set_session("session_cc_number_last", $cc_number_last);
if ($cc_number_security == 0) {
$r->set_value("cc_number", "");
} elseif ($cc_number_security > 0) {
$r->set_value("cc_number", va_encrypt($r->get_value("cc_number")));
}
if ($cc_code_security == 0) {
$r->set_value("cc_security_code", "");
} elseif ($cc_code_security > 0) {
$r->set_value("cc_security_code", va_encrypt($cc_security_code));
}
if ($r->update_record()) {
// update order status
$cc_order_status = 2;
update_order_status($order_id, $cc_order_status, true, "", $status_error);
$op = new VA_Record($table_prefix . "orders_properties");
$op->add_textbox("order_id", INTEGER);
$op->set_value("order_id", $order_id);
$op->add_textbox("property_id", INTEGER);
$op->add_textbox("property_order", INTEGER);
$op->add_textbox("property_type", INTEGER);
$op->add_textbox("property_name", TEXT);
$op->add_textbox("property_value_id", INTEGER);
$op->add_textbox("property_value", TEXT);
$op->add_textbox("property_price", FLOAT);
$op->add_textbox("property_weight", FLOAT);
$op->add_textbox("tax_free", INTEGER);
foreach ($custom_options as $property_id => $property_values) {
// delete first all saved values
$sql = " DELETE FROM " . $table_prefix . "orders_properties ";
$sql .= " WHERE order_id=" . $db->tosql($order_id, INTEGER);
$r->add_select("special_offer_type", INTEGER, $keywords_types);
$r->add_checkbox("notes_index", INTEGER);
$r->add_textbox("notes_rank", INTEGER);
$r->add_select("notes_type", INTEGER, $keywords_types);
$r->add_checkbox("meta_title_index", INTEGER);
$r->add_textbox("meta_title_rank", INTEGER);
$r->add_select("meta_title_type", INTEGER, $keywords_types);
$r->add_checkbox("meta_description_index", INTEGER);
$r->add_textbox("meta_description_rank", INTEGER);
$r->add_select("meta_description_type", INTEGER, $keywords_types);
$r->add_checkbox("meta_keywords_index", INTEGER);
$r->add_textbox("meta_keywords_rank", INTEGER);
$r->add_select("meta_keywords_type", INTEGER, $keywords_types);
$r->get_form_values();
// categories columns
$ip = new VA_Record($table_prefix . "categories_columns", "categories_columns");
$ip->add_where("column_id", INTEGER);
$ip->add_hidden("category_id", INTEGER);
$ip->change_property("category_id", USE_IN_INSERT, true);
$ip->add_textbox("column_order", INTEGER, ADMIN_ORDER_MSG);
$ip->change_property("column_order", REQUIRED, true);
$ip->add_textbox("column_code", TEXT, CODE_MSG);
$ip->change_property("column_code", REQUIRED, true);
$ip->change_property("column_code", MAX_LENGTH, 64);
$ip->add_textbox("column_title", TEXT, TITLE_MSG);
$ip->change_property("column_title", REQUIRED, true);
$ip->change_property("column_title", MAX_LENGTH, 255);
$ip->add_textbox("column_html", TEXT, HTML_MSG);
$columns_number = get_param("cc_number");
$cc_eg = new VA_EditGrid($ip, "categories_columns");
$cc_eg->order_by = " ORDER BY column_order ";
$r->set_value("admin_id_added_by", get_session("session_admin_id"));
$r->set_value("date_added", va_time());
$r->insert_record();
if ($db_type == "mysql") {
$new_template_id = get_db_value(" SELECT LAST_INSERT_ID() ");
$r->set_value("template_id", $new_template_id);
} elseif ($db_type == "access") {
$new_template_id = get_db_value(" SELECT @@IDENTITY ");
$r->set_value("template_id", $new_template_id);
} elseif ($db_type == "db2") {
$new_template_id = get_db_value(" SELECT PREVVAL FOR seq_" . $table_prefix . "export_templates FROM " . $table_prefix . "export_templates");
$r->set_value("template_id", $new_template_id);
}
if (strlen($new_template_id)) {
// start adding fields
$fld = new VA_Record($table_prefix . "export_fields");
$fld->add_where("field_id", INTEGER);
$fld->add_textbox("template_id", INTEGER);
$fld->set_value("template_id", $new_template_id);
$fld->add_textbox("field_order", INTEGER);
$fld->add_textbox("field_title", TEXT);
$fld->add_textbox("field_source", TEXT);
$field_order = 0;
$total_columns = get_param("total_columns");
for ($col = 1; $col <= $total_columns; $col++) {
$field_title = get_param("column_title_" . $col);
$field_source = get_param("field_source_" . $col);
$column_checked = get_param("db_column_" . $col);
