public function import($type)
{
$data = array();
switch ($type) {
case 'news':
// check interval for update
if (defined('CHECK_NEWS_TIME')) {
$lup = CHECK_NEWS_TIME > 1440 || CHECK_NEWS_TIME < 1 ? 3600 : CHECK_NEWS_TIME * 60;
} else {
$lup = 3600;
// 1 hour
}
$last_check = \query\main::get_option('check_news');
if ($last_check + $lup > time()) {
return false;
}
$data['last_check'] = $last_check;
actions::set_option(array('check_news' => time()));
break;
default:
return false;
break;
}
try {
$answer = $this->connect($type, $data);
$this->parse_answer($type, $answer);
return true;
} catch (Exception $e) {
return $e->getMessage();
}
}
function meta_description()
{
if ($GLOBALS['exists'] > 0 && !empty($GLOBALS['item']->meta_description)) {
$repl = array('%YEAR%' => date('Y'), '%MONTH%' => date('F'));
return str_replace(array_keys($repl), array_values($repl), $GLOBALS['item']->meta_description);
} else {
return meta_default('', \query\main::get_option('meta_description'));
}
}
private function admin_panel_language()
{
$language = \query\main::get_option('adminpanel_lang');
$languages = \site\language::languages();
if (file_exists($languages[$language]['location'])) {
return array('name' => $languages[$language]['name'], 'location' => $languages[$language]['location']);
}
return array('name' => $languages[$language]['name'], 'location' => $languages[$language]['location']);
}
public static function have_reward()
{
if (file_exists(DIR . DIRECTORY_SEPARATOR . THEMES_LOC . DIRECTORY_SEPARATOR . \query\main::get_option('theme') . DIRECTORY_SEPARATOR . 'functions.php')) {
@(require_once DIR . DIRECTORY_SEPARATOR . THEMES_LOC . DIRECTORY_SEPARATOR . \query\main::get_option('theme') . DIRECTORY_SEPARATOR . 'functions.php');
if (function_exists('theme_has_rewards') && theme_has_rewards()) {
return true;
}
}
return false;
}
function __construct()
{
$client = \query\main::get_option('paypal_ID');
$secret = \query\main::get_option('paypal_secret');
$config = array('mode' => 'live');
if (strtolower(\query\main::get_option('paypal_mode')) == 'sandbox') {
$config['mode'] = 'sandbox';
}
$this->apiContext = new \PayPal\Rest\ApiContext(new \PayPal\Auth\OAuthTokenCredential($client, $secret));
$this->apiContext->setConfig($config);
}
public static function send($to, $subject, $params = array(), $vars = array())
{
global $LANG;
if (empty($params['template'])) {
if (empty($params['message'])) {
return false;
} else {
$text = $params['message'];
}
} else {
if (!file_exists((isset($params['path']) ? $params['path'] : '') . TMAIL_LOCATION . '/' . $params['template'] . '.html')) {
return false;
}
$text = file_get_contents((isset($params['path']) ? $params['path'] : '') . TMAIL_LOCATION . '/' . $params['template'] . '.html');
extract($vars);
eval("\$text = \"{$text}\";");
}
include (isset($params['path']) ? $params['path'] : '') . LBDIR . '/PHPMailer/class.phpmailer.php';
$mail = new \PHPMailer();
$mail->CharSet = 'UTF-8';
$mail->AddReplyTo(isset($params['reply_to']) ? $params['reply_to'] : \query\main::get_option('email_answer_to'), isset($params['reply_name']) ? $params['reply_name'] : '');
$mail->From = isset($params['from_name']) ? $params['from_name'] : \query\main::get_option('email_answer_to');
$mail->FromName = isset($params['from_email']) ? $params['from_email'] : \query\main::get_option('email_from_name');
$mail->AddAddress($to);
$mail->Subject = $subject;
$mail->MsgHTML($text);
$mail->IsHTML(true);
switch (\query\main::get_option('mail_method')) {
case 'SMTP':
$mail->IsSMTP();
// tell the class to use SMTP
$mail->SMTPAuth = \query\main::get_option('smtp_auth');
$mail->Port = \query\main::get_option('smtp_port');
$mail->Host = \query\main::get_option('smtp_host');
$mail->Username = \query\main::get_option('smtp_user');
$mail->Password = \query\main::get_option('smtp_password');
break;
case 'sendmail':
$mail->isSendmail();
$mail->Sendmail = \query\main::get_option('sendmail_path');
break;
default:
$mail->isMail();
break;
}
if ($mail->Send()) {
return true;
} else {
return false;
}
}
function meta_description()
{
if ($GLOBALS['exists'] > 0) {
if (!empty($GLOBALS['item']->meta_description)) {
$repl = array('%YEAR%' => date('Y'), '%MONTH%' => date('F'));
return str_replace(array_keys($repl), array_values($repl), $GLOBALS['item']->meta_description);
} else {
$desc = \query\main::get_option('meta_store_desc');
$repl = array('%NAME%' => $GLOBALS['item']->name, '%COUPONS%' => $GLOBALS['item']->coupons, '%REVIEWS%' => $GLOBALS['item']->reviews, '%YEAR%' => date('Y'), '%MONTH%' => date('F'));
return str_replace(array_keys($repl), array_values($repl), htmlspecialchars($desc));
}
} else {
return meta_default('', \query\main::get_option('meta_description'));
}
}
function meta_description()
{
if ($GLOBALS['exists'] > 0) {
if (!empty($GLOBALS['item']->meta_description)) {
$repl = array('%YEAR%' => date('Y'), '%MONTH%' => date('F'));
return str_replace(array_keys($repl), array_values($repl), $GLOBALS['item']->meta_description);
} else {
$desc = \query\main::get_option('meta_coupon_desc');
$repl = array('%NAME%' => $GLOBALS['item']->title, '%STORE_NAME%' => $GLOBALS['item']->store_name, '%EXPIRATION%' => date('Y/m/d', strtotime($GLOBALS['item']->expiration_date)), '%YEAR%' => date('Y'), '%MONTH%' => date('F'));
