function messaging($subject, $content) { global $lang, $mysql; LoadPluginLang('messaging', 'messaging', '', 'mes'); if (!$subject || trim($subject) == "") { msg(array("type" => "error", "text" => $lang['mes_msge_subject'])); } elseif (!$content || trim($content) == "") { msg(array("type" => "error", "text" => $lang['mes_msge_content'])); } else { $mailBody = nl2br($content); $mailSubject = $subject; foreach ($mysql->select("SELECT mail FROM `" . uprefix . "_users`") as $row) { $mailTo = $row['mail']; sendEmailMessage($mailTo, $mailSubject, $mailBody, $filename = false, $mail_from = false, $ctype = 'text/html'); } msg(array("text" => $lang['mes_msgo_sent'])); } }
function plugin_ebasket_list() { global $mysql, $twig, $userROW, $template, $ip, $SYSTEM_FLAGS, $lang; // Определяем условия выборки $filter = array(); if (is_array($userROW)) { $filter[] = '(user_id = ' . db_squote($userROW['id']) . ')'; } if (isset($_COOKIE['ngTrackID']) && $_COOKIE['ngTrackID'] != '') { $filter[] = '(cookie = ' . db_squote($_COOKIE['ngTrackID']) . ')'; } // Выполняем выборку $recs = array(); $total = 0; if (count($filter)) { foreach ($SYSTEM_FLAGS["eshop"]["basket"]["entries"] as $rec) { $total += round($rec['price'] * $rec['count'], 2); $rec['sum'] = sprintf('%9.2f', round($rec['price'] * $rec['count'], 2)); $rec['xfields'] = unserialize($rec['linked_fld']); unset($rec['linked_fld']); $recs[] = $rec; } } if (!empty($_POST)) { $SQL['name'] = filter_var($_REQUEST['userInfo']['fullName'], FILTER_SANITIZE_STRING); if (empty($SQL['name'])) { $error_text[] = 'Имя не задано'; } $SQL['email'] = filter_var($_REQUEST['userInfo']['email'], FILTER_SANITIZE_STRING); if (empty($SQL['email'])) { $error_text[] = 'Email не задан'; } $SQL['phone'] = filter_var($_REQUEST['userInfo']['phone'], FILTER_SANITIZE_STRING); if (empty($SQL['phone'])) { $error_text[] = 'Телефон не задан'; } $SQL['address'] = filter_var($_REQUEST['userInfo']['deliverTo'], FILTER_SANITIZE_STRING); if (empty($SQL['address'])) { $error_text[] = 'Адрес доставки не задан'; } $SQL['comment'] = filter_var($_REQUEST['userInfo']['commentText'], FILTER_SANITIZE_STRING); $SQL['dt'] = time() + $config['date_adjust'] * 60; $SQL['ip'] = $ip; $SQL['type'] = "1"; $SQL['paid'] = 0; $SQL['total_price'] = $total; if (isset($userROW)) { $SQL['author_id'] = $userROW['id']; } $SQL['uniqid'] = substr(str_shuffle(MD5(microtime())), 0, 10); foreach ($mysql->select("select * from " . prefix . "_eshop_ebasket where " . join(" or ", $filter), 1) as $rec) { $r_count = $rec['count']; $linked_id = $rec['linked_id']; $linked_fld = unserialize($rec['linked_fld']); $variant_id = $linked_fld['item']['v_id']; $conditions = array(); if ($linked_id) { array_push($conditions, "p.id = " . db_squote($linked_id)); } if ($variant_id != 0) { array_push($conditions, "v.id = " . db_squote($variant_id)); } $fSort = " GROUP BY p.id ORDER BY p.id DESC"; $sqlQPart = "FROM " . prefix . "_eshop_products p LEFT JOIN " . prefix . "_eshop_products_categories pc ON p.id = pc.product_id LEFT JOIN " . prefix . "_eshop_categories c ON pc.category_id = c.id LEFT JOIN (SELECT * FROM " . prefix . "_eshop_images ORDER BY position, id) i ON i.product_id = p.id LEFT JOIN " . prefix . "_eshop_variants v ON p.id = v.product_id " . (count($conditions) ? "WHERE " . implode(" AND ", $conditions) : '') . $fSort; $sqlQ = "SELECT p.id AS id, p.url as