$cID = (int) $_GET['cID'];
$smarty->assign('link_edit_currency', get_admin_link(PAGE_CURRENCY_EDIT, tep_get_all_get_params(array('action', 'module', 'page'))));
$smarty->assign('back_link', get_admin_link(PAGE_CURRENCIES, tep_get_all_get_params(array('action', 'module', 'page'))));
$status_options = array(0 => TEXT_INACTIVE, 1 => TEXT_ACTIVE);
$smarty->assign('status_options', $status_options);
if ($_POST['action'] == 'process') {
$code = db_prepare_input($_POST['code']);
$title = db_prepare_input($_POST['title']);
$symbol_left = db_prepare_input($_POST['symbol_left']);
$symbol_right = db_prepare_input($_POST['symbol_right']);
$decimal_point = db_prepare_input($_POST['decimal_point']);
$thousands_point = db_prepare_input($_POST['thousands_point']);
$decimal_places = (int) $_POST['decimal_places'];
$sort_order = (int) $_POST['sort_order'];
$status = (int) $_POST['status'];
$validator->validateGeneral('Currency Name', $title, _ERROR_FIELD_EMPTY);
$validator->validateGeneral('Currency Code', $code, _ERROR_FIELD_EMPTY);
if (count($validator->errors) == 0) {
// create new member
$currency_data_array = array('code' => $code, 'title' => $title, 'status' => $status, 'sort_order' => $sort_order, 'symbol_left' => $symbol_left, 'symbol_right' => $symbol_right, 'decimal_point' => $decimal_point, 'thousands_point' => $thousands_point, 'decimal_places' => $decimal_places);
db_perform(_TABLE_CURRENCIES, $currency_data_array, 'update', "currencies_id='" . $cID . "'");
tep_redirect(get_admin_link(PAGE_CURRENCIES, tep_get_all_get_params(array('action', 'module', 'page'))));
} else {
postAssign($smarty);
$smarty->assign('validerrors', $validator->errors);
}
} else {
$currency_info = db_fetch_array(db_query("SELECT * FROM " . _TABLE_CURRENCIES . " WHERE currencies_id='" . $cID . "'"));
postAssign($smarty, $currency_info);
}
$_html_main_content = $smarty->fetch('currencies/edit.html');
}
if ($security_question == -1) {
$validator->validateGeneral('Custom Question', $custom_question, _ERROR_FIELD_EMPTY);
}
$validator->validateGeneral('Security Answer', $security_answer, _ERROR_FIELD_EMPTY);
$validator->validateGeneral('Welcome Mesasge', $welcome_message, _ERROR_FIELD_EMPTY);
} else {
$validator->addError('Turing Number', ERROR_SECURE_CODE_WRONG);
}
if (count($validator->errors) == 0) {
// create new user
if (!tep_session_is_registered('signup_info')) {
tep_session_register('signup_info');
}
$signup_info = array('firstname' => $firstname, 'lastname' => $lastname, 'email' => $email, 'welcome_message' => $welcome_message, 'security_question' => $security_question == -1 ? $custom_question : $security_question, 'security_answer' => $security_answer);
tep_redirect(get_href_link(PAGE_SIGNUP_PERSONAL, '', 'SSL'));
} else {
postAssign($smarty);
}
}
// get security questions
$security_questions_array = array();
$security_questions_query = db_query('SELECT s.security_questions_id, sd.question FROM ' . _TABLE_SECURITY_QUESTIONS . " s, " . _TABLE_SECURITY_QUESTIONS_DESCRIPTION . " sd WHERE s.security_questions_id =sd.security_questions_id AND sd.language_id='" . $languages_id . "' ORDER BY s.sort_order, sd.question ");
while ($security_question = db_fetch_array($security_questions_query)) {
$security_questions_array[$security_question['question']] = $security_question['question'];
}
// Customer Question
$security_questions_array[-1] = TEXT_CUSTOM_QUESTION;
$smarty->assign('security_questions_array', $security_questions_array);
$smarty->assign('validerrors', $validator->errors);
$_html_main_content = $smarty->fetch('home/signup.html');
$security_questions_name = db_prepare_input($_POST['security_questions_name']);
$status = isset($_POST['status']) ? (int) $_POST['status'] : 1;
