function send($newsletter_id)
 {
     global $db;
     $audience_select = get_audience_sql_query($this->query_name, 'newsletters');
     $audience = $db->Execute($audience_select['query_string']);
     $records = $audience->RecordCount();
     if ($records == 0) {
         return 0;
     }
     $i = 0;
     while (!$audience->EOF) {
         $i++;
         $html_msg['EMAIL_FIRST_NAME'] = $audience->fields['customers_firstname'];
         $html_msg['EMAIL_LAST_NAME'] = $audience->fields['customers_lastname'];
         $html_msg['EMAIL_GREET'] = EMAIL_GREET;
         $html_msg['EMAIL_MESSAGE_HTML'] = $this->content_html;
         zen_mail($audience->fields['customers_firstname'] . ' ' . $audience->fields['customers_lastname'], $audience->fields['customers_email_address'], $this->title, $this->content, STORE_NAME, EMAIL_FROM, $html_msg, 'newsletters');
         echo zen_image(DIR_WS_ICONS . 'tick.gif', $audience->fields['customers_email_address']);
         //force output to the screen to show status indicator each time a message is sent...
         if (function_exists('ob_flush')) {
             @ob_flush();
         }
         @flush();
         $audience->MoveNext();
     }
     $newsletter_id = zen_db_prepare_input($newsletter_id);
     $db->Execute("update " . TABLE_NEWSLETTERS . "\r\n                    set date_sent = now(), status = '1'\r\n                    where newsletters_id = '" . zen_db_input($newsletter_id) . "'");
     return $records;
     //return number of records processed whether successful or not
 }
Exemple #2
0
/**
 * @package ZenCart_Functions
*/
function zen_update_whos_online()
{
    global $db;
    if ($_SESSION['customer_id']) {
        $wo_customer_id = $_SESSION['customer_id'];
        $customer_query = "select customers_firstname, customers_lastname\r\n                         from " . TABLE_CUSTOMERS . "\r\n                         where customers_id = '" . (int) $_SESSION['customer_id'] . "'";
        $customer = $db->Execute($customer_query);
        $wo_full_name = $customer->fields['customers_firstname'] . ' ' . $customer->fields['customers_lastname'];
    } else {
        $wo_customer_id = '';
        $wo_full_name = 'Guest';
    }
    $wo_session_id = zen_session_id();
    $wo_ip_address = $_SERVER['REMOTE_ADDR'];
    $wo_last_page_url = $_SERVER['REQUEST_URI'];
    $wo_user_agent = zen_db_prepare_input($_SERVER['HTTP_USER_AGENT']);
    $current_time = time();
    $xx_mins_ago = $current_time - 900;
    // remove entries that have expired
    $sql = "delete from " . TABLE_WHOS_ONLINE . "\r\n            where time_last_click < '" . $xx_mins_ago . "'";
    $db->Execute($sql);
    $stored_customer_query = "select count(*) as count\r\n                              from " . TABLE_WHOS_ONLINE . "\r\n                              where session_id = '" . zen_db_input($wo_session_id) . "'";
    $stored_customer = $db->Execute($stored_customer_query);
    if ($stored_customer->fields['count'] > 0) {
        $sql = "update " . TABLE_WHOS_ONLINE . "\r\n              set customer_id = '" . (int) $wo_customer_id . "',\r\n                  full_name = '" . zen_db_input($wo_full_name) . "',\r\n                  ip_address = '" . zen_db_input($wo_ip_address) . "',\r\n                  time_last_click = '" . zen_db_input($current_time) . "',\r\n                  last_page_url = '" . zen_db_input($wo_last_page_url) . "',\r\n                  host_address = '" . zen_db_input($_SESSION['customers_host_address']) . "',\r\n                  user_agent = '" . zen_db_input($wo_user_agent) . "'\r\n              where session_id = '" . zen_db_input($wo_session_id) . "'";
        $db->Execute($sql);
    } else {
        $sql = "insert into " . TABLE_WHOS_ONLINE . "\r\n                              (customer_id, full_name, session_id, ip_address, time_entry,\r\n                               time_last_click, last_page_url, host_address, user_agent)\r\n              values ('" . (int) $wo_customer_id . "', '" . zen_db_input($wo_full_name) . "', '" . zen_db_input($wo_session_id) . "', '" . zen_db_input($wo_ip_address) . "', '" . zen_db_input($current_time) . "', '" . zen_db_input($current_time) . "', '" . zen_db_input($wo_last_page_url) . "', '" . zen_db_input($_SESSION['customers_host_address']) . "', '" . zen_db_input($wo_user_agent) . "')";
        $db->Execute($sql);
    }
}
Exemple #3
0
 public function authentication()
 {
     if (!isset($_POST['admin_name']) || empty($_POST['admin_name']) || !isset($_POST['admin_pass']) || empty($_POST['admin_pass'])) {
         $this->authenticed = false;
         $this->addError('"name" and "password" invalid.');
     } else {
         $admin_name = zen_db_prepare_input($_POST['admin_name']);
         $admin_pass = zen_db_prepare_input($_POST['admin_pass']);
         $sql = "select admin_id, admin_name, admin_pass from " . TABLE_ADMIN . " where admin_name = '" . zen_db_input($admin_name) . "'";
         $result = $this->db->Execute($sql);
         if (isset($result->fields) && $admin_name == $result->fields['admin_name'] && zen_validate_password($admin_pass, $result->fields['admin_pass'])) {
             $this->authenticed = true;
         } else {
             if (!isset($result->fields) || !($admin_name == $result->fields['admin_name'])) {
                 $this->authenticed = false;
                 $this->addError('"name" invalid.');
             }
             if (!isset($result->fields) || !zen_validate_password($admin_pass, $result->fields['admin_pass'])) {
                 $this->authenticed = false;
                 $this->addError('"password" invalid.');
             }
         }
     }
     return $this->authenticed;
 }
Exemple #4
0
/**
 * @package ZenCart_Functions
*/
function zen_update_whos_online()
{
    global $gBitDb;
    if (!empty($_SESSION['customer_id'])) {
        $wo_customer_id = $_SESSION['customer_id'];
        $customer_query = "select `customers_firstname`, `customers_lastname`\n                         from " . TABLE_CUSTOMERS . "\n                         where `customers_id` = '" . (int) $_SESSION['customer_id'] . "'";
        $customer = $gBitDb->Execute($customer_query);
        $wo_full_name = $customer->fields['customers_firstname'] . ' ' . $customer->fields['customers_lastname'];
    } else {
        $wo_customer_id = '';
        $wo_full_name = 'Guest';
    }
    $wo_session_id = zen_session_id();
    $wo_ip_address = $_SERVER['REMOTE_ADDR'];
    $wo_last_page_url = $_SERVER['REQUEST_URI'];
    $wo_user_agent = !empty($_SERVER['HTTP_USER_AGENT']) ? zen_db_prepare_input($_SERVER['HTTP_USER_AGENT']) : '-';
    $current_time = time();
    $xx_mins_ago = $current_time - 900;
    // remove entries that have expired
    $sql = "delete from " . TABLE_WHOS_ONLINE . "\n            where `time_last_click` < '" . $xx_mins_ago . "'";
    $gBitDb->Execute($sql);
    $stored_customer_query = 'select count(*) as "count"
                              from ' . TABLE_WHOS_ONLINE . "\n                              where `session_id` = '" . zen_db_input($wo_session_id) . "'";
    $stored_customer = $gBitDb->Execute($stored_customer_query);
    if (empty($wo_customer_id)) {
        $wo_customer_id = NULL;
    }
    if ($stored_customer->fields['count'] > 0) {
        $sql = "update " . TABLE_WHOS_ONLINE . "\n              set `customer_id` = ?, `full_name` = ?, `ip_address` = ?, `time_last_click` = ?, `last_page_url` = ?, `host_address` = ?, `user_agent` = ?\n              where `session_id` = ?";
        $gBitDb->query($sql, array($wo_customer_id, $wo_full_name, $wo_ip_address, $current_time, substr($wo_last_page_url, 0, 255), $_SESSION['customers_host_address'], substr($wo_user_agent, 0, 255), $wo_session_id));
    } else {
        $sql = "insert into " . TABLE_WHOS_ONLINE . "\n                              (`customer_id`, `full_name`, `session_id`, `ip_address`, `time_entry`,\n                               `time_last_click`, `last_page_url`, `host_address`, `user_agent`)\n              values ( ?, ?, ?, ?, ?, ?, ?, ?, ? )";
        $gBitDb->query($sql, array($wo_customer_id, $wo_full_name, $wo_session_id, $wo_ip_address, $current_time, $current_time, $wo_last_page_url, $_SESSION['customers_host_address'], $wo_user_agent));
    }
}
Exemple #5
0
function _sess_destroy($key)
{
    global $db;
