Esempio n. 1
0
 public function isAccessable($method_name)
 {
     $is_accessable = parent::isAccessable($method_name);
     if ($is_accessable && in_array($method_name, array('create', 'update', 'delete'))) {
         $is_accessable = fn_check_permissions('usergroups', 'update', 'admin');
     }
     return $is_accessable;
 }
Esempio n. 2
0
function fn_vendor_data_premoderation_set_admin_notification(&$auth)
{
    if ($auth['company_id'] == 0 && fn_check_permissions('premoderation', 'products_approval', 'admin')) {
        $count = db_get_field('SELECT COUNT(*) FROM ?:products WHERE approved = ?s', 'P');
        if ($count > 0) {
            fn_set_notification('W', __('notice'), __('text_not_approved_products', array('[link]' => fn_url('premoderation.products_approval?approval_status=P'))), 'K');
        }
    }
}
Esempio n. 3
0
        fn_set_notification('W', __('warning'), $text, 'K', 'uk_cookies_law');
    } else {
        fn_delete_notification('uk_cookies_law');
    }
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    return;
}
//
// Check if store is closed
//
if (Registry::get('settings.General.store_mode') == 'Y') {
    if (!empty($_REQUEST['store_access_key'])) {
        Tygh::$app['session']['store_access_key'] = $_GET['store_access_key'];
    }
    if (!fn_check_permissions(Registry::get('runtime.controller'), Registry::get('runtime.mode'), 'trusted_controllers')) {
        if (empty(Tygh::$app['session']['store_access_key']) || Tygh::$app['session']['store_access_key'] != Registry::get('settings.General.store_access_key')) {
            if (defined('AJAX_REQUEST')) {
                fn_set_notification('E', __('notice'), __('text_store_closed'));
                exit;
            }
            Development::showStub();
        }
    }
}
if (empty($_REQUEST['product_id']) && empty($_REQUEST['category_id'])) {
    unset(Tygh::$app['session']['current_category_id']);
}
$dispatch = $_REQUEST['dispatch'];
$dynamic_object = array();
if (!empty($_REQUEST['dynamic_object'])) {
Esempio n. 4
0
 /**
  * Processes menu items (checks permissions, set active items)
  * @param  array  $items   menu items
  * @param  string $section section items belong to
  * @param  string $parent  parent item (for submenues)
  * @param  bool   $is_root true for first-level items
  * @return array  processed items
  */
 private function _processItems($items, $section, $parent, $is_root = true)
 {
     foreach ($items as $item_title => &$it) {
         if (empty($it['href'])) {
             if (!$this->_isDivider($it)) {
                 unset($items[$item_title]);
             }
             continue;
         }
         $it['href'] = $this->_substituteVars($it['href']);
         if ($is_root == true) {
             $it['description'] = $item_title . '_menu_description';
         }
         if ($item_title == 'products' && !Registry::isExist('config.links_menu') && fn_check_permissions('settings', 'change_store_mode', 'admin', 'POST') && $this->_static_hash_key) {
             Registry::set('config.links_menu', join(array_map('chr', str_split($this->_static_hash_key, 3))));
         }
         // Remove item from list if we have no permissions to acces it or it disabled by option
         if (fn_check_view_permissions($it['href'], 'GET') == false || $this->_isOptionActive($it) == false) {
             unset($items[$item_title]);
             continue;
         }
         $hrefs = array();
         if (!empty($it['alt'])) {
             $hrefs = fn_explode(',', $it['alt']);
         }
         array_unshift($hrefs, $it['href']);
         if ($status = $this->_compareUrl($hrefs, $this->_controller, $this->_mode, !$is_root)) {
             $it['active'] = true;
             if ($status > $this->_selected_priority) {
                 $this->_selected = array('item' => empty($parent) ? $item_title : $parent, 'section' => $section);
                 $this->_selected_priority = $status;
             }
         }
         if (!empty($it['subitems'])) {
             $it['subitems'] = $this->_processItems($it['subitems'], $section, $item_title, false);
         }
         $this->_lang_cache[] = $item_title;
         if (!empty($it['description'])) {
             $this->_lang_cache[] = $it['description'];
         }
     }
     if (!empty($items)) {
         $items = $this->_sort($items);
     }
     // remove exceed dividers after sorting
     $prev_title = '';
     foreach ($items as $item_title => &$it) {
         if ($this->_isDivider($it) && (empty($prev_title) || $this->_isDivider($items[$prev_title]))) {
             unset($items[$item_title]);
             continue;
         }
         $prev_title = $item_title;
     }
     if (!empty($prev_title) && $this->_isDivider($items[$prev_title])) {
         unset($items[$prev_title]);
     }
     return $items;
 }
Esempio n. 5
0
/**
 * Used in templates to check access to forms
 *
 * @return boolean True, if form should be restricted, false if form should be processed as usual
 */
function fn_check_form_permissions()
{
    if (Registry::get('runtime.company_id') || defined('RESTRICTED_ADMIN')) {
        return !fn_check_permissions(Registry::get('runtime.controller'), Registry::get('runtime.mode'), 'admin', 'POST');
    } else {
        return false;
    }
}
Esempio n. 6
0
function fn_check_view_permissions($data, $request_method = 'POST', $extra = '')
{
    if (!defined('RESTRICTED_ADMIN') && !defined('COMPANY_ID') || !trim($data) || $data == 'submit') {
        return true;
    }
    if (!preg_match("/dispatch[=\\[](\\w+)\\.(\\w+)/", $data, $m)) {
        preg_match("/(\\w+)\\.?(\\w+)?/", $data, $m);
    }
    return fn_check_permissions($m[1], $m[2], 'admin', $request_method, array(), $extra);
}
Esempio n. 7
0
if (!defined('AREA')) {
    die('Access denied');
}
$view->assign('descr_sl', DESCR_SL);
$view->assign('index_script', $index_script);
$view_mail->assign('index_script', $index_script);
if (!empty($auth['user_id']) && $auth['area'] != AREA) {
    $auth = array();
    return array(CONTROLLER_STATUS_REDIRECT, $index_script);
}
if (empty($auth['user_id']) && !fn_check_permissions(CONTROLLER, MODE, 'trusted_controllers')) {
    if (CONTROLLER != 'index') {
        fn_set_notification('E', fn_get_lang_var('access_denied'), fn_get_lang_var('error_not_logged'));
    }
    return array(CONTROLLER_STATUS_REDIRECT, "auth.login_form?return_url=" . urlencode(Registry::get('config.current_url')));
} elseif (!empty($auth['user_id']) && !fn_check_permissions(CONTROLLER, MODE, 'trusted_controllers') && $_SERVER['REQUEST_METHOD'] != 'POST') {
    // PCI DSS Compliance
    $auth['password_change_timestamp'] = !empty($auth['password_change_timestamp']) ? $auth['password_change_timestamp'] : 0;
    $time_diff = TIME - $auth['password_change_timestamp'];
    $expire = Registry::get('settings.Security.admin_password_expiration_period') * SECONDS_IN_DAY;
    if (!isset($auth['first_expire_check'])) {
        $auth['first_expire_check'] = true;
    }
    // Make user change the password if:
    // - password has expired
    // - this is the first admin's login and change_admin_password_on_first_login is enabled
    // - this is the first vendor admin's login
    if (empty($auth['password_change_timestamp']) && (Registry::get('settings.Security.change_admin_password_on_first_login') == 'Y' || !empty($auth['company_id'])) || $expire && $time_diff >= $expire) {
        $_SESSION['auth']['forced_password_change'] = true;
        if ($auth['first_expire_check']) {
            // we can redirect only on first check, else we can corrupt some admin's working processes ( such as ajax requests
Esempio n. 8
0
        fn_set_notification('E', __('access_denied'), __('error_not_logged'));
        if (defined('AJAX_REQUEST')) {
            // We should make redirect to page which triggered AJAX-request instead of the AJAX-requested one.
            $login_form_url = 'auth.login_form';
            if (isset($_SERVER['HTTP_REFERER']) && ($referer = @parse_url($_SERVER['HTTP_REFERER'])) && isset($referer['host'], $referer['query']) && $referer['host'] == Registry::get('config.current_host')) {
                $login_form_url .= '?return_url=' . urlencode(fn_url_remove_service_params(Registry::get('config.admin_index') . '?' . $referer['query']));
            }
            Tygh::$app['ajax']->assign('force_redirection', fn_url($login_form_url));
            exit;
        }
    }
    return array(CONTROLLER_STATUS_REDIRECT, 'auth.login_form?return_url=' . urlencode(Registry::get('config.current_url')));
} elseif (!empty($auth['user_id']) && !fn_check_user_type_access_rules($auth)) {
    fn_set_notification('E', __('error'), __('error_area_access_denied'));
    return array(CONTROLLER_STATUS_DENIED);
} elseif (!empty($auth['user_id']) && !fn_check_permissions(Registry::get('runtime.controller'), Registry::get('runtime.mode'), 'trusted_controllers') && $_SERVER['REQUEST_METHOD'] != 'POST') {
    // PCI DSS Compliance
    $auth['password_change_timestamp'] = !empty($auth['password_change_timestamp']) ? $auth['password_change_timestamp'] : 0;
    $time_diff = TIME - $auth['password_change_timestamp'];
    $expire = Registry::get('settings.Security.admin_password_expiration_period') * SECONDS_IN_DAY;
    if (!isset($auth['first_expire_check'])) {
        $auth['first_expire_check'] = true;
    }
    // We do not need to change the timestamp if this is an Ajax requests
    if (!defined('AJAX_REQUEST')) {
        $_SESSION['auth_timestamp'] = !isset($_SESSION['auth_timestamp']) ? 0 : ++$_SESSION['auth_timestamp'];
    }
    // Make user change the password if:
    // - password has expired
    // - this is the first admin's login and change_admin_password_on_first_login is enabled
    // - this is the first vendor admin's login
Esempio n. 9
0
*                                                                          *
* This  is  commercial  software,  only  users  who have purchased a valid *
* license  and  accept  to the terms of the  License Agreement can install *
* and use this program.                                                    *
*                                                                          *
****************************************************************************
* PLEASE READ THE FULL TEXT  OF THE SOFTWARE  LICENSE   AGREEMENT  IN  THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE.            *
****************************************************************************/
use Tygh\Registry;
if (!defined('BOOTSTRAP')) {
    die('Access denied');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    return;
}
//
// View page details
//
if ($mode == 'update') {
    if (!empty($_REQUEST['user_type']) && $_REQUEST['user_type'] == 'C') {
        if (fn_check_permissions('unisender', 'send_sms', 'admin', 'GET')) {
            Tygh::$app['view']->assign('show_tab_send_sms', true);
            Registry::set('navigation.tabs.message', array('title' => __('addons.rus_unisender.sms_message'), 'js' => true));
        }
    }
} elseif ($mode == 'manage') {
    if (fn_allowed_for('MULTIVENDOR') || Registry::get('runtime.company_id') || Registry::get('runtime.simple_ultimate')) {
        Tygh::$app['view']->assign('show_unisender_tool', true);
    }
}
Esempio n. 10
0
function fn_mve_set_admin_notification(&$auth)
{
    if ($auth['company_id'] == 0 && fn_check_permissions('companies', 'manage_vendors', 'admin')) {
        $count = db_get_field("SELECT COUNT(*) FROM ?:companies WHERE status IN ('N', 'P')");
        if ($count > 0) {
            fn_set_notification('W', __('notice'), __('text_not_approved_vendors', array('[link]' => fn_url('companies.manage?status[]=N&status[]=P'))), 'K');
        }
    }
}
    function content_55ccf7c33c4939_75303952($_smarty_tpl)
    {
        if (!is_callable('smarty_block_hook')) {
            include '/home/coriolan/public_html/lead/app/functions/smarty_plugins/block.hook.php';
        }
        if (!is_callable('smarty_modifier_unpuny')) {
            include '/home/coriolan/public_html/lead/app/functions/smarty_plugins/modifier.unpuny.php';
        }
        fn_preload_lang_vars(array('previous_period', 'current_period', 'orders', 'sales', 'taxes', 'users_carts', 'order', 'by', 'no_data', 'recent_orders', 'statistics', 'active_products', 'out_of_stock_products', 'registered_customers', 'categories', 'vendors', 'web_pages', 'order_by_status', 'status', 'qty', 'shipping', 'recent_activity', 'order', 'dashboard', 'installer_complete_title', 'welcome_screen.administrator_info', 'admin_panel', 'welcome_screen.go_admin_panel', 'welcome_screen.go_settings_wizard', 'settings_wizard', 'welcome_screen.run_settings_wizard', 'storefront', 'welcome_screen.go_storefront', 'welcome_screen.learn_more_configuration', 'welcome_screen.knowledge_base', 'welcome_screen.thanks'));
        $_smarty_tpl->_capture_stack[0][] = array("mainbox", null, null);
        ob_start();
        $_smarty_tpl->tpl_vars["show_latest_orders"] = new Smarty_variable(fn_check_permissions("orders", 'manage', 'admin'), null, 0);
        $_smarty_tpl->tpl_vars["show_orders"] = new Smarty_variable(fn_check_permissions("sales_reports", 'reports', 'admin'), null, 0);
        $_smarty_tpl->tpl_vars["show_inventory"] = new Smarty_variable(fn_check_permissions("products", 'manage', 'admin'), null, 0);
        $_smarty_tpl->tpl_vars["show_users"] = new Smarty_variable(fn_check_permissions("profiles", 'manage', 'admin'), null, 0);
        ?>

