function get_upload_file($fld) { global $UploadCache; if (!isset($UploadCache)) { $UploadCache = array(); } if (!isset($UploadCache[$fld])) { $model_image_obj = new upload($fld); $model_image_obj->set_destination(DIR_FS_CATALOG_IMAGES); $UploadCache[$fld] = $model_image_obj->parse() && $model_image_obj->save() ? $model_image_obj->filename : ''; } //echo 'get_upload_file('.$fld.")=".$UploadCache[$fld]."\n"; return $UploadCache[$fld]; }
function put_logo_image($action = '') { $newname = DIR_FS_CATALOG . 'images/' . $this->store_id . '_images'; if (!is_dir($newname)) { mkdir($newname); } $allowed_files_types = array('gif', 'jpg', 'png'); if (is_dir($newname)) { $store_logo_image = new upload($this->store_logo); $store_logo_image->set_destination($newname); $store_logo_image->set_extensions($allowed_files_types); $parsed = $store_logo_image->parse(); if (!$parsed && $action == '') { if (copy(DIR_FS_CATALOG . 'images/store_images/default/default_store_logo.gif', $newname . '/default_store_logo.gif')) { smn_db_query("update " . TABLE_STORE_MAIN . " set store_image = 'default_store_logo.gif' where store_id = '" . (int) $this->store_id . "'"); } } else { if ($store_logo_image->file['size'] > MAX_IMAGE_FILE_SIZE && $parsed) { if (copy(DIR_FS_CATALOG . 'images/store_images/default/default_store_logo.gif', $newname . '/default_store_logo.gif')) { smn_db_query("update " . TABLE_STORE_MAIN . " set store_image = 'default_store_logo.gif' where store_id = '" . (int) $this->store_id . "'"); } return sprintf(ERROR_IMAGE_FILE_SIZE_EXCEED, MAX_IMAGE_FILE_SIZE); } elseif ($parsed) { $ext = substr($store_logo_image->filename, -4); $store_logo_image->set_filename('logo' . $ext); $saved = $store_logo_image->save(); if ($saved) { smn_db_query("update " . TABLE_STORE_MAIN . " set store_image = '" . $store_logo_image->filename . "' where store_id = '" . (int) $this->store_id . "'"); } elseif ($action == '') { $this->store_logo_image_name = ''; if (copy(DIR_FS_CATALOG . 'images/store_images/default/default_store_logo.gif', $newname . '/default_store_logo.gif')) { smn_db_query("update " . TABLE_STORE_MAIN . " set store_image = 'default_store_logo.gif' where store_id = '" . (int) $this->store_id . "'"); } } } } } else { return ERROR_CATALOG_IMAGE_DIRECTORY_DOES_NOT_EXIST; } return ''; }
function upload() { $logo_image = new upload('logo_image'); if ($logo_image->exists()) { self::deleteLogo('originals'); $img_type = substr($_FILES['logo_image']['name'], strrpos($_FILES['logo_image']['name'], '.') + 1); $original = DIR_FS_CATALOG . DIR_WS_IMAGES . 'logo_originals.' . $img_type; $logo_image->set_destination(realpath(DIR_FS_CATALOG . 'images/')); if ($logo_image->parse() && $logo_image->save()) { copy(DIR_FS_CATALOG . 'images/' . $logo_image->filename, $original); @unlink(DIR_FS_CATALOG . 'images/' . $logo_image->filename); $osC_DirectoryListing = new osC_DirectoryListing('../templates'); $osC_DirectoryListing->setIncludeDirectories(true); $osC_DirectoryListing->setIncludeFiles(false); $osC_DirectoryListing->setExcludeEntries('system'); $templates = $osC_DirectoryListing->getFiles(); foreach ($templates as $template) { $code = $template['name']; if (file_exists('../templates/' . $code . '/template.php')) { include '../templates/' . $code . '/template.php'; $class = 'osC_Template_' . $code; self::deleteLogo($code); if (class_exists($class)) { $module = new $class(); $logo_height = $module->getLogoHeight(); $logo_width = $module->getLogoWidth(); $dest_image = DIR_FS_CATALOG . DIR_WS_IMAGES . 'logo_' . $code . '.' . $img_type; osc_gd_resize($original, $dest_image, $logo_width, $logo_height); } } } return true; } } return false; }
if (USE_CACHE == 'true') { smn_reset_cache_block('categories'); smn_reset_cache_block('also_purchased'); } } smn_redirect(html_entity_decode(smn_href_link(FILENAME_STORE_PRODUCT_CATEGORIES, 'cPath=' . $categories_id . '&ID='.$store_id.'&pID=' . $products_id))); break; case 'new_product_preview': if (! checkVoucherPermissions($store_id, $_POST['products_model'])) { $messageStack->add(ERROR_VENDORS_CANT_ADD_VOUCHERS, 'error'); $allow_insert = 'false'; } else { // copy image only if modified $allowed_files_types = array('gif', 'jpg', 'jpeg', 'png'); $products_image = new upload('products_image'); $products_image->set_destination(DIR_FS_CATALOG_IMAGES); $products_image->set_extensions($allowed_files_types); if ($products_image->parse() && $products_image->save()) { $products_image_name = $products_image->filename; } else { $products_image_name = (isset($_POST['products_previous_image']) ? $_POST['products_previous_image'] : ''); } } break; } } // check if the catalog image directory exists if (is_dir(DIR_FS_CATALOG_IMAGES)) { if (!is_writeable(DIR_FS_CATALOG_IMAGES)) $messageStack->add(ERROR_CATALOG_IMAGE_DIRECTORY_NOT_WRITEABLE, 'error'); } else { $messageStack->add(ERROR_CATALOG_IMAGE_DIRECTORY_DOES_NOT_EXIST, 'error');
$banners_open_new_windows = zen_db_prepare_input($_POST['banners_open_new_windows']); $banners_on_ssl = zen_db_prepare_input($_POST['banners_on_ssl']); $banners_sort_order = zen_db_prepare_input($_POST['banners_sort_order']); $banner_error = false; if (empty($banners_title)) { $messageStack->add(ERROR_BANNER_TITLE_REQUIRED, 'error'); $banner_error = true; } if (empty($banners_group)) { $messageStack->add(ERROR_BANNER_GROUP_REQUIRED, 'error'); $banner_error = true; } if (empty($banners_html_text)) { if (empty($banners_image_local)) { $banners_image = new upload('banners_image'); $banners_image->set_destination(DIR_FS_CATALOG_IMAGES . $banners_image_target); if ($banners_image->parse() == false || $banners_image->save() == false) { $messageStack->add(ERROR_BANNER_IMAGE_REQUIRED, 'error'); $banner_error = true; } } } if ($banner_error == false) { $db_image_location = zen_not_null($banners_image_local) ? $banners_image_local : $banners_image_target . $banners_image->filename; $sql_data_array = array('banners_title' => $banners_title, 'banners_url' => $banners_url, 'banners_image' => $db_image_location, 'banners_group' => $banners_group, 'banners_html_text' => $banners_html_text, 'status' => $status, 'banners_open_new_windows' => $banners_open_new_windows, 'banners_on_ssl' => $banners_on_ssl, 'banners_sort_order' => (int) $banners_sort_order); if ($action == 'insert') { $insert_sql_data = array('date_added' => 'now()', 'status' => '1'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); zen_db_perform(TABLE_BANNERS, $sql_data_array); $banners_id = zen_db_insert_id(); $messageStack->add_session(SUCCESS_BANNER_INSERTED, 'success');
$attributes_price_letters = zen_db_prepare_input($_POST['attributes_price_letters']); $attributes_price_letters_free = zen_db_prepare_input($_POST['attributes_price_letters_free']); $attributes_required = zen_db_prepare_input($_POST['attributes_required']); $attribute_id = zen_db_prepare_input($_POST['attribute_id']); // edit // attributes images // when set to none remove from database if (isset($_POST['attributes_image']) && zen_not_null($_POST['attributes_image']) && $_POST['attributes_image'] != 'none') { $attributes_image = zen_db_prepare_input($_POST['attributes_image']); $attributes_image_none = false; } else { $attributes_image = ''; $attributes_image_none = true; } $attributes_image = new upload('attributes_image'); $attributes_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']); if ($attributes_image->parse() && $attributes_image->save($_POST['overwrite'])) { $attributes_image_name = $attributes_image->filename != 'none' ? $_POST['img_dir'] . $attributes_image->filename : ''; } else { $attributes_image_name = (isset($_POST['attributes_previous_image']) and $_POST['attributes_image'] != 'none') ? $_POST['attributes_previous_image'] : ''; } if ($_POST['image_delete'] == 1) { $attributes_image_name = ''; } // turned off until working $db->Execute("update " . TABLE_PRODUCTS_ATTRIBUTES . "\n set attributes_image = '" . zen_db_input($attributes_image_name) . "'\n where products_attributes_id = '" . (int) $attribute_id . "'"); $db->Execute("update " . TABLE_PRODUCTS_ATTRIBUTES . "\n set products_id = '" . (int) $products_id . "',\n options_id = '" . (int) $options_id . "',\n options_values_id = '" . (int) $values_id . "',\n options_values_price = '" . zen_db_input($value_price) . "',\n price_prefix = '" . zen_db_input($price_prefix) . "',\n products_options_sort_order = '" . zen_db_input($products_options_sort_order) . "',\n product_attribute_is_free = '" . zen_db_input($product_attribute_is_free) . "',\n products_attributes_weight = '" . zen_db_input($products_attributes_weight) . "',\n products_attributes_weight_prefix = '" . zen_db_input($products_attributes_weight_prefix) . "',\n attributes_display_only = '" . zen_db_input($attributes_display_only) . "',\n attributes_default = '" . zen_db_input($attributes_default) . "',\n attributes_discounted = '" . zen_db_input($attributes_discounted) . "',\n attributes_price_base_included = '" . zen_db_input($attributes_price_base_included) . "',\n attributes_price_onetime = '" . zen_db_input($attributes_price_onetime) . "',\n attributes_price_factor = '" . zen_db_input($attributes_price_factor) . "',\n attributes_price_factor_offset = '" . zen_db_input($attributes_price_factor_offset) . "',\n attributes_price_factor_onetime = '" . zen_db_input($attributes_price_factor_onetime) . "',\n attributes_price_factor_onetime_offset = '" . zen_db_input($attributes_price_factor_onetime_offset) . "',\n attributes_qty_prices = '" . zen_db_input($attributes_qty_prices) . "',\n attributes_qty_prices_onetime = '" . zen_db_input($attributes_qty_prices_onetime) . "',\n attributes_price_words = '" . zen_db_input($attributes_price_words) . "',\n attributes_price_words_free = '" . zen_db_input($attributes_price_words_free) . "',\n attributes_price_letters = '" . zen_db_input($attributes_price_letters) . "',\n attributes_price_letters_free = '" . zen_db_input($attributes_price_letters_free) . "',\n attributes_required = '" . zen_db_input($attributes_required) . "'\n where products_attributes_id = '" . (int) $attribute_id . "'"); if (DOWNLOAD_ENABLED == 'true') { $products_attributes_filename = zen_db_prepare_input($_POST['products_attributes_filename']); $products_attributes_maxdays = zen_db_prepare_input($_POST['products_attributes_maxdays']); $products_attributes_maxcount = zen_db_prepare_input($_POST['products_attributes_maxcount']);
$insert_sql_data = array('date_added' => 'now()'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); zen_db_perform(TABLE_MANUFACTURERS, $sql_data_array); $manufacturers_id = zen_db_insert_id(); } elseif ($action == 'save') { $update_sql_data = array('last_modified' => 'now()'); $sql_data_array = array_merge($sql_data_array, $update_sql_data); zen_db_perform(TABLE_MANUFACTURERS, $sql_data_array, 'update', "manufacturers_id = '" . (int) $manufacturers_id . "'"); } if ($_POST['manufacturers_image_manual'] != '') { // add image manually $manufacturers_image_name = zen_db_input($_POST['img_dir'] . $_POST['manufacturers_image_manual']); $db->Execute("update " . TABLE_MANUFACTURERS . "\n set manufacturers_image = '" . $manufacturers_image_name . "'\n where manufacturers_id = '" . (int) $manufacturers_id . "'"); } else { $manufacturers_image = new upload('manufacturers_image'); $manufacturers_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']); if ($manufacturers_image->parse() && $manufacturers_image->save()) { // remove image from database if none if ($manufacturers_image->filename != 'none') { $db->Execute("update " . TABLE_MANUFACTURERS . "\n set manufacturers_image = '" . zen_db_input($_POST['img_dir'] . $manufacturers_image->filename) . "'\n where manufacturers_id = '" . (int) $manufacturers_id . "'"); } else { $db->Execute("update " . TABLE_MANUFACTURERS . "\n set manufacturers_image = ''\n where manufacturers_id = '" . (int) $manufacturers_id . "'"); } } } $languages = zen_get_languages(); for ($i = 0, $n = sizeof($languages); $i < $n; $i++) { $manufacturers_url_array = $_POST['manufacturers_url']; $language_id = $languages[$i]['id']; $sql_data_array = array('manufacturers_url' => zen_db_prepare_input($manufacturers_url_array[$language_id])); if ($action == 'insert') {
