case 'insert':
case 'update':
if (isset($_POST['banners_id'])) {
$banners_id = zen_db_prepare_input($_POST['banners_id']);
}
$banners_title = zen_db_prepare_input($_POST['banners_title']);
$banners_url = zen_db_prepare_input($_POST['banners_url']);
$new_banners_group = zen_db_prepare_input($_POST['new_banners_group']);
$banners_group = empty($new_banners_group) ? zen_db_prepare_input($_POST['banners_group']) : $new_banners_group;
$banners_html_text = zen_db_prepare_input($_POST['banners_html_text']);
$banners_image_local = zen_db_prepare_input($_POST['banners_image_local']);
$banners_image_target = zen_db_prepare_input($_POST['banners_image_target']);
$db_image_location = '';
$expires_date = zen_db_prepare_input($_POST['expires_date']) == '' ? 'null' : zen_date_raw($_POST['expires_date']);
$expires_impressions = zen_db_prepare_input($_POST['expires_impressions']);
$date_scheduled = zen_db_prepare_input($_POST['date_scheduled']) == '' ? 'null' : zen_date_raw($_POST['date_scheduled']);
$status = zen_db_prepare_input($_POST['status']);
$banners_open_new_windows = zen_db_prepare_input($_POST['banners_open_new_windows']);
$banners_on_ssl = zen_db_prepare_input($_POST['banners_on_ssl']);
$banners_sort_order = zen_db_prepare_input($_POST['banners_sort_order']);
$banner_error = false;
if (empty($banners_title)) {
$messageStack->add(ERROR_BANNER_TITLE_REQUIRED, 'error');
$banner_error = true;
}
if (empty($banners_group)) {
$messageStack->add(ERROR_BANNER_GROUP_REQUIRED, 'error');
$banner_error = true;
}
if (empty($banners_html_text)) {
if (empty($banners_image_local)) {
$sql_data_array = array(array('fieldName' => 'customers_firstname', 'value' => $firstname, 'type' => 'string'), array('fieldName' => 'customers_lastname', 'value' => $lastname, 'type' => 'string'), array('fieldName' => 'customers_firstname_kana', 'value' => $firstname_kana, 'type' => 'string'), array('fieldName' => 'customers_lastname_kana', 'value' => $lastname_kana, 'type' => 'string'), array('fieldName' => 'customers_email_address', 'value' => $email_address, 'type' => 'string'), array('fieldName' => 'customers_telephone', 'value' => $telephone, 'type' => 'string'), array('fieldName' => 'customers_fax', 'value' => $fax, 'type' => 'string'), array('fieldName' => 'customers_email_format', 'value' => $email_format, 'type' => 'string'));
} else {
$sql_data_array = array(array('fieldName' => 'customers_firstname', 'value' => $firstname, 'type' => 'string'), array('fieldName' => 'customers_lastname', 'value' => $lastname, 'type' => 'string'), array('fieldName' => 'customers_email_address', 'value' => $email_address, 'type' => 'string'), array('fieldName' => 'customers_telephone', 'value' => $telephone, 'type' => 'string'), array('fieldName' => 'customers_fax', 'value' => $fax, 'type' => 'string'), array('fieldName' => 'customers_email_format', 'value' => $email_format, 'type' => 'string'));
}
// <-furikana
if (CUSTOMERS_REFERRAL_STATUS == '2' and $customers_referral != '') {
$sql_data_array[] = array('fieldName' => 'customers_referral', 'value' => $customers_referral, 'type' => 'string');
}
if (ACCOUNT_GENDER == 'true') {
$sql_data_array[] = array('fieldName' => 'customers_gender', 'value' => $gender, 'type' => 'string');
}
if (ACCOUNT_DOB == 'true') {
if ($dob == '0001-01-01 00:00:00' or $_POST['dob'] == '') {
$sql_data_array[] = array('fieldName' => 'customers_dob', 'value' => '0001-01-01 00:00:00', 'type' => 'date');
} else {
$sql_data_array[] = array('fieldName' => 'customers_dob', 'value' => zen_date_raw($_POST['dob']), 'type' => 'date');
}
}
$where_clause = "customers_id = :customersID";
$where_clause = $db->bindVars($where_clause, ':customersID', $_SESSION['customer_id'], 'integer');
$db->perform(TABLE_CUSTOMERS, $sql_data_array, 'update', $where_clause);
$sql = "UPDATE " . TABLE_CUSTOMERS_INFO . "\r\n SET customers_info_date_account_last_modified = now()\r\n WHERE customers_info_id = :customersID";
$sql = $db->bindVars($sql, ':customersID', $_SESSION['customer_id'], 'integer');
$db->Execute($sql);
$where_clause = "customers_id = :customersID AND address_book_id = :customerDefaultAddressID";
$where_clause = $db->bindVars($where_clause, ':customersID', $_SESSION['customer_id'], 'integer');
$where_clause = $db->bindVars($where_clause, ':customerDefaultAddressID', $_SESSION['customer_default_address_id'], 'integer');
// ->furikana
if (FURIKANA_NESESSARY) {
$sql_data_array = array(array('fieldName' => 'entry_firstname', 'value' => $firstname, 'type' => 'string'), array('fieldName' => 'entry_lastname', 'value' => $lastname, 'type' => 'string'), array('fieldName' => 'entry_firstname_kana', 'value' => $firstname_kana, 'type' => 'string'), array('fieldName' => 'entry_lastname_kana', 'value' => $lastname_kana, 'type' => 'string'));