url, p.code AS code, p.name AS name, p.active AS active, p.featured AS featured, p.position AS position, c.url as curl, c.name AS category, i.filepath AS image_filepath, v.id AS v_id, v.sku AS v_sku, v.name AS v_name, v.amount AS v_amount, v.price AS price, v.compare_price AS compare_price, v.stock AS stock " . $sqlQPart; // Retrieve news record $item_rec = $mysql->record($sqlQ); if ($item_rec['v_amount'] != NULL) { if ($r_count > $item_rec['v_amount']) { $error_text[] = 'Невозможно купить продукт: ' . $item_rec["name"] . '. Максимальное количество доступное для заказа: ' . $item_rec['v_amount']; } } } if (empty($error_text)) { $vnames = array(); foreach ($SQL as $k => $v) { $vnames[] = $k . ' = ' . db_squote($v); } $mysql->query('INSERT INTO ' . prefix . '_eshop_orders SET ' . implode(', ', $vnames) . ' '); $qid = $mysql->lastid('eshop_orders'); if ($qid != NULL) { foreach ($mysql->select("select * from " . prefix . "_eshop_ebasket where " . join(" or ", $filter), 1) as $rec) { $r_linked_id = $rec['linked_id']; $r_title = $rec['title']; $r_count = $rec['count']; $r_price = $rec['price']; $r_linked_fld = $rec['linked_fld']; $mysql->query("INSERT INTO " . prefix . "_eshop_order_basket (`order_id`, `linked_id`, `title`, `count`, `price`, `linked_fld`) VALUES ('{$qid}','{$r_linked_id}','{$r_title}','{$r_count}','{$r_price}','{$r_linked_fld}')"); } if (count($filter)) { $mysql->query("delete from " . prefix . "_eshop_ebasket where " . join(" or ", $filter)); foreach ($recs as $rec) { $v_id = $rec['xfields']['item']['v_id']; $variant = $mysql->record("SELECT amount FROM " . prefix . "_eshop_variants where id = '" . intval($v_id) . "'"); $current_amount = $variant['amount']; $r_count = $rec['count']; if ($current_amount != NULL) { if ($current_amount - $r_count > 0) { $mysql->query("update " . prefix . "_eshop_variants set amount = amount - " . intval($r_count) . " where id = " . intval($v_id)); } else { $mysql->query("update " . prefix . "_eshop_variants set amount = 0 where id = " . intval($v_id)); } } } } // Определяем условия выборки $filter = array(); if ($qid) { $filter[] = '(order_id = ' . db_squote($qid) . ')'; } $total = 0; foreach ($mysql->select("select * from " . prefix . "_eshop_order_basket where " . join(" or ", $filter), 1) as $rec) { $total += round($rec['price'] * $rec['count'], 2); $rec['sum'] = sprintf('%9.2f', round($rec['price'] * $rec['count'], 2)); $rec['xfields'] = unserialize($rec['linked_fld']); unset($rec['linked_fld']); $basket[] = $rec; } $notify_tpath = locatePluginTemplates(array('mail/lfeedback'), 'eshop', pluginGetVariable('eshop', 'localsource')); $notify_xt = $twig->loadTemplate($notify_tpath['mail/lfeedback'] . 'mail/' . 'lfeedback.tpl'); $pVars = array('recs' => count($recs), 'entries' => $recs, 'total' => sprintf('%9.2f', $total), 'vnames' => $SQL); $mailBody = $notify_xt->render($pVars); $mailSubject = "Новый заказ с сайта"; $mailTo = pluginGetVariable('eshop', 'email_notify_orders'); $mail_from = pluginGetVariable('eshop', 'email_notify_back'); if ($mail_from == "") { $mail_from = false; } if ($mailTo != "") { sendEmailMessage($mailTo, $mailSubject, $mailBody, $filename = false, $mail_from, $ctype = 'text/html'); } $notify_text[] = 'Заказ добавлен.'; $order_link = checkLinkAvailable('eshop', 'order') ? generateLink('eshop', 'order', array(), array('id' => $qid, 'uniqid' => $SQL['uniqid'])) : generateLink('core', 'plugin', array('plugin' => 'eshop', 'handler' => 'order'), array(), array('id' => $qid, 'uniqid' => $SQL['uniqid'])); return redirect_eshop($order_link); } } } if (!empty($error_text)) { foreach ($error_text as $error) { //$error_input .