function nzshpcrt_submit_ajax() { global $wpdb, $user_level, $wp_rewrite; get_currentuserinfo(); if (get_option('permalink_structure') != '') { $seperator = "?"; } else { $seperator = "&"; } /* update shopping cart*/ if (isset($_GET['ajax']) and $_GET['ajax'] == "true" && $_GET['user'] == "true" && is_numeric($_POST['prodid'])) { $sql = "SELECT * FROM `wp_product_list` WHERE `id`='" . $_POST['prodid'] . "' LIMIT 1"; $item_data = $wpdb->get_results($sql, ARRAY_A); $item_quantity = 0; if (isset($_SESSION['nzshpcrt_cart']) and $_SESSION['nzshpcrt_cart'] != null) { foreach ($_SESSION['nzshpcrt_cart'] as $cart_key => $cart_item) { if ($cart_item->product_id == $_POST['prodid']) { $item_quantity += $_SESSION['nzshpcrt_cart'][$cart_key]->quantity; } else { $item_quantity += 0; } } } else { // set new session for cart $_SESSION['nzshpcrt_cart'] = array(); } if (isset($_SESSION['nzshpcrt_cart'])) { $cartcount = count($_SESSION['nzshpcrt_cart']); //echo "cartcount: ".$cartcount; if (isset($_POST['variation']) && is_array($_POST['variation'])) { $variations = $_POST['variation']; } else { $variations = null; } $updated_quantity = false; if ($_SESSION['nzshpcrt_cart'] != null) { foreach ($_SESSION['nzshpcrt_cart'] as $cart_key => $cart_item) { if ($cart_item->product_id == $_POST['prodid']) { //ales if (isset($_POST['license'])) { $_SESSION['nzshpcrt_cart'][$cart_key]->license = $_POST['license']; } else { $_SESSION['nzshpcrt_cart'][$cart_key]->license = 'l1_price'; } if (isset($brand_id)) { $_SESSION['nzshpcrt_cart'][$cart_key]->author = get_brand($brand_id); } if ($_SESSION['nzshpcrt_cart'][$cart_key]->product_variations === $variations) { $_SESSION['nzshpcrt_cart'][$cart_key]->quantity = 1; $updated_quantity = true; } } } } if ($updated_quantity === false) { if (isset($_POST['quantity']) && is_numeric($_POST['quantity'])) { if ($_POST['quantity'] > 0) { $new_cart_item = new cart_item($_POST['prodid'], $variations, $_POST['quantity']); } } else { $new_cart_item = new cart_item($_POST['prodid'], $variations); } $_SESSION['nzshpcrt_cart'][$cartcount + 1] = $new_cart_item; } } $quantity_limit = false; if (isset($_SESSION['nzshpcrt_cart'])) { $cart = $_SESSION['nzshpcrt_cart']; } else { $cart = null; } echo nzshpcrt_shopping_basket_internals($cart, $quantity_limit); exit; } else { if (isset($_POST['ajax']) and $_POST['ajax'] == "true" && (isset($_POST['user']) and $_POST['user'] == "true") && $_POST['emptycart'] == "true") { $_SESSION['nzshpcrt_cart'] = array(); $cart = $_SESSION['nzshpcrt_cart']; //ales cart //echo nzshpcrt_shopping_basket_internals($cart); exit; } } /* fill product form */ if (isset($_POST['ajax']) and $_POST['ajax'] == "true" && $_POST['admin'] == "true" && isset($_POST['prodid']) && is_numeric($_POST['prodid'])) { if ($_POST['prodid'] == '000') { echo "<h3>Нет картинки с таким номером</h3>"; exit; } echo nzshpcrt_getproductform($_POST['prodid']); exit; } else { if (isset($_POST['ajax']) and $_POST['ajax'] == "true" && $_POST['admin'] == "true" && isset($_POST['catid']) && is_numeric($_POST['catid'])) { echo nzshpcrt_getcategoryform($_POST['catid']); exit; } else { if (isset($_POST['ajax']) and $_POST['ajax'] == "true" && $_POST['admin'] == "true" && is_numeric($_POST['brandid'])) { echo nzshpcrt_getbrandsform($_POST['brandid']); exit; } else { if (isset($_POST['ajax']) and $_POST['ajax'] == "true" && $_POST['admin'] == "true" && is_numeric($_POST['variation_id'])) { echo nzshpcrt_getvariationform($_POST['variation_id']); exit; } } } } /* rate item */ if (isset($_POST['ajax']) and $_POST['ajax'] == "true" && $_POST['rate_item'] == "true" && is_numeric($_POST['product_id']) && is_numeric($_POST['rating'])) { $nowtime = time(); $prodid = $_POST['product_id']; $ip_number = $_SERVER['REMOTE_ADDR']; $rating = $_POST['rating']; $cookie_data = explode(",", $_COOKIE['voting_cookie'][$prodid]); if (is_numeric($cookie_data[0]) && $cookie_data[0] > 0) { $vote_id = $cookie_data[0]; $wpdb->query("UPDATE `wp_product_rating` SET `rated` = '" . $rating . "' WHERE `id` ='" . $vote_id . "' LIMIT 1 ;"); } else { $insert_sql = "INSERT INTO `wp_product_rating` ( `id` , `ipnum` , `productid` , `rated`, `time`) VALUES ( '', '" . $ip_number . "', '" . $prodid . "', '" . $rating . "', '" . $nowtime . "');"; $wpdb->query($insert_sql); $data = $wpdb->get_results("SELECT `id`,`rated` FROM `wp_product_rating` WHERE `ipnum`='" . $ip_number . "' AND `productid` = '" . $prodid . "' AND `rated` = '" . $rating . "' AND `time` = '" . $nowtime . "' ORDER BY `id` DESC LIMIT 1", ARRAY_A); $vote_id = $data[0]['id']; setcookie("voting_cookie[{$prodid}]", $vote_id . "," . $rating, time() + 60 * 60 * 24 * 360); } $output[1] = $prodid; $output[2] = $rating; echo $output[1] . "," . $output[2]; exit; } if (isset($_POST['ajax']) and $_POST['ajax'] == "true" && $_POST['get_rating_count'] == "true" && is_numeric($_POST['product_id'])) { $prodid = $_POST['product_id']; $data = $wpdb->get_results("SELECT COUNT(*) AS `count` FROM `wp_product_rating` WHERE `productid` = '" . $prodid . "'", ARRAY_A); echo $data[0]['count'] . "," . $prodid; exit; } if (isset($_POST['ajax']) and $_POST['ajax'] == "true" && $_POST['remove_variation_value'] == "true" && is_numeric($_POST['variation_value_id'])) { if ($user_level >= 7) { $wpdb->query("DELETE FROM `wp_variation_values_associations` WHERE `value_id` = '" . $_POST['variation_value_id'] . "'"); $wpdb->query("DELETE FROM `wp_variation_values` WHERE `id` = '" . $_POST['variation_value_id'] . "' LIMIT 1"); exit; } } if (isset($_POST['ajax']) and $_POST['ajax'] == "true" && $_POST['list_variation_values'] == "true" && is_numeric($_POST['variation_id'])) { if ($user_level >= 7) { $variation_processor = new nzshpcrt_variations(); //product_variations_"+(parseInt(child_element_count)+1) echo "variation_value_id = \"" . $_POST['variation_id'] . "\";\n"; echo "variation_value_html = \"" . $variation_processor->display_variation_values($_POST['prefix'], $_POST['variation_id']) . "\";\n"; exit; } } if (isset($_POST['ajax']) and $_POST['ajax'] == "true" && $_POST['remove_form_field'] == "true" && is_numeric($_POST['form_id'])) { if ($user_level >= 7) { $wpdb->query("UPDATE `wp_collect_data_forms` SET `active` = '0' WHERE `id` ='" . $_POST['form_id'] . "' LIMIT 1 ;"); exit; } } if (isset($_POST['ajax']) and $_POST['ajax'] == "true" && $_POST['remove_form_field'] == "true" && is_numeric($_POST['form_id'])) { if ($user_level >= 7) { $wpdb->query("UPDATE `wp_collect_data_forms` SET `active` = '0' WHERE `id` ='" . $_POST['form_id'] . "' LIMIT 1 ;"); exit; } } if (isset($_POST['ajax']) and $_POST['ajax'] == "true" && $_POST['user'] == "true" && $_POST['drag_and_drop_cart'] == "true") { drag_and_drop_cart_contents(); exit; } if (isset($_POST['language_setting']) && ($_GET['page'] = 'wp-shopping-cart/options.php')) { if ($user_level >= 7) { update_option('language_setting', $_POST['language_setting']); } } if (isset($_POST['language_setting']) && ($_GET['page'] = 'wp-shopping-cart/options.php')) { if ($user_level >= 7) { update_option('language_setting', $_POST['language_setting']); } } if (isset($_GET['rss']) and $_GET['rss'] == "true" && $_GET['action'] == "product_list") { $sql = "SELECT id, name, description, image FROM `wp_product_list` WHERE active='1' and approved='1' and visible='1' Order by id DESC LIMIT 40"; $product_list = $wpdb->get_results($sql, ARRAY_A); header("Content-Type: application/xml; charset=utf-8"); header('Content-Disposition: inline; filename="cartoonbank.rss"'); $output = ''; $output .= "<?xml version='1.0'?>\n\r"; $output .= "<rss version='2.0'>\n\r"; $output .= "xmlns:content='http://purl.org/rss/1.0/modules/content/'\n\r"; $output .= "xmlns:wfw='http://wellformedweb.org/CommentAPI/'\n\r"; $output .= "xmlns:dc='http://purl.org/dc/elements/1.1/'\n\r"; $output .= "xmlns:atom='http://www.w3.org/2005/Atom'\n\r"; $output .= "xmlns:sy='http://purl.org/rss/1.0/modules/syndication/'\n\r"; $output .= "xmlns:slash='http://purl.org/rss/1.0/modules/slash/'\n\r"; $output .= "xmlns:georss='http://www.georss.org/georss' xmlns:geo='http://www.w3.org/2003/01/geo/wgs84_pos#' xmlns:media='http://search.yahoo.com/mrss/'>\n\r"; $output .= " <channel>\n\r"; $output .= " <title>Cartoonbank new images</title>\n\r"; $output .= " <link>" . SITEURL . "</link>\n\r"; $output .= " <description>This is the Russian Cartoon Bank RSS feed</description>\n\r"; $output .= " <generator>Cartoonbank.ru</generator>\n\r"; foreach ($product_list as $product) { $purchase_link = get_option('product_list_url') . "&cartoonid=" . stripslashes($product['id']); $output .= " <item>\n\r"; $output .= " <title>" . stripslashes($product['name']) . "</title>\n\r"; $output .= " <link>" . SITEURL . "?page_id=29&cartoonid=" . stripslashes($product['id']) . "</link>\n\r"; $output .= " <description>" . stripslashes($product['description']) . "<![CDATA[<a href='" . SITEURL . "?page_id=29&cartoonid=" . stripslashes($product['id']) . "'><br /><img title='" . stripslashes($product['name']) . "' src='http://sl.cartoonbank.ru/" . stripslashes($product['image']) . "' alt='" . stripslashes($product['name']) . "' /></a>]]></description>\n\r"; $output .= " <pubDate>" . date("r") . "</pubDate>\n\r"; $output .= " <guid>" . SITEURL . "?page_id=29&cartoonid=" . stripslashes($product['id']) . "</guid>\n\r"; $output .= ' '; $output .= " </item>\n\r"; } $output .= " </channel>\n\r"; $output .= "</rss>"; echo $output; exit; } if (isset($_GET['purchase_log_csv']) and $_GET['purchase_log_csv'] == "true" && $_GET['rss_key'] == 'key' && is_numeric($_GET['start_timestamp']) && is_numeric($_GET['end_timestamp'])) { $form_sql = "SELECT * FROM `wp_collect_data_forms` WHERE `active` = '1' AND `display_log` = '1';"; $form_data = $wpdb->get_results($form_sql, ARRAY_A); $start_timestamp = $_GET['start_timestamp']; $end_timestamp = $_GET['end_timestamp']; $data = $wpdb->get_results("SELECT * FROM `wp_purchase_logs` WHERE `date` BETWEEN '{$start_timestamp}' AND '{$end_timestamp}' ORDER BY `date` DESC", ARRAY_A); header('Content-Type: text/csv'); header('Content-Disposition: inline; filename="Purchase Log ' . date("M-d-Y", $start_timestamp) . ' to ' . date("M-d-Y", $end_timestamp) . '.csv"'); $output .= "\"" . TXT_WPSC_PRICE . "\","; foreach ($form_data as $form_field) { $output .= "\"" . $form_field['name'] . "\","; } if (get_option('payment_method') == 2) { $output .= "\"" . TXT_WPSC_PAYMENT_METHOD . "\","; } $output .= "\"" . TXT_WPSC_STATUS . "\","; $output .= "\"" . TXT_WPSC_DATE . "\"\n"; foreach ($data as $purchase) { $country_sql = "SELECT * FROM `wp_submited_form_data` WHERE `log_id` = '" . $purchase['id'] . "' AND `form_id` = '" . get_option('country_form_field') . "' LIMIT 1"; $country_data = ''; //$wpdb->get_results($country_sql,ARRAY_A); $country = $country_data[0]['value']; $output .= "\"" . nzshpcrt_find_total_price($purchase['id'], $country) . "\","; foreach ($form_data as $form_field) { $collected_data_sql = "SELECT * FROM `wp_submited_form_data` WHERE `log_id` = '" . $purchase['id'] . "' AND `form_id` = '" . $form_field['id'] . "' LIMIT 1"; $collected_data = $wpdb->get_results($collected_data_sql, ARRAY_A); $collected_data = $collected_data[0]; $output .= "\"" . $collected_data['value'] . "\","; } if (get_option('payment_method') == 2) { $gateway_name = ''; foreach ($GLOBALS['nzshpcrt_gateways'] as $gateway) { if ($purchase['gateway'] != 'testmode') { if ($gateway['internalname'] == $purchase['gateway']) { $gateway_name = $gateway['name']; } } else { $gateway_name = "Manual Payment"; } } $output .= "\"" . $gateway_name . "\","; } if ($purchase['processed'] < 1) { $purchase['processed'] = 1; } $stage_sql = "SELECT * FROM `wp_purchase_statuses` WHERE `id`='" . $purchase['processed'] . "' AND `active`='1' LIMIT 1"; $stage_data = $wpdb->get_results($stage_sql, ARRAY_A); $output .= "\"" . $stage_data[0]['name'] . "\","; $output .= "\"" . date("jS M Y", $purchase['date']) . "\"\n"; } echo $output; exit; } if (isset($_GET['remove']) and is_numeric($_GET['remove']) && $_SESSION['nzshpcrt_cart'] != null) { $key = $_GET['remove']; if (isset($_SESSION['nzshpcrt_cart'][$key]) && is_object($_SESSION['nzshpcrt_cart'][$key])) { $_SESSION['nzshpcrt_cart'][$key]->empty_item(); } unset($_SESSION['nzshpcrt_cart'][$key]); } if (isset($_GET['cart']) and $_GET['cart'] == 'empty') { $_SESSION['nzshpcrt_cart'] = ''; $_SESSION['nzshpcrt_cart'] = array(); } if (isset($_POST['quantity']) and is_numeric($_POST['quantity']) && is_numeric($_POST['key'])) { $quantity = $_POST['quantity']; $key = $_POST['key']; if (is_object($_SESSION['nzshpcrt_cart'][$key])) { if ($quantity > 0) { $_SESSION['nzshpcrt_cart'][$key]->quantity = $quantity; } else { $_SESSION['nzshpcrt_cart'][$key]->empty_item(); unset($_SESSION['nzshpcrt_cart'][$key]); } } } }