    $sql = "delete from " . TABLE_SESSIONS . " where sesskey = '" . zen_db_input($key) . "'";
    $db->Execute($sql);
    return TRUE;
}
 function splitPageResults($query, $max_rows, $count_key = '*', $page_holder = 'page', $debug = false)
 {
     global $db;
     $max_rows = $max_rows == '' || $max_rows == 0 ? 20 : $max_rows;
     $this->sql_query = preg_replace("/\n\r|\r\n|\n|\r/", " ", $query);
     $this->page_name = $page_holder;
     if ($debug) {
         echo 'original_query=' . $query . '<br /><br />';
     }
     if (isset($_GET[$page_holder])) {
         $page = $_GET[$page_holder];
     } elseif (isset($_POST[$page_holder])) {
         $page = $_POST[$page_holder];
     } else {
         $page = '';
     }
     if (empty($page) || !is_numeric($page)) {
         $page = 1;
     }
     $this->current_page_number = $page;
     $this->number_of_rows_per_page = $max_rows;
     $pos_to = strlen($this->sql_query);
     $query_lower = strtolower($this->sql_query);
     $pos_from = strpos($query_lower, ' from', 0);
     $pos_group_by = strpos($query_lower, ' group by', $pos_from);
     if ($pos_group_by < $pos_to && $pos_group_by != false) {
         $pos_to = $pos_group_by;
     }
     $pos_having = strpos($query_lower, ' having', $pos_from);
     if ($pos_having < $pos_to && $pos_having != false) {
         $pos_to = $pos_having;
     }
     $pos_order_by = strpos($query_lower, ' order by', $pos_from);
     if ($pos_order_by < $pos_to && $pos_order_by != false) {
         $pos_to = $pos_order_by;
     }
     if (strpos($query_lower, 'distinct') || strpos($query_lower, 'group by')) {
         $count_string = 'distinct ' . zen_db_input($count_key);
     } else {
         $count_string = zen_db_input($count_key);
     }
     $count_query = "select count(" . $count_string . ") as total " . substr($this->sql_query, $pos_from, $pos_to - $pos_from);
     if ($debug) {
         echo 'count_query=' . $count_query . '<br /><br />';
     }
     $count = $db->Execute($count_query);
     $this->number_of_rows = $count->fields['total'];
     $this->number_of_pages = ceil($this->number_of_rows / $this->number_of_rows_per_page);
     if ($this->current_page_number > $this->number_of_pages) {
         $this->current_page_number = $this->number_of_pages;
     }
     $offset = $this->number_of_rows_per_page * ($this->current_page_number - 1);
     // fix offset error on some versions
     if ($offset <= 0) {
         $offset = 0;
     }
     $this->sql_query .= " limit " . ($offset > 0 ? $offset . ", " : '') . $this->number_of_rows_per_page;
 }
function xsell_get_products_id($products_model)
{
    $sql = "SELECT products_id FROM " . TABLE_PRODUCTS . " WHERE products_model='" . zen_db_input($products_model) . "'";
    $result = mysql_query($sql);
    if (mysql_num_rows($result) == 0) {
        return null;
    }
    $row = mysql_fetch_array($result);
    return $row["products_id"];
}
function zen_get_languages_id_by_code($code)
{
    global $db;
    $query = "\n      select languages_id\n      from " . TABLE_LANGUAGES . "\n      where code like '" . zen_db_input($code) . "';";
    $result = $db->Execute($query);
    if ($result->RecordCount() > 0) {
        return $result->fields['languages_id'];
    }
    return false;
}
 function query($order_id)
 {
     global $db;
     $order = $db->Execute("select cc_cvv, customers_name, customers_company, customers_street_address,\n                                    customers_suburb, customers_city, customers_postcode, customers_id,\n                                    customers_state, customers_country, customers_telephone,\n                                    customers_email_address, customers_address_format_id, delivery_name,\n                                    delivery_company, delivery_street_address, delivery_suburb,\n                                    delivery_city, delivery_postcode, delivery_state, delivery_country,\n                                    delivery_address_format_id, billing_name, billing_company,\n                                    billing_street_address, billing_suburb, billing_city, billing_postcode,\n                                    billing_state, billing_country, billing_address_format_id,\n                                    coupon_code, payment_method, payment_module_code, shipping_method, shipping_module_code,\n                                    cc_type, cc_owner, cc_number, cc_expires, currency,\n                                    currency_value, date_purchased, orders_status, last_modified,\n                                    order_total, order_tax, ip_address\n                             from " . TABLE_ORDERS . "\n                             where orders_id = '" . (int) $order_id . "'");
     $totals = $db->Execute("select title, text, class, value\n                              from " . TABLE_ORDERS_TOTAL . "\n                              where orders_id = '" . (int) $order_id . "'\n                              order by sort_order");
     while (!$totals->EOF) {
         if ($totals->fields['class'] == 'ot_coupon') {
             $coupon_link_query = "SELECT coupon_id\n                  from " . TABLE_COUPONS . "\n                  where coupon_code ='" . zen_db_input($order->fields['coupon_code']) . "'";
             $coupon_link = $db->Execute($coupon_link_query);
             $zc_coupon_link = '<a href="javascript:couponpopupWindow(\'' . zen_catalog_href_link(FILENAME_POPUP_COUPON_HELP, 'cID=' . $coupon_link->fields['coupon_id']) . '\')">';
         }
         $this->totals[] = array('title' => $totals->fields['class'] == 'ot_coupon' ? $zc_coupon_link . $totals->fields['title'] . '</a>' : $totals->fields['title'], 'text' => $totals->fields['text'], 'value' => $totals->fields['value'], 'class' => $totals->fields['class']);
         $totals->MoveNext();
     }
     $this->info = array('currency' => $order->fields['currency'], 'currency_value' => $order->fields['currency_value'], 'payment_method' => $order->fields['payment_method'], 'payment_module_code' => $order->fields['payment_module_code'], 'shipping_method' => $order->fields['shipping_method'], 'shipping_module_code' => $order->fields['shipping_module_code'], 'coupon_code' => $order->fields['coupon_code'], 'cc_type' => $order->fields['cc_type'], 'cc_owner' => $order->fields['cc_owner'], 'cc_number' => $order->fields['cc_number'], 'cc_cvv' => $order->fields['cc_cvv'], 'cc_expires' => $order->fields['cc_expires'], 'date_purchased' => $order->fields['date_purchased'], 'orders_status' => $order->fields['orders_status'], 'total' => $order->fields['order_total'], 'tax' => $order->fields['order_tax'], 'last_modified' => $order->fields['last_modified'], 'ip_address' => $order->fields['ip_address']);
     $this->customer = array('name' => $order->fields['customers_name'], 'id' => $order->fields['customers_id'], 'company' => $order->fields['customers_company'], 'street_address' => $order->fields['customers_street_address'], 'suburb' => $order->fields['customers_suburb'], 'city' => $order->fields['customers_city'], 'postcode' => $order->fields['customers_postcode'], 'state' => $order->fields['customers_state'], 'country' => $order->fields['customers_country'], 'format_id' => $order->fields['customers_address_format_id'], 'telephone' => $order->fields['customers_telephone'], 'email_address' => $order->fields['customers_email_address']);
     $this->delivery = array('name' => $order->fields['delivery_name'], 'company' => $order->fields['delivery_company'], 'street_address' => $order->fields['delivery_street_address'], 'suburb' => $order->fields['delivery_suburb'], 'city' => $order->fields['delivery_city'], 'postcode' => $order->fields['delivery_postcode'], 'state' => $order->fields['delivery_state'], 'country' => $order->fields['delivery_country'], 'format_id' => $order->fields['delivery_address_format_id']);
     $this->billing = array('name' => $order->fields['billing_name'], 'company' => $order->fields['billing_company'], 'street_address' => $order->fields['billing_street_address'], 'suburb' => $order->fields['billing_suburb'], 'city' => $order->fields['billing_city'], 'postcode' => $order->fields['billing_postcode'], 'state' => $order->fields['billing_state'], 'country' => $order->fields['billing_country'], 'format_id' => $order->fields['billing_address_format_id']);
