$customerid_result = $dbconn->Execute($sql);
if ($customerid == $customerid_result->fields) {
$ticket_customers_id = $customerid['customers_id'];
}
}
// generate LinkID
$time = mktime();
$ticket_link_id = '';
for ($x = 3; $x < 10; $x++) {
$ticket_link_id .= substr($time, $x, 1) . oos_create_random_value(1, $type = 'chars');
}
$sql_data_array = array('ticket_link_id' => $ticket_link_id, 'ticket_customers_id' => $ticket_customers_id, 'ticket_customers_orders_id' => $ticket_customers_orders_id, 'ticket_customers_email' => $email, 'ticket_customers_name' => $name, 'ticket_subject' => $subject, 'ticket_status_id' => TICKET_DEFAULT_STATUS_ID, 'ticket_department_id' => $department, 'ticket_priority_id' => $priority, 'ticket_login_required' => TICKET_CUSTOMER_LOGIN_REQUIREMENT_DEFAULT, 'ticket_date_last_modified' => 'now()', 'ticket_date_last_customer_modified' => 'now()', 'ticket_date_created' => 'now()');
oos_db_perform($oostable['ticket_ticket'], $sql_data_array);
$insert_id = $dbconn->Insert_ID();
$sql_data_array = array('ticket_id' => $insert_id, 'ticket_status_id' => TICKET_DEFAULT_STATUS_ID, 'ticket_priority_id' => $priority, 'ticket_department_id' => $department, 'ticket_date_modified' => 'now()', 'ticket_customer_notified' => '1', 'ticket_edited_by' => $name, 'ticket_comments' => $enquiry);
oos_db_perform($oostable['ticket_status_history'], $sql_data_array);
// Email Customer doesn't get the Message cause he should use the web
$ticket_email_subject = $aLang['ticket_email_subject'] . $subject;
$ticket_email_message = $aLang['ticket_email_message_header'] . "\n\n" . oos_href_link($aPages['ticket_view'], 'tlid=' . $ticket_link_id, 'NONSSL', false, false) . "\n\n" . $aLang['ticket_email_ticket_nr'] . " " . $ticket_link_id . "\n" . $aLang['ticket_email_message_footer'];
$ticket_email_message = decode($ticket_email_message);
oos_mail($name, $email, $ticket_email_subject, nl2br($ticket_email_message), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, '3');
// send emails to other people
if (SEND_EXTRA_ORDER_EMAILS_TO != '') {
// $ticket_email_message = $aLang['ticket_email_message_header'] . "\n\n" . oos_href_link($aPages['ticket_view'], 'tlid=' . $ticket_link_id, 'NONSSL', false, false) . "\n\n" . $aLang['ticket_email_message_footer'] . "\n\n" . $enquiry;
oos_mail('', SEND_EXTRA_ORDER_EMAILS_TO, $ticket_email_subject, nl2br($ticket_email_message), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, '1');
}
MyOOS_CoreApi::redirect(oos_href_link($aPages['ticket_create'], 'action=success&tlid=' . $ticket_link_id));
}
}
if (TICKET_USE_ORDER_IDS == '1' && isset($_SESSION['customer_id'])) {
$orders_id = array();
$sql_data_marray[$i] = array('coupon_name' => oos_db_prepare_input($_POST['coupon_name'][$lang_id]), 'coupon_description' => oos_db_prepare_input($_POST['coupon_desc'][$lang_id]));
}
if (isset($_GET['oldaction']) && $_GET['oldaction'] == 'voucheredit') {
oos_db_perform($oostable['coupons'], $sql_data_array, 'update', "coupon_id='" . $_GET['cID'] . "'");
for ($i = 0, $n = count($languages); $i < $n; $i++) {
$lang_id = $languages[$i]['id'];
$update = $dbconn->Execute("UPDATE " . $oostable['coupons_description'] . " SET coupon_name = '" . oos_db_prepare_input($_POST['coupon_name'][$lang_id]) . "', coupon_description = '" . oos_db_prepare_input($_POST['coupon_desc'][$lang_id]) . "' WHERE coupon_id = '" . intval($coupon_id) . "' and coupon_languages_id = '" . intval($lang_id) . "'");
}
} else {
$query = oos_db_perform($oostable['coupons'], $sql_data_array);
$coupon_id = $dbconn->Insert_ID();
for ($i = 0, $n = count($languages); $i < $n; $i++) {
$lang_id = $languages[$i]['id'];
$sql_data_marray[$i]['coupon_id'] = $coupon_id;
$sql_data_marray[$i]['coupon_languages_id'] = $lang_id;
oos_db_perform($oostable['coupons_description'], $sql_data_marray[$i]);
}
}
}
oos_redirect_admin(oos_href_link_admin($aFilename['coupon_admin'], 'page=' . $_GET['page'] . '&cID=' . $coupon_id));
}
}
require 'includes/oos_header.php';
?>
<link rel="stylesheet" type="text/css" href="includes/javascript/spiffyCal/spiffyCal_v2_1.css">
<script language="JavaScript" src="includes/javascript/spiffyCal/spiffyCal_v2_1.js"></script>
<script language="javascript">
var dateAvailable = new ctlSpiffyCalendarBox("dateAvailable", "new_product", "products_date_available","btnDate1","<?php
echo $pInfo->products_date_available;
?>
",scBTNMODE_CUSTOMBLUE);
// define our localization functions
require 'includes/functions/function_localization.php';
require 'includes/classes/class_currencies.php';
$currencies = new currencies();
$action = isset($_GET['action']) ? $_GET['action'] : '';
if (!empty($action)) {
switch ($action) {
case 'insert':
case 'save':
$currency_id = oos_db_prepare_input($_GET['cID']);
$sql_data_array = array('title' => $title, 'code' => $code, 'symbol_left' => $symbol_left, 'symbol_right' => $symbol_right, 'decimal_point' => $decimal_point, 'thousands_point' => $thousands_point, 'decimal_places' => $decimal_places, 'value' => $currency_value);
if ($action == 'insert') {
oos_db_perform($oostable['currencies'], $sql_data_array);
$currency_id = $dbconn->Insert_ID();
} elseif ($action == 'save') {
oos_db_perform($oostable['currencies'], $sql_data_array, 'update', "currencies_id = '" . oos_db_input($currency_id) . "'");
}
if (isset($_POST['default']) && $_POST['default'] == 'on') {
$dbconn->Execute("UPDATE " . $oostable['configuration'] . " SET configuration_value = '" . oos_db_input($code) . "' WHERE configuration_key = 'DEFAULT_CURRENCY'");
}
oos_redirect_admin(oos_href_link_admin($aFilename['currencies'], 'page=' . $_GET['page'] . '&cID=' . $currency_id));
break;
case 'deleteconfirm':
$currencies_id = oos_db_prepare_input($_GET['cID']);
$currency_result = $dbconn->Execute("SELECT currencies_id FROM " . $oostable['currencies'] . " WHERE code = '" . DEFAULT_CURRENCY . "'");
$currency = $currency_result->fields;
if ($currency['currencies_id'] == $currencies_id) {
$dbconn->Execute("UPDATE " . $oostable['configuration'] . " SET configuration_value = '' WHERE configuration_key = 'DEFAULT_CURRENCY'");
}
$dbconn->Execute("DELETE FROM " . $oostable['currencies'] . " WHERE currencies_id = '" . oos_db_input($currencies_id) . "'");
oos_redirect_admin(oos_href_link_admin($aFilename['currencies'], 'page=' . $_GET['page']));
