print ' <label for="hide_internal" class="clickable_option">' . $lang_stat_details_php['hide_internal_referers'] . '</label>' . "\n";
print ' </td>' . $line_break;
print ' <td class="tablef">' . $line_break;
print ' ' . $lang_stat_details_php['date_display'] . $line_break;
print ' <select name="date_display" size="1" onchange="sendForm();">' . $line_break;
print ' <option value="0" ' . $date_display_0_selected . '>' . $line_break;
print ' ' . strftime($album_date_fmt, localised_timestamp(time())) . $line_break;
print ' </option>' . $line_break;
print ' <option value="1" ' . $date_display_1_selected . '>' . $line_break;
print ' ' . strftime($lastcom_date_fmt, localised_timestamp(time())) . $line_break;
print ' </option>' . $line_break;
print ' <option value="2" ' . $date_display_2_selected . '>' . $line_break;
print ' ' . strftime($log_date_fmt, localised_timestamp(time())) . $line_break;
print ' </option>' . $line_break;
print ' <option value="3" ' . $date_display_3_selected . '>' . $line_break;
print ' ' . strftime('%Y-%m-%d %H:%M:%S', localised_timestamp(time())) . $line_break;
print ' </option>' . $line_break;
print ' </select>' . $line_break;
print ' </td>' . $line_break;
print ' <td class="tablef">' . $line_break;
print ' <input type="submit" name="go" value="' . $lang_stat_details_php['submit'] . '" class="button" />' . $line_break;
print ' </td>' . $line_break;
print ' </tr>' . $line_break;
print ' </table>' . $line_break;
print ' </td>' . $line_break;
print ' </tr>' . $line_break;
endtable();
print '</form>' . $line_break;
}
// admin is logged in end
echo <<<EOT
function getCurrentYearView()
{
$d = getdate(localised_timestamp());
return $this->getYearView($d["year"]);
}
/**
* localised_date()
*
* Display a localised date
*
* @param integer $timestamp
* @param $datefmt
* @return
**/
function localised_date($timestamp = -1, $datefmt)
{
global $lang_month, $lang_day_of_week, $CONFIG;
$timestamp = localised_timestamp($timestamp);
$date = ereg_replace('%[aA]', $lang_day_of_week[(int) strftime('%w', $timestamp)], $datefmt);
$date = ereg_replace('%[bB]', $lang_month[(int) strftime('%m', $timestamp) - 1], $date);
return strftime($date, $timestamp);
}
function photo_shop_fetch_user($oid)
{
global $CONFIG, $udb_var;
$sql = "SELECT s.*, u.{$udb_var['field']['username']}, u.{$udb_var['field']['email']} FROM {$CONFIG['TABLE_SHOP']} AS s LEFT JOIN {$udb_var['usertable']} as u ON u.{$udb_var['field']['user_id']} = s.uid WHERE oid=" . $oid . " AND cd=1 LIMIT 1";
$result = cpg_db_query($sql, $this->link_id);
return $result;
}
}
$cpg_udb = new photo_shop_udb();
$oid = isset($_REQUEST['oid']) ? $_REQUEST['oid'] : null;
if (!$oid) {
//display a list of all orders
//before we display the order list, we check for to delete download dirs
if ($CONFIG['photo_shop_del_download_dir'] > 0) {
//it's set
$time = localised_timestamp() - $CONFIG['photo_shop_del_download_dir'] * 3600;
$result = cpg_db_query("SELECT oid, uid FROM {$CONFIG['TABLE_SHOP']} WHERE dtime < '{$time}' AND dtime > '0'");
if (mysql_num_rows($result) > 0) {
$rowset = cpg_db_fetch_rowset($result);
foreach ($rowset as $value) {
if ($value['oid'] && $value['uid']) {
photo_shop_dir_springbreak($value['uid'], $value['oid']);
}
}
}
}
// Get total active count
$result = cpg_db_query("SELECT count(DISTINCT oid) FROM {$CONFIG['TABLE_SHOP']} WHERE aktive='1'");
