function query($order_id) { $order_query = olc_db_query("\n\t\tselect\n\t\tcustomers_name,\n\t\tcustomers_cid,\n\t\tcustomers_id,\n\t\tcustomers_company,\n\t\tcustomers_street_address,\n\t\tcustomers_suburb,\n\t\tcustomers_city,\n\t\tcustomers_postcode,\n\t\tcustomers_state,\n\t\tcustomers_country,\n\t\tcustomers_telephone,\n\t\tcustomers_email_address,\n\t\tcustomers_address_format_id,\n\t\tdelivery_name,\n\t\tdelivery_company,\n\t\tdelivery_street_address,\n\t\tdelivery_suburb,\n\t\tdelivery_city,\n\t\tdelivery_postcode,\n\t\tdelivery_state,\n\t\tdelivery_country,\n\t\tdelivery_address_format_id,\n\t\tbilling_name,\n\t\tbilling_company,\n\t\tbilling_street_address,\n\t\tbilling_suburb,\n\t\tbilling_city,\n\t\tbilling_postcode,\n\t\tbilling_state,\n\t\tbilling_country,\n\t\tbilling_address_format_id,\n\t\tbilling_invoice_number,\n\t\tpayment_method,\n\t\tcc_type,\n\t\tcc_owner,\n\t\tcc_number,\n\t\tcc_expires,\n\t\tcomments,\n\t\tcurrency,\n\t\tcurrency_value,\n\t\tdate_purchased,\n\t\torders_status,\n\t\torders_trackcode,\n\t\tlast_modified,\n\t\tpayment_id,\n\t\tcustomers_status,\n\t\tcustomers_status_name,\n\t\tcustomers_status_image,\n\t\tcustomers_ip,\n\t\tlanguage,\n\t\tcustomers_status_discount\n\t\tfrom " . TABLE_ORDERS . " where\n\t\torders_id = '" . olc_db_input($order_id) . APOS); $order = olc_db_fetch_array($order_query); $totals_query = olc_db_query("select title, text from " . TABLE_ORDERS_TOTAL . " where orders_id = '" . olc_db_input($order_id) . "' order by sort_order"); while ($totals = olc_db_fetch_array($totals_query)) { $this->totals[] = array('title' => $totals['title'], 'text' => $totals['text']); } $this->info = array('order_id' => $order_id, 'currency' => $order['currency'], 'currency_value' => $order['currency_value'], 'payment_method' => $order['payment_method'], 'status' => $order['customers_status'], 'status_name' => $order['customers_status_name'], 'status_image' => $order['customers_status_image'], 'status_discount' => $order['customers_status_discount'], 'cc_type' => $order['cc_type'], 'cc_owner' => $order['cc_owner'], 'cc_number' => $order['cc_number'], 'cc_expires' => $order['cc_expires'], 'comments' => $order['comments'], 'language' => $order['language'], 'date_purchased' => $order['date_purchased'], 'payment_id' => $order['payment_id'], 'orders_status' => $order['orders_status'], 'orders_trackcode' => $order['orders_trackcode'], 'last_modified' => $order['last_modified']); $this->customer = array('name' => $order['customers_name'], 'id' => $order['customers_id'], 'company' => $order['customers_company'], 'csID' => $order['customers_cid'], 'shop_id' => $order['shop_id'], 'id' => $order['customers_id'], 'cIP' => $order['customers_ip'], 'street_address' => $order['customers_street_address'], 'suburb' => $order['customers_suburb'], 'city' => $order['customers_city'], 'postcode' => $order['customers_postcode'], 'state' => $order['customers_state'], 'country' => $order['customers_country'], 'format_id' => $order['customers_address_format_id'], 'telephone' => $order['customers_telephone'], 'email_address' => $order['customers_email_address']); $this->delivery = array('name' => $order['delivery_name'], 'company' => $order['delivery_company'], 'street_address' => $order['delivery_street_address'], 'suburb' => $order['delivery_suburb'], 'city' => $order['delivery_city'], 'postcode' => $order['delivery_postcode'], 'state' => $order['delivery_state'], 'country' => $order['delivery_country'], 'format_id' => $order['delivery_address_format_id']); $this->billing = array('name' => $order['billing_name'], 'company' => $order['billing_company'], 'street_address' => $order['billing_street_address'], 'suburb' => $order['billing_suburb'], 'city' => $order['billing_city'], 'postcode' => $order['billing_postcode'], 'state' => $order['billing_state'], 'country' => $order['billing_country'], 'format_id' => $order['billing_address_format_id'], 'billing_invoice_number' => $order['billing_invoice_number']); $index = 0; $orders_products_query = olc_db_query("\n\t\t\tselect\n\t\t\torders_products_id,\n\t\t\tproducts_name,\n\t\t\tproducts_id,\n\t\t\tproducts_model,\n\t\t\tproducts_price,\n\t\t\tproducts_tax,\n\t\t\tproducts_quantity,\n\t\t\tfinal_price,\n\t\t\tallow_tax,\n\t\t\tproducts_discount_made\n\t\t\tfrom " . TABLE_ORDERS_PRODUCTS . "\n\t\t\twhere\n\t\t\torders_id ='" . olc_db_input($order_id) . APOS); while ($orders_products = olc_db_fetch_array($orders_products_query)) { $this->products[$index] = array('id' => $orders_products['products_id'], 'orders_products_id' => $orders_products['orders_products_id'], 'qty' => $orders_products['products_quantity'], 'name' => $orders_products['products_name'], 'model' => $orders_products['products_model'], 'tax' => $orders_products['products_tax'], 'price' => $orders_products['products_price'], 'discount' => $orders_products['products_discount_made'], 'final_price' => $orders_products['final_price'], 'allow_tax' => $orders_products['allow_tax'], 'auctionid' => $orders_products['auctionid']); $subindex = 0; $attributes_query = olc_db_query("\n\t\t\t\tselect\n\t\t\t\tproducts_options,\n\t\t\t\tproducts_options_values,\n\t\t\t\tproducts_options_id,\n\t\t\t\tproducts_options_values_id,\n\t\t\t\toptions_values_price,\n\t\t\t\tprice_prefix from " . TABLE_ORDERS_PRODUCTS_ATTRIBUTES . " where orders_id = '" . olc_db_input($order_id) . "' and orders_products_id = '" . $orders_products['orders_products_id'] . APOS); if (olc_db_num_rows($attributes_query)) { while ($attributes = olc_db_fetch_array($attributes_query)) { $this->products[$index]['attributes'][$subindex] = array('option' => $attributes['products_options'], 'value' => $attributes['products_options_values'], 'option_id' => $attributes['products_options_id'], 'value_id' => $attributes['products_options_values_id'], 'prefix' => $attributes['price_prefix'], 'price' => $attributes['options_values_price']); $subindex++; } } $index++; } }
function query($txn_id) { $transaction_id = olc_db_prepare_input($txn_id); $info = array('txn_type', 'reason_code', 'payment_type', 'payment_status', 'pending_reason', 'invoice', 'payment_date', 'payment_time_zone', 'business', 'receiver_email', 'receiver_id', 'txn_id', 'parent_txn_id', 'notify_version', 'last_modified', 'date_added', 'for_auction', 'auction_closing_date'); $txn = array('num_cart_items', 'mc_currency', 'mc_gross', 'mc_fee', 'payment_gross', 'payment_fee', 'settle_amount', 'settle_currency', 'exchange_rate'); $customer = array('first_name', 'last_name', 'payer_business_name', 'address_name', 'address_street', 'address_city', 'address_state', 'address_zip', 'address_country', 'address_status', 'payer_email', 'payer_id', 'auction_buyer_id', 'payer_status', 'memo'); $ipn_query = olc_db_query("select " . implode(',', array_merge($info, $txn, $customer)) . " from " . olc_db_input($this->paymentTableName) . " where txn_id = '" . olc_db_input($transaction_id) . APOS); if (olc_db_num_rows($ipn_query)) { $ipn = olc_db_fetch_array($ipn_query); $this->info = $this->getSQLDataElements($ipn, $info); $this->txn = $this->getSQLDataElements($ipn, $txn); $this->customer = $this->getSQLDataElements($ipn, $customer); } }
function olc_db_perform($table, $data, $action = 'insert', $parameters = '', $link = 'db_link') { reset($data); if ($action == 'insert') { $query = INSERT_INTO . $table . LPAREN; while (list($columns, ) = each($data)) { $query .= $columns . COMMA_BLANK; } $query = substr($query, 0, -2) . ') values ('; reset($data); while (list($columns, $value) = each($data)) { $value = (string) $value; switch ($value) { case 'now()': $query .= $value; break; case 'null': $query .= $value; break; default: $query .= APOS . olc_db_input($value) . APOS; break; } $query .= COMMA_BLANK; } $query = substr($query, 0, -2) . RPAREN; } else { $query = SQL_UPDATE . $table . ' set '; while (list($columns, $value) = each($data)) { $value = (string) $value; switch ($value) { case 'now()': $l_query = $value; break; case 'null': $l_query = $value; break; default: $l_query = APOS . olc_db_input($value) . APOS; break; } $query .= $columns . EQUAL . $l_query . COMMA_BLANK; } $query = substr($query, 0, -2) . SQL_WHERE . $parameters; } return olc_db_query($query, $link); }
