function pw_validate_encrypt($plain)
{
global $db;
if (gen_not_null($plain)) {
$sql = "select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'ENCRYPTION_VALUE'";
$result = $db->Execute($sql);
$encrypted = $result->fields['configuration_value'];
$stack = explode(':', $encrypted);
if (sizeof($stack) != 2) {
return false;
}
if (md5($stack[1] . $plain) == $stack[0]) {
return true;
}
}
return false;
}
function btn_update()
{
// updates the currency rates
global $db, $messageStack;
/* commented out so everyone can update currency exchange rates
if ($this->security_id < 1) {
$messageStack->add(ERROR_NO_PERMISSION,'error');
return false;
}
*/
$server_used = CURRENCY_SERVER_PRIMARY;
$currency = $db->Execute("select currencies_id, code, title from " . $this->db_table);
while (!$currency->EOF) {
$quote_function = 'quote_' . CURRENCY_SERVER_PRIMARY . '_currency';
$rate = $quote_function($currency->fields['code']);
if (empty($rate) && gen_not_null(CURRENCY_SERVER_BACKUP)) {
$messageStack->add(sprintf(SETUP_WARN_PRIMARY_SERVER_FAILED, CURRENCY_SERVER_PRIMARY, $currency->fields['title'], $currency->fields['code']), 'caution');
$quote_function = 'quote_' . CURRENCY_SERVER_BACKUP . '_currency';
$rate = $quote_function($currency->fields['code']);
$server_used = CURRENCY_SERVER_BACKUP;
}
if (gen_not_null($rate)) {
$db->Execute("update " . $this->db_table . "\r\n\t\t\t\t\t set value = '" . $rate . "', last_updated = now()\r\n\t\t\t\t\t where currencies_id = '" . (int) $currency->fields['currencies_id'] . "'");
$messageStack->add(sprintf(SETUP_INFO_CURRENCY_UPDATED, $currency->fields['title'], $currency->fields['code'], $server_used), 'success');
} else {
$messageStack->add(sprintf(SETUP_ERROR_CURRENCY_INVALID, $currency->fields['title'], $currency->fields['code'], $server_used), 'error');
}
$currency->MoveNext();
}
return true;
}
// | published by the Free Software Foundation, either version 3 of |
// | the License, or any later version. |
// | |
// | This program is distributed in the hope that it will be useful, |
// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
// | GNU General Public License for more details. |
// | |
// | The license that is bundled with this package is located in the |
// | file: /doc/manual/ch01-Introduction/license.html. |
// | If not, see http://www.gnu.org/licenses/ |
// +-----------------------------------------------------------------+
// Path: /modules/install/index.php
//
require_once 'includes/application_top.php';
if (!isset($_GET['main_page']) || !gen_not_null($_GET['main_page'])) {
$_GET['main_page'] = 'index';
}
$current_page = $_GET['main_page'];
require_once '../../includes/version.php';
require_once '../general/functions/general.php';
require_once '../general/functions/html_functions.php';
require_once 'language/' . $language . '/language.php';
require_once 'language/' . $language . '/' . $current_page . '.php';
require_once 'pages/' . $current_page . '/header_php.php';
// make sure someone is not trying to hack in
$result = load_company_dropdown();
$blocked_modules = array('index', 'license', 'inspect', 'system_setup');
if (sizeof($result) > 0 && in_array($current_page, $blocked_modules)) {
die('This installation already has been set up. Please use Company Manager.');
}
function FormatRateRequest()
{
global $pkg;
$crlf = chr(13) . chr(10);
$sBody = '<?xml version="1.0"?>';
$sBody .= $crlf . '<AccessRequest xml:lang="en-US">';
$sBody .= $crlf . '<AccessLicenseNumber>' . MODULE_SHIPPING_UPS_ACCESS_KEY . '</AccessLicenseNumber>';
$sBody .= $crlf . '<UserId>' . MODULE_SHIPPING_UPS_USER_ID . '</UserId>';
$sBody .= $crlf . '<Password>' . MODULE_SHIPPING_UPS_PASSWORD . '</Password>';
$sBody .= $crlf . '</AccessRequest>';
$sBody .= $crlf . '<?xml version="1.0"?>';
$sBody .= $crlf . '<RatingServiceSelectionRequest xml:lang="en-US">';
$sBody .= $crlf . '<Request>';
$sBody .= $crlf . '<TransactionReference>';
$sBody .= $crlf . '<CustomerContext>Rating and Service</CustomerContext>';
$sBody .= $crlf . '<XpciVersion>1.0001</XpciVersion>';
$sBody .= $crlf . '</TransactionReference>';
$sBody .= $crlf . '<RequestAction>' . 'rate' . '</RequestAction>';
// must be rate for tool to work
$sBody .= $crlf . '<RequestOption>' . 'shop' . '</RequestOption>';
// must be shop to
$sBody .= $crlf . '</Request>';
$sBody .= $crlf . '<PickupType><Code>' . $pkg->pickup_service . '</Code></PickupType>';
$sBody .= $crlf . '<CustomerClassification><Code>' . '01' . '</Code></CustomerClassification>';
// wholesale (default for PickupType 01)
$sBody .= $crlf . '<Shipment>';
$sBody .= $crlf . '<Shipper>';
$sBody .= $crlf . '<ShipperNumber>' . MODULE_SHIPPING_UPS_SHIPPER_NUMBER . '</ShipperNumber>';
$sBody .= $crlf . '<Address>';
if (COMPANY_CITY_TOWN) {
$sBody .= $crlf . '<City>' . COMPANY_CITY_TOWN . '</City>';
}
if (COMPANY_ZONE) {
$sBody .= $crlf . '<StateProvinceCode>' . COMPANY_ZONE . '</StateProvinceCode>';
}
if (COMPANY_POSTAL_CODE) {
$sBody .= $crlf . '<PostalCode>' . COMPANY_POSTAL_CODE . '</PostalCode>';
}
// $country_name = gen_get_country_iso_2(COMPANY_COUNTRY);
$sBody .= $crlf . '<CountryCode>' . gen_get_country_iso_2_from_3(COMPANY_COUNTRY) . '</CountryCode>';
$sBody .= $crlf . '</Address>';
$sBody .= $crlf . '</Shipper>';
$sBody .= $crlf . '<ShipTo>';
$sBody .= $crlf . '<Address>';
if ($pkg->ship_to_city) {
$sBody .= $crlf . '<City>' . $pkg->ship_to_city . '</City>';
}
if ($pkg->ship_to_state) {
$sBody .= $crlf . '<StateProvinceCode>' . strtoupper($pkg->ship_to_state) . '</StateProvinceCode>';