return str_replace(array_keys($repl), array_values($repl), htmlspecialchars($desc));
}
} else {
return meta_default('', \query\main::get_option('meta_description'));
}
}
private function checkserver()
{
if (empty($this->server)) {
$this->server = \query\main::get_option('feedserver');
}
$server = \site\feed::server($this->server);
if (!$server) {
throw new Exception($this->lang('feed_e_invalid'));
}
if (!file_exists(DIR . '/' . $server['config'])) {
throw new Exception($this->lang['feed_e_configmiss']);
}
@(include DIR . '/' . $server['config']);
if (!isset($server['COUPON_URL']) || !isset($server['COUPONS_URL']) || !isset($server['STORE_URL']) || !isset($server['STORES_URL']) || !isset($server['CATEGORIES_URL'])) {
throw new Exception($this->lang['feed_e_serverr']);
}
return $server;
}
}
$db->set_charset(DB_CHARSET);
/** */
spl_autoload_register(function ($cn) {
$type = strstr($cn, '\\', true);
if ($type == 'plugin') {
$cn = str_replace('\\', '/', $cn);
include DIR . '/' . UPDIR . '/' . substr($cn, strpos($cn, '/') + 1) . '.php';
} else {
include DIR . '/' . IDIR . '/' . str_replace('\\', '/', $cn) . '.php';
}
});
/** */
if (!empty($_GET)) {
if (defined('SEO_LINKS') && SEO_LINKS) {
$sp = array('pages' => array('p' => current($_GET)), 'tpage' => array('tpage' => current($_GET)), 'ajax' => array('ajax' => current($_GET)), 'cron' => array('cron' => current($_GET)), \query\main::get_option('seo_link_coupon') => array('id' => current($_GET)), \query\main::get_option('seo_link_product') => array('product' => current($_GET)), \query\main::get_option('seo_link_category') => array('cat' => current($_GET)), \query\main::get_option('seo_link_search') => array('s' => isset($_GET['s']) ? $_GET['s'] : ''), \query\main::get_option('seo_link_store') => array('store' => current($_GET)), \query\main::get_option('seo_link_stores') => array('stores' => current($_GET)), \query\main::get_option('seo_link_reviews') => array('reviews' => current($_GET)), \query\main::get_option('seo_link_user') => array('user' => current($_GET)), \query\main::get_option('seo_link_plugin') => array('plugin' => current($_GET)));
if (in_array(key($_GET), array_keys($sp))) {
$k = key($sp[key($_GET)]);
$v = $sp[key($_GET)][$k];
}
} else {
$k = key($_GET);
$v = current($_GET);
}
if (!empty($k)) {
switch ($k) {
case 'p':
$GET['loc'] = 'page';
$GET['id'] = $v;
break;
case 'id':
$categories['max'] = 100;
// max should be defined
if (isset($_GET['cat'])) {
$categories['categories'] = $_GET['cat'];
} else {
if (isset($_GET['store'])) {
$categories['store'] = $_GET['store'];
}
}
echo '<?xml version="1.0" encoding="UTF-8" ?>
<rss version="2.0">
<channel>
<title>' . \query\main::get_option('sitename') . ' Coupons</title>
<link>' . $GLOBALS['siteURL'] . '</link>
<description>List of coupons</description>
<language>en-us</language>';
foreach (\query\main::while_items($categories) as $item) {
echo '
<item>
<title>' . $item->title . '</title>
<link>' . $item->link . '</link>
<description><![CDATA[' . $item->description . ']]></description>
<pubDate>' . date('r', strtotime($item->date)) . '</pubDate>
<guid>' . $item->link . '</guid>
</item>
';
}
echo '</channel>
echo '
<div class="title">
<h2>Sendy settings</h2>
<span>Modify Sendy settings</span>
</div>
';
echo '<form action="#" method="POST">
<div class="form-table">
<div class="row"><span>api_key: <span class="info"><span>sendy_api_key</span></span></span><div><input type="text" name="sendy_api_key" value="' . htmlspecialchars(\query\main::get_option('sendy_api_key')) . '" style="background: #F8E0E0;" required /></div></div>
<div class="row"><span>sendy_url: <span class="info"><span>sendy_url</span></span></span><div><input type="text" name="sendy_url" value="' . htmlspecialchars(\query\main::get_option('sendy_url')) . '" style="background: #F8E0E0;" required /></div></div>
<div class="row"><span>list_id: <span class="info"><span>sendy_list_id</span></span></span><div><input type="text" name="sendy_list_id" value="' . htmlspecialchars(\query\main::get_option('sendy_list_id')) . '" style="background: #F8E0E0;" required /></div></div>
<div class="row"><span>brand_id: <span class="info"><span>sendy_brand_id</span></span></span><div><input type="text" name="sendy_brand_id" value="' . htmlspecialchars(\query\main::get_option('sendy_brand_id')) . '" style="background: #F8E0E0;" required /></div></div>
<div class="row"><span>from_name: <span class="info"><span>sendy_from_name</span></span></span><div><input type="text" name="sendy_from_name" value="' . htmlspecialchars(\query\main::get_option('sendy_from_name')) . '" style="background: #F8E0E0;" required /></div></div>
<div class="row"><span>from_email: <span class="info"><span>sendy_from_email</span></span></span><div><input type="text" name="sendy_from_email" value="' . htmlspecialchars(\query\main::get_option('sendy_from_email')) . '" style="background: #F8E0E0;" required /></div></div>
<div class="row"><span>reply_to: <span class="info"><span>sendy_reply_to</span></span></span><div><input type="text" name="sendy_reply_to" value="' . htmlspecialchars(\query\main::get_option('sendy_reply_to')) . '" style="background: #F8E0E0;" required /></div></div>
