Exemple #1
0
function Comments_adminDelete()
{
    $id = (int) $_REQUEST['id'];
    dbQuery('delete from comments where id=' . $id);
    Core_cacheClear('comments');
    return array('status' => 1, 'id' => $id);
}
Exemple #2
0
/**
 * save a panel
 *
 * @return null
 */
function Panels_adminSave()
{
    $id = (int) $_REQUEST['id'];
    $widgets = addslashes($_REQUEST['data']);
    dbQuery("update panels set body='{$widgets}' where id={$id}");
    Core_cacheClear('panels');
    Core_cacheClear('pages');
}
Exemple #3
0
/**
 * mark a meeting as complete
 *
 * @return null
 */
function Meetings_complete()
{
    if (!isset($_SESSION['userdata'])) {
        return;
    }
    $id = (int) $_REQUEST['id'];
    dbQuery('update meetings set is_complete=1 where id=' . $id);
    Core_cacheClear('meetings');
}
Exemple #4
0
/**
 * retrieve the search page, or create one if it doesn't exist
 *
 * @return object search page
 */
function Search_getPage()
{
    if (isset($_GET['s'])) {
        $_GET['search'] = $_GET['s'];
    }
    $p = Page::getInstanceByType(5);
    if (!$p || !isset($p->id)) {
        dbQuery('insert into pages set cdate=now(),edate=now(),name="__search",' . 'alias="__search",body="",type=5,special=2,ord=5000');
        Core_cacheClear('pages', 'page_by_type_5');
        $p = Page::getInstanceByType(5);
    }
    return $p->id;
}
Exemple #5
0
 static function deleteByAdminId($name, $id = false)
 {
     $adminId = '';
     if ($id !== false) {
         if ($id < 0) {
             $adminId = ' and admin_id>0';
         } else {
             $adminId = ' and admin_id=' . $id;
         }
     }
     dbQuery('delete from admin_vars where varname="' . addslashes($name) . '"' . $adminId);
     Core_cacheClear('admin_vars');
 }
Exemple #6
0
/**
 * Update the comments table
 *
 * @return null
 */
function Comments_update()
{
    $id = $_REQUEST['id'];
    $comment = $_REQUEST['comment'];
    $allowed = in_array($id, $_SESSION['comment_ids']);
    if (!$allowed) {
        die('You do not have permission to do this');
    }
    if (!is_numeric($id)) {
        Core_quit('Invalid id');
    }
    dbQuery('update comments set comment = "' . addslashes($comment) . '" where id = ' . (int) $id);
    Core_cacheClear('comments');
    return array('status' => 1, 'id' => $id, 'comment' => $comment);
}
Exemple #7
0
<?php

require $_SERVER['DOCUMENT_ROOT'] . '/ww.incs/basics.php';
if (!Core_isAdmin()) {
    die(__('access denied'));
}
if (isset($_REQUEST['id']) && isset($_REQUEST['vis']) && isset($_REQUEST['hid'])) {
    $id = (int) $_REQUEST['id'];
    $vis = '[' . addslashes($_REQUEST['vis']) . ']';
    $hid = '[' . addslashes($_REQUEST['hid']) . ']';
    dbQuery("update panels set visibility='{$vis}',hidden='{$hid}' where id={$id}");
    Core_cacheClear('panels');
}
Exemple #8
0
function OnlineStoreEbay_adminImportOrders()
{
    require_once 'eBaySession.php';
    error_reporting(E_ALL);
    $rs = dbAll('select * from online_store_vars where name like "ebay%"');
    $vs = array();
    foreach ($rs as $r) {
        $vs[$r['name']] = $r['val'];
    }
    $production = (int) $vs['ebay_status'];
    if ($production) {
        $devID = $vs['ebay_devid'];
        $appID = $vs['ebay_appid'];
        $certID = $vs['ebay_certid'];
        $serverUrl = 'https://api.ebay.com/ws/api.dll';
        // server URL different for prod and sandbox
        $userToken = $vs['ebay_usertoken'];
    } else {
        $devID = $vs['ebay_sandbox_devid'];
        $appID = $vs['ebay_sandbox_appid'];
        $certID = $vs['ebay_sandbox_certid'];
        $serverUrl = 'https://api.sandbox.ebay.com/ws/api.dll';
        $userToken = $vs['ebay_sandbox_usertoken'];
    }
    $compatabilityLevel = 827;
    // eBay API version
    $siteToUseID = 205;
    $sess = new eBaySession($userToken, $devID, $appID, $certID, $serverUrl, $compatabilityLevel, $siteToUseID, 'GetOrders');
    $xml = '<?xml version="1.0" encoding="utf-8"?>' . '<GetOrdersRequest xmlns="urn:ebay:apis:eBLBaseComponents">' . '	<RequesterCredentials>' . '		<eBayAuthToken>' . $userToken . '</eBayAuthToken>' . '	</RequesterCredentials>' . '	<NumberOfDays>10</NumberOfDays>' . '	<OrderRole>Seller</OrderRole>' . '	<OrderStatus>Completed</OrderStatus>' . '	<DetailLevel>ReturnAll</DetailLevel>' . '	<SortingOrder>Descending</SortingOrder>' . '	<WarningLevel>High</WarningLevel>' . '</GetOrdersRequest>';
    $xmlstr = $sess->sendHttpRequest($xml);