public static function save($id = null, $data) { global $osC_Database, $osC_Language, $osC_Image; $error = false; $osC_Database->startTransaction(); if (is_numeric($id)) { $Qproduct = $osC_Database->query('update :table_products set products_quantity = :products_quantity, products_price = :products_price, products_model = :products_model, products_weight = :products_weight, products_weight_class = :products_weight_class, products_status = :products_status, products_tax_class_id = :products_tax_class_id, products_last_modified = now() where products_id = :products_id'); $Qproduct->bindInt(':products_id', $id); } else { $Qproduct = $osC_Database->query('insert into :table_products (products_quantity, products_price, products_model, products_weight, products_weight_class, products_status, products_tax_class_id, products_date_added) values (:products_quantity, :products_price, :products_model, :products_weight, :products_weight_class, :products_status, :products_tax_class_id, :products_date_added)'); $Qproduct->bindRaw(':products_date_added', 'now()'); } $Qproduct->bindTable(':table_products', TABLE_PRODUCTS); $Qproduct->bindInt(':products_quantity', $data['quantity']); $Qproduct->bindFloat(':products_price', $data['price']); $Qproduct->bindValue(':products_model', $data['model']); $Qproduct->bindFloat(':products_weight', $data['weight']); $Qproduct->bindInt(':products_weight_class', $data['weight_class']); $Qproduct->bindInt(':products_status', $data['status']); $Qproduct->bindInt(':products_tax_class_id', $data['tax_class_id']); // $Qproduct->setLogging($_SESSION['module'], $id); $Qproduct->execute(); if ($osC_Database->isError()) { $error = true; } else { if (is_numeric($id)) { $products_id = $id; } else { $products_id = $osC_Database->nextID(); } $Qcategories = $osC_Database->query('delete from :table_products_to_categories where products_id = :products_id'); $Qcategories->bindTable(':table_products_to_categories', TABLE_PRODUCTS_TO_CATEGORIES); $Qcategories->bindInt(':products_id', $products_id); // $Qcategories->setLogging($_SESSION['module'], $products_id); $Qcategories->execute(); if ($osC_Database->isError()) { $error = true; } else { if (isset($data['categories']) && !empty($data['categories'])) { foreach ($data['categories'] as $category_id) { $Qp2c = $osC_Database->query('insert into :table_products_to_categories (products_id, categories_id) values (:products_id, :categories_id)'); $Qp2c->bindTable(':table_products_to_categories', TABLE_PRODUCTS_TO_CATEGORIES); $Qp2c->bindInt(':products_id', $products_id); $Qp2c->bindInt(':categories_id', $category_id); // $Qp2c->setLogging($_SESSION['module'], $products_id); $Qp2c->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } } if ($error === false) { $images = array(); $products_image = new upload('products_image'); $products_image->set_extensions(array('gif', 'jpg', 'jpeg', 'png')); if ($products_image->exists()) { $products_image->set_destination(realpath('../images/products/originals')); if ($products_image->parse() && $products_image->save()) { $images[] = $products_image->filename; } } if (isset($data['localimages'])) { foreach ($data['localimages'] as $image) { $image = basename($image); if (file_exists('../images/products/_upload/' . $image)) { copy('../images/products/_upload/' . $image, '../images/products/originals/' . $image); @unlink('../images/products/_upload/' . $image); $images[] = $image; } } } $default_flag = 1; foreach ($images as $image) { $Qimage = $osC_Database->query('insert into :table_products_images (products_id, image, default_flag, sort_order, date_added) values (:products_id, :image, :default_flag, :sort_order, :date_added)'); $Qimage->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES); $Qimage->bindInt(':products_id', $products_id); $Qimage->bindValue(':image', $image); $Qimage->bindInt(':default_flag', $default_flag); $Qimage->bindInt(':sort_order', 0); $Qimage->bindRaw(':date_added', 'now()'); // $Qimage->setLogging($_SESSION['module'], $products_id); $Qimage->execute(); if ($osC_Database->isError()) { $error = true; } else { foreach ($osC_Image->getGroups() as $group) { if ($group['id'] != '1') { $osC_Image->resize($image, $group['id']); } } } $default_flag = 0; } } if ($error === false) { foreach ($osC_Language->getAll() as $l) { if (is_numeric($id)) { $Qpd = $osC_Database->query('update :table_products_description set products_name = :products_name, products_description = :products_description, products_keyword = :products_keyword, products_tags = :products_tags, products_url = :products_url where products_id = :products_id and language_id = :language_id'); } else { $Qpd = $osC_Database->query('insert into :table_products_description (products_id, language_id, products_name, products_description, products_keyword, products_tags, products_url) values (:products_id, :language_id, :products_name, :products_description, :products_keyword, :products_tags, :products_url)'); } $Qpd->bindTable(':table_products_description', TABLE_PRODUCTS_DESCRIPTION); $Qpd->bindInt(':products_id', $products_id); $Qpd->bindInt(':language_id', $l['id']); $Qpd->bindValue(':products_name', $data['products_name'][$l['id']]); $Qpd->bindValue(':products_description', $data['products_description'][$l['id']]); $Qpd->bindValue(':products_keyword', $data['products_keyword'][$l['id']]); $Qpd->bindValue(':products_tags', $data['products_tags'][$l['id']]); $Qpd->bindValue(':products_url', $data['products_url'][$l['id']]); // $Qpd->setLogging($_SESSION['module'], $products_id); $Qpd->execute(); if ($osC_Database->isError()) { $error = true; break; } } } if ($error === false) { if (isset($data['attributes']) && !empty($data['attributes'])) { foreach ($data['attributes'] as $attributes_id => $value) { if (is_array($value)) { } elseif (!empty($value)) { $Qcheck = $osC_Database->query('select id from :table_product_attributes where products_id = :products_id and id = :id limit 1'); $Qcheck->bindTable(':table_product_attributes', TABLE_PRODUCT_ATTRIBUTES); $Qcheck->bindInt(':products_id', $products_id); $Qcheck->bindInt(':id', $attributes_id); $Qcheck->execute(); if ($Qcheck->numberOfRows() === 1) { $Qattribute = $osC_Database->query('update :table_product_attributes set value = :value where products_id = :products_id and id = :id'); } else { $Qattribute = $osC_Database->query('insert into :table_product_attributes (id, products_id, languages_id, value) values (:id, :products_id, :languages_id, :value)'); $Qattribute->bindInt(':languages_id', 0); } $Qattribute->bindTable(':table_product_attributes', TABLE_PRODUCT_ATTRIBUTES); $Qattribute->bindValue(':value', $value); $Qattribute->bindInt(':products_id', $products_id); $Qattribute->bindInt(':id', $attributes_id); $Qattribute->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } } if ($error === false) { $variants_array = array(); $default_variant_combo = null; if (isset($data['variants_combo']) && !empty($data['variants_combo'])) { foreach ($data['variants_combo'] as $key => $combos) { if (isset($data['variants_combo_db'][$key])) { $Qsubproduct = $osC_Database->query('update :table_products set products_quantity = :products_quantity, products_price = :products_price, products_model = :products_model, products_weight = :products_weight, products_weight_class = :products_weight_class, products_status = :products_status, products_tax_class_id = :products_tax_class_id where products_id = :products_id'); $Qsubproduct->bindInt(':products_id', $data['variants_combo_db'][$key]); } else { $Qsubproduct = $osC_Database->query('insert into :table_products (parent_id, products_quantity, products_price, products_model, products_weight, products_weight_class, products_status, products_tax_class_id, products_date_added) values (:parent_id, :products_quantity, :products_price, :products_model, :products_weight, :products_weight_class, :products_status, :products_tax_class_id, :products_date_added)'); $Qsubproduct->bindInt(':parent_id', $products_id); $Qsubproduct->bindRaw(':products_date_added', 'now()'); } $Qsubproduct->bindTable(':table_products', TABLE_PRODUCTS); $Qsubproduct->bindInt(':products_quantity', $data['variants_quantity'][$key]); $Qsubproduct->bindFloat(':products_price', $data['variants_price'][$key]); $Qsubproduct->bindValue(':products_model', $data['variants_model'][$key]); $Qsubproduct->bindFloat(':products_weight', $data['variants_weight'][$key]); $Qsubproduct->bindInt(':products_weight_class', $data['variants_weight_class'][$key]); $Qsubproduct->bindInt(':products_status', $data['variants_status'][$key]); $Qsubproduct->bindInt(':products_tax_class_id', $data['variants_tax_class_id'][$key]); // $Qsubproduct->setLogging($_SESSION['module'], $id); $Qsubproduct->execute(); if (isset($data['variants_combo_db'][$key])) { $subproduct_id = $data['variants_combo_db'][$key]; } else { $subproduct_id = $osC_Database->nextID(); } if ($data['variants_default_combo'] == $key) { $default_variant_combo = $subproduct_id; } /* if ( $osC_Database->isError() ) { $error = true; break; } */ $combos_array = explode(';', $combos); foreach ($combos_array as $combo) { list($vgroup, $vvalue) = explode('_', $combo); $variants_array[$subproduct_id][] = $vvalue; $check_combos_array[] = $vvalue; $Qcheck = $osC_Database->query('select products_id from :table_products_variants where products_id = :products_id and products_variants_values_id = :products_variants_values_id'); $Qcheck->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qcheck->bindInt(':products_id', $subproduct_id); $Qcheck->bindInt(':products_variants_values_id', $vvalue); $Qcheck->execute(); if ($Qcheck->numberOfRows() < 1) { $Qvcombo = $osC_Database->query('insert into :table_products_variants (products_id, products_variants_values_id) values (:products_id, :products_variants_values_id)'); $Qvcombo->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qvcombo->bindInt(':products_id', $subproduct_id); $Qvcombo->bindInt(':products_variants_values_id', $vvalue); // $Qvcombo->setLogging($_SESSION['module'], $products_id); $Qvcombo->execute(); if ($osC_Database->isError()) { $error = true; break 2; } } } } } if ($error === false) { if (empty($variants_array)) { $Qcheck = $osC_Database->query('select pv.* from :table_products p, :table_products_variants pv where p.parent_id = :parent_id and p.products_id = pv.products_id'); $Qcheck->bindTable(':table_products', TABLE_PRODUCTS); $Qcheck->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qcheck->bindInt(':parent_id', $products_id); $Qcheck->execute(); while ($Qcheck->next()) { $Qdel = $osC_Database->query('delete from :table_products_variants where products_id = :products_id'); $Qdel->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qdel->bindInt(':products_id', $Qcheck->valueInt('products_id')); $Qdel->execute(); $Qdel = $osC_Database->query('delete from :table_products where products_id = :products_id'); $Qdel->bindTable(':table_products', TABLE_PRODUCTS); $Qdel->bindInt(':products_id', $Qcheck->valueInt('products_id')); $Qdel->execute(); } } else { $Qcheck = $osC_Database->query('select pv.* from :table_products p, :table_products_variants pv where p.parent_id = :parent_id and p.products_id = pv.products_id and pv.products_id not in (":products_id")'); $Qcheck->bindTable(':table_products', TABLE_PRODUCTS); $Qcheck->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qcheck->bindInt(':parent_id', $products_id); $Qcheck->bindRaw(':products_id', implode('", "', array_keys($variants_array))); $Qcheck->execute(); while ($Qcheck->next()) { $Qdel = $osC_Database->query('delete from :table_products_variants where products_id = :products_id and products_variants_values_id = :products_variants_values_id'); $Qdel->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qdel->bindInt(':products_id', $Qcheck->valueInt('products_id')); $Qdel->bindInt(':products_variants_values_id', $Qcheck->valueInt('products_variants_values_id')); $Qdel->execute(); $Qdel = $osC_Database->query('delete from :table_products where products_id = :products_id'); $Qdel->bindTable(':table_products', TABLE_PRODUCTS); $Qdel->bindInt(':products_id', $Qcheck->valueInt('products_id')); $Qdel->execute(); } foreach ($variants_array as $key => $values) { $Qdel = $osC_Database->query('delete from :table_products_variants where products_id = :products_id and products_variants_values_id not in (":products_variants_values_id")'); $Qdel->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qdel->bindInt(':products_id', $key); $Qdel->bindRaw(':products_variants_values_id', implode('", "', $values)); $Qdel->execute(); } } } $Qupdate = $osC_Database->query('update :table_products set has_children = :has_children where products_id = :products_id'); $Qupdate->bindTable(':table_products', TABLE_PRODUCTS); $Qupdate->bindInt(':has_children', empty($variants_array) ? 0 : 1); $Qupdate->bindInt(':products_id', $products_id); $Qupdate->execute(); } if ($error === false) { $Qupdate = $osC_Database->query('update :table_products_variants set default_combo = :default_combo where products_id in (":products_id")'); $Qupdate->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qupdate->bindInt(':default_combo', 0); $Qupdate->bindRaw(':products_id', implode('", "', array_keys($variants_array))); $Qupdate->execute(); if (is_numeric($default_variant_combo)) { $Qupdate = $osC_Database->query('update :table_products_variants set default_combo = :default_combo where products_id = :products_id'); $Qupdate->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qupdate->bindInt(':default_combo', 1); $Qupdate->bindInt(':products_id', $default_variant_combo); $Qupdate->execute(); } } if ($error === false) { $osC_Database->commitTransaction(); osC_Cache::clear('categories'); osC_Cache::clear('category_tree'); osC_Cache::clear('also_purchased'); return true; } $osC_Database->rollbackTransaction(); return false; }
$expires_date = HTML::sanitize($_POST['expires_date']); $expires_impressions = HTML::sanitize($_POST['expires_impressions']); $date_scheduled = HTML::sanitize($_POST['date_scheduled']); $banner_error = false; if (empty($banners_title)) { $OSCOM_MessageStack->add(OSCOM::getDef('error_banner_title_required'), 'error'); $banner_error = true; } if (empty($banners_group)) { $OSCOM_MessageStack->add(OSCOM::getDef('error_banner_group_required'), 'error'); $banner_error = true; } if (empty($banners_html_text)) { if (empty($banners_image_local)) { $banners_image = new upload('banners_image'); $banners_image->set_destination(OSCOM::getConfig('dir_root', 'Shop') . 'images/' . $banners_image_target); if ($banners_image->parse() == false || $banners_image->save() == false) { $banner_error = true; } } } if ($banner_error == false) { $db_image_location = tep_not_null($banners_image_local) ? $banners_image_local : $banners_image_target . $banners_image->filename; $sql_data_array = array('banners_title' => $banners_title, 'banners_url' => $banners_url, 'banners_image' => $db_image_location, 'banners_group' => $banners_group, 'banners_html_text' => $banners_html_text, 'expires_date' => 'null', 'expires_impressions' => 0, 'date_scheduled' => 'null'); if ($action == 'insert') { $insert_sql_data = array('date_added' => 'now()', 'status' => '1'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); $OSCOM_Db->save('banners', $sql_data_array); $banners_id = $OSCOM_Db->lastInsertId(); $OSCOM_MessageStack->add(OSCOM::getDef('success_banner_inserted'), 'success'); } elseif ($action == 'update') {
} */ if ($affiliate_banners_image && $affiliate_banners_image != 'none' && is_uploaded_file($affiliate_banners_image)) { if (!is_writeable(DIR_FS_CATALOG_IMAGES . 'banners/' . $affiliate_banners_image_target)) { if (is_dir(DIR_FS_CATALOG_IMAGES . 'banners/' . $affiliate_banners_image_target)) { $messageStack->add(ERROR_IMAGE_DIRECTORY_NOT_WRITEABLE, 'error'); } else { $messageStack->add(ERROR_IMAGE_DIRECTORY_DOES_NOT_EXIST, 'error'); } $affiliate_banner_error = true; } } if (empty($affiliate_html_text)) { if (empty($affiliate_banners_image_local)) { $affiliate_banners_image = new upload('affiliate_banners_image'); $affiliate_banners_image->set_destination(DIR_FS_CATALOG_IMAGES . 'banners/' . $affiliate_banners_image_target); if ($affiliate_banners_image->parse() == false || $affiliate_banners_image->save() == false) { $affiliate_banner_error = true; } } } if ($affiliate_banner_error == false) { //if (empty($affiliate_html_text)) { //if ( ($affiliate_banners_image) && ($affiliate_banners_image != 'none') && (is_uploaded_file($affiliate_banners_image)) ) { // $image_location = DIR_FS_CATALOG_IMAGES . 'banners/' . $affiliate_banners_image_target . $affiliate_banners_image_name; // copy($affiliate_banners_image, $image_location); //} $db_image_location = !empty($affiliate_banners_image_local) ? $affiliate_banners_image_local : $affiliate_banners_image_target . $affiliate_banners_image->filename; //} if (!$affiliate_products_id) { $affiliate_products_id = "0";
