function query($order_id)
{
global $store_id;
$order_query = smn_db_query("select customers_name, customers_company, customers_street_address, customers_city, customers_postcode, customers_state, customers_country, customers_telephone, customers_email_address, customers_address_format_id, delivery_name, delivery_company, delivery_street_address, delivery_city, delivery_postcode, delivery_state, delivery_country, delivery_address_format_id, billing_name, billing_company, billing_street_address, billing_city, billing_postcode, billing_state, billing_country, billing_address_format_id, payment_method, cc_type, cc_owner, cc_number, cc_expires, currency, currency_value, date_purchased, orders_status, last_modified from " . TABLE_ORDERS . " where store_id = '" . $store_id . "' and orders_id = '" . (int) $order_id . "'");
$order = smn_db_fetch_array($order_query);
$totals_query = smn_db_query("select title, text from " . TABLE_ORDERS_TOTAL . " where orders_id = '" . (int) $order_id . "' order by sort_order");
while ($totals = smn_db_fetch_array($totals_query)) {
$this->totals[] = array('title' => $totals['title'], 'text' => $totals['text']);
}
$this->info = array('currency' => $order['currency'], 'currency_value' => $order['currency_value'], 'payment_method' => $order['payment_method'], 'cc_type' => $order['cc_type'], 'cc_owner' => $order['cc_owner'], 'cc_number' => $order['cc_number'], 'cc_expires' => $order['cc_expires'], 'date_purchased' => $order['date_purchased'], 'orders_status' => $order['orders_status'], 'last_modified' => $order['last_modified']);
$this->customer = array('name' => $order['customers_name'], 'company' => $order['customers_company'], 'street_address' => $order['customers_street_address'], 'city' => $order['customers_city'], 'postcode' => $order['customers_postcode'], 'state' => $order['customers_state'], 'country' => $order['customers_country'], 'format_id' => $order['customers_address_format_id'], 'telephone' => $order['customers_telephone'], 'email_address' => $order['customers_email_address']);
$this->delivery = array('name' => $order['delivery_name'], 'company' => $order['delivery_company'], 'street_address' => $order['delivery_street_address'], 'city' => $order['delivery_city'], 'postcode' => $order['delivery_postcode'], 'state' => $order['delivery_state'], 'country' => $order['delivery_country'], 'format_id' => $order['delivery_address_format_id']);
$this->billing = array('name' => $order['billing_name'], 'company' => $order['billing_company'], 'street_address' => $order['billing_street_address'], 'city' => $order['billing_city'], 'postcode' => $order['billing_postcode'], 'state' => $order['billing_state'], 'country' => $order['billing_country'], 'format_id' => $order['billing_address_format_id']);
$index = 0;
$orders_products_query = smn_db_query("select orders_products_id, products_name, products_model, products_price, products_tax, products_quantity, final_price from " . TABLE_ORDERS_PRODUCTS . " where orders_id = '" . (int) $order_id . "'");
while ($orders_products = smn_db_fetch_array($orders_products_query)) {
$this->products[$index] = array('qty' => $orders_products['products_quantity'], 'name' => $orders_products['products_name'], 'model' => $orders_products['products_model'], 'tax' => $orders_products['products_tax'], 'price' => $orders_products['products_price'], 'final_price' => $orders_products['final_price']);
$subindex = 0;
$attributes_query = smn_db_query("select products_options, products_options_values, options_values_price, price_prefix from " . TABLE_ORDERS_PRODUCTS_ATTRIBUTES . " where orders_id = '" . (int) $order_id . "' and orders_products_id = '" . (int) $orders_products['orders_products_id'] . "'");
if (smn_db_num_rows($attributes_query)) {
while ($attributes = smn_db_fetch_array($attributes_query)) {
$this->products[$index]['attributes'][$subindex] = array('option' => $attributes['products_options'], 'value' => $attributes['products_options_values'], 'prefix' => $attributes['price_prefix'], 'price' => $attributes['options_values_price']);
$subindex++;
}
}
$index++;
}
}
function smn_expire_specials()
{
$specials_query = smn_db_query("select specials_id from " . TABLE_SPECIALS . " where status = '1' and now() >= expires_date and expires_date > 0");
if (smn_db_num_rows($specials_query)) {
while ($specials = smn_db_fetch_array($specials_query)) {
smn_set_specials_status($specials['specials_id'], '0');
}
}
}
function check()
{
global $store_id;
if (!isset($this->_check)) {
$check_query = smn_db_query("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_ORDER_TOTAL_LOWORDERFEE_STATUS' and store_id = '" . $store_id . "'");
$this->_check = smn_db_num_rows($check_query);
}
return $this->_check;
}
function smn_get_languages_directory($code)
{
global $languages_id;
$language_query = smn_db_query("select languages_id, directory from " . TABLE_LANGUAGES . " where code = '" . smn_db_input($code) . "'");
if (smn_db_num_rows($language_query)) {
$language = smn_db_fetch_array($language_query);
$languages_id = $language['languages_id'];
return $language['directory'];
} else {
return false;
}
}
function smn_get_affiliate_tax_rate($class_id, $country_id, $zone_id)
{
$tax_query = smn_db_query("select SUM(tax_rate) as tax_rate from " . TABLE_TAX_RATES . " tr left join " . TABLE_ZONES_TO_GEO_ZONES . " za ON tr.tax_zone_id = za.geo_zone_id left join " . TABLE_GEO_ZONES . " tz ON tz.geo_zone_id = tr.tax_zone_id WHERE (za.zone_country_id IS NULL OR za.zone_country_id = '0' OR za.zone_country_id = '" . $country_id . "') AND (za.zone_id IS NULL OR za.zone_id = '0' OR za.zone_id = '" . $zone_id . "') AND tr.tax_class_id = '" . $class_id . "' GROUP BY tr.tax_priority");
if (smn_db_num_rows($tax_query)) {
$tax_multiplier = 0;
while ($tax = smn_db_fetch_array($tax_query)) {
$tax_multiplier += $tax['tax_rate'];
}
return $tax_multiplier;
} else {
return 0;
}
}
function query($order_id)
{
global $languages_id, $shipping_store;
$order_id = smn_db_prepare_input($order_id);
$order_query = smn_db_query("select customers_id, customers_name, customers_company, customers_street_address, customers_city, customers_postcode, customers_state, customers_country, customers_telephone, customers_email_address, customers_address_format_id, delivery_name, delivery_company, delivery_street_address, delivery_city, delivery_postcode, delivery_state, delivery_country, delivery_address_format_id, billing_name, billing_company, billing_street_address, billing_city, billing_postcode, billing_state, billing_country, billing_address_format_id, payment_method, cc_type, cc_owner, cc_number, cc_expires, currency, currency_value, date_purchased, orders_status, last_modified from " . TABLE_ORDERS . " where orders_id = '" . (int) $order_id . "'");
$order = smn_db_fetch_array($order_query);
$totals_query = smn_db_query("select title, text from " . TABLE_ORDERS_TOTAL . " where orders_id = '" . (int) $order_id . "' order by sort_order");
while ($totals = smn_db_fetch_array($totals_query)) {
