/** * Constructor */ function Template() { $this->Smarty(); $this->left_delimiter = '{'; $this->right_delimiter = '}'; $dir = OOS_TEMP_PATH; if (substr($dir, -1) != "/") { $dir = $dir . "/"; } $this->template_dir = $dir . 'shop/templates/'; $this->compile_dir = $dir . 'shop/templates_c/'; $this->config_dir = $dir . 'shop/configs/'; $this->cache_dir = $dir . 'shop/cache/'; $this->plugins_dir = array('plugins', BP . DS . 'lib/smarty-plugins/gettext', BP . DS . 'lib/smarty-plugins/myoos'); $this->use_sub_dirs = true; $thstamp = mktime(0, 0, 0, date("m"), date("d") + 80, date("Y")); $oos_date = date("D,d M Y", $thstamp); $this->assign(array('oos_revision_date' => $oos_date, 'oos_date_long' => strftime(DATE_FORMAT_LONG), 'oos_session_name' => oos_session_name(), 'oos_session_id' => oos_session_id())); }
/** * Hide form elements */ function oos_hide_session_id() { if (defined('SID') && oos_is_not_null(SID)) { return oos_draw_hidden_field(oos_session_name(), oos_session_id()); } }
defined('OOS_VALID_MOD') or die('Direct Access to this location is not allowed.'); if (!defined('SHOP_ROOT')) { define('SHOP_ROOT', dirname(__FILE__) . '/../../../'); } require SHOP_ROOT . 'includes/config.php'; require SHOP_ROOT . OOS_INCLUDES . 'oos_tables.php'; require SHOP_ROOT . OOS_FUNCTIONS . 'function_kernel.php'; // define how the session functions will be used require SHOP_ROOT . OOS_FUNCTIONS . 'function_session.php'; // set the session ID if it exists if (isset($_POST[oos_session_name()])) { oos_session_id($_POST[oos_session_name()]); } elseif (isset($_GET[oos_session_name()])) { oos_session_id($_GET[oos_session_name()]); } oos_session_name('eSConnectorAdm'); oos_session_start(); if (!isset($_SESSION)) { $_SESSION = array(); } // require the database functions $adodb_logsqltable = $oostable['adodb_logsql']; if (!defined('ADODB_LOGSQL_TABLE')) { define('ADODB_LOGSQL_TABLE', $adodb_logsqltable); } require SHOP_ROOT . OOS_ADODB . 'adodb-errorhandler.inc.php'; require SHOP_ROOT . OOS_ADODB . 'adodb.inc.php'; require SHOP_ROOT . OOS_FUNCTIONS . 'function_db.php'; // make a connection to the database... now if (!oosDBInit()) { die('Unable to connect to database server!');
/** ensure this file is being included by a parent file */ defined( 'OOS_VALID_MOD' ) or die( 'Direct Access to this location is not allowed.' ); if (isset($oCurrencies) && is_object($oCurrencies)) { reset($oCurrencies->currencies); $aCurrencies = array(); foreach ($oCurrencies->currencies as $sKey => $value) { $aCurrencies[] = array('id' => $sKey, 'text' => $value['title']); } $hidden_get_variables = ''; foreach ($_GET as $sKey => $value) { if ( is_string($value) && ($sKey != 'currency') && ($sKey != oos_session_name()) && ($sKey != 'x') && ($sKey != 'y') ) { $hidden_get_variables .= oos_draw_hidden_field($sKey, $value); } } $oos_pull_down_menu = oos_draw_pull_down_menu('currency', $aCurrencies, $_SESSION['currency'], 'onchange="this.form.submit();" style="width: 100%"') . $hidden_get_variables . oos_hide_session_id(); $oSmarty->assign( array( 'oos_pull_down_menu' => $oos_pull_down_menu, 'block_heading_currencies' => $block_heading ) ); }
/** * Return all GET variables, except those passed as a parameter * */ function oos_get_all_as_hidden_field($aExclude = '') { if (!is_array($aExclude)) { $aExclude = array(); } $sField = ''; if (is_array($_GET) && count($_GET) > 0) { reset($_GET); while (list($sKey, $sValue) = each($_GET)) { if (!empty($sValue)) { if ($sKey != oos_session_name() && $sKey != 'error' && $sKey != 'p' && $sKey != 'rewrite' && $sKey != 'c' && $sKey != 'm' && $sKey != 'mp' && $sKey != 'file' && $sKey != 'index.php' && $sKey != 'history_back' && !in_array($sKey, $aExclude) && $sKey != 'x' && $sKey != 'y') { $sField = '<input type="hidden" name="' . oos_output_string($sKey) . '"'; $sField .= ' value="' . oos_output_string($sValue) . '" />'; } } } } return $sField; }
function create_plugin_instance() { global $request_type, $spider_flag, $spider_kill_sid; $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']); $spider_flag = false; $spider_kill_sid = '0'; // set the top level domains $http_domain = oos_server_get_top_level_domain(OOS_HTTP_SERVER); $https_domain = oos_server_get_top_level_domain(OOS_HTTPS_SERVER); $current_domain = (($request_type == 'NONSSL') ? $http_domain : $https_domain); // set the session cookie parameters if (function_exists('session_set_cookie_params')) { session_set_cookie_params(0, '/', (!empty($current_domain) ? '.' . $current_domain : '')); } elseif (function_exists('ini_set')) { ini_set('session.cookie_lifetime', '0'); ini_set('session.cookie_path', '/'); ini_set('session.cookie_domain', (!empty($current_domain) ? '.' . $current_domain : '')); } // set the session ID if it exists if (isset($_POST[oos_session_name()]) && (ctype_alnum($_POST[oos_session_name()]))) { oos_session_id($_POST[oos_session_name()]); } elseif (isset($_GET[oos_session_name()]) && (ctype_alnum($_GET[oos_session_name()]))) { oos_session_id($_GET[oos_session_name()]); } if (empty($user_agent) === false) { $spider_agent = @parse_ini_file('includes/ini/spiders.ini'); foreach ($spider_agent as $spider) { if (empty($spider) === false) { if (strpos($user_agent, trim($spider)) !