/**
* Install module
* Should be redefined
* In redefinition before call to parent method should be init SettingsFields
*
*/
function install()
{
db_query("insert into " . MODULES_TABLE . " ( module_name, ModuleClassName ) " . " values( '" . $this->title . "', '" . get_class($this) . "' ) ");
$NewModuleConfigID = db_insert_id();
$this->ModuleConfigID = $NewModuleConfigID;
$sql = "\n UPDATE " . MODULES_TABLE . "\n SET module_name='" . $this->title . ($this->SingleInstall ? '' : ' (' . $NewModuleConfigID . ")") . "'\n WHERE module_id=" . $NewModuleConfigID . "\n ";
db_query($sql);
$this->_initSettingFields();
$this->SettingsFields = xEscapeSQLstring($this->SettingsFields);
foreach ($this->Settings as $_SettingName) {
$sql = "\n INSERT INTO " . SETTINGS_TABLE . "\n (\n settings_groupID, settings_constant_name,\n settings_value,\n settings_title,\n settings_description,\n settings_html_function,\n sort_order\n )\n VALUES (\n " . settingGetFreeGroupId() . ", '" . $_SettingName . ($this->SingleInstall ? '' : '_' . $NewModuleConfigID) . "',\n '" . (isset($this->SettingsFields[$_SettingName]['settings_value']) ? $this->SettingsFields[$_SettingName]['settings_value'] : '') . "',\n '" . (isset($this->SettingsFields[$_SettingName]['settings_title']) ? $this->SettingsFields[$_SettingName]['settings_title'] : '') . "',\n '" . (isset($this->SettingsFields[$_SettingName]['settings_description']) ? $this->SettingsFields[$_SettingName]['settings_description'] : '') . "',\n '" . (isset($this->SettingsFields[$_SettingName]['settings_html_function']) ? $this->SettingsFields[$_SettingName]['settings_html_function'] : '') . "',\n '" . (isset($this->SettingsFields[$_SettingName]['sort_order']) ? $this->SettingsFields[$_SettingName]['sort_order'] : '') . "'\n )";
db_query($sql);
}
}
function _deleteRate($_Amount)
{
$sql = '
DELETE FROM ' . $this->DB_TABLE . '
WHERE module_id=' . (int) $this->ModuleConfigID . ' AND orderAmount="' . xEscapeSQLstring($_Amount) . '"
';
db_query($sql);
}
function regEmailNotification($smarty_mail, $login, $cust_password, $Email, $first_name, $last_name, $subscribed4news, $additional_field_values, $countryID, $zoneID, $state, $city, $address, $updateOperation)
{
$user = array();
$smarty_mail->assign("login", $login);
$smarty_mail->assign("cust_password", $cust_password);
$smarty_mail->assign("first_name", $first_name);
$smarty_mail->assign("last_name", $last_name);
$smarty_mail->assign("Email", $Email);
$additional_field_values = GetRegFieldsValues($login);
$smarty_mail->assign("additional_field_values", $additional_field_values);
$addresses = regGetAllAddressesByLogin($login);
for ($i = 0; $i < count($addresses); $i++) {
$addresses[$i]["addressStr"] = regGetAddressStr((int) $addresses[$i]["addressID"]);
}
$smarty_mail->assign("addresses", $addresses);
if (CONF_ENABLE_REGCONFIRMATION) {
$sql = 'SELECT ActivationCode FROM ' . CUSTOMERS_TABLE . '
WHERE Login="******" AND cust_password="******"';
@(list($ActivationCode) = db_fetch_row(db_query($sql)));
$smarty_mail->assign('ActURL', CONF_FULL_SHOP_URL . (substr(CONF_FULL_SHOP_URL, strlen(CONF_FULL_SHOP_URL) - 1, 1) == '/' ? '' : '/') . 'index.php?act_customer=1&act_code=' . $ActivationCode);
$smarty_mail->assign('ActCode', $ActivationCode);
}
$html = $smarty_mail->fetch("register_successful.tpl");
xMailTxtHTMLDATA($Email, EMAIL_REGISTRATION, $html);
}
function xEscapeSQLstring($_Data, $_Params = array(), $_Key = array())
{
if (!is_array($_Data)) {
return mysql_real_escape_string($_Data);
}
if (!is_array($_Key)) {
$_Key = array($_Key);
}
foreach ($_Data as $__Key => $__Data) {
if (count($_Key) && !is_array($__Data)) {
if (in_array($__Key, $_Key)) {
$_Data[$__Key] = xEscapeSQLstring($__Data, $_Params, $_Key);
}
} else {
$_Data[$__Key] = xEscapeSQLstring($__Data, $_Params, $_Key);
}
}
return $_Data;
}
<?php
if (isset($_GET['act_customer']) && CONF_ENABLE_REGCONFIRMATION) {
$ActErr = false;
if (isset($_GET['act_code'])) {
if ($_GET['act_code']) {