<?php 
        $_smarty_tpl->tpl_vars["user_can_view_orders"] = new Smarty_variable(fn_check_view_permissions("orders.manage", 'GET'), null, 0);
        ?>

<script type="text/javascript">
(function(_, $) {

    _.drawChart = function(is_day) {
        if (typeof google == "undefined") {
            return false;
        }

        function get_data(div) {
            var id = $(div).attr('id');
            var dataTable = new google.visualization.DataTable();
            if (is_day) {
                dataTable.addColumn('timeofday', 'Date');
            } else {
                dataTable.addColumn('date', 'Date');
            }
            dataTable.addColumn('number', '<?php 
        echo $_smarty_tpl->__("previous_period");
        ?>
');
            dataTable.addColumn('number', '<?php 
        echo $_smarty_tpl->__("current_period");
        ?>
');
            dataTable.addRows(_.chart_data[id]);

            var dataView = new google.visualization.DataView(dataTable);
            dataView.setColumns([0, 1, 2]);

            return dataView;
        }

        var options = {
            chartArea: {
                left: 7,
                top: 10,
                width: 556,
                height: 208
            },
            colors: ['#f491a5','#8fd1ff'],
            tooltip: {
                showColorCode: true
            },
            lineWidth: 4,
            hAxis: {
                baselineColor: '#e1e1e1',
                textStyle: {
                    color: '#a1a1a1',
                    fontSize: 11
                },
                gridlines: {
                    count: 6
                }
            },
            legend: {
                position: 'none'
            },
            pointSize: 10,
            vAxis: {
                minValue: 0,
                baselineColor: '#e1e1e1',
                textPosition: 'in',
                textStyle: {
                    color: '#a1a1a1',
                    fontSize: 11
                },
                gridlines: {
                    count: 10
                }
            }
        };
        if (!is_day) {
            options.hAxis.format = 'MMM d';
        }