}
if ($pkg->ship_to_postal_code) {
$sBody .= $crlf . '<PostalCode>' . $pkg->ship_to_postal_code . '</PostalCode>';
}
// $country_name = gen_get_country_iso_2($pkg->ship_to_country_code);
$sBody .= $crlf . '<CountryCode>' . $pkg->ship_to_country_iso2 . '</CountryCode>';
if ($pkg->residential_address) {
$sBody .= $crlf . '<ResidentialAddress></ResidentialAddress>';
}
$sBody .= $crlf . '</Address>';
$sBody .= $crlf . '</ShipTo>';
$sBody .= $crlf . '<ShipFrom>';
$sBody .= $crlf . '<Address>';
if ($pkg->ship_city_town) {
$sBody .= $crlf . '<City>' . $pkg->ship_city_town . '</City>';
}
if ($pkg->ship_state_province) {
$sBody .= $crlf . '<StateProvinceCode>' . strtoupper($pkg->ship_state_province) . '</StateProvinceCode>';
}
if ($pkg->ship_postal_code) {
$sBody .= $crlf . '<PostalCode>' . $pkg->ship_postal_code . '</PostalCode>';
}
// $country_name = gen_get_country_iso_2($pkg->ship_country_code);
$sBody .= $crlf . '<CountryCode>' . $pkg->ship_from_country_iso2 . '</CountryCode>';
$sBody .= $crlf . '</Address>';
$sBody .= $crlf . '</ShipFrom>';
$sBody .= $crlf . '<ShipmentWeight>';
$sBody .= $crlf . '<UnitOfMeasurement><Code>' . $pkg->pkg_weight_unit . '</Code></UnitOfMeasurement>';
$ShipmentWeight = 0;
foreach ($this->package as $pkgnum) {
$ShipmentWeight += $pkgnum['weight'];
}
$sBody .= $crlf . '<Weight>' . $ShipmentWeight . '</Weight>';
$sBody .= $crlf . '</ShipmentWeight>';
foreach ($this->package as $pkgnum) {
// Enter each package
$sBody .= $crlf . '<Package>';
$sBody .= $crlf . '<PackagingType><Code>' . $pkgnum['PackageTypeCode'] . '</Code></PackagingType>';
$sBody .= $crlf . '<Dimensions>';
$sBody .= $crlf . '<UnitOfMeasurement><Code>' . $pkgnum['DimensionUnit'] . '</Code></UnitOfMeasurement>';
$sBody .= $crlf . '<Length>' . $pkgnum['Length'] . '</Length>';
$sBody .= $crlf . '<Width>' . $pkgnum['Width'] . '</Width>';
$sBody .= $crlf . '<Height>' . $pkgnum['Height'] . '</Height>';
$sBody .= $crlf . '</Dimensions>';
$sBody .= $crlf . '<PackageWeight>';
$sBody .= $crlf . '<UnitOfMeasurement><Code>' . $pkgnum['WeightUnit'] . '</Code></UnitOfMeasurement>';
$sBody .= $crlf . '<Weight>' . $pkgnum['Weight'] . '</Weight>';
$sBody .= $crlf . '</PackageWeight>';
$temp = '';
if (gen_not_null($pkgnum['DeliveryConfirmation'])) {
$temp .= $crlf . '<DeliveryConfirmation>';
$temp .= $crlf . '<DCISType>' . $pkgnum['DeliveryConfirmation'] . '</DCISType>';
$temp .= $crlf . '</DeliveryConfirmation>';
}
if (gen_not_null($pkgnum['InsuranceCurrencyCode'])) {
$temp .= $crlf . '<InsuredValue>';
$temp .= $crlf . '<CurrencyCode>' . $pkgnum['InsuranceCurrencyCode'] . '</CurrencyCode>';
$temp .= $crlf . '<MonetaryValue>' . $pkgnum['InsuranceValue'] . '</MonetaryValue>';
$temp .= $crlf . '</InsuredValue>';
}
if ($temp) {
$sBody .= $crlf . '<PackageServiceOptions>' . $temp . $crlf . '</PackageServiceOptions>';
}
if ($pkgnum['AdditionalHandling']) {
$sBody .= $crlf . '<AdditionalHandling></AdditionalHandling>';
}
$sBody .= $crlf . '</Package>';
}
$temp = '';
if ($pkg->saturday_pickup) {
$temp .= $crlf . '<SaturdayPickupIndicator>' . $pkg->saturday_pickup . '</SaturdayPickupIndicator>';
}
if ($pkg->saturday_delivery) {
$temp .= $crlf . '<SaturdayDeliveryIndicator>' . $pkg->saturday_delivery . '</SaturdayDeliveryIndicator>';
}
if ($pkg->cod) {
$temp .= $crlf . '<COD><CODCode>3</CODCode>';
if ($pkg->cod_payment_type == 1 || $pkg->cod_payment_type == 2 || $pkg->cod_payment_type == 3) {
$payment_type = '9';
// check, money order, cashier's check
} else {
$payment_type = '1';
// cash
}
$temp .= '<CODFundsCode>' . $payment_type . '</CODFundsCode>';
$temp .= '<CODAmount><CurrencyCode>' . $pkg->cod_currency . '</CurrencyCode>';
$temp .= '<MonetaryValue>' . $pkg->cod_amount . '</MonetaryValue></CODAmount>';
$temp .= '</COD>';
}
if ($temp) {
$sBody .= $crlf . '<ShipmentServiceOptions>' . $temp . $crlf . '</ShipmentServiceOptions>';
}
if ($pkg->handling_charge) {
$sBody .= $crlf . '<HandlingCharge><FlatRate><CurrencyCode>' . $pkg->handling_charge_currency . '</CurrencyCode>';
$sBody .= '<MonetaryValue>' . $pkg->handling_charge_value . '</MonetaryValue></FlatRate></HandlingCharge>';
}
$sBody .= $crlf . '<RateInformation>';
$sBody .= $crlf . '<NegotiatedRatesIndicator>1</NegotiatedRatesIndicator>';
$sBody .= $crlf . '</RateInformation>';
$sBody .= $crlf . '</Shipment>';
$sBody .= $crlf . '</RatingServiceSelectionRequest>';
$sBody .= $crlf;
return $sBody;
}
function tableBox($contents, $direct_output = false)
{
$tableBox_string = '<table border="' . gen_output_string($this->table_border) . '" width="' . gen_output_string($this->table_width) . '" cellspacing="' . gen_output_string($this->table_cellspacing) . '" cellpadding="' . gen_output_string($this->table_cellpadding) . '"';
if (gen_not_null($this->table_parameters)) {
$tableBox_string .= ' ' . $this->table_parameters;
}
$tableBox_string .= '>' . "\n";
for ($i = 0, $n = sizeof($contents); $i < $n; $i++) {
if (isset($contents[$i]['form']) && gen_not_null($contents[$i]['form'])) {
$tableBox_string .= $contents[$i]['form'] . "\n";
}
$tableBox_string .= ' <tr';
if (gen_not_null($this->table_row_parameters)) {
$tableBox_string .= ' ' . $this->table_row_parameters;
}
if (isset($contents[$i]['params']) && gen_not_null($contents[$i]['params'])) {
$tableBox_string .= ' ' . $contents[$i]['params'];
}
$tableBox_string .= '>' . "\n";
if (isset($contents[$i][0]) && is_array($contents[$i][0])) {
for ($x = 0, $n2 = sizeof($contents[$i]); $x < $n2; $x++) {