function paypal_remove_order($order_id) { include_once PAYPAL_IPN_DIR . 'inc.php'; $ipn_query = olc_db_query("select payment_id from " . TABLE_ORDERS . " where orders_id = '" . (int) $order_id . APOS); if (olc_db_num_rows($ipn_query)) { // this is a ipn order (PayPal or StormPay) $ipn_order = olc_db_fetch_array($ipn_query); $paypal_id = $ipn_order['payment_id']; $txn_query = olc_db_query("select txn_id from " . TABLE_PAYPAL . " where paypal_id ='" . (int) $paypal_id . APOS); $txn = olc_db_fetch_array($txn_query); olc_db_query(DELETE_FROM . TABLE_PAYPAL . " where paypal_id = '" . (int) $paypal_id . APOS); olc_db_query(DELETE_FROM . TABLE_PAYPAL . " where parent_txn_id = '" . olc_db_input($txn['txn_id']) . APOS); if (defined('TABLE_PAYPAL_AUCTION')) { olc_db_query(DELETE_FROM . TABLE_PAYPAL_AUCTION . " where paypal_id = '" . (int) $paypal_id . APOS); } } olc_db_query(DELETE_FROM . TABLE_ORDERS_SESSION_INFO . " where orders_id = '" . (int) $order_id . APOS); }
function olc_address_summary($customers_id, $address_id) { $customers_id = olc_db_prepare_input($customers_id); $address_id = olc_db_prepare_input($address_id); $address_query = olc_db_query("select ab.entry_street_address, ab.entry_suburb, ab.entry_postcode, ab.entry_city, ab.entry_state, ab.entry_country_id, ab.entry_zone_id, c.countries_name, c.address_format_id from " . TABLE_ADDRESS_BOOK . " ab, " . TABLE_COUNTRIES . " c where ab.address_book_id = '" . olc_db_input($address_id) . "' and ab.customers_id = '" . olc_db_input($customers_id) . "' and ab.entry_country_id = c.countries_id"); $address = olc_db_fetch_array($address_query); $street_address = $address['entry_street_address']; $suburb = $address['entry_suburb']; $postcode = $address['entry_postcode']; $city = $address['entry_city']; $state = olc_get_zone_code($address['entry_country_id'], $address['entry_zone_id'], $address['entry_state']); $country = $address['countries_name']; $address_format_query = olc_db_query("select address_summary from " . TABLE_ADDRESS_FORMAT . " where address_format_id = '" . $address['address_format_id'] . APOS); $address_format = olc_db_fetch_array($address_format_query); // eval("\$address = \"{$address_format['address_summary']}\";"); $address_summary = $address_format['address_summary']; eval("\$address = \"{$address_summary}\";"); return $address; }
function olc_get_categories($categories_array = '', $parent_id = '0', $indent = '') { $parent_id = olc_db_prepare_input($parent_id); if (!is_array($categories_array)) { $categories_array = array(); } $sql = SELECT . "\n\tc.categories_id,\n\tcd.categories_name,\n\tcd.categories_heading_title,\n\tcd.categories_description\n\tfrom " . TABLE_CATEGORIES . " c,\t" . TABLE_CATEGORIES_DESCRIPTION . " cd\n\twhere\n\tparent_id = '" . olc_db_input($parent_id) . "'\n\tand c.categories_id = cd.categories_id\n\tand c.categories_status != 0\n\tand cd.language_id = '" . SESSION_LANGUAGE_ID . "'\n\torder by sort_order, cd.categories_name"; $categories_query = olc_db_query($sql); $indent_two_nbsp = $indent . HTML_NBSP . HTML_NBSP; while ($categories = olc_db_fetch_array($categories_query)) { $name = $categories['categories_name']; $title = $categories['categories_heading_title']; if ($title == EMPTY_STRING) { $title = $name; } $categories_id = $categories['categories_id']; $categories_array[] = array('id' => $categories_id, 'text' => $indent . $name, 'title' => $title); if ($categories_id != $parent_id) { $categories_array = olc_get_categories($categories_array, $categories_id, $indent_two_nbsp); } } return $categories_array; }
$sql_data_array = olc_array_merge($sql_data_array, $insert_sql_data); olc_db_perform(TABLE_MANUFACTURERS_INFO, $sql_data_array); } else { //if ($action == 'save') { olc_db_perform(TABLE_MANUFACTURERS_INFO, $sql_data_array, 'update', $manufacturers_id_sql . " and languages_id = '" . $language_id . APOS); } } if (USE_CACHE == TRUE_STRING_S) { olc_reset_cache_block('manufacturers'); } //olc_redirect(olc_href_link(FILENAME_MANUFACTURERS, $page_parameter.'&mID='.$manufacturers_id)); $mID = $manufacturers_id; break; case 'deleteconfirm': $manufacturers_id = $mID; $manufacturers_id_sql = " where manufacturers_id = '" . olc_db_input($manufacturers_id) . APOS; if ($_POST['delete_image'] == 'on') { $manufacturer_query = olc_db_query("select manufacturers_image from " . TABLE_MANUFACTURERS . $manufacturers_id_sql); $manufacturer = olc_db_fetch_array($manufacturer_query); $image_location = DIR_FS_DOCUMENT_ROOT . DIR_WS_IMAGES . $manufacturer['manufacturers_image']; if (file_exists($image_location)) { @unlink($image_location); } } olc_db_query(DELETE_FROM . TABLE_MANUFACTURERS . $manufacturers_id_sql); olc_db_query(DELETE_FROM . TABLE_MANUFACTURERS_INFO . $manufacturers_id_sql); if ($_POST['delete_products'] == 'on') { $products_query = olc_db_query("select products_id from " . TABLE_PRODUCTS . $manufacturers_id_sql); while ($products = olc_db_fetch_array($products_query)) { olc_remove_product($products['products_id']); }
function getNext() { switch ($this->mode) { // yearly case '1': $sd = $this->actDate; $ed = mktime(0, 0, 0, date("m", $sd), date("d", $sd), date("Y", $sd) + 1); break; // monthly // monthly case '2': $sd = $this->actDate; $ed = mktime(0, 0, 0, date("m", $sd) + 1, 1, date("Y", $sd)); break; // weekly // weekly case '3': $sd = $this->actDate; $ed = mktime(0, 0, 0, date("m", $sd), date("d", $sd) + 7, date("Y", $sd)); break; // daily // daily case '4': $sd = $this->actDate; $ed = mktime(0, 0, 0, date("m", $sd), date("d", $sd) + 1, date("Y", $sd)); break; } if ($ed > $this->endDate) { $ed = $this->endDate; } $filterString = ""; if ($this->statusFilter > 0) { $filterString .= " AND o.orders_status = " . $this->statusFilter . BLANK; } $rqOrders = olc_db_query($this->queryOrderCnt . " WHERE o.date_purchased >= '" . olc_db_input(date("Y-m-d\\TH:i:s", $sd)) . "' AND o.date_purchased < '" . olc_db_input(date("Y-m-d\\TH:i:s", $ed)) . APOS . $filterString); $order = olc_db_fetch_array($rqOrders); $rqShipping = olc_db_query($this->queryShipping . " AND o.date_purchased >= '" . olc_db_input(date("Y-m-d\\TH:i:s", $sd)) . "' AND o.date_purchased < '" . olc_db_input(date("Y-m-d\\TH:i:s", $ed)) . APOS . $filterString); $shipping = olc_db_fetch_array($rqShipping); $rqItems = olc_db_query($this->queryItemCnt . " AND o.date_purchased >= '" . olc_db_input(date("Y-m-d\\TH:i:s", $sd)) . "' AND o.date_purchased < '" . olc_db_input(date("Y-m-d\\TH:i:s", $ed)) . APOS . $filterString . " group by pid " . $this->sortString); // set the return values $this->actDate = $ed; $this->showDate = $sd; $this->showDateEnd = $ed - 60 * 60 * 24; // execute the query $cnt = 0; $itemTot = 0; $sumTot = 0; while ($resp[$cnt] = olc_db_fetch_array($rqItems)) { // to avoid rounding differences round for every quantum // multiply with the number of items afterwords. $price = $resp[$cnt]['psum'] / $resp[$cnt]['pquant']; // products_attributes // are there any attributes for this order_id ? $rqAttr = olc_db_query($this->queryAttr . " AND o.date_purchased >= '" . olc_db_input(date("Y-m-d\\TH:i:s", $sd)) . "' AND o.date_purchased < '" . olc_db_input(date("Y-m-d\\TH:i:s", $ed)) . "' AND op.products_id = " . $resp[$cnt]['pid'] . $filterString . " group by products_options_values order by orders_products_id"); $i = 0; while ($attr[$i] = olc_db_fetch_array($rqAttr)) { $i++; } // values per date if ($i > 0) { $price2 = 0; $price3 = 0; $option = array(); $k = -1; $ord_pro_id_old = 0; for ($j = 0; $j < $i; $j++) { if ($attr[$j]['price_prefix'] == "-") { $price2 += -1 * $attr[$j]['options_values_price']; $price3 = -1 * $attr[$j]['options_values_price']; $prefix = "-"; } else { $price2 += $attr[$j]['options_values_price']; $price3 = $attr[$j]['options_values_price']; $prefix = "+"; } $ord_pro_id = $attr[$j]['orders_products_id']; if ($ord_pro_id != $ord_pro_id_old) { $k++; $l = 0; // set values $option[$k]['quant'] = $attr[$j]['attr_cnt']; $option[$k]['options'][0] = $attr[$j]['products_options']; $option[$k]['options_values'][0] = $attr[$j]['products_options_values']; if ($price3 != 0) { //$option[$k]['price'][0] = olc_add_tax($price3, $resp[$cnt]['ptax']); $option[$k]['price'][0] = $price3; } else { $option[$k]['price'][0] = 0; } } else { $l++; // update values $option[$k]['options'][$l] = $attr[$j]['products_options']; $option[$k]['options_values'][$l] = $attr[$j]['products_options_values']; if ($price3 != 0) { //$option[$k]['price'][$l] = olc_add_tax($price3, $resp[$cnt]['ptax']); $option[$k]['price'][$l] = $price3; } else { $option[$k]['price'][$l] = 0; } } $ord_pro_id_old = $ord_pro_id; } // set attr value $resp[$cnt]['attr'] = $option; } else { $resp[$cnt]['attr'] = ""; } //$resp[$cnt]['price'] = olc_add_tax($price, $resp[$cnt]['ptax']); //$resp[$cnt]['psum'] = $resp[$cnt]['pquant'] * olc_add_tax($price, $resp[$cnt]['ptax']); $resp[$cnt]['price'] = $price; $resp[$cnt]['psum'] = $resp[$cnt]['pquant'] * $price; $resp[$cnt]['order'] = $order['order_cnt']; $resp[$cnt]['shipping'] = $shipping['shipping']; // values per date and item $sumTot += $resp[$cnt]['psum']; $itemTot += $resp[$cnt]['pquant']; // add totsum and totitem until current row $resp[$cnt]['totsum'] = $sumTot; $resp[$cnt]['totitem'] = $itemTot; $cnt++; } return $resp; }