if (empty($ticket_reply_id)) {
$ticket_replytable = $oostable['ticket_reply'];
$next_id_result = $dbconn->Execute("SELECT max(ticket_reply_id) as ticket_reply_id FROM $ticket_replytable");
$next_id = $next_id_result->fields;
$ticket_reply_id = $next_id['ticket_reply_id'] + 1;
}
$insert_sql_data = array('ticket_reply_id' => $ticket_reply_id,
'ticket_languages_id' => $lang_id);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
oos_db_perform($oostable['ticket_reply'], $sql_data_array);
} elseif ($action == 'save') {
oos_db_perform($oostable['ticket_reply'], $sql_data_array, 'update', "ticket_reply_id = '" . oos_db_input($ticket_reply_id) . "' and ticket_languages_id = '" . intval($lang_id) . "'");
}
}
if (isset($_POST['default']) && ($_POST['default'] == 'on')) {
$configurationtable = $oostable['configuration'];
$dbconn->Execute("UPDATE $configurationtable SET configuration_value = '" . oos_db_input($ticket_reply_id) . "' WHERE configuration_key = 'TICKET_DEFAULT_REPLY_ID'");
}
oos_redirect_admin(oos_href_link_admin($aFilename['ticket_reply'], 'page=' . $_GET['page'] . '&oID=' . $ticket_reply_id));
break;
case 'deleteconfirm':
$oID = oos_db_prepare_input($_GET['oID']);
$configurationtable = $oostable['configuration'];
$update_sql_data = array('last_modified' => '" . date("Y-m-d H:i:s", time()) . "');
$sql_data_array = array_merge($sql_data_array, $update_sql_data);
oos_db_perform($oostable['block'], $sql_data_array, 'update', "block_id = '" . intval($block_content_id) . "'");
$dbconn->Execute("DELETE FROM " . $oostable['block_to_page_type'] . " WHERE block_id = '" . intval($block_content_id) . "'");
}
$languages = oos_get_languages();
for ($i = 0, $n = count($languages); $i < $n; $i++) {
$block_content_name_array = $_POST['block_name'];
$lang_id = $languages[$i]['id'];
$sql_data_array = array('block_name' => oos_db_prepare_input($block_content_name_array[$lang_id]));
if ($action == 'insert') {
$insert_sql_data = array('block_id' => $block_content_id, 'block_languages_id' => $lang_id);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
oos_db_perform($oostable['block_info'], $sql_data_array);
} elseif ($action == 'save') {
oos_db_perform($oostable['block_info'], $sql_data_array, 'update', "block_id = '" . intval($block_content_id) . "' AND block_languages_id = '" . intval($lang_id) . "'");
}
}
if (isset($_REQUEST['page_type'])) {
reset($_REQUEST['page_type']);
foreach ($_REQUEST['page_type'] as $k => $id) {
$sql = "INSERT INTO " . $oostable['block_to_page_type'] . "\n (block_id,\n page_type_id)\n VALUES (" . $dbconn->qstr($block_content_id) . ',' . $dbconn->qstr($id) . ")";
$dbconn->Execute($sql);
}
}
oos_redirect_admin(oos_href_link_admin($aFilename['content_block'], 'page=' . $_GET['page'] . '&bID=' . $block_content_id));
break;
case 'deleteconfirm':
$block_content_id = oos_db_prepare_input($_GET['bID']);
$dbconn->Execute("DELETE FROM " . $oostable['block'] . " WHERE block_id = '" . intval($block_content_id) . "'");
$dbconn->Execute("DELETE FROM " . $oostable['block_info'] . " WHERE block_id = '" . intval($block_content_id) . "'");
/**
* Return Categories description
*
* @param $nCurrentCategoryId
* @return array
*/
function oos_get_categories_description($nCurrentCategoryId)
{
$nLanguageID = isset($_SESSION['language_id']) ? $_SESSION['language_id']+0 : 1;
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$categories_descriptiontable = $oostable['categories_description'];
$categories_description_sql = "SELECT cd.categories_name, cd.categories_heading_title, cd.categories_description,
cd.categories_description_meta, cd.categories_keywords_meta
FROM $categories_descriptiontable cd
WHERE cd.categories_id = '" . intval($nCurrentCategoryId) . "'
AND cd.categories_languages_id = '" . intval(DEFAULT_LANGUAGE_ID) . "'";
$categories_description_result = $dbconn->Execute($categories_description_sql);
$categories_description = $categories_description_result->fields;
$sql_data_array = array('categories_name' => oos_db_input($categories_description['categories_name']),
'categories_heading_title' => oos_db_input($categories_description['categories_heading_title']),
'categories_description' => oos_db_input($categories_description['categories_description']),
'categories_description_meta' => oos_db_input($categories_description['categories_description_meta']),
'categories_keywords_meta' => oos_db_input($categories_description['categories_keywords_meta']));
$categories_descriptiontable = $oostable['categories_description'];
oos_db_perform($categories_descriptiontable, $sql_data_array, 'update', 'categories_id = \'' . intval($nCurrentCategoryId) . '\' and categories_languages_id = \'' . intval($nLanguageID) . '\'');
return $categories_description;
}
$sql_data_array = array('entry_firstname' => $customers_firstname,
'entry_lastname' => $customers_lastname,
'entry_street_address' => $entry_street_address,
'entry_postcode' => $entry_postcode,
'entry_city' => $entry_city,
'entry_country_id' => $entry_country_id);
if (ACCOUNT_COMPANY == '1') $sql_data_array['entry_company'] = $entry_company;
if (ACCOUNT_OWNER == '1') $sql_data_array['entry_owner'] = $entry_owner;
if (ACCOUNT_SUBURB == '1') $sql_data_array['entry_suburb'] = $entry_suburb;
if (ACCOUNT_STATE == '1') {
$sql_data_array['entry_state'] = $entry_state;
$sql_data_array['entry_zone_id'] = $entry_zone_id;
}
oos_db_perform($oostable['address_book'], $sql_data_array, 'update', "customers_id = '" . intval($customers_id) . "' and address_book_id = '" . oos_db_input($default_address_id) . "'");
oos_redirect_admin(oos_href_link_admin($aFilename['customers'], oos_get_all_get_params(array('cID', 'action')) . 'cID=' . $customers_id));
break;
case 'deleteconfirm':
$customers_id = oos_db_prepare_input($_GET['cID']);
if (isset($_POST['delete_reviews']) && ($_POST['delete_reviews'] == 'on')) {
$reviewstable = $oostable['reviews'];
$reviews_result = $dbconn->Execute("SELECT reviews_id FROM $reviewstable WHERE customers_id = '" . intval($customers_id) . "'");
while ($reviews = $reviews_result->fields) {
$reviews_descriptiontable = $oostable['reviews_description'];
$dbconn->Execute("DELETE FROM $reviews_descriptiontable WHERE reviews_id = '" . $reviews['reviews_id'] . "'");
// Move that ADOdb pointer!