$this->totals[] = array('title' => $totals['title'], 'text' => $totals['text']);
}
$order_total_query = smn_db_query("select text from " . TABLE_ORDERS_TOTAL . " where orders_id = '" . (int) $order_id . "' and class = 'ot_total'");
$order_total = smn_db_fetch_array($order_total_query);
$shipping_method_query = smn_db_query("select title from " . TABLE_ORDERS_TOTAL . " where orders_id = '" . (int) $order_id . "' and class = 'ot_shipping'");
$shipping_method = smn_db_fetch_array($shipping_method_query);
$order_status_query = smn_db_query("select orders_status_name from " . TABLE_ORDERS_STATUS . " where orders_status_id = '" . $order['orders_status'] . "' and language_id = '" . (int) $languages_id . "'");
$order_status = smn_db_fetch_array($order_status_query);
$order_store_query = smn_db_query("select store_id from " . TABLE_ORDERS . " where orders_id = '" . (int) $order_id . "'");
$order_store = smn_db_fetch_array($order_store_query);
$this->info = array('currency' => $order['currency'], 'currency_value' => $order['currency_value'], 'payment_method' => $order['payment_method'], 'cc_type' => $order['cc_type'], 'cc_owner' => $order['cc_owner'], 'cc_number' => $order['cc_number'], 'cc_expires' => $order['cc_expires'], 'date_purchased' => $order['date_purchased'], 'orders_status' => $order_status['orders_status_name'], 'last_modified' => $order['last_modified'], 'total' => strip_tags($order_total['text']), 'shipping_method' => substr($shipping_method['title'], -1) == ':' ? substr(strip_tags($shipping_method['title']), 0, -1) : strip_tags($shipping_method['title']));
$this->info_store[$order_store[store_id]] = array('shipping_cost' => $shipping_store[$order_store[store_id]]['cost'], 'shipping_method' => $shipping_store[$order_store[store_id]]['title']);
$this->customer = array('id' => $order['customers_id'], 'name' => $order['customers_name'], 'company' => $order['customers_company'], 'street_address' => $order['customers_street_address'], 'city' => $order['customers_city'], 'postcode' => $order['customers_postcode'], 'state' => $order['customers_state'], 'country' => array('title' => $order['customers_country']), 'format_id' => $order['customers_address_format_id'], 'telephone' => $order['customers_telephone'], 'email_address' => $order['customers_email_address']);
$this->delivery = array('name' => trim($order['delivery_name']), 'company' => $order['delivery_company'], 'street_address' => $order['delivery_street_address'], 'city' => $order['delivery_city'], 'postcode' => $order['delivery_postcode'], 'state' => $order['delivery_state'], 'country' => array('title' => $order['delivery_country']), 'format_id' => $order['delivery_address_format_id']);
if (empty($this->delivery['name']) && empty($this->delivery['street_address'])) {
$this->delivery = false;
}
$this->billing = array('name' => $order['billing_name'], 'company' => $order['billing_company'], 'street_address' => $order['billing_street_address'], 'city' => $order['billing_city'], 'postcode' => $order['billing_postcode'], 'state' => $order['billing_state'], 'country' => array('title' => $order['billing_country']), 'format_id' => $order['billing_address_format_id']);
$index = 0;
$orders_products_query = smn_db_query("select op.orders_products_id, op.products_id,o.store_id, op.products_name, op.products_model, op.products_price, op.products_tax, op.products_quantity, op.final_price from " . TABLE_ORDERS_PRODUCTS . " op," . TABLE_ORDERS . " o where op.orders_id = '" . (int) $order_id . "' and op.orders_id=o.orders_id");
while ($orders_products = smn_db_fetch_array($orders_products_query)) {
$this->products[$index] = array('qty' => $orders_products['products_quantity'], 'id' => $orders_products['products_id'], 'products_store_id' => $orders_products['store_id'], 'name' => $orders_products['products_name'], 'model' => $orders_products['products_model'], 'tax' => $orders_products['products_tax'], 'price' => $orders_products['products_price'], 'final_price' => $orders_products['final_price']);
$subindex = 0;
$attributes_query = smn_db_query("select products_options, products_options_values, options_values_price, price_prefix from " . TABLE_ORDERS_PRODUCTS_ATTRIBUTES . " where orders_id = '" . (int) $order_id . "' and orders_products_id = '" . (int) $orders_products['orders_products_id'] . "'");
if (smn_db_num_rows($attributes_query)) {
while ($attributes = smn_db_fetch_array($attributes_query)) {
$this->products[$index]['attributes'][$subindex] = array('option' => $attributes['products_options'], 'value' => $attributes['products_options_values'], 'prefix' => $attributes['price_prefix'], 'price' => $attributes['options_values_price']);
$subindex++;
}
}
$this->info['tax_groups']["{$this->products[$index]['tax']}"] = '1';
$index++;
}
}
function mall_setup($store_id = 1)
{
$this->set_store_id((int) $store_id);
$store_query = smn_db_query("select sm.*, sd.store_description, sd.store_name, a.admin_groups_id from " . TABLE_STORE_MAIN . " sm, " . TABLE_STORE_DESCRIPTION . " sd, " . TABLE_ADMIN . " a WHERE sm.store_id = '" . $this->store_id . "' and sd.store_id = '" . $this->store_id . "' and a.store_id = '" . $this->store_id . "'");
if (smn_db_num_rows($store_query) == 0) {
$this->store_id = 1;
$store_query = smn_db_query("select sm.*, sd.store_description, sd.store_name, a.admin_groups_id from " . TABLE_STORE_MAIN . " sm, " . TABLE_STORE_DESCRIPTION . " sd, " . TABLE_ADMIN . " a WHERE sm.store_id = '1' and sd.store_id = '1' and a.store_id = '1' LIMIT 1");
}
$store_array = smn_db_fetch_array($store_query);
$store_info_query = smn_db_query("select c.*, ab.* from " . TABLE_CUSTOMERS . " c, " . TABLE_ADDRESS_BOOK . " ab WHERE c.customers_id = '" . $store_array['customer_id'] . "' and c.customers_id = ab.customers_id and c.customers_default_address_id = ab.address_book_id LIMIT 1");
$store_info_array = smn_db_fetch_array($store_info_query);
$this->set_store_customer_id($store_array['customer_id']);
$this->set_store_group_id($store_array['admin_groups_id']);
$this->set_store_company($store_info_array['entry_company']);
$this->set_store_dob($store_info_array['customers_dob']);
$this->set_store_telephone($store_info_array['customers_telephone']);
$this->set_store_fax($store_info_array['customers_fax']);
$this->set_store_name(stripslashes($store_array['store_name']));
$this->set_store_logo($store_array['store_image']);
$this->set_store_zone($store_info_array['entry_zone_id']);
$this->set_store_owner_email_address($store_info_array['customers_email_address']);
$this->set_email_from($this->get_store_name() . '<' . $this->get_store_owner_email_address() . '>');
$this->set_store_country($store_info_array['entry_country_id']);
$state_name_query = smn_db_query("select zone_name from " . TABLE_ZONES . " where zone_id = '" . (int) $store_info_array['entry_zone_id'] . "' LIMIT 1");
$state_name_value = smn_db_fetch_array($state_name_query);
$state = $state_name_value['zone_name'];
