function defs() { $this->link_params = array(); //$this->request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL'; $this->request_type = getenv('SERVER_PORT') == '443' ? 'SSL' : 'NONSSL'; if ($this->request_type == 'NONSSL') { define('DIR_WS_CATALOG', DIR_WS_HTTP_CATALOG); $this->server = HTTP_SERVER; $this->cookie_domain = HTTP_COOKIE_DOMAIN; $this->cookie_path = HTTP_COOKIE_PATH; } else { define('DIR_WS_CATALOG', DIR_WS_HTTPS_CATALOG); $this->server = HTTPS_SERVER; $this->cookie_domain = HTTPS_COOKIE_DOMAIN; $this->cookie_path = HTTPS_COOKIE_PATH; } $this->relpath = $this->server . DIR_WS_CATALOG; $this->ajax = isset($_SERVER['HTTP_X_REQUESTED_WITH']) ? true : false; $this->script = tep_sanitize_string(basename($_SERVER['SCRIPT_NAME'])); $this->action = isset($_GET['action']) ? tep_sanitize_string($_GET['action']) : ''; $this->media = array(); $this->seo = false; $this->abstract_id = $this->gtext_id = $this->page_id = 0; $this->external_path = ''; $this->external = false; $this->gtext_id = $this->abstract_id = ''; }
function actionRecorderAdmin($module, $user_id = null, $user_name = null) { global $language, $PHP_SELF; $module = tep_sanitize_string(str_replace(' ', '', $module)); if (defined('MODULE_ACTION_RECORDER_INSTALLED') && tep_not_null(MODULE_ACTION_RECORDER_INSTALLED)) { if (tep_not_null($module) && in_array($module . '.' . substr($PHP_SELF, strrpos($PHP_SELF, '.') + 1), explode(';', MODULE_ACTION_RECORDER_INSTALLED))) { if (!class_exists($module)) { if (file_exists(DIR_FS_CATALOG . 'includes/modules/action_recorder/' . $module . '.' . substr($PHP_SELF, strrpos($PHP_SELF, '.') + 1))) { include DIR_FS_CATALOG . 'includes/languages/' . $language . '/modules/action_recorder/' . $module . '.' . substr($PHP_SELF, strrpos($PHP_SELF, '.') + 1); include DIR_FS_CATALOG . 'includes/modules/action_recorder/' . $module . '.' . substr($PHP_SELF, strrpos($PHP_SELF, '.') + 1); } else { return false; } } } else { return false; } } else { return false; } $this->_module = $module; if (!empty($user_id) && is_numeric($user_id)) { $this->_user_id = $user_id; } if (!empty($user_name)) { $this->_user_name = $user_name; } $GLOBALS[$this->_module] = new $module(); $GLOBALS[$this->_module]->setIdentifier(); }
function objectInfo($object_array, $strip = true) { foreach ($object_array as $key => $value) { if ($strip) { $this->{$key} = tep_sanitize_string($value); } else { $this->{$key} = $value; } } }
function before_process() { if (SHOP_ID == 14 || SHOP_ID == 16) { global $HTTP_POST_VARS, $order; $order->info['code'] = tep_sanitize_string($HTTP_POST_VARS['purchase_order']); $this->email_footer = MODULE_PAYMENT_BANK_CORPORATE_PURCHASE_ORDER . ' ' . $order->info['code']; return $process_button_string; } return false; }
function defs() { // $this->request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL'; $this->request_type = getenv('SERVER_PORT') == '443' ? 'SSL' : 'NONSSL'; $this->ajax = isset($_SERVER['HTTP_X_REQUESTED_WITH']) ? true : false; $this->server = HTTP_SERVER; $this->relpath = $this->server . DIR_WS_ADMIN; $this->cookie_domain = HTTP_COOKIE_DOMAIN; $this->cookie_path = HTTP_COOKIE_PATH; $this->cserver = HTTP_CATALOG_SERVER; $this->crelpath = $this->cserver . DIR_WS_CATALOG; $this->script = tep_sanitize_string(basename($_SERVER['SCRIPT_NAME'])); $this->action = isset($_GET['action']) ? tep_sanitize_string($_GET['action']) : ''; $this->media = array(); $this->link_params = array(); }
function actionRecorder($module) { global $customer_id, $language; $module = tep_sanitize_string(str_replace(' ', '', $module)); if (!class_exists($module)) { if (file_exists(DIR_WS_MODULES . 'action_recorder/' . $module . '.php')) { if (file_exists(DIR_WS_LANGUAGES . $language . '/modules/action_recorder/' . $module . '.php')) { include DIR_WS_LANGUAGES . $language . '/modules/action_recorder/' . $module . '.php'; } include DIR_WS_MODULES . 'action_recorder/' . $module . '.php'; } else { return false; } } $this->_module = $module; $GLOBALS[$this->_module] = new $module(); $GLOBALS[$this->_module]->setIdentifier(); if (tep_session_is_registered('customer_id')) { $this->_customer_id = $customer_id; } }
