// Display the toolbar? $no_toolbar = vmGet($_REQUEST, 'no_toolbar', 0); // Display just the naked page without toolbar, menu and footer? $only_page_default = strstr($_SERVER['SCRIPT_NAME'], 'index3.php') ? 1 : 0; $only_page = $_REQUEST['only_page'] = vmGet($_REQUEST, 'only_page', $only_page_default); if (empty($page) || empty($_REQUEST['page'])) { if (!empty($_REQUEST['amp;page'])) { $page = $_REQUEST['amp;page']; foreach ($_REQUEST as $key => $val) { if (strstr($key, 'amp;')) { $key = str_replace('amp;', '', $key); $_REQUEST[$key] = $val; } } } else { $page = vmget($_SESSION, 'last_page', 'store.index'); } } $limit = $vm_mainframe->getUserStateFromRequest("viewlistlimit", 'limit', $mosConfig_list_limit); $limitstart = $vm_mainframe->getUserStateFromRequest("view{$page}{$product_id}{$category_id}limitstart", 'limitstart', 0); if (defined('_DONT_VIEW_PAGE') && !isset($install_type)) { echo "<script type=\"text/javascript\">alert('{$error}. Your permissions: " . $_SESSION['auth']['perms'] . "')</script>\n"; } // renew Page-Information if ($pagePermissionsOK) { $my_page = explode('.', $page); $modulename = $my_page[0]; $pagename = $my_page[1]; } if (!defined('_VM_TOOLBAR_LOADED') && $no_toolbar != 1) { if ($vmLayout == 'standard' && strstr($_SERVER['SCRIPT_NAME'], 'index3.php')) {
* @version $Id: admin.update_check.php 1434 2008-06-23 19:33:52Z soeren_nb $ * @package VirtueMart * @subpackage html * @copyright Copyright (C) 2008 soeren - All rights reserved. * @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php * VirtueMart is free software. This version may have been modified pursuant * to the GNU General Public License, and as distributed it includes or * is derivative of works licensed under the GNU General Public License or * other free or open source software licenses. * See /administrator/components/com_virtuemart/COPYRIGHT.php for copyright notices and details. * * http://virtuemart.net * */ global $VM_LANG; if (vmget($_SESSION, 'vm_updatepackage') !== null) { include PAGEPATH . 'admin.update_preview.php'; return; } vmCommonHTML::loadMooTools(); require_once CLASSPATH . 'update.class.php'; if (!empty($_SESSION['vmLatestVersion']) && version_compare($VMVERSION->RELEASE, $_SESSION['vmLatestVersion']) === -1) { $checkbutton_style = 'display:none;'; $downloadbutton_style = ''; } else { $checkbutton_style = ''; $downloadbutton_style = 'display:none;'; } $formObj = new formFactory($VM_LANG->_('VM_UPDATE_CHECK_LBL')); $formObj->startForm('adminForm', 'enctype="multipart/form-data"'); vmUpdate::stepBar(1);
/** * Updates a tax record * @author pablo * * @param arry $d The _REQUEST array * @return boolean True on success, false on failure */ function update(&$d) { global $VM_LANG; $db = new ps_DB(); $ps_vendor_id = $_SESSION["ps_vendor_id"]; $timestamp = time(); if (!$this->validate_update($d)) { return False; } $fields = array('vendor_id' => $ps_vendor_id, 'tax_state' => vmget($d, 'tax_state'), 'tax_country' => vmget($d, 'tax_country'), 'tax_rate' => $d["tax_rate"], 'mdate' => $timestamp); $db->buildQuery('UPDATE', $this->getTable(), $fields, 'WHERE tax_rate_id=' . $d["tax_rate_id"] . ' AND vendor_id=' . $ps_vendor_id); if ($db->query() !== false) { $GLOBALS['vmLogger']->info($VM_LANG->_('VM_TAX_UPDATED')); return True; } $GLOBALS['vmLogger']->err($VM_LANG->_('VM_TAX_UPDATE_FAILED')); return false; }