function wpsc_admin_ajax() { global $wpdb, $user_level, $wp_rewrite; get_currentuserinfo(); if (is_numeric($_POST['catid'])) { /* fill category form */ echo nzshpcrt_getcategoryform($_POST['catid']); exit; } else { if (is_numeric($_POST['brandid'])) { /* fill brand form */ echo nzshpcrt_getbrandsform($_POST['brandid']); exit; } else { if (is_numeric($_POST['variation_id'])) { echo nzshpcrt_getvariationform($_POST['variation_id']); exit; } } } if ($_POST['action'] == 'product-page-order') { $order = $_POST['order']; if (!isset($order[0])) { $order = $order['normal']; } else { $order = $order[0]; } $order = array_unique(explode(',', $order)); update_option('wpsc_product_page_order', $order); exit(print_r($order, 1)); } if ($_POST['save_image_upload_state'] == "true" && is_numeric($_POST['image_upload_state'])) { //get_option('wpsc_image_upload_state'); $upload_state = (int) (bool) $_POST['image_upload_state']; update_option('wpsc_use_flash_uploader', $upload_state); exit("done"); } if ($_POST['remove_variation_value'] == "true" && is_numeric($_POST['variation_value_id'])) { $wpdb->query("DELETE FROM `" . WPSC_TABLE_VARIATION_VALUES_ASSOC . "` WHERE `value_id` = '" . (int) $_POST['variation_value_id'] . "'"); $wpdb->query("DELETE FROM `" . WPSC_TABLE_VARIATION_VALUES . "` WHERE `id` = '" . (int) $_POST['variation_value_id'] . "' LIMIT 1"); exit; } if ($_POST['edit_variation_value_list'] == 'true' && is_numeric($_POST['variation_id']) && is_numeric($_POST['product_id'])) { $variation_id = (int) $_POST['variation_id']; $product_id = (int) $_POST['product_id']; $variations_processor = new nzshpcrt_variations(); $variation_values = $variations_processor->falsepost_variation_values($variation_id); if (is_array($variation_values)) { //echo(print_r($variation_values,true)); $check_variation_added = $wpdb->get_var("SELECT `id` FROM `" . WPSC_TABLE_VARIATION_ASSOC . "` WHERE `type` IN ('product') AND `associated_id` IN ('{$product_id}') AND `variation_id` IN ('{$variation_id}') LIMIT 1"); //exit("<pre>".print_r($variation_values,true)."<pre>"); if ($check_variation_added == null) { $variations_processor->add_to_existing_product($product_id, $variation_values); } echo $variations_processor->display_attached_variations($product_id); echo $variations_processor->variations_grid_view($product_id); } else { echo "false"; } exit; } if ($_POST['remove_form_field'] == "true" && is_numeric($_POST['form_id'])) { //exit(print_r($user,true)); if (current_user_can('level_7')) { $wpdb->query($wpdb->prepare("UPDATE `" . WPSC_TABLE_CHECKOUT_FORMS . "` SET `active` = '0' WHERE `id` = %d LIMIT 1 ;", $_POST['form_id'])); exit(' '); } } if ($_POST['hide_ecom_dashboard'] == 'true') { require_once ABSPATH . WPINC . '/rss.php'; $rss = fetch_rss('http://www.instinct.co.nz/feed/'); $rss->items = array_slice($rss->items, 0, 5); $rss_hash = sha1(serialize($rss->items)); update_option('wpsc_ecom_news_hash', $rss_hash); exit(1); } if ($_POST['remove_meta'] == 'true' && is_numeric($_POST['meta_id'])) { $meta_id = (int) $_POST['meta_id']; $selected_meta = $wpdb->get_row("SELECT * FROM `" . WPSC_TABLE_PRODUCTMETA . "` WHERE `id` IN('{$meta_id}') ", ARRAY_A); if ($selected_meta != null) { if ($wpdb->query("DELETE FROM `" . WPSC_TABLE_PRODUCTMETA . "` WHERE `id` IN('{$meta_id}') LIMIT 1")) { echo $meta_id; exit; } } echo 0; exit; } if ($_REQUEST['log_state'] == "true" && is_numeric($_POST['id']) && is_numeric($_POST['value'])) { $newvalue = $_POST['value']; if ($_REQUEST['suspend'] == 'true') { if ($_REQUEST['value'] == 1) { wpsc_member_dedeactivate_subscriptions($_POST['id']); } else { wpsc_member_deactivate_subscriptions($_POST['id']); } exit; } else { $log_data = $wpdb->get_row("SELECT * FROM `" . WPSC_TABLE_PURCHASE_LOGS . "` WHERE `id` = '" . $_POST['id'] . "' LIMIT 1", ARRAY_A); if ($newvalue == 2 && function_exists('wpsc_member_activate_subscriptions')) { wpsc_member_activate_subscriptions($_POST['id']); } $update_sql = "UPDATE `" . WPSC_TABLE_PURCHASE_LOGS . "` SET `processed` = '" . $newvalue . "' WHERE `id` = '" . $_POST['id'] . "' LIMIT 1"; $wpdb->query($update_sql); //echo("/*"); if ($newvalue > $log_data['processed'] && $log_data['processed'] < 2) { transaction_results($log_data['sessionid'], false); } //echo("*/"); $stage_sql = "SELECT * FROM `" . WPSC_TABLE_PURCHASE_STATUSES . "` WHERE `id`='" . $newvalue . "' AND `active`='1' LIMIT 1"; $stage_data = $wpdb->get_row($stage_sql, ARRAY_A); echo "document.getElementById(\"form_group_" . $_POST['id'] . "_text\").innerHTML = '" . $stage_data['name'] . "';\n"; echo "document.getElementById(\"form_group_" . $_POST['id'] . "_text\").style.color = '#" . $stage_data['colour'] . "';\n"; $year = date("Y"); $month = date("m"); $start_timestamp = mktime(0, 0, 0, $month, 1, $year); $end_timestamp = mktime(0, 0, 0, $month + 1, 0, $year); echo "document.getElementById(\"log_total_month\").innerHTML = '" . addslashes(nzshpcrt_currency_display(admin_display_total_price($start_timestamp, $end_timestamp), 1)) . "';\n"; echo "document.getElementById(\"log_total_absolute\").innerHTML = '" . addslashes(nzshpcrt_currency_display(admin_display_total_price(), 1)) . "';\n"; exit; } } if ($_POST['list_variation_values'] == "true") { // retrieve the forms for associating variations and their values with products $variation_processor = new nzshpcrt_variations(); $variations_selected = array(); foreach ((array) $_POST['variations'] as $variation_id => $checked) { $variations_selected[] = (int) $variation_id; } if (is_numeric($_POST['product_id']) && $_POST['product_id'] > 0) { $product_id = absint($_POST['product_id']); $selected_price = (double) $_POST['selected_price']; // variation values housekeeping $completed_variation_values = $variation_processor->edit_product_values($product_id, $_POST['edit_var_val'], $selected_price); // get