== false) { $spider_kill_sid = '1'; $spider_flag = true; break; } } } } if ($spider_flag === false) { // lets start our session oos_session_start(); } if (!isset($_SESSION)) { $_SESSION = array(); } // create the shopping cart if (!isset($_SESSION['cart'])) { $_SESSION['cart'] = new shoppingCart; } // navigation history if (!isset($_SESSION['navigation'])) { $_SESSION['navigation'] = new oosNavigationHistory; } if (!isset($_SESSION['error_cart_msg'])) { $_SESSION['error_cart_msg'] = ''; } $aPages = oos_get_pages(); // verify the browser user agent $http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; if (!isset($_SESSION['session_user_agent'])) { $_SESSION['session_user_agent'] = $http_user_agent; } if ($_SESSION['session_user_agent'] != $http_user_agent) { unset($_SESSION['customer_id']); unset($_SESSION['session_user_agent']); $_SESSION['cart']->reset(); $_SESSION['member']->default_member(); MyOOS_CoreApi::redirect(oos_href_link($aPages['login'], '', 'SSL')); } // verify the IP address if (!isset($_SESSION['session_ip_address'])) { $_SESSION['session_ip_address'] = MyOOS_Utilities::getRemoteHostAddress(); } if ($_SESSION['session_ip_address'] != MyOOS_Utilities::getRemoteHostAddress()) { unset($_SESSION['customer_id']); unset($_SESSION['session_ip_address']); $_SESSION['cart']->reset(); $_SESSION['member']->default_member(); MyOOS_CoreApi::redirect(oos_href_link($aPages['login'], '', 'SSL')); } return true; }
/** * Hide form elements */ function oos_hide_session_id() { if (defined('SID') && !oos_empty(SID)) return oos_draw_hidden_field(oos_session_name(), oos_session_id()); }
function before_process() { $aFilename = oos_get_filename(); $aModules = oos_get_modules(); if ($_POST['valid'] == '1') { if ($remote_host = oos_server_get_var('REMOTE_HOST')) { if ($remote_host != 'secpay.com') { $remote_host = @gethostbyaddr($remote_host); } if ($remote_host != 'secpay.com') { MyOOS_CoreApi::redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], oos_session_name() . '=' . $_POST[oos_session_name()] . '&payment_error=' . $this->code, 'SSL', false, false)); } } else { MyOOS_CoreApi::redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], oos_session_name() . '=' . $_POST[oos_session_name()] . '&payment_error=' . $this->code, 'SSL', false, false)); } } }
// Load server utilities require '../includes/functions/function_server.php'; if (isset($_POST)) { foreach ($_POST as $key => $value) { ${$key} = oos_prepare_input($value); } } // define how the session functions will be used require '../includes/functions/function_session.php'; // set the session ID if it exists if (isset($_POST[oos_session_name()])) { oos_session_id($_POST[oos_session_name()]); } elseif (isset($_GET[oos_session_name()])) { oos_session_id($_GET[oos_session_name()]); } oos_session_name('OOSADMINSID'); oos_session_start(); if (!isset($_SESSION)) { $_SESSION = array(); } // require the database functions if (!defined('ADODB_LOGSQL_TABLE')) { define('ADODB_LOGSQL_TABLE', $oostable['adodb_logsql']); } require '../includes/lib/adodb/toexport.inc.php'; require '../includes/lib/adodb/adodb-errorhandler.inc.php'; require '../includes/lib/adodb/adodb.inc.php'; require '../includes/lib/adodb/tohtml.inc.php'; require '../includes/functions/function_db.php'; // make a connection to the database... now if (!oosDBInit()) {
