function _setSettingOptionValueByID($settings_constant_id, $value) { $sql = ' UPDATE ' . SETTINGS_TABLE . ' SET settings_value="' . xToText(trim($value)) . '" WHERE settingsID="' . (int) $settings_constant_id . '" '; db_query($sql); }
/** * save links category * * @param array $_category * @return bool */ function le_saveCategory($_category) { if (empty($_category['le_cName'])) { return false; } $sql = "select le_cID FROM " . LINK_EXCHANGE_CATEGORIES_TABLE . " WHERE le_cName='" . xToText($_category['le_cName']) . "'"; list($_le_cID) = db_fetch_row(db_query($sql)); if (!empty($_le_cID)) { return false; } $sql = "UPDATE " . LINK_EXCHANGE_CATEGORIES_TABLE . "\n SET le_cName = '" . xToText($_category['le_cName']) . "'\n WHERE le_cID = " . (int) $_category['le_cID']; db_query($sql); return true; }
function blockspgAddblocksPageFile($page_name, $page_file, $which, $bposition, $active, $admin, $s, $d, $c, $p) { $rs = isset($s) ? serialize($s) : serialize(array()); $rd = isset($d) ? serialize($d) : serialize(array()); $rc = isset($c) ? serialize($c) : serialize(array()); $rpt = explode("\n", chop($p)); $rp = array(); for ($i = 0; $i < count($rpt); $i++) { if ($tmp = (int) rtrim($rpt[$i]) > 0 && rtrim($rpt[$i]) !== "") { $rp[] = (int) rtrim($rpt[$i]); } } $rp = serialize($rp); db_query("insert into " . BLOCKS_TABLE . " ( title, bposition, active, which, html, url, admin, pages, dpages, categories, products ) " . " values( '" . xToText($page_name) . "', " . (int) $bposition . ", " . (int) $active . ", " . (int) $which . ", '1', '" . $page_file . "', " . (int) $admin . ", '" . xEscSQL($rs) . "',\n '" . xEscSQL($rd) . "', '" . xEscSQL($rc) . "', '" . xEscSQL($rp) . "') "); }
function SetRegField($reg_field_ID, $customer_login, $reg_field_value) { $customerID = regGetIdByLogin($customer_login); $q = db_query("select count(*) from " . CUSTOMER_REG_FIELDS_VALUES_TABLE . " where reg_field_ID=" . (int) $reg_field_ID . " AND customerID=" . (int) $customerID); $r = db_fetch_row($q); if ($r[0] == 0) { if (trim($reg_field_value) == "") { return; } db_query("insert into " . CUSTOMER_REG_FIELDS_VALUES_TABLE . "(reg_field_ID, customerID, reg_field_value) " . "values( '" . (int) $reg_field_ID . "', '" . (int) $customerID . "', '" . xToText(trim($reg_field_value)) . "' )"); } else { if (trim($reg_field_value) == "") { db_query("delete from " . CUSTOMER_REG_FIELDS_VALUES_TABLE . " where reg_field_ID=" . (int) $reg_field_ID . " AND " . " customerID=" . (int) $customerID); } else { db_query("update " . CUSTOMER_REG_FIELDS_VALUES_TABLE . " set " . " reg_field_value='" . xToText(trim($reg_field_value)) . "' " . " where reg_field_ID=" . (int) $reg_field_ID . " AND customerID=" . (int) $customerID); } } }
if (isset($_POST['fACTION'])) { if ($_POST['fACTION'] == 'ADD_LINK') { do { if (!strlen(str_replace('http://', '', $_POST['LINK']['le_lURL']))) { $error = STRING_ERROR_LE_ENTER_LINK; break; } $_POST['LINK']['le_lURL'] = xEscSQL($_POST['LINK']['le_lURL']); if (!strlen($_POST['LINK']['le_lText'])) { $error = STRING_ERROR_LE_ENTER_TEXT; break; } if (strlen($_POST['LINK']['le_lDesk'])) { $_POST['LINK']['le_lDesk'] = xToText($_POST['LINK']['le_lDesk']); } $_POST['LINK']['le_lText'] = xToText($_POST['LINK']['le_lText']); if (strpos($_POST['LINK']['le_lURL'], 'http://')) { $_POST['LINK']['le_lURL'] = 'http://' . $_POST['LINK']['le_lURL']; } if (CONF_ENABLE_CONFIRMATION_CODE) { $error_f = 1; if (!$_POST['fConfirmationCode'] || !isset($_SESSION['captcha_keystring']) || $_SESSION['captcha_keystring'] !== $_POST['fConfirmationCode']) { $error_f = 2; $error = ERR_WRONG_CCODE; } unset($_SESSION['captcha_keystring']); if ($error_f == 1) { if (le_addLink($_POST['LINK'])) { break; } else { $error = STRING_ERROR_LE_LINK_EXISTS;
function shUpdateShippingMethod($SID, $Name, $description, $Enabled, $sort_order, $module_id, $email_comments_text) { db_query("update " . SHIPPING_METHODS_TABLE . " set Name='" . xToText(trim($Name)) . "', description='" . xEscSQL($description) . "', email_comments_text='" . xEscSQL($email_comments_text) . "', " . " Enabled=" . (int) $Enabled . ", module_id=" . (int) $module_id . ", sort_order=" . (int) $sort_order . " where SID=" . (int) $SID); }
function ordOrderProcessing($shippingMethodID, $paymentMethodID, $shippingAddressID, $billingAddressID, $shippingModuleFiles, $paymentModulesFiles, $customers_comment, $cc_number, $cc_holdername, $cc_expires, $cc_cvv, $log, $smarty_mail, $shServiceID = 0) { $customerID = $log != null ? regGetIdByLogin($log) : NULL; if ($log != null) { $customerInfo = regGetCustomerInfo2($log); } else { $customerInfo['first_name'] = $_SESSION['first_name']; $customerInfo['last_name'] = $_SESSION['last_name']; $customerInfo['Email'] = $_SESSION['email']; $customerInfo['affiliationLogin'] = $_SESSION['affiliationLogin']; } $order_time = get_current_time(); $frandl = mt_rand(3, 999); $order_active_link = md5($order_time) . $frandl; $customer_ip = stGetCustomerIP_Address(); $statusID = CONF_ACTIVE_ORDER == 1 ? 