$country_query = smn_db_query("select countries_name from " . TABLE_COUNTRIES . " where countries_id = '" . (int) $store_info_array['entry_country_id'] . "' LIMIT 1");
$country_name = smn_db_fetch_array($country_query);
$country = $country_name['countries_name'];
$this->set_store_name_address($this->get_store_name() . "<br />" . $store_info_array['entry_street_address'] . "<br />" . $store_info_array['entry_city'] . "<br />" . $state . "<br />" . $country . "<br />" . $store_info_array['entry_postcode'] . "<br />");
$this->set_shipping_origin_country($store_info_array['entry_country_id']);
$this->set_shipping_origin_zip($store_info_array['entry_postcode']);
$this->set_store_type((int) $store_array['store_type']);
$this->set_store_description($store_array['store_description']);
$this->set_store_status((int) $store_array['store_status']);
}
function customers_csv($search_string_start, $search_string_end, $export_file_name, $status_filter = '')
{
if (file_exists(DIR_FS_ADMIN . "order/" . $export_file_name . ".csv")) {
unlink(DIR_FS_ADMIN . "order/" . $export_file_name . ".csv");
}
touch(DIR_FS_ADMIN . "order/" . $export_file_name . ".csv");
$filter_string = "";
if ($status_filter != '') {
$filter_string = " and o.orders_status = '" . $status_filter . "' ";
}
$SeparatorString = '|';
$customers_query = smn_db_query("SELECT o.customers_id FROM " . TABLE_ORDERS . " o WHERE o.customers_id >= '" . (int) $search_string_start . "'\n and o.customers_id <= '" . (int) $search_string_end . "'\n " . $filter_string . "\n GROUP BY o.customers_id ORDER BY o.customers_id");
if (smn_db_num_rows($customers_query)) {
while ($cust = smn_db_fetch_array($customers_query)) {
$sql = "SELECT * FROM " . TABLE_ORDERS . " o WHERE customers_id=" . $cust['customers_id'] . " " . $filter_string . " ORDER BY orders_id DESC LIMIT 1";
$orders_query = smn_db_query($sql);
while ($customers = smn_db_fetch_array($orders_query)) {
switch ($customers['delivery_country']) {
case 'Austria':
$service = 130;
break;
case 'Belgium':
$service = 131;
break;
case 'Denmark':
$service = 133;
break;
case 'Finland':
$service = 135;
break;
case 'France':
$service = 136;
break;
case 'Germany':
$service = 145;
break;
case 'Ireland':
$service = 212;
break;
case 'Italy':
$service = 137;
break;
case 'Luxembourg':
$service = 139;
break;
case 'Netherlands':
$service = 140;
break;
case 'Northern Ireland':
$service = 212;
break;
case 'Portugal':
$service = 142;
break;
case 'Spain':
$service = 134;
break;
case 'Sweden':
$service = 143;
break;
default:
$service = 212;
break;
}
$fp = fopen(DIR_FS_ADMIN . "order/" . $export_file_name . ".csv", "a") or die("can not open file!");
$export_data = array(sprintf("%05d", $customers['customers_id']), sizeof($customers['customers_name']) > 35 ? sprintf("%35s", $customers['customers_name']) : $customers['customers_name'], sizeof($customers['delivery_street_address']) > 35 ? sprintf("%35s", $customers['delivery_street_address']) : $customers['delivery_street_address'], sizeof($customers['delivery_city']) > 35 ? sprintf("%35s", $customers['delivery_city']) : $customers['delivery_city'], sizeof($customers['delivery_state']) > 35 ? sprintf("%35s", $customers['delivery_state']) : $customers['delivery_state'], sizeof($customers['delivery_postcode']) > 20 ? sprintf("%20s", $customers['delivery_postcode']) : $customers['delivery_postcode'], $service, sizeof($customers['customers_telephone']) > 15 ? sprintf("%15s", $customers['customers_telephone']) : $customers['customers_telephone'], sizeof($customers['customers_email_address']) > 50 ? sprintf("%50s", $customers['customers_email_address']) : $customers['customers_email_address']);
$count = 1;
foreach ($export_data as $val) {
if ($count == 11) {
$count = 1;
}
if ($count == 10) {
$insert = '';
$insert = $val . "\n";
} else {
$insert = '';
$insert = $val . $SeparatorString;
}
$count += 1;
fwrite($fp, $insert);
}
fclose($fp);
}
}
}
if (file_exists(DIR_FS_ADMIN . "order/" . $export_file_name . ".csv")) {
return 'true';
} else {
return 'false';
}
}
Copyright (c) 2002 - 2005 SystemsManager.Net
SystemsManager Technologies
oscMall System Version 4
http://www.systemsmanager.net
Portions Copyright (c) 2002 osCommerce
This source file is subject to version 2.0 of the GPL license,
that is bundled with this package in the file LICENSE. If you
did not receive a copy of the oscMall System license and are unable
to obtain it through the world-wide-web, please send a note to
license@systemsmanager.net so we can mail you a copy immediately.
*/
if ($_GET['products_id']) {
$xsell_query = smn_db_query("select distinct p.store_id, p.products_id, p.products_image, pd.products_name, p.products_tax_class_id, products_price from " . TABLE_PRODUCTS_XSELL . " xp, " . TABLE_PRODUCTS . " p, " . TABLE_PRODUCTS_DESCRIPTION . " pd where p.store_id = '" . $store_id . "' and xp.products_id = '" . $_GET['products_id'] . "' and xp.xsell_id = p.products_id and p.products_id = pd.products_id and pd.language_id = '" . $languages_id . "' and p.products_status = '1' order by xp.products_id asc limit " . MAX_DISPLAY_ALSO_PURCHASED);
$num_products_xsell = smn_db_num_rows($xsell_query);
if ($num_products_xsell >= MIN_DISPLAY_XSELL) {
?>
<!-- xsell_products //-->
<?php
$info_box_contents = array();
$info_box_contents[] = array('align' => 'left', 'text' => TEXT_XSELL_PRODUCTS);
new contentBoxHeading($info_box_contents);
$row = 0;
$col = 0;
$info_box_contents = array();
while ($xsell = smn_db_fetch_array($xsell_query)) {
$xsell['specials_new_products_price'] = smn_get_products_special_price($xsell['products_id']);
$store_images = 'images/' . $xsell['store_id'] . '_images/';
if ($xsell['specials_new_products_price']) {
}
} else {
$super_user = '******';
if (!smn_session_is_registered('super_user')) {
smn_session_register('super_user');
}
if (intval($_GET['ID']) != intval($switch_store_id)) {
smn_redirect(smn_href_link(FILENAME_LOGOFF));
}
$store_id = $check['store_id'];
smn_session_register('store_id');
}
$filename = basename($PHP_SELF);
if ($filename != FILENAME_DEFAULT && $filename != FILENAME_FORBIDEN && $filename != FILENAME_LOGOFF && $filename != FILENAME_ADMIN_ACCOUNT && $filename != FILENAME_POPUP_IMAGE && $filename != 'packingslip.php' && $filename != 'invoice.php') {
$db_file_query = smn_db_query("select admin_files_name, admin_groups_id from " . TABLE_ADMIN_FILES . " where FIND_IN_SET( '" . $login_groups_id . "', admin_groups_id) and admin_files_name = '" . $filename . "'");
if (!smn_db_num_rows($db_file_query)) {
//smn_redirect(smn_href_link(FILENAME_FORBIDEN));
} else {
$db_file = smn_db_fetch_array($db_file_query);
}
}
}
// Check login and file access
if (basename($PHP_SELF) != FILENAME_LOGOFF && basename($PHP_SELF) != FILENAME_LOGIN && basename($PHP_SELF) != FILENAME_PASSWORD_FORGOTTEN) {
if (!smn_session_is_registered('login_id')) {
smn_session_unregister('store_id');
smn_session_unregister('login_id');
if ($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
echo '{
success: false,
errorType: "login",
license@systemsmanager.net so we can mail you a copy immediately.