/** * Checks to see if the incoming address from paypal express checkout is already added * If the address is not added, then it adds the address to the ship to of the user's account * @param &$auth * @return false on failure */ function checkAddress(&$auth) { global $vmLogger, $VM_LANG; /* Select all the ship to information for this user id and * order by modification date; most recently changed to oldest */ if ($auth['user_id']) { $db = new ps_DB(); $q = "SELECT * from #__{vm}_user_info WHERE "; $q .= "user_id=" . (int) $auth['user_id'] . ' '; $q .= "AND address_type='BT'"; $db->query($q); $db->next_record(); // check if an alternative shipping address was returned from PayPal if ($_SESSION['ppex_userdata']['address_1'] != $db->f("address_1") || $_SESSION['ppex_userdata']['city'] != $db->f("city")) { $q = "SELECT * FROM #__{vm}_user_info i "; $q .= "INNER JOIN #__{vm}_country c ON (i.country=c.country_3_code) "; $q .= "LEFT JOIN #__{vm}_state s ON (i.state=s.state_2_code AND s.country_id=c.country_id) "; $q .= "WHERE user_id =" . (int) $auth['user_id'] . ' '; $q .= "AND address_type = 'ST' "; $q .= "ORDER by address_type_name, mdate DESC"; $db->query($q); $add_address = true; if ($db->num_rows() > 0) { while ($db->next_record()) { if ($_SESSION['ppex_userdata']['address_1'] == $db->f("address_1") && $_SESSION['ppex_userdata']['city'] == $db->f("city")) { $add_address = false; break; } } } // Add the new shipping address if not yet available if ($add_address) { $fields = array('address_type' => 'ST', 'address_type_name' => $_SESSION['ppex_userdata']['address_1'] . ', ' . $_SESSION['ppex_userdata']['city'], 'company' => $_SESSION['ppex_userdata']['company'], 'address_1' => $_SESSION['ppex_userdata']['address_1'], 'address_2' => vmget($_SESSION['ppex_userdata'], 'address_2'), 'city' => $_SESSION['ppex_userdata']['city'], 'zip' => $_SESSION['ppex_userdata']['zip'], 'country' => $_SESSION['ppex_userdata']['country'], 'state' => $_SESSION['ppex_userdata']['state']); if (!empty($_SESSION['ppex_userdata']['shiptoname'])) { $fields['first_name'] = $_SESSION['ppex_userdata']['shiptoname']; $fields['last_name'] = ''; } else { $fields['first_name'] = $_SESSION['ppex_userdata']['first_name']; $fields['last_name'] = $_SESSION['ppex_userdata']['last_name']; } $fields['user_id'] = $_SESSION['auth']['user_id']; $fields['user_info_id'] = md5(uniqid($_SESSION['ppex_userdata']['payer_id'])); $fields['address_type'] = 'ST'; $timestamp = time(); $fields['cdate'] = $timestamp; $fields['mdate'] = $timestamp; $db->buildQuery('INSERT', '#__{vm}_user_info', $fields); if ($db->query() === false) { $vmLogger->err($VM_LANG->_('VM_USERADDRESS_ADD_FAILED')); return false; } $vmLogger->info($VM_LANG->_('VM_USERADDRESS_ADDED')); } } } }
* VirtueMart is free software. This version may have been modified pursuant * to the GNU General Public License, and as distributed it includes or * is derivative of works licensed under the GNU General Public License or * other free or open source software licenses. * See /administrator/components/com_virtuemart/COPYRIGHT.php for copyright notices and details. * * http://virtuemart.net * */ global $VM_LANG; if (vmget($_SESSION, 'vm_updatepackage') == null) { $vmLogger->err($VM_LANG->_('VM_UPDATE_NOTDOWNLOADED')); return; } require_once CLASSPATH . 'update.class.php'; $packageContents = vmUpdate::getPatchContents(vmget($_SESSION, 'vm_updatepackage')); if ($packageContents === false) { $vmLogger->flush(); // An Error should be logged before return; } vmCommonHTML::loadMooTools(); $formObj = new formFactory($VM_LANG->_('VM_UPDATE_PREVIEW_LBL')); $formObj->startForm(); $vm_mainframe->addStyleDeclaration(".writable { color:green;}\n.unwritable { color:red;font-weight:bold; }"); vmUpdate::stepBar(2); ?> <a name="warning"></a> <div class="shop_warning"> <span style="font-style: italic;"><?php echo $VM_LANG->_('VM_UPDATE_WARNING_TITLE');