/** * Smarty {html_href_link} function plugin * * Type: function * Name: html_href_link * @Version: $Revision: 1.8 $ - changed by $Author: r23 $ on $Date: 2008/07/08 13:19:51 $ * ------------------------------------------------------------- */ function smarty_function_html_href_link($params, &$smarty) { global $oEvent, $spider_flag; MyOOS_CoreApi::requireOnce('lib/smarty/libs/plugins/shared.escape_special_chars.php'); $page = ''; $parameters = ''; $connection = 'NONSSL'; $add_session_id = '1'; $search_engine_safe = '1'; foreach ($params as $_key => $_val) { switch ($_key) { case 'page': if (!is_array($_val)) { ${$_key} = smarty_function_escape_special_chars($_val); } else { $smarty->trigger_error("html_href_link: Unable to determine the page link!", E_USER_NOTICE); } break; case 'oos_get': case 'addentry_id': case 'connection': case 'add_session_id': case 'search_engine_safe': ${$_key} = (string) $_val; break; case 'anchor': $anchor = smarty_function_escape_special_chars($_val); break; default: if (!is_array($_val)) { $parameters .= $_key . '=' . smarty_function_escape_special_chars($_val) . '&'; } else { $smarty->trigger_error("html_href_link: parameters '{$_key}' cannot be an array", E_USER_NOTICE); } break; } } if (empty($page)) { $smarty->trigger_error("html_href_link: Unable to determine the page link!", E_USER_NOTICE); } if (isset($addentry_id)) { $addentry_id = $addentry_id + 2; $parameters .= 'entry_id=' . $addentry_id . '&'; } if (isset($oos_get)) { $parameters .= $oos_get; } $page = trim($page); if ($connection == 'NONSSL') { $link = OOS_HTTP_SERVER . OOS_SHOP; } elseif ($connection == 'SSL') { if (ENABLE_SSL == '1') { $link = OOS_HTTPS_SERVER . OOS_SHOP; } else { $link = OOS_HTTP_SERVER . OOS_SHOP; } } else { $smarty->trigger_error("html_href_link: Unable to determine the page link!", E_USER_NOTICE); } if (isset($parameters)) { $link .= 'index.php?page=' . $page . '&' . oos_output_string($parameters); } else { $link .= 'index.php?page=' . $page; } $separator = '&'; while (substr($link, -5) == '&' || substr($link, -1) == '?') { if (substr($link, -1) == '?') { $link = substr($link, 0, -1); } else { $link = substr($link, 0, -5); } } if (isset($anchor)) { $link .= '#' . $anchor; } // Add the session ID when moving from HTTP and HTTPS servers or when SID is defined if (ENABLE_SSL == '1' && $connection == 'SSL' && $add_session_id == '1') { $_sid = oos_session_name() . '=' . oos_session_id(); } elseif ($add_session_id == '1' && oos_is_not_null(SID)) { $_sid = SID; } if ($spider_flag === false) { $_sid = NULL; } if ($search_engine_safe == '1' && $oEvent->installed_plugin('sefu')) { $link = str_replace(array('?', '&', '='), '/', $link); $separator = '?'; $pos = strpos($link, 'action'); if ($pos === false) { $url_rewrite = new url_rewrite(); $link = $url_rewrite->transform_uri($link); } } if (isset($_sid)) { $link .= $separator . oos_output_string($_sid); } return $link; }
function process_button() { global $oOrder; $sequence = rand(1, 1000); $aPages = oos_get_pages(); $process_button_string = oos_draw_hidden_field('x_Login', MODULE_PAYMENT_AUTHORIZENET_LOGIN) . oos_draw_hidden_field('x_Card_Num', $this->cc_card_number) . oos_draw_hidden_field('x_Exp_Date', $this->cc_expiry_month . substr($this->cc_expiry_year, -2)) . oos_draw_hidden_field('x_Amount', number_format($oOrder->info['total'], 2)) . oos_draw_hidden_field('x_Relay_URL', oos_href_link($aPages['checkout_process'], '', 'SSL', false)) . oos_draw_hidden_field('x_Method', ((MODULE_PAYMENT_AUTHORIZENET_METHOD == 'Credit Card') ? 'CC' : 'ECHECK')) . oos_draw_hidden_field('x_Version', '3.0') . oos_draw_hidden_field('x_Cust_ID', $_SESSION['customer_id']) . oos_draw_hidden_field('x_Email_Customer', ((MODULE_PAYMENT_AUTHORIZENET_EMAIL_CUSTOMER == '1') ? 'TRUE': 'FALSE')) . oos_draw_hidden_field('x_first_name', $oOrder->customer['firstname']) . oos_draw_hidden_field('x_last_name', $oOrder->customer['lastname']) . oos_draw_hidden_field('x_address', $oOrder->customer['street_address']) . oos_draw_hidden_field('x_city', $oOrder->customer['city']) . oos_draw_hidden_field('x_state', $oOrder->customer['state']) . oos_draw_hidden_field('x_zip', $oOrder->customer['postcode']) . oos_draw_hidden_field('x_country', $oOrder->customer['country']['title']) . oos_draw_hidden_field('x_phone', $oOrder->customer['telephone']) . oos_draw_hidden_field('x_email', $oOrder->customer['email_address']) . oos_draw_hidden_field('x_ship_to_first_name', $oOrder->delivery['firstname']) . oos_draw_hidden_field('x_ship_to_last_name', $oOrder->delivery['lastname']) . oos_draw_hidden_field('x_ship_to_address', $oOrder->delivery['street_address']) . oos_draw_hidden_field('x_ship_to_city', $oOrder->delivery['city']) . oos_draw_hidden_field('x_ship_to_state', $oOrder->delivery['state']) . oos_draw_hidden_field('x_ship_to_zip', $oOrder->delivery['postcode']) . oos_draw_hidden_field('x_ship_to_country', $oOrder->delivery['country']['title']) . oos_draw_hidden_field('x_Customer_IP', $_SERVER['REMOTE_ADDR']) . $this->InsertFP(MODULE_PAYMENT_AUTHORIZENET_LOGIN, MODULE_PAYMENT_AUTHORIZENET_TXNKEY, number_format($oOrder->info['total'], 2), $sequence); if (MODULE_PAYMENT_AUTHORIZENET_TESTMODE == 'Test') $process_button_string .= oos_draw_hidden_field('x_Test_Request', 'TRUE'); $process_button_string .= oos_draw_hidden_field(oos_session_name(), oos_session_id()); return $process_button_string; }