*/
global $page_name;
// include validation functions (right now only email address)
require DIR_WS_FUNCTIONS . 'validations.php';
// include the mail classes
require DIR_WS_CLASSES . 'mime.php';
require DIR_WS_CLASSES . 'email.php';
if (!smn_session_is_registered('customer_id') && ALLOW_GUEST_TO_TELL_A_FRIEND == 'false') {
$navigation->set_snapshot();
smn_redirect(smn_href_link(FILENAME_LOGIN, '', 'NONSSL'));
}
$valid_product = false;
if (isset($_GET['products_id'])) {
$product_info_query = smn_db_query("select p.store_id, pd.products_name from " . TABLE_PRODUCTS . " p, " . TABLE_PRODUCTS_DESCRIPTION . " pd where p.products_status = '1' and p.products_id = '" . (int) $_GET['products_id'] . "' and p.products_id = pd.products_id and pd.language_id = '" . (int) $languages_id . "'");
if (smn_db_num_rows($product_info_query)) {
$valid_product = true;
$product_info = smn_db_fetch_array($product_info_query);
}
}
if ($valid_product == false) {
smn_redirect(smn_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $_GET['products_id']));
}
if (isset($_GET['action']) && $_GET['action'] == 'process') {
$error = false;
$to_email_address = smn_db_prepare_input($_POST['to_email_address']);
$to_name = smn_db_prepare_input($_POST['to_name']);
$from_email_address = smn_db_prepare_input($_POST['from_email_address']);
$from_name = smn_db_prepare_input($_POST['from_name']);
$message = smn_db_prepare_input($_POST['message']);
if (empty($from_name)) {
if (isset($cPath) && $cPath != '') {
if (strpos('_', $cPath)) {
// check to see if there are deeper categories within the current category
$category_links = array_reverse($cPath_array);
for ($i = 0, $n = sizeof($category_links); $i < $n; $i++) {
$categories_query = smn_db_query("select count(*) as total from " . TABLE_CATEGORIES . " c, " . TABLE_CATEGORIES_DESCRIPTION . " cd where c.store_id= '" . $store->get_store_id() . "' and c.parent_id = '" . (int) $category_links[$i] . "' and c.categories_id = cd.categories_id and cd.language_id = '" . (int) $languages_id . "'");
$categories = smn_db_fetch_array($categories_query);
if ($categories['total'] < 1) {
// do nothing, go through the loop
} else {
$categories_query = smn_db_query("select c.categories_id, cd.categories_description, cd.categories_name, c.categories_image, c.parent_id from " . TABLE_CATEGORIES . " c, " . TABLE_CATEGORIES_DESCRIPTION . " cd where c.store_id= '" . $store->get_store_id() . "' and c.parent_id = '" . (int) $category_links[$i] . "' and c.categories_id = cd.categories_id and cd.language_id = '" . (int) $languages_id . "' order by sort_order, cd.categories_name");
break;
// we've found the deepest category the customer is in
}
}
}
} else {
$categories_query = smn_db_query("select c.categories_id, cd.categories_description, cd.categories_name, c.categories_image, c.parent_id from " . TABLE_CATEGORIES . " c, " . TABLE_CATEGORIES_DESCRIPTION . " cd where c.store_id= '" . $store->get_store_id() . "' and c.parent_id = '" . (int) $current_category_id . "' and c.categories_id = cd.categories_id and cd.language_id = '" . (int) $languages_id . "' order by sort_order, cd.categories_name");
}
$number_of_categories = smn_db_num_rows($categories_query);
$rows = 0;
while ($categories = smn_db_fetch_array($categories_query)) {
$rows++;
$cPath_new = smn_get_path($categories['categories_id']);
$width = (int) (100 / MAX_DISPLAY_CATEGORIES_PER_ROW) . '%';
echo ' <td align="center" class="smallText" width="' . $width . '" valign="top"><a href="' . smn_href_link(FILENAME_DEFAULT, $cPath_new) . '">' . smn_image(DIR_WS_IMAGES . $categories['categories_image'], '', SUBCATEGORY_IMAGE_WIDTH, SUBCATEGORY_IMAGE_HEIGHT, 'onmouseover=\'toolTip("' . ($categories['categories_description'] == '' ? $categories['categories_name'] : $categories['categories_description']) . '",this)\'') . '<br>' . $categories['categories_name'] . '</a></td>' . "\n";
if ($rows / MAX_DISPLAY_CATEGORIES_PER_ROW == floor($rows / MAX_DISPLAY_CATEGORIES_PER_ROW) && $rows != $number_of_categories) {
echo ' </tr>' . "\n";
echo ' <tr>' . "\n";
}
}
$L_state = smn_get_zone_name($_POST['country'], $zone_id, '');
$profile_edit->set_zone_id($zone_id);
$profile_edit->set_state($L_state);
} else {
$profile_edit->set_zone_id('0');
$profile_edit->set_state($_POST['state']);
}
$customer_id = $profile_edit->create($customer_id);
if ($store->is_store_owner($customer_id)) {
// file uploading class
require DIR_WS_CLASSES . 'upload.php';
if (function_exists('ini_get') && (bool) ini_get('file_uploads') == false) {
$messageStack->add(WARNING_FILE_UPLOADS_DISABLED, 'warning');
}
$store_query = smn_db_query("select store_name from " . TABLE_STORE_DESCRIPTION . " WHERE store_name like '" . $_POST['store_edit_name'] . "'");
if (smn_db_num_rows($store_query)) {
$error = true;
$messageStack->add('account_edit', ENTRY_STORE_NAME_ERROR);
} else {
$store_edit->set_store_name($_POST['store_edit_name']);
}
$store_edit->set_store_description($_POST['store_description']);
$store_edit->update_store_info();
$store_edit->set_store_logo('store_image');
$error_text = $store_edit->put_logo_image('update');
if ($error_text != '') {
smn_session_register('error_text');
}
}
$customer_first_name = $firstname;
$messageStack->add_session('account_edit', SUCCESS_ACCOUNT_UPDATED, 'success');
function smn_count_store_in_category($store_category_id, $include_inactive = false)
{
$store_count = 0;
if ($include_inactive == true) {
$store_query = smn_db_query("select count(*) as total from " . TABLE_STORE_MAIN . " p, " . TABLE_STORE_TO_CATEGORIES . " p2c where p.store_id = p2c.store_id and p2c.store_categories_id = '" . (int) $store_category_id . "'");
} else {
$store_query = smn_db_query("select count(*) as total from " . TABLE_STORE_MAIN . " p, " . TABLE_STORE_TO_CATEGORIES . " p2c where p.store_id = p2c.store_id and p.store_status = '1' and p2c.store_categories_id = '" . (int) $store_category_id . "'");
}
$store = smn_db_fetch_array($store_query);
$store_count += $store['total'];
$child_store_categories_query = smn_db_query("select store_categories_id from " . TABLE_STORE_CATEGORIES . " where store_parent_id = '" . (int) $store_category_id . "'");
if (smn_db_num_rows($child_store_categories_query)) {
