function check($domain, $tld, $tld_array) { // check the domain validity: if (!preg_match('/^[a-zA-Z0-9\\-]{1,}$/i', $domain)) { return false; } if (preg_match('/[-]{2,}/', $domain)) { return false; } if (preg_match('/^[-]{1,}/', $domain)) { return false; } if (preg_match('/[-]{1,}$/', $domain)) { return false; } $db =& DB(); $dbm = new CORE_database(); $sql = $dbm->sql_select('service', 'id', "domain_name = ::{$domain}:: AND domain_tld = ::{$tld}::", "", $db); $rs = $db->Execute($sql); if ($rs == false || $rs->RecordCount() > 0) { return false; } else { return true; } }
function send($VAR) { $VAR_ORIG = $VAR; $db =& DB(); $dbm = new CORE_database(); $sql = $dbm->sql_select("email_queue", "*", "status = 0", "", $db); $rs = $db->Execute($sql); if ($rs != false && $rs->RecordCount() > 0) { require_once PATH_MODULES . 'email_template/email_template.inc.php'; while (!$rs->EOF) { # Get values global $VAR; $VAR = unserialize($rs->fields['var']); $sql1 = $rs->fields['sql1']; $sql2 = $rs->fields['sql2']; $sql3 = $rs->fields['sql3']; if (!empty($sql1)) { if (ereg("^a:", $sql1) && is_array(unserialize($sql1))) { $sql1 = unserialize($sql1); } } else { $sql1 = false; } if (!empty($sql2)) { if (ereg("^a:", $sql2) && is_array(unserialize($sql2))) { $sql2 = unserialize($sql2); } } else { $sql2 = false; } if (!empty($sql3)) { if (ereg("^a:", $sql3) && is_array(unserialize($sql3))) { $sql3 = unserialize($sql3); } } else { $sql3 = false; } # Send email $mail = new email_template(); $result = $mail->send($rs->fields['email_template'], $rs->fields['account_id'], $sql1, $sql2, $sql3, false); # Update to sent status if ($result) { $sql = "UPDATE " . AGILE_DB_PREFIX . "email_queue SET\n\t\t\t\t\t\t\tstatus = 1\n\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\tid\t\t= {$rs->fields['id']}\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\t\tsite_id\t= " . DEFAULT_SITE; $db->Execute($sql); } $rs->MoveNext(); } } $VAR = $VAR_ORIG; }
function check($domain,$tld,$tld_array) { // check the domain validity: if(!eregi('^[a-zA-Z0-9\-]{1,}$', $domain)) return false; if(eregi('[-]{2,}', $domain)) return false; if(eregi('^[-]{1,}', $domain)) return false; if(eregi('[-]{1,}$', $domain)) return false; $db = &DB(); $dbm = new CORE_database; $sql = $dbm->sql_select('service', 'id', "domain_name = ::$domain:: AND domain_tld = ::$tld::","", $db); $rs = $db->Execute($sql); if($rs == false || $rs->RecordCount() > 0) return false; else return true; }
function accounts() { global $VAR, $C_debug; $p = AGILE_DB_PREFIX; $s = DEFAULT_SITE; ### Connect to the remote Db; $dbr =& NewADOConnection($this->type); $dbr->Connect($this->host, $this->user, $this->pass, $this->db); ### Determine the offset for the account if (empty($VAR['offset'])) { $VAR['offset'] = 0; } @($offset = $VAR['offset'] . "," . $this->select_limit); # select each account from remote db $sql = "SELECT customers.*, \n\t\t\t\t\tauthorization.password as password \n\t\t\t\tFROM \n\t\t\t\t\tcustomers,authorization \n\t\t\t\tWHERE\n\t\t\t\t\tcustomers.email = authorization.email "; $rs = $dbr->SelectLimit($sql, $offset); if ($rs === false) { $C_debug->alert("Query to the table 'customers' failed!"); return false; } if ($rs->RecordCount() == 0) { $C_debug->alert("No more records to process!"); echo "<script language=javascript>setTimeout('document.location=\\'?_page=import:import&plugin={$VAR['plugin']}\\'', 1500); </script>"; return; } ### Get the default checkout plugin id: $db =& DB(); $sql = "SELECT id FROM {$p}checkout WHERE\n\t\t\t\tsite_id = {$s} AND\n\t\t\t\tcheckout_plugin = '{$this->gateway}'"; $ch = $db->Execute($sql); $checkout_plugin_id = $ch->fields['id']; $msg = "Processing " . $rs->RecordCount() . " Records...<BR>"; # loop through each remote account while (!$rs->EOF) { $msg .