function invoke() { extract(tep_load('defs')); $result = false; $args = func_get_args(); if (!count($args)) { return $result; } $method = array_shift($args); if ($cDefs->ajax && substr($method, 0, strlen($this->ajax_prefix)) != $this->ajax_prefix) { //return $result; } for ($i = 0, $j = count($this->plugins_array); $i < $j; $i++) { $executive = $this->prefix . $this->plugins_array[$i]['plugins_key']; if (!isset($this->objects_array[$i])) { if ($this->plugins_array[$i]['display_box'] && $method != 'init_sessions') { continue; } if ($this->plugins_array[$i]['display_box'] && $method == 'init_sessions') { extract(tep_load('sessions')); $box_method =& $cSessions->register('selected_box', 'config_box'); if (isset($_GET['selected_box']) && !empty($_GET['selected_box'])) { $box_method = tep_sanitize_string($_GET['selected_box']); } if (!method_exists($executive, $box_method)) { $this->plugins_array[$i]['status'] = false; } } if ($this->plugins_array[$i]['status']) { $this->objects_array[$i] = new $executive(); } else { tep_log('Invalid Plugin ' . $executive); continue; } } $plugin = $this->objects_array[$i]; if (method_exists($plugin, $method)) { $pass_args = array(); foreach ($args as $value) { $pass_args[] = $value; } $tmp_result = call_user_func_array(array(&$plugin, $method), $pass_args); if ($tmp_result) { $result = true; } } } return $result; }
// Script is intended to be used with: // osCommerce, Open Source E-Commerce Solutions // http://www.oscommerce.com // Copyright (c) 2003 osCommerce ------------------------------------------------------------------------------ // Released under the GNU General Public License //---------------------------------------------------------------------------- // */ $action = isset($_GET['action']) ? tep_sanitize_string($g_db->prepare_input($_GET['action'])) : ''; $img_alt = isset($_POST['img_alt']) ? tep_sanitize_string($g_db->prepare_input($_POST['img_alt'])) : ''; $img_desc = isset($_POST['img_desc']) ? tep_sanitize_string($g_db->prepare_input($_POST['img_desc'])) : ''; $img_popup = isset($_POST['img_popup']) ? tep_sanitize_string($g_db->prepare_input($_POST['img_popup'])) : ''; $img_group_name = isset($_POST['img_group_name']) ? tep_sanitize_string($g_db->prepare_input($_POST['img_group_name'])) : ''; $img_thumb = isset($_POST['img_thumb']) ? true : false; $org_image = $image = isset($_POST['image']) ? tep_sanitize_string($g_db->prepare_input($_POST['image'])) : ''; $resize_image = ''; $fs_dir = tep_front_physical_path(DIR_WS_CATALOG_IMAGES); $length = strlen(DIR_WS_CATALOG); $rel_path = substr(DIR_WS_CATALOG_IMAGES, $length); $image = substr($image, strlen($rel_path)); $tmp_array = explode('.', $image); if (!is_array($tmp_array) || count($tmp_array) != 2 || strlen($tmp_array[0]) < 1 || !file_exists($fs_dir . $image)) { $action = 'error'; } switch ($action) { case 'error': break; default: $resize_flag = false; $width = isset($_POST['width']) ? (int) $_POST['width'] : '';
} if (isset($_GET['manufacturers_id']) && tep_not_null($_GET['manufacturers_id'])) { $where_str .= " and m.manufacturers_id = '" . (int) $_GET['manufacturers_id'] . "'"; } if (isset($search_keywords) && sizeof($search_keywords) > 0) { $where_str .= " and ("; for ($i = 0, $n = sizeof($search_keywords); $i < $n; $i++) { switch ($search_keywords[$i]) { case '(': case ')': case 'and': case 'or': $where_str .= " " . $search_keywords[$i] . " "; break; default: $keyword = tep_sanitize_string($search_keywords[$i]); $where_str .= "(pd.products_name like '%" . addslashes($keyword) . "%' or p.products_model like '%" . addslashes($keyword) . "%' or m.manufacturers_name like '%" . addslashes($keyword) . "%'"; if (isset($_GET['search_in_description']) && $_GET['search_in_description'] == '1') { $where_str .= " or pd.products_description like '%" . addslashes($keyword) . "%'"; } $where_str .= ')'; break; } } $where_str .= " )"; } if (tep_not_null($datefrom)) { $where_str .= " and p.products_date_added >= '" . date('Ymd', $datefrom) . "'"; } if (tep_not_null($dateto)) { $where_str .= " and p.products_date_added <= '" . date('Ymd', $dateto) . "'";