/** * Applies the Patch Package * * @param array $d * @return boolean */ function applyPatch(&$d) { global $vm_mainframe, $vmLogger, $mosConfig_absolute_path, $db, $sess, $VM_LANG; $updatepackage = vmget($_SESSION, 'vm_updatepackage'); if (empty($updatepackage)) { $vmLogger->err($VM_LANG->_('VM_UPDATE_ERR_DOWNLOAD')); return false; } $patchdir = vmUpdate::getPackageDir($updatepackage); // RickG - Save the location of the patch file JRequest::setVar('patchdir', $patchdir); $packageContents = vmUpdate::getPatchContents($updatepackage); if (!vmUpdate::verifyPackage($packageContents)) { return false; } $errors = 0; foreach ($packageContents['fileArr'] as $fileentry) { $file = $fileentry['filename']; $patch_file = $patchdir . '/' . $file; $orig_file = $mosConfig_absolute_path . '/' . $file; if (file_exists($orig_file)) { if (!is_writable($orig_file) && !@chmod($orig_file, 0644)) { $vmLogger->err(sprintf($VM_LANG->_('VM_UPDATE_ERR_FILE_UNWRITABLE'), $mosConfig_absolute_path . '/' . $file)); $errors++; } } else { if ($fileentry['copy_policy'] == 'only_if_exists') { continue; } $dirname = is_dir($patch_file) ? $orig_file : dirname($orig_file); if (is_dir($patch_file) || !file_exists($dirname)) { if (!vmUpdate::mkdirR($dirname, 0755)) { $vmLogger->err(sprintf($VM_LANG->_('VM_UPDATE_ERR_DIR_UNWRITABLE'), $dirname)); $errors++; } } elseif (!is_writable($mosConfig_absolute_path . '/' . dirname($file)) && !@chmod($mosConfig_absolute_path . '/' . dirname($file), 0755)) { $vmLogger->err(sprintf($VM_LANG->_('VM_UPDATE_ERR_DIR_UNWRITABLE'), $mosConfig_absolute_path . '/' . $file)); $errors++; } } } if ($errors > 0) { return false; } foreach ($packageContents['fileArr'] as $fileentry) { $file = $fileentry['filename']; $patch_file = $patchdir . '/' . $file; $orig_file = $mosConfig_absolute_path . '/' . $file; if (!file_exists($orig_file) && $fileentry['copy_policy'] == 'only_if_exists') { continue; } if (is_dir($patch_file) || !file_exists(dirname($orig_file))) { $dirname = is_dir($patch_file) ? $orig_file : dirname($orig_file); if (!vmUpdate::mkdirR($dirname, 755)) { $vmLogger->crit('Failed to create a necessary directory'); } } elseif (!@copy($patch_file, $orig_file)) { $vmLogger->crit(sprintf($VM_LANG->_('VM_UPDATE_ERR_OVERWRITE_FAILED'), $file)); return false; } else { $vmLogger->debug(sprintf($VM_LANG->_('VM_UPDATE_FILE_OVERWROTE'), $file)); } } foreach ($packageContents['queryArr'] as $query) { if ($db->query($query) === false) { $vmLogger->crit(sprintf($VM_LANG->_('VM_UPDATE_ERR_QUERY_FAILED'), $query)); } else { $vmLogger->debug(sprintf($VM_LANG->_('VM_UPDATE_QUERY_EXECUTED'), $query)); } } // RickG - Run the install file if it exists if ($packageContents['installfile']) { include $packageContents['installfile']; com_vminstall($patchdir); } $db->query('UPDATE `#__components` SET `params` = \'RELEASE=' . $packageContents['toversion'] . '\\nDEV_STATUS=stable\' WHERE `name` = \'virtuemart_version\''); $_SESSION['vmupdatemessage'] = sprintf($VM_LANG->_('VM_UPDATE_SUCCESS'), $packageContents['forversion'], $packageContents['toversion']); // Delete the patch package file vmUpdate::removePackageFile($d); if (vmIsXHR()) { $vm_mainframe->addResponseScript('parent.loadPage("' . $GLOBALS['sess']->url($_SERVER['PHP_SELF'] . '?page=admin.update_result', false, false) . '");'); } else { // Redirect to the Result Page and display the Update Message there vmRedirect($sess->url($_SERVER['PHP_SELF'] . '?page=admin.update_result', false, false)); } }
