) {
die('Access denied');
}
$_REQUEST['promotion_id'] = empty($_REQUEST['promotion_id']) ? 0 : $_REQUEST['promotion_id'];
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
fn_trusted_vars('promotion_data', 'promotions');
$suffix = '';
//
// Update promotion
//
if ($mode == 'update') {
if (fn_allowed_for('ULTIMATE') && Registry::get('runtime.company_id')) {
if (!empty($_REQUEST['promotion_id']) && !fn_check_company_id('promotions', 'promotion_id', $_REQUEST['promotion_id'])) {
fn_company_access_denied_notification();
return array(CONTROLLER_STATUS_OK, 'promotions.update?promotion_id=' . $_REQUEST['promotion_id']);
}
if (!empty($_REQUEST['promotion_id'])) {
unset($_REQUEST['promotion_data']['company_id']);
}
}
$promotion_id = fn_update_promotion($_REQUEST['promotion_data'], $_REQUEST['promotion_id'], DESCR_SL);
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
//
// $Id: pages.php 10562 2010-09-01 08:17:50Z andyye $
//
if (!defined('AREA')) {
die('Access denied');
}
/** Body **/
$page_id = isset($_REQUEST['page_id']) ? intval($_REQUEST['page_id']) : 0;
/* POST data processing */
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$suffix = '';
// Define trusted variables that shouldn't be stripped
fn_trusted_vars('page_data');
//
// Processing additon of new page element
//
if ($mode == 'add') {
if (!empty($_REQUEST['page_data']['page'])) {
// Checking for required fields for new page
// Adding page record
$page_id = fn_update_page($_REQUEST['page_data']);
if (isset($_REQUEST['redirect_url'])) {
$_REQUEST['redirect_url'] .= '&get_tree=multi_level';
}
if (empty($page_id)) {
$suffix = ".manage";
} else {
$suffix = ".update?page_id={$page_id}";
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
//
// $Id: configurator.php 10229 2010-07-27 14:21:39Z 2tl $
//
if (!defined('AREA')) {
die('Access denied');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// Define trusted variables that shouldn't be stripped
fn_trusted_vars('configurator_group_data');
$suffix = '';
//************************************ CONFIGURATOR STEPS **********************************\\
//
// Add new configurator step
//
if ($mode == 'add_steps' && isset($_REQUEST['add_step_data'])) {
foreach ($_REQUEST['add_step_data'] as $v) {
if (!empty($v['step_name'])) {
$step_id = db_query("INSERT INTO ?:conf_steps ?e", $v);
fn_create_description('conf_step_descriptions', 'step_id', $step_id, $v);
}
}
$suffix = ".manage?selected_section=steps";
}
//
use Tygh\Enum\ProductTracking;
use Tygh\Registry;
use Tygh\BlockManager\SchemesManager;
if (!defined('BOOTSTRAP')) {
die('Access denied');
}
$_REQUEST['product_id'] = empty($_REQUEST['product_id']) ? 0 : $_REQUEST['product_id'];
if (fn_allowed_for('MULTIVENDOR')) {
if (isset($_REQUEST['product_id']) && !fn_company_products_check($_REQUEST['product_id']) || isset($_REQUEST['product_ids']) && !fn_company_products_check($_REQUEST['product_ids'])) {
return array(CONTROLLER_STATUS_DENIED);
}
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$suffix = '';
// Define trusted variables that shouldn't be stripped
fn_trusted_vars('product_data', 'override_products_data', 'product_files_descriptions', 'add_product_files_descriptions', 'products_data', 'product_file');
//
// Apply Global Option
//
if ($mode == 'apply_global_option') {
if ($_REQUEST['global_option']['link'] == 'N') {
fn_clone_product_options(0, $_REQUEST['product_id'], $_REQUEST['global_option']['id']);
} else {
db_query("REPLACE INTO ?:product_global_option_links (option_id, product_id) VALUES(?i, ?i)", $_REQUEST['global_option']['id'], $_REQUEST['product_id']);
if (fn_allowed_for('ULTIMATE')) {
fn_ult_share_product_option($_REQUEST['global_option']['id'], $_REQUEST['product_id']);
}
}
$suffix = ".update?product_id={$_REQUEST['product_id']}";
}
//
/**
* Update cart products and etc. from passed params
*
* @param array $cart Array of cart content and user information necessary for purchase
* @param array $new_cart_data Array of new data for products, totals, discounts and etc. update
* @param array $auth Array of user authentication data (e.g. uid, usergroup_ids, etc.)