= msg(array("type" => "error", "text" => $error)); $error_input .= "<p>" . $error . "</p>"; } } else { $error_input = ''; } if (!empty($notify_text)) { foreach ($notify_text as $notify) { $notify_input .= msg(array("type" => "info", "text" => $notify)); } } else { $notify_input = ''; } foreach ($SQL as $k => $v) { $tFormEntry[$k] = $v; } $tFormEntry['error'] = $error_text; $tFormEntry['notify'] = $notify_text; $tFormEntry['id'] = $qid; $basket_link = checkLinkAvailable('eshop', 'ebasket_list') ? generateLink('eshop', 'ebasket_list', array()) : generateLink('core', 'plugin', array('plugin' => 'eshop', 'handler' => 'ebasket_list'), array()); $tVars = array('formEntry' => $tFormEntry, 'recs' => count($recs), 'entries' => $recs, 'total' => sprintf('%9.2f', $total), 'basket_link' => $basket_link); $tpath = locatePluginTemplates(array('ebasket/list'), 'eshop', pluginGetVariable('eshop', 'localsource')); $xt = $twig->loadTemplate($tpath['ebasket/list'] . 'ebasket/' . 'list.tpl'); $template['vars']['mainblock'] = $xt->render($tVars); $SYSTEM_FLAGS['info']['title']['others'] = ""; $SYSTEM_FLAGS['info']['title']['group'] = $lang['eshop']['name_basket']; $SYSTEM_FLAGS['meta']['description'] = ""; $SYSTEM_FLAGS['meta']['keywords'] = ""; }
} // sendEmailMessage // -------------------------------------------------------------------------------------------------------------- // -------------------------------------------------------------------------------------------------------------- // decide what action to take depending on the client request $strResponseStatus = "Request Undefined"; $strResponseMessage = ""; $strResponseData = ""; $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : ""; $name = isset($_REQUEST['name']) ? $_REQUEST['name'] : ""; $email = isset($_REQUEST['email']) ? $_REQUEST['email'] : ""; $message = isset($_REQUEST['message']) ? $_REQUEST['message'] : ""; switch ($action) { case "send-message": // handles the forgot password request if (sendEmailMessage($name, $email, $message)) { $strResponseStatus = "Success"; $strResponseMessage = "Message Sent Successfully"; } else { $strResponseStatus = "Failure"; $strResponseMessage = "Sending Message Unsuccessful"; } break; default: $strResponseMessage = "Unknown request"; } // switch $strResponse = "<status>{$strResponseStatus}</status>"; $strResponse .= "<message>{$strResponseMessage}</message>"; $strResponse .= "<data><![CDATA[{$strResponseData}]]></data>"; $strPackage = "<package>{$strResponse}</package>";
function ebasket_add_fast_order($linked_ds, $linked_id, $title, $price, $count, $type, $order, $xfld = array()) { global $mysql, $userROW, $twig, $template, $ip; $SQL['name'] = $order['name']; $SQL['email'] = $order['email']; $SQL['phone'] = $order['phone']; $SQL['address'] = $order['address']; $SQL['comment'] = ""; $SQL['dt'] = time() + $config['date_adjust'] * 60; $SQL['ip'] = $ip; $SQL['type'] = $type; $SQL['paid'] = 0; $SQL['total_price'] = round($price * $count, 2); if (isset($userROW)) { $SQL['author_id'] = $userROW['id']; } $SQL['uniqid'] = substr(str_shuffle(MD5(microtime())), 0, 10); $vnames = array(); foreach ($SQL as $k => $v) { $vnames[] = $k . ' = ' . db_squote($v); } $mysql->query('INSERT INTO ' . prefix . '_eshop_orders SET ' . implode(', ', $vnames) . ' '); $qid = $mysql->lastid('eshop_orders'); $mysql->query("INSERT INTO " . prefix . "_eshop_order_basket (`order_id`, `linked_id`, `title`, `count`, `price`, `linked_fld`) VALUES (" . db_squote($qid) . ", " . db_squote($linked_id) . ", " . db_squote($title) . ", " . db_squote($count) . ", " . db_squote($price) . ", " . db_squote(serialize($xfld)) . " )"); $v_id = $xfld['item']['v_id']; $variant = $mysql->record("SELECT amount FROM " . prefix . "_eshop_variants where id = '" . intval($v_id) . "'"); $current_amount = $variant['amount']; $r_count = $count; if ($current_amount != NULL) { if ($current_amount - $r_count > 0) { $mysql->query("update " . prefix . "_eshop_variants set amount = amount - " . intval($r_count) . " where id = " . intval($v_id)); } else { $mysql->query("update " . prefix . "_eshop_variants set amount = 0 where id = " . intval($v_id)); } } // mail notify $filter = array(); if ($qid) { $filter[] = '(order_id = ' . db_squote($qid) . ')'; } foreach ($mysql->select("select * from " . prefix . "_eshop_order_basket where " . join(" or ", $filter), 1) as $rec) { $total += round($rec['price'] * $rec['count'], 2); $rec['sum'] = sprintf('%9.2f', round($rec['price'] * $rec['count'], 2)); $rec['xfields'] = unserialize($rec['linked_fld']); unset($rec['linked_fld']); $basket[] = $rec; } $notify_tpath = locatePluginTemplates(array('mail/lfeedback'), 'eshop', pluginGetVariable('eshop', 'localsource')); $notify_xt = $twig->loadTemplate($notify_tpath['mail/lfeedback'] . 'mail/' . 'lfeedback.tpl'); $pVars = array('recs' => count($basket), 'entries' => $basket, 'total' => sprintf('%9.2f', $total), 'vnames' => $SQL); $mailBody = $notify_xt->render($pVars); $mailSubject = "Новый заказ с сайта"; $mailTo = pluginGetVariable('eshop', 'email_notify_orders'); $mail_from = pluginGetVariable('eshop', 'email_notify_back'); if ($mail_from == "") { $mail_from = false; } if ($mailTo != "") { sendEmailMessage($mailTo, $mailSubject, $mailBody, $filename = false, $mail_from, $ctype = 'text/html'); } return array('status' => 1, 'errorCode' => 0, 'data' => iconv("windows-1251", "utf-8", 'Item added into ebasket'), 'update' => ''); }
function msg_add_submit() { global $template, $tpl, $twig, $userROW, $ip, $config, $mysql, $SYSTEM_FLAGS, $TemplateCache, $lang; $errors = array(); // anonymous user if (!is_array($userROW)) { $_POST['author'] = secure_html(convert(trim($_POST['author']))); if (!strlen($_POST['author'])) { $errors[] .= $lang['guestbook']['error_req_name']; } // Check captcha if (pluginGetVariable('guestbook', 'ecaptcha')) { $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { // What happens when the CAPTCHA was entered incorrectly $errors[] .= $lang['guestbook']['error_req_code']; } } } $message = secure_html(convert(trim($_POST['content']))); // check for links preg_match("~^(?:(?:https?|ftp|telnet)://(?:[a-z0-9_-]{1,32}(?::[a-z0-9_-]{1,32})?@)?)?(?:(?:[a-z0-9-]{1,128}\\.)+(?:ru|su|com|net|org|mil|edu|arpa|gov|biz|info|aero|inc|name|[a-z]{2})|(?!0)(?:(?!0[^.]|255)[0-9]{1,3}\\.){3}(?!0|255)[0-9]{1,3})(?:/[a-z0-9.,_@%&?+=\\~/-]*)?(?:#[^ '\"&]*)?\$~i", $message, $find_url); if (isset($find_url[0])) { $errors[] .= $lang['guestbook']['error_nolinks']; } preg_match_all("@((https?://)?