?> :</td> <td><?php ps_vendor::list_vendor($db->f("vendor_id")); ?> </td> </tr> <tr> <td nowrap="nowrap" style="text-align:right;" width="38%" ><?php echo $VM_LANG->_('PHPSHOP_USER_FORM_PERMS'); ?> :</td> <td width="62%" > <?php if (!isset($ps_perms)) { $ps_perms = new ps_perm(); } $ps_perms->list_perms("perms", $db->sf("perms")); ?> </td> </tr> <tr> <td style="text-align:right;"><?php echo $VM_LANG->_('PHPSHOP_USER_FORM_CUSTOMER_NUMBER'); ?> :</td> <td > <input type="text" class="inputbox" name="customer_number" size="40" value="<?php echo $ps_shopper_group->get_customer_num($db->f("user_id")); ?>
"> <?php echo $VM_LANG->_('PHPSHOP_PARAMETER_SEARCH'); ?> </a> <?php } /** Changed Product Type - End */ ?> <hr /> </td> </tr> <!-- End Search Box --> <?php } $perm = new ps_perm(); // Show the Frontend ADMINISTRATION Link if ($perm->check("admin,storeadmin") && (!stristr($my->usertype, "admin") ^ PSHOP_ALLOW_FRONTENDADMIN_FOR_NOBACKENDERS == '' || stristr($my->usertype, "admin")) && $show_adminlink == 'yes') { ?> <tr> <td colspan="2"> <a class="<?php echo $class_mainlevel; ?> " href="<?php $sess->purl(SECUREURL . "index2.php?page=store.index&pshop_mode=admin"); ?> "> <?php echo $VM_LANG->_('PHPSHOP_ADMIN_MOD'); ?>
/** * Returns a tree with the children of the root group id * @static * @param int $root_id * @param string $root_name * @param boolean $inclusive * @return unknown */ function getGroupChildrenTree($root_id = null, $root_name = null, $inclusive = true) { global $database, $_VERSION; $tree = ps_perm::getChildGroups('#__core_acl_aro_groups', 'g1.virtuemart_shoppergroup_id, g1.name, COUNT(g2.name) AS level', 'g1.name', $root_id, $root_name, $inclusive); // first pass get level limits $n = count($tree); $min = $tree[0]->level; $max = $tree[0]->level; for ($i = 0; $i < $n; $i++) { $min = min($min, $tree[$i]->level); $max = max($max, $tree[$i]->level); } $indents = array(); foreach (range($min, $max) as $i) { $indents[$i] = ' '; } // correction for first indent $indents[$min] = ''; $list = array(); for ($i = $n - 1; $i >= 0; $i--) { $shim = ''; foreach (range($min, $tree[$i]->level) as $j) { $shim .= $indents[$j]; } if (@$indents[$tree[$i]->level + 1] == '. ') { $twist = ' '; } else { $twist = "- "; } if ($_VERSION->PRODUCT == 'Joomla!' && $_VERSION->RELEASE >= 1.5) { $tree[$i]->virtuemart_shoppergroup_id = $tree[$i]->id; } $list[$tree[$i]->virtuemart_shoppergroup_id] = $shim . $twist . $tree[$i]->name; if ($tree[$i]->level < @$tree[$i - 1]->level) { $indents[$tree[$i]->level + 1] = '. '; } } ksort($list); return $list; }
} } // basic SQL inject detection $my_insecure_array = array('keyword' => $_REQUEST['keyword'], 'category_id' => $_REQUEST['category_id'], 'product_id' => $_REQUEST['product_id'], 'user_id' => $_REQUEST['user_id'], 'user_info_id' => $_REQUEST['user_info_id'], 'page' => $_REQUEST['page'], 'func' => $_REQUEST['func']); while (list($key, $value) = each($my_insecure_array)) { if (stristr($value, 'FROM ') || stristr($value, 'UPDATE ') || stristr($value, 'WHERE ') || stristr($value, 'ALTER ') || stristr($value, 'SELECT ') || stristr($value, 'SHUTDOWN ') || stristr($value, 'CREATE ') || stristr($value, 'DROP ') || stristr($value, 'DELETE FROM') || stristr($value, 'script') || stristr($value, '<>') || stristr($value, '=') || stristr($value, 'SET ')) { die('Please provide a permitted value for ' . $key); } } // Load module definitions $module = array(); $label = array(); // Instantiate db and session class $db = new ps_DB(); $sess = new ps_session(); $perm = new ps_perm(); $vars = array(); // In case someone tries to be sneaky $run_dir = 0; $run_func = 0; // Set default language as specified in phpshop.cfg if (!isset($lang)) { $lang = LANGUAGE; $sess->register("lang"); } // Save current page call $this_page = $page; // Register previous page if (!isset($last_page)) { $sess->register("last_page"); }