<div class="row"><span>query_string: <span class="info"><span>sendy_query_string</span></span></span><div><input type="text" name="sendy_query_string" value="' . htmlspecialchars(\query\main::get_option('sendy_query_string')) . '" style="background: #F8E0E0;" /></div></div>
<div class="row"><span>template_root: <span class="info"><span>sendy_template_root</span></span></span><div><input type="text" name="sendy_template_root" value="' . htmlspecialchars(\query\main::get_option('sendy_template_root')) . '" style="background: #F8E0E0;" /></div></div>
</div>';
echo '<input type="hidden" name="csrf" value="' . $csrf . '" />
<button class="btn">Save</button>
</form>
';
break;
}
include DIR . '/' . IDIR . '/' . str_replace('\\', '/', $cn) . '.php';
}
});
/** */
$load = new \main\load();
$LANG = $load->get_ap_language();
include 'includes/functions.php';
if ($GLOBALS['me'] && $GLOBALS['me']->is_subadmin) {
include 'includes/template.php';
include 'etc/connector.php';
include 'includes/admin.php';
include 'includes/query.php';
include 'includes/widgets.php';
include 'includes/importer.php';
// this it's not mandatory, but good to clear informations in real time
actions::cleardata(true, \query\main::get_option('delete_old_coupons'));
if (isset($_GET['ajax']) && file_exists('ajax/' . $_GET['ajax'])) {
include 'ajax/' . $_GET['ajax'];
die;
} else {
if (isset($_GET['download']) && file_exists('etc/download/' . $_GET['download'])) {
include 'etc/download/' . $_GET['download'];
die;
}
}
include 'html/header.php';
include 'html/nav.php';
include 'html/logged.php';
new importer();
if (!isset($_GET['action'])) {
$_GET['action'] = '';
public static function while_rewards_reqs($category = array())
{
global $db;
$categories = \site\utils::validate_user_data($category);
$where = $orderby = $limit = array();
if (isset($categories['max'])) {
if (!empty($categories['max'])) {
$limit[] = $categories['max'];
}
} else {
$page = !empty($_GET['page']) ? (int) $_GET['page'] : 1;
$per_page = isset($categories['per_page']) ? (int) $categories['per_page'] : \query\main::get_option('items_per_page');
$offset = isset($page) && $page > 1 ? ($page - 1) * $per_page : 0;
$limit[] = $offset;
$limit[] = $per_page;
}
/*
WHERE / ORDER BY
*/
if (!empty($categories['user'])) {
$where[] = 'user = "******"';
}
if (!empty($categories['reward'])) {
$where[] = 'reward = "' . (int) $categories['reward'] . '"';
}
if (!empty($categories['search'])) {
$search = implode('.*', explode(' ', trim($categories['search'])));
$where[] = 'fields REGEXP "' . \site\utils::dbp($search) . '"';
}
if (isset($categories['show'])) {
$show = strtolower($categories['show']);
switch ($show) {
case 'valid':
$where[] = 'claimed = 1';
break;
case 'notvalid':
$where[] = 'claimed = 0';
break;
}
}
if (isset($categories['orderby'])) {
$order = array_map('trim', explode(',', strtolower($categories['orderby'])));
foreach ($order as $v) {
switch ($v) {
case 'rand':
$orderby[] = 'RAND()';
break;
case 'date':
$orderby[] = 'date';
break;
case 'date desc':
$orderby[] = 'date DESC';
break;
case 'points':
$orderby[] = 'points';
break;
case 'points desc':
$orderby[] = 'points DESC';
break;
}
}
}
/*
*/
$stmt = $db->stmt_init();
$stmt->prepare("SELECT id, name, user, points, reward, (SELECT COUNT(*) FROM " . DB_TABLE_PREFIX . "rewards WHERE id = r.reward), fields, claimed, date FROM " . DB_TABLE_PREFIX . "rewards_reqs r" . (empty($where) ? '' : ' WHERE ' . implode(' AND ', $where)) . (empty($orderby) ? '' : ' ORDER BY ' . implode(', ', array_filter($orderby))) . (empty($limit) ? '' : ' LIMIT ' . implode(',', $limit)));
$stmt->execute();
$stmt->bind_result($id, $name, $user, $points, $reward, $reward_exists, $fields, $claimed, $date);
$data = array();
while ($stmt->fetch()) {
$data[] = (object) array('ID' => $id, 'name' => htmlspecialchars($name), 'user' => $user, 'points' => $points, 'reward' => $reward, 'reward_exists' => $reward_exists > 0 ? 1 : 0, 'fields' => @unserialize($fields), 'claimed' => $claimed, 'date' => $date);
}
$stmt->close();
return $data;
}
include ADMINDIR . '/includes/feed.php';
include ADMINDIR . '/includes/admin.php';
include ADMINDIR . '/includes/query.php';
try {
$feed = new feed(\query\main::get_option('feedserver_ID'), \query\main::get_option('feedserver_secret'));
$ids = array();
foreach (\query\main::while_stores(array('max' => 0, 'show' => 'feed')) as $store) {
$ids[] = $store->feedID;
}
$csuc = $cusuc = $cerr = $cuerr = 0;
if (!empty($ids)) {
$last_check = \query\main::get_option('lfeed_check');
/*
UPDATE COUPONS
*/
if ((int) \query\main::get_option('feed_moddt') !== 0) {
try {
$coupons = $feed->coupons($options = array('store' => implode(',', array_values($ids)), 'update' => \site\utils::timeconvert(date('Y-m-d, H:i:s', $last_check), $feed->timezone)));
if (!empty($coupons['Count'])) {
for ($cp = 1; $cp <= ceil($coupons['Count'] / 10); $cp++) {
if ($cp != 1) {
$coupons = $feed->coupons(array_merge(array('page' => $cp), $options));
}
foreach ($coupons['List'] as $coupon) {
if (($couponi = admin_query::coupon_imported($coupon->ID)) && actions::edit_item2($couponi->ID, array('name' => $coupon->Title, 'link' => $coupon->URL, 'code' => $coupon->Code, 'description' => $coupon->Description, 'tags' => $coupon->Tags, 'start' => $coupon->Start_Date, 'end' => $coupon->End_Date))) {
$cusuc++;
} else {
$cuerr++;
}
}
usleep(500000);
