function send($newsletter_id) { global $db; $audience_select = get_audience_sql_query($this->query_name, 'newsletters'); $audience = $db->Execute($audience_select['query_string']); $records = $audience->RecordCount(); if ($records == 0) { return 0; } $i = 0; while (!$audience->EOF) { $i++; $html_msg['EMAIL_FIRST_NAME'] = $audience->fields['customers_firstname']; $html_msg['EMAIL_LAST_NAME'] = $audience->fields['customers_lastname']; $html_msg['EMAIL_GREET'] = EMAIL_GREET; $html_msg['EMAIL_MESSAGE_HTML'] = $this->content_html; zen_mail($audience->fields['customers_firstname'] . ' ' . $audience->fields['customers_lastname'], $audience->fields['customers_email_address'], $this->title, $this->content, STORE_NAME, EMAIL_FROM, $html_msg, 'newsletters'); echo zen_image(DIR_WS_ICONS . 'tick.gif', $audience->fields['customers_email_address']); //force output to the screen to show status indicator each time a message is sent... if (function_exists('ob_flush')) { @ob_flush(); } @flush(); $audience->MoveNext(); } $newsletter_id = zen_db_prepare_input($newsletter_id); $db->Execute("update " . TABLE_NEWSLETTERS . "\r\n set date_sent = now(), status = '1'\r\n where newsletters_id = '" . zen_db_input($newsletter_id) . "'"); return $records; //return number of records processed whether successful or not }
/** * @package ZenCart_Functions */ function zen_update_whos_online() { global $db; if ($_SESSION['customer_id']) { $wo_customer_id = $_SESSION['customer_id']; $customer_query = "select customers_firstname, customers_lastname\r\n from " . TABLE_CUSTOMERS . "\r\n where customers_id = '" . (int) $_SESSION['customer_id'] . "'"; $customer = $db->Execute($customer_query); $wo_full_name = $customer->fields['customers_firstname'] . ' ' . $customer->fields['customers_lastname']; } else { $wo_customer_id = ''; $wo_full_name = 'Guest'; } $wo_session_id = zen_session_id(); $wo_ip_address = $_SERVER['REMOTE_ADDR']; $wo_last_page_url = $_SERVER['REQUEST_URI']; $wo_user_agent = zen_db_prepare_input($_SERVER['HTTP_USER_AGENT']); $current_time = time(); $xx_mins_ago = $current_time - 900; // remove entries that have expired $sql = "delete from " . TABLE_WHOS_ONLINE . "\r\n where time_last_click < '" . $xx_mins_ago . "'"; $db->Execute($sql); $stored_customer_query = "select count(*) as count\r\n from " . TABLE_WHOS_ONLINE . "\r\n where session_id = '" . zen_db_input($wo_session_id) . "'"; $stored_customer = $db->Execute($stored_customer_query); if ($stored_customer->fields['count'] > 0) { $sql = "update " . TABLE_WHOS_ONLINE . "\r\n set customer_id = '" . (int) $wo_customer_id . "',\r\n full_name = '" . zen_db_input($wo_full_name) . "',\r\n ip_address = '" . zen_db_input($wo_ip_address) . "',\r\n time_last_click = '" . zen_db_input($current_time) . "',\r\n last_page_url = '" . zen_db_input($wo_last_page_url) . "',\r\n host_address = '" . zen_db_input($_SESSION['customers_host_address']) . "',\r\n user_agent = '" . zen_db_input($wo_user_agent) . "'\r\n where session_id = '" . zen_db_input($wo_session_id) . "'"; $db->Execute($sql); } else { $sql = "insert into " . TABLE_WHOS_ONLINE . "\r\n (customer_id, full_name, session_id, ip_address, time_entry,\r\n time_last_click, last_page_url, host_address, user_agent)\r\n values ('" . (int) $wo_customer_id . "', '" . zen_db_input($wo_full_name) . "', '" . zen_db_input($wo_session_id) . "', '" . zen_db_input($wo_ip_address) . "', '" . zen_db_input($current_time) . "', '" . zen_db_input($current_time) . "', '" . zen_db_input($wo_last_page_url) . "', '" . zen_db_input($_SESSION['customers_host_address']) . "', '" . zen_db_input($wo_user_agent) . "')"; $db->Execute($sql); } }
public function authentication() { if (!isset($_POST['admin_name']) || empty($_POST['admin_name']) || !isset($_POST['admin_pass']) || empty($_POST['admin_pass'])) { $this->authenticed = false; $this->addError('"name" and "password" invalid.'); } else { $admin_name = zen_db_prepare_input($_POST['admin_name']); $admin_pass = zen_db_prepare_input($_POST['admin_pass']); $sql = "select admin_id, admin_name, admin_pass from " . TABLE_ADMIN . " where admin_name = '" . zen_db_input($admin_name) . "'"; $result = $this->db->Execute($sql); if (isset($result->fields) && $admin_name == $result->fields['admin_name'] && zen_validate_password($admin_pass, $result->fields['admin_pass'])) { $this->authenticed = true; } else { if (!isset($result->fields) || !($admin_name == $result->fields['admin_name'])) { $this->authenticed = false; $this->addError('"name" invalid.'); } if (!isset($result->fields) || !zen_validate_password($admin_pass, $result->fields['admin_pass'])) { $this->authenticed = false; $this->addError('"password" invalid.'); } } } return $this->authenticed; }
/** * @package ZenCart_Functions */ function zen_update_whos_online() { global $gBitDb; if (!empty($_SESSION['customer_id'])) { $wo_customer_id = $_SESSION['customer_id']; $customer_query = "select `customers_firstname`, `customers_lastname`\n from " . TABLE_CUSTOMERS . "\n where `customers_id` = '" . (int) $_SESSION['customer_id'] . "'"; $customer = $gBitDb->Execute($customer_query); $wo_full_name = $customer->fields['customers_firstname'] . ' ' . $customer->fields['customers_lastname']; } else { $wo_customer_id = ''; $wo_full_name = 'Guest'; } $wo_session_id = zen_session_id(); $wo_ip_address = $_SERVER['REMOTE_ADDR']; $wo_last_page_url = $_SERVER['REQUEST_URI']; $wo_user_agent = !empty($_SERVER['HTTP_USER_AGENT']) ? zen_db_prepare_input($_SERVER['HTTP_USER_AGENT']) : '-'; $current_time = time(); $xx_mins_ago = $current_time - 900; // remove entries that have expired $sql = "delete from " . TABLE_WHOS_ONLINE . "\n where `time_last_click` < '" . $xx_mins_ago . "'"; $gBitDb->Execute($sql); $stored_customer_query = 'select count(*) as "count" from ' . TABLE_WHOS_ONLINE . "\n where `session_id` = '" . zen_db_input($wo_session_id) . "'"; $stored_customer = $gBitDb->Execute($stored_customer_query); if (empty($wo_customer_id)) { $wo_customer_id = NULL; } if ($stored_customer->fields['count'] > 0) { $sql = "update " . TABLE_WHOS_ONLINE . "\n set `customer_id` = ?, `full_name` = ?, `ip_address` = ?, `time_last_click` = ?, `last_page_url` = ?, `host_address` = ?, `user_agent` = ?\n where `session_id` = ?"; $gBitDb->query($sql, array($wo_customer_id, $wo_full_name, $wo_ip_address, $current_time, substr($wo_last_page_url, 0, 255), $_SESSION['customers_host_address'], substr($wo_user_agent, 0, 255), $wo_session_id)); } else { $sql = "insert into " . TABLE_WHOS_ONLINE . "\n (`customer_id`, `full_name`, `session_id`, `ip_address`, `time_entry`,\n `time_last_click`, `last_page_url`, `host_address`, `user_agent`)\n values ( ?, ?, ?, ?, ?, ?, ?, ?, ? )"; $gBitDb->query($sql, array($wo_customer_id, $wo_full_name, $wo_session_id, $wo_ip_address, $current_time, $current_time, $wo_last_page_url, $_SESSION['customers_host_address'], $wo_user_agent)); } }
function _sess_destroy($key) { global $db; $sql = "delete from " . TABLE_SESSIONS . " where sesskey = '" . zen_db_input($key) . "'"; $db->Execute($sql); return TRUE; }
