$value_image_name = $_POST['value_id'] . '_0.' . $nsuffix; rename(DIR_FS_CATALOG_IMAGES . 'product_options/' . $image->filename, DIR_FS_CATALOG_IMAGES . 'product_options/' . $value_image_name); $data = array(); $data['products_options_values_id'] = vam_db_prepare_input($_POST['value_id']); $data['image_nr'] = '0'; $data['image_name'] = vam_db_prepare_input($value_image_name); // image already exists ? $_imgQuery = vam_db_query("SELECT count(*) as count FROM " . TABLE_PRODUCTS_OPTIONS_IMAGES . " WHERE image_nr='0' and products_options_values_id='" . $data['products_options_values_id'] . "'"); $_imgQuery = vam_db_fetch_array($_imgQuery); if ($_imgQuery['count'] > 0) { } else { vam_db_perform(TABLE_PRODUCTS_OPTIONS_IMAGES, $data); } } for ($img = 0; $img < MO_PICS; $img++) { if ($pIMG =& vam_try_upload('mo_pics_' . $img, DIR_FS_CATALOG_IMAGES . 'product_options/', '777', '')) { $pname_arr = explode('.', $pIMG->filename); $nsuffix = array_pop($pname_arr); $value_image_name = $_POST['value_id'] . '_' . ($img + 1) . '.' . $nsuffix; rename(DIR_FS_CATALOG_IMAGES . 'product_options/' . $pIMG->filename, DIR_FS_CATALOG_IMAGES . 'product_options/' . $value_image_name); //get data & write to table $mo_img = array('products_options_values_id' => vam_db_prepare_input($_POST['value_id']), 'image_nr' => vam_db_prepare_input($img + 1), 'image_name' => vam_db_prepare_input($value_image_name)); // if ($action == 'insert') { $_imgQuery = vam_db_query("SELECT count(*) as count FROM " . TABLE_PRODUCTS_OPTIONS_IMAGES . " WHERE image_nr='" . ($img + 1) . "' and products_options_values_id='" . vam_db_prepare_input($_POST['value_id']) . "'"); $_imgQuery = vam_db_fetch_array($_imgQuery); if ($_imgQuery['count'] > 0) { } else { vam_db_perform(TABLE_PRODUCTS_OPTIONS_IMAGES, $mo_img); } } }
$language_id = $languages[$i]['id']; $sql_data_array = array('shipping_status_name' => vam_db_prepare_input($shipping_status_name_array[$language_id])); if ($_GET['action'] == 'insert') { if (!vam_not_null($shipping_status_id)) { $next_id_query = vam_db_query("select max(shipping_status_id) as shipping_status_id from " . TABLE_SHIPPING_STATUS . ""); $next_id = vam_db_fetch_array($next_id_query); $shipping_status_id = $next_id['shipping_status_id'] + 1; } $insert_sql_data = array('shipping_status_id' => $shipping_status_id, 'language_id' => $language_id); $sql_data_array = vam_array_merge($sql_data_array, $insert_sql_data); vam_db_perform(TABLE_SHIPPING_STATUS, $sql_data_array); } elseif ($_GET['action'] == 'save') { vam_db_perform(TABLE_SHIPPING_STATUS, $sql_data_array, 'update', "shipping_status_id = '" . vam_db_input($shipping_status_id) . "' and language_id = '" . $language_id . "'"); } } if ($shipping_status_image =& vam_try_upload('shipping_status_image', DIR_WS_ICONS)) { vam_db_query("update " . TABLE_SHIPPING_STATUS . " set shipping_status_image = '" . $shipping_status_image->filename . "' where shipping_status_id = '" . vam_db_input($shipping_status_id) . "'"); } if ($_POST['default'] == 'on') { vam_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . vam_db_input($shipping_status_id) . "' where configuration_key = 'DEFAULT_SHIPPING_STATUS_ID'"); } vam_redirect(vam_href_link(FILENAME_SHIPPING_STATUS, 'page=' . $_GET['page'] . '&oID=' . $shipping_status_id)); break; case 'deleteconfirm': $oID = vam_db_prepare_input($_GET['oID']); $shipping_status_query = vam_db_query("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'DEFAULT_SHIPPING_STATUS_ID'"); $shipping_status = vam_db_fetch_array($shipping_status_query); if ($shipping_status['configuration_value'] == $oID) { vam_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '' where configuration_key = 'DEFAULT_SHIPPING_STATUS_ID'"); } vam_db_query("delete from " . TABLE_SHIPPING_STATUS . " where shipping_status_id = '" . vam_db_input($oID) . "'");