    $reply = new SimpleXMLElement($xmlstr);
    if (isset($reply->Errors)) {
        return array('sent' => $xml, 'reply' => new SimpleXMLElement($xmlstr), 'errors' => $reply->Errors);
    }
    $imported = 0;
    foreach ($reply->OrderArray->Order as $order) {
        $order = json_decode(json_encode($order));
        $ebayOrderId = $order->OrderID;
        $r = dbOne('select id from online_store_orders where ebayOrderId="' . $ebayOrderId . '"' . ' limit 1', 'id');
        if ($r) {
            continue;
        }
        $address = $order->ShippingAddress;
        if ($address->PostalCode == '') {
            $address->PostalCode = 'na';
        }
        $form_vals = array('FirstName' => preg_replace('/ .*/', '', $address->Name), 'Surname' => preg_replace('/.*? /', '', $address->Name), 'Phone' => $address->Phone, 'Email' => '*****@*****.**', 'Street' => $address->Street1, 'Street2' => $address->Street2, 'Town' => $address->CityName, 'County' => $address->StateOrProvince, 'PostCode' => $address->PostalCode, 'Country' => $address->CountryName, 'CountryCode' => $address->Country);
        $form_vals = json_encode($form_vals);
        $total = (double) $order->Total;
        $date_created = date('Y-m-d h:i:s', strtotime($order->CreatedTime));
        $transactions = array();
        $tArr = $order->TransactionArray->Transaction;
        if (!is_array($tArr)) {
            $transactions = array($tArr);
        } else {
            $transactions = $tArr;
        }
        $items = array();
        foreach ($transactions as $transaction) {
            $item = $transaction->Item;
            if (isset($item->ApplicationData)) {
                $appData = json_decode(htmlspecialchars_decode($item->ApplicationData));
                $itemId = $appData->productId;
            } else {
                $itemId = dbOne('select id from products where link="' . addslashes($item->Title) . '"', 'id');
            }
            $key = 'products_' . $itemId;
            if (!isset($items[$key])) {
                $items[$key] = array();
                $r = dbRow('select * from products where id=' . $itemId . ' limit 1');
                $items[$key] = array('short_desc' => $r['name'], 'id' => $itemId, 'amt' => 0);
            }
            $items[$key]['amt'] += $transaction->QuantityPurchased;
        }
        $jitems = json_encode($items);
        // { create the order entry
        dbQuery('insert into online_store_orders set total="' . $total . '"' . ', items="' . addslashes($jitems) . '"' . ', ebayOrderId="' . $ebayOrderId . '"' . ', form_vals="' . addslashes($form_vals) . '"' . ', date_created="' . addslashes($date_created) . '"' . ', status=1');
        $id = dbLastInsertId();
        // }
        dbQuery('update online_store_orders set invoice_num=id where id=' . $id);
        Core_cacheClear('online_store_orders');
        OnlineStore_updateProductSales($id, $items, $date_created);
        $imported++;
    }
    return array('imported' => $imported, 'reply' => new SimpleXMLElement($xmlstr));
}
Exemple #9
0
/**
 * edit a single value of a user
 *
 * @return array status
 */
function Core_adminUserEditVal()
{
    $id = (int) $_REQUEST['id'];
    $name = $_REQUEST['name'];
    $value = $_REQUEST['val'];
    $contact_fields = array('contact_name', 'business_phone', 'business_email', 'phone', 'website', 'mobile', 'skype', 'facebook', 'twitter', 'linkedin', 'blog');
    if (in_array($name, array('name', 'email'))) {
        dbQuery('update user_accounts set ' . $name . '="' . addslashes($value) . '" where id=' . $id);
    } elseif (in_array($name, $contact_fields)) {
        $c = json_decode(dbOne('select contact from user_accounts where id=' . $id, 'contact'), true);
        $c[$name] = $value;
        dbQuery('update user_accounts set contact="' . addslashes(json_encode($c)) . '"' . ' where id=' . $id);
    }
    Core_cacheClear();
    return array('ok' => 1);
}
Exemple #10
0
/**
 * save a mailing list
 *
 * @return status
 */
function Mailinglists_adminListSave()
{
    $id = (int) $_REQUEST['vals']['id'];
    $sql = 'mailinglists_lists set ' . 'name="' . addslashes($_REQUEST['vals']['name']) . '",' . 'meta="' . addslashes(json_encode($_REQUEST['meta'])) . '"';
    if ($id) {
        dbQuery('update ' . $sql . ' where id=' . $id);
    } else {
        dbQuery('insert into ' . $sql);
    }
    Core_cacheClear('mailinglists');