vmRequest::setVar('product_id', $tmp_product_id); vmRequest::setVar('page', 'shop.product_details'); } elseif (!empty($tmp_category_id)) { vmRequest::setVar('category_id', $tmp_category_id); vmRequest::setVar('page', 'shop.browse'); } if ((!empty($tmp_product_id) || !empty($tmp_category_id)) && !empty($tmp_flypage)) { vmRequest::setVar('flypage', $tmp_flypage); } if (!empty($tmp_page)) { vmRequest::setVar('page', $tmp_page); } // Set the default page $defaultpage = HOMEPAGE; } else { $defaultpage = vmget($_SESSION, 'last_page'); } $page = vmRequest::getVar('page', $defaultpage); $func = vmRequest::getVar('func'); $ajax_request = strtolower(vmGet($_SERVER, 'HTTP_X_REQUESTED_WITH')) == 'xmlhttprequest' || vmGet($_REQUEST, 'ajax_request') == '1'; $option = vmRequest::getVar('option'); // This makes it possible to use Shared SSL $sess->prepare_SSL_Session(); if ($option == "com_virtuemart") { // Get sure that we have float values with a decimal point! @setlocale(LC_NUMERIC, 'en_US', 'en'); @setlocale(LC_TIME, $mosConfig_locale); $mosConfig_list_limit = isset($mosConfig_list_limit) ? $mosConfig_list_limit : SEARCH_ROWS; unset($_REQUEST["error"]); // Cast all the following fields to INT $parseToIntFields = array('user_id', 'product_id', 'category_id', 'manufacturer_id', 'id', 'cid', 'vendor_id', 'country_id', 'currency_id', 'limitstart', 'tax_rate_id', 'order_id', 'module_id', 'function_id', 'payment_method_id', 'coupon_id', 'product_type_id', 'product_price_id', 'shopper_group_id');
/** * Prepare the change of the pulish state of an item * * @param array $d The REQUEST array * @return boolean True on success, false on failure */ function handlePublishState($d) { global $vmLogger, $VM_LANG; $has_vendor = true; if (!empty($d['product_id']) && empty($d['review_id']) && empty($d['file_id'])) { $table_name = "#__{vm}_product"; $publish_field_name = 'product_publish'; $field_name = 'product_id'; } elseif (!empty($d['category_id'])) { $table_name = "#__{vm}_category"; $publish_field_name = 'category_publish'; $field_name = 'category_id'; } elseif (!empty($d['payment_method_id'])) { $table_name = "#__{vm}_payment_method"; $publish_field_name = 'payment_enabled'; $field_name = 'payment_method_id'; } elseif (!empty($d['order_export_id'])) { $table_name = "#__{vm}_order_export"; $publish_field_name = 'export_enabled'; $field_name = 'order_export_id'; } elseif (!empty($d['review_id'])) { $table_name = "#__{vm}_product_reviews"; $publish_field_name = 'published'; $field_name = 'review_id'; $has_vendor = false; } elseif (!empty($d['fieldid'])) { $table_name = "#__{vm}_userfield"; $publish_field_name = empty($d['item']) ? 'published' : vmget($d, 'item'); $field_name = 'fieldid'; } elseif (!empty($d['file_id'])) { $table_name = "#__{vm}_product_files"; $publish_field_name = 'file_published'; $field_name = 'file_id'; $has_vendor = false; } else { $vmLogger->err($VM_LANG->_('VM_ABSTRACTOBJECT_PUBLISH_ERR_TYPE')); return false; } return $this->changePublishState($d[$field_name], $d['task'], $table_name, $publish_field_name, $field_name, $has_vendor); }