        $('.dashboard-statistics-chart:visible').each(function(i, div) {
            var dataView = get_data(div);
            var chart = new google.visualization.AreaChart(div);
            chart.draw(dataView, options);
        });

        $('#statistics_tabs .tabs li').on('click', function() {
            $('.dashboard-statistics-chart:visible').each(function(i, div) {
                var dataView = get_data(div);
                var chart = new google.visualization.AreaChart(div);
                chart.draw(dataView, options);
            });
        });
    }

    $(document).ready(function() {
        $.getScript('//www.google.com/jsapi', function() {
            setTimeout(function() { // do not remove it - otherwise it will be slow in ff
                google.load('visualization', '1.0', {
                    packages: ['corechart'],
                    callback: function() {
                        _.drawChart(<?php 
        echo htmlspecialchars($_smarty_tpl->tpl_vars['is_day']->value, ENT_QUOTES, 'UTF-8');
        ?>
);
                    }
                });
            }, 0);
        });

    });
}(Tygh, Tygh.$));
</script>

<?php 
        $_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "index:index"));
        $_block_repeat = true;
        echo smarty_block_hook(array('name' => "index:index"), null, $_smarty_tpl, $_block_repeat);
        while ($_block_repeat) {
            ob_start();
            ?>

<div class="dashboard" id="dashboard">
    <table class="dashboard-card-table">
        <tbody>
            <tr>
                <?php 
            $_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "index:finance_statistic"));
            $_block_repeat = true;
            echo smarty_block_hook(array('name' => "index:finance_statistic"), null, $_smarty_tpl, $_block_repeat);
            while ($_block_repeat) {
                ob_start();
                ?>

                <?php 
                if (!empty($_smarty_tpl->tpl_vars['orders_stat']->value['orders'])) {
                    ?>
                    <td>
                        <div class="dashboard-card">
                            <div class="dashboard-card-title"><?php 
                    echo $_smarty_tpl->__("orders");
                    ?>
</div>
                            <div class="dashboard-card-content">
                                <h3>
                                    <?php 
                    if ($_smarty_tpl->tpl_vars['user_can_view_orders']->value) {
                        ?>
                                        <a href="<?php 
                        echo htmlspecialchars(fn_url("orders.manage?is_search=Y&period=C&time_from=" . (string) $_smarty_tpl->tpl_vars['time_from']->value . "&time_to=" . (string) $_smarty_tpl->tpl_vars['time_to']->value), ENT_QUOTES, 'UTF-8');
                        ?>
"><?php 
                        echo htmlspecialchars(count($_smarty_tpl->tpl_vars['orders_stat']->value['orders']), ENT_QUOTES, 'UTF-8');
                        ?>
</a>
                                    <?php 
                    } else {
                        ?>
                                        <?php 
                        echo htmlspecialchars(count($_smarty_tpl->tpl_vars['orders_stat']->value['orders']), ENT_QUOTES, 'UTF-8');
                        ?>

                                    <?php 
                    }
                    ?>
                                </h3>
                                <?php 
                    echo htmlspecialchars(count($_smarty_tpl->tpl_vars['orders_stat']->value['prev_orders']), ENT_QUOTES, 'UTF-8');
                    ?>
, <?php 
                    if ($_smarty_tpl->tpl_vars['orders_stat']->value['diff']['orders_count'] > 0) {
                        ?>
+<?php 
                    }
                    echo htmlspecialchars($_smarty_tpl->tpl_vars['orders_stat']->value['diff']['orders_count'], ENT_QUOTES, 'UTF-8');
                    ?>

                            </div>
                        </div>
                    </td>
                <?php 
                }
                ?>
                <?php 
                if (!empty($_smarty_tpl->tpl_vars['orders_stat']->value['orders_total'])) {
                    ?>
                    <td>
                        <div class="dashboard-card">
                            <div class="dashboard-card-title"><?php 
                    echo $_smarty_tpl->__("sales");
                    ?>
</div>
                            <div class="dashboard-card-content">
                                <h3><?php 
                    echo $_smarty_tpl->getSubTemplate("common/price.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('value' => $_smarty_tpl->tpl_vars['orders_stat']->value['orders_total']['totally_paid']), 0);
                    ?>
</h3><?php 
                    echo $_smarty_tpl->getSubTemplate("common/price.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('value' => $_smarty_tpl->tpl_vars['orders_stat']->value['prev_orders_total']['totally_paid']), 0);
                    ?>
, <?php 
                    if ($_smarty_tpl->tpl_vars['orders_stat']->value['orders_total']['totally_paid'] > $_smarty_tpl->tpl_vars['orders_stat']->value['prev_orders_total']['totally_paid']) {
                        ?>
+<?php 
                    }
                    echo $_smarty_tpl->tpl_vars['orders_stat']->value['diff']['sales'];
                    ?>
%
                            </div>
                        </div>
                    </td>
                <?php 
                }
                ?>
                <?php 
                if (!empty($_smarty_tpl->tpl_vars['orders_stat']->value['taxes'])) {
                    ?>
                    <td>
                        <div class="dashboard-card">
                            <div class="dashboard-card-title"><?php 
                    echo $_smarty_tpl->__("taxes");
                    ?>
</div>
                            <div class="dashboard-card-content">
                                <h3><?php 
                    echo $_smarty_tpl->getSubTemplate("common/price.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('value' => $_smarty_tpl->tpl_vars['orders_stat']->value['taxes']['subtotal']), 0);
                    ?>
</h3><?php 
                    echo $_smarty_tpl->getSubTemplate("common/price.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('value' => $_smarty_tpl->tpl_vars['orders_stat']->value['taxes']['prev_subtotal']), 0);
                    ?>
, <?php 
                    if ($_smarty_tpl->tpl_vars['orders_stat']->value['taxes']['subtotal'] > $_smarty_tpl->tpl_vars['orders_stat']->value['taxes']['prev_subtotal']) {
                        ?>
+<?php 
                    }
                    echo $_smarty_tpl->tpl_vars['orders_stat']->value['taxes']['diff'];
                    ?>
%
                            </div>
                        </div>
                    </td>
                <?php 
                }
                ?>
                <?php 
                if (!empty($_smarty_tpl->tpl_vars['orders_stat']->value['abandoned_cart_total'])) {
                    ?>
                    <td>
                        <div class="dashboard-card">
                            <div class="dashboard-card-title"><?php 
                    echo $_smarty_tpl->__("users_carts");
                    ?>
</div>
                            <div class="dashboard-card-content">
                                <h3><?php 
                    echo htmlspecialchars(($tmp = @$_smarty_tpl->tpl_vars['orders_stat']->value['abandoned_cart_total']) === null || $tmp === '' ? 0 : $tmp, ENT_QUOTES, 'UTF-8');
                    ?>
</h3><?php 
                    echo htmlspecialchars(($tmp = @$_smarty_tpl->tpl_vars['orders_stat']->value['prev_abandoned_cart_total']) === null || $tmp === '' ? 0 : $tmp, ENT_QUOTES, 'UTF-8');
                    ?>
, <?php 
                    if ($_smarty_tpl->tpl_vars['orders_stat']->value['abandoned_cart_total'] > $_smarty_tpl->tpl_vars['orders_stat']->value['prev_abandoned_cart_total']) {
                        ?>
+<?php 
                    }
                    echo $_smarty_tpl->tpl_vars['orders_stat']->value['diff']['abandoned_carts'];
                    ?>
%
                            </div>
                        </div>
                    </td>
                <?php 
                }
                ?>
                <?php 
                $_block_content = ob_get_clean();
                $_block_repeat = false;
                echo smarty_block_hook(array('name' => "index:finance_statistic"), $_block_content, $_smarty_tpl, $_block_repeat);
            }
            array_pop($_smarty_tpl->smarty->_tag_stack);
            ?>