// http://www.asymmetrics.com //---------------------------------------------------------------------------- // Admin: Ajax Image Browsing and Selection module //---------------------------------------------------------------------------- // I-Metrics CMS //---------------------------------------------------------------------------- // Script is intended to be used with: // osCommerce, Open Source E-Commerce Solutions // http://www.oscommerce.com // Copyright (c) 2003 osCommerce ------------------------------------------------------------------------------ // Released under the GNU General Public License //---------------------------------------------------------------------------- // */ $sub_folder = isset($_POST['sub_path']) ? tep_sanitize_string($g_db->prepare_input($_POST['sub_path'])) : ''; if (substr($sub_folder, 0, 1) == '.') { $sub_folder = ''; } if (!empty($sub_folder)) { $sub_folder .= '/'; } $fs_images_path = tep_front_physical_path(DIR_WS_CATALOG_IMAGES); $switch_folder = $fs_images_path . $sub_folder; $current_dir = getcwd(); $dir = dir($switch_folder); chdir($switch_folder); $files_array = array(); $subdirs_array = array(); if (!empty($sub_folder)) { $subdirs_array[] = '';
function osC_Checkout_Confirmation() { global $osC_Session, $osC_Services, $messageStack, $breadcrumb, $order, $cart, $payment_modules, $shipping_modules, $order_total_modules, $any_out_of_stock; if ($cart->count_contents() < 1) { tep_redirect(tep_href_link(FILENAME_CHECKOUT, '', 'SSL')); } // avoid hack attempts during the checkout procedure by checking the internal cartID if (isset($cart->cartID) && $osC_Session->exists('cartID')) { if ($cart->cartID != $osC_Session->value('cartID')) { tep_redirect(tep_href_link(FILENAME_CHECKOUT, 'shipping', 'SSL')); } } // if no shipping method has been selected, redirect the customer to the shipping method selection page if ($osC_Session->exists('shipping') == false) { tep_redirect(tep_href_link(FILENAME_CHECKOUT, 'shipping', 'SSL')); } if ($osC_Services->isStarted('breadcrumb')) { $breadcrumb->add(NAVBAR_TITLE_CHECKOUT_CONFIRMATION, tep_href_link(FILENAME_CHECKOUT, $this->_module, 'SSL')); } if (isset($_POST['payment'])) { $osC_Session->set('payment', $_POST['payment']); } $payment =& $osC_Session->value('payment'); if (isset($_POST['comments']) && $osC_Session->exists('comments') && empty($_POST['comments'])) { $osC_Session->remove('comments'); } else { if (tep_not_null($_POST['comments'])) { $osC_Session->set('comments', tep_sanitize_string($_POST['comments'])); } } if (DISPLAY_CONDITIONS_ON_CHECKOUT == 'true') { if (!isset($_POST['conditions']) || $_POST['conditions'] != '1') { $messageStack->add_session('checkout_payment', ERROR_CONDITIONS_NOT_ACCEPTED, 'error'); } } // load the selected payment module require DIR_WS_CLASSES . 'payment.php'; $payment_modules = new payment($osC_Session->value('payment')); $order = new order(); $payment_modules->update_status(); if (is_array($payment_modules->modules) && sizeof($payment_modules->modules) > 1 && !isset($GLOBALS[$payment]) || isset($GLOBALS[$payment]) && is_object($GLOBALS[$payment]) && $GLOBALS[$payment]->enabled == false) { $messageStack->add_session('checkout_payment', ERROR_NO_PAYMENT_MODULE_SELECTED, 'error'); } if ($messageStack->size('checkout_payment') > 0) { tep_redirect(tep_href_link(FILENAME_CHECKOUT, 'payment', 'SSL')); } if (is_array($payment_modules->modules)) { $payment_modules->pre_confirmation_check(); } // load the selected shipping module require DIR_WS_CLASSES . 'shipping.php'; $shipping_modules = new shipping($osC_Session->value('shipping')); require DIR_WS_CLASSES . 'order_total.php'; $order_total_modules = new order_total(); // Stock Check $any_out_of_stock = false; if (STOCK_CHECK == 'true') { for ($i = 0, $n = sizeof($order->products); $i < $n; $i++) { if (tep_check_stock($order->products[$i]['id'], $order->products[$i]['qty'])) { $any_out_of_stock = true; } } // Out of Stock if (STOCK_ALLOW_CHECKOUT != 'true' && $any_out_of_stock == true) { tep_redirect(tep_href_link(FILENAME_CHECKOUT)); } } }