$reviews_result->MoveNext();
$dbconn->Execute("INSERT INTO " . $oostable['newsfeed_manager_status_history'] . " (newsfeed_manager_id, new_value, old_value, date_added, customer_notified) values ('" . oos_db_input($nmID) . "', '" . oos_db_input($status) . "', '" . $check_status['newsfeed_manager_status'] . "', '" . date("Y-m-d H:i:s", time()) . "', '" . $customer_notified . "')");
$customer_updated = true;
}
break;
case 'insert':
case 'update':
$newsfeed_manager_id = oos_db_prepare_input($_GET['nmID']);
$sql_data_array = array('newsfeed_categories_id' => $newsfeed_categories_id, 'newsfeed_manager_name' => $newsfeed_manager_name, 'newsfeed_manager_link' => $newsfeed_manager_link, 'newsfeed_manager_languages_id' => $newsfeed_manager_languages_id, 'newsfeed_manager_numarticles' => $newsfeed_manager_numarticles, 'newsfeed_manager_refresh' => $newsfeed_manager_refresh);
if ($action == 'insert') {
$insert_sql_data = array('newsfeed_manager_date_added' => '" . date("Y-m-d H:i:s", time()) . "');
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
oos_db_perform($oostable['newsfeed_manager'], $sql_data_array);
} elseif ($action == 'update') {
$update_sql_data = array('newsfeed_manager_last_modified' => '" . date("Y-m-d H:i:s", time()) . "');
$sql_data_array = array_merge($sql_data_array, $update_sql_data);
oos_db_perform($oostable['newsfeed_manager'], $sql_data_array, 'update', "newsfeed_manager_id = '" . oos_db_input($newsfeed_manager_id) . "'");
}
oos_redirect_admin(oos_href_link_admin($aFilename['newsfeed_manager'], oos_get_all_get_params(array('nmID', 'action')) . 'nmID=' . $newsfeed_manager_id));
break;
case 'deleteconfirm':
$newsfeed_manager_id = oos_db_prepare_input($_GET['nmID']);
$dbconn->Execute("DELETE FROM " . $oostable['newsfeed_manager'] . " WHERE newsfeed_manager_id = '" . oos_db_input($newsfeed_manager_id) . "'");
oos_redirect_admin(oos_href_link_admin($aFilename['newsfeed_manager'], oos_get_all_get_params(array('nmID', 'action'))));
break;
}
}
require 'includes/oos_header.php';
?>
<script language="javascript"><!--
function popupImageWindow(url) {
window.open(url,'popupImageWindow','toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no,resizable=yes,copyhistory=no,width=200,height=680,screenX=150,screenY=150,top=150,left=150')
}
break;
case 'group_new':
$admin_groups_name = ucwords(strtolower(oos_db_prepare_input($_POST['admin_groups_name'])));
$name_replace = preg_replace("/ /", "%", $admin_groups_name);
if ($admin_groups_name == '' || NULL || strlen($admin_groups_name) <= 5) {
oos_redirect_admin(oos_href_link_admin($aFilename['admin_members'], 'gID=' . $_GET[gID] . '&gName=false&action=new_group'));
} else {
$check_groups_name_query = "SELECT admin_groups_name as group_name_new FROM " . $oostable['admin_groups'] . " WHERE admin_groups_name like '%" . $name_replace . "%'";
$check_groups_name_result =& $dbconn->Execute($check_groups_name_query);
$check_duplicate = $check_groups_name_result->RecordCount();
if ($check_duplicate > 0) {
oos_redirect_admin(oos_href_link_admin($aFilename['admin_members'], 'gID=' . $_GET['gID'] . '&gName=used&action=new_group'));
} else {
$sql_data_array = array('admin_groups_name' => $admin_groups_name);
oos_db_perform($oostable['admin_groups'], $sql_data_array);
$admin_groups_id = $dbconn->Insert_ID();
$set_groups_id = oos_db_prepare_input($_POST['set_groups_id']);
$add_group_id = $set_groups_id . ',\'' . $admin_groups_id . '\'';
$query = "alter table " . $oostable['admin_files'] . " change admin_groups_id admin_groups_id set( " . $add_group_id . ") NOT NULL DEFAULT '1' ";
$dbconn->Execute($query);
oos_redirect_admin(oos_href_link_admin($aFilename['admin_members'], 'gID=' . $admin_groups_id));
}
}
break;
}
}
require 'includes/oos_header.php';
require 'includes/account_check.js.php';
?>
<!-- body //-->
'orders_products_id' => $order_products_id,
'products_options' => $attributes_values['products_options_name'],
'products_options_values' => $oOrder->products[$i]['attributes'][$j]['value'],
'options_values_price' => $attributes_values['options_values_price'],
'price_prefix' => $attributes_values['price_prefix']);
// insert
oos_db_perform($oostable['orders_products_attributes'], $sql_data_array);
if ((DOWNLOAD_ENABLED == '1') && isset($attributes_values['products_attributes_filename']) && !empty($attributes_values['products_attributes_filename'])) {
$sql_data_array = array('orders_id' => $insert_id,
'orders_products_id' => $order_products_id,
'orders_products_filename' => $attributes_values['products_attributes_filename'],
'download_maxdays' => $attributes_values['products_attributes_maxdays'],
'download_count' => $attributes_values['products_attributes_maxcount']);
// insert
oos_db_perform($oostable['orders_products_download'], $sql_data_array);
}
$products_ordered_attributes .= "\n\t" . $attributes_values['products_options_name'] . ' ' . oos_decode_special_chars($oOrder->products[$i]['attributes'][$j]['value']);
}
}
// insert customer choosen option eof
$total_weight += ($oOrder->products[$i]['qty'] * $oOrder->products[$i]['weight']);
$total_tax += oos_calculate_tax($total_products_price, $products_tax) * $oOrder->products[$i]['qty'];
$total_cost += $total_products_price;
$products_ordered .= $oOrder->products[$i]['qty'] . ' x ' . $oOrder->products[$i]['name'] . ' (' . $oOrder->products[$i]['model'] . ') = ' . $oCurrencies->display_price($oOrder->products[$i]['final_price'], $oOrder->products[$i]['tax'], $oOrder->products[$i]['qty']) . $products_ordered_attributes . "\n";
}
oos_get_copy_uploaded_file($newsfeed_image, $image_directory);
}
}
$languages = oos_get_languages();
for ($i = 0, $n = count($languages); $i < $n; $i++) {
$newsfeed_name_array = $_POST['newsfeed_name'];
$newsfeed_title_array = $_POST['newsfeed_title'];
$newsfeed_description_array = $_POST['newsfeed_description'];
$lang_id = $languages[$i]['id'];
$sql_data_array = array('newsfeed_name' => oos_db_prepare_input($newsfeed_name_array[$lang_id]), 'newsfeed_title' => oos_db_prepare_input($newsfeed_title_array[$lang_id]), 'newsfeed_description' => oos_db_prepare_input($newsfeed_description_array[$lang_id]));
if ($action == 'insert') {
$insert_sql_data = array('newsfeed_id' => $newsfeed_id, 'newsfeed_languages_id' => $lang_id);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
oos_db_perform($oostable['newsfeed_info'], $sql_data_array);
} elseif ($action == 'save') {
oos_db_perform($oostable['newsfeed_info'], $sql_data_array, 'update', "newsfeed_id = '" . oos_db_input($newsfeed_id) . "' and newsfeed_languages_id = '" . intval($lang_id) . "'");
}
}
oos_redirect_admin(oos_href_link_admin($aFilename['rss_conf'], 'page=' . $_GET['page'] . '&nID=' . $newsfeed_id));
break;
case 'deleteconfirm':
$newsfeed_id = oos_db_prepare_input($_GET['nID']);
if (isset($_POST['delete_image']) && $_POST['delete_image'] == 'on') {
$newsfeedtable = $oostable['newsfeed'];
$newsfeed_result = $dbconn->Execute("SELECT newsfeed_image FROM {$newsfeedtable} WHERE newsfeed_id = '" . oos_db_input($newsfeed_id) . "'");