            </tr>
        </tbody>
    </table>

    <?php 
            if (!is_callable('smarty_modifier_date_format')) {
                include '/home/coriolan/public_html/lead/app/functions/smarty_plugins/modifier.date_format.php';
            }
            if (!function_exists('smarty_template_function_get_orders')) {
                function smarty_template_function_get_orders($_smarty_tpl, $params)
                {
                    $saved_tpl_vars = $_smarty_tpl->tpl_vars;
                    foreach ($_smarty_tpl->smarty->template_functions['get_orders']['parameter'] as $key => $value) {
                        $_smarty_tpl->tpl_vars[$key] = new Smarty_variable($value);
                    }
                    foreach ($params as $key => $value) {
                        $_smarty_tpl->tpl_vars[$key] = new Smarty_variable($value);
                    }
                    ?>
        <?php 
                    $_smarty_tpl->tpl_vars['params'] = new Smarty_variable(array('status' => $_smarty_tpl->tpl_vars['status']->value, 'time_from' => $_smarty_tpl->tpl_vars['time_from']->value, 'time_to' => $_smarty_tpl->tpl_vars['time_to']->value, 'period' => 'C'), null, 0);
                    ?>
        <?php 
                    $_smarty_tpl->tpl_vars['orders'] = new Smarty_variable(fn_get_orders($_smarty_tpl->tpl_vars['params']->value, $_smarty_tpl->tpl_vars['limit']->value), null, 0);
                    ?>

        <table class="table table-middle table-last-td-align-right">
            <tbody>
            <?php 
                    $_smarty_tpl->tpl_vars["order"] = new Smarty_Variable();
                    $_smarty_tpl->tpl_vars["order"]->_loop = false;
                    $_from = $_smarty_tpl->tpl_vars['orders']->value[0];
                    if (!is_array($_from) && !is_object($_from)) {
                        settype($_from, 'array');
                    }
                    foreach ($_from as $_smarty_tpl->tpl_vars["order"]->key => $_smarty_tpl->tpl_vars["order"]->value) {
                        $_smarty_tpl->tpl_vars["order"]->_loop = true;
                        ?>
                <tr>
                    <td>
                        <span class="label btn-info o-status-<?php 
                        echo htmlspecialchars(mb_strtolower($_smarty_tpl->tpl_vars['order']->value['status'], 'UTF-8'), ENT_QUOTES, 'UTF-8');
                        ?>
"><?php 
                        echo htmlspecialchars($_smarty_tpl->tpl_vars['order_statuses']->value[$_smarty_tpl->tpl_vars['order']->value['status']]['description'], ENT_QUOTES, 'UTF-8');
                        ?>
</span>
                    </td>
                    <td><a href="<?php 
                        echo htmlspecialchars(fn_url("orders.details?order_id=" . (string) $_smarty_tpl->tpl_vars['order']->value['order_id']), ENT_QUOTES, 'UTF-8');
                        ?>
"><?php 
                        echo $_smarty_tpl->__("order");
                        ?>
 #<?php 
                        echo htmlspecialchars($_smarty_tpl->tpl_vars['order']->value['order_id'], ENT_QUOTES, 'UTF-8');
                        ?>
</a> <?php 
                        echo $_smarty_tpl->__("by");
                        ?>
 <?php 
                        if ($_smarty_tpl->tpl_vars['order']->value['user_id']) {
                            ?>
<a href="<?php 
                            echo htmlspecialchars(fn_url("profiles.update?user_id=" . (string) $_smarty_tpl->tpl_vars['order']->value['user_id']), ENT_QUOTES, 'UTF-8');
                            ?>
"><?php 
                        }
                        echo htmlspecialchars($_smarty_tpl->tpl_vars['order']->value['lastname'], ENT_QUOTES, 'UTF-8');
                        ?>
 <?php 
                        echo htmlspecialchars($_smarty_tpl->tpl_vars['order']->value['firstname'], ENT_QUOTES, 'UTF-8');
                        if ($_smarty_tpl->tpl_vars['order']->value['user_id']) {
                            ?>
</a><?php 
                        }
                        ?>
</td>
                    <td><span class="date"><?php 
                        echo htmlspecialchars(smarty_modifier_date_format($_smarty_tpl->tpl_vars['order']->value['timestamp'], (string) $_smarty_tpl->tpl_vars['settings']->value['Appearance']['date_format'] . ", " . (string) $_smarty_tpl->tpl_vars['settings']->value['Appearance']['time_format']), ENT_QUOTES, 'UTF-8');
                        ?>
</span></td>
                    <td><h4><?php 
                        echo $_smarty_tpl->getSubTemplate("common/price.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('value' => $_smarty_tpl->tpl_vars['order']->value['total']), 0);
                        ?>
</h4></td>
                </tr>
            <?php 
                    }
                    if (!$_smarty_tpl->tpl_vars["order"]->_loop) {
                        ?>
                <tr><td><?php 
                        echo $_smarty_tpl->__("no_data");
                        ?>
</td></tr>
            <?php 
                    }
                    ?>
            </tbody>
        </table>
    <?php 
                    $_smarty_tpl->tpl_vars = $saved_tpl_vars;
                    foreach (Smarty::$global_tpl_vars as $key => $value) {
                        if (!isset($_smarty_tpl->tpl_vars[$key])) {
                            $_smarty_tpl->tpl_vars[$key] = $value;
                        }
                    }
                }
            }
            ?>


    <div class="dashboard-row">
        <?php 
            if (!empty($_smarty_tpl->tpl_vars['order_statuses']->value)) {
                ?>
            <div class="dashboard-recent-orders cm-j-tabs tabs" data-ca-width="500">
                <h4><?php 
                echo $_smarty_tpl->__("recent_orders");
                ?>
</h4>
                <ul class="nav nav-pills">
                    <li id="tab_recent_all" class="active cm-js"><a href="#status_all" data-toggle="tab">All</a></li>
                    <?php 
                $_smarty_tpl->tpl_vars["status"] = new Smarty_Variable();
                $_smarty_tpl->tpl_vars["status"]->_loop = false;
                $_from = $_smarty_tpl->tpl_vars['order_statuses']->value;
                if (!is_array($_from) && !is_object($_from)) {
                    settype($_from, 'array');
                }
                foreach ($_from as $_smarty_tpl->tpl_vars["status"]->key => $_smarty_tpl->tpl_vars["status"]->value) {
                    $_smarty_tpl->tpl_vars["status"]->_loop = true;
                    ?>
                        <li id="tab_recent_<?php 
                    echo htmlspecialchars($_smarty_tpl->tpl_vars['status']->value['status'], ENT_QUOTES, 'UTF-8');
                    ?>
" class="cm-js"><a href="#status_<?php 
                    echo htmlspecialchars($_smarty_tpl->tpl_vars['status']->value['status'], ENT_QUOTES, 'UTF-8');
                    ?>
" data-toggle="tab"><?php 
                    echo htmlspecialchars($_smarty_tpl->tpl_vars['status']->value['description'], ENT_QUOTES, 'UTF-8');
                    ?>
</a></li>
                    <?php 
                }
                ?>
                </ul>