if ($column_checked) {
// if there is column title we can save this field even if it source empty
$field_order++;
}
$order_confirmation = array();
$sql = " SELECT setting_name,setting_value FROM " . $table_prefix . "global_settings ";
$sql .= " WHERE setting_type='order_confirmation'";
if (isset($site_id)) {
$sql .= " AND (site_id=1 OR site_id=" . $db->tosql($site_id, INTEGER, true, false) . ")";
$sql .= " ORDER BY site_id ASC ";
} else {
$sql .= " AND site_id=1 ";
}
$db->query($sql);
while ($db->next_record()) {
$order_confirmation[$db->f("setting_name")] = $db->f("setting_value");
}
$confirmed_order_status = 3;
$r = new VA_Record($table_prefix . "orders");
$r->errors = $order_errors;
$r->add_where("order_id", INTEGER);
$r->set_value("order_id", $order_id);
$r->add_textbox("is_confirmed", INTEGER);
$r->change_property("is_confirmed", USE_IN_UPDATE, false);
$r->add_textbox("error_message", TEXT);
$r->add_textbox("pending_message", TEXT);
$r->add_textbox("transaction_id", TEXT);
$r->change_property("transaction_id", USE_IN_UPDATE, false);
$r->add_textbox("authorization_code", TEXT);
// AVS fields
$r->add_textbox("avs_response_code", TEXT);
$r->add_textbox("avs_message", TEXT);
$r->add_textbox("avs_address_match", TEXT);
$r->add_textbox("avs_zip_match", TEXT);
$t->set_var("site_url", $settings["site_url"]);
$t->set_var("user_profile_href", get_custom_friendly_url("user_profile.php"));
$t->set_var("user_profile_url", $user_profile_url);
$t->set_var("user_upload_href", get_custom_friendly_url("user_upload.php"));
$t->set_var("user_home_href", get_custom_friendly_url("user_home.php"));
$t->set_var("referer", $referer);
$t->set_var("referrer", $referer);
$t->set_var("HTTP_REFERER", $referer);
$t->set_var("initial_ip", $initial_ip);
$t->set_var("cookie_ip", $cookie_ip);
$t->set_var("visit_number", $visit_number);
$t->set_var("login_desc", $login_desc);
$t->set_var("short_description_editor", $short_description_editor);
$t->set_var("full_description_editor", $full_description_editor);
$subscribe = get_param("subscribe");
$r = new VA_Record($table_prefix . "users");
$r->add_where("user_id", INTEGER);
$r->add_hidden("type", INTEGER);
$r->add_textbox("user_type_id", INTEGER, "User Type");
$r->change_property("user_type_id", REQUIRED, true);
$r->change_property("user_type_id", USE_IN_UPDATE, false);
$r->add_textbox("is_approved", INTEGER);
$r->add_textbox("registration_last_step", INTEGER);
$r->add_textbox("registration_total_steps", INTEGER);
$r->add_textbox("login", TEXT);
$r->change_property("login", USE_IN_UPDATE, false);
$r->change_property("login", SHOW, false);
// subscription information
$r->add_textbox("subscription_id", INTEGER, SUBSCRIPTION_MSG);
$r->change_property("subscription_id", USE_SQL_NULL, false);
$r->change_property("subscription_id", USE_IN_UPDATE, false);
$s->set_default_sorting(1, "desc");
$s->set_sorter(ORDER_NUMBER_COLUMN, "sorter_id", "1", "o.order_id");
$s->set_sorter(ORDER_ADDED_COLUMN, "sorter_date", "2", "o.order_placed_date");
$s->set_sorter(STATUS_MSG, "sorter_status", "3", "o.order_status");
$s->set_sorter(ADMIN_ORDER_TOTAL_MSG, "sorter_total", "4", "o.order_total");
if (get_setting_value($order_info, "show_delivery_country_id", 0) == 1) {
$s->set_sorter(EMAIL_TO_MSG, "sorter_ship_to", "5", "o.delivery_country_id");
} else {
$s->set_sorter(EMAIL_TO_MSG, "sorter_ship_to", "5", "o.country_id");
}
$s->set_sorter(SITE_NAME_MSG, "sorter_site_name", "6", "sti.site_name");
$n = new VA_Navigator($settings["admin_templates_dir"], "navigator.html", "admin_orders.php");
include_once "./admin_header.php";
include_once "./admin_footer.php";
$where = "";
$r = new VA_Record($table_prefix . "orders");
$r->add_textbox("s_on", TEXT, ORDER_NUMBER_MSG);
$r->change_property("s_on", TRIM, true);
$r->add_textbox("s_ne", TEXT);
$r->change_property("s_ne", TRIM, true);
$r->add_textbox("s_kw", TEXT);
$r->change_property("s_kw", TRIM, true);
$r->add_textbox("s_coupon", TEXT);
$r->change_property("s_coupon", TRIM, true);
$r->add_textbox("s_sku", TEXT);
$r->change_property("s_sku", TRIM, true);
$r->add_textbox("s_sd", DATE, FROM_DATE_MSG);