= "<BR>Processing account: {$rs->fields['email']}..."; # start a new transaction for the insert: $db =& DB(); $db->StartTrans(); # Get a local account id $id = $db->GenID($p . 'account_id'); # Get orig date if (!empty($rs->fields['last_access'])) { $dat = explode(' ', $rs->fields['last_access']); $date = explode('-', $dat[0]); $min = explode(':', $dat[1]); $date_orig = mktime($min[0], $min[1], $min[2], $date[1], $date[2], $date[0]); } else { $date_orig = time(); } ## Get the country: $country = $rs->fields['country']; $db =& DB(); $dbm = new CORE_database(); $rscountry = $db->Execute($dbm->sql_select('country', 'id', 'name = {}', '', &$db)); if ($rscountry && $rscountry->RecordCount() == 1) { $country = $rscountry->fields['id']; } else { $country = DEFAULT_COUNTRY; } # Insert the account $sql = "INSERT INTO {$p}account SET\n\t\t\t\t\tid \t\t\t= {$id},\n\t\t\t\t\tsite_id\t\t= {$s},\n\t\t\t\t\tdate_orig\t= {$date_orig},\n\t\t\t\t\tdate_last\t= " . time() . ",\n\t\t\t\t\tlanguage_id\t= " . $db->qstr(DEFAULT_LANGUAGE) . ",\n\t\t\t\t\tcurrency_id\t= " . DEFAULT_CURRENCY . ",\n\t\t\t\t\ttheme_id\t= " . $db->qstr(DEFAULT_THEME) . ",\n\t\t\t\t\tusername\t= " . $db->qstr($rs->fields['email']) . ",\n\t\t\t\t\tpassword\t= " . $db->qstr(md5(@$rs->fields['password'])) . ",\n\t\t\t\t\tstatus\t\t= 1,\n\t\t\t\t\tcountry_id\t= {$country},\n\t\t\t\t\tfirst_name\t= " . $db->qstr($rs->fields['first_name']) . ",\n\t\t\t\t\tlast_name\t= " . $db->qstr($rs->fields['last_name']) . ",\n\t\t\t\t\tcompany\t\t= " . $db->qstr($rs->fields['company']) . ",\n\t\t\t\t\taddress1\t= " . $db->qstr($rs->fields['address1']) . ",\n\t\t\t\t\taddress2\t= " . $db->qstr($rs->fields['address2']) . ",\n\t\t\t\t\tcity\t\t= " . $db->qstr($rs->fields['city']) . ",\n\t\t\t\t\tstate\t\t= " . $db->qstr($rs->fields['region']) . ",\n\t\t\t\t\tzip\t\t\t= " . $db->qstr($rs->fields['code']) . ",\n\t\t\t\t\temail\t\t= " . $db->qstr($rs->fields['email']) . ",\n\t\t\t\t\temail_type\t= 0"; $db->Execute($sql); # Insert the import record $this->import_transaction($this->plugin, $VAR['action'], 'account', $id, 'customers', $rs->fields['email'], &$db); # If cc details exist, import an account_billing record: if (!empty($rs->fields['cc_number']) && !empty($rs->fields['cc_expiry'])) { # Get a local account_billing id $bill_id = $db->GenID($p . 'account_billing_id'); # the whois.cart encryption method is secret, so we have no way to decrypt the cc details # we will create a blank CC record that the user or admin can manually update... $sql = "INSERT INTO {$p}account_billing SET\n\t\t\t\t\t\tid \t\t\t\t\t= {$bill_id},\n\t\t\t\t\t\tsite_id\t\t\t\t= {$s}, \n\t\t\t\t\t\taccount_id\t\t\t= {$id},\n\t\t\t\t\t\tcheckout_plugin_id \t= {$checkout_plugin_id},\n\t\t\t\t\t\tcard_type\t\t\t= 'visa', \n\t\t\t\t\t\tcard_num4\t\t\t= '0000',\n\t\t\t\t\t\tcard_exp_month\t\t= 0,\n\t\t\t\t\t\tcard_exp_year\t\t= 0"; $db->Execute($sql); # Insert the import record $this->import_transaction($this->plugin, $VAR['action'], 'account_billing', $bill_id, 'customers', $rs->fields['email'], &$db); } # Complete the transaction $db->CompleteTrans(); $rs->MoveNext(); } $C_debug->alert($msg); $offset = $VAR['offset'] + $this->select_limit; echo "<script language=javascript> \n\t\t\t setTimeout('document.location=\\'?_page=core:blank&offset={$offset}&action={$VAR['action']}&plugin={$VAR['plugin']}&do[]=import:do_action\\'', 1200);\n\t\t\t </script>"; }
/** SUGGEST RESULTS */ function suggest($VAR) { $db =& DB(); $dbm = new CORE_database(); $sql = $dbm->sql_select('host_tld', 'name,default_term_new', "auto_search = 1 AND status = 1", "name", $db); $rs = $db->Execute($sql); while (!$rs->EOF) { $smart[] = $rs->fields; $rs->MoveNext(); } $count = count($smart); $js = "var tldArr = new Array({$count}); var tldCount = {$count}; "; for ($i = 0; $i < $count; $i++) { $js .= "tldArr[{$i}] = '{$smart[$i]['name']}'; "; } global $smarty; $smarty->assign('tlds', $smart); $smarty->assign('javascript', $js); }
