Redirect(set_query('save_settings=ok')); break; } #loading data for subpages switch ($SubPage) { case 'balance': $Commissions = affp_getCommissionsAmount($customerID); $Payments = affp_getPaymentsAmount($customerID); $smarty->assign('CommissionsNumber', count($Commissions)); $smarty->assign('PaymentsNumber', count($Payments)); $smarty->assign('CommissionsAmount', $Commissions); $smarty->assign('PaymentsAmount', $Payments); $smarty->assign('CurrencyISO3', currGetAllCurrencies()); break; case 'payments_history': $Payments = affp_getPayments($customerID); $smarty->assign('PaymentsNumber', count($Payments)); $smarty->assign('Payments', html_spchars(affp_getPayments($customerID, '', '', '', 'pID ASC'))); break; case 'settings': $smarty->assign('SettingsSaved', isset($_GET['save_settings'])); $smarty->assign('Settings', affp_getSettings($customerID)); break; case 'attract_guide': $smarty->assign('_AFFP_STRING_ATTRACT_GUIDE', str_replace(array('{URL}', '{aff_percent}', '{login}'), array('http://' . $_SERVER['HTTP_HOST'] . set_query('') . '?refid=' . $customerID, CONF_AFFILIATE_AMOUNT_PERCENT, $_SESSION["log"]), AFFP_STRING_ATTRACT_GUIDE)); break; } $smarty->assign('affiliate_customers', $affp_CustomersNum); $smarty->assign('SubPage', $SubPage); $smarty->assign("main_content_template", "affiliate_program.tpl"); }
if (!isset($_GET['OrderDivC'])) { $_GET['OrderDivC'] = 'ASC'; } if ($_GET['OrderFieldC'] == 'Amount') { $_GET['OrderFieldC'] = ' CurrencyISO3 ' . $_GET['OrderDivC'] . ', ' . $_GET['OrderFieldC']; } $Commissions = affp_getCommissions($customerID, '', TransformTemplateToDATE($_GET['from'], CONF_DATE_FORMAT) . ' 00:00:00', TransformTemplateToDATE($_GET['till'], CONF_DATE_FORMAT) . ' 23:59:59', $_GET['OrderFieldC'] . ' ' . $_GET['OrderDivC']); $smarty->assign('Payments', html_spchars($Payments)); $smarty->assign('PaymentsNumber', count($Payments)); $smarty->assign('Commissions', html_spchars($Commissions)); $smarty->assign('CommissionsNumber', count($Commissions)); } $RecruitedCustomers = affp_getRecruitedCustomers($customerID); $smarty->assign('RecruitedCustomersNumber', count($RecruitedCustomers)); $smarty->assign('RecruitedCustomers', $RecruitedCustomers); if (isset($_GET['delete_pay'])) { $smarty->assign('delete_payment', 1); } if (isset($_GET['delete_commission'])) { $smarty->assign('delete_commission', 1); } $smarty->assign('CurrDate', $CurrDate); $smarty->assign('from', html_spchars($_GET['from'])); $smarty->assign('till', html_spchars($_GET['till'])); $smarty->assign('Error_DateFormat', $error_date_format); $smarty->assign('REQUEST_URI', $XREQUEST_URI); $smarty->assign('show_tables', $show_tables); $smarty->assign("admin_sub_dpt", "custord_affiliate.tpl"); $smarty->assign('edCustomerID', $customerID); break; }