* @return boolean Always true
*/
function fn_update_cart_by_data(&$cart, $new_cart_data, $auth)
{
// Clean up saved shipping rates
unset($_SESSION['shipping_rates']);
// update products
$product_data = !empty($new_cart_data['cart_products']) ? $new_cart_data['cart_products'] : array();
fn_update_cart_products($cart, $product_data, $auth);
// Update shipping cost
$cart['stored_shipping'] = array();
if (!empty($cart['product_groups'])) {
foreach ($cart['product_groups'] as $group_key => $group) {
if (!empty($group['chosen_shippings'])) {
foreach ($group['chosen_shippings'] as $shipping_key => $shipping) {
if (!empty($new_cart_data['stored_shipping'][$group_key][$shipping_key]) && $new_cart_data['stored_shipping'][$group_key][$shipping_key] != 'N') {
$cart['stored_shipping'][$group_key][$shipping_key] = (double) $new_cart_data['stored_shipping_cost'][$group_key][$shipping_key];
$cart['product_groups'][$group_key]['chosen_shippings'][$shipping_key]['rate'] = $cart['stored_shipping'][$group_key][$shipping_key];
} else {
unset($cart['product_groups'][$group_key]['chosen_shippings'][$shipping_key]['stored_shippings']);
unset($cart['product_groups'][$group_key]['shippings'][$shipping['shipping_id']]['stored_shippings']);
}
}
}
}
}
// Update taxes
if (!empty($new_cart_data['taxes']) && @$new_cart_data['stored_taxes'] == 'Y') {
foreach ($new_cart_data['taxes'] as $id => $rate) {
$cart['taxes'][$id]['rate_value'] = $rate;
}
}
$cart['stored_taxes'] = !empty($new_cart_data['stored_taxes']) ? $new_cart_data['stored_taxes'] : array();
if (!empty($new_cart_data['stored_subtotal_discount']) && $new_cart_data['stored_subtotal_discount'] == 'Y') {
$cart['stored_subtotal_discount'] = 'Y';
$cart['subtotal_discount'] = $new_cart_data['subtotal_discount'];
} else {
unset($cart['stored_subtotal_discount']);
$cart['subtotal_discount'] = !empty($cart['original_subtotal_discount']) ? $cart['original_subtotal_discount'] : 0;
}
// Apply coupon
if (!empty($new_cart_data['coupon_code'])) {
fn_trusted_vars('coupon_code');
// That's why $cart->setPendingCoupon() is better
$cart['pending_coupon'] = strtolower($new_cart_data['coupon_code']);
}
/**
* Additional cart updates from passed params
*
* @param array $cart Array of cart content and user information necessary for purchase
* @param array $new_cart_data Array of new data for products, totals, discounts and etc. update
* @param array $auth Array of user authentication data (e.g. uid, usergroup_ids, etc.)
*/
fn_set_hook('update_cart_by_data_post', $cart, $new_cart_data, $auth);
return true;
}
* This is commercial software, only users who have purchased a valid *
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
//
// $Id: news.php 10558 2010-08-31 12:50:29Z klerik $
//
if (!defined('AREA')) {
die('Access denied');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
fn_trusted_vars('news', 'news_data');
//
// Delete news
//
if ($mode == 'delete') {
foreach ($_REQUEST['news_ids'] as $v) {
fn_delete_news($v);
}
$suffix = ".manage";
}
//
// Manage news
//
if ($mode == 'm_update') {
if (!empty($_REQUEST['news'])) {
foreach ($_REQUEST['news'] as $k => $v) {
* *
* (c) 2004 Vladimir V. Kalynyak, Alexey V. Vinokurov, Ilya M. Shalnev *
* *
* This is commercial software, only users who have purchased a valid *
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
use Tygh\Registry;
if (!defined('BOOTSTRAP')) {
die('Access denied');
}
fn_trusted_vars("processor_params", "payment_data");
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($mode == 'update') {
$payment_id = fn_attach_image_pairs('path_stamp', 'stamp', $_REQUEST['payment_id'], DESCR_SL);
}
return array(CONTROLLER_STATUS_OK, "payments.manage");
}
if ($mode == 'update' || $mode == 'manage') {
$processors = Tygh::$app['view']->getTemplateVars('payment_processors');