    return array('ok' => 1);
}
Exemple #11
0
<?php

/**
 * Deletes a comment
 *
 * PHP Version 5.3
 *
 * @category   CommentsPlugin
 * @package    WebworksWebme
 * @subpackage CommentsPlugin
 * @author     Belinda Hamilton <*****@*****.**>
 * @license    GPL Version 2
 * @link       www.kvweb.me
 **/
require_once $_SERVER['DOCUMENT_ROOT'] . '/ww.incs/basics.php';
$id = $_REQUEST['id'];
$allowed = Core_isAdmin() || in_array($id, $_SESSION['comment_ids']);
if (!$allowed) {
    die('You do not have permission to delete this comment');
}
if (!is_numeric($id)) {
    Core_quit('Invalid id');
}
dbQuery('delete from comments where id = ' . $id);
Core_cacheClear('comments');
if (dbOne('select id from comments where id  = ' . $id, 'id')) {
    echo '{"status":0}';
} else {
    echo '{"status":1, "id":' . $id . '}';
}
Exemple #12
0
function products_adminFixOrphanedCategories()
{
    $rs = dbAll('select id,name,parent_id from products_categories');
    foreach ($rs as $r) {
        if ($r['parent_id'] == '0') {
            continue;
        }
        $pid = dbOne('select id from products_categories where id=' . $r['parent_id'], 'id');
        if (!$pid) {
            $sql = 'update products_categories set parent_id=0 where id=' . $r['id'];
            dbQuery($sql);
            echo $sql . "<br/>";
        } else {
            echo 'product_category ' . $r['name'] . ' is okay.<br/>';
        }
    }
    Core_cacheClear('products_categories');
    exit;
}
Exemple #13
0
            }
        }
    }
    $data = addslashes(json_encode($data));
    $sql = "messaging_notifier set data='{$data}'";
    if ($id) {
        $sql = "update {$sql} where id={$id}";
        dbQuery($sql);
    } else {
        $sql = "insert into {$sql}";
        dbQuery($sql);
        $id = dbOne('select last_insert_id() as id', 'id');
    }
    $ret = array('id' => $id, 'id_was' => $id_was, 'datastr' => $_REQUEST['data'], 'dataobj' => $data);
    echo json_encode($ret);
    Core_cacheClear('messaging_notifier');
    Core_quit();
}
if (isset($_REQUEST['id'])) {
    $id = (int) $_REQUEST['id'];
} else {
    $id = 0;
}
echo '<a href="javascript:;" id="messaging_notifier_editlink_' . $id . '" class="button messaging_notifier_editlink">view or edit feeds</a><br />';
// { show story title
echo '<strong>hide story title</strong><br />' . '<select name="hide_story_title"><option value="0">No</option>' . '<option value="1"';
if (@$_REQUEST['hide_story_title'] == 1) {
    echo ' selected="selected"';
}
echo '>Yes</option></select><br />';
// }
Exemple #14
0
// { if theme fails check, remove temp dir and throw error
$msg = '';
if (!$failure_message) {
    $msg = Theme_findErrors($theme_folder);
}
if ($msg || $failure_message) {
    shell_exec('rm -rf ' . $temp_dir);
    echo '<script>parent.themes_dialog("<em>installation failed: ' . $failure_message . $msg . '</em>");</script>';
    Core_quit();
}
// }
// { get variant
if (is_dir($theme_folder . '/cs')) {
    $variant = Theme_getFirstVariant($theme_folder . '/cs/');
}
// }
// { remove temp dir and extract to themes-personal
shell_exec('rm -rf ' . $themes_personal . '/' . $name);
rename($temp_dir . '/' . $name, $themes_personal . '/' . $name);
shell_exec('rm -rf ' . $temp_dir);
if (isset($_POST['install-theme'])) {
    $DBVARS['theme'] = $name;
    if (isset($variant)) {
        $DBVARS['theme_variant'] = $variant;
    }
    Core_configRewrite();
    Core_cacheClear('pages');
    $_SESSION['theme_selected'] = 1;
}
// }
echo '<script>parent.document.location="step7.php";</script>';
Exemple #15
0
/**
 * upload a new category image
 *
 * @return null
 */
function ClassifiedAds_adminCategoryUploadImage()
{
    $id = (int) $_REQUEST['id'];
    if (!file_exists(USERBASE . '/f/classified-ads/categories/' . $id)) {
        mkdir(USERBASE . '/f/classified-ads/categories/' . $id, 0777, true);
    }
    $imgs = new DirectoryIterator(USERBASE . '/f/classified-ads/categories/' . $id);
    foreach ($imgs as $img) {
        if ($img->isDot()) {
            continue;
        }
        unlink($img->getPathname());
    }
    $from = $_FILES['Filedata']['tmp_name'];
    $ext = preg_replace('/.*\\./', '', $_FILES['Filedata']['name']);
    $url = '/classified-ads/categories/' . $id . '/icon.' . $ext;
    $to = USERBASE . '/f' . $url;
    move_uploaded_file($from, $to);
    dbQuery('update classifiedads_categories set' . ' icon="' . $url . '" where id=' . $id);