if (isset($contents[$i][$x]['text']) && gen_not_null($contents[$i][$x]['text'])) {
$tableBox_string .= ' <td';
if (isset($contents[$i][$x]['align']) && gen_not_null($contents[$i][$x]['align'])) {
$tableBox_string .= ' align="' . gen_output_string($contents[$i][$x]['align']) . '"';
}
if (isset($contents[$i][$x]['params']) && gen_not_null($contents[$i][$x]['params'])) {
$tableBox_string .= ' ' . $contents[$i][$x]['params'];
} elseif (gen_not_null($this->table_data_parameters)) {
$tableBox_string .= ' ' . $this->table_data_parameters;
}
$tableBox_string .= '>';
if (isset($contents[$i][$x]['form']) && gen_not_null($contents[$i][$x]['form'])) {
$tableBox_string .= $contents[$i][$x]['form'];
}
$tableBox_string .= $contents[$i][$x]['text'];
if (isset($contents[$i][$x]['form']) && gen_not_null($contents[$i][$x]['form'])) {
$tableBox_string .= '</form>';
}
$tableBox_string .= '</td>' . "\n";
}
}
} else {
$tableBox_string .= ' <td';
if (isset($contents[$i]['align']) && gen_not_null($contents[$i]['align'])) {
$tableBox_string .= ' align="' . gen_output_string($contents[$i]['align']) . '"';
}
if (isset($contents[$i]['params']) && gen_not_null($contents[$i]['params'])) {
$tableBox_string .= ' ' . $contents[$i]['params'];
} elseif (gen_not_null($this->table_data_parameters)) {
$tableBox_string .= ' ' . $this->table_data_parameters;
}
$tableBox_string .= '>' . $contents[$i]['text'] . '</td>' . "\n";
}
$tableBox_string .= ' </tr>' . "\n";
if (isset($contents[$i]['form']) && gen_not_null($contents[$i]['form'])) {
$tableBox_string .= '</form>' . "\n";
}
}
$tableBox_string .= '</table>' . "\n";
if ($direct_output == true) {
echo $tableBox_string;
}
return $tableBox_string;
}
function tableBlock($contents)
{
$tableBox_string = '';
$form_set = false;
if (isset($contents['form'])) {
$tableBox_string .= $contents['form'] . "\n";
$form_set = true;
array_shift($contents);
}
$tableBox_string .= '<table border="' . $this->table_border . '" width="' . $this->table_width . '" cellspacing="' . $this->table_cellspacing . '" cellpadding="' . $this->table_cellpadding . '"';
if (gen_not_null($this->table_parameters)) {
$tableBox_string .= ' ' . $this->table_parameters;
}
$tableBox_string .= '>' . "\n";
for ($i = 0, $n = sizeof($contents); $i < $n; $i++) {
$tableBox_string .= ' <tr';
if (gen_not_null($this->table_row_parameters)) {
$tableBox_string .= ' ' . $this->table_row_parameters;
}
if (isset($contents[$i]['params']) && gen_not_null($contents[$i]['params'])) {
$tableBox_string .= ' ' . $contents[$i]['params'];
}
$tableBox_string .= '>' . "\n";
if (isset($contents[$i][0]) && is_array($contents[$i][0])) {
for ($x = 0, $y = sizeof($contents[$i]); $x < $y; $x++) {
if (isset($contents[$i][$x]['text']) && gen_not_null(isset($contents[$i][$x]['text']))) {
$tableBox_string .= ' <td';
if (isset($contents[$i][$x]['align']) && gen_not_null($contents[$i][$x]['align'])) {
$tableBox_string .= ' align="' . $contents[$i][$x]['align'] . '"';
}
if (isset($contents[$i][$x]['params']) && gen_not_null(isset($contents[$i][$x]['params']))) {
$tableBox_string .= ' ' . $contents[$i][$x]['params'];
} elseif (gen_not_null($this->table_data_parameters)) {
$tableBox_string .= ' ' . $this->table_data_parameters;
}
$tableBox_string .= '>';
if (isset($contents[$i][$x]['form']) && gen_not_null($contents[$i][$x]['form'])) {
$tableBox_string .= $contents[$i][$x]['form'];
}
$tableBox_string .= $contents[$i][$x]['text'];
if (isset($contents[$i][$x]['form']) && gen_not_null($contents[$i][$x]['form'])) {
$tableBox_string .= '</form>';
}
$tableBox_string .= '</td>' . "\n";
}
}
} else {
$tableBox_string .= ' <td';
if (isset($contents[$i]['align']) && gen_not_null($contents[$i]['align'])) {
$tableBox_string .= ' align="' . $contents[$i]['align'] . '"';
}
if (isset($contents[$i]['params']) && gen_not_null($contents[$i]['params'])) {
$tableBox_string .= ' ' . $contents[$i]['params'];
} elseif (gen_not_null($this->table_data_parameters)) {
$tableBox_string .= ' ' . $this->table_data_parameters;
}
$tableBox_string .= '>' . $contents[$i]['text'] . '</td>' . "\n";
}
$tableBox_string .= ' </tr>' . "\n";
}
$tableBox_string .= '</table>' . "\n";
if ($form_set == true) {
$tableBox_string .= '</form>' . "\n";
}
return $tableBox_string;
}
function table_import_csv($structure, $db_table, $filename)
{
global $db, $messageStack;
$data = array_map('str_getcsv', file($_FILES[$filename]['tmp_name']));
// read the header and build array
if (sizeof($data) < 2) {
$messageStack->add('The number of lines in the file is to small, a csv file must contain a header line and at least on input line!', 'error');
return false;
}
$header = array_shift($data);
foreach ($header as $key => $value) {
$header[$key] = trim($value);
}
// build the map structure
$temp = $structure->Module->Table;
$map_array = array();
foreach ($structure->Module->Table as $table) {
if ($table->Name == $db_table) {
foreach ($table->Field as $field) {
$key = array_search($field->TagName, $header);
if ($key !== false) {
$map_array[$key] = array('cnt' => 0, 'table' => $table->Name, 'field' => $field->Name);
}
}
break;
}
}
// build dependent map tables
$ref_mapping = array();
if (is_object($table->LinkTable)) {
$table->LinkTable = array($table->LinkTable);
}
if (isset($table->LinkTable)) {
foreach ($table->LinkTable as $subtable) {
foreach ($structure->Module->Table as $working) {
if ($subtable->Name == $working->Name) {
$ref_mapping[$subtable->Name] = array('pri_field' => $subtable->PrimaryField, 'ref_field' => $subtable->DependentField);