if (!empty($processors)) {
$rus_payments = array();
foreach (fn_get_schema('rus_payments', 'processors') as $rus_payment) {
$rus_payments[$rus_payment['processor']] = $rus_payment;
}
foreach ($processors as &$processor) {
$processor['position'] = 'default_' . $processor['processor'];
* (c) 2004 Vladimir V. Kalynyak, Alexey V. Vinokurov, Ilya M. Shalnev *
* *
* This is commercial software, only users who have purchased a valid *
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
use Tygh\Registry;
if (!defined('BOOTSTRAP')) {
die('Access denied');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
fn_trusted_vars('status_data');
if ($mode == 'update') {
fn_update_status($_REQUEST['status'], $_REQUEST['status_data'], $_REQUEST['type']);
}
if ($mode == 'delete') {
if (!empty($_REQUEST['status'])) {
if (fn_delete_status($_REQUEST['status'], $_REQUEST['type'])) {
$count = db_get_field("SELECT COUNT(*) FROM ?:statuses");
if (empty($count)) {
Tygh::$app['view']->display('views/statuses/manage.tpl');
}
}
}
exit;
}
return array(CONTROLLER_STATUS_OK, 'statuses.manage?type=' . $_REQUEST['type']);
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
use Tygh\Registry;
use Tygh\Debugger;
use Tygh\Database;
if (!defined('BOOTSTRAP') || !Debugger::isActive()) {
die('Access denied');
}
$data = !empty($_REQUEST['debugger_hash']) ? Debugger::getData($_REQUEST['debugger_hash']) : array();
if ($mode == 'sql_parse') {
fn_trusted_vars('query');
if (!empty($data) && isset($_REQUEST['sql_id'])) {
$query = stripslashes($data['sql']['queries'][$_REQUEST['sql_id']]['query']);
$backtrace = !empty($data['backtraces']) ? $data['backtraces'][$_REQUEST['sql_id']] : array();
$_REQUEST['sandbox'] = true;
} else {
$query = $_REQUEST['query'];
}
$result = $explain = array();
$query_time = $start_time = 0;
if (!empty($_REQUEST['sandbox'])) {
db_query('SET AUTOCOMMIT=0');
db_query('START TRANSACTION');
}
$stop_queries = array('DROP', 'CREATE', 'TRANSACTION', 'ROLLBACK');
$stop_exec = false;
* This is commercial software, only users who have purchased a valid *
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
//
// $Id: affiliate_plans.php 10264 2010-07-29 08:09:07Z klerik $
//
if (!defined('AREA')) {
die('Access denied');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
fn_trusted_vars('add_affiliate_plans', 'affiliate_plans_data', 'affiliate_plan', 'levels', 'commissions_ids');
$suffix = '';
//
// Delete selected plans
//
if ($mode == 'delete') {
if (!empty($_REQUEST['plan_ids'])) {
fn_delete_affiliate_plans($_REQUEST['plan_ids']);
}
$suffix = '.manage';
}
//
// Update/add plan
//
if ($mode == 'update') {
$plan_id = fn_update_affiliate_plan($_REQUEST['affiliate_plan'], $_REQUEST['plan_id'], DESCR_SL);
}
if (!Registry::get('runtime.customization_mode.design') && !Registry::get('runtime.customization_mode.live_editor')) {
die('Access denied');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($mode == 'update_customization_mode') {
fn_update_customization_mode($_REQUEST['customization_modes']);
return array(CONTROLLER_STATUS_OK, $_REQUEST['current_url']);
}
if ($mode == 'live_editor_update') {
fn_trusted_vars('value');
fn_live_editor_update_object($_REQUEST);
exit;
}
if ($mode == 'save_template') {
fn_trusted_vars('content');
$ext = fn_strtolower(fn_get_file_ext($_REQUEST['file']));
if ($ext == 'tpl') {
$theme_path = fn_get_theme_path('[themes]/[theme]/templates/', 'C');
if (fn_put_contents($_REQUEST['file'], $_REQUEST['content'], $theme_path)) {
fn_set_notification('N', __('notice'), __('text_file_saved', array('[file]' => fn_basename($_REQUEST['file']))));
}
}
return array(CONTROLLER_STATUS_REDIRECT, $_REQUEST['current_url']);
}
if ($mode == 'restore_template') {
$copied = false;
$full_path = fn_get_theme_path('[themes]/[theme]', 'C') . '/templates/' . $_REQUEST['file'];