    Core_cacheClear();
    echo $url;
    Core_quit();
}
Exemple #16
0
<?php

/**
 * create a new poll
 *
 * PHP version 5.2
 *
 * @category None
 * @package  None
 * @author   Kae Verens <*****@*****.**>
 * @license  GPL 2.0
 * @link     http://kvsites.ie/
 */
dbQuery("insert into poll set name='" . addslashes($_REQUEST['name']) . "'" . ",body='" . addslashes($_REQUEST['body']) . "'" . ",enabled=" . (int) $_REQUEST['enabled']);
$id = dbOne('select last_insert_id() as id', 'id');
$answers = $_REQUEST['answers'];
for ($i = 0; $i < count($answers); ++$i) {
    $answer = $answers[$i];
    dbQuery("insert into poll_answer set poll_id={$id}" . ",num={$i},answer='" . addslashes($answer) . "'");
}
echo '<em>Poll created</em>';
Core_cacheClear('polls');
Exemple #17
0
    $id = (int) $_REQUEST['id'];
    $id_was = $id;
    $directory = addslashes($_REQUEST['directory']);
    $trans_type = addslashes($_REQUEST['trans_type']);
    $pause = (int) $_REQUEST['pause'];
    $width = (int) $_REQUEST['width'];
    $height = (int) $_REQUEST['height'];
    $url = (int) $_REQUEST['url'];
    if (!$pause) {
        $pause = 3000;
    }
    $sql = 'image_transitions set directory="' . $directory . '",trans_type="' . $trans_type . '",pause="' . $pause . '",url="' . $url . '",width=' . $width . ',height=' . $height;
    if ($id && dbOne('select id from image_transitions where id=' . $id, 'id')) {
        $sql = "update {$sql} where id={$id}";
        dbQuery($sql);
    } else {
        $sql = "insert into {$sql}";
        dbQuery($sql);
        $id = dbOne('select last_insert_id() as id', 'id');
    }
    $ret = array('id' => $id, 'id_was' => $id_was);
    echo json_encode($ret);
    Core_cacheClear('image-transitions');
    Core_quit();
}
if (isset($_REQUEST['id'])) {
    $id = (int) $_REQUEST['id'];
} else {
    $id = 0;
}
echo '<a href="javascript:;" id="image_transition_editlink_' . $id . '" class="image_transition_editlink">' . __('view or edit image transition details') . '</a>';
Exemple #18
0
    $id_was = $id;
    $parent = (int) $_REQUEST['parent'];
    $direction = (int) $_REQUEST['direction'];
    $type = (int) $_REQUEST['type'];
    $background = addslashes($_REQUEST['background']);
    $opacity = (double) $_REQUEST['opacity'];
    $columns = (int) $_REQUEST['columns'];
    $style_from = (int) $_REQUEST['style_from'];
    $state = (int) $_REQUEST['state'];
    $cache = (int) $_REQUEST['cache'];
    $html_type = (int) $_REQUEST['html_type'];
    $sql = "menus set type='{$type}',parent='{$parent}',direction='{$direction}'," . "background='{$background}',opacity={$opacity},columns={$columns}" . ', cache=' . $cache . ",style_from={$style_from},state={$state}, html_type={$html_type}";
    if ($id) {
        $sql = "update {$sql} where id={$id}";
        dbQuery($sql);
    } else {
        $sql = "insert into {$sql}";
        dbQuery($sql);
        $id = dbOne('select last_insert_id() as id', 'id');
    }
    Core_cacheClear('menus');
    $ret = array('id' => $id, 'id_was' => $id_was);
    echo json_encode($ret);
    Core_quit();
}
if (isset($_REQUEST['id'])) {
    $id = (int) $_REQUEST['id'];
} else {
    $id = 0;
}
echo '<a href="javascript:;" id="menu_editlink_' . $id . '" ' . 'class="menu_editlink">' . __('view or edit menu') . '</a>';
    $errors = array();
    if (!isset($_REQUEST['name']) || $_REQUEST['name'] == '') {
        $errors[] = 'You must fill in the <strong>Name</strong>.';
    }
    if (count($errors)) {
        echo '<em>' . join('<br />', $errors) . '</em>';
    } else {
        $sql = 'set name="' . addslashes($_REQUEST['name']) . '",one_way=' . (int) $_REQUEST['one_way'];
        if ($id) {
            dbQuery("update products_relation_types {$sql} where id={$id}");
        } else {
            dbQuery("insert into products_relation_types {$sql}");
            $id = dbOne('select last_insert_id() as id', 'id');
        }
        echo '<em>Relation Type saved</em>';
        Core_cacheClear('products/relation-types');
    }
}
if ($id) {
    $sql = 'select * from products_relation_types where id=' . $id;
    $tdata = dbRow($sql, 'products_relation_types');
    if (!$tdata) {
        die('<em>No relation type with that ID exists.</em>');
    }
} else {
    $tdata = array('id' => 0, 'name' => '', 'one_way' => 0);
}
