if ($cc_number_security == 0) { $r->set_value("cc_number", ""); } elseif ($cc_number_security > 0) { $r->set_value("cc_number", va_encrypt($r->get_value("cc_number"))); } if ($cc_code_security == 0) { $r->set_value("cc_security_code", ""); } elseif ($cc_code_security > 0) { $r->set_value("cc_security_code", va_encrypt($cc_security_code)); } if ($r->update_record()) { // update order status $cc_order_status = 2; update_order_status($order_id, $cc_order_status, true, "", $status_error); $op = new VA_Record($table_prefix . "orders_properties"); $op->add_textbox("order_id", INTEGER); $op->set_value("order_id", $order_id); $op->add_textbox("property_id", INTEGER); $op->add_textbox("property_order", INTEGER); $op->add_textbox("property_type", INTEGER); $op->add_textbox("property_name", TEXT); $op->add_textbox("property_value_id", INTEGER); $op->add_textbox("property_value", TEXT); $op->add_textbox("property_price", FLOAT); $op->add_textbox("property_weight", FLOAT); $op->add_textbox("tax_free", INTEGER); foreach ($custom_options as $property_id => $property_values) { // delete first all saved values $sql = " DELETE FROM " . $table_prefix . "orders_properties "; $sql .= " WHERE order_id=" . $db->tosql($order_id, INTEGER); $sql .= " AND property_id =" . $db->tosql($property_id, INTEGER);
$r->add_checkbox("meta_title_index", INTEGER); $r->add_textbox("meta_title_rank", INTEGER); $r->add_select("meta_title_type", INTEGER, $keywords_types); $r->add_checkbox("meta_description_index", INTEGER); $r->add_textbox("meta_description_rank", INTEGER); $r->add_select("meta_description_type", INTEGER, $keywords_types); $r->add_checkbox("meta_keywords_index", INTEGER); $r->add_textbox("meta_keywords_rank", INTEGER); $r->add_select("meta_keywords_type", INTEGER, $keywords_types); $r->get_form_values(); // categories columns $ip = new VA_Record($table_prefix . "categories_columns", "categories_columns"); $ip->add_where("column_id", INTEGER); $ip->add_hidden("category_id", INTEGER); $ip->change_property("category_id", USE_IN_INSERT, true); $ip->add_textbox("column_order", INTEGER, ADMIN_ORDER_MSG); $ip->change_property("column_order", REQUIRED, true); $ip->add_textbox("column_code", TEXT, CODE_MSG); $ip->change_property("column_code", REQUIRED, true); $ip->change_property("column_code", MAX_LENGTH, 64); $ip->add_textbox("column_title", TEXT, TITLE_MSG); $ip->change_property("column_title", REQUIRED, true); $ip->change_property("column_title", MAX_LENGTH, 255); $ip->add_textbox("column_html", TEXT, HTML_MSG); $columns_number = get_param("cc_number"); $cc_eg = new VA_EditGrid($ip, "categories_columns"); $cc_eg->order_by = " ORDER BY column_order "; $cc_eg->get_form_values($columns_number); $param_site_id = get_session("session_site_id"); $tab = get_param("tab"); if (!$tab) {
$r->insert_record(); if ($db_type == "mysql") { $new_template_id = get_db_value(" SELECT LAST_INSERT_ID() "); $r->set_value("template_id", $new_template_id); } elseif ($db_type == "access") { $new_template_id = get_db_value(" SELECT @@IDENTITY "); $r->set_value("template_id", $new_template_id); } elseif ($db_type == "db2") { $new_template_id = get_db_value(" SELECT PREVVAL FOR seq_" . $table_prefix . "export_templates FROM " . $table_prefix . "export_templates"); $r->set_value("template_id", $new_template_id); } if (strlen($new_template_id)) { // start adding fields $fld = new VA_Record($table_prefix . "export_fields"); $fld->add_where("field_id", INTEGER); $fld->add_textbox("template_id", INTEGER); $fld->set_value("template_id", $new_template_id); $fld->add_textbox("field_order", INTEGER); $fld->add_textbox("field_title", TEXT); $fld->add_textbox("field_source", TEXT); $field_order = 0; $total_columns = get_param("total_columns"); for ($col = 1; $col <= $total_columns; $col++) { $field_title = get_param("column_title_" . $col); $field_source = get_param("field_source_" . $col); $column_checked = get_param("db_column_" . $col); if ($column_checked) { // if there is column title we can save this field even if it source empty $field_order++; $fld->set_value("field_order", $field_order); $fld->set_value("field_title", $field_title);