function splitPageResults($query, $max_rows, $count_key = '*', $page_holder = 'page', $debug = false) { global $db; $max_rows = $max_rows == '' || $max_rows == 0 ? 20 : $max_rows; $this->sql_query = preg_replace("/\n\r|\r\n|\n|\r/", " ", $query); $this->page_name = $page_holder; if ($debug) { echo 'original_query=' . $query . '<br /><br />'; } if (isset($_GET[$page_holder])) { $page = $_GET[$page_holder]; } elseif (isset($_POST[$page_holder])) { $page = $_POST[$page_holder]; } else { $page = ''; } if (empty($page) || !is_numeric($page)) { $page = 1; } $this->current_page_number = $page; $this->number_of_rows_per_page = $max_rows; $pos_to = strlen($this->sql_query); $query_lower = strtolower($this->sql_query); $pos_from = strpos($query_lower, ' from', 0); $pos_group_by = strpos($query_lower, ' group by', $pos_from); if ($pos_group_by < $pos_to && $pos_group_by != false) { $pos_to = $pos_group_by; } $pos_having = strpos($query_lower, ' having', $pos_from); if ($pos_having < $pos_to && $pos_having != false) { $pos_to = $pos_having; } $pos_order_by = strpos($query_lower, ' order by', $pos_from); if ($pos_order_by < $pos_to && $pos_order_by != false) { $pos_to = $pos_order_by; } if (strpos($query_lower, 'distinct') || strpos($query_lower, 'group by')) { $count_string = 'distinct ' . zen_db_input($count_key); } else { $count_string = zen_db_input($count_key); } $count_query = "select count(" . $count_string . ") as total " . substr($this->sql_query, $pos_from, $pos_to - $pos_from); if ($debug) { echo 'count_query=' . $count_query . '<br /><br />'; } $count = $db->Execute($count_query); $this->number_of_rows = $count->fields['total']; $this->number_of_pages = ceil($this->number_of_rows / $this->number_of_rows_per_page); if ($this->current_page_number > $this->number_of_pages) { $this->current_page_number = $this->number_of_pages; } $offset = $this->number_of_rows_per_page * ($this->current_page_number - 1); // fix offset error on some versions if ($offset <= 0) { $offset = 0; } $this->sql_query .= " limit " . ($offset > 0 ? $offset . ", " : '') . $this->number_of_rows_per_page; }
function xsell_get_products_id($products_model) { $sql = "SELECT products_id FROM " . TABLE_PRODUCTS . " WHERE products_model='" . zen_db_input($products_model) . "'"; $result = mysql_query($sql); if (mysql_num_rows($result) == 0) { return null; } $row = mysql_fetch_array($result); return $row["products_id"]; }
function zen_get_languages_id_by_code($code) { global $db; $query = "\n select languages_id\n from " . TABLE_LANGUAGES . "\n where code like '" . zen_db_input($code) . "';"; $result = $db->Execute($query); if ($result->RecordCount() > 0) { return $result->fields['languages_id']; } return false; }
function query($order_id) { global $db; $order = $db->Execute("select cc_cvv, customers_name, customers_company, customers_street_address,\n customers_suburb, customers_city, customers_postcode, customers_id,\n customers_state, customers_country, customers_telephone,\n customers_email_address, customers_address_format_id, delivery_name,\n delivery_company, delivery_street_address, delivery_suburb,\n delivery_city, delivery_postcode, delivery_state, delivery_country,\n delivery_address_format_id, billing_name, billing_company,\n billing_street_address, billing_suburb, billing_city, billing_postcode,\n billing_state, billing_country, billing_address_format_id,\n coupon_code, payment_method, payment_module_code, shipping_method, shipping_module_code,\n cc_type, cc_owner, cc_number, cc_expires, currency,\n currency_value, date_purchased, orders_status, last_modified,\n order_total, order_tax, ip_address\n from " . TABLE_ORDERS . "\n where orders_id = '" . (int) $order_id . "'"); $totals = $db->Execute("select title, text, class, value\n from " . TABLE_ORDERS_TOTAL . "\n where orders_id = '" . (int) $order_id . "'\n order by sort_order"); while (!$totals->EOF) { if ($totals->fields['class'] == 'ot_coupon') { $coupon_link_query = "SELECT coupon_id\n from " . TABLE_COUPONS . "\n where coupon_code ='" . zen_db_input($order->fields['coupon_code']) . "'"; $coupon_link = $db->Execute($coupon_link_query); $zc_coupon_link = '<a href="javascript:couponpopupWindow(\'' . zen_catalog_href_link(FILENAME_POPUP_COUPON_HELP, 'cID=' . $coupon_link->fields['coupon_id']) . '\')">'; } $this->totals[] = array('title' => $totals->fields['class'] == 'ot_coupon' ? $zc_coupon_link . $totals->fields['title'] . '</a>' : $totals->fields['title'], 'text' => $totals->fields['text'], 'value' => $totals->fields['value'], 'class' => $totals->fields['class']); $totals->MoveNext(); } $this->info = array('currency' => $order->fields['currency'], 'currency_value' => $order->fields['currency_value'], 'payment_method' => $order->fields['payment_method'], 'payment_module_code' => $order->fields['payment_module_code'], 'shipping_method' => $order->fields['shipping_method'], 'shipping_module_code' => $order->fields['shipping_module_code'], 'coupon_code' => $order->fields['coupon_code'], 'cc_type' => $order->fields['cc_type'], 'cc_owner' => $order->fields['cc_owner'], 'cc_number' => $order->fields['cc_number'], 'cc_cvv' => $order->fields['cc_cvv'], 'cc_expires' => $order->fields['cc_expires'], 'date_purchased' => $order->fields['date_purchased'], 'orders_status' => $order->fields['orders_status'], 'total' => $order->fields['order_total'], 'tax' => $order->fields['order_tax'], 'last_modified' => $order->fields['last_modified'], 'ip_address' => $order->fields['ip_address']); $this->customer = array('name' => $order->fields['customers_name'], 'id' => $order->fields['customers_id'], 'company' => $order->fields['customers_company'], 'street_address' => $order->fields['customers_street_address'], 'suburb' => $order->fields['customers_suburb'], 'city' => $order->fields['customers_city'], 'postcode' => $order->fields['customers_postcode'], 'state' => $order->fields['customers_state'], 'country' => $order->fields['customers_country'], 'format_id' => $order->fields['customers_address_format_id'], 'telephone' => $order->fields['customers_telephone'], 'email_address' => $order->fields['customers_email_address']); $this->delivery = array('name' => $order->fields['delivery_name'], 'company' => $order->fields['delivery_company'], 'street_address' => $order->fields['delivery_street_address'], 'suburb' => $order->fields['delivery_suburb'], 'city' => $order->fields['delivery_city'], 'postcode' => $order->fields['delivery_postcode'], 'state' => $order->fields['delivery_state'], 'country' => $order->fields['delivery_country'], 'format_id' => $order->fields['delivery_address_format_id']); $this->billing = array('name' => $order->fields['billing_name'], 'company' => $order->fields['billing_company'], 'street_address' => $order->fields['billing_street_address'], 'suburb' => $order->fields['billing_suburb'], 'city' => $order->fields['billing_city'], 'postcode' => $order->fields['billing_postcode'], 'state' => $order->fields['billing_state'], 'country' => $order->fields['billing_country'], 'format_id' => $order->fields['billing_address_format_id']); $index = 0; $orders_products = $db->Execute("select orders_products_id, products_id, products_name, products_model,\n products_price, products_tax, products_quantity,\n final_price, onetime_charges,\n product_is_free\n from " . TABLE_ORDERS_PRODUCTS . "\n where orders_id = '" . (int) $order_id . "'\n order by orders_products_id"); while (!