function affiliate_insert($sql_data_array, $affiliate_parent = 0)
{
// LOCK TABLES
@mysql_query("LOCK TABLES " . TABLE_AFFILIATE . " WRITE");
if ($affiliate_parent > 0) {
$affiliate_root_query = vam_db_query("select affiliate_root, affiliate_rgt, affiliate_lft from " . TABLE_AFFILIATE . " where affiliate_id = '" . $affiliate_parent . "' ");
// Check if we have a parent affiliate
if ($affiliate_root_array = vam_db_fetch_array($affiliate_root_query)) {
vam_db_query("update " . TABLE_AFFILIATE . " SET affiliate_lft = affiliate_lft + 2 WHERE affiliate_root = '" . $affiliate_root_array['affiliate_root'] . "' and affiliate_lft > " . $affiliate_root_array['affiliate_rgt'] . " AND affiliate_rgt >= " . $affiliate_root_array['affiliate_rgt'] . " ");
vam_db_query("update " . TABLE_AFFILIATE . " SET affiliate_rgt = affiliate_rgt + 2 WHERE affiliate_root = '" . $affiliate_root_array['affiliate_root'] . "' and affiliate_rgt >= " . $affiliate_root_array['affiliate_rgt'] . " ");
$sql_data_array['affiliate_root'] = $affiliate_root_array['affiliate_root'];
$sql_data_array['affiliate_lft'] = $affiliate_root_array['affiliate_rgt'];
$sql_data_array['affiliate_rgt'] = $affiliate_root_array['affiliate_rgt'] + 1;
vam_db_perform(TABLE_AFFILIATE, $sql_data_array);
$affiliate_id = vam_db_insert_id();
}
// no parent -> new root
} else {
$sql_data_array['affiliate_lft'] = '1';
$sql_data_array['affiliate_rgt'] = '2';
vam_db_perform(TABLE_AFFILIATE, $sql_data_array);
$affiliate_id = vam_db_insert_id();
vam_db_query("update " . TABLE_AFFILIATE . " set affiliate_root = '" . $affiliate_id . "' where affiliate_id = '" . $affiliate_id . "' ");
}
// UNLOCK TABLES
@mysql_query("UNLOCK TABLES");
return $affiliate_id;
}
function updateBill($login, $password, $txn, $status)
{
//обработка возможных ошибок авторизации
if ($login != MODULE_PAYMENT_QIWI_ID) {
return 150;
}
if (!empty($password) && $password != strtoupper(md5($txn . strtoupper(md5(MODULE_PAYMENT_QIWI_SECRET_KEY))))) {
return 150;
}
// получаем номер заказа
$transaction = intval($txn);
// проверяем, есть ли такой заказ в базе
$order_query = vam_db_query("select count(*) as total from " . TABLE_ORDERS . " where orders_id = '" . (int) $transaction . "'");
$order_exists = vam_db_fetch_array($order_query);
if ($order_exists['total'] <= 0) {
return 210;
}
// меняем статус заказа при условии оплаты счёта
if ($status == 60) {
$sql_data_array = array('orders_status' => MODULE_PAYMENT_QIWI_ORDER_STATUS_ID);
vam_db_perform('orders', $sql_data_array, 'update', "orders_id='" . $transaction . "'");
$sql_data_arrax = array('orders_id' => $transaction, 'orders_status_id' => MODULE_PAYMENT_QIWI_ORDER_STATUS_ID, 'date_added' => 'now()', 'customer_notified' => '0', 'comments' => 'QIWI accepted this order payment');
vam_db_perform('orders_status_history', $sql_data_arrax);
// Отправляем письмо клиенту и админу о смене статуса заказа
require_once DIR_WS_CLASSES . 'order.php';
$order = new order($transaction);
$vamTemplate = new vamTemplate();
// assign language to template for caching
$vamTemplate->assign('language', $_SESSION['language']);
$vamTemplate->caching = false;
$vamTemplate->assign('tpl_path', 'templates/' . CURRENT_TEMPLATE . '/');
$vamTemplate->assign('logo_path', HTTP_SERVER . DIR_WS_CATALOG . 'templates/' . CURRENT_TEMPLATE . '/img/');
$vamTemplate->assign('NAME', $order->customer['firstname'] . ' ' . $order->customer['lastname']);
$vamTemplate->assign('ORDER_NR', $transaction);
$vamTemplate->assign('ORDER_LINK', vam_href_link(FILENAME_ACCOUNT_HISTORY_INFO, 'order_id=' . $transaction, 'SSL'));
$vamTemplate->assign('ORDER_DATE', vam_date_long($order->info['date_purchased']));
$lang_query = vam_db_query("select languages_id from " . TABLE_LANGUAGES . " where directory = '" . $_SESSION['language'] . "'");
$lang = vam_db_fetch_array($lang_query);
$lang = $lang['languages_id'];
if (!isset($lang)) {
$lang = $_SESSION['languages_id'];
}
$orders_status_array = array();
$orders_status_query = vam_db_query("select orders_status_id, orders_status_name from " . TABLE_ORDERS_STATUS . " where language_id = '" . $lang . "'");
while ($orders_status = vam_db_fetch_array($orders_status_query)) {
$orders_statuses[] = array('id' => $orders_status['orders_status_id'], 'text' => $orders_status['orders_status_name']);
$orders_status_array[$orders_status['orders_status_id']] = $orders_status['orders_status_name'];
}
$vamTemplate->assign('ORDER_STATUS', $orders_status_array[MODULE_PAYMENT_QIWI_ORDER_STATUS_ID]);
$html_mail = $vamTemplate->fetch(CURRENT_TEMPLATE . '/admin/mail/' . $_SESSION['language'] . '/change_order_mail.html');
$txt_mail = $vamTemplate->fetch(CURRENT_TEMPLATE . '/admin/mail/' . $_SESSION['language'] . '/change_order_mail.txt');
include_once DIR_WS_LANGUAGES . $_SESSION['language'] . '/modules/payment/qiwi.php';
// create subject
$order_subject = str_replace('{$nr}', $transaction, MODULE_PAYMENT_QIWI_EMAIL_SUBJECT);
// send mail to admin
vam_php_mail(EMAIL_BILLING_ADDRESS, EMAIL_BILLING_NAME, EMAIL_BILLING_ADDRESS, STORE_NAME, EMAIL_BILLING_FORWARDING_STRING, $order->customer['email_address'], $order->customer['firstname'], '', '', $order_subject, $html_mail, $txt_mail);
// send mail to customer
vam_php_mail(EMAIL_BILLING_ADDRESS, EMAIL_BILLING_NAME, $order->customer['email_address'], $order->customer['firstname'] . ' ' . $order->customer['lastname'], '', EMAIL_BILLING_REPLY_ADDRESS, EMAIL_BILLING_REPLY_ADDRESS_NAME, '', '', $order_subject, $html_mail, $txt_mail);
}
}
$sql = "\n SELECT sum(affiliate_payment) as affiliate_payment\n FROM " . TABLE_AFFILIATE_SALES . " \n WHERE affiliate_id='" . $affiliate_payment['affiliate_id'] . "' and affiliate_billing_status=99 \n ";
$affiliate_billing_query = vam_db_query($sql);
$affiliate_billing = vam_db_fetch_array($affiliate_billing_query);
// Get affiliate Informations
$sql = "\n SELECT a.*, c.countries_id, c.countries_name, c.countries_iso_code_2, c.countries_iso_code_3, c.address_format_id \n from " . TABLE_AFFILIATE . " a \n left join " . TABLE_ZONES . " z on (a.affiliate_zone_id = z.zone_id) \n left join " . TABLE_COUNTRIES . " c on (a.affiliate_country_id = c.countries_id)\n WHERE affiliate_id = '" . $affiliate_payment['affiliate_id'] . "' \n ";
$affiliate_query = vam_db_query($sql);
$affiliate = vam_db_fetch_array($affiliate_query);
// Get need tax informations for the affiliate
$affiliate_tax_rate = vam_get_affiliate_tax_rate(AFFILIATE_TAX_ID, $affiliate['affiliate_country_id'], $affiliate['affiliate_zone_id']);
$affiliate_tax = vam_round($affiliate_billing['affiliate_payment'] * $affiliate_tax_rate / 100, 2);
// Netto-Provision
$affiliate_payment_total = $affiliate_billing['affiliate_payment'];
// Bill the order
$affiliate['affiliate_state'] = vam_get_zone_code($affiliate['affiliate_country_id'], $affiliate['affiliate_zone_id'], $affiliate['affiliate_state']);
$sql_data_array = array('affiliate_id' => $affiliate_payment['affiliate_id'], 'affiliate_payment' => $affiliate_billing['affiliate_payment'] - $affiliate_tax, 'affiliate_payment_tax' => $affiliate_tax, 'affiliate_payment_total' => $affiliate_payment_total, 'affiliate_payment_date' => 'now()', 'affiliate_payment_status' => '0', 'affiliate_firstname' => $affiliate['affiliate_firstname'], 'affiliate_lastname' => $affiliate['affiliate_lastname'], 'affiliate_street_address' => $affiliate['affiliate_street_address'], 'affiliate_suburb' => $affiliate['affiliate_suburb'], 'affiliate_city' => $affiliate['affiliate_city'], 'affiliate_country' => $affiliate['countries_name'], 'affiliate_postcode' => $affiliate['affiliate_postcode'], 'affiliate_company' => $affiliate['affiliate_company'], 'affiliate_state' => $affiliate['affiliate_state'], 'affiliate_address_format_id' => $affiliate['address_format_id']);
vam_db_perform(TABLE_AFFILIATE_PAYMENT, $sql_data_array);
$insert_id = vam_db_insert_id();
// Set the Sales to Final State
vam_db_query("update " . TABLE_AFFILIATE_SALES . " set affiliate_payment_id = '" . $insert_id . "', affiliate_billing_status = 1, affiliate_payment_date = now() where affiliate_id = '" . $affiliate_payment['affiliate_id'] . "' and affiliate_billing_status = 99");
// Notify Affiliate
if (AFFILIATE_NOTIFY_AFTER_BILLING == 'true') {
$check_status_query = vam_db_query("select af.affiliate_email_address, ap.affiliate_lastname, ap.affiliate_firstname, ap.affiliate_payment_status, ap.affiliate_payment_date, ap.affiliate_payment_date from " . TABLE_AFFILIATE_PAYMENT . " ap, " . TABLE_AFFILIATE . " af where affiliate_payment_id = '" . $insert_id . "' and af.affiliate_id = ap.affiliate_id ");
$check_status = vam_db_fetch_array($check_status_query);