// Update existing large product images if (preg_match('/^products_image_large_([0-9]+)$/', $key, $matches)) { $pi_sort_order++; $sql_data_array = array('htmlcontent' => tep_db_prepare_input($HTTP_POST_VARS['products_image_htmlcontent_' . $matches[1]]), 'sort_order' => $pi_sort_order); $t = new upload($key); $t->set_destination(DIR_FS_CATALOG_IMAGES); if ($t->parse() && $t->save()) { $sql_data_array['image'] = tep_db_prepare_input($t->filename); } tep_db_perform(TABLE_PRODUCTS_IMAGES, $sql_data_array, 'update', "products_id = '" . (int) $products_id . "' and id = '" . (int) $matches[1] . "'"); $piArray[] = (int) $matches[1]; } elseif (preg_match('/^products_image_large_new_([0-9]+)$/', $key, $matches)) { // Insert new large product images $sql_data_array = array('products_id' => (int) $products_id, 'htmlcontent' => tep_db_prepare_input($HTTP_POST_VARS['products_image_htmlcontent_new_' . $matches[1]])); $t = new upload($key); $t->set_destination(DIR_FS_CATALOG_IMAGES); if ($t->parse() && $t->save()) { $pi_sort_order++; $sql_data_array['image'] = tep_db_prepare_input($t->filename); $sql_data_array['sort_order'] = $pi_sort_order; tep_db_perform(TABLE_PRODUCTS_IMAGES, $sql_data_array); $piArray[] = tep_db_insert_id(); } } } $product_images_query = tep_db_query("select image from " . TABLE_PRODUCTS_IMAGES . " where products_id = '" . (int) $products_id . "' and id not in (" . implode(',', $piArray) . ")"); if (tep_db_num_rows($product_images_query)) { while ($product_images = tep_db_fetch_array($product_images_query)) { $duplicate_image_query = tep_db_query("select count(*) as total from " . TABLE_PRODUCTS_IMAGES . " where image = '" . tep_db_input($product_images['image']) . "'"); $duplicate_image = tep_db_fetch_array($duplicate_image_query); if ($duplicate_image['total'] < 2) {
function uploadImage() { global $toC_Json, $osC_Database; $osC_Image = new osC_Image_Admin(); if (is_array($_FILES)) { $products_image = array_keys($_FILES); $products_image = $products_image[0]; } if (isset($_REQUEST['products_id'])) { $products_image = new upload($products_image); if ($products_image->exists()) { $products_image->set_destination(realpath('../images/products/originals')); if ($products_image->parse() && $products_image->save()) { $default_flag = 1; $Qcheck = $osC_Database->query('select id from :table_products_images where products_id = :products_id and default_flag = :default_flag limit 1'); $Qcheck->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES); $Qcheck->bindInt(':products_id', $_REQUEST['products_id']); $Qcheck->bindInt(':default_flag', 1); $Qcheck->execute(); if ($Qcheck->numberOfRows() === 1) { $default_flag = 0; } $Qimage = $osC_Database->query('insert into :table_products_images (products_id, image, default_flag, sort_order, date_added) values (:products_id, :image, :default_flag, :sort_order, :date_added)'); $Qimage->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES); $Qimage->bindInt(':products_id', $_REQUEST['products_id']); $Qimage->bindValue(':image', $products_image->filename); $Qimage->bindInt(':default_flag', $default_flag); $Qimage->bindInt(':sort_order', 0); $Qimage->bindRaw(':date_added', 'now()'); $Qimage->setLogging($_SESSION['module'], $_REQUEST['products_id']); $Qimage->execute(); foreach ($osC_Image->getGroups() as $group) { if ($group['id'] != '1') { $osC_Image->resize($products_image->filename, $group['id']); } } } } } header('Content-Type: text/html'); $response['success'] = true; $response['feedback'] = $osC_Language->get('ms_success_action_performed'); echo $toC_Json->encode($response); }
if ($export_info['status'] === false) { $messageStack->add($export_info['message']); } else { $messageStack->add_session(sprintf(DBIO_MGR_EXPORT_SUCCESSFUL, $_POST['handler'], $export_info['export_filename'], $export_info['stats']['record_count']), 'success'); $_SESSION['dbio_vars'] = $_POST; $_SESSION['dbio_last_export'] = $export_info; zen_redirect(zen_href_link(FILENAME_DBIO_MANAGER, zen_get_all_get_params(array('action')))); } } } elseif (isset($_POST['upload_button'])) { if (!zen_not_null($_FILES['upload_filename']['name'])) { $messageStack->add(ERROR_NO_FILE_TO_UPLOAD); } else { $upload = new upload('upload_filename'); $upload->set_extensions(explode(',', DBIO_SUPPORTED_FILE_EXTENSIONS)); $upload->set_destination(DIR_FS_DBIO); if ($upload->parse()) { $upload->save(); } zen_redirect(zen_href_link(FILENAME_DBIO_MANAGER, zen_get_all_get_params(array('action')))); } } else { zen_redirect(zen_href_link(FILENAME_DBIO_MANAGER, zen_get_all_get_params(array('action')))); } break; case 'file': if (!(isset($_POST['file_action']) && isset($_POST['filename_hash']) && isset($dbio_files[$_POST['filename_hash']]) || isset($_POST['delete_button']) && isset($_POST['delete_hash']))) { $messageStack->add_session(DBIO_FORM_SUBMISSION_ERROR); } elseif (isset($_POST['delete_button'])) { if (is_array($_POST['delete_hash'])) { foreach ($_POST['delete_hash'] as $delete_hash => $delete_value) {
public static function save($id = null, $data) { global $lC_Database, $lC_Language, $lC_Image, $lC_CategoryTree; $error = false; $lC_Database->startTransaction(); if (is_numeric($id)) { $Qproduct = $lC_Database->query('update :table_products set parent_id = :parent_id, products_quantity = :products_quantity, products_cost = :products_cost, products_price = :products_price, products_msrp = :products_msrp, products_model = :products_model, products_sku = :products_sku, products_weight = :products_weight, products_weight_class = :products_weight_class, products_status = :products_status, groups_pricing_enable = :groups_pricing_enable, qpb_pricing_enable = :qpb_pricing_enable, specials_pricing_enable = :specials_pricing_enable, products_tax_class_id = :products_tax_class_id, products_last_modified = now(), products_sort_order = :products_sort_order where products_id = :products_id'); $Qproduct->bindInt(':products_id', $id); } else { $Qproduct = $lC_Database->query('insert into :table_products (parent_id, products_quantity, products_cost, products_price, products_msrp, products_model, products_sku, products_weight, products_weight_class, products_status, products_tax_class_id, products_ordered, products_date_added, groups_pricing_enable, qpb_pricing_enable, specials_pricing_enable, products_sort_order) values (:parent_id, :products_quantity, :products_cost, :products_price, :products_msrp, :products_model, :products_sku, :products_weight, :products_weight_class, :products_status, :products_tax_class_id, :products_ordered, :products_date_added, :groups_pricing_enable, :qpb_pricing_enable, :specials_pricing_enable, :products_sort_order)'); $Qproduct->bindRaw(':products_date_added', 'now()'); $Qproduct->bindInt(':products_ordered', $data['products_ordered']); } // set parent status if (isset($_POST['products_status']) && $_POST['products_status'] == 'active') { $data['status'] = 1; } if (isset($_POST['products_status']) && $_POST['products_status'] == 'inactive') { $data['status'] = -1; } if (isset($_POST['products_status']) && $_POST['products_status'] == 'recurring') { $data['status'] = 0; } $Qproduct->bindTable(':table_products', TABLE_PRODUCTS); $Qproduct->bindInt(':parent_id', $data['parent_id']); $Qproduct->bindInt(':products_quantity', $data['quantity']); $Qproduct->bindFloat(':products_cost', $data['cost']); $Qproduct->bindFloat(':products_price', $data['price']); $Qproduct->bindFloat(':products_msrp', $data['msrp']); $Qproduct->bindValue(':products_model', $data['model']); $Qproduct->bindValue(':products_sku', $data['sku']); $Qproduct->bindFloat(':products_weight', $data['weight']); $Qproduct->bindInt(':products_weight_class', $data['weight_class']); $Qproduct->bindInt(':products_tax_class_id', $data['tax_class_id']); $Qproduct->bindInt(':products_status', $data['status']); $Qproduct->bindInt(':groups_pricing_enable', $data['groups_pricing_switch']); $Qproduct->bindInt(':qpb_pricing_enable', $data['qpb_pricing_switch']); $Qproduct->bindInt(':specials_pricing_enable', $data['specials_pricing_switch']); $Qproduct->bindInt(':products_sort_order', $data['products_sort_order']); $Qproduct->setLogging($_SESSION['module'], $id); $Qproduct->execute(); if (is_numeric($id)) { $products_id = $id; } else { $products_id = $lC_Database->nextID(); } // products to categories if ($lC_Database->isError()) { $error = true; } else { $Qcategories = $lC_Database->query('delete from :table_products_to_categories where products_id = :products_id'); $Qcategories->bindTable(':table_products_to_categories', TABLE_PRODUCTS_TO_CATEGORIES); $Qcategories->bindInt(':products_id', $products_id); $Qcategories->setLogging($_SESSION['module'], $products_id); $Qcategories->execute(); if ($lC_Database->isError()) { $error = true; } else { if (isset($data['categories']) && !empty($data['categories'])) { foreach ($data['categories'] as $category_id) { $Qp2c = $lC_Database->query('insert into :table_products_to_categories (products_id, categories_id) values (:products_id, :categories_id)'); $Qp2c->bindTable(':table_products_to_categories', TABLE_PRODUCTS_TO_CATEGORIES); $Qp2c->bindInt(':products_id', $products_id); $Qp2c->bindInt(':categories_id', $category_id); $Qp2c->setLogging($_SESSION['module'], $products_id); $Qp2c->execute(); if ($lC_Database->isError()) { $error = true; break; } } } } } // product images if ($error === false) { $images = array(); $products_image = new upload('products_image'); $products_image->set_extensions(array('gif', 'jpg', 'jpeg', 'png')); if ($products_image->exists()) { $products_image->set_destination(realpath('../images/products/originals')); if ($products_image->parse() && $products_image->save()) { $images[] = $products_image->filename; } } if (isset($data['localimages'])) { foreach ($data['localimages'] as $image) { $image = basename($image); if (@file_exists('../images/products/_upload/' . $image)) { copy('../images/products/_upload/' . $image, '../images/products/originals/' . $image); @unlink('../images/products/_upload/' . $image); $images[] = $image; } } } $default_flag = 1; foreach ($images as $image) { $Qimage = $lC_Database->query('insert into :table_products_images (products_id, image, default_flag, sort_order, date_added) values (:products_id, :image, :default_flag, :sort_order, :date_added)'); $Qimage->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES); $Qimage->bindInt(':products_id', $products_id); $Qimage->bindValue(':image', $image); $Qimage->bindInt(':default_flag', $default_flag); $Qimage->bindInt(':sort_order', 0); $Qimage->bindRaw(':date_added', 'now()'); $Qimage->setLogging($_SESSION['module'], $products_id); $Qimage->execute(); if ($lC_Database->isError()) { $error = true; } else { foreach ($lC_Image->getGroups() as $group) { if ($group['id'] != '1') { $lC_Image->resize($image, $group['id']); } } } $default_flag = 0; } } // product description if ($error === false) { if (isset($data['categories']) && !empty($data['categories'])) { $cPath = $lC_CategoryTree->getcPath($data['categories'][0]); } else { $cPath = $category_id != '' ? $lC_CategoryTree->getcPath($category_id) : 0; } foreach ($lC_Language->getAll() as $l) { // this code will be revisited // if (self::validatePermalink($data['products_keyword'][$l['id']], $id, 2, $l['id']) != 1) { // $data['products_keyword'][$l['id']] = $data['products_keyword'][$l['id']] . '-link'; // } // check to see if the DB entry exists for the selected language $Qchk1 = $lC_Database->query('select products_description from :table_products_description where products_id = :products_id and language_id = :language_id limit 1'); $Qchk1->bindTable(':table_products_description', TABLE_PRODUCTS_DESCRIPTION); $Qchk1->bindInt(':products_id', $products_id); $Qchk1->bindInt(':language_id', $l['id']); $Qchk1->execute(); if (is_numeric($id) && $Qchk1->numberOfRows() == 1) { $Qpd = $lC_Database->query('update :table_products_description set products_name = :products_name, products_blurb = :products_blurb, products_description = :products_description, products_keyword = :products_keyword, products_tags = :products_tags, products_url = :products_url where products_id = :products_id and language_id = :language_id'); } else { $Qpd = $lC_Database->query('insert into :table_products_description (products_id, language_id, products_name, products_blurb, products_description, products_keyword, products_tags, products_url) values (:products_id, :language_id, :products_name, :products_blurb, :products_description, :products_keyword, :products_tags, :products_url)'); } $Qchk1->freeResult(); $Qpd->bindTable(':table_products_description', TABLE_PRODUCTS_DESCRIPTION); $Qpd->bindInt(':products_id', $products_id); $Qpd->bindInt(':language_id', $l['id']); $Qpd->bindValue(':products_name', $data['products_name'][$l['id']]); $Qpd->bindValue(':products_blurb', $data['products_blurb'][$l['id']]); $Qpd->bindValue(':products_description', $data['products_description'][$l['id']]); $Qpd->bindValue(':products_keyword', $data['products_keyword'][$l['id']]); $Qpd->bindValue(':products_tags', $data['products_tags'][$l['id']]); $Qpd->bindValue(':products_url', $data['products_url'][$l['id']]); $Qpd->setLogging($_SESSION['module'], $products_id); $Qpd->execute(); if ($lC_Database->isError()) { $error = true; break; } // check to see if the DB entry exists for the selected language $Qchk2 = $lC_Database->query('select products_description from :table_permalinks where item_id = :item_id and language_id = :language_id limit 