} else {
$error = true;
$messageStack->add('create_account', ENTRY_PASSWORD_ERROR_NOT_MATCHING);
}
if ($error == true) {
// hook notifier class
$zco_notifier->notify('NOTIFY_FAILURE_DURING_CREATE_ACCOUNT');
} else {
$sql_data_array = array('customers_firstname' => $firstname, 'customers_lastname' => $lastname, 'customers_email_address' => $email_address, 'customers_nick' => $nick, 'customers_telephone' => $telephone, 'customers_fax' => $fax, 'customers_newsletter' => (int) $newsletter, 'customers_email_format' => $email_format, 'customers_default_address_id' => 0, 'customers_password' => zen_encrypt_password($password), 'customers_authorization' => (int) CUSTOMERS_APPROVAL_AUTHORIZATION);
if (CUSTOMERS_REFERRAL_STATUS == '2' and $customers_referral != '') {
$sql_data_array['customers_referral'] = $customers_referral;
}
if (ACCOUNT_GENDER == 'true') {
$sql_data_array['customers_gender'] = $gender;
}
if (ACCOUNT_DOB == 'true') {
$sql_data_array['customers_dob'] = empty($_POST['dob']) || $dob_entered == '0001-01-01 00:00:00' ? zen_db_prepare_input('0001-01-01 00:00:00') : zen_date_raw($_POST['dob']);
}
zen_db_perform(TABLE_CUSTOMERS, $sql_data_array);
$_SESSION['customer_id'] = $db->Insert_ID();
$zco_notifier->notify('NOTIFY_MODULE_CREATE_ACCOUNT_ADDED_CUSTOMER_RECORD', array_merge(array('customer_id' => $_SESSION['customer_id']), $sql_data_array));
$sql_data_array = array('customers_id' => $_SESSION['customer_id'], 'entry_firstname' => $firstname, 'entry_lastname' => $lastname, 'entry_street_address' => $street_address, 'entry_postcode' => $postcode, 'entry_city' => $city, 'entry_country_id' => $country);
if (ACCOUNT_GENDER == 'true') {
$sql_data_array['entry_gender'] = $gender;
}
if (ACCOUNT_COMPANY == 'true') {
$sql_data_array['entry_company'] = $company;
}
if (ACCOUNT_SUBURB == 'true') {
$sql_data_array['entry_suburb'] = $suburb;
}
if (ACCOUNT_STATE == 'true') {
//////////////////////////////////////////////////////////////////////////
// DESCRIPTION: Report that displays all income for the given date //
// range. Report results come solely from the Super Orders payment //
// system. //
//////////////////////////////////////////////////////////////////////////
// $Id: super_batch_forms.php v 2010-10-24 $
*/
require 'includes/application_top.php';
$target = isset($_GET['target']) ? $_GET['target'] : false;
$is_for_display = $_GET['print_format'] == 1 ? false : true;
if ($target) {
require DIR_WS_CLASSES . 'currencies.php';
$currencies = new currencies();
require DIR_WS_CLASSES . 'super_order.php';
$sd = zen_date_raw(!isset($_GET['start_date']) ? date("m-d-Y", time()) : $_GET['start_date']);
$ed = zen_date_raw(!isset($_GET['end_date']) ? date("m-d-Y", time()) : $_GET['end_date']);
}
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php
echo HTML_PARAMS;
?>
>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php
echo CHARSET;
?>
">
<title><?php
echo TITLE;
?>
}
if (isset($_GET['alpha_filter_id']) && (int) $_GET['alpha_filter_id'] > 0) {
$alpha_sort = " and (pd.products_name LIKE '" . chr((int) $_GET['alpha_filter_id']) . "%') ";
$where_str .= $alpha_sort;
} else {
$alpha_sort = '';
$where_str .= $alpha_sort;
}
//die('I SEE ' . $where_str);
if (isset($_GET['dfrom']) && zen_not_null($_GET['dfrom']) && $_GET['dfrom'] != DOB_FORMAT_STRING) {
$where_str .= " AND p.products_date_added >= :dateAdded";
$where_str = $db->bindVars($where_str, ':dateAdded', zen_date_raw($dfrom), 'date');
}
if (isset($_GET['dto']) && zen_not_null($_GET['dto']) && $_GET['dto'] != DOB_FORMAT_STRING) {
$where_str .= " and p.products_date_added <= :dateAdded";
$where_str = $db->bindVars($where_str, ':dateAdded', zen_date_raw($dto), 'date');
}
$rate = $currencies->get_value($_SESSION['currency']);
if ($rate) {
$pfrom = $_GET['pfrom'] / $rate;
$pto = $_GET['pto'] / $rate;
}
if (DISPLAY_PRICE_WITH_TAX == 'true') {
if ($pfrom) {
$where_str .= " AND (p.products_price_sorter * IF(gz.geo_zone_id IS null, 1, 1 + (tr.tax_rate / 100)) >= :price)";
$where_str = $db->bindVars($where_str, ':price', $pfrom, 'float');
}
if ($pto) {
$where_str .= " AND (p.products_price_sorter * IF(gz.geo_zone_id IS null, 1, 1 + (tr.tax_rate / 100)) <= :price)";
$where_str = $db->bindVars($where_str, ':price', $pto, 'float');
}
}
}
if ($skip_special == false) {
$sql = "select specials_id from " . TABLE_SPECIALS . " where products_id='" . (int) $_POST['pre_add_products_id'] . "'";
$check_special = $db->Execute($sql);
if ($check_special->RecordCount() > 0) {
$skip_special = true;
$messageStack->add_session(WARNING_SPECIALS_PRE_ADD_DUPLICATE, 'caution');
}
}
if ($skip_special == true) {