echo '<option value="' . $k . '"' . (isset($_GET['view']) && urldecode($_GET['view']) == $k || !isset($_GET['view']) && $k == 'notjoined' ? ' selected' : '') . '>' . $v . '</option>';
}
echo '</select>Type: <select name="type">';
$types = \plugin\Popshop\inc\actions::listDealTypes(NULL);
foreach ($types as $k => $v) {
echo '<option value="' . $k . '"' . (isset($_GET['type']) && urldecode($_GET['type']) == $k ? ' selected' : '') . '>' . $v . '</option>';
}
echo '</select> <button class="btn" onclick="goFilter();">View</button>
</div>';
/* view after relationship */
$view = isset($_GET['view']) && array_key_exists($_GET['view'], $views) ? $_GET['view'] : 'notjoined';
$merchantid = isset($_GET['merchant']) ? intval($_GET['merchant']) : 0;
/* view after type */
$type = isset($_GET['type']) && array_key_exists($_GET['type'], $types) ? $_GET['type'] : '';
/* pagination */
$per_page = \query\main::get_option('cj_ipp');
$page = isset($_GET['page']) && $_GET['page'] > 0 ? $_GET['page'] : 0;
/* */
$lookup = array('status' => $view, '$merchant' => $merchantid, 'deal_type' => $type, 'page' => $page, 'per_page' => $per_page);
$links = \plugin\Popshop\inc\actions::listDeals($lookup);
if ($page > 0 || count($links) > 0) {
echo '<form action="?plugin=Popshop/main.php&action=coupons" method="POST">
<ul class="elements-list">
<li class="head"><input type="checkbox" checkall /> Name</li>
<div class="bulk_options">
<button class="btn">Import all</button>
$store_link = $seo_link ? \site\utils::make_seo_link($seo_link_store, $s_name, $s_id) : $GLOBALS['siteURL'] . '?store=' . $s_id;
$c_expiration = str_replace(' 00:00:00', '', $c_expiration);
array_push($ret, array('title' => $c_title, 'image' => $s_image, 'name' => $s_name, 'expiration' => 'Expires on ' . $c_expiration, 'link' => $coupon_link, 's_link' => $store_link));
}
if (count($ret) > 0) {
echo json_encode($ret);
}
}
} else {
if (isset($_GET['action']) && $_GET['action'] == 'get_sale') {
if (isset($_GET['csrf']) && $_GET['csrf'] == $_SESSION['slider_csrf']) {
$id = $_GET['id'];
$seo_link = defined('SEO_LINKS') && SEO_LINKS ? true : false;
$seo_link_coupon = \query\main::get_option('seo_link_coupon');
$seo_link_product = \query\main::get_option('seo_link_product');
$seo_link_store = \query\main::get_option('seo_link_store');
$stmt = $db->stmt_init();
$search_products = "SELECT p.id, p.title, p.link, p.description, p.tags, p.image, p.currency, p.price, p.old_price, s.name, s.link, s.id, p.expiration FROM " . DB_TABLE_PREFIX . "products p LEFT JOIN " . DB_TABLE_PREFIX . "stores s ON (s.id = p.store) WHERE p.visible > 0 AND s.visible > 0 AND p.id in (" . $id . ")";
$stmt->prepare($search_products);
$stmt->execute();
$stmt->bind_result($p_id, $p_title, $p_link, $p_description, $p_tags, $p_image, $p_currency, $p_price, $p_old_price, $s_name, $s_link, $s_id, $p_expiration);
$ret = array();
while ($stmt->fetch()) {
$product_link = $seo_link ? \site\utils::make_seo_link($seo_link_product, $p_title, $p_id) : $GLOBALS['siteURL'] . '?product=' . $p_id;
$store_link = $seo_link ? \site\utils::make_seo_link($seo_link_store, $s_name, $s_id) : $GLOBALS['siteURL'] . '?store=' . $s_id;
$p_expiration = str_replace(' 00:00:00', '', $p_expiration);
array_push($ret, array('title' => $p_title, 'image' => $p_image, 'name' => $s_name, 'expiration' => 'Expires on ' . $p_expiration, 'link' => $product_link, 's_link' => $store_link, 'price' => $p_currency . $p_price, 'old_price' => $p_currency . $p_old_price));
}
if (count($ret) > 0) {
echo json_encode($ret);
}
public static function while_plugins($category = array())
{
global $db;
$categories = \site\utils::validate_user_data($category);
$where = $orderby = $limit = array();
if (isset($categories['max'])) {
if (!empty($categories['max'])) {
$limit[] = $categories['max'];
}
} else {
$page = !empty($_GET['page']) ? (int) $_GET['page'] : 1;
$per_page = isset($categories['per_page']) ? (int) $categories['per_page'] : \query\main::get_option('items_per_page');
$offset = isset($page) && $page > 1 ? ($page - 1) * $per_page : 0;
$limit[] = $offset;
$limit[] = $per_page;
}
/*
WHERE / ORDER BY
*/
if (!empty($categories['search'])) {
$search = implode('.*', explode(' ', trim($categories['search'])));
$where[] = 'CONCAT(name, description) REGEXP "' . \site\utils::dbp($search) . '"';
}
if (isset($categories['show'])) {
$show = array_map('trim', explode(',', strtolower($categories['show'])));
foreach ($show as $v) {
switch ($v) {
case 'languages':
$where[] = 'scope = "language"';
break;
case 'payment_gateways':
$where[] = 'scope = "pay_gateway"';
break;
case 'feed_servers':
$where[] = 'scope = "feed_server"';
break;
case 'applications':
$where[] = 'scope = ""';
break;
}
}
}
if (isset($categories['orderby'])) {
$order = array_map('trim', explode(',', strtolower($categories['orderby'])));
foreach ($order as $v) {
switch ($v) {
case 'name':
$orderby[] = 'name';
break;
case 'name desc':
$orderby[] = 'name DESC';
break;
case 'date':
$orderby[] = 'date';
break;
case 'date desc':
$orderby[] = 'date DESC';
break;
}
}
}
/*
*/
$stmt = $db->stmt_init();