1'); $Qchk2->bindTable(':table_permalinks', TABLE_PERMALINKS); $Qchk2->bindInt(':item_id', $products_id); $Qchk2->bindInt(':language_id', $l['id']); $Qchk2->execute(); // added for permalink if (is_numeric($id) && $Qchk2->numberOfRows() == 1) { $Qpl = $lC_Database->query('update :table_permalinks set permalink = :permalink, query = :query where item_id = :item_id and type = :type and language_id = :language_id'); } else { $Qpl = $lC_Database->query('insert into :table_permalinks (item_id, language_id, type, query, permalink) values (:item_id, :language_id, :type, :query, :permalink)'); } $Qchk2->freeResult(); $Qpl->bindTable(':table_permalinks', TABLE_PERMALINKS); $Qpl->bindInt(':item_id', $products_id); $Qpl->bindInt(':language_id', $l['id']); $Qpl->bindInt(':type', 2); $Qpl->bindValue(':query', 'cPath=' . $cPath); $Qpl->bindValue(':permalink', $data['products_keyword'][$l['id']]); $Qpl->setLogging($_SESSION['module'], $products_id); $Qpl->execute(); if ($lC_Database->isError()) { $error = true; break; } } } // product attributes if ($error === false) { if (isset($data['attributes']) && !empty($data['attributes'])) { foreach ($data['attributes'] as $attributes_id => $value) { if (is_array($value)) { } elseif (!empty($value) && $value != 'NULL') { $Qcheck = $lC_Database->query('select id from :table_product_attributes where products_id = :products_id and id = :id limit 1'); $Qcheck->bindTable(':table_product_attributes', TABLE_PRODUCT_ATTRIBUTES); $Qcheck->bindInt(':products_id', $products_id); $Qcheck->bindInt(':id', $attributes_id); $Qcheck->execute(); if ($Qcheck->numberOfRows() === 1) { $Qattribute = $lC_Database->query('update :table_product_attributes set value = :value, value2 = :value2 where products_id = :products_id and id = :id'); } else { $Qattribute = $lC_Database->query('insert into :table_product_attributes (id, products_id, languages_id, value, value2) values (:id, :products_id, :languages_id, :value, :value2)'); $Qattribute->bindInt(':languages_id', $lC_Language->getID()); } // support for 2nd value such as end date $value2 = isset($data['attributes2'][$attributes_id]) && $data['attributes2'][$attributes_id] != null ? $data['attributes2'][$attributes_id] : ''; $Qattribute->bindTable(':table_product_attributes', TABLE_PRODUCT_ATTRIBUTES); $Qattribute->bindValue(':value', $value); $Qattribute->bindValue(':value2', $value2); $Qattribute->bindInt(':products_id', $products_id); $Qattribute->bindInt(':id', $attributes_id); $Qattribute->execute(); if ($lC_Database->isError()) { $error = true; break; } } } } } // simple options if ($error === false) { // delete the simple options $Qdel = $lC_Database->query('delete from :table_products_simple_options where products_id = :products_id'); $Qdel->bindTable(':table_products_simple_options', TABLE_PRODUCTS_SIMPLE_OPTIONS); $Qdel->bindInt(':products_id', $products_id); $Qdel->setLogging($_SESSION['module'], $products_id); $Qdel->execute(); // delete the simple options values $Qdel = $lC_Database->query('delete from :table_products_simple_options_values where products_id = :products_id'); $Qdel->bindTable(':table_products_simple_options_values', TABLE_PRODUCTS_SIMPLE_OPTIONS_VALUES); $Qdel->bindInt(':products_id', $products_id); $Qdel->setLogging($_SESSION['module'], $products_id); $Qdel->execute(); // if values are set, save them if (isset($data['simple_options_group_name']) && !empty($data['simple_options_group_name'])) { foreach ($data['simple_options_group_name'] as $group_id => $value) { // add the new option $Qoptions = $lC_Database->query('insert into :table_products_simple_options (options_id, products_id, sort_order, status) values (:options_id, :products_id, :sort_order, :status)'); $Qoptions->bindTable(':table_products_simple_options', TABLE_PRODUCTS_SIMPLE_OPTIONS); $Qoptions->bindInt(':options_id', $group_id); $Qoptions->bindInt(':products_id', $products_id); $Qoptions->bindInt(':sort_order', $data['simple_options_group_sort_order'][$group_id]); $Qoptions->bindInt(':status', $data['simple_options_group_status'][$group_id]); $Qoptions->setLogging($_SESSION['module'], $products_id); $Qoptions->execute(); if ($lC_Database->isError()) { $error = true; break; } // add the new option values if (is_array($data['simple_options_entry_price_modifier'])) { foreach ($data['simple_options_entry_price_modifier'] as $customers_group_id => $options) { foreach ($options as $options_id => $option_value) { if ($options_id == $group_id) { foreach ($option_value as $values_id => $price_modifier) { // Added for simple options values sort order // based for now on variants values sort order globally across all products $Qsortorder = $lC_Database->query('select sort_order FROM :table_products_variants_values where id = :id'); $Qsortorder->bindTable(':table_products_variants_values', TABLE_PRODUCTS_VARIANTS_VALUES); $Qsortorder->bindInt(':id', $values_id); $Qsortorder->execute(); $Qoptval = $lC_Database->query('insert into :table_products_simple_options_values (products_id, values_id, options_id, customers_group_id, price_modifier, sort_order) values (:products_id, :values_id, :options_id, :customers_group_id, :price_modifier, :sort_order)'); $Qoptval->bindTable(':table_products_simple_options_values', TABLE_PRODUCTS_SIMPLE_OPTIONS_VALUES); $Qoptval->bindInt(':products_id', $products_id); $Qoptval->bindInt(':values_id', $values_id); $Qoptval->bindInt(':options_id', $options_id); $Qoptval->bindInt(':customers_group_id', $customers_group_id); $Qoptval->bindInt(':sort_order', $Qsortorder->valueInt('sort_order')); $Qoptval->bindFloat(':price_modifier', (double) $price_modifier); $Qoptval->setLogging($_SESSION['module'], $products_id); $Qoptval->execute(); if ($lC_Database->isError()) { $error = true; break 4; } } } } } } } } } // specials pricing if ($error === false) { if ($data['specials_pricing_switch'] == 1) { $specials_id = self::hasSpecial($products_id); $specials_data = array('specials_id' => (int) $specials_id, 'products_id' => (int) $products_id, 'specials_price' => $data['products_special_price1'], 'specials_start_date' => $data['products_special_start_date1'], 'specials_expires_date' => $data['products_special_expires_date1'], 'specials_status' => $data['products_special_pricing_enable1'] != '' ? 1 : 0); lC_Specials_Admin::save((int) $specials_id, $specials_data); } } if ($error === false) { $lC_Database->commitTransaction(); lC_Cache::clear('categories'); lC_Cache::clear('category_tree'); lC_Cache::clear('also_purchased'); return $products_id; // Return the products id for use with the save_close buttons } $lC_Database->rollbackTransaction(); return false; }
} // EOF: MOD for Categories Description 1.5 if ($action == 'insert_category') { $insert_sql_data = array('categories_id' => $categories_id, 'language_id' => $languages[$i]['id']); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); tep_db_perform(TABLE_CATEGORIES_DESCRIPTION, $sql_data_array); } elseif ($action == 'update_category') { tep_db_perform(TABLE_CATEGORIES_DESCRIPTION, $sql_data_array, 'update', "categories_id = '" . (int) $categories_id . "' and language_id = '" . (int) $languages[$i]['id'] . "'"); } } // BOF: MOD for Categories Description 1.5 //OLD- if ($categories_image = new upload('categories_image', DIR_FS_CATALOG_IMAGES)) { // tep_db_query("update " . TABLE_CATEGORIES . " set categories_image = '" . //tep_db_input($categories_image->filename) . "' where categories_id = '" . (int)$categories_id . "'"); // copy image only if modified $categories_image = new upload('categories_image'); $categories_image->set_destination(DIR_FS_CATALOG_IMAGES . CATEGORY_IMAGES_DIR); if ($categories_image->parse() && $categories_image->save()) { $categories_image_name = $categories_image->filename; // BOF Image Resize require_once 'includes/functions/image_resize.php'; image_resize(DIR_FS_CATALOG_IMAGES . CATEGORY_IMAGES_DIR . $categories_image->filename, SUBCATEGORY_IMAGE_WIDTH, SUBCATEGORY_IMAGE_HEIGHT, SUBCATEGORY_IMAGE_COMPRESSION); // EOF Image Resize } else { $categories_image_name = $_POST['categories_previous_image']; } tep_db_query("update " . TABLE_CATEGORIES . " set categories_image = '" . $categories_image_name . "' where categories_id = '" . tep_db_input($categories_id) . "'"); if (USE_CACHE == 'true') { tep_reset_cache_block('categories'); tep_reset_cache_block('also_purchased'); } tep_redirect(tep_href_link(FILENAME_CATEGORIES, 'cPath=' . $cPath . '&cID=' . $categories_id));
osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2010 osCommerce Released under the GNU General Public License */ require 'includes/application_top.php'; $action = isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''; if (tep_not_null($action)) { switch ($action) { case 'save': $error = false; $store_logo = new upload('store_logo'); $store_logo->set_extensions('png'); $store_logo->set_destination(DIR_FS_CATALOG_IMAGES); if ($store_logo->parse()) { $store_logo->set_filename('store_logo.png'); if ($store_logo->save()) { $messageStack->add_session(SUCCESS_LOGO_UPDATED, 'success'); } else { $error = true; } } else { $error = true; } if ($error == false) { tep_redirect(tep_href_link(FILENAME_STORE_LOGO)); } break; }
case 'remove_clip': $delete_query = "delete from " . TABLE_MEDIA_CLIPS . " where clip_id = '" . $_GET['clip_id'] . "'"; $db->Execute($delete_query); zen_redirect(zen_href_link(FILENAME_MEDIA_MANAGER, 'action=edit&page=' . $_GET['page'])); break; case 'insert': case 'save': if (isset($_POST['add_clip'])) { $clip_name = $_FILES['clip_filename']; $clip_name = zen_db_prepare_input($clip_name['name']); if ($clip_name) { $media_type = $_POST['media_type']; $ext = $db->Execute("select type_ext from " . TABLE_MEDIA_TYPES . " where type_id = '" . $_POST['media_type'] . "'"); if (ereg($ext->fields['type_ext'], $clip_name)) { if ($media_upload = new upload('clip_filename')) { $media_upload->set_destination(DIR_FS_CATALOG_MEDIA . $_POST['media_dir']); if ($media_upload->parse() && $media_upload->save()) { $media_upload_filename = $_POST['media_dir'] . $media_upload->filename; } if ($media_upload->filename != 'none' && $media_upload->filename != '' && is_writable(DIR_FS_CATALOG_MEDIA . $_POST['media_dir'])) { $db->Execute("insert into " . TABLE_MEDIA_CLIPS . "\n (media_id, clip_type, clip_filename, date_added) values (\n '" . $_GET['mID'] . "',\n '" . $media_type . "',\n '" . $media_upload_filename . "', now())"); } } } } } if (isset($_GET['mID'])) { $media_id = zen_db_prepare_input($_GET['mID']); } $media_name = zen_db_prepare_input($_POST['media_name']); $sql_data_array = array('media_name' => $media_name);
$record_company_id = zen_db_prepare_input($_GET['mID']); } $record_company_name = zen_db_prepare_input($_POST['record_company_name']); $sql_data_array = array('record_company_name' => $record_company_name); if ($action == 'insert') { $insert_sql_data = array('date_added' => $gBitDb->NOW()); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); $gBitDb->associateInsert(TABLE_RECORD_COMPANY, $sql_data_array); $record_company_id = zen_db_insert_id(TABLE_RECORD_COMPANY, 'record_company_id'); } elseif ($action == 'save') { $update_sql_data = array('last_modified' => $gBitDb->NOW()); $sql_data_array = array_merge($sql_data_array, $update_sql_data); $gBitDb->associateInsert(TABLE_RECORD_COMPANY, $sql_data_array, 'update', "record_company_id = '" . (int) $record_company_id . "'"); } $record_company_image = new upload('record_company_image'); $record_company_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']); if ($record_company_image->parse() && $record_company_image->save()) { // remove image from database if none if ($record_company_image->filename != 'none') { // remove image from database if none $gBitDb->Execute("update " . TABLE_RECORD_COMPANY . "\n set record_company_image = '" . $_POST['img_dir'] . $record_company_image->filename . "'\n where record_company_id = '" . (int) $record_company_id . "'"); } else { $gBitDb->Execute("update " . TABLE_RECORD_COMPANY . "\n set record_company_image = ''\n where record_company_id = '" . (int) $record_company_id . "'"); } } $languages = zen_get_languages(); for ($i = 0, $n = sizeof($languages); $i < $n; $i++) { $record_company_url_array = $_POST['record_company_url']; $language_id = $languages[$i]['id']; $sql_data_array = array('record_company_url' => zen_db_prepare_input($record_company_url_array[$language_id])); if ($action == 'insert') {