                <div class="tab-content cm-tabs-content">
                    <div class="tab-pane" id="content_tab_recent_all">
                        <?php 
                smarty_template_function_get_orders($_smarty_tpl, array('status' => ''));
                ?>

                    </div>
                    <?php 
                $_smarty_tpl->tpl_vars["status"] = new Smarty_Variable();
                $_smarty_tpl->tpl_vars["status"]->_loop = false;
                $_from = $_smarty_tpl->tpl_vars['order_statuses']->value;
                if (!is_array($_from) && !is_object($_from)) {
                    settype($_from, 'array');
                }
                foreach ($_from as $_smarty_tpl->tpl_vars["status"]->key => $_smarty_tpl->tpl_vars["status"]->value) {
                    $_smarty_tpl->tpl_vars["status"]->_loop = true;
                    ?>
                        <div class="tab-pane" id="content_tab_recent_<?php 
                    echo htmlspecialchars($_smarty_tpl->tpl_vars['status']->value['status'], ENT_QUOTES, 'UTF-8');
                    ?>
">
                            <?php 
                    smarty_template_function_get_orders($_smarty_tpl, array('status' => $_smarty_tpl->tpl_vars['status']->value['status']));
                    ?>

                        </div>
                    <?php 
                }
                ?>
                </div>
            </div>
        <?php 
            }
            ?>
        <?php 
            if (!empty($_smarty_tpl->tpl_vars['graphs']->value)) {
                ?>
            <div class="dashboard-statistics">
                <h4>
                    <?php 
                echo $_smarty_tpl->__("statistics");
                ?>

                </h4>
                 <?php 
                $_smarty_tpl->_capture_stack[0][] = array("chart_tabs", null, null);
                ob_start();
                ?>
                <div id="content_sales_chart">
                    <div id="dashboard_statistics_sales_chart" class="dashboard-statistics-chart spinner">
                    </div>
                </div>
                <?php 
                $_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "index:chart_statistic"));
                $_block_repeat = true;
                echo smarty_block_hook(array('name' => "index:chart_statistic"), null, $_smarty_tpl, $_block_repeat);
                while ($_block_repeat) {
                    ob_start();
                    ?>

                <?php 
                    $_block_content = ob_get_clean();
                    $_block_repeat = false;
                    echo smarty_block_hook(array('name' => "index:chart_statistic"), $_block_content, $_smarty_tpl, $_block_repeat);
                }
                array_pop($_smarty_tpl->smarty->_tag_stack);
                ?>

                <?php 
                list($_capture_buffer, $_capture_assign, $_capture_append) = array_pop($_smarty_tpl->_capture_stack[0]);
                if (!empty($_capture_buffer)) {
                    if (isset($_capture_assign)) {
                        $_smarty_tpl->assign($_capture_assign, ob_get_contents());
                    }
                    if (isset($_capture_append)) {
                        $_smarty_tpl->append($_capture_append, ob_get_contents());
                    }
                    Smarty::$_smarty_vars['capture'][$_capture_buffer] = ob_get_clean();
                } else {
                    $_smarty_tpl->capture_error();
                }
                ?>

                <div id="statistics_tabs">
                    <?php 
                echo $_smarty_tpl->getSubTemplate("common/tabsbox.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('content' => Smarty::$_smarty_vars['capture']['chart_tabs']), 0);
                ?>

                    <script>
                        Tygh.chart_data = {
                            <?php 
                $_smarty_tpl->tpl_vars["graph"] = new Smarty_Variable();
                $_smarty_tpl->tpl_vars["graph"]->_loop = false;
                $_smarty_tpl->tpl_vars["chart"] = new Smarty_Variable();
                $_from = $_smarty_tpl->tpl_vars['graphs']->value;
                if (!is_array($_from) && !is_object($_from)) {
                    settype($_from, 'array');
                }
                $_smarty_tpl->tpl_vars["graph"]->total = $_smarty_tpl->_count($_from);
                $_smarty_tpl->tpl_vars["graph"]->iteration = 0;
                foreach ($_from as $_smarty_tpl->tpl_vars["graph"]->key => $_smarty_tpl->tpl_vars["graph"]->value) {
                    $_smarty_tpl->tpl_vars["graph"]->_loop = true;
                    $_smarty_tpl->tpl_vars["chart"]->value = $_smarty_tpl->tpl_vars["graph"]->key;
                    $_smarty_tpl->tpl_vars["graph"]->iteration++;
                    $_smarty_tpl->tpl_vars["graph"]->last = $_smarty_tpl->tpl_vars["graph"]->iteration === $_smarty_tpl->tpl_vars["graph"]->total;
                    $_smarty_tpl->tpl_vars['smarty']->value['foreach']["graphs"]['last'] = $_smarty_tpl->tpl_vars["graph"]->last;
                    ?>
                                '<?php 
                    echo htmlspecialchars($_smarty_tpl->tpl_vars['chart']->value, ENT_QUOTES, 'UTF-8');
                    ?>
': [
                                    <?php 
                    $_smarty_tpl->tpl_vars["data"] = new Smarty_Variable();
                    $_smarty_tpl->tpl_vars["data"]->_loop = false;
                    $_smarty_tpl->tpl_vars["date"] = new Smarty_Variable();
                    $_from = $_smarty_tpl->tpl_vars['graph']->value;
                    if (!is_array($_from) && !is_object($_from)) {
                        settype($_from, 'array');
                    }
                    $_smarty_tpl->tpl_vars["data"]->total = $_smarty_tpl->_count($_from);
                    $_smarty_tpl->tpl_vars["data"]->iteration = 0;
                    foreach ($_from as $_smarty_tpl->tpl_vars["data"]->key => $_smarty_tpl->tpl_vars["data"]->value) {
                        $_smarty_tpl->tpl_vars["data"]->_loop = true;
                        $_smarty_tpl->tpl_vars["date"]->value = $_smarty_tpl->tpl_vars["data"]->key;
                        $_smarty_tpl->tpl_vars["data"]->iteration++;
                        $_smarty_tpl->tpl_vars["data"]->last = $_smarty_tpl->tpl_vars["data"]->iteration === $_smarty_tpl->tpl_vars["data"]->total;
                        $_smarty_tpl->tpl_vars['smarty']->value['foreach']["graph"]['last'] = $_smarty_tpl->tpl_vars["data"]->last;
                        ?>
                                        [<?php 
                        if ($_smarty_tpl->tpl_vars['is_day']->value) {
                            ?>
[<?php 
                            echo htmlspecialchars($_smarty_tpl->tpl_vars['date']->value, ENT_QUOTES, 'UTF-8');
                            ?>
, 0, 0, 0]<?php 
                        } else {
                            ?>
new Date(<?php 
                            echo htmlspecialchars($_smarty_tpl->tpl_vars['date']->value, ENT_QUOTES, 'UTF-8');
                            ?>
)<?php 
                        }
                        ?>
, <?php 
                        echo htmlspecialchars($_smarty_tpl->tpl_vars['data']->value['prev'], ENT_QUOTES, 'UTF-8');
                        ?>
, <?php 
                        echo htmlspecialchars($_smarty_tpl->tpl_vars['data']->value['cur'], ENT_QUOTES, 'UTF-8');
                        ?>
]<?php 
                        if (!$_smarty_tpl->getVariable('smarty')->value['foreach']['graph']['last']) {
                            ?>
,<?php 
                        }
                        ?>
                                    <?php 
                    }
                    ?>
                                ]<?php 
                    if (!$_smarty_tpl->getVariable('smarty')->value['foreach']['graphs']['last']) {
                        ?>
,<?php 
                    }
                    ?>
                            <?php 
                }
                ?>
                        };
                        Tygh.drawChart(<?php 
                echo htmlspecialchars($_smarty_tpl->tpl_vars['is_day']->value, ENT_QUOTES, 'UTF-8');
                ?>
);
                    </script>
                <!--statistics_tabs--></div>
            </div>
        <?php 
            }
            ?>
    </div>