if (fn_check_path($full_path)) {
$c_name = fn_normalize_path($full_path);
$r_name = fn_normalize_path(Registry::get('config.dir.themes_repository') . Registry::get('config.base_theme') . '/templates/' . $_REQUEST['file']);
* *
* This is commercial software, only users who have purchased a valid *
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
use Tygh\Registry;
if (!defined('BOOTSTRAP')) {
die('Access denied');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$suffix = '';
fn_trusted_vars('postcode_locations', 'postcode_location_data');
if ($mode == 'update') {
$postcode_location_id = fn_update_postcode_location($_REQUEST['postcode_location_data'], $_REQUEST['postcode_location_id'], DESCR_SL);
if (empty($postcode_location_id)) {
$suffix = ".manage";
} else {
$suffix = ".update?postcode_location_id={$postcode_location_id}";
}
}
if ($mode == 'delete') {
if (!empty($_REQUEST['postcode_location_id'])) {
fn_delete_postcode_location($_REQUEST['postcode_location_id']);
}
$suffix = '.manage';
}
return array(CONTROLLER_STATUS_OK, 'postcode_checker' . $suffix);
* This is commercial software, only users who have purchased a valid *
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
use Tygh\Registry;
if (!defined('BOOTSTRAP')) {
die('Access denied');
}
$_REQUEST['category_id'] = empty($_REQUEST['category_id']) ? 0 : $_REQUEST['category_id'];
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// Define trusted variables that shouldn't be stripped
fn_trusted_vars('category_data', 'categories_data');
//
// Create/update category
//
if ($mode == 'update') {
if (fn_allowed_for('ULTIMATE')) {
if (!empty($_REQUEST['category_id']) && !fn_check_company_id('categories', 'category_id', $_REQUEST['category_id'])) {
fn_company_access_denied_notification();
return array(CONTROLLER_STATUS_OK, 'categories.update?category_id=' . $_REQUEST['category_id']);
}
}
$category_id = fn_update_category($_REQUEST['category_data'], $_REQUEST['category_id'], DESCR_SL);
if (!empty($category_id)) {
fn_attach_image_pairs('category_main', 'category', $category_id, DESCR_SL);
$suffix = ".update?category_id={$category_id}" . (!empty($_REQUEST['category_data']['block_id']) ? "&selected_block_id=" . $_REQUEST['category_data']['block_id'] : "");
} else {
* This is commercial software, only users who have purchased a valid *
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
//
// $Id: site_layout.php 9938 2010-07-01 14:18:59Z 2tl $
//
if (!defined('AREA')) {
die('Access denied');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
fn_trusted_vars("lang_data");
$suffix = '';
if ($mode == 'update_design_mode') {
db_query("UPDATE ?:settings SET value = ?s WHERE option_name = ?s AND section_id = ?s", $action == $_REQUEST['design_mode'] ? 'Y' : 'N', $_REQUEST['design_mode'], '');
if (!empty($_REQUEST['disable_mode'])) {
db_query("UPDATE ?:settings SET value = 'N' WHERE option_name = ?s AND section_id = ?s", $_REQUEST['disable_mode'], '');
}
fn_rm(DIR_COMPILED . 'customer', false);
fn_rm(DIR_COMPILED . 'admin', false);
$suffix = '.design_mode';
}
if ($mode == 'update_logos') {
$logos = fn_filter_uploaded_data('logotypes');
$areas = fn_get_manifest_definition();
fn_save_logo_alt($areas);
// Update customer logotype
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
use Tygh\Registry;
use Tygh\Storage;
if (!defined('BOOTSTRAP')) {
die('Access denied');
}
$_SESSION['current_path'] = empty($_SESSION['current_path']) ? '' : preg_replace('/^\\//', '', $_SESSION['current_path']);
$current_path = $_SESSION['current_path'];
// Disable debug console
Tygh::$app['view']->debugging = false;
$message = array();
$root_dir = fn_te_get_root('full');
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($mode == 'edit') {
fn_trusted_vars('file_content');
