require DIR_WS_CLASSES . 'currencies.php'; $currencies = new currencies(); switch ($_GET['action']) { case 'insert': case 'save': $error = array(); $campaigns_id = xtc_db_prepare_input($_GET['cID']); $campaigns_name = xtc_db_prepare_input($_POST['campaigns_name']); $campaigns_refID = xtc_db_prepare_input($_POST['campaigns_refID']); $sql_data_array = array('campaigns_name' => $campaigns_name, 'campaigns_refID' => $campaigns_refID); $url_action = 'new'; if ($_GET['action'] == 'insert') { $check_if_name_exist = xtc_db_find_database_field(TABLE_CAMPAIGNS, 'campaigns_name', $campaigns_name, 'campaigns_name'); } elseif ($_GET['action'] == 'save') { $url_action = 'edit'; $check_if_name_exist = xtc_db_find_database_field(TABLE_CAMPAIGNS, 'campaigns_name', $campaigns_name); } if (!$campaigns_name || $check_if_name_exist) { if ($_GET['action'] == 'save') { if ($check_if_name_exist['campaigns_id'] != $campaigns_id) { $error[] = ERROR_TEXT_NAME; } } else { $error[] = ERROR_TEXT_NAME; } } if (empty($error)) { if ($_GET['action'] == 'insert') { $insert_sql_data = array('date_added' => 'now()'); $sql_data_array = xtc_array_merge($sql_data_array, $insert_sql_data); xtc_db_perform(TABLE_CAMPAIGNS, $sql_data_array);
if (empty($error)) { xtc_db_query("insert into " . TABLE_GEO_ZONES . " (geo_zone_name, geo_zone_description, date_added) values ('" . xtc_db_input($geo_zone_name) . "', '" . xtc_db_input($geo_zone_description) . "', now())"); $new_zone_id = xtc_db_insert_id(); xtc_redirect(xtc_href_link(FILENAME_GEO_ZONES, 'zpage=' . $_GET['zpage'] . '&zID=' . $new_zone_id)); } else { $_SESSION['repopulate_form'] = $_REQUEST; $_SESSION['errors'] = $error; xtc_redirect(xtc_href_link(FILENAME_GEO_ZONES, 'page=' . $_GET['page'] . '&action=new_zone&errors=1')); } break; case 'save_zone': $error = array(); $zID = xtc_db_prepare_input($_GET['zID']); $geo_zone_name = xtc_db_prepare_input($_POST['geo_zone_name']); $geo_zone_description = xtc_db_prepare_input($_POST['geo_zone_description']); $check_if_name_exist = xtc_db_find_database_field(TABLE_GEO_ZONES, 'geo_zone_name', $geo_zone_name); if (!$geo_zone_name || $check_if_name_exist) { if ($check_if_name_exist['geo_zone_id'] != $zID) { $error[] = ERROR_TEXT_NAME; } } if (empty($error)) { xtc_db_query("update " . TABLE_GEO_ZONES . " set geo_zone_name = '" . xtc_db_input($geo_zone_name) . "', geo_zone_description = '" . xtc_db_input($geo_zone_description) . "', last_modified = now() where geo_zone_id = '" . xtc_db_input($zID) . "'"); xtc_redirect(xtc_href_link(FILENAME_GEO_ZONES, 'zpage=' . $_GET['zpage'] . '&zID=' . $_GET['zID'])); } else { $_SESSION['repopulate_form'] = $_REQUEST; $_SESSION['errors'] = $error; xtc_redirect(xtc_href_link(FILENAME_GEO_ZONES, 'page=' . $_GET['page'] . '&action=edit_zone&errors=1' . '&zID=' . $zID)); } break; case 'deleteconfirm_zone':