while ($child_store_categories = smn_db_fetch_array($child_store_categories_query)) {
$store_count += smn_count_store_in_category($child_store_categories['store_categories_id'], $include_inactive);
}
}
return $store_count;
}
smn_redirect(smn_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $_GET['gID'] . '&gName=used&action=edit_group'));
} else {
$admin_groups_id = $_GET['gID'];
smn_db_perform(TABLE_ADMIN_GROUPS, $sql_data_array, 'update', "admin_groups_id = '" . $admin_groups_id . "'");
smn_redirect(smn_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $admin_groups_id));
}
}
break;
case 'group_new':
$admin_groups_name = ucwords(strtolower(smn_db_prepare_input($_POST['admin_groups_name'])));
$name_replace = ereg_replace(" ", "%", $admin_groups_name);
if ($admin_groups_name == '' || NULL || strlen($admin_groups_name) <= 5) {
smn_redirect(smn_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $_GET[gID] . '&gName=false&action=new_group'));
} elseif ($_GET['gID'] != 'edit_group') {
$check_groups_name_query = smn_db_query("select admin_groups_name as group_name_new from " . TABLE_ADMIN_GROUPS . " where admin_groups_name like '%" . $name_replace . "%'");
$check_duplicate = smn_db_num_rows($check_groups_name_query);
if ($check_duplicate > 0) {
smn_redirect(smn_href_link(FILENAME_ADMIN_MEMBERS, 'gID=' . $_GET['gID'] . '&gName=used&action=new_group'));
} else {
$sql_product_data_array = array('products_quantity' => '1000', 'products_model' => 'mem_6_', 'products_price' => smn_db_prepare_input($_POST['admin_groups_cost']), 'products_date_available' => date('Y-m-d'), 'store_id' => 1, 'products_weight' => '0', 'products_status' => '1', 'products_tax_class_id' => '', 'products_date_added' => 'now()', 'products_image' => '', 'manufacturers_id' => '');
smn_db_perform(TABLE_PRODUCTS, $sql_product_data_array);
$products_id = smn_db_insert_id();
smn_db_query("insert into " . TABLE_PRODUCTS_TO_CATEGORIES . " (products_id, categories_id) values ('" . (int) $products_id . "', '1')");
$languages = smn_get_languages();
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
$language_id = $languages[$i]['id'];
$sql_data_array = array('products_id' => $products_id, 'products_name' => smn_db_prepare_input($admin_groups_name), 'language_id' => $language_id, 'products_url' => HTTP_CATALOG_SERVER);
smn_db_perform(TABLE_PRODUCTS_DESCRIPTION, $sql_data_array);
}
$sql_data_array = array('admin_groups_name' => $admin_groups_name, 'admin_groups_store_type' => smn_db_prepare_input($_POST['admin_groups_store_types']), 'admin_groups_products_id' => $products_id, 'admin_sales_cost' => smn_db_prepare_input($_POST['admin_sales_cost']), 'admin_groups_max_products' => smn_db_prepare_input($_POST['admin_groups_max_products']));
smn_db_perform(TABLE_ADMIN_GROUPS, $sql_data_array);
$sql_data_array['customers_gender'] = $gender;
}
if (isset($_POST['primary']) && $_POST['primary'] == 'on') {
$sql_data_array['customers_default_address_id'] = $new_address_book_id;
}
smn_db_perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id = '" . (int) $customer_id . "'");
}
$messageStack->add_session('addressbook', SUCCESS_ADDRESS_BOOK_ENTRY_UPDATED, 'success');
}
}
smn_redirect(smn_href_link(FILENAME_ADDRESS_BOOK, '', 'NONSSL'));
}
}
if (isset($_GET['edit']) && is_numeric($_GET['edit'])) {
$entry_query = smn_db_query("select entry_gender, entry_company, entry_firstname, entry_lastname, entry_street_address, entry_postcode, entry_city, entry_state, entry_zone_id, entry_country_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int) $customer_id . "' and address_book_id = '" . (int) $_GET['edit'] . "'");
if (!smn_db_num_rows($entry_query)) {
$messageStack->add_session('addressbook', ERROR_NONEXISTING_ADDRESS_BOOK_ENTRY);
smn_redirect(smn_href_link(FILENAME_ADDRESS_BOOK, '', 'NONSSL'));
}
$entry = smn_db_fetch_array($entry_query);
} elseif (isset($_GET['delete']) && is_numeric($_GET['delete'])) {
if ($_GET['delete'] == $customer_default_address_id) {
$messageStack->add_session('addressbook', WARNING_PRIMARY_ADDRESS_DELETION, 'warning');
smn_redirect(smn_href_link(FILENAME_ADDRESS_BOOK, '', 'NONSSL'));
} else {
$check_query = smn_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where address_book_id = '" . (int) $_GET['delete'] . "' and customers_id = '" . (int) $customer_id . "'");
$check = smn_db_fetch_array($check_query);
if ($check['total'] < 1) {
$messageStack->add_session('addressbook', ERROR_NONEXISTING_ADDRESS_BOOK_ENTRY);
smn_redirect(smn_href_link(FILENAME_ADDRESS_BOOK, '', 'NONSSL'));
}
function smn_banner_exists($action, $identifier, $prodid = 0, $cPath = 0)
{
if ($prodid != 0 && $cPath == 0) {
$sql = "SELECT categories_id FROM " . TABLE_PRODUCTS_TO_CATEGORIES . " WHERE products_id={$prodid}";
$row = smn_db_fetch_array(smn_db_query($sql));
$catid = $row['categories_id'];
} else {
$catid = $cPath;
}
if ($catid == 0) {
if ($action == 'dynamic') {
return smn_random_select("select banners_group, banners_id, banners_title, banners_image, banners_html_text from " . TABLE_BANNERS . " where status = '1' and banners_group = '" . $identifier . "'");
} elseif ($action == 'static') {
$banner_query = smn_db_query("select banners_group, banners_id, banners_title, banners_image, banners_html_text from " . TABLE_BANNERS . " where status = '1' and banners_id = '" . (int) $identifier . "'");
return smn_db_fetch_array($banner_query);
} else {
return false;
}
} else {
if ($action == 'dynamic') {
$sql = "select banners_group, banners_id, banners_title, banners_image, banners_html_text from " . TABLE_BANNERS . " where status = '1' and categories_id=" . $catid . " and banners_group = '" . $identifier . "'";
$qry = smn_db_query($sql);
if (smn_db_num_rows($qry) > 0) {
return smn_random_select($sql);
} else {
$sql = "select banners_group, banners_id, banners_title, banners_image, banners_html_text from " . TABLE_BANNERS . " where status = '1' and categories_id=0 and banners_group = '" . $identifier . "'";
return smn_random_select($sql);
}
} elseif ($action == 'static') {
$sql = "select banners_group, banners_id, banners_title, banners_image, banners_html_text from " . TABLE_BANNERS . " where status = '1' and categories_id=" . $catid . " and banners_id = '" . (int) $identifier . "'";