$email = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . EMAIL_TEXT_AFFILIATE_PAYMENT_NUMBER . ' ' . $insert_id . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . vam_catalog_href_link(FILENAME_CATALOG_AFFILIATE_PAYMENT_INFO, 'payment_id=' . $insert_id, 'SSL') . "\n" . EMAIL_TEXT_PAYMENT_BILLED . ' ' . vam_date_long($check_status['affiliate_payment_date']) . "\n\n" . EMAIL_TEXT_NEW_PAYMENT;
vam_php_mail(AFFILIATE_EMAIL_ADDRESS, EMAIL_SUPPORT_NAME, $check_status['affiliate_email_address'], $check_status['affiliate_firstname'] . ' ' . $check_status['affiliate_lastname'], '', EMAIL_SUPPORT_REPLY_ADDRESS, EMAIL_SUPPORT_REPLY_ADDRESS_NAME, '', '', EMAIL_TEXT_SUBJECT, nl2br($email), $email);
}
}
$messageStack->add_session(SUCCESS_BILLING, 'success');
vam_redirect(vam_href_link(FILENAME_AFFILIATE_PAYMENT, vam_get_all_get_params(array('action')) . 'action=edit'));
break;
case 'update_payment':
function after_process()
{
global $order, $insert_id;
if (MODULE_PAYMENT_PM2CHECKOUT_TESTMODE == 'Test') {
$sql_data_array = array('orders_id' => (int) $insert_id, 'orders_status_id' => (int) $order->info['order_status'], 'date_added' => 'now()', 'customer_notified' => '0', 'comments' => MODULE_PAYMENT_PM2CHECKOUT_TEXT_WARNING_DEMO_MODE);
vam_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);
}
if (vam_not_null(MODULE_PAYMENT_PM2CHECKOUT_SECRET_WORD) && MODULE_PAYMENT_PM2CHECKOUT_TESTMODE == 'Production') {
if (md5(MODULE_PAYMENT_PM2CHECKOUT_SECRET_WORD . MODULE_PAYMENT_PM2CHECKOUT_LOGIN . $_POST['order_number'] . number_format($order->info['total'], 2)) != $_POST['key']) {
$sql_data_array = array('orders_id' => (int) $insert_id, 'orders_status_id' => (int) $order->info['order_status'], 'date_added' => 'now()', 'customer_notified' => '0', 'comments' => MODULE_PAYMENT_PM2CHECKOUT_TEXT_WARNING_TRANSACTION_ORDER);
vam_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);
}
}
}
function confirmation()
{
global $cartID, $customer_id, $languages_id, $order, $order_total_modules;
if (isset($_SESSION['cartID'])) {
$insert_order = false;
if (isset($_SESSION['cart_yandex_id'])) {
$order_id = substr($_SESSION['cart_yandex_id'], strpos($_SESSION['cart_yandex_id'], '-') + 1);
$curr_check = vam_db_query("select currency from " . TABLE_ORDERS . " where orders_id = '" . (int) $order_id . "'");
$curr = vam_db_fetch_array($curr_check);
if ($curr['currency'] != $order->info['currency'] || $cartID != substr($_SESSION['cart_yandex_id'], 0, strlen($cartID))) {
$check_query = vam_db_query('select orders_id from ' . TABLE_ORDERS_STATUS_HISTORY . ' where orders_id = "' . (int) $order_id . '" limit 1');
if (vam_db_num_rows($check_query) < 1) {
vam_db_query('delete from ' . TABLE_ORDERS . ' where orders_id = "' . (int) $order_id . '"');
vam_db_query('delete from ' . TABLE_ORDERS_TOTAL . ' where orders_id = "' . (int) $order_id . '"');
vam_db_query('delete from ' . TABLE_ORDERS_STATUS_HISTORY . ' where orders_id = "' . (int) $order_id . '"');
vam_db_query('delete from ' . TABLE_ORDERS_PRODUCTS . ' where orders_id = "' . (int) $order_id . '"');
vam_db_query('delete from ' . TABLE_ORDERS_PRODUCTS_ATTRIBUTES . ' where orders_id = "' . (int) $order_id . '"');
vam_db_query('delete from ' . TABLE_ORDERS_PRODUCTS_DOWNLOAD . ' where orders_id = "' . (int) $order_id . '"');
}
$insert_order = true;
}
} else {
$insert_order = true;
}
if ($insert_order == true) {
$order_totals = array();
if (is_array($order_total_modules->modules)) {
reset($order_total_modules->modules);
while (list(, $value) = each($order_total_modules->modules)) {
$class = substr($value, 0, strrpos($value, '.'));
if ($GLOBALS[$class]->enabled) {
for ($i = 0, $n = sizeof($GLOBALS[$class]->output); $i < $n; $i++) {
if (vam_not_null($GLOBALS[$class]->output[$i]['title']) && vam_not_null($GLOBALS[$class]->output[$i]['text'])) {
$order_totals[] = array('code' => $GLOBALS[$class]->code, 'title' => $GLOBALS[$class]->output[$i]['title'], 'text' => $GLOBALS[$class]->output[$i]['text'], 'value' => $GLOBALS[$class]->output[$i]['value'], 'sort_order' => $GLOBALS[$class]->sort_order);
}
}
}
}
}
if ($_SESSION['customers_status']['customers_status_ot_discount_flag'] == 1) {
$discount = $_SESSION['customers_status']['customers_status_ot_discount'];
} else {
$discount = '0.00';
}
if ($_SERVER["HTTP_X_FORWARDED_FOR"]) {
$customers_ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
} else {
$customers_ip = $_SERVER["REMOTE_ADDR"];
}
$sql_data_array = array('customers_id' => $_SESSION['customer_id'], 'customers_name' => $order->customer['firstname'] . ' ' . $order->customer['lastname'], 'customers_cid' => $order->customer['csID'], 'customers_vat_id' => $_SESSION['customer_vat_id'], 'customers_company' => $order->customer['company'], 'customers_status' => $_SESSION['customers_status']['customers_status_id'], 'customers_status_name' => $_SESSION['customers_status']['customers_status_name'], 'customers_status_image' => $_SESSION['customers_status']['customers_status_image'], 'customers_status_discount' => $discount, 'customers_street_address' => $order->customer['street_address'], 'customers_suburb' => $order->customer['suburb'], 'customers_city' => $order->customer['city'], 'customers_postcode' => $order->customer['postcode'], 'customers_state' => $order->customer['state'], 'customers_country' => $order->customer['country']['title'], 'customers_telephone' => $order->customer['telephone'], 'customers_email_address' => $order->customer['email_address'], 'customers_address_format_id' => $order->customer['format_id'], 'delivery_name' => $order->delivery['firstname'] . ' ' . $order->delivery['lastname'], 'delivery_company' => $order->delivery['company'], 'delivery_street_address' => $order->delivery['street_address'], 'delivery_suburb' => $order->delivery['suburb'], 'delivery_city' => $order->delivery['city'], 'delivery_postcode' => $order->delivery['postcode'], 'delivery_state' => $order->delivery['state'], 'delivery_country' => $order->delivery['country']['title'], 'delivery_address_format_id' => $order->delivery['format_id'], 'billing_name' => $order->billing['firstname'] . ' ' . $order->billing['lastname'], 'billing_company' => $order->billing['company'], 'billing_street_address' => $order->billing['street_address'], 'billing_suburb' => $order->billing['suburb'], 'billing_city' => $order->billing['city'], 'billing_postcode' => $order->billing['postcode'], 'billing_state' => $order->billing['state'], 'billing_country' => $order->billing['country']['title'], 'billing_address_format_id' => $order->billing['format_id'], 'payment_method' => $order->info['payment_method'], 'payment_class' => $order->info['payment_class'], 'shipping_method' => $order->info['shipping_method'], 'shipping_class' => $order->info['shipping_class'], 'language' => $_SESSION['language'], 'comments' => $order->info['comments'], 'customers_ip' => $customers_ip, 'orig_reference' => $order->customer['orig_reference'], 'login_reference' => $order->customer['login_reference'], 'cc_type' => $order->info['cc_type'], 'cc_owner' => $order->info['cc_owner'], 'cc_number' => $order->info['cc_number'], 'cc_expires' => $order->info['cc_expires'], 'date_purchased' => 'now()', 'orders_status' => $order->info['order_status'], 'currency' => $order->info['currency'], 'currency_value' => $order->info['currency_value']);
vam_db_perform(TABLE_ORDERS, $sql_data_array);
$insert_id = vam_db_insert_id();
$customer_notification = SEND_EMAILS == 'true' ? '1' : '0';
$sql_data_array = array('orders_id' => $insert_id, 'orders_status_id' => $order->info['order_status'], 'date_added' => 'now()', 'customer_notified' => $customer_notification, 'comments' => $order->info['comments']);
vam_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);
for ($i = 0, $n = sizeof($order_totals); $i < $n; $i++) {
$sql_data_array = array('orders_id' => $insert_id, 'title' => $order_totals[$i]['title'], 'text' => $order_totals[$i]['text'], 'value' => $order_totals[$i]['value'], 'class' => $order_totals[$i]['code'], 'sort_order' => $order_totals[$i]['sort_order']);
vam_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array);
}
for ($i = 0, $n = sizeof($order->products); $i < $n; $i++) {
$sql_data_array = array('orders_id' => $insert_id, 'products_id' => vam_get_prid($order->products[$i]['id']), 'products_model' => $order->products[$i]['model'], 'products_name' => $order->products[$i]['name'], 'products_price' => $order->products[$i]['price'], 'final_price' => $order->products[$i]['final_price'], 'products_tax' => $order->products[$i]['tax'], 'products_quantity' => $order->products[$i]['qty']);
vam_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array);