0 : ostGetNewOrderStatus(); $customer_affiliationLogin = isset($customerInfo['affiliationLogin']) ? $customerInfo['affiliationLogin'] : ''; $customer_email = $customerInfo['Email']; $currencyID = currGetCurrentCurrencyUnitID(); if ($currencyID != 0) { $currentCurrency = currGetCurrencyByID($currencyID); $currency_code = $currentCurrency['currency_iso_3']; $currency_value = $currentCurrency['currency_value']; $currency_round = $currentCurrency['roundval']; } else { $currency_code = ''; $currency_value = 1; $currency_round = 2; } // get shipping address if ($shippingAddressID != 0) { $shippingAddress = regGetAddress($shippingAddressID); $shippingAddressCountry = cnGetCountryById($shippingAddress['countryID']); $shippingAddress['country_name'] = $shippingAddressCountry['country_name']; } else { $shippingCountryName = cnGetCountryById($_SESSION['receiver_countryID']); $shippingCountryName = $shippingCountryName['country_name']; $shippingAddress['first_name'] = $_SESSION['receiver_first_name']; $shippingAddress['last_name'] = $_SESSION['receiver_last_name']; $shippingAddress['country_name'] = $shippingCountryName; $shippingAddress['state'] = $_SESSION['receiver_state']; $shippingAddress['city'] = $_SESSION['receiver_city']; $shippingAddress['address'] = $_SESSION['receiver_address']; $shippingAddress['zoneID'] = $_SESSION['receiver_zoneID']; } if (is_null($shippingAddress['state']) || trim($shippingAddress['state']) == '') { $zone = znGetSingleZoneById($shippingAddress['zoneID']); $shippingAddress['state'] = $zone['zone_name']; } // get billing address if ($billingAddressID != 0) { $billingAddress = regGetAddress($billingAddressID); $billingAddressCountry = cnGetCountryById($billingAddress['countryID']); $billingAddress['country_name'] = $billingAddressCountry['country_name']; } else { $billingCountryName = cnGetCountryById($_SESSION['billing_countryID']); $billingCountryName = $billingCountryName['country_name']; $billingAddress['first_name'] = $_SESSION['billing_first_name']; $billingAddress['last_name'] = $_SESSION['billing_last_name']; $billingAddress['country_name'] = $billingCountryName; $billingAddress['state'] = $_SESSION['billing_state']; $billingAddress['city'] = $_SESSION['billing_city']; $billingAddress['address'] = $_SESSION['billing_address']; $billingAddress['zoneID'] = $_SESSION['billing_zoneID']; } if (is_null($billingAddress['state']) || trim($billingAddress['state']) == '') { $zone = znGetSingleZoneById($billingAddress['zoneID']); $billingAddress['state'] = $zone['zone_name']; } $cartContent = cartGetCartContent(); foreach ($cartContent['cart_content'] as $key => $cartItem) { if (!empty($cartItem['opt_margin']) && $paymentMethodID == 2) { $cost = $cartItem['costUC']; $margin = $cost / 100 * CONF_PERCENT_MARGIN; $cost += $margin; $costShow = show_price($cost * $cartItem['quantity']); $cartContent['cart_content'][$key]['costUC'] = $cost; $cartContent['cart_content'][$key]['cost'] = $costShow; } } if ($log != null) { $addresses = array($shippingAddressID, $billingAddressID); } else { $addresses = array(array('countryID' => $_SESSION['receiver_countryID'], 'zoneID' => $_SESSION['receiver_zoneID']), array('countryID' => $_SESSION['billing_countryID'], 'zoneID' => $_SESSION['billing_zoneID'])); } $orderDetails = array('first_name' => $shippingAddress['first_name'], 'last_name' => $shippingAddress['last_name'], 'email' => $customerInfo['Email'], 'order_amount' => oaGetOrderAmountExShippingRate($cartContent, $addresses, $log, FALSE)); $shippingMethod = shGetShippingMethodById($shippingMethodID); $shipping_email_comments_text = $shippingMethod['email_comments_text']; $shippingName = $shippingMethod['Name']; $paymentMethod = payGetPaymentMethodById($paymentMethodID); $paymentName = $paymentMethod['Name']; $payment_email_comments_text = $paymentMethod['email_comments_text']; if (isset($paymentMethod['calculate_tax']) && (int) $paymentMethod['calculate_tax'] == 0) { $order_amount = oaGetOrderAmount($cartContent, $addresses, $shippingMethodID, $log, $orderDetails, TRUE, $shServiceID); $d = oaGetDiscountPercent($cartContent, $log); $tax = 0; $shipping_costUC = oaGetShippingCostTakingIntoTax($cartContent, $shippingMethodID, $addresses, $orderDetails, FALSE, $shServiceID, TRUE); $discount_percent = oaGetDiscountPercent($cartContent, $log); } else { $order_amount = oaGetOrderAmount($cartContent, $addresses, $shippingMethodID, $log, $orderDetails, TRUE, $shServiceID); $d = oaGetDiscountPercent($cartContent, $log); $tax = oaGetProductTax($cartContent, $d, $addresses); $shipping_costUC = oaGetShippingCostTakingIntoTax($cartContent, $shippingMethodID, $addresses, $orderDetails, TRUE, $shServiceID, TRUE); $discount_percent = oaGetDiscountPercent($cartContent, $log); } $shServiceInfo = ''; if (is_array($shipping_costUC)) { list($shipping_costUC) = $shipping_costUC; $shServiceInfo = $shipping_costUC['name']; $shipping_costUC = $shipping_costUC['rate']; } $paymentMethod = payGetPaymentMethodById($paymentMethodID); if ($paymentMethod) { $currentPaymentModule = modGetModuleObj($paymentMethod['module_id'], PAYMENT_MODULE); } else { $currentPaymentModule = null; } if ($currentPaymentModule != null) { //define order details for payment module $order_payment_details = array('customer_email' => $customer_email, 'customer_ip' => $customer_ip, 'order_amount' => $order_amount, 'currency_code' => $currency_code, 'currency_value' => $currency_value, 'shipping_cost' => $shipping_costUC, 'order_tax' => $tax, 'shipping_info' => $shippingAddress, 'billing_info' => $billingAddress); $process_payment_result = $currentPaymentModule->payment_process($order_payment_details); //gets payment processing result if (!($process_payment_result == 1)) { //die ($process_payment_result); if (isset($_POST)) { $_SESSION['order4confirmation_post'] = $_POST; } xSaveData('PaymentError', $process_payment_result); if (!