function send($newsletter_id)
{
global $db;
$audience_select = get_audience_sql_query($this->query_name, 'newsletters');
$audience = $db->Execute($audience_select['query_string']);
$records = $audience->RecordCount();
if ($records == 0) {
return 0;
}
$i = 0;
while (!$audience->EOF) {
$i++;
$html_msg['EMAIL_FIRST_NAME'] = $audience->fields['customers_firstname'];
$html_msg['EMAIL_LAST_NAME'] = $audience->fields['customers_lastname'];
$html_msg['EMAIL_GREET'] = EMAIL_GREET;
$html_msg['EMAIL_MESSAGE_HTML'] = $this->content_html;
zen_mail($audience->fields['customers_firstname'] . ' ' . $audience->fields['customers_lastname'], $audience->fields['customers_email_address'], $this->title, $this->content, STORE_NAME, EMAIL_FROM, $html_msg, 'newsletters');
echo zen_image(DIR_WS_ICONS . 'tick.gif', $audience->fields['customers_email_address']);
//force output to the screen to show status indicator each time a message is sent...
if (function_exists('ob_flush')) {
@ob_flush();
}
@flush();
$audience->MoveNext();
}
$newsletter_id = zen_db_prepare_input($newsletter_id);
$db->Execute("update " . TABLE_NEWSLETTERS . "\r\n set date_sent = now(), status = '1'\r\n where newsletters_id = '" . zen_db_input($newsletter_id) . "'");
return $records;
//return number of records processed whether successful or not
}
/**
* @package ZenCart_Functions
*/
function zen_update_whos_online()
{
global $db;
if ($_SESSION['customer_id']) {
$wo_customer_id = $_SESSION['customer_id'];
$customer_query = "select customers_firstname, customers_lastname\r\n from " . TABLE_CUSTOMERS . "\r\n where customers_id = '" . (int) $_SESSION['customer_id'] . "'";
$customer = $db->Execute($customer_query);
$wo_full_name = $customer->fields['customers_firstname'] . ' ' . $customer->fields['customers_lastname'];
} else {
$wo_customer_id = '';
$wo_full_name = 'Guest';
}
$wo_session_id = zen_session_id();
$wo_ip_address = $_SERVER['REMOTE_ADDR'];
$wo_last_page_url = $_SERVER['REQUEST_URI'];
$wo_user_agent = zen_db_prepare_input($_SERVER['HTTP_USER_AGENT']);
$current_time = time();
$xx_mins_ago = $current_time - 900;
// remove entries that have expired
$sql = "delete from " . TABLE_WHOS_ONLINE . "\r\n where time_last_click < '" . $xx_mins_ago . "'";
$db->Execute($sql);
$stored_customer_query = "select count(*) as count\r\n from " . TABLE_WHOS_ONLINE . "\r\n where session_id = '" . zen_db_input($wo_session_id) . "'";
$stored_customer = $db->Execute($stored_customer_query);
if ($stored_customer->fields['count'] > 0) {
$sql = "update " . TABLE_WHOS_ONLINE . "\r\n set customer_id = '" . (int) $wo_customer_id . "',\r\n full_name = '" . zen_db_input($wo_full_name) . "',\r\n ip_address = '" . zen_db_input($wo_ip_address) . "',\r\n time_last_click = '" . zen_db_input($current_time) . "',\r\n last_page_url = '" . zen_db_input($wo_last_page_url) . "',\r\n host_address = '" . zen_db_input($_SESSION['customers_host_address']) . "',\r\n user_agent = '" . zen_db_input($wo_user_agent) . "'\r\n where session_id = '" . zen_db_input($wo_session_id) . "'";
$db->Execute($sql);
} else {
$sql = "insert into " . TABLE_WHOS_ONLINE . "\r\n (customer_id, full_name, session_id, ip_address, time_entry,\r\n time_last_click, last_page_url, host_address, user_agent)\r\n values ('" . (int) $wo_customer_id . "', '" . zen_db_input($wo_full_name) . "', '" . zen_db_input($wo_session_id) . "', '" . zen_db_input($wo_ip_address) . "', '" . zen_db_input($current_time) . "', '" . zen_db_input($current_time) . "', '" . zen_db_input($wo_last_page_url) . "', '" . zen_db_input($_SESSION['customers_host_address']) . "', '" . zen_db_input($wo_user_agent) . "')";
$db->Execute($sql);
}
}
public function authentication()
{
if (!isset($_POST['admin_name']) || empty($_POST['admin_name']) || !isset($_POST['admin_pass']) || empty($_POST['admin_pass'])) {
$this->authenticed = false;
$this->addError('"name" and "password" invalid.');
} else {
$admin_name = zen_db_prepare_input($_POST['admin_name']);
$admin_pass = zen_db_prepare_input($_POST['admin_pass']);
$sql = "select admin_id, admin_name, admin_pass from " . TABLE_ADMIN . " where admin_name = '" . zen_db_input($admin_name) . "'";
$result = $this->db->Execute($sql);
if (isset($result->fields) && $admin_name == $result->fields['admin_name'] && zen_validate_password($admin_pass, $result->fields['admin_pass'])) {
$this->authenticed = true;
} else {
if (!isset($result->fields) || !($admin_name == $result->fields['admin_name'])) {
$this->authenticed = false;
$this->addError('"name" invalid.');
}
if (!isset($result->fields) || !zen_validate_password($admin_pass, $result->fields['admin_pass'])) {
$this->authenticed = false;
$this->addError('"password" invalid.');
}
}
}
return $this->authenticed;
}
/**
* @package ZenCart_Functions
*/
function zen_update_whos_online()
{
global $gBitDb;
if (!empty($_SESSION['customer_id'])) {
$wo_customer_id = $_SESSION['customer_id'];
$customer_query = "select `customers_firstname`, `customers_lastname`\n from " . TABLE_CUSTOMERS . "\n where `customers_id` = '" . (int) $_SESSION['customer_id'] . "'";
$customer = $gBitDb->Execute($customer_query);
$wo_full_name = $customer->fields['customers_firstname'] . ' ' . $customer->fields['customers_lastname'];
} else {
$wo_customer_id = '';
$wo_full_name = 'Guest';
}
$wo_session_id = zen_session_id();
$wo_ip_address = $_SERVER['REMOTE_ADDR'];
$wo_last_page_url = $_SERVER['REQUEST_URI'];
$wo_user_agent = !empty($_SERVER['HTTP_USER_AGENT']) ? zen_db_prepare_input($_SERVER['HTTP_USER_AGENT']) : '-';
$current_time = time();
$xx_mins_ago = $current_time - 900;
// remove entries that have expired
$sql = "delete from " . TABLE_WHOS_ONLINE . "\n where `time_last_click` < '" . $xx_mins_ago . "'";
$gBitDb->Execute($sql);
$stored_customer_query = 'select count(*) as "count"
from ' . TABLE_WHOS_ONLINE . "\n where `session_id` = '" . zen_db_input($wo_session_id) . "'";
$stored_customer = $gBitDb->Execute($stored_customer_query);
if (empty($wo_customer_id)) {
$wo_customer_id = NULL;
}
if ($stored_customer->fields['count'] > 0) {
$sql = "update " . TABLE_WHOS_ONLINE . "\n set `customer_id` = ?, `full_name` = ?, `ip_address` = ?, `time_last_click` = ?, `last_page_url` = ?, `host_address` = ?, `user_agent` = ?\n where `session_id` = ?";
$gBitDb->query($sql, array($wo_customer_id, $wo_full_name, $wo_ip_address, $current_time, substr($wo_last_page_url, 0, 255), $_SESSION['customers_host_address'], substr($wo_user_agent, 0, 255), $wo_session_id));
} else {
$sql = "insert into " . TABLE_WHOS_ONLINE . "\n (`customer_id`, `full_name`, `session_id`, `ip_address`, `time_entry`,\n `time_last_click`, `last_page_url`, `host_address`, `user_agent`)\n values ( ?, ?, ?, ?, ?, ?, ?, ?, ? )";
$gBitDb->query($sql, array($wo_customer_id, $wo_full_name, $wo_session_id, $wo_ip_address, $current_time, $current_time, $wo_last_page_url, $_SESSION['customers_host_address'], $wo_user_agent));