xtc_redirect(xtc_href_link(FILENAME_ZONES, 'page=' . $_GET['page'] . '&action=new&errors=1')); } break; case 'save': $error = array(); $zone_id = xtc_db_prepare_input($_GET['cID']); $zone_country_id = xtc_db_prepare_input($_POST['zone_country_id']); $zone_code = xtc_db_prepare_input($_POST['zone_code']); $zone_name = xtc_db_prepare_input($_POST['zone_name']); $check_if_name_exist = xtc_db_find_by_multiple(TABLE_ZONES, array(array('column' => 'zone_name', 'value' => $zone_name), array('column' => 'zone_country_id', 'value' => $zone_country_id)), 'zone_id, zone_name'); if (!$zone_name || $check_if_name_exist) { if ($check_if_name_exist['zone_id'] != $zone_id) { $error[] = ERROR_TEXT_NAME; } } $check_if_code_exist = xtc_db_find_database_field(TABLE_ZONES, 'zone_code', $zone_code); if (!$zone_code || $check_if_code_exist) { if ($check_if_code_exist['zone_id'] != $zone_id) { $error[] = ERROR_TEXT_CODE; } } if (empty($error)) { xtc_db_query("update " . TABLE_ZONES . " set zone_country_id = '" . xtc_db_input($zone_country_id) . "', zone_code = '" . xtc_db_input($zone_code) . "', zone_name = '" . xtc_db_input($zone_name) . "' where zone_id = '" . xtc_db_input($zone_id) . "'"); xtc_redirect(xtc_href_link(FILENAME_ZONES, 'page=' . $_GET['page'] . '&cID=' . $zone_id)); } else { $_SESSION['repopulate_form'] = $_REQUEST; $_SESSION['errors'] = $error; xtc_redirect(xtc_href_link(FILENAME_ZONES, 'page=' . $_GET['page'] . '&action=edit&errors=1&cID=' . $zone_id)); } break; case 'deleteconfirm':
} $customers_status = xtc_get_customers_statuses(); $rzp = ''; for ($i = 0, $n = sizeof($customers_status); $i < $n; $i++) { if (xtc_db_prepare_input($_POST['status'][$i]) == 'yes') { if ($rzp != '') { $rzp .= ','; } $rzp .= $customers_status[$i]['id']; } } if (xtc_db_prepare_input($_POST['status_all']) == 'yes') { $rzp .= ',all'; } $title = xtc_db_prepare_input($_POST['title']); $check_if_title_exist = xtc_db_find_database_field(TABLE_MODULE_NEWSLETTER, 'title', $title); $url_action = 'new'; if (!$title || $check_if_title_exist) { if ($id != '') { if ($id != $check_if_title_exist['newsletter_id']) { $url_action = 'edit'; $error[] = ERROR_TEXT_TITLE; } } else { $error[] = ERROR_TEXT_TITLE; } } #$error=false; // reset error flag if (empty($error)) { $sql_data_array = array('title' => $title, 'status' => '0', 'bc' => $rzp, 'cc' => xtc_db_prepare_input($_POST['cc']), 'date' => 'now()', 'body' => xtc_db_prepare_input($_POST['newsletter_body'])); if ($id != '') {
$name = xtc_db_prepare_input($_POST['name']); $code = xtc_db_prepare_input($_POST['code']); $image = xtc_db_prepare_input($_POST['image']); $directory = xtc_db_prepare_input($_POST['directory']); // BOF - Tomcraft - 2009-11-08 - Added option to deactivate languages $status = xtc_db_prepare_input($_POST['status']); // EOF - Tomcraft - 2009-11-08 - Added option to deactivate languages $sort_order = xtc_db_prepare_input($_POST['sort_order']); $charset = xtc_db_prepare_input($_POST['charset']); $check_if_name_exist = xtc_db_find_database_field(TABLE_LANGUAGES, 'name', $name); if (!$name || $check_if_name_exist) { if ($check_if_name_exist['languages_id'] != $lID) { $error[] = ERROR_TEXT_NAME; } } $check_if_code_exist = xtc_db_find_database_field(TABLE_LANGUAGES, 'code', $code); if (!$code || $check_if_code_exist) { if ($check_if_code_exist['languages_id'] != $lID) { $error[] = ERROR_TEXT_CODE; } } if (empty($error)) { // BOF - Tomcraft - 2009-11-08 - Added option to deactivate languages //xtc_db_query("update " . TABLE_LANGUAGES . " set name = '" . xtc_db_input($name) . "', code = '" . xtc_db_input($code) . "', image = '" . xtc_db_input($image) . "', directory = '" . xtc_db_input($directory) . "', sort_order = '" . xtc_db_input($sort_order) . "', language_charset = '" . xtc_db_input($charset) . "' where languages_id = '" . xtc_db_input($lID) . "'"); xtc_db_query("update " . TABLE_LANGUAGES . " set name = '" . xtc_db_input($name) . "', code = '" . xtc_db_input($code) . "', image = '" . xtc_db_input($image) . "', directory = '" . xtc_db_input($directory) . "', status = '" . xtc_db_input($status) . "', sort_order = '" . xtc_db_input($sort_order) . "', language_charset = '" . xtc_db_input($charset) . "' where languages_id = '" . xtc_db_input($lID) . "'"); // EOF - Tomcraft - 2009-11-08 - Added option to deactivate languages if ($_POST['default'] == 'on') { xtc_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . xtc_db_input($code) . "' where configuration_key = 'DEFAULT_LANGUAGE'"); } xtc_redirect(xtc_href_link(FILENAME_LANGUAGES, 'page=' . $_GET['page'] . '&lID=' . $_GET['lID'])); } else {
} else { $_SESSION['repopulate_form'] = $_REQUEST; $_SESSION['errors'] = $error; xtc_redirect(xtc_href_link(FILENAME_COUNTRIES, 'page=' . $_GET['page'] . '&action=new&errors=1')); } break; case 'save': $error = array(); $countries_id = xtc_db_prepare_input($_GET['cID']); $countries_name = xtc_db_prepare_input($_POST['countries_name']); $countries_iso_code_2 = xtc_db_prepare_input($_POST['countries_iso_code_2']); $countries_iso_code_3 = xtc_db_prepare_input($_POST['countries_iso_code_3']); $address_format_id = xtc_db_prepare_input($_POST['address_format_id']); $check_if_name_exist = xtc_db_find_database_field(TABLE_COUNTRIES, 'countries_name', $countries_name); $check_if_iso2_exist = xtc_db_find_database_field(TABLE_COUNTRIES, 'countries_iso_code_2', $countries_iso_code_2); $check_if_iso3_exist = xtc_db_find_database_field(TABLE_COUNTRIES, 'countries_iso_code_3', $countries_iso_code_3); if (!$countries_name || $check_if_name_exist) { if ($check_if_name_exist['countries_id'] != $countries_id) { $error[] = ERROR_TEXT_NAME; } } if (!$countries_iso_code_2 || $check_if_iso2_exist) { if ($check_if_iso2_exist['countries_id'] != $countries_id) { $error[] = ERROR_TEXT_ISO2; } } if (strlen($countries_iso_code_2) != 2) { $error[] = ERROR_TEXT_LENGTH_ISO2; } if (!$countries_iso_code_3 || $check_if_iso3_exist) { if ($check_if_iso3_exist['countries_id'] != $countries_id) {
$manufacturers = xtc_db_fetch_array($manufacturers_query); return $manufacturers['manufacturers_short_description']; } switch ($_GET['action']) { case 'insert': case 'save': $error = array(); $manufacturers_id = xtc_db_prepare_input($_GET['mID']); $manufacturers_name = xtc_db_prepare_input($_POST['manufacturers_name']); $sql_data_array = array('manufacturers_name' => $manufacturers_name); $url_action = 'new'; if ($_GET['action'] == 'insert') { $check_if_name_exist = xtc_db_find_database_field(TABLE_MANUFACTURERS, 'manufacturers_name', $manufacturers_name, 'manufacturers_name'); } elseif ($_GET['action'] == 'save') { $url_action = 'edit'; $check_if_name_exist = xtc_db_find_database_field(TABLE_MANUFACTURERS, 'manufacturers_name', $manufacturers_name); } if (!$manufacturers_name || $check_if_name_exist) { if ($_GET['action'] == 'save') { if ($check_if_name_exist['manufacturers_id'] != $manufacturers_id) { $error[] = ERROR_TEXT_NAME; } } else { $error[] = ERROR_TEXT_NAME; } } if (empty($error)) { if ($_GET['action'] == 'insert') { $insert_sql_data = array('date_added' => 'now()'); $sql_data_array = xtc_array_merge($sql_data_array, $insert_sql_data); xtc_db_perform(TABLE_MANUFACTURERS, $sql_data_array);
require 'includes/application_top.php'; switch ($_GET['action']) { case 'insert': case 'save': $error = array(); $wholesaler_id = xtc_db_prepare_input($_GET['wID']); $wholesaler_name = xtc_db_prepare_input($_POST['wholesaler_name']); $wholesaler_email = xtc_db_prepare_input($_POST['wholesaler_email']); $wholesaler_file = xtc_db_prepare_input($_POST['wholesaler_email_template']); $sql_data_array = array('wholesaler_name' => $wholesaler_name, 'wholesaler_email' => $wholesaler_email, 'wholesaler_email_template' => $wholesaler_file); $url_action = 'new'; if ($_GET['action'] == 'insert') { $check_if_name_exist = xtc_db_find_database_field(TABLE_WHOLESALERS, 'wholesaler_name', $wholesaler_name, 'wholesaler_name'); } elseif ($_GET['action'] == 'save') { $url_action = 'edit'; $check_if_name_exist = xtc_db_find_database_field(TABLE_WHOLESALERS, 'wholesaler_name', $wholesaler_name); } if (!$wholesaler_name || $check_if_name_exist) { if ($_GET['action'] == 'save') { if ($check_if_name_exist['wholesaler_id'] != $wholesaler_id) { $error[] = ERROR_TEXT_NAME; } } else { $error[] = ERROR_TEXT_NAME; } } if (!$wholesaler_email) { $error[] = ERROR_TEXT_EMAIL; } elseif (!xtc_validate_email($wholesaler_email)) { $error[] = ERROR_TEXT_EMAIL_INVALID; }
$error = array(); $imagesliders_id = xtc_db_prepare_input($_GET['iID']); $imagesliders_name = xtc_db_prepare_input($_POST['imagesliders_name']); // BOF - Fishnet Services - Nicolas Gemsjaeger // Erweiterung: Categories $imagesliders_categories = xtc_db_prepare_input($_POST['imagesliders_categories']); // EOF - Fishnet Services - Nicolas Gemsjaeger $imagesliders_status = xtc_db_prepare_input($_POST['imagesliders_status']); $imagesliders_sorting = xtc_db_prepare_input($_POST['imagesliders_sorting']); $sql_data_array = array('imagesliders_name' => $imagesliders_name, 'imagesliders_categories' => !empty($imagesliders_categories) ? $imagesliders_categories : "0", 'status' => $imagesliders_status, 'sorting' => $imagesliders_sorting); $url_action = 'new'; if ($_GET['action'] == 'insert') { $check_if_name_exist = xtc_db_find_database_field(TABLE_IMAGESLIDERS, 'imagesliders_name', $imagesliders_name, 'imagesliders_name'); } elseif ($_GET['action'] == 'save') { $url_action = 'edit'; $check_if_name_exist = xtc_db_find_database_field(TABLE_IMAGESLIDERS, 'imagesliders_name', $imagesliders_name); } if (!$imagesliders_name || $check_if_name_exist) { if ($_GET['action'] == 'save') { if ($check_if_name_exist['imagesliders_id'] != $imagesliders_id) { $error[] = ERROR_TEXT_NAME; } } else { $error[] = ERROR_TEXT_NAME; } } if (empty($error)) { if ($_GET['action'] == 'insert') { $insert_sql_data = array('date_added' => 'now()'); $sql_data_array = xtc_array_merge($sql_data_array, $insert_sql_data); xtc_db_perform(TABLE_IMAGESLIDERS, $sql_data_array);