zen_redirect(zen_href_link(FILENAME_SPECIALS, isset($_GET['page']) && $_GET['page'] > 0 ? 'page=' . $_GET['page'] : ''));
}
// add empty special
$specials_date_available = zen_db_prepare_input($_POST['start']) == '' ? '0001-01-01' : zen_date_raw($_POST['start']);
$expires_date = zen_db_prepare_input($_POST['end']) == '' ? '0001-01-01' : zen_date_raw($_POST['end']);
$products_id = zen_db_prepare_input($_POST['pre_add_products_id']);
$db->Execute("insert into " . TABLE_SPECIALS . "\n (products_id, specials_new_products_price, specials_date_added, expires_date, status, specials_date_available)\n values ('" . (int) $products_id . "',\n '" . zen_db_input($specials_price) . "',\n now(),\n '" . zen_db_input($expires_date) . "', '0', '" . zen_db_input($specials_date_available) . "')");
$new_special = $db->Execute("select specials_id from " . TABLE_SPECIALS . " where products_id='" . (int) $products_id . "'");
$messageStack->add_session(SUCCESS_SPECIALS_PRE_ADD, 'success');
zen_redirect(zen_href_link(FILENAME_SPECIALS, 'action=edit' . '&sID=' . $new_special->fields['specials_id']));
break;
}
}
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php
echo HTML_PARAMS;
?>
>
<head>
function get_search_query($select_str, $add_where = "", $force_price_with_tax = false)
{
global $db, $currencies;
$price_with_tax = false;
if ($force_price_with_tax) {
$price_with_tax = true;
} else {
if (DISPLAY_PRICE_WITH_TAX == 'true' && (isset($this->search_params['price_from']) && $this->search_params['price_from'] !== '' || isset($this->search_params['price_to']) && $this->search_params['price_to'] !== '')) {
$price_with_tax = true;
}
}
/*
from
*/
$from_str = " FROM (" . TABLE_PRODUCTS . " p\n LEFT JOIN " . TABLE_MANUFACTURERS . " m\n USING(manufacturers_id), " . TABLE_PRODUCTS_DESCRIPTION . " pd, " . TABLE_CATEGORIES . " c, " . TABLE_PRODUCTS_TO_CATEGORIES . " p2c\n LEFT JOIN " . TABLE_META_TAGS_PRODUCTS_DESCRIPTION . " mtpd\n ON mtpd.products_id= p2c.products_id\n AND mtpd.language_id = :languagesID )";
$from_str = $db->bindVars($from_str, ':languagesID', $_SESSION['languages_id'], 'integer');
if (MODULE_PRODUCTS_WITH_ATTRIBUTES_STOCK_STATUS == 'true') {
$from_str .= " LEFT JOIN " . TABLE_PRODUCTS_WITH_ATTRIBUTES_STOCK . " AS pwas\n ON p.products_id = pwas.products_id";
}
if ($price_with_tax) {
if (!$_SESSION['customer_country_id']) {
$_SESSION['customer_country_id'] = STORE_COUNTRY;
$_SESSION['customer_zone_id'] = STORE_ZONE;
}
$from_str .= " LEFT JOIN " . TABLE_TAX_RATES . " tr\n ON p.products_tax_class_id = tr.tax_class_id\n LEFT JOIN " . TABLE_ZONES_TO_GEO_ZONES . " gz\n ON tr.tax_zone_id = gz.geo_zone_id\n AND (gz.zone_country_id IS null OR gz.zone_country_id = 0 OR gz.zone_country_id = :zoneCountryID)\n AND (gz.zone_id IS null OR gz.zone_id = 0 OR gz.zone_id = :zoneID)";
$from_str = $db->bindVars($from_str, ':zoneCountryID', $_SESSION['customer_country_id'], 'integer');
$from_str = $db->bindVars($from_str, ':zoneID', $_SESSION['customer_zone_id'], 'integer');
}
if ($this->search_params['featured']) {
$from_str .= " INNER JOIN " . TABLE_FEATURED . " f\n ON p.products_id = f.products_id\n AND f.status = 1";
}
if ($this->search_params['specials']) {
$from_str .= " INNER JOIN " . TABLE_SPECIALS . " sp\n ON p.products_id = sp.products_id\n AND sp.status = 1";
}
/*
where
*/
$where_str = " WHERE p.products_status = 1\n AND p.products_id = pd.products_id\n AND pd.language_id = :languagesID\n AND p.products_id = p2c.products_id\n AND p2c.categories_id = c.categories_id ";
$where_str = $db->bindVars($where_str, ':languagesID', $_SESSION['languages_id'], 'integer');
// keywords
if (!empty($this->search_params['keywords_array'])) {
$target_columns = array("pd.products_name", "pd.products_description");
if (MODULE_PRODUCTS_WITH_ATTRIBUTES_STOCK_STATUS == 'true') {
// $target_columns[] = "pwas.skumodel";
}
$tmp = array();
foreach ($this->search_params['keywords_array'] as $keywords) {
$keywords = zen_db_input($keywords);
if (MODULE_SUPER_PRODUCTS_LIST_SENNA_STATUS == 'true') {
$tmp[] = "MATCH(" . join(",", $target_columns) . ") AGAINST('" . $keywords . "')";
} else {
$ors = array();
foreach ($target_columns as $target_column) {
$ors[] = $target_column . " LIKE '%" . $keywords . "%'";
}
$tmp[] = '(' . join(' OR ', $ors) . ')';
}
}
$where_str .= " AND (" . join(" AND ", $tmp) . ")";
}
// categories_id
if ($this->search_params['categories_id']) {
$subcategories = array($this->search_params['categories_id']);
zen_get_subcategories($subcategories, $this->search_params['categories_id']);
$where_str .= " AND p2c.categories_id IN (" . join(',', $subcategories) . ")";
}
// manufacturers_id
if ($this->search_params['manufacturers_id']) {
$where_str .= " AND p.manufacturers_id = " . (int) $this->search_params['manufacturers_id'];
}
// price