}
}
function _sess_destroy($key)
{
global $db;
$sql = "delete from " . TABLE_SESSIONS . " where sesskey = '" . zen_db_input($key) . "'";
$db->Execute($sql);
return TRUE;
}
function splitPageResults($query, $max_rows, $count_key = '*', $page_holder = 'page', $debug = false)
{
global $db;
$max_rows = $max_rows == '' || $max_rows == 0 ? 20 : $max_rows;
$this->sql_query = preg_replace("/\n\r|\r\n|\n|\r/", " ", $query);
$this->page_name = $page_holder;
if ($debug) {
echo 'original_query=' . $query . '<br /><br />';
}
if (isset($_GET[$page_holder])) {
$page = $_GET[$page_holder];
} elseif (isset($_POST[$page_holder])) {
$page = $_POST[$page_holder];
} else {
$page = '';
}
if (empty($page) || !is_numeric($page)) {
$page = 1;
}
$this->current_page_number = $page;
$this->number_of_rows_per_page = $max_rows;
$pos_to = strlen($this->sql_query);
$query_lower = strtolower($this->sql_query);
$pos_from = strpos($query_lower, ' from', 0);
$pos_group_by = strpos($query_lower, ' group by', $pos_from);
if ($pos_group_by < $pos_to && $pos_group_by != false) {
$pos_to = $pos_group_by;
}
$pos_having = strpos($query_lower, ' having', $pos_from);
if ($pos_having < $pos_to && $pos_having != false) {
$pos_to = $pos_having;
}
$pos_order_by = strpos($query_lower, ' order by', $pos_from);
if ($pos_order_by < $pos_to && $pos_order_by != false) {
$pos_to = $pos_order_by;
}
if (strpos($query_lower, 'distinct') || strpos($query_lower, 'group by')) {
$count_string = 'distinct ' . zen_db_input($count_key);
} else {
$count_string = zen_db_input($count_key);
}
$count_query = "select count(" . $count_string . ") as total " . substr($this->sql_query, $pos_from, $pos_to - $pos_from);
if ($debug) {
echo 'count_query=' . $count_query . '<br /><br />';
}
$count = $db->Execute($count_query);
$this->number_of_rows = $count->fields['total'];
$this->number_of_pages = ceil($this->number_of_rows / $this->number_of_rows_per_page);
if ($this->current_page_number > $this->number_of_pages) {
$this->current_page_number = $this->number_of_pages;
}
$offset = $this->number_of_rows_per_page * ($this->current_page_number - 1);
// fix offset error on some versions
if ($offset <= 0) {
$offset = 0;
}
$this->sql_query .= " limit " . ($offset > 0 ? $offset . ", " : '') . $this->number_of_rows_per_page;
}
function xsell_get_products_id($products_model)
{
$sql = "SELECT products_id FROM " . TABLE_PRODUCTS . " WHERE products_model='" . zen_db_input($products_model) . "'";
$result = mysql_query($sql);
if (mysql_num_rows($result) == 0) {
return null;
}
$row = mysql_fetch_array($result);
return $row["products_id"];
}
function zen_get_languages_id_by_code($code)
{
global $db;
$query = "\n select languages_id\n from " . TABLE_LANGUAGES . "\n where code like '" . zen_db_input($code) . "';";
$result = $db->Execute($query);
if ($result->RecordCount() > 0) {
return $result->fields['languages_id'];
}
return false;
}
function query($order_id)
{
global $db;
$order = $db->Execute("select cc_cvv, customers_name, customers_company, customers_street_address,\n customers_suburb, customers_city, customers_postcode, customers_id,\n customers_state, customers_country, customers_telephone,\n customers_email_address, customers_address_format_id, delivery_name,\n delivery_company, delivery_street_address, delivery_suburb,\n delivery_city, delivery_postcode, delivery_state, delivery_country,\n delivery_address_format_id, billing_name, billing_company,\n billing_street_address, billing_suburb, billing_city, billing_postcode,\n billing_state, billing_country, billing_address_format_id,\n coupon_code, payment_method, payment_module_code, shipping_method, shipping_module_code,\n cc_type, cc_owner, cc_number, cc_expires, currency,\n currency_value, date_purchased, orders_status, last_modified,\n order_total, order_tax, ip_address\n from " . TABLE_ORDERS . "\n where orders_id = '" . (int) $order_id . "'");
$totals = $db->Execute("select title, text, class, value\n from " . TABLE_ORDERS_TOTAL . "\n where orders_id = '" . (int) $order_id . "'\n order by sort_order");
while (!$totals->EOF) {
if ($totals->fields['class'] == 'ot_coupon') {
$coupon_link_query = "SELECT coupon_id\n from " . TABLE_COUPONS . "\n where coupon_code ='" . zen_db_input($order->fields['coupon_code']) . "'";
$coupon_link = $db->Execute($coupon_link_query);
$zc_coupon_link = '<a href="javascript:couponpopupWindow(\'' . zen_catalog_href_link(FILENAME_POPUP_COUPON_HELP, 'cID=' . $coupon_link->fields['coupon_id']) . '\')">';
}
$this->totals[] = array('title' => $totals->fields['class'] == 'ot_coupon' ? $zc_coupon_link . $totals->fields['title'] . '</a>' : $totals->fields['title'], 'text' => $totals->fields['text'], 'value' => $totals->fields['value'], 'class' => $totals->fields['class']);
$totals->MoveNext();
}
$this->info = array('currency' => $order->fields['currency'], 'currency_value' => $order->fields['currency_value'], 'payment_method' => $order->fields['payment_method'], 'payment_module_code' => $order->fields['payment_module_code'], 'shipping_method' => $order->fields['shipping_method'], 'shipping_module_code' => $order->fields['shipping_module_code'], 'coupon_code' => $order->fields['coupon_code'], 'cc_type' => $order->fields['cc_type'], 'cc_owner' => $order->fields['cc_owner'], 'cc_number' => $order->fields['cc_number'], 'cc_cvv' => $order->fields['cc_cvv'], 'cc_expires' => $order->fields['cc_expires'], 'date_purchased' => $order->fields['date_purchased'], 'orders_status' => $order->fields['orders_status'], 'total' => $order->fields['order_total'], 'tax' => $order->fields['order_tax'], 'last_modified' => $order->fields['last_modified'], 'ip_address' => $order->fields['ip_address']);
$this->customer = array('name' => $order->fields['customers_name'], 'id' => $order->fields['customers_id'], 'company' => $order->fields['customers_company'], 'street_address' => $order->fields['customers_street_address'], 'suburb' => $order->fields['customers_suburb'], 'city' => $order->fields['customers_city'], 'postcode' => $order->fields['customers_postcode'], 'state' => $order->fields['customers_state'], 'country' => $order->fields['customers_country'], 'format_id' => $order->fields['customers_address_format_id'], 'telephone' => $order->fields['customers_telephone'], 'email_address' => $order->fields['customers_email_address']);
$this->delivery = array('name' => $order->fields['delivery_name'], 'company' => $order->fields['delivery_company'], 'street_address' => $order->fields['delivery_street_address'], 'suburb' => $order->fields['delivery_suburb'], 'city' => $order->fields['delivery_city'], 'postcode' => $order->fields['delivery_postcode'], 'state' => $order->fields['delivery_state'], 'country' => $order->fields['delivery_country'], 'format_id' => $order->fields['delivery_address_format_id']);