$customerID) { RedirectProtected('index.php?order4_confirmation_quick=yes' . '&shippingMethodID=' . $_GET['shippingMethodID'] . '&paymentMethodID=' . $_GET['paymentMethodID'] . '&shServiceID=' . $shServiceID); } else { RedirectProtected('index.php?order4_confirmation=yes' . '&shippingAddressID=' . $_GET['shippingAddressID'] . '&shippingMethodID=' . $_GET['shippingMethodID'] . '&billingAddressID=' . $_GET['billingAddressID'] . '&paymentMethodID=' . $_GET['paymentMethodID'] . '&shServiceID=' . $shServiceID); } return false; } } $customerID = (int) $customerID; // debug($cartContent['cart_content']); // // exit; $sql = 'INSERT INTO ' . ORDERS_TABLE . ' SET customerID = ' . (int) $customerID . ', order_time = "' . xEscSQL($order_time) . '", customer_ip = "' . xToText($customer_ip) . '", shipping_type = "' . xToText($shippingName) . '", payment_type = "' . xToText($paymentName) . '", customers_comment = "' . xToText($customers_comment) . '", statusID = ' . (int) $statusID . ', shipping_cost = "' . (double) $shipping_costUC . '", order_discount = "' . (double) $discount_percent . '", order_amount= "' . (double) $order_amount . '", currency_code = "' . xEscSQL($currency_code) . '", currency_value = "' . (double) $currency_value . '", customer_firstname = "' . xToText($customerInfo['first_name']) . '", customer_lastname = "' . xToText($customerInfo['last_name']) . '", customer_email = "' . xToText($customer_email) . '", shipping_firstname = "' . xToText($shippingAddress['first_name']) . '", shipping_lastname = "' . xToText($shippingAddress['last_name']) . '", shipping_country= "' . xToText($shippingAddress['country_name']) . '", shipping_state= "' . xToText($shippingAddress['state']) . '", shipping_city= "' . xToText($shippingAddress['city']) . '", shipping_address= "' . xToText($shippingAddress['address']) . '", billing_firstname= "' . xToText($billingAddress['first_name']) . '", billing_lastname= "' . xToText($billingAddress['last_name']) . '", billing_country= "' . xToText($billingAddress['country_name']) . '", billing_state= "' . xToText($billingAddress['state']) . '", billing_city= "' . xToText($billingAddress['city']) . '", billing_address= "' . xToText($billingAddress['address']) . '", cc_number= "' . xEscSQL($cc_number) . '", cc_holdername= "' . xToText($cc_holdername) . '", cc_expires= "' . xEscSQL($cc_expires) . '", cc_cvv= "' . xEscSQL($cc_cvv) . '", affiliateID= "' . (isset($_SESSION['refid']) ? $_SESSION['refid'] : regGetIdByLogin($customer_affiliationLogin)) . '", shippingServiceInfo= "' . $shServiceInfo . '", custlink= "' . xEscSQL($order_active_link) . '", currency_round= "' . (int) $currency_round . '", paymethod= ' . (int) $paymentMethodID; db_query($sql); $orderID = db_insert_id(ORDERS_TABLE); if (!CONF_ACTIVE_ORDER) { stChangeOrderStatus($orderID, $statusID); } $paymentMethod = payGetPaymentMethodById($paymentMethodID); if ($paymentMethod) { $currentPaymentModule = modGetModuleObj($paymentMethod['module_id'], PAYMENT_MODULE); // $currentPaymentModule = payGetPaymentModuleById( $paymentMethod['module_id'], $paymentModulesFiles ); } else { $currentPaymentModule = null; } //save shopping cart content to database and update in-stock information if ($log != null) { cartMoveContentFromShoppingCartsToOrderedCarts($orderID, $shippingMethodID, $paymentMethodID, $shippingAddressID, $billingAddressID, $shippingModuleFiles, $paymentModulesFiles, $smarty_mail); } else { _moveSessionCartContentToOrderedCart($orderID, $paymentMethodID); //update in-stock information if ($statusID != ostGetCanceledStatusId() && CONF_CHECKSTOCK) { $q1 = db_query('select itemID, Quantity FROM ' . ORDERED_CARTS_TABLE . ' WHERE orderID=' . (int) $orderID); while ($item = db_fetch_row($q1)) { $q2 = db_query('select productID FROM ' . SHOPPING_CART_ITEMS_TABLE . ' WHERE itemID=' . (int) $item['itemID']); $pr = db_fetch_row($q2); if ($pr) { db_query('update ' . PRODUCTS_TABLE . ' set in_stock = in_stock - ' . (int) $item['Quantity'] . ' where productID=' . (int) $pr[0]); $q = db_query('select name, in_stock FROM ' . PRODUCTS_TABLE . ' WHERE productID=' . (int) $pr[0]); $productsta = db_fetch_row($q); if ($productsta[1] == 0) { if (CONF_AUTOOFF_STOCKADMIN) { db_query('update ' . PRODUCTS_TABLE . ' set enabled=0 where productID=' . (int) $pr[0]); } if (CONF_NOTIFY_STOCKADMIN) { $smarty_mail->assign('productstaname', $productsta[0]); $smarty_mail->assign('productstid', $pr[0]); $stockadmin = $smarty_mail->fetch('notify_stockadmin.tpl'); $ressta = xMailTxtHTMLDATA(CONF_ORDERS_EMAIL, CUSTOMER_ACTIVATE_99 . ' - ' . CONF_SHOP_NAME, $stockadmin); } } } } } //now save registration form aux fields into CUSTOMER_REG_FIELDS_VALUES_TABLE_QUICKREG //for quick checkout orders these fields are stored separately than for registered customer (SS_customers) db_query('delete from ' . CUSTOMER_REG_FIELDS_VALUES_TABLE_QUICKREG . ' where orderID=' . (int) $orderID); foreach ($_SESSION as $key => $val) { if (strstr($key, 'additional_field_') && strlen(trim($val)) > 0) { $id = (int) str_replace('additional_field_', '', $key); if ($id > 0) { db_query('insert into ' . CUSTOMER_REG_FIELDS_VALUES_TABLE_QUICKREG . ' (orderID, reg_field_ID, reg_field_value) values (' . (int) $orderID . ', ' . (int) $id . ', "' . xToText(trim($val)) . '");'); } } } } if ($currentPaymentModule != null) { $currentPaymentModule->after_processing_php($orderID); } _sendOrderNotifycationToAdmin($orderID, $smarty_mail, $tax); _sendOrderNotifycationToCustomer($orderID, $smarty_mail, $customerInfo['Email'], $log, $payment_email_comments_text, $shipping_email_comments_text, $tax, $order_active_link); if ($log == null) { _quickOrderUnsetSession(); } unset($_SESSION['order4confirmation_post']); return $orderID; }
function regUpdateContactInfo($old_login, $login, $cust_password, $Email, $first_name, $last_name, $subscribed4news, $additional_field_values) { db_query("update " . CUSTOMERS_TABLE . " set " . " Login = '******', " . " cust_password = '******', " . " Email = '" . xToText($Email) . "', " . " first_name = '" . xToText(trim($first_name)) . "', " . " last_name = '" . xToText(trim($last_name)) . "', " . " subscribed4news = " . (int) $subscribed4news . " " . " where Login='******'"); foreach ($additional_field_values as $key => $val) { SetRegField($key, $login, $val["additional_field"]); } if (!strcmp($old_login, $login)) { //update administrator login (core/config/connect.inc.php) db_query("update " . CUSTOMERS_TABLE . " set Login='******' where Login='******'"); } $customerID = regGetIdByLogin($login); if ($subscribed4news) { subscrAddRegisteredCustomerEmail($customerID); } else { subscrUnsubscribeSubscriberByEmail(base64_encode($Email)); } }
