function checkAttribute($current_value_id, $current_pid, $current_product_option_id)
{
global $attr_array, $attr_dl_array;
//web28 - 2012-07-15 - change global variable list to array
$query = "SELECT *\n FROM " . TABLE_PRODUCTS_ATTRIBUTES . "\n WHERE options_values_id = '" . $current_value_id . "'\n AND products_id = ' " . $current_pid . "'\n AND options_id = '" . $current_product_option_id . "'";
$result = xtc_db_query($query);
$isFound = xtc_db_num_rows($result);
$attr_array = array();
$attr_dl_array = array();
if ($isFound) {
while ($line = xtc_db_fetch_array($result)) {
// download function start
$attr_array = $line;
$dl_sql = xtc_db_query("SELECT products_attributes_maxdays,\n products_attributes_filename,\n products_attributes_maxcount\n FROM " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . "\n WHERE products_attributes_id = '" . $line['products_attributes_id'] . "'") or die(mysqli_error(xtc_db_connect()));
$attr_dl_array = xtc_db_fetch_array($dl_sql);
// download function end
//price prefixes
$attr_array['posCheck'] = $line['price_prefix'] == '+' ? ' SELECTED' : '';
$attr_array['negCheck'] = $line['price_prefix'] == '-' ? ' SELECTED' : '';
//weight prefixes
$attr_array['posCheck_weight'] = $line['weight_prefix'] == '+' ? ' SELECTED' : '';
$attr_array['negCheck_weight'] = $line['weight_prefix'] == '-' ? ' SELECTED' : '';
//echo print_r($attr_array).'<br>';
}
return true;
} else {
return false;
}
}
function __construct()
{
$this->masterpaymentURL = 'https://www.masterpayment.com/{language}/payment/gateway';
$this->masterpaymentLanguages = array('de' => 'german', 'en' => 'english', 'fr' => 'french', 'it' => 'italian', 'es' => 'spanish', 'pl' => 'polish', 'ru' => 'russian');
$this->defaultLanguage = 'EN';
$this->link = xtc_db_connect();
}
/**
* Perform a checkOrder
*
* @param int $id order id
* @param string $paymentCode payment option code
*
* @return void
*/
public function checkOrder($id, $paymentCode)
{
global $xtPrice;
$orderId = mysqli_real_escape_string(xtc_db_connect(), $_GET['oID']);
$comments = $this->_getComments($orderId);
// Don't update orderstatus if it is already updated to approved once.
foreach ($comments as $comment) {
if (strstr($comment, $this->_assembleOrderComment(self::APPROVED))) {
$this->_showError("Klarna Status already updated and approved.");
return;
}
}
$ref = $this->_getRefNumber($orderId);
if ($ref === null) {
$this->_showError("No matching reference found for order id {$orderId}.");
return;
}
KlarnaUtils::configureKiTT(KlarnaConstant::getKiTTOption($paymentCode));
KlarnaUtils::configureKlarna(KlarnaConstant::getKiTTOption($paymentCode));
$statusName = null;
try {
$statusName = $this->_getStatus(KiTT::api($this->_getOrderCountry()), $ref);
} catch (Exception $e) {
$this->_showError($e->getMessage() . " Is {$paymentCode} configured?");
}
if ($statusName === null) {
return;
}
$newComment = $this->_assembleOrderComment($statusName);
echo "<br /> {$newComment} <br />";
$order_status_id = $this->_getPaymentStatusID($paymentCode, $statusName);
$sql_data_arr = array('orders_id' => $orderId, 'orders_status_id' => $order_status_id, 'comments' => $newComment, 'customer_notified' => 0, 'date_added' => date("Y-m-d H:i:s"));
$this->_klarnaDB->perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_arr);
xtc_db_query("UPDATE " . TABLE_ORDERS . " SET orders_status='" . $order_status_id . "' WHERE orders_id='" . $orderId . "'");
}
function insertProduct(&$dataArray, $mode = 'insert', $touchCat = false)
{
$products_array = array('products_model' => $dataArray['p_model']);
if ($this->FileSheme['p_stock'] == 'Y') {
$products_array = array_merge($products_array, array('products_quantity' => $dataArray['p_stock']));
}
if ($this->FileSheme['p_priceNoTax'] == 'Y') {
$products_array = array_merge($products_array, array('products_price' => $dataArray['p_priceNoTax']));
}
if ($this->FileSheme['p_weight'] == 'Y') {
$products_array = array_merge($products_array, array('products_weight' => $dataArray['p_weight']));