require_once CLASSPATH . "vmAbstractObject.class.php"; require_once CLASSPATH . "ps_cart.php"; require_once CLASSPATH . "ps_html.php"; require_once CLASSPATH . "ps_session.php"; require_once CLASSPATH . "ps_function.php"; require_once CLASSPATH . "ps_module.php"; require_once CLASSPATH . "ps_perm.php"; require_once CLASSPATH . "ps_shopper_group.php"; require_once CLASSPATH . "ps_vendor.php"; require_once CLASSPATH . 'template.class.php'; require_once CLASSPATH . "htmlTools.class.php"; require_once CLASSPATH . "phpInputFilter/class.inputfilter.php"; // Instantiate the DB class $db = new ps_DB(); // Instantiate the permission class $perm = new ps_perm(); // Instantiate the HTML helper class $ps_html = new ps_html(); // Constructor initializes the session! $sess = new ps_session(); // Instantiate the ps_shopper_group class $ps_shopper_group = new ps_shopper_group(); // Get default and this users's Shopper Group $shopper_group = $ps_shopper_group->get_shoppergroup_by_id($my->id); // User authentication $auth = $perm->doAuthentication($shopper_group); // Initialize the cart $cart = ps_cart::initCart(); // Initialise Recent Products $recentproducts = ps_session::initRecentProducts(); // Instantiate the module class
* to the GNU General Public License, and as distributed it includes or * is derivative of works licensed under the GNU General Public License or * other free or open source software licenses. * See /administrator/components/com_virtuemart/COPYRIGHT.php for copyright notices and details. * * http://virtuemart.net */ while (@ob_end_clean()) { } header('Content-Type: application/x-javascript'); $mod = array(); $q = "SELECT module_name,module_perms from #__{vm}_module WHERE module_publish='Y' "; $q .= "AND module_name <> 'checkout' ORDER BY list_order ASC"; $db->query($q); while ($db->next_record()) { if (ps_perm::check($db->f("module_perms"))) { $mod[] = $db->f("module_name"); } } $menu_items = assembleMenuItems($mod); include ADMINPATH . 'version.php'; echo "\r\nif( typeof Ext == \"undefined\" ) {\r\n\tdocument.location=\"index2.php?option=" . VM_COMPONENT_NAME . "&vmLayout=standard&usefetchscript=0\";\r\n}\r\n// Check if this Window is a duplicate and opens in an iframe\r\nif( parent.vmLayout ) {\r\n\tif( typeof parent.vmLayout.loadPage == \"function\" ) {\r\n\t\t// then load the pure page, not again the whole VirtueMart Admin interface\r\n\t\tparent.vmLayout.loadPage();\r\n\t}\r\n}\r\nfunction classClicked(e, target) {\r\n alert( 'klick!');\r\n\tif (target.target!='_top' && target.target!='_blank') {\r\n\t\te.stopEvent();\r\n Ext.getCmp('west-panel').showPanel('vmPage');\r\n loadPage(target.href );\r\n\t}\r\n}\r\nfunction showButtonMenu( btn, e ) {\r\n\tbtn.showMenu();\r\n}\r\nfunction hideButtonMenu( btn, e ) {\r\n\tbtn.hideMenu();\r\n}"; echo ' function vmLayoutInit() { try{ Ext.get("header-box").hide(); } catch(e) {} // Hide the Admin Menu under Joomla! 1.5 try{ Ext.get("wrapper").hide(); } catch(e) {} // Hide the Admin Menu under Joomla! 1.0 // initialize state manager, we will use cookies Ext.state.Manager.setProvider(new Ext.state.CookieProvider()); '; $html = 'var toolbarItems = [';