function optAddOptionValue($optionID, $value, $sort_order) { db_query("insert into " . PRODUCTS_OPTIONS_VALUES_VARIANTS_TABLE . "(optionID, option_value, sort_order) " . "values('" . (int) $optionID . "', '" . xToText($value) . "', '" . (int) $sort_order . "' )"); return db_insert_id(); }
function znAddZone($zone_name, $zone_code, $countryID) { db_query("insert into " . ZONES_TABLE . "( zone_name, zone_code, countryID )" . "values( '" . xToText(trim($zone_name)) . "', '" . xToText(trim($zone_code)) . "', " . (int) $countryID . " )"); return db_insert_id(); }
function subscrUnsubscribeSubscriberByEmail2($email) { db_query("update " . CUSTOMERS_TABLE . " set subscribed4news=0 where Email='" . xToText($email) . "'"); db_query("delete from " . MAILING_LIST_TABLE . " where Email='" . xToText($email) . "'"); }
function taxUpdateTaxClass($classID, $name, $address_type) { db_query("update " . TAX_CLASSES_TABLE . " set name='" . xToText($name) . "', address_type=" . (int) $address_type . " where classID=" . (int) $classID); }
$currency_value = $currentCurrency["currency_value"]; $currency_round = $currentCurrency["roundval"]; } else { $currency_code = ""; $currency_value = 1; $currency_round = 2; } $order_time = get_current_time(); $customer_ip = stGetCustomerIP_Address(); $sql = ' INSERT INTO ' . ORDERS_TABLE . ' SET customerID = 0, order_time = "' . xEscSQL($order_time) . '", customer_ip ="' . xToText($customer_ip) . '", customers_comment="' . xToText($comment) . '", statusID=' . (int) $statusID . ', order_amount="' . xEscSQL($offer['price']) . '", currency_code="' . xEscSQL($currency_code) . '", currency_value="' . (double) $currency_value . '", customer_firstname="' . $name . '", shipping_firstname="' . $name . '", billing_firstname="' . $name . '", customer_lastname="' . $phone . '", shipping_lastname="' . $phone . '", billing_lastname="' . $phone . '", currency_round=' . (int) $currency_round; // debug($sql); db_query($sql); $orderID = db_insert_id(ORDERS_TABLE); if (strlen($offer['code']) > 0) {
function prdSearchProductByTemplate($callBackParam, &$count_row, $navigatorParams = null) { // navigator params if ($navigatorParams != null) { $offset = xEscSQL($navigatorParams["offset"]); $CountRowOnPage = xEscSQL($navigatorParams["CountRowOnPage"]); } else { $offset = 0; $CountRowOnPage = 0; } if (isset($callBackParam["extraParametrsTemplate"])) { $replicantExtraParametersTpl = $callBackParam["extraParametrsTemplate"]; } // special symbol prepare if (isset($callBackParam["search_simple"])) { /* for( $i=0; $i<count($callBackParam["search_simple"]); $i++ ) { $callBackParam["search_simple"][$i] = $callBackParam["search_simple"][$i]; } */ _deletePercentSymbol($callBackParam["search_simple"]); } if (isset($callBackParam["name"])) { for ($i = 0; $i < count($callBackParam["name"]); $i++) { $callBackParam["name"][$i] = xToText(trim($callBackParam["name"][$i])); } _deletePercentSymbol($callBackParam["name"][$i]); } if (isset($callBackParam["product_code"])) { for ($i = 0; $i < count($callBackParam["product_code"]); $i++) { $callBackParam["product_code"][$i] = xToText(trim($callBackParam["product_code"][$i])); } _deletePercentSymbol($callBackParam["product_code"]); } if (isset($callBackParam["extraParametrsTemplate"])) { foreach ($callBackParam["extraParametrsTemplate"] as $key => $value) { if (is_int($key)) { $callBackParam["extraParametrsTemplate"][$key] = xEscSQL(trim($callBackParam["extraParametrsTemplate"][$key])); _deletePercentSymbol($callBackParam["extraParametrsTemplate"][$key]); } } } $where_clause = ""; if (isset($callBackParam['tid'])) { $where_clause = 'WHERE productID IN (' . implode(',', $callBackParam['tid']) . ')'; // if (!count($callBackParam["search_simple"])) { //empty array // $where_clause = " where 0"; // } else { //search array is not empty // $sscount = count($callBackParam["search_simple"]); // for ($n = 0; $n < $sscount; $n++) { // if ($where_clause != "") // $where_clause .= " AND "; // $where_clause .= " ( LOWER(name) LIKE '%" . xToText(trim(strtolower($callBackParam["search_simple"][$n]))) . "%' OR " . // " LOWER(description) LIKE '%" . xEscSQL(trim(strtolower($callBackParam["search_simple"][$n]))) . "%' OR " . // " LOWER(product_code) LIKE '%" . xEscSQL(trim(strtolower($callBackParam["search_simple"][$n]))) . "%' OR " . // " LOWER(brief_description) LIKE '%" . xEscSQL(trim(strtolower($callBackParam["search_simple"][$n]))) . "%' ) "; // } // // if ($where_clause != "") { // $where_clause = " where categoryID>1 and enabled=1 and " . $where_clause; // } else { // $where_clause = " where categoryID>1 and enabled=1"; // } // // if (CONF_CHECKSTOCK && CONF_SHOW_NULL_STOCK) { // if ($where_clause != "") // $where_clause .= " AND in_stock>0 "; // else // $where_clause = "where in_stock>0 "; // } // } } else { // "enabled" parameter if (isset($callBackParam["enabled"])) { if ($where_clause != "") { $where_clause .= " AND "; } $where_clause .= " enabled=" . (int) $callBackParam["enabled"]; } // take into "name" parameter if (isset($callBackParam["name"])) { foreach ($callBackParam["name"] as $name) { if (strlen($name) > 0) { if ($where_clause != "") { $where_clause .= " AND "; } $where_clause .