$stmt->prepare("SELECT id, user, name, image, scope, main, options, menu, menu_ready, menu_icon, extend_vars, description, version, update_checker, uninstall, visible, date FROM " . DB_TABLE_PREFIX . "plugins" . (empty($where) ? '' : ' WHERE ' . implode(' AND ', $where)) . (empty($orderby) ? '' : ' ORDER BY ' . implode(', ', array_filter($orderby))) . (empty($limit) ? '' : ' LIMIT ' . implode(',', $limit)));
$stmt->execute();
$stmt->bind_result($id, $user, $name, $image, $scope, $main_file, $options_file, $menu, $menu_ready, $menu_icon, $vars, $description, $version, $update_checker, $uninstall, $visible, $date);
$data = array();
while ($info = $stmt->fetch()) {
$data[] = (object) array('ID' => $id, 'user' => $user, 'name' => htmlspecialchars($name), 'image' => htmlspecialchars($image), 'scope' => htmlspecialchars($scope), 'main_file' => htmlspecialchars($main_file), 'options_file' => htmlspecialchars($options_file), 'menu' => $menu, 'menu_ready' => $menu_ready, 'menu_icon' => $menu_icon, 'vars' => @unserialize($vars), 'description' => htmlspecialchars($description), 'update_checker' => htmlspecialchars($update_checker), 'version' => $version, 'uninstall_preview' => @unserialize($uninstall), 'visible' => $visible, 'date' => $date);
}
$stmt->close();
return $data;
}
function write_review_form($id = 0)
{
global $GET, $LANG;
if (isset($GET['id'])) {
$id = $GET['id'];
}
if ($GLOBALS['me'] && !empty($id)) {
if (!(bool) \query\main::get_option('allow_reviews')) {
return '<div class="info_form">' . $LANG['review_not_allowed'] . '</div>';
}
$form = '<div class="write_review_form other_form">';
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['write_review_form']) && \site\utils::check_csrf($_POST['write_review_form']['csrf'], 'write_review_form_csrf')) {
$pd = \site\utils::validate_user_data($_POST['write_review_form']);
try {
\user\main::write_review($id, $GLOBALS['me']->ID, $pd);
$form .= '<div class="success">' . $LANG['review_sent'] . '</div>';
} catch (Exception $e) {
$form .= '<div class="error">' . $e->getMessage() . '</div>';
}
}
$csrf = $_SESSION['write_review_form_csrf'] = \site\utils::str_random(12);
$form .= '<form method="POST" action="#">
<div class="form_field"><label for="write_review_form[stars]">' . $LANG['form_stars'] . ':</label> <div><select name="write_review_form[stars]" id="write_review_form[stars]">
<option value="5">5</option>
<option value="4">4</option>
<option value="3">3</option>
<option value="2">2</option>
<option value="1">1</option>
</select></div></div>
<div class="form_field"><label for="write_review_form[text]">' . $LANG['form_text'] . ':</label> <div><textarea name="write_review_form[text]" id="write_review_form[text]" required></textarea></div></div>
<input type="hidden" name="write_review_form[csrf]" value="' . $csrf . '" />
<button>' . $LANG['post_review'] . '</button>
</form>
</div>';
return $form;
} else {
return '<div class="info_form">' . $LANG['unavailable_form'] . '</div>';
}
}
} catch (Exception $e) {
echo '<div class="a-alert">' . $e->getMessage() . '</div>';
}
} catch (Exception $e) {
echo '<div class="a-error">' . $e->getMessage() . '</div>';
}
break;
/** LIST OF FEED STORES */
/** LIST OF FEED STORES */
default:
if (!ab_to(array('feed' => 'view'))) {
die;
}
include 'includes/feed.php';
try {
$feed = new feed(\query\main::get_option('feedserver_ID'), \query\main::get_option('feedserver_secret'));
try {
$stores = $feed->stores(array('orderby' => isset($_GET['orderby']) ? $_GET['orderby'] : 'date desc', 'page' => isset($_GET['page']) ? $_GET['page'] : 1, 'per_page' => 10, 'category' => isset($_GET['category']) ? $_GET['category'] : '', 'search' => isset($_GET['search']) ? $_GET['search'] : ''));
echo '<div class="title">
<h2>' . $LANG['stores_title'] . '</h2>';
if (!empty($LANG['feed_stores_subtitle'])) {
echo '<span>' . $LANG['feed_stores_subtitle'] . '</span>';
}
echo '</div>';
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['csrf']) && check_csrf($_POST['csrf'], 'pages_csrf')) {
if (isset($_POST['delete'])) {
if (isset($_POST['id'])) {
if (actions::delete_page(array_keys($_POST['id']))) {
echo '<div class="a-success">' . $LANG['msg_deleted'] . '</div>';
} else {
$fav_anchor = $_GET['fav_anchor'];
$favitem = $_GET['favdeal'];
$favsale = $_GET['favsale'];
$root = $_GET['root'];
$template = $_GET['template'];
$template_nofav = file_get_contents($root . $nofav);
$template_fav = file_get_contents($root . $fav);
$template_favitem = file_get_contents($root . $favitem);
$template_favsale = file_get_contents($root . $favsale);
$now = date("Y-m-d H:i:s");
$seo_link = defined('SEO_LINKS') && SEO_LINKS ? true : false;
$seo_link_coupon = \query\main::get_option('seo_link_coupon');
$seo_link_product = \query\main::get_option('seo_link_product');
$seo_link_store = \query\main::get_option('seo_link_store');
$sendy_url = \query\main::get_option('sendy_url') . 'subscribe';
$sendy_list_id = \query\main::get_option('sendy_list_id');
$userdata = array();
$coupondata = array();
//list subscribers
$stmt = $db->stmt_init();
$search = "SELECT id,name,email FROM users WHERE " . DB_TABLE_PREFIX . "subscriber>0 and valid>0 and email<>''";
$stmt->prepare($search);
$stmt->execute();
$stmt->bind_result($id, $name, $email);
while ($stmt->fetch()) {
array_push($userdata, array('id' => $id, 'name' => $name, 'email' => $email));
}
foreach ($userdata as $user) {
//list stores
$search_store = "SELECT store FROM " . DB_TABLE_PREFIX . "favorite WHERE user=" . $user['id'];