for ($i = 1; $i <= MAX_IMPORT_CSV_ITEMS; $i++) {
foreach ($working->Field as $field) {
$key = array_search($field->TagName . '_' . $i, $header);
if ($key !== false) {
$map_array[$key] = array('cnt' => $i, 'table' => $subtable->Name, 'field' => $field->Name);
}
}
}
}
}
}
}
foreach ($data as $line) {
$line_array = $map_array;
$sql_array = array();
for ($i = 0; $i < sizeof($line); $i++) {
$line_array[$i]['value'] = $line[$i];
}
foreach ($line_array as $value) {
if (!$value['table']) {
continue;
}
$sql_array[$value['table']][$value['cnt']][$value['field']] = $value['value'];
}
foreach ($sql_array as $table => $count) {
foreach ($count as $cnt => $table_array) {
if ($cnt == 0) {
// main record, fetch id afterwards
if (sizeof($table_array) > 0) {
//echo "inserting main record to table $table data: ".print_r($table_array, true).'<br>';
db_perform(DB_PREFIX . $table, $table_array, 'insert');
}
$id = db_insert_id();
} else {
// dependent table
$data_present = false;
foreach ($table_array as $value) {
if (gen_not_null($value)) {
$data_present = true;
}
}
if ($data_present) {
$table_array[$ref_mapping[$table]['ref_field']] = $id;
//echo "inserting main record to table $table data: ".print_r($table_array, true).'<br>';
db_perform(DB_PREFIX . $table, $table_array, 'insert');
}
}
}
}
}
}
function btn_update()
{
// updates the currency rates
global $db, $messageStack;
$message = array();
/* commented out so everyone can update currency exchange rates
validate_security($security_level, 1);
*/
$server_used = CURRENCY_SERVER_PRIMARY;
$currency = $db->Execute("select currencies_id, code, title from " . $this->db_table);
while (!$currency->EOF) {
if ($currency->fields['code'] == $this->def_currency) {
// skip default currency
$currency->MoveNext();
continue;
}
$quote_function = 'quote_' . CURRENCY_SERVER_PRIMARY;
$rate = $this->{$quote_function}($currency->fields['code'], $this->def_currency);
if (empty($rate) && gen_not_null(CURRENCY_SERVER_BACKUP)) {
$message[] = sprintf(SETUP_WARN_PRIMARY_SERVER_FAILED, CURRENCY_SERVER_PRIMARY, $currency->fields['title'], $currency->fields['code']);
$messageStack->add(sprintf(SETUP_WARN_PRIMARY_SERVER_FAILED, CURRENCY_SERVER_PRIMARY, $currency->fields['title'], $currency->fields['code']), 'caution');
$quote_function = 'quote_' . CURRENCY_SERVER_BACKUP;
$rate = $this->{$quote_function}($currency->fields['code'], $this->def_currency);
$server_used = CURRENCY_SERVER_BACKUP;
}
if ($rate != 0) {
$db->Execute("update " . $this->db_table . " set value = '" . $rate . "', last_updated = now()\n\t\t where currencies_id = '" . (int) $currency->fields['currencies_id'] . "'");
$message[] = sprintf(SETUP_INFO_CURRENCY_UPDATED, $currency->fields['title'], $currency->fields['code'], $server_used);
$messageStack->add(sprintf(SETUP_INFO_CURRENCY_UPDATED, $currency->fields['title'], $currency->fields['code'], $server_used), 'success');
} else {
$message[] = sprintf(SETUP_ERROR_CURRENCY_INVALID, $currency->fields['title'], $currency->fields['code'], $server_used);
$messageStack->add(sprintf(SETUP_ERROR_CURRENCY_INVALID, $currency->fields['title'], $currency->fields['code'], $server_used), 'error');
}
$currency->MoveNext();
}
if (sizeof($message) > 0) {
$this->message = implode("\n", $message);
}
return true;
}
$zc_install->error = true;
$zc_install->fatal_error = true;
$err_text = ERROR_TEXT_PHP_VERSION;
$err_code = ERROR_CODE_PHP_VERSION;
$this_class = 'FAIL';
} else {
$php_ver = phpversion();
$this_class = 'OK';
}
$status_check[] = array('Importance' => 'Critical', 'Title' => LABEL_PHP_VER, 'Status' => $php_ver, 'Class' => $this_class, 'HelpURL' => $err_code, 'HelpLabel' => $err_text);
// SAFE MODE check
$safe_mode = ini_get("safe_mode") ? "<span class='errors'>" . ON . '</span>' : OFF;
$status_check[] = array('Importance' => 'Critical', 'Title' => LABEL_SAFE_MODE, 'Status' => $safe_mode, 'Class' => $safe_mode == OFF ? 'OK' : 'FAIL', 'HelpURL' => ERROR_CODE_SAFE_MODE_ON, 'HelpLabel' => ERROR_TEXT_SAFE_MODE_ON);
//OpenBaseDir setting
$open_basedir = ini_get("open_basedir");
$status_check[] = array('Importance' => 'Recommended', 'Title' => LABEL_OPEN_BASEDIR, 'Status' => $open_basedir, 'Class' => gen_not_null($open_basedir) ? 'WARN' : 'OK', 'HelpURL' => '', 'HelpLabel' => 'Could have problems uploading files or doing backups');
//PHP support for Sessions check
$php_ext_sessions = @extension_loaded('session') ? ON : OFF;
$status_check[] = array('Importance' => 'Critical', 'Title' => LABEL_PHP_EXT_SESSIONS, 'Status' => $php_ext_sessions, 'Class' => $php_ext_sessions == ON ? 'OK' : 'FAIL', 'HelpURL' => '', 'HelpLabel' => 'Session Support required in PHP.');
//session.auto_start check
$php_session_auto = ini_get('session.auto_start') ? ON : OFF;
$status_check[] = array('Importance' => 'Recommended', 'Title' => LABEL_PHP_SESSION_AUTOSTART, 'Status' => $php_session_auto, 'Class' => $php_session_auto == ON ? 'WARN' : 'OK', 'HelpURL' => ERROR_CODE_PHP_SESSION_AUTOSTART, 'HelpLabel' => ERROR_TEXT_PHP_SESSION_AUTOSTART);
//session.trans_sid check
$php_session_trans_sid = ini_get('session.use_trans_sid') ? ON : OFF;
$status_check[] = array('Importance' => 'Recommended', 'Title' => LABEL_PHP_SESSION_TRANS_SID, 'Status' => $php_session_trans_sid, 'Class' => $php_session_trans_sid == ON ? 'WARN' : 'OK', 'HelpURL' => ERROR_CODE_PHP_SESSION_TRANS_SID, 'HelpLabel' => ERROR_TEXT_PHP_SESSION_TRANS_SID);
/*
// Check for 'tmp' folder for file-based caching. This checks numerous places, and tests actual writing of a file to those folders.