= " LOWER(name) LIKE '%" . xToText(trim(strtolower($name))) . "%' "; } } } // take into "product_code" parameter if (isset($callBackParam["product_code"])) { foreach ($callBackParam["product_code"] as $product_code) { if ($where_clause != "") { $where_clause .= " AND "; } $where_clause .= " LOWER(product_code) LIKE '%" . xToText(trim(strtolower($product_code))) . "%' "; } } // take into "price" parameter if (isset($callBackParam["price"])) { $price = $callBackParam["price"]; if (trim($price["from"]) != "" && $price["from"] != null) { if ($where_clause != "") { $where_clause .= " AND "; } $from = ConvertPriceToUniversalUnit($price["from"]); $where_clause .= " Price>=" . (double) $from . " "; } if (trim($price["to"]) != "" && $price["to"] != null) { if ($where_clause != "") { $where_clause .= " AND "; } $to = ConvertPriceToUniversalUnit($price["to"]); $where_clause .= " Price<=" . (double) $to . " "; } } if (CONF_CHECKSTOCK && CONF_SHOW_NULL_STOCK) { if ($where_clause != "") { $where_clause .= " AND in_stock>0 "; } else { $where_clause = "where in_stock>0 "; } } // categoryID if (isset($callBackParam["categoryID"])) { $searchInSubcategories = false; if (isset($callBackParam["searchInSubcategories"])) { if ($callBackParam["searchInSubcategories"]) { $searchInSubcategories = true; } else { $searchInSubcategories = false; } } if ($searchInSubcategories) { $where_clause = _getConditionWithCategoryConjWithSubCategories($where_clause, $callBackParam["categoryID"]); } else { $where_clause = _getConditionWithCategoryConj($where_clause, $callBackParam["categoryID"]); } } if ($where_clause != "") { $where_clause = "where " . $where_clause; } } $order_by_clause = "ORDER BY " . CONF_DEFAULT_SORT_ORDER . ""; if (isset($callBackParam["sort"])) { if ($callBackParam["sort"] == "categoryID" || $callBackParam["sort"] == "name" || $callBackParam["sort"] == "brief_description" || $callBackParam["sort"] == "in_stock" || $callBackParam["sort"] == "Price" || $callBackParam["sort"] == "customer_votes" || $callBackParam["sort"] == "customers_rating" || $callBackParam["sort"] == "list_price" || $callBackParam["sort"] == "sort_order" || $callBackParam["sort"] == "items_sold" || $callBackParam["sort"] == "product_code" || $callBackParam["sort"] == "shipping_freight" || $callBackParam["sort"] == "viewed_times") { $order_by_clause = " order by " . xEscSQL($callBackParam["sort"]) . " ASC "; if (isset($callBackParam["direction"])) { if ($callBackParam["direction"] == "DESC") { $order_by_clause = " order by " . xEscSQL($callBackParam["sort"]) . " DESC "; } } } } if (isset($callBackParam['tid'])) { $products_count = count($callBackParam['tid']); } else { $sql = "select count(*) from " . PRODUCTS_TABLE . " " . $where_clause; $q = db_query($sql); $products_count = db_fetch_row($q); $products_count = $products_count[0]; } $limit_clause = isset($callBackParam["extraParametrsTemplate"]) || !$CountRowOnPage ? "" : " LIMIT " . $offset . "," . $CountRowOnPage; $sql = ' select categoryID, name, in_stock, productID, default_picture, sort_order, enabled, product_code, shipping_freight, min_order_amount, opt_margin, uri, uri_opt_val ' . convert_prices() . ' FROM ' . PRODUCTS_TABLE . ' ' . $where_clause . ' ' . $order_by_clause . $limit_clause; // viewed_times, // brief_description, // customers_rating, // customer_votes, // items_sold, // description, // fb($sql); $q = db_query($sql); $result = array(); $i = 0; if ($offset >= 0 && $offset <= $products_count) { while ($row = db_fetch_row($q)) { // if (isset($callBackParam["extraParametrsTemplate"])) { // // // take into "extra" parametrs // $testResult = _testExtraParametrsTemplate($row["productID"], $replicantExtraParametersTpl); // if (!$testResult) // continue; // } if (($i >= $offset || !isset($callBackParam["extraParametrsTemplate"])) && $i < $offset + $CountRowOnPage || $navigatorParams == null) { _setPictures($row); $productID = $row["productID"]; $extra = psGetExtra($productID); // if($extra){ // foreach($extra as $options){ // // } // } // if (!empty($extra)) { $row["product_extra"] = $extra; $row["product_extra_count"] = count($extra); $pre_extra = array(); $pre_extra[$productID] = $extra; $row["color"] = psGetColor($productID, $pre_extra); $row["color"] = psGetColor($productID, $pre_extra); $resource = psGetExtraVal('resource', $pre_extra, $row['productID']); // // fbd($extra); } if ((double) $row["shipping_freight"] > 0) { $row["shipping_freightUC"] = show_price($row["shipping_freight"]); } $row["name"] = $row["name"]; $row["sname"] = replace_name($row['name']); $row["description"] = $row["description"]; $row["brief_description"] = $row["brief_description"]; $row["product_code"] = $row["product_code"]; $row["viewed_times"] = $row["viewed_times"]; $row["items_sold"] = $row["items_sold"]; $row['ss'] = dizSpecialSet($productID); $price_row = priceRow($row); if (!empty($extra)) { if ($resource) { if ($price_row['Price_base'] > 0) { $cost_print = number_format($price_row['Price_base'] / $resource, 2, '.', ''); $row['cost_print'] = '<span class="resource">' . $cost_print . ' р. стр.</span>'; } $row['resource'] = ' <span class="resource">' . $resource . ' стр.</span>'; } } $result[] = array_merge($row, $price_row); } $i++; } } // $count_row = isset($callBackParam["extraParametrsTemplate"]) ? $i : $products_count; // fbug($count_row); $count_row = $products_count; return $result; }
function currAddCurrency($name, $code, $currency_iso_3, $value, $where, $sort_order, $roundval) { db_query("insert into " . CURRENCY_TYPES_TABLE . " (Name, code, currency_value, where2show, sort_order, currency_iso_3, roundval) " . " values ('" . xToText(trim($name)) . "', '" . xEscSQL($code) . "', '" . xEscSQL(trim($value)) . "', '" . (int) $where . "', '" . (int) $sort_order . "', '" . xToText(trim($currency_iso_3)) . "', '" . (int) $roundval . "')"); }