$this->billing = array('name' => $order->fields['billing_name'], 'company' => $order->fields['billing_company'], 'street_address' => $order->fields['billing_street_address'], 'suburb' => $order->fields['billing_suburb'], 'city' => $order->fields['billing_city'], 'postcode' => $order->fields['billing_postcode'], 'state' => $order->fields['billing_state'], 'country' => $order->fields['billing_country'], 'format_id' => $order->fields['billing_address_format_id']);
$index = 0;
$orders_products = $db->Execute("select orders_products_id, products_id, products_name, products_model,\n products_price, products_tax, products_quantity,\n final_price, onetime_charges,\n product_is_free\n from " . TABLE_ORDERS_PRODUCTS . "\n where orders_id = '" . (int) $order_id . "'\n order by orders_products_id");
while (!$orders_products->EOF) {
// convert quantity to proper decimals - account history
if (QUANTITY_DECIMALS != 0) {
$fix_qty = $orders_products->fields['products_quantity'];
switch (true) {
case !strstr($fix_qty, '.'):
$new_qty = $fix_qty;
break;
default:
$new_qty = preg_replace('/[0]+$/', '', $orders_products->fields['products_quantity']);
break;
}
} else {
$new_qty = $orders_products->fields['products_quantity'];
}
$new_qty = round($new_qty, QUANTITY_DECIMALS);
if ($new_qty == (int) $new_qty) {
$new_qty = (int) $new_qty;
}
$this->products[$index] = array('qty' => $new_qty, 'id' => $orders_products->fields['products_id'], 'name' => $orders_products->fields['products_name'], 'model' => $orders_products->fields['products_model'], 'tax' => $orders_products->fields['products_tax'], 'price' => $orders_products->fields['products_price'], 'onetime_charges' => $orders_products->fields['onetime_charges'], 'final_price' => $orders_products->fields['final_price'], 'product_is_free' => $orders_products->fields['product_is_free']);
$subindex = 0;
// START "Stock by Attributes" added to array products_options_values_id and 'value_id' => $attributes->fields['products_options_values_id'],
$attributes = $db->Execute("select products_options, products_options_values, options_values_price,\n price_prefix, products_options_values_id,\n product_attribute_is_free\n from " . TABLE_ORDERS_PRODUCTS_ATTRIBUTES . "\n where orders_id = '" . (int) $order_id . "'\n and orders_products_id = '" . (int) $orders_products->fields['orders_products_id'] . "'");
if ($attributes->RecordCount() > 0) {
while (!$attributes->EOF) {
$this->products[$index]['attributes'][$subindex] = array('option' => $attributes->fields['products_options'], 'value' => $attributes->fields['products_options_values'], 'value_id' => $attributes->fields['products_options_values_id'], 'prefix' => $attributes->fields['price_prefix'], 'price' => $attributes->fields['options_values_price'], 'product_attribute_is_free' => $attributes->fields['product_attribute_is_free']);
// END "Stock by Attributes"
$subindex++;
$attributes->MoveNext();
}
}
$index++;
$orders_products->MoveNext();
}
}
function manufacturerExists($pManufacturersId)
{
global $gBitDb;
$ret = NULL;
if (is_numeric($pManufacturersId)) {
$sql = "SELECT COUNT(*) as `total`\n\t\t\t\t\tFROM " . TABLE_MANUFACTURERS . "\n\t\t\t\t\tWHERE `manufacturers_id` = '" . zen_db_input($pManufacturersId) . "'";
$rs = $gBitDb->Execute($sql);
$ret = !empty($rs['fields']['total']);
}
return $ret;
}
function zen_set_ezpage_status($pages_id, $status, $status_field)
{
global $db;
if ($status == '1') {
return $db->Execute("update " . TABLE_EZPAGES . " set " . zen_db_input($status_field) . " = '0' where pages_id = '" . (int) $pages_id . "'");
} elseif ($status == '0') {
return $db->Execute("update " . TABLE_EZPAGES . " set " . zen_db_input($status_field) . " = '1' where pages_id = '" . (int) $pages_id . "'");
} else {
return -1;
}
}
function zen_visitors_update_visitors_data($customers_id, $customers_email_address)
{
global $db;
$customers_id = zen_db_prepare_input($customers_id);
$customers_email_address = zen_db_prepare_input($customers_email_address);
$check_email = $db->Execute("select customers_email_address\r\n from " . TABLE_CUSTOMERS . "\r\n where customers_email_address = '" . zen_db_input($customers_email_address) . "'\r\n and customers_id != '" . (int) $customers_id . "'");
if (!$check_email->RecordCount()) {
$sql_data_array = array('visitors_email_address' => $customers_email_address, 'visitors_info_date_account_last_modified' => 'now()');
zen_db_perform(TABLE_VISITORS, $sql_data_array, 'update', "visitors_id = '" . (int) $customers_id . "'");
}
}
function zen_get_languages_directory($code)
{
global $db;
$language = $db->Execute("select languages_id, directory \n from " . TABLE_LANGUAGES . " \n where code = '" . zen_db_input($code) . "'");
if ($language->RecordCount() > 0) {
$_SESSION['languages_id'] = $language->fields['languages_id'];
return $language->fields['directory'];
} else {
return false;
}
}
function splitPageResults($query, $max_rows, $count_key = '*', $page_holder = 'page', $debug = false)
{
global $gBitDb;
$this->sql_query = $query;
$this->page_name = $page_holder;
//lower case query to search for string positions
$searchQuery = strtolower($query);
if (isset($_GET[$page_holder])) {
$page = $_GET[$page_holder];
} elseif (isset($_POST[$page_holder])) {
$page = $_POST[$page_holder];
} else {
$page = '';
}
if (empty($page) || !is_numeric($page)) {
$page = 1;
}
$this->current_page_number = $page;
$this->number_of_rows_per_page = $max_rows;
$pos_to = strlen($this->sql_query);
$pos_from = strpos($searchQuery, ' from', 0);
$pos_group_by = strpos($searchQuery, ' group by', $pos_from);
if ($pos_group_by < $pos_to && $pos_group_by != false) {
$pos_to = $pos_group_by;
}
$pos_having = strpos($searchQuery, ' having', $pos_from);
if ($pos_having < $pos_to && $pos_having != false) {
$pos_to = $pos_having;
}
$pos_order_by = strpos($searchQuery, ' order by', $pos_from);
if ($pos_order_by < $pos_to && $pos_order_by != false) {
$pos_to = $pos_order_by;
}
if (strpos($searchQuery, 'distinct') || strpos($searchQuery, 'group by')) {
$count_string = 'distinct ' . zen_db_input($count_key);
} else {
$count_string = zen_db_input($count_key);
}
$count_query = "select count(" . $count_string . ") as `total` " . substr($searchQuery, $pos_from, $pos_to - $pos_from);
$count = $gBitDb->Execute($count_query);
$this->number_of_rows = $count->fields['total'];
$this->number_of_pages = ceil($this->number_of_rows / $this->number_of_rows_per_page);
if ($this->current_page_number > $this->number_of_pages) {
$this->current_page_number = $this->number_of_pages;
}
$offset = $this->number_of_rows_per_page * ($this->current_page_number - 1);
// fix offset error on some versions
if ($offset < 0) {
$offset = 0;
}
$this->offset = $offset;
}
function _install()
{
global $db;
// トップメニューの構築
// 存在しない場合に自動で作成
$sql = "create table if not exists " . TABLE_EASY_ADMIN_TOP_MENUS . " " . "(easy_admin_top_menu_id int(11) auto_increment" . ",easy_admin_top_menu_name varchar(255)" . ",is_dropdown int(1)" . ",easy_admin_top_menu_sort_order int(11)" . ",primary key (easy_admin_top_menu_id))";