$newsfeed = $newsfeed_result->fields;
$image_location = OOS_ABSOLUTE_PATH . OOS_IMAGES . $newsfeed['newsfeed_image'];
if (file_exists($image_location)) {
@unlink($image_location);
}
}
$sql_data_array = array('admin_files_name' => oos_db_prepare_input($_GET['box']), 'admin_files_is_boxes' => '1');
oos_db_perform($oostable['admin_files'], $sql_data_array);
$admin_boxes_id = $dbconn->Insert_ID();
oos_redirect_admin(oos_href_link_admin($aFilename['admin_files'], 'cID=' . $admin_boxes_id));
break;
case 'box_remove':
// NOTE: ALSO DELETE FILES STORED IN REMOVED BOX //
$admin_boxes_id = oos_db_prepare_input($_GET['cID']);
$admin_filestable = $oostable['admin_files'];
$query = "DELETE FROM " . $admin_filestable . " WHERE admin_files_id = '" . $admin_boxes_id . "' or admin_files_to_boxes = '" . $admin_boxes_id . "'";
$dbconn->Execute($query);
oos_redirect_admin(oos_href_link_admin($aFilename['admin_files']));
break;
case 'file_store':
$sql_data_array = array('admin_files_name' => oos_db_prepare_input($_POST['admin_files_name']), 'admin_files_to_boxes' => oos_db_prepare_input($_POST['admin_files_to_boxes']));
oos_db_perform($oostable['admin_files'], $sql_data_array);
$admin_files_id = $dbconn->Insert_ID();
oos_redirect_admin(oos_href_link_admin($aFilename['admin_files'], 'categories=' . $_GET['categories'] . '&fID=' . $admin_files_id));
break;
case 'file_remove':
$admin_files_id = oos_db_prepare_input($_POST['admin_files_id']);
$admin_filestable = $oostable['admin_files'];
$query = "DELETE FROM " . $admin_filestable . " WHERE admin_files_id = '" . $admin_files_id . "'";
$dbconn->Execute($query);
oos_redirect_admin(oos_href_link_admin($aFilename['admin_files'], 'categories=' . $_GET['categories']));
break;
}
}
require 'includes/oos_header.php';
?>
<!-- body //-->
if ($_POST['product']) {
foreach ($_POST['product'] as $temp_prod) {
$products_up_selltable = $oostable['products_up_sell'];
$dbconn->Execute("DELETE FROM {$products_up_selltable} WHERE up_sell_id = '" . $temp_prod . "' AND products_id = '" . $_GET['add_related_product_ID'] . "'");
}
}
$products_up_selltable = $oostable['products_up_sell'];
$sort_start_result = $dbconn->Execute("SELECT sort_order FROM {$products_up_selltable} WHERE products_id = '" . $_GET['add_related_product_ID'] . "' ORDER BY sort_order desc LIMIT 1");
$sort_start = $sort_start_result->fields;
$sort = $sort_start['sort_order'] > 0 ? $sort_start['sort_order'] : '0';
if ($_POST['up']) {
foreach ($_POST['up'] as $temp) {
$sort++;
$insert_array = array();
$insert_array = array('products_id' => $_GET['add_related_product_ID'], 'up_sell_id' => $temp, 'sort_order' => $sort);
oos_db_perform($oostable['products_up_sell'], $insert_array);
}
}
$messageStack->add(UP_SELL_SUCCESS, 'success');
break;
case 'update_sort':
foreach ($_POST as $key_a => $value_a) {
$products_up_selltable = $oostable['products_up_sell'];
$dbconn->Execute("UPDATE {$products_up_selltable} SET sort_order = '" . $value_a . "' WHERE up_sell_id = '" . $key_a . "'");
}
$messageStack->add(SORT_UP_SELL_SUCCESS, 'success');
break;
}
require 'includes/oos_header.php';
?>
<!-- body //-->
}
}
if (!$banner_error) {
if (empty($html_text) && $store_image == true) {
oos_get_copy_uploaded_file($banners_image, $image_directory);
}
$db_image_location = oos_is_not_null($banners_image_local) ? $banners_image_local : $banners_image_target . $banners_image['name'];
$sql_data_array = array('banners_title' => $banners_title, 'banners_url' => $banners_url, 'banners_image' => $db_image_location, 'banners_group' => $banners_group, 'banners_html_text' => $html_text);
if ($action == 'insert') {
$insert_sql_data = array('date_added' => '" . date("Y-m-d H:i:s", time()) . "', 'status' => '1');
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
oos_db_perform($oostable['banners'], $sql_data_array);
$banners_id = $dbconn->Insert_ID();
$messageStack->add_session(SUCCESS_BANNER_INSERTED, 'success');
} elseif ($action == 'update') {
oos_db_perform($oostable['banners'], $sql_data_array, 'update', 'banners_id = \'' . $banners_id . '\'');
$messageStack->add_session(SUCCESS_BANNER_UPDATED, 'success');
}
if (isset($_POST['expires_date'])) {
$expires_date = oos_db_prepare_input($_POST['expires_date']);
list($day, $month, $year) = explode('/', $expires_date);
$expires_date = $year . (strlen($month) == 1 ? '0' . $month : $month) . (strlen($day) == 1 ? '0' . $day : $day);
$dbconn->Execute("UPDATE " . $oostable['banners'] . " SET expires_date = '" . oos_db_input($expires_date) . "', expires_impressions = null WHERE banners_id = '" . $banners_id . "'");
} elseif ($_POST['impressions']) {
$impressions = oos_db_prepare_input($_POST['impressions']);
$dbconn->Execute("UPDATE " . $oostable['banners'] . " SET expires_impressions = '" . oos_db_input($impressions) . "', expires_date = null WHERE banners_id = '" . $banners_id . "'");
}
if (isset($_POST['date_scheduled'])) {
$date_scheduled = oos_db_prepare_input($_POST['date_scheduled']);
list($day, $month, $year) = explode('/', $date_scheduled);
$date_scheduled = $year . (strlen($month) == 1 ? '0' . $month : $month) . (strlen($day) == 1 ? '0' . $day : $day);
if (ACCOUNT_OWNER == '1') {
$sql_data_array['entry_owner'] = $owner;
}
if (ACCOUNT_SUBURB == '1') {
$sql_data_array['entry_suburb'] = $suburb;
}
if (ACCOUNT_STATE == '1') {
if ($zone_id > 0) {
$sql_data_array['entry_zone_id'] = $zone_id;
$sql_data_array['entry_state'] = '';
} else {
$sql_data_array['entry_zone_id'] = '0';
$sql_data_array['entry_state'] = $state;
}
}
oos_db_perform($oostable['address_book'], $sql_data_array);
$customers_infotable = $oostable['customers_info'];
$dbconn->Execute("INSERT INTO " . $customers_infotable . "\n (customers_info_id,\n customers_info_number_of_logons,\n customers_info_date_account_created) VALUES ('" . intval($customer_id) . "',\n '0',\n '" . date("Y-m-d H:i:s", time()) . "')");
$_SESSION['customer_id'] = $customer_id;
$_SESSION['customer_wishlist_link_id'] = $wishlist_link_id;
$_SESSION['customer_first_name'] = $firstname;
$_SESSION['customer_default_address_id'] = 1;
$_SESSION['customer_country_id'] = $country;
$_SESSION['customer_zone_id'] = $zone_id;
$_SESSION['customer_max_order'] = $customer_max_order;
$_SESSION['man_key'] = $keya;
if (ACCOUNT_VAT_ID == '1') {
if (ACCOUNT_COMPANY_VAT_ID_CHECK == '1' && $vatid_check_error === false) {
$_SESSION['customers_vat_id_status'] = 1;
} else {
$_SESSION['customers_vat_id_status'] = 0;
oos_db_perform($oostable['categories'], $sql_data_array, 'update', 'categories_id = \'' . $categories_id . '\'');
}
$languages = oos_get_languages();
for ($i = 0, $n = count($languages); $i < $n; $i++) {
$categories_name_array = $_POST['categories_name'];
$lang_id = $languages[$i]['id'];
$sql_data_array = array('categories_name' => oos_db_prepare_input($categories_name_array[$lang_id]));
if (ALLOW_CATEGORY_DESCRIPTIONS == '1') {