$order_products_id = vam_db_insert_id();
$attributes_exist = '0';
if (isset($order->products[$i]['attributes'])) {
$attributes_exist = '1';
for ($j = 0, $n2 = sizeof($order->products[$i]['attributes']); $j < $n2; $j++) {
if (DOWNLOAD_ENABLED == 'true') {
$attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename, pad.products_attributes_is_pin\n from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n on pa.products_attributes_id=pad.products_attributes_id\n where pa.products_id = '" . $order->products[$i]['id'] . "'\n and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "'\n and pa.options_id = popt.products_options_id\n and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "'\n and pa.options_values_id = poval.products_options_values_id\n and popt.language_id = '" . $_SESSION['languages_id'] . "'\n and poval.language_id = '" . $_SESSION['languages_id'] . "'";
$attributes = vam_db_query($attributes_query);
} else {
$attributes = vam_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . $order->products[$i]['id'] . "' and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $_SESSION['languages_id'] . "' and poval.language_id = '" . $_SESSION['languages_id'] . "'");
}
// update attribute stock
vam_db_query("UPDATE " . TABLE_PRODUCTS_ATTRIBUTES . " set\n\t\t\t\t\t\t attributes_stock=attributes_stock - '" . $order->products[$i]['qty'] . "'\n\t\t\t\t\t\t where\n\t\t\t\t\t\t products_id='" . $order->products[$i]['id'] . "'\n\t\t\t\t\t\t and options_values_id='" . $order->products[$i]['attributes'][$j]['value_id'] . "'\n\t\t\t\t\t\t and options_id='" . $order->products[$i]['attributes'][$j]['option_id'] . "'\n\t\t\t\t\t\t ");
$attributes_values = vam_db_fetch_array($attributes);
$sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'products_options' => $attributes_values['products_options_name'], 'products_options_values' => $attributes_values['products_options_values_name'], 'options_values_price' => $attributes_values['options_values_price'], 'price_prefix' => $attributes_values['price_prefix']);
vam_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array);
if (DOWNLOAD_ENABLED == 'true' && (isset($attributes_values['products_attributes_filename']) && vam_not_null($attributes_values['products_attributes_filename']) or $attributes_values['products_attributes_is_pin'])) {
//PIN add
for ($pincycle = 0; $pincycle < $order->products[$i]['qty']; $pincycle++) {
if ($attributes_values['products_attributes_is_pin']) {
$pin_query = vam_db_query("SELECT products_pin_id, products_pin_code FROM " . TABLE_PRODUCTS_PINS . " WHERE products_id = '" . $order->products[$i]['id'] . "' AND products_pin_used='0' LIMIT 1");
if (vam_db_num_rows($pin_query) == '0') {
// We have no PIN for this product
// insert some error notifying here
$pin = PIN_NOT_AVAILABLE;
} else {
$pin_res = vam_db_fetch_array($pin_query);
$pin = $pin_res['products_pin_code'];
vam_db_query("UPDATE " . TABLE_PRODUCTS_PINS . " SET products_pin_used='" . $insert_id . "' WHERE products_pin_id = '" . $pin_res['products_pin_id'] . "'");
}
}
//PIN
$sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'orders_products_filename' => $attributes_values['products_attributes_filename'], 'download_maxdays' => $attributes_values['products_attributes_maxdays'], 'download_count' => $attributes_values['products_attributes_maxcount'], 'download_is_pin' => $attributes_values['products_attributes_is_pin'], 'download_pin_code' => $pin);
vam_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array);
}
}
}
}
}
$_SESSION['cart_yandex_id'] = $cartID . '-' . $insert_id;
}
}
return array('title' => MODULE_PAYMENT_YANDEX_MERCHANT_TEXT_DESCRIPTION);
}
------------------------------------------------------------------------------*/
function get_var($name, $default = 'none')
{
return isset($_GET[$name]) ? $_GET[$name] : (isset($_POST[$name]) ? $_POST[$name] : $default);
}
require 'includes/application_top.php';
require DIR_WS_CLASSES . 'order.php';
// logging
//$fp = fopen('webmoney.log', 'a+');
//$str=date('Y-m-d H:i:s').' - ';
//foreach ($_REQUEST as $vn=>$vv) {
// $str.=$vn.'='.$vv.';';
//}
//fwrite($fp, $str."\n");
//fclose($fp);
// variables prepearing
$crc = get_var('LMI_HASH');
$inv_id = get_var('LMI_PAYMENT_NO');
$order = new order($inv_id);
$order_sum = $order->info['total'];
$hash = strtoupper(md5($_POST['LMI_PAYEE_PURSE'] . $_POST['LMI_PAYMENT_AMOUNT'] . $_POST['LMI_PAYMENT_NO'] . $_POST['LMI_MODE'] . $_POST['LMI_SYS_INVS_NO'] . $_POST['LMI_SYS_TRANS_NO'] . $_POST['LMI_SYS_TRANS_DATE'] . MODULE_PAYMENT_Z_PAYMENT_SECRET_KEY . $_POST['LMI_PAYER_PURSE'] . $_POST['LMI_PAYER_WM']));
// checking and handling
if ($hash == $crc) {
if (number_format($_POST['LMI_PAYMENT_AMOUNT'], 0) == number_format($order->info['total'], 0)) {
$sql_data_array = array('orders_status' => MODULE_PAYMENT_Z_PAYMENT_ORDER_STATUS_ID);
vam_db_perform('orders', $sql_data_array, 'update', "orders_id='" . $inv_id . "'");
$sql_data_arrax = array('orders_id' => $inv_id, 'orders_status_id' => MODULE_PAYMENT_Z_PAYMENT_ORDER_STATUS_ID, 'date_added' => 'now()', 'customer_notified' => '0', 'comments' => 'Z-Payment accepted this order payment');
vam_db_perform('orders_status_history', $sql_data_arrax);
echo 'OK' . $inv_id;
}
}
require 'includes/application_top.php';
switch ($_GET['action']) {
case 'insert':
case 'save':
$blacklist_id = vam_db_prepare_input($_GET['bID']);
$blacklist_card_number = vam_db_prepare_input($_POST['blacklist_card_number']);
$sql_data_array = array('blacklist_card_number' => $blacklist_card_number);
if ($_GET['action'] == 'insert') {
$insert_sql_data = array('date_added' => 'now()');
$sql_data_array = vam_array_merge($sql_data_array, $insert_sql_data);
vam_db_perform(TABLE_BLACKLIST, $sql_data_array);
$blacklist_id = vam_db_insert_id();
} elseif ($_GET['action'] == 'save') {
$update_sql_data = array('last_modified' => 'now()');
$sql_data_array = vam_array_merge($sql_data_array, $update_sql_data);
vam_db_perform(TABLE_BLACKLIST, $sql_data_array, 'update', "blacklist_id = '" . vam_db_input($blacklist_id) . "'");
}
if (USE_CACHE == 'true') {
vam_reset_cache_block('blacklist');
}
vam_redirect(vam_href_link(FILENAME_BLACKLIST, 'page=' . $_GET['page'] . '&bID=' . $blacklist_id));
break;
case 'deleteconfirm':
$blacklist_id = vam_db_prepare_input($_GET['bID']);
vam_db_query("delete from " . TABLE_BLACKLIST . " where blacklist_id = '" . vam_db_input($blacklist_id) . "'");
if (USE_CACHE == 'true') {
vam_reset_cache_block('manufacturers');
}
vam_redirect(vam_href_link(FILENAME_BLACKLIST, 'page=' . $_GET['page']));
break;
}
/**
* Insert products to categories connection
* @param int $pID products ID
* @param int $cID categories ID
*/
function insertPtoCconnection($pID, $cID)
{
$prod2cat_query = vam_db_query("SELECT *\n\t\t\t\t\t\t\t\t\t\t FROM " . TABLE_PRODUCTS_TO_CATEGORIES . "\n\t\t\t\t\t\t\t\t\t\t WHERE\n\t\t\t\t\t\t\t\t\t\t categories_id='" . $cID . "'\n\t\t\t\t\t\t\t\t\t\t and products_id='" . $pID . "'");
if (!vam_db_num_rows($prod2cat_query)) {
$insert_data = array('products_id' => $pID, 'categories_id' => $cID);
vam_db_perform(TABLE_PRODUCTS_TO_CATEGORIES, $insert_data);
}
}
$vamTemplate->caching = false;
$vamTemplate->assign('tpl_path', 'templates/' . CURRENT_TEMPLATE . '/');
$vamTemplate->assign('logo_path', HTTP_SERVER . DIR_WS_CATALOG . 'templates/' . CURRENT_TEMPLATE . '/img/');
$vamTemplate->assign('NAME', $customers_lastname . ' ' . $customers_firstname);
$vamTemplate->assign('EMAIL', $customers_email_address);
$vamTemplate->assign('COMMENTS', $customers_mail_comments);
$vamTemplate->assign('PASSWORD', $customers_password_encrypted);
$html_mail = $vamTemplate->fetch(CURRENT_TEMPLATE . '/admin/mail/' . $_SESSION['language'] . '/create_account_mail.html');
$txt_mail = $vamTemplate->fetch(CURRENT_TEMPLATE . '/admin/mail/' . $_SESSION['language'] . '/create_account_mail.txt');
vam_php_mail(EMAIL_SUPPORT_ADDRESS, EMAIL_SUPPORT_NAME, $customers_email_address, $customers_lastname . ' ' . $customers_firstname, EMAIL_SUPPORT_FORWARDING_STRING, EMAIL_SUPPORT_REPLY_ADDRESS, EMAIL_SUPPORT_REPLY_ADDRESS_NAME, '', '', EMAIL_SUPPORT_SUBJECT, $html_mail, $txt_mail);
}
vam_db_query("delete from " . TABLE_CUSTOMERS_TO_EXTRA_FIELDS . " where customers_id=" . (int) $cc_id);
$extra_fields_query = vam_db_query("select ce.fields_id from " . TABLE_EXTRA_FIELDS . " ce where ce.fields_status=1 ");
while ($extra_fields = vam_db_fetch_array($extra_fields_query)) {
$sql_extra_data_array = array('customers_id' => (int) $cc_id, 'fields_id' => $extra_fields['fields_id'], 'value' => $_POST['fields_' . $extra_fields['fields_id']]);