$db->execute($sql);
$sql = "delete from " . TABLE_EASY_ADMIN_TOP_MENUS;
$db->execute($sql);
$topmenu = 1;
for (;;) {
$key = 'MODULE_EASY_ADMIN_TOP_DEFAULT_MENU_' . $topmenu;
if (defined($key)) {
$menu = explode(",", constant($key));
$sql = "insert into " . TABLE_EASY_ADMIN_TOP_MENUS . " " . "(easy_admin_top_menu_id,easy_admin_top_menu_name,is_dropdown,easy_admin_top_menu_sort_order)" . "values (" . $topmenu . "," . "'" . zen_db_input($menu[0]) . "'," . (int) $menu[1] . "," . (int) topmenu . ")";
$db->execute($sql);
$topmenu++;
} else {
break;
}
}
// サブメニューの構築
// 存在しない場合に自動で作成
$sql = "create table if not exists " . TABLE_EASY_ADMIN_SUB_MENUS . " " . "(easy_admin_sub_menu_id int(11) auto_increment" . ",easy_admin_top_menu_id int(11)" . ",easy_admin_sub_menu_name varchar(255)" . ",easy_admin_sub_menu_url varchar(255)" . ",easy_admin_sub_menu_sort_order int(11)" . ",primary key (easy_admin_sub_menu_id))";
$db->execute($sql);
$sql = "delete from " . TABLE_EASY_ADMIN_SUB_MENUS;
$db->execute($sql);
$topmenu = 1;
for (;;) {
if (!defined('MODULE_EASY_ADMIN_TOP_DEFAULT_MENU_' . $topmenu)) {
break;
}
$key = 'MODULE_EASY_ADMIN_SUB_DEFAULT_MENU_' . $topmenu;
if (defined($key . "_1")) {
$submenu = 1;
for (;;) {
$subkey = $key . "_" . $submenu;
if (defined($subkey)) {
$menu = explode(",", constant($subkey));
$sql = "insert into " . TABLE_EASY_ADMIN_SUB_MENUS . " " . "(easy_admin_top_menu_id,easy_admin_sub_menu_name,easy_admin_sub_menu_url,easy_admin_sub_menu_sort_order)" . "values (" . $topmenu . "," . "'" . zen_db_input($menu[0]) . "'," . "'" . zen_db_input($menu[1]) . "'," . $submenu . ")";
$db->execute($sql);
$submenu++;
} else {
break;
}
}
}
$topmenu++;
}
$sql = "create table if not exists " . TABLE_ADMIN_ACL . " " . "(acl_id int(11) auto_increment," . "admin_id int(11)," . "easy_admin_top_menu_id int(11)," . "easy_admin_sub_menu_id int(11)," . "primary key (acl_id)" . ")";
$db->execute($sql);
}
function zen_set_ezpage_status($pages_id, $status, $status_field)
{
global $db;
if ($status == '1') {
zen_record_admin_activity('EZ-Page ID ' . (int) $pages_id . ' [' . $status_field . '] changed to 0', 'info');
return $db->Execute("update " . TABLE_EZPAGES . " set " . zen_db_input($status_field) . " = '0' where pages_id = '" . (int) $pages_id . "'");
} elseif ($status == '0') {
zen_record_admin_activity('EZ-Page ID ' . (int) $pages_id . ' [' . $status_field . '] changed to 1', 'info');
return $db->Execute("update " . TABLE_EZPAGES . " set " . zen_db_input($status_field) . " = '1' where pages_id = '" . (int) $pages_id . "'");
} else {
return -1;
}
}
function zen_remove_link_category($link_category_id)
{
global $db;
$link_category_image = $db->Execute("select link_categories_image from " . TABLE_LINK_CATEGORIES . " where link_categories_id = '" . (int) $link_category_id . "'");
$duplicate_image = $db->Execute("select count(*) as total from " . TABLE_LINK_CATEGORIES . " where link_categories_image = '" . zen_db_input($link_category_image->fields['link_categories_image']) . "'");
if ($duplicate_image->fields['total'] < 2) {
if (file_exists(DIR_FS_CATALOG_IMAGES . $link_category_image->fields['link_categories_image'])) {
@unlink(DIR_FS_CATALOG_IMAGES . $link_category_image->fields['link_categories_image']);
}
}
$db->Execute("delete from " . TABLE_LINK_CATEGORIES . " where link_categories_id = '" . (int) $link_category_id . "'");
$db->Execute("delete from " . TABLE_LINK_CATEGORIES_DESCRIPTION . " where link_categories_id = '" . (int) $link_category_id . "'");
$db->Execute("delete from " . TABLE_LINKS_TO_LINK_CATEGORIES . " where link_categories_id = '" . (int) $link_category_id . "'");
}
public function recordFirstStep($orderId, $paramsSAR, $responseSAR)
{
global $db;
$datetime = new DateTime('NOW');
if ($this->_getStep($orderId) == self::FIRST_STEP) {
$requestKey = $responseSAR['RequestKey'];
$publicRequestKey = $responseSAR['PublicRequestKey'];
$query = "UPDATE todopago_transaccion SET first_step = '" . $datetime->format('Y-m-d H:i:s') . "', params_SAR = '" . zen_db_input(zen_db_prepare_input(json_encode($paramsSAR))) . "', response_SAR = '" . zen_db_input(zen_db_prepare_input(json_encode($responseSAR))) . "', request_key = '" . zen_db_input(zen_db_prepare_input($requestKey)) . "', public_request_key = '" . zen_db_input(zen_db_prepare_input($publicRequestKey)) . "' WHERE id_orden = " . $orderId;
$db->Execute($query);
return $query;
} else {
return 0;
}
}
function _install()
{
global $db;
// カラーテーブルの構築
// 存在しない場合に自動で作成
$sql = "create table if not exists " . TABLE_EASY_DESIGN_COLORS . " " . "(easy_design_color_id int(11) auto_increment" . ",template_dir varchar(255)" . ",easy_design_color_key varchar(255)" . ",easy_design_color_name text" . ",easy_design_color_value text" . ",primary key (easy_design_color_id)" . ",index (template_dir)" . ",index (easy_design_color_key))";
$db->execute($sql);
// 文言テーブルの構築
// 存在しない場合に自動で作成
$sql = "create table if not exists " . TABLE_EASY_DESIGN_LANGUAGES . " " . "(easy_design_language_id int(11) auto_increment" . ",language_id int(11)" . ",easy_design_language_key varchar(255)" . ",easy_design_language_name text" . ",easy_design_language_value text" . ",easy_design_language_sort_order int(11)" . ",primary key (easy_design_language_id)" . ",index (easy_design_language_key))";
$db->execute($sql);
$sql = "insert into " . TABLE_EASY_DESIGN_LANGUAGES . " " . "(language_id" . ",easy_design_language_key" . ",easy_design_language_name" . ",easy_design_language_value" . ",easy_design_language_sort_order) " . "values" . "(2" . ",'" . EASY_DESIGN_KEY_TAGLINE . "'" . ",'" . zen_db_input(EASY_DESIGN_TAGLINE_NAME) . "'" . ",'" . zen_db_input(EASY_DESIGN_TAGLINE_VALUE) . "'" . ",1)";
$db->execute($sql);
$sql = "insert into " . TABLE_EASY_DESIGN_LANGUAGES . " " . "(language_id" . ",easy_design_language_key" . ",easy_design_language_name" . ",easy_design_language_value" . ",easy_design_language_sort_order) " . "values" . "(2" . ",'" . EASY_DESIGN_KEY_COPYLIGHT . "'" . ",'" . zen_db_input(EASY_DESIGN_COPYLIGHT_NAME) . "'" . ",'" . zen_db_input(EASY_DESIGN_COPYLIGHT_VALUE) . "'" . ",2)";
$db->execute($sql);
}
/**
* zen_update_whos_online
*/
function zen_update_whos_online()
{
global $db;
if (isset($_SESSION['customer_id']) && $_SESSION['customer_id']) {
$wo_customer_id = $_SESSION['customer_id'];
$customer_query = "select customers_firstname, customers_lastname\n from " . TABLE_CUSTOMERS . "\n where customers_id = '" . (int) $_SESSION['customer_id'] . "'";
$customer = $db->Execute($customer_query);
$wo_full_name = $customer->fields['customers_lastname'] . ', ' . $customer->fields['customers_firstname'];
} else {
$wo_customer_id = '';
$wo_full_name = '¥' . 'Guest';
}
$wo_session_id = zen_session_id();
$wo_ip_address = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : 'Unknown';