$address_format_id = olc_db_prepare_input($_POST['address_format_id']); olc_db_query(INSERT_INTO . TABLE_COUNTRIES . " (countries_name, countries_iso_code_2, countries_iso_code_3, address_format_id) values ('" . olc_db_input($countries_name) . "', '" . olc_db_input($countries_iso_code_2) . "', '" . olc_db_input($countries_iso_code_3) . "', '" . olc_db_input($address_format_id) . "')"); olc_redirect(olc_href_link(FILENAME_COUNTRIES)); break; case 'save': $countries_id = olc_db_prepare_input($_GET['cID']); $countries_name = olc_db_prepare_input($_POST['countries_name']); $countries_iso_code_2 = olc_db_prepare_input($_POST['countries_iso_code_2']); $countries_iso_code_3 = olc_db_prepare_input($_POST['countries_iso_code_3']); $address_format_id = olc_db_prepare_input($_POST['address_format_id']); olc_db_query(SQL_UPDATE . TABLE_COUNTRIES . " set countries_name = '" . olc_db_input($countries_name) . "', countries_iso_code_2 = '" . olc_db_input($countries_iso_code_2) . "', countries_iso_code_3 = '" . olc_db_input($countries_iso_code_3) . "', address_format_id = '" . olc_db_input($address_format_id) . "' where countries_id = '" . olc_db_input($countries_id) . APOS); olc_redirect(olc_href_link(FILENAME_COUNTRIES, 'page=' . $_GET['page'] . '&cID=' . $countries_id)); break; case 'deleteconfirm': $countries_id = olc_db_prepare_input($_GET['cID']); olc_db_query(DELETE_FROM . TABLE_COUNTRIES . " where countries_id = '" . olc_db_input($countries_id) . APOS); olc_redirect(olc_href_link(FILENAME_COUNTRIES, 'page=' . $_GET['page'])); break; } } require DIR_WS_INCLUDES . 'header.php'; ?> <table border="0" width="100%" cellspacing="2" cellpadding="2"> <tr> <td class="columnLeft2" nowrap="nowrap" valign="top"> <table border="0" cellspacing="1" cellpadding="1" class="columnLeft" nowrap="nowrap"> <!-- left_navigation //--> <?php require DIR_WS_INCLUDES . 'column_left.php'; ?> <!-- left_navigation_eof //-->
define($filename_affiliate_help_u . '5', $affiliate_help_u . '5.php'); define($filename_affiliate_help_u . '6', $affiliate_help_u . '6.php'); define($filename_affiliate_help_u . '7', $affiliate_help_u . '7.php'); define($filename_affiliate_help_u . '8', $affiliate_help_u . '8.php'); define($filename_affiliate_u . 'INVOICE', $affiliate_u . 'invoice.php'); define($filename_affiliate_u . 'PAYMENT', $affiliate_u . 'payment.php'); define($filename_affiliate_u . 'POPUP_IMAGE', $affiliate_u . 'popup_image.php'); define($filename_affiliate_u . 'SALES', $affiliate_u . 'sales.php'); define($filename_affiliate_u . 'STATISTICS', $affiliate_u . 'statistics.php'); define($filename_affiliate_u . 'SUMMARY', $affiliate_u . 'summary.php'); define($filename_affiliate_u . 'RESET', $affiliate_u . 'reset.php'); define('FILENAME_CATALOG_AFFILIATE_PAYMENT_INFO', FILENAME_AFFILIATE_PAYMENT); define('FILENAME_CATALOG_PRODUCT_INFO', FILENAME_PRODUCT_INFO); $affiliate_u = TABLE_PREFIX_INDIVIDUAL . $affiliate_u; $table_affiliate = 'TABLE_AFFILIATE'; $table_affiliate_u = $table_affiliate . "_"; define($table_affiliate, $affiliate_u . $affiliate); define($table_affiliate_u . 'BANNERS', $affiliate_u . 'banners'); define($table_affiliate_u . 'BANNERS_HISTORY', TABLE_AFFILIATE_BANNERS . '_history'); define($table_affiliate_u . 'CLICKTHROUGHS', $affiliate_u . 'clickthroughs'); define($table_affiliate_u . 'PAYMENT', $affiliate_u . 'payment'); define($table_affiliate_u . 'PAYMENT_STATUS', TABLE_AFFILIATE_PAYMENT . '_status'); define($table_affiliate_u . 'PAYMENT_STATUS_HISTORY', TABLE_AFFILIATE_PAYMENT_STATUS . '_history'); define($table_affiliate_u . 'SALES', $affiliate_u . 'sales'); // include the language translations require DIR_FS_LANGUAGES . SESSION_LANGUAGE . '/admin/affiliate_' . SESSION_LANGUAGE . PHP; // If an order is deleted delete the sale too (optional) if ($_GET['action'] == 'deleteconfirm' && basename($_SERVER['SCRIPT_FILENAME']) == FILENAME_ORDERS && AFFILIATE_DELETE_ORDERS == TRUE_STRING_S) { $affiliate_oID = olc_db_prepare_input($_GET['oID']); olc_db_query(DELETE_FROM . TABLE_AFFILIATE_SALES . " where affiliate_orders_id = '" . olc_db_input($affiliate_oID) . "' and affiliate_billing_status != 1"); }
$mail_query = olc_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS); $mail_sent_to = TEXT_ALL_CUSTOMERS; break; case '**D': $mail_query = olc_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_newsletter = '1'"); $mail_sent_to = TEXT_NEWSLETTER_CUSTOMERS; break; default: if (is_numeric($_POST['customers_email_address'])) { $mail_query = olc_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_status = " . $_POST['customers_email_address']); $sent_to_query = olc_db_query("select customers_status_name from " . TABLE_CUSTOMERS_STATUS . " WHERE customers_status_id = '" . $_POST['customers_email_address'] . "' AND language_id='" . SESSION_LANGUAGE_ID . APOS); $sent_to = olc_db_fetch_array($sent_to_query); $mail_sent_to = $sent_to['customers_status_name']; } else { $customers_email_address = olc_db_prepare_input($_POST['customers_email_address']); $mail_query = olc_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_email_address = '" . olc_db_input($customers_email_address) . APOS); $mail_sent_to = $_POST['customers_email_address']; } break; } $from = olc_db_prepare_input($_POST['from']); $subject = olc_db_prepare_input($_POST['subject']); $message = olc_db_prepare_input($_POST['message']); //Let's build a message object using the email class $mimemessage = new email(array('X-Mailer: OL-Commerce bulk mailer')); // add the message to the object $mimemessage->add_text($message); $mimemessage->build_message(); while ($mail = olc_db_fetch_array($mail_query)) { $mimemessage->send($mail['customers_firstname'] . BLANK . $mail['customers_lastname'], $mail['customers_email_address'], '', $from, $subject); }
$cID = olc_db_prepare_input($_GET['cID']); $status_query = olc_db_query("select count(*) as count from " . TABLE_CUSTOMERS . " where customers_status = '" . olc_db_input($cID) . APOS); $status = olc_db_fetch_array($status_query); $remove_status = true; if ($cID == DEFAULT_CUSTOMERS_STATUS_ID || $cID == DEFAULT_CUSTOMERS_STATUS_ID_GUEST || $cID == DEFAULT_CUSTOMERS_STATUS_ID_NEWSLETTER) { $remove_status = false; $messageStack->add(ERROR_REMOVE_DEFAULT_CUSTOMERS_STATUS, 'error'); } elseif ($status['count'] > 0) { $remove_status = false; $messageStack->add(ERROR_STATUS_USED_IN_CUSTOMERS, 'error'); } else { $history_query = olc_db_query("select count(*) as count from " . TABLE_CUSTOMERS_STATUS_HISTORY . " where '" . olc_db_input($cID) . "' in (new_value, old_value)"); $history = olc_db_fetch_array($history_query); if ($history['count'] > 0) { // delete from history olc_db_query(DELETE_FROM . TABLE_CUSTOMERS_STATUS_HISTORY . "\n where '" . olc_db_input($cID) . "' in (new_value, old_value)"); $remove_status = true; // $messageStack->add(ERROR_STATUS_USED_IN_HISTORY, 'error'); } } break; } require_once DIR_WS_INCLUDES . 'header.php'; ?> <table border="0" width="100%" cellspacing="2" cellpadding="2"> <tr> <td class="columnLeft2" nowrap="nowrap" valign="top"><table border="0" cellspacing="1" cellpadding="1" class="columnLeft" nowrap="nowrap"> <!-- left_navigation //--> <?php require DIR_WS_INCLUDES . 'column_left.php'; ?>
switch ($_POST['affiliate_email_address']) { case '***': $mail_query = olc_db_query("select affiliate_firstname, affiliate_lastname, affiliate_email_address from " . TABLE_AFFILIATE . BLANK); $mail_sent_to = TEXT_ALL_AFFILIATES; break; // case '**D': // $mail_query = olc_db_query("select affiliate_firstname, affiliate_lastname, affiliate_email_address from " . TABLE_AFFILIATE . " where affiliate_newsletter = '1'"); // $mail_sent_to = TEXT_NEWSLETTER_AFFILIATE; // break; // case '**D': // $mail_query = olc_db_query("select affiliate_firstname, affiliate_lastname, affiliate_email_address from " . TABLE_AFFILIATE . " where affiliate_newsletter = '1'"); // $mail_sent_to = TEXT_NEWSLETTER_AFFILIATE; // break; default: $affiliate_email_address = olc_db_prepare_input($_POST['affiliate_email_address']); $mail_query = olc_db_query("select affiliate_firstname, affiliate_lastname, affiliate_email_address from " . TABLE_AFFILIATE . " where affiliate_email_address = '" . olc_db_input($affiliate_email_address) . APOS); $mail_sent_to = $_POST['affiliate_email_address']; break; } $from = olc_db_prepare_input($_POST['from']); $subject = olc_db_prepare_input($_POST['subject']); $message = olc_db_prepare_input($_POST['message']); // Instantiate a new mail object $mimemessage = new email(array('X-Mailer: OLC mailer')); // Build the text version $text = strip_tags($text); if (EMAIL_USE_HTML == TRUE_STRING_S) { $mimemessage->add_html($message); } else { $mimemessage->add_text($message); }