$banner_query = smn_db_query($sql);
if (smn_db_num_rows($banner_query) > 0) {
return smn_db_fetch_array($banner_query);
} else {
$sql = "select banners_group, banners_id, banners_title, banners_image, banners_html_text from " . TABLE_BANNERS . " where status = '1' and banners_id = '" . (int) $identifier . "'";
$banner_query = smn_db_query($sql);
return smn_db_fetch_array($banner_query);
}
} else {
return false;
}
}
}
$attributes = smn_db_query($attributes_query);
} else {
$attributes = smn_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . $order->products[$i]['id'] . "' and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $languages_id . "' and poval.language_id = '" . $languages_id . "'");
}
$attributes_values = smn_db_fetch_array($attributes);
if (strstr($attributes_values['products_options_name'], 'Stream')) {
$content_type = 'stream_product';
}
if ($content_type == 'stream_product') {
$start_day = getdate();
$day = $start_day['mday'];
$month = $start_day['mon'];
$year = $start_day['year'];
$time_entry = strftime('%d', mktime(0, 0, 0, $month, $day, $year)) . '-' . strftime('%m', mktime(0, 0, 0, $month, $day, $year)) . '-' . strftime('%Y', mktime(0, 0, 0, $month, $day, $year));
$streaming_query = smn_db_query("select * from " . TABLE_STREAMING_PRODUCTS_INFO . " where products_id = '" . $use_products_id . "'");
if (smn_db_num_rows($streaming_query)) {
$streaming_values = smn_db_fetch_array($streaming_query);
}
if (!smn_session_is_registered('authorization_code')) {
smn_session_register('authorization_code');
}
$random = rand();
$string = md5($random);
$authorization_code = substr($string, 20);
$sql_data_array = array('customer_id' => $customer_id, 'products_id' => $order->products[$i]['id'], 'purchase_id' => $authorization_code, 'time_entry' => $time_entry, 'time_expire' => (int) $order->products[$i]['time_expire'], 'total_click' => 0, 'total_click_allowed' => (int) $order->products[$i]['total_click_allowed']);
smn_db_perform(TABLE_STREAMING_PRODUCTS, $sql_data_array);
}
$sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'products_options' => $attributes_values['products_options_name'], 'products_options_values' => $attributes_values['products_options_values_name'], 'options_values_price' => $attributes_values['options_values_price'], 'price_prefix' => $attributes_values['price_prefix']);
smn_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array);
if (DOWNLOAD_ENABLED == 'true' && isset($attributes_values['products_attributes_filename']) && smn_not_null($attributes_values['products_attributes_filename'])) {
$sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'orders_products_filename' => $attributes_values['products_attributes_filename'], 'download_maxdays' => $attributes_values['products_attributes_maxdays'], 'download_count' => $attributes_values['products_attributes_maxcount']);
}
$passlen = strlen($a_password);
if ($passlen < ENTRY_PASSWORD_MIN_LENGTH) {
$error = true;
$entry_password_error = true;
} else {
$entry_password_error = false;
}
if ($a_password != $a_confirmation) {
$error = true;
$entry_password_error = true;
}
/* Changed the query to check the uniqueness of customer email By Cimi on June 13,2007*/
/*$check_email = smn_db_query("select affiliate_email_address from " . TABLE_AFFILIATE . " where affiliate_email_address = '" . smn_db_input($a_email_address) . "'");*/
$check_email = smn_db_query("select customers_email_address from " . TABLE_CUSTOMERS . " where customers_email_address = '" . smn_db_input($a_email_address) . "'");
if (smn_db_num_rows($check_email)) {
$error = true;
$entry_email_address_exists = true;
} else {
$entry_email_address_exists = false;
}
// Check Suburb
$entry_suburb_error = false;
// Check Fax
$entry_fax_error = false;
if (!affiliate_check_url($a_homepage)) {
$error = true;
$entry_homepage_error = true;
} else {
$entry_homepage_error = false;
}
function check()
{
if (!isset($this->_check)) {
$check_query = smn_db_query("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'MODULE_PAYMENT_SUREPAY_STATUS'");
$this->_check = smn_db_num_rows($check_query);
}
return $this->_check;
}
$products_name = $_POST['products_name'];
$products_description = $_POST['products_description'];
$products_url = $_POST['products_url'];
}
$manufacturers_array = array(array('id' => '', 'text' => TEXT_NONE));
$manufacturers_query = smn_db_query("select manufacturers_id, manufacturers_name from " . TABLE_MANUFACTURERS . " order by manufacturers_name");
while ($manufacturers = smn_db_fetch_array($manufacturers_query)) {
$manufacturers_array[] = array('id' => $manufacturers['manufacturers_id'], 'text' => $manufacturers['manufacturers_name']);
}
$tax_class_array = array(array('id' => '0', 'text' => TEXT_NONE));
$tax_class_query = smn_db_query("select tax_class_id, tax_class_title from " . TABLE_TAX_CLASS . " where store_id = '" . $store_id . "' order by tax_class_title");
$languages = smn_get_languages();
if ($store_id != 1) {
$categories_selected = '';
$categories_check_query = smn_db_query("select categories_id from " . TABLE_PRODUCTS_TO_CATEGORIES . " where products_id = '" . (int) $products_id . "' and store_id = '1'");
if (smn_db_num_rows($categories_check_query)) {
$categories_check = smn_db_fetch_array($categories_check_query);
$categories_selected = (int) $categories_check['categories_id'];
}
$categories_array = smn_get_main_categories();
}
while ($tax_class = smn_db_fetch_array($tax_class_query)) {
$tax_class_array[] = array('id' => $tax_class['tax_class_id'], 'text' => $tax_class['tax_class_title']);
}
if (!isset($pInfo->products_status)) {
$pInfo->products_status = '1';
}
switch ($pInfo->products_status) {
case '0':
$in_status = false;
$out_status = true;
if (strlen($city) < ENTRY_CITY_MIN_LENGTH) {
$error = true;
$messageStack->add('create_account', ENTRY_CITY_ERROR);
}
if (is_numeric($country) == false) {
$error = true;
$messageStack->add('create_account', ENTRY_COUNTRY_ERROR);
}
if (ACCOUNT_STATE == 'true') {
$zone_id = 0;
$check_query = smn_db_query("select count(*) as total from " . TABLE_ZONES . " where zone_country_id = '" . (int) $country . "'");
$check = smn_db_fetch_array($check_query);
$entry_state_has_zones = $check['total'] > 0;
if ($entry_state_has_zones == true) {