function search_show($VAR) { $this->construct(); $type = "search"; $this->method["{$type}"] = explode(",", $this->method["{$type}"]); $dba = new CORE_database(); $smart = $dba->search_show($VAR, $this, $type); global $smarty, $C_list; if ($C_list->is_installed('host_server')) { $host = true; } $total_amount = 0; $db =& DB(); for ($i = 0; $i < count($smart); $i++) { $total_amount += $smart[$i]['price']; if ($host && !empty($smart[$i]['host_server_id'])) { $id = $smart[$i]['host_server_id']; if (!empty($this->server[$id])) { $smart[$i]['server_name'] = $this->server_id; } else { $sql = $dba->sql_select("host_server", "name", "id = {$id}", false, $db); $rs = $db->Execute($sql); $this->server_id = $rs->fields['name']; $smart[$i]['server_name'] = $this->server_id; } } } $smarty->assign('service', $smart); $smarty->assign('total_amount', $C_list->format_currency($total_amount, "")); }
function send_verify_email($VAR) { global $C_translate, $C_debug; require_once PATH_MODULES . 'email_template/email_template.inc.php'; $my = new email_template(); $db =& DB(); $dbm = new CORE_database(); echo $sql = $dbm->sql_select('account', 'date_orig', "id = {$VAR['id']}", '', $db); $result = $db->Execute($sql); $validation_str = strtoupper($result->fields['date_orig'] . ':' . $VAR['id']); $my->send('account_registration_inactive', @$VAR['id'], @$VAR['id'], '', $validation_str); echo $C_translate->translate("account_verify_instructions", "account_admin", ""); }
function admin_menu_product($VAR) { global $smarty, $C_auth; $db =& DB(); $dbc = new CORE_database(); # Get current category id if (!empty($VAR['id'])) { $product_id = ereg_replace(",", "", $VAR['id']); $sql = $dbc->sql_select("product", "avail_category_id", "id = {$product_id}", "", $db); $product = $db->Execute($sql); $current = unserialize($product->fields['avail_category_id']); } else { $current = ''; } # Loop and put in array $sql = $dbc->sql_select("product_cat", "*", "", "parent_id,position,name", $db); $result = $db->Execute($sql); while (!$result->EOF) { # determine if selected $select = false; for ($ix = 0; $ix < count($current); $ix++) { if ($current[$ix] == $result->fields['id']) { $result->fields['sel'] = 'selected'; break; } } # set array if ($result->fields['parent_id'] == "" || $result->fields['parent_id'] == 0 || $result->fields['parent_id'] == $result->fields['id']) { $arr[0][] = $result->fields; } else { $arr["{$result->fields['parent_id']}"][] = $result->fields; } $result->MoveNext(); } # Create menu $option = ''; for ($i = 0; $i < count($arr[0]); $i++) { $id = $arr[0][$i]["id"]; $option .= '<option value="' . $id . '" ' . @$arr[0][$i]["sel"] . '>' . $arr[0][$i]["name"] . '</option>'; ########################## # get the sub-categories # (LEVEL 2) if (isset($arr[$id])) { for ($ii = 0; $ii < count($arr[$id]); $ii++) { $idx = $arr[$id][$ii]["id"]; $option .= '<option value="' . $idx . '" ' . @$arr[$id][$ii]["sel"] . '>- ' . $arr[$id][$ii]["name"] . '</option>'; } ########################## # get the sub-categories # (LEVEL 3) if (isset($arr[$idx])) { for ($iii = 0; $iii < count($arr[$idx]); $iii++) { $idx2 = $arr[$idx][$iii]["id"]; $option .= '<option value="' . $idx2 . '" ' . @$arr[$idx][$iii]["sel"] . '> - ' . $arr[$idx][$iii]["name"] . '</option>'; } ########################## # get the sub-categories # (LEVEL 4) if (isset($arr[$idx2])) { for ($iiii = 0; $iiii < count($arr[$idx2]); $iiii++) { $idx3 = $arr[$idx2][$iiii]["id"]; $option .= '<option value="' . $idx3 . '" ' . @$arr[$idx2][$iiii]["sel"] . '> - ' . $arr[$idx2][$iiii]["name"] . '</option>'; } ########################## # get the sub-categories # (LEVEL 5) if (isset($arr[$idx3])) { for ($iiiii = 0; $iiiii < count($arr[$idx3]); $iiiii++) { $idx4 = $arr[$idx3][$iiiii]["id"]; $option .= '<option value="' . $idx4 . '" ' . @$arr[$idx3][$iiiii]["sel"] . '> - ' . $arr[$idx3][$iiiii]["name"] . '</option>'; } } } } } } echo '<select name="product_avail_category_id[]" size="5" multiple >'; echo $option; echo '</select>'; }