$banners_group = empty($new_banners_group) ? vam_db_prepare_input($_POST['banners_group']) : $new_banners_group; $html_text = vam_db_prepare_input($_POST['html_text']); $banners_image_local = vam_db_prepare_input($_POST['banners_image_local']); $banners_image_target = vam_db_prepare_input($_POST['banners_image_target']); $db_image_location = ''; $banner_error = false; if (empty($banners_title)) { $messageStack->add(ERROR_BANNER_TITLE_REQUIRED, 'error'); $banner_error = true; } if (empty($banners_group)) { $messageStack->add(ERROR_BANNER_GROUP_REQUIRED, 'error'); $banner_error = true; } if (empty($html_text)) { if (!($banners_image =& vam_try_upload('banners_image', DIR_FS_CATALOG_IMAGES . 'banner/' . $banners_image_target)) && $_POST['banners_image_local'] == '') { $banner_error = true; } } if (!$banner_error) { $db_image_location = vam_not_null($banners_image_local) ? $banners_image_local : $banners_image_target . $banners_image->filename; $sql_data_array = array('banners_title' => $banners_title, 'banners_url' => $banners_url, 'banners_image' => $db_image_location, 'banners_group' => $banners_group, 'banners_html_text' => $html_text); if ($_GET['action'] == 'insert') { $insert_sql_data = array('date_added' => 'now()', 'status' => '1'); $sql_data_array = vam_array_merge($sql_data_array, $insert_sql_data); vam_db_perform(TABLE_BANNERS, $sql_data_array); $banners_id = vam_db_insert_id(); $messageStack->add_session(SUCCESS_BANNER_INSERTED, 'success'); } elseif ($_GET['action'] == 'update') { vam_db_perform(TABLE_BANNERS, $sql_data_array, 'update', 'banners_id = \'' . $banners_id . '\''); $messageStack->add_session(SUCCESS_BANNER_UPDATED, 'success');
vam_db_query("ALTER TABLE `products` ADD `group_permission_" . $customers_status_id . "` TINYINT( 1 ) NOT NULL"); vam_db_query("ALTER TABLE `categories` ADD `group_permission_" . $customers_status_id . "` TINYINT( 1 ) NOT NULL"); $products_query = vam_db_query("select price_id, products_id, quantity, personal_offer from " . TABLE_PERSONAL_OFFERS . $customers_base_status . ""); while ($products = vam_db_fetch_array($products_query)) { $product_data_array = array('price_id' => vam_db_prepare_input($products['price_id']), 'products_id' => vam_db_prepare_input($products['products_id']), 'quantity' => vam_db_prepare_input($products['quantity']), 'personal_offer' => vam_db_prepare_input($products['personal_offer'])); vam_db_perform(TABLE_PERSONAL_OFFERS . $customers_status_id, $product_data_array); } } $insert_sql_data = array('customers_status_id' => vam_db_prepare_input($customers_status_id), 'language_id' => vam_db_prepare_input($language_id)); $sql_data_array = vam_array_merge($sql_data_array, $insert_sql_data); vam_db_perform(TABLE_CUSTOMERS_STATUS, $sql_data_array); } elseif ($_GET['action'] == 'save') { vam_db_perform(TABLE_CUSTOMERS_STATUS, $sql_data_array, 'update', "customers_status_id = '" . vam_db_input($customers_status_id) . "' and language_id = '" . $language_id . "'"); } } if ($customers_status_image =& vam_try_upload('customers_status_image', DIR_WS_ICONS)) { vam_db_query("update " . TABLE_CUSTOMERS_STATUS . " set customers_status_image = '" . $customers_status_image->filename . "' where customers_status_id = '" . vam_db_input($customers_status_id) . "'"); } if ($_POST['default'] == 'on') { vam_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . vam_db_input($customers_status_id) . "' where configuration_key = 'DEFAULT_CUSTOMERS_STATUS_ID'"); } vam_db_query("delete from " . TABLE_CUSTOMERS_STATUS_ORDERS_STATUS . " where customers_status_id = " . vam_db_input($customers_status_id)); $orders_status_query = vam_db_query("select orders_status_id from " . TABLE_ORDERS_STATUS . " where language_id = " . $_SESSION['languages_id'] . " order by orders_status_id"); while ($orders_status = vam_db_fetch_array($orders_status_query)) { if ($_POST['orders_status_' . $orders_status['orders_status_id']]) { vam_db_query("insert into " . TABLE_CUSTOMERS_STATUS_ORDERS_STATUS . " values (" . vam_db_input($customers_status_id) . ", " . $orders_status['orders_status_id'] . ")"); } } vam_redirect(vam_href_link(FILENAME_CUSTOMERS_STATUS, 'page=' . $_GET['page'] . '&cID=' . $customers_status_id)); break; case 'deleteconfirm':