$script_filename = $_SERVER['PATH_TRANSLATED'];
if (empty($script_filename)) {
$script_filename = $_SERVER['SCRIPT_FILENAME'];
}
break;
}
}
$sql_data_array = array('group_id' => $definitions->fields['group_id'], 'custom' => '1', 'security' => $definitions->fields['security'], 'title' => $definition_name, 'description' => $definition_description, 'table_name' => $definitions->fields['table_name'], 'primary_key_field' => $definitions->fields['primary_key_field'], 'params' => serialize($params), 'criteria' => serialize($criteria), 'options' => serialize($options));
db_perform(TABLE_IMPORT_EXPORT, $sql_data_array, 'update', "id = " . $id);
gen_add_audit_log(IE_LOG_MESSAGE . TEXT_RENAME, $definitions->fields['title']);
break;
case 'copy':
if ($security_level < 2) {
$messageStack->add_session(ERROR_NO_PERMISSION, 'error');
gen_redirect(html_href_link(FILENAME_DEFAULT, gen_get_all_get_params(array('action')), 'SSL'));
break;
}
$definition_name = db_prepare_input($_POST['definition_name']);
$definition_description = db_prepare_input($_POST['definition_description']);
if (!gen_not_null($definition_name)) {
$messageStack->add(IE_ERROR_NO_NAME, 'error');
break;
}
$duplicates = $db->Execute("select id from " . TABLE_IMPORT_EXPORT . " where title = '" . $definition_name . "'");
if ($duplicates->RecordCount() > 0) {
$messageStack->add(IE_ERROR_DUPLICATE_NAME, 'error');
break;
}
$sql_data_array = array('group_id' => $definitions->fields['group_id'], 'custom' => '1', 'security' => $definitions->fields['security'], 'title' => $definition_name, 'description' => $definition_description, 'table_name' => $definitions->fields['table_name'], 'primary_key_field' => $definitions->fields['primary_key_field'], 'params' => serialize($params), 'criteria' => serialize($criteria), 'options' => serialize($options));
db_perform(TABLE_IMPORT_EXPORT, $sql_data_array, 'insert');
$id = db_insert_id();
$sql = "select id, group_id, custom, security, title, description, table_name, primary_key_field \r\n\t from " . TABLE_IMPORT_EXPORT . " where id = '" . $id . "'";
$definitions = $db->Execute($sql);
gen_add_audit_log(IE_LOG_MESSAGE . TEXT_COPY, $definitions->fields['title']);
break;
function cfg_select_drop_down($select_array, $key_value, $key = '')
{
$name = gen_not_null($key) ? 'configuration[' . $key . ']' : 'configuration_value';
return html_pull_down_menu($name, $select_array, (int) $key_value);
}
$heading[] = array('text' => '<b>' . (defined($cInfo->configuration_title) ? constant($cInfo->configuration_title) : $cInfo->configuration_title) . '</b>');
if (ADMIN_CONFIGURATION_KEY_ON == 1) {
$contents[] = array('text' => '<strong>Key: ' . $cInfo->configuration_key . '</strong><br />');
}
if ($_SESSION['admin_security'][SECURITY_ID_CONFIGURATION] > 2) {
$contents[] = array('align' => 'center', 'text' => html_button_field('edit', TEXT_EDIT, 'onclick="location.href=\'' . html_href_link(FILENAME_DEFAULT, gen_get_all_get_params(array('gID', 'cID', 'action')) . 'gID=' . $_GET['gID'] . '&cID=' . $cInfo->configuration_id . '&action=edit', 'SSL') . '\'"'));
}
$contents[] = array('text' => '<br />' . (defined($cInfo->configuration_description) ? constant($cInfo->configuration_description) : $cInfo->configuration_description));
$contents[] = array('text' => '<br />' . SETUP_INFO_DATE_ADDED . ' ' . gen_date_short($cInfo->date_added));
if (gen_not_null($cInfo->last_modified)) {
$contents[] = array('text' => SETUP_INFO_LAST_MODIFIED . ' ' . gen_date_short($cInfo->last_modified));
}
}
break;
}
if (gen_not_null($heading) && gen_not_null($contents)) {
echo ' <td width="25%" valign="top">' . "\n";
$box = new box();
echo $box->infoBox($heading, $contents);
echo ' </td>' . "\n";
}
?>
</tr>
</table></td>
</tr>
</table></td>
<!-- body_text_eof //-->
</tr>
</table>
</form>
function html_pull_down_menu($name, $values, $default = '', $parameters = '', $required = false)
{
$id = strpos($name, '[') ? false : $name;
$field = '<select name="' . gen_output_string($name) . '"';
if ($id) {
$field .= ' id="' . gen_output_string($id) . '"';
}
if (gen_not_null($parameters)) {
$field .= ' ' . $parameters;
}
$field .= '>';
if (empty($default) && isset($GLOBALS[$name])) {
$default = stripslashes($GLOBALS[$name]);
}
if (sizeof($values) > 0) {
foreach ($values as $choice) {
$field .= '<option value="' . gen_output_string($choice['id']) . '"';
if (is_array($default)) {
// handles pull down with size and multiple parameters set
if (in_array($choice['id'], $default)) {
$field .= ' selected="selected"';
}
} else {
if ($default == $choice['id']) {
$field .= ' selected="selected"';
}
}
$field .= '>' . htmlspecialchars($choice['text']) . '</option>';
}
}
$field .= '</select>';
if ($required == true) {
$field .= TEXT_FIELD_REQUIRED;
}
return $field;
}
function combine_rates()
{
//$rate_accounts, $tax_auth_id_add = '', $tax_auth_id_delete = '') {
$tax_auth_array = explode(':', $this->rate_accounts);
$new_tax_auth_array = array();
while ($tax_auth = array_shift($tax_auth_array)) {
if ($tax_auth != $this->tax_auth_id_delete) {
$new_tax_auth_array[] = $tax_auth;
}
}
if (gen_not_null($this->tax_auth_id_add)) {
$new_tax_auth_array[] = $this->tax_auth_id_add;
}
$this->rate_accounts = implode(':', $new_tax_auth_array);
return;
// implode(':', $new_tax_auth_array);
}
function db_executeSql($sql_file, $database, $table_prefix = '', $isupgrade = false)
{
if (!defined('DB_PREFIX')) {
define('DB_PREFIX', $table_prefix);
}
//echo 'start SQL execute';
global $db;
$ignored_count = 0;
// prepare for upgrader processing
// if ($isupgrade) gen_create_upgrader_table(); // only creates table if doesn't already exist
if (!get_cfg_var('safe_mode')) {
@set_time_limit(1200);
}
$lines = file($sql_file);
//echo 'read number of lines = ' . count($lines) . '<br />';
$newline = '';
foreach ($lines as $line) {
$line = trim($line);
$keep_together = 1;
// count of number of lines to treat as a single command
// split the line into words ... starts at $param[0] and so on. Also remove the ';' from end of last param if exists
$param = explode(" ", substr($line, -1) == ';' ? substr($line, 0, strlen($line) - 1) : $line);
// The following command checks to see if we're asking for a block of commands to be run at once.