echo '<form action="' . $_url . '&amp;id=' . $id . '" method="POST" enctype="multip' . 'art/form-data"><input type="hidden" name="action" value="save" />' . '<table><tr><th>Name</th><td><input class="not-empty" name="name" value="' . htmlspecialchars($tdata['name']) . '" /></td></tr><tr><th>One-Way</th><td>' . '<select name="one_way"><option value="0">No</option><option value="1"';
if ($tdata['one_way']) {
    echo ' selected="selected"';
}
Exemple #20
0
        $details = array();
        foreach ($_REQUEST['details'] as $k => $n) {
            $details[$k] = $n;
        }
        $q = 'message="' . addslashes($_REQUEST['message']) . '",' . 'template="' . addslashes($_REQUEST['template']) . '",' . 'directory="' . addslashes($_REQUEST['directory']) . '",' . 'recipient_email="' . addslashes($_REQUEST['recipient_email']) . '",' . 'details="' . addslashes(json_encode($details)) . '"';
        if ($id) {
            dbQuery("update protected_files set {$q} where id={$id}");
        } else {
            dbQuery("insert into protected_files set {$q}");
            $id = dbOne("select last_insert_id() as id", 'id');
        }
    } elseif ($_REQUEST['action'] == 'delete') {
        dbQuery("delete from protected_files where id={$id}");
        $id = 0;
    }
    Core_cacheClear('protected_files');
}
$r = dbRow('select * from protected_files where id=' . $id);
$details = json_decode($r['details'], true);
switch (@$_REQUEST['view']) {
    case 'log':
        // {
        echo '<table><tr><th>Filename</th><th>Completed</th><th>Email</th><th>D' . 'ate/Time</th></tr>';
        $fs = dbAll('select file,success,email,last_access from protected_files_log where' . ' pf_id=' . $id . ' order by last_access desc');
        foreach ($fs as $f) {
            echo '<tr><td>' . htmlspecialchars($f['file']) . '</td><td>' . ($f['success'] ? 'yes' : 'no') . '</td><td><a href="mailto:' . $f['email'] . '">' . $f['email'] . '</a></td><td>' . $f['last_access'] . '</td></tr>';
        }
        echo '</table>';
        break;
        // }
    // }
Exemple #21
0
    // currency
    $DBVARS['online_store_currency'] = 'EUR';
    $version = 4;
}
if ($version == 4) {
    // callback
    /* allow a callback to be set in the database to be called when
     *   a payment has been completed
     */
    dbQuery('alter table online_store_orders add callback text');
    $version = 5;
}
if ($version == 5) {
    // clear caches
    Core_cacheClear('pages');
    Core_cacheClear('products');
    $version = 6;
}
if ($version == 6) {
    // change _apply_vat to _vatfree
    $rs = dbAll('select id,online_store_fields from products');
    if ($rs !== false) {
        foreach ($rs as $r) {
            $f = str_replace('"_apply_vat":"0"', '"_vatfree":"1"', $r['online_store_fields']);
            $f = str_replace('"_apply_vat":"1"', '"_vatfree":"0"', $f);
            dbQuery('update products set online_store_fields="' . addslashes($f) . '" where id=' . $r['id']);
        }
    }
    $version = 7;
}
if ($version == 7) {
Exemple #22
0
 static function clearCache()
 {
     self::$prodsByCid = array();
     self::$catsByPid = array();
     self::$activeCategories = false;
     Core_cacheClear('products_categories_products');
 }
Exemple #23
0
/**
 * rewrite the config file
 *
 * @return null
 */
function Core_configRewrite()
{
    global $DBVARS;
    $tmparr = $DBVARS;
    $tmparr['plugins'] = join(',', $DBVARS['plugins']);
    $tmparr2 = array();
    foreach ($tmparr as $name => $val) {
        $tmparr2[] = '\'' . addslashes($name) . '\'=>\'' . addslashes($val) . '\'';
    }
    $config = "<?php\n\$DBVARS=array(\n\t" . join(",\n\t", $tmparr2) . "\n);";
    file_put_contents(CONFIG_FILE, $config);
    Core_cacheClear('core');
}
Exemple #24
0
    $sql = 'set html="' . addslashes($html) . '",name="' . addslashes($_POST['name']) . '",pages=' . (count($pages) ? 1 : 0);
    if ($id) {
        dbQuery("update banners_images {$sql} where id={$id}");
    } else {
        dbQuery("insert into banners_images {$sql}");
        $id = dbOne('select last_insert_id() as id', 'id');
        $_REQUEST['id'] = $id;
    }
    dbQuery("delete from banners_pages where bannerid={$id}");
    if (is_array($pages)) {
        foreach ($pages as $k => $v) {
            dbQuery('insert into banners_pages set pageid=' . (int) $v . ",bannerid={$id}");
        }
    }
    $updated = 'Banner Saved';
    Core_cacheClear('banner-images');
}
if (isset($updated)) {
    echo '<em>' . $updated . '</em>';
}