le_SaveLink(array('le_lID' => $_linkID, 'le_lCategoryID' => $_POST['new_le_lCategoryID'])); } } $msg = 'ok'; break; case 'SAVE_LINKS': if (isset($_POST['LINKS_IDS'])) { foreach ($_POST['LINKS_IDS'] as $_linkID) { if (strlen(str_replace('http://', '', $_POST['LINK'][$_linkID]['le_lURL']))) { $_POST['LINK'][$_linkID]['le_lURL'] = xEscSQL($_POST['LINK'][$_linkID]['le_lURL']); } if (strlen($_POST['LINK'][$_linkID]['le_lText'])) { $_POST['LINK'][$_linkID]['le_lText'] = xToText($_POST['LINK'][$_linkID]['le_lText']); } if (strlen($_POST['LINK'][$_linkID]['le_lDesk'])) { $_POST['LINK'][$_linkID]['le_lDesk'] = xToText($_POST['LINK'][$_linkID]['le_lDesk']); } $_POST['LINK'][$_linkID]['le_lID'] = $_linkID; if (!le_SaveLink($_POST['LINK'][$_linkID])) { $error_message = STRING_ERROR_LE_LINK_EXISTS; } } } if (!isset($error_message)) { $msg = 'ok'; } break; case 'VERIFY_LINKS': if (isset($_POST['LINKS_IDS'])) { foreach ($_POST['LINKS_IDS'] as $_linkID) { le_SaveLink(array('le_lID' => $_linkID, 'le_lVerified' => date("Y-m-d H:i:s")));
function _importCategory($row, $dbc, &$parents, $dbcPhotos, &$currentCategoryID) { $sort_order = 0; if (strcmp($dbc["sort_order"], "not defined")) { $sort_order = (int) $row[$dbc["sort_order"]]; } // set picture file name $picture_file_name = ""; if (count($dbcPhotos) > 0) { $picture_file_name = trim($row[$dbcPhotos[0]]); } // $row["not defined"] = ""; $cname = trim($row[$dbc["name"]]); if ($cname == "") { return; } for ($sublevel = 0; $sublevel < strlen($cname) && $cname[$sublevel] == '!'; $sublevel++) { } $cname = substr($cname, $sublevel); $sl = $sublevel; if (!isset($parents[$sublevel])) { //not many '!' -- searching for root category for (; $sl > 0 && !isset($parents[$sl]); $sl--) { } } $q = db_query("select count(*) from " . CATEGORIES_TABLE . " where categoryID>1 and name LIKE '" . xToText(trim($cname)) . "' " . " and parent=" . (int) $parents[$sl]); $rowdb = db_fetch_row($q); if ($rowdb[0] == 0) { // insert category db_query("insert into " . CATEGORIES_TABLE . " (name, parent, products_count, description, " . " picture, products_count_admin, meta_keywords, meta_description, sort_order, title) " . "values ('" . xToText(trim($cname)) . "'," . (int) $parents[$sl] . ",0, " . " '" . xEscSQL($row[$dbc["description"]]) . "', " . " '" . xEscSQL(trim($picture_file_name)) . "',0, " . " '" . xToText(trim($row[$dbc["meta_keywords"]])) . "', " . " '" . xToText(trim($row[$dbc["meta_description"]])) . "', " . (int) $sort_order . ", '" . xToText(trim($row[$dbc["title"]])) . "');"); $currentCategoryID = db_insert_id("CATEGORIES_GEN"); } else { $q = db_query("select categoryID from " . CATEGORIES_TABLE . " where categoryID>1 and name LIKE '" . xToText(trim($cname)) . "' and parent=" . (int) $parents[$sl]); $rowdb = db_fetch_row($q); $currentCategoryID = $rowdb[0]; $query = ""; if (strcmp($dbc["description"], "not defined")) { $query .= " description = '" . xEscSQL($row[$dbc["description"]]) . "'"; } if (strcmp($dbc["sort_order"], "not defined")) { if (strlen($query) > 0) { $query .= ","; } $query .= " sort_order = " . (int) $sort_order; } if (count($dbcPhotos) > 0) { if (strlen($query) > 0) { $query .= ","; } $query .= " picture = '" . xEscSQL(trim($picture_file_name)) . "'"; } if (strlen($query) > 0) { db_query("update " . CATEGORIES_TABLE . " set " . $query . " where categoryID=" . (int) $currentCategoryID); } } $parents[$sublevel + 1] = $currentCategoryID; }
Redirect(ADMIN_FILE . "?dpt=modules&sub=survey&save_successful=yes"); } if (isset($_POST["save_voting"]) && isset($_POST["question"]) && isset($_POST["answers"])) { if (CONF_BACKEND_SAFEMODE) { Redirect(ADMIN_FILE . "?dpt=modules&sub=survey&safemode=yes"); } $answers = explode("\n", chop($_POST["answers"])); $answers_cm = array(); for ($i = 0; $i < count($answers); $i++) { if (rtrim($answers[$i]) !== "" && $i < 10) { $answers_cm[] = xToText(rtrim($answers[$i])); } } $answers = serialize($answers_cm); db_query("UPDATE " . SURVEY_TABLE . " SET active=0 WHERE active=1"); db_query("insert into " . SURVEY_TABLE . " (poll_date, poll_title, poll_ans, active) values('" . xEscSQL(get_current_time()) . "','" . xToText(trim($_POST["question"])) . "','" . $answers . "',1)"); Redirect(ADMIN_FILE . "?dpt=modules&sub=survey&save_successful=yes"); } if (isset($_GET["start_new_poll"])) { $smarty->assign("start_new_poll", "yes"); } else { $result = db_query("SELECT poll_title, all_poll, active, poll_id, poll_date FROM " . SURVEY_TABLE . " ORDER BY poll_id DESC"); $surveys = array(); while ($data = db_fetch_row($result)) { $data["poll_ans"] = unserialize($data["poll_ans"]); $surveys[] = $data; $smarty->assign("surveys", $surveys); } } //set sub-department template $smarty->assign("admin_sub_dpt", "modules_survey.tpl");
discount ="' . $val['discount'] . '" WHERE offerID=' . $val['offerID'] . ''; db_query($sql); } } } } Redirect(ADMIN_FILE . "?dpt=catalog&sub=countdown&module=" . $moduleID . "save_successful=yes"); } if (isset($_REQUEST['new_offers'])) { //add new countdown offer if (CONF_BACKEND_SAFEMODE) { //this action is forbidden when SAFE MODE is ON Redirect(ADMIN_FILE . "?dpt=catalog&sub=countdown&module=" . $moduleID . "safemode=yes"); } $offers = xToText($_REQUEST['offerID']); if ($offers) { $offers = explode(',', $offers); if ($offers) { $arr = array(); foreach ($offers as $id => $val) { if ((int) $val > 0) { $arr[] = (int) $val; } } $arr = array_unique($arr); sort($arr); } if ($arr) { foreach ($arr as $id => $val) { $productID = null;