// Syntax: #NEXT_X_ROWS_AS_ONE_COMMAND:6 for running the next 6 commands together (commands denoted by a ;)
if (substr($line, 0, 28) == '#NEXT_X_ROWS_AS_ONE_COMMAND:') {
$keep_together = substr($line, 28);
}
if (substr($line, 0, 1) != '#' && substr($line, 0, 1) != '-' && $line != '') {
$line_upper = strtoupper($line);
switch (true) {
case substr($line_upper, 0, 21) == 'DROP TABLE IF EXISTS ':
$line = 'DROP TABLE IF EXISTS ' . $table_prefix . substr($line, 21);
break;
case substr($line_upper, 0, 11) == 'DROP TABLE ' && $param[2] != 'IF':
if (!($checkprivs = db_check_database_privs('DROP'))) {
$result = sprintf(REASON_NO_PRIVILEGES, 'DROP');
}
if (!install_table_exists($param[2]) || gen_not_null($result)) {
install_write_to_upgrade_exceptions_table($line, gen_not_null($result) ? $result : sprintf(REASON_TABLE_DOESNT_EXIST, $param[2]), $sql_file);
$ignore_line = true;
$result = gen_not_null($result) ? $result : sprintf(REASON_TABLE_DOESNT_EXIST, $param[2]);
//duplicated here for on-screen error-reporting
break;
} else {
$line = 'DROP TABLE ' . $table_prefix . substr($line, 11);
}
break;
case substr($line_upper, 0, 13) == 'CREATE TABLE ':
// check to see if table exists
$table = strtoupper($param[2] . ' ' . $param[3] . ' ' . $param[4]) == 'IF NOT EXISTS' ? $param[5] : $param[2];
$result = install_table_exists($table);
if ($result == true) {
install_write_to_upgrade_exceptions_table($line, sprintf(REASON_TABLE_ALREADY_EXISTS, $table), $sql_file);
$ignore_line = true;
$result = sprintf(REASON_TABLE_ALREADY_EXISTS, $table);
//duplicated here for on-screen error-reporting
break;
} else {
$line = strtoupper($param[2] . ' ' . $param[3] . ' ' . $param[4]) == 'IF NOT EXISTS' ? 'CREATE TABLE IF NOT EXISTS ' . $table_prefix . substr($line, 27) : 'CREATE TABLE ' . $table_prefix . substr($line, 13);
}
break;
case substr($line_upper, 0, 12) == 'INSERT INTO ':
//check to see if table prefix is going to match
$param[2] = str_replace('`', '', $param[2]);
if (!($tbl_exists = install_table_exists($param[2]))) {
$result = sprintf(REASON_TABLE_NOT_FOUND, $param[2]) . ' CHECK PREFIXES!';
}
// check to see if INSERT command may be safely executed for "configuration" or "product_type_layout" tables
if ($param[2] == 'configuration' && ($result = install_check_config_key($line)) or !$tbl_exists) {
install_write_to_upgrade_exceptions_table($line, $result, $sql_file);
$ignore_line = true;
break;
} else {
$line = 'INSERT INTO ' . $table_prefix . substr($line, 12);
}
break;
case substr($line_upper, 0, 12) == 'ALTER TABLE ':
// check to see if ALTER command may be safely executed
if ($result = install_check_alter_command($param)) {
install_write_to_upgrade_exceptions_table($line, $result, $sql_file);
$ignore_line = true;
break;
} else {
$line = 'ALTER TABLE ' . $table_prefix . substr($line, 12);
}
break;
case substr($line_upper, 0, 13) == 'RENAME TABLE ':
// RENAME TABLE command cannot be parsed to insert table prefixes, so skip if using prefixes
if (gen_not_null(DB_PREFIX)) {
install_write_to_upgrade_exceptions_table($line, 'RENAME TABLE command not supported by upgrader. Please use phpMyAdmin instead.', $sql_file);
$ignore_line = true;
}
break;
case substr($line_upper, 0, 7) == 'UPDATE ':
//check to see if table prefix is going to match
if (!($tbl_exists = install_table_exists($param[1]))) {
install_write_to_upgrade_exceptions_table($line, sprintf(REASON_TABLE_NOT_FOUND, $param[1]) . ' CHECK PREFIXES!', $sql_file);
$result = sprintf(REASON_TABLE_NOT_FOUND, $param[1]) . ' CHECK PREFIXES!';
$ignore_line = true;
break;
} else {
$line = 'UPDATE ' . $table_prefix . substr($line, 7);
}
break;
case substr($line_upper, 0, 12) == 'DELETE FROM ':
$line = 'DELETE FROM ' . $table_prefix . substr($line, 12);
break;
case substr($line_upper, 0, 11) == 'DROP INDEX ':
// check to see if DROP INDEX command may be safely executed
if ($result = install_drop_index_command($param)) {
install_write_to_upgrade_exceptions_table($line, $result, $sql_file);
$ignore_line = true;
break;
} else {
$line = 'DROP INDEX ' . $param[2] . ' ON ' . $table_prefix . $param[4];
}
break;
case substr($line_upper, 0, 13) == 'CREATE INDEX ' || strtoupper($param[0]) == 'CREATE' && strtoupper($param[2]) == 'INDEX':
// check to see if CREATE INDEX command may be safely executed
if ($result = install_create_index_command($param)) {
install_write_to_upgrade_exceptions_table($line, $result, $sql_file);
$ignore_line = true;
break;
} else {
if (strtoupper($param[1]) == 'INDEX') {
$line = trim('CREATE INDEX ' . $param[2] . ' ON ' . $table_prefix . implode(' ', array($param[4], $param[5], $param[6], $param[7], $param[8], $param[9], $param[10], $param[11], $param[12], $param[13]))) . ';';
// add the ';' back since it was removed from $param at start
} else {
$line = trim('CREATE ' . $param[1] . ' INDEX ' . $param[3] . ' ON ' . $table_prefix . implode(' ', array($param[5], $param[6], $param[7], $param[8], $param[9], $param[10], $param[11], $param[12], $param[13])));
// add the ';' back since it was removed from $param at start
}