}
if ($this->FileSheme['p_status'] == 'Y') {
$products_array = array_merge($products_array, array('products_status' => $dataArray['p_status']));
}
if ($this->FileSheme['p_image'] == 'Y') {
$products_array = array_merge($products_array, array('products_image' => $dataArray['p_image']));
}
if ($this->FileSheme['p_disc'] == 'Y') {
$products_array = array_merge($products_array, array('products_discount_allowed' => $dataArray['p_disc']));
}
if ($this->FileSheme['p_ean'] == 'Y') {
$products_array = array_merge($products_array, array('products_ean' => $dataArray['p_ean']));
}
if ($this->FileSheme['p_tax'] == 'Y') {
$products_array = array_merge($products_array, array('products_tax_class_id' => $dataArray['p_tax']));
}
if ($this->FileSheme['p_opttpl'] == 'Y') {
$products_array = array_merge($products_array, array('options_template' => $dataArray['p_opttpl']));
}
if ($this->FileSheme['p_manufacturer'] == 'Y') {
$products_array = array_merge($products_array, array('manufacturers_id' => $this->getMAN(trim($dataArray['p_manufacturer']))));
}
if ($this->FileSheme['p_fsk18'] == 'Y') {
$products_array = array_merge($products_array, array('products_fsk18' => $dataArray['p_fsk18']));
}
if ($this->FileSheme['p_tpl'] == 'Y') {
$products_array = array_merge($products_array, array('product_template' => $dataArray['p_tpl']));
}
if ($this->FileSheme['p_vpe'] == 'Y') {
$products_array = array_merge($products_array, array('products_vpe' => $dataArray['p_vpe']));
}
if ($this->FileSheme['p_vpe_status'] == 'Y') {
$products_array = array_merge($products_array, array('products_vpe_status' => $dataArray['p_vpe_status']));
}
if ($this->FileSheme['p_vpe_value'] == 'Y') {
$products_array = array_merge($products_array, array('products_vpe_value' => $dataArray['p_vpe_value']));
}
if ($this->FileSheme['p_shipping'] == 'Y') {
$products_array = array_merge($products_array, array('products_shippingtime' => $dataArray['p_shipping']));
}
if ($this->FileSheme['p_sorting'] == 'Y') {
$products_array = array_merge($products_array, array('products_sort' => $dataArray['p_sorting']));
}
$products_array = array_merge($products_array, array('products_date_added' => 'now()'));
if ($mode == 'insert') {
$this->counter['prod_new']++;
xtc_db_perform(TABLE_PRODUCTS, $products_array);
$products_id = mysqli_insert_id(xtc_db_connect());
} else {
$this->counter['prod_upd']++;
xtc_db_perform(TABLE_PRODUCTS, $products_array, 'update', 'products_model = \'' . addslashes($dataArray['p_model']) . '\'');
$prod_query = xtc_db_query("SELECT products_id FROM " . TABLE_PRODUCTS . " WHERE products_model='" . addslashes($dataArray['p_model']) . "'");
$prod_data = xtc_db_fetch_array($prod_query);
$products_id = $prod_data['products_id'];
}
// Insert Group Prices.
for ($i = 0; $i < count($this->Groups) - 1; $i++) {
// seperate string ::
if (isset($dataArray['p_priceNoTax.' . $this->Groups[$i + 1]['id']])) {
// BOF - vr - 2010-03-16 use $products_id instead
// $truncate_query = "DELETE FROM ".TABLE_PERSONAL_OFFERS_BY.$this->Groups[$i +1]['id']." WHERE products_id='".$prod_data['products_id']."'";
$truncate_query = "DELETE FROM " . TABLE_PERSONAL_OFFERS_BY . $this->Groups[$i + 1]['id'] . " WHERE products_id='" . $products_id . "'";
// EOF - vr - 2010-03-16 use $products_id instead
xtc_db_query($truncate_query);
$prices = $dataArray['p_priceNoTax.' . $this->Groups[$i + 1]['id']];
$prices = explode('::', $prices);
for ($ii = 0; $ii < count($prices); $ii++) {
$values = explode(':', $prices[$ii]);
// BOF - vr - 2010-03-16 use $products_id instead
// $group_array = array ('products_id' => $prod_data['products_id'], 'quantity' => $values[0], 'personal_offer' => $values[1]);
$group_array = array('products_id' => $products_id, 'quantity' => $values[0], 'personal_offer' => $values[1]);
// EOF - vr - 2010-03-16 use $products_id instead
xtc_db_perform(TABLE_PERSONAL_OFFERS_BY . $this->Groups[$i + 1]['id'], $group_array);
}
}
}
// Insert Group Permissions.