vam_db_perform(TABLE_CUSTOMERS_TO_EXTRA_FIELDS, $sql_extra_data_array);
}
vam_redirect(vam_href_link(FILENAME_CUSTOMERS, 'cID=' . $cc_id, 'SSL'));
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html <?php
echo HTML_PARAMS;
?>
>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php
echo $_SESSION['language_charset'];
?>
">
if (empty($html_text)) {
if (!($banners_image =& vam_try_upload('banners_image', DIR_FS_CATALOG_IMAGES . 'banner/' . $banners_image_target)) && $_POST['banners_image_local'] == '') {
$banner_error = true;
}
}
if (!$banner_error) {
$db_image_location = vam_not_null($banners_image_local) ? $banners_image_local : $banners_image_target . $banners_image->filename;
$sql_data_array = array('banners_title' => $banners_title, 'banners_url' => $banners_url, 'banners_image' => $db_image_location, 'banners_group' => $banners_group, 'banners_html_text' => $html_text);
if ($_GET['action'] == 'insert') {
$insert_sql_data = array('date_added' => 'now()', 'status' => '1');
$sql_data_array = vam_array_merge($sql_data_array, $insert_sql_data);
vam_db_perform(TABLE_BANNERS, $sql_data_array);
$banners_id = vam_db_insert_id();
$messageStack->add_session(SUCCESS_BANNER_INSERTED, 'success');
} elseif ($_GET['action'] == 'update') {
vam_db_perform(TABLE_BANNERS, $sql_data_array, 'update', 'banners_id = \'' . $banners_id . '\'');
$messageStack->add_session(SUCCESS_BANNER_UPDATED, 'success');
}
if ($_POST['expires_date']) {
$expires_date = vam_db_prepare_input($_POST['expires_date']);
list($day, $month, $year) = explode('/', $expires_date);
$expires_date = $year . (strlen($month) == 1 ? '0' . $month : $month) . (strlen($day) == 1 ? '0' . $day : $day);
vam_db_query("update " . TABLE_BANNERS . " set expires_date = '" . vam_db_input($expires_date) . "', expires_impressions = null where banners_id = '" . $banners_id . "'");
} elseif ($_POST['impressions']) {
$impressions = vam_db_prepare_input($_POST['impressions']);
vam_db_query("update " . TABLE_BANNERS . " set expires_impressions = '" . vam_db_input($impressions) . "', expires_date = null where banners_id = '" . $banners_id . "'");
}
if ($_POST['date_scheduled']) {
$date_scheduled = vam_db_prepare_input($_POST['date_scheduled']);
list($day, $month, $year) = explode('/', $date_scheduled);
$date_scheduled = $year . (strlen($month) == 1 ? '0' . $month : $month) . (strlen($day) == 1 ? '0' . $day : $day);
function write_to_database()
{
if (!$this->is_database_table_exists()) {
$this->create_database_table();
}
$data = $this->data;
$data['cip_id'] = $this->get_cip_id();
$data['tag_id'] = $this->get_id();
vam_db_perform($this->table, $data);
}
case 'save':
$currency_id = vam_db_prepare_input($_GET['cID']);
$title = vam_db_prepare_input($_POST['title']);
$code = vam_db_prepare_input($_POST['code']);
$symbol_left = vam_db_prepare_input($_POST['symbol_left']);
$symbol_right = vam_db_prepare_input($_POST['symbol_right']);
$decimal_point = vam_db_prepare_input($_POST['decimal_point']);
$thousands_point = vam_db_prepare_input($_POST['thousands_point']);
$decimal_places = vam_db_prepare_input($_POST['decimal_places']);
$value = vam_db_prepare_input($_POST['value']);
$sql_data_array = array('title' => $title, 'code' => $code, 'symbol_left' => $symbol_left, 'symbol_right' => $symbol_right, 'decimal_point' => $decimal_point, 'thousands_point' => $thousands_point, 'decimal_places' => $decimal_places, 'value' => $value);
if ($_GET['action'] == 'insert') {
vam_db_perform(TABLE_CURRENCIES, $sql_data_array);
$currency_id = vam_db_insert_id();
} elseif ($_GET['action'] == 'save') {
vam_db_perform(TABLE_CURRENCIES, $sql_data_array, 'update', "currencies_id = '" . vam_db_input($currency_id) . "'");
}
if ($_POST['default'] == 'on') {
vam_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . vam_db_input($code) . "' where configuration_key = 'DEFAULT_CURRENCY'");
}
vam_redirect(vam_href_link(FILENAME_CURRENCIES, 'page=' . $_GET['page'] . '&cID=' . $currency_id));
break;
case 'deleteconfirm':
$currencies_id = vam_db_prepare_input($_GET['cID']);
$currency_query = vam_db_query("select currencies_id from " . TABLE_CURRENCIES . " where code = '" . DEFAULT_CURRENCY . "'");
$currency = vam_db_fetch_array($currency_query);
if ($currency['currencies_id'] == $currencies_id) {
vam_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '' where configuration_key = 'DEFAULT_CURRENCY'");
}
vam_db_query("delete from " . TABLE_CURRENCIES . " where currencies_id = '" . vam_db_input($currencies_id) . "'");
vam_redirect(vam_href_link(FILENAME_CURRENCIES, 'page=' . $_GET['page']));
if (isset($_POST['primary']) && $_POST['primary'] == 'on') {
$_SESSION['customer_first_name'] = $firstname;
$_SESSION['customer_second_name'] = $secondname;
$_SESSION['customer_country_id'] = $country_id;
$_SESSION['customer_zone_id'] = $zone_id > 0 ? (int) $zone_id : '0';
if (isset($_POST['primary']) && $_POST['primary'] == 'on') {
$_SESSION['customer_default_address_id'] = $new_address_book_id;
}
$sql_data_array = array('customers_firstname' => $firstname, 'customers_secondname' => $secondname, 'customers_lastname' => $lastname, 'customers_last_modified' => 'now()', 'customers_date_added' => 'now()');
if (ACCOUNT_GENDER == 'true') {
$sql_data_array['customers_gender'] = $gender;
}
if (isset($_POST['primary']) && $_POST['primary'] == 'on') {
$sql_data_array['customers_default_address_id'] = $new_address_book_id;
}
vam_db_perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id = '" . (int) $_SESSION['customer_id'] . "'");
}
}
$messageStack->add_session('addressbook', SUCCESS_ADDRESS_BOOK_ENTRY_UPDATED, 'success');
vam_redirect(vam_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL'));
}
}
if (isset($_GET['edit']) && is_numeric($_GET['edit'])) {
$entry_query = vam_db_query("select entry_gender, entry_company, entry_firstname, entry_secondname, entry_lastname, entry_street_address, entry_suburb, entry_postcode, entry_city, entry_state, entry_zone_id, entry_country_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int) $_SESSION['customer_id'] . "' and address_book_id = '" . (int) $_GET['edit'] . "'");
if (vam_db_num_rows($entry_query) == false) {
$messageStack->add_session('addressbook', ERROR_NONEXISTING_ADDRESS_BOOK_ENTRY);
vam_redirect(vam_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL'));
}
$entry = vam_db_fetch_array($entry_query);
} elseif (isset($_GET['delete']) && is_numeric($_GET['delete'])) {
if ($_GET['delete'] == $_SESSION['customer_default_address_id']) {
function before_process()
{
global $customer_id, $order, $vamPrice, $order_totals, $sendto, $billto, $languages_id, $payment, $currencies, $cart, $cart_webtopay_id;
global ${$payment};
$order_id = substr($_SESSION['cart_webmoney_id'], strpos($_SESSION['cart_webmoney_id'], '-') + 1);
$check_query = vam_db_query("select orders_status from " . TABLE_ORDERS . " where orders_id = '" . (int) $order_id . "'");
if (vam_db_num_rows($check_query)) {
$check = vam_db_fetch_array($check_query);
if ($check['orders_status'] == MODULE_PAYMENT_WEBTOPAY_PREPARE_ORDER_STATUS_ID) {
$sql_data_array = array('orders_id' => $order_id, 'orders_status_id' => MODULE_PAYMENT_WEBTOPAY_PREPARE_ORDER_STATUS_ID, 'date_added' => 'now()', 'customer_notified' => '0', 'comments' => '');
vam_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);
}
}
vam_db_query("update " . TABLE_ORDERS . " set orders_status = '" . (MODULE_PAYMENT_WEBTOPAY_ORDER_STATUS_ID > 0 ? (int) MODULE_PAYMENT_WEBTOPAY_ORDER_STATUS_ID : (int) DEFAULT_ORDERS_STATUS_ID) . "', last_modified = now() where orders_id = '" . (int) $order_id . "'");
$sql_data_array = array('orders_id' => $order_id, 'orders_status_id' => MODULE_PAYMENT_WEBTOPAY_ORDER_STATUS_ID > 0 ? (int) MODULE_PAYMENT_WEBTOPAY_ORDER_STATUS_ID : (int) DEFAULT_ORDERS_STATUS_ID, 'date_added' => 'now()', 'customer_notified' => SEND_EMAILS == 'true' ? '1' : '0', 'comments' => $order->info['comments']);
vam_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);
// initialized for the email confirmation
$products_ordered = '';
$subtotal = 0;
$total_tax = 0;
for ($i = 0, $n = sizeof($order->products); $i < $n; $i++) {
// Stock Update - Joao Correia
if (STOCK_LIMITED == 'true') {
if (DOWNLOAD_ENABLED == 'true') {
$stock_query_raw = "SELECT products_quantity, pad.products_attributes_filename\n FROM " . TABLE_PRODUCTS . " p\n LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n ON p.products_id=pa.products_id\n LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n ON pa.products_attributes_id=pad.products_attributes_id\n WHERE p.products_id = '" . vam_get_prid($order->products[$i]['id']) . "'";
// Will work with only one option for downloadable products