if (!is_dir(USERBASE . '/f/skin_files')) {
    mkdir(USERBASE . '/f/skin_files');
}
if (!is_dir(USERBASE . '/f/skin_files/banner-image')) {
    mkdir(USERBASE . '/f/skin_files/banner-image');
}
// { show left menu
echo '<div class="sub-nav">';
$rs = dbAll('select id,name from banners_images');
foreach ($rs as $r) {
    echo '<a href="/ww.admin/plugin.php?_plugin=banner-image&id=' . $r['id'] . '&amp;_page=index">' . htmlspecialchars($r['name']) . '</a>';
Exemple #25
0
 * @package  None
 * @author   Kae Verens <*****@*****.**>
 * @license  GPL 2.0
 * @link     http://kvsites.ie/
 */
if ($version < 1) {
    // add table
    dbQuery('create table if not exists content_snippets(' . 'id int auto_increment not null primary key,' . 'html text' . ')	default charset=utf8;');
    $version = 1;
}
if ($version == '1') {
    // convert to accordion
    dbQuery('alter table content_snippets add accordion smallint default 0');
    dbQuery('alter table content_snippets ' . 'add accordion_direction smallint default 0');
    // 0 is horizontal
    $rs = dbAll('select * from content_snippets');
    if (count($rs) && isset($rs[0]['html'])) {
        foreach ($rs as $r) {
            $arr = array(array('title' => '', 'html' => $r['html']));
            dbQuery('update content_snippets set html="' . addslashes(json_encode($arr)) . '" where id=' . $r['id']);
        }
        Core_cacheClear('content_snippets');
    }
    dbQuery('alter table content_snippets change html content text');
    $version = 2;
}
if ($version == '2') {
    // add directory of images
    dbQuery('alter table content_snippets add images_directory text');
    $version = 3;
}
Exemple #26
0
 * PHP Version 5
 *
 * @category None
 * @package  None
 * @author   Kae Verens <*****@*****.**>
 * @license  GPL Version 2
 * @link     www.kvweb.me
 */
if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'Save') {
    // { online_store_vars
    foreach ($_REQUEST['ebayVals'] as $k => $v) {
        dbQuery('delete from online_store_vars where name="ebay_' . addslashes($k) . '"');
        dbQuery('insert into online_store_vars set name="ebay_' . addslashes($k) . '"' . ', val="' . addslashes($v) . '"');
    }
    // }
    Core_cacheClear('online-store');
    echo '<em>Saved</em>';
}
echo '<form method="post" action="' . $_url . '" />' . '<div class="accordion">';
// { main
echo '<h2>' . __('Main Details') . '</h2><div><table>' . '<tr><th>What paypal address to use</th>' . '<td><input name="ebayVals[paypal_address]" value="' . htmlspecialchars(dbOne('select val from online_store_vars where name="ebay_paypal_address"', 'val')) . '"/></td></tr>' . '<tr><th>Status</th><td><select name="ebayVals[status]">' . '<option value="0">Sandbox</option>' . '<option value="1"' . (dbOne('select val from online_store_vars where name="ebay_status"', 'val') ? ' selected="selected"' : '') . '>Production</option>' . '</select></td></tr>' . '<tr><th>What country your products come from (2-letter code)</th>' . '<td><input name="ebayVals[country_from]" value="' . htmlspecialchars(dbOne('select val from online_store_vars where name="ebay_country_from"', 'val')) . '"/></td></tr>' . '<tr><th>What location in the country?</th>' . '<td><input name="ebayVals[location]" value="' . htmlspecialchars(dbOne('select val from online_store_vars where name="ebay_location"', 'val')) . '"/></td></tr>' . '<tr><th>How many days to dispatch</th>' . '<td><input name="ebayVals[dispatch_days]" value="' . htmlspecialchars(dbOne('select val from online_store_vars where name="ebay_dispatch_days"', 'val')) . '"/></td></tr>' . '</table></div>';
// }
// { sandbox authentication
echo '<h2>' . __('Sandbox Authentication') . '</h2><div>' . '<p>You must get a developer account from' . ' <a href="https://developer.ebay.com/">eBay</a>.</p>' . '<table>' . '<tr><th>Dev ID</th><td><input name="ebayVals[sandbox_devid]" value="' . htmlspecialchars(dbOne('select val from online_store_vars where name="ebay_sandbox_devid"', 'val')) . '"/></td>' . '<th rowspan="3">User Token</th><td rowspan="3">' . '<textarea name="ebayVals[sandbox_usertoken]">' . htmlspecialchars(dbOne('select val from online_store_vars where name="ebay_sandbox_usertoken"', 'val')) . '</textarea></td></tr>' . '<tr><th>App ID</th><td><input name="ebayVals[sandbox_appid]" value="' . htmlspecialchars(dbOne('select val from online_store_vars where name="ebay_sandbox_appid"', 'val')) . '"/></td>' . '<tr><th>Cert ID</th><td><input name="ebayVals[sandbox_certid]" value="' . htmlspecialchars(dbOne('select val from online_store_vars where name="ebay_sandbox_certid"', 'val')) . '"/></td></tr>' . '</table></div>';