for ($i = 0; $i < count($this->Groups) - 1; $i++) {
// seperate string ::
if (isset($dataArray['p_groupAcc.' . $this->Groups[$i + 1]['id']])) {
$insert_array = array('group_permission_' . $this->Groups[$i + 1]['id'] => $dataArray['p_groupAcc.' . $this->Groups[$i + 1]['id']]);
xtc_db_perform(TABLE_PRODUCTS, $insert_array, 'update', 'products_id = \'' . $products_id . '\'');
}
}
// insert images
for ($i = 1; $i < MO_PICS + 1; $i++) {
if (isset($dataArray['p_image.' . $i]) && $dataArray['p_image.' . $i] != "") {
// check if entry exists
if ($this->checkImage($i, $products_id)) {
$insert_array = array('image_name' => $dataArray['p_image.' . $i]);
xtc_db_perform(TABLE_PRODUCTS_IMAGES, $insert_array, 'update', 'products_id = \'' . $products_id . '\' and image_nr=\'' . $i . '\'');
} else {
$insert_array = array('image_name' => $dataArray['p_image.' . $i], 'image_nr' => $i, 'products_id' => $products_id);
xtc_db_perform(TABLE_PRODUCTS_IMAGES, $insert_array);
}
}
}
if ($touchCat) {
$this->insertCategory($dataArray, $mode, $products_id);
}
for ($i_insert = 0; $i_insert < sizeof($this->languages); $i_insert++) {
$prod_desc_array = array('products_id' => $products_id, 'language_id' => $this->languages[$i_insert]['id']);
if ($this->FileSheme['p_name.' . $this->languages[$i_insert]['code']] == 'Y') {
$prod_desc_array = array_merge($prod_desc_array, array('products_name' => addslashes($dataArray['p_name.' . $this->languages[$i_insert]['code']])));
}
if ($this->FileSheme['p_desc.' . $this->languages[$i_insert]['code']] == 'Y') {
$prod_desc_array = array_merge($prod_desc_array, array('products_description' => addslashes($dataArray['p_desc.' . $this->languages[$i_insert]['code']])));
}
if ($this->FileSheme['p_shortdesc.' . $this->languages[$i_insert]['code']] == 'Y') {
$prod_desc_array = array_merge($prod_desc_array, array('products_short_description' => addslashes($dataArray['p_shortdesc.' . $this->languages[$i_insert]['code']])));
}
if ($this->FileSheme['p_meta_title.' . $this->languages[$i_insert]['code']] == 'Y') {
$prod_desc_array = array_merge($prod_desc_array, array('products_meta_title' => $dataArray['p_meta_title.' . $this->languages[$i_insert]['code']]));
}
if ($this->FileSheme['p_meta_desc.' . $this->languages[$i_insert]['code']] == 'Y') {
$prod_desc_array = array_merge($prod_desc_array, array('products_meta_description' => $dataArray['p_meta_desc.' . $this->languages[$i_insert]['code']]));
}
if ($this->FileSheme['p_meta_key.' . $this->languages[$i_insert]['code']] == 'Y') {
$prod_desc_array = array_merge($prod_desc_array, array('products_meta_keywords' => $dataArray['p_meta_key.' . $this->languages[$i_insert]['code']]));
}
if ($this->FileSheme['p_keywords.' . $this->languages[$i_insert]['code']] == 'Y') {
$prod_desc_array = array_merge($prod_desc_array, array('products_keywords' => $dataArray['p_keywords.' . $this->languages[$i_insert]['code']]));
}
if ($this->FileSheme['p_url.' . $this->languages[$i_insert]['code']] == 'Y') {
$prod_desc_array = array_merge($prod_desc_array, array('products_url' => $dataArray['p_url.' . $this->languages[$i_insert]['code']]));
}
if ($mode == 'insert') {
xtc_db_perform(TABLE_PRODUCTS_DESCRIPTION, $prod_desc_array);
} else {
xtc_db_perform(TABLE_PRODUCTS_DESCRIPTION, $prod_desc_array, 'update', 'products_id = \'' . $products_id . '\' and language_id=\'' . $this->languages[$i_insert]['id'] . '\'');
}
}
}
/**
* xtc_get_system_information()
*
* @return
*/
function xtc_get_system_information()
{
$db_query = xtc_db_query("select now() as datetime");
$db = xtc_db_fetch_array($db_query);
//get server uptime on Windows & Unix/Linux systems
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
$uptime = @exec("net statistics srv | find /i \"Stat\"");
} else {
$uptime = @exec('uptime');
}