$orders_products->EOF) { // convert quantity to proper decimals - account history if (QUANTITY_DECIMALS != 0) { $fix_qty = $orders_products->fields['products_quantity']; switch (true) { case !strstr($fix_qty, '.'): $new_qty = $fix_qty; break; default: $new_qty = preg_replace('/[0]+$/', '', $orders_products->fields['products_quantity']); break; } } else { $new_qty = $orders_products->fields['products_quantity']; } $new_qty = round($new_qty, QUANTITY_DECIMALS); if ($new_qty == (int) $new_qty) { $new_qty = (int) $new_qty; } $this->products[$index] = array('qty' => $new_qty, 'id' => $orders_products->fields['products_id'], 'name' => $orders_products->fields['products_name'], 'model' => $orders_products->fields['products_model'], 'tax' => $orders_products->fields['products_tax'], 'price' => $orders_products->fields['products_price'], 'onetime_charges' => $orders_products->fields['onetime_charges'], 'final_price' => $orders_products->fields['final_price'], 'product_is_free' => $orders_products->fields['product_is_free']); $subindex = 0; // START "Stock by Attributes" added to array products_options_values_id and 'value_id' => $attributes->fields['products_options_values_id'], $attributes = $db->Execute("select products_options, products_options_values, options_values_price,\n price_prefix, products_options_values_id,\n product_attribute_is_free\n from " . TABLE_ORDERS_PRODUCTS_ATTRIBUTES . "\n where orders_id = '" . (int) $order_id . "'\n and orders_products_id = '" . (int) $orders_products->fields['orders_products_id'] . "'"); if ($attributes->RecordCount() > 0) { while (!$attributes->EOF) { $this->products[$index]['attributes'][$subindex] = array('option' => $attributes->fields['products_options'], 'value' => $attributes->fields['products_options_values'], 'value_id' => $attributes->fields['products_options_values_id'], 'prefix' => $attributes->fields['price_prefix'], 'price' => $attributes->fields['options_values_price'], 'product_attribute_is_free' => $attributes->fields['product_attribute_is_free']); // END "Stock by Attributes" $subindex++; $attributes->MoveNext(); } } $index++; $orders_products->MoveNext(); } }
function manufacturerExists($pManufacturersId) { global $gBitDb; $ret = NULL; if (is_numeric($pManufacturersId)) { $sql = "SELECT COUNT(*) as `total`\n\t\t\t\t\tFROM " . TABLE_MANUFACTURERS . "\n\t\t\t\t\tWHERE `manufacturers_id` = '" . zen_db_input($pManufacturersId) . "'"; $rs = $gBitDb->Execute($sql); $ret = !empty($rs['fields']['total']); } return $ret; }
function zen_set_ezpage_status($pages_id, $status, $status_field) { global $db; if ($status == '1') { return $db->Execute("update " . TABLE_EZPAGES . " set " . zen_db_input($status_field) . " = '0' where pages_id = '" . (int) $pages_id . "'"); } elseif ($status == '0') { return $db->Execute("update " . TABLE_EZPAGES . " set " . zen_db_input($status_field) . " = '1' where pages_id = '" . (int) $pages_id . "'"); } else { return -1; } }
function zen_visitors_update_visitors_data($customers_id, $customers_email_address) { global $db; $customers_id = zen_db_prepare_input($customers_id); $customers_email_address = zen_db_prepare_input($customers_email_address); $check_email = $db->Execute("select customers_email_address\r\n from " . TABLE_CUSTOMERS . "\r\n where customers_email_address = '" . zen_db_input($customers_email_address) . "'\r\n and customers_id != '" . (int) $customers_id . "'"); if (!$check_email->RecordCount()) { $sql_data_array = array('visitors_email_address' => $customers_email_address, 'visitors_info_date_account_last_modified' => 'now()'); zen_db_perform(TABLE_VISITORS, $sql_data_array, 'update', "visitors_id = '" . (int) $customers_id . "'"); } }
function zen_get_languages_directory($code) { global $db; $language = $db->Execute("select languages_id, directory \n from " . TABLE_LANGUAGES . " \n where code = '" . zen_db_input($code) . "'"); if ($language->RecordCount() > 0) { $_SESSION['languages_id'] = $language->fields['languages_id']; return $language->fields['directory']; } else { return false; } }
function splitPageResults($query, $max_rows, $count_key = '*', $page_holder = 'page', $debug = false) { global $gBitDb; $this->sql_query = $query; $this->page_name = $page_holder; //lower case query to search for string positions $searchQuery = strtolower($query); if (isset($_GET[$page_holder])) { $page = $_GET[$page_holder]; } elseif (isset($_POST[$page_holder])) { $page = $_POST[$page_holder]; } else { $page = ''; } if (empty($page) || !is_numeric($page)) { $page = 1; } $this->current_page_number = $page; $this->number_of_rows_per_page = $max_rows; $pos_to = strlen($this->sql_query); $pos_from = strpos($searchQuery, ' from', 0); $pos_group_by = strpos($searchQuery, ' group by', $pos_from); if ($pos_group_by < $pos_to && $pos_group_by != false) { $pos_to = $pos_group_by; } $pos_having = strpos($searchQuery, ' having', $pos_from); if ($pos_having < $pos_to && $pos_having != false) { $pos_to = $pos_having; } $pos_order_by = strpos($searchQuery, ' order by', $pos_from); if ($pos_order_by < $pos_to && $pos_order_by != false) { $pos_to = $pos_order_by; } if (strpos($searchQuery, 'distinct') || strpos($searchQuery, 'group by')) { $count_string = 'distinct ' . zen_db_input($count_key); } else { $count_string = zen_db_input($count_key); } $count_query = "select count(" . $count_string . ") as `total` " . substr($searchQuery, $pos_from, $pos_to - $pos_from); $count = $gBitDb->Execute($count_query); $this->number_of_rows = $count->fields['total']; $this->number_of_pages = ceil($this->number_of_rows / $this->number_of_rows_per_page); if ($this->current_page_number > $this->number_of_pages) { $this->current_page_number = $this->number_of_pages; } $offset = $this->number_of_rows_per_page * ($this->current_page_number - 1); // fix offset error on some versions if ($offset < 0) { $offset = 0; } $this->offset = $offset; }
function _install() { global $db; // トップメニューの構築 // 存在しない場合に自動で作成 $sql = "create table if not exists " . TABLE_EASY_ADMIN_TOP_MENUS . " " . "(easy_admin_top_menu_id int(11) auto_increment" . ",easy_admin_top_menu_name varchar(255)" . ",is_dropdown int(1)" . ",easy_admin_top_menu_sort_order int(11)" . ",primary key (easy_admin_top_menu_id))"; $db->execute($sql); $sql = "delete from " . TABLE_EASY_ADMIN_TOP_MENUS; $db->execute($sql); $topmenu = 1; for (;;) { $key = 'MODULE_EASY_ADMIN_TOP_DEFAULT_MENU_' . $topmenu; if (defined($key)) { $menu = explode(",", constant($key)); $sql = "insert into " . TABLE_EASY_ADMIN_TOP_MENUS . " " . "(easy_admin_top_menu_id,easy_admin_top_menu_name,is_dropdown,easy_admin_top_menu_sort_order)" . "values (" . $topmenu . "," . "'" . zen_db_input($menu[0]) . "'," . (int) $menu[1] . "," . (int) topmenu . ")"; $db->execute($sql); $topmenu++; } else { break; } } // サブメニューの構築 // 存在しない場合に自動で作成 $sql = "create table if not exists " . TABLE_EASY_ADMIN_SUB_MENUS . " " . "(easy_admin_sub_menu_id int(11) auto_increment" . ",easy_admin_top_menu_id int(11)" . ",easy_admin_sub_menu_name varchar(255)" . ",easy_admin_sub_menu_url varchar(255)" . ",easy_admin_sub_menu_sort_order int(11)" . ",primary key (easy_admin_sub_menu_id))"; $db->execute($sql); $sql = "delete from " . TABLE_EASY_ADMIN_SUB_MENUS; $db->execute($sql); $topmenu = 1; for (;;) { if (!defined('MODULE_EASY_ADMIN_TOP_DEFAULT_MENU_' . $topmenu)) { break; } $key = 'MODULE_EASY_ADMIN_SUB_DEFAULT_MENU_' . $topmenu; if (defined($key . "_1")) { $submenu = 1; for (;;) { $subkey = $key . "_" . $submenu; if (defined($subkey)) { $menu = explode(",", constant($subkey)); $sql = "insert into " . TABLE_EASY_ADMIN_SUB_MENUS . " " . "(easy_admin_top_menu_id,easy_admin_sub_menu_name,easy_admin_sub_menu_url,easy_admin_sub_menu_sort_order)" . "values (" . $topmenu . "," . "'" . zen_db_input($menu[0]) . "'," . "'" . zen_db_input($menu[1]) . "'," . $submenu . ")"; $db->execute($sql); $submenu++; } else { break; } } } $topmenu++; } $sql = "create table if not exists " . TABLE_ADMIN_ACL . " " . "(acl_id int(11) auto_increment," . "admin_id int(11)," . "easy_admin_top_menu_id int(11)," . "easy_admin_sub_menu_id int(11)," . "primary key (acl_id)" . ")"; $db->execute($sql); }