     $index = 0;
     $orders_products = $db->Execute("select orders_products_id, products_id, products_name, products_model,\n                                              products_price, products_tax, products_quantity,\n                                              final_price, onetime_charges,\n                                              product_is_free\n                                       from " . TABLE_ORDERS_PRODUCTS . "\n                                       where orders_id = '" . (int) $order_id . "'\n                                       order by orders_products_id");
     while (!$orders_products->EOF) {
         // convert quantity to proper decimals - account history
         if (QUANTITY_DECIMALS != 0) {
             $fix_qty = $orders_products->fields['products_quantity'];
             switch (true) {
                 case !strstr($fix_qty, '.'):
                     $new_qty = $fix_qty;
                     break;
                 default:
                     $new_qty = preg_replace('/[0]+$/', '', $orders_products->fields['products_quantity']);
                     break;
             }
         } else {
             $new_qty = $orders_products->fields['products_quantity'];
         }
         $new_qty = round($new_qty, QUANTITY_DECIMALS);
         if ($new_qty == (int) $new_qty) {
             $new_qty = (int) $new_qty;
         }
         $this->products[$index] = array('qty' => $new_qty, 'id' => $orders_products->fields['products_id'], 'name' => $orders_products->fields['products_name'], 'model' => $orders_products->fields['products_model'], 'tax' => $orders_products->fields['products_tax'], 'price' => $orders_products->fields['products_price'], 'onetime_charges' => $orders_products->fields['onetime_charges'], 'final_price' => $orders_products->fields['final_price'], 'product_is_free' => $orders_products->fields['product_is_free']);
         $subindex = 0;
         // START "Stock by Attributes" added to array products_options_values_id and 'value_id' => $attributes->fields['products_options_values_id'],
         $attributes = $db->Execute("select products_options, products_options_values, options_values_price,\n                                           price_prefix, products_options_values_id,\n                                           product_attribute_is_free\n                                    from " . TABLE_ORDERS_PRODUCTS_ATTRIBUTES . "\n                                    where orders_id = '" . (int) $order_id . "'\n                                    and orders_products_id = '" . (int) $orders_products->fields['orders_products_id'] . "'");
         if ($attributes->RecordCount() > 0) {
             while (!$attributes->EOF) {
                 $this->products[$index]['attributes'][$subindex] = array('option' => $attributes->fields['products_options'], 'value' => $attributes->fields['products_options_values'], 'value_id' => $attributes->fields['products_options_values_id'], 'prefix' => $attributes->fields['price_prefix'], 'price' => $attributes->fields['options_values_price'], 'product_attribute_is_free' => $attributes->fields['product_attribute_is_free']);
                 // END "Stock by Attributes"
                 $subindex++;
                 $attributes->MoveNext();
             }
         }
         $index++;
         $orders_products->MoveNext();
     }
 }
Exemple #10
0
 function manufacturerExists($pManufacturersId)
 {
     global $gBitDb;
     $ret = NULL;
     if (is_numeric($pManufacturersId)) {
         $sql = "SELECT COUNT(*) as `total`\n\t\t\t\t\tFROM " . TABLE_MANUFACTURERS . "\n\t\t\t\t\tWHERE `manufacturers_id` = '" . zen_db_input($pManufacturersId) . "'";
         $rs = $gBitDb->Execute($sql);
         $ret = !empty($rs['fields']['total']);
     }
     return $ret;
 }
Exemple #11
0
function zen_set_ezpage_status($pages_id, $status, $status_field)
{
    global $db;
    if ($status == '1') {
        return $db->Execute("update " . TABLE_EZPAGES . " set " . zen_db_input($status_field) . " = '0'  where pages_id = '" . (int) $pages_id . "'");
    } elseif ($status == '0') {
        return $db->Execute("update " . TABLE_EZPAGES . " set " . zen_db_input($status_field) . " = '1'  where pages_id = '" . (int) $pages_id . "'");
    } else {
        return -1;
    }
}
function zen_visitors_update_visitors_data($customers_id, $customers_email_address)
{
    global $db;
    $customers_id = zen_db_prepare_input($customers_id);
    $customers_email_address = zen_db_prepare_input($customers_email_address);
    $check_email = $db->Execute("select customers_email_address\r\n                               from " . TABLE_CUSTOMERS . "\r\n                               where customers_email_address = '" . zen_db_input($customers_email_address) . "'\r\n                               and customers_id != '" . (int) $customers_id . "'");
    if (!$check_email->RecordCount()) {
        $sql_data_array = array('visitors_email_address' => $customers_email_address, 'visitors_info_date_account_last_modified' => 'now()');
        zen_db_perform(TABLE_VISITORS, $sql_data_array, 'update', "visitors_id = '" . (int) $customers_id . "'");
    }
}
function zen_get_languages_directory($code)
{
    global $db;
    $language = $db->Execute("select languages_id, directory \n                              from " . TABLE_LANGUAGES . " \n                              where code = '" . zen_db_input($code) . "'");
    if ($language->RecordCount() > 0) {
        $_SESSION['languages_id'] = $language->fields['languages_id'];
        return $language->fields['directory'];
    } else {
        return false;
    }
}
 function splitPageResults($query, $max_rows, $count_key = '*', $page_holder = 'page', $debug = false)
 {
     global $gBitDb;
     $this->sql_query = $query;
     $this->page_name = $page_holder;
     //lower case query to search for string positions
     $searchQuery = strtolower($query);
     if (isset($_GET[$page_holder])) {
         $page = $_GET[$page_holder];
     } elseif (isset($_POST[$page_holder])) {
         $page = $_POST[$page_holder];
     } else {
         $page = '';
     }
     if (empty($page) || !is_numeric($page)) {
         $page = 1;
     }
     $this->current_page_number = $page;
     $this->number_of_rows_per_page = $max_rows;
     $pos_to = strlen($this->sql_query);
     $pos_from = strpos($searchQuery, ' from', 0);
     $pos_group_by = strpos($searchQuery, ' group by', $pos_from);
     if ($pos_group_by < $pos_to && $pos_group_by != false) {
         $pos_to = $pos_group_by;
     }
     $pos_having = strpos($searchQuery, ' having', $pos_from);
     if ($pos_having < $pos_to && $pos_having != false) {
         $pos_to = $pos_having;
     }
     $pos_order_by = strpos($searchQuery, ' order by', $pos_from);
     if ($pos_order_by < $pos_to && $pos_order_by != false) {
         $pos_to = $pos_order_by;
     }
     if (strpos($searchQuery, 'distinct') || strpos($searchQuery, 'group by')) {
         $count_string = 'distinct ' . zen_db_input($count_key);
     } else {
         $count_string = zen_db_input($count_key);
     }
     $count_query = "select count(" . $count_string . ") as `total` " . substr($searchQuery, $pos_from, $pos_to - $pos_from);
     $count = $gBitDb->Execute($count_query);
     $this->number_of_rows = $count->fields['total'];
     $this->number_of_pages = ceil($this->number_of_rows / $this->number_of_rows_per_page);
     if ($this->current_page_number > $this->number_of_pages) {
         $this->current_page_number = $this->number_of_pages;
     }
     $offset = $this->number_of_rows_per_page * ($this->current_page_number - 1);
     // fix offset error on some versions
     if ($offset < 0) {
         $offset = 0;
     }
     $this->offset = $offset;
 }
 function _install()
 {
     global $db;
     // トップメニューの構築
     // 存在しない場合に自動で作成
     $sql = "create table if not exists " . TABLE_EASY_ADMIN_TOP_MENUS . " " . "(easy_admin_top_menu_id         int(11) auto_increment" . ",easy_admin_top_menu_name       varchar(255)" . ",is_dropdown                    int(1)" . ",easy_admin_top_menu_sort_order int(11)" . ",primary key (easy_admin_top_menu_id))";
     $db->execute($sql);
     $sql = "delete from " . TABLE_EASY_ADMIN_TOP_MENUS;
     $db->execute($sql);