$stmt->prepare($search_store);
echo '<div class="title">
<h2>MyPluginDemo settings</h2>
<span>Modify MyPluginDemo settings</span>
</div>';
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['csrf']) && check_csrf($_POST['csrf'], 'slider_csrf')) {
if (isset($_POST['mpd_param1']) && isset($_POST['mpd_param2'])) {
if (actions::set_option(array('mpd_param1' => $_POST['mpd_param1'], 'mpd_param2' => $_POST['mpd_param2']))) {
echo '<div class="a-success">Saved!</div>';
} else {
echo '<div class="a-error">Error!</div>';
}
}
}
$csrf = $_SESSION['slider_csrf'] = \site\utils::str_random(10);
echo '<form action="#" method="POST">
<div class="form-table">
<div class="row"><span>Demo Param1: <span class="info"><span>info text here</span></span></span><div><input type="text" name="mpd_param1" value="' . htmlspecialchars(\query\main::get_option('mpd_param1')) . '" style="background: #F8E0E0;" required /></div></div>
<div class="row"><span>Demo Param2: <span class="info"><span>info text here</span></span></span><div><input type="text" name="mpd_param2" value="' . htmlspecialchars(\query\main::get_option('mpd_param2')) . '" style="background: #F8E0E0;" required /></div></div>
</div>';
echo '<input type="hidden" name="csrf" value="' . $csrf . '" />
<button class="btn">Save</button>
</form>';
break;
}
<div class="row"><span>' . $LANG['settings_form_emailfn'] . ' <span class="info"><span>' . $LANG['settings_form_iemailfn'] . '</span></span>:</span><div><input type="text" name="email_from_name" value="' . htmlspecialchars(\query\main::get_option('email_from_name')) . '" /></div></div>
<div class="row"><span>' . $LANG['settings_form_emailas'] . ' <span class="info"><span>' . $LANG['settings_form_iemailas'] . '</span></span>:</span><div><input type="email" name="email_answer_to" value="' . htmlspecialchars(\query\main::get_option('email_answer_to')) . '" /></div></div>
<div class="row"><span>' . $LANG['settings_form_emailcntct'] . ' <span class="info"><span>' . $LANG['settings_form_iemailcntct'] . '</span></span>:</span><div><input type="email" name="email_contact" value="' . htmlspecialchars(\query\main::get_option('email_contact')) . '" /></div></div>
<div class="row"><span>' . $LANG['settings_form_mailmeth'] . ':</span><div><select name="mail_meth">';
foreach (array('PHP Mail', 'sendmail', 'SMTP') as $meth) {
echo '<option value="' . $meth . '"' . (\query\main::get_option('mail_method') == $meth ? ' selected' : '') . '>' . $meth . '</option>';
}
echo '</select></div></div>
<div' . (\query\main::get_option('mail_method') != 'SMTP' ? ' style="display: none;"' : '') . '>
<div class="row"><span>' . $LANG['settings_from_smtpauth'] . ':</span><div><input type="checkbox" name="smtp_auth"' . (\query\main::get_option('smtp_auth') ? ' checked' : '') . ' /></div></div>
<div class="row"><span>' . $LANG['settings_from_smtphost'] . ':</span><div><input type="text" name="smtp_host" value="' . htmlspecialchars(\query\main::get_option('smtp_host')) . '" /></div></div>
<div class="row"><span>' . $LANG['settings_from_smtpport'] . ':</span><div><input type="text" name="smtp_port" value="' . htmlspecialchars(\query\main::get_option('smtp_port')) . '" /></div></div>
<div class="row"><span>' . $LANG['settings_from_smtpuser'] . ':</span><div><input type="text" name="smtp_user" value="' . htmlspecialchars(\query\main::get_option('smtp_user')) . '" /></div></div>
<div class="row"><span>' . $LANG['settings_from_smtppass'] . ':</span><div><input type="text" name="smtp_pass" value="' . htmlspecialchars(\query\main::get_option('smtp_password')) . '" /></div></div>
</div>
<div' . (\query\main::get_option('mail_method') != 'sendmail' ? ' style="display: none;"' : '') . '>
<div class="row"><span>' . $LANG['settings_from_snmapath'] . ':</span><div><input type="text" name="sendmail_path" value="' . htmlspecialchars(\query\main::get_option('sendmail_path')) . '" /></div></div>
</div>
<div class="row"><span>' . $LANG['settings_form_mailsign'] . ':</span><div><textarea name="mailsign">' . \query\main::get_option('mail_signature') . '</textarea></div></div>
<input type="hidden" name="csrf" value="' . $csrf . '" />
<button class="btn">' . $LANG['settings_save_button'] . '</button>
</form>
</div>';
break;
}
public static function while_invoices($category = array())
{
global $db;
$categories = \site\utils::validate_user_data($category);
$where = $orderby = $limit = array();
if (isset($categories['max'])) {
if (!empty($categories['max'])) {
$limit[] = $categories['max'];
}
} else {
$page = !empty($_GET['page']) ? (int) $_GET['page'] : 1;
$per_page = isset($categories['per_page']) ? (int) $categories['per_page'] : \query\main::get_option('items_per_page');
$offset = isset($page) && $page > 1 ? ($page - 1) * $per_page : 0;
$limit[] = $offset;
$limit[] = $per_page;
}
/*
WHERE / ORDER BY
*/
if (!empty($categories['search'])) {
$search = implode('.*', explode(' ', trim($categories['search'])));
$where[] = 'CONCAT(t.gateway, t.transaction_id, t.details) REGEXP "' . \site\utils::dbp($search) . '"';
}
if (isset($categories['show'])) {
switch ($categories['show']) {
case 'paid':
$where[] = 'paid > 0';
break;
case 'unpaid':
$where[] = 'paid = 0';
break;
case 'delivered':
$where[] = 'delivered > 0';
break;
case 'undelivered':