/** * Clone Existing Product */ function cloner($VAR) { global $C_debug, $C_translate; $product_id = $VAR['id']; $sku = $VAR['product_sku']; $p = AGILE_DB_PREFIX; if (empty($product_id) || empty($sku)) { $C_debug->alert($C_translate->translate('clone_error', 'product', '')); return false; } $db =& DB(); $dbc = new CORE_database(); # Get current product details $sql = $dbc->sql_select("product", "*", "id = {$product_id}", "", $db); $result = $db->Execute($sql); # Clone product $new_prod_id = $db->GenID(AGILE_DB_PREFIX . 'product_id'); $sql = "INSERT INTO {$p}product SET\n \t\t\t\tid = {$new_prod_id}, \n \t\t\t\tsku = " . $db->qstr($sku); while (list($field, $value) = each($result->fields)) { if ($field != 'sku' && $field != 'id' && !is_numeric($field)) { $sql .= ",{$field} = " . $db->qstr($value); } } $result = $db->Execute($sql); # Get current translation $sql = $dbc->sql_select("product_translate", "*", "product_id = {$product_id}", "", $db); $result = $db->Execute($sql); # Clone translation while (!$result->EOF) { $id = $db->GenID(AGILE_DB_PREFIX . 'product_translate_id'); $sql = "INSERT INTO {$p}product_translate SET\n\t \t\t\t\tid = {$id}, \n\t \t\t\t\tproduct_id = {$new_prod_id}"; while (list($field, $value) = each($result->fields)) { if ($field != 'product_id' && $field != 'id' && !is_numeric($field)) { $sql .= ",{$field} = " . $db->qstr($value); } } $db->Execute($sql); $result->MoveNext(); } # Get current attributes $sql = $dbc->sql_select("product_attr", "*", "product_id = {$product_id}", "", $db); $result = $db->Execute($sql); # Clone attributes while (!$result->EOF) { $id = $db->GenID(AGILE_DB_PREFIX . 'product_attr_id'); $sql = "INSERT INTO {$p}product_attr SET\n\t \t\t\t\tid = {$id}, \n\t \t\t\t\tproduct_id = {$new_prod_id}"; while (list($field, $value) = each($result->fields)) { if ($field != 'product_id' && $field != 'id' && !is_numeric($field)) { $sql .= ",{$field} = " . $db->qstr($value); } } $db->Execute($sql); $result->MoveNext(); } $msg = $C_translate->translate('clone_success', 'product', ''); $C_debug->alert('<a href="?_page=product:view&id=' . $new_prod_id . '" target="_parent">' . $msg . '</a>'); return $new_prod_id; }
function accounts() { global $VAR, $C_debug; $p = AGILE_DB_PREFIX; $s = DEFAULT_SITE; ### Connect to the remote Db; $dbr =& NewADOConnection($this->type); $dbr->Connect($this->host, $this->user, $this->pass, $this->db); ### Determine the offset for the account if (empty($VAR['offset'])) { $VAR['offset'] = 0; } @($offset = $VAR['offset'] . "," . $this->select_limit); # select each account from remote db $sql = "SELECT * FROM client_info "; $rs = $dbr->SelectLimit($sql, $offset); if ($rs === false) { $C_debug->alert("Query to the table 'client_info' failed!"); return false; } if ($rs->RecordCount() == 0) { $C_debug->alert("No more records to process!"); echo "<script language=javascript>setTimeout('document.location=\\'?_page=import:import&plugin={$VAR['plugin']}\\'', 1500); </script>"; return; } ### Get the default checkout plugin id: $db =& DB(); $sql = "SELECT id FROM {$p}checkout WHERE\n\t\t\t\tsite_id = {$s} AND\n\t\t\t\tcheckout_plugin = '{$this->gateway}'"; $ch = $db->Execute($sql); $checkout_plugin_id = $ch->fields['id']; $msg = "Processing " . $rs->RecordCount() . " Records...<BR>"; # loop through each remote account while (!$rs->EOF) { $msg .= "<BR>Processing account: {$rs->fields['client_fname']} {$rs->fields['client_lname']}"; # start a new transaction for the insert: $db =& DB(); $db->StartTrans(); # Get a local account id $id = $db->GenID($p . 