$discount = '0.00'; } $ip = $_SESSION['CUSTOMERS_IP']; if (!$ip) { $ip = $_SERVER['REMOTE_ADDR']; } $customer_email_address = $order->customer['email_address']; // W. Kaiser - eMail-type by customer $sql_data_array = array('customers_id' => $customers_id, 'customers_name' => trim($order->customer['firstname'] . BLANK . $order->customer['lastname']), 'customers_cid' => $order->customer['csID'], 'customers_company' => $order->customer['company'], 'customers_status' => $order->customer['status'], 'customers_status_name' => $_SESSION['customers_status']['customers_status_name'], 'customers_status_image' => $order->customer['status_image'], 'customers_status_discount' => $discount, 'customers_status' => $customer_status_value['customers_status'], 'customers_street_address' => $order->customer['street_address'], 'customers_suburb' => $order->customer['suburb'], 'customers_city' => $order->customer['city'], 'customers_postcode' => $order->customer['postcode'], 'customers_state' => $order->customer['state'], 'customers_country' => $order->customer['country']['title'], 'customers_telephone' => $order->customer['telephone'], 'customers_email_address' => $customer_email_address, 'customers_email_type' => $order->customer['email_type'], 'customers_address_format_id' => $order->customer['format_id'], 'delivery_name' => trim($order->delivery['firstname'] . BLANK . $order->delivery['lastname']), 'delivery_firstname' => $order->delivery['firstname'], 'delivery_lastname' => $order->delivery['lastname'], 'delivery_company' => $order->delivery['company'], 'delivery_street_address' => $order->delivery['street_address'], 'delivery_suburb' => $order->delivery['suburb'], 'delivery_city' => $order->delivery['city'], 'delivery_postcode' => $order->delivery['postcode'], 'delivery_state' => $order->delivery['state'], 'delivery_country' => $order->delivery['country']['title'], 'delivery_country_iso_code_2' => $order->delivery['country']['iso_code_2'], 'delivery_address_format_id' => $order->delivery['format_id'], 'payment_method' => $order->info['payment_method'], 'payment_class' => $order->info['payment_class'], 'shipping_method' => $order->info['shipping_method'], 'shipping_class' => $order->info['shipping_class'], 'cc_type' => $order->info['cc_type'], 'cc_owner' => $order->info['cc_owner'], 'cc_number' => $order->info['cc_number'], 'cc_expires' => $order->info['cc_expires'], 'cc_start' => $order->info['cc_start'], 'cc_cvv' => $order->info['cc_cvv'], 'cc_issue' => $order->info['cc_issue'], 'date_purchased' => 'now()', 'orders_status' => $order->info['order_status'], 'currency' => $order->info['currency'], 'currency_value' => $order->info['currency_value'], 'customers_ip' => $ip, 'language' => $_SESSION['language_name'], 'customers_order_reference' => $order->info['customers_order_reference'], 'orders_discount' => $order->info['orders_discount'], 'comments' => $order->info['comments']); if ($_SESSION['credit_covers'] != '1') { $sql_data_array = array_merge($sql_data_array, array('billing_name' => trim($order->billing['firstname'] . BLANK . $order->billing['lastname']), 'billing_firstname' => $order->billing['firstname'], 'billing_lastname' => $order->billing['lastname'], 'billing_company' => $order->billing['company'], 'billing_street_address' => $order->billing['street_address'], 'billing_suburb' => $order->billing['suburb'], 'billing_city' => $order->billing['city'], 'billing_postcode' => $order->billing['postcode'], 'billing_state' => $order->billing['state'], 'billing_country' => $order->billing['country']['title'], 'billing_country_iso_code_2' => $order->billing['country']['iso_code_2'], 'billing_address_format_id' => $order->billing['format_id'])); } // W. Kaiser - eMail-type by customer $paypal_session_exists = false; if (isset($_SESSION['PayPal_osC'])) { $orders_session_query = olc_db_query("select osi.orders_id, o.payment_id from " . TABLE_ORDERS_SESSION_INFO . " osi left join " . TABLE_ORDERS . " o on osi.orders_id = o.orders_id where osi.txn_signature ='" . olc_db_input($PayPal_osC->txn_signature) . APOS); $orders_check = olc_db_fetch_array($orders_session_query); //Now check to see whether order session info exists AND that this order //does not currently have an IPN. $orders_id = (int) $orders_check['orders_id']; if ($orders_id > 0) { if ($orders_check['payment_id'] == '0') { $paypal_session_exists = true; } } } if ($paypal_session_exists) { $orders_id_param = "orders_id = '" . $orders_id . APOS; $where_orders_id = " where " . $orders_id_param; olc_db_perform(TABLE_ORDERS, $sql_data_array, 'update', $orders_id_param); olc_db_query(DELETE_FROM . TABLE_ORDERS_TOTAL . $where_orders_id);
function tep_db_input($x) { return olc_db_input($x); }
function user_login($email_address) { global $order, $customer_id, $customer_default_address_id, $customer_first_name, $customer_country_id, $customer_zone_id; /* This allows the user to login with only a valid email (the email address sent back by PayPal) Their PayPal payerID is stored in the database, but I still don't know if that number changes. If it doesn't, it could be used to help identify an existing customer who hasn't logged in. Until I know for sure, the email address is enough */ global $session_started, $language, $cart; if ($session_started == false) { olc_redirect(olc_href_link(FILENAME_COOKIE_USAGE)); } require DIR_WS_LANGUAGES . SESSION_LANGUAGE . SLASH . FILENAME_LOGIN; $check_customer_query = olc_db_query("select customers_id, customers_firstname, customers_password,\n\t\tcustomers_email_address, customers_default_address_id, customers_paypal_payerid from " . TABLE_CUSTOMERS . " where customers_email_address = '" . olc_db_input($email_address) . APOS); $check_customer = olc_db_fetch_array($check_customer_query); if (!olc_db_num_rows($check_customer_query)) { $this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_TEXT_BAD_LOGIN, true); } else { if (SESSION_RECREATE == TRUE_STRING_S) { olc_session_recreate(); } $check_country_query = olc_db_query("select entry_country_id, entry_zone_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int) $check_customer['customers_id'] . "' and address_book_id = '" . (int) $check_customer['customers_default_address_id'] . APOS); $check_country = olc_db_fetch_array($check_country_query); $customer_id = $check_customer['customers_id']; $customer_default_address_id = $check_customer['customers_default_address_id']; $customer_first_name = $check_customer['customers_firstname']; $customer_country_id = $check_country['entry_country_id']; $customer_zone_id = $check_country['entry_zone_id']; $_SESSION['customer_id']; $_SESSION['customer_default_address_id']; $_SESSION['customer_first_name']; $_SESSION['customer_country_id']; $_SESSION['customer_zone_id']; $order->customer['id'] = $customer_id; olc_db_query(SQL_UPDATE . TABLE_CUSTOMERS_INFO . " set\n\t\t\tcustomers_info_date_of_last_logon = now(),\n\t\t\tcustomers_info_number_of_logons = customers_info_number_of_logons+1\n\t\t\twhere customers_info_id = '" . (int) $customer_id . APOS); $cart->restore_contents(); $this->away_with_you(); } }
-------------------------------------------------------------- based on: (c) 2000-2001 The Exchange Project (earlier name of osCommerce) (c) 2002-2003 osCommerce(popup_image.php,v 1.6 2002/05/20); www.oscommerce.com (c) 2003 nextcommerce (popup_image.php,v 1.7 2003/08/18); www.nextcommerce.org (c) 2004 XT - Commerce; www.xt-commerce.com Released under the GNU General Public License --------------------------------------------------------------*/ require 'includes/application_top.php'; reset($_GET); while (list($key, ) = each($_GET)) { switch ($key) { case 'banner': $banners_id = olc_db_prepare_input($_GET['banner']); $banner_query = olc_db_query("select banners_title, banners_image, banners_html_text from " . TABLE_BANNERS . " where banners_id = '" . olc_db_input($banners_id) . APOS); $banner = olc_db_fetch_array($banner_query); $page_title = $banner['banners_title']; if ($banner['banners_html_text']) { $image_source = $banner['banners_html_text']; } elseif ($banner['banners_image']) { $image_source = olc_image(DIR_WS_CATALOG_IMAGES . $banner['banners_image'], $page_title); } break; } } ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>