* @subpackage html * @copyright Copyright (C) 2004-2007 soeren - All rights reserved. * @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php * VirtueMart is free software. This version may have been modified pursuant * to the GNU General Public License, and as distributed it includes or * is derivative of works licensed under the GNU General Public License or * other free or open source software licenses. * See /administrator/components/com_virtuemart/COPYRIGHT.php for copyright notices and details. * * http://virtuemart.net */ mm_showMyFileName(__FILE__); global $ps_product; require_once CLASSPATH . "pageNavigation.class.php"; require_once CLASSPATH . "htmlTools.class.php"; $product_id = vmget($_REQUEST, 'product_id', 0); if (is_array($product_id)) { $product_id = (int) $product_id[0]; } if (empty($product_id)) { $vmLogger->err('No Product ID provided.'); return; } $product_parent_id = vmGet($_REQUEST, 'product_parent_id', 0); $return_args = vmGet($_REQUEST, 'return_args'); if (empty($product_parent_id)) { $title = $VM_LANG->_('PHPSHOP_PRODUCT_LBL'); } else { $title = $VM_LANG->_('PHPSHOP_PRODUCT_FORM_ITEM_LBL'); } $title .= "<br/>" . $VM_LANG->_('PHPSHOP_PRICE_LIST_FOR_LBL') . " ";
* other free or open source software licenses. * See /administrator/components/com_virtuemart/COPYRIGHT.php for copyright notices and details. * * http://virtuemart.net */ mm_showMyFileName(__FILE__); require_once CLASSPATH . 'ps_vendor.php'; $ps_vendor = new ps_vendor(); $db2 = new ps_DB(); $product_id = vmGet($vars, 'product_id', 0); if (empty($product_id)) { include PAGEPATH . 'product.product_list.php'; return; } $product_parent_id = vmGet($_REQUEST, 'product_parent_id', 0); $vars["product_parent_id"] = vmget($vars, 'product_parent_id', 0); if ($product_parent_id == $vars["product_parent_id"]) { if ($func == "productAdd") { $action = $VM_LANG->_('PHPSHOP_PRODUCT_DISPLAY_ADD_ITEM_LBL'); } else { $action = $VM_LANG->_('PHPSHOP_PRODUCT_DISPLAY_UPDATE_ITEM_LBL'); } $info_label = $VM_LANG->_('PHPSHOP_PRODUCT_FORM_ITEM_INFO_LBL'); $status_label = $VM_LANG->_('PHPSHOP_PRODUCT_FORM_ITEM_STATUS_LBL'); $dim_weight_label = $VM_LANG->_('PHPSHOP_PRODUCT_FORM_ITEM_DIM_WEIGHT_LBL'); $images_label = $VM_LANG->_('PHPSHOP_PRODUCT_FORM_ITEM_IMAGES_LBL'); } else { $product_parent_id = ""; if ($func == "productAdd") { $action = $VM_LANG->_('PHPSHOP_PRODUCT_DISPLAY_ADD_PRODUCT_LBL'); } else {
/** * This reformats an URL, appends "option=com_virtuemart" and "Itemid=XX" * where XX is the Id of an entry in the table mos_menu with "link: option=com_virtuemart" * It also calls sefRelToAbs to apply SEF formatting * * @param string $text THE URL * @param boolean False: Create a URI like /joomla/index.php?....; True: Create a URI like http://www.domain.com/index.php?.... * @return string The reformatted URL */ function url($text, $createAbsoluteURI = false, $encodeAmpersands = true, $ignoreSEF = false) { global $mm_action_url, $page, $mainframe; if (!defined('_VM_IS_BACKEND')) { // Strip the parameters from the $text variable and parse to a temporary array $tmp_text = str_replace('amp;', '', substr($text, strpos($text, '?'))); if (substr($tmp_text, 0, 1) == '?') { $tmp_text = substr($tmp_text, 1); } parse_str($tmp_text, $ii_arr); // Init the temp. Itemid $tmp_Itemid = ''; $db = new ps_DB(); // Check if there is a menuitem for a product_id (highest priority) if (!empty($ii_arr['product_id'])) { if ($ii_product_id = intval($ii_arr['product_id'])) { $db->query("SELECT