$wo_user_agent = substr(zen_db_prepare_input($_SERVER['HTTP_USER_AGENT']), 0, 254);
$_SERVER['QUERY_STRING'] = isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'] != '' ? $_SERVER['QUERY_STRING'] : zen_get_all_get_params();
if (isset($_SERVER['REQUEST_URI'])) {
$uri = $_SERVER['REQUEST_URI'];
} else {
if (isset($_SERVER['QUERY_STRING'])) {
$uri = $_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING'];
} else {
$uri = $_SERVER['PHP_SELF'] . '?' . $_SERVER['argv'][0];
}
}
if (substr($uri, -1) == '?') {
$uri = substr($uri, 0, strlen($uri) - 1);
}
$wo_last_page_url = zen_not_null($uri) ? substr($uri, 0, 254) : 'Unknown';
$current_time = time();
$xx_mins_ago = $current_time - 900;
// remove entries that have expired
$sql = "delete from " . TABLE_WHOS_ONLINE . "\n where time_last_click < '" . $xx_mins_ago . "'";
$db->Execute($sql);
$stored_customer_query = "select count(*) as count\n from " . TABLE_WHOS_ONLINE . "\n where session_id = '" . zen_db_input($wo_session_id) . "' and ip_address='" . zen_db_input($wo_ip_address) . "'";
$stored_customer = $db->Execute($stored_customer_query);
if (empty($wo_session_id)) {
$wo_full_name = '¥' . 'Spider';
}
if ($stored_customer->fields['count'] > 0) {
$sql = "update " . TABLE_WHOS_ONLINE . "\n set customer_id = '" . (int) $wo_customer_id . "',\n full_name = '" . zen_db_input($wo_full_name) . "',\n ip_address = '" . zen_db_input($wo_ip_address) . "',\n time_last_click = '" . zen_db_input($current_time) . "',\n last_page_url = '" . zen_db_input($wo_last_page_url) . "',\n host_address = '" . zen_db_input($_SESSION['customers_host_address']) . "',\n user_agent = '" . zen_db_input($wo_user_agent) . "'\n where session_id = '" . zen_db_input($wo_session_id) . "' and ip_address='" . zen_db_input($wo_ip_address) . "'";
$db->Execute($sql);
} else {
$sql = "insert into " . TABLE_WHOS_ONLINE . "\n (customer_id, full_name, session_id, ip_address, time_entry,\n time_last_click, last_page_url, host_address, user_agent)\n values ('" . (int) $wo_customer_id . "', '" . zen_db_input($wo_full_name) . "', '" . zen_db_input($wo_session_id) . "', '" . zen_db_input($wo_ip_address) . "', '" . zen_db_input($current_time) . "', '" . zen_db_input($current_time) . "', '" . zen_db_input($wo_last_page_url) . "', '" . zen_db_input($_SESSION['customers_host_address']) . "', '" . zen_db_input($wo_user_agent) . "')";
$db->Execute($sql);
}
}
function update_zaiko()
{
global $db;
if (!isset($_POST['product'])) {
echo ZAIKOROBOT_STATUS_NG . "\n";
echo ZAIKOROBOT_ERROR_MSG_NOQUERY . "\n";
return;
}
$error = false;
foreach ($_POST['product'] as $key => $val) {
$find = false;
if (MODULE_PRODUCTS_WITH_ATTRIBUTES_STOCK_STATUS == 'true') {
// SKU型番確認
$sql = "select\n stock_id\n ,products_id\n from " . TABLE_PRODUCTS_WITH_ATTRIBUTES_STOCK . "\n where\n skumodel='" . zen_db_input($val['product_code']) . "'";
$result = $db->Execute($sql);
if (!$result->EOF) {
$find = true;
// 存在したので在庫更新
$sql = "update " . TABLE_PRODUCTS_WITH_ATTRIBUTES_STOCK . "\n set\n quantity=" . (int) $val['stock'] . "\n where\n stock_id=" . (int) $result->fields['stock_id'];
$db->Execute($sql);
// 親の在庫を修正する
$sql = "update " . TABLE_PRODUCTS . "\n set\n products_quantity=(\n select sum(quantity)\n from " . TABLE_PRODUCTS_WITH_ATTRIBUTES_STOCK . "\n where products_id=" . (int) $result->fields['products_id'] . "\n )\n where\n products_id=" . (int) $result->fields['products_id'];
$db->Execute($sql);
}
}
// SKUに一致しないので、通常商品
if (!$find) {
$sql = "select\n products_id\n from " . TABLE_PRODUCTS . "\n where\n products_model='" . zen_db_input($val['product_code']) . "'";
$result = $db->Execute($sql);
// 検索したが存在しない商品だった
if ($result->EOF) {
if ($error == false) {
$error = true;
echo ZAIKOROBOT_STATUS_NG . "\n";
}
echo sprintf(ZAIKOROBOT_ERROR_MSG_PRODUCT_UNKNOWN, $val['product_code']) . "\n";
} else {
$sql = "update " . TABLE_PRODUCTS . "\n set\n products_quantity=" . (int) $val['stock'] . "\n where\n products_id=" . (int) $result->fields['products_id'];
$db->Execute($sql);
}
}
}
if ($error == false) {
echo ZAIKOROBOT_STATUS_OK . "\n";
}
}
public static function getList(&$pListHash)
{
global $gBitDb;
$sql = "SELECT c.`categories_id`, cd.`categories_name`, cd.`categories_description`, c.`categories_image`, c.`parent_id`, c.`sort_order`, c.`date_added`, c.`last_modified`, c.`categories_status`\n\t\t\t\tFROM " . TABLE_CATEGORIES . " c, " . TABLE_CATEGORIES_DESCRIPTION . " cd\n\t\t\t\tWHERE c.`categories_id` = cd.`categories_id` AND cd.`language_id` = ?";
$bindVars = array((int) $_SESSION['languages_id']);
if (!empty($pListHash['search'])) {
$sql .= "and LOWER( cd.`categories_name` ) LIKE ?";
$bindVars[] = '%' . strtolower(zen_db_input($pListHash['search'])) . '%';
}
if (!empty($pListHash['parent_id'])) {
$sql .= " AND c.`parent_id` = ?";
$bindVars[] = $pListHash['parent_id'];
}
$sql .= "ORDER BY c.`sort_order`, cd.`categories_name`";
if ($ret = $gBitDb->getAssoc($sql, $bindVars)) {
}
return $ret;
}
/**
* @package admin
* @copyright Copyright 2003-2011 Zen Cart Development Team
* @copyright Portions Copyright 2003 osCommerce
* @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
* @version $Id: database.php 18695 2011-05-04 05:24:19Z drbyte $
*/
function zen_db_perform($table, $data, $action = 'insert', $parameters = '', $link = 'db_link')
{
global $db;
reset($data);
if ($action == 'insert') {
$query = 'insert into ' . $table . ' (';
while (list($columns, ) = each($data)) {
$query .= $columns . ', ';
}
$query = substr($query, 0, -2) . ') values (';
reset($data);
while (list(, $value) = each($data)) {
switch ((string) $value) {
case 'now()':
$query .= 'now(), ';
break;
case 'null':
$query .= 'null, ';
break;
default:
$query .= '\'' . zen_db_input($value) . '\', ';
break;
}
}
$query = substr($query, 0, -2) . ')';
} elseif ($action == 'update') {
$query = 'update ' . $table . ' set ';
while (list($columns, $value) = each($data)) {
switch ((string) $value) {
case 'now()':
$query .= $columns . ' = now(), ';
break;
case 'null':
$query .= $columns .= ' = null, ';
break;
default:
$query .= $columns . ' = \'' . zen_db_input($value) . '\', ';
break;
}
}
$query = substr($query, 0, -2) . ' where ' . $parameters;
}
return $db->Execute($query);
}
function update(&$class, $eventID, $paramsArray)
{
if (FEC_DROP_DOWN == 'true' || FEC_GIFT_MESSAGE == 'true') {
global $db;
// find out the last order number generated for this customer account
$orders_query = "SELECT * FROM " . TABLE_ORDERS . "\n WHERE customers_id = :customersID\n ORDER BY date_purchased DESC LIMIT 1";
$orders_query = $db->bindVars($orders_query, ':customersID', $_SESSION['customer_id'], 'integer');
$orders = $db->Execute($orders_query);
$orders_id = $orders->fields['orders_id'];
// use order-id generated by the actual order process
// this uses the SESSION orders_id, or if doesn't exist, grabs most recent order # for this cust (needed for paypal et al).