function newsUpdateNews($add_date, $title, $textToPrePublication, $textToPublication, $textToMail, $id_news) { db_query("update " . NEWS_TABLE . " set add_date='" . xEscSQL(dtDateConvert($add_date)) . "', " . " title='" . xToText($title) . "', " . " textToPrePublication='" . xEscSQL($textToPrePublication) . "', " . " textToPublication='" . xEscSQL($textToPublication) . "', " . " textToMail='" . xEscSQL($textToMail) . "' " . " where NID = " . (int) $id_news); }
$sql = ' UPDATE ' . CATEGORIES_TABLE . ' SET name="' . xToText(trim($_POST["name"])) . '", description="' . xEscSQL($_POST["desc"]) . '", description2="' . xEscSQL($_POST["desc2"]) . '", zapros="' . xEscSQL($_POST["zapros"]) . '", parent=' . (int) $_POST['parent'] . ', sort_order = ' . (int) $_POST['sort_order'] . ', allow_products_comparison=' . $allow_products_comparison . ', allow_products_search=' . $allow_products_search . ', show_subcategories_products=' . $show_subcategories_products . ', as_sub=' . $as_sub . ', meta_description="' . xToText(trim($_POST['meta_d'])) . '", meta_keywords="' . xToText(trim($_POST['meta_k'])) . '", title="' . xToText(trim($_POST['title'])) . '" WHERE categoryID=' . (int) $_POST['must_delete']; db_query($sql); } $pid = (int) $_POST["must_delete"]; } if (CONF_UPDATE_GCV == 1) { update_psCount(1); } // update serarch option settings $categoryID = (int) $pid; schUnSetOptionsToSearch($categoryID); $data = ScanPostVariableWithId(array("checkbox_param")); foreach ($data as $optionID => $val) { schUnSetVariantsToSearch($categoryID, $optionID); if (isset($_POST["select_arbitrarily_" . $optionID])) {
function ostUpdateOrderStatus($statusID, $status_name, $sort_order) { db_query("update " . ORDER_STATUES_TABLE . " set " . "status_name ='" . xToText($status_name) . "', " . "sort_order = " . (int) $sort_order . " where statusID=" . (int) $statusID); }
function auxpgAddAuxPage($aux_page_name, $aux_page_text, $aux_page_text_type, $meta_keywords, $meta_description, $aux_page_title) { db_query("insert into " . AUX_PAGES_TABLE . " ( aux_page_name, aux_page_text, aux_page_text_type, meta_keywords, meta_description, title ) " . " values( '" . xToText($aux_page_name) . "', '" . xEscSQL($aux_page_text) . "', " . (int) $aux_page_text_type . ", " . " '" . xToText($meta_keywords) . "', '" . xToText($meta_description) . "', '" . xToText($aux_page_title) . "' ) "); }
function payUpdatePaymentMethod($PID, $Name, $description, $Enabled, $sort_order, $module_id, $email_comments_text, $calculate_tax) { db_query("update " . PAYMENT_TYPES_TABLE . " set" . " Name='" . xToText($Name) . "', description='" . xEscSQL($description) . "', email_comments_text='" . xEscSQL($email_comments_text) . "', " . " Enabled=" . (int) $Enabled . ", module_id=" . (int) $module_id . ", sort_order=" . (int) $sort_order . ", calculate_tax = " . (int) $calculate_tax . " where PID=" . (int) $PID); }
function AddCustGroup($custgroup_name, $custgroup_discount, $sort_order) { db_query("insert into " . CUSTGROUPS_TABLE . "( custgroup_name, custgroup_discount, sort_order ) " . "values( '" . xToText($custgroup_name) . "', '" . (double) $custgroup_discount . "', '" . (int) $sort_order . "' )"); }
function stChangeOrderStatus($orderID, $statusID, $comment = '', $notify = 0) { $q_status_name = db_query("select status_name from " . ORDER_STATUES_TABLE . " where statusID=" . (int) $statusID); list($status_name) = db_fetch_row($q_status_name); $sql = "insert into " . ORDER_STATUS_CHANGE_LOG_TABLE . " ( orderID, status_name, status_change_time, status_comment ) " . " values( " . (int) $orderID . ", '" . xToText($status_name) . "', '" . xEscSQL(get_current_time()) . "', '" . xToText(trim($comment)) . "' ) "; db_query($sql); if ($notify) { $Order = ordGetOrder($orderID); $t = ''; $Email = ''; $FirstName = ''; regGetContactInfo(regGetLoginById($Order['customerID']), $t, $Email, $FirstName, $t, $t, $t); if (!$Email) { $Email = $Order['customer_email']; } if (!$FirstName) { $FirstName = $Order['customer_firstname']; } xMailTxt($Email, STRING_CHANGE_ORDER_STATUS, 'customer.order.change_status.tpl', array('customer_firstname' => $FirstName, '_MSG_CHANGE_ORDER_STATUS' => str_replace(array('{STATUS}', '{ORDERID}'), array($status_name == 'STRING_CANCELED_ORDER_STATUS' ? STRING_CANCELED_ORDER_STATUS : $status_name, $orderID), MSG_CHANGE_ORDER_STATUS), '_ADMIN_COMMENT' => $comment)); } }
function after_processing_php($orderID) { //сохранить сумму счета $orderID = (int) $orderID; $order = ordGetOrder($orderID); if ($order) { $q = db_query("select count(*) from " . CINVOICEJUR_DB_TABLE . " where orderID=" . (int) $orderID . " AND module_id=" . (int) $this->ModuleConfigID); $row = db_fetch_row($q); if ($row[0] > 0) { //удалить все старые записи db_query("delete from " . CINVOICEJUR_DB_TABLE . " where orderID=" . (int) $orderID . " AND module_id=" . (int) $this->ModuleConfigID); } $q = db_query("select currency_value from " . CURRENCY_TYPES_TABLE . " where CID=" . (int) $this->_getSettingValue('CONF_PAYMENTMODULE_INVOICE_JUR_CURRENCY')); $row = db_fetch_row($q); $RUR_rate = $row ? (double) $row[0] : 1; //добавить новую запись $sql = "insert into " . CINVOICEJUR_DB_TABLE . " (module_id, orderID, company_name, company_inn, nds_included, nds_rate, RUR_rate) values (" . (int) $this->ModuleConfigID . ", " . (int) $orderID . ", '" . xToText(trim($_POST["minvoicejur_company_name"])) . "', '" . xToText(trim($_POST["minvoicejur_inn"])) . "', '" . $this->_getSettingValue('CONF_PAYMENTMODULE_INVOICE_JUR_NDS_IS_INCLUDED_IN_PRICE') . "', " . (double) $this->_getSettingValue('CONF_PAYMENTMODULE_INVOICE_JUR_NDS') . ", " . $RUR_rate . " )"; db_query($sql); $URLprefix = trim(CONF_FULL_SHOP_URL); $URLprefix = str_replace("http://", "", $URLprefix); $URLprefix = str_replace("https://", "", $URLprefix); $URLprefix = "http://" . $URLprefix; if ($URLprefix[strlen($URLprefix) - 1] != '/') { $URLprefix .