if (isset($site_id)) { $sql .= " AND (site_id=1 OR site_id=" . $db->tosql($site_id, INTEGER, true, false) . ")"; $sql .= " ORDER BY site_id ASC "; } else { $sql .= " AND site_id=1 "; } $db->query($sql); while ($db->next_record()) { $order_confirmation[$db->f("setting_name")] = $db->f("setting_value"); } $confirmed_order_status = 3; $r = new VA_Record($table_prefix . "orders"); $r->errors = $order_errors; $r->add_where("order_id", INTEGER); $r->set_value("order_id", $order_id); $r->add_textbox("is_confirmed", INTEGER); $r->change_property("is_confirmed", USE_IN_UPDATE, false); $r->add_textbox("error_message", TEXT); $r->add_textbox("pending_message", TEXT); $r->add_textbox("transaction_id", TEXT); $r->change_property("transaction_id", USE_IN_UPDATE, false); $r->add_textbox("authorization_code", TEXT); // AVS fields $r->add_textbox("avs_response_code", TEXT); $r->add_textbox("avs_message", TEXT); $r->add_textbox("avs_address_match", TEXT); $r->add_textbox("avs_zip_match", TEXT); $r->add_textbox("cvv2_match", TEXT); // 3D fields $r->add_textbox("secure_3d_check", TEXT); $r->add_textbox("secure_3d_status", TEXT);
$t->set_var("user_upload_href", get_custom_friendly_url("user_upload.php")); $t->set_var("user_home_href", get_custom_friendly_url("user_home.php")); $t->set_var("referer", $referer); $t->set_var("referrer", $referer); $t->set_var("HTTP_REFERER", $referer); $t->set_var("initial_ip", $initial_ip); $t->set_var("cookie_ip", $cookie_ip); $t->set_var("visit_number", $visit_number); $t->set_var("login_desc", $login_desc); $t->set_var("short_description_editor", $short_description_editor); $t->set_var("full_description_editor", $full_description_editor); $subscribe = get_param("subscribe"); $r = new VA_Record($table_prefix . "users"); $r->add_where("user_id", INTEGER); $r->add_hidden("type", INTEGER); $r->add_textbox("user_type_id", INTEGER, "User Type"); $r->change_property("user_type_id", REQUIRED, true); $r->change_property("user_type_id", USE_IN_UPDATE, false); $r->add_textbox("is_approved", INTEGER); $r->add_textbox("registration_last_step", INTEGER); $r->add_textbox("registration_total_steps", INTEGER); $r->add_textbox("login", TEXT); $r->change_property("login", USE_IN_UPDATE, false); $r->change_property("login", SHOW, false); // subscription information $r->add_textbox("subscription_id", INTEGER, SUBSCRIPTION_MSG); $r->change_property("subscription_id", USE_SQL_NULL, false); $r->change_property("subscription_id", USE_IN_UPDATE, false); if ($is_subscription && !$user_id && !$new_user_id) { $r->change_property("subscription_id", REQUIRED, true); }
$s->set_sorter(ORDER_NUMBER_COLUMN, "sorter_id", "1", "o.order_id"); $s->set_sorter(ORDER_ADDED_COLUMN, "sorter_date", "2", "o.order_placed_date"); $s->set_sorter(STATUS_MSG, "sorter_status", "3", "o.order_status"); $s->set_sorter(ADMIN_ORDER_TOTAL_MSG, "sorter_total", "4", "o.order_total"); if (get_setting_value($order_info, "show_delivery_country_id", 0) == 1) { $s->set_sorter(EMAIL_TO_MSG, "sorter_ship_to", "5", "o.delivery_country_id"); } else { $s->set_sorter(EMAIL_TO_MSG, "sorter_ship_to", "5", "o.country_id"); } $s->set_sorter(SITE_NAME_MSG, "sorter_site_name", "6", "sti.site_name"); $n = new VA_Navigator($settings["admin_templates_dir"], "navigator.html", "admin_orders.php"); include_once "./admin_header.php"; include_once "./admin_footer.php"; $where = ""; $r = new VA_Record($table_prefix . "orders"); $r->add_textbox("s_on", TEXT, ORDER_NUMBER_MSG); $r->change_property("s_on", TRIM, true); $r->add_textbox("s_ne", TEXT); $r->change_property("s_ne", TRIM, true); $r->add_textbox("s_kw", TEXT); $r->change_property("s_kw", TRIM, true); $r->add_textbox("s_coupon", TEXT); $r->change_property("s_coupon", TRIM, true); $r->add_textbox("s_sku", TEXT); $r->change_property("s_sku", TRIM, true); $r->add_textbox("s_sd", DATE, FROM_DATE_MSG); $r->change_property("s_sd", VALUE_MASK, $date_edit_format); $r->change_property("s_sd", TRIM, true); $r->add_textbox("s_ed", DATE, END_DATE_MSG); $r->change_property("s_ed", VALUE_MASK, $date_edit_format); $r->change_property("s_ed", TRIM, true);