}
break;
case substr($line_upper, 0, 8) == 'SELECT (' && substr_count($line, 'FROM ') > 0:
$line = str_replace('FROM ', 'FROM ' . $table_prefix, $line);
break;
case substr($line_upper, 0, 10) == 'LEFT JOIN ':
$line = 'LEFT JOIN ' . $table_prefix . substr($line, 10);
break;
case substr($line_upper, 0, 5) == 'FROM ':
if (substr_count($line, ',') > 0) {
// contains FROM and a comma, thus must parse for multiple tablenames
$tbl_list = explode(',', substr($line, 5));
$line = 'FROM ';
foreach ($tbl_list as $val) {
$line .= $table_prefix . trim($val) . ',';
// add prefix and comma
}
//end foreach
if (substr($line, -1) == ',') {
$line = substr($line, 0, strlen($line) - 1);
}
// remove trailing ','
} else {
//didn't have a comma, but starts with "FROM ", so insert table prefix
$line = str_replace('FROM ', 'FROM ' . $table_prefix, $line);
}
//endif substr_count(,)
break;
default:
break;
}
//end switch
$newline .= $line . ' ';
if (substr($line, -1) == ';') {
//found a semicolon, so treat it as a full command, incrementing counter of rows to process at once
if (substr($newline, -1) == ' ') {
$newline = substr($newline, 0, strlen($newline) - 1);
}
$lines_to_keep_together_counter++;
if ($lines_to_keep_together_counter == $keep_together) {
// if all grouped rows have been loaded, go to execute.
$complete_line = true;
$lines_to_keep_together_counter = 0;
} else {
$complete_line = false;
}
}
//endif found ';'
if ($complete_line) {
if ($debug == true) {
echo (!$ignore_line ? '<br />About to execute.' : 'Ignoring statement. This command WILL NOT be executed.') . '<br />Debug info:<br />$ line=' . $line . '<br />$ complete_line=' . $complete_line . '<br />$ keep_together=' . $keep_together . '<br />SQL=' . $newline . '<br /><br />';
}
if (get_magic_quotes_runtime() > 0) {
$newline = stripslashes($newline);
}
if (trim(str_replace(';', '', $newline)) != '' && !$ignore_line) {
$output = $db->Execute($newline);
}
$results++;
$string .= $newline . '<br />';
$return_output[] = $output;
if (gen_not_null($result)) {
$errors[] = $result;
}
// reset var's
$newline = '';
$keep_together = 1;
$complete_line = false;
if ($ignore_line) {
$ignored_count++;
}
$ignore_line = false;
// show progress bar
global $zc_show_progress;
if ($zc_show_progress == 'yes') {
$counter++;
if ($counter / 5 == (int) ($counter / 5)) {
echo '~ ';
}
if ($counter > 200) {
echo '<br /><br />';
$counter = 0;
}
@ob_flush();
@flush();
}
}
//endif $complete_line
}
//endif ! # or -
}
// end foreach $lines
return array('queries' => $results, 'string' => $string, 'output' => $return_output, 'ignored' => $ignored_count, 'errors' => $errors);
}
// define our general functions used application-wide
require DIR_FS_FUNCTIONS . 'gen_functions.php';
require DIR_FS_FUNCTIONS . 'html_functions.php';
// setup our boxes
require DIR_FS_CLASSES . 'table_block.php';
require DIR_FS_CLASSES . 'box.php';
// set the session name and save path
$http_domain = gen_get_top_level_domain(HTTP_SERVER);
$https_domain = gen_get_top_level_domain(HTTPS_SERVER);
$current_domain = $request_type == 'NONSSL' ? $http_domain : $https_domain;
if (SESSION_USE_FQDN == 'False') {
$current_domain = '.' . $current_domain;
}
// set the session cookie parameters
// if (function_exists('session_set_cookie_params')) {
session_set_cookie_params(0, '/', gen_not_null($current_domain) ? $current_domain : '');
// } elseif (function_exists('ini_set')) {
// @ini_set('session.cookie_lifetime', '0');
// @ini_set('session.cookie_path', DIR_WS_ADMIN);
// }
// lets start our session
// session_save_path(DIR_FS_MY_FILES . 'sessions/');
// @ini_set('session.gc_probability', 1);
// @ini_set('session.gc_divisor', 2);
@ini_set('session.gc_maxlifetime', SESSION_TIMEOUT_ADMIN < 900 ? SESSION_TIMEOUT_ADMIN + 900 : SESSION_TIMEOUT_ADMIN);
session_start();
$session_started = true;
// see if the user is logged in
$user_validated = $_SESSION['admin_id'] ? true : false;
// determine what theme to use
if (isset($_POST['theme'])) {
break;
case 'search':
case 'search_reset':
case 'go_page':
default:
}
/***************** prepare to display templates *************************/
// generate address arrays for javascript
$js_arrays = gen_build_acct_arrays();
// build the list header
$heading_array = array('m.bill_primary_name' => GEN_PRIMARY_NAME, 'm.bill_city_town, m.bill_state_province' => GEN_CITY_TOWN, 'm.bill_state_province, m.bill_city_town' => GEN_STATE_PROVINCE, 'm.postal_code' => GEN_POSTAL_CODE, 'total_amount' => TEXT_BALANCE . (ENABLE_MULTI_CURRENCY ? ' (' . DEFAULT_CURRENCY . ')' : ''));
$result = html_heading_bar($heading_array, $_GET['list_order'], array());
$list_header = $result['html_code'];
$disp_order = $result['disp_order'];
// build the list for the page selected
if (isset($search_text) && gen_not_null($search_text)) {
$search_fields = array('c.short_name', 'm.bill_primary_name', 'm.bill_contact', 'm.bill_address1', 'm.bill_address2', 'm.bill_city_town', 'm.bill_postal_code', 'm.purchase_invoice_id');
// hook for inserting new search fields to the query criteria.