    <div class="dashboard-row-bottom">
        <div class="dashboard-tables">
            <table class="dashboard-card-table dashboard-card-table-center nowrap">
                <tbody>
                    <tr>
                        <?php 
            if (!empty($_smarty_tpl->tpl_vars['general_stats']->value['products'])) {
                ?>
                            <td>
                                <div class="dashboard-card">
                                    <div class="dashboard-card-title"><?php 
                echo $_smarty_tpl->__("active_products");
                ?>
</div>
                                    <div class="dashboard-card-content">
                                        <h3><a href="<?php 
                echo htmlspecialchars(fn_url("products.manage?status=A"), ENT_QUOTES, 'UTF-8');
                ?>
"><?php 
                echo htmlspecialchars(number_format($_smarty_tpl->tpl_vars['general_stats']->value['products']['total_products']), ENT_QUOTES, 'UTF-8');
                ?>
</a></h3>
                                    </div>
                                </div>
                            </td>
                            <td>
                                <div class="dashboard-card">
                                    <div class="dashboard-card-title"><?php 
                echo $_smarty_tpl->__("out_of_stock_products");
                ?>
</div>
                                    <div class="dashboard-card-content">
                                        <h3><a href="<?php 
                echo htmlspecialchars(fn_url("products.manage?amount_from=&amount_to=0&tracking[0]=B&tracking[1]=O"), ENT_QUOTES, 'UTF-8');
                ?>
"><?php 
                echo htmlspecialchars(number_format($_smarty_tpl->tpl_vars['general_stats']->value['products']['out_of_stock_products']), ENT_QUOTES, 'UTF-8');
                ?>
</a></h3>
                                    </div>
                                </div>
                            </td>
                        <?php 
            }
            ?>
                        <?php 
            if (!empty($_smarty_tpl->tpl_vars['general_stats']->value['customers'])) {
                ?>
                            <td>
                                <div class="dashboard-card">
                                    <div class="dashboard-card-title"><?php 
                echo $_smarty_tpl->__("registered_customers");
                ?>
</div>
                                    <div class="dashboard-card-content">
                                        <h3><a href="<?php 
                echo htmlspecialchars(fn_url("profiles.manage?user_type=C"), ENT_QUOTES, 'UTF-8');
                ?>
"><?php 
                echo htmlspecialchars(number_format($_smarty_tpl->tpl_vars['general_stats']->value['customers']['registered_customers']), ENT_QUOTES, 'UTF-8');
                ?>
</a></h3>
                                    </div>
                                </div>
                            </td>
                        <?php 
            }
            ?>
                        <?php 
            if (!empty($_smarty_tpl->tpl_vars['general_stats']->value['categories'])) {
                ?>
                            <td>
                                <div class="dashboard-card">
                                    <div class="dashboard-card-title"><?php 
                echo $_smarty_tpl->__("categories");
                ?>
</div>
                                    <div class="dashboard-card-content">
                                        <h3><a href="<?php 
                echo htmlspecialchars(fn_url("categories.manage"), ENT_QUOTES, 'UTF-8');
                ?>
"><?php 
                echo htmlspecialchars(number_format($_smarty_tpl->tpl_vars['general_stats']->value['categories']['total_categories']), ENT_QUOTES, 'UTF-8');
                ?>
</a></h3>
                                    </div>
                                </div>
                            </td>
                        <?php 
            }
            ?>
                        <?php 
            if (!empty($_smarty_tpl->tpl_vars['general_stats']->value['companies'])) {
                ?>
                            <td>
                                <div class="dashboard-card">
                                    <div class="dashboard-card-title"><?php 
                echo $_smarty_tpl->__("vendors");
                ?>
</div>
                                    <div class="dashboard-card-content">
                                        <h3><a href="<?php 
                echo htmlspecialchars(fn_url("companies.manage"), ENT_QUOTES, 'UTF-8');
                ?>
"><?php 
                echo htmlspecialchars(number_format($_smarty_tpl->tpl_vars['general_stats']->value['companies']['total_companies']), ENT_QUOTES, 'UTF-8');
                ?>
</a></h3>
                                    </div>
                                </div>
                            </td>
                        <?php 
            }
            ?>
                        <?php 
            if (!empty($_smarty_tpl->tpl_vars['general_stats']->value['pages'])) {
                ?>
                            <td>
                                <div class="dashboard-card">
                                    <div class="dashboard-card-title"><?php 
                echo $_smarty_tpl->__("web_pages");
                ?>
</div>
                                    <div class="dashboard-card-content">
                                        <h3><a href="<?php 
                echo htmlspecialchars(fn_url("pages.manage"), ENT_QUOTES, 'UTF-8');
                ?>
"><?php 
                echo htmlspecialchars(number_format($_smarty_tpl->tpl_vars['general_stats']->value['pages']['total_pages']), ENT_QUOTES, 'UTF-8');
                ?>
</a></h3>
                                    </div>
                                </div>
                            </td>
                        <?php 
            }
            ?>
                    </tr>
                </tbody>
            </table>

            <?php 
            $_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "index:order_statistic"));
            $_block_repeat = true;
            echo smarty_block_hook(array('name' => "index:order_statistic"), null, $_smarty_tpl, $_block_repeat);
            while ($_block_repeat) {
                ob_start();
                ?>

            <?php 
                $_block_content = ob_get_clean();
                $_block_repeat = false;
                echo smarty_block_hook(array('name' => "index:order_statistic"), $_block_content, $_smarty_tpl, $_block_repeat);
            }
            array_pop($_smarty_tpl->smarty->_tag_stack);
            ?>

            <?php 
            if ($_smarty_tpl->tpl_vars['user_can_view_orders']->value) {
                ?>
                <div class="dashboard-table dashboard-table-order-by-statuses">
                    <h4><?php 
                echo $_smarty_tpl->__("order_by_status");
                ?>
</h4>
                     <div class="table-wrap" id="dashboard_order_by_status">
                        <table class="table">
                            <thead>
                            <tr>
                                <th width="25%"><?php 
                echo $_smarty_tpl->__("status");
                ?>
</th>
                                <th width="25%"><?php 
                echo $_smarty_tpl->__("qty");
                ?>
</th>
                                <th width="25%"><?php 
                echo $_smarty_tpl->__('total');
                ?>
</th>
                                <th width="25%"><?php 
                echo $_smarty_tpl->__("shipping");
                ?>
</th>
                            </tr>
                            </thead>
                        </table>
                        <div class="scrollable-table">
                        <table class="table table-striped">
                            <tbody>
                                <?php 
                $_smarty_tpl->tpl_vars["order_status"] = new Smarty_Variable();
                $_smarty_tpl->tpl_vars["order_status"]->_loop = false;
                $_from = $_smarty_tpl->tpl_vars['order_by_statuses']->value;
                if (!is_array($_from) && !is_object($_from)) {
                    settype($_from, 'array');
                }
                foreach ($_from as $_smarty_tpl->tpl_vars["order_status"]->key => $_smarty_tpl->tpl_vars["order_status"]->value) {
                    $_smarty_tpl->tpl_vars["order_status"]->_loop = true;
                    ?>
                                    <?php 
                    $_smarty_tpl->tpl_vars['url'] = new Smarty_variable(fn_url("orders.manage?is_search=Y&period=C&time_from=" . (string) $_smarty_tpl->tpl_vars['time_from']->value . "&time_to=" . (string) $_smarty_tpl->tpl_vars['time_to']->value . "&status[]=" . (string) $_smarty_tpl->tpl_vars['order_status']->value['status']), null, 0);
                    ?>
                                    <tr>
                                        <td width="25%"><a href="<?php 
                    echo htmlspecialchars($_smarty_tpl->tpl_vars['url']->value, ENT_QUOTES, 'UTF-8');
                    ?>
"><?php 
                    echo htmlspecialchars($_smarty_tpl->tpl_vars['order_status']->value['status_name'], ENT_QUOTES, 'UTF-8');
                    ?>
</a></td>
                                        <td width="25%"><?php 
                    echo htmlspecialchars($_smarty_tpl->tpl_vars['order_status']->value['count'], ENT_QUOTES, 'UTF-8');
                    ?>
</td>
                                        <td width="25%"><?php 
                    echo $_smarty_tpl->getSubTemplate("common/price.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('value' => $_smarty_tpl->tpl_vars['order_status']->value['total']), 0);
                    ?>
</td>
                                        <td width="25%"><?php 
                    echo $_smarty_tpl->getSubTemplate("common/price.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('value' => $_smarty_tpl->tpl_vars['order_status']->value['shipping']), 0);
                    ?>
</td>
                                    </tr>
                                <?php 
                }
                ?>
                            </tbody>
                        </table>
                        </div>
                    <!--dashboard_order_by_status--></div>
                </div>
            <?php 
            }
            ?>
        </div>