$pfrom = $this->search_params['price_from'];
$pto = $this->search_params['price_to'];
$rate = $currencies->get_value($_SESSION['currency']);
if ($rate) {
$pfrom = $pfrom / $rate;
$pto = $pto / $rate;
}
if (DISPLAY_PRICE_WITH_TAX == 'true') {
if ($this->search_params['price_from'] !== '') {
$where_str .= " AND (p.products_price_sorter * IF(gz.geo_zone_id IS null, 1, 1 + (tr.tax_rate / 100)) >= :price)";
$where_str = $db->bindVars($where_str, ':price', $pfrom, 'float');
}
if ($this->search_params['price_to'] !== '') {
$where_str .= " AND (p.products_price_sorter * IF(gz.geo_zone_id IS null, 1, 1 + (tr.tax_rate / 100)) <= :price)";
$where_str = $db->bindVars($where_str, ':price', $pto, 'float');
}
} else {
if ($this->search_params['price_from'] !== '') {
$where_str .= " and (p.products_price_sorter >= :price)";
$where_str = $db->bindVars($where_str, ':price', $pfrom, 'float');
}
if ($this->search_params['price_to'] !== '') {
$where_str .= " and (p.products_price_sorter <= :price)";
$where_str = $db->bindVars($where_str, ':price', $pto, 'float');
}
}
// date
if ($this->search_params['date_from']) {
$where_str .= " AND p.products_date_available >= :dateAvailable";
$where_str = $db->bindVars($where_str, ':dateAvailable', zen_date_raw($this->search_params['date_from']), 'date');
}
if ($this->search_params['date_to']) {
$where_str .= " AND p.products_date_available <= :dateAvailable";
$where_str = $db->bindVars($where_str, ':dateAvailable', zen_date_raw($this->search_params['date_to']), 'date');
}
$where_str .= $add_where;
return $select_str . $from_str . $where_str;
}
$categories_all[] = $category;
foreach (zen_get_category_tree($category) as $subcategory) {
if ($subcategory['id'] != '0') {
$categories_all[] = $subcategory['id'];
}
}
}
asort($categories_selected);
$categories_selected_string = implode(',', array_unique($categories_selected));
asort($categories_all);
$categories_all_string = ',' . implode(',', array_unique($categories_all)) . ',';
} else {
$categories_selected_string = 'null';
$categories_all_string = 'null';
}
$salemaker_sales_data_array = array('sale_name' => zen_db_prepare_input($_POST['name']), 'sale_deduction_value' => zen_db_prepare_input((double) $_POST['deduction']), 'sale_deduction_type' => zen_db_prepare_input($_POST['type']), 'sale_pricerange_from' => zen_db_prepare_input((double) $_POST['from']), 'sale_pricerange_to' => zen_db_prepare_input((double) $_POST['to']), 'sale_specials_condition' => zen_db_prepare_input($_POST['condition']), 'sale_categories_selected' => $categories_selected_string, 'sale_categories_all' => $categories_all_string, 'sale_date_start' => zen_db_prepare_input($_POST['start']) == '' ? '0001-01-01' : zen_date_raw($_POST['start']), 'sale_date_end' => zen_db_prepare_input($_POST['end']) == '' ? '0001-01-01' : zen_date_raw($_POST['end']));
if ($action == 'insert') {
$salemaker_sales_data_array['sale_status'] = 1;
$salemaker_sales_data_array['sale_date_added'] = 'now()';
$salemaker_sales_data_array['sale_date_last_modified'] = '0001-01-01';
$salemaker_sales_data_array['sale_date_status_change'] = '0001-01-01';
zen_db_perform(TABLE_SALEMAKER_SALES, $salemaker_sales_data_array, 'insert');
$_POST['sID'] = $db->Insert_ID();
} else {
$salemaker_sales_data_array['sale_date_last_modified'] = 'now()';
zen_db_perform(TABLE_SALEMAKER_SALES, $salemaker_sales_data_array, 'update', "sale_id = '" . zen_db_input($_POST['sID']) . "'");
}
// update prices for products in sale
zen_update_salemaker_product_prices($_POST['sID']);
zen_redirect(zen_href_link(FILENAME_SALEMAKER, 'page=' . $_GET['page'] . '&sID=' . $_POST['sID']));
break;
// we only need to check one variable since all are passed with the form
if (isset($_GET['start_date'])) {
// create query based on filter crieria
$orders_query_raw = "SELECT o.orders_id, o.customers_id, o.customers_name,\n o.payment_method, o.date_purchased, o.order_total, s.orders_status_name\n FROM " . TABLE_ORDERS . " o\n LEFT JOIN " . TABLE_ORDERS_STATUS . " s ON o.orders_status = s.orders_status_id";
if (isset($_GET['products']) && zen_not_null($_GET['products'])) {
$orders_query_raw .= " LEFT JOIN " . TABLE_ORDERS_PRODUCTS . " op ON o.orders_id = op.orders_id";
}
$orders_query_raw .= " WHERE s.language_id = '" . (int) $_SESSION['languages_id'] . "'";
$search = '';
if (isset($_GET['search']) && zen_not_null($_GET['search'])) {
$keywords = zen_db_prepare_input($_GET['search'], true);