$secure_3d = false; // include payment module only if total order value greater than zero if ($order_total > 0) { // use php library to validate transaction $order_step = "final"; if (file_exists($validation_php_lib)) { include_once $validation_php_lib; } else { $error_message = APPROPRIATE_LIBRARY_ERROR_MSG . ": " . $validation_php_lib; } } if ($update_order_data) { $r = new VA_Record($table_prefix . "orders"); $r->add_where("order_id", INTEGER); $r->set_value("order_id", $order_id); $r->add_textbox("error_message", TEXT); $r->add_textbox("pending_message", TEXT); $r->add_textbox("transaction_id", TEXT); $r->change_property("transaction_id", USE_IN_UPDATE, false); $r->add_textbox("authorization_code", TEXT); // AVS fields $r->add_textbox("avs_response_code", TEXT); $r->add_textbox("avs_message", TEXT); $r->add_textbox("avs_address_match", TEXT); $r->add_textbox("avs_zip_match", TEXT); $r->add_textbox("cvv2_match", TEXT); // 3D fields $r->add_textbox("secure_3d_check", TEXT); $r->add_textbox("secure_3d_status", TEXT); $r->add_textbox("secure_3d_md", TEXT); $r->add_textbox("secure_3d_eci", TEXT);
$r_id->add_textbox("order_id", INTEGER); $r_id->set_value("order_id", $order_id); $r_id->add_textbox("user_id", INTEGER); $r_id->set_value("user_id", $user_id); $r_id->add_textbox("order_item_id", INTEGER); $r_id->add_textbox("item_id", INTEGER); $r_id->add_textbox("download_path", TEXT); $r_id->add_textbox("activated", INTEGER); $r_id->add_textbox("max_downloads", INTEGER); // how many times from different IPs user can download product during the month $r_id->add_textbox("download_added", DATETIME); $r_id->add_textbox("download_expiry", DATETIME); $r_id->add_textbox("download_limit", INTEGER); // how many times user can download product $ois = new VA_Record($table_prefix . "orders_items_serials"); $ois->add_textbox("order_id", INTEGER); $ois->set_value("order_id", $order_id); $ois->add_textbox("user_id", INTEGER); $ois->set_value("user_id", $user_id); $ois->add_textbox("order_item_id", INTEGER); $ois->add_textbox("item_id", INTEGER); $ois->add_textbox("serial_number", TEXT); $ois->add_textbox("activated", INTEGER); $ois->add_textbox("activations_number", INTEGER); $ois->add_textbox("serial_added", DATETIME); $ois->add_textbox("serial_expiry", DATETIME); $sql = " SELECT setting_value FROM " . $table_prefix . "global_settings "; $sql .= " WHERE setting_type='download_info' "; $sql .= " AND setting_name='max_downloads' "; if (isset($site_id)) { $sql .= " AND (site_id=1 OR site_id=" . $db->tosql($site_id, INTEGER, true, false) . ")";
<?php check_user_session(); $html_template = get_setting_value($block, "html_template", "block_user_change_password.html"); $t->set_file("block_body", $html_template); $t->set_var("user_change_password_href", get_custom_friendly_url("user_change_password.php")); $t->set_var("user_home_href", get_custom_friendly_url("user_home.php")); $r = new VA_Record($table_prefix . "users"); $r->add_where("user_id", INTEGER); $r->add_textbox("modified_date", DATETIME); $r->add_textbox("current_password", TEXT, CURRENT_PASS_FIELD); $r->change_property("current_password", USE_IN_UPDATE, false); $r->change_property("current_password", REQUIRED, true); $r->add_textbox("password", TEXT, NEW_PASS_FIELD); $r->change_property("password", REQUIRED, true); $r->change_property("password", MIN_LENGTH, 5); $r->add_textbox("confirm", TEXT, CONFIRM_PASS_FIELD); $r->change_property("confirm", USE_IN_UPDATE, false); $r->change_property("password", MATCHED, "confirm"); $action = get_param("action"); $user_id = get_session("session_user_id"); $site_url = get_setting_value($settings, "site_url", ""); $secure_user_profile = get_setting_value($settings, "secure_user_profile", 0); $return_page = $site_url . get_custom_friendly_url("user_home.php"); $errors = ""; $r->get_form_values(); if (strlen($action)) { if ($action == "cancel") { header("Location: " . $return_page); exit; }