function _process() { global $osC_Session, $free_shipping, $shipping_modules; if (tep_not_null($_POST['comments'])) { $osC_Session->set('comments', tep_sanitize_string($_POST['comments'])); } if (tep_count_shipping_modules() > 0 || $free_shipping == true) { if (isset($_POST['shipping']) && strpos($_POST['shipping'], '_')) { $osC_Session->set('shipping', $_POST['shipping']); list($module, $method) = explode('_', $osC_Session->value('shipping')); if (is_object($GLOBALS[$module]) || $osC_Session->value('shipping') == 'free_free') { if ($osC_Session->value('shipping') == 'free_free') { $quote[0]['methods'][0]['title'] = FREE_SHIPPING_TITLE; $quote[0]['methods'][0]['cost'] = '0'; } else { $quote = $shipping_modules->quote($method, $module); } if (isset($quote['error'])) { $osC_Session->remove('shipping'); } else { if (isset($quote[0]['methods'][0]['title']) && isset($quote[0]['methods'][0]['cost'])) { $shipping = array('id' => $osC_Session->value('shipping'), 'title' => $free_shipping == true ? $quote[0]['methods'][0]['title'] : $quote[0]['module'] . ' (' . $quote[0]['methods'][0]['title'] . ')', 'cost' => $quote[0]['methods'][0]['cost']); $osC_Session->set('shipping', $shipping); tep_redirect(tep_href_link(FILENAME_CHECKOUT, 'payment', 'SSL')); } } } else { $osC_Session->remove('shipping'); } } } else { $osC_Session->set('shipping', false); tep_redirect(tep_href_link(FILENAME_CHECKOUT, 'payment', 'SSL')); } }
echo ' <div class="li"><div class="level_1"><a href="' . tep_href_link(FILENAME_CATEGORIES, 'tPath=' . $products_types['products_types_id'] . '&view=all') . '" class="active">' . TEXT_ALL_CATEGORY_PRODUCTS . '</a></div></div>' . "\n"; } elseif ($products_types['products_types_default_status'] == '1') { $specials_types_query = tep_db_query("select specials_types_id, specials_types_path, specials_types_name from " . TABLE_SPECIALS_TYPES . " where specials_types_id in ('" . implode("', '", $active_specials_types_array) . "') and language_id = '" . (int) DEFAULT_LANGUAGE_ID . "' order by sort_order, specials_types_name limit 4"); while ($specials_types = tep_db_fetch_array($specials_types_query)) { echo ' <div class="li_special"><div class="level_1"><a href="' . tep_href_link(FILENAME_CATEGORIES, 'tPath=' . $products_types['products_types_id'] . '&view=' . $specials_types['specials_types_path']) . '"' . ($HTTP_GET_VARS['view'] == $specials_types['specials_types_path'] && $products_types['products_types_id'] == $show_product_type && $current_category_id == 0 ? ' class="active"' : '') . '>' . $specials_types['specials_types_name'] . '</a></div></div>' . "\n"; } echo ' <div class="li_special"><div class="level_1"><a href="' . tep_href_link(FILENAME_CATEGORIES, 'tPath=' . $products_types['products_types_id'] . '&view=with_fragments') . '"' . ($HTTP_GET_VARS['view'] == 'with_fragments' && $products_types['products_types_id'] == $show_product_type && $current_category_id == 0 ? ' class="active"' : '') . '>' . LEFT_COLUMN_TITLE_FRAGMENTS . '</a></div></div>' . "\n"; } echo $categories_string; } } tep_exit(); break; case 'load_carousel': list($type, $type_id) = explode('_', urldecode($HTTP_GET_VARS['carousel_type'])); $type = tep_sanitize_string($type) . '_types'; $type_id = (int) $type_id; if (in_array($type, array(TABLE_SPECIALS_TYPES, TABLE_PRODUCTS_TYPES))) { $carousel_products = array(); $carousel_id = 'carousel_' . $type . '_' . $type_id; if ($type == TABLE_SPECIALS_TYPES) { $products_query = tep_db_query("select products_id from " . TABLE_SPECIALS . " where specials_types_id = '" . (int) $type_id . "' and specials_first_page = '1' and status = '1' and specials_date_added >= '" . date('Y-m-d', time() - 60 * 60 * 24 * 7) . " 00:00:00' order by rand() limit 13"); if (tep_db_num_rows($products_query) == 0) { $products_query = tep_db_query("select products_id from " . TABLE_SPECIALS . " where specials_types_id = '" . (int) $type_id . "' and specials_first_page = '1' and status = '1' order by rand() limit 13"); } } else { $products_query = tep_db_query("select products_id from " . TABLE_PRODUCTS . " where products_types_id = '" . (int) $type_id . "' and products_status = '1' and products_listing_status = '1' and products_image_exists = '1'" . ((int) $type_id > 2 ? " and products_quantity > '0'" : "") . " order by rand() limit 13"); if ($type_id > 2 && tep_db_num_rows($products_query) == 0) { $products_query = tep_db_query("select products_id from " . TABLE_PRODUCTS . " where products_types_id = '" . (int) $type_id . "' and products_status = '1' and products_listing_status = '1' and products_image_exists = '1' order by rand() limit 13"); } }
$g_cookie_path =& $cDefs->cookie_path; $g_seo_flag =& $cDefs->seo; $current_abstract_id =& $cDefs->abstract_id; $current_gtext_id =& $cDefs->gtext_id; $current_page_id =& $cDefs->page_id; $check_host = $cDefs->request_type == 'SSL' ? 'https://' : 'http://'; $check_host .= $_SERVER['HTTP_HOST']; if ($check_host != $g_server) { tep_redirect(); } $check_host = substr($_SERVER['REQUEST_URI'], 0, strlen(DIR_WS_CATALOG)); if ($check_host != DIR_WS_CATALOG) { tep_redirect(); } unset($check_host); $g_script = tep_sanitize_string(basename($_SERVER['SCRIPT_NAME'])); if (!is_string($g_script) || $g_script != basename($_SERVER['SCRIPT_NAME']) || !file_exists($g_script)) { tep_redirect(); } if ($g_script == FILENAME_JS_MODULES && !$cDefs->ajax) { tep_redirect(); } $tmp_array = tep_load('database'); $g_db = $tmp_array['db']; $g_db->connect(); $tmp_array = tep_load('languages'); $g_lng = $tmp_array['lng']; $g_lng->initialize(); $g_lng->load_early(); // set the application parameters $configuration_query = $g_db->query('select configuration_key as cfgKey, configuration_value as cfgValue from ' . TABLE_CONFIGURATION);
$Qproduct->execute(); if ($Qproduct->numberOfRows()) { $valid_product = true; } } if ($valid_product == false) { tep_redirect(tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $_GET['products_id'])); } require DIR_WS_LANGUAGES . $osC_Session->value('language') . '/' . FILENAME_TELL_A_FRIEND; if (isset($_GET['action']) && $_GET['action'] == 'process') { $error = false; $to_email_address = tep_sanitize_string($_POST['to_email_address']); $to_name = tep_sanitize_string($_POST['to_name']); $from_email_address = tep_sanitize_string($_POST['from_email_address']); $from_name = tep_sanitize_string($_POST['from_name']); $message = tep_sanitize_string($_POST['message']); if (empty($from_name)) { $error = true; $messageStack->add('friend', ERROR_FROM_NAME); } if (!tep_validate_email($from_email_address)) { $error = true; $messageStack->add('friend', ERROR_FROM_ADDRESS); } if (empty($to_name)) { $error = true; $messageStack->add('friend', ERROR_TO_NAME); } if (!tep_validate_email($to_email_address)) { $error = true; $messageStack->add('friend', ERROR_TO_ADDRESS);
function sanitize_string($string, $sep = '_') { if (function_exists('tep_sanitize_string')) { return tep_sanitize_string($string, $sep); } else { $patterns = array('/ +/', '/[<>]/'); $replace = array(' ', $sep); return preg_replace($patterns, $replace, trim($string)); } }
function tep_db_prepare_input($string, $allowtag = false) { if (is_string($string)) { $string = decodeUTF8Char($string); $result = stripslashes($string); if (!$allowtag) { $result = tep_sanitize_string($result); } $result = trim($result); return $result; //return tep_db_input($result); } elseif (is_array($string)) { reset($string); while (list($key, $value) = each($string)) { $string[$key] = tep_db_prepare_input($value, $allowtag); } return $string; } else { return $string; } }