$zone_query = smn_db_query("select distinct zone_id from " . TABLE_ZONES . " where zone_country_id = '" . (int) $country . "' and (upper(zone_name) = upper('" . smn_db_input($state) . "') or upper(zone_code) = upper('" . smn_db_input($state) . "'))");
if (smn_db_num_rows($zone_query) == 1) {
$zone = smn_db_fetch_array($zone_query);
$zone_id = $zone['zone_id'];
} else {
$error = true;
$entry_state_error = true;
$messageStack->add('create_account', ENTRY_STATE_ERROR_SELECT);
}
} else {
if (strlen($state) < ENTRY_STATE_MIN_LENGTH) {
$error = true;
$messageStack->add('create_account', ENTRY_STATE_ERROR);
}
}
}
if (strlen($telephone) < ENTRY_TELEPHONE_MIN_LENGTH) {
</td>
<td class="smallText" align="right"><?php
echo $gv_split->display_links($gv_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $_GET['page']);
?>
</td>
</tr>
</table></td>
</tr>
</table></td>
<?php
$heading = array();
$contents = array();
$heading[] = array('text' => '[' . $gInfo->coupon_id . '] ' . ' ' . $currencies->format($gInfo->coupon_amount));
$redeem_query = smn_db_query("select * from " . TABLE_COUPON_REDEEM_TRACK . " where coupon_id = '" . $gInfo->coupon_id . "'");
$redeemed = 'No';
if (smn_db_num_rows($redeem_query) > 0) {
$redeemed = 'Yes';
}
$contents[] = array('text' => TEXT_INFO_SENDERS_ID . ' ' . $gInfo->customer_id_sent);
$contents[] = array('text' => TEXT_INFO_AMOUNT_SENT . ' ' . $currencies->format($gInfo->coupon_amount));
$contents[] = array('text' => TEXT_INFO_DATE_SENT . ' ' . smn_date_short($gInfo->date_sent));
$contents[] = array('text' => TEXT_INFO_VOUCHER_CODE . ' ' . $gInfo->coupon_code);
$contents[] = array('text' => TEXT_INFO_EMAIL_ADDRESS . ' ' . $gInfo->emailed_to);
if ($redeemed == 'Yes') {
$redeem = smn_db_fetch_array($redeem_query);
$contents[] = array('text' => '<br>' . TEXT_INFO_DATE_REDEEMED . ' ' . smn_date_short($redeem['redeem_date']));
$contents[] = array('text' => TEXT_INFO_IP_ADDRESS . ' ' . $redeem['redeem_ip']);
$contents[] = array('text' => TEXT_INFO_CUSTOMERS_ID . ' ' . $redeem['customer_id']);
} else {
$contents[] = array('text' => '<br>' . TEXT_INFO_NOT_REDEEMED);
}
<!-- downloads //-->
<?php
if (!strstr($PHP_SELF, FILENAME_ACCOUNT_HISTORY_INFO)) {
// Get last order id for checkout_success
$orders_query_raw = "SELECT orders_id FROM " . TABLE_ORDERS . " WHERE customers_id = '" . $customer_id . "' ORDER BY orders_id DESC LIMIT 1";
$orders_query = smn_db_query($orders_query_raw);
$orders_values = smn_db_fetch_array($orders_query);
$last_order = $orders_values['orders_id'];
} else {
$last_order = $_GET['order_id'];
}
// Now get all downloadable products in that order
$downloads_query_raw = "SELECT DATE_FORMAT(date_purchased, '%Y-%m-%d') as date_purchased_day, opd.download_maxdays, op.products_name, opd.orders_products_download_id, opd.orders_products_filename, opd.download_count, opd.download_maxdays\n FROM " . TABLE_ORDERS . " o, " . TABLE_ORDERS_PRODUCTS . " op, " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " opd\n WHERE customers_id = '" . $customer_id . "'\n AND o.orders_id = '" . $last_order . "'\n AND op.orders_id = '" . $last_order . "'\n AND opd.orders_products_id=op.orders_products_id\n AND opd.orders_products_filename<>''";
$downloads_query = smn_db_query($downloads_query_raw);
// Don't display if there is no downloadable product
if (smn_db_num_rows($downloads_query) > 0) {
?>
<tr>
<td><?php
echo smn_draw_separator('pixel_trans.gif', '100%', '10');
?>
</td>
</tr>
<tr>
<td class="main"><b><?php
echo HEADING_DOWNLOAD;
?>
</b></td>
</tr>
<tr>
<td><?php
function query($customer_id)
{
$qry1 = smn_db_query("SELECT * FROM " . TABLE_CUSTOMERS . " WHERE customers_id= '" . $customer_id . "'");
if (smn_db_num_rows($qry1) > 0) {
$this->customer_data = smn_db_fetch_array($qry1);
$this->address_id = $this->customers_data['customers_default_address_id'];
$qry2 = smn_db_query("SELECT * FROM " . TABLE_ADDRESS_BOOK . " WHERE address_book_id='" . $this->customers_data['customers_default_address_id'] . "'");
if (smn_db_num_rows($qry2) > 0) {
$this->address_data = smn_db_fetch_array($qry2);
} else {
$this->errno = 2;
}
} else {
$this->errno = 1;
}
}
Portions Copyright (c) 2002 osCommerce
This source file is subject to version 2.0 of the GPL license,
that is bundled with this package in the file LICENSE. If you
did not receive a copy of the oscMall System license and are unable
to obtain it through the world-wide-web, please send a note to
license@systemsmanager.net so we can mail you a copy immediately.
*/
?>
<!-- affiliate_news //-->
<?php
/*Changed the query to get the details of affiliate news, by Cimi*/
/*$affiliate_news_query = smn_db_query('SELECT * from ' . TABLE_AFFILIATE_NEWS . ' WHERE status = 1 ORDER BY date_added DESC LIMIT ' . MAX_DISPLAY_AFFILIATE_NEWS);*/
$affiliate_news_query = smn_db_query('SELECT * from ' . TABLE_AFFILIATE_NEWS . ' an,' . TABLE_AFFILIATE_NEWS_CONTENTS . ' anc WHERE news_status = 1 ORDER BY date_added DESC LIMIT ' . MAX_DISPLAY_AFFILIATE_NEWS);
if (!smn_db_num_rows($affiliate_news_query)) {
// there is no news
echo '<!-- ' . TEXT_NO_AFFILIATE_NEWS . ' -->';
} else {
$info_box_contents = array();
$row = 0;
while ($affiliate_news = smn_db_fetch_array($affiliate_news_query)) {
/*Changed the array contents to get values according to DB,by Cimi*/
/*$info_box_contents[$row] = array('align' => 'left',
'params' => 'class="smallText" valign="top"',
'text' => '<b>' . $affiliate_news['headline'] . '</b> - <i>' . smn_date_long($affiliate_news['date_added']) . '</i><br>' . nl2br($affiliate_news['content']) . '<br>');*/
$info_box_contents[$row] = array('align' => 'left', 'params' => 'class="smallText" valign="top"', 'text' => '<b>' . $affiliate_news['affiliate_news_headlines'] . '</b> - <i>' . smn_date_long($affiliate_news['date_added']) . '</i><br>' . nl2br($affiliate_news['affiliate_news_contents']) . '<br>');
$row++;
}
new contentBox($info_box_contents);
/*Commente the following code to as it creates incomplete box , By Cimi*/
that is bundled with this package in the file LICENSE. If you
did not receive a copy of the oscMall System license and are unable
to obtain it through the world-wide-web, please send a note to
license@systemsmanager.net so we can mail you a copy immediately.