     $topmenu = 1;
     for (;;) {
         $key = 'MODULE_EASY_ADMIN_TOP_DEFAULT_MENU_' . $topmenu;
         if (defined($key)) {
             $menu = explode(",", constant($key));
             $sql = "insert into " . TABLE_EASY_ADMIN_TOP_MENUS . " " . "(easy_admin_top_menu_id,easy_admin_top_menu_name,is_dropdown,easy_admin_top_menu_sort_order)" . "values (" . $topmenu . "," . "'" . zen_db_input($menu[0]) . "'," . (int) $menu[1] . "," . (int) topmenu . ")";
             $db->execute($sql);
             $topmenu++;
         } else {
             break;
         }
     }
     // サブメニューの構築
     // 存在しない場合に自動で作成
     $sql = "create table if not exists " . TABLE_EASY_ADMIN_SUB_MENUS . " " . "(easy_admin_sub_menu_id         int(11) auto_increment" . ",easy_admin_top_menu_id         int(11)" . ",easy_admin_sub_menu_name       varchar(255)" . ",easy_admin_sub_menu_url        varchar(255)" . ",easy_admin_sub_menu_sort_order int(11)" . ",primary key (easy_admin_sub_menu_id))";
     $db->execute($sql);
     $sql = "delete from " . TABLE_EASY_ADMIN_SUB_MENUS;
     $db->execute($sql);
     $topmenu = 1;
     for (;;) {
         if (!defined('MODULE_EASY_ADMIN_TOP_DEFAULT_MENU_' . $topmenu)) {
             break;
         }
         $key = 'MODULE_EASY_ADMIN_SUB_DEFAULT_MENU_' . $topmenu;
         if (defined($key . "_1")) {
             $submenu = 1;
             for (;;) {
                 $subkey = $key . "_" . $submenu;
                 if (defined($subkey)) {
                     $menu = explode(",", constant($subkey));
                     $sql = "insert into " . TABLE_EASY_ADMIN_SUB_MENUS . " " . "(easy_admin_top_menu_id,easy_admin_sub_menu_name,easy_admin_sub_menu_url,easy_admin_sub_menu_sort_order)" . "values (" . $topmenu . "," . "'" . zen_db_input($menu[0]) . "'," . "'" . zen_db_input($menu[1]) . "'," . $submenu . ")";
                     $db->execute($sql);
                     $submenu++;
                 } else {
                     break;
                 }
             }
         }
         $topmenu++;
     }
     $sql = "create table if not exists " . TABLE_ADMIN_ACL . " " . "(acl_id int(11) auto_increment," . "admin_id int(11)," . "easy_admin_top_menu_id int(11)," . "easy_admin_sub_menu_id int(11)," . "primary key (acl_id)" . ")";
     $db->execute($sql);
 }
Exemple #16
0
function zen_set_ezpage_status($pages_id, $status, $status_field)
{
    global $db;
    if ($status == '1') {
        zen_record_admin_activity('EZ-Page ID ' . (int) $pages_id . ' [' . $status_field . '] changed to 0', 'info');
        return $db->Execute("update " . TABLE_EZPAGES . " set " . zen_db_input($status_field) . " = '0'  where pages_id = '" . (int) $pages_id . "'");
    } elseif ($status == '0') {
        zen_record_admin_activity('EZ-Page ID ' . (int) $pages_id . ' [' . $status_field . '] changed to 1', 'info');
        return $db->Execute("update " . TABLE_EZPAGES . " set " . zen_db_input($status_field) . " = '1'  where pages_id = '" . (int) $pages_id . "'");
    } else {
        return -1;
    }
}
Exemple #17
0
function zen_remove_link_category($link_category_id)
{
    global $db;
    $link_category_image = $db->Execute("select link_categories_image from " . TABLE_LINK_CATEGORIES . " where link_categories_id = '" . (int) $link_category_id . "'");
    $duplicate_image = $db->Execute("select count(*) as total from " . TABLE_LINK_CATEGORIES . " where link_categories_image = '" . zen_db_input($link_category_image->fields['link_categories_image']) . "'");
    if ($duplicate_image->fields['total'] < 2) {
        if (file_exists(DIR_FS_CATALOG_IMAGES . $link_category_image->fields['link_categories_image'])) {
            @unlink(DIR_FS_CATALOG_IMAGES . $link_category_image->fields['link_categories_image']);
        }
    }
    $db->Execute("delete from " . TABLE_LINK_CATEGORIES . " where link_categories_id = '" . (int) $link_category_id . "'");
    $db->Execute("delete from " . TABLE_LINK_CATEGORIES_DESCRIPTION . " where link_categories_id = '" . (int) $link_category_id . "'");
    $db->Execute("delete from " . TABLE_LINKS_TO_LINK_CATEGORIES . " where link_categories_id = '" . (int) $link_category_id . "'");
}
 public function recordFirstStep($orderId, $paramsSAR, $responseSAR)
 {
     global $db;
     $datetime = new DateTime('NOW');
     if ($this->_getStep($orderId) == self::FIRST_STEP) {
         $requestKey = $responseSAR['RequestKey'];
         $publicRequestKey = $responseSAR['PublicRequestKey'];
         $query = "UPDATE todopago_transaccion SET first_step = '" . $datetime->format('Y-m-d H:i:s') . "', params_SAR = '" . zen_db_input(zen_db_prepare_input(json_encode($paramsSAR))) . "', response_SAR = '" . zen_db_input(zen_db_prepare_input(json_encode($responseSAR))) . "', request_key = '" . zen_db_input(zen_db_prepare_input($requestKey)) . "', public_request_key = '" . zen_db_input(zen_db_prepare_input($publicRequestKey)) . "' WHERE id_orden = " . $orderId;
         $db->Execute($query);
         return $query;
     } else {
         return 0;
     }
 }
 function _install()
 {
     global $db;
     // カラーテーブルの構築
     // 存在しない場合に自動で作成
     $sql = "create table if not exists " . TABLE_EASY_DESIGN_COLORS . " " . "(easy_design_color_id    int(11) auto_increment" . ",template_dir            varchar(255)" . ",easy_design_color_key   varchar(255)" . ",easy_design_color_name  text" . ",easy_design_color_value text" . ",primary key (easy_design_color_id)" . ",index       (template_dir)" . ",index       (easy_design_color_key))";
     $db->execute($sql);
     // 文言テーブルの構築
     // 存在しない場合に自動で作成
     $sql = "create table if not exists " . TABLE_EASY_DESIGN_LANGUAGES . " " . "(easy_design_language_id         int(11) auto_increment" . ",language_id                     int(11)" . ",easy_design_language_key        varchar(255)" . ",easy_design_language_name       text" . ",easy_design_language_value      text" . ",easy_design_language_sort_order int(11)" . ",primary key (easy_design_language_id)" . ",index       (easy_design_language_key))";
     $db->execute($sql);
     $sql = "insert into " . TABLE_EASY_DESIGN_LANGUAGES . " " . "(language_id" . ",easy_design_language_key" . ",easy_design_language_name" . ",easy_design_language_value" . ",easy_design_language_sort_order) " . "values" . "(2" . ",'" . EASY_DESIGN_KEY_TAGLINE . "'" . ",'" . zen_db_input(EASY_DESIGN_TAGLINE_NAME) . "'" . ",'" . zen_db_input(EASY_DESIGN_TAGLINE_VALUE) . "'" . ",1)";
     $db->execute($sql);
     $sql = "insert into " . TABLE_EASY_DESIGN_LANGUAGES . " " . "(language_id" . ",easy_design_language_key" . ",easy_design_language_name" . ",easy_design_language_value" . ",easy_design_language_sort_order) " . "values" . "(2" . ",'" . EASY_DESIGN_KEY_COPYLIGHT . "'" . ",'" . zen_db_input(EASY_DESIGN_COPYLIGHT_NAME) . "'" . ",'" . zen_db_input(EASY_DESIGN_COPYLIGHT_VALUE) . "'" . ",2)";
     $db->execute($sql);
 }
/**
 * zen_update_whos_online
 */
function zen_update_whos_online()
{
    global $db;
    if (isset($_SESSION['customer_id']) && $_SESSION['customer_id']) {
        $wo_customer_id = $_SESSION['customer_id'];
        $customer_query = "select customers_firstname, customers_lastname\n                         from " . TABLE_CUSTOMERS . "\n                         where customers_id = '" . (int) $_SESSION['customer_id'] . "'";
        $customer = $db->Execute($customer_query);
        $wo_full_name = $customer->fields['customers_lastname'] . ', ' . $customer->fields['customers_firstname'];
    } else {
        $wo_customer_id = '';
        $wo_full_name = '&yen;' . 'Guest';
    }
    $wo_session_id = zen_session_id();
    $wo_ip_address = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : 'Unknown';
    $wo_user_agent = substr(zen_db_prepare_input($_SERVER['HTTP_USER_AGENT']), 0, 254);
    $_SERVER['QUERY_STRING'] = isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'] != '' ? $_SERVER['QUERY_STRING'] : zen_get_all_get_params();
    if (isset($_SERVER['REQUEST_URI'])) {
        $uri = $_SERVER['REQUEST_URI'];
    } else {
        if (isset($_SERVER['QUERY_STRING'])) {
            $uri = $_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING'];
        } else {
            $uri = $_SERVER['PHP_SELF'] . '?' . $_SERVER['argv'][0];
        }
    }
    if (substr($uri, -1) == '?') {