} $_SERVER['REQUEST_URI'] = set_query('added='); $lister = getListerRange($_GET['page'], $TotalPages); $le_Categories = le_getCategories(); if (isset($_GET['show_all']) || isset($_POST['show_all'])) { $ob_per_list = $ob_per_list * $TotalPages; $smarty->assign('showAllLinks', '1'); $_GET['page'] = 1; } $smarty->assign('REQUEST_URI', html_amp($_SERVER['REQUEST_URI'])); $smarty->assign('url_allcategories', set_query('le_categoryID=')); $smarty->assign('le_categories', $le_Categories); $smarty->assign('le_CategoryID', $_GET['le_categoryID']); $smarty->assign('curr_page', $_GET['page']); $smarty->assign('last_page', $TotalPages); if (isset($error)) { if ($error != STRING_ERROR_LE_LINK_ADDED) { $smarty->assign('error', $error); $smarty->assign('pst_LINK', html_spchars($_POST['LINK'])); } else { $smarty->assign('error_ok', $error); } } isset($_GET['le_categoryID']) ? (int) $_GET['le_categoryID'] : 1; $smarty->assign('le_links', le_getLinks((int) $_GET['page'], (int) $ob_per_list, ($_GET['le_categoryID'] ? "le_lCategoryID = {$_GET['le_categoryID']}" : '1') . " AND (le_lVerified IS NOT NULL AND le_lVerified <>'0000-00-00 00:00:00' )", 'le_lID, le_lText, le_lDesk, le_lURL, le_lCategoryID, le_lVerified', 'le_lVerified ASC, le_lURL ASC')); if ($lister['start'] < $lister['end']) { $smarty->assign('le_lister_range', range($lister['start'], $lister['end'])); } $smarty->assign('le_categories_pr', ceil(count($le_Categories) / 2)); $smarty->assign("main_content_template", "links_exchange.tpl"); }
Redirect(ADMIN_FILE . "?dpt=custord&sub=aux_pages"); } $smarty->assign("add_new", 1); } else { if (isset($_GET["edit"])) { if (isset($_POST["save"])) { if (CONF_BACKEND_SAFEMODE) { Redirect(ADMIN_FILE . "?dpt=custord&sub=aux_pages&safemode=yes&edit=" . $_GET["edit"]); } $aux_page_text_type = 0; if (isset($_POST["aux_page_text_type"])) { $aux_page_text_type = 1; } auxpgUpdateAuxPage($_GET["edit"], $_POST["aux_page_name"], $_POST["aux_page_text"], $aux_page_text_type, $_POST["meta_keywords"], $_POST["meta_description"], $_POST["aux_page_title"]); Redirect(ADMIN_FILE . "?dpt=custord&sub=aux_pages"); } $aux_page = auxpgGetAuxPage($_GET["edit"]); if ($aux_page["aux_page_text_type"] == 1) { $aux_page["aux_page_text"] = html_spchars($aux_page["aux_page_text"]); } $smarty->assign("aux_page", $aux_page); $smarty->assign("edit", 1); } else { $aux_pages = auxpgGetAllPageAttributes(); $smarty->assign("aux_pages", $aux_pages); } } //set sub-department template $smarty->assign("admin_sub_dpt", "custord_aux_pages.tpl"); } }
//this action is forbidden when SAFE MODE is ON Redirect(ADMIN_FILE . "?safemode=yes&productID=" . $_GET["productID"] . "&eaction=prod"); } $productID = AddProduct($_POST["categoryID"], $_POST["name"], $_POST["price"], $_POST["description"], $_POST["in_stock"], $_POST["brief_description"], $_POST["list_price"], $_POST["product_code"], $_POST["sort_order"], isset($_POST["ProductIsProgram"]), "eproduct_filename", $_POST["eproduct_available_days"], $_POST["eproduct_download_times"], $_POST["weight"], $_POST["meta_description"], $_POST["meta_keywords"], isset($_POST["free_shipping"]), $_POST["min_order_amount"], $_POST["shipping_freight"], $_POST["tax_class"], $_POST["currencyID"], $_POST["opt_margin"], $_POST["sef"], $_POST["title"]); $_GET["productID"] = $productID; $updatedValues = ScanPostVariableWithId(array("option_value", "option_radio_type")); configUpdateOptionValue($productID, $updatedValues); OpenConfigurator($_POST["optionID"], $productID); } } // show product if ($_GET["productID"] != 0) { $product = GetProduct($_GET["productID"]); $product["description"] = html_spchars($product["description"]); $product["brief_description"] = html_spchars($product["brief_description"]); $product["sef"] = html_spchars($product["sef"]); if (!