echo TABLE_HEADING_STATUS; ?> </td> <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACTION; ?> </td> </tr> <?php if ($_GET['sID']) { // Search only payment_id by now $sID = olc_db_prepare_input($_GET['sID']); $payments_query_raw = "select p.* , s.affiliate_payment_status_name from " . TABLE_AFFILIATE_PAYMENT . " p , " . TABLE_AFFILIATE_PAYMENT_STATUS . " s where p.affiliate_payment_id = '" . olc_db_input($sID) . "' and p.affiliate_payment_status = s.affiliate_payment_status_id and s.affiliate_language_id = '" . SESSION_LANGUAGE_ID . "' order by p.affiliate_payment_id DESC"; } elseif (is_numeric($_GET['status'])) { $status = olc_db_prepare_input($_GET['status']); $payments_query_raw = "select p.* , s.affiliate_payment_status_name from " . TABLE_AFFILIATE_PAYMENT . " p , " . TABLE_AFFILIATE_PAYMENT_STATUS . " s where s.affiliate_payment_status_id = '" . olc_db_input($status) . "' and p.affiliate_payment_status = s.affiliate_payment_status_id and s.affiliate_language_id = '" . SESSION_LANGUAGE_ID . "' order by p.affiliate_payment_id DESC"; } else { $payments_query_raw = "select p.* , s.affiliate_payment_status_name from " . TABLE_AFFILIATE_PAYMENT . " p , " . TABLE_AFFILIATE_PAYMENT_STATUS . " s where p.affiliate_payment_status = s.affiliate_payment_status_id and s.affiliate_language_id = '" . SESSION_LANGUAGE_ID . "' order by p.affiliate_payment_id DESC"; } $payments_split = new splitPageResults($_GET['page'], MAX_DISPLAY_SEARCH_RESULTS, $payments_query_raw, $payments_query_numrows); $payments_query = olc_db_query($payments_query_raw); while ($payments = olc_db_fetch_array($payments_query)) { if ((!$_GET['pID'] || $_GET['pID'] == $payments['affiliate_payment_id']) && !$pInfo) { $pInfo = new objectInfo($payments); } if (is_object($pInfo) && $payments['affiliate_payment_id'] == $pInfo->affiliate_payment_id) { echo ' <tr class="dataTableRowSelected" onmouseover="this.style.cursor=\'hand\'" onclick="javascript:' . olc_onclick_link(FILENAME_AFFILIATE_PAYMENT, olc_get_all_get_params(array('pID', 'action')) . 'pID=' . $pInfo->affiliate_payment_id . '&action=edit') . '">' . NEW_LINE; } else { echo ' <tr class="dataTableRow" onmouseover="this.className=\'dataTableRowOver\';this.style.cursor=\'hand\'" onmouseout="this.className=\'dataTableRow\'" onclick="javascript:' . olc_onclick_link(FILENAME_AFFILIATE_PAYMENT, olc_get_all_get_params(array('pID')) . 'pID=' . $payments['affiliate_payment_id']) . '">' . NEW_LINE; } ?>
</td> <td class="dataTableHeadingContent" align="center"><?php echo COUPON_CODE; ?> </td> <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACTION; ?> </td> </tr> <?php if ($_GET['page'] > 1) { $rows = $_GET['page'] * 20 - 20; } if ($status != '*') { $cc_query_raw = "select coupon_id, coupon_code, coupon_amount, coupon_type, coupon_start_date,coupon_expire_date,uses_per_user,uses_per_coupon,restrict_to_products, restrict_to_categories, date_created,date_modified from " . TABLE_COUPONS . " where coupon_active='" . olc_db_input($status) . "' and coupon_type != 'G'"; } else { $cc_query_raw = "select coupon_id, coupon_code, coupon_amount, coupon_type, coupon_start_date,coupon_expire_date,uses_per_user,uses_per_coupon,restrict_to_products, restrict_to_categories, date_created,date_modified from " . TABLE_COUPONS . " where coupon_type != 'G'"; } $cc_split = new splitPageResults($_GET['page'], MAX_DISPLAY_SEARCH_RESULTS, $cc_query_raw, $cc_query_numrows); $cc_query = olc_db_query($cc_query_raw); while ($cc_list = olc_db_fetch_array($cc_query)) { $rows++; if (strlen($rows) < 2) { $rows = '0' . $rows; } if ((!$_GET['cid'] || @$_GET['cid'] == $cc_list['coupon_id']) && !$cInfo) { $cInfo = new objectInfo($cc_list); } if (is_object($cInfo) && $cc_list['coupon_id'] == $cInfo->coupon_id) { echo ' <tr class="dataTableRowSelected" onmouseover="this.style.cursor=\'hand\'" onclick="javascript:' . olc_onclick_link('coupon_admin.php', olc_get_all_get_params(array('cid', 'action')) . 'cid=' . $cInfo->coupon_id . '&action=edit') . '">' . NEW_LINE;
function addAuctionsInBasket($buyeremail, $build_cart = false) { $productssql = SELECT . " l.auction_id, l.auction_title, l.starttime, d.endtime,\n\tl.product_id, d.amount, d.auction_endprice, c.customers_id,\td.basket FROM " . TABLE_AUCTION_LIST . " l, " . TABLE_AUCTION_DETAILS . " d, " . TABLE_CUSTOMERS . "c\n\tWHERE\n\tc.customers_email_address = d.buyer_email AND\n\tl.auction_id = d.auction_id AND\n\td.basket=1 AND\n\td.order_number = 0 AND\n\td.buyer_email='" . olc_db_input($buyeremail) . APOS; $myproducts = olc_db_query($productssql); if ($build_cart) { $smarty->assign('AUCTION_MESSAGE', AUCTIONS_TEXT_AUCTION_MESSAGE); } else { $products_text = AUCTIONS_TEXT_AUCTION_MESSAGE . "\n\n"; } $comma = "','"; $sqlquery0 = INSERT_INTO . TABLE_CUSTOMERS_BASKET . " (\n\t\t\tcustomers_id,\n\t\t\tproducts_id,\n\t\t\tcustomers_basket_quantity,\n\t\t\tfinal_price,\n\t\t\tcustomers_basket_date_added,\n\t\t\tauction,\n\t\t\tauctionid)\n\t\t\tvalues ('"; $attributes_sql = SELECTT . "distinct(options_id) from " . TABLE_PRODUCTS_ATTRIBUTES . " where products_id = '#'"; while ($products_values = olc_db_fetch_array($myproducts)) { $product_id = $products_values['product_id']; $my_sql_query = str_replace(HASH, $product_id, $attributes_sql); $check_attribute_query = olc_db_query($my_sql_query); $attributes_options_sql = SELECT . "options_values_id FROM " . TABLE_PRODUCTS_ATTRIBUTES . " where\n\t\t\t products_id = '" . $product_id . "' and\n\t\t\t options_id = '#' and\n\t\t\t options_values_price <= '0'"; $myattribute_ids = EMPTY_STRING; while ($check_attribute = olc_db_fetch_array($check_attribute_query)) { $options_id = $check_attribute['options_id']; $products_options_array = array(); $sql_query = str_replace(HASH, $options_id, $attributes_options_sql); $attribute_query = olc_db_query($sql_query); $products_options = olc_db_fetch_array($attribute_query); $myattribute_ids .= "{" . $options_id . "}" . $products_options['options_values_id']; } $customers_id = $products_values['customers_id']; $auction_id = olc_db_input($products_values['auction_id']); $product_id_myattribute_ids = olc_db_input($product_id . $myattribute_ids); $products_qty = $products_values['amount']; $auction_endprice = olc_db_input($products_values['auction_endprice']); $sqlquery = $sqlquery0 . $customers_id . $comma . $product_id_myattribute_ids . $comma . $products_qty . $comma . $auction_endprice . $comma . date('Ymd') . $comma . "1" . $comma . $auction_id . "')"; olc_db_query($sqlquery); $sqlattributequery0 = INSERT_INTO . TABLE_CUSTOMERS_BASKET_ATTRIBUTES . "\n\t\t\t\t(customers_id, products_id, products_options_id, products_options_value_id, auctionid)\n\t\t\t\tvalues ('"; $tmpattid = explode("{", $myattribute_ids); for ($i = 1, $n = count($tmpattid); $i < $n; $i++) { $tmp = explode("}", $tmpattid[$i]); $myoptionid = $tmp[0]; $myattvalueid = $tmp[1]; $sqlattributequery = $sqlattributequery0 . $customers_id . $comma . $product_id_myattribute_ids . $comma . $myoptionid . $comma . $myattvalueid . $comma . $auction_id . "')"; olc_db_query($sqlattributequery); } SQL_UPDATE . TABLE_AUCTIONS_LIST . " SET\n\t\t`starttime` = '" . $products_values['starttime'] . "',\n\t\t`endtime` = '" . $products_values['endtime'] . "',\n\t\t`basket` = '1'\n\t\tWHERE\n\t\tauctions_id` = '" . $auction_id . APOS; $auctions_update = olc_db_query($sqlstring); if ($build_cart) { $quantity_in_cart = $_SESSION['cart']->get_quantity($product_id_myattribute_ids); $_SESSION['cart']->add_cart($product_id, $quantity_in_cart + $products_qty, $product_id_myattribute_ids); } else { $products_text .= $products_qty . " x " . $products_values['auction_title']; $products_text .= " = " . $products_qty * $auction_endprice . NEW_LINE; } } return $products_text; }