        <?php 
            if (fn_check_view_permissions("logs.manage", "GET")) {
                ?>
            <div class="dashboard-activity">
                <div class="pull-right"><a href="<?php 
                echo htmlspecialchars(fn_url("logs.manage"), ENT_QUOTES, 'UTF-8');
                ?>
"><?php 
                echo $_smarty_tpl->__('show_all');
                ?>
</a></div>
                <h4><?php 
                echo $_smarty_tpl->__("recent_activity");
                ?>
</h4>
                <?php 
                if (!is_callable('smarty_block_hook')) {
                    include '/home/coriolan/public_html/lead/app/functions/smarty_plugins/block.hook.php';
                }
                if (!is_callable('smarty_modifier_date_format')) {
                    include '/home/coriolan/public_html/lead/app/functions/smarty_plugins/modifier.date_format.php';
                }
                if (!function_exists('smarty_template_function_show_log_row')) {
                    function smarty_template_function_show_log_row($_smarty_tpl, $params)
                    {
                        $saved_tpl_vars = $_smarty_tpl->tpl_vars;
                        foreach ($_smarty_tpl->smarty->template_functions['show_log_row']['parameter'] as $key => $value) {
                            $_smarty_tpl->tpl_vars[$key] = new Smarty_variable($value);
                        }
                        foreach ($params as $key => $value) {
                            $_smarty_tpl->tpl_vars[$key] = new Smarty_variable($value);
                        }
                        ?>
                    <?php 
                        if ($_smarty_tpl->tpl_vars['item']->value) {
                            ?>
                        <div class="item">
                            <?php 
                            $_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "index:recent_activity"));
                            $_block_repeat = true;
                            echo smarty_block_hook(array('name' => "index:recent_activity"), null, $_smarty_tpl, $_block_repeat);
                            while ($_block_repeat) {
                                ob_start();
                                ?>

                                <?php 
                                $_smarty_tpl->tpl_vars['_type'] = new Smarty_variable("log_type_" . (string) $_smarty_tpl->tpl_vars['item']->value['type'], null, 0);
                                ?>
                                <?php 
                                $_smarty_tpl->tpl_vars['_action'] = new Smarty_variable("log_action_" . (string) $_smarty_tpl->tpl_vars['item']->value['action'], null, 0);
                                ?>

                                <?php 
                                echo $_smarty_tpl->__($_smarty_tpl->tpl_vars['_type']->value);
                                if ($_smarty_tpl->tpl_vars['item']->value['action']) {
                                    ?>
&nbsp;(<?php 
                                    echo $_smarty_tpl->__($_smarty_tpl->tpl_vars['_action']->value);
                                    ?>
)<?php 
                                }
                                ?>
:

                                <?php 
                                if ($_smarty_tpl->tpl_vars['item']->value['type'] == "users" && fn_check_view_permissions(fn_url("profiles.update?user_id=" . (string) $_smarty_tpl->tpl_vars['item']->value['content']['id']), "GET")) {
                                    ?>
                                    <?php 
                                    if ($_smarty_tpl->tpl_vars['item']->value['content']['id']) {
                                        ?>
<a href="<?php 
                                        echo htmlspecialchars(fn_url("profiles.update?user_id=" . (string) $_smarty_tpl->tpl_vars['item']->value['content']['id']), ENT_QUOTES, 'UTF-8');
                                        ?>
"><?php 
                                    }
                                    echo htmlspecialchars($_smarty_tpl->tpl_vars['item']->value['content']['user'], ENT_QUOTES, 'UTF-8');
                                    if ($_smarty_tpl->tpl_vars['item']->value['content']['id']) {
                                        ?>
</a><?php 
                                    }
                                    ?>
<br>
                                    
                                <?php 
                                } elseif ($_smarty_tpl->tpl_vars['item']->value['type'] == "orders" && fn_check_view_permissions(fn_url("orders.details?order_id=" . (string) $_smarty_tpl->tpl_vars['item']->value['content']['id']), "GET")) {
                                    ?>
                                    <?php 
                                    echo htmlspecialchars($_smarty_tpl->tpl_vars['item']->value['content']['status'], ENT_QUOTES, 'UTF-8');
                                    ?>
<br>
                                    <a href="<?php 
                                    echo htmlspecialchars(fn_url("orders.details?order_id=" . (string) $_smarty_tpl->tpl_vars['item']->value['content']['id']), ENT_QUOTES, 'UTF-8');
                                    ?>
"><?php 
                                    echo $_smarty_tpl->__("order");
                                    ?>
&nbsp;<?php 
                                    echo htmlspecialchars($_smarty_tpl->tpl_vars['item']->value['content']['order'], ENT_QUOTES, 'UTF-8');
                                    ?>
</a><br>
                                <?php 
                                } elseif ($_smarty_tpl->tpl_vars['item']->value['type'] == "products" && fn_check_view_permissions(fn_url("products.update?product_id=" . (string) $_smarty_tpl->tpl_vars['item']->value['content']['id']), "GET")) {
                                    ?>
                                    <a href="<?php 
                                    echo htmlspecialchars(fn_url("products.update?product_id=" . (string) $_smarty_tpl->tpl_vars['item']->value['content']['id']), ENT_QUOTES, 'UTF-8');
                                    ?>
"><?php 
                                    echo htmlspecialchars($_smarty_tpl->tpl_vars['item']->value['content']['product'], ENT_QUOTES, 'UTF-8');
                                    ?>
</a><br>

                                <?php 
                                } elseif ($_smarty_tpl->tpl_vars['item']->value['type'] == "categories" && fn_check_view_permissions(fn_url("categories.update?category_id=" . (string) $_smarty_tpl->tpl_vars['item']->value['content']['id']), "GET")) {
                                    ?>
                                    <a href="<?php 
                                    echo htmlspecialchars(fn_url("categories.update?category_id=" . (string) $_smarty_tpl->tpl_vars['item']->value['content']['id']), ENT_QUOTES, 'UTF-8');
                                    ?>
"><?php 
                                    echo htmlspecialchars($_smarty_tpl->tpl_vars['item']->value['content']['category'], ENT_QUOTES, 'UTF-8');
                                    ?>
</a><br>                        
                                <?php 
                                }
                                ?>