function zen_set_ezpage_status($pages_id, $status, $status_field) { global $db; if ($status == '1') { zen_record_admin_activity('EZ-Page ID ' . (int) $pages_id . ' [' . $status_field . '] changed to 0', 'info'); return $db->Execute("update " . TABLE_EZPAGES . " set " . zen_db_input($status_field) . " = '0' where pages_id = '" . (int) $pages_id . "'"); } elseif ($status == '0') { zen_record_admin_activity('EZ-Page ID ' . (int) $pages_id . ' [' . $status_field . '] changed to 1', 'info'); return $db->Execute("update " . TABLE_EZPAGES . " set " . zen_db_input($status_field) . " = '1' where pages_id = '" . (int) $pages_id . "'"); } else { return -1; } }
function zen_remove_link_category($link_category_id) { global $db; $link_category_image = $db->Execute("select link_categories_image from " . TABLE_LINK_CATEGORIES . " where link_categories_id = '" . (int) $link_category_id . "'"); $duplicate_image = $db->Execute("select count(*) as total from " . TABLE_LINK_CATEGORIES . " where link_categories_image = '" . zen_db_input($link_category_image->fields['link_categories_image']) . "'"); if ($duplicate_image->fields['total'] < 2) { if (file_exists(DIR_FS_CATALOG_IMAGES . $link_category_image->fields['link_categories_image'])) { @unlink(DIR_FS_CATALOG_IMAGES . $link_category_image->fields['link_categories_image']); } } $db->Execute("delete from " . TABLE_LINK_CATEGORIES . " where link_categories_id = '" . (int) $link_category_id . "'"); $db->Execute("delete from " . TABLE_LINK_CATEGORIES_DESCRIPTION . " where link_categories_id = '" . (int) $link_category_id . "'"); $db->Execute("delete from " . TABLE_LINKS_TO_LINK_CATEGORIES . " where link_categories_id = '" . (int) $link_category_id . "'"); }
public function recordFirstStep($orderId, $paramsSAR, $responseSAR) { global $db; $datetime = new DateTime('NOW'); if ($this->_getStep($orderId) == self::FIRST_STEP) { $requestKey = $responseSAR['RequestKey']; $publicRequestKey = $responseSAR['PublicRequestKey']; $query = "UPDATE todopago_transaccion SET first_step = '" . $datetime->format('Y-m-d H:i:s') . "', params_SAR = '" . zen_db_input(zen_db_prepare_input(json_encode($paramsSAR))) . "', response_SAR = '" . zen_db_input(zen_db_prepare_input(json_encode($responseSAR))) . "', request_key = '" . zen_db_input(zen_db_prepare_input($requestKey)) . "', public_request_key = '" . zen_db_input(zen_db_prepare_input($publicRequestKey)) . "' WHERE id_orden = " . $orderId; $db->Execute($query); return $query; } else { return 0; } }
function _install() { global $db; // カラーテーブルの構築 // 存在しない場合に自動で作成 $sql = "create table if not exists " . TABLE_EASY_DESIGN_COLORS . " " . "(easy_design_color_id int(11) auto_increment" . ",template_dir varchar(255)" . ",easy_design_color_key varchar(255)" . ",easy_design_color_name text" . ",easy_design_color_value text" . ",primary key (easy_design_color_id)" . ",index (template_dir)" . ",index (easy_design_color_key))"; $db->execute($sql); // 文言テーブルの構築 // 存在しない場合に自動で作成 $sql = "create table if not exists " . TABLE_EASY_DESIGN_LANGUAGES . " " . "(easy_design_language_id int(11) auto_increment" . ",language_id int(11)" . ",easy_design_language_key varchar(255)" . ",easy_design_language_name text" . ",easy_design_language_value text" . ",easy_design_language_sort_order int(11)" . ",primary key (easy_design_language_id)" . ",index (easy_design_language_key))"; $db->execute($sql); $sql = "insert into " . TABLE_EASY_DESIGN_LANGUAGES . " " . "(language_id" . ",easy_design_language_key" . ",easy_design_language_name" . ",easy_design_language_value" . ",easy_design_language_sort_order) " . "values" . "(2" . ",'" . EASY_DESIGN_KEY_TAGLINE . "'" . ",'" . zen_db_input(EASY_DESIGN_TAGLINE_NAME) . "'" . ",'" . zen_db_input(EASY_DESIGN_TAGLINE_VALUE) . "'" . ",1)"; $db->execute($sql); $sql = "insert into " . TABLE_EASY_DESIGN_LANGUAGES . " " . "(language_id" . ",easy_design_language_key" . ",easy_design_language_name" . ",easy_design_language_value" . ",easy_design_language_sort_order) " . "values" . "(2" . ",'" . EASY_DESIGN_KEY_COPYLIGHT . "'" . ",'" . zen_db_input(EASY_DESIGN_COPYLIGHT_NAME) . "'" . ",'" . zen_db_input(EASY_DESIGN_COPYLIGHT_VALUE) . "'" . ",2)"; $db->execute($sql); }
/** * zen_update_whos_online */ function zen_update_whos_online() { global $db; if (isset($_SESSION['customer_id']) && $_SESSION['customer_id']) { $wo_customer_id = $_SESSION['customer_id']; $customer_query = "select customers_firstname, customers_lastname\n from " . TABLE_CUSTOMERS . "\n where customers_id = '" . (int) $_SESSION['customer_id'] . "'"; $customer = $db->Execute($customer_query); $wo_full_name = $customer->fields['customers_lastname'] . ', ' . $customer->fields['customers_firstname']; } else { $wo_customer_id = ''; $wo_full_name = '¥' . 'Guest'; } $wo_session_id = zen_session_id(); $wo_ip_address = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : 'Unknown'; $wo_user_agent = substr(zen_db_prepare_input($_SERVER['HTTP_USER_AGENT']), 0, 254); $_SERVER['QUERY_STRING'] = isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'] != '' ? $_SERVER['QUERY_STRING'] : zen_get_all_get_params(); if (isset($_SERVER['REQUEST_URI'])) { $uri = $_SERVER['REQUEST_URI']; } else { if (isset($_SERVER['QUERY_STRING'])) { $uri = $_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING']; } else { $uri = $_SERVER['PHP_SELF'] . '?' . $_SERVER['argv'][0]; } } if (substr($uri, -1) == '?') { $uri = substr($uri, 0, strlen($uri) - 1); } $wo_last_page_url = zen_not_null($uri) ? substr($uri, 0, 254) : 'Unknown'; $current_time = time(); $xx_mins_ago = $current_time - 900; // remove entries that have expired $sql = "delete from " . TABLE_WHOS_ONLINE . "\n where time_last_click < '" . $xx_mins_ago . "'"; $db->Execute($sql); $stored_customer_query = "select count(*) as count\n from " . TABLE_WHOS_ONLINE . "\n where session_id = '" . zen_db_input($wo_session_id) . "' and ip_address='" . zen_db_input($wo_ip_address) . "'"; $stored_customer = $db->Execute($stored_customer_query); if (empty($wo_session_id)) { $wo_full_name = '¥' . 'Spider'; } if ($stored_customer->fields['count'] > 0) { $sql = "update " . TABLE_WHOS_ONLINE . "\n set customer_id = '" . (int) $wo_customer_id . "',\n full_name = '" . zen_db_input($wo_full_name) . "',\n ip_address = '" . zen_db_input($wo_ip_address) . "',\n time_last_click = '" . zen_db_input($current_time) . "',\n last_page_url = '" . zen_db_input($wo_last_page_url) . "',\n host_address = '" . zen_db_input($_SESSION['customers_host_address']) . "',\n user_agent = '" . zen_db_input($wo_user_agent) . "'\n where session_id = '" . zen_db_input($wo_session_id) . "' and ip_address='" . zen_db_input($wo_ip_address) . "'"; $db->Execute($sql); } else { $sql = "insert into " . TABLE_WHOS_ONLINE . "\n (customer_id, full_name, session_id, ip_address, time_entry,\n time_last_click, last_page_url, host_address, user_agent)\n values ('" . (int) $wo_customer_id . "', '" . zen_db_input($wo_full_name) . "', '" . zen_db_input($wo_session_id) . "', '" . zen_db_input($wo_ip_address) . "', '" . zen_db_input($current_time) . "', '" . zen_db_input($current_time) . "', '" . zen_db_input($wo_last_page_url) . "', '" . zen_db_input($_SESSION['customers_host_address']) . "', '" . zen_db_input($wo_user_agent) . "')"; $db->Execute($sql); } }