$country_id_content = olc_get_country_name($a_country) . olc_draw_hidden_field('a_country'); } } else { $country_id_content = olc_get_country_list('a_country', $affiliate['affiliate_country_id']) . HTML_NBSP . ENTRY_COUNTRY_TEXT; } $module_smarty->assign('country_id_content', $country_id_content); if (ACCOUNT_STATE == TRUE_STRING_S) { $module_smarty->assign('ACCOUNT_STATE', TRUE_STRING_S); $state = olc_get_zone_name($a_country, $a_zone_id, $a_state); if ($is_read_only == true) { $state_content = olc_get_zone_name($affiliate['affiliate_country_id'], $affiliate['affiliate_zone_id'], $affiliate['affiliate_state']); } elseif ($error == true) { if ($entry_state_error == true) { if ($entry_state_has_zones == true) { $zones_array = array(); $zones_query = olc_db_query("select zone_name from " . TABLE_ZONES . " where zone_country_id = '" . olc_db_input($a_country) . "' order by zone_name"); while ($zones_values = olc_db_fetch_array($zones_query)) { $zones_array[] = array('id' => $zones_values['zone_name'], 'text' => $zones_values['zone_name']); } $state_content = olc_draw_pull_down_menu('a_state', $zones_array) . HTML_NBSP . ENTRY_STATE_ERROR; } else { $state_content = olc_draw_input_field('a_state') . HTML_NBSP . ENTRY_STATE_ERROR; } } else { $state_content = $state . olc_draw_hidden_field('a_zone_id') . olc_draw_hidden_field('a_state'); } } else { $state_content = olc_draw_input_field('a_state', olc_get_zone_name($affiliate['affiliate_country_id'], $affiliate['affiliate_zone_id'], $affiliate['affiliate_state'])) . HTML_NBSP . ENTRY_STATE_TEXT; } $module_smarty->assign('state_content', $state_content); }
$sa_price = olc_oe_get_products_attribute_price($total_price, $products['products_tax_class_id'], $price_special = '0', 1, $_POST['prefix'], $calculate_currencies = TRUE_STRING_S, $customers_status); $sp_price = olc_oe_products_price($_POST['pID'], $price_special = '0', 1, $customers_status); $inp_price = $sa_price + $sp_price; $final_price = $inp_price * $_POST['qTY']; $sql_data_array = array('products_price' => olc_db_prepare_input($inp_price)); $update_sql_data = array('final_price' => olc_db_prepare_input($final_price)); $sql_data_array = olc_array_merge($sql_data_array, $update_sql_data); olc_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array, 'update', 'orders_products_id = \'' . olc_db_input($_POST['opID']) . '\''); olc_redirect(olc_href_link(FILENAME_ORDERS_EDIT, 'edit_action=products&cID=' . $_POST['cID'] . '&oID=' . $_POST['oID'])); } if ($_GET['action'] == "shipping_del") { olc_db_query(DELETE_FROM . TABLE_ORDERS_TOTAL . " where orders_total_id = '" . olc_db_input($_POST['otID']) . APOS); olc_redirect(olc_href_link(FILENAME_ORDERS_EDIT, 'edit_action=shipping&cID=' . $_POST['cID'] . '&oID=' . $_POST['oID'])); } if ($_GET['action'] == "cod_del") { olc_db_query(DELETE_FROM . TABLE_ORDERS_TOTAL . " where orders_total_id = '" . olc_db_input($_POST['otID']) . APOS); olc_redirect(olc_href_link(FILENAME_ORDERS_EDIT, 'edit_action=shipping&cID=' . $_POST['cID'] . '&oID=' . $_POST['oID'])); } // Löschfunktionen Ende require DIR_WS_INCLUDES . 'header.php'; ?> <table border="0" width="100%" cellspacing="2" cellpadding="2"> <tr> <td valign="top"><table border="0" cellspacing="1" cellpadding="1" class="columnLeft" nowrap="nowrap"> <!-- left_navigation //--> <?php require DIR_WS_INCLUDES . 'column_left.php'; ?> <!-- left_navigation_eof //--> </table></td> <!-- body_text //-->
$tax_class_description = olc_db_prepare_input($_POST['tax_class_description']); $date_added = olc_db_prepare_input($_POST['date_added']); olc_db_query(INSERT_INTO . TABLE_TAX_CLASS . " (tax_class_title, tax_class_description, date_added) values ('" . olc_db_input($tax_class_title) . "', '" . olc_db_input($tax_class_description) . "', now())"); olc_redirect(olc_href_link(FILENAME_TAX_CLASSES)); break; case 'save': $tax_class_id = olc_db_prepare_input($_GET['tID']); $tax_class_title = olc_db_prepare_input($_POST['tax_class_title']); $tax_class_description = olc_db_prepare_input($_POST['tax_class_description']); $last_modified = olc_db_prepare_input($_POST['last_modified']); olc_db_query(SQL_UPDATE . TABLE_TAX_CLASS . " set tax_class_id = '" . olc_db_input($tax_class_id) . "', tax_class_title = '" . olc_db_input($tax_class_title) . "', tax_class_description = '" . olc_db_input($tax_class_description) . "', last_modified = now() where tax_class_id = '" . olc_db_input($tax_class_id) . APOS); olc_redirect(olc_href_link(FILENAME_TAX_CLASSES, 'page=' . $_GET['page'] . '&tID=' . $tax_class_id)); break; case 'deleteconfirm': $tax_class_id = olc_db_prepare_input($_GET['tID']); olc_db_query(DELETE_FROM . TABLE_TAX_CLASS . " where tax_class_id = '" . olc_db_input($tax_class_id) . APOS); olc_redirect(olc_href_link(FILENAME_TAX_CLASSES, 'page=' . $_GET['page'])); break; } } require DIR_WS_INCLUDES . 'header.php'; ?> <table border="0" width="100%" cellspacing="2" cellpadding="2"> <tr> <td class="columnLeft2" nowrap="nowrap" valign="top"><table border="0" cellspacing="1" cellpadding="1" class="columnLeft" nowrap="nowrap"> <!-- left_navigation //--> <?php require DIR_WS_INCLUDES . 'column_left.php'; ?> <!-- left_navigation_eof //--> </table></td>
function query($order_id) { $order_id = olc_db_prepare_input($order_id); $order_query = olc_db_query(SELECT_ALL . TABLE_ORDERS . " where\n\t\torders_id = '" . olc_db_input($order_id) . APOS); $order = olc_db_fetch_array($order_query); $totals_query = olc_db_query("\n\t\tselect\n\t\ttitle,\n\t\ttext,\n\t\tvalue\n\t\tfrom " . TABLE_ORDERS_TOTAL . " where orders_id = '" . olc_db_input($order_id) . "' order by sort_order"); while ($totals = olc_db_fetch_array($totals_query)) { $this->totals[] = array('title' => $totals['title'], 'text' => $totals['text'], 'value' => $totals['value']); } // begin PayPal_Shopping_Cart_IPN $order_total_query = olc_db_query("select text, value from " . TABLE_ORDERS_TOTAL . " where orders_id = '" . $order_id . "' and class = 'ot_total'"); // end PayPal_Shopping_Cart_IPN $order_total = olc_db_fetch_array($order_total_query); //begin PayPal_Shopping_Cart_IPN $shipping_method_query = "select title, value from " . TABLE_ORDERS_TOTAL . " where orders_id = " . $order_id . " and class = 'ot_shipping'"; $shipping_method_query = olc_db_query($shipping_method_query); //end PayPal_Shopping_Cart_IPN $shipping_method = olc_db_fetch_array($shipping_method_query); $shipping_method = olc_db_fetch_array($shipping_method_query); $order_status_query = olc_db_query("select orders_status_name from " . TABLE_ORDERS_STATUS . " where orders_status_id = '" . $order['orders_status'] . "' and language_id = '" . SESSION_LANGUAGE_ID . APOS); $order_status = olc_db_fetch_array($order_status_query); $shipping_method_text = strip_tags($shipping_method['title']); if (substr($shipping_method_text, -1) == ':') { $shipping_method_text = substr($shipping_method_text, 0, -1); } $this->info = array('order_id' => $order_id, 'currency' => $order['currency'], 'currency_value' => $order['currency_value'], 'payment_method' => $order['payment_method'], 'cc_type' => $order['cc_type'], 'cc_owner' => $order['cc_owner'], 'cc_number' => $order['cc_number'], 'cc_expires' => $order['cc_expires'], 'cc_start' => $order['cc_start'], 'cc_issue' => $order['cc_issue'], 'cc_cvv' => $order['cc_cvv'], 'date_purchased' => $order['date_purchased'], 'orders_status_id' => $order['orders_status'], 'total_value' => $order_total['value'], 'orders_status' => $order_status['orders_status_name'], 'last_modified' => $order['last_modified'], 'orders_trackcode' => $order['orders_trackcode'], 'total' => strip_tags($order_total['text']), 'shipping_cost' => $shipping_method['value'], 'shipping_class' => $order['shipping_class'], 'shipping_method' => $shipping_method_text, 'orders_trackcode' => $order['orders_trackcode'], 'comments' => $order['comments'], 'language' => $order['language'], 'customers_order_reference' => $order['customers_order_reference']); $this->customer = array('id' => $order['customers_id'], 'name' => $order['customers_name'], 'csID' => $order['customers_cid'], 'cIP' => $order['customers_ip'], 'company' => $order['customers_company'], 'street_address' => $order['customers_street_address'], 'suburb' => $order['customers_suburb'], 'city' => $order['customers_city'], 'postcode' => $order['customers_postcode'], 'state' => $order['customers_state'], 'country' => $order['customers_country'], 'format_id' => $order['customers_address_format_id'], 'telephone' => $order['customers_telephone'], 'email_address' => $order['customers_email_address'], 'email_type' => $order['customers_email_type']); $this->delivery = array('name' => $order['delivery_name'], 'company' => $order['delivery_company'], 'street_address' => $order['delivery_street_address'], 'suburb' => $order['delivery_suburb'], 'city' => $order['delivery_city'], 