$sql_data_array = array('categories_name' => oos_db_prepare_input($_POST['categories_name'][$lang_id]), 'categories_heading_title' => oos_db_prepare_input($_POST['categories_heading_title'][$lang_id]), 'categories_description' => oos_db_prepare_input($_POST['categories_description'][$lang_id]), 'categories_description_meta' => oos_db_prepare_input($_POST['categories_description_meta'][$lang_id]), 'categories_keywords_meta' => oos_db_prepare_input($_POST['categories_keywords_meta'][$lang_id]));
}
if ($action == 'insert_category') {
$insert_sql_data = array('categories_id' => $categories_id, 'categories_languages_id' => $languages[$i]['id']);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
oos_db_perform($oostable['categories_description'], $sql_data_array);
} elseif ($action == 'update_category') {
oos_db_perform($oostable['categories_description'], $sql_data_array, 'update', 'categories_id = \'' . $categories_id . '\' and categories_languages_id = \'' . $languages[$i]['id'] . '\'');
}
}
if (ALLOW_CATEGORY_DESCRIPTIONS == '1') {
$categories_image = $categories_image == 'none' ? '' : oos_db_prepare_input($categories_image);
$dbconn->Execute("UPDATE " . $oostable['categories'] . " SET categories_image = '" . oos_db_input($categories_image) . "' WHERE categories_id = '" . oos_db_input($categories_id) . "'");
$categories_image = '';
} else {
$categories_image = oos_get_uploaded_file('categories_image');
$image_directory = oos_get_local_path(OOS_ABSOLUTE_PATH . OOS_IMAGES);
if (is_uploaded_file($categories_image['tmp_name'])) {
$dbconn->Execute("UPDATE " . $oostable['categories'] . " SET categories_image = '" . $categories_image['name'] . "' WHERE categories_id = '" . oos_db_input($categories_id) . "'");
oos_get_copy_uploaded_file($categories_image, $image_directory);
}
}
oos_redirect_admin(oos_href_link_admin($aFilename['categories'], 'categories=' . $categories . '&cID=' . $categories_id));
if (ACCOUNT_GENDER == '1') $sql_data_array['entry_gender'] = $gender;
if (ACCOUNT_COMPANY == '1') $sql_data_array['entry_company'] = $company;
if (ACCOUNT_OWNER == '1') $sql_data_array['entry_owner'] = $owner;
if (ACCOUNT_SUBURB == '1') $sql_data_array['entry_suburb'] = $suburb;
if (ACCOUNT_STATE == '1') {
if ($zone_id > 0) {
$sql_data_array['entry_zone_id'] = $zone_id;
$sql_data_array['entry_state'] = '';
} else {
$sql_data_array['entry_zone_id'] = '0';
$sql_data_array['entry_state'] = $state;
}
}
oos_db_perform($oostable['address_book'], $sql_data_array, 'update', "customers_id = '" . intval($_SESSION['customer_id']) . "' AND address_book_id = '" . intval($_SESSION['customer_default_address_id']) . "'");
$update_info_sql = "UPDATE " . $oostable['customers_info'] . "
SET customers_info_date_account_last_modified = '" . date("Y-m-d H:i:s", time()) . "'
WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'";
$dbconn->Execute($update_info_sql);
//session
$_SESSION['customer_country_id'] = $country;
$_SESSION['customer_zone_id'] = $zone_id;
if (ACCOUNT_VAT_ID == '1') {
if ((ACCOUNT_COMPANY_VAT_ID_CHECK == '1') && ($vatid_check_error === false)) {
$_SESSION['customers_vat_id_status'] = 1;
} else {
$_SESSION['customers_vat_id_status'] = 0;
$information_name_array = $_POST['information_name'];
$information_url_array = $_POST['information_url'];
$information_heading_title_array = $_POST['information_heading_title'];
$information_description_array = $_POST['information_description'];
$lang_id = $languages[$i]['id'];
$sql_data_array = array('information_name' => oos_db_prepare_input($information_name_array[$lang_id]));
$sql_data_array_url = array('information_url' => oos_db_prepare_input($information_url_array[$lang_id]));
$sql_data_array_head = array('information_heading_title' => oos_db_prepare_input($information_heading_title_array[$lang_id]));
$sql_data_array_desc = array('information_description' => oos_db_prepare_input($information_description_array[$lang_id]));
$sql_data_array = array_merge($sql_data_array, $sql_data_array_url, $sql_data_array_desc, $sql_data_array_head);
if ($action == 'insert') {
$insert_sql_data = array('information_id' => $information_id, 'information_languages_id' => $lang_id);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
oos_db_perform($oostable['information_description'], $sql_data_array);
} elseif ($action == 'save') {
oos_db_perform($oostable['information_description'], $sql_data_array, 'update', "information_id = '" . oos_db_input($information_id) . "' AND information_languages_id = '" . intval($lang_id) . "'");
}
}
oos_redirect_admin(oos_href_link_admin($aFilename['information'], 'page=' . $_GET['page'] . '&mID=' . $information_id));
break;
case 'deleteconfirm':
$information_id = oos_db_prepare_input($_GET['mID']);
if ($information_id > 5) {
if (isset($_POST['delete_image']) && $_POST['delete_image'] == 'on') {
$informationtable = $oostable['information'];
$informations_result = $dbconn->Execute("SELECT information_image FROM {$informationtable} WHERE information_id = '" . oos_db_input($information_id) . "'");
$informations = $informations_result->fields;
$image_location = OOS_ABSOLUTE_PATH . OOS_IMAGES . $informations['information_image'];
if (file_exists($image_location)) {
@unlink($image_location);
}
$lang_id = $languages[$i]['id'];
if (isset($_REQUEST['payment'])) {
$customers_status_payment = implode(';', $_REQUEST['payment']);
}
$sql_data_array = array('customers_status_name' => $customers_status_name_array[$lang_id], 'customers_status_public' => $customers_status_public, 'customers_status_show_price' => $customers_status_show_price, 'customers_status_show_price_tax' => $customers_status_show_price_tax, 'customers_status_discount' => $customers_status_discount, 'customers_status_ot_discount_flag' => $customers_status_ot_discount_flag, 'customers_status_ot_discount' => $customers_status_ot_discount, 'customers_status_ot_minimum' => $customers_status_ot_minimum, 'customers_status_qty_discounts' => $customers_status_qty_discounts, 'customers_status_payment' => $customers_status_payment);
if ($action == 'insert') {
if (oos_empty($customers_status_id)) {
$next_id_result = $dbconn->Execute("SELECT max(customers_status_id) as customers_status_id FROM " . $oostable['customers_status'] . "");
$next_id = $next_id_result->fields;
$customers_status_id = $next_id['customers_status_id'] + 1;
}
$insert_sql_data = array('customers_status_id' => oos_db_prepare_input($customers_status_id), 'customers_status_languages_id' => $lang_id);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
oos_db_perform($oostable['customers_status'], $sql_data_array);
} elseif ($action == 'save') {
oos_db_perform($oostable['customers_status'], $sql_data_array, 'update', "customers_status_id = '" . oos_db_input($customers_status_id) . "' and customers_status_languages_id = '" . intval($lang_id) . "'");
}
}
// Changes by Guido Start
$customers_status_image = oos_get_uploaded_file('customers_status_image');
$image_directory = oos_get_local_path(OOS_ABSOLUTE_PATH . OOS_IMAGES . 'icons/');
if (is_uploaded_file($customers_status_image['tmp_name'])) {
if (!is_writeable($image_directory)) {
if (is_dir($image_directory)) {