function update_zaiko() { global $db; if (!isset($_POST['product'])) { echo ZAIKOROBOT_STATUS_NG . "\n"; echo ZAIKOROBOT_ERROR_MSG_NOQUERY . "\n"; return; } $error = false; foreach ($_POST['product'] as $key => $val) { $find = false; if (MODULE_PRODUCTS_WITH_ATTRIBUTES_STOCK_STATUS == 'true') { // SKU型番確認 $sql = "select\n stock_id\n ,products_id\n from " . TABLE_PRODUCTS_WITH_ATTRIBUTES_STOCK . "\n where\n skumodel='" . zen_db_input($val['product_code']) . "'"; $result = $db->Execute($sql); if (!$result->EOF) { $find = true; // 存在したので在庫更新 $sql = "update " . TABLE_PRODUCTS_WITH_ATTRIBUTES_STOCK . "\n set\n quantity=" . (int) $val['stock'] . "\n where\n stock_id=" . (int) $result->fields['stock_id']; $db->Execute($sql); // 親の在庫を修正する $sql = "update " . TABLE_PRODUCTS . "\n set\n products_quantity=(\n select sum(quantity)\n from " . TABLE_PRODUCTS_WITH_ATTRIBUTES_STOCK . "\n where products_id=" . (int) $result->fields['products_id'] . "\n )\n where\n products_id=" . (int) $result->fields['products_id']; $db->Execute($sql); } } // SKUに一致しないので、通常商品 if (!$find) { $sql = "select\n products_id\n from " . TABLE_PRODUCTS . "\n where\n products_model='" . zen_db_input($val['product_code']) . "'"; $result = $db->Execute($sql); // 検索したが存在しない商品だった if ($result->EOF) { if ($error == false) { $error = true; echo ZAIKOROBOT_STATUS_NG . "\n"; } echo sprintf(ZAIKOROBOT_ERROR_MSG_PRODUCT_UNKNOWN, $val['product_code']) . "\n"; } else { $sql = "update " . TABLE_PRODUCTS . "\n set\n products_quantity=" . (int) $val['stock'] . "\n where\n products_id=" . (int) $result->fields['products_id']; $db->Execute($sql); } } } if ($error == false) { echo ZAIKOROBOT_STATUS_OK . "\n"; } }
public static function getList(&$pListHash) { global $gBitDb; $sql = "SELECT c.`categories_id`, cd.`categories_name`, cd.`categories_description`, c.`categories_image`, c.`parent_id`, c.`sort_order`, c.`date_added`, c.`last_modified`, c.`categories_status`\n\t\t\t\tFROM " . TABLE_CATEGORIES . " c, " . TABLE_CATEGORIES_DESCRIPTION . " cd\n\t\t\t\tWHERE c.`categories_id` = cd.`categories_id` AND cd.`language_id` = ?"; $bindVars = array((int) $_SESSION['languages_id']); if (!empty($pListHash['search'])) { $sql .= "and LOWER( cd.`categories_name` ) LIKE ?"; $bindVars[] = '%' . strtolower(zen_db_input($pListHash['search'])) . '%'; } if (!empty($pListHash['parent_id'])) { $sql .= " AND c.`parent_id` = ?"; $bindVars[] = $pListHash['parent_id']; } $sql .= "ORDER BY c.`sort_order`, cd.`categories_name`"; if ($ret = $gBitDb->getAssoc($sql, $bindVars)) { } return $ret; }
/** * @package admin * @copyright Copyright 2003-2011 Zen Cart Development Team * @copyright Portions Copyright 2003 osCommerce * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0 * @version $Id: database.php 18695 2011-05-04 05:24:19Z drbyte $ */ function zen_db_perform($table, $data, $action = 'insert', $parameters = '', $link = 'db_link') { global $db; reset($data); if ($action == 'insert') { $query = 'insert into ' . $table . ' ('; while (list($columns, ) = each($data)) { $query .= $columns . ', '; } $query = substr($query, 0, -2) . ') values ('; reset($data); while (list(, $value) = each($data)) { switch ((string) $value) { case 'now()': $query .= 'now(), '; break; case 'null': $query .= 'null, '; break; default: $query .= '\'' . zen_db_input($value) . '\', '; break; } } $query = substr($query, 0, -2) . ')'; } elseif ($action == 'update') { $query = 'update ' . $table . ' set '; while (list($columns, $value) = each($data)) { switch ((string) $value) { case 'now()': $query .= $columns . ' = now(), '; break; case 'null': $query .= $columns .= ' = null, '; break; default: $query .= $columns . ' = \'' . zen_db_input($value) . '\', '; break; } } $query = substr($query, 0, -2) . ' where ' . $parameters; } return $db->Execute($query); }
function update(&$class, $eventID, $paramsArray) { if (FEC_DROP_DOWN == 'true' || FEC_GIFT_MESSAGE == 'true') { global $db; // find out the last order number generated for this customer account $orders_query = "SELECT * FROM " . TABLE_ORDERS . "\n WHERE customers_id = :customersID\n ORDER BY date_purchased DESC LIMIT 1"; $orders_query = $db->bindVars($orders_query, ':customersID', $_SESSION['customer_id'], 'integer'); $orders = $db->Execute($orders_query); $orders_id = $orders->fields['orders_id']; // use order-id generated by the actual order process // this uses the SESSION orders_id, or if doesn't exist, grabs most recent order # for this cust (needed for paypal et al). // Needs reworking in v1.4 for checkout-rewrite $zv_orders_id = isset($_SESSION['order_number_created']) && $_SESSION['order_number_created'] >= 1 ? $_SESSION['order_number_created'] : $orders_id; $orders_id = $zv_orders_id; // get the value of the selected dropdown $dropdown = zen_db_input($_SESSION['dropdown']); $gift_message = zen_db_input($_SESSION['gift-message']); // add selected dropdown option to the orders table $db->Execute("UPDATE " . TABLE_ORDERS . "\n SET dropdown = '" . $dropdown . "',\n gift_message = '" . $gift_message . "'\n WHERE orders_id = " . $orders_id . "\n LIMIT 1"); // unset the dropdown session unset($_SESSION['dropdown']); unset($_SESSION['gift-message']); } }