'account_id'); ## Get the country: $country = $rs->fields['client_country']; $db =& DB(); $dbm = new CORE_database(); $rscountry = $db->Execute($dbm->sql_select('country', 'id', "two_code = {$country}", '', &$db)); if ($rscountry && $rscountry->RecordCount() == 1) { $country = $rscountry->fields['id']; } else { $country = DEFAULT_COUNTRY; } if (empty($rs->fields['client_username'])) { $username = $rs->fields['client_email']; } else { $username = $rs->fields['client_username']; } # Insert the account $sql = "INSERT INTO {$p}account SET\n\t\t\t\t\tid \t\t\t= {$id},\n\t\t\t\t\tsite_id\t\t= {$s},\n\t\t\t\t\tdate_orig\t= " . $db->qstr($rs->fields['client_stamp']) . ",\n\t\t\t\t\tdate_last\t= " . time() . ",\n\t\t\t\t\tlanguage_id\t= " . $db->qstr(DEFAULT_LANGUAGE) . ",\n\t\t\t\t\tcurrency_id\t= " . DEFAULT_CURRENCY . ",\n\t\t\t\t\ttheme_id\t= " . $db->qstr(DEFAULT_THEME) . ",\n\t\t\t\t\tusername\t= " . $db->qstr($username) . ",\n\t\t\t\t\tpassword\t= " . $db->qstr($rs->fields['client_password']) . ",\n\t\t\t\t\tmisc\t\t= " . $db->qstr("Phone: " . $rs->fields['client_phone1'] . "\r\nPhone #2: " . $rs->fields['client_phone2'] . "\r\n" . $rs->fields['client_comments']) . ",\n\t\t\t\t\tstatus\t\t= 1,\n\t\t\t\t\tcountry_id\t= {$country},\n\t\t\t\t\tfirst_name\t= " . $db->qstr($rs->fields['client_fname']) . ",\n\t\t\t\t\tlast_name\t= " . $db->qstr($rs->fields['client_lname']) . ",\n\t\t\t\t\tcompany\t\t= " . $db->qstr($rs->fields['client_company']) . ",\n\t\t\t\t\taddress1\t= " . $db->qstr($rs->fields['client_address']) . ",\n\t\t\t\t\taddress2\t= " . $db->qstr($rs->fields['client_address_2']) . ",\n\t\t\t\t\tcity\t\t= " . $db->qstr($rs->fields['client_city']) . ",\n\t\t\t\t\tstate\t\t= " . $db->qstr($rs->fields['client_state']) . ",\n\t\t\t\t\tzip\t\t\t= " . $db->qstr($rs->fields['client_zip']) . ",\n\t\t\t\t\temail\t\t= " . $db->qstr($rs->fields['client_email']) . ",\n\t\t\t\t\temail_type\t= 0"; $db->Execute($sql); # Insert the import record $this->import_transaction($this->plugin, $VAR['action'], 'account', $id, 'client_info', $rs->fields['client_id'], &$db); # If cc details exist, import an account_billing record: if (!empty($rs->fields['billing_cc_type']) && !empty($rs->fields['billing_cc_exp'])) { # Get a local account_billing id $bill_id = $db->GenID($p . 'account_billing_id'); $type = split("-", $rs->fields['billing_cc_type']); $exp = split("/", $rs->fields['billing_cc_exp']); # the modernbill encryption method is unknown, so we have no way to decrypt the cc details # we will create a blank CC record that the user or admin can manually update... $sql = "INSERT INTO {$p}account_billing SET\n\t\t\t\t\t\tid \t\t\t\t\t= {$bill_id},\n\t\t\t\t\t\tsite_id\t\t\t\t= {$s}, \n\t\t\t\t\t\taccount_id\t\t\t= {$id},\n\t\t\t\t\t\tcheckout_plugin_id \t= {$checkout_plugin_id},\n\t\t\t\t\t\tcard_type\t\t\t= " . $db->qstr(strtolower($type[0])) . ", \n\t\t\t\t\t\tcard_num4\t\t\t= " . $db->qstr($type[1]) . ", \n\t\t\t\t\t\tcard_exp_month\t\t= " . $db->qstr($exp[0]) . ", \n\t\t\t\t\t\tcard_exp_year\t\t= " . $db->qstr($exp[1]); $db->Execute($sql); # Insert the import record $this->import_transaction($this->plugin, $VAR['action'], 'account_billing', $bill_id, 'client_info', $rs->fields['client_id'], &$db); } # Complete the transaction $db->CompleteTrans(); $rs->MoveNext(); } $C_debug->alert($msg); $offset = $VAR['offset'] + $this->select_limit; echo "<script language=javascript> \n\t\t\t setTimeout('document.location=\\'?_page=core:blank&offset={$offset}&action={$VAR['action']}&plugin={$VAR['plugin']}&do[]=import:do_action\\'', 1200);\n\t\t\t </script>"; }
function faq_categories($VAR) { $db =& DB(); $dbm = new CORE_database(); $rs = $db->Execute($sql = $sql = $dbm->sql_select('faq_category', '*', " status=1 ", "sort_order,name,date_orig", &$db)); if (!$rs || $rs->RecordCount() == 0) { // } else { while (!$rs->EOF) { // validate groups global $C_auth; if ($C_auth->auth_group_by_id(unserialize($rs->fields['group_avail']))) { $smart[] = $rs->fields; } $rs->MoveNext(); } } global $smarty; $smarty->assign('faq_category_list', @$smart); }