return array('date' => date('Y-m-d H:i:s O T'), 'os' => PHP_OS, 'system' => php_uname('s'), 'kernel' => php_uname('v'), 'host' => php_uname('n'), 'ip' => gethostbyname(php_uname('n')), 'uptime' => $uptime, 'http_server' => $_SERVER['SERVER_SOFTWARE'], 'db_server' => DB_SERVER, 'db_ip' => gethostbyname(DB_SERVER), 'db_version' => 'MySQL ' . (function_exists('mysqli_get_server_info') ? mysqli_get_server_info(xtc_db_connect()) : ''), 'db_date' => $db['datetime'], 'php' => PHP_VERSION, 'zend' => function_exists('zend_version') ? zend_version() : '', 'sapi' => PHP_SAPI, 'int_size' => defined('PHP_INT_SIZE') ? PHP_INT_SIZE : '', 'open_basedir' => (int) @ini_get('open_basedir'), 'memory_limit' => @ini_get('memory_limit'), 'error_reporting' => error_reporting(), 'display_errors' => (int) @ini_get('display_errors'), 'allow_url_fopen' => (int) @ini_get('allow_url_fopen'), 'allow_url_include' => (int) @ini_get('allow_url_include'), 'file_uploads' => (int) @ini_get('file_uploads'), 'upload_max_filesize' => @ini_get('upload_max_filesize'), 'post_max_size' => @ini_get('post_max_size'), 'disable_functions' => @ini_get('disable_functions'), 'disable_classes' => @ini_get('disable_classes'), 'enable_dl' => (int) @ini_get('enable_dl'), 'filter.default' => @ini_get('filter.default'), 'unicode.semantics' => (int) @ini_get('unicode.semantics'), 'zend_thread_safty' => (int) function_exists('zend_thread_id'), 'extensions' => get_loaded_extensions());
}
function updateContent($content_id, $content_text)
{
$return = xtc_db_query("UPDATE content_manager SET content_text='" . $content_text . "' WHERE content_id=" . $content_id . " LIMIT 1");
if (!mysqli_error(xtc_db_connect())) {
$return = 1;
}
return $return;
}
public function updateErrorTable($xml, $db_request_failed_id, $shop_id, $date, $log)
{
try {
$try = 1;
if ($db_request_failed_id != '-1') {
$sql = "SELECT `try`, `first_send_date` FROM " . IDEALO_REQUEST_ERROR_TABLE . " WHERE `id` = " . $db_request_failed_id . ";";
$try = $this->db_connection->readDB($sql);
$first_date = $try[0]['first_send_date'];
$try = $try[0]['try'];
$try++;
if ($try == 6) {
$this->sendErrorMail($xml, $shop_id, $first_date, '', $try, $text = '', $log);
}
if ($try == 96) {
$this->sendErrorMail($xml, $shop_id, $first_date, 'FATAL', $try, $text = 'Request wird nicht mehr geschickt!', $log);
$this->deleteFromErrorTable($db_request_failed_id);
}
$sql = "UPDATE " . IDEALO_REQUEST_ERROR_TABLE . " SET `try` = '" . $try . "' WHERE `id` = " . $db_request_failed_id . ";";
} else {
$sql = "INSERT INTO `" . IDEALO_REQUEST_ERROR_TABLE . "` (`try`, `first_send_date`, `xml`) VALUES ('1', '" . $date . "', '" . mysqli_real_escape_string(xtc_db_connect(), $xml) . "');";
}
$this->db_connection->writeDB($sql);
} catch (Exception $e) {
}
}
function UpdateTables()
{
global $version_nr, $version_datum;
SendHTMLHeader;
echo '<html><head></head><body>';
echo '<h3>Tabellen-Update / Erweiterung für CAO-Faktura</h3>';
echo '<h4>Version ' . $version_nr . ' Stand : ' . $version_datum . '</h4>';
$sql[1] = 'ALTER TABLE ' . TABLE_PRODUCTS . ' ADD products_ean VARCHAR(128) AFTER products_id';
$sql[2] = 'ALTER TABLE ' . TABLE_ORDERS . ' ADD payment_class VARCHAR(32) NOT NULL';
$sql[3] = 'ALTER TABLE ' . TABLE_ORDERS . ' ADD shipping_method VARCHAR(32) NOT NULL';
$sql[4] = 'ALTER TABLE ' . TABLE_ORDERS . ' ADD shipping_class VARCHAR(32) NOT NULL';
$sql[5] = 'ALTER TABLE ' . TABLE_ORDERS . ' ADD billing_country_iso_code_2 CHAR(2) NOT NULL AFTER billing_country';
$sql[6] = 'ALTER TABLE ' . TABLE_ORDERS . ' ADD delivery_country_iso_code_2 CHAR(2) NOT NULL AFTER delivery_country';
$sql[7] = 'ALTER TABLE ' . TABLE_ORDERS . ' ADD billing_firstname VARCHAR(32) NOT NULL AFTER billing_name';
$sql[8] = 'ALTER TABLE ' . TABLE_ORDERS . ' ADD billing_lastname VARCHAR(32) NOT NULL AFTER billing_firstname';
$sql[9] = 'ALTER TABLE ' . TABLE_ORDERS . ' ADD delivery_firstname VARCHAR(32) NOT NULL AFTER delivery_name';
$sql[10] = 'ALTER TABLE ' . TABLE_ORDERS . ' ADD delivery_lastname VARCHAR(32) NOT NULL AFTER delivery_firstname';