        $uri = substr($uri, 0, strlen($uri) - 1);
    }
    $wo_last_page_url = zen_not_null($uri) ? substr($uri, 0, 254) : 'Unknown';
    $current_time = time();
    $xx_mins_ago = $current_time - 900;
    // remove entries that have expired
    $sql = "delete from " . TABLE_WHOS_ONLINE . "\n          where time_last_click < '" . $xx_mins_ago . "'";
    $db->Execute($sql);
    $stored_customer_query = "select count(*) as count\n                              from " . TABLE_WHOS_ONLINE . "\n                              where session_id = '" . zen_db_input($wo_session_id) . "' and ip_address='" . zen_db_input($wo_ip_address) . "'";
    $stored_customer = $db->Execute($stored_customer_query);
    if (empty($wo_session_id)) {
        $wo_full_name = '&yen;' . 'Spider';
    }
    if ($stored_customer->fields['count'] > 0) {
        $sql = "update " . TABLE_WHOS_ONLINE . "\n              set customer_id = '" . (int) $wo_customer_id . "',\n                  full_name = '" . zen_db_input($wo_full_name) . "',\n                  ip_address = '" . zen_db_input($wo_ip_address) . "',\n                  time_last_click = '" . zen_db_input($current_time) . "',\n                  last_page_url = '" . zen_db_input($wo_last_page_url) . "',\n                  host_address = '" . zen_db_input($_SESSION['customers_host_address']) . "',\n                  user_agent = '" . zen_db_input($wo_user_agent) . "'\n              where session_id = '" . zen_db_input($wo_session_id) . "' and ip_address='" . zen_db_input($wo_ip_address) . "'";
        $db->Execute($sql);
    } else {
        $sql = "insert into " . TABLE_WHOS_ONLINE . "\n                (customer_id, full_name, session_id, ip_address, time_entry,\n                 time_last_click, last_page_url, host_address, user_agent)\n              values ('" . (int) $wo_customer_id . "', '" . zen_db_input($wo_full_name) . "', '" . zen_db_input($wo_session_id) . "', '" . zen_db_input($wo_ip_address) . "', '" . zen_db_input($current_time) . "', '" . zen_db_input($current_time) . "', '" . zen_db_input($wo_last_page_url) . "', '" . zen_db_input($_SESSION['customers_host_address']) . "', '" . zen_db_input($wo_user_agent) . "')";
        $db->Execute($sql);
    }
}
function update_zaiko()
{
    global $db;
    if (!isset($_POST['product'])) {
        echo ZAIKOROBOT_STATUS_NG . "\n";
        echo ZAIKOROBOT_ERROR_MSG_NOQUERY . "\n";
        return;
    }
    $error = false;
    foreach ($_POST['product'] as $key => $val) {
        $find = false;
        if (MODULE_PRODUCTS_WITH_ATTRIBUTES_STOCK_STATUS == 'true') {
            // SKU型番確認
            $sql = "select\n                 stock_id\n                ,products_id\n              from " . TABLE_PRODUCTS_WITH_ATTRIBUTES_STOCK . "\n              where\n                skumodel='" . zen_db_input($val['product_code']) . "'";
            $result = $db->Execute($sql);
            if (!$result->EOF) {
                $find = true;
                // 存在したので在庫更新
                $sql = "update " . TABLE_PRODUCTS_WITH_ATTRIBUTES_STOCK . "\n                set\n                  quantity=" . (int) $val['stock'] . "\n                where\n                  stock_id=" . (int) $result->fields['stock_id'];
                $db->Execute($sql);
                // 親の在庫を修正する
                $sql = "update " . TABLE_PRODUCTS . "\n                set\n                  products_quantity=(\n                    select sum(quantity)\n                    from " . TABLE_PRODUCTS_WITH_ATTRIBUTES_STOCK . "\n                    where products_id=" . (int) $result->fields['products_id'] . "\n                  )\n                where\n                  products_id=" . (int) $result->fields['products_id'];
                $db->Execute($sql);
            }
        }
        // SKUに一致しないので、通常商品
        if (!$find) {
            $sql = "select\n                products_id\n              from " . TABLE_PRODUCTS . "\n              where\n                products_model='" . zen_db_input($val['product_code']) . "'";
            $result = $db->Execute($sql);
            // 検索したが存在しない商品だった
            if ($result->EOF) {
                if ($error == false) {
                    $error = true;
                    echo ZAIKOROBOT_STATUS_NG . "\n";
                }
                echo sprintf(ZAIKOROBOT_ERROR_MSG_PRODUCT_UNKNOWN, $val['product_code']) . "\n";
            } else {
                $sql = "update " . TABLE_PRODUCTS . "\n                set\n                  products_quantity=" . (int) $val['stock'] . "\n                where\n                  products_id=" . (int) $result->fields['products_id'];
                $db->Execute($sql);
            }
        }
    }
    if ($error == false) {
        echo ZAIKOROBOT_STATUS_OK . "\n";
    }
}
 public static function getList(&$pListHash)
 {
     global $gBitDb;
     $sql = "SELECT c.`categories_id`, cd.`categories_name`, cd.`categories_description`, c.`categories_image`, c.`parent_id`, c.`sort_order`, c.`date_added`, c.`last_modified`, c.`categories_status`\n\t\t\t\tFROM " . TABLE_CATEGORIES . " c, " . TABLE_CATEGORIES_DESCRIPTION . " cd\n\t\t\t\tWHERE c.`categories_id` = cd.`categories_id` AND cd.`language_id` = ?";
     $bindVars = array((int) $_SESSION['languages_id']);
     if (!empty($pListHash['search'])) {
         $sql .= "and LOWER( cd.`categories_name` ) LIKE ?";
         $bindVars[] = '%' . strtolower(zen_db_input($pListHash['search'])) . '%';
     }
     if (!empty($pListHash['parent_id'])) {
         $sql .= " AND c.`parent_id` = ?";
         $bindVars[] = $pListHash['parent_id'];
     }
     $sql .= "ORDER BY c.`sort_order`, cd.`categories_name`";
     if ($ret = $gBitDb->getAssoc($sql, $bindVars)) {
     }
     return $ret;
 }
Exemple #23
0
/**
 * @package admin
 * @copyright Copyright 2003-2011 Zen Cart Development Team
 * @copyright Portions Copyright 2003 osCommerce
 * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
 * @version $Id: database.php 18695 2011-05-04 05:24:19Z drbyte $
 */
function zen_db_perform($table, $data, $action = 'insert', $parameters = '', $link = 'db_link')
{
    global $db;
    reset($data);
    if ($action == 'insert') {
        $query = 'insert into ' . $table . ' (';
        while (list($columns, ) = each($data)) {
            $query .= $columns . ', ';
        }
        $query = substr($query, 0, -2) . ') values (';
        reset($data);
        while (list(, $value) = each($data)) {
            switch ((string) $value) {
                case 'now()':
                    $query .= 'now(), ';
                    break;
                case 'null':
                    $query .= 'null, ';
                    break;
                default:
                    $query .= '\'' . zen_db_input($value) . '\', ';
                    break;
            }
        }
        $query = substr($query, 0, -2) . ')';
    } elseif ($action == 'update') {
        $query = 'update ' . $table . ' set ';
        while (list($columns, $value) = each($data)) {
            switch ((string) $value) {
                case 'now()':
                    $query .= $columns . ' = now(), ';
                    break;
                case 'null':
                    $query .= $columns .= ' = null, ';
                    break;
                default:
                    $query .= $columns . ' = \'' . zen_db_input($value) . '\', ';
                    break;
            }
        }
        $query = substr($query, 0, -2) . ' where ' . $parameters;
    }
    return $db->Execute($query);
}
 function update(&$class, $eventID, $paramsArray)
 {
     if (FEC_DROP_DOWN == 'true' || FEC_GIFT_MESSAGE == 'true') {
         global $db;
         // find out the last order number generated for this customer account
         $orders_query = "SELECT * FROM " . TABLE_ORDERS . "\n                   WHERE customers_id = :customersID\n                   ORDER BY date_purchased DESC LIMIT 1";
         $orders_query = $db->bindVars($orders_query, ':customersID', $_SESSION['customer_id'], 'integer');
         $orders = $db->Execute($orders_query);
         $orders_id = $orders->fields['orders_id'];
         // use order-id generated by the actual order process
         // this uses the SESSION orders_id, or if doesn't exist, grabs most recent order # for this cust (needed for paypal et al).