$where[] = 'delivered = 0';
break;
case 'undeliveredpayments':
$where[] = 'paid > 0 AND delivered = 0';
}
}
if (!empty($categories['date'])) {
$date = array_map('trim', explode(',', $categories['date']));
$where[] = 't.date >= FROM_UNIXTIME(' . \site\utils::dbp($date[0]) . ')';
if (isset($date[1])) {
$where[] = 't.date <= FROM_UNIXTIME(' . \site\utils::dbp($date[1]) . ')';
}
}
if (isset($categories['orderby'])) {
$order = array_map('trim', explode(',', strtolower($categories['orderby'])));
foreach ($order as $v) {
switch ($v) {
case 'rand':
$orderby[] = 'RAND()';
break;
case 'date':
$orderby[] = 't.date';
break;
case 'date desc':
$orderby[] = 't.date DESC';
break;
case 'price':
$orderby[] = 't.price';
break;
case 'price desc':
$orderby[] = 't.price DESC';
break;
}
}
}
/*
*/
$stmt = $db->stmt_init();
$stmt->prepare("SELECT t.id, t.user, u.name, u.avatar, t.gateway, t.price, t.transaction_id, t.state, t.details, t.lastupdate, t.paid, t.delivered, t.date FROM " . DB_TABLE_PREFIX . "p_transactions t LEFT JOIN " . DB_TABLE_PREFIX . "users u ON (u.id = t.user)" . (empty($where) ? '' : ' WHERE ' . implode(' AND ', $where)) . (empty($orderby) ? '' : ' ORDER BY ' . implode(', ', array_filter($orderby))) . (empty($limit) ? '' : ' LIMIT ' . implode(',', $limit)));
$stmt->execute();
$stmt->bind_result($id, $user, $user_name, $user_avatar, $gateway, $price, $transaction_id, $state, $details, $last_update, $paid, $delivered, $date);
$data = array();
while ($stmt->fetch()) {
$data[] = (object) array('ID' => $id, 'user' => $user, 'user_name' => $user_name, 'user_avatar' => $user_avatar, 'gateway' => htmlspecialchars($gateway), 'price' => $price, 'price_format' => sprintf(PRICE_FORMAT, \site\utils::money_format($price)), 'transaction_id' => htmlspecialchars($transaction_id), 'state' => htmlspecialchars($state), 'details' => htmlspecialchars($details), 'last_update' => $last_update, 'paid' => $paid, 'delivered' => $delivered, 'date' => $date);
}
$stmt->close();
return $data;
}
function submit_store_form($auto_select = array('store' => ''))
{
global $LANG;
if ($GLOBALS['me']) {
if (!(bool) \query\main::get_option('allow_stores')) {
return '<div class="info_form">' . $LANG['submit_store_not_allowed'] . '</div>';
}
$form = '<div class="submit_store_form other_form">';
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['submit_store_form']) && \site\utils::check_csrf($_POST['submit_store_form']['csrf'], 'submit_store_csrf')) {
$pd = \site\utils::validate_user_data($_POST['submit_store_form']);
try {
\user\main::submit_store($GLOBALS['me']->ID, $pd);
$form .= '<div class="success">' . $LANG['submit_store_success'] . '</div>';
unset($pd);
} catch (Exception $e) {
$form .= '<div class="error">' . $e->getMessage() . '</div>';
}
}
$csrf = $_SESSION['submit_store_csrf'] = \site\utils::str_random(12);
$form .= '<form method="POST" action="#" enctype="multipart/form-data">
<div class="form_field"><label for="submit_store_form[category]">' . $LANG['form_category'] . '</label>
<div><select name="submit_store_form[category]" id="submit_store_form[category]">';
foreach (\query\main::group_categories(array('max' => 0)) as $cat) {
$wcat = '<optgroup label="' . $cat['infos']->name . '">';
$wcat .= '<option value="' . $cat['infos']->ID . '"' . (isset($pd['category']) && $pd['category'] == $cat['infos']->ID ? ' selected' : '') . '>' . $cat['infos']->name . '</option>';
if (isset($cat['subcats'])) {
foreach ($cat['subcats'] as $subcat) {
$wcat .= '<option value="' . $subcat->ID . '"' . (isset($pd['category']) && $pd['category'] == $cat['infos']->ID ? ' selected' : '') . '>' . $subcat->name . '</option>';
}
}
$wcat .= '</optgroup>';
$form .= $wcat;
}
$form .= '</select></div>
</div>
<div class="form_field"><label for="submit_store_form[name]">' . $LANG['form_name'] . ':</label> <div><input type="text" name="submit_store_form[name]" id="submit_store_form[name]" value="' . (isset($pd['name']) ? $pd['name'] : '') . '" placeholder="' . $LANG['submit_store_name_ph'] . '" required /></div></div>
<div class="form_field"><label for="submit_store_form[url]">' . $LANG['form_store_url'] . ':</label> <div><input type="text" name="submit_store_form[url]" id="submit_store_form[url]" value="' . (isset($pd['url']) ? $pd['url'] : '') . '" placeholder="http://" required /></div></div>
<div class="form_field"><label for="submit_store_form[description]">' . $LANG['form_description'] . ':</label> <div><textarea name="submit_store_form[description]" id="submit_store_form[description]" style="height:100px;">' . (isset($pd['description']) ? $pd['description'] : '') . '</textarea></div></div>
<div class="form_field"><label for="submit_store_form[tags]">' . $LANG['form_tags'] . ':</label> <div><input type="text" name="submit_store_form[tags]" id="submit_store_form[tags]" value="' . (isset($pd['tags']) ? $pd['tags'] : '') . '" /></div></div>
<div class="form_field"><label for="submit_store_form_logo">' . $LANG['form_logo'] . ':</label> <div><input type="file" name="submit_store_form_logo" id="submit_store_form_logo" />
<span>Note:* max width: 600px, max height: 400px.</span></div></div>
<input type="hidden" name="submit_store_form[csrf]" value="' . $csrf . '" />
<button>' . $LANG['submit_store_button'] . '</button>
</form>
</div>';