$messageStack->add_session(sprintf(ERROR_DIRECTORY_NOT_WRITEABLE, $image_directory), 'error');
} else {
$messageStack->add_session(sprintf(ERROR_DIRECTORY_DOES_NOT_EXIST, $image_directory), 'error');
}
} else {
$dbconn->Execute("UPDATE " . $oostable['customers_status'] . " SET customers_status_image = '" . $customers_status_image['name'] . "' WHERE customers_status_id = '" . oos_db_input($customers_status_id) . "'");
oos_get_copy_uploaded_file($customers_status_image, $image_directory);
if ($check_customer_result->RecordCount()) {
$check_customer = $check_customer_result->fields;
$customerstable = $oostable['customers'];
$dbconn->Execute("UPDATE {$customerstable}\n SET customers_newsletter = '1'\n WHERE customers_id = '" . $check_customer['customers_id'] . "'");
oos_redirect(oos_href_link($aModules['newsletters'], $aFilename['newsletters_subscribe_success']));
} else {
$maillisttable = $oostable['maillist'];
$sql = "SELECT customers_firstname\n FROM {$maillisttable}\n WHERE customers_email_address = '" . oos_db_input($email_address) . "'";
$check_mail_customer_result = $dbconn->Execute($sql);
if ($check_mail_customer_result->RecordCount()) {
$maillisttable = $oostable['maillist'];
$dbconn->Execute("UPDATE {$maillisttable}\n SET customers_newsletter = '1'\n WHERE customers_email_address = '" . oos_db_input($email_address) . "'");
oos_redirect(oos_href_link($aModules['newsletters'], $aFilename['newsletters_subscribe_success']));
} else {
$sql_data_array = array('customers_firstname' => $firstname, 'customers_lastname' => $lastname, 'customers_email_address' => $email_address, 'customers_newsletter' => 1);
oos_db_perform($oostable['maillist'], $sql_data_array);
oos_redirect(oos_href_link($aModules['newsletters'], $aFilename['newsletters_subscribe_success']));
}
}
}
} else {
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aModules['newsletters'], $aFilename['newsletters'], '', 'SSL'));
$aOption['template_main'] = $sTheme . '/modules/newsletters.html';
$aOption['page_heading'] = $sTheme . '/heading/page_heading.html';
$nPageType = OOS_PAGE_TYPE_SERVICE;
require 'includes/oos_system.php';
if (!isset($option)) {
require 'includes/info_message.php';
require 'includes/oos_blocks.php';
require 'includes/oos_counter.php';
}
$dbconn->Execute("INSERT INTO {$products_to_categoriestable} (products_id, categories_id) values ('" . $products_id . "', '" . $current_category_id . "')");
}
}
if (oos_empty($_GET['categories'])) {
$categories = $current_category_id;
}
$languages = oos_get_languages();
for ($i = 0, $n = count($languages); $i < $n; $i++) {
$lang_id = $languages[$i]['id'];
$sql_data_array = array('products_name' => oos_db_prepare_input($_POST['products_name'][$lang_id]), 'products_description' => oos_db_prepare_input($_POST['products_description_' . $languages[$i]['id']]), 'products_description_meta' => oos_db_prepare_input($_POST['products_description_meta_' . $languages[$i]['id']]), 'products_keywords_meta' => oos_db_prepare_input($_POST['products_keywords_meta_' . $languages[$i]['id']]), 'products_url' => oos_db_prepare_input($_POST['products_url'][$lang_id]));
if ($action == 'insert_product') {
$insert_sql_data = array('products_id' => $products_id, 'products_languages_id' => $lang_id);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
oos_db_perform($oostable['products_description'], $sql_data_array);
} elseif ($action == 'update_product') {
oos_db_perform($oostable['products_description'], $sql_data_array, 'update', 'products_id = \'' . oos_db_input($products_id) . '\' and products_languages_id = \'' . $lang_id . '\'');
}
}
oos_redirect_admin(oos_href_link_admin($aFilename['categories'], 'categories=' . $categories . '&pID=' . $products_id));
}
break;
}
}
// check if the catalog image directory exists
if (is_dir(OOS_ABSOLUTE_PATH . OOS_IMAGES)) {
if (!is_writeable(OOS_ABSOLUTE_PATH . OOS_IMAGES)) {
$messageStack->add(ERROR_CATALOG_IMAGE_DIRECTORY_NOT_WRITEABLE, 'error');
}
} else {
$messageStack->add(ERROR_CATALOG_IMAGE_DIRECTORY_DOES_NOT_EXIST, 'error');
}
$stored_email[] = 'NONE';
$admintable = $oostable['admin'];
$check_email_query = "SELECT admin_email_address FROM " . $admintable . " WHERE admin_id <> " . $admin_id . "";
$check_email_result =& $dbconn->Execute($check_email_query);
while ($check_email = $check_email_result->fields) {
$stored_email[] = $check_email['admin_email_address'];
// Move that ADOdb pointer!
$check_email_result->MoveNext();
}
// Close result set
$check_email_result->Close();
if (in_array($_POST['admin_email_address'], $stored_email)) {
oos_redirect_admin(oos_href_link_admin($aFilename['admin_account'], 'action=edit_process&error=email'));
} else {
$sql_data_array = array('admin_firstname' => oos_db_prepare_input($_POST['admin_firstname']), 'admin_lastname' => oos_db_prepare_input($_POST['admin_lastname']), 'admin_email_address' => oos_db_prepare_input($_POST['admin_email_address']), 'admin_password' => oos_encrypt_password(oos_db_prepare_input($_POST['admin_password'])), 'admin_modified' => '" . date("Y-m-d H:i:s", time()) . "');
oos_db_perform($oostable['admin'], $sql_data_array, 'update', 'admin_id = \'' . $admin_id . '\'');
//oos_mail($_POST['admin_firstname'] . ' ' . $_POST['admin_lastname'], $_POST['admin_email_address'], ADMIN_EMAIL_SUBJECT, sprintf(ADMIN_EMAIL_TEXT, $_POST['admin_firstname'], OOS_HTTP_SERVER . OOS_SHOP . 'admin/', $_POST['admin_email_address'], $hiddenPassword, STORE_OWNER), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
oos_redirect_admin(oos_href_link_admin($aFilename['admin_account'], 'page=' . $_GET['page'] . '&mID=' . $admin_id));
}
break;
}
}
require 'includes/oos_header.php';
require 'includes/account_check.js.php';
?>
<!-- body //-->
<table border="0" width="100%" cellspacing="2" cellpadding="2">
<tr>
<td width="<?php
echo BOX_WIDTH;
?>
for ($i = 0, $n = count($languages); $i < $n; $i++) {
$products_status_name_array = $_POST['products_status_name'];
$lang_id = $languages[$i]['id'];
$sql_data_array = array('products_status_name' => oos_db_prepare_input($products_status_name_array[$lang_id]));
if ($action == 'insert') {
if (oos_empty($products_status_id)) {
$products_statustable = $oostable['products_status'];
$next_id_result = $dbconn->Execute("SELECT max(products_status_id) as products_status_id FROM {$products_statustable}");
$next_id = $next_id_result->fields;
$products_status_id = $next_id['products_status_id'] + 1;
}
$insert_sql_data = array('products_status_id' => $products_status_id, 'products_status_languages_id' => $lang_id);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
oos_db_perform($oostable['products_status'], $sql_data_array);
} elseif ($action == 'save') {
oos_db_perform($oostable['products_status'], $sql_data_array, 'update', "products_status_id = '" . oos_db_input($products_status_id) . "' and products_status_languages_id = '" . intval($lang_id) . "'");
}
}
if (isset($_POST['default']) && $_POST['default'] == 'on') {
$configurationtable = $oostable['configuration'];