         // Needs reworking in v1.4 for checkout-rewrite
         $zv_orders_id = isset($_SESSION['order_number_created']) && $_SESSION['order_number_created'] >= 1 ? $_SESSION['order_number_created'] : $orders_id;
         $orders_id = $zv_orders_id;
         // get the value of the selected dropdown
         $dropdown = zen_db_input($_SESSION['dropdown']);
         $gift_message = zen_db_input($_SESSION['gift-message']);
         // add selected dropdown option to the orders table
         $db->Execute("UPDATE  " . TABLE_ORDERS . "\n                    SET dropdown = '" . $dropdown . "',\n                        gift_message = '" . $gift_message . "'\n                    WHERE orders_id = " . $orders_id . "\n                    LIMIT 1");
         // unset the dropdown session
         unset($_SESSION['dropdown']);
         unset($_SESSION['gift-message']);
     }
 }
 function create_add_products($zf_insert_id, $zf_mode = false)
 {
     global $db, $currencies, $order_total_modules, $order_totals;
     // initialized for the email confirmation
     $this->products_ordered = '';
     $this->products_ordered_html = '';
     $this->subtotal = 0;
     $this->total_tax = 0;
     // lowstock email report
     $this->email_low_stock = '';
     for ($i = 0, $n = sizeof($this->products); $i < $n; $i++) {
         $custom_insertable_text = '';
         $this->doStockDecrement = STOCK_LIMITED == 'true';
         $this->notify('NOTIFY_ORDER_PROCESSING_STOCK_DECREMENT_INIT', array('i' => $i), $this->products[$i], $i);
         // Stock Update - Joao Correia
         if ($this->doStockDecrement) {
             if (DOWNLOAD_ENABLED == 'true') {
                 $stock_query_raw = "select p.products_quantity, pad.products_attributes_filename, p.product_is_always_free_shipping\n                              from " . TABLE_PRODUCTS . " p\n                              left join " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n                               on p.products_id=pa.products_id\n                              left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n                               on pa.products_attributes_id=pad.products_attributes_id\n                              WHERE p.products_id = '" . zen_get_prid($this->products[$i]['id']) . "'";
                 // Will work with only one option for downloadable products
                 // otherwise, we have to build the query dynamically with a loop
                 $products_attributes = $this->products[$i]['attributes'];
                 if (is_array($products_attributes)) {
                     $stock_query_raw .= " AND pa.options_id = '" . $products_attributes[0]['option_id'] . "' AND pa.options_values_id = '" . $products_attributes[0]['value_id'] . "'";
                 }
                 $stock_values = $db->Execute($stock_query_raw, false, false, 0, true);
             } else {
                 $stock_values = $db->Execute("select * from " . TABLE_PRODUCTS . " where products_id = '" . zen_get_prid($this->products[$i]['id']) . "'", false, false, 0, true);
             }
             $this->notify('NOTIFY_ORDER_PROCESSING_STOCK_DECREMENT_BEGIN', $i, $stock_values);
             if ($stock_values->RecordCount() > 0) {
                 // do not decrement quantities if products_attributes_filename exists
                 if (DOWNLOAD_ENABLED != 'true' || $stock_values->fields['product_is_always_free_shipping'] == 2 || !$stock_values->fields['products_attributes_filename']) {
                     $stock_left = $stock_values->fields['products_quantity'] - $this->products[$i]['qty'];
                     $this->products[$i]['stock_reduce'] = $this->products[$i]['qty'];
                 } else {
                     $stock_left = $stock_values->fields['products_quantity'];
                 }
                 //            $this->products[$i]['stock_value'] = $stock_values->fields['products_quantity'];
                 $db->Execute("update " . TABLE_PRODUCTS . " set products_quantity = '" . $stock_left . "' where products_id = '" . zen_get_prid($this->products[$i]['id']) . "'");
                 //        if ( ($stock_left < 1) && (STOCK_ALLOW_CHECKOUT == 'false') ) {
                 if ($stock_left <= 0) {
                     // only set status to off when not displaying sold out
                     if (SHOW_PRODUCTS_SOLD_OUT == '0') {
                         $db->Execute("update " . TABLE_PRODUCTS . " set products_status = 0 where products_id = '" . zen_get_prid($this->products[$i]['id']) . "'");
                     }
                 }
                 // for low stock email
                 if ($stock_left <= STOCK_REORDER_LEVEL) {
                     // WebMakers.com Added: add to low stock email
                     $this->email_low_stock .= 'ID# ' . zen_get_prid($this->products[$i]['id']) . "\t\t" . $this->products[$i]['model'] . "\t\t" . $this->products[$i]['name'] . "\t\t" . ' Qty Left: ' . $stock_left . "\n";
                 }
             }
         }
         // Update products_ordered (for bestsellers list)
         $this->bestSellersUpdate = TRUE;
         $this->notify('NOTIFY_ORDER_PROCESSING_BESTSELLERS_UPDATE', array(), $this->products[$i], $i);
         if ($this->bestSellersUpdate) {
             $db->Execute("update " . TABLE_PRODUCTS . " set products_ordered = products_ordered + " . sprintf('%f', $this->products[$i]['qty']) . " where products_id = '" . zen_get_prid($this->products[$i]['id']) . "'");
         }
         $this->notify('NOTIFY_ORDER_PROCESSING_STOCK_DECREMENT_END', $i);
         $sql_data_array = array('orders_id' => $zf_insert_id, 'products_id' => zen_get_prid($this->products[$i]['id']), 'products_model' => $this->products[$i]['model'], 'products_name' => $this->products[$i]['name'], 'products_price' => $this->products[$i]['price'], 'final_price' => $this->products[$i]['final_price'], 'onetime_charges' => $this->products[$i]['onetime_charges'], 'products_tax' => $this->products[$i]['tax'], 'products_quantity' => $this->products[$i]['qty'], 'products_priced_by_attribute' => $this->products[$i]['products_priced_by_attribute'], 'product_is_free' => $this->products[$i]['product_is_free'], 'products_discount_type' => $this->products[$i]['products_discount_type'], 'products_discount_type_from' => $this->products[$i]['products_discount_type_from'], 'products_prid' => $this->products[$i]['id']);
         zen_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array);
         $order_products_id = $db->Insert_ID();
         $this->notify('NOTIFY_ORDER_DURING_CREATE_ADDED_PRODUCT_LINE_ITEM', array_merge(array('orders_products_id' => $order_products_id, 'i' => $i), $sql_data_array), $order_products_id);
         $this->notify('NOTIFY_ORDER_PROCESSING_CREDIT_ACCOUNT_UPDATE_BEGIN');
         $order_total_modules->update_credit_account($i);
         //ICW ADDED FOR CREDIT CLASS SYSTEM
         $this->notify('NOTIFY_ORDER_PROCESSING_ATTRIBUTES_BEGIN');
         //------ bof: insert customer-chosen options to order--------
         $attributes_exist = '0';
         $this->products_ordered_attributes = '';
         if (isset($this->products[$i]['attributes'])) {
             $attributes_exist = '1';
             for ($j = 0, $n2 = sizeof($this->products[$i]['attributes']); $j < $n2; $j++) {
                 if (DOWNLOAD_ENABLED == 'true') {
                     $attributes_query = "select popt.products_options_name, poval.products_options_values_name,\n                                 pa.options_values_price, pa.price_prefix,\n                                 pa.product_attribute_is_free, pa.products_attributes_weight, pa.products_attributes_weight_prefix,\n                                 pa.attributes_discounted, pa.attributes_price_base_included, pa.attributes_price_onetime,\n                                 pa.attributes_price_factor, pa.attributes_price_factor_offset,\n                                 pa.attributes_price_factor_onetime, pa.attributes_price_factor_onetime_offset,\n                                 pa.attributes_qty_prices, pa.attributes_qty_prices_onetime,\n                                 pa.attributes_price_words, pa.attributes_price_words_free,\n                                 pa.attributes_price_letters, pa.attributes_price_letters_free,\n                                 pad.products_attributes_maxdays, pad.products_attributes_maxcount, pad.products_attributes_filename\n                                 from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n                                  left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n                                  on pa.products_attributes_id=pad.products_attributes_id\n                                 where pa.products_id = '" . zen_db_input($this->products[$i]['id']) . "'\n                                  and pa.options_id = '" . $this->products[$i]['attributes'][$j]['option_id'] . "'\n                                  and pa.options_id = popt.products_options_id\n                                  and pa.options_values_id = '" . $this->products[$i]['attributes'][$j]['value_id'] . "'\n                                  and pa.options_values_id = poval.products_options_values_id\n                                  and popt.language_id = '" . $_SESSION['languages_id'] . "'\n                                  and poval.language_id = '" . $_SESSION['languages_id'] . "'";
                     $attributes_values = $db->Execute($attributes_query);
                 } else {
                     $attributes_values = $db->Execute("select popt.products_options_name, poval.products_options_values_name,\n                                 pa.options_values_price, pa.price_prefix,\n                                 pa.product_attribute_is_free, pa.products_attributes_weight, pa.products_attributes_weight_prefix,\n                                 pa.attributes_discounted, pa.attributes_price_base_included, pa.attributes_price_onetime,\n                                 pa.attributes_price_factor, pa.attributes_price_factor_offset,\n                                 pa.attributes_price_factor_onetime, pa.attributes_price_factor_onetime_offset,\n                                 pa.attributes_qty_prices, pa.attributes_qty_prices_onetime,\n                                 pa.attributes_price_words, pa.attributes_price_words_free,\n                                 pa.attributes_price_letters, pa.attributes_price_letters_free\n                                 from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n                                 where pa.products_id = '" . $this->products[$i]['id'] . "' and pa.options_id = '" . (int) $this->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . (int) $this->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $_SESSION['languages_id'] . "' and poval.language_id = '" . $_SESSION['languages_id'] . "'");
                 }
                 //clr 030714 update insert query.  changing to use values form $order->products for products_options_values.