function save($id = null, $data) { global $osC_Database, $osC_Language, $osC_Image, $osC_Session; $error = false; $osC_Database->startTransaction(); //products if (is_numeric($id)) { $Qproduct = $osC_Database->query('update :table_products set products_type = :products_type, products_sku = :products_sku, products_model = :products_model, products_price = :products_price, products_quantity = :products_quantity, products_moq = :products_moq, products_max_order_quantity = :products_max_order_quantity, order_increment = :order_increment, quantity_unit_class = :quantity_unit_class, products_date_available = :products_date_available, products_weight = :products_weight, products_weight_class = :products_weight_class, products_status = :products_status, products_tax_class_id = :products_tax_class_id, manufacturers_id = :manufacturers_id, quantity_discount_groups_id = :quantity_discount_groups_id, products_last_modified = now(), products_attributes_groups_id = :products_attributes_groups_id where products_id = :products_id'); $Qproduct->bindInt(':products_id', $id); } else { $Qproduct = $osC_Database->query('insert into :table_products (products_type, products_sku, products_model, products_price, products_quantity, products_moq, products_max_order_quantity, order_increment, quantity_unit_class, products_date_available, products_weight, products_weight_class, products_status, products_tax_class_id, manufacturers_id, products_date_added, quantity_discount_groups_id, products_attributes_groups_id) values (:products_type, :products_sku, :products_model, :products_price, :products_quantity, :products_moq, :products_max_order_quantity, :order_increment, :quantity_unit_class, :products_date_available, :products_weight, :products_weight_class, :products_status, :products_tax_class_id, :manufacturers_id, :products_date_added, :quantity_discount_groups_id, :products_attributes_groups_id)'); $Qproduct->bindRaw(':products_date_added', 'now()'); } $Qproduct->bindTable(':table_products', TABLE_PRODUCTS); $Qproduct->bindInt(':products_type', $data['products_type']); $Qproduct->bindValue(':products_sku', $data['products_sku']); $Qproduct->bindValue(':products_model', $data['products_model']); $Qproduct->bindValue(':products_price', $data['price']); $Qproduct->bindInt(':products_quantity', $data['quantity']); $Qproduct->bindInt(':products_moq', $data['products_moq']); $Qproduct->bindInt(':products_max_order_quantity', $data['products_max_order_quantity']); $Qproduct->bindInt(':order_increment', $data['order_increment']); $Qproduct->bindInt(':quantity_unit_class', $data['quantity_unit_class']); if (date('Y-m-d') < $data['date_available']) { $Qproduct->bindValue(':products_date_available', $data['date_available']); } else { $Qproduct->bindRaw(':products_date_available', 'null'); } $Qproduct->bindValue(':products_weight', $data['weight']); $Qproduct->bindInt(':products_weight_class', $data['weight_class']); $Qproduct->bindInt(':products_status', $data['status']); $Qproduct->bindInt(':products_tax_class_id', $data['tax_class_id']); $Qproduct->bindInt(':manufacturers_id', $data['manufacturers_id']); $Qproduct->bindInt(':quantity_discount_groups_id', $data['quantity_discount_groups_id']); if (empty($data['products_attributes_groups_id'])) { $Qproduct->bindRaw(':products_attributes_groups_id', 'null'); } else { $Qproduct->bindInt(':products_attributes_groups_id', $data['products_attributes_groups_id']); } $Qproduct->setLogging($_SESSION['module'], $id); $Qproduct->execute(); if ($osC_Database->isError()) { $error = true; } else { if (is_numeric($id)) { $products_id = $id; } else { $products_id = $osC_Database->nextID(); } //products_to_categories $Qcategories = $osC_Database->query('delete from :table_products_to_categories where products_id = :products_id'); $Qcategories->bindTable(':table_products_to_categories', TABLE_PRODUCTS_TO_CATEGORIES); $Qcategories->bindInt(':products_id', $products_id); $Qcategories->setLogging($_SESSION['module'], $products_id); $Qcategories->execute(); if ($osC_Database->isError()) { $error = true; } else { if (isset($data['categories']) && !empty($data['categories'])) { foreach ($data['categories'] as $category_id) { $Qp2c = $osC_Database->query('insert into :table_products_to_categories (products_id, categories_id) values (:products_id, :categories_id)'); $Qp2c->bindTable(':table_products_to_categories', TABLE_PRODUCTS_TO_CATEGORIES); $Qp2c->bindInt(':products_id', $products_id); $Qp2c->bindInt(':categories_id', $category_id); $Qp2c->setLogging($_SESSION['module'], $products_id); $Qp2c->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } } if ($error === false && is_numeric($id)) { $Qdelete = $osC_Database->query('delete from :table_products_attachments_to_products where products_id = :products_id'); $Qdelete->bindTable(':table_products_attachments_to_products', TABLE_PRODUCTS_ATTACHMENTS_TO_PRODUCTS); $Qdelete->bindInt(':products_id', $products_id); $Qdelete->setLogging($_SESSION['module'], $products_id); $Qdelete->execute(); if ($osC_Database->isError()) { $error = true; } } if ($error === false && sizeof($data['attachments']) > 0) { foreach ($data['attachments'] as $attachments_id) { $Qp2a = $osC_Database->query('insert into :table_products_attachments_to_products (products_id, attachments_id) values (:products_id, :attachments_id)'); $Qp2a->bindTable(':table_products_attachments_to_products', TABLE_PRODUCTS_ATTACHMENTS_TO_PRODUCTS); $Qp2a->bindInt(':products_id', $products_id); $Qp2a->bindInt(':attachments_id', $attachments_id); $Qp2a->setLogging($_SESSION['module'], $products_id); $Qp2a->execute(); if ($osC_Database->isError()) { $error = true; break; } } } //accessories if ($error === false) { if (is_numeric($id)) { $Qdelete = $osC_Database->query('delete from :table_products_accessories where products_id = :products_id'); $Qdelete->bindTable(':table_products_accessories', TABLE_PRODUCTS_ACCESSORIES); $Qdelete->bindInt(':products_id', $products_id); $Qdelete->setLogging($_SESSION['module'], $products_id); $Qdelete->execute(); if ($osC_Database->isError()) { $error = true; } } if (sizeof($data['accessories_ids']) > 0) { foreach ($data['accessories_ids'] as $accessories_id) { $Qinsert = $osC_Database->query('insert into :table_products_accessories (products_id, accessories_id) values (:products_id, :accessories_id)'); $Qinsert->bindTable(':table_products_accessories', TABLE_PRODUCTS_ACCESSORIES); $Qinsert->bindInt(':products_id', $products_id); $Qinsert->bindInt(':accessories_id', $accessories_id); $Qinsert->setLogging($_SESSION['module'], $products_id); $Qinsert->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } //downloadable products & gift certificates if ($data['products_type'] == PRODUCT_TYPE_DOWNLOADABLE) { if (is_numeric($id)) { $Qdownloadables = $osC_Database->query('update :table_products_downloadables set number_of_downloads = :number_of_downloads, number_of_accessible_days = :number_of_accessible_days where products_id = :products_id'); } else { $Qdownloadables = $osC_Database->query('insert into :table_products_downloadables (products_id, number_of_downloads, number_of_accessible_days) values (:products_id, :number_of_downloads, :number_of_accessible_days)'); } $Qdownloadables->bindTable(':table_products_downloadables', TABLE_PRODUCTS_DOWNLOADABLES); $Qdownloadables->bindInt(':products_id', $products_id); $Qdownloadables->bindInt(':number_of_downloads', $data['number_of_downloads']); $Qdownloadables->bindInt(':number_of_accessible_days', $data['number_of_accessible_days']); $Qdownloadables->setLogging($_SESSION['module'], $products_id); $Qdownloadables->execute(); if ($osC_Database->isError()) { $error = true; } else { $filename = null; $cache_filename = null; $file = new upload('downloadable_file'); if ($file->exists()) { $file->set_destination(realpath('../download')); if ($file->parse() && $file->save()) { $filename = $file->filename; $cache_filename = md5($filename . time()); rename(DIR_FS_DOWNLOAD . $filename, DIR_FS_DOWNLOAD . $cache_filename); } } if (!is_null($filename)) { if (is_numeric($id)) { $Qfile = $osC_Database->query('select cache_filename from :table_products_downloadables where products_id = :products_id'); $Qfile->bindTable(':table_products_downloadables', TABLE_PRODUCTS_DOWNLOADABLES); $Qfile->bindInt(':products_id', $products_id); $Qfile->execute(); if ($Qfile->numberOfRows() > 0) { $file = $Qfile->value('cache_filename'); unlink(DIR_FS_DOWNLOAD . $file); } } $Qupdate = $osC_Database->query('update :table_products_downloadables set filename = :filename, cache_filename = :cache_filename where products_id = :products_id'); $Qupdate->bindTable(':table_products_downloadables', TABLE_PRODUCTS_DOWNLOADABLES); $Qupdate->bindInt(':products_id', $products_id); $Qupdate->bindValue(':filename', $filename); $Qupdate->bindValue(':cache_filename', $cache_filename); $Qupdate->setLogging($_SESSION['module'], $products_id); $Qupdate->execute(); if ($osC_Database->isError()) { $error = true; } } if ($error === false) { $sample_filename = null; $cache_sample_filename = null; $sample_file = new upload('sample_downloadable_file'); if ($sample_file->exists()) { $sample_file->set_destination(realpath('../download')); if ($sample_file->parse() && $sample_file->save()) { $sample_filename = $sample_file->filename; $cache_sample_filename = md5($sample_filename . time()); @rename(DIR_FS_DOWNLOAD . $sample_filename, DIR_FS_DOWNLOAD . $cache_sample_filename); } } if (!is_null($sample_filename) && $error === false) { if (is_numeric($id)) { $Qfile = $osC_Database->query('select cache_sample_filename from :table_products_downloadables where products_id = :products_id'); $Qfile->bindTable(':table_products_downloadables', TABLE_PRODUCTS_DOWNLOADABLES); $Qfile->bindInt(':products_id', $products_id); $Qfile->execute(); if ($Qfile->numberOfRows() > 0) { $file = $Qfile->value('cache_sample_filename'); unlink(DIR_FS_DOWNLOAD . $file); } } $Qfiles = $osC_Database->query('update :table_products_downloadables set sample_filename = :sample_filename, cache_sample_filename = :cache_sample_filename where products_id = :products_id'); $Qfiles->bindTable(':table_products_downloadables', TABLE_PRODUCTS_DOWNLOADABLES); $Qfiles->bindInt(':products_id', $products_id); $Qfiles->bindValue(':sample_filename', $sample_filename); $Qfiles->bindValue(':cache_sample_filename', $cache_sample_filename); $Qfiles->setLogging($_SESSION['module'], $products_id); $Qfiles->execute(); if ($osC_Database->isError()) { $error = true; } } } } } else { if ($data['products_type'] == PRODUCT_TYPE_GIFT_CERTIFICATE) { if (is_numeric($id)) { $Qcertificates = $osC_Database->query('update :table_products_gift_certificates set gift_certificates_type = :gift_certificates_type, gift_certificates_amount_type = :gift_certificates_amount_type, open_amount_max_value = :open_amount_max_value, open_amount_min_value = :open_amount_min_value where products_id = :products_id'); } else { $Qcertificates = $osC_Database->query('insert into :table_products_gift_certificates (products_id, gift_certificates_type, gift_certificates_amount_type, open_amount_max_value, open_amount_min_value) values (:products_id, :gift_certificates_type, :gift_certificates_amount_type, :open_amount_max_value, :open_amount_min_value)'); } $Qcertificates->bindTable(':table_products_gift_certificates', TABLE_PRODUCTS_GIFT_CERTIFICATES); $Qcertificates->bindInt(':products_id', $products_id); $Qcertificates->bindInt(':gift_certificates_type', $data['gift_certificates_type']); $Qcertificates->bindInt(':gift_certificates_amount_type', $data['gift_certificates_amount_type']); $Qcertificates->bindValue(':open_amount_max_value', $data['open_amount_max_value']); $Qcertificates->bindValue(':open_amount_min_value', $data['open_amount_min_value']); $Qcertificates->setLogging($_SESSION['module'], $products_id); $Qcertificates->execute(); if ($osC_Database->isError()) { $error = true; } } } //products_description if ($error === false) { foreach ($osC_Language->getAll() as $l) { if (is_numeric($id)) { $Qpd = $osC_Database->query('update :table_products_description set products_name = :products_name, products_short_description = :products_short_description, products_description = :products_description, products_tags = :products_tags, products_url = :products_url, products_friendly_url = :products_friendly_url, products_page_title = :products_page_title, products_meta_keywords = :products_meta_keywords, products_meta_description = :products_meta_description where products_id = :products_id and language_id = :language_id'); } else { $Qpd = $osC_Database->query('insert into :table_products_description (products_id, language_id, products_name, products_short_description, products_description, products_tags, products_url, products_friendly_url, products_page_title, products_meta_keywords, products_meta_description) values (:products_id, :language_id, :products_name, :products_short_description, :products_description, :products_tags, :products_url, :products_friendly_url, :products_page_title, :products_meta_keywords, :products_meta_description)'); } $Qpd->bindTable(':table_products_description', TABLE_PRODUCTS_DESCRIPTION); $Qpd->bindInt(':products_id', $products_id); $Qpd->bindInt(':language_id', $l['id']); $Qpd->bindValue(':products_name', $data['products_name'][$l['id']]); $Qpd->bindValue(':products_short_description', $data['products_short_description'][$l['id']]); $Qpd->bindValue(':products_description', $data['products_description'][$l['id']]); $Qpd->bindValue(':products_tags', $data['products_tags'][$l['id']]); $Qpd->bindValue(':products_url', $data['products_url'][$l['id']]); $Qpd->bindValue(':products_friendly_url', $data['products_friendly_url'][$l['id']]); $Qpd->bindValue(':products_page_title', $data['products_page_title'][$l['id']]); $Qpd->bindValue(':products_meta_keywords', $data['products_meta_keywords'][$l['id']]); $Qpd->bindValue(':products_meta_description', $data['products_meta_description'][$l['id']]); $Qpd->setLogging($_SESSION['module'], $products_id); $Qpd->execute(); if ($osC_Database->isError()) { $error = true; break; } } } //BEGIN: products images if ($error === false) { $images = array(); $image_path = '../images/products/_upload/' . $osC_Session->getID() . '/'; $osC_DirectoryListing = new osC_DirectoryListing($image_path, true); $osC_DirectoryListing->setIncludeDirectories(false); foreach ($osC_DirectoryListing->getFiles() as $file) { @copy($image_path . $file['name'], '../images/products/originals/' . $file['name']); @unlink($image_path . $file['name']); $images[$file['name']] = -1; } osc_remove($image_path); $default_flag = 1; foreach (array_keys($images) as $image) { $Qimage = $osC_Database->query('insert into :table_products_images (products_id, default_flag, sort_order, date_added) values (:products_id, :default_flag, :sort_order, :date_added)'); $Qimage->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES); $Qimage->bindInt(':products_id', $products_id); $Qimage->bindInt(':default_flag', $default_flag); $Qimage->bindInt(':sort_order', 0); $Qimage->bindRaw(':date_added', 'now()'); $Qimage->execute(); if ($osC_Database->isError()) { $error = true; } else { $image_id = $osC_Database->nextID(); $images[$image] = $image_id; $new_image_name = $products_id . '_' . $image_id . '_' . $image; @rename('../images/products/originals/' . $image, '../images/products/originals/' . $new_image_name); $Qupdate = $osC_Database->query('update :table_products_images set image = :image where id = :id'); $Qupdate->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES); $Qupdate->bindValue(':image', $new_image_name); $Qupdate->bindInt(':id', $image_id); $Qupdate->setLogging($_SESSION['module'], $products_id); $Qupdate->execute(); foreach ($osC_Image->getGroups() as $group) { if ($group['id'] != '1') { $osC_Image->resize($new_image_name, $group['id'], 'products'); } } } $default_flag = 0; } } //END: products images //BEGIN: products variants if ($error === false) { //if edit product, delete variant first if (is_numeric($id)) { $Qvariants = $osC_Database->query('select * from :table_products_variants where