// otherwise, we have to build the query dynamically with a loop
$products_attributes = $order->products[$i]['attributes'];
if (is_array($products_attributes)) {
$stock_query_raw .= " AND pa.options_id = '" . $products_attributes[0]['option_id'] . "' AND pa.options_values_id = '" . $products_attributes[0]['value_id'] . "'";
}
$stock_query = vam_db_query($stock_query_raw);
} else {
$stock_query = vam_db_query("select products_quantity from " . TABLE_PRODUCTS . " where products_id = '" . vam_get_prid($order->products[$i]['id']) . "'");
}
if (vam_db_num_rows($stock_query) > 0) {
$stock_values = vam_db_fetch_array($stock_query);
// do not decrement quantities if products_attributes_filename exists
if (DOWNLOAD_ENABLED != 'true' || !$stock_values['products_attributes_filename']) {
$stock_left = $stock_values['products_quantity'] - $order->products[$i]['qty'];
} else {
$stock_left = $stock_values['products_quantity'];
}
vam_db_query("update " . TABLE_PRODUCTS . " set products_quantity = '" . $stock_left . "' where products_id = '" . vam_get_prid($order->products[$i]['id']) . "'");
if ($stock_left < 1 && STOCK_ALLOW_CHECKOUT == 'false') {
vam_db_query("update " . TABLE_PRODUCTS . " set products_status = '0' where products_id = '" . vam_get_prid($order->products[$i]['id']) . "'");
}
}
}
// Update products_ordered (for bestsellers list)
vam_db_query("update " . TABLE_PRODUCTS . " set products_ordered = products_ordered + " . sprintf('%d', $order->products[$i]['qty']) . " where products_id = '" . vam_get_prid($order->products[$i]['id']) . "'");
//------insert customer choosen option to order--------
$attributes_exist = '0';
$products_ordered_attributes = '';
if (isset($order->products[$i]['attributes'])) {
$attributes_exist = '1';
for ($j = 0, $n2 = sizeof($order->products[$i]['attributes']); $j < $n2; $j++) {
if (DOWNLOAD_ENABLED == 'true') {
$attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename\n from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n on pa.products_attributes_id=pad.products_attributes_id\n where pa.products_id = '" . $order->products[$i]['id'] . "'\n and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "'\n and pa.options_id = popt.products_options_id\n and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "'\n and pa.options_values_id = poval.products_options_values_id\n and popt.language_id = '" . $_SESSION['languages_id'] . "'\n and poval.language_id = '" . $_SESSION['languages_id'] . "'";
$attributes = vam_db_query($attributes_query);
} else {
$attributes = vam_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . $order->products[$i]['id'] . "' and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $_SESSION['languages_id'] . "' and poval.language_id = '" . $_SESSION['languages_id'] . "'");
}
$attributes_values = vam_db_fetch_array($attributes);
$products_ordered_attributes .= "\n\t" . $attributes_values['products_options_name'] . ' ' . $attributes_values['products_options_values_name'];
}
}
//------insert customer choosen option eof ----
$total_weight += $order->products[$i]['qty'] * $order->products[$i]['weight'];
$total_tax += vam_calculate_tax($total_products_price, $products_tax) * $order->products[$i]['qty'];
$total_cost += $total_products_price;
$products_ordered .= $order->products[$i]['qty'] . ' x ' . $order->products[$i]['name'] . ' (' . $order->products[$i]['model'] . ') = ' . $vamPrice->Format($order->products[$i]['final_price'], true) . $products_ordered_attributes . "\n";
}
// initialize templates
$vamTemplate = new vamTemplate();
$vamTemplate->assign('address_label_customer', vam_address_format($order->customer['format_id'], $order->customer, 1, '', '<br />'));
$vamTemplate->assign('address_label_shipping', vam_address_format($order->delivery['format_id'], $order->delivery, 1, '', '<br />'));
if ($_SESSION['credit_covers'] != '1') {
$vamTemplate->assign('address_label_payment', vam_address_format($order->billing['format_id'], $order->billing, 1, '', '<br />'));
}
$vamTemplate->assign('csID', $order->customer['csID']);
$it = 0;
$semextrfields = vamDBquery("select * from " . TABLE_EXTRA_FIELDS . " where fields_required_email = '1'");
while ($dataexfes = vam_db_fetch_array($semextrfields, true)) {
$cusextrfields = vamDBquery("select * from " . TABLE_CUSTOMERS_TO_EXTRA_FIELDS . " where customers_id = '" . (int) $_SESSION['customer_id'] . "' and fields_id = '" . $dataexfes['fields_id'] . "'");
$rescusextrfields = vam_db_fetch_array($cusextrfields, true);
$extrfieldsinf = vamDBquery("select fields_name from " . TABLE_EXTRA_FIELDS_INFO . " where fields_id = '" . $dataexfes['fields_id'] . "' and languages_id = '" . $_SESSION['languages_id'] . "'");
$extrfieldsres = vam_db_fetch_array($extrfieldsinf, true);
$extra_fields .= $extrfieldsres['fields_name'] . ' : ' . $rescusextrfields['value'] . "\n";
$vamTemplate->assign('customer_extra_fields', $extra_fields);
}
$order_total = $order->getTotalData($order_id);
$vamTemplate->assign('order_data', $order->getOrderData($order_id));
$vamTemplate->assign('order_total', $order_total['data']);
// assign language to template for caching
$vamTemplate->assign('language', $_SESSION['language']);
$vamTemplate->assign('tpl_path', 'templates/' . CURRENT_TEMPLATE . '/');
$vamTemplate->assign('logo_path', HTTP_SERVER . DIR_WS_CATALOG . 'templates/' . CURRENT_TEMPLATE . '/img/');
$vamTemplate->assign('oID', $order_id);
if ($order->info['payment_method'] != '' && $order->info['payment_method'] != 'no_payment') {
include DIR_WS_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_method'] . '.php';
$payment_method = constant(strtoupper('MODULE_PAYMENT_' . $order->info['payment_method'] . '_TEXT_TITLE'));
}
$vamTemplate->assign('PAYMENT_METHOD', $payment_method);
if ($order->info['shipping_method'] != '') {
$shipping_method = $order->info['shipping_method'];
}
$vamTemplate->assign('SHIPPING_METHOD', $shipping_method);
$vamTemplate->assign('DATE', vam_date_long($order->info['date_purchased']));
$vamTemplate->assign('NAME', $order->customer['name']);
$vamTemplate->assign('COMMENTS', $order->info['comments']);
$vamTemplate->assign('EMAIL', $order->customer['email_address']);
$vamTemplate->assign('PHONE', $order->customer['telephone']);
// dont allow cache
$vamTemplate->caching = false;
$html_mail = $vamTemplate->fetch(CURRENT_TEMPLATE . '/mail/' . $_SESSION['language'] . '/order_mail.html');
$txt_mail = $vamTemplate->fetch(CURRENT_TEMPLATE . '/mail/' . $_SESSION['language'] . '/order_mail.txt');
// create subject
$order_subject = str_replace('{$nr}', $order_id, EMAIL_BILLING_SUBJECT_ORDER);
$order_subject = str_replace('{$date}', strftime(DATE_FORMAT_LONG), $order_subject);
$order_subject = str_replace('{$lastname}', $order->customer['lastname'], $order_subject);
$order_subject = str_replace('{$firstname}', $order->customer['firstname'], $order_subject);
// send mail to admin
vam_php_mail(EMAIL_BILLING_ADDRESS, EMAIL_BILLING_NAME, EMAIL_BILLING_ADDRESS, STORE_NAME, EMAIL_BILLING_FORWARDING_STRING, $order->customer['email_address'], $order->customer['firstname'], '', '', $order_subject, $html_mail, $txt_mail);
// send mail to customer
vam_php_mail(EMAIL_BILLING_ADDRESS, EMAIL_BILLING_NAME, $order->customer['email_address'], $order->customer['firstname'] . ' ' . $order->customer['lastname'], '', EMAIL_BILLING_REPLY_ADDRESS, EMAIL_BILLING_REPLY_ADDRESS_NAME, '', '', $order_subject, $html_mail, $txt_mail);
// load the after_process function from the payment modules
$this->after_process();
$_SESSION['cart']->reset(true);
// unregister session variables used during checkout
unset($_SESSION['sendto']);
unset($_SESSION['billto']);
unset($_SESSION['shipping']);
unset($_SESSION['payment']);
unset($_SESSION['comments']);
unset($_SESSION['cart_webtopay_id']);
vam_redirect(vam_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL'));
}
}
$affiliate_total = round($affiliate_total, 2);
// Check for individual commission
$affiliate_percentage = 0;
if (AFFILATE_INDIVIDUAL_PERCENTAGE == 'true') {
$affiliate_commission_query = vam_db_query("select affiliate_commission_percent from " . TABLE_AFFILIATE . " where affiliate_id = '" . $_SESSION['affiliate_ref'] . "'");
$affiliate_commission = vam_db_fetch_array($affiliate_commission_query);
$affiliate_percent = $affiliate_commission['affiliate_commission_percent'];
}
if ($affiliate_percent < AFFILIATE_PERCENT) {
$affiliate_percent = AFFILIATE_PERCENT;
}
$affiliate_payment = round($affiliate_total * $affiliate_percent / 100, 2);
if (isset($_SESSION['affiliate_ref'])) {