// }
// { production authentication
echo '<h2>' . __('Production Authentication') . '</h2><div>' . '<p>You must get a developer account from' . ' <a href="https://developer.ebay.com/">eBay</a>.</p><table>' . '<tr><th>Dev ID</th><td><input name="ebayVals[devid]" value="' . htmlspecialchars(dbOne('select val from online_store_vars where name="ebay_devid"', 'val')) . '"/></td>' . '<th rowspan="3">User Token</th><td rowspan="3">' . '<textarea name="ebayVals[usertoken]">' . htmlspecialchars(dbOne('select val from online_store_vars where name="ebay_usertoken"', 'val')) . '</textarea></td></tr>' . '<tr><th>App ID</th><td><input name="ebayVals[appid]" value="' . htmlspecialchars(dbOne('select val from online_store_vars where name="ebay_appid"', 'val')) . '"/></td></tr>' . '<tr><th>Cert ID</th><td><input name="ebayVals[certid]" value="' . htmlspecialchars(dbOne('select val from online_store_vars where name="ebay_certid"', 'val')) . '"/></td></tr>' . '</table></div>';
// }
// { description afterword
echo '<h2>' . __('Description Afterword') . '</h2><div><table>' . '<tr><textarea name="ebayVals[description_afterword]">' . htmlspecialchars(dbOne('select val from online_store_vars where name="ebay_description_afterword"', 'val')) . '</textarea></td></tr>' . '</table></div>';
// }
Exemple #27
0
        $files = glob($newdir . '/logo-*');
        foreach ($files as $f) {
            unlink($f);
        }
        CoreGraphics::convert($_FILES['site_logo']['tmp_name'], $newdir . '/logo.png');
    }
    $pageLengthLimit = $_REQUEST['site_page_length_limit'];
    if (!empty($pageLengthLimit) && is_numeric($pageLengthLimit)) {
        $DBVARS['site_page_length_limit'] = $pageLengthLimit;
    } else {
        if (isset($DBVARS['site_page_length_limit'])) {
            unset($DBVARS['site_page_length_limit']);
        }
    }
    Core_configRewrite();
    Core_cacheClear();
    echo '<em>' . __('options updated') . '</em>';
}
if ($action == 'remove_logo') {
    unlink(USERBASE . '/f/skin_files/logo.png');
}
// }
// { form
echo '<form method="post" action="siteoptions.php?page=general" enctype="mu' . 'ltipart/form-data"><input type="hidden" name="MAX_FILE_SIZE" value="999' . '9999" /><table>';
// { website title and subtitle
echo '<tr><th>' . __('Website Title') . '</th><td><input name="site_title" value="' . htmlspecialchars($DBVARS['site_title']) . '" /></td></tr>' . '<tr><th>' . __('Website Subtitle') . '</th><td><input name="site_subtitle" value="' . htmlspecialchars($DBVARS['site_subtitle']) . '" /></td></tr>';
// }
// { canonical domain name
$canonical_name = @$DBVARS['canonical_name'] ? ' value="' . htmlspecialchars($DBVARS['canonical_name']) . '"' : '';
echo '<tr><th>' . __('Canonical Domain Name') . '</th><td><input name="canonical_name" ' . 'placeholder="' . __('leave blank to accept multiple domain names') . '"' . $canonical_name . ' /></td></tr>';
// }
Exemple #28
0
}
if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'save') {
    $id = (int) $_REQUEST['id'];
    $id_was = $id;
    $directory = addslashes($_REQUEST['directory']);
    $gallery_type = addslashes($_REQUEST['gallery_type']);
    $thumbsize = (int) $_REQUEST['thumbsize'];
    $image_size = (int) $_REQUEST['image_size'];
    $rows = (int) $_REQUEST['rows'];
    $columns = (int) $_REQUEST['columns'];
    $sql = 'image_gallery_widget set directory="' . $directory . '",gallery_type="' . $gallery_type . '",thumbsize="' . $thumbsize . '",image_size="' . $image_size . '",
		rows="' . $rows . '",columns="' . $columns . '"';
    if ($id && dbOne('select id from image_gallery_widget where id=' . $id, 'id')) {
        $sql = "update {$sql} where id={$id}";
        dbQuery($sql);
    } else {
        $sql = "insert into {$sql}";
        dbQuery($sql);
        $id = dbOne('select last_insert_id() as id', 'id');
    }
    $ret = array('id' => $id, 'id_was' => $id_was);
    echo json_encode($ret);
    Core_cacheClear('image-gallery');
    Core_quit();
}
if (isset($_REQUEST['id'])) {
    $id = (int) $_REQUEST['id'];
} else {
    $id = 0;
}
echo '<a href="javascript:;" id="image_gallery_editlink_' . $id . '" class="image_gallery_editlink">' . 'view or edit image gallery details</a>';