$sql[11] = 'ALTER TABLE ' . TABLE_ORDERS . ' CHANGE payment_method payment_method VARCHAR(255) NOT NULL';
$sql[12] = 'ALTER TABLE ' . TABLE_ORDERS . ' CHANGE shipping_method shipping_method VARCHAR(255) NOT NULL';
$sql[13] = 'CREATE TABLE cao_log ( id int(11) NOT NULL auto_increment, date datetime NOT NULL default "0000-00-00 00:00:00",' . 'user varchar(64) NOT NULL default "", pw varchar(64) NOT NULL default "", method varchar(64) NOT NULL default "",' . 'action varchar(64) NOT NULL default "", post_data mediumtext, get_data mediumtext, PRIMARY KEY (id))';
$link = 'db_link';
global ${$link}, $logger;
for ($i = 1; $i <= 13; $i++) {
echo '<b>SQL:</b> ' . $sql[$i] . '<br>';
if (@xtc_db_query($sql[$i], ${$link})) {
echo '<b>Ergebnis : OK</b>';
} else {
$error = mysqli_error(xtc_db_connect());
$pos = strpos($error, 'Duplicate column name');
if ($pos === false) {
$pos = strpos($error, 'already exists');
if ($pos === false) {
echo '<b>Ergebnis : </b><font color="red"><b>' . $error . '</b></font>';
} else {
echo '<b>Ergebnis : OK, Tabelle existierte bereits !</b>';
}
} else {
echo '<b>Ergebnis : OK, Spalte existierte bereits !</b>';
}
}
echo '<br><br>';
}
echo '</body></html>';
}
Copyright (c) 2004 OL-Commerce, 2006 Dipl.-Ing.(TH) Winfried Kaiser (w.kaiser@fortune.de, info@seifenparadies.de)
--------------------------------------------------------------
based on:
(c) 2000-2001 The Exchange Project (earlier name of osCommerce)
(c) 2002-2003 osCommerce(install_2.php,v 1.4 2002/08/12); www.oscommerce.com
(c) 2003 nextcommerce (install_step2.php,v 1.16 2003/08/1); www.nextcommerce.org
(c) 2004 XT - Commerce; www.xt-commerce.com
(c) 2004 OL - Commerce; www.ol-Commerce.com
Released under the GNU General Public License
--------------------------------------------------------------*/
require 'includes/application.php';
if (!xtc_in_array('database', $_POST['install'])) {
ActivateProg($next_step_link);
}
if (xtc_db_connect($db[$db_server_text], $db[$db_username_text], $db[$db_password_text])) {
$db_error = xtc_db_test_create_db_permission($database);
} else {
$db_error = true;
}
if ($db_error) {
install_error(TEXT_CONNECTION_ERROR);
$post_data .= '
<tr>
<td>
<p><font size="1">' . HTML_BR . TEXT_DB_ERROR . '</font></p>
<table border="0" style="text-align:left;width:100%">
<td class="error">' . HTML_NBSP . $db_error . '</td>
</table>
<p><font size="1">' . TEXT_DB_ERROR_1 . '</font></p>
<p><font size="1">' . TEXT_DB_ERROR_2 . '</font></p>
require_once DIR_FS_INC . 'xtc_product_link.inc.php';
require_once DIR_FS_INC . 'xtc_cleanName.inc.php';
require_once DIR_FS_INC . 'xtc_get_top_level_domain.inc.php';
require_once DIR_FS_INC . 'html_encoding.php';
//new function for PHP5.4
require_once DIR_FS_INC . 'xtc_db_find_database_field.inc.php';
require_once DIR_FS_INC . 'xtc_db_find_database_field_by_language.inc.php';
require_once DIR_FS_INC . 'xtc_db_find_by_multiple.inc.php';
// design layout (wide of boxes in pixels) (default: 125)
define('BOX_WIDTH', 125);
// Define how do we update currency exchange rates
// Possible values are 'oanda' 'xe' or ''
define('CURRENCY_SERVER_PRIMARY', 'oanda');
define('CURRENCY_SERVER_BACKUP', 'xe');
// make a connection to the database... now
xtc_db_connect() or die('Unable to connect to database server!');
// set application wide parameters
$configuration_query = xtc_db_query('select configuration_key as cfgKey, configuration_value as cfgValue from ' . TABLE_CONFIGURATION . '');
while ($configuration = xtc_db_fetch_array($configuration_query)) {
if ($configuration['cfgKey'] != 'STORE_DB_TRANSACTIONS') {
define($configuration['cfgKey'], stripslashes($configuration['cfgValue']));
//Web28 - 2012-08-09 - fix slashes
}
}
define('FILENAME_IMAGEMANIPULATOR', IMAGE_MANIPULATOR);
// move to xtc_db_queryCached.inc.php
function xtDBquery($query)
{
if (DB_CACHE == 'true') {
$result = xtc_db_queryCached($query);
} else {
OL-Commerce Version 5.x/AJAX
http://www.ol-Commerce.com, http://www.seifenparadies.de