function process_button() { global $oOrder, $oCurrencies; if (MODULE_PAYMENT_YELLOWPAY_CURRENCY == 'Selected Currency') { $my_currency = $_SESSION['currency']; } else { $my_currency = substr(MODULE_PAYMENT_YELLOWPAY_CURRENCY, 5); } if (!in_array($my_currency, array('CHF', 'EUR', 'USD'))) { $my_currency = 'CHF'; } switch ($_SESSION['language']) { case 'deu': $usedlanguage = 2055; break; case 'eng': $usedlanguage = 2057; break; case 'ita': $usedlanguage = 2064; break; default: $usedlanguage = MODULE_PAYMENT_YELLOWPAY_LANGUAGE; break; } $sidretour = oos_session_name() . '=' . oos_session_id(); $usedtotal = number_format($oOrder->info['total'] * $oCurrencies->get_value($my_currency), $oCurrencies->get_decimal_places($my_currency)); $txtHash_tosecure = MODULE_PAYMENT_YELLOWPAY_SHOP_ID . $my_currency . $usedtotal . MODULE_PAYMENT_HASH_SEED; $txtHash = md5($txtHash_tosecure); $txtOrderIDShop = $_SESSION['customer_id'] . date("Y-m-d H:i:s"); $process_button_string = oos_draw_hidden_field('txtShopID', MODULE_PAYMENT_YELLOWPAY_ID) . oos_draw_hidden_field('txtShopPara', $sidretour) . oos_draw_hidden_field('txtOrderTotal', $usedtotal) . oos_draw_hidden_field('txtLangVersion', $usedlanguage) . oos_draw_hidden_field('txtArtCurrency', $my_currency) . oos_draw_hidden_field('txtHash', $txtHash) . oos_draw_hidden_field('txtOrderIDShop', $txtOrderIDShop) . oos_draw_hidden_field('txtBLastName', $oOrder->billing['lastname']) . oos_draw_hidden_field('txtBFirstName', $oOrder->billing['firstname']) . oos_draw_hidden_field('txtBAddr1', $oOrder->billing['street_address']) . oos_draw_hidden_field('txtBZipCode', $oOrder->billing['postcode']) . oos_draw_hidden_field('txtBCity', oos_replace_chars($oOrder->billing['city'])) . oos_draw_hidden_field('txtBZipCode', $oOrder->billing['postcode']) . oos_draw_hidden_field('txtBTel', $oOrder->customer['customers_telephone']) . oos_draw_hidden_field('txtBEmail', $oOrder->customer['email_address']) . oos_draw_hidden_field('txtHistoryBack', '0'); return $process_button_string; }
function transform_uri($param) { unset($path); unset($url); $uri = explode("index.php/", $param); $path = $uri[1]; $base = $uri[0]; $url_array = explode('/', $path); $aPages = oos_get_pages(); if (in_array('categories', $url_array) || in_array($aPages['product_info'], $url_array) && in_array($aModules['products'], $url_array)) { $_filter = array('page', $aPages['shop'], oos_session_name(), oos_session_id()); $dbconn =& oosDBGetConn(); $oostable =& oosDBGetTables(); $nLanguageID = isset($_SESSION['language_id']) ? $_SESSION['language_id'] + 0 : 1; $path = ''; $extention = '.html'; $nArrayCountUrl = count($url_array); for ($i = 0; $i < $nArrayCountUrl; $i++) { switch ($url_array[$i]) { case 'categories': unset($category); $category = ''; $i++; if (eregi('[_0-9]', $url_array[$i])) { if ($category_array = explode('_', $url_array[$i])) { foreach ($category_array as $value) { $categoriestable = $oostable['categories']; $categories_descriptiontable = $oostable['categories_description']; $category_result = $dbconn->Execute("SELECT c.categories_id, cd.categories_name FROM {$categoriestable} c, {$categories_descriptiontable} cd WHERE c.categories_id = '" . intval($value) . "' AND c.categories_id = cd.categories_id AND cd.categories_languages_id = '" . intval($nLanguageID) . "'"); $category .= oos_make_filename($category_result->fields['categories_name']) . '/'; } $category = substr($category, 0, -1); $category .= '-c-' . $url_array[$i] . '/'; } else { $category .= 'categories/' . $url_array[$i] . '/'; } } $path .= $category; break; case 'products_id': unset($product); $i++; if ($url_array[$i]) { $products_descriptiontable = $oostable['products_description']; $product_result = $dbconn->Execute("SELECT products_name FROM {$products_descriptiontable} WHERE products_id = '" . intval($url_array[$i]) . "' AND products_languages_id = '" . intval($nLanguageID) . "'"); $product = oos_make_filename($product_result->fields['products_name']); $path .= $product . '-p-' . $url_array[$i] . '/'; } break; case 'manufacturers_id': unset($manufacturer); $i++; if ($url_array[$i]) { $manufacturerstable = $oostable['manufacturers']; $manufacturer_result = $dbconn->Execute("SELECT manufacturers_name FROM {$manufacturerstable} WHERE manufacturers_id = '" . intval($url_array[$i]) . "'"); $manufacturer = oos_make_filename($manufacturer_result->fields['manufacturers_name']); $path .= $manufacturer . '-m-' . $url_array[$i] . '/'; } break; default: if (!in_array($url_array[$i], $_filter)) { $path .= $url_array[$i] . '/'; } break; } } $pos = strpos($path, "-p-"); if ($pos === false) { // $remove = array('-c-'); } else { $remove = array('-m-', '-c-'); } $path = str_replace($remove, '', $path); if (strpos($path, '//') !== false) { $path = str_replace('//', '/', $path); } if (substr($path, -1) == '/') { $path = substr($path, 0, -1); } $url = $base . $path . $extention; } else { $url = $param; } return $url; }