$sql = 'SELECT customerID, Login, cust_password FROM ' . CUSTOMERS_TABLE . '
WHERE ActivationCode="' . xEscapeSQLstring($_GET['act_code']) . '"
AND ActivationCode!="" AND ActivationCode IS NOT NULL';
$Result = db_query($sql);
$Customer = db_fetch_row($Result);
if (isset($Customer['Login']) && $Customer['Login']) {
regActivateCustomer($Customer['customerID']);
regAuthenticate($Customer['Login'], cryptPasswordDeCrypt($Customer['cust_password'], null));
if (isset($_GET['order2']) && xDataExists('xREGMAILCONF_URLORDER2')) {
Redirect(xPopData('xREGMAILCONF_URLORDER2'));
} else {
Redirect(set_query('&act_code=&act_ok=1'));
}
} else {
$smarty->hassign('ActCode', $_GET['act_code']);
$ActErr = true;
}
} else {
$ActErr = true;
}
}
if (isset($_GET['act_ok'])) {
$smarty->assign('ActOk', 1);
}
if (isset($_GET['notact'])) {
/**
* @param int $orderID
* @param array $shipping_info - ('countryID','zoneID', 'zip')
* @param array $billing_info - ('countryID','zoneID', 'zip')
*/
function saveToOrderedCarts($orderID, $shipping_info, $billing_info, $calculate_tax = true)
{
$sql = "DELETE FROM ?#ORDERED_CARTS_TABLE WHERE orderID=?";
db_phquery($sql, $orderID);
$r_aItem = $this->Items->getChildNodes('item');
$tc = count($r_aItem);
for ($i = 0; $i < $tc; $i++) {
$aItem =& $r_aItem[$i];
/* @var $aItem xmlNodeX */
$aProduct =& $aItem->getFirstChildByName('product');
$productID = $aProduct->attribute('id');
db_phquery('INSERT ?#SHOPPING_CART_ITEMS_TABLE (productID) VALUES(?)', $productID);
$aItem->attribute('id', db_insert_id(SHOPPING_CART_ITEMS_TABLE));
//if(strpos($aItem->attribute('id'), '_') !== false){
// db_phquery('INSERT ?#SHOPPING_CART_ITEMS_TABLE (productID) VALUES(?)',$productID);
// $aItem->attribute('id', db_insert_id(SHOPPING_CART_ITEMS_TABLE));
$aVariants =& $aItem->getFirstChildByName('variants');
$r_aVariant = $aVariants->getChildrenByName('variant');
foreach ($r_aVariant as $aVariant) {
/* @var $aVariant xmlNodeX */
db_phquery('INSERT ?#SHOPPING_CART_ITEMS_CONTENT_TABLE (itemID, variantID)
VALUES(?,?)', $aItem->attribute('id'), $aVariant->attribute('id'));
}
//}
$dbq = '
SELECT ' . LanguagesManager::sql_prepareField('name') . ' AS name, product_code, categoryID FROM ?#PRODUCTS_TABLE WHERE productID=?
';
$q_product = db_phquery($dbq, $productID);
$product = db_fetch_row($q_product);
$productComplexName = '';
$aVariants =& $aItem->getFirstChildByName('variants');
$r_aVariant = $aVariants->getChildrenByName('variant');
$variants = array();
foreach ($r_aVariant as $aVariant) {
/* @var $aVariant xmlNodeX */
$variants[] = $aVariant->attribute('id');
}
$options = GetStrOptions($variants);
if ($options != "") {
$productComplexName = $product["name"] . " (" . $options . ")";
} else {
$productComplexName = $product["name"];
}
if ($product["product_code"]) {
$productComplexName = "[" . $product["product_code"] . "] " . $productComplexName;
}
$price = GetPriceProductWithOption($variants, $productID);
if ($aItem->getChildData('sample')) {
$productComplexName .= " [SAMPLE]";
$q_sample_price = db_phquery('SELECT sample_price FROM SC_categories WHERE categoryID=(SELECT categoryID FROM SC_products WHERE productID=?)', $productID);
$sample_price = db_fetch_assoc($q_sample_price);
$price = $sample_price["sample_price"];
$quantity = 1;
} else {
$quantity = $aItem->getChildData('quantity');
}
$tax = $calculate_tax ? taxCalculateTax2($productID, $shipping_info, $billing_info) : 0;
$dbq = '
INSERT ?#ORDERED_CARTS_TABLE (itemID, orderID, name, Price, Quantity, tax )
VALUES (?, ?, ?, ?, ?, ?)
';
db_phquery($dbq, $aItem->attribute('id'), $orderID, $productComplexName, $price, $quantity, $tax);
$q = db_phquery('SELECT statusID FROM ?#ORDERS_TABLE WHERE orderID=?', $orderID);
$order = db_fetch_row($q);
if ($order["statusID"] != ostGetCanceledStatusId() && CONF_CHECKSTOCK) {
$dbq = '
UPDATE ?#PRODUCTS_TABLE SET in_stock=in_stock-' . xEscapeSQLstring($quantity) . '
WHERE productID=?
';
db_phquery($dbq, $productID);
}
}
}