'postcode' => $order['delivery_postcode'], 'state' => $order['delivery_state'], 'country' => $order['delivery_country'], 'format_id' => $order['delivery_address_format_id'], 'delivery_packingslip_number' => $order['delivery_packingslip_number'], 'delivery_packingslip_date' => $order['delivery_packingslip_date']); if (empty($this->delivery['name'])) { if (empty($this->delivery['street_address'])) { $this->delivery = false; } } $this->billing = array('name' => $order['billing_name'], 'company' => $order['billing_company'], 'street_address' => $order['billing_street_address'], 'suburb' => $order['billing_suburb'], 'city' => $order['billing_city'], 'postcode' => $order['billing_postcode'], 'state' => $order['billing_state'], 'country' => $order['billing_country'], 'format_id' => $order['billing_address_format_id'], 'billing_invoice_number' => $order['billing_invoice_number'], 'billing_invoice_date' => $order['billing_invoice_date']); $index = 0; $orders_products_query = olc_db_query("\n\t\tselect\n\t\torders_products_id,\n\t\tproducts_id,\n\t\tproducts_name,\n\t\tproducts_model,\n\t\tproducts_price,\n\t\tproducts_tax,\n\t\tproducts_quantity,\n\t\tfinal_price,\n\t\tallow_tax,\n\t\tproducts_discount_made\n\t\tfrom " . TABLE_ORDERS_PRODUCTS . " where orders_id = '" . olc_db_input($order_id) . APOS); while ($orders_products = olc_db_fetch_array($orders_products_query)) { $this->products[$index] = array('id' => $orders_products['products_id'], 'orders_products_id' => $orders_products['orders_products_id'], 'qty' => $orders_products['products_quantity'], 'name' => $orders_products['products_name'], 'model' => $orders_products['products_model'], 'tax' => $orders_products['products_tax'], 'price' => $orders_products['products_price'], 'discount' => $orders_products['products_discount_made'], 'final_price' => $orders_products['final_price'], 'allow_tax' => $orders_products['allow_tax']); $subindex = 0; $attributes_query = olc_db_query("\n\t\t\t\tselect\n\t\t\t\tproducts_options,\n\t\t\t\tproducts_options_values,\n\t\t\t\tproducts_options_id,\n\t\t\t\tproducts_options_values_id,\n\t\t\t\toptions_values_price,\n\t\t\t\tprice_prefix from " . TABLE_ORDERS_PRODUCTS_ATTRIBUTES . " where orders_id = '" . olc_db_input($order_id) . "' and orders_products_id = '" . $orders_products['orders_products_id'] . APOS); if (olc_db_num_rows($attributes_query)) { while ($attributes = olc_db_fetch_array($attributes_query)) { $this->products[$index]['attributes'][$subindex] = array('option' => $attributes['products_options'], 'value' => $attributes['products_options_values'], 'option_id' => $attributes['products_options_id'], 'value_id' => $attributes['products_options_values_id'], 'prefix' => $attributes['price_prefix'], 'price' => $attributes['options_values_price']); $subindex++; } } $index++; } }
<tr> <td class="pageHeading"><?php echo HEADING_TITLE; ?> </td> <td class="pageHeading" align="right"><?php echo olc_draw_separator('pixel_trans.gif', HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT); ?> </td> </tr> </table></td> </tr> <?php if ($_GET['action'] == 'edit') { $rID = olc_db_prepare_input($_GET['rID']); $reviews_query = olc_db_query("select r.reviews_id, r.products_id, r.customers_name, r.date_added, r.last_modified, r.reviews_read, rd.reviews_text, r.reviews_rating from " . TABLE_REVIEWS . " r, " . TABLE_REVIEWS_DESCRIPTION . " rd where r.reviews_id = '" . olc_db_input($rID) . "' and r.reviews_id = rd.reviews_id"); $reviews = olc_db_fetch_array($reviews_query); $products_query = olc_db_query("select products_image from " . TABLE_PRODUCTS . " where products_id = '" . $reviews['products_id'] . APOS); $products = olc_db_fetch_array($products_query); $products_name_query = olc_db_query("select products_name from " . TABLE_PRODUCTS_DESCRIPTION . " where products_id = '" . $reviews['products_id'] . "' and language_id = '" . SESSION_LANGUAGE_ID . APOS); $products_name = olc_db_fetch_array($products_name_query); $rInfo_array = olc_array_merge($reviews, $products, $products_name); $rInfo = new objectInfo($rInfo_array); ?> <tr><?php echo olc_draw_form('review', FILENAME_REVIEWS, 'page=' . $_GET['page'] . '&rID=' . $_GET['rID'] . '&action=preview'); ?> <td><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="main" valign="top"><b><?php echo ENTRY_PRODUCT;
echo HEADING_TITLE_STATUS; ?> </td> <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACCOUNT_CREATED; ?> </td> <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACTION; ?> </td> </tr> <?php $search = EMPTY_STRING; if ($_GET['search'] && olc_not_null($_GET['search'])) { $keywords = olc_db_input(olc_db_prepare_input($_GET['search'])); $search = " where c.customers_lastname like '%" . $keywords . "%' or c.customers_firstname like '%" . $keywords . "%' or c.customers_email_address like '%" . $keywords . "%'"; } if ($_GET['status'] && $_GET['status'] != '100' or $_GET['status'] == '0') { $status = olc_db_prepare_input($_GET['status']); // echo $status; $search = " where c.customers_status = '" . $status . APOS; } $customers_query_raw = SELECT . "c.account_type,c.customers_id, c.customers_lastname, c.customers_firstname, c.customers_email_address, a.entry_country_id, c.customers_status, c.member_flag from " . TABLE_CUSTOMERS . " c left join " . TABLE_ADDRESS_BOOK . " a on c.customers_id = a.customers_id and c.customers_default_address_id = a.address_book_id " . $search . " order by c.customers_lastname, c.customers_firstname"; $customers_split = new splitPageResults($_GET['page'], MAX_DISPLAY_SEARCH_RESULTS, $customers_query_raw, $customers_query_numrows); $customers_query = olc_db_query($customers_query_raw); while ($customers = olc_db_fetch_array($customers_query)) { $info_query = olc_db_query(SELECT . "customers_info_date_account_created as date_account_created, customers_info_date_account_last_modified as date_account_last_modified, customers_info_date_of_last_logon as date_last_logon, customers_info_number_of_logons as number_of_logons from " . TABLE_CUSTOMERS_INFO . " where customers_info_id = '" . $customers['customers_id'] . APOS); $info = olc_db_fetch_array($info_query); if ((!$cId || @$cId == $customers['customers_id']) && !$cInfo) { $country_query = olc_db_query(SELECT . "countries_name from " . TABLE_COUNTRIES . " where countries_id = '" . $customers['entry_country_id'] . APOS);
// } if (USE_CACHE == TRUE_STRING_S) { olc_reset_cache_block('blacklist'); } olc_redirect(olc_href_link(FILENAME_BLACKLIST, 'page=' . $_GET['page'] . '&bID=' . $blacklist_id)); break; case 'deleteconfirm': $blacklist_id = olc_db_prepare_input($_GET['bID']); /* if ($_POST['delete_image'] == 'on') { $manufacturer_query = olc_db_query("select manufacturers_image from " . TABLE_MANUFACTURERS . " where manufacturers_id = '" . olc_db_input($manufacturers_id) . APOS); $manufacturer = olc_db_fetch_array($manufacturer_query); $image_location = DIR_FS_DOCUMENT_ROOT . DIR_WS_CATALOG_IMAGES . $manufacturer['manufacturers_image']; if (file_exists($image_location)) @unlink($image_location); } */ olc_db_query(DELETE_FROM . TABLE_BLACKLIST . " where blacklist_id = '" . olc_db_input($blacklist_id) . APOS); // olc_db_query(DELETE_FROM . TABLE_MANUFACTURERS_INFO . " where manufacturers_id = '" . olc_db_input($manufacturers_id) . APOS); /* if ($_POST['delete_products'] == 'on') { $products_query = olc_db_query("select products_id from " . TABLE_PRODUCTS . " where manufacturers_id = '" . olc_db_input($manufacturers_id) . APOS); while ($products = olc_db_fetch_array($products_query)) { olc_remove_product($products['products_id']); } } else { olc_db_query(SQL_UPDATE . TABLE_PRODUCTS . " set manufacturers_id = '' where manufacturers_id = '" . olc_db_input($manufacturers_id) . APOS); } */ if (USE_CACHE == TRUE_STRING_S) { olc_reset_cache_block('manufacturers'); } olc_redirect(olc_href_link(FILENAME_BLACKLIST, 'page=' . $_GET['page'])); break;