if ((!isset($_GET['info']) || (isset($_GET['info']) && ($_GET['info'] == $whos_online['session_id']))) && !isset($info)) { $info = $whos_online['session_id']; } if ($whos_online['session_id'] == $info) { echo ' <tr class="dataTableRowSelected">' . "\n"; } else { echo ' <tr class="dataTableRow" onmouseover="this.className=\'dataTableRowOver\';this.style.cursor=\'hand\'" onmouseout="this.className=\'dataTableRow\'" onclick="document.location.href=\'' . oos_href_link_admin($aFilename['whos_online'], oos_get_all_get_params(array('info', 'action')) . 'info=' . $whos_online['session_id'], 'NONSSL') . '\'">' . "\n"; } ?> <td class="dataTableContent"><?php echo gmdate('H:i:s', $time_online); ?></td> <td class="dataTableContent" align="center"><?php echo $whos_online['customer_id']; ?></td> <td class="dataTableContent"><?php echo $whos_online['full_name']; ?></td> <td class="dataTableContent" align="center"><?php echo $whos_online['ip_address']; ?></td> <td class="dataTableContent"><?php echo date('H:i:s', $whos_online['time_entry']); ?></td> <td class="dataTableContent" align="center"><?php echo date('H:i:s', $whos_online['time_last_click']); ?></td> <td class="dataTableContent"><?php if (preg_match('/^(.*)' . oos_session_name() . '=[a-f,0-9]+[&]*(.*)/', $whos_online['last_page_url'], $array)) { echo $array[1] . $array[2]; } else { echo $whos_online['last_page_url']; } ?> </td> </tr> <?php // Move that ADOdb pointer! $whos_online_result->MoveNext(); } // Close result set $whos_online_result->Close(); ?> <tr> <td class="smallText" colspan="7"><?php echo sprintf(TEXT_NUMBER_OF_CUSTOMERS, $whos_online_result->RecordCount()); ?></td> </tr> </table></td> <?php $heading = array();
function process_button() { global $oOrder, $oCurrencies; $worldpay_cardId = oos_session_name() . '=' . oos_session_id(); $aPages = oos_get_pages(); $callback_url = oos_href_link($aPages['checkout_process'], '', 'SSL', true); $worldpay_callback = explode('http://', $callback_url); // Get database information $dbconn =& oosDBGetConn(); $oostable =& oosDBGetTables(); $sLanguage = oos_var_prep_for_os($_SESSION['language']); $languagestable = $oostable['languages']; $query = "SELECT iso_639_1 FROM $languagestable WHERE iso_639_2 = '" . oos_db_input($sLanguage) . "'"; $language_code = $dbconn->GetOne($query); $address = htmlspecialchars($oOrder->customer['street_address'] . "\n" . $oOrder->customer['suburb'] . "\n" . $oOrder->customer['city'] . "\n" . $oOrder->customer['state'], ENT_QUOTES); $process_button_string = oos_draw_hidden_field('instId', MODULE_PAYMENT_WORLDPAY_ID) . oos_draw_hidden_field('currency', $_SESSION['currency']) . oos_draw_hidden_field('desc', 'Purchase from '.STORE_NAME) . oos_draw_hidden_field('cartId', $worldpay_cardId) . oos_draw_hidden_field('amount', number_format($oOrder->info['total'] * $oCurrencies->get_value($_SESSION['currency']), $oCurrencies->get_decimal_places($_SESSION['currency']), '.', '')) ; if (MODULE_PAYMENT_WORLDPAY_USEPREAUTH == '1') { $process_button_string .= oos_draw_hidden_field('authMode', MODULE_PAYMENT_WORLDPAY_PREAUTH); } $process_button_string .= oos_draw_hidden_field('testMode', MODULE_PAYMENT_WORLDPAY_MODE) . oos_draw_hidden_field('name', $oOrder->customer['firstname'] . ' ' . $oOrder->customer['lastname']) . oos_draw_hidden_field('address', $address) . oos_draw_hidden_field('postcode', $oOrder->customer['postcode']) . oos_draw_hidden_field('country', $oOrder->customer['country']['iso_code_2']) . oos_draw_hidden_field('tel', $oOrder->customer['telephone']) . oos_draw_hidden_field('myvar', 'Y') . oos_draw_hidden_field('fax', $oOrder->customer['fax']) . oos_draw_hidden_field('email', $oOrder->customer['email_address']) . oos_draw_hidden_field('lang', $language_code) . oos_draw_hidden_field('MC_callback', $worldpay_callback[1]) . oos_draw_hidden_field('MC_oscsid', $oscSid); if (MODULE_PAYMENT_WORLDPAY_USEMD5 == '1') { $md5_signature_fields = 'amount:language:email'; $md5_signature = MODULE_PAYMENT_WORLDPAY_MD5KEY . ':' . (number_format($oOrder->info['total'] * $oCurrencies->get_value($_SESSION['currency']), $oCurrencies->get_decimal_places($_SESSION['currency']), '.', '')) . ':' . $language_code . ':' . $oOrder->customer['email_address']; $md5_signature_md5 = md5($md5_signature); $process_button_string .= oos_draw_hidden_field('signatureFields', $md5_signature_fields ) . oos_draw_hidden_field('signature',$md5_signature_md5); } return $process_button_string ; }