// active by default
$sort_order = (int) $_POST['sort_order'];
$validator->validateGeneral(ERROR_SECURITY_QUESTION_NAME, $security_questions_name[$_SESSION['languages_id']], _ERROR_FIELD_EMPTY);
if (count($validator->errors) == 0) {
// create new member
$security_question_data_array = array('status' => $status, 'sort_order' => $sort_order);
db_perform(_TABLE_SECURITY_QUESTIONS, $security_question_data_array, 'update', " security_questions_id='" . $security_questionID . "'");
// security_question description
for ($i = 0; $i < count($languages); $i++) {
$lang_id = $languages[$i]['id'];
$security_question_description_data_array = array('question' => $security_questions_name[$lang_id]);
db_perform(_TABLE_SECURITY_QUESTIONS_DESCRIPTION, $security_question_description_data_array, 'update', " security_questions_id='" . $security_questionID . "' and language_id='" . $lang_id . "'");
}
tep_redirect(get_admin_link(PAGE_SECURITY_QUESTIONS, tep_get_all_get_params(array('action', 'module', 'page'))));
} else {
postAssign($smarty);
$smarty->assign('validerrors', $validator->errors);
}
} else {
$security_questioninfo = db_fetch_array(db_query("SELECT status, sort_order FROM " . _TABLE_SECURITY_QUESTIONS . " WHERE security_questions_id='" . $security_questionID . "'"));
postAssign($smarty, $security_questioninfo);
// get security_question details
$security_questions_description_query = db_query("SELECT * FROM " . _TABLE_SECURITY_QUESTIONS_DESCRIPTION . " WHERE security_questions_id='" . $security_questionID . "'");
while ($security_question_desc = db_fetch_array($security_questions_description_query)) {
$security_questions_description_info['security_questions_name'][$security_question_desc['language_id']] = $security_question_desc['question'];
}
postAssign($smarty, $security_questions_description_info);
}
$_html_main_content = $smarty->fetch('security_questions/edit.html');
$emailtemplate_description_data_array = array('language_id' => $lang_id, 'emailtemplate_title' => $emailtemplates_title[$lang_id], 'emailtemplate_subject' => $emailtemplates_subject[$lang_id], 'emailtemplate_content' => $emailtemplates_content[$lang_id]);
db_perform(_TABLE_EMAILTEMPLATES_DESCRIPTION, $emailtemplate_description_data_array, 'update', " emailtemplates_id='" . $emailtemplateID . "' and language_id='" . $lang_id . "'");
}
tep_redirect(get_admin_link(PAGE_EMAILTEMPLATES, tep_get_all_get_params(array('action', 'module', 'page'))));
} else {
postAssign($smarty);
for ($i = 0; $i < count($languages); $i++) {
$emailtemplates_content[$languages[$i]['id']] = html_entity_decode($_POST['emailtemplates_content'][$languages[$i]['id']]);
$smarty->assign('emailtemplates_content', $emailtemplates_content);
$emailtemplates_usage[$languages[$i]['id']] = $_POST['emailtemplates_usage'][$languages[$i]['id']];
$smarty->assign('emailtemplates_usage', $emailtemplates_usage);
$emailtemplates_subject[$languages[$i]['id']] = $_POST['emailtemplates_subject'][$languages[$i]['id']];
$smarty->assign('emailtemplates_subject', $emailtemplates_subject);
$emailtemplates_title[$languages[$i]['id']] = $_POST['emailtemplates_title'][$languages[$i]['id']];
$smarty->assign('emailtemplates_title', $emailtemplates_title);
}
$smarty->assign('validerrors', $validator->errors);
}
} else {
$emailtemplateinfo = db_fetch_array(db_query("SELECT * FROM " . _TABLE_EMAILTEMPLATES . " WHERE emailtemplates_id='" . $emailtemplateID . "'"));
postAssign($smarty, $emailtemplateinfo);
// get emailtemplate details
$emailtemplates_description_query = db_query("SELECT * FROM " . _TABLE_EMAILTEMPLATES_DESCRIPTION . " WHERE emailtemplates_id='" . $emailtemplateID . "'");
while ($emailtemplate_desc = db_fetch_array($emailtemplates_description_query)) {