list($tot_box[1]) = @mysql_fetch_array($result);
mysql_free_result($result);
// Get total archive count
</table>
</td>
</tr>
EOT;
// display table footer with options
$hide_internal_selected = $hide_internal == '1' ? 'checked="checked"' : '';
$date_display_0_selected = $date_display == '0' ? 'selected="selected"' : '';
$date_display_1_selected = $date_display == '1' ? 'selected="selected"' : '';
$date_display_2_selected = $date_display == '2' ? 'selected="selected"' : '';
$date_display_3_selected = $date_display == '3' ? 'selected="selected"' : '';
$date_display_4_selected = $date_display == '4' ? 'selected="selected"' : '';
$localized_time[0] = strftime($album_date_fmt, localised_timestamp(time()));
$localized_time[1] = strftime($lastcom_date_fmt, localised_timestamp(time()));
$localized_time[2] = strftime($log_date_fmt, localised_timestamp(time()));
$localized_time[3] = strftime('%Y-%m-%d %H:%M:%S', localised_timestamp(time()));
$localized_time[4] = strftime('%Y-%m-%d', localised_timestamp(time()));
foreach ($amount_allowed as $key) {
}
print <<<EOT
<tr>
<td class="tablef" align="center" valign="top">
EOT;
if ($type == 'vote') {
print ' <input type="checkbox" name="checkAll2" onClick="selectAll(this,\'del\');" class="checkbox" title="' . $lang_common['check_uncheck_all'] . '" />' . $line_break;
}
print <<<EOT
</td>
<td colspan="{$tableColumns}">
<table border="0" cellspacing="0" cellpadding="0" width="100%">
<tr>
<td class="tablef">
/**
* localised_date()
*
* Display a localised date
*
* @param integer $timestamp
* @param $datefmt
* @return
**/
function localised_date($timestamp, $datefmt)
{
global $lang_month, $lang_day_of_week;
$timestamp = localised_timestamp($timestamp);
$date = str_replace(array('%a', '%A'), $lang_day_of_week[(int) strftime('%w', $timestamp)], $datefmt);
$date = str_replace(array('%b', '%B'), $lang_month[(int) strftime('%m', $timestamp) - 1], $date);
return strftime($date, $timestamp);
}
*/
$CPG_REFERER = $superCage->get->getRaw('referer');
}
/**
* CPGPluginAPI::action('page_start',null)
*
* Executes page_start action on all plugins
*
* @param null
* @return N/A
**/
CPGPluginAPI::action('page_start', null);
// load the main template
load_template();
// Remove expired bans
$now = date('Y-m-d H:i:s', localised_timestamp());
$CONFIG['template_loaded'] = true;
cpg_db_query("DELETE FROM {$CONFIG['TABLE_BANNED']} WHERE expiry < '{$now}'");
// Check if the user is banned
$user_id = USER_ID;
$result = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_BANNED']} WHERE (ip_addr='{$raw_ip}' OR ip_addr='{$hdr_ip}' OR user_id={$user_id}) AND brute_force=0");
if (mysql_num_rows($result)) {
pageheader($lang_common['error']);
msg_box($lang_common['information'], $lang_errors['banned']);
pagefooter();
exit;
}
mysql_free_result($result);
// Retrieve the "private" album set
if (!GALLERY_ADMIN_MODE && $CONFIG['allow_private_albums']) {
get_private_album_set();
function photoshop_add_data($shop_data, $order_id, &$free_item)
{
global $CONFIG, $SHOP_CONFIG, $cd_price, $cd_counter, $discount_calc, $shipping_price_calc;
$otime = localised_timestamp();
$picture_total = 0;
foreach ($shop_data as $key => $item_id) {
$pid = $item_id['pid'];
$amount = $item_id['amount'];
$size2 = $SHOP_CONFIG[$item_id['id']]['size'];
if ($item_id['id'] == "CD") {
$size = "CD";
$price = $cd_price[1];
$free_order = false;
// this is not a free order
// without paid status