$product["title"]) { $product["title"] = ""; } $title = ADMIN_PRODUCT_EDITN; } else { $product = array(); $title = ADMIN_PRODUCT_NEW; $cat = isset($_GET["categoryID"]) ? $_GET["categoryID"] : 0; $product["categoryID"] = $cat; $product["name"] = ""; $product["title"] = ""; $product["description"] = ""; $product["customers_rating"] = ""; $product["Price"] = 0; $product["picture"] = "";
function html_spchars($_data) { if (is_array($_data)) { foreach ($_data as $_ind => $_val) { $_data[$_ind] = html_spchars($_val); } return $_data; } else { return htmlspecialchars($_data, ENT_QUOTES); } }
closedir($handle); $smarty->assign("blocklist", $blocklist); $smarty->assign("add_new_file", 1); } $smarty->assign("add_new", 1); } else { if (isset($_GET["edit"])) { if (isset($_POST["save"])) { if (CONF_BACKEND_SAFEMODE) { Redirect(ADMIN_FILE . "?dpt=conf&sub=blocks_edit&safemode=yes&edit=" . $_GET["edit"]); } blockspgUpdateblocksPage($_GET["edit"], $_POST["block_name"], $_POST["block_content"], $_POST["block_select_where"], $_POST["block_select_line"], $_POST["block_select_active"], $_POST["block_select_admin"], $_POST["spage_select"], $_POST["dpage_select"], $_POST["categories_select"], $_POST["products_select"]); Redirect(ADMIN_FILE . "?dpt=conf&sub=blocks_edit"); } $blocks_edit = blockspgGetblocksPage($_GET["edit"]); $blocks_edit["content"] = html_spchars($blocks_edit["content"]); $smarty->assign("blocks_edit", $blocks_edit); $smarty->assign("edit", 1); } else { $conf_blocks = GetAllBlocksAttributes(); $blocks_count = count($conf_blocks); $smarty->assign("blocks_count", $blocks_count); $smarty->assign("blocks_edit", $conf_blocks); } } $aux_pages = auxpgGetAllPageAttributes(); $smarty->assign("aux_pages", $aux_pages); //set sub-department template $smarty->assign("admin_sub_dpt", "conf_blocks_edit.tpl"); } }
if (isset($_POST["news_save"])) { if (CONF_BACKEND_SAFEMODE) { Redirect(_getUrlToSubmit() . "&safemode=yes"); } $picture = ""; $NID = newsAddNews($_POST["add_date"], $_POST["title"], $_POST["textToPrePublication"], $_POST["textToPublication"], $_POST["textToMail"]); if (isset($_POST["send"])) { //send news to subscribers newsSendNews($NID); } Redirect(_getUrlToSubmit() . "&save_successful=yes"); } if (isset($_GET["edit"])) { $edit_news = newsGetNewsToEdit($_GET["edit"]); $edit_news["textToPrePublication"] = html_spchars($edit_news["textToPrePublication"]); $edit_news["textToPublication"] = html_spchars($edit_news["textToPublication"]); $smarty->assign("edit_news", $edit_news); $smarty->assign("edit_news_id", (int) $_GET["edit"]); $smarty->assign("news_editor", 1); } if (isset($_GET["add_news"])) { $smarty->assign("news_editor", 1); } if (isset($_POST["update_news"])) { if (CONF_BACKEND_SAFEMODE) { Redirect(_getUrlToSubmit() . "&safemode=yes"); } newsUpdateNews($_POST["add_date"], $_POST["title"], $_POST["textToPrePublication"], $_POST["textToPublication"], $_POST["textToMail"], $_POST["edit_news_id"]); if (isset($_POST["send"])) { //send news to subscribers newsSendNews($_POST["edit_news_id"]);