function view($VAR) { $this->construct(); ### Get the departments this staff member is authorized for: $dbs =& DB(); $sql = 'SELECT id,department_avail,signature FROM ' . AGILE_DB_PREFIX . 'staff WHERE site_id = ' . $dbs->qstr(DEFAULT_SITE) . ' AND account_id = ' . $dbs->qstr(SESS_ACCOUNT); $result = $dbs->Execute($sql); if ($result->RecordCount() == 0) { ### ERROR: this account does not have a staff id global $C_debug, $C_translate; $C_debug->alert($C_translate->translate('staff_no_account', 'ticket', '')); return; } else { $staff_id = $result->fields['id']; @($avail = unserialize($result->fields['department_avail'])); global $smarty; $smarty->assign('signature', $result->fields['signature']); ### Loop through the records to define the custom SQL: for ($i = 0; $i < count($avail); $i++) { $this->custom_EXP[] = array('field' => 'department_id', 'value' => $avail[$i]); } } $type = "view"; $this->method["{$type}"] = split(",", $this->method["{$type}"]); $db =& DB(); # set the field list for this method: $arr = $this->method[$type]; if (isset($VAR["id"])) { $id = split(',', $VAR["id"]); for ($i = 0; $i < count($id); $i++) { if ($id[$i] != '') { if ($i == 0) { $id_list .= " id = " . $db->qstr($id[$i]) . " "; $ii++; } else { $id_list .= " OR id = " . $db->qstr($id[$i]) . " "; $ii++; } } } } if ($ii > 0) { # generate the full query $q = "SELECT * FROM\n\t\t \t " . AGILE_DB_PREFIX . "{$this->table}\n\t\t\t\t\t WHERE\t\t\t\t\t\n\t\t \t {$id_list}\n\t\t \t AND site_id = " . $db->qstr(DEFAULT_SITE) . "\n\t\t \t ORDER BY {$this->order_by} "; $result = $db->Execute($q); # error reporting if ($result === false) { global $C_debug; $C_debug->error('database.inc.php', 'view', $db->ErrorMsg()); return; } # put the results into a smarty accessable array $i = 0; $class_name = TRUE; $staffs = ''; while (!$result->EOF) { $smart[$i] = $result->fields; $smart[$i]["i"] = $i; // get any attachments for ticket $attach = $db->Execute(sqlSelect($db, "ticket_attachment", "id,name,size,type", "ticket_id={$result->fields['id']}")); if ($attach && $attach->RecordCount()) { while (!$attach->EOF) { $smart[$i]['attachments'][] = $attach->fields; $attach->MoveNext(); } } ### Get any replies... $dba =& DB(); $p = AGILE_DB_PREFIX; $s = DEFAULT_SITE; $sql = " SELECT DISTINCT\n\t \t\t\tA.* \n \t\t\tFROM \n\t \t\t\t{$p}ticket_message AS A \n \t\t\tWHERE \t\t\t\n \t\t\t\tA.site_id = {$s} \n \t\t\tAND\n \tA.ticket_id = {$result->fields['id']} \n ORDER BY \n \tA.date_orig"; $replys = $dba->Execute($sql); $ii = 0; while (!$replys->EOF) { # Get the staff name: if ($replys->fields['staff_id'] > 0) { $dbm = new CORE_database(); $rss = $db->Execute($sql = $dbm->sql_select('staff', 'nickname', "id = {$replys->fields['staff_id']} ", "", $db)); $replys->fields['staff_nickname'] = $rss->fields['nickname']; } else { if (!empty($result->fields['email'])) { $replys->fields['user_name'] = $result->fields['email']; } elseif (!empty($result->fields['account_id'])) { $db =& DB(); $dbm = new CORE_database(); $rss = $db->Execute($dbm->sql_select('account', 'first_name,last_name', "id = {$result->fields['account_id']}", "", $db)); $replys->fields['user_name'] = $rss->fields['first_name'] . ' ' . $rss->fields['last_name']; } else { $replys->fields['user_name'] = 'User'; } } $ii++; if ($ii >= $replys->RecordCount()) { $replys->fields['last'] = true; } else { $replys->fields['last'] = false; } $reply[] = $replys->fields; $replys->MoveNext(); } $smart[$i]["reply"] = $reply; ### Get the static vars: require_once PATH_CORE . 