$sql_data_array = array('affiliate_id' => $_SESSION['affiliate_ref'], 'affiliate_date' => $affiliate_clientdate, 'affiliate_browser' => $affiliate_clientbrowser, 'affiliate_ipaddress' => $affiliate_clientip, 'affiliate_value' => $affiliate_total, 'affiliate_payment' => $affiliate_payment, 'affiliate_orders_id' => $insert_id, 'affiliate_clickthroughs_id' => $_SESSION['affiliate_clickthroughs_id'], 'affiliate_percent' => $affiliate_percent, 'affiliate_salesman' => $_SESSION['affiliate_ref'], 'affiliate_level' => '0');
vam_db_perform(TABLE_AFFILIATE_SALES, $sql_data_array);
if (AFFILATE_USE_TIER == 'true') {
$affiliate_tiers_query = vam_db_query("SELECT aa2.affiliate_id, (aa2.affiliate_rgt - aa2.affiliate_lft) as height\n FROM " . TABLE_AFFILIATE . " AS aa1, " . TABLE_AFFILIATE . " AS aa2\n WHERE aa1.affiliate_root = aa2.affiliate_root \n AND aa1.affiliate_lft BETWEEN aa2.affiliate_lft AND aa2.affiliate_rgt\n AND aa1.affiliate_rgt BETWEEN aa2.affiliate_lft AND aa2.affiliate_rgt\n AND aa1.affiliate_id = '" . $_SESSION['affiliate_ref'] . "'\n ORDER by height asc limit 1, " . AFFILIATE_TIER_LEVELS);
$affiliate_tier_percentage = preg_split("/[;]/", AFFILIATE_TIER_PERCENTAGE);
$i = 0;
while ($affiliate_tiers_array = vam_db_fetch_array($affiliate_tiers_query)) {
$affiliate_percent = $affiliate_tier_percentage[$i];
$affiliate_payment = round($affiliate_total * $affiliate_percent / 100, 2);
if ($affiliate_payment > 0) {
$sql_data_array = array('affiliate_id' => $affiliate_tiers_array['affiliate_id'], 'affiliate_date' => $affiliate_clientdate, 'affiliate_browser' => $affiliate_clientbrowser, 'affiliate_ipaddress' => $affiliate_clientip, 'affiliate_value' => $affiliate_total, 'affiliate_payment' => $affiliate_payment, 'affiliate_orders_id' => $insert_id, 'affiliate_clickthroughs_id' => $_SESSION['affiliate_clickthroughs_id'], 'affiliate_percent' => $affiliate_percent, 'affiliate_salesman' => $_SESSION['affiliate_ref'], 'affiliate_level' => $i + 1);
vam_db_perform(TABLE_AFFILIATE_SALES, $sql_data_array);
}
$i++;
}
}
}
$insert_query = vam_db_query("insert into " . TABLE_COUPON_EMAIL_TRACK . " (coupon_id, customer_id_sent, sent_firstname, emailed_to, date_sent) values ('" . $coupon_id . "', '0', 'Admin', '" . $email_address . "', now() )");
$vamTemplate->assign('SEND_COUPON', 'true');
$vamTemplate->assign('COUPON_DESC', $coupon_desc['coupon_description']);
$vamTemplate->assign('COUPON_CODE', $coupon['coupon_code']);
}
// ICW - CREDIT CLASS CODE BLOCK ADDED ******************************************************* END
// GV Code End // create templates
}
$vamTemplate->caching = 0;
$vamTemplate->assign('EMAIL_ADDRESS', $email_address);
$vamTemplate->assign('PASSWORD', $password);
if ($newsletter) {
$vlcode = vam_random_charcode(32);
$link = vam_href_link(FILENAME_NEWSLETTER, 'action=activate&email=' . $email_address . '&key=' . $vlcode, 'NONSSL');
$sql_data_array = array('customers_email_address' => vam_db_input($email_address), 'customers_id' => vam_db_input($_SESSION['customer_id']), 'customers_status' => 2, 'customers_firstname' => vam_db_input($firstname), 'customers_lastname' => vam_db_input($lastname), 'mail_status' => '1', 'mail_key' => vam_db_input($vlcode), 'date_added' => 'now()');
vam_db_perform(TABLE_NEWSLETTER_RECIPIENTS, $sql_data_array);
// assign vars
$vamTemplate->assign('LINK', $link);
} else {
$vamTemplate->assign('LINK', false);
}
$html_mail = $vamTemplate->fetch(CURRENT_TEMPLATE . '/mail/' . $_SESSION['language'] . '/create_account_mail.html');
$vamTemplate->caching = 0;
$txt_mail = $vamTemplate->fetch(CURRENT_TEMPLATE . '/mail/' . $_SESSION['language'] . '/create_account_mail.txt');
vam_php_mail(EMAIL_SUPPORT_ADDRESS, EMAIL_SUPPORT_NAME, $email_address, $name, EMAIL_SUPPORT_FORWARDING_STRING, EMAIL_SUPPORT_REPLY_ADDRESS, EMAIL_SUPPORT_REPLY_ADDRESS_NAME, '', '', EMAIL_SUPPORT_SUBJECT, $html_mail, $txt_mail);
if (!isset($_SESSION['sendto'])) {
$_SESSION['sendto'] = $_SESSION['customer_default_address_id'];
}
vam_redirect(vam_href_link(FILENAME_CHECKOUT_CONFIRMATION, '', 'SSL'));
}
}
$products_image = substr(strrchr($product->picture, "/"), 1);
$products_name = unhtmlentities($product->name);
$products_description = unhtmlentities($product->description);
$products_status = 1;
$products_query = vam_db_query("select products_id, products_price from " . TABLE_PRODUCTS . " where products_id = '" . $products_id . "' limit 1");
if (vam_db_num_rows($products_query)) {
$row = vam_db_fetch_array($products_query);
if ($row['products_price'] != $products_price) {
vam_db_perform(TABLE_PRODUCTS, array('products_last_modified' => 'now()', 'products_price' => $products_price, 'products_image' => $products_image, 'group_permission_0' => 1, 'group_permission_1' => 1, 'group_permission_2' => 1, 'group_permission_3' => 1, 'products_startpage' => 1, 'products_status' => $products_status, 'products_quantity' => $products_quantity, 'products_date_available' => 'now()'), 'update', 'products_id=\'' . $products_id . '\'');
vam_db_perform(TABLE_PRODUCTS_DESCRIPTION, array('products_name' => $products_name, 'products_description' => $products_description), 'update', 'products_id=\'' . $products_id . '\' and language_id=\'' . $_SESSION['languages_id'] . '\'');
$count_upd++;
}
} else {
vam_db_perform(TABLE_PRODUCTS, array('products_id' => $products_id, 'products_last_modified' => 'now()', 'products_price' => $products_price, 'products_image' => $products_image, 'group_permission_0' => 1, 'group_permission_1' => 1, 'group_permission_2' => 1, 'group_permission_3' => 1, 'products_startpage' => 1, 'products_status' => $products_status, 'products_quantity' => $products_quantity, 'products_date_available' => 'now()'));
vam_db_perform(TABLE_PRODUCTS_DESCRIPTION, array('products_id' => $products_id, 'products_name' => $products_name, 'products_description' => $products_description, 'language_id' => $_SESSION['languages_id']));
vam_db_perform(TABLE_PRODUCTS_TO_CATEGORIES, array('products_id' => $products_id, 'categories_id' => $categoryId));
$count_add++;
}
$count++;
}
$messageStack->add_session(TEXT_YML_UPDATED . $count_upd, 'success');
$messageStack->add_session(TEXT_YML_CHANGED . ($count - $count_upd), 'success');
$messageStack->add_session(TEXT_YML_ADDED . $count_add, 'success');
$messageStack->add_session(TEXT_YML_CAT_ADDED . $count_cat_add, 'success');
$messageStack->add_session(TEXT_YML_CAT_UPDATED . $count_cat_upd, 'success');
} else {
$messageStack->add_session(TEXT_YML_ERROR, 'error');
}
vam_redirect(vam_href_link(FILENAME_YML_IMPORT));
}
?>
$languages = vam_get_languages();
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
$products_vpe_name_array = $_POST['products_vpe_name'];
$language_id = $languages[$i]['id'];
$sql_data_array = array('products_vpe_name' => vam_db_prepare_input($products_vpe_name_array[$language_id]));
if ($_GET['action'] == 'insert') {
if (!vam_not_null($products_vpe_id)) {
$next_id_query = vam_db_query("select max(products_vpe_id) as products_vpe_id from " . TABLE_PRODUCTS_VPE . "");
$next_id = vam_db_fetch_array($next_id_query);
$products_vpe_id = $next_id['products_vpe_id'] + 1;
}
$insert_sql_data = array('products_vpe_id' => $products_vpe_id, 'language_id' => $language_id);
$sql_data_array = vam_array_merge($sql_data_array, $insert_sql_data);
vam_db_perform(TABLE_PRODUCTS_VPE, $sql_data_array);
} elseif ($_GET['action'] == 'save') {
vam_db_perform(TABLE_PRODUCTS_VPE, $sql_data_array, 'update', "products_vpe_id = '" . vam_db_input($products_vpe_id) . "' and language_id = '" . $language_id . "'");
}
}
if ($_POST['default'] == 'on') {
vam_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . vam_db_input($products_vpe_id) . "' where configuration_key = 'DEFAULT_PRODUCTS_VPE_ID'");
}
vam_redirect(vam_href_link(FILENAME_PRODUCTS_VPE, 'page=' . $_GET['page'] . '&oID=' . $products_vpe_id));
break;
case 'deleteconfirm':
$oID = vam_db_prepare_input($_GET['oID']);
$products_vpe_query = vam_db_query("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'DEFAULT_PRODUCTS_VPE_ID'");
$products_vpe = vam_db_fetch_array($products_vpe_query);
if ($products_vpe['configuration_value'] == $oID) {
vam_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '' where configuration_key = 'DEFAULT_PRODUCTS_VPE_ID'");
}
vam_db_query("delete from " . TABLE_PRODUCTS_VPE . " where products_vpe_id = '" . vam_db_input($oID) . "'");
if (!isset($_SESSION['tracking']['ip'])) {
$_SESSION['tracking']['ip'] = $_SERVER['REMOTE_ADDR'];
}
if (!isset($_SESSION['tracking']['refID'])) {
// check if referer exists
if (isset($_GET['refID'])) {
$campaign_check_query_raw = "SELECT *\n\t\t\t FROM " . TABLE_CAMPAIGNS . " \n\t\t\t WHERE campaigns_refID = '" . vam_db_input($_GET['refID']) . "'";
$campaign_check_query = vam_db_query($campaign_check_query_raw);