$Id: contact_us.php,v 1.46 2005/03/07 10:04:35 hpdl Exp $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2005 osCommerce Released under the GNU General Public License */ require 'includes/application_top.php'; require DIR_WS_LANGUAGES . $osC_Session->value('language') . '/' . FILENAME_CONTACT_US; $error = false; if (isset($_GET['action']) && $_GET['action'] == 'send') { $name = tep_sanitize_string($_POST['name']); $email_address = tep_sanitize_string($_POST['email']); $enquiry = tep_sanitize_string($_POST['enquiry']); if (tep_validate_email($email_address)) { tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_SUBJECT, $enquiry, $name, $email_address); tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success')); } else { $error = true; $messageStack->add('contact', ENTRY_EMAIL_ADDRESS_CHECK_ERROR); } } $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_CONTACT_US)); ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?> >
if (!check) check = 1; if (!disable) disable = 0; f = document.download_pricelist; str = ""; for (i=0; i<f.elements.length; i++) { if (f.elements[i].type=="checkbox" && f.elements[i].name.indexOf(n)>=0) { f.elements[i].checked = (check=='1' ? true : false); f.elements[i].disabled = (disable=='1' ? true : false); } } } //--></script> <?php echo tep_draw_form('download_pricelist', tep_href_link(FILENAME_PRICELIST), 'get', 'class="form-div" onclick="setResultURI();" onkeyup="setResultURI();"') . tep_draw_hidden_field('action', 'download_pricelist'); $product_type_info_query = tep_db_query("select products_types_id, products_types_path, products_types_default_status from " . TABLE_PRODUCTS_TYPES . " where products_types_id in ('" . implode("', '", $active_products_types_array) . "') and " . (tep_not_null($HTTP_GET_VARS['type']) ? "products_types_path = '" . tep_db_input(tep_sanitize_string($HTTP_GET_VARS['type'])) . "'" : "products_types_default_status = '1'") . ""); $product_type_info = tep_db_fetch_array($product_type_info_query); $products_types_id = $product_type_info['products_types_id']; $products_types_path = $product_type_info['products_types_default_status'] == '1' ? '' : $product_type_info['products_types_path']; if ($products_types_id > 1) { unset($fields_array['authors_name']); unset($fields_array['products_year']); unset($fields_array['products_pages_count']); unset($fields_array['products_copies']); unset($fields_array['products_covers_name']); unset($fields_array['products_formats_name']); } $products_types_pathes = array(); $product_types_query = tep_db_query("select products_types_path, products_types_name, products_types_default_status from " . TABLE_PRODUCTS_TYPES . " where products_types_id in ('" . implode("', '", $active_products_types_array) . "') and language_id = '" . (int) DEFAULT_LANGUAGE_ID . "' order by sort_order, products_types_name"); while ($product_types = tep_db_fetch_array($product_types_query)) { $products_types_pathes[] = array('id' => $product_types['products_types_default_status'] == 1 ? '' : $product_types['products_types_path'], 'text' => $product_types['products_types_name']);
function tep_db_prepare_input($string) { if (is_string($string)) { return trim(tep_sanitize_string(stripslashes($string))); } elseif (is_array($string)) { reset($string); while (list($key, $value) = each($string)) { $string[$key] = tep_db_prepare_input($value); } return $string; } else { return $string; } }