function import() { $this->time_start = time(); $lines = 1; $lines_ok = 0; // sonstige variablen $newsletter = 0; $set_suburb = ACCOUNT_SUBURB == TRUE_STRING_S; $set_state = ACCOUNT_STATE == TRUE_STRING_S; $email_adresses = array(); $error = EMPTY_STRING; define('INSERT_INTO_CUSTOMERS_INFO_SQL', INSERT_INTO . TABLE_CUSTOMERS_INFO . " (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values ('"); define('SELECT_COUNTRY_SQL', SELECT_ALL . "`countries` WHERE `countries_iso_code_2` = '"); $check_email_sql = SELECT_COUNT . "as total from " . TABLE_CUSTOMERS . " where customers_email_address = '"; $update_table_customers = SQL_UPDATE . TABLE_CUSTOMERS . " set customers_default_address_id = '"; $fh = fopen($this->filename, "r"); if ($fh) { $zeile = fgets($fh); while (!feof($fh)) { // zeile einlesen & werte zuweisen $zeile = trim(fgets($fh)); if ($zeile) { $dataArray = explode(SEMI_COLON, $zeile); for ($j = 0, $m = sizeof($this->dataArray); $j < $m; $j++) { $data = $this->dataArray[$j]; if (substr($data, -1) == CSV_TEXTSIGN) { $dataArray[$j] = substr($data, 1, strlen($data) - 2); } } list($cid, $gruppe, $anrede, $email_address, $company, $lkz, $lastname, $city, $postcode, $password, $street_address, $fax, $telephone, $firstname, $d_company, $d_lkz, $d_lastname, $d_city, $d_postcode, $d_street_address, $d_fax, $d_telephone, $d_firstname) = $dataArray; $lines++; if (!$password) { // neues zufallspasswort erstelllen. $password = getpass(10); } // vorhandene Daten aufbereiten. $gruppe = trim($gruppe); switch ($gruppe) { case "Registriert": $customers_status = DEFAULT_CUSTOMERS_STATUS_ID_CUSTOMER; break; case "Merchant": $customers_status = DEFAULT_CUSTOMERS_STATUS_ID_DEALER; break; default: $customers_status = DEFAULT_CUSTOMERS_STATUS_ID_GUEST; } $anrede = trim($anrede); switch ($anrede) { case "Herr": $gender = "m"; break; case "Frau": $gender = "f"; break; default: $gender = "m"; } $country = set_country_info($lkz); $geburtsdatum = trim($geburtsdatum); if ($geburtsdatum != EMPTY_STRING && $geburtsdatum != ".000000000") { list($jahr, $monat, $tag) = sscanf($geburtsdatum, "%4d%2d%2d.%d"); $dob = sprintf("%02d.%02d.%4d", $tag, $monat, $jahr); } else { $dob = EMPTY_STRING; } // daten in db eintragen $vatID = new vat_validation($vat, EMPTY_STRING, EMPTY_STRING, $country); $customers_status = $vatID->vat_info['status']; $customers_vat_id_status = $vatID->vat_info['vat_id_status']; if ($vatID->vat_info['error']) { $error .= ENTRY_VAT_ERROR; } $email_address = trim($email_address); $check_email_query = olc_db_query($check_email_sql . olc_db_input($email_address) . "' and account_type = '0'"); $check_email = olc_db_fetch_array($check_email_query); $s = QUOTE . $email_address . QUOTE . ' -- '; if ($check_email['total'] > 0) { $error .= $s . ENTRY_EMAIL_ADDRESS_ERROR_EXISTS . LPAREN . EMAIL_ALREADY_USED . $email_adresses[$email_address] . RPAREN; } elseif (strlen($email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) { $error .= $s . ENTRY_EMAIL_ADDRESS_ERROR; } elseif (olc_validate_email($email_address) == false) { $error .= $s . ENTRY_EMAIL_ADDRESS_CHECK_ERROR; /* $fp3 = fopen("kunden_import_mail-check-fail.csv", "a"); fputs($fp3, $zeile); fclose ($fp3); */ } if ($email_adresses[$email_address]) { $email_adresses[$email_address] .= COMMA_BLANK; } $email_adresses[$email_address] .= $lines; if ($dob != EMPTY_STRING) { $date_raw = olc_date_raw($dob); if (checkdate(substr($date_raw, 4, 2), substr($date_raw, 6, 2), substr($date_raw, 0, 4)) == false) { $error .= QUOTE . $dob . QUOTE . ' -- ' . ENTRY_DATE_OF_BIRTH_ERROR; } } if ($error) { $this->errorLog[] = sprintf(TEXT_ERROR, $error, $lines); $error = EMPTY_STRING; } else { $lines_ok++; $cid = trim($cid); $firstname = trim($firstname); $lastname = trim($lastname); $telephone = trim($telephone); $fax = trim($fax); $street_address = trim($street_address); $company = trim($company); $postcode = trim($postcode); $city = trim($city); $sql_data_array = array('customers_cid' => $cid, 'customers_vat_id' => $vat, 'customers_vat_id_status' => $customers_vat_id_status, 'customers_status' => $customers_status, 'customers_firstname' => $firstname, 'customers_lastname' => $lastname, 'customers_email_address' => $email_address, 'customers_telephone' => $telephone, 'customers_fax' => $fax, 'customers_newsletter' => $newsletter, 'customers_password' => olc_encrypt_password($password), 'customers_gender' => $gender, 'customers_dob' => $date_raw, 'customers_date_added' => 'now()', 'customers_last_modified' => 'now()'); olc_db_perform(TABLE_CUSTOMERS, $sql_data_array); $user_id = olc_db_insert_id(); $sql_data_array = array('customers_id' => $user_id, 'entry_firstname' => $firstname, 'entry_lastname' => $lastname, 'entry_street_address' => $street_address, 'entry_postcode' => $postcode, 'entry_city' => $city, 'entry_country_id' => $country, 'entry_gender' => $gender, 'entry_company' => $company, 'address_date_added' => 'now()', 'address_last_modified' => 'now()'); olc_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array); $address_id = olc_db_insert_id(); olc_db_query($update_table_customers . $address_id . "' where customers_id = '" . (int) $user_id . APOS); olc_db_query(INSERT_INTO_CUSTOMERS_INFO_SQL . (int) $user_id . "', '0', now())"); if ($d_lkz) { //Separate delivery-adress. $country = set_country_info($d_lkz); $firstname = trim($d_firstname); $lastname = trim($d_lastname); $telephone = trim($d_telephone); $fax = trim($d_fax); $street_address = trim($d_street_address); $company = trim($d_company); $postcode = trim($d_postcode); $city = trim($d_city); $sql_data_array = array('customers_id' => $user_id, 'entry_firstname' => $firstname, 'entry_lastname' => $lastname, 'entry_street_address' => $street_address, 'entry_postcode' => $postcode, 'entry_city' => $city, 'entry_country_id' => $country, 'entry_gender' => $gender, 'entry_company' => $company, 'address_date_added' => 'now()', 'address_last_modified' => 'now()'); olc_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array); } // create smarty elements if ($send_mail) { $this->smarty->assign('GENDER', $gender); $this->smarty->assign('FIRSTNAME', $firstname); $this->smarty->assign('LASTNAME', $lastname); $this->smarty->assign('EMAIL', $email_address); $this->smarty->assign('PASSWORT', $password); $this->smarty->caching = false; $txt_mail_customer = $this->smarty->fetch($this->email_template); // mail versenden olc_php_mail(STORE_OWNER_EMAIL_ADDRESS, STORE_OWNER, $email_address, $firstname . BLANK . $lastname, EMPTY_STRING, STORE_OWNER_EMAIL_ADDRESS, STORE_OWNER, EMPTY_STRING, EMPTY_STRING, TEXT_MAIL_SUBJECT, EMPTY_STRING, $txt_mail_customer); } } flush(); } } fclose($fh); } else { $file_error = TEXT_FILE_ERROR_OPEN; } if ($file_error) { $this->errorLog[] = sprintf(TEXT_ERROR_FILE, $file_error); } $this->result = array(array('prod_new' => $lines_ok . " von " . ($lines - 1)), $this->errorLog, $this->calcElapsedTime($this->time_start)); return $this->result; }
?> </td> <td class="pageHeading" align="right"><?php echo olc_draw_separator('pixel_trans.gif', HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT); ?> </td> </tr> </table></td> </tr> <?php if ($_GET['action'] == 'new') { $form_action = 'insert'; if ($_GET['abID']) { $abID = olc_db_prepare_input($_GET['abID']); $form_action = 'update'; $affiliate_banner_query = olc_db_query("select * from " . TABLE_AFFILIATE_BANNERS . " where affiliate_banners_id = '" . olc_db_input($abID) . APOS); $affiliate_banner = olc_db_fetch_array($affiliate_banner_query); $abInfo = new objectInfo($affiliate_banner); } elseif ($_POST) { $abInfo = new objectInfo($_POST); } else { $abInfo = new objectInfo(array()); } $groups_array = array(); $groups_query = olc_db_query("select distinct affiliate_banners_group from " . TABLE_AFFILIATE_BANNERS . " order by affiliate_banners_group"); while ($groups = olc_db_fetch_array($groups_query)) { $groups_array[] = array('id' => $groups['affiliate_banners_group'], 'text' => $groups['affiliate_banners_group']); } ?> <tr> <td><?php
function getHits($date_start, $date_end = '', $type) { switch ($type) { case 1: case 2: case 3: $selection = " and time>'" . olc_db_input(date("Y-m-d", $date_start)) . "'" . " and time <'" . olc_db_input(date("Y-m-d", $date_end)) . "'"; break; case 4: $end = mktime(0, 0, 0, date("m", $date_start), date("d", $date_start) + 1, date("Y", $date_start)); $selection = " and time>'" . olc_db_input(date("Y-m-d", $date_start)) . "'" . " and time<'" . olc_db_input(date("Y-m-d", $end)) . "'"; break; } // select leads $hits_query = "SELECT count(*) as hits FROM " . TABLE_CAMPAIGNS_IP . " WHERE campaign='" . $this->campaign . "'" . $selection; $hits_query = olc_db_query($hits_query); $hits_data = olc_db_fetch_array($hits_query); $this->result[$this->counterCMP]['result'][$this->counter]['hits'] = $hits_data['hits']; $this->result[$this->counterCMP]['hits_s'] += $hits_data['hits']; if ($this->total['leads'] == 0) { $this->result[$this->counterCMP]['result'][$this->counter]['leads_p'] = 0; } else { $this->result[$this->counterCMP]['result'][$this->counter]['leads_p'] = $lead_data['leads'] / $this->total['leads'] * 100; } }