([-\\w]+\\.[-\\w\\.]+)+\\w(:\\d+)?(/([-\\w/_\\.]*(\\?\\S+)?)?)*)@", $message, $find_url); if ($find_url[0]) { $errors[] .= $lang['guestbook']['error_nolinks']; } // check if message is not empty if (!strlen(trim($_POST['content']))) { $errors[] = $lang['guestbook']['error_req_text'] . ' ' . str_replace(array('{minl}', '{maxl}'), array($minl, $maxl), $lang['guestbook']['error_length_text']); } // check message length $minl = pluginGetVariable('guestbook', 'minlength'); $maxl = pluginGetVariable('guestbook', 'maxlength'); if (strlen($message) < $minl || strlen($message) > $maxl) { $errors[] .= str_replace(array('{minl}', '{maxl}'), array($minl, $maxl), $lang['guestbook']['error_length_text']); } $message = str_replace("\r\n", "<br />", $message); // author $author = is_array($userROW) ? $userROW['name'] : $_POST['author']; // status $status = pluginGetVariable('guestbook', 'approve_msg'); // get fields $data = $mysql->select("select * from " . prefix . "_guestbook_fields"); $fields = array(); $fmail = array(); foreach ($data as $num => $value) { $fields[$value['id']] = intval($value['required']); $fmail[] = array('name' => $value['name'], 'value' => secure_html(convert(trim($_POST[$value['id']])))); } $time = time() + $config['date_adjust'] * 60; $new_rec = array('postdate' => db_squote($time), 'message' => db_squote($message), 'author' => db_squote($author), 'ip' => db_squote($ip), 'status' => db_squote($status)); foreach ($fields as $fid => $freq) { if (!empty($_POST[$fid])) { $_POST[$fid] = secure_html(convert(trim($_POST[$fid]))); $new_rec[$fid] = db_squote($_POST[$fid]); } elseif ($freq === 1) { $errors[] = $lang['guestbook']['error_field_required']; } else { $new_rec[$fid] = "''"; } } // get social images ID $social = array(); if (strlen(trim($_POST['Vkontakte_id']))) { $social['Vkontakte'] = $_POST['Vkontakte_id']; } if (strlen(trim($_POST['Facebook_id']))) { $social['Facebook'] = $_POST['Facebook_id']; } if (strlen(trim($_POST['Google_id']))) { $social['Google'] = $_POST['Google_id']; } if (strlen(trim($_POST['Instagram_id']))) { $social['Instagram'] = $_POST['Instagram_id']; } $new_rec['social'] = db_squote(serialize($social)); if (!count($errors)) { $mysql->query("INSERT INTO " . prefix . "_guestbook (" . implode(', ', array_keys($new_rec)) . ") values (" . implode(', ', array_values($new_rec)) . ")"); $success_msg = $status == 1 ? $lang['guestbook']['success_add_wo_approve'] : ($success_msg = $lang['guestbook']['success_add']); $success_add[] .= $success_msg; // send email $tpath = locatePluginTemplates(array('mail_success'), 'guestbook', 1); $xt = $twig->loadTemplate($tpath['mail_success'] . 'mail_success.tpl'); $send_email = pluginGetVariable('guestbook', 'send_email'); $tVars = array('time' => $time, 'message' => $message, 'author' => $author, 'ip' => $ip, 'fields' => $fmail); $mailBody = $xt->render($tVars); $mailSubject = $lang['guestbook']['mailSubject']; $send_email_array = explode(",", $send_email); foreach ($send_email_array as $email) { sendEmailMessage($email, $mailSubject, $mailBody, $filename = false, $mail_from = false, $ctype = 'text/html'); } $url = checkLinkAvailable('guestbook', '') ? generatePluginLink('guestbook', '', array('act' => 'add'), array()) : generateLink('core', 'plugin', array('plugin' => 'guestbook'), array('add' => 1)); @header("Location: " . $url); } }