                 $sql_data_array = array('orders_id' => $zf_insert_id, 'orders_products_id' => $order_products_id, 'products_options' => $attributes_values->fields['products_options_name'], 'products_options_values' => $this->products[$i]['attributes'][$j]['value'], 'options_values_price' => $attributes_values->fields['options_values_price'], 'price_prefix' => $attributes_values->fields['price_prefix'], 'product_attribute_is_free' => $attributes_values->fields['product_attribute_is_free'], 'products_attributes_weight' => $attributes_values->fields['products_attributes_weight'], 'products_attributes_weight_prefix' => $attributes_values->fields['products_attributes_weight_prefix'], 'attributes_discounted' => $attributes_values->fields['attributes_discounted'], 'attributes_price_base_included' => $attributes_values->fields['attributes_price_base_included'], 'attributes_price_onetime' => $attributes_values->fields['attributes_price_onetime'], 'attributes_price_factor' => $attributes_values->fields['attributes_price_factor'], 'attributes_price_factor_offset' => $attributes_values->fields['attributes_price_factor_offset'], 'attributes_price_factor_onetime' => $attributes_values->fields['attributes_price_factor_onetime'], 'attributes_price_factor_onetime_offset' => $attributes_values->fields['attributes_price_factor_onetime_offset'], 'attributes_qty_prices' => $attributes_values->fields['attributes_qty_prices'], 'attributes_qty_prices_onetime' => $attributes_values->fields['attributes_qty_prices_onetime'], 'attributes_price_words' => $attributes_values->fields['attributes_price_words'], 'attributes_price_words_free' => $attributes_values->fields['attributes_price_words_free'], 'attributes_price_letters' => $attributes_values->fields['attributes_price_letters'], 'attributes_price_letters_free' => $attributes_values->fields['attributes_price_letters_free'], 'products_options_id' => (int) $this->products[$i]['attributes'][$j]['option_id'], 'products_options_values_id' => (int) $this->products[$i]['attributes'][$j]['value_id'], 'products_prid' => $this->products[$i]['id']);
                 zen_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array);
                 $opa_insert_id = $db->insert_ID();
                 $this->notify('NOTIFY_ORDER_DURING_CREATE_ADDED_ATTRIBUTE_LINE_ITEM', array_merge(array('orders_products_attributes_id' => $opa_insert_id), $sql_data_array), $opa_insert_id);
                 if (DOWNLOAD_ENABLED == 'true' && isset($attributes_values->fields['products_attributes_filename']) && zen_not_null($attributes_values->fields['products_attributes_filename'])) {
                     $sql_data_array = array('orders_id' => $zf_insert_id, 'orders_products_id' => $order_products_id, 'orders_products_filename' => $attributes_values->fields['products_attributes_filename'], 'download_maxdays' => $attributes_values->fields['products_attributes_maxdays'], 'download_count' => $attributes_values->fields['products_attributes_maxcount'], 'products_prid' => $this->products[$i]['id']);
                     zen_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array);
                     $opd_insert_id = $db->insert_ID();
                     $this->notify('NOTIFY_ORDER_DURING_CREATE_ADDED_ATTRIBUTE_DOWNLOAD_LINE_ITEM', $sql_data_array, $opd_insert_id);
                 }
                 $this->products_ordered_attributes .= "\n\t" . $attributes_values->fields['products_options_name'] . ' ' . zen_decode_specialchars($this->products[$i]['attributes'][$j]['value']);
             }
         }
         //------eof: insert customer-chosen options ----
         $this->notify('NOTIFY_ORDER_PROCESSING_ATTRIBUTES_EXIST', $attributes_exist);
         $this->notify('NOTIFY_ORDER_DURING_CREATE_ADD_PRODUCTS', $i, $custom_insertable_text);
         /* START: ADD MY CUSTOM DETAILS
          * 1. calculate/prepare custom information to be added to this product entry in order-confirmation, perhaps as a function call to custom code to build a serial number etc:
          *   Possible parameters to pass to custom functions at this point:
          *     Product ID ordered (for this line item): $this->products[$i]['id']
          *     Quantity ordered (of this line-item): $this->products[$i]['qty']
          *     Order number: $zf_insert_id
          *     Attribute Option Name ID: (int)$this->products[$i]['attributes'][$j]['option_id']
          *     Attribute Option Value ID: (int)$this->products[$i]['attributes'][$j]['value_id']
          *     Attribute Filename: $attributes_values->fields['products_attributes_filename']
          *
          * 2. Add that data to the $this->products_ordered_attributes variable, using this sort of format:
          *      $this->products_ordered_attributes .=  {INSERT CUSTOM INFORMATION HERE};
          */
         $this->products_ordered_attributes .= $custom_insertable_text;
         /* END: ADD MY CUSTOM DETAILS */
         // update totals counters
         $this->total_weight += $this->products[$i]['qty'] * $this->products[$i]['weight'];
         $this->total_tax += zen_calculate_tax($this->products[$i]['final_price'] * $this->products[$i]['qty'], $this->products[$i]['tax']);
         $this->total_cost += $this->products[$i]['final_price'] + $this->products[$i]['onetime_charges'];
         $this->notify('NOTIFY_ORDER_PROCESSING_ONE_TIME_CHARGES_BEGIN', $i);
         // build output for email notification
         $this->products_ordered .= $this->products[$i]['qty'] . ' x ' . $this->products[$i]['name'] . ($this->products[$i]['model'] != '' ? ' (' . $this->products[$i]['model'] . ') ' : '') . ' = ' . $currencies->display_price($this->products[$i]['final_price'], $this->products[$i]['tax'], $this->products[$i]['qty']) . ($this->products[$i]['onetime_charges'] != 0 ? "\n" . TEXT_ONETIME_CHARGES_EMAIL . $currencies->display_price($this->products[$i]['onetime_charges'], $this->products[$i]['tax'], 1) : '') . $this->products_ordered_attributes . "\n";
         $this->products_ordered_html .= '<tr>' . "\n" . '<td class="product-details" align="right" valign="top" width="30">' . $this->products[$i]['qty'] . '&nbsp;x</td>' . "\n" . '<td class="product-details" valign="top">' . nl2br($this->products[$i]['name']) . ($this->products[$i]['model'] != '' ? ' (' . nl2br($this->products[$i]['model']) . ') ' : '') . "\n" . '<nobr>' . '<small><em> ' . nl2br($this->products_ordered_attributes) . '</em></small>' . '</nobr>' . '</td>' . "\n" . '<td class="product-details-num" valign="top" align="right">' . $currencies->display_price($this->products[$i]['final_price'], $this->products[$i]['tax'], $this->products[$i]['qty']) . ($this->products[$i]['onetime_charges'] != 0 ? '</td></tr>' . "\n" . '<tr><td class="product-details">' . nl2br(TEXT_ONETIME_CHARGES_EMAIL) . '</td>' . "\n" . '<td>' . $currencies->display_price($this->products[$i]['onetime_charges'], $this->products[$i]['tax'], 1) : '') . '</td></tr>' . "\n";
     }
     $order_total_modules->apply_credit();
     //ICW ADDED FOR CREDIT CLASS SYSTEM
     $this->notify('NOTIFY_ORDER_AFTER_ORDER_CREATE_ADD_PRODUCTS');
 }
 /**
  * Used to void a given previously-authorized transaction.  FOR FUTURE USE.