function create_add_products($zf_insert_id, $zf_mode = false) { global $db, $currencies, $order_total_modules, $order_totals; // initialized for the email confirmation $this->products_ordered = ''; $this->products_ordered_html = ''; $this->subtotal = 0; $this->total_tax = 0; // lowstock email report $this->email_low_stock = ''; for ($i = 0, $n = sizeof($this->products); $i < $n; $i++) { $custom_insertable_text = ''; $this->doStockDecrement = STOCK_LIMITED == 'true'; $this->notify('NOTIFY_ORDER_PROCESSING_STOCK_DECREMENT_INIT', array('i' => $i), $this->products[$i], $i); // Stock Update - Joao Correia if ($this->doStockDecrement) { if (DOWNLOAD_ENABLED == 'true') { $stock_query_raw = "select p.products_quantity, pad.products_attributes_filename, p.product_is_always_free_shipping\n from " . TABLE_PRODUCTS . " p\n left join " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n on p.products_id=pa.products_id\n left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n on pa.products_attributes_id=pad.products_attributes_id\n WHERE p.products_id = '" . zen_get_prid($this->products[$i]['id']) . "'"; // Will work with only one option for downloadable products // otherwise, we have to build the query dynamically with a loop $products_attributes = $this->products[$i]['attributes']; if (is_array($products_attributes)) { $stock_query_raw .= " AND pa.options_id = '" . $products_attributes[0]['option_id'] . "' AND pa.options_values_id = '" . $products_attributes[0]['value_id'] . "'"; } $stock_values = $db->Execute($stock_query_raw, false, false, 0, true); } else { $stock_values = $db->Execute("select * from " . TABLE_PRODUCTS . " where products_id = '" . zen_get_prid($this->products[$i]['id']) . "'", false, false, 0, true); } $this->notify('NOTIFY_ORDER_PROCESSING_STOCK_DECREMENT_BEGIN', $i, $stock_values); if ($stock_values->RecordCount() > 0) { // do not decrement quantities if products_attributes_filename exists if (DOWNLOAD_ENABLED != 'true' || $stock_values->fields['product_is_always_free_shipping'] == 2 || !$stock_values->fields['products_attributes_filename']) { $stock_left = $stock_values->fields['products_quantity'] - $this->products[$i]['qty']; $this->products[$i]['stock_reduce'] = $this->products[$i]['qty']; } else { $stock_left = $stock_values->fields['products_quantity']; } // $this->products[$i]['stock_value'] = $stock_values->fields['products_quantity']; $db->Execute("update " . TABLE_PRODUCTS . " set products_quantity = '" . $stock_left . "' where products_id = '" . zen_get_prid($this->products[$i]['id']) . "'"); // if ( ($stock_left < 1) && (STOCK_ALLOW_CHECKOUT == 'false') ) { if ($stock_left <= 0) { // only set status to off when not displaying sold out if (SHOW_PRODUCTS_SOLD_OUT == '0') { $db->Execute("update " . TABLE_PRODUCTS . " set products_status = 0 where products_id = '" . zen_get_prid($this->products[$i]['id']) . "'"); } } // for low stock email if ($stock_left <= STOCK_REORDER_LEVEL) { // WebMakers.com Added: add to low stock email $this->email_low_stock .= 'ID# ' . zen_get_prid($this->products[$i]['id']) . "\t\t" . $this->products[$i]['model'] . "\t\t" . $this->products[$i]['name'] . "\t\t" . ' Qty Left: ' . $stock_left . "\n"; } } } // Update products_ordered (for bestsellers list) $this->bestSellersUpdate = TRUE; $this->notify('NOTIFY_ORDER_PROCESSING_BESTSELLERS_UPDATE', array(), $this->products[$i], $i); if ($this->bestSellersUpdate) { $db->Execute("update " . TABLE_PRODUCTS . " set products_ordered = products_ordered + " . sprintf('%f', $this->products[$i]['qty']) . " where products_id = '" . zen_get_prid($this->products[$i]['id']) . "'"); } $this->notify('NOTIFY_ORDER_PROCESSING_STOCK_DECREMENT_END', $i); $sql_data_array = array('orders_id' => $zf_insert_id, 'products_id' => zen_get_prid($this->products[$i]['id']), 'products_model' => $this->products[$i]['model'], 'products_name' => $this->products[$i]['name'], 'products_price' => $this->products[$i]['price'], 'final_price' => $this->products[$i]['final_price'], 'onetime_charges' => $this->products[$i]['onetime_charges'], 'products_tax' => $this->products[$i]['tax'], 'products_quantity' => $this->products[$i]['qty'], 'products_priced_by_attribute' => $this->products[$i]['products_priced_by_attribute'], 'product_is_free' => $this->products[$i]['product_is_free'], 'products_discount_type' => $this->products[$i]['products_discount_type'], 'products_discount_type_from' => $this->products[$i]['products_discount_type_from'], 'products_prid' => $this->products[$i]['id']); zen_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array); $order_products_id = $db->Insert_ID(); $this->notify('NOTIFY_ORDER_DURING_CREATE_ADDED_PRODUCT_LINE_ITEM', array_merge(array('orders_products_id' => $order_products_id, 'i' => $i), $sql_data_array), $order_products_id); $this->notify('NOTIFY_ORDER_PROCESSING_CREDIT_ACCOUNT_UPDATE_BEGIN'); $order_total_modules->update_credit_account($i); //ICW ADDED FOR CREDIT CLASS SYSTEM $this->notify('NOTIFY_ORDER_PROCESSING_ATTRIBUTES_BEGIN'); //------ bof: insert customer-chosen options to order-------- $attributes_exist = '0'; $this->products_ordered_attributes = ''; if (isset($this->products[$i]['attributes'])) { $attributes_exist = '1'; for ($j = 0, $n2 = sizeof($this->products[$i]['attributes']); $j < $n2; $j++) { if (DOWNLOAD_ENABLED == 'true') { $attributes_query = "select popt.products_options_name, poval.products_options_values_name,\n pa.options_values_price, pa.price_prefix,\n pa.product_attribute_is_free, pa.products_attributes_weight, pa.products_attributes_weight_prefix,\n pa.attributes_discounted, pa.attributes_price_base_included, pa.attributes_price_onetime,\n pa.attributes_price_factor, pa.attributes_price_factor_offset,\n pa.attributes_price_factor_onetime, pa.attributes_price_factor_onetime_offset,\n pa.attributes_qty_prices, pa.attributes_qty_prices_onetime,\n pa.attributes_price_words, pa.attributes_price_words_free,\n pa.attributes_price_letters, pa.attributes_price_letters_free,\n pad.products_attributes_maxdays, pad.products_attributes_maxcount, pad.products_attributes_filename\n from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n on pa.products_attributes_id=pad.products_attributes_id\n where pa.products_id = '" . zen_db_input($this->products[$i]['id']) . "'\n and pa.options_id = '" . $this->products[$i]['attributes'][$j]['option_id'] . "'\n and pa.options_id = popt.products_options_id\n and pa.options_values_id = '" . $this->products[$i]['attributes'][$j]['value_id'] . "'\n and pa.options_values_id = poval.products_options_values_id\n and popt.language_id = '" . $_SESSION['languages_id'] . "'\n and poval.language_id = '" . $_SESSION['languages_id'] . "'"; $attributes_values = $db->Execute($attributes_query); } else { $attributes_values = $db->Execute("select popt.products_options_name, poval.products_options_values_name,\n pa.options_values_price, pa.price_prefix,\n pa.product_attribute_is_free, pa.products_attributes_weight, pa.products_attributes_weight_prefix,\n pa.attributes_discounted, pa.attributes_price_base_included, pa.attributes_price_onetime,\n pa.attributes_price_factor, pa.attributes_price_factor_offset,\n pa.attributes_price_factor_onetime, pa.attributes_price_factor_onetime_offset,\n pa.attributes_qty_prices, pa.attributes_qty_prices_onetime,\n pa.attributes_price_words, pa.attributes_price_words_free,\n pa.attributes_price_letters, pa.attributes_price_letters_free\n from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n where pa.products_id = '" . $this->products[$i]['id'] . "' and pa.options_id = '" . (int) $this->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . (int) $this->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $_SESSION['languages_id'] . "' and poval.language_id = '" . $_SESSION['languages_id'] . "'"); } //clr 030714 update insert query. changing to use values form $order->products for products_options_values. $sql_data_array = array('orders_id' => $zf_insert_id, 'orders_products_id' => $order_products_id, 'products_options' => $attributes_values->fields['products_options_name'], 'products_options_values' => $this->products[$i]['attributes'][$j]['value'], 'options_values_price' => $attributes_values->fields['options_values_price'], 