$search = " and (o.customers_city like '%" . $keywords . "%' or o.customers_postcode like '%" . $keywords . "%' or o.date_purchased like '%" . $keywords . "%' or o.billing_name like '%" . $keywords . "%' or o.billing_company like '%" . $keywords . "%' or o.billing_street_address like '%" . $keywords . "%' or o.delivery_city like '%" . $keywords . "%' or o.delivery_postcode like '%" . $keywords . "%' or o.delivery_name like '%" . $keywords . "%' or o.delivery_company like '%" . $keywords . "%' or o.delivery_street_address like '%" . $keywords . "%' or o.billing_city like '%" . $keywords . "%' or o.billing_postcode like '%" . $keywords . "%' or o.customers_email_address like '%" . $keywords . "%' or o.customers_name like '%" . $keywords . "%' or o.customers_company like '%" . $keywords . "%' or o.customers_street_address like '%" . $keywords . "%' or o.customers_telephone like '%" . $keywords . "%')";
$orders_query_raw .= $search;
}
$sd = zen_date_raw(isset($_GET['start_date']) ? $_GET['start_date'] : '');
$ed = zen_date_raw(isset($_GET['end_date']) ? $_GET['end_date'] : '');
if ($sd != '' && $ed != '') {
$orders_query_raw .= " AND o.date_purchased BETWEEN '" . $sd . "' AND DATE_ADD('" . $ed . "', INTERVAL 1 DAY)";
}
if (isset($_GET['status']) && zen_not_null($_GET['status'])) {
$orders_query_raw .= " AND o.orders_status = '" . $_GET['status'] . "'";
}
if (isset($_GET['products']) && zen_not_null($_GET['products'])) {
$orders_query_raw .= " AND op.products_id = '" . $_GET['products'] . "'";
}
if (isset($_GET['customers']) && zen_not_null($_GET['customers'])) {
$orders_query_raw .= " AND o.customers_id = '" . $_GET['customers'] . "'";
}
if (isset($_GET['payments']) && zen_not_null($_GET['payments'])) {
$orders_query_raw .= " AND o.payment_module_code = '" . $_GET['payments'] . "'";
}
$entry_telephone_error = false;
}
$check_email = $db->Execute("select customers_email_address\n from " . TABLE_CUSTOMERS . "\n where customers_email_address = '" . zen_db_input($customers_email_address) . "'\n and customers_id != '" . (int) $customers_id . "'");
if ($check_email->RecordCount() > 0) {
$error = true;
$entry_email_address_exists = true;
} else {
$entry_email_address_exists = false;
}
if ($error == false) {
$sql_data_array = array('customers_firstname' => $customers_firstname, 'customers_lastname' => $customers_lastname, 'customers_email_address' => $customers_email_address, 'customers_telephone' => $customers_telephone, 'customers_fax' => $customers_fax, 'customers_group_pricing' => $customers_group_pricing, 'customers_newsletter' => $customers_newsletter, 'customers_email_format' => $customers_email_format, 'customers_authorization' => $customers_authorization, 'customers_referral' => $customers_referral);
if (ACCOUNT_GENDER == 'true') {
$sql_data_array['customers_gender'] = $customers_gender;
}
if (ACCOUNT_DOB == 'true') {
$sql_data_array['customers_dob'] = $customers_dob == '0001-01-01 00:00:00' ? '0001-01-01 00:00:00' : zen_date_raw($customers_dob);
}
zen_db_perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id = '" . (int) $customers_id . "'");
$db->Execute("update " . TABLE_CUSTOMERS_INFO . "\n set customers_info_date_account_last_modified = now()\n where customers_info_id = '" . (int) $customers_id . "'");
if ($entry_zone_id > 0) {
$entry_state = '';
}
$sql_data_array = array('entry_firstname' => $customers_firstname, 'entry_lastname' => $customers_lastname, 'entry_street_address' => $entry_street_address, 'entry_postcode' => $entry_postcode, 'entry_city' => $entry_city, 'entry_country_id' => $entry_country_id);
if (ACCOUNT_COMPANY == 'true') {
$sql_data_array['entry_company'] = $entry_company;
}
if (ACCOUNT_SUBURB == 'true') {
$sql_data_array['entry_suburb'] = $entry_suburb;
}
if (ACCOUNT_STATE == 'true') {
if ($entry_zone_id > 0) {
$db->Execute("OPTIMIZE TABLE " . TABLE_EMAIL_ARCHIVE);
$messageStack->add_session(sprintf(SUCCESS_TRIM_ARCHIVE, $cutoff_date), 'success');
zen_redirect(zen_href_link(FILENAME_EMAIL_HISTORY, '', 'NONSSL'));
}
$email_module = $db->Execute("SELECT DISTINCT module\n FROM " . TABLE_EMAIL_ARCHIVE . "\n ORDER BY module ASC");
$email_module_array[] = array('id' => 1, 'text' => TEXT_ALL_MODULES);
while (!$email_module->EOF) {
$email_module_array[] = array('id' => $email_module->fields['module'], 'text' => $email_module->fields['module']);
$email_module->MoveNext();
}
$search_sd = isset($_GET['start_date']) && zen_not_null($_GET['start_date']) ? true : false;
$search_ed = isset($_GET['end_date']) && zen_not_null($_GET['end_date']) ? true : false;
$search_text = isset($_GET['text']) && zen_not_null($_GET['text']) ? true : false;
$search_module = isset($_GET['module']) && zen_not_null($_GET['module']) && $_GET['module'] != 1 ? true : false;
$sd_raw = zen_date_raw($_GET['start_date']);
$ed_raw = zen_date_raw($_GET['end_date']);
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php
echo HTML_PARAMS;
?>
>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php
echo CHARSET;
?>
">
<title><?php
echo TITLE;
?>