if (vam_db_num_rows($campaign_check_query) > 0) {
$_SESSION['tracking']['refID'] = vam_db_input($_GET['refID']);
// count hit (block IP for 1 hour)
$insert_sql = array('user_ip' => $_SESSION['tracking']['ip'], 'campaign' => vam_db_input($_GET['refID']), 'time' => 'now()');
// $check_date = mktime(0, date("i")-1, 0, date("m"), date("d"), date("Y"));
// $ip_query = vam_db_query("SELECT * FROM ".TABLE_CAMPAIGNS_IP." WHERE campaign='".vam_db_input($_GET['refID'])."' and user_ip='".$_SESSION['tracking']['ip']."' and time > '".$check_date."'");
// if (!vam_db_num_rows($ip_query))
vam_db_perform(TABLE_CAMPAIGNS_IP, $insert_sql);
}
}
}
if (!isset($_SESSION['tracking']['date'])) {
$_SESSION['tracking']['date'] = date("Y-m-d H:i:s");
}
if (!isset($_SESSION['tracking']['browser'])) {
$_SESSION['tracking']['browser'] = $_SERVER["HTTP_USER_AGENT"];
}
$i = count($_SESSION['tracking']['pageview_history']);
if ($i > 6) {
array_shift($_SESSION['tracking']['pageview_history']);
$_SESSION['tracking']['pageview_history'][6] = $ref_url;
} else {
$_SESSION['tracking']['pageview_history'][$i] = $ref_url;
for ($pincycle = 0; $pincycle < $order->products[$i]['qty']; $pincycle++) {
if ($attributes_values['products_attributes_is_pin']) {
$pin_query = vam_db_query("SELECT products_pin_id, products_pin_code FROM " . TABLE_PRODUCTS_PINS . " WHERE products_id = '" . $order->products[$i]['id'] . "' AND products_pin_used='0' LIMIT 1");
if (vam_db_num_rows($pin_query) == '0') {
// We have no PIN for this product
// insert some error notifying here
$pin = PIN_NOT_AVAILABLE;
} else {
$pin_res = vam_db_fetch_array($pin_query);
$pin = $pin_res['products_pin_code'];
vam_db_query("UPDATE " . TABLE_PRODUCTS_PINS . " SET products_pin_used='" . $insert_id . "' WHERE products_pin_id = '" . $pin_res['products_pin_id'] . "'");
}
}
//PIN
$sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'orders_products_filename' => $attributes_values['products_attributes_filename'], 'download_maxdays' => $attributes_values['products_attributes_maxdays'], 'download_count' => $attributes_values['products_attributes_maxcount'], 'download_is_pin' => $attributes_values['products_attributes_is_pin'], 'download_pin_code' => $pin);
vam_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array);
}
}
}
}
//------insert customer choosen option eof ----
$total_weight += $order->products[$i]['qty'] * $order->products[$i]['weight'];
$total_tax += vam_calculate_tax($total_products_price, $products_tax) * $order->products[$i]['qty'];
$total_cost += $total_products_price;
}
if (isset($_SESSION['tracking']['refID'])) {
vam_db_query("update " . TABLE_ORDERS . " set\n\t refferers_id = '" . $_SESSION['tracking']['refID'] . "'\n\t where orders_id = '" . $insert_id . "'");
// check if late or direct sale
$customers_logon_query = "SELECT customers_info_number_of_logons\n\t\t\t\t FROM " . TABLE_CUSTOMERS_INFO . " \n\t\t\t\t WHERE customers_info_id = '" . $_SESSION['customer_id'] . "'";
$customers_logon_query = vam_db_query($customers_logon_query);
$customers_logon = vam_db_fetch_array($customers_logon_query);
function vam_set_groups($categories_id, $permission_array)
{
// get products in categorie
$products_query = vam_db_query("SELECT products_id FROM " . TABLE_PRODUCTS_TO_CATEGORIES . " where categories_id='" . $categories_id . "'");
while ($products = vam_db_fetch_array($products_query)) {
vam_db_perform(TABLE_PRODUCTS, $permission_array, 'update', 'products_id = \'' . $products['products_id'] . '\'');
}
// set status of categorie
vam_db_perform(TABLE_CATEGORIES, $permission_array, 'update', 'categories_id = \'' . $categories_id . '\'');
// look for deeper categories and go rekursiv
$categories_query = vam_db_query("SELECT categories_id FROM " . TABLE_CATEGORIES . " where parent_id='" . $categories_id . "'");
while ($categories = vam_db_fetch_array($categories_query)) {
vam_set_groups($categories['categories_id'], $permission_array);
}
}
(c) 2000-2001 The Exchange Project (earlier name of osCommerce)
(c) 2002-2003 osCommercecoding standards www.oscommerce.com
(c) 2004 xt:Commerce (popup_memo.php,v 1.7 2003/08/18); xt-commerce.com
Released under the GNU General Public License
--------------------------------------------------------------*/
require 'includes/application_top.php';
include DIR_FS_LANGUAGES . $_SESSION['language'] . '/admin/customers.php';
if ($_GET['action']) {
switch ($_GET['action']) {
case 'save':
$memo_title = vam_db_prepare_input($_POST['memo_title']);
$memo_text = vam_db_prepare_input($_POST['memo_text']);
if ($memo_text != '' && $memo_title != '') {
$sql_data_array = array('customers_id' => $_POST['ID'], 'memo_date' => date("Y-m-d"), 'memo_title' => $memo_title, 'memo_text' => nl2br($memo_text), 'poster_id' => $_SESSION['customer_id']);
vam_db_perform(TABLE_CUSTOMERS_MEMO, $sql_data_array);
}
break;
case 'remove':
vam_db_query("DELETE FROM " . TABLE_CUSTOMERS_MEMO . " where memo_id='" . $_GET['mID'] . "'");
break;
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html <?php
echo HTML_PARAMS;
?>
>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php
$languages = vam_get_languages();
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
$shipping_status_name_array = $_POST['shipping_status_name'];
$language_id = $languages[$i]['id'];
$sql_data_array = array('shipping_status_name' => vam_db_prepare_input($shipping_status_name_array[$language_id]));
if ($_GET['action'] == 'insert') {
if (!vam_not_null($shipping_status_id)) {
$next_id_query = vam_db_query("select max(shipping_status_id) as shipping_status_id from " . TABLE_SHIPPING_STATUS . "");
$next_id = vam_db_fetch_array($next_id_query);
$shipping_status_id = $next_id['shipping_status_id'] + 1;
}
$insert_sql_data = array('shipping_status_id' => $shipping_status_id, 'language_id' => $language_id);
$sql_data_array = vam_array_merge($sql_data_array, $insert_sql_data);
vam_db_perform(TABLE_SHIPPING_STATUS, $sql_data_array);
} elseif ($_GET['action'] == 'save') {
vam_db_perform(TABLE_SHIPPING_STATUS, $sql_data_array, 'update', "shipping_status_id = '" . vam_db_input($shipping_status_id) . "' and language_id = '" . $language_id . "'");
}
}
if ($shipping_status_image =& vam_try_upload('shipping_status_image', DIR_WS_ICONS)) {
vam_db_query("update " . TABLE_SHIPPING_STATUS . " set shipping_status_image = '" . $shipping_status_image->filename . "' where shipping_status_id = '" . vam_db_input($shipping_status_id) . "'");
}
if ($_POST['default'] == 'on') {
vam_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . vam_db_input($shipping_status_id) . "' where configuration_key = 'DEFAULT_SHIPPING_STATUS_ID'");
}
vam_redirect(vam_href_link(FILENAME_SHIPPING_STATUS, 'page=' . $_GET['page'] . '&oID=' . $shipping_status_id));
break;
case 'deleteconfirm':
$oID = vam_db_prepare_input($_GET['oID']);
$shipping_status_query = vam_db_query("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'DEFAULT_SHIPPING_STATUS_ID'");
$shipping_status = vam_db_fetch_array($shipping_status_query);
if ($shipping_status['configuration_value'] == $oID) {
}
}
for ($img = 0; $img < MO_PICS; $img++) {
if ($pIMG =& vam_try_upload('mo_pics_' . $img, DIR_FS_CATALOG_IMAGES . 'product_options/', '777', '')) {
$pname_arr = explode('.', $pIMG->filename);
$nsuffix = array_pop($pname_arr);
$value_image_name = $_POST['value_id'] . '_' . ($img + 1) . '.' . $nsuffix;
rename(DIR_FS_CATALOG_IMAGES . 'product_options/' . $pIMG->filename, DIR_FS_CATALOG_IMAGES . 'product_options/' . $value_image_name);
//get data & write to table
$mo_img = array('products_options_values_id' => vam_db_prepare_input($_POST['value_id']), 'image_nr' => vam_db_prepare_input($img + 1), 'image_name' => vam_db_prepare_input($value_image_name));
// if ($action == 'insert') {
$_imgQuery = vam_db_query("SELECT count(*) as count FROM " . TABLE_PRODUCTS_OPTIONS_IMAGES . " WHERE image_nr='" . ($img + 1) . "' and products_options_values_id='" . vam_db_prepare_input($_POST['value_id']) . "'");
$_imgQuery = vam_db_fetch_array($_imgQuery);
if ($_imgQuery['count'] > 0) {
} else {
vam_db_perform(TABLE_PRODUCTS_OPTIONS_IMAGES, $mo_img);
}
}
}
if ($_POST['del_mo_pic'] != '') {
foreach ($_POST['del_mo_pic'] as $dummy => $val) {
@vam_del_image_options_file($val);
vam_db_query("DELETE FROM " . TABLE_PRODUCTS_OPTIONS_IMAGES . "\n\t\t\t\t\t\t\t\t\t WHERE products_options_values_id = '" . vam_db_input($_POST['value_id']) . "' AND image_name = '" . $val . "'");
}
}
//are we asked to delete some pics?
if ($_POST['del_pic'] != '') {
@vam_del_image_options_file($products_data['del_pic']);
// vam_db_query("UPDATE ".TABLE_PRODUCTS_OPTIONS_IMAGES."