Copyright (c) 2004 OL-Commerce, 2006 Dipl.-Ing.(TH) Winfried Kaiser (w.kaiser@fortune.de, info@seifenparadies.de)
--------------------------------------------------------------
based on:
(c) 2000-2001 The Exchange Project (earlier name of osCommerce)
(c) 2002-2003 osCommerce(install_3.php,v 1.6 2002/08/15); www.oscommerce.com
(c) 2004 OL - Commerce; www.ol-Commerce.com
Released under the GNU General Public License
--------------------------------------------------------------*/
require 'includes/application.php';
if (xtc_in_array('database', $_POST['install'])) {
xtc_db_connect($_POST['DB_SERVER'], $_POST['DB_SERVER_USERNAME'], $_POST['DB_SERVER_PASSWORD']);
$db_error = false;
xtc_db_install($_POST['DB_DATABASE'], 'prefix_olcommerce.sql', $table_prefix);
if ($db_error) {
install_error($db_error);
} else {
if ($language == 'german') {
$lang_par = "'Deutsch','de'";
} else {
$lang_par = "'English','en'";
}
$sql = INSERT_INTO . $table_prefix . "languages VALUES (1," . $lang_par . ",'icon.gif','" . $language . "',1,'iso-8859-15')";
@xtc_db_query($sql);
$post_data .= '
<tr>
<td>
}
}
if (!function_exists('xtc_copy_uploaded_file')) {
function xtc_copy_uploaded_file($filename, $target)
{
if (substr($target, -1) != '/') {
$target .= '/';
}
$target .= $filename['name'];
move_uploaded_file($filename['tmp_name'], $target);
}
}
if (xtc_not_null($action)) {
switch ($action) {
case 'forget':
mysqli_query(xtc_db_connect(), "delete from " . TABLE_CONFIGURATION . " where configuration_key = 'DB_LAST_RESTORE'");
$messageStack->add_session(SUCCESS_LAST_RESTORE_CLEARED, 'success');
xtc_redirect(xtc_href_link(FILENAME_BACKUP));
break;
case 'download':
$extension = substr($_GET['file'], -3);
if ($extension == 'zip' || $extension == '.gz' || $extension == 'sql') {
if ($fp = fopen(DIR_FS_BACKUP . $_GET['file'], 'rb')) {
$buffer = fread($fp, filesize(DIR_FS_BACKUP . $_GET['file']));
fclose($fp);
header('Content-type: application/x-octet-stream');
header('Content-disposition: attachment; filename=' . $_GET['file']);
echo $buffer;
exit;
}
} else {
function xtc_sqlSafeString($param)
{
return NULL === $param ? "NULL" : '"' . mysqli_real_escape_string(xtc_db_connect(), $param) . '"';
}
/**
* debug::firephp_command()
*
* Usage: put following expression anywhere in the code:
* $log->firephp_command('vardump', $_SERVER);
* $log->firephp_command('trace');
* $log->firephp_command('sqltime', $sql_query);
* @access public
* @return void
*/
public function firephp_command($command, $variables = array())
{
$firephp = $this->GetFirePHP();
if (isset($firephp) && is_object($firephp)) {
//show all(!) php errors - firephp will grab them to console with $firephp->registerErrorHandler()
//error_reporting(E_ALL | E_STRICT); //set error_reporting() in application_top.php
//convert E_WARNING, E_NOTICE, E_USER_ERROR, E_USER_WARNING, E_USER_NOTICE and E_RECOVERABLE_ERROR errors
//to ErrorExceptions and send all Exceptions to Firebug automatically if desired
//only from the moment on, $log->firephp_command() is called
$firephp->registerErrorHandler($throwErrorExceptions = false);
$firephp->registerExceptionHandler();
$firephp->registerAssertionHandler($convertAssertionErrorsToExceptions = true, $throwAssertionExceptions = false);
switch ($command) {
case 'vardump':
try {
if (!is_array($variables)) {
$firephp->log('VAR_DUMP: => ' . $variables);
} else {
$firephp->dump('ARRAY_DUMP', $variables);
}
} catch (Exception $e) {
$firephp->error($e);
}
break;
case 'trace':
//$firephp->setObjectFilter('debug',array());
$firephp->trace('FB_BACKTRACE');
break;
case 'sqltime':
try {
if (mysqli_get_server_info(xtc_db_connect()) >= '5.0.37') {
//Mysql from Version 5.0.37 required for this feature
//Start mysql profiling before executing a query
xtc_db_query("SET profiling = 1");
}
//Measure the time PHP requires for the SQL-Query
$phptime_start = microtime(true);
//for ($i = 1; $i <= 100; $i++) { //uncomment for 100x SQL iterations