if (is_array($extra_search_fields)) {
$search_fields = array_merge($search_fields, $extra_search_fields);
}
$search = ' and (' . implode(' like \'%' . $search_text . '%\' or ', $search_fields) . ' like \'%' . $search_text . '%\')';
} else {
$search = '';
}
$field_list = array('m.bill_acct_id', 'm.bill_primary_name', 'm.bill_city_town', 'm.bill_state_province', 'm.bill_postal_code', 'sum(m.total_amount) as ztotal_amount');
// hook to add new fields to the query return results
if (is_array($extra_query_list_fields) > 0) {
$field_list = array_merge($field_list, $extra_query_list_fields);
}
$query_raw = "select " . implode(', ', $field_list) . " \r\n\tfrom " . TABLE_JOURNAL_MAIN . " m inner join " . TABLE_CONTACTS . " c on m.bill_acct_id = c.id\r\n\twhere c.type = '" . (ACCOUNT_TYPE == 'v' ? 'v' : 'c') . "' \r\n\tand m.journal_id in " . (ACCOUNT_TYPE == 'v' ? '(6, 7)' : '(12, 13)') . " and m.closed = '0'" . $search . " \r\n\tgroup by m.bill_acct_id order by {$disp_order}";
function install_check_alter_command($param)
{
global $db;
if (!gen_not_null($param)) {
return "Empty SQL Statement";
}
if (!($checkprivs = db_check_database_privs('ALTER'))) {
return sprintf(REASON_NO_PRIVILEGES, DB_SERVER_USERNAME, DB_SERVER, 'ALTER');
}
switch (strtoupper($param[3])) {
case "ADD":
if (strtoupper($param[4]) == 'INDEX') {
// check that the index to be added doesn't already exist
$index = $param[5];
$sql = "show index from " . DB_PREFIX . $param[2];
$result = $db->Execute($sql);
while (!$result->EOF) {
if (ZC_UPG_DEBUG3 == true) {
echo 'KEY: ' . $result->fields['Key_name'] . '<br />';
}
if ($result->fields['Key_name'] == $index) {
return sprintf(REASON_INDEX_ALREADY_EXISTS, $index, $param[2]);
}
$result->MoveNext();
}
} elseif (strtoupper($param[4]) == 'PRIMARY') {
// check that the primary key to be added doesn't exist
if ($param[5] != 'KEY') {
return;
}
$sql = "show index from " . DB_PREFIX . $param[2];
$result = $db->Execute($sql);
while (!$result->EOF) {
if (ZC_UPG_DEBUG3 == true) {
echo $result->fields['Key_name'] . '<br />';
}
if ($result->fields['Key_name'] == 'PRIMARY') {
return sprintf(REASON_PRIMARY_KEY_ALREADY_EXISTS, $param[2]);
}
$result->MoveNext();
}
} elseif (!in_array(strtoupper($param[4]), array('CONSTRAINT', 'UNIQUE', 'PRIMARY', 'FULLTEXT', 'FOREIGN', 'SPATIAL'))) {
// check that the column to be added does not exist
$colname = $param[4] == 'COLUMN' ? $param[5] : $param[4];
$sql = "show fields from " . DB_PREFIX . $param[2];
$result = $db->Execute($sql);
while (!$result->EOF) {
if (ZC_UPG_DEBUG3 == true) {
echo $result->fields['Field'] . '<br />';
}
if ($result->fields['Field'] == $colname) {
return sprintf(REASON_COLUMN_ALREADY_EXISTS, $colname);
}
$result->MoveNext();
}
//endif COLUMN
/*
* @TODO -- add check for AFTER parameter, to check that the AFTER colname specified actually exists first
* -- same with FIRST
*/
}
break;
case "DROP":
if (strtoupper($param[4]) == 'INDEX') {
// check that the index to be dropped exists
$index = $param[5];
$sql = "show index from " . DB_PREFIX . $param[2];
$result = $db->Execute($sql);
while (!$result->EOF) {
if (ZC_UPG_DEBUG3 == true) {
echo $result->fields['Key_name'] . '<br />';
}
if ($result->fields['Key_name'] == $index) {
return;
// exists, so return with no error
}
$result->MoveNext();
}
// if we get here, then the index didn't exist
return sprintf(REASON_INDEX_DOESNT_EXIST_TO_DROP, $index, $param[2]);
} elseif (strtoupper($param[4]) == 'PRIMARY') {
// check that the primary key to be dropped exists
if ($param[5] != 'KEY') {
return;
}
$sql = "show index from " . DB_PREFIX . $param[2];
$result = $db->Execute($sql);
while (!$result->EOF) {
if (ZC_UPG_DEBUG3 == true) {
echo $result->fields['Key_name'] . '<br />';
}
if ($result->fields['Key_name'] == 'PRIMARY') {
return;
// exists, so return with no error
}
$result->MoveNext();
}
// if we get here, then the primary key didn't exist
return sprintf(REASON_PRIMARY_KEY_DOESNT_EXIST_TO_DROP, $param[2]);
} elseif (!in_array(strtoupper($param[4]), array('CONSTRAINT', 'UNIQUE', 'PRIMARY', 'FULLTEXT', 'FOREIGN', 'SPATIAL'))) {
// check that the column to be dropped exists
$colname = $param[4] == 'COLUMN' ? $param[5] : $param[4];
$sql = "show fields from " . DB_PREFIX . $param[2];
$result = $db->Execute($sql);
while (!$result->EOF) {
if (ZC_UPG_DEBUG3 == true) {
echo $result->fields['Field'] . '<br />';
}
if ($result->fields['Field'] == $colname) {
return;
// exists, so return with no error
}
$result->MoveNext();
}
// if we get here, then the column didn't exist
return sprintf(REASON_COLUMN_DOESNT_EXIST_TO_DROP, $colname);
}
//endif 'DROP'
break;
case "ALTER":
case "MODIFY":
case "CHANGE":
// just check that the column to be changed 'exists'
$colname = $param[4] == 'COLUMN' ? $param[5] : $param[4];
$sql = "show fields from " . DB_PREFIX . $param[2];
$result = $db->Execute($sql);
while (!$result->EOF) {
if (ZC_UPG_DEBUG3 == true) {
echo $result->fields['Field'] . '<br />';
}
if ($result->fields['Field'] == $colname) {
return;
// exists, so return with no error
}
$result->MoveNext();
}
// if we get here, then the column didn't exist
return sprintf(REASON_COLUMN_DOESNT_EXIST_TO_CHANGE, $colname);
break;
default:
// if we get here, then we're processing an ALTER command other than what we're checking for, so let it be processed.
return;
break;
}
//end switch
}