products_id = :products_id order by products_variants_id'); $Qvariants->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qvariants->bindInt(':products_id', $_REQUEST['products_id']); $Qvariants->execute(); $records = array(); while ($Qvariants->next()) { $Qentries = $osC_Database->query('select products_variants_id, products_variants_groups_id, products_variants_values_id from :table_products_variants_entries where products_variants_id = :products_variants_id order by products_variants_groups_id, products_variants_values_id'); $Qentries->bindTable(':table_products_variants_entries', TABLE_PRODUCTS_VARIANTS_ENTRIES); $Qentries->bindInt(':products_variants_id', $Qvariants->valueInt('products_variants_id')); $Qentries->execute(); $variants_values = array(); while ($Qentries->next()) { $variants_values[] = $Qentries->valueInt('products_variants_groups_id') . '_' . $Qentries->valueInt('products_variants_values_id'); } $variant = implode('-', $variants_values); if (!isset($data['products_variants_id'][$variant])) { //remove cache file $cache_filename = $Qvariants->value('cache_filename'); if (!empty($cache_filename) && file_exists(DIR_FS_DOWNLOAD . $cache_filename)) { osc_remove(DIR_FS_DOWNLOAD . $cache_filename); } //delete variants $Qdelete = $osC_Database->query('delete from :table_products_variants where products_variants_id = :products_variants_id'); $Qdelete->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qdelete->bindInt(':products_variants_id', $Qvariants->valueInt('products_variants_id')); $Qdelete->execute(); if ($osC_Database->isError()) { $error = true; break; } //delete variants entries if ($error === false) { $Qdelete = $osC_Database->query('delete from :table_products_variants_entries where products_variants_id = :products_variants_id'); $Qdelete->bindTable(':table_products_variants_entries', TABLE_PRODUCTS_VARIANTS_ENTRIES); $Qdelete->bindInt(':products_variants_id', $Qvariants->valueInt('products_variants_id')); $Qdelete->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } } $products_quantity = 0; //insert or update variant if (isset($data['products_variants_id']) && is_array($data['products_variants_id'])) { foreach ($data['products_variants_id'] as $key => $variants_id) { if ($variants_id > 0) { $Qpv = $osC_Database->query('update :table_products_variants set products_price = :products_price, products_sku = :products_sku, products_model = :products_model, products_quantity = :products_quantity, products_weight = :products_weight, products_status = :products_status, products_images_id = :products_images_id, is_default = :is_default where products_variants_id = :products_variants_id'); $Qpv->bindInt(':products_variants_id', $variants_id); } else { $Qpv = $osC_Database->query('insert into :table_products_variants (products_id, products_price, products_sku, products_model, products_quantity, products_weight, products_status, is_default, products_images_id) values (:products_id, :products_price, :products_sku, :products_model, :products_quantity, :products_weight, :products_status, :is_default, :products_images_id)'); $Qpv->bindInt(':products_id', $products_id); } $Qpv->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qpv->bindInt(':is_default', $data['variants_default'][$key]); $Qpv->bindValue(':products_price', $data['variants_price'][$key]); $Qpv->bindValue(':products_sku', $data['variants_sku'][$key]); $Qpv->bindValue(':products_model', $data['variants_model'][$key]); $Qpv->bindValue(':products_quantity', $data['variants_quantity'][$key]); $Qpv->bindValue(':products_weight', $data['variants_weight'][$key]); $Qpv->bindValue(':products_status', $data['variants_status'][$key]); $products_images_id = is_numeric($data['variants_image'][$key]) ? $data['variants_image'][$key] : $images[$data['variants_image'][$key]]; $Qpv->bindInt(':products_images_id', $products_images_id); $Qpv->execute(); if ($osC_Database->isError()) { $error = true; break; } else { if (is_numeric($variants_id) && $variants_id > 0) { $products_variants_id = $variants_id; } else { $products_variants_id = $osC_Database->nextID(); } //downloadable file if ($data['products_type'] == PRODUCT_TYPE_DOWNLOADABLE) { $variants_file = new upload('products_variants_download_' . $key); if ($variants_file->exists()) { //remove old file if (is_numeric($variants_id) && $variants_id > 0) { $Qfile = $osC_Database->query('select cache_filename from :table_products_variants where products_variants_id = :products_variants_id'); $Qfile->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qfile->bindInt(':products_variants_id', $variants_id); $Qfile->execute(); $cache_filename = $Qfile->value('cache_filename'); if (!empty($cache_filename)) { osc_remove(DIR_FS_DOWNLOAD . $cache_filename); } } $variants_file->set_destination(realpath('../download')); if ($variants_file->parse() && $variants_file->save()) { $variants_filename = $variants_file->filename; $cache_variants_filename = md5($variants_filename . time()); @rename(DIR_FS_DOWNLOAD . $variants_filename, DIR_FS_DOWNLOAD . $cache_variants_filename); $Qupdate = $osC_Database->query('update :table_products_variants set filename = :filename, cache_filename = :cache_filename where products_variants_id = :products_variants_id'); $Qupdate->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qupdate->bindInt(':products_variants_id', $products_variants_id); $Qupdate->bindValue(':filename', $variants_filename); $Qupdate->bindValue(':cache_filename', $cache_variants_filename); $Qupdate->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } $products_quantity += $data['variants_quantity'][$key]; } //variant entries if ($error === false && $variants_id == '-1') { $assigned_variants = explode('-', $key); for ($i = 0; $i < sizeof($assigned_variants); $i++) { $assigned_variant = explode('_', $assigned_variants[$i]); $Qpve = $osC_Database->query('insert into :table_products_variants_entries (products_variants_id, products_variants_groups_id, products_variants_values_id) values (:products_variants_id, :products_variants_groups_id, :products_variants_values_id)'); $Qpve->bindTable(':table_products_variants_entries', TABLE_PRODUCTS_VARIANTS_ENTRIES); $Qpve->bindInt(':products_variants_id', $products_variants_id); $Qpve->bindInt(':products_variants_groups_id', $assigned_variant[0]); $Qpve->bindInt(':products_variants_values_id', $assigned_variant[1]); $Qpve->setLogging($_SESSION['module'], $products_id); $Qpve->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } if ($error === false) { $osC_Database->simpleQuery('update ' . TABLE_PRODUCTS . ' set products_quantity = ' . $products_quantity . ' where products_id =' . $products_id); if ($osC_Database->isError()) { $error = true; } } } } //END: products variants //BEGIN: xsell products if ($error === false) { if (is_numeric($id)) { $Qdelete = $osC_Database->query('delete from :table_products_xsell where products_id = :products_id'); $Qdelete->bindTable(':table_products_xsell', TABLE_PRODUCTS_XSELL); $Qdelete->bindInt(':products_id', $id); $Qdelete->setLogging($_SESSION['module'], $id); $Qdelete->execute(); if ($osC_Database->isError()) { $error = true; } } if ($error === false) { if (isset($data['xsell_id_array']) && !empty($data['xsell_id_array'])) { foreach ($data['xsell_id_array'] as $xsell_products_id) { $Qxsell = $osC_Database->query('insert into :table_products_xsell (products_id, xsell_products_id) values (:products_id , :xsell_products_id )'); $Qxsell->bindTable(':table_products_xsell', TABLE_PRODUCTS_XSELL); $Qxsell->bindInt(':products_id', $products_id); $Qxsell->bindInt(':xsell_products_id', $xsell_products_id); $Qxsell->setLogging($_SESSION['module'], $products_id); $Qxsell->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } } //END: xsell products //BEGIN: products attributes if ($error === false) { if (is_numeric($id)) { $Qdelete = $osC_Database->query('delete from :table_products_attributes where products_id = :products_id '); $Qdelete->bindTable(':table_products_attributes', TABLE_PRODUCTS_ATTRIBUTES); $Qdelete->bindInt(':products_id', $id); $Qdelete->setLogging($_SESSION['module'], $id); $Qdelete->execute(); if ($osC_Database->isError()) { $error = true; } } if ($error === false) { if (!empty($data['products_attributes'])) { foreach ($data['products_attributes'] as $attribute) { $Qef = $osC_Database->query('insert into :table_products_attributes (products_id, products_attributes_values_id, language_id, value) values (:products_id , :products_attributes_values_id, :language_id, :value)'); $Qef->bindTable(':table_products_attributes', TABLE_PRODUCTS_ATTRIBUTES); $Qef->bindInt(':products_id', $products_id); $Qef->bindInt(':products_attributes_values_id', $attribute['id']); $Qef->bindInt(':language_id', $attribute['language_id']); $Qef->bindValue(':value', $attribute['value']); $Qef->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } } //END: products attributes //BEGIN: customization fields if ($error === false) { if (is_numeric($id) && isset($data['customization_fields'])) { $ids = array(); foreach ($data['customization_fields'] as $customization) { if ($customization['customizations_fields_id'] > 0) { $ids[] = $customization['customizations_fields_id']; } } $Qcheck = $osC_Database->query('select customization_fields_id from :table_customization_fields where products_id = :products_id'); $Qcheck->bindTable(':table_customization_fields', TABLE_CUSTOMIZATION_FIELDS); $Qcheck->bindInt(':products_id', $products_id); if (sizeof($ids) > 0) { $Qcheck->appendQuery('and customization_fields_id not in (:customization_fields_id)'); $Qcheck->bindRaw(':customization_fields_id', implode(', ', $ids)); } $Qcheck->execute(); //delete customization fields if ($Qcheck->numberOfRows() > 0) { $batch = array(); while ($Qcheck->next()) { $batch[] = $Qcheck->valueInt('customization_fields_id'); } $Qdelete = $osC_Database->query('delete from :table_customization_fields where customization_fields_id in (:customization_fields_id)'); $Qdelete->bindTable(':table_customization_fields', TABLE_CUSTOMIZATION_FIELDS); $Qdelete->bindRaw(':customization_fields_id', implode(', ', $batch)); $Qdelete->setLogging($_SESSION['module'], $products_id); $Qdelete->execute(); if ($osC_Database->isError()) { $error = true; break; } if ($error === false) { $Qdelete = $osC_Database->query('delete from :table_customization_fields_description where customization_fields_id in (:customization_fields_id)'); $Qdelete->bindTable(':table_customization_fields_description', TABLE_CUSTOMIZATION_FIELDS_DESCRIPTION); $Qdelete->bindRaw(':customization_fields_id', implode(', ', $batch)); $Qdelete->setLogging($_SESSION['module'], $products_id); $Qdelete->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } } if ($error === false) { if (isset($data['customization_fields']) && !empty($data['customization_fields'])) { foreach ($data['customization_fields'] as $field) { if ($field['customizations_fields_id'] > 0) { $Qfield = $osC_Database->query('update :table_customization_fields set type = :type, is_required = :is_required where customization_fields_id = :customization_fields_id'); $Qfield->bindInt(':customization_fields_id', $field['customizations_fields_id']); } else { $Qfield = $osC_Database->query('insert into :table_customization_fields (products_id, type, is_required) values (:products_id, :type, :is_required)'); } $Qfield->bindTable(':table_customization_fields', TABLE_CUSTOMIZATION_FIELDS); $Qfield->bindInt(':products_id', $products_id); $Qfield->bindInt(':type', $field['customizations_type']); $Qfield->bindInt(':is_required', $field['customizations_is_required']); $Qfield->execute(); if ($osC_Database->isError()) { $error = true; break; } else { $fields_id = $field['customizations_fields_id'] > 0 ? $field['customizations_fields_id'] : $osC_Database->nextID(); $lan = get_object_vars($field['customizations_name_data']); foreach ($osC_Language->getAll() as $l) { if ($field['customizations_fields_id'] > 0) { $Qdescription = $osC_Database->query('update :table_customization_fields_description set name = :name where customization_fields_id = :customization_fields_id and languages_id = :languages_id'); } else { $Qdescription = $osC_Database->query('insert into :table_customization_fields_description (customization_fields_id, languages_id, name) values (:customization_fields_id, :languages_id, :name)'); } $Qdescription->bindTable(':table_customization_fields_description', TABLE_CUSTOMIZATION_FIELDS_DESCRIPTION); $Qdescription->bindInt(':customization_fields_id', $fields_id); $Qdescription->bindInt(':languages_id', $l['id']); $Qdescription->bindValue(':name', $lan['name' . $l['id']]); $Qdescription->setLogging($_SESSION['module'], $products_id); $Qdescription->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } } } //END: customization fields if ($error === false) { $osC_Database->commitTransaction(); osC_Cache::clear('categories'); osC_Cache::clear('category_tree'); osC_Cache::clear('also_purchased'); osC_Cache::clear('sefu-products'); osC_Cache::clear('new_products'); osC_Cache::clear('feature_products'); return $products_id; } $osC_Database->rollbackTransaction(); return false; }
zen_mail($mail->fields['customers_firstname'] . ' ' . $mail->fields['customers_lastname'], $mail->fields['customers_email_address'], $subject, $message, STORE_NAME, $from, $html_msg, 'direct_email', array('file' => $attachment_file, 'name' => basename($attachment_file), 'mime_type' => $attachment_filetype)); $recip_count++; $mail->MoveNext(); } if ($recip_count > 0) { $messageStack->add_session(sprintf(NOTICE_EMAIL_SENT_TO, $mail_sent_to . ' (' . $recip_count . ')'), 'success'); } else { $messageStack->add_session(sprintf(NOTICE_EMAIL_FAILED_SEND, $mail_sent_to . ' (' . $recip_count . ')'), 'error'); } zen_redirect(zen_href_link(FILENAME_MAIL, 'mail_sent_to=' . urlencode($mail_sent_to) . '&recip_count=' . $recip_count . (isset($_GET['origin']) ? '&origin=' . zen_output_string_protected($_GET['origin']) : '') . (isset($_GET['cID']) ? '&cID=' . (int) $_GET['cID'] : '') . (isset($_GET['customer']) ? '&customer=' . zen_output_string_protected($_GET['customer']) : ''))); } if (EMAIL_ATTACHMENTS_ENABLED && $action == 'preview') { // PROCESS UPLOAD ATTACHMENTS if (isset($_FILES['upload_file']) && zen_not_null($_FILES['upload_file']) && $_POST['upload_file'] != 'none') { if ($attachments_obj = new upload('upload_file')) { $attachments_obj->set_destination(DIR_WS_ADMIN_ATTACHMENTS . $_POST['attach_dir']); if ($attachments_obj->parse() && $attachments_obj->save()) { $attachment_file = $_POST['attach_dir'] . $attachments_obj->filename; $attachment_fname = $attachments_obj->filename; $attachment_filetype = $_FILES['upload_file']['type']; } } } //DEBUG: //$messageStack->add('EOF-attachments_list='.$attachment_file.'->'.$attachment_filetype, 'caution'); } //end attachments upload // error detection if ($action == 'preview') { if (!isset($_POST['customers_email_address'])) { $messageStack->add(ERROR_NO_CUSTOMER_SELECTED, 'error');