// Needs reworking in v1.4 for checkout-rewrite
$zv_orders_id = isset($_SESSION['order_number_created']) && $_SESSION['order_number_created'] >= 1 ? $_SESSION['order_number_created'] : $orders_id;
$orders_id = $zv_orders_id;
// get the value of the selected dropdown
$dropdown = zen_db_input($_SESSION['dropdown']);
$gift_message = zen_db_input($_SESSION['gift-message']);
// add selected dropdown option to the orders table
$db->Execute("UPDATE " . TABLE_ORDERS . "\n SET dropdown = '" . $dropdown . "',\n gift_message = '" . $gift_message . "'\n WHERE orders_id = " . $orders_id . "\n LIMIT 1");
// unset the dropdown session
unset($_SESSION['dropdown']);
unset($_SESSION['gift-message']);
}
}
function create_add_products($zf_insert_id, $zf_mode = false)
{
global $db, $currencies, $order_total_modules, $order_totals;
// initialized for the email confirmation
$this->products_ordered = '';
$this->products_ordered_html = '';
$this->subtotal = 0;
$this->total_tax = 0;
// lowstock email report
$this->email_low_stock = '';
for ($i = 0, $n = sizeof($this->products); $i < $n; $i++) {
$custom_insertable_text = '';
$this->doStockDecrement = STOCK_LIMITED == 'true';
$this->notify('NOTIFY_ORDER_PROCESSING_STOCK_DECREMENT_INIT', array('i' => $i), $this->products[$i], $i);
// Stock Update - Joao Correia
if ($this->doStockDecrement) {
if (DOWNLOAD_ENABLED == 'true') {
$stock_query_raw = "select p.products_quantity, pad.products_attributes_filename, p.product_is_always_free_shipping\n from " . TABLE_PRODUCTS . " p\n left join " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n on p.products_id=pa.products_id\n left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n on pa.products_attributes_id=pad.products_attributes_id\n WHERE p.products_id = '" . zen_get_prid($this->products[$i]['id']) . "'";
// Will work with only one option for downloadable products
// otherwise, we have to build the query dynamically with a loop
$products_attributes = $this->products[$i]['attributes'];
if (is_array($products_attributes)) {
$stock_query_raw .= " AND pa.options_id = '" . $products_attributes[0]['option_id'] . "' AND pa.options_values_id = '" . $products_attributes[0]['value_id'] . "'";
}
$stock_values = $db->Execute($stock_query_raw, false, false, 0, true);
} else {
$stock_values = $db->Execute("select * from " . TABLE_PRODUCTS . " where products_id = '" . zen_get_prid($this->products[$i]['id']) . "'", false, false, 0, true);
}
$this->notify('NOTIFY_ORDER_PROCESSING_STOCK_DECREMENT_BEGIN', $i, $stock_values);
if ($stock_values->RecordCount() > 0) {
// do not decrement quantities if products_attributes_filename exists
if (DOWNLOAD_ENABLED != 'true' || $stock_values->fields['product_is_always_free_shipping'] == 2 || !$stock_values->fields['products_attributes_filename']) {
$stock_left = $stock_values->fields['products_quantity'] - $this->products[$i]['qty'];
$this->products[$i]['stock_reduce'] = $this->products[$i]['qty'];
} else {
$stock_left = $stock_values->fields['products_quantity'];
}
// $this->products[$i]['stock_value'] = $stock_values->fields['products_quantity'];
$db->Execute("update " . TABLE_PRODUCTS . " set products_quantity = '" . $stock_left . "' where products_id = '" . zen_get_prid($this->products[$i]['id']) . "'");
// if ( ($stock_left < 1) && (STOCK_ALLOW_CHECKOUT == 'false') ) {
if ($stock_left <= 0) {
// only set status to off when not displaying sold out
if (SHOW_PRODUCTS_SOLD_OUT == '0') {
$db->Execute("update " . TABLE_PRODUCTS . " set products_status = 0 where products_id = '" . zen_get_prid($this->products[$i]['id']) . "'");
}
}
// for low stock email
if ($stock_left <= STOCK_REORDER_LEVEL) {
// WebMakers.com Added: add to low stock email
$this->email_low_stock .= 'ID# ' . zen_get_prid($this->products[$i]['id']) . "\t\t" . $this->products[$i]['model'] . "\t\t" . $this->products[$i]['name'] . "\t\t" . ' Qty Left: ' . $stock_left . "\n";
}
}
}
// Update products_ordered (for bestsellers list)
$this->bestSellersUpdate = TRUE;
$this->notify('NOTIFY_ORDER_PROCESSING_BESTSELLERS_UPDATE', array(), $this->products[$i], $i);
if ($this->bestSellersUpdate) {
$db->Execute("update " . TABLE_PRODUCTS . " set products_ordered = products_ordered + " . sprintf('%f', $this->products[$i]['qty']) . " where products_id = '" . zen_get_prid($this->products[$i]['id']) . "'");
}
$this->notify('NOTIFY_ORDER_PROCESSING_STOCK_DECREMENT_END', $i);
$sql_data_array = array('orders_id' => $zf_insert_id, 'products_id' => zen_get_prid($this->products[$i]['id']), 'products_model' => $this->products[$i]['model'], 'products_name' => $this->products[$i]['name'], 'products_price' => $this->products[$i]['price'], 'final_price' => $this->products[$i]['final_price'], 'onetime_charges' => $this->products[$i]['onetime_charges'], 'products_tax' => $this->products[$i]['tax'], 'products_quantity' => $this->products[$i]['qty'], 'products_priced_by_attribute' => $this->products[$i]['products_priced_by_attribute'], 'product_is_free' => $this->products[$i]['product_is_free'], 'products_discount_type' => $this->products[$i]['products_discount_type'], 'products_discount_type_from' => $this->products[$i]['products_discount_type_from'], 'products_prid' => $this->products[$i]['id']);
zen_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array);
$order_products_id = $db->Insert_ID();
$this->notify('NOTIFY_ORDER_DURING_CREATE_ADDED_PRODUCT_LINE_ITEM', array_merge(array('orders_products_id' => $order_products_id, 'i' => $i), $sql_data_array), $order_products_id);
$this->notify('NOTIFY_ORDER_PROCESSING_CREDIT_ACCOUNT_UPDATE_BEGIN');
$order_total_modules->update_credit_account($i);
//ICW ADDED FOR CREDIT CLASS SYSTEM
$this->notify('NOTIFY_ORDER_PROCESSING_ATTRIBUTES_BEGIN');
//------ bof: insert customer-chosen options to order--------
$attributes_exist = '0';
$this->products_ordered_attributes = '';
if (isset($this->products[$i]['attributes'])) {
$attributes_exist = '1';
for ($j = 0, $n2 = sizeof($this->products[$i]['attributes']); $j < $n2; $j++) {
if (DOWNLOAD_ENABLED == 'true') {
$attributes_query = "select popt.products_options_name, poval.products_options_values_name,\n pa.options_values_price, pa.price_prefix,\n pa.product_attribute_is_free, pa.products_attributes_weight, pa.products_attributes_weight_prefix,\n pa.attributes_discounted, pa.attributes_price_base_included, pa.attributes_price_onetime,\n pa.attributes_price_factor, pa.attributes_price_factor_offset,\n pa.attributes_price_factor_onetime, pa.attributes_price_factor_onetime_offset,\n pa.attributes_qty_prices, pa.attributes_qty_prices_onetime,\n pa.attributes_price_words, pa.attributes_price_words_free,\n pa.attributes_price_letters, pa.attributes_price_letters_free,\n pad.products_attributes_maxdays, pad.products_attributes_maxcount, pad.products_attributes_filename\n from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n on pa.products_attributes_id=pad.products_attributes_id\n where pa.products_id = '" . zen_db_input($this->products[$i]['id']) . "'\n and pa.options_id = '" . $this->products[$i]['attributes'][$j]['option_id'] . "'\n and pa.options_id = popt.products_options_id\n and pa.options_values_id = '" . $this->products[$i]['attributes'][$j]['value_id'] . "'\n and pa.options_values_id = poval.products_options_values_id\n and popt.language_id = '" . $_SESSION['languages_id'] . "'\n and poval.language_id = '" . $_SESSION['languages_id'] . "'";
$attributes_values = $db->Execute($attributes_query);
} else {
$attributes_values = $db->Execute("select popt.products_options_name, poval.products_options_values_name,\n pa.options_values_price, pa.price_prefix,\n pa.product_attribute_is_free, pa.products_attributes_weight, pa.products_attributes_weight_prefix,\n pa.attributes_discounted, pa.attributes_price_base_included, pa.attributes_price_onetime,\n pa.attributes_price_factor, pa.attributes_price_factor_offset,\n pa.attributes_price_factor_onetime, pa.attributes_price_factor_onetime_offset,\n pa.attributes_qty_prices, pa.attributes_qty_prices_onetime,\n pa.attributes_price_words, pa.attributes_price_words_free,\n pa.attributes_price_letters, pa.attributes_price_letters_free\n from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n where pa.products_id = '" . $this->products[$i]['id'] . "' and pa.options_id = '" . (int) $this->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . (int) $this->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $_SESSION['languages_id'] . "' and poval.language_id = '" . $_SESSION['languages_id'] . "'");
}
//clr 030714 update insert query. changing to use values form $order->products for products_options_values.