$emailtemplates_description_info['emailtemplates_title'][$emailtemplate_desc['language_id']] = $emailtemplate_desc['emailtemplate_title'];
$emailtemplates_description_info['emailtemplates_subject'][$emailtemplate_desc['language_id']] = $emailtemplate_desc['emailtemplate_subject'];
$emailtemplates_description_info['emailtemplates_content'][$emailtemplate_desc['language_id']] = htmlentities($emailtemplate_desc['emailtemplate_content']);
}
postAssign($smarty, $emailtemplates_description_info);
}
$_html_main_content = $smarty->fetch('emailtemplates/edit.html');
if ($_GET['action'] == 'process') {
$info_key = $_POST['info_key'];
$info_content = $_POST['info_content'];
$validator->validateGeneral(ERROR_FIELD_KEY, $info_key, _ERROR_FIELD_EMPTY);
$validator->validateGeneral('Content', $info_content, _ERROR_FIELD_EMPTY);
if (!$validator->foundErrors()) {
$info_data = array('info_key' => $info_key, 'info_content' => addslashes(htmlentities($info_content)), 'info_title' => addslashes(htmlentities($_POST['info_title'])), 'info_description' => $_POST['info_description'], 'info_usage' => $_POST['info_usage']);
if ($info_id > 0) {
// update
db_perform(_TABLE_INFO_TEMPLATES, $info_data, 'update', 'info_id=' . $info_id);
} else {
db_perform(_TABLE_INFO_TEMPLATES, $info_data);
}
tep_redirect(get_admin_link(PAGE_INFORS, 'pg=' . $pg));
} else {
postAssign($smarty);
$smarty->assign('validerrors', $validator->errors);
}
} else {
if ($info_id > 0) {
$sql_info = "SELECT * FROM " . _TABLE_INFO_TEMPLATES . " WHERE info_id='" . $info_id . "'";
$info = db_fetch_array(db_query($sql_info));
$info['info_title'] = stripslashes($info['info_title']);
$info['info_content'] = stripslashes($info['info_content']);
$smarty->assign('PAGE_HEADING', HEADING_EDIT_INFO);
postAssign($smarty, $info);
} else {
$smarty->assign('PAGE_HEADING', HEADING_NEW_INFO);
}
}
$_html_main_content = $smarty->fetch('infors/newinfo.html');
if (count($validator->errors) == 0) {
// create new member
$faq_data_array = array('parent_id' => (int) $_GET['parent_id'], 'faqs_status' => $faq_status, 'sort_order' => $sort_order, 'is_topic' => $is_topic);
db_perform(_TABLE_FAQS, $faq_data_array, 'update', " faqs_id='" . $faqID . "'");
// faq description
for ($i = 0; $i < count($languages); $i++) {
$lang_id = $languages[$i]['id'];
$faq_description_data_array = array('faqs_name' => $faqs_name[$lang_id], 'faqs_description' => $faqs_description[$lang_id]);
db_perform(_TABLE_FAQS_DESCRIPTION, $faq_description_data_array, 'update', " faqs_id='" . $faqID . "' and language_id='" . $lang_id . "'");
}
tep_redirect(get_admin_link(PAGE_FAQS, tep_get_all_get_params(array('action', 'module', 'page'))));
} else {
postAssign($smarty);
for ($i = 0; $i < count($languages); $i++) {
$faqs_description[$languages[$i]['id']] = html_entity_decode($_POST['faqs_description'][$languages[$i]['id']]);
$smarty->assign('faqs_description', $faqs_description);
}
$smarty->assign('validerrors', $validator->errors);
}
} else {
$faqinfo = db_fetch_array(db_query("SELECT faqs_status as faq_status, sort_order, is_topic FROM " . _TABLE_FAQS . " WHERE faqs_id='" . $faqID . "'"));
postAssign($smarty, $faqinfo);
// get faq details
$faqs_description_query = db_query("SELECT * FROM " . _TABLE_FAQS_DESCRIPTION . " WHERE faqs_id='" . $faqID . "'");
while ($faq_desc = db_fetch_array($faqs_description_query)) {
$faqs_description_info['faqs_name'][$faq_desc['language_id']] = $faq_desc['faqs_name'];
$faqs_description_info['faqs_description'][$faq_desc['language_id']] = htmlentities($faq_desc['faqs_description']);
}
postAssign($smarty, $faqs_description_info);
}
$_html_main_content = $smarty->fetch('faqs/edit.html');