function save($id, $data) { global $osC_Database, $osC_Language; $error = false; if ($data['attachments_file']) { $file = new upload($data['attachments_file']); if ($file->exists()) { //remove old attachment file if (is_numeric($id)) { $Qfile = $osC_Database->query('select cache_filename from :table_products_attachments where attachments_id = :id'); $Qfile->bindTable(':table_products_attachments', TABLE_PRODUCTS_ATTACHMENTS); $Qfile->bindInt(':id', $id); $Qfile->execute(); if ($Qfile->numberOfRows() == 1) { @unlink(DIR_FS_CACHE . '/products_attachments/' . $Qfile->value('cache_filename')); } } $file->set_destination(realpath(DIR_FS_CACHE . '/products_attachments')); if ($file->parse() && $file->save()) { $filename = $file->filename; $cache_filename = md5($filename . time()); @rename(DIR_FS_CACHE . 'products_attachments/' . $file->filename, DIR_FS_CACHE . '/products_attachments/' . $cache_filename); if (is_numeric($id)) { $Qattachment = $osC_Database->query('update :table_products_attachments set filename = :filename , cache_filename = :cache_filename where attachments_id = :id'); $Qattachment->bindTable(':table_products_attachments', TABLE_PRODUCTS_ATTACHMENTS); $Qattachment->bindInt(':id', $id); } else { $Qattachment = $osC_Database->query('insert into :table_products_attachments (filename, cache_filename) values (:filename, :cache_filename)'); $Qattachment->bindTable(':table_products_attachments', TABLE_PRODUCTS_ATTACHMENTS); } $Qattachment->bindValue(':filename', $filename); $Qattachment->bindValue(':cache_filename', $cache_filename); $Qattachment->setLogging($_SESSION['module'], $id); $Qattachment->execute(); if ($osC_Database->isError()) { $error = true; } } } } if ($error === false) { $attachments_id = is_numeric($id) ? $id : $osC_Database->nextID(); foreach ($osC_Language->getAll() as $l) { if (is_numeric($id)) { $Qad = $osC_Database->query('update :table_products_attachments_description set attachments_name = :attachments_name, attachments_description = :attachments_description where attachments_id = :id and languages_id = :language_id'); } else { $Qad = $osC_Database->query('insert into :table_products_attachments_description (attachments_id, languages_id, attachments_name, attachments_description) values (:id, :language_id, :attachments_name, :attachments_description)'); } $Qad->bindTable(':table_products_attachments_description', TABLE_PRODUCTS_ATTACHMENTS_DESCRIPTION); $Qad->bindInt(':id', $attachments_id); $Qad->bindInt(':language_id', $l['id']); $Qad->bindValue(':attachments_name', $data['attachments_name'][$l['id']]); $Qad->bindValue(':attachments_description', $data['attachments_description'][$l['id']]); $Qad->setLogging($_SESSION['module'], $attachments_id); $Qad->execute(); if ($osC_Database->isError()) { $error = true; break; } } } else { $error = true; } if ($error === false) { $osC_Database->commitTransaction(); return true; } $osC_Database->rollbackTransaction(); return false; }
/** * Method to handle cart Action - add product * * @param string forward destination * @param url parameters */ public function actionAddProduct($goto, $parameters) { if (isset($_POST['products_id']) && is_numeric($_POST['products_id'])) { // verify attributes and quantity first $the_list = ''; $adjust_max = 'false'; if (isset($_POST['id'])) { foreach ($_POST['id'] as $key => $value) { $check = zen_get_attributes_valid($_POST['products_id'], $key, $value); if ($check == false) { $the_list .= TEXT_ERROR_OPTION_FOR . '<span class="alertBlack">' . zen_options_name($key) . '</span>' . TEXT_INVALID_SELECTION . '<span class="alertBlack">' . (zen_values_name($value) == 'TEXT' ? TEXT_INVALID_USER_INPUT : zen_values_name($value)) . '</span>' . '<br />'; } } } // verify qty to add $add_max = zen_get_products_quantity_order_max($_POST['products_id']); $cart_qty = $this->in_cart_mixed($_POST['products_id']); $new_qty = $_POST['cart_quantity']; $new_qty = $this->adjust_quantity($new_qty, $_POST['products_id'], 'shopping_cart'); if ($add_max == 1 and $cart_qty == 1) { // do not add $new_qty = 0; $adjust_max = 'true'; } else { // adjust quantity if needed if ($new_qty + $cart_qty > $add_max and $add_max != 0) { $adjust_max = 'true'; $new_qty = $add_max - $cart_qty; } } if (zen_get_products_quantity_order_max($_POST['products_id']) == 1 and $this->in_cart_mixed($_POST['products_id']) == 1) { // do not add } else { // process normally // bof: set error message if ($the_list != '') { $this->getMessageStack()->add('product_info', ERROR_CORRECTIONS_HEADING . $the_list, 'caution'); } else { // process normally // iii 030813 added: File uploading: save uploaded files with unique file names $real_ids = isset($_POST['id']) ? $_POST['id'] : ""; if (isset($_GET['number_of_uploads']) && $_GET['number_of_uploads'] > 0) { /** * Need the upload class for attribute type that allows user uploads. * */ include DIR_WS_CLASSES . 'upload.php'; for ($i = 1, $n = $_GET['number_of_uploads']; $i <= $n; $i++) { if (zen_not_null($_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]]) and $_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] != 'none') { $products_options_file = new \upload('id'); $products_options_file->set_destination(DIR_FS_UPLOADS); $products_options_file->set_output_messages('session'); if ($products_options_file->parse(TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i])) { $products_image_extension = substr($products_options_file->filename, strrpos($products_options_file->filename, '.')); if ($this->getSessionVar('customer_id')) { $this->getDb()->Execute("insert into %table.files_uploaded% (sesskey, customers_id, files_uploaded_name) values('" . zen_session_id() . "', '" . $this->getSessionVar('customer_id') . "', '" . addslashes($products_options_file->filename) . "')"); } else { $this->getDb()->Execute("insert into %table.files_uploaded% (sesskey, files_uploaded_name) values('" . zen_session_id() . "', '" . addslashes($products_options_file->filename) . "')"); } $insert_id = $this->getDb()->Insert_ID(); $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $insert_id . ". " . $products_options_file->filename; $products_options_file->set_filename("{$insert_id}" . $products_image_extension); if (!$products_options_file->save()) { break; } } else { break; } } else { // No file uploaded -- use previous value $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $_POST[TEXT_PREFIX . UPLOAD_PREFIX . $i]; } } } $this->add_cart($_POST['products_id'], $this->get_quantity(zen_get_uprid($_POST['products_id'], $real_ids)) + $new_qty, $real_ids); // iii 030813 end of changes. } // eof: set error message } // eof: quantity maximum = 1 if ($adjust_max == 'true') { $this->getMessageStack()->add_session('shopping_cart', ERROR_MAXIMUM_QTY . zen_get_products_name($_POST['products_id']), 'caution'); } } if ($the_list == '') { // no errors // display message if all is good and not on shopping_cart page if (DISPLAY_CART == 'false' && $this->getMainPage() != 'shopping_cart') { $this->getMessageStack()->add_session('header', SUCCESS_ADDED_TO_CART_PRODUCT, 'success'); } zen_redirect(zen_href_link($goto, zen_get_all_get_params($parameters))); } else { // errors - display popup message } }
MyOOS_CoreApi::redirect(oos_href_link($goto_file, oos_get_all_get_parameters($parameters), 'NONSSL')); break; case 'add_product': // customer adds a product from the products page if (isset($_POST['products_id']) && is_numeric($_POST['products_id'])) { if (isset($_POST['edit_product'])) { $_SESSION['cart']->remove($_POST['edit_product']); } $real_ids = $_POST['id']; // File_upload if (isset($_POST['number_of_uploads']) && is_numeric($_POST['number_of_uploads']) && $_POST['number_of_uploads'] > 0) { require_once 'includes/classes/class_upload.php'; for ($i = 1; $i <= $_POST['number_of_uploads']; $i++) { if (oos_is_not_null($_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]]) and $_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] != 'none') { $products_options_file = new upload('id'); $products_options_file->set_destination(OOS_UPLOADS); $files_uploadedtable = $oostable['files_uploaded']; if ($products_options_file->parse(TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i])) { if (isset($_SESSION['customer_id'])) { $dbconn->Execute("INSERT INTO " . $files_uploadedtable . " (sesskey, customers_id, files_uploaded_name) VALUES ('" . oos_session_id() . "', '" . intval($_SESSION['customer_id']) . "', '" . oos_db_input($products_options_file->filename) . "')"); } else { $dbconn->Execute("INSERT INTO " . $files_uploadedtable . " (sesskey, files_uploaded_name) VALUES ('" . oos_session_id() . "', '" . oos_db_input($products_options_file->filename) . "')"); } $insert_id = $dbconn->Insert_ID(); $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $insert_id . ". " . $products_options_file->filename; $products_options_file->set_filename("{$insert_id}" . $products_options_file->filename); if (!$products_options_file->save()) { break 2; } } else { break 2;
MyOOS_CoreApi::redirect(oos_href_link($aPages['login'], '', 'SSL')); } if (isset($_POST['action']) && $_POST['action'] == 'add_customers_image' && (isset($_SESSION['formid']) && $_SESSION['formid'] == $_POST['formid'])) { if ($_POST['remove_image'] == 'yes' && isset($_SESSION['customer_id'])) { $customerstable = $oostable['customers']; $query = "SELECT customers_image\n FROM {$customerstable}\n WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'"; $customers_image = $dbconn->GetOne($query); @unlink(OOS_ABSOLUTE_PATH . OOS_IMAGES . OOS_CUSTOMERS_IMAGES . $customers_image); $customerstable = $oostable['customers']; $query = "UPDATE {$customerstable}" . " SET customers_image = ?" . " WHERE customers_id = ?"; $result =& $dbconn->Execute($query, array('', (int) $_SESSION['customer_id'])); } require_once 'includes/classes/class_upload.php'; if (oos_is_not_null($_FILES['id']['tmp_name']) and $_FILES['id']['tmp_name'] != 'none') { $customers_image_file = new upload('id'); $customers_image_file->set_destination(OOS_ABSOLUTE_PATH . OOS_IMAGES . OOS_CUSTOMERS_IMAGES); if ($customers_image_file->parse()) { if (isset($_SESSION['customer_id'])) { $extension = oos_get_extension($_FILES['id']['name']); $picture_tempname = oos_get_random_picture_name(26, $extension); $customers_image_file->set_filename($picture_tempname); $customerstable = $oostable['customers']; $query = "UPDATE {$customerstable}" . " SET customers_image = ?" . " WHERE customers_id = ?"; $result =& $dbconn->Execute($query, array((string) $picture_tempname, (int) $_SESSION['customer_id'])); $customers_image_file->save(); } } } } require 'includes/languages/' . $sLanguage . '/user_customers_image.php'; $customerstable = $oostable['customers'];
/** * Method to handle cart Action - add product * * @param string forward destination * @param url parameters */ function actionAddProduct($goto, $parameters) { global $db, $messageStack; if ($this->display_debug_messages) { $messageStack->add_session('header', 'A: FUNCTION ' . __FUNCTION__, 'caution'); } if (isset($_POST['products_id']) && is_numeric($_POST['products_id'])) { // verify attributes and quantity first if ($this->display_debug_messages) { $messageStack->add_session('header', 'A2: FUNCTION ' . __FUNCTION__, 'caution'); } $the_list = ''; $adjust_max = 'false'; if (isset($_POST['id'])) { foreach ($_POST['id'] as $key => $value) { $check = zen_get_attributes_valid($_POST['products_id'], $key, $value); if ($check == false) { $the_list .= TEXT_ERROR_OPTION_FOR . '<span class="alertBlack">' . zen_options_name($key) . '</span>' . TEXT_INVALID_SELECTION . '<span class="alertBlack">' . ($value == (int) PRODUCTS_OPTIONS_VALUES_TEXT_ID ? TEXT_INVALID_USER_INPUT : zen_values_name($value)) . '</span>' . '<br />'; } } } if (!is_numeric($_POST['cart_quantity']) || $_POST['cart_quantity'] < 0) { // adjust quantity when not a value $chk_link = '<a href="' . zen_href_link(zen_get_info_page($_POST['products_id']), 'cPath=' . zen_get_generated_category_path_rev(zen_get_products_category_id($_POST['products_id'])) . '&products_id=' . $_POST['products_id']) . '">' . zen_get_products_name($_POST['products_id']) . '</a>'; $messageStack->add_session('header', ERROR_CORRECTIONS_HEADING . ERROR_PRODUCT_QUANTITY_UNITS_SHOPPING_CART . $chk_link . ' ' . PRODUCTS_ORDER_QTY_TEXT . zen_output_string_protected($_POST['cart_quantity']), 'caution'); $_POST['cart_quantity'] = 0; } // verify qty to add $add_max = zen_get_products_quantity_order_max($_POST['products_id']); $cart_qty = $this->in_cart_mixed($_POST['products_id']); if ($this->display_debug_messages) { $messageStack->add_session('header', 'B: FUNCTION ' . __FUNCTION__ . ' Products_id: ' . $_POST['products_id'] . ' cart_qty: ' . $cart_qty . ' $_POST[cart_quantity]: ' . $_POST['cart_quantity'] . ' <br>', 'caution'); } $new_qty = $_POST['cart_quantity']; $new_qty = $this->adjust_quantity($new_qty, $_POST['products_id'], 'shopping_cart'); // bof: adjust new quantity to be same as current in stock $chk_current_qty = zen_get_products_stock($_POST['products_id']); $this->flag_duplicate_msgs_set = FALSE; if (STOCK_ALLOW_CHECKOUT == 'false' && $cart_qty + $new_qty > $chk_current_qty) { $new_qty = $chk_current_qty; $messageStack->add_session('shopping_cart', ($this->display_debug_messages ? 