/** * Return all GET variables, except those passed as a parameter * */ function oos_get_all_as_hidden_field($aExclude = '') { if (!is_array($aExclude)) $aExclude = array(); $sField = ''; if (is_array($_GET) && (count($_GET) > 0)) { foreach ($_GET as $sKey => $sValue) { if (!empty($sValue)) { if ( ($sKey != oos_session_name()) && ($sKey != 'error') && ($sKey != 'p') && ($sKey != 'rewrite') && ($sKey != 'c') && ($sKey != 'm') && ($sKey != 'mp') && ($sKey != 'file') && ($sKey != 'index.php') && ($sKey != 'history_back') && (!in_array($sKey, $aExclude)) && ($sKey != 'x') && ($sKey != 'y') ) { $sField = '<input type="hidden" name="' . oos_output_string($sKey) . '"'; $sField .= ' value="' . oos_output_string($sValue) . '" />'; } } } } return $sField; }
/** * Smarty {css_button} function plugin * * Type: function * Name: css_button * @Version: $Revision: 1.2 $ - changed by $Author: r23 $ on $Date: 2008/01/09 22:03:20 $ */ function smarty_function_css_button($params, &$smarty) { global $oEvent, $spider_kill_sid; MyOOS_CoreApi::requireOnce('lib/smarty/libs/plugins/shared.escape_special_chars.php'); $modul = ''; $file = ''; $parameters = ''; $connection = 'NONSSL'; $add_session_id = '1'; $search_engine_safe = '1'; $title = ''; $color = 'btnR blue'; foreach($params as $_key => $_val) { switch($_key) { case 'modul': if(!is_array($_val)) { $$_key = smarty_function_escape_special_chars($_val); } else { $smarty->trigger_error("css_button: Unable to determine the page link!", E_USER_NOTICE); } break; case 'file': if(!is_array($_val)) { $$_key = smarty_function_escape_special_chars($_val); } else { $smarty->trigger_error("css_button: Unable to determine the page link!", E_USER_NOTICE); } break; case 'oos_get': case 'addentry_id': case 'connection': case 'add_session_id': case 'search_engine_safe': case 'title': $$_key = (string)$_val; break; case 'color': $$_key = (string)$_val; break; case 'anchor': $anchor = smarty_function_escape_special_chars($_val); break; default: if(!is_array($_val)) { $parameters .= $_key.'='.smarty_function_escape_special_chars($_val).'&'; } else { $smarty->trigger_error("css_button: parameters '$_key' cannot be an array", E_USER_NOTICE); } break; } } if (empty($modul)) { $smarty->trigger_error("css_button: Unable to determine the page link!", E_USER_NOTICE); } if (empty($file)) { $smarty->trigger_error("css_button: Unable to determine the page link!", E_USER_NOTICE); } if (isset($addentry_id)) { $addentry_id = $addentry_id + 2; $parameters .= 'entry_id='.$addentry_id.'&'; } if (isset($oos_get)) { $parameters .= $oos_get; } $file = trim($file); if ($connection == 'NONSSL') { $link = OOS_HTTP_SERVER . OOS_SHOP; } elseif ($connection == 'SSL') { if (ENABLE_SSL == '1') { $link = OOS_HTTPS_SERVER . OOS_SHOP; } else { $link = OOS_HTTP_SERVER . OOS_SHOP; } } else { $smarty->trigger_error("css_button: Unable to determine the page link!", E_USER_NOTICE); } if (isset($parameters)) { $link .= 'index.php?mp=' . $modul . '&file=' . $file . '&' . oos_output_string($parameters); } else { $link .= 'index.php?mp=' . $modul . '&file=' . $file; } $separator = '&'; while ( (substr($link, -5) == '&') || (substr($link, -1) == '?') ) { if (substr($link, -1) == '?') { $link = substr($link, 0, -1); } else { $link = substr($link, 0, -5); } } if (isset($anchor)) { $link .= '#' . $anchor; } // Add the session ID when moving from HTTP and HTTPS servers or when SID is defined if ( (ENABLE_SSL == '1' ) && ($connection == 'SSL') && ($add_session_id == '1') ) { $_sid = oos_session_name() . '=' . oos_session_id(); } elseif ( ($add_session_id == '1') && (!oos_empty(SID)) ) { $_sid = SID; } if ( $spider_kill_sid == '1') $_sid = NULL; /* if ( ($search_engine_safe == '1') && $oEvent->installed_plugin('sefu') ) { $link = str_replace(array('?', '&', '='), '/', $link); $separator = '?'; $pos = strpos ($link, 'action'); if ($pos === false) { $url_rewrite = new url_rewrite; $link = $url_rewrite->transform_uri($link); } } */ if (isset($_sid)) { $link .= $separator . oos_output_string($_sid); } $title = decode($title); return '<a href="' . $link . '" title="' . $title . '" class="' . $color . '">' . $title . '</a>'; }