$dbconn->Execute("UPDATE {$configurationtable} SET configuration_value = '" . oos_db_input($products_status_id) . "' WHERE configuration_key = 'DEFAULT_PRODUTS_STATUS_ID'");
}
oos_redirect_admin_admin(oos_href_link_admin($aFilename['products_status'], 'page=' . $_GET['page'] . '&psID=' . $products_status_id));
break;
case 'deleteconfirm':
$psID = oos_db_prepare_input($_GET['psID']);
/*
$products_status_result = $dbconn->Execute("SELECT configuration_value FROM " . $oostable['configuration'] . " WHERE configuration_key = 'DEFAULT_PRODUTS_STATUS_ID'");
$products_status = $products_status_result->fields;
if ($products_status['configuration_value'] == $psID) {
$dbconn->Execute("UPDATE " . $oostable['configuration'] . " SET configuration_value = '' WHERE configuration_key = 'DEFAULT_PRODUTS_STATUS_ID'");
for ($i = 0, $n = count($languages); $i < $n; $i++) {
$products_unit_name_array = $_POST['products_unit_name'];
$lang_id = $languages[$i]['id'];
$sql_data_array = array('products_unit_name' => oos_db_prepare_input($products_unit_name_array[$lang_id]));
if ($action == 'insert') {
if (oos_empty($products_units_id)) {
$products_unitstable = $oostable['products_units'];
$next_id_result = $dbconn->Execute("SELECT max(products_units_id) as products_units_id FROM {$products_unitstable}");
$next_id = $next_id_result->fields;
$products_units_id = $next_id['products_units_id'] + 1;
}
$insert_sql_data = array('products_units_id' => $products_units_id, 'languages_id' => $lang_id);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
oos_db_perform($oostable['products_units'], $sql_data_array);
} elseif ($action == 'save') {
oos_db_perform($oostable['products_units'], $sql_data_array, 'update', "products_units_id = '" . intval($products_units_id) . "' and languages_id = '" . intval($lang_id) . "'");
}
}
if (isset($_POST['default']) && $_POST['default'] == 'on') {
$configurationtable = $oostable['configuration'];
$dbconn->Execute("UPDATE {$configurationtable} SET configuration_value = '" . intval($products_units_id) . "' WHERE configuration_key = 'DEFAULT_PRODUCTS_UNITS_ID'");
}
oos_redirect_admin(oos_href_link_admin($aFilename['products_units'], 'page=' . $_GET['page'] . '&uID=' . $products_units_id));
break;
case 'deleteconfirm':
$uID = oos_db_prepare_input($_GET['uID']);
$configurationtable = $oostable['configuration'];
$products_units_result = $dbconn->Execute("SELECT configuration_value FROM {$configurationtable} WHERE configuration_key = 'DEFAULT_PRODUCTS_UNITS_ID'");
$products_units = $products_units_result->fields;
if ($products_units['configuration_value'] == $uID) {
$dbconn->Execute("UPDATE " . $oostable['configuration'] . " SET configuration_value = '' WHERE configuration_key = 'DEFAULT_PRODUCTS_UNITS_ID'");
$bError = true;
$_SESSION['error_message'] = $aLang['ticket_warning_enquiry_too_short'];
}
if ($bError === false) {
$ticket_tickettable = $oostable['ticket_ticket'];
$sql = "SELECT ticket_id, ticket_customers_name\n FROM {$ticket_tickettable}\n WHERE ticket_link_id = '" . oos_db_input($tlid) . "'";
$ticket_id_result = $dbconn->Execute($sql);
$ticket_id = $ticket_id_result->fields;
if ($ticket_id['ticket_id']) {
if (TICKET_ALLOW_CUSTOMER_TO_CHANGE_STATUS == '0' && TICKET_CUSTOMER_REPLY_STATUS_ID > 0) {
$status = TICKET_CUSTOMER_REPLY_STATUS_ID;
}
$sql_data_array = array('ticket_id' => $ticket_id['ticket_id'], 'ticket_status_id' => $status, 'ticket_priority_id' => $priority, 'ticket_department_id' => $department, 'ticket_date_modified' => 'now()', 'ticket_customer_notified' => '0', 'ticket_edited_by' => $ticket_id['ticket_customers_name'], 'ticket_comments' => $enquiry);
oos_db_perform($oostable['ticket_status_history'], $sql_data_array);
$sql_data_array = array('ticket_status_id' => $status, 'ticket_priority_id' => $priority, 'ticket_department_id' => $department, 'ticket_date_last_modified' => 'now()', 'ticket_date_last_customer_modified' => 'now()');
oos_db_perform($oostable['ticket_ticket'], $sql_data_array, 'update', 'ticket_id = \'' . $ticket_id['ticket_id'] . '\'');
$_SESSION['info_message'] = $aLang['ticket_message_updated'];
}
}
}
if (isset($_SESSION['customer_id'])) {
$ticket_tickettable = $oostable['ticket_ticket'];
$customers_tickets_raw = "SELECT ticket_link_id, ticket_subject, ticket_status_id, ticket_department_id,\n ticket_priority_id, ticket_date_created, ticket_date_last_modified\n FROM {$ticket_tickettable}\n WHERE ticket_customers_id = '" . intval($_SESSION['customer_id']) . "'\n ORDER BY ticket_date_last_modified DESC";
$customers_tickets_split = new splitPageResults($nCurrentPageNumber, MAX_DISPLAY_SEARCH_RESULTS, $customers_tickets_raw, $customers_tickets_numrows);
if ($customers_tickets_numrows > 0) {
$customers_tickets_result = $dbconn->Execute($customers_tickets_raw);
$customers_tickets_array = array();
while ($customers_tickets = $customers_tickets_result->fields) {
$customers_tickets_array[] = array('ticket_link_id' => $customers_tickets['ticket_link_id'], 'ticket_subject' => $customers_tickets['ticket_subject'], 'ticket_status_id' => $customers_tickets['ticket_status_id'], 'ticket_department_id' => $customers_tickets['ticket_department_id'], 'ticket_priority_id' => $customers_tickets['ticket_priority_id'], 'ticket_date_created' => $customers_tickets['ticket_date_created'], 'ticket_date_last_modified' => $customers_tickets['ticket_date_last_modified']);
$customers_tickets_result->MoveNext();
}
require 'includes/oos_counter.php';
}
// JavaScript
$oSmarty->assign('oos_js', $javascript);
$oSmarty->assign(array('gender_error' => $gender_error, 'firstname_error' => $firstname_error, 'lastname_error' => $lastname_error, 'email_address_error' => $email_address_error, 'email_address_check_error' => $email_address_check_error, 'email_address_exists' => $email_address_exists, 'password_error' => $password_error, 'gender' => $gender, 'firstname' => $firstname, 'lastname' => $lastname, 'password' => $password, 'confirmation' => $confirmation, 'oos_breadcrumb' => $oBreadcrumb->trail(BREADCRUMB_SEPARATOR), 'oos_heading_title' => $aLang['heading_title'], 'oos_heading_image' => 'account.gif', 'email_address' => $email_address, 'show_password' => $show_password));
$oSmarty->assign('oosPageHeading', $oSmarty->fetch($aOption['page_heading']));
$oSmarty->assign('contents', $oSmarty->fetch($aOption['template_main']));
// display the template
require 'includes/oos_display.php';
} else {
$new_encrypted_password = oos_encrypt_password($password);
$sql_data_array = array('customers_firstname' => $firstname, 'customers_lastname' => $lastname, 'customers_email_address' => $email_address, 'customers_password' => $new_encrypted_password);
if (ACCOUNT_GENDER == '1') {
$sql_data_array['customers_gender'] = $gender;
}
oos_db_perform($oostable['customers'], $sql_data_array, 'update', "customers_id = '" . intval($_SESSION['customer_id']) . "'");
if (oos_is_not_null($_COOKIE['password'])) {
$cookie_url_array = parse_url((ENABLE_SSL == true ? OOS_HTTPS_SERVER : OOS_HTTP_SERVER) . substr(OOS_SHOP, 0, -1));