$sql = "INSERT INTO `{$CONFIG['TABLE_SHOP']}` (`oid`, `uid`, `pid`, `quantity`, `size`, `size2`, `price`, `otime`) VALUES ('{$order_id}', '" . USER_ID . "', '{$pid}', '{$amount}', '{$size}', '{$size2}','{$price}', '{$otime}')";
} else {
$size = $SHOP_CONFIG[$item_id['id']]['name'];
$price = $SHOP_CONFIG[$item_id['id']]['price'];
//price override
$results = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_SHOP_PRICES']} WHERE aid={$item_id['aid']}");
while ($temp_data = mysql_fetch_array($results)) {
if ($temp_data['gid'] == $SHOP_CONFIG[$item_id['id']]['id']) {
$price = $temp_data['price'];
}
}
mysql_free_result($results);
//here we check if the price is set to -1 (that's a free item, and we set price for display reasons back to 0.00)
//do the same in cart and calc total an in function item_price, pricelist, photoshop_add_data
if ($price == -1) {
$price = "0.00";
if (!isset($free_order)) {
$free_order = true;
}
//this is a free order, only set if there hasn't been a paid item before
$free_item = true;
// always set
// add status paid to sql
$sql = "INSERT INTO `{$CONFIG['TABLE_SHOP']}` (`oid`, `uid`, `pid`, `quantity`, `size`, `size2`, `price`, `otime`, `status`) VALUES ('{$order_id}', '" . USER_ID . "', '{$pid}', '{$amount}', '{$size}', '{$size2}','{$price}', '{$otime}', '2')";
} else {
// without status set to paod -> no free item
$sql = "INSERT INTO `{$CONFIG['TABLE_SHOP']}` (`oid`, `uid`, `pid`, `quantity`, `size`, `size2`, `price`, `otime`) VALUES ('{$order_id}', '" . USER_ID . "', '{$pid}', '{$amount}', '{$size}', '{$size2}','{$price}', '{$otime}')";
$free_order = false;
//this is not a free order
}
$picture_total = $picture_total + $price * $amount;
}
//add single item
$results = cpg_db_query($sql);
}
//add order total
if ($free_order === true) {
//this is a free order, the total order is set paid
$sql2 = "INSERT INTO `{$CONFIG['TABLE_SHOP']}` (`oid`, `uid`, `cd`, `quantity`, `price`, `otime`, `status`) VALUES ('{$order_id}', '" . USER_ID . "', '1', '" . ($cd_counter['cd'] + $cd_counter['photo']) . "', '" . ($picture_total + $cd_price[1] + $shipping_price_calc - $discount_calc) . "', '{$otime}', '2')";
} else {
$sql2 = "INSERT INTO `{$CONFIG['TABLE_SHOP']}` (`oid`, `uid`, `cd`, `quantity`, `price`, `otime`) VALUES ('{$order_id}', '" . USER_ID . "', '1', '" . ($cd_counter['cd'] + $cd_counter['photo']) . "', '" . ($picture_total + $cd_price[1] + $shipping_price_calc - $discount_calc) . "', '{$otime}')";
}
$results2 = cpg_db_query($sql2);
return $results2;
}
function photo_shop_ipn_download($uid, $oid, $mail_admin = false, $overwrite_dir = false)
{
global $CONFIG, $ERROR, $lang_photoshop_htaccess, $lang_photoshop_ipn_email_user, $lang_photoshop_index, $lang_photoshop_ipn, $template_index_html;
//now create a download directory
//first test if dir 'albums/downloads exists'
if (!is_dir($CONFIG['fullpath'] . 'downloads')) {
$cpg_umask = umask(0);
@mkdir($CONFIG['fullpath'] . 'downloads', octdec($CONFIG['default_dir_mode']));
umask($cpg_umask);
unset($cpg_umask);
}
//then create the dir for the user user-id_order-id
//but first do some checks - safe mode enabled? downloads dir exists - if not create
if (!defined('SILLY_SAFE_MODE')) {
$filepath = 'downloads/' . $uid . '_' . $oid;
$dest_dir = $CONFIG['fullpath'] . $filepath;
if (!is_dir($dest_dir)) {
mkdir($dest_dir, octdec($CONFIG['default_dir_mode']));