$file_path = fn_te_normalize_path($_REQUEST, $root_dir);
$is_forbidden_ext = in_array(fn_strtolower(fn_get_file_ext($file_path)), Registry::get('config.forbidden_file_extensions'));
if (fn_te_check_path($file_path) && @is_writable($file_path) && !$is_forbidden_ext) {
fn_put_contents($file_path, $_REQUEST['file_content']);
fn_set_notification('N', __('notice'), __('text_file_saved', array('[file]' => fn_basename($file_path))));
Tygh::$app['ajax']->assign('saved', true);
// Clear template cache of updated template for the customer front-end
$view = Tygh::$app['view'];
$view->setArea('C', '', Registry::get('runtime.company_id'));
$updated_template_path = str_replace($view->getTemplateDir(0), '', $file_path);
$view->clearCompiledTemplate($updated_template_path);
$view->setArea(AREA, '', Registry::get('runtime.company_id'));
} else {
fn_set_notification('E', __('error'), __('cannot_write_file', array('[file]' => fn_get_rel_dir($file_path))));
}
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
use Tygh\Registry;
use Tygh\Settings;
use Tygh\Languages\Languages;
use Tygh\Languages\Values as LanguageValues;
if (!defined('BOOTSTRAP')) {
die('Access denied');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
fn_trusted_vars("lang_data", "new_lang_data");
$suffix = '.manage';
//
// Update language variables
//
if ($mode == 'm_update_variables') {
if (is_array($_REQUEST['lang_data'])) {
fn_update_lang_var($_REQUEST['lang_data']);
}
$suffix = '.translations';
}
//
// Delete language variables
//
if ($mode == 'm_delete_variables') {
if (!empty($_REQUEST['names'])) {
fn_login_user($user_id);
return array(CONTROLLER_STATUS_REDIRECT, 'profiles.success_add');
} else {
return array(CONTROLLER_STATUS_REDIRECT, 'checkout.complete?order_id=' . $_REQUEST['order_id']);
}
} else {
return array(CONTROLLER_STATUS_DENIED);
}
}
return array(CONTROLLER_STATUS_OK, 'checkout.cart');
}
//
// Delete discount coupon
//
if ($mode == 'delete_coupon') {
fn_trusted_vars('coupon_code');
unset($cart['coupons'][$_REQUEST['coupon_code']], $cart['pending_coupon']);
$cart['recalculate'] = true;
if (!empty($cart['chosen_shipping'])) {
$cart['calculate_shipping'] = true;
}
return array(CONTROLLER_STATUS_OK);
}
if (empty($mode)) {
$redirect_mode = empty($_REQUEST['redirect_mode']) ? 'checkout' : $_REQUEST['redirect_mode'];
return array(CONTROLLER_STATUS_REDIRECT, 'checkout.' . $redirect_mode);
}
$payment_methods = fn_prepare_checkout_payment_methods($cart, $auth);
if ((fn_cart_is_empty($cart) && !isset($force_redirection) || empty($payment_methods)) && !in_array($mode, array('clear', 'delete', 'cart', 'update', 'apply_coupon', 'shipping_estimation', 'update_shipping', 'complete'))) {
if (empty($payment_methods)) {
fn_set_notification('W', __('notice'), __('cannot_proccess_checkout_without_payment_methods'), 'K', 'no_payment_notification');
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
//
// $Id: recurring_plans.php 7502 2009-05-19 14:54:59Z zeke $
//
if (!defined('AREA')) {
die('Access denied');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$suffix = '';
// Define trusted variables that shouldn't be stripped
fn_trusted_vars('recurring_plan');
//
// Update/add plan
//
if ($mode == 'update') {
$plan_id = fn_update_recurring_plan($_REQUEST['recurring_plan'], $_REQUEST['plan_id'], DESCR_SL);
$suffix = ".update?plan_id={$plan_id}";
}
//
// Delete selected plans
//
if ($mode == 'delete') {
if (!empty($_REQUEST['plan_ids'])) {
fn_delete_recurring_plans($_REQUEST['plan_ids']);
}
$suffix = '.manage';
* *
* This is commercial software, only users who have purchased a valid *
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
use Tygh\Registry;
use Tygh\Mailer;
if (!defined('BOOTSTRAP')) {
die('Access denied');
}
if ($_SERVER['REQUEST_METHOD'] == "POST") {
fn_trusted_vars('settings_data');