$r->change_property("s_sd", VALUE_MASK, $date_edit_format);
$r->change_property("s_sd", TRIM, true);
$r->add_textbox("s_ed", DATE, END_DATE_MSG);
$r->change_property("s_ed", VALUE_MASK, $date_edit_format);
$update_order_status = true;
$update_order_data = true;
// check if payment system support 3D secure
$secure_3d = false;
// include payment module only if total order value greater than zero
if ($order_total > 0) {
// use php library to validate transaction
$order_step = "final";
if (file_exists($validation_php_lib)) {
include_once $validation_php_lib;
} else {
$error_message = APPROPRIATE_LIBRARY_ERROR_MSG . ": " . $validation_php_lib;
}
}
if ($update_order_data) {
$r = new VA_Record($table_prefix . "orders");
$r->add_where("order_id", INTEGER);
$r->set_value("order_id", $order_id);
$r->add_textbox("error_message", TEXT);
$r->add_textbox("pending_message", TEXT);
$r->add_textbox("transaction_id", TEXT);
$r->change_property("transaction_id", USE_IN_UPDATE, false);
$r->add_textbox("authorization_code", TEXT);
// AVS fields
$r->add_textbox("avs_response_code", TEXT);
$r->add_textbox("avs_message", TEXT);
$r->add_textbox("avs_address_match", TEXT);
$r->add_textbox("avs_zip_match", TEXT);
$r->add_textbox("cvv2_match", TEXT);
// 3D fields
$r->add_textbox("secure_3d_check", TEXT);
$r_id = new VA_Record($table_prefix . "items_downloads");
$r_id->add_textbox("order_id", INTEGER);
$r_id->set_value("order_id", $order_id);
$r_id->add_textbox("user_id", INTEGER);
$r_id->set_value("user_id", $user_id);
$r_id->add_textbox("order_item_id", INTEGER);
$r_id->add_textbox("item_id", INTEGER);
$r_id->add_textbox("download_path", TEXT);
$r_id->add_textbox("activated", INTEGER);
$r_id->add_textbox("max_downloads", INTEGER);
// how many times from different IPs user can download product during the month
$r_id->add_textbox("download_added", DATETIME);
$r_id->add_textbox("download_expiry", DATETIME);
$r_id->add_textbox("download_limit", INTEGER);
// how many times user can download product
$ois = new VA_Record($table_prefix . "orders_items_serials");
$ois->add_textbox("order_id", INTEGER);
$ois->set_value("order_id", $order_id);
$ois->add_textbox("user_id", INTEGER);
$ois->set_value("user_id", $user_id);
$ois->add_textbox("order_item_id", INTEGER);
$ois->add_textbox("item_id", INTEGER);
$ois->add_textbox("serial_number", TEXT);
$ois->add_textbox("activated", INTEGER);
$ois->add_textbox("activations_number", INTEGER);
$ois->add_textbox("serial_added", DATETIME);
$ois->add_textbox("serial_expiry", DATETIME);
$sql = " SELECT setting_value FROM " . $table_prefix . "global_settings ";
$sql .= " WHERE setting_type='download_info' ";
$sql .= " AND setting_name='max_downloads' ";
if (isset($site_id)) {
<?php
check_user_session();
$html_template = get_setting_value($block, "html_template", "block_user_change_password.html");
$t->set_file("block_body", $html_template);
$t->set_var("user_change_password_href", get_custom_friendly_url("user_change_password.php"));
$t->set_var("user_home_href", get_custom_friendly_url("user_home.php"));
$r = new VA_Record($table_prefix . "users");
$r->add_where("user_id", INTEGER);
$r->add_textbox("modified_date", DATETIME);
$r->add_textbox("current_password", TEXT, CURRENT_PASS_FIELD);
$r->change_property("current_password", USE_IN_UPDATE, false);
$r->change_property("current_password", REQUIRED, true);
$r->add_textbox("password", TEXT, NEW_PASS_FIELD);
$r->change_property("password", REQUIRED, true);
$r->change_property("password", MIN_LENGTH, 5);
$r->add_textbox("confirm", TEXT, CONFIRM_PASS_FIELD);
$r->change_property("confirm", USE_IN_UPDATE, false);
$r->change_property("password", MATCHED, "confirm");
$action = get_param("action");
$user_id = get_session("session_user_id");
$site_url = get_setting_value($settings, "site_url", "");
$secure_user_profile = get_setting_value($settings, "secure_user_profile", 0);
$return_page = $site_url . get_custom_friendly_url("user_home.php");
$errors = "";
$r->get_form_values();
if (strlen($action)) {
if ($action == "cancel") {
header("Location: " . $return_page);
exit;
}