define($translation['pages_translation_key'], $translation['pages_translation_value']); } if (is_object($navigation)) { if (sizeof($navigation->snapshot) > 0) { $origin_href = ($navigation->snapshot['mode'] == 'SSL' ? HTTPS_SERVER : HTTP_SERVER) . $navigation->snapshot['page'] . (tep_not_null(tep_array_to_string($navigation->snapshot['get'])) ? '?' . tep_array_to_string($navigation->snapshot['get']) : ''); $navigation->clear_snapshot(); } else { $origin_href = tep_href_link(FILENAME_DEFAULT); } } $create_account_page_query = tep_db_query("select pages_name from " . TABLE_PAGES . " where pages_filename = '" . tep_db_input(FILENAME_CREATE_ACCOUNT) . "' and language_id = '" . (int) $languages_id . "'"); $create_account_page = tep_db_fetch_array($create_account_page_query); $breadcrumb->add($create_account_page['pages_name'], tep_href_link(FILENAME_CREATE_ACCOUNT, '', 'SSL')); $breadcrumb->add($page['pages_name'], tep_href_link(FILENAME_CREATE_ACCOUNT_SUCCESS, '', 'SSL')); if (isset($HTTP_GET_VARS['email']) && isset($HTTP_GET_VARS['key'])) { $email_address = tep_sanitize_string(urldecode($HTTP_GET_VARS['email'])); $customer_check_query = tep_db_query("select * from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "'"); if (tep_db_num_rows($customer_check_query) > 0) { $customer_check = tep_db_fetch_array($customer_check_query); if ($customer_check['customers_email_address_confirmed'] == '1') { $messageStack->add('header', ENTRY_REGISTRATION_ALREADY_VERIFIED, 'success'); } else { list($check_password_sum) = explode(':', $customer_check['customers_password']); if ($check_password_sum == trim($HTTP_GET_VARS['key'])) { $customer_id = $customer_check['customers_id']; if (ACCOUNT_MIDDLE_NAME == 'true') { list($customer_first_name, $customer_middle_name) = explode(' ', $customer_check['customers_firstname']); } else { $customer_first_name = $customer_check['customers_firstname']; $customer_middle_name = ''; }
/* $Id: account.php,v 1.64 2005/03/29 23:25:37 hpdl Exp $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2005 osCommerce Released under the GNU General Public License */ require 'includes/application_top.php'; if ($osC_Customer->isLoggedOn() == false) { $navigation->set_snapshot(); tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL')); } require DIR_WS_LANGUAGES . $osC_Session->value('language') . '/' . FILENAME_ACCOUNT; if ($osC_Services->isStarted('breadcrumb')) { $breadcrumb->add(NAVBAR_TITLE_MY_ACCOUNT, tep_href_link(FILENAME_ACCOUNT, '', 'SSL')); } $page_contents = 'account.php'; if (empty($_GET) === false) { $_account_module = tep_sanitize_string(basename(key(array_slice($_GET, 0, 1)))); if (file_exists('includes/modules/account/' . $_account_module . '.php')) { include 'includes/modules/account/' . $_account_module . '.php'; $_account_module_name = 'osC_Account_' . ucfirst($_account_module); $osC_Account_Module = new $_account_module_name(); $page_contents = $osC_Account_Module->getPageContentsFile(); } } require 'templates/default.php'; require 'includes/application_bottom.php';
osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2005 osCommerce Released under the GNU General Public License */ require 'includes/application_top.php'; require 'includes/classes/order.php'; require DIR_WS_LANGUAGES . $osC_Session->value('language') . '/' . FILENAME_CHECKOUT; if ($osC_Services->isStarted('breadcrumb')) { $breadcrumb->add(NAVBAR_TITLE_CHECKOUT, tep_href_link(FILENAME_CHECKOUT, '', 'SSL')); } if (empty($_GET) === false) { $_checkout_module = tep_sanitize_string(basename(key(array_slice($_GET, 0, 1)))); if (file_exists('includes/modules/checkout/' . $_checkout_module . '.php')) { if ($osC_Customer->isLoggedOn() == false) { $navigation->set_snapshot(); tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL')); } include 'includes/modules/checkout/' . $_checkout_module . '.php'; $_checkout_module_name = 'osC_Checkout_' . ucfirst($_checkout_module); $osC_Checkout_Module = new $_checkout_module_name(); $page_contents = $osC_Checkout_Module->getPageContentsFile(); } } if (isset($page_contents) === false) { if ($osC_Services->isStarted('breadcrumb')) { $breadcrumb->add(NAVBAR_TITLE_CHECKOUT_SHOPPING_CART, tep_href_link(FILENAME_CHECKOUT, '', 'SSL')); }