case 'save': $manufacturers_id = vam_db_prepare_input($_GET['mID']); $manufacturers_name = vam_db_prepare_input($_POST['manufacturers_name']); $sql_data_array = array('manufacturers_name' => $manufacturers_name); if ($_GET['action'] == 'insert') { $insert_sql_data = array('date_added' => 'now()'); $sql_data_array = vam_array_merge($sql_data_array, $insert_sql_data); vam_db_perform(TABLE_MANUFACTURERS, $sql_data_array); $manufacturers_id = vam_db_insert_id(); } elseif ($_GET['action'] == 'save') { $update_sql_data = array('last_modified' => 'now()'); $sql_data_array = vam_array_merge($sql_data_array, $update_sql_data); vam_db_perform(TABLE_MANUFACTURERS, $sql_data_array, 'update', "manufacturers_id = '" . vam_db_input($manufacturers_id) . "'"); } $dir_manufacturers = DIR_FS_CATALOG_IMAGES . "/manufacturers"; if ($manufacturers_image =& vam_try_upload('manufacturers_image', $dir_manufacturers)) { vam_db_query("update " . TABLE_MANUFACTURERS . " set\r\n manufacturers_image ='manufacturers/" . $manufacturers_image->filename . "'\r\n where manufacturers_id = '" . vam_db_input($manufacturers_id) . "'"); } $languages = vam_get_languages(); for ($i = 0, $n = sizeof($languages); $i < $n; $i++) { $manufacturers_url_array = $_POST['manufacturers_url']; // BOF manufacturers descriptions + meta tags $manufacturers_meta_title_array = $_POST['manufacturers_meta_title']; $manufacturers_meta_keywords_array = $_POST['manufacturers_meta_keywords']; $manufacturers_meta_description_array = $_POST['manufacturers_meta_description']; $manufacturers_description_array = $_POST['manufacturers_description']; // EOF manufacturers descriptions + meta tags $language_id = $languages[$i]['id']; $sql_data_array = array('manufacturers_url' => vam_db_prepare_input($manufacturers_url_array[$language_id])); // BOF manufacturers descriptions + meta tags $sql_data_array = array_merge($sql_data_array, array('manufacturers_meta_title' => vam_db_prepare_input($manufacturers_meta_title_array[$language_id]), 'manufacturers_meta_keywords' => vam_db_prepare_input($manufacturers_meta_keywords_array[$language_id]), 'manufacturers_meta_description' => vam_db_prepare_input($manufacturers_meta_description_array[$language_id]), 'manufacturers_description' => vam_db_prepare_input($manufacturers_description_array[$language_id])));
Copyright (c) 2007 VaM Shop -------------------------------------------------------------- based on: (c) 2000-2001 The Exchange Project (earlier name of osCommerce) (c) 2002-2003 osCommercecoding standards (a typical file) www.oscommerce.com (c) 2004 xt:Commerce (csv_backend.php,v 1.9 2003/08/18); xt-commerce.com Released under the GNU General Public License --------------------------------------------------------------*/ require 'includes/application_top.php'; require DIR_WS_CLASSES . 'import.php'; require_once DIR_FS_INC . 'vam_format_filesize.inc.php'; switch ($_GET['action']) { case 'upload': $upload_file = vam_db_prepare_input($_POST['file_upload']); if ($upload_file =& vam_try_upload('file_upload', DIR_FS_CATALOG . 'import/')) { ${$upload_file_name} = $upload_file->filename; } break; case 'import': $handler = new vamImport($_POST['select_file']); $mapping = $handler->map_file($handler->generate_map()); $import = $handler->import($mapping); break; case 'export': $handler = new vamExport('export.csv'); $import = $handler->exportProdFile(); break; case 'save': $configuration_query = vam_db_query("select configuration_key,configuration_id, configuration_value, use_function,set_function from " . TABLE_CONFIGURATION . " where configuration_group_id = '20' order by sort_order"); while ($configuration = vam_db_fetch_array($configuration_query)) {
$error = true; $messageStack->add(ERROR_TITLE, 'error'); } // if if ($error == false) { /* mkdir() wont work with php in safe_mode if (!is_dir(DIR_FS_CATALOG.'media/products/'.$product.'/')) { $old_umask = umask(0); vam_mkdirs(DIR_FS_CATALOG.'media/products/'.$product.'/',0777); umask($old_umask); } */ if ($select_file == 'default') { if ($content_file =& vam_try_upload('file_upload', DIR_FS_CATALOG . 'media/products/')) { $content_file_name = $content_file->filename; $old_filename = $content_file->filename; $timestamp = str_replace('.', '', microtime()); $timestamp = str_replace(' ', '', $timestamp); $content_file_name = $timestamp . strstr($content_file_name, '.'); $rename_string = DIR_FS_CATALOG . 'media/products/' . $content_file_name; rename(DIR_FS_CATALOG . 'media/products/' . $old_filename, $rename_string); copy($rename_string, DIR_FS_CATALOG . 'media/products/backup/' . $content_file_name); } if ($content_file_name == '') { $content_file_name = $filename; } } else { $content_file_name = $select_file; }