if ($mode == "update_settings") {
if (!empty($_REQUEST['settings_data'])) {
if (!empty($_REQUEST['settings_data']['statuses'])) {
$_REQUEST['settings_data']['statuses'] = implode(',', $_REQUEST['settings_data']['statuses']);
}
$check = db_get_row("SELECT * FROM ?:orders_feedback WHERE feedback_id = ?i AND lang_code=?s", $_REQUEST['feedback_id'], DESCR_SL);
if (!empty($check)) {
db_query("UPDATE ?:orders_feedback SET ?u WHERE feedback_id = ?i AND lang_code=?s", $_REQUEST['settings_data'], $_REQUEST['feedback_id'], DESCR_SL);
} else {
foreach (fn_get_translation_languages() as $_REQUEST['settings_data']['lang_code'] => $v) {
$_REQUEST['settings_data']['feedback_id'] = db_query("INSERT INTO ?:orders_feedback ?e", $_REQUEST['settings_data']);
}
return array(CONTROLLER_STATUS_OK, "orders_feedback.update?feedback_id=" . $_REQUEST['settings_data']['feedback_id']);
}
}
* (c) 2004 Vladimir V. Kalynyak, Alexey V. Vinokurov, Ilya M. Shalnev *
* *
* This is commercial software, only users who have purchased a valid *
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
use Tygh\Registry;
if (!defined('BOOTSTRAP')) {
die('Access denied');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
fn_trusted_vars('banners', 'banner_data');
$suffix = '';
//
// Delete banners
//
if ($mode == 'm_delete') {
foreach ($_REQUEST['banner_ids'] as $v) {
fn_delete_banner_by_id($v);
}
$suffix = '.manage';
}
//
// Add/edit banners
//
if ($mode == 'update') {
$banner_id = fn_banners_update_banner($_REQUEST['banner_data'], $_REQUEST['banner_id'], DESCR_SL);
use Tygh\Registry;
use Tygh\Settings;
use Tygh\Helpdesk;
if (!defined('BOOTSTRAP')) {
die('Access denied');
}
$section_id = empty($_REQUEST['section_id']) ? 'General' : $_REQUEST['section_id'];
// Convert section name to section_id
$section = Settings::instance()->getSectionByName($section_id);
if (isset($section['section_id'])) {
$section_id = $section['section_id'];
} else {
return array(CONTROLLER_STATUS_NO_PAGE);
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
fn_trusted_vars('update');
$_suffix = '';
if ($mode == 'update') {
if (isset($_REQUEST['update']) && is_array($_REQUEST['update'])) {
foreach ($_REQUEST['update'] as $k => $v) {
Settings::instance()->updateValueById($k, $v);
if (!empty($_REQUEST['update_all_vendors'][$k])) {
Settings::instance()->resetAllVendorsSettings($k);
}
}
}
$_suffix = ".manage";
if (defined('AJAX_REQUEST')) {
exit;
}
}
* This is commercial software, only users who have purchased a valid *
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
use Tygh\Registry;
if (!defined('BOOTSTRAP')) {
die('Access denied');
}
// dynamic pieces of content that admin can use in newsletters
$placeholders = array(NEWSLETTER_TYPE_NEWSLETTER => array('%UNSUBSCRIBE_LINK' => 'unsubscribe_link', '%SUBSCRIBER_EMAIL' => 'subscriber_email', '%COMPANY_NAME' => 'company_name', '%COMPANY_ADDRESS' => 'company_address', '%COMPANY_PHONE' => 'company_phone'), NEWSLETTER_TYPE_AUTORESPONDER => array('%ACTIVATION_LINK' => 'activation_link', '%SUBSCRIBER_EMAIL' => 'subscriber_email', '%COMPANY_NAME' => 'company_name', '%COMPANY_ADDRESS' => 'company_address', '%COMPANY_PHONE' => 'company_phone'), NEWSLETTER_TYPE_TEMPLATE => array('%UNSUBSCRIBE_LINK' => 'unsubscribe_link', '%ACTIVATION_LINK' => 'activation_link', '%SUBSCRIBER_EMAIL' => 'subscriber_email', '%COMPANY_NAME' => 'company_name', '%COMPANY_ADDRESS' => 'company_address', '%COMPANY_PHONE' => 'company_phone'));
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
fn_trusted_vars('newsletter_data');
$suffix = '.manage';
//
// Delete newsletters
//
if ($mode == 'm_delete') {
if (!empty($_REQUEST['newsletter_ids'])) {
foreach ($_REQUEST['newsletter_ids'] as $v) {
fn_delete_newsletter($v);
}
}
}
//
// Update newsletters
//
if ($mode == 'update') {