if (!is_dir($dest_dir)) {
//couldn't create dir
$ERROR = $lang_photoshop_ipn['ipn_download_err_mkdir'];
return false;
}
//redundant but... hmmm
@chmod($dest_dir, octdec($CONFIG['default_dir_mode']));
//silence the output in case chmod is disabled
} elseif (!$overwrite_dir) {
//directory exists
return false;
}
$dest_dir .= '/';
$filepath .= '/';
//create random password... we use the users username for the htpasswd
$clear_txt_password = photo_shop_gen_passwd(8);
//$CTP = &$clear_txt_password;
//if server os is windows, then we have to use plain passwords, *nix we need to crypt
//so do the OS check now and then use wither crypted or plain pwd
$htpasswd_path = getcwd() . '/' . $dest_dir;
if (eregi("win", $_ENV['OS'])) {
//win
$password = $clear_txt_password;
} else {
//*nix))
$password = crypt($clear_txt_password, base64_encode($clear_txt_password));
}
$user_info = photoshop_user_details($uid);
// grab user_info, now we have username and his email addy (for now we use the name for the htpasswd)
$order_hash = md5($uid . $oid . $password . $user_info['user_email']);
//update shop table with hash
$results = cpg_db_query("UPDATE {$CONFIG['TABLE_SHOP']} SET order_md5_id='{$order_hash}' WHERE oid='{$oid}' AND cd='1'");
//placeholder <-> path
$template_vars = array('{HTPASSWD_PATH}' => $htpasswd_path . '.htpasswd');
$htaccess = strtr($lang_photoshop_htaccess, $template_vars);
//get the filenames
//query the path.filename of the order -> used to create the index.php in the downloads folder. When called that file will copy (resize) the images into the download dir
//that way we reduce heat (timeouts) on the IPN script
$sql = 'SELECT s.size2, p.filepath, p.filename, p.filesize, p.pwidth, p.pheight, p.title FROM ' . $CONFIG['TABLE_PICTURES'] . ' as p LEFT JOIN ' . $CONFIG['TABLE_SHOP'] . ' as s ON p.pid=s.pid WHERE oid=' . $oid . ' AND cd<>1';
$result = cpg_db_query($sql);
$row = cpg_db_fetch_rowset($result);
mysql_free_result($result);
//write htpasswd
$fp = fopen($dest_dir . '.htpasswd', 'w');
fwrite($fp, $user_info['user_name'] . ':' . $password);
fclose($fp);
//write htaccess
$fp = fopen($dest_dir . '.htaccess', 'w');
fwrite($fp, $htaccess);
fclose($fp);
//write an index.html
$fp = fopen($dest_dir . 'index.html', 'w');
fwrite($fp, " ");
fclose($fp);
//check if all worked
if (is_file($dest_dir . 'index.html') && is_file($dest_dir . '.htpasswd') && is_file($dest_dir . '.htaccess')) {
//when the files have been created and verified it's a good time to add the timestamp for automatic deletion of the folder after its lifespan
$time = localised_timestamp();
$results = cpg_db_query("UPDATE {$CONFIG['TABLE_SHOP']} SET dtime='{$time}' WHERE oid='{$oid}' AND cd='1'");
//send user the password
photo_shop_send_password($lang_photoshop_ipn_email_user, $lang_photoshop_ipn['ipn_email_user_subject'], $clear_txt_password, $user_info['user_name'], $user_info['user_email'], $order_hash);
if ($mail_admin) {
photo_shop_send_password($lang_photoshop_ipn_email_user, "{$lang_photoshop_ipn['ipn_email_admin_subject']} {$oid}", $clear_txt_password, $user_info['user_name'], 'admin', $order_hash);
}
$ERROR = $lang_photoshop_ipn['ipn_download_ok'];
return true;
} else {
$ERROR = $lang_photoshop_ipn['ipn_download_err_noindex'];
return false;
}
} else {
//email admin safe mode restrictions and die
$ERROR = $lang_photoshop_ipn['ipn_download_err_safemode'];
return false;
}
}