'static_var.inc.php'; $static_var = new CORE_static_var(); $arr = $static_var->view_form($this->module, $result->fields['id']); if (gettype($arr) == 'array') { $smart[$i]["static_var"] = $arr; } // Get the user authentication details if ($result->fields['account_id'] > 0) { // get services $sql = "SELECT id,from_unixtime(date_orig,'%m-%d-%Y') as date_orig,active,sku FROM {$p}service \n\t\t\t\t\t\t\tWHERE account_id={$result->fields['account_id']} AND site_id = " . DEFAULT_SITE . " \n\t\t\t\t\t\t\tGROUP BY sku,active\n\t\t\t\t\t\t\tORDER BY date_orig"; $authsrvc = $db->Execute($sql); if ($authsrvc && $authsrvc->RecordCount()) { while (!$authsrvc->EOF) { $smart[$i]['authsrvc'][] = $authsrvc->fields; $authsrvc->MoveNext(); } } // get groups $sql = "SELECT DISTINCT B.id,B.name,A.active,from_unixtime(A.date_orig,'%m-%d-%Y') as date_orig FROM {$p}account_group as A\n\t\t\t\t\t\t\tJOIN {$p}group as B ON (B.id=A.group_id AND B.site_id=" . DEFAULT_SITE . ")\n\t\t\t\t\t\t\tWHERE A.account_id = {$result->fields['account_id']} AND A.site_id = " . DEFAULT_SITE . " \n\t\t\t\t\t\t\tAND A.group_id>1001"; $authgrp = $db->Execute($sql); if ($authgrp && $authgrp->RecordCount()) { while (!$authgrp->EOF) { $smart[$i]['authgrp'][] = $authgrp->fields; $authgrp->MoveNext(); } } // get ordered products $sql = "SELECT count(*) as qty, B.id,from_unixtime(B.date_orig,'%m-%d-%Y') as dateorg,A.sku FROM {$p}invoice_item as A\n\t\t\t\t\t\t\tJOIN {$p}invoice as B ON (B.id=A.invoice_id AND B.site_id=" . DEFAULT_SITE . " AND billing_status=1 AND process_status=1 )\n\t\t\t\t\t\t\tWHERE A.account_id = {$result->fields['account_id']} AND A.site_id = " . DEFAULT_SITE . "\t\t\t\t\t\t\n\t\t\t\t\t\t\tGROUP BY sku,dateorg"; $authsku = $db->Execute($sql); if ($authsku && $authsku->RecordCount()) { while (!$authsku->EOF) { $smart[$i]['authsku'][] = $authsku->fields; $authsku->MoveNext(); } } } $i++; $result->MoveNext(); } # get the result count: $results = $i; ### No results: if ($i == 0) { global $C_debug; $C_debug->error("CORE:database.inc.php", "view()", "The selected record does not\n exist any longer, or your account is not authorized to view it"); return; } # define the results global $smarty; $smarty->assign($this->table, $smart); $smarty->assign('results', $search->results); } }
/** * Validate A Product * * @param array $VAR * @param int $product_id * @param int $account_id * @return bool */ function validate_product($VAR, $product_id, $account_id) { global $C_translate, $C_debug, $C_auth; $db =& DB(); # can user add inactive items if ($C_auth->auth_method_by_name('invoice', 'add')) { $active = ''; } else { $active = " AND active=1 "; } # validate that product exists $result = $db->Execute(sqlSelect($db, "product", "*", "id=::{$product_id}:: {$active}")); if ($result->RecordCount() == 0) { $C_debug->alert($C_translate->translate('err_no_prod', 'cart', '')); return false; } # check that product is not already in cart if ($result->fields['cart_multiple'] != "1" && empty($VAR['service_id'])) { $rs = $db->Execute(sqlSelect($db, "cart", "id", "product_id=::{$product_id}:: AND session_id=::{$this->session_id}::")); if ($rs->RecordCount() > 0) { $C_debug->alert($C_translate->translate('err_prod_already', 'cart', '')); return false; } } # Validate groups: $groups = unserialize($result->fields['group_avail']); $auth = false; for ($ii = 0; $ii < count($groups); $ii++) { if ($C_auth->auth_group_by_id($groups[$ii])) { $auth = true; break; } } if (!$auth) { return false; } # Validate any required products: if (!empty($result->fields["assoc_req_prod"])) { $reqarr = unserialize($result->fields["assoc_req_prod"]); } else { $reqarr = false; } $reqtype = $result->fields["assoc_req_prod_type"]; $assoc = true; if (is_array($reqarr) && !empty($reqarr[0])) { /* if($reqtype == 0 && is_array($reqarr)) { # ALL are required for($i=0; $i<count($reqarr); $i++) if(!