$sql_result = xtc_db_query($variables);
//} //uncomment for 100x SQL iterations
$phptime_end = microtime(true);
$phptime = round($phptime_end - $phptime_start, 8);
//round precision 10^-8
if (!empty($sql_result)) {
$firephp->group('MYSQLI_DUMP (' . mysqli_get_server_info(xtc_db_connect()) . ') => ' . $sql_result);
$firephp->info($variables, 'SQL-Query');
$firephp->info($phptime, 'SQL-Query Time (+PHP Overhead)');
//Display the measured time, SQL requires for the SQL-Query
if (mysqli_get_server_info(xtc_db_connect()) >= '5.0.37') {
$sql_profile = xtc_db_query("SHOW PROFILES");
//precision is 10^-8
while ($sql_time_row = xtc_db_fetch_array($sql_profile)) {
$firephp->info($sql_time_row['Duration'], 'SQL-Query Time (-PHP Overhead)');
//$firephp->info($sql_time);
}
//Show SQL ExPLAIN results (e.g. check for used index usage)
/*
$sql_explain = 'EXPLAIN '.$variables;
$sql_expl_result = xtc_db_query($sql_explain);
while($sql_explain_row = xtc_db_fetch_array($sql_expl_result)) {
$firephp->info($sql_explain_row,'SQL-EXPLAIN');
}
*/
}
//show actual SQL-Result (rows)
$line = 0;
while ($sql_row = xtc_db_fetch_array($sql_result)) {
$firephp->info($sql_row, 'Result #' . ++$line);
}
$firephp->groupEnd();
} else {
throw new Exception('SQL-Error (no result)');
}
} catch (Exception $e) {
$firephp->error($e);
}
break;
}
// end switch
}
//end isset
}
Customers Status v3.x (c) 2002-2003 Copyright Elari elari@free.fr
Released under the GNU General Public License
--------------------------------------------------------------*/
require 'includes/application_top.php';
// --- bof -- ipdfbill --------
require_once 'includes/ipdfbill/classes/pdfbill.php';
// pdfbill
require_once 'includes/ipdfbill/pdfbill_lib.php';
// --- eof -- ipdfbill --------
require_once DIR_FS_CATALOG . DIR_WS_CLASSES . 'class.phpmailer.php';
require_once DIR_FS_INC . 'xtc_php_mail.inc.php';
require_once DIR_FS_INC . 'xtc_add_tax.inc.php';
require_once DIR_FS_INC . 'xtc_validate_vatid_status.inc.php';
require_once DIR_FS_INC . 'xtc_get_attributes_model.inc.php';
$connection = xtc_db_connect();
//split page results
if (!defined('MAX_DISPLAY_ORDER_RESULTS')) {
define('MAX_DISPLAY_ORDER_RESULTS', 30);
}
//New function
function get_payment_name($payment_method, $order_id = '')
{
if (file_exists(DIR_FS_CATALOG . 'lang/' . $_SESSION['language'] . '/modules/payment/' . $payment_method . '.php')) {
include DIR_FS_CATALOG . 'lang/' . $_SESSION['language'] . '/modules/payment/' . $payment_method . '.php';
$text = '';
if ($payment_method == 'paypalplus' && (int) $order_id > 0) {
require_once DIR_FS_EXTERNAL . 'paypal/classes/PayPalInfo.php';
$paypal = new PayPalInfo($payment_method);
$payment_array = $paypal->get_payment_data($order_id);
if (count($payment_array) > 0 && $payment_array['payment_method'] == 'pay_upon_invoice') {
/**
* Update orderstatuses in the database
*
* @param int $customer The order status id to show the customer
* @param int $admin The order status id to show in the administration page
*
* @return void
*/
public function updateOrderDatabase($customer, $admin)
{
global $insert_id;
$orderid = mysqli_real_escape_string(xtc_db_connect(), $insert_id);
$refno = mysqli_real_escape_string(xtc_db_connect(), $_SESSION['klarna_refno']);
$sql_data_arr = array('orders_id' => $orderid, 'orders_status_id' => $customer, 'comments' => "Accepted by Klarna. Reference #: {$refno}", 'customer_notified' => 1, 'date_added' => date("Y-m-d H:i:s"));
xtc_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_arr);
$has_ordernum_table = xtc_db_fetch_array(xtc_db_query("SELECT COUNT(*) " . "FROM information_schema.tables " . "WHERE table_schema = '" . DB_DATABASE . "' " . "AND table_name = 'klarna_ordernum';"));
$has_ordernum_table = $has_ordernum_table['COUNT(*)'];
if ($has_ordernum_table > 0) {
xtc_db_query("INSERT INTO `klarna_ordernum` (orders_id, klarna_ref) " . "VALUES ({$orderid}, {$refno})");
}
// Set pending status and hide it from customer.