/**
 * move a page
 *
 * @return array status of the move
 */
function Core_adminPageMove()
{
    $id = (int) $_REQUEST['id'];
    $to = (int) $_REQUEST['parent_id'];
    $order = $_REQUEST['order'];
    dbQuery("update pages set parent={$to} where id={$id}");
    for ($i = 0; $i < count($order); ++$i) {
        $pid = (int) $order[$i];
        dbQuery("update pages set ord={$i} where id={$pid}");
    }
    Core_cacheClear();
    dbQuery('update page_summaries set rss=""');
    return array('ok' => 1);
}
Exemple #30
0
/**
 * exports to file if the status is right
 *
 * @param int   $id    ID of the order
 * @param array $order details of the order
 *
 * @return null
 */
function OnlineStore_exportToFile($id)
{
    $order = dbRow("SELECT * FROM online_store_orders WHERE id={$id}");
    $sendAt = (int) dbOne('select val from online_store_vars where name="export_at_what_point"', 'val');
    if ($sendAt == 0 && $order['status'] != '1') {
        return;
    }
    if ($sendAt == 1) {
        // never send
        return;
    }
    if ($sendAt == 2 && $order['status'] != '2') {
        return;
    }
    if ($sendAt == 3 && $order['status'] != '4') {
        return;
    }
    $form_vals = json_decode($order['form_vals']);
    $items = json_decode($order['items']);
    // { start export
    $export = dbOne('select val from online_store_vars where name="export_dir"', 'val');
    // TODO: ability to edit these values in the admin
    $exportcsv = array('"Phone Number","Customer Name","Address 1","Address 2","Postcode",' . '"Email","Stock Number","Amt","Price","Item ID"');
    // }
    // { handle item-specific stuff (vouchers, stock control)
    foreach ($items as $item_index => $item) {
        if (!$item->id) {
            continue;
        }
        $p = Product::getInstance($item->id);
        $exportcsv[] = '"' . str_replace('"', '""', @$form_vals->Billing_Phone) . '","' . str_replace('"', '""', @$form_vals->Billing_FirstName . ' ' . @$form_vals->Billing_Surname) . '","' . str_replace('"', '""', @$form_vals->Billing_Street) . '","' . str_replace('"', '""', @$form_vals->Billing_Street2) . '","' . str_replace('"', '""', @$form_vals->Billing_Postcode) . ' ' . str_replace('"', '""', @$form_vals->Billing_Town) . '","' . str_replace('"', '""', @$form_vals->Billing_Email) . '","' . str_replace('"', '""', @$p->Billing_stock_number) . '","' . $item->amt . '","' . $item->cost . '","' . $item->id . '"';
        // }
    }
    // }
    Core_cacheClear('products');
    if ($export && strpos($export, '..') === false) {
        $customer = dbOne('select val from online_store_vars where name="export_customers"', 'val');
        if ($customer && strpos($customer, '..') === false) {
            $customer_filename = dbOne('select val from online_store_vars' . ' where name="export_customer_filename"', 'val');
            if (!$customer_filename) {
                $customer_filename = 'customer-{{$Billing_Email}}.csv';
            }
            $customer_filename = str_replace(array('/', '..'), '', $customer_filename);
            $bits = preg_match_all('/{{\\$([^}]*)}}/', $customer_filename, $matches, PREG_SET_ORDER);
            foreach ($matches as $bit) {
                $customer_filename = str_replace('{{$' . $bit[1] . '}}', @$form_vals->{$bit[1]}, $customer_filename);
            }
            $customer_filename = str_replace(array('..', '/'), '', $customer_filename);
            @mkdir(USERBASE . '/' . $customer, 0777, true);
            $phone = preg_replace('/[^0-9\\(\\)\\+]/', '', @$form_vals->Billing_Phone);
            // TODO: must be able to edit values in the admin
            $fcontent = '"Name","Street","Street 2","Postcode","Email","Phone"' . "\n" . '"' . str_replace('"', '""', @$form_vals->Billing_FirstName . ' ' . @$form_vals->Billing_Surname) . '","' . str_replace('"', '""', @$form_vals->Billing_Street) . '","' . str_replace('"', '""', @$form_vals->Billing_Street2) . '","' . str_replace('"', '""', @$form_vals->Billing_Postcode) . '","' . str_replace('"', '""', @$form_vals->Billing_Email) . '","' . str_replace('"', '""', $form_vals->Billing_Phone) . '"';
            file_put_contents(USERBASE . '/' . $customer . '/' . $customer_filename, "" . $fcontent);
        }
        @mkdir(USERBASE . '/' . $export, 0777, true);
        file_put_contents(USERBASE . '/' . $export . '/order' . $id . '.csv', "" . join("\r\n", $exportcsv));
    }
}