$cookie_path = $cookie_url_array['path'];
setcookie('email_address', $email_address, time() + 365 * 24 * 3600, $cookie_path, '', getenv('HTTPS') == 'on' ? 1 : 0);
setcookie('password', $new_encrypted_password, time() + 365 * 24 * 3600, $cookie_path, '', getenv('HTTPS') == 'on' ? 1 : 0);
}
$update_info_sql = "UPDATE " . $oostable['customers_info'] . "\n SET customers_info_date_account_last_modified = '" . date("Y-m-d H:i:s", time()) . "'\n WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'";
$dbconn->Execute($update_info_sql);
if (SEND_CUSTOMER_EDIT_EMAILS == '1') {
$email_owner = $aLang['owner_email_subject'] . "\n" . $aLang['email_separator'] . "\n" . $aLang['owner_email_date'] . ' ' . strftime(DATE_FORMAT_LONG) . "\n\n" . $aLang['email_separator'] . "\n";
if (ACCOUNT_NUMBER == '1') {
$email_owner .= $aLang['owner_email_number'] . ' ' . $number . "\n" . $aLang['email_separator'] . "\n\n";
}
if (ACCOUNT_GENDER == '1') {
if ($gender == 'm') {
$newsletter_error = true;
}
if (empty($module)) {
$messageStack->add(ERROR_NEWSLETTER_MODULE, 'error');
$newsletter_error = true;
}
if (!$newsletter_error) {
$sql_data_array = array('title' => $title, 'content' => $content, 'module' => $newsletter_module);
if ($action == 'insert') {
$sql_data_array['date_added'] = 'now()';
$sql_data_array['status'] = '0';
$sql_data_array['locked'] = '0';
oos_db_perform($oostable['newsletters'], $sql_data_array);
$newsletter_id = $dbconn->Insert_ID();
} elseif ($action == 'update') {
oos_db_perform($oostable['newsletters'], $sql_data_array, 'update', 'newsletters_id = \'' . oos_db_input($newsletter_id) . '\'');
}
oos_redirect_admin(oos_href_link_admin($aFilename['newsletters'], 'page=' . $_GET['page'] . '&nID=' . $newsletter_id));
} else {
$action = 'new';
}
break;
case 'deleteconfirm':
$newsletter_id = oos_db_prepare_input($_GET['nID']);
$newsletterstable = $oostable['newsletters'];
$dbconn->Execute("DELETE FROM {$newsletterstable} WHERE newsletters_id = '" . oos_db_input($newsletter_id) . "'");
oos_redirect_admin(oos_href_link_admin($aFilename['newsletters'], 'page=' . $_GET['page']));
break;
case 'delete':
case 'new':
if (!$_GET['nID']) {
$languages = oos_get_languages();
for ($i = 0, $n = count($languages); $i < $n; $i++) {
$page_type_name_array = $_POST['page_type_name'];
$lang_id = $languages[$i]['id'];
$sql_data_array = array('page_type_name' => oos_db_prepare_input($page_type_name_array[$lang_id]));
if ($action == 'insert') {
if (oos_empty($page_type_id)) {
$next_id_result = $dbconn->Execute("SELECT max(page_type_id) as page_type_id FROM " . $oostable['page_type'] . "");
$next_id = $next_id_result->fields;
$page_type_id = $next_id['page_type_id'] + 1;
}
$insert_sql_data = array('page_type_id' => $page_type_id, 'page_type_languages_id' => $lang_id);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
oos_db_perform($oostable['page_type'], $sql_data_array);
} elseif ($action == 'save') {
oos_db_perform($oostable['page_type'], $sql_data_array, 'update', "page_type_id = '" . oos_db_input($page_type_id) . "' and page_type_languages_id = '" . intval($lang_id) . "'");
}
}
oos_redirect_admin(oos_href_link_admin($aFilename['content_page_type'], 'page=' . $_GET['page'] . '&ptID=' . $page_type_id));
break;
case 'deleteconfirm':
$ptID = oos_db_prepare_input($_GET['ptID']);
$dbconn->Execute("DELETE FROM " . $oostable['page_type'] . " WHERE page_type_id = '" . oos_db_input($ptID) . "'");
oos_redirect_admin(oos_href_link_admin($aFilename['content_page_type'], 'page=' . $_GET['page']));
break;
case 'delete':
$ptID = oos_db_prepare_input($_GET['ptID']);
$status_result = $dbconn->Execute("SELECT COUNT(*) AS total FROM " . $oostable['block_to_page_type'] . " WHERE page_type_id = '" . oos_db_input($ptID) . "'");
$status = $status_result->fields;
$remove_status = true;
if ($status['total'] > 0) {
} else {
$dbconn->Execute("UPDATE " . $oostable['manufacturers'] . " SET manufacturers_image = '" . $manufacturers_image['name'] . "' WHERE manufacturers_id = '" . oos_db_input($manufacturers_id) . "'");
oos_get_copy_uploaded_file($manufacturers_image, $image_directory);
}
}
$languages = oos_get_languages();
for ($i = 0, $n = count($languages); $i < $n; $i++) {
$manufacturers_url_array = oos_db_prepare_input($_POST['manufacturers_url']);
$lang_id = $languages[$i]['id'];
$sql_data_array = array('manufacturers_url' => oos_db_prepare_input($manufacturers_url_array[$lang_id]));
if ($action == 'insert') {
$insert_sql_data = array('manufacturers_id' => $manufacturers_id, 'manufacturers_languages_id' => $lang_id);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
oos_db_perform($oostable['manufacturers_info'], $sql_data_array);
} elseif ($action == 'save') {
oos_db_perform($oostable['manufacturers_info'], $sql_data_array, 'update', "manufacturers_id = '" . oos_db_input($manufacturers_id) . "' and manufacturers_languages_id = '" . intval($lang_id) . "'");
}
}
oos_redirect_admin(oos_href_link_admin($aFilename['manufacturers'], 'page=' . $_GET['page'] . '&mID=' . $manufacturers_id));
break;
case 'deleteconfirm':
$manufacturers_id = oos_db_prepare_input($_GET['mID']);
if (isset($_POST['delete_image']) && $_POST['delete_image'] == 'on') {
$manufacturerstable = $oostable['manufacturers'];
$manufacturer_result = $dbconn->Execute("SELECT manufacturers_image FROM {$manufacturerstable} WHERE manufacturers_id = '" . oos_db_input($manufacturers_id) . "'");
$manufacturer = $manufacturer_result->fields;
$image_location = OOS_ABSOLUTE_PATH . OOS_IMAGES . $manufacturer['manufacturers_image'];
if (file_exists($image_location)) {
@unlink($image_location);
}
}
if ($action == 'insert') {
if (!!empty($orders_status_id)) {
$next_id_result = $dbconn->Execute("SELECT max(orders_status_id) as orders_status_id FROM " . $oostable['orders_status'] . "");
$next_id = $next_id_result->fields;
$orders_status_id = $next_id['orders_status_id'] + 1;
}
$insert_sql_data = array('orders_status_id' => $orders_status_id,
'orders_languages_id' => $lang_id);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
oos_db_perform($oostable['orders_status'], $sql_data_array);
} elseif ($action == 'save') {
oos_db_perform($oostable['orders_status'], $sql_data_array, 'update', "orders_status_id = '" . intval($orders_status_id) . "' and orders_languages_id = '" . intval($lang_id) . "'");
}
}
if (isset($_POST['default']) && ($_POST['default'] == 'on')) {
$dbconn->Execute("UPDATE " . $oostable['configuration'] . " SET configuration_value = '" . intval($orders_status_id) . "' WHERE configuration_key = 'DEFAULT_ORDERS_STATUS_ID'");
}
oos_redirect_admin(oos_href_link_admin($aFilename['orders_status'], 'page=' . $_GET['page'] . '&oID=' . $orders_status_id));
break;
case 'deleteconfirm':
if (isset($_GET['oID'])) $orders_status_id = oos_db_prepare_input($_GET['oID']);
$orders_status_result = $dbconn->Execute("SELECT configuration_value FROM " . $oostable['configuration'] . " WHERE configuration_key = 'DEFAULT_ORDERS_STATUS_ID'");
$orders_status = $orders_status_result->fields;