id FROM #__menu WHERE link='index.php?option=com_virtuemart' AND params like '%product_id={$ii_product_id}%' AND published=1"); if ($db->next_record()) { $tmp_Itemid = $db->f("id"); } } } // Check if there is a menuitem for a category_id // This only checks for the exact category ID, it might be good to check for parents also. But at the moment, this would produce a lot of queries if (!empty($ii_arr['category_id'])) { $ii_cat_id = intval($ii_arr['category_id']); if ($ii_cat_id && $tmp_Itemid == '') { $db->query("SELECT id FROM #__menu WHERE link='index.php?option=com_virtuemart' AND params like '%category_id={$ii_cat_id}%' AND published=1"); if ($db->next_record()) { $tmp_Itemid = $db->f("id"); } } } // Check if there is a menuitem for a flypage if (!empty($ii_arr['flypage'])) { $ii_flypage = $db->getEscaped(vmget($ii_arr, 'flypage')); if ($ii_flypage && $tmp_Itemid == '') { $db->query("SELECT id FROM #__menu WHERE link='index.php?option=com_virtuemart' AND params like '%flypage={$ii_flypage}%' AND published=1"); if ($db->next_record()) { $tmp_Itemid = $db->f("id"); } } } // Check if there is a menuitem for a page if (!empty($ii_arr['page'])) { $ii_page = $db->getEscaped(vmget($ii_arr, 'page')); if ($ii_page && $tmp_Itemid == '') { $db->query("SELECT id FROM #__menu WHERE link='index.php?option=com_virtuemart' AND params like '%page={$ii_page}%' AND published=1"); if ($db->next_record()) { $tmp_Itemid = $db->f("id"); } } } // If we haven't found an Itemid, use the standard VM-Itemid $Itemid = "&Itemid=" . ($tmp_Itemid ? $tmp_Itemid : $this->getShopItemid()); } else { $Itemid = NULL; } // split url into base ? path $limiter = strpos($text, '?'); if ($limiter === false) { if (!strstr($text, "=")) { // $text recognized to be parameter-list (bug?) $base = NULL; $params = $text; } else { // text recognized to be url without parameters $base = $mm_action_url; $params = $text; } } else { // base?params $base = substr($text, 0, $limiter); $params = substr($text, $limiter + 1); } // normalize base (cut off multislashes) $base = str_replace("//", "/", $base); $base = str_replace(":/", "://", $base); // add script name to naked base url // TODO: Improve if ($base == URL || $base == SECUREURL) { $base .= basename($_SERVER['SCRIPT_NAME']); } if (!basename($base)) { $base .= basename($_SERVER['SCRIPT_NAME']); } // append "&option=com_virtuemart&Itemid=XX" $params .= !strstr($params, $this->component_name) ? ($params ? "&" : NULL) . $this->component_name : NULL; $params .= $Itemid; if (vmIsAdminMode() && strstr($text, 'func') !== false) { $params .= ($params ? "&" : NULL) . 'vmtoken=' . vmSpoofValue($this->getSessionId()); } if (!defined('_VM_IS_BACKEND')) { // index3.php is not available in the frontend! $base = str_replace("index3.php", "index2.php", $base); $url = basename($base) . "?" . $params; // make url absolute if ($createAbsoluteURI && !substr($url, 0, 4) != "http") { $url = (stristr($text, SECUREURL) ? SECUREURL : URL) . substr($url, $url[0] == '/' ? 1 : 0); } if (class_exists('JRoute') && !$ignoreSEF && $mainframe->getCfg('sef')) { $url = JRoute::_($url); } else { if (function_exists('sefRelToAbs') && !$ignoreSEF && !defined('_JLEGACY')) { $url = sefRelToAbs($url); } } } else { // backend $url = ($_SERVER['SERVER_PORT'] == 443 ? SECUREURL : URL) . "administrator/" . basename($base) . "?" . $params; } $url = $encodeAmpersands ? vmAmpReplace($url) : str_replace('&', '&', $url); return $url; }