all the currently associated variations from the database $associated_variations = $wpdb->get_results("SELECT * FROM `" . WPSC_TABLE_VARIATION_ASSOC . "` WHERE `type` IN ('product') AND `associated_id` IN ('{$product_id}')", ARRAY_A); $variations_still_associated = array(); foreach ((array) $associated_variations as $associated_variation) { // remove variations not checked that are in the database if (array_search($associated_variation['variation_id'], $variations_selected) === false) { $wpdb->query("DELETE FROM `" . WPSC_TABLE_VARIATION_ASSOC . "` WHERE `id` = '{$associated_variation['id']}' LIMIT 1"); $wpdb->query("DELETE FROM `" . WPSC_TABLE_VARIATION_VALUES_ASSOC . "` WHERE `product_id` = '{$product_id}' AND `variation_id` = '{$associated_variation['variation_id']}' "); } else { // make an array for adding in the variations next step, for efficiency $variations_still_associated[] = $associated_variation['variation_id']; } } foreach ((array) $variations_selected as $variation_id) { // add variations not already in the database that have been checked. $variation_values = $variation_processor->falsepost_variation_values($variation_id); if (array_search($variation_id, $variations_still_associated) === false) { $variation_processor->add_to_existing_product($product_id, $variation_values); } } //echo "/* ".print_r($variation_values,true)." */\n\r"; echo "edit_variation_combinations_html = \"" . str_replace(array("\n", "\r"), array('\\n', '\\r'), addslashes($variation_processor->variations_grid_view($product_id, (array) $completed_variation_values))) . "\";\n"; } else { if (count($variations_selected) > 0) { // takes an array of variations, returns a form for adding data to those variations. if ((double) $_POST['selected_price'] > 0) { $selected_price = (double) $_POST['selected_price']; } $limited_stock = false; if ($_POST['limited_stock'] == 'true') { $limited_stock = true; } $selected_variation_values = array(); foreach ($_POST['edit_var_val'] as $variation_value_array) { //echo "/* ".print_r($variation_value_array,true)." */\n\r"; $selected_variation_values = array_merge(array_keys($variation_value_array), $selected_variation_values); } ////echo "/* ".print_r($selected_variation_values,true)." */\n\r"; echo "edit_variation_combinations_html = \"" . __('Edit Variation Set', 'wpsc') . "<br />" . str_replace(array("\n", "\r"), array('\\n', '\\r'), addslashes($variation_processor->variations_grid_view(0, (array) $variations_selected, (array) $selected_variation_values, $selected_price, $limited_stock))) . "\";\n"; } else { echo "edit_variation_combinations_html = \"\";\n"; } } exit; } if (isset($_POST['language_setting']) && ($_GET['page'] = WPSC_DIR_NAME . '/wpsc-admin/display-options.page.php')) { if ($user_level >= 7) { update_option('language_setting', $_POST['language_setting']); } } }
function nzshpcrt_submit_ajax() { global $wpdb, $user_level, $wp_rewrite; get_currentuserinfo(); if (get_option('permalink_structure') != '') { $seperator = "?"; } else { $seperator = "&"; } $cartt = $_SESSION['nzshpcrt_cart']; $cartt1 = $cartt[0]->product_id; // if is an AJAX request, cruddy code, could be done better but getting approval would be impossible if ($_POST['ajax'] == "true" || $_GET['ajax'] == "true") { if ($_POST['changetax'] == "true") { if (isset($_POST['billing_region'])) { $billing_region = $_POST['billing_region']; } else { $billing_region = $_SESSION['selected_region']; } $billing_country = $_POST['billing_country']; foreach ($cartt as $cart_item) { $product_id = $cart_item->product_id; $quantity = $cart_item->quantity; //echo("<pre>".print_r($cart_item->product_variations,true)."</pre>"); $product = $wpdb->get_row("SELECT * FROM `" . $wpdb->prefix . "product_list` WHERE `id` = '{$product_id}' LIMIT 1", ARRAY_A); if ($product['donation'] == 1) { $price = $quantity * $cart_item->donation_price; } else { $price = $quantity * calculate_product_price($product_id, $cart_item->product_variations); if ($product['notax'] != 1) { $tax += nzshpcrt_calculate_tax($price, $billing_country, $billing_region) - $price; } $all_donations = false; } if ($_SESSION['delivery_country'] != null) { $total_shipping += nzshpcrt_determine_item_shipping($product['id'], $quantity, $_SESSION['delivery_country']); } } echo $tax . ":" . $price . ":" . $total_shipping; exit; } if ($_POST['submittogoogle']) { $newvalue = $_POST['value']; $amount = $_POST['amount']; $reason = $_POST['reason']; $comment = $_POST['comment']; $message = $_POST['message']; $amount = number_format($amount, 2, '.', ''); $log_data = $wpdb->get_row("SELECT * FROM `" . $wpdb->prefix . "purchase_logs` WHERE `id` = '" . $_POST['id'] . "' LIMIT 1", ARRAY_A); if ($newvalue == 2 && function_exists('wpsc_member_activate_subscriptions')) { wpsc_member_activate_subscriptions($_POST['id']); } $google_status = unserialize($log_data['google_status']); switch ($newvalue) { case "Charge": if ($google_status[0] != 'CANCELLED_BY_GOOGLE') { if ($amount == '') { $google_status['0'] = 'Partially Charged'; } else { $google_status['0'] = 'CHARGED'; $google_status['partial_charge_amount'] = $amount; } } break; case "Cancel": if ($google_status[0] != 'CANCELLED_BY_GOOGLE') { $google_status[0] = 'CANCELLED'; } if ($google_status[1] != 'DELIVERED') { $google_status[1] = 'WILL_NOT_DELIVER'; } break; case "Refund": if ($amount == '') { $google_status['0'] = 'Partially Refund'; } else { $google_status['0'] = 'REFUND'; $google_status['partial_refund_amount'] = $amount; } break; case "Ship": if ($google_status[1] != 'WILL_NOT_DELIVER') { $google_status[1] = 'DELIVERED'; } break; case "Archive": $google_status[1] = 'ARCHIVED'; break; } $google_status_sql = "UPDATE `" . $wpdb->prefix . "purchase_logs` SET google_status='" . serialize($google_status) . "' WHERE `id` = '" . $_POST['id'] . "' LIMIT 1"; $wpdb->query($google_status_sql); $merchant_id = get_option('google_id'); $merchant_key = get_option('google_key'); $server_type = get_option('google_server_type'); $currency = get_option('google_cur'); $Grequest = new GoogleRequest($merchant_id, $merchant_key, $server_type, $currency); $google_order_number = $wpdb->get_var("SELECT google_order_number