</title>
$messageStack->add('account_edit', ENTRY_EMAIL_ADDRESS_ERROR_EXISTS);
}
if (strlen($telephone) < ENTRY_TELEPHONE_MIN_LENGTH) {
$error = true;
$messageStack->add('account_edit', ENTRY_TELEPHONE_NUMBER_ERROR);
}
if ($error == false) {
$sql_data_array = array('customers_firstname' => $firstname, 'customers_lastname' => $lastname, 'customers_email_address' => $email_address, 'customers_telephone' => $telephone, 'customers_fax' => $fax, 'customers_email_format' => $email_format);
if (CUSTOMERS_REFERRAL_STATUS == '2' and $customers_referral != '') {
$sql_data_array['customers_referral'] = $customers_referral;
}
if (ACCOUNT_GENDER == 'true') {
$sql_data_array['customers_gender'] = $gender;
}
if (ACCOUNT_DOB == 'true') {
$sql_data_array['customers_dob'] = zen_date_raw($dob);
}
$gBitDb->associateInsert(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id = '" . (int) $_SESSION['customer_id'] . "'");
$sql = "update " . TABLE_CUSTOMERS_INFO . "\n set `date_account_last_modified` = " . $gBitDb->mDb->sysTimeStamp . "\n where `customers_info_id` = '" . (int) $_SESSION['customer_id'] . "'";
$gBitDb->Execute($sql);
$sql_data_array = array('entry_firstname' => $firstname, 'entry_lastname' => $lastname);
$gBitDb->associateInsert(TABLE_ADDRESS_BOOK, $sql_data_array, 'update', "`customers_id` = '" . (int) $_SESSION['customer_id'] . "' and `address_book_id` = '" . (int) $_SESSION['customer_default_address_id'] . "'");
// reset the session variables
$_SESSION['customer_first_name'] = $firstname;
$messageStack->add_session('account', SUCCESS_ACCOUNT_UPDATED, 'success');
zen_redirect(zen_href_link(FILENAME_ACCOUNT, '', 'SSL'));
}
}
$account_query = "select `customers_gender`, `customers_firstname`, `customers_lastname`,\n `customers_dob`, `customers_email_address`, `customers_telephone`,\n `customers_fax`, `customers_email_format`, `customers_referral`\n from " . TABLE_CUSTOMERS . "\n where `customers_id` = '" . (int) $_SESSION['customer_id'] . "'";
$account = $gBitDb->Execute($account_query);
if (ACCOUNT_GENDER == 'true') {
$where_str .= " or (mtpd.metatags_description like '%" . addslashes($search_keywords[$i]) . "%' and mtpd.metatags_description !='')";
if (isset($_GET['search_in_description']) && $_GET['search_in_description'] == '1') {
$where_str .= " or pd.products_description like '%" . addslashes($search_keywords[$i]) . "%'";
}
$where_str .= ')';
break;
}
}
$where_str .= " )";
}
}
if (isset($_GET['dfrom']) && zen_not_null($_GET['dfrom']) && $_GET['dfrom'] != DOB_FORMAT_STRING) {
$where_str .= " and p.products_date_added >= '" . zen_date_raw($dfrom) . "'";
}
if (isset($_GET['dto']) && zen_not_null($_GET['dto']) && $_GET['dto'] != DOB_FORMAT_STRING) {
$where_str .= " and p.products_date_added <= '" . zen_date_raw($dto) . "'";
}
$rate = $currencies->get_value($_SESSION['currency']);
if ($rate) {
$pfrom = $_GET['pfrom'] / $rate;
$pto = $_GET['pto'] / $rate;
}
if (DISPLAY_PRICE_WITH_TAX == 'true') {
// if ($pfrom) $where_str .= " and (IF(s.status = '1', s.specials_new_products_price, p.products_price) * if(gz.geo_zone_id is null, 1, 1 + (tr.tax_rate / 100)) >= " . $pfrom . ")";
// if ($pto) $where_str .= " and (IF(s.status = '1', s.specials_new_products_price, p.products_price) * if(gz.geo_zone_id is null, 1, 1 + (tr.tax_rate / 100)) <= " . $pto . ")";
if ($pfrom) {
$where_str .= " and (p.products_price_sorter * if(gz.geo_zone_id is null, 1, 1 + (tr.tax_rate / 100)) >= " . $pfrom . ")";
}
if ($pto) {
$where_str .= " and (p.products_price_sorter * if(gz.geo_zone_id is null, 1, 1 + (tr.tax_rate / 100)) <= " . $pto . ")";
}
function module_visitor_to_account($return = array())
{
global $db, $messageStack, $zco_notifier;
$return = $this->zoneOptions($return);
$process = false;
/**
* Process form contents
*/
if (isset($_POST['action']) && $_POST['action'] == 'process') {
$process = true;
$return['error'] = false;
$return['error_messages'] = array();
$return = $this->prosessPrivacyConditions($return);
$return = $this->processGender($return);
$return = $this->processNames($return);
$return = $this->processNick($return);
$return = $this->processDOB($return);
$return = $this->processEmailAddress($return);
$return = $this->processAddress($return);
$return = $this->processEmailFormat($return);
$return = $this->processCustomersAuthorization($return);
$return = $this->processCustomersReferral($return);
$return = $this->processNewsletter($return);
$return = $this->processPassword($return);
if (count($return['error_messages']) > 0) {
foreach ($return['error_messages'] as $error_message) {
$messageStack->add('create_account', $error_message['message'], $error_message['type']);
}
}
if ($return['error'] == true) {
// hook notifier class