return $form;
} else {
return '<div class="info_form">' . $LANG['unavailable_form'] . '</div>';
}
}
</section>
</body>
</html>';
die;
} else {
if (isset($_GET['user']) && isset($_GET['token']) && \user\mail_sessions::check('confirmation', array('user' => (int) $_GET['user'], 'session' => $_GET['token']))) {
$stmt = $db->stmt_init();
$stmt->prepare("UPDATE " . DB_TABLE_PREFIX . "users SET valid = 1 WHERE id = ?");
$stmt->bind_param("i", $_GET['user']);
$stmt->execute();
@$stmt->close();
\user\mail_sessions::clear('confirmation', array('user' => (int) $_GET['user']));
// check if user has been refered
$uinfo = \query\main::user_infos($_GET['user']);
if (!empty($uinfo->refid)) {
\user\update::add_points($uinfo->refid, \query\main::get_option('u_points_refer'));
}
echo '<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<meta name="robots" content="noindex, nofollow">
<meta http-equiv="Refresh" content="5; url=index.php" />
<title>' . $LANG['uverify_metatitle'] . '</title>
<link href="' . MISCDIR . '/verify.css" media="all" rel="stylesheet" />
echo '<option value="' . $cat->ID . '">' . $cat->name . '</option>';
}
echo '</select>
<button class="btn" name="change_cat">' . $LANG['move_all'] . '</button>';
}
echo '</div>';
}
foreach (\query\main::while_stores(array_merge(array('orderby' => isset($_GET['orderby']) ? urldecode($_GET['orderby']) : 'date desc'), $options)) as $item) {
echo '<li>
<input type="checkbox" name="id[' . $item->ID . ']" />
<div style="display: table;">
<img src="' . \query\main::store_avatar($item->image) . '" alt="" style="width: 80px;" />
<div class="info-div"><h2>' . (!$item->visible ? '<span class="msg-error">' . $LANG['notpublished'] . '</span> ' : '') . ($item->feedID !== 0 ? '<span class="msg-alert" title="' . $LANG['added_through_feed_msg'] . '">' . $LANG['added_through_feed'] . '</span> ' : '') . $item->name . '
<span class="fright date">' . date('Y.m.d, ' . (\query\main::get_option('hour_format') == 12 ? 'g:i A' : 'G:i'), strtotime($item->date)) . '</span></h2>
' . (empty($item->coupons) ? $LANG['no_coupons_store'] : '<a href="?route=coupons.php&store=' . $item->ID . '">' . sprintf($LANG['nr_coupons_store'], $item->coupons) . '</a>') . '</div>
</div>
<div style="clear:both;"></div>
<div class="options">';
if ($ab_edt) {
echo '<a href="?route=stores.php&action=edit&id=' . $item->ID . '">' . $LANG['edit'] . '</a>';
echo '<a href="' . \site\utils::update_uri('', array('type' => !$item->visible ? 'publish' : 'unpublish', 'id' => $item->ID, 'token' => $csrf)) . '">' . (!$item->visible ? $LANG['publish'] : $LANG['unpublish']) . '</a>';
}
if ($ab_add) {
echo '<a href="?route=coupons.php&action=add&store=' . $item->ID . '&category=' . $item->catID . '">' . $LANG['coupons_add_button'] . '</a>';
}
if ($ab_del) {
}
}
include DIR . '/' . LBDIR . '/facebook-sdk-4.0/autoload.php';
use Facebook\FacebookSession;
use Facebook\FacebookRedirectLoginHelper;
use Facebook\FacebookRequest;
use Facebook\FacebookResponse;
use Facebook\FacebookSDKException;
use Facebook\FacebookRequestException;
use Facebook\FacebookAuthorizationException;
use Facebook\GraphObject;
use Facebook\GraphUser;
use Facebook\Entities\AccessToken;
use Facebook\HttpClients\FacebookCurlHttpClient;
use Facebook\HttpClients\FacebookHttpable;
FacebookSession::setDefaultApplication(\query\main::get_option('facebook_appID'), \query\main::get_option('facebook_secret'));
$helper = new FacebookRedirectLoginHelper($GLOBALS['siteURL'] . '?plugin=' . $_GET['plugin']);
try {
$session = $helper->getSessionFromRedirect();
} catch (FacebookRequestException $ex) {
echo $ex->getMessage();
} catch (Exception $ex) {
echo $ex->getMessage();
}
if (isset($session)) {
$me = (new FacebookRequest($session, 'GET', '/me'))->execute()->getGraphObject(GraphUser::className())->asArray();
if (!isset($me['email']) || !filter_var($me['email'], FILTER_VALIDATE_EMAIL)) {
echo 'Your facebook account it\'s not associated with a valid email address.';
die;
}
header('Location: ' . $GLOBALS['siteURL'] . 'setSession.php?session=' . \user\main::insert_user(array('username' => $me['name'], 'email' => $me['email']), true, true));
public static function timeconvert($string = null, $timezone = 'UTC', $format = 'U')
{
$date = new \DateTime($string, timezone_open(\query\main::get_option('timezone')));
$date->setTimeZone(new \DateTimeZone($timezone));
return $date->format($format);
}
$categories['max'] = 100;
// max should be defined
if (isset($_GET['cat'])) {
$categories['categories'] = $_GET['cat'];
} else {
if (isset($_GET['store'])) {
$categories['store'] = $_GET['store'];
}
}
echo '<?xml version="1.0" encoding="UTF-8" ?>
<rss version="2.0">
<channel>
<title>' . \query\main::get_option('sitename') . ' Products</title>
<link>' . $GLOBALS['siteURL'] . '</link>
<description>List of products</description>
<language>en-us</language>';
foreach (\query\main::while_products($categories) as $item) {
echo '
<item>
<title>' . $item->title . '</title>
<image>
<link>' . $item->link . '</link>
<title>' . $item->title . '</title>
<url>' . \query\main::product_avatar($item->image) . '</url>
</image>
<link>' . $item->link . '</link>
<description><![CDATA[' . $item->description . ']]></description>
<pubDate>' . date('r', strtotime($item->date)) . '</pubDate>