'price_prefix' => $attributes_values->fields['price_prefix'], 'product_attribute_is_free' => $attributes_values->fields['product_attribute_is_free'], 'products_attributes_weight' => $attributes_values->fields['products_attributes_weight'], 'products_attributes_weight_prefix' => $attributes_values->fields['products_attributes_weight_prefix'], 'attributes_discounted' => $attributes_values->fields['attributes_discounted'], 'attributes_price_base_included' => $attributes_values->fields['attributes_price_base_included'], 'attributes_price_onetime' => $attributes_values->fields['attributes_price_onetime'], 'attributes_price_factor' => $attributes_values->fields['attributes_price_factor'], 'attributes_price_factor_offset' => $attributes_values->fields['attributes_price_factor_offset'], 'attributes_price_factor_onetime' => $attributes_values->fields['attributes_price_factor_onetime'], 'attributes_price_factor_onetime_offset' => $attributes_values->fields['attributes_price_factor_onetime_offset'], 'attributes_qty_prices' => $attributes_values->fields['attributes_qty_prices'], 'attributes_qty_prices_onetime' => $attributes_values->fields['attributes_qty_prices_onetime'], 'attributes_price_words' => $attributes_values->fields['attributes_price_words'], 'attributes_price_words_free' => $attributes_values->fields['attributes_price_words_free'], 'attributes_price_letters' => $attributes_values->fields['attributes_price_letters'], 'attributes_price_letters_free' => $attributes_values->fields['attributes_price_letters_free'], 'products_options_id' => (int) $this->products[$i]['attributes'][$j]['option_id'], 'products_options_values_id' => (int) $this->products[$i]['attributes'][$j]['value_id'], 'products_prid' => $this->products[$i]['id']); zen_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array); $opa_insert_id = $db->insert_ID(); $this->notify('NOTIFY_ORDER_DURING_CREATE_ADDED_ATTRIBUTE_LINE_ITEM', array_merge(array('orders_products_attributes_id' => $opa_insert_id), $sql_data_array), $opa_insert_id); if (DOWNLOAD_ENABLED == 'true' && isset($attributes_values->fields['products_attributes_filename']) && zen_not_null($attributes_values->fields['products_attributes_filename'])) { $sql_data_array = array('orders_id' => $zf_insert_id, 'orders_products_id' => $order_products_id, 'orders_products_filename' => $attributes_values->fields['products_attributes_filename'], 'download_maxdays' => $attributes_values->fields['products_attributes_maxdays'], 'download_count' => $attributes_values->fields['products_attributes_maxcount'], 'products_prid' => $this->products[$i]['id']); zen_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array); $opd_insert_id = $db->insert_ID(); $this->notify('NOTIFY_ORDER_DURING_CREATE_ADDED_ATTRIBUTE_DOWNLOAD_LINE_ITEM', $sql_data_array, $opd_insert_id); } $this->products_ordered_attributes .= "\n\t" . $attributes_values->fields['products_options_name'] . ' ' . zen_decode_specialchars($this->products[$i]['attributes'][$j]['value']); } } //------eof: insert customer-chosen options ---- $this->notify('NOTIFY_ORDER_PROCESSING_ATTRIBUTES_EXIST', $attributes_exist); $this->notify('NOTIFY_ORDER_DURING_CREATE_ADD_PRODUCTS', $i, $custom_insertable_text); /* START: ADD MY CUSTOM DETAILS * 1. calculate/prepare custom information to be added to this product entry in order-confirmation, perhaps as a function call to custom code to build a serial number etc: * Possible parameters to pass to custom functions at this point: * Product ID ordered (for this line item): $this->products[$i]['id'] * Quantity ordered (of this line-item): $this->products[$i]['qty'] * Order number: $zf_insert_id * Attribute Option Name ID: (int)$this->products[$i]['attributes'][$j]['option_id'] * Attribute Option Value ID: (int)$this->products[$i]['attributes'][$j]['value_id'] * Attribute Filename: $attributes_values->fields['products_attributes_filename'] * * 2. Add that data to the $this->products_ordered_attributes variable, using this sort of format: * $this->products_ordered_attributes .= {INSERT CUSTOM INFORMATION HERE}; */ $this->products_ordered_attributes .= $custom_insertable_text; /* END: ADD MY CUSTOM DETAILS */ // update totals counters $this->total_weight += $this->products[$i]['qty'] * $this->products[$i]['weight']; $this->total_tax += zen_calculate_tax($this->products[$i]['final_price'] * $this->products[$i]['qty'], $this->products[$i]['tax']); $this->total_cost += $this->products[$i]['final_price'] + $this->products[$i]['onetime_charges']; $this->notify('NOTIFY_ORDER_PROCESSING_ONE_TIME_CHARGES_BEGIN', $i); // build output for email notification $this->products_ordered .= $this->products[$i]['qty'] . ' x ' . $this->products[$i]['name'] . ($this->products[$i]['model'] != '' ? ' (' . $this->products[$i]['model'] . ') ' : '') . ' = ' . $currencies->display_price($this->products[$i]['final_price'], $this->products[$i]['tax'], $this->products[$i]['qty']) . ($this->products[$i]['onetime_charges'] != 0 ? "\n" . TEXT_ONETIME_CHARGES_EMAIL . $currencies->display_price($this->products[$i]['onetime_charges'], $this->products[$i]['tax'], 1) : '') . $this->products_ordered_attributes . "\n"; $this->products_ordered_html .= '<tr>' . "\n" . '<td class="product-details" align="right" valign="top" width="30">' . $this->products[$i]['qty'] . ' x</td>' . "\n" . '<td class="product-details" valign="top">' . nl2br($this->products[$i]['name']) . ($this->products[$i]['model'] != '' ? ' (' . nl2br($this->products[$i]['model']) . ') ' : '') . "\n" . '<nobr>' . '<small><em> ' . nl2br($this->products_ordered_attributes) . '</em></small>' . '</nobr>' . '</td>' . "\n" . '<td class="product-details-num" valign="top" align="right">' . $currencies->display_price($this->products[$i]['final_price'], $this->products[$i]['tax'], $this->products[$i]['qty']) . ($this->products[$i]['onetime_charges'] != 0 ? '</td></tr>' . "\n" . '<tr><td class="product-details">' . nl2br(TEXT_ONETIME_CHARGES_EMAIL) . '</td>' . "\n" . '<td>' . $currencies->display_price($this->products[$i]['onetime_charges'], $this->products[$i]['tax'], 1) : '') . '</td></tr>' . "\n"; } $order_total_modules->apply_credit(); //ICW ADDED FOR CREDIT CLASS SYSTEM $this->notify('NOTIFY_ORDER_AFTER_ORDER_CREATE_ADD_PRODUCTS'); }