FROM `" . $wpdb->prefix . "purchase_logs` WHERE `id` = '" . $_POST['id'] . "' LIMIT 1"); switch ($newvalue) { case 'Charge': $Grequest->SendChargeOrder($google_order_number, $amount); break; case 'Ship': $Grequest->SendDeliverOrder($google_order_number); break; case 'Archive': $Grequest->SendArchiveOrder($google_order_number); break; case 'Refund': $Grequest->SendRefundOrder($google_order_number, $amount, $reason); break; case 'Cancel': $Grequest->SendCancelOrder($google_order_number, $reason, $comment); break; case 'Send Message': $Grequest->SendBuyerMessage($google_order_number, $message); break; } $newvalue++; $update_sql = "UPDATE `" . $wpdb->prefix . "purchase_logs` SET `processed` = '" . $newvalue . "' WHERE `id` = '" . $_POST['id'] . "' LIMIT 1"; //$wpdb->query($update_sql); exit; } ////changes for usps if ($_POST['uspsswitch']) { foreach ($_SESSION['uspsQuote'] as $quotes) { $total = $_POST['total']; if ($quotes[$_POST['key']] != '') { echo nzshpcrt_currency_display($total + $quotes[$_POST['key']], 1); echo "<input type='hidden' value='" . $total . "' id='shopping_cart_total_price'>"; $_SESSION['usps_shipping'] = $quotes[$_POST['key']]; } } exit; } //changes for usps ends if ($_GET['user'] == "true" && is_numeric($_POST['prodid'])) { $memberstatus = get_product_meta($_POST['prodid'], 'is_membership', true); if ($memberstatus[0] == '1' && $_SESSION['nzshopcrt_cart'] != NULL) { } else { $sql = "SELECT * FROM `" . $wpdb->prefix . "product_list` WHERE `id`='" . $_POST['prodid'] . "' LIMIT 1"; $item_data = $wpdb->get_results($sql, ARRAY_A); $item_quantity = 0; if ($_SESSION['nzshpcrt_cart'] != null) { foreach ($_SESSION['nzshpcrt_cart'] as $cart_key => $cart_item) { if ($memberstatus[0] != '1' && $_SESSION['nzshpcrt_cart'] != NULL) { if ($cart_item->product_id == $_POST['prodid']) { if ($_SESSION['nzshpcrt_cart'][$cart_key]->product_variations === $_POST['variation'] && $_SESSION['nzshpcrt_cart'][$cart_key]->extras === $_POST['extras']) { $item_quantity += $_SESSION['nzshpcrt_cart'][$cart_key]->quantity; $item_variations = $_SESSION['nzshpcrt_cart'][$cart_key]->product_variations; } } } } } $item_stock = null; $variation_count = count($_POST['variation']); if ($variation_count >= 1 && $variation_count <= 2) { foreach ($_POST['variation'] as $variation_id) { if (is_numeric($variation_id)) { $variation_ids[] = (int) $variation_id; } } if (count($variation_ids) == 2) { $variation_stock_data = $wpdb->get_row("SELECT * FROM `" . $wpdb->prefix . "variation_priceandstock` WHERE `product_id` = '" . $_POST['prodid'] . "' AND (`variation_id_1` = '" . $variation_ids[0] . "' AND `variation_id_2` = '" . $variation_ids[1] . "') OR (`variation_id_1` = '" . $variation_ids[1] . "' AND `variation_id_2` = '" . $variation_ids[0] . "') LIMIT 1", ARRAY_A); $item_stock = $variation_stock_data['stock']; } else { if (count($variation_ids) == 1) { $variation_stock_data = $wpdb->get_row("SELECT * FROM `" . $wpdb->prefix . "variation_priceandstock` WHERE `product_id` = '" . $_POST['prodid'] . "' AND (`variation_id_1` = '" . $variation_ids[0] . "' AND `variation_id_2` = '0') LIMIT 1", ARRAY_A); $item_stock = $variation_stock_data['stock']; } } } if ($item_stock === null) { $item_stock = $item_data[0]['quantity']; } if ($item_data[0]['quantity_limited'] == 1 && $item_stock > 0 && $item_stock > $item_quantity || $item_data[0]['quantity_limited'] == 0) { $cartcount = count($_SESSION['nzshpcrt_cart']); if (is_array($_POST['variation'])) { $variations = $_POST['variation']; } else { $variations = null; } if (is_array($_POST['extras'])) { $extras = $_POST['extras']; } else { $extras = null; } $updated_quantity = false; if ($_SESSION['nzshpcrt_cart'] != null) { foreach ($_SESSION['nzshpcrt_cart'] as $cart_key => $cart_item) { if (!($memberstatus[0] == '1') && count($_SESSION['nzshpcrt_cart']) > 0) { if ((int) $cart_item->product_id === (int) $_POST['prodid']) { // force both to integer before testing for identicality if ($_SESSION['nzshpcrt_cart'][$cart_key]->extras === $extras && $_SESSION['nzshpcrt_cart'][$cart_key]->product_variations === $variations && (int) $_SESSION['nzshpcrt_cart'][$cart_key]->donation_price == (int) $_POST['donation_price']) { if (is_numeric($_POST['quantity'])) { $_SESSION['nzshpcrt_cart'][$cart_key]->quantity += (int) $_POST['quantity']; } else { $_SESSION['nzshpcrt_cart'][$cart_key]->quantity++; } $updated_quantity = true; } } } } } if ($item_data[0]['donation'] == 1) { $donation = $_POST['donation_price']; } else { $donation = false; } if (!($memberstatus[0] == '1' && count($_SESSION['nzshpcrt_cart']) > 0)) { $status = get_product_meta($cartt1, 'is_membership', true); if ($status[0] == '1') { exit; } if ($updated_quantity === false) { if (is_numeric($_POST['quantity'])) { if ($_POST['quantity'] > 0) { $new_cart_item = new cart_item($_POST['prodid'], $variations, $_POST['quantity'], $donation, $extras); } } else { //echo "correct"; $new_cart_item = new cart_item($_POST['prodid'], $variations, 1, $donation, $extras); } $_SESSION['nzshpcrt_cart'][] = $new_cart_item; } } } else { $quantity_limit = true; } $cart = $_SESSION['nzshpcrt_cart']; if ($memberstatus[0] == '1' && count($cart) > 1) { } else { $status = get_product_meta($cartt1, 'is_membership', true); if ($status[0] == '1') { exit('st'); } echo "if(document.getElementById('shoppingcartcontents') != null)\n\t\t\t\t\t {\n\t\t\t\t\t document.getElementById('shoppingcartcontents').innerHTML = \"" . str_replace(array("\n", "\r"), "", addslashes(nzshpcrt_shopping_basket_internals($cart, $quantity_limit))) . "\";\n\t\t\t\t\t }\n\t\t\t\t\t"; if ($_POST['prodid'] != null && get_option('fancy_notifications') == 1) { echo "if(document.getElementById('fancy_notification_content') != null)\n\t\t\t\t\t {\n\t\t\t\t\t document.getElementById('fancy_notification_content').innerHTML = \"" . str_replace(array("\n", "\r"), "", addslashes(fancy_notification_content($_POST['prodid'], $quantity_limit))) . "\";\n\t\t\t\t\t jQuery('#loading_animation').css('display', 'none');\n\t\t\t\t\t jQuery('#fancy_notification_content').css('display', 'block'); \n\t\t\t\t\t }\n\t\t\t\t\t"; } if ($_SESSION['slider_state'] == 0) { echo 'jQuery("#sliding_cart").css({ display: "none"});' . "\n\r"; } else { echo 'jQuery("#sliding_cart").css({ display: "block"});' . "\n\r"; } } } exit; } else { if ($_POST['user'] == "true" && $_POST['emptycart'] == "true") { //exit("/* \n\r ".get_option('shopping_cart_url')." \n\r ".print_r($_POST,true)." \n\r */"); $_SESSION['nzshpcrt_cart'] = ''; $_SESSION['nzshpcrt_cart'] = array(); echo "if(document.getElementById('shoppingcartcontents') != null) { \n\t\t\tdocument.getElementById('shoppingcartcontents').innerHTML = \"" . str_replace(array("\n", "\r"), "", addslashes(nzshpcrt_shopping_basket_internals($cart))) . "\";\n\t\t\t}\n\r"; if ($_POST['current_page'] == get_option('shopping_cart_url')) { echo "window.location = '" . get_option('shopping_cart_url') . "';\n\r"; // if we are on the checkout page, redirect back to it to clear the non-ajax cart too } exit; } } if ($_POST['store_list'] == "true") { $map_data['address'] = $_POST['addr']; $map_data['city'] = $_POST['city']; $map_data['country'] = 'US'; $map_data['zipcode'] = ''; $map_data['radius'] = '50000'; $map_data['state'] = ''; $map_data['submit'] = 'Find Store'; $stores = getdistance($map_data); $i = 0; while ($rows = mysql_fetch_array($stores)) { //echo "<pre>".print_r($rows,1)."</pre>"; if ($i == 0) { $closest_store = $rows[5]; } $i++; $store_list[$i] = $rows[5]; } foreach ($store_list as $store) { $output .= "<option value='{$store}'>{$store}</option>"; } echo $output; exit; } if ($_POST['admin'] == "true") { if (is_numeric($_POST['prodid'])) { /* fill product form */ echo nzshpcrt_getproductform($_POST['prodid']); exit; } else { if (is_numeric($_POST['catid'])) { /* fill category form */ echo nzshpcrt_getcategoryform($_POST['catid']); exit; } else { if (is_numeric($_POST['brandid'])) { /* fill brand form */ echo nzshpcrt_getbrandsform($_POST['brandid']); exit; } else { if (is_numeric($_POST['variation_id'])) { echo nzshpcrt_getvariationform($_POST['variation_id']); exit; } } } } if ($_POST['hide_ecom_dashboard'] == 'true') { require_once ABSPATH . WPINC . '/rss.php'; $rss = fetch_rss('http://www.instinct.co.nz/feed/'); $rss->items = array_slice($rss->items, 0, 5); $rss_hash = sha1(serialize($rss->items)); update_option('wpsc_ecom_news_hash', $rss_hash); exit(1); } if ($_POST['remove_meta'] == 'true' && is_numeric($_POST['meta_id'])) { $meta_id = (int) $_POST['meta_id']; $selected_meta = $wpdb->get_row("SELECT * FROM `{$wpdb->prefix}wpsc_productmeta` WHERE `id` IN('{$meta_id}') ", ARRAY_A); if ($selected_meta != null) { if ($wpdb->query("DELETE FROM `{$wpdb->prefix}wpsc_productmeta` WHERE `id` IN('{$meta_id}') LIMIT 1")) { echo $meta_id; exit; } } echo 0; exit; } exit; } if (is_numeric($_POST['currencyid'])) { $currency_data = $wpdb->get_results("SELECT `symbol`,`symbol_html`,`code` FROM `" . $wpdb->prefix . "currency_list` WHERE `id`='" . $_POST['currencyid'] . "' LIMIT 1", ARRAY_A); $price_out = null; if ($currency_data[0]['symbol'] != '') { $currency_sign = $currency_data[0]['symbol_html']; } else { $currency_sign = $currency_data[0]['code']; } echo $currency_sign; exit; } //echo "--==->"; if ($_POST['buynow'] == "true") { $id = $_REQUEST['product_id']; $price = $_REQUEST['price']; $downloads = get_option('max_downloads'); $product_sql = "SELECT * FROM " . $wpdb->prefix . "product_list WHERE id = " . $id . " LIMIT 1"; $product_info = $wpdb->get_results($product_sql, ARRAY_A); $product_info = $product_info[0]; $sessionid = mt_rand(100, 999) . time(); $sql = "INSERT INTO `" . $wpdb->prefix . "purchase_logs` ( `totalprice` , `sessionid` , `date`, `billing_country`, `shipping_country`,`shipping_region`, `user_ID`, `discount_value` ) VALUES ( '" . $price . "', '" . $sessionid . "', '" . time() . "', 'BuyNow', 'BuyNow', 'BuyNow' , NULL , 0)"; $wpdb->query($sql); $log_id = $wpdb->get_var("SELECT `id` FROM `" . $wpdb->prefix . "purchase_logs` WHERE `sessionid` IN('" . $sessionid . "') LIMIT 1"); $cartsql = "INSERT INTO `" . $wpdb->prefix . "cart_contents` ( `prodid` , `purchaseid`, `price`, `pnp`, `gst`, `quantity`, `donation`, `no_shipping` ) VALUES ('" . $id . "', '" . $log_id . "','" . $price . "','0', '0','1', '" . $donation . "', '1')"; $wpdb->query($cartsql); $wpdb->query("INSERT INTO `" . $wpdb->prefix . "download_status` ( `fileid` , `purchid` , `downloads` , `active` , `datetime` ) VALUES ( '" . $product_info['file'] . "', '" . $log_id . "', '{$downloads}', '0', NOW( ));"); exit; } if ($_POST['changeorder'] == "true" && is_numeric($_POST['category_id'])) { $category_id = (int) $_POST['category_id']; $hash = $_POST['sort1']; $order = 1; foreach ($hash as $id) { $wpdb->query("UPDATE `" . $wpdb->prefix . "product_order` SET `order`={$order} WHERE `product_id`=" . (int) $id . " AND `category_id`=" . (int) $category_id . " LIMIT 1"); $order++; } exit(" "); } /* rate item */ if ($_POST['rate_item'] == "true" && is_numeric($_POST['product_id']) && is_numeric($_POST['rating'])) { $nowtime = time(); $prodid = $_POST['product_id']; $ip_number = $_SERVER['REMOTE_ADDR']; $rating = $_POST['rating']; $cookie_data = explode(",", $_COOKIE['voting_cookie'][$prodid]); if (is_numeric($cookie_data[0]) && $cookie_data[0] > 0) { $vote_id = $cookie_data[0]; $wpdb->query("UPDATE `" . $wpdb->prefix . "product_rating` SET `rated` = '" . $rating . "' WHERE `id` ='" . $vote_id . "' LIMIT 1 ;"); } else { $insert_sql = "INSERT INTO `" . $wpdb->prefix . "product_rating` ( `ipnum` , `productid` , `rated`, `time`) VALUES ( '" . $ip_number . "', '" . $prodid . "', '" . $rating . "', '" . $nowtime . "');"; $wpdb->query($insert_sql); $data = $wpdb->get_results("SELECT `id`,`rated` FROM `" . $wpdb->prefix . "product_rating` WHERE `ipnum`='" . $ip_number . "' AND `productid` = '" . $prodid . "' AND `rated` = '" . $rating . "' AND `time` = '" . $nowtime . "' ORDER BY `id` DESC LIMIT 1", ARRAY_A); $vote_id = $data[0]['id']; setcookie("voting_cookie[{$prodid}]", $vote_id . "," . $rating, time() + 60 * 60 * 24 * 360); } $output[1] = $prodid; $output[2] = $rating; echo $output[1] . "," . $output[2]; exit; } //written by allen if ($_REQUEST['save_tracking_id'] == "true") { $id = $_POST['id']; $value = $_POST['value']; $update_sql = "UPDATE " . $wpdb->prefix . "purchase_logs SET track_id = '" . $value . "' WHERE id={$id}"; $wpdb->query($update_sql); exit; } if ($_POST['get_rating_count'] == "true" && is_numeric($_POST['product_id'])) { $prodid = $_POST['product_id']; $data = $wpdb->get_results("SELECT COUNT(*) AS `count` FROM `" . $wpdb->prefix . "product_rating` WHERE `productid` = '" . $prodid . "'", ARRAY_A); echo $data[0]['count'] . "," . $prodid; exit; } /// Pointless AJAX call is pointless // if(isset($_POST['changeperpage'])) { // $item_per_page = $_POST['changeperpage']; // echo $item_per_page; // exit(); // } if ($_POST['remove_variation_value'] == "true" && is_numeric($_POST['variation_value_id'])) { $wpdb->query("DELETE FROM `" . $wpdb->prefix . "variation_values_associations` WHERE `value_id` = '" . $_POST['variation_value_id'] . "'"); $wpdb->query("DELETE FROM `" . $wpdb->prefix . "variation_values` WHERE `id` = '" . $_POST['variation_value_id'] . "' LIMIT 1"); exit; } if ($_POST['get_updated_price'] == "true" && is_numeric($_POST['product_id'])) { $notax = $wpdb->get_var("SELECT `notax` FROM `" . $wpdb->prefix . "product_list` WHERE `id` IN('" . $_POST['product_id'] . "') LIMIT 1"); foreach ((array) $_POST['variation'] as $variation) { if (is_numeric($variation)) { $variations[] = $variation; } } foreach ((array) $_POST['extra'] as $extra) { if (is_numeric($extra)) { $extras[] = $extra; } } $pm = $_POST['pm']; echo "product_id=" . $_POST['product_id'] . ";\n"; echo "price=\"" . nzshpcrt_currency_display(calculate_product_price($_POST['product_id'], $variations, 'stay', $extras), $notax) . "\";\n"; //exit(print_r($extras,1)); exit; } if ($_REQUEST['log_state'] == "true" && is_numeric($_POST['id']) && is_numeric($_POST['value'])) { $newvalue = $_POST['value']; if ($_REQUEST['suspend'] == 'true') { if ($_REQUEST['value'] == 1) { wpsc_member_dedeactivate_subscriptions($_POST['id']); } else { wpsc_member_deactivate_subscriptions($_POST['id']); } exit; } else { $log_data = $wpdb->get_row("SELECT * FROM `" . $wpdb->prefix . "purchase_logs` WHERE `id` = '" . $_POST['id'] . "' LIMIT 1", ARRAY_A); if ($newvalue == 2 && function_exists('wpsc_member_activate_subscriptions')) { wpsc_member_activate_subscriptions($_POST['id']); } $update_sql = "UPDATE `" . $wpdb->prefix . "purchase_logs` SET `processed` = '" . $newvalue . "' WHERE `id` = '" . $_POST['id'] . "' LIMIT 1"; $wpdb->query($update_sql); //echo("/*"); if ($newvalue > $log_data['processed'] && $log_data['processed'] < 2) { transaction_results($log_data['sessionid'], false); } //echo("*/"); $stage_sql = "SELECT * FROM `" . $wpdb->prefix . "purchase_statuses` WHERE `id`='" . $newvalue . "' AND `active`='1' LIMIT 1"; $stage_data = $wpdb->get_row($stage_sql, ARRAY_A); echo "document.getElementById(\"form_group_" . $_POST['id'] . "_text\").innerHTML = '" . $stage_data['name'] . "';\n"; echo "document.getElementById(\"form_group_" . $_POST['id'] . "_text\").style.color = '#" . $stage_data['colour'] . "';\n"; $year = date("Y"); $month = date("m"); $start_timestamp = mktime(0, 0, 0, $month, 1, $year); $end_timestamp = mktime(0, 0, 0, $month + 1, 0, $year); echo "document.getElementById(\"log_total_month\").innerHTML = '" . addslashes(nzshpcrt_currency_display(admin_display_total_price($start_timestamp, $end_timestamp), 1)) . "';\n"; echo "document.getElementById(\"log_total_absolute\").innerHTML = '" . addslashes(nzshpcrt_currency_display(admin_display_total_price(), 1)) . "';\n"; exit; } } if ($_POST['list_variation_values'] == "true" && is_numeric($_POST['new_variation_id'])) { $variation_processor = new nzshpcrt_variations(); echo "variation_value_id = \"" . $_POST['new_variation_id'] . "\";\n"; echo "variation_value_html = \"" . $variation_processor->display_variation_values($_POST['prefix'], $_POST['new_variation_id']) . "\";\n"; $variations_selected = array_values(array_unique(array_merge((array) $_POST['new_variation_id'], (array) $_POST['variation_id']))); echo "variation_subvalue_html = \"" . str_replace("\n\r", '\\n\\r', $variation_processor->variations_add_grid_view((array) $variations_selected)) . "\";\n"; //echo "/*\n\r".print_r(array_values(array_unique(array_merge((array)$_POST['new_variation_id'], $_POST['variation_id']))),true)."\n\r*/"; exit; } if ($_POST['redisplay_variation_values'] == "true") { $variation_processor = new nzshpcrt_variations(); $variations_selected = array_values(array_unique(array_merge((array) $_POST['new_variation_id'], (array) $_POST['variation_id']))); foreach ($variations_selected as $variation_id) { // cast everything to integer to make sure nothing nasty gets in. $variation_list[] = (int) $variation_id; } echo $variation_processor->variations_add_grid_view((array) $variation_list); //echo "/*\n\r".print_r(array_values(array_unique($_POST['variation_id'])),true)."\n\r*/"; exit; } if ($_POST['edit_variation_value_list'] == 'true' && is_numeric($_POST['variation_id']) && is_numeric($_POST['product_id'])) { $variation_id = (int) $_POST['variation_id']; $product_id = (int) $_POST['product_id']; $variations_processor = new nzshpcrt_variations(); $variation_values = $variations_processor->falsepost_variation_values($variation_id); if (is_array($variation_values)) { //echo(print_r($variation_values,true)); $check_variation_added = $wpdb->get_var("SELECT `id` FROM `" . $wpdb->prefix . "variation_associations` WHERE `type` IN ('product') AND `associated_id` IN ('{$product_id}') AND `variation_id` IN ('{$variation_id}') LIMIT 1"); if ($check_variation_added == null) { $variations_processor->add_to_existing_product($product_id, $variation_values); } echo $variations_processor->display_attached_variations($product_id); echo $variations_processor->variations_grid_view($product_id); } else { echo "false"; } exit; } if ($_POST['remove_form_field'] == "true" && is_numeric($_POST['form_id'])) { //exit(print_r($user,true)); if (current_user_can('level_7')) { $wpdb->query("UPDATE `" . $wpdb->prefix . "collect_data_forms` SET `active` = '0' WHERE `id` ='" . $_POST['form_id'] . "' LIMIT 1 ;"); exit(' '); } } /* * function for handling the checkout billing address */ if (preg_match("/[a-zA-Z]{2,4}/", $_POST['billing_country'])) { if ($_SESSION['selected_country'] == $_POST['billing_country']) { $do_not_refresh_regions = true; } else { $do_not_refresh_regions = false; $_SESSION['selected_country'] = $_POST['billing_country']; } if (is_numeric($_POST['form_id'])) { $form_id = $_POST['form_id']; $html_form_id = "region_country_form_{$form_id}"; } else { $html_form_id = 'region_country_form'; } if (is_numeric($_POST['billing_region'])) { $_SESSION['selected_region'] = $_POST['billing_region']; } $cart =& $_SESSION['nzshpcrt_cart']; if ($memberstatus[0] == '1' && count($cart) > 0) { echo "\n\t\t\t"; } else { if ($status[0] == '1') { exit; } echo "if(document.getElementById('shoppingcartcontents') != null)\n\t\t\t\t\t {\n\t\t\t\t\t document.getElementById('shoppingcartcontents').innerHTML = \"" . str_replace(array("\n", "\r"), "", addslashes(nzshpcrt_shopping_basket_internals($cart, $quantity_limit))) . "\";\n\t\t\t\t\t }\n\t\t\t\t\t"; if ($do_not_refresh_regions == false) { $region_list = $wpdb->get_results("SELECT `" . $wpdb->prefix . "region_tax`.* FROM `" . $wpdb->prefix . "region_tax`, `" . $wpdb->prefix . "currency_list` WHERE `" . $wpdb->prefix . "currency_list`.`isocode` IN('" . $_POST['billing_country'] . "') AND `" . $wpdb->prefix . "currency_list`.`id` = `" . $wpdb->prefix . "region_tax`.`country_id`", ARRAY_A); if ($region_list != null) { $output .= "<select name='collected_data[" . $form_id . "][1]' class='current_region' onchange='set_billing_country(\\\"{$html_form_id}\\\", \\\"{$form_id}\\\");'>"; //$output .= "<option value=''>None</option>"; foreach ($region_list as $region) { if ($_SESSION['selected_region'] == $region['id']) { $selected = "selected='true'"; } else { $selected = ""; } $output .= "<option value='" . $region['id'] . "' {$selected}>" . $region['name'] . "</option>"; } $output .= "</select>"; echo "if(document.getElementById('region_select_{$form_id}') != null)\n\t\t {\n\t\t document.getElementById('region_select_{$form_id}').innerHTML = \"" . $output . "\";\n\t\t }\n\t\t"; } else { echo "if(document.getElementById('region_select_{$form_id}') != null)\n\t\t {\n\t\t document.getElementById('region_select_{$form_id}').innerHTML = \"\";\n\t\t }\n\t\t"; } } } exit; } if ($_POST['get_country_tax'] == "true" && preg_match("/[a-zA-Z]{2,4}/", $_POST['country_id'])) { $country_id = $_POST['country_id']; $region_list = $wpdb->get_results("SELECT `" . $wpdb->prefix . "region_tax`.* FROM `" . $wpdb->prefix . "region_tax`, `" . $wpdb->prefix . "currency_list` WHERE `" . $wpdb->prefix . "currency_list`.`isocode` IN('" . $country_id . "') AND `" . $wpdb->prefix . "currency_list`.`id` = `" . $wpdb->prefix . "region_tax`.`country_id`", ARRAY_A); if ($region_list != null) { echo "<select name='base_region'>\n\r"; foreach ($region_list as $region) { if (get_option('base_region') == $region['id']) { $selected = "selected='true'"; } else { $selected = ""; } echo "<option value='" . $region['id'] . "' {$selected}>" . $region['name'] . "</option>\n\r"; } echo "</select>\n\r"; } else { echo " "; } exit; } /* fill product form */ if ($_POST['set_slider'] == "true" && is_numeric($_POST['state'])) { $_SESSION['slider_state'] = $_POST['state']; exit; } /* fill category form */ if ($_GET['action'] == "register") { $siteurl = get_option('siteurl'); require_once ABSPATH . WPINC . '/registration-functions.php'; if ($_POST['action'] == 'register' && get_settings('users_can_register')) { //exit("fail for testing purposes"); $user_login = sanitize_user($_POST['user_login']); $user_email = $_POST['user_email']; $errors = array(); if ($user_login == '') { exit($errors['user_login'] = __('<strong>ERROR</strong>: Please enter a username.')); } /* checking e-mail address */ if ($user_email == '') { exit(__('<strong>ERROR</strong>: Please type your e-mail address.')); } else { if (!is_email($user_email)) { exit(__('<strong>ERROR</strong>: The email address isn’t correct.')); $user_email = ''; } } if (!validate_username($user_login)) { $errors['user_login'] = __('<strong>ERROR</strong>: This username is invalid. Please enter a valid username.'); $user_login = ''; } if (username_exists($user_login)) { exit(__('<strong>ERROR</strong>: This username is already registered, please choose another one.')); } /* checking the email isn't already used by another user */ $email_exists = $wpdb->get_row("SELECT user_email FROM {$wpdb->users} WHERE user_email = '{$user_email}'"); if ($email_exists) { die(__('<strong>ERROR</strong>: This email address is already registered, please supply another.')); } if (0 == count($errors)) { $password = substr(md5(uniqid(microtime())), 0, 7); //xit('there?'); $user_id = wp_create_user($user_login, $password, $user_email); if (!$user_id) { exit(sprintf(__('<strong>ERROR</strong>: Couldn’t register you... please contact the <a href="mailto:%s">webmaster</a> !'), get_settings('admin_email'))); } else { wp_new_user_notification($user_id, $password); ?> <div id="login"> <h2><?php _e('Registration Complete'); ?> </h2> <p><?php printf(__('Username: %s'), "<strong>" . wp_specialchars($user_login) . "</strong>"); ?> <br /> <?php printf(__('Password: %s'), '<strong>' . __('emailed to you') . '</strong>'); ?> <br /> <?php printf(__('E-mail: %s'), "<strong>" . wp_specialchars($user_email) . "</strong>"); ?> </p> </div> <?php } } } else { // onsubmit='submit_register_form(this);return false;' echo "<div id='login'>\n <h2>Register for this blog</h2>\n <form id='registerform' action='index.php?ajax=true&action=register' onsubmit='submit_register_form(this);return false;' method='post'>\n <p><input type='hidden' value='register' name='action'/>\n <label for='user_login'>Username:</label><br/> <input type='text' value='' maxlength='20' size='20' id='user_login' name='user_login'/><br/></p>\n <p><label for='user_email'>E-mail:</label><br/> <input type='text' value='' maxlength='100' size='25' id='user_email' name='user_email'/></p>\n <p>A password will be emailed to you.</p>\n <p class='submit'><input type='submit' name='submit_form' id='submit' value='Register »'/><img id='register_loading_img' src='" . WPSC_URL . "/images/loading.gif' alt='' title=''></p>\n \n </form>\n </div>"; } exit; } } /* * AJAX stuff stops here, I would put an exit here, but it may screw up other plugins //exit(); */ }