$zco_notifier->notify('NOTIFY_FAILURE_DURING_VISITOR_TO_ACCOUNT');
} else {
extract($return);
$sql_data_array = array('customers_firstname' => $firstname, 'customers_lastname' => $lastname, 'customers_email_address' => $email_address, 'customers_nick' => $nick, 'customers_telephone' => $telephone, 'customers_fax' => $fax, 'customers_newsletter' => (int) $newsletter, 'customers_email_format' => $email_format, 'customers_password' => zen_encrypt_password($password), 'customers_authorization' => (int) CUSTOMERS_APPROVAL_AUTHORIZATION);
// ->furikana
if (FURIKANA_NESESSARY) {
$sql_data_array['customers_firstname_kana'] = $firstname_kana;
$sql_data_array['customers_lastname_kana'] = $lastname_kana;
}
// <-furikana
if (CUSTOMERS_REFERRAL_STATUS == '2' and $customers_referral != '') {
$sql_data_array['customers_referral'] = $customers_referral;
}
if (ACCOUNT_GENDER == 'true') {
$sql_data_array['customers_gender'] = $gender;
}
// if (ACCOUNT_DOB == 'true') $sql_data_array['customers_dob'] = zen_date_raw($dob);
if (ACCOUNT_DOB == 'true') {
$sql_data_array['customers_dob'] = empty($_POST['dob']) ? zen_db_prepare_input('0001-01-01 00:00:00') : zen_date_raw($_POST['dob']);
}
zen_db_perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id = '" . (int) $_SESSION['customer_id'] . "'");
// delete a visitor
$db->Execute("delete from " . TABLE_VISITORS . "\r\n where visitors_id = '" . (int) $_SESSION['visitors_id'] . "'");
unset($_SESSION['visitors_id']);
$sql_data_array = array('entry_firstname' => $firstname, 'entry_lastname' => $lastname, 'entry_telephone' => $telephone, 'entry_fax' => $fax, 'entry_street_address' => $street_address, 'entry_postcode' => $postcode, 'entry_city' => $city, 'entry_country_id' => $country);
// ->furikana
if (FURIKANA_NESESSARY) {
$sql_data_array['entry_firstname_kana'] = $firstname_kana;
$sql_data_array['entry_lastname_kana'] = $lastname_kana;
}
// <-furikana
if (ACCOUNT_GENDER == 'true') {
$sql_data_array['entry_gender'] = $gender;
}
if (ACCOUNT_COMPANY == 'true') {
$sql_data_array['entry_company'] = $company;
}
if (ACCOUNT_SUBURB == 'true') {
$sql_data_array['entry_suburb'] = $suburb;
}
if (ACCOUNT_STATE == 'true') {
if ($zone_id > 0) {
$sql_data_array['entry_zone_id'] = $zone_id;
$sql_data_array['entry_state'] = '';
} else {
$sql_data_array['entry_zone_id'] = '0';
$sql_data_array['entry_state'] = $state;
}
}
zen_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array, 'update', "customers_id = '" . (int) $_SESSION['customer_id'] . "' and address_book_id = '" . (int) $_SESSION['customer_default_address_id'] . "'");
$sql = "UPDATE " . TABLE_CUSTOMERS_INFO . "\r\n SET customers_info_date_account_last_modified = now()\r\n WHERE customers_info_id = :customersID";
$sql = $db->bindVars($sql, ':customersID', $_SESSION['customer_id'], 'integer');
// phpBB create account
if ($phpBB->phpBB['installed'] == true) {
$phpBB->phpbb_create_account($nick, $password, $email_address);
}
// End phppBB create account
$_SESSION['customer_first_name'] = $firstname;
$_SESSION['customer_last_name'] = $lastname;
// ->furikana
if (FURIKANA_NESESSARY) {
$_SESSION['customer_first_name_kana'] = $firstname_kana;
$_SESSION['customer_last_name_kana'] = $lastname_kana;
}
// <-furikana
$_SESSION['customer_country_id'] = $country;
$_SESSION['customer_zone_id'] = $zone_id;
// restore cart contents
$_SESSION['cart']->restore_contents();
// hook notifier class
$zco_notifier->notify('NOTIFY_LOGIN_SUCCESS_VIA_VISITOR_TO_ACCOUNT');
// build the message content
$name = $firstname . ' ' . $lastname;
if (ACCOUNT_GENDER == 'true') {
if ($gender == 'm') {
$email_text = sprintf(EMAIL_GREET_MR, $name);
} else {
$email_text = sprintf(EMAIL_GREET_MS, $name);
}
} else {
$email_text = sprintf(EMAIL_GREET_NONE, $name);
}
$html_msg['EMAIL_GREETING'] = str_replace('\\n', '', $email_text);
$html_msg['EMAIL_FIRST_NAME'] = $firstname;
$html_msg['EMAIL_LAST_NAME'] = $lastname;
// initial welcome
$email_text .= EMAIL_WELCOME;
$html_msg['EMAIL_WELCOME'] = str_replace('\\n', '', EMAIL_WELCOME);
if (NEW_SIGNUP_DISCOUNT_COUPON != '' and NEW_SIGNUP_DISCOUNT_COUPON != '0') {
$coupon_id = NEW_SIGNUP_DISCOUNT_COUPON;
$coupon = $db->Execute("select * from " . TABLE_COUPONS . " where coupon_id = '" . $coupon_id . "'");
$coupon_desc = $db->Execute("select coupon_description from " . TABLE_COUPONS_DESCRIPTION . " where coupon_id = '" . $coupon_id . "' and language_id = '" . $_SESSION['languages_id'] . "'");
$db->Execute("insert into " . TABLE_COUPON_EMAIL_TRACK . " (coupon_id, customer_id_sent, sent_firstname, emailed_to, date_sent) values ('" . $coupon_id . "', '0', 'Admin', '" . $email_address . "', now() )");
// if on, add in Discount Coupon explanation
// $email_text .= EMAIL_COUPON_INCENTIVE_HEADER .