*/
global $page_name;
// include the password crypto functions
require DIR_WS_FUNCTIONS . 'password_funcs.php';
if (isset($_GET['action']) && $_GET['action'] == 'process') {
$affiliate_username = smn_db_prepare_input($_POST['affiliate_username']);
$affiliate_password = smn_db_prepare_input($_POST['affiliate_password']);
// Check if username exists
/*Changed the query to take the sales agent details from customer table by Cimi*/
//$check_affiliate_query = smn_db_query("select affiliate_id, affiliate_firstname, affiliate_password, affiliate_email_address from " . TABLE_AFFILIATE . " where affiliate_email_address = '" . smn_db_input($affiliate_username) . "'");
$check_customer_query = smn_db_query("select a.affiliate_id,c.customers_id, c.customers_firstname, c.customers_password, c.customers_email_address, c.customers_default_address_id from " . TABLE_CUSTOMERS . " c," . TABLE_AFFILIATE . " a where c.customers_email_address = '" . smn_db_input($affiliate_username) . "' and c.customers_id=a.affiliate_customer_id");
if (!smn_db_num_rows($check_customer_query)) {
$_GET['login'] = '******';
} else {
$check_customer = smn_db_fetch_array($check_customer_query);
// Check that password is good
if (!smn_validate_password($affiliate_password, $check_customer['customers_password'])) {
$_GET['login'] = '******';
} else {
/*Changed the code to set the session of user and sales agent if the login is success by Cimi*/
/*$affiliate_id = $check_affiliate['affiliate_id'];
smn_session_register('affiliate_id');
$date_now = date('Ymd');
smn_db_query("update " . TABLE_AFFILIATE . " set affiliate_date_of_last_logon = now(), affiliate_number_of_logons = affiliate_number_of_logons + 1 where affiliate_id = '" . $affiliate_id . "'");*/
if (SESSION_RECREATE == 'True') {
that is bundled with this package in the file LICENSE. If you
did not receive a copy of the oscMall System license and are unable
to obtain it through the world-wide-web, please send a note to
license@systemsmanager.net so we can mail you a copy immediately.
*/
require 'includes/application_top.php';
if (isset($_GET['ID'])) {
$GLOBALS['store_id'] = '';
smn_redirect(smn_href_link(FILENAME_LOGIN, '', 'NONSSL'));
}
if (isset($_GET['action']) && $_GET['action'] == 'process') {
$email_address = smn_db_prepare_input($_POST['email_address']);
$password = smn_db_prepare_input($_POST['password']);
// Check if email exists
$check_admin_query = smn_db_query("select store_id, admin_id as login_id, admin_groups_id as login_groups_id, admin_firstname as login_firstname, admin_email_address as login_email_address, admin_password as login_password, admin_modified as login_modified, admin_logdate as login_logdate, admin_lognum as login_lognum from " . TABLE_ADMIN . " where admin_email_address = '" . smn_db_input($email_address) . "'");
if (!smn_db_num_rows($check_admin_query)) {
$login = '******';
} else {
$check_admin = smn_db_fetch_array($check_admin_query);
// Check that password is good
if (!smn_validate_password($password, $check_admin['login_password'])) {
$login = '******';
} else {
if (smn_session_is_registered('password_forgotten')) {
smn_session_unregister('password_forgotten');
}
$login_id = $check_admin['login_id'];
$store_id = $check_admin['store_id'];
$login_groups_id = $check_admin['login_groups_id'];
$login_firstname = $check_admin['login_firstname'];
$login_email_address = $check_admin['login_email_address'];
success: false,
errors: {
message: "' . addslashes(str_replace("\n", '', nl2br($messageStack->outputPlain('account_edit')))) . '"
}
}';
}
exit;
}
$account_query = smn_db_query("select c.*, ab.* from " . TABLE_CUSTOMERS . " c, " . TABLE_ADDRESS_BOOK . " ab where ab.customers_id = '" . (int) $customer_id . "' and c.customers_id = '" . (int) $customer_id . "' and ab.address_book_id = c.customers_default_address_id");
$account = smn_db_fetch_array($account_query);
$breadcrumb->add(NAVBAR_TITLE_1, smn_href_link(FILENAME_ACCOUNT, 'ID=' . $store_id, 'NONSSL'));
$breadcrumb->add(NAVBAR_TITLE_2, smn_href_link(FILENAME_ACCOUNT_EDIT, 'ID=' . $store_id, 'NONSSL'));
$store_categories = $spath_setup->smn_get_store_category_tree('0', '', '0');
$countries = smn_get_countries();
$Qzone = smn_db_query('select zone_name from ' . TABLE_ZONES . ' where (zone_code = "' . strtoupper($customerInfo->address_data['entry_state']) . '" || zone_name = "' . $customerInfo->address_data['entry_state'] . '")');
if (smn_db_num_rows($Qzone)) {
$zone = smn_db_fetch_array($Qzone);
$customerInfo->address_data['entry_state'] = $zone['zone_name'];
}
/* Common Elements For Tabs - BEGIN */
$commonCancelButton = $jQuery->getPluginClass('button', array('id' => 'cancel_button', 'text' => 'Cancel'));
$commonDeleteButton = $jQuery->getPluginClass('button', array('id' => 'delete_button', 'text' => 'Delete'));
$commonSaveButton = $jQuery->getPluginClass('button', array('id' => 'save_button', 'type' => 'submit', 'text' => 'Save'));
/* Common Elements For Tabs - END */
/* Setup Tabs - BEGIN */
$jQuery->setGlobalVars(array('languages', 'languages_id', 'store_id', 'commonSaveButton', 'commonDeleteButton', 'commonCancelButton', 'account', 'customerInfo', 'customer_store_id', 'affiliate_id', 'customersStore', 'store_categories', 'countries'));
$tabsArray = array();
$tabsArray[] = array('tabID' => 'tab-contact', 'filename' => 'tab_contact.php', 'text' => ACCOUNT_TAB_CONTACT);
$tabsArray[] = array('tabID' => 'tab-personal', 'filename' => 'tab_personal.php', 'text' => ACCOUNT_TAB_PERSONAL);
if (smn_session_is_registered('customer_store_id')) {
$tabsArray[] = array('tabID' => 'tab-settings', 'filename' => 'tab_settings.php', 'text' => ACCOUNT_TAB_SETTINGS);
$error = true;
} else {
if (SESSION_RECREATE == 'True') {
smn_session_recreate();
}
$check_country_query = smn_db_query("select entry_country_id, entry_zone_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int) $check_customer['customers_id'] . "' and address_book_id = '" . (int) $check_customer['customers_default_address_id'] . "'");
$check_country = smn_db_fetch_array($check_country_query);
$check_customer_store_query = smn_db_query("select store_id from " . TABLE_ADMIN . " where customer_id = '" . smn_db_input($check_customer['customers_id']) . "'");
if (smn_db_num_rows($check_customer_store_query)) {
$check_customer_store = smn_db_fetch_array($check_customer_store_query);
$customer_store_id = $check_customer_store['store_id'];
smn_session_register('customer_store_id');
}
/*Code to register session for affiliate by Cimi*/
$check_sales_agent_query = smn_db_query("select a.affiliate_id from " . TABLE_CUSTOMERS . " c, " . TABLE_AFFILIATE . " a where c.customers_id = '" . smn_db_input($check_customer['customers_id']) . "' and a.affiliate_customer_id = c.customers_id");
if (smn_db_num_rows($check_sales_agent_query)) {
$check_sales_agent = smn_db_fetch_array($check_sales_agent_query);
$affiliate_id = $check_sales_agent['affiliate_id'];
smn_session_register('affiliate_id');
$affiliate_email = $check_customer['customers_email_address'];
$affiliate_name = $check_customer['customer_first_name'];
smn_session_register('affiliate_email');
smn_session_register('affiliate_name');
}
/*End of code*/
$customer_id = $check_customer['customers_id'];
$customer_default_address_id = $check_customer['customers_default_address_id'];
$customer_first_name = $check_customer['customers_firstname'];
$customer_country_id = $check_country['entry_country_id'];
$customer_zone_id = $check_country['entry_zone_id'];
smn_session_register('customer_id');