/** * Used to void a given previously-authorized transaction. FOR FUTURE USE. */ function _doVoid($oID, $note = '') { global $db, $doPayPal, $messageStack; $new_order_status = MODULE_PAYMENT_PAYPALWPP_REFUNDED_STATUS_ID; $doPayPal = $this->paypal_init(); $voidNote = strip_tags(zen_db_input($_POST['voidnote'])); $voidAuthID = trim(strip_tags(zen_db_input($_POST['voidauthid']))); if (isset($_POST['ordervoid']) && $_POST['ordervoid'] == MODULE_PAYMENT_PAYPAL_ENTRY_VOID_BUTTON_TEXT_FULL) { if (isset($_POST['voidconfirm']) && $_POST['voidconfirm'] == 'on') { $proceedToVoid = true; } else { $messageStack->add_session(MODULE_PAYMENT_PAYPALWPP_TEXT_VOID_CONFIRM_ERROR, 'error'); } } // look up history on this order from PayPal table $sql = "select * from " . TABLE_PAYPAL . " where order_id = :orderID AND parent_txn_id = '' "; $sql = $db->bindVars($sql, ':orderID', $oID, 'integer'); $sql = $db->bindVars($sql, ':transID', $voidAuthID, 'string'); $zc_ppHist = $db->Execute($sql); if ($zc_ppHist->RecordCount() == 0) { return false; } $txnID = $zc_ppHist->fields['txn_id']; /** * Submit void request to PayPal */ if ($proceedToVoid) { $response = $doPayPal->DoVoid($voidAuthID, $voidNote); $error = $this->_errorHandler($response, 'DoVoid'); if (!$error) { // Success, so save the results $sql_data_array = array('orders_id' => (int) $oID, 'orders_status_id' => (int) $new_order_status, 'date_added' => 'now()', 'comments' => 'VOIDED. Trans ID: ' . urldecode($response['AUTHORIZATIONID']) . $response['PNREF'] . (isset($response['PPREF']) ? "\nPPRef: " . $response['PPREF'] : '') . "\n" . $voidNote, 'customer_notified' => 0); zen_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array); $db->Execute("update " . TABLE_ORDERS . "\r\n set orders_status = '" . (int) $new_order_status . "'\r\n where orders_id = '" . (int) $oID . "'"); $messageStack->add_session(sprintf(MODULE_PAYMENT_PAYPALWPP_TEXT_VOID_INITIATED, urldecode($response['AUTHORIZATIONID']) . $response['PNREF']), 'success'); return true; } } }
</td> </tr> <?php } } else { echo ERROR_MODULE_FILE_NOT_FOUND . DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/' . $module_type . '/' . $file . '<br />'; } } ksort($installed_modules); $check = $db->Execute("select configuration_value\r\n from " . TABLE_CONFIGURATION . "\r\n where configuration_key = '" . zen_db_input($module_key) . "'"); if ($check->RecordCount() > 0) { if ($check->fields['configuration_value'] != implode(';', $installed_modules)) { $db->Execute("update " . TABLE_CONFIGURATION . "\r\n set configuration_value = '" . zen_db_input(implode(';', $installed_modules)) . "', last_modified = now()\r\n where configuration_key = '" . zen_db_input($module_key) . "'"); } } else { $db->Execute("insert into " . TABLE_CONFIGURATION . "\r\n (configuration_title, configuration_key, configuration_value,\r\n configuration_description, configuration_group_id, sort_order, date_added)\r\n values ('Installed Modules', '" . zen_db_input($module_key) . "', '" . zen_db_input(implode(';', $installed_modules)) . "',\r\n 'This is automatically updated. No need to edit.', '6', '0', now())"); } if (isset($zc_valid) && $zc_valid == false) { echo '<span class="alert">' . WARNING_MODULES_SORT_ORDER . '</span>'; } ?> <tr> <td colspan="3" class="smallText"><?php echo TEXT_MODULE_DIRECTORY . ' ' . $module_directory; ?> </td> </tr> </table></td> <?php $heading = array(); $contents = array();
<tr> <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_DATE_ADDED; ?> </strong></td> <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_STATUS; ?> </strong></td> <td class="smallText" align="center"><strong><?php echo TABLE_HEADING_COMMENTS; ?> </strong></td> </tr> <?php $orders_history = $db->Execute("select orders_status_id, date_added, customer_notified, comments\n from " . TABLE_ORDERS_STATUS_HISTORY . "\n where orders_id = '" . zen_db_input($oID) . "' and customer_notified >= 0\n order by date_added"); if ($orders_history->RecordCount() > 0) { $count_comments = 0; while (!$orders_history->EOF) { $count_comments++; echo ' <tr>' . "\n" . ' <td class="smallText" align="center" valign="top">' . zen_datetime_short($orders_history->fields['date_added']) . '</td>' . "\n"; echo ' <td class="smallText" valign="top">' . $orders_status_array[$orders_history->fields['orders_status_id']] . '</td>' . "\n"; echo ' <td class="smallText" valign="top">' . ($orders_history->fields['comments'] == '' ? TEXT_NONE : nl2br(zen_db_output($orders_history->fields['comments']))) . ' </td>' . "\n" . ' </tr>' . "\n"; $orders_history->MoveNext(); if (ORDER_COMMENTS_INVOICE == 1 && $count_comments >= 1) { break; } } } else { echo ' <tr>' . "\n" . ' <td class="smallText" colspan="5">' . TEXT_NO_ORDER_HISTORY . '</td>' . "\n" . ' </tr>' . "\n"; }
} } } if ($_POST['quick_updates_new']['products_sort_order']) { foreach ($_POST['quick_updates_new']['products_sort_order'] as $products_id => $new_value) { if (trim($_POST['quick_updates_new']['products_sort_order'][$products_id]) != trim($_POST['quick_updates_old']['products_sort_order'][$products_id])) { $quick_updates_count['products_sort_order'][$products_id] = $products_id; $db->Execute("UPDATE " . TABLE_PRODUCTS . " SET products_sort_order='" . zen_db_input($new_value) . "', products_last_modified=now() WHERE products_id=" . (int) $products_id); } } } if ($_POST['quick_updates_new']['products_image']) { foreach ($_POST['quick_updates_new']['products_image'] as $products_id => $new_value) { if (trim($_POST['quick_updates_new']['products_image'][$products_id]) != trim($_POST['quick_updates_old']['products_image'][$products_id])) { $quick_updates_count['products_image'][$products_id] = $products_id; $db->Execute("UPDATE " . TABLE_PRODUCTS . " SET products_image='" . zen_db_input($new_value) . "', products_last_modified=now() WHERE products_id=" . (int) $products_id); } } } if ($_POST['quick_updates_old']['products_status']) { foreach ($_POST['quick_updates_old']['products_status'] as $products_id => $status) { if (!isset($_POST['quick_updates_new']['products_status'][$products_id])) { $_POST['quick_updates_new']['products_status'][$products_id] = '0'; } if ($_POST['quick_updates_new']['products_status'][$products_id] != $_POST['quick_updates_old']['products_status'][$products_id]) { $quick_updates_count['products_status'][$products_id] = $products_id; zen_set_product_status((int) $products_id, (int) $_POST['quick_updates_new']['products_status'][$products_id]); } } } if ($_POST['quick_updates_new']['products_tax_class_id']) {
function get_audience_sql_query($selected_entry, $query_category = 'email') { // This is used to take the query_name selected in the drop-down menu or singular customer email address and // generate the SQL Select query to be used to build the list of email addresses to be sent to // it only returns a query name and query string (SQL SELECT statement) // the query string is then used in a $db->Execute() command for later parsing and emailing. global $db; $query_name = ''; $queries_list = $db->Execute("select query_name, query_string from " . TABLE_QUERY_BUILDER . " " . "where query_category like '%" . $query_category . "%'"); // "where query_category = '" . $query_category . "'"); while (!$queries_list->EOF) { if ($selected_entry == $queries_list->fields['query_name']) { $query_name = $queries_list->fields['query_name']; $query_string = parsed_query_string($queries_list->fields['query_string']); //echo 'GET_AUD_EM_ADDR_QRY:<br />query_name='.$query_name.'<br />query_string='.$query_string; } $queries_list->MoveNext(); } //if no match found against queries listed in database, then $selected_entry must be an email address if ($query_name == '' && $query_category == 'email') { $cust_email_address = zen_db_prepare_input($selected_entry); $query_name = $cust_email_address; $query_string = "select customers_firstname, customers_lastname, customers_email_address\n from " . TABLE_CUSTOMERS . "\n where customers_email_address = '" . zen_db_input($cust_email_address) . "'"; } //send back a 1-row array containing the query_name and the SQL query_string return array('query_name' => $query_name, 'query_string' => $query_string); }