function display_links($query_numrows, $max_rows_per_page, $max_page_links, $current_page_number, $parameters = '', $page_name = 'page') { if (!empty($parameters) && substr($parameters, -1) != '&') { $parameters .= '&'; } // calculate number of pages needing links $num_pages = intval($query_numrows / $max_rows_per_page); // $num_pages now contains int of pages needed unless there is a remainder from division if ($query_numrows % $max_rows_per_page) { $num_pages++; } // has remainder so add one page $pages_array = array(); for ($i = 1; $i <= $num_pages; $i++) { $pages_array[] = array('id' => $i, 'text' => $i); } if ($num_pages > 1) { $display_links = oos_draw_form('pages', basename($_SERVER['PHP_SELF']), '', 'get'); if ($current_page_number > 1) { $display_links .= '<a href="' . oos_href_link_admin(basename($_SERVER['PHP_SELF']), $parameters . $page_name . '=' . ($current_page_number - 1), 'NONSSL') . '" class="splitPageLink">' . PREVNEXT_BUTTON_PREV . '</a> '; } else { $display_links .= PREVNEXT_BUTTON_PREV . ' '; } $display_links .= sprintf(TEXT_RESULT_PAGE, oos_draw_pull_down_menu($page_name, $pages_array, '', 'onChange="this.form.submit();"'), $num_pages); if ($current_page_number < $num_pages && $num_pages != 1) { $display_links .= ' <a href="' . oos_href_link_admin(basename($_SERVER['PHP_SELF']), $parameters . $page_name . '=' . ($current_page_number + 1), 'NONSSL') . '" class="splitPageLink">' . PREVNEXT_BUTTON_NEXT . '</a>'; } else { $display_links .= ' ' . PREVNEXT_BUTTON_NEXT; } if ($parameters != '') { if (substr($parameters, -1) == '&') { $parameters = substr($parameters, 0, -1); } $pairs = explode('&', $parameters); while (list(, $pair) = each($pairs)) { list($key, $value) = explode('=', $pair); $display_links .= oos_draw_hidden_field(rawurldecode($key), rawurldecode($value)); } } if (SID) { $display_links .= oos_draw_hidden_field(oos_session_name(), oos_session_id()); } $display_links .= '</form>'; } else { $display_links = sprintf(TEXT_RESULT_PAGE, $num_pages, $num_pages); } return $display_links; }
function create_plugin_instance() { global $request_type, $spider_flag, $spider_kill_sid; $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']); $spider_flag = false; $spider_kill_sid = '0'; // set the top level domains $http_domain = oos_server_get_top_level_domain(OOS_HTTP_SERVER); $https_domain = oos_server_get_top_level_domain(OOS_HTTPS_SERVER); $current_domain = (($request_type == 'NONSSL') ? $http_domain : $https_domain); // set the session cookie parameters if (function_exists('session_set_cookie_params')) { session_set_cookie_params(0, '/', (!empty($current_domain) ? '.' . $current_domain : '')); } elseif (function_exists('ini_set')) { ini_set('session.cookie_lifetime', '0'); ini_set('session.cookie_path', '/'); ini_set('session.cookie_domain', (!empty($current_domain) ? '.' . $current_domain : '')); } // set the session ID if it exists if (isset($_POST[oos_session_name()]) && (ctype_alnum($_POST[oos_session_name()]))) { oos_session_id($_POST[oos_session_name()]); } elseif (isset($_GET[oos_session_name()]) && (ctype_alnum($_GET[oos_session_name()]))) { oos_session_id($_GET[oos_session_name()]); } if (empty($user_agent) === false) { $spider_agent = @parse_ini_file('includes/ini/spiders.ini'); foreach ($spider_agent as $spider) { if (empty($spider) === false) { if (strpos($user_agent, trim($spider)) !== false) { $spider_kill_sid = '1'; $spider_flag = true; break; } } } } if ($spider_flag === false) { if (!defined('MYOOS_SESSION_NAME')) { define('MYOOS_SESSION_NAME', 'MYOOS_SESSID'); } @ini_set('session.name', MYOOS_SESSION_NAME); if(ini_get('session.save_handler') == 'user') { @ini_set('session.save_handler', 'files'); @ini_set('session.save_path', ''); } if(ini_get('session.save_handler') == 'files') { $sessionPath = ini_get('session.save_path'); if (preg_match('/^[0-9]+;(.*)/', $sessionPath, $matches)) { $sessionPath = $matches[1]; } if (ini_get('safe_mode') || ini_get('open_basedir') || empty($sessionPath) || !@is_writable($sessionPath)) { $sessionPath = MYOOS_USER_PATH . '/tmp/sessions'; @ini_set('session.save_path', $sessionPath); if (!is_dir($sessionPath)) { @mkdir($sessionPath, 0755, true); if (!is_dir($sessionPath)) { die("Error: Unable to mkdir $sessionPath"); } } elseif (!