$balance_settings_array[] = $currency_info['code'];
}
$smarty->assign('balances_list', $balance_info_array);
if ($_POST['action'] == 'process') {
$name = (int) $_POST['name'];
$address = (int) $_POST['address'];
$phone = (int) $_POST['phone'];
$email = (int) $_POST['email'];
$mobile = (int) $_POST['mobile'];
$company = (int) $_POST['company'];
$balance_settings = (array) $_POST['balance_settings'];
$user_settings_data = array('name' => $name, 'address' => $address, 'phone' => $phone, 'email' => $email, 'mobile' => $mobile, 'company' => $company, 'balances' => implode(',', $balance_settings), 'user_id' => $login_userid);
// check setting
$check_setting = db_fetch_array(db_query("SELECT count(*) as total FROM " . _TABLE_USER_SETTINGS . " WHERE user_id='" . $login_userid . "'"));
if ($check_setting['total'] > 0) {
// update setings
db_perform(_TABLE_USER_SETTINGS, $user_settings_data, 'update', "user_id='" . $login_userid . "'");
} else {
db_perform(_TABLE_USER_SETTINGS, $user_settings_data);
}
$smarty->assign('updated', true);
postAssign($smarty);
} else {
// get user information settings
$user_settings = db_fetch_array(db_query("SELECT * FROM " . _TABLE_USER_SETTINGS . " WHERE user_id='" . $login_userid . "'"));
$balance_settings = explode(',', $user_settings['balances']);
$smarty->assign('balance_settings', $balance_settings);
postAssign($smarty, $user_settings);
}
$smarty->assign('balance_settings_array', $balance_settings_array);
$_html_main_content = $smarty->fetch('account/public.html');
$admin_info = db_fetch_array(db_query($sql_username));
if (!validate_password($current_password, $admin_info['admin_password'])) {
// wrong password
$validator->addError(ERROR_FIELD_CURRENT_PASSWORD, ERROR_INVALID_CURRENT_PASSWORD);
}
}
$validator->validateGeneral(ERROR_FIELD_ADMIN_CONTACTNAME, $admin_contactname, _ERROR_FIELD_EMPTY);
$validator->validateEmail(ERROR_FIELD_ADMIN_EMAIL, $admin_email, _ERROR_EMAIL_ADDRESS);
if ($validator->validateMinLength(ERROR_FIELD_ADMIN_PASSWORD, $admin_password, 5, sprintf(_ERROR_MIN_LENGTH, 5, strlen($admin_password)))) {
$validator->validateEqual(ERROR_FIELD_ADMIN_CONFIRM_PASSWORD, $admin_password, $confirm_password, ERROR_CONFIRM_PASSWORD);
}
if (count($validator->errors) == 0) {
// create new member
// create new admin info
$admin_data_array = array('admin_contactname' => $admin_contactname, 'admin_email' => $admin_email, 'admin_password' => encrypt_password($admin_password));
db_perform(_TABLE_ADMINS, $admin_data_array, 'update', "admin_id='" . $admin_id . "'");
tep_redirect(get_admin_link(PAGE_ADMIN_ACCOUNTS, 'pg=' . $pg));
} else {
postAssign($smarty);
$smarty->assign('validerrors', $validator->errors);
}
} elseif ($admin_id > 0) {
$sql_admin = "SELECT admin_username,admin_contactname,admin_email FROM " . _TABLE_ADMINS . " WHERE admin_id='" . $admin_id . "'";
$admin = db_fetch_array(db_query($sql_admin));
$admin['admin_username'] = $admin['admin_username'];
$admin['admin_contactname'] = stripslashes($admin['admin_contactname']);
$admin['admin_email'] = $admin['admin_email'];
$smarty->assign('PAGE_HEADING', HEADING_EDIT_INFO);
postAssign($smarty, $admin);
}
$_html_main_content = $smarty->fetch('admins/edit.html');
$master_key_pass = false;
$smarty->assign('CURRENT_PAGE', _CURRENT_PAGE);
$psettings = isset($_GET['psettings']) ? $_GET['psettings'] : 'stpersonal';
$smarty->assign('SETTING_PAGE', $psettings);
if ($action == 'process') {
$master_key = db_prepare_input($_POST['master_key']);
if ($validator->validateGeneral('Master Key', $master_key, _ERROR_FIELD_EMPTY)) {
if ($master_key != getMasterKey()) {
$validator->addError('Master Key', 'Invalid master key. Please try again.');
}
}
if (count($validator->errors) == 0) {