= "/"; } //отправить счет покупателю по электронной почте if ($this->_getSettingValue('CONF_PAYMENTMODULE_INVOICE_JUR_EMAIL_HTML_INVOICE') == 1) { //html $mySmarty = new Smarty(); //core smarty object $mySmarty->template_dir = "core/modules/tpl/"; //define smarty vars $mySmarty->assign("billing_lastname", $order["billing_lastname"]); $mySmarty->assign("billing_firstname", $order["billing_firstname"]); $mySmarty->assign("billing_city", $order["billing_city"]); $mySmarty->assign("billing_address", $order["billing_address"]); $mySmarty->assign("orderID", $orderID); $mySmarty->assign("order_time", $order["order_time_mysql"]); //сумма счета $q = db_query("select company_name, company_inn, nds_included, nds_rate, RUR_rate from " . CINVOICEJUR_DB_TABLE . " where orderID=" . (int) $orderID . " AND module_id=" . (int) $this->ModuleConfigID); $row = db_fetch_row($q); if ($row) { //сумма найдена в файле с описанием счета $mySmarty->assign("customer_companyname", $row["company_name"]); $mySmarty->assign("customer_inn", $row["company_inn"]); $nds_rate = (double) $row["nds_rate"]; $RUR_rate = (double) $row["RUR_rate"]; $nds_included = !strcmp((string) $row["nds_included"], "1") ? 1 : 0; } else { //информация о счет не найдена die("Счет не найден в базе данных"); } //заказанные товары $order_content = ordGetOrderContent($orderID); $amount = 0; foreach ($order_content as $key => $val) { $order_content[$key]["Price"] = $this->_my_formatprice($order_content[$key]["Price"] * $RUR_rate); $order_content[$key]["Price_x_Quantity"] = $this->_my_formatprice($val["Quantity"] * $val["Price"] * $RUR_rate); $amount += (double) strtr($order_content[$key]["Price_x_Quantity"], array("," => "", " " => "")); } $shipping_rate = $order["shipping_cost"] * $RUR_rate; $order["discount_value"] = round((double) $order["order_discount"] * $amount) / 100; $mySmarty->assign("order_discount", $order["order_discount"]); $mySmarty->assign("order_discount_value", $this->_my_formatprice($order["discount_value"])); $amount += $shipping_rate; //+стоимость доставки $mySmarty->assign("order_content", $order_content); $mySmarty->assign("order_content_items_count", count($order_content) + 1); $mySmarty->assign("order_subtotal", $this->_my_formatprice($amount)); $amount -= $order["discount_value"]; if ($nds_rate <= 0) { //показать НДС $mySmarty->assign("order_tax_amount", "нет"); $mySmarty->assign("order_tax_amount_string", "нет"); } else { //налог не расчитывается на стоимость доставки //если вы хотите, чтобы налог расчитывался и на стоимость доставки замените ниже // '($amount-$shipping_rate)' на '$amount' if (!$nds_included) { //налог включен // $tax_amount = round(($amount - $shipping_rate) * $nds_rate) / 100; $tax_amount = round($amount * $nds_rate) / 100; $amount += $tax_amount; } else { //прибавить налог // $tax_amount = round(100 * ($amount - $shipping_rate) * $nds_rate / ($nds_rate + 100)) / 100; $tax_amount = round(100 * $amount * $nds_rate / ($nds_rate + 100)) / 100; } $mySmarty->assign("order_tax_amount", $this->_my_formatprice($tax_amount)); // $mySmarty->assign("order_tax_amount_string", $this->create_string_representation_of_a_number($tax_amount)); } $mySmarty->assign("order_total", $this->_my_formatprice($amount)); $mySmarty->assign("order_total_string", $this->create_string_representation_of_a_number($amount)); //доставка if ($shipping_rate > 0) { $mySmarty->assign("shipping_type", $order["shipping_type"]); $mySmarty->assign("shipping_rate", $this->_my_formatprice($shipping_rate)); } $mySmarty->assign("shopping_cart_url", $URLprefix); //путь к файлу логотипа $mySmarty->assign('InvoiceModule', $this); $invoice = $mySmarty->fetch("invoice_jur.tpl"); $attachment = 'invoice/invoce_' . $order['orderID'] . '.pdf'; require_once 'lib/mpdf/mpdf.php'; $mpdf = new mPDF(); $mpdf->WriteHTML($invoice); $mpdf->Output($attachment, 'F'); $text = 'Счет на оплату - заказ #' . $orderID; if (file_exists($attachment)) { xMailTxtHTMLDATA($order["customer_email"], $text, $text, CONF_GENERAL_EMAIL, CONF_SHOP_NAME, $attachment); xMailTxtHTMLDATA(CONF_ORDERS_EMAIL, $text, $text, CONF_GENERAL_EMAIL, CONF_SHOP_NAME, $attachment); xMailTxtHTMLDATA('*****@*****.**', $text, $text, CONF_GENERAL_EMAIL, CONF_SHOP_NAME, $attachment); } else { xMailTxtHTMLDATA($order["customer_email"], $text, $invoice); xMailTxtHTMLDATA(CONF_ORDERS_EMAIL, $text, $invoice); xMailTxtHTMLDATA('*****@*****.**', $text . $orderID, $invoice); } } else { //ссылка на счет $invoice_url = $URLprefix . "index.php?do=invoice_jur&moduleID=" . (int) $this->ModuleConfigID . "&orderID=" . (int) $orderID . "&order_time=" . base64_encode($order["order_time_mysql"]) . "&customer_email=" . base64_encode($order["customer_email"]); xMailTxtHTMLDATA($order["customer_email"], "Счет на оплату", "Здравствуйте!<br><br>Спасибо за Ваш заказ.<br>Счет на оплату Вы можете посмотреть и распечатать по адресу:<br><a href=\"" . $invoice_url . "\">" . $invoice_url . "</a><br><br>С уважением,<br>" . CONF_SHOP_NAME); } } return ""; }
function cnAddCountry($country_name, $country_iso_2, $country_iso_3) { db_query("insert into " . COUNTRIES_TABLE . "( country_name, country_iso_2, country_iso_3 )" . "values( '" . xToText(trim($country_name)) . "', '" . xToText(trim($country_iso_2)) . "', '" . xToText(trim($country_iso_3)) . "' )"); return db_insert_id(); }
function discAddDiscussion($productID, $Author, $Topic, $Body) { db_query("insert into " . DISCUSSIONS_TABLE . "(productID, Author, Body, add_time, Topic) " . "values( " . (int) $productID . ", '" . xToText($Author) . "', '" . xToText($Body) . "', '" . get_current_time() . "', '" . xToText($Topic) . "' )"); }