$this->assoc_prod($reqarr[$i])) { $assoc = false; # Add the required product: $this->product_req_add($reqarr[$i]); } } elseif ($reqtype == 1 && is_array($reqarr)) { # ONE is required $assoc = false; for($i=0; $i<count($reqarr); $i++) { if($this->assoc_prod($reqarr[$i])) { $assoc = true; $i = count( $reqarr ); } else { # add the required product: $this->product_req_add($reqarr[$i]); } } }*/ if (!SESS_LOGGED) { $C_debug->alert($C_translate->translate('err_assoc_login', 'cart', '')); return false; } $items = '<br>'; foreach ($reqarr as $prod_id) { $prodrs = $db->Execute(sqlSelect($db, "product_translate", "*", "product_id={$prod_id} AND language_id = ::" . SESS_LANGUAGE . "::")); if ($prodrs && $prodrs->RecordCount()) { $items .= "- <b><a href=\"?_page=product:details&id={$prod_id}\">{$prodrs->fields['name']}</a></b><br>"; } } $C_translate->value("cart", "items", $items); $msg = $C_translate->translate('err_assoc_req', 'cart', ''); if ($reqtype == 0) { $C_debug->alert($msg . " " . $C_translate->translate('assoc_all', 'cart', '')); } else { $C_debug->alert($msg . " " . $C_translate->translate('assoc_one', 'cart', '')); } return false; } # Product Plugin Level Validation $product = $result; if (!empty($product->fields['prod_plugin']) && !empty($product->fields['prod_plugin_data'])) { $prodplgfile = PATH_PLUGINS . 'product/' . $product->fields['prod_plugin_file'] . '.php'; if (is_file($prodplgfile)) { include_once PATH_PLUGINS . 'product/' . $product->fields['prod_plugin_file'] . '.php'; eval('$prodplg = new plgn_prov_' . $product->fields['prod_plugin_file'] . ';'); if (is_object($prodplg)) { if (is_callable(array($prodplg, 'validate_cart'))) { $result = $prodplg->validate_cart($VAR, $product); if ($result === true) { } else { $C_debug->alert($result); return false; } } } } } # Service upgrade if (!empty($VAR['service_id'])) { # validate account logged in if (SESS_LOGGED == false) { return false; } $dbm = new CORE_database(); # validate account owns service, service is modifyable, active, not canceled, and exists $rs = $db->Execute($sql = $dbm->sql_select("service", "*", "recur_modify = 1 AND active = 1 AND ( suspend_billing IS NULL OR suspend_billing = 0 ) AND account_id = " . SESS_ACCOUNT . " AND id = {$VAR['service_id']}", "", $db)); if ($rs === false || $rs->RecordCount() == 0) { return false; } # validate selected product_id is in allowed modify array for selected service if (empty($rs->fields['product_id'])) { return false; } $product_id = $rs->fields['product_id']; $prod = $db->Execute($dbm->sql_select("product", "*", "id = {$product_id}", "", $db)); if ($prod === false || $prod->RecordCount() == 0) { return false; } $arr = unserialize($prod->fields['modify_product_arr']); if (!is_array($arr) || count($arr) == 0 || empty($arr[0])) { return false; } $do = false; foreach ($arr as $pid) { if ($pid == $VAR['product_id']) { $do = true; break; } } if (!$do) { return false; } # make sure this service is not in the cart $sql = 'DELETE FROM ' . AGILE_DB_PREFIX . 'cart WHERE site_id = ' . $db->qstr(DEFAULT_SITE) . ' AND service_id = ' . $db->qstr($VAR['service_id']); $rs = $db->Execute($sql); # make sure this service has no outstanding invoices: $p = AGILE_DB_PREFIX; $sql = "SELECT DISTINCT {$p}invoice.id, {$p}invoice_item.id\n\t \t\tFROM {$p}invoice,{$p}invoice_item\n\t \t\tWHERE {$p}invoice.site_id = " . DEFAULT_SITE . " AND {$p}invoice_item.site_id = " . DEFAULT_SITE . " \n\t \t\tAND {$p}invoice_item.service_id = " . $db->qstr($VAR['service_id']) . " \n\t \t\tAND {$p}invoice_item.invoice_id = {$p}invoice.id AND {$p}invoice.billing_status != 1"; $rs = $db->Execute($sql); if ($rs->RecordCount() > 0) { echo "Invoice(s) in unpaid status for selected service ID {$VAR['service_id']}, cannot upgrade"; return false; } } return true; }
function referred_invoices($id) { $dba = new CORE_database(); $db =& DB(); $sql = $dba->sql_select("invoice", "id,total_amt", "campaign_id = {$id}", false, $db); $rs = $db->Execute($sql); if ($rs->RecordCount() == 0) { return array(0, 0); } else { $total = 0; while (!$rs->EOF) { $total += $rs->fields['total_amt']; $rs->MoveNext(); } } return array($rs->RecordCount(), $total); }