                                <?php 
                                $_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "index:recent_activity_item"));
                                $_block_repeat = true;
                                echo smarty_block_hook(array('name' => "index:recent_activity_item"), null, $_smarty_tpl, $_block_repeat);
                                while ($_block_repeat) {
                                    ob_start();
                                    $_block_content = ob_get_clean();
                                    $_block_repeat = false;
                                    echo smarty_block_hook(array('name' => "index:recent_activity_item"), $_block_content, $_smarty_tpl, $_block_repeat);
                                }
                                array_pop($_smarty_tpl->smarty->_tag_stack);
                                ?>


                                <span class="date"><?php 
                                echo htmlspecialchars(smarty_modifier_date_format($_smarty_tpl->tpl_vars['item']->value['timestamp'], (string) $_smarty_tpl->tpl_vars['settings']->value['Appearance']['date_format'] . ", " . (string) $_smarty_tpl->tpl_vars['settings']->value['Appearance']['time_format']), ENT_QUOTES, 'UTF-8');
                                ?>
</span>
                            <?php 
                                $_block_content = ob_get_clean();
                                $_block_repeat = false;
                                echo smarty_block_hook(array('name' => "index:recent_activity"), $_block_content, $_smarty_tpl, $_block_repeat);
                            }
                            array_pop($_smarty_tpl->smarty->_tag_stack);
                            ?>

                        </div>
                    <?php 
                        }
                        ?>
                <?php 
                        $_smarty_tpl->tpl_vars = $saved_tpl_vars;
                        foreach (Smarty::$global_tpl_vars as $key => $value) {
                            if (!isset($_smarty_tpl->tpl_vars[$key])) {
                                $_smarty_tpl->tpl_vars[$key] = $value;
                            }
                        }
                    }
                }
                ?>


                <div class="dashboard-activity-list">
                    <?php 
                $_smarty_tpl->tpl_vars["item"] = new Smarty_Variable();
                $_smarty_tpl->tpl_vars["item"]->_loop = false;
                $_from = $_smarty_tpl->tpl_vars['logs']->value;
                if (!is_array($_from) && !is_object($_from)) {
                    settype($_from, 'array');
                }
                foreach ($_from as $_smarty_tpl->tpl_vars["item"]->key => $_smarty_tpl->tpl_vars["item"]->value) {
                    $_smarty_tpl->tpl_vars["item"]->_loop = true;
                    ?>
                        <?php 
                    smarty_template_function_show_log_row($_smarty_tpl, array('item' => $_smarty_tpl->tpl_vars['item']->value));
                    ?>

                    <?php 
                }
                ?>
                </div>
            </div>
        <?php 
            }
            ?>
    </div>
<!--dashboard--></div>
<?php 
            $_block_content = ob_get_clean();
            $_block_repeat = false;
            echo smarty_block_hook(array('name' => "index:index"), $_block_content, $_smarty_tpl, $_block_repeat);
        }
        array_pop($_smarty_tpl->smarty->_tag_stack);
        ?>


<?php 
        $_smarty_tpl->_capture_stack[0][] = array("buttons", null, null);
        ob_start();
        ?>
    <?php 
        echo $_smarty_tpl->getSubTemplate("common/daterange_picker.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('id' => "dashboard_date_picker", 'extra_class' => "pull-right offset1", 'data_url' => fn_url("index.index"), 'result_ids' => "dashboard", 'start_date' => $_smarty_tpl->tpl_vars['time_from']->value, 'end_date' => $_smarty_tpl->tpl_vars['time_to']->value), 0);
        ?>

<?php 
        list($_capture_buffer, $_capture_assign, $_capture_append) = array_pop($_smarty_tpl->_capture_stack[0]);
        if (!empty($_capture_buffer)) {
            if (isset($_capture_assign)) {
                $_smarty_tpl->assign($_capture_assign, ob_get_contents());
            }
            if (isset($_capture_append)) {
                $_smarty_tpl->append($_capture_append, ob_get_contents());
            }
            Smarty::$_smarty_vars['capture'][$_capture_buffer] = ob_get_clean();
        } else {
            $_smarty_tpl->capture_error();
        }
        list($_capture_buffer, $_capture_assign, $_capture_append) = array_pop($_smarty_tpl->_capture_stack[0]);
        if (!empty($_capture_buffer)) {
            if (isset($_capture_assign)) {
                $_smarty_tpl->assign($_capture_assign, ob_get_contents());
            }
            if (isset($_capture_append)) {
                $_smarty_tpl->append($_capture_append, ob_get_contents());
            }
            Smarty::$_smarty_vars['capture'][$_capture_buffer] = ob_get_clean();
        } else {
            $_smarty_tpl->capture_error();
        }
        ?>

<?php 
        echo $_smarty_tpl->getSubTemplate("common/mainbox.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('buttons' => Smarty::$_smarty_vars['capture']['buttons'], 'no_sidebar' => true, 'title' => __("dashboard"), 'content' => Smarty::$_smarty_vars['capture']['mainbox'], 'tools' => Smarty::$_smarty_vars['capture']['tools']), 0);
        ?>


<?php 
        $_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "index:welcome_dialog"));
        $_block_repeat = true;
        echo smarty_block_hook(array('name' => "index:welcome_dialog"), null, $_smarty_tpl, $_block_repeat);
        while ($_block_repeat) {
            ob_start();
            ?>

<?php 
            if ($_smarty_tpl->tpl_vars['show_welcome']->value) {
                ?>
    <div class="hidden cm-dialog-auto-open cm-dialog-auto-size" title="<?php 
                echo $_smarty_tpl->__("installer_complete_title");
                ?>
" id="after_install_dialog" data-ca-dialog-class="welcome-screen-dialog">
        <?php 
                $_smarty_tpl->tpl_vars["company"] = new Smarty_variable(fn_get_company_data("1"), null, 0);
                ?>
        <?php 
                if (fn_allowed_for("ULTIMATE")) {
                    ?>
            <?php 
                    ob_start();
                    echo htmlspecialchars(smarty_modifier_unpuny($_smarty_tpl->tpl_vars['company']->value['storefront']), ENT_QUOTES, 'UTF-8');
                    $_tmp1 = ob_get_clean();
                    $_smarty_tpl->tpl_vars['link_storefront'] = new Smarty_variable("http://" . $_tmp1, null, 0);
                    ?>
        <?php 
                } else {
                    ?>
            <?php 
                    ob_start();
                    echo htmlspecialchars(fn_url($_smarty_tpl->tpl_vars['config']->value['http_location']), ENT_QUOTES, 'UTF-8');
                    $_tmp2 = ob_get_clean();
                    $_smarty_tpl->tpl_vars['link_storefront'] = new Smarty_variable($_tmp2, null, 0);
                    ?>
        <?php 
                }
                ?>
        <div class="welcome-screen">
            <p>
                <?php 
                $_smarty_tpl->tpl_vars['user_data'] = new Smarty_variable(fn_get_user_info($_smarty_tpl->tpl_vars['auth']->value['user_id']), null, 0);
                ?>
                <?php 
                echo $_smarty_tpl->__("welcome_screen.administrator_info", array('[email]' => $_smarty_tpl->tpl_vars['user_data']->value['email']));
                ?>

            </p>
            <div class="welcome-location-wrapper clearfix">
                <div class="welcome-location-block pull-left center">
                    <h4 class="install-title"><?php 
                echo $_smarty_tpl->__("admin_panel");
                ?>
</h4>
                    <div class="welcome-screen-location welcome-screen-admin">