$status = $_SESSION['klarna_orderstatus'];
if (isset($status)) {
$orderStatusQuery = $this->_klarnaDB->query("SELECT orders_status_id FROM " . TABLE_ORDERS_STATUS . " WHERE orders_status_name = '{$status}'");
$orderStatusID = $orderStatusQuery->getArray();
$sql_data_arr = array('orders_id' => $orderid, 'orders_status_id' => $orderStatusID['orders_status_id'], 'comments' => "Klarna Orderstatus: {$status}", 'customer_notified' => 0, 'date_added' => date("Y-m-d H:i:s"));
xtc_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_arr);
xtc_db_query("UPDATE " . TABLE_ORDERS . " SET orders_status='" . $orderStatusID['orders_status_id'] . "' WHERE orders_id='" . $orderid . "'");
}
try {
$this->_klarna->setEstoreInfo(KiTT_String::encode($orderid));
$this->_klarna->update($_SESSION['klarna_refno']);
} catch (Exception $e) {
Klarna::printDebug(__METHOD__, "{$e->getMessage()} #({$e->getCode()})");
}
//Delete Session with user details
unset($_SESSION['klarna_data']);
unset($_SESSION['klarna_refno']);
unset($_SESSION['klarna_orderstatus']);
}
}
if ($install_step <= 6) {
$post_data .= '<tr><td>' . xtc_draw_hidden_field_installer($install_action_text, $process_text) . '</td></tr>';
require_once DIR_FS_INC . 'xtc_rand.inc.php';
require_once DIR_FS_INC . 'xtc_encrypt_password.inc.php';
require_once DIR_FS_INC . 'xtc_validate_email.inc.php';
require_once DIR_FS_INC . 'xtc_get_countries.inc.php';
require_once DIR_FS_INC . 'xtc_draw_pull_down_menu.inc.php';
require_once DIR_FS_INC . 'xtc_draw_input_field_installer.inc.php';
require_once DIR_FS_INC . 'xtc_get_country_list.inc.php';
define($db_server_text, $_POST[$db_server_text]);
define($db_username_text, $_POST[$db_username_text]);
define($db_password_text, $_POST[$db_password_text]);
// connect do database
$db_error = false;
xtc_db_connect();
if (!$db_error) {
xtc_db_test_connection(DB_DATABASE);
}
// get configuration data
$configuration_query = xtc_db_query('select configuration_key as cfgKey, configuration_value as cfgValue from ' . TABLE_CONFIGURATION);
while ($configuration = xtc_db_fetch_array($configuration_query)) {
define($configuration['cfgKey'], $configuration['cfgValue']);
}
}
}
}
$is_last_step = $install_step == 7;
$show_all = $install_step == 4 || $is_last_step;
$navigation_step = array();
for ($i = 0; $i <= $install_step; $i++) {
/**
* escapes the given string via mysqlX_real_esacpe_string (if function exists & a db-connection is available) or mysqlX_escape_string
* @param string $string
* @return string $string
*/
function escapeSql($string)
{
$connection = xtc_db_connect();
if (function_exists('mysqli_real_escape_string') && mysqli_ping($connection)) {
return mysqli_real_escape_string($connection, $string);
} else {
return mysqli_real_escape_string($connection, $string);
}
}
}
// Close the handle
@fclose($fh);
@chmod($f, 0444);
// Check all the data was written
if ($bytes != $length) {
$errormsg = sprintf('file_put_contents() Only %d of %d bytes written, possibly out of free disk space.', $bytes, $length);
user_error($errormsg, E_USER_WARNING);
return false;
}
// Return length
return $bytes;
}
}
// connect do database
xtc_db_connect() or die('Kann keine Verbindung zur Datenbank erhalten!');
$db_error = false;
$sql_file = DIR_FS_CATALOG . 'xtc_installer/livehelp.sql.php';
xtc_db_install(DB_DATABASE, $sql_file, EMPTY_STRING);
if ($db_error) {
$text = 'nicht ';
} else {
$dir = "../livehelp/";
$link = HTML_BR . HTML_BR . HTML_A_START . $dir . 'livehelp.php">Live Help starten</a>';
$text = $dir . "setup.php";
if (file_exists($text)) {
srand(microtime() * 1000000);
$pos = strrpos($text, DOT);
$file_neu = substr($text, 0, $pos) . UNDERSCORE . rand(1, 1000000) . substr($text, $pos);
@unlink($file_neu);
@rename($text, $file_neu);