$sql_data_array = array('orders_id' => $zf_insert_id, 'orders_products_id' => $order_products_id, 'products_options' => $attributes_values->fields['products_options_name'], 'products_options_values' => $this->products[$i]['attributes'][$j]['value'], 'options_values_price' => $attributes_values->fields['options_values_price'], 'price_prefix' => $attributes_values->fields['price_prefix'], 'product_attribute_is_free' => $attributes_values->fields['product_attribute_is_free'], 'products_attributes_weight' => $attributes_values->fields['products_attributes_weight'], 'products_attributes_weight_prefix' => $attributes_values->fields['products_attributes_weight_prefix'], 'attributes_discounted' => $attributes_values->fields['attributes_discounted'], 'attributes_price_base_included' => $attributes_values->fields['attributes_price_base_included'], 'attributes_price_onetime' => $attributes_values->fields['attributes_price_onetime'], 'attributes_price_factor' => $attributes_values->fields['attributes_price_factor'], 'attributes_price_factor_offset' => $attributes_values->fields['attributes_price_factor_offset'], 'attributes_price_factor_onetime' => $attributes_values->fields['attributes_price_factor_onetime'], 'attributes_price_factor_onetime_offset' => $attributes_values->fields['attributes_price_factor_onetime_offset'], 'attributes_qty_prices' => $attributes_values->fields['attributes_qty_prices'], 'attributes_qty_prices_onetime' => $attributes_values->fields['attributes_qty_prices_onetime'], 'attributes_price_words' => $attributes_values->fields['attributes_price_words'], 'attributes_price_words_free' => $attributes_values->fields['attributes_price_words_free'], 'attributes_price_letters' => $attributes_values->fields['attributes_price_letters'], 'attributes_price_letters_free' => $attributes_values->fields['attributes_price_letters_free'], 'products_options_id' => (int) $this->products[$i]['attributes'][$j]['option_id'], 'products_options_values_id' => (int) $this->products[$i]['attributes'][$j]['value_id'], 'products_prid' => $this->products[$i]['id']);
zen_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array);
$opa_insert_id = $db->insert_ID();
$this->notify('NOTIFY_ORDER_DURING_CREATE_ADDED_ATTRIBUTE_LINE_ITEM', array_merge(array('orders_products_attributes_id' => $opa_insert_id), $sql_data_array), $opa_insert_id);
if (DOWNLOAD_ENABLED == 'true' && isset($attributes_values->fields['products_attributes_filename']) && zen_not_null($attributes_values->fields['products_attributes_filename'])) {
$sql_data_array = array('orders_id' => $zf_insert_id, 'orders_products_id' => $order_products_id, 'orders_products_filename' => $attributes_values->fields['products_attributes_filename'], 'download_maxdays' => $attributes_values->fields['products_attributes_maxdays'], 'download_count' => $attributes_values->fields['products_attributes_maxcount'], 'products_prid' => $this->products[$i]['id']);
zen_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array);
$opd_insert_id = $db->insert_ID();
$this->notify('NOTIFY_ORDER_DURING_CREATE_ADDED_ATTRIBUTE_DOWNLOAD_LINE_ITEM', $sql_data_array, $opd_insert_id);
}
$this->products_ordered_attributes .= "\n\t" . $attributes_values->fields['products_options_name'] . ' ' . zen_decode_specialchars($this->products[$i]['attributes'][$j]['value']);
}
}
//------eof: insert customer-chosen options ----
$this->notify('NOTIFY_ORDER_PROCESSING_ATTRIBUTES_EXIST', $attributes_exist);
$this->notify('NOTIFY_ORDER_DURING_CREATE_ADD_PRODUCTS', $i, $custom_insertable_text);
/* START: ADD MY CUSTOM DETAILS
* 1. calculate/prepare custom information to be added to this product entry in order-confirmation, perhaps as a function call to custom code to build a serial number etc:
* Possible parameters to pass to custom functions at this point:
* Product ID ordered (for this line item): $this->products[$i]['id']
* Quantity ordered (of this line-item): $this->products[$i]['qty']
* Order number: $zf_insert_id
* Attribute Option Name ID: (int)$this->products[$i]['attributes'][$j]['option_id']
* Attribute Option Value ID: (int)$this->products[$i]['attributes'][$j]['value_id']
* Attribute Filename: $attributes_values->fields['products_attributes_filename']
*
* 2. Add that data to the $this->products_ordered_attributes variable, using this sort of format:
* $this->products_ordered_attributes .= {INSERT CUSTOM INFORMATION HERE};
*/
$this->products_ordered_attributes .= $custom_insertable_text;
/* END: ADD MY CUSTOM DETAILS */
// update totals counters
$this->total_weight += $this->products[$i]['qty'] * $this->products[$i]['weight'];
$this->total_tax += zen_calculate_tax($this->products[$i]['final_price'] * $this->products[$i]['qty'], $this->products[$i]['tax']);
$this->total_cost += $this->products[$i]['final_price'] + $this->products[$i]['onetime_charges'];
$this->notify('NOTIFY_ORDER_PROCESSING_ONE_TIME_CHARGES_BEGIN', $i);
// build output for email notification
$this->products_ordered .= $this->products[$i]['qty'] . ' x ' . $this->products[$i]['name'] . ($this->products[$i]['model'] != '' ? ' (' . $this->products[$i]['model'] . ') ' : '') . ' = ' . $currencies->display_price($this->products[$i]['final_price'], $this->products[$i]['tax'], $this->products[$i]['qty']) . ($this->products[$i]['onetime_charges'] != 0 ? "\n" . TEXT_ONETIME_CHARGES_EMAIL . $currencies->display_price($this->products[$i]['onetime_charges'], $this->products[$i]['tax'], 1) : '') . $this->products_ordered_attributes . "\n";
$this->products_ordered_html .= '<tr>' . "\n" . '<td class="product-details" align="right" valign="top" width="30">' . $this->products[$i]['qty'] . ' x</td>' . "\n" . '<td class="product-details" valign="top">' . nl2br($this->products[$i]['name']) . ($this->products[$i]['model'] != '' ? ' (' . nl2br($this->products[$i]['model']) . ') ' : '') . "\n" . '<nobr>' . '<small><em> ' . nl2br($this->products_ordered_attributes) . '</em></small>' . '</nobr>' . '</td>' . "\n" . '<td class="product-details-num" valign="top" align="right">' . $currencies->display_price($this->products[$i]['final_price'], $this->products[$i]['tax'], $this->products[$i]['qty']) . ($this->products[$i]['onetime_charges'] != 0 ? '</td></tr>' . "\n" . '<tr><td class="product-details">' . nl2br(TEXT_ONETIME_CHARGES_EMAIL) . '</td>' . "\n" . '<td>' . $currencies->display_price($this->products[$i]['onetime_charges'], $this->products[$i]['tax'], 1) : '') . '</td></tr>' . "\n";
}
$order_total_modules->apply_credit();
//ICW ADDED FOR CREDIT CLASS SYSTEM
$this->notify('NOTIFY_ORDER_AFTER_ORDER_CREATE_ADD_PRODUCTS');
}
/**
* Used to void a given previously-authorized transaction. FOR FUTURE USE.