  */
 function _doVoid($oID, $note = '')
 {
     global $db, $doPayPal, $messageStack;
     $new_order_status = MODULE_PAYMENT_PAYPALWPP_REFUNDED_STATUS_ID;
     $doPayPal = $this->paypal_init();
     $voidNote = strip_tags(zen_db_input($_POST['voidnote']));
     $voidAuthID = trim(strip_tags(zen_db_input($_POST['voidauthid'])));
     if (isset($_POST['ordervoid']) && $_POST['ordervoid'] == MODULE_PAYMENT_PAYPAL_ENTRY_VOID_BUTTON_TEXT_FULL) {
         if (isset($_POST['voidconfirm']) && $_POST['voidconfirm'] == 'on') {
             $proceedToVoid = true;
         } else {
             $messageStack->add_session(MODULE_PAYMENT_PAYPALWPP_TEXT_VOID_CONFIRM_ERROR, 'error');
         }
     }
     // look up history on this order from PayPal table
     $sql = "select * from " . TABLE_PAYPAL . " where order_id = :orderID  AND parent_txn_id = '' ";
     $sql = $db->bindVars($sql, ':orderID', $oID, 'integer');
     $sql = $db->bindVars($sql, ':transID', $voidAuthID, 'string');
     $zc_ppHist = $db->Execute($sql);
     if ($zc_ppHist->RecordCount() == 0) {
         return false;
     }
     $txnID = $zc_ppHist->fields['txn_id'];
     /**
      * Submit void request to PayPal
      */
     if ($proceedToVoid) {
         $response = $doPayPal->DoVoid($voidAuthID, $voidNote);
         $error = $this->_errorHandler($response, 'DoVoid');
         if (!$error) {
             // Success, so save the results
             $sql_data_array = array('orders_id' => (int) $oID, 'orders_status_id' => (int) $new_order_status, 'date_added' => 'now()', 'comments' => 'VOIDED. Trans ID: ' . urldecode($response['AUTHORIZATIONID']) . $response['PNREF'] . (isset($response['PPREF']) ? "\nPPRef: " . $response['PPREF'] : '') . "\n" . $voidNote, 'customer_notified' => 0);
             zen_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);
             $db->Execute("update " . TABLE_ORDERS . "\r\n                      set orders_status = '" . (int) $new_order_status . "'\r\n                      where orders_id = '" . (int) $oID . "'");
             $messageStack->add_session(sprintf(MODULE_PAYMENT_PAYPALWPP_TEXT_VOID_INITIATED, urldecode($response['AUTHORIZATIONID']) . $response['PNREF']), 'success');
             return true;
         }
     }
 }
Exemple #27
0
&nbsp;</td>
              </tr>
<?php 
        }
    } else {
        echo ERROR_MODULE_FILE_NOT_FOUND . DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/' . $module_type . '/' . $file . '<br />';
    }
}
ksort($installed_modules);
$check = $db->Execute("select configuration_value\r\n                         from " . TABLE_CONFIGURATION . "\r\n                         where configuration_key = '" . zen_db_input($module_key) . "'");
if ($check->RecordCount() > 0) {
    if ($check->fields['configuration_value'] != implode(';', $installed_modules)) {
        $db->Execute("update " . TABLE_CONFIGURATION . "\r\n                    set configuration_value = '" . zen_db_input(implode(';', $installed_modules)) . "', last_modified = now()\r\n                    where configuration_key = '" . zen_db_input($module_key) . "'");
    }
} else {
    $db->Execute("insert into " . TABLE_CONFIGURATION . "\r\n                (configuration_title, configuration_key, configuration_value,\r\n                 configuration_description, configuration_group_id, sort_order, date_added)\r\n                 values ('Installed Modules', '" . zen_db_input($module_key) . "', '" . zen_db_input(implode(';', $installed_modules)) . "',\r\n                         'This is automatically updated. No need to edit.', '6', '0', now())");
}
if (isset($zc_valid) && $zc_valid == false) {
    echo '<span class="alert">' . WARNING_MODULES_SORT_ORDER . '</span>';
}
?>
              <tr>
                <td colspan="3" class="smallText"><?php 
echo TEXT_MODULE_DIRECTORY . ' ' . $module_directory;
?>
</td>
              </tr>
            </table></td>
<?php 
$heading = array();
$contents = array();
Exemple #28
0
          <tr>
            <td class="smallText" align="center"><strong><?php 
    echo TABLE_HEADING_DATE_ADDED;
    ?>
</strong></td>
            <td class="smallText" align="center"><strong><?php 
    echo TABLE_HEADING_STATUS;
    ?>
</strong></td>
            <td class="smallText" align="center"><strong><?php 
    echo TABLE_HEADING_COMMENTS;
    ?>
</strong></td>
          </tr>
<?php 
    $orders_history = $db->Execute("select orders_status_id, date_added, customer_notified, comments\n                                    from " . TABLE_ORDERS_STATUS_HISTORY . "\n                                    where orders_id = '" . zen_db_input($oID) . "' and customer_notified >= 0\n                                    order by date_added");
    if ($orders_history->RecordCount() > 0) {
        $count_comments = 0;
        while (!$orders_history->EOF) {
            $count_comments++;
            echo '          <tr>' . "\n" . '            <td class="smallText" align="center" valign="top">' . zen_datetime_short($orders_history->fields['date_added']) . '</td>' . "\n";
            echo '            <td class="smallText" valign="top">' . $orders_status_array[$orders_history->fields['orders_status_id']] . '</td>' . "\n";
            echo '            <td class="smallText" valign="top">' . ($orders_history->fields['comments'] == '' ? TEXT_NONE : nl2br(zen_db_output($orders_history->fields['comments']))) . '&nbsp;</td>' . "\n" . '          </tr>' . "\n";
            $orders_history->MoveNext();
            if (ORDER_COMMENTS_INVOICE == 1 && $count_comments >= 1) {
                break;
            }
        }
    } else {
        echo '          <tr>' . "\n" . '            <td class="smallText" colspan="5">' . TEXT_NO_ORDER_HISTORY . '</td>' . "\n" . '          </tr>' . "\n";
    }
         }
     }
 }
 if ($_POST['quick_updates_new']['products_sort_order']) {
     foreach ($_POST['quick_updates_new']['products_sort_order'] as $products_id => $new_value) {
         if (trim($_POST['quick_updates_new']['products_sort_order'][$products_id]) != trim($_POST['quick_updates_old']['products_sort_order'][$products_id])) {
             $quick_updates_count['products_sort_order'][$products_id] = $products_id;
             $db->Execute("UPDATE " . TABLE_PRODUCTS . " SET products_sort_order='" . zen_db_input($new_value) . "', products_last_modified=now() WHERE products_id=" . (int) $products_id);
         }
     }
 }
 if ($_POST['quick_updates_new']['products_image']) {
     foreach ($_POST['quick_updates_new']['products_image'] as $products_id => $new_value) {
         if (trim($_POST['quick_updates_new']['products_image'][$products_id]) != trim($_POST['quick_updates_old']['products_image'][$products_id])) {
             $quick_updates_count['products_image'][$products_id] = $products_id;
             $db->Execute("UPDATE " . TABLE_PRODUCTS . " SET products_image='" . zen_db_input($new_value) . "', products_last_modified=now() WHERE products_id=" . (int) $products_id);
         }
     }
 }
 if ($_POST['quick_updates_old']['products_status']) {
     foreach ($_POST['quick_updates_old']['products_status'] as $products_id => $status) {
         if (!isset($_POST['quick_updates_new']['products_status'][$products_id])) {
             $_POST['quick_updates_new']['products_status'][$products_id] = '0';
         }
         if ($_POST['quick_updates_new']['products_status'][$products_id] != $_POST['quick_updates_old']['products_status'][$products_id]) {
             $quick_updates_count['products_status'][$products_id] = $products_id;
             zen_set_product_status((int) $products_id, (int) $_POST['quick_updates_new']['products_status'][$products_id]);
         }
     }
 }
 if ($_POST['quick_updates_new']['products_tax_class_id']) {
Exemple #30
-1
function get_audience_sql_query($selected_entry, $query_category = 'email')
{
    // This is used to take the query_name selected in the drop-down menu or singular customer email address and
    // generate the SQL Select query to be used to build the list of email addresses to be sent to
    // it only returns a query name and query string (SQL SELECT statement)
    // the query string is then used in a $db->Execute() command for later parsing and emailing.
    global $db;
    $query_name = '';
    $queries_list = $db->Execute("select query_name, query_string from " . TABLE_QUERY_BUILDER . " " . "where query_category like '%" . $query_category . "%'");
    //                 "where query_category = '" . $query_category . "'");
    while (!$queries_list->EOF) {
        if ($selected_entry == $queries_list->fields['query_name']) {
            $query_name = $queries_list->fields['query_name'];
            $query_string = parsed_query_string($queries_list->fields['query_string']);
            //echo 'GET_AUD_EM_ADDR_QRY:<br />query_name='.$query_name.'<br />query_string='.$query_string;
        }
        $queries_list->MoveNext();
    }
    //if no match found against queries listed in database, then $selected_entry must be an email address
    if ($query_name == '' && $query_category == 'email') {
        $cust_email_address = zen_db_prepare_input($selected_entry);
        $query_name = $cust_email_address;
        $query_string = "select customers_firstname, customers_lastname, customers_email_address\n                              from " . TABLE_CUSTOMERS . "\n                              where customers_email_address = '" . zen_db_input($cust_email_address) . "'";
    }
    //send back a 1-row array containing the query_name and the SQL query_string
    return array('query_name' => $query_name, 'query_string' => $query_string);
}