$master_key_pass = true;
// get account's information
$account_info = db_fetch_array(db_query("SELECT * FROM " . _TABLE_USERS . " WHERE user_id='" . $login_userid . "'"));
postAssign($smarty, $account_info);
$country = $account_info['country'];
}
}
switch ($psettings) {
case 'stpersonal':
include_once 'settings/stpersonal.php';
$smarty->assign('HREF_PAGE', get_href_link(PAGE_SETTING_PERSONAL));
break;
case 'stverification':
include_once 'settings/stverification.php';
$smarty->assign('HREF_PAGE', get_href_link(PAGE_SETTING_VERIFICATION));
break;
case 'stcki_ipn':
include_once 'settings/stcki_ipn.php';
$smarty->assign('HREF_PAGE', get_href_link(PAGE_SETTING_CKI_IPN));
<?php
include 'includes/admin_login_check.php';
$lID = (int) $_GET['lID'];
$smarty->assign('link_edit_language', get_admin_link(PAGE_LANGUAGE_EDIT, tep_get_all_get_params(array('action', 'module', 'page'))));
$smarty->assign('back_link', get_admin_link(PAGE_LANGUAGES, tep_get_all_get_params(array('action', 'module', 'page'))));
$status_options = array(0 => TEXT_INACTIVE, 1 => TEXT_ACTIVE);
$smarty->assign('status_options', $status_options);
if ($_POST['action'] == 'process') {
$language_code = db_prepare_input($_POST['language_code']);
$validator->validateGeneral('Language Name', $language_name, _ERROR_FIELD_EMPTY);
$validator->validateGeneral('Language Code', $language_code, _ERROR_FIELD_EMPTY);
$validator->validateGeneral('Language Directory', $language_directory, _ERROR_FIELD_EMPTY);
$validator->validateGeneral('Language Icon', $language_image, _ERROR_FIELD_EMPTY);
if (count($validator->errors) == 0) {
// create new member
$language_data_array = array('language_code' => $language_code, 'language_name' => $language_name, 'language_directory' => $language_directory, 'language_image' => $language_image, 'language_status' => $language_status, 'sort_order' => $sort_order);
db_perform(_TABLE_LANGUAGES, $language_data_array, 'update', "language_id='" . $lID . "'");
tep_redirect(get_admin_link(PAGE_LANGUAGES, tep_get_all_get_params(array('action', 'module', 'page'))));
} else {
postAssign($smarty);
$smarty->assign('validerrors', $validator->errors);
}
} else {
$language_info = db_fetch_array(db_query("SELECT * FROM " . _TABLE_LANGUAGES . " WHERE language_id='" . $lID . "'"));
postAssign($smarty, $language_info);
}
$_html_main_content = $smarty->fetch('langs/edit.html');
$validator->validateGeneral(ERROR_FIELD_NEWS_PATH, $news_path, _ERROR_FIELD_EMPTY);
}
if (!$validator->foundErrors()) {
$news_data = array('news_title' => $_POST['news_title'], 'news_description' => html_entity_decode($_POST['news_description']), 'news_file_path' => db_prepare_input($news_path), 'news_date' => $news_date, 'news_type' => db_prepare_input($news_type), 'news_status' => db_prepare_input($news_status));
if ($news_id > 0) {
// update
db_perform(_TABLE_NEWS, $news_data, 'update', 'news_id=' . $news_id);
} else {
db_perform(_TABLE_NEWS, $news_data);
$news_id = db_insert_id();
}
tep_redirect(get_admin_link(PAGE_NEWS, 'pg=' . $pg));
} else {
postAssign($smarty);
$smarty->assign('news_description', html_entity_decode($news_description));
$smarty->assign('validerrors', $validator->errors);
}
} else {
if ($news_id > 0) {
$sql_news = "SELECT * FROM " . _TABLE_NEWS . " WHERE news_id='" . $news_id . "'";
$news = db_fetch_array(db_query($sql_news));
$news['news_title'] = $news['news_title'];
$news['news_description'] = htmlentities($news['news_description']);
$news['news_path'] = $news['news_file_path'];
$smarty->assign('PAGE_HEADING', HEADING_EDIT_INFO);
postAssign($smarty, $news);
} else {
$smarty->assign('PAGE_HEADING', HEADING_NEW_INFO);
}
}
$_html_main_content = $smarty->fetch('news/new.html');