// SET products_options_values_id = ''
// WHERE products_options_values_id = '".vam_db_input($_POST['del_pic'])."'");
}
$sql_data_array = array('affiliate_id' => $_SESSION['affiliate_ref'], 'affiliate_clientdate' => $affiliate_clientdate, 'affiliate_clientbrowser' => $affiliate_clientbrowser, 'affiliate_clientip' => $affiliate_clientip, 'affiliate_clientreferer' => $affiliate_clientreferer, 'affiliate_products_id' => $affiliate_products_id, 'affiliate_banner_id' => $affiliate_banner_id);
vam_db_perform(TABLE_AFFILIATE_CLICKTHROUGHS, $sql_data_array);
$_SESSION['affiliate_clickthroughs_id'] = vam_db_insert_id();
// Banner has been clicked, update stats:
if ($affiliate_banner_id && $_SESSION['affiliate_ref']) {
$today = date('Y-m-d');
$sql = "select * from " . TABLE_AFFILIATE_BANNERS_HISTORY . " where affiliate_banners_id = '" . $affiliate_banner_id . "' and affiliate_banners_affiliate_id = '" . $_SESSION['affiliate_ref'] . "' and affiliate_banners_history_date = '" . $today . "'";
$banner_stats_query = vam_db_query($sql);
// Banner has been shown today
if (vam_db_fetch_array($banner_stats_query)) {
vam_db_query("update " . TABLE_AFFILIATE_BANNERS_HISTORY . " set affiliate_banners_clicks = affiliate_banners_clicks + 1 where affiliate_banners_id = '" . $affiliate_banner_id . "' and affiliate_banners_affiliate_id = '" . $_SESSION['affiliate_ref'] . "' and affiliate_banners_history_date = '" . $today . "'");
// Initial entry if banner has not been shown
} else {
$sql_data_array = array('affiliate_banners_id' => $affiliate_banner_id, 'affiliate_banners_products_id' => $affiliate_products_id, 'affiliate_banners_affiliate_id' => $_SESSION['affiliate_ref'], 'affiliate_banners_clicks' => '1', 'affiliate_banners_history_date' => $today);
vam_db_perform(TABLE_AFFILIATE_BANNERS_HISTORY, $sql_data_array);
}
}
// Set Cookie if the customer comes back and orders it counts
setcookie('affiliate_ref', $_SESSION['affiliate_ref'], time() + AFFILIATE_COOKIE_LIFETIME);
}
if ($_COOKIE['affiliate_ref']) {
// Customer comes back and is registered in cookie
$_SESSION['affiliate_ref'] = $_COOKIE['affiliate_ref'];
}
}
////
// Compatibility to older Snapshots
// set the type of request (secure or not)
if (!isset($request_type)) {
$request_type = getenv('HTTPS') == 'on' ? 'SSL' : 'NONSSL';
$faq_page_url = $alias;
} else {
$faq_page_url = $_POST['faq_page_url'];
}
$sql_data_array = array('question' => vam_db_prepare_input($_POST['question']), 'faq_page_url' => vam_db_prepare_input($faq_page_url), 'answer' => vam_db_prepare_input($_POST['answer']), 'date_added' => 'now()', 'language' => vam_db_prepare_input($_POST['item_language']), 'status' => '1');
vam_db_perform(TABLE_FAQ, $sql_data_array);
$faq_id = vam_db_insert_id();
//not actually used ATM -- just there in case
}
// vam_redirect(vam_href_link(FILENAME_FAQ));
break;
case 'update_faq':
//user wants to modify a faq.
if ($_GET['faq_id']) {
$sql_data_array = array('question' => vam_db_prepare_input($_POST['question']), 'faq_page_url' => vam_db_prepare_input($_POST['faq_page_url']), 'answer' => vam_db_prepare_input($_POST['answer']), 'date_added' => vam_db_prepare_input($_POST['date_added']), 'language' => vam_db_prepare_input($_POST['item_language']));
vam_db_perform(TABLE_FAQ, $sql_data_array, 'update', "faq_id = '" . vam_db_prepare_input($_GET['faq_id']) . "'");
}
// vam_redirect(vam_href_link(FILENAME_FAQ));
break;
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html <?php
echo HTML_PARAMS;
?>
>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php
echo $_SESSION['language_charset'];
?>
$update_sql_data = array('last_modified' => 'now()');
$sql_data_array = array_merge($sql_data_array, $update_sql_data);
vam_db_perform(TABLE_AUTHORS, $sql_data_array, 'update', "authors_id = '" . (int) $authors_id . "'");
}
$languages = vam_get_languages();
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
$authors_desc_array = $_POST['authors_description'];
$authors_url_array = $_POST['authors_url'];
$language_id = $languages[$i]['id'];
$sql_data_array = array('authors_description' => vam_db_prepare_input($authors_desc_array[$language_id]), 'authors_url' => vam_db_prepare_input($authors_url_array[$language_id]));
if ($action == 'insert') {
$insert_sql_data = array('authors_id' => $authors_id, 'languages_id' => $language_id);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
vam_db_perform(TABLE_AUTHORS_INFO, $sql_data_array);
} elseif ($action == 'save') {
vam_db_perform(TABLE_AUTHORS_INFO, $sql_data_array, 'update', "authors_id = '" . (int) $authors_id . "' and languages_id = '" . (int) $language_id . "'");
}
}
if (USE_CACHE == 'true') {
vam_reset_cache_block('authors');
}
vam_redirect(vam_href_link(FILENAME_AUTHORS, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . 'auID=' . $authors_id));
break;
case 'deleteconfirm':
$authors_id = vam_db_prepare_input($_GET['auID']);
vam_db_query("delete from " . TABLE_AUTHORS . " where authors_id = '" . (int) $authors_id . "'");
vam_db_query("delete from " . TABLE_AUTHORS_INFO . " where authors_id = '" . (int) $authors_id . "'");
if (isset($_POST['delete_articles']) && $_POST['delete_articles'] == 'on') {
$articles_query = vam_db_query("select articles_id from " . TABLE_ARTICLES . " where authors_id = '" . (int) $authors_id . "'");
while ($articles = vam_db_fetch_array($articles_query)) {
vam_remove_article($articles['articles_id']);
}
//end 2
} else {
//within 1
// $_POST['update_totals'] is not an array => write in all order total components that have been generated by the sundry modules
for ($i = 0, $n = sizeof($order_totals); $i < $n; $i++) {
//8
$new_order_totals[] = array('title' => strip_tags($order_totals[$i]['title']), 'text' => $order_totals[$i]['text'], 'value' => $order_totals[$i]['value'], 'code' => $order_totals[$i]['code'], 'sort_order' => $j);
$j++;
}
//end 8
}
//end if (is_array($_POST['update_totals'])) { //1
for ($i = 0, $n = sizeof($new_order_totals); $i < $n; $i++) {
$sql_data_array = array('orders_id' => $oID, 'title' => strip_tags($new_order_totals[$i]['title']), 'text' => $new_order_totals[$i]['text'], 'value' => $new_order_totals[$i]['value'], 'class' => $new_order_totals[$i]['code'], 'sort_order' => $new_order_totals[$i]['sort_order']);
vam_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array);
}
if (isset($_POST['subaction'])) {
switch ($_POST['subaction']) {
case 'add_product':
vam_redirect(vam_href_link(FILENAME_ORDERS_EDIT, vam_get_all_get_params(array('action')) . 'action=edit#products'));
break;
}
}
// 1.5 SUCCESS MESSAGE #####
// CHECK FOR NEW EMAIL CONFIRMATION
if (isset($_POST['nC1']) || isset($_POST['nC2']) || isset($_POST['nC3'])) {
//then the user selected the option of sending a new email
vam_redirect(vam_href_link(FILENAME_ORDERS_EDIT, vam_get_all_get_params(array('action')) . 'action=email'));
//redirect to the email case
} else {
function vam_write_user_info($customer_id)
{
$sql_data_array = array('customers_id' => $customer_id, 'customers_ip' => $_SESSION['tracking']['ip'], 'customers_ip_date' => 'now()', 'customers_host' => $_SESSION['tracking']['http_referer']['host'], 'customers_advertiser' => $_SESSION['tracking']['refID'], 'customers_referer_url' => $_SESSION['tracking']['http_referer']['host'] . $_SESSION['tracking']['http_referer']['path']);
vam_db_perform(TABLE_CUSTOMERS_IP, $sql_data_array);
return -1;
}
if (ACCOUNT_COMPANY == 'true') {
$sql_data_array['entry_company'] = $company;
}
if (ACCOUNT_SUBURB == 'true') {
$sql_data_array['entry_suburb'] = $suburb;
}
if (ACCOUNT_STATE == 'true') {
if ($zone_id > 0) {
$sql_data_array['entry_zone_id'] = $zone_id;
$sql_data_array['entry_state'] = '';
} else {
$sql_data_array['entry_zone_id'] = '0';
$sql_data_array['entry_state'] = $state;
}
}
vam_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array);
$_SESSION['billto'] = vam_db_insert_id();
if (isset($_SESSION['payment'])) {
unset($_SESSION['payment']);
}
vam_redirect(vam_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));
}
// process the selected billing destination
} elseif (isset($_POST['address'])) {
$reset_payment = false;
if (isset($_SESSION['billto'])) {
if ($billto != $_POST['address']) {
if (isset($_SESSION['payment'])) {
$reset_payment = true;
}
}