@is_writable($sessionPath)) { die("Error: $sessionPath is not writable"); } } } // lets start our session oos_session_start(); } if (!isset($_SESSION)) { $_SESSION = array(); } // create the shopping cart if (!isset($_SESSION['cart'])) { $_SESSION['cart'] = new shoppingCart; } // navigation history if (!isset($_SESSION['navigation'])) { $_SESSION['navigation'] = new oosNavigationHistory; } $aPages = oos_get_pages(); // verify the browser user agent $http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; if (!isset($_SESSION['session_user_agent'])) { $_SESSION['session_user_agent'] = $http_user_agent; } if ($_SESSION['session_user_agent'] != $http_user_agent) { unset($_SESSION['customer_id']); unset($_SESSION['session_user_agent']); $_SESSION['cart']->reset(); $_SESSION['member']->default_member(); MyOOS_CoreApi::redirect(oos_href_link($aPages['login'], '', 'SSL')); } // verify the IP address if (!isset($_SESSION['session_ip_address'])) { $_SESSION['session_ip_address'] = MyOOS_Utilities::getRemoteHostAddress(); } if ($_SESSION['session_ip_address'] != MyOOS_Utilities::getRemoteHostAddress()) { unset($_SESSION['customer_id']); unset($_SESSION['session_ip_address']); $_SESSION['cart']->reset(); $_SESSION['member']->default_member(); MyOOS_CoreApi::redirect(oos_href_link($aPages['login'], '', 'SSL')); } return true; }
/** * Return all POST variables, except those passed as a parameter * * @param $aExclude * @return string */ function oos_get_all_post_parameters($aExclude = '') { if (!is_array($aExclude)) { $aExclude = array(); } $aParameters = array('mp', 'file', 'x', 'y'); $sUrl = ''; if (is_array($_POST) && count($_POST) > 0) { reset($_POST); while (list($sKey, $sValue) = each($_POST)) { if (!empty($sValue) && !is_array($sValue)) { if ($sKey != oos_session_name() && !in_array($sKey, $aParameters) && !in_array($sKey, $aExclude)) { $sUrl .= $sKey . '=' . rawurlencode($sValue) . '&'; } } } } return $sUrl; }
/** * Return all POST variables, except those passed as a parameter * * @param $aExclude * @return string */ function oos_get_all_post_parameters($aExclude = '') { if (!is_array($aExclude)) $aExclude = array(); $aParameters = array('page', 'x', 'y'); $sUrl = ''; if (is_array($_POST) && (count($_POST) > 0)) { foreach ($_POST as $sKey => $sValue) { if ( !empty($sValue) && is_string($sValue) ) { if ( ($sKey != oos_session_name()) && (!in_array($sKey, $aParameters)) && (!in_array($sKey, $aExclude)) ) { $sUrl .= $sKey . '=' . rawurlencode($sValue) . '&'; } } } } return $sUrl; }
Copyright (c) 2003 - 2009 by the OOS Development Team. ---------------------------------------------------------------------- Based on: File: currencies.php,v 1.16 2003/02/12 20:27:31 hpdl ---------------------------------------------------------------------- osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2003 osCommerce ---------------------------------------------------------------------- Released under the GNU General Public License ---------------------------------------------------------------------- */ /** ensure this file is being included by a parent file */ defined('OOS_VALID_MOD') or die('Direct Access to this location is not allowed.'); if (isset($oCurrencies) && is_object($oCurrencies)) { reset($oCurrencies->currencies); $aCurrencies = array(); while (list($sKey, $value) = each($oCurrencies->currencies)) { $aCurrencies[] = array('id' => $sKey, 'text' => $value['title']); } $hidden_get_variables = ''; reset($_GET); while (list($sKey, $value) = each($_GET)) { if ($sKey != 'currency' && $sKey != oos_session_name() && $sKey != 'x' && $sKey != 'y') { $hidden_get_variables .= oos_draw_hidden_field($sKey, $value); } } $oos_pull_down_menu = oos_draw_pull_down_menu('currency', $aCurrencies, $_SESSION['currency'], 'onchange="this.form.submit();" style="width: 100%"') . $hidden_get_variables . oos_hide_session_id(); $oSmarty->assign(array('oos_pull_down_menu' => $oos_pull_down_menu, 'block_heading_currencies' => $block_heading)); }
function oos_get_all_get_params($exclude_array = '') { if ($exclude_array == '') $exclude_array = array(); $get_url = ''; reset($_GET); while (list($key, $value) = each($_GET)) { if (($key != oos_session_name()) && ($key != 'error') && (!oos_in_array($key, $exclude_array))) $get_url .= $key . '=' . $value . '&'; } return $get_url; }
?> </td> <td class="dataTableContent" align="center"><?php echo $whos_online['ip_address']; ?> </td> <td class="dataTableContent"><?php echo date('H:i:s', $whos_online['time_entry']); ?> </td> <td class="dataTableContent" align="center"><?php echo date('H:i:s', $whos_online['time_last_click']); ?> </td> <td class="dataTableContent"><?php if (eregi('^(.*)' . oos_session_name() . '=[a-f,0-9]+[&]*(.*)', $whos_online['last_page_url'], $array)) { echo $array[1] . $array[2]; } else { echo $whos_online['last_page_url']; } ?> </td> </tr> <?php // Move that ADOdb pointer! $whos_online_result->MoveNext(); } // Close result set $whos_online_result->Close(); ?> <tr>