'C: FUNCTION ' . __FUNCTION__ . ': ' : '') . WARNING_PRODUCT_QUANTITY_ADJUSTED . zen_get_products_name($_POST['products_id']), 'caution'); $this->flag_duplicate_msgs_set = TRUE; } // eof: adjust new quantity to be same as current in stock if ($add_max == 1 and $cart_qty == 1) { // do not add $new_qty = 0; $adjust_max = 'true'; } else { // bof: adjust new quantity to be same as current in stock if (STOCK_ALLOW_CHECKOUT == 'false' && $new_qty + $cart_qty > $chk_current_qty) { $adjust_new_qty = 'true'; $alter_qty = $chk_current_qty - $cart_qty; $new_qty = $alter_qty > 0 ? $alter_qty : 0; if (!$this->flag_duplicate_msgs_set) { $messageStack->add_session('shopping_cart', ($this->display_debug_messages ? 'D: FUNCTION ' . __FUNCTION__ . ': ' : '') . WARNING_PRODUCT_QUANTITY_ADJUSTED . zen_get_products_name($_POST['products_id']), 'caution'); } } // eof: adjust new quantity to be same as current in stock // adjust quantity if needed if ($new_qty + $cart_qty > $add_max and $add_max != 0) { $adjust_max = 'true'; $new_qty = $add_max - $cart_qty; } } if (zen_get_products_quantity_order_max($_POST['products_id']) == 1 and $this->in_cart_mixed($_POST['products_id']) == 1) { // do not add } else { // process normally // bof: set error message if ($the_list != '') { $messageStack->add('product_info', ERROR_CORRECTIONS_HEADING . $the_list, 'caution'); } else { // process normally // iii 030813 added: File uploading: save uploaded files with unique file names $real_ids = isset($_POST['id']) ? $_POST['id'] : ""; if (isset($_GET['number_of_uploads']) && $_GET['number_of_uploads'] > 0) { /** * Need the upload class for attribute type that allows user uploads. * */ include DIR_WS_CLASSES . 'upload.php'; for ($i = 1, $n = $_GET['number_of_uploads']; $i <= $n; $i++) { if (zen_not_null($_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]]) and $_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] != 'none') { $products_options_file = new upload('id'); $products_options_file->set_destination(DIR_FS_UPLOADS); $products_options_file->set_output_messages('session'); if ($products_options_file->parse(TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i])) { $products_image_extension = substr($products_options_file->filename, strrpos($products_options_file->filename, '.')); if ($_SESSION['customer_id']) { $db->Execute("insert into " . TABLE_FILES_UPLOADED . " (sesskey, customers_id, files_uploaded_name) values('" . zen_session_id() . "', '" . $_SESSION['customer_id'] . "', '" . zen_db_input($products_options_file->filename) . "')"); } else { $db->Execute("insert into " . TABLE_FILES_UPLOADED . " (sesskey, files_uploaded_name) values('" . zen_session_id() . "', '" . zen_db_input($products_options_file->filename) . "')"); } $insert_id = $db->Insert_ID(); $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $insert_id . ". " . $products_options_file->filename; $products_options_file->set_filename("{$insert_id}" . $products_image_extension); if (!$products_options_file->save()) { break; } } else { break; } } else { // No file uploaded -- use previous value $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $_POST[TEXT_PREFIX . UPLOAD_PREFIX . $i]; } } } $this->add_cart($_POST['products_id'], $this->get_quantity(zen_get_uprid($_POST['products_id'], $real_ids)) + $new_qty, $real_ids); // iii 030813 end of changes. } // eof: set error message } // eof: quantity maximum = 1 if ($adjust_max == 'true') { $messageStack->add_session('shopping_cart', ERROR_MAXIMUM_QTY . zen_get_products_name($_POST['products_id']), 'caution'); if ($this->display_debug_messages) { $messageStack->add_session('header', 'E: FUNCTION ' . __FUNCTION__ . '<br>' . ERROR_MAXIMUM_QTY . zen_get_products_name($_POST['products_id']), 'caution'); } } } if ($the_list == '') { // no errors // display message if all is good and not on shopping_cart page if (DISPLAY_CART == 'false' && $_GET['main_page'] != FILENAME_SHOPPING_CART && $messageStack->size('shopping_cart') == 0) { $messageStack->add_session('header', ($this->display_debug_messages ? 'FUNCTION ' . __FUNCTION__ . ': ' : '') . SUCCESS_ADDED_TO_CART_PRODUCT, 'success'); zen_redirect(zen_href_link($goto, zen_get_all_get_params($parameters))); } else { zen_redirect(zen_href_link(FILENAME_SHOPPING_CART)); } } else { // errors found with attributes - perhaps display an additional message here, using an observer class to add to the messageStack $this->notify('NOTIFIER_CART_OPTIONAL_ATTRIBUTE_ERROR_MESSAGE_HOOK', $_POST, $the_list); } }
$insert_sql_data = array('date_added' => 'now()'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); zen_db_perform(TABLE_RECORD_ARTISTS, $sql_data_array); $artists_id = zen_db_insert_id(); } elseif ($action == 'save') { $update_sql_data = array('last_modified' => 'now()'); $sql_data_array = array_merge($sql_data_array, $update_sql_data); zen_db_perform(TABLE_RECORD_ARTISTS, $sql_data_array, 'update', "artists_id = '" . (int) $artists_id . "'"); } if ($_POST['artists_image_manual'] != '') { // add image manually $artists_image_name = zen_db_input($_POST['img_dir'] . $_POST['artists_image_manual']); $db->Execute("update " . TABLE_RECORD_ARTISTS . "\r\n set artists_image = '" . $artists_image_name . "'\r\n where artists_id = '" . (int) $artists_id . "'"); } else { $artists_image = new upload('artists_image'); $artists_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']); if ($artists_image->parse() && $artists_image->save()) { // remove image from database if none if ($artists_image->filename != 'none') { $db->Execute("update " . TABLE_RECORD_ARTISTS . "\r\n set artists_image = '" . zen_db_input($_POST['img_dir'] . $artists_image->filename) . "'\r\n where artists_id = '" . (int) $artists_id . "'"); } else { $db->Execute("update " . TABLE_RECORD_ARTISTS . "\r\n set artists_image = ''\r\n where artists_id = '" . (int) $artists_id . "'"); } } } $languages = zen_get_languages(); for ($i = 0, $n = sizeof($languages); $i < $n; $i++) { $artists_url_array = $_POST['artists_url']; $language_id = $languages[$i]['id']; $sql_data_array = array('artists_url' => zen_db_prepare_input($artists_url_array[$language_id])); if ($action == 'insert') {
$manufacturers_id = tep_db_prepare_input($HTTP_GET_VARS['mID']); } $manufacturers_name = tep_db_prepare_input($HTTP_POST_VARS['manufacturers_name']); $sql_data_array = array('manufacturers_name' => $manufacturers_name); if ($action == 'insert') { $insert_sql_data = array('date_added' => 'now()'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); tep_db_perform(TABLE_MANUFACTURERS, $sql_data_array); $manufacturers_id = tep_db_insert_id(); } elseif ($action == 'save') { $update_sql_data = array('last_modified' => 'now()'); $sql_data_array = array_merge($sql_data_array, $update_sql_data); tep_db_perform(TABLE_MANUFACTURERS, $sql_data_array, 'update', "manufacturers_id = '" . (int) $manufacturers_id . "'"); } $manufacturers_image = new upload('manufacturers_image'); $manufacturers_image->set_destination(DIR_FS_CATALOG_IMAGES); if ($manufacturers_image->parse() && $manufacturers_image->save()) { tep_db_query("update " . TABLE_MANUFACTURERS . " set manufacturers_image = '" . tep_db_input($manufacturers_image->filename) . "' where manufacturers_id = '" . (int) $manufacturers_id . "'"); } $languages = tep_get_languages(); for ($i = 0, $n = sizeof($languages); $i < $n; $i++) { $manufacturers_url_array = $HTTP_POST_VARS['manufacturers_url']; $language_id = $languages[$i]['id']; $sql_data_array = array('manufacturers_url' => tep_db_prepare_input($manufacturers_url_array[$language_id])); if ($action == 'insert') { $insert_sql_data = array('manufacturers_id' => $manufacturers_id, 'languages_id' => $language_id); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); tep_db_perform(TABLE_MANUFACTURERS_INFO, $sql_data_array); } elseif ($action == 'save') { tep_db_perform(TABLE_MANUFACTURERS_INFO, $sql_data_array, 'update', "manufacturers_id = '" . (int) $manufacturers_id . "' and languages_id = '" . (int) $language_id . "'"); }
function uploadImage() { global $toC_Json, $osC_Database, $osC_Session; $osC_Image = new osC_Image_Admin(); if (is_array($_FILES)) { $products_image = array_keys($_FILES); $products_image = $products_image[0]; } $products_image = new upload($products_image); if (isset($_REQUEST['products_id']) && $_REQUEST['products_id'] > 0) { if ($products_image->exists()) { $image_path = '../images/products/originals/'; $products_image->set_destination($image_path); if ($products_image->parse() && $products_image->save()) { $default_flag = 1; $Qcheck = $osC_Database->query('select id from :table_products_images where products_id = :products_id and default_flag = :default_flag limit 1'); $Qcheck->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES); $Qcheck->bindInt(':products_id', $_REQUEST['products_id']); $Qcheck->bindInt(':default_flag', 1); $Qcheck->execute(); if ($Qcheck->numberOfRows() === 1) { $default_flag = 0; } $Qimage = $osC_Database->query('insert into :table_products_images (products_id, image, default_flag, sort_order, date_added) values (:products_id, :image, :default_flag, :sort_order, :date_added)'); $Qimage->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES); $Qimage->bindInt(':products_id', $_REQUEST['products_id']); $Qimage->bindValue(':image', $products_image->filename); $Qimage->bindInt(':default_flag', $default_flag); $Qimage->bindInt(':sort_order', 0); $Qimage->bindRaw(':date_added', 'now()'); $Qimage->execute(); if (!$osC_Database->isError()) { $image_id = $osC_Database->nextID(); $new_image_name = $_REQUEST['products_id'] . '_' . $image_id . '_' . $products_image->filename; @rename($image_path . $products_image->filename, $image_path . $new_image_name); $Qupdate = $osC_Database->query('update :table_products_images set image = :image where id = :id'); $Qupdate->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES); $Qupdate->bindValue(':image', $new_image_name); $Qupdate->bindInt(':id', $image_id); $Qupdate->execute(); } foreach ($osC_Image->getGroups() as $group) { if ($group['id'] != '1') { $osC_Image->resize($new_image_name, $group['id']); } } } } } else { $image_path = '../images/products/_upload/' . $osC_Session->getID() . '/'; toc_mkdir($image_path); if ($products_image->exists()) { $products_image->set_destination($image_path); $products_image->parse(); $products_image->save(); } } header('Content-Type: text/html'); $response['success'] = true; $response['feedback'] = $osC_Language->get('ms_success_action_performed'); echo $toC_Json->encode($response); }
$sql_data_array = array('categories_name' => zen_db_prepare_input($categories_name_array[$language_id]), 'categories_description' => $categories_description_array[$language_id] == '<p />' ? '' : zen_db_prepare_input($categories_description_array[$language_id])); if ($action == 'insert_category') { $insert_sql_data = array('categories_id' => $categories_id, 'language_id' => $languages[$i]['id']); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); zen_db_perform(TABLE_CATEGORIES_DESCRIPTION, $sql_data_array); } elseif ($action == 'update_category') { zen_db_perform(TABLE_CATEGORIES_DESCRIPTION, $sql_data_array, 'update', "categories_id = '" . (int) $categories_id . "' and language_id = '" . (int) $languages[$i]['id'] . "'"); } } if ($_POST['categories_image_manual'] != '') { // add image manually $categories_image_name = $_POST['img_dir'] . $_POST['categories_image_manual']; $db->Execute("update " . TABLE_CATEGORIES . "\n set categories_image = '" . $categories_image_name . "'\n where categories_id = '" . (int) $categories_id . "'"); } else { if ($categories_image = new upload('categories_image')) { $categories_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']); if ($categories_image->parse() && $categories_image->save()) { $categories_image_name = $_POST['img_dir'] . $categories_image->filename; } if ($categories_image->filename != 'none' && $categories_image->filename != '' && $_POST['image_delete'] != 1) { // save filename when not set to none and not blank $db->Execute("update " . TABLE_CATEGORIES . "\n set categories_image = '" . $categories_image_name . "'\n where categories_id = '" . (int) $categories_id . "'"); } else { // remove filename when set to none and not blank if ($categories_image->filename != '' || $_POST['image_delete'] == 1) { $db->Execute("update " . TABLE_CATEGORIES . "\n set categories_image = ''\n where categories_id = '" . (int) $categories_id . "'"); } } } } zen_redirect(zen_href_link(FILENAME_CATEGORIES, 'cPath=' . $cPath . '&cID=' . $categories_id));
if (strlen($links_reciprocal_url) < ENTRY_LINKS_URL_MIN_LENGTH) { $error = true; $messageStack->add('submit_link', ENTRY_LINKS_RECIPROCAL_URL_ERROR); } } if ($error == false) { // default values $links_date_added = 'now()'; $links_status = '0'; // Pending approval $sql_data_array = array('links_url' => $links_url, 'links_contact_name' => $links_contact_name, 'links_contact_email' => $links_contact_email, 'links_reciprocal_url' => $links_reciprocal_url, 'links_date_added' => $links_date_added, 'links_status' => $links_status); zen_db_perform(TABLE_LINKS, $sql_data_array); $links_id = zen_db_insert_id(); // Upload an image when form field is filled in by user if ($links_image = new upload('links_image_url')) { $links_image->set_destination(DIR_WS_IMAGES . LINK_IMAGE_DIRECTORY); if ($links_image->parse() && $links_image->save()) { $links_image_name = LINK_IMAGE_DIRECTORY . $links_image->filename; } if ($links_image->filename != '') { $db->Execute("update " . TABLE_LINKS . "\n set links_image_url = '" . $links_image_name . "'\n where links_id = '" . (int) $links_id . "'"); } else { // Use default image if form field is left blank $links_image_name = LINK_IMAGE_DIRECTORY . DEFAULT_LINK_IMAGE; $db->Execute("update " . TABLE_LINKS . "\n set links_image_url = '" . $links_image_name . "'\n where links_id = '" . (int) $links_id . "'"); $messageStack->add_session('header', WARNING_DEFAULT_FILE_UPLOADED, 'success'); } } $categories = $db->Execute("select link_categories_id from " . TABLE_LINK_CATEGORIES_DESCRIPTION . " where link_categories_name = '" . $links_category . "' and language_id = '" . (int) $_SESSION['languages_id'] . "' "); $link_categories_id = $categories->fields['link_categories_id']; $db->Execute("insert into " . TABLE_LINKS_TO_LINK_CATEGORIES . " (links_id, link_categories_id) values ('" . (int) $links_id . "', '" . (int) $link_categories_id . "')");