*/
function _doVoid($oID, $note = '')
{
global $db, $doPayPal, $messageStack;
$new_order_status = MODULE_PAYMENT_PAYPALWPP_REFUNDED_STATUS_ID;
$doPayPal = $this->paypal_init();
$voidNote = strip_tags(zen_db_input($_POST['voidnote']));
$voidAuthID = trim(strip_tags(zen_db_input($_POST['voidauthid'])));
if (isset($_POST['ordervoid']) && $_POST['ordervoid'] == MODULE_PAYMENT_PAYPAL_ENTRY_VOID_BUTTON_TEXT_FULL) {
if (isset($_POST['voidconfirm']) && $_POST['voidconfirm'] == 'on') {
$proceedToVoid = true;
} else {
$messageStack->add_session(MODULE_PAYMENT_PAYPALWPP_TEXT_VOID_CONFIRM_ERROR, 'error');
}
}
// look up history on this order from PayPal table
$sql = "select * from " . TABLE_PAYPAL . " where order_id = :orderID AND parent_txn_id = '' ";
$sql = $db->bindVars($sql, ':orderID', $oID, 'integer');
$sql = $db->bindVars($sql, ':transID', $voidAuthID, 'string');
$zc_ppHist = $db->Execute($sql);
if ($zc_ppHist->RecordCount() == 0) {
return false;
}
$txnID = $zc_ppHist->fields['txn_id'];
/**
* Submit void request to PayPal
*/
if ($proceedToVoid) {
$response = $doPayPal->DoVoid($voidAuthID, $voidNote);
$error = $this->_errorHandler($response, 'DoVoid');
if (!$error) {
// Success, so save the results
$sql_data_array = array('orders_id' => (int) $oID, 'orders_status_id' => (int) $new_order_status, 'date_added' => 'now()', 'comments' => 'VOIDED. Trans ID: ' . urldecode($response['AUTHORIZATIONID']) . $response['PNREF'] . (isset($response['PPREF']) ? "\nPPRef: " . $response['PPREF'] : '') . "\n" . $voidNote, 'customer_notified' => 0);
zen_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);
$db->Execute("update " . TABLE_ORDERS . "\r\n set orders_status = '" . (int) $new_order_status . "'\r\n where orders_id = '" . (int) $oID . "'");
$messageStack->add_session(sprintf(MODULE_PAYMENT_PAYPALWPP_TEXT_VOID_INITIATED, urldecode($response['AUTHORIZATIONID']) . $response['PNREF']), 'success');
return true;
}
}
}
</td>
</tr>
<?php
}
} else {
echo ERROR_MODULE_FILE_NOT_FOUND . DIR_FS_CATALOG_LANGUAGES . $_SESSION['language'] . '/modules/' . $module_type . '/' . $file . '<br />';
}
}
ksort($installed_modules);
$check = $db->Execute("select configuration_value\r\n from " . TABLE_CONFIGURATION . "\r\n where configuration_key = '" . zen_db_input($module_key) . "'");
if ($check->RecordCount() > 0) {
if ($check->fields['configuration_value'] != implode(';', $installed_modules)) {
$db->Execute("update " . TABLE_CONFIGURATION . "\r\n set configuration_value = '" . zen_db_input(implode(';', $installed_modules)) . "', last_modified = now()\r\n where configuration_key = '" . zen_db_input($module_key) . "'");
}
} else {
$db->Execute("insert into " . TABLE_CONFIGURATION . "\r\n (configuration_title, configuration_key, configuration_value,\r\n configuration_description, configuration_group_id, sort_order, date_added)\r\n values ('Installed Modules', '" . zen_db_input($module_key) . "', '" . zen_db_input(implode(';', $installed_modules)) . "',\r\n 'This is automatically updated. No need to edit.', '6', '0', now())");
}
if (isset($zc_valid) && $zc_valid == false) {
echo '<span class="alert">' . WARNING_MODULES_SORT_ORDER . '</span>';
}
?>
<tr>
<td colspan="3" class="smallText"><?php
echo TEXT_MODULE_DIRECTORY . ' ' . $module_directory;
?>
</td>
</tr>
</table></td>
<?php
$heading = array();
$contents = array();
<tr>
<td class="smallText" align="center"><strong><?php
echo TABLE_HEADING_DATE_ADDED;
?>
</strong></td>
<td class="smallText" align="center"><strong><?php
echo TABLE_HEADING_STATUS;
?>
</strong></td>
<td class="smallText" align="center"><strong><?php
echo TABLE_HEADING_COMMENTS;
?>
</strong></td>
</tr>
<?php
$orders_history = $db->Execute("select orders_status_id, date_added, customer_notified, comments\n from " . TABLE_ORDERS_STATUS_HISTORY . "\n where orders_id = '" . zen_db_input($oID) . "' and customer_notified >= 0\n order by date_added");
if ($orders_history->RecordCount() > 0) {
$count_comments = 0;
while (!$orders_history->EOF) {
$count_comments++;
echo ' <tr>' . "\n" . ' <td class="smallText" align="center" valign="top">' . zen_datetime_short($orders_history->fields['date_added']) . '</td>' . "\n";
echo ' <td class="smallText" valign="top">' . $orders_status_array[$orders_history->fields['orders_status_id']] . '</td>' . "\n";
echo ' <td class="smallText" valign="top">' . ($orders_history->fields['comments'] == '' ? TEXT_NONE : nl2br(zen_db_output($orders_history->fields['comments']))) . ' </td>' . "\n" . ' </tr>' . "\n";
$orders_history->MoveNext();
if (ORDER_COMMENTS_INVOICE == 1 && $count_comments >= 1) {
break;
}
}
} else {
echo ' <tr>' . "\n" . ' <td class="smallText" colspan="5">' . TEXT_NO_ORDER_HISTORY . '</td>' . "\n" . ' </tr>' . "\n";
}
}
}
}
if ($_POST['quick_updates_new']['products_sort_order']) {
foreach ($_POST['quick_updates_new']['products_sort_order'] as $products_id => $new_value) {
if (trim($_POST['quick_updates_new']['products_sort_order'][$products_id]) != trim($_POST['quick_updates_old']['products_sort_order'][$products_id])) {
$quick_updates_count['products_sort_order'][$products_id] = $products_id;
$db->Execute("UPDATE " . TABLE_PRODUCTS . " SET products_sort_order='" . zen_db_input($new_value) . "', products_last_modified=now() WHERE products_id=" . (int) $products_id);
}
}
}
if ($_POST['quick_updates_new']['products_image']) {
foreach ($_POST['quick_updates_new']['products_image'] as $products_id => $new_value) {
if (trim($_POST['quick_updates_new']['products_image'][$products_id]) != trim($_POST['quick_updates_old']['products_image'][$products_id])) {
$quick_updates_count['products_image'][$products_id] = $products_id;
$db->Execute("UPDATE " . TABLE_PRODUCTS . " SET products_image='" . zen_db_input($new_value) . "', products_last_modified=now() WHERE products_id=" . (int) $products_id);
}
}
}
if ($_POST['quick_updates_old']['products_status']) {
foreach ($_POST['quick_updates_old']['products_status'] as $products_id => $status) {
if (!isset($_POST['quick_updates_new']['products_status'][$products_id])) {
$_POST['quick_updates_new']['products_status'][$products_id] = '0';
}
if ($_POST['quick_updates_new']['products_status'][$products_id] != $_POST['quick_updates_old']['products_status'][$products_id]) {
$quick_updates_count['products_status'][$products_id] = $products_id;
zen_set_product_status((int) $products_id, (int) $_POST['quick_updates_new']['products_status'][$products_id]);
}
}
}
if ($_POST['quick_updates_new']['products_tax_class_id']) {
function get_audience_sql_query($selected_entry, $query_category = 'email')
{
// This is used to take the query_name selected in the drop-down menu or singular customer email address and
// generate the SQL Select query to be used to build the list of email addresses to be sent to
// it only returns a query name and query string (SQL SELECT statement)
// the query string is then used in a $db->Execute() command for later parsing and emailing.
global $db;
$query_name = '';
$queries_list = $db->Execute("select query_name, query_string from " . TABLE_QUERY_BUILDER . " " . "where query_category like '%" . $query_category . "%'");
// "where query_category = '" . $query_category . "'");
while (!$queries_list->EOF) {
if ($selected_entry == $queries_list->fields['query_name']) {
$query_name = $queries_list->fields['query_name'];
$query_string = parsed_query_string($queries_list->fields['query_string']);
//echo 'GET_AUD_EM_ADDR_QRY:<br />query_name='.$query_name.'<br />query_string='.$query_string;
}
$queries_list->MoveNext();
}
//if no match found against queries listed in database, then $selected_entry must be an email address
if ($query_name == '' && $query_category == 'email') {
$cust_email_address = zen_db_prepare_input($selected_entry);
$query_name = $cust_email_address;
$query_string = "select customers_firstname, customers_lastname, customers_email_address\n from " . TABLE_CUSTOMERS . "\n where customers_email_address = '" . zen_db_input($cust_email_address) . "'";
}
//send back a 1-row array containing the query_name and the SQL query_string
return array('query_name' => $query_name, 'query_string' => $query_string);
}