$email_text .= "\n" . EMAIL_COUPON_INCENTIVE_HEADER . (!empty($coupon_desc->fields['coupon_description']) ? $coupon_desc->fields['coupon_description'] . "\n\n" : '') . strip_tags(sprintf(EMAIL_COUPON_REDEEM, ' ' . $coupon->fields['coupon_code'])) . EMAIL_SEPARATOR;
$html_msg['COUPON_TEXT_VOUCHER_IS'] = EMAIL_COUPON_INCENTIVE_HEADER;
$html_msg['COUPON_DESCRIPTION'] = !empty($coupon_desc->fields['coupon_description']) ? '<strong>' . $coupon_desc->fields['coupon_description'] . '</strong>' : '';
$html_msg['COUPON_TEXT_TO_REDEEM'] = str_replace("\n", '', sprintf(EMAIL_COUPON_REDEEM, ''));
$html_msg['COUPON_CODE'] = $coupon->fields['coupon_code'];
}
//endif coupon
if (NEW_SIGNUP_GIFT_VOUCHER_AMOUNT > 0) {
$coupon_code = zen_create_coupon_code();
$insert_query = $db->Execute("insert into " . TABLE_COUPONS . " (coupon_code, coupon_type, coupon_amount, date_created) values ('" . $coupon_code . "', 'G', '" . NEW_SIGNUP_GIFT_VOUCHER_AMOUNT . "', now())");
$insert_id = $db->Insert_ID();
$db->Execute("insert into " . TABLE_COUPON_EMAIL_TRACK . " (coupon_id, customer_id_sent, sent_firstname, emailed_to, date_sent) values ('" . $insert_id . "', '0', 'Admin', '" . $email_address . "', now() )");
// if on, add in GV explanation
$email_text .= "\n\n" . sprintf(EMAIL_GV_INCENTIVE_HEADER, $currencies->format(NEW_SIGNUP_GIFT_VOUCHER_AMOUNT)) . sprintf(EMAIL_GV_REDEEM, $coupon_code) . EMAIL_GV_LINK . zen_href_link(FILENAME_GV_REDEEM, 'gv_no=' . $coupon_code, 'NONSSL', false) . "\n\n" . EMAIL_GV_LINK_OTHER . EMAIL_SEPARATOR;
$html_msg['GV_WORTH'] = str_replace('\\n', '', sprintf(EMAIL_GV_INCENTIVE_HEADER, $currencies->format(NEW_SIGNUP_GIFT_VOUCHER_AMOUNT)));
$html_msg['GV_REDEEM'] = str_replace('\\n', '', str_replace('\\n\\n', '<br />', sprintf(EMAIL_GV_REDEEM, '<strong>' . $coupon_code . '</strong>')));
$html_msg['GV_CODE_NUM'] = $coupon_code;
$html_msg['GV_CODE_URL'] = str_replace('\\n', '', EMAIL_GV_LINK . '<a href="' . zen_href_link(FILENAME_GV_REDEEM, 'gv_no=' . $coupon_code, 'NONSSL', false) . '">' . TEXT_GV_NAME . ': ' . $coupon_code . '</a>');
$html_msg['GV_LINK_OTHER'] = EMAIL_GV_LINK_OTHER;
}
// endif voucher
// add in regular email welcome text
$email_text .= "\n\n" . EMAIL_TEXT . EMAIL_CONTACT . EMAIL_GV_CLOSURE;
$html_msg['EMAIL_MESSAGE_HTML'] = str_replace('\\n', '', EMAIL_TEXT);
$html_msg['EMAIL_CONTACT_OWNER'] = str_replace('\\n', '', EMAIL_CONTACT);
$html_msg['EMAIL_CLOSURE'] = nl2br(EMAIL_GV_CLOSURE);
// include create-account-specific disclaimer
$email_text .= "\n\n" . sprintf(EMAIL_DISCLAIMER_NEW_CUSTOMER, STORE_OWNER_EMAIL_ADDRESS) . "\n\n";
$html_msg['EMAIL_DISCLAIMER'] = sprintf(EMAIL_DISCLAIMER_NEW_CUSTOMER, '<a href="mailto:' . STORE_OWNER_EMAIL_ADDRESS . '">' . STORE_OWNER_EMAIL_ADDRESS . ' </a>');
// send welcome email
zen_mail($name, $email_address, EMAIL_SUBJECT, $email_text, STORE_NAME, EMAIL_FROM, $html_msg, 'welcome');
// send additional emails
if (SEND_EXTRA_CREATE_ACCOUNT_EMAILS_TO_STATUS == '1' and SEND_EXTRA_CREATE_ACCOUNT_EMAILS_TO != '') {
if ($_SESSION['customer_id']) {
$account_query = "select customers_firstname, customers_lastname, customers_email_address\r\n from " . TABLE_CUSTOMERS . "\r\n where customers_id = '" . (int) $_SESSION['customer_id'] . "'";
$account = $db->Execute($account_query);
}
$extra_info = email_collect_extra_info($name, $email_address, $account->fields['customers_firstname'] . ' ' . $account->fields['customers_lastname'], $account->fields['customers_email_address']);
$html_msg['EXTRA_INFO'] = $extra_info['HTML'];
zen_mail('', SEND_EXTRA_CREATE_ACCOUNT_EMAILS_TO, SEND_EXTRA_CREATE_ACCOUNT_EMAILS_TO_SUBJECT . ' ' . EMAIL_SUBJECT, $email_text . $extra_info['TEXT'], STORE_NAME, EMAIL_FROM, $html_msg, 'welcome_extra');
}
//endif send extra emails
$_SESSION['navigation']->clear_snapshot();
zen_redirect(zen_href_link(FILENAME_CREATE_ACCOUNT_SUCCESS, '', 'SSL'));
}
//endif !error
} else {
$return = $this->getFormDefault($return);
}
return $return;
}
break;
case 'insert':
case 'update':
if (isset($_POST['banners_id'])) {
$banners_id = zen_db_prepare_input($_POST['banners_id']);
}
$banners_title = zen_db_prepare_input($_POST['banners_title']);
$banners_url = zen_db_prepare_input($_POST['banners_url']);
$new_banners_group = zen_db_prepare_input($_POST['new_banners_group']);
$banners_group = empty($new_banners_group) ? zen_db_prepare_input($_POST['banners_group']) : $new_banners_group;
$banners_html_text = zen_db_prepare_input($_POST['banners_html_text']);
$banners_image_local = zen_db_prepare_input($_POST['banners_image_local']);
$banners_image_target = zen_db_prepare_input($_POST['banners_image_target']);
$db_image_location = '';
$expires_date = zen_db_prepare_input($_POST['expires_date']) == '' ? 'null' : zen_date_raw($_POST['expires_date']);
$expires_impressions = zen_db_prepare_input($_POST['expires_impressions']) == '' ? 'null' : zen_date_raw($_POST['date_scheduled']);
$date_scheduled = zen_db_prepare_input($_POST['date_scheduled']);
$status = zen_db_prepare_input($_POST['status']);
$banners_open_new_windows = zen_db_prepare_input($_POST['banners_open_new_windows']);
$banners_on_ssl = zen_db_prepare_input($_POST['banners_on_ssl']);
$banners_sort_order = zen_db_prepare_input($_POST['banners_sort_order']);
$banner_error = false;
if (empty($banners_title)) {
$messageStack->add(ERROR_BANNER_TITLE_REQUIRED, 'error');
$banner_error = true;
}
if (empty($banners_group)) {
$messageStack->add(ERROR_BANNER_GROUP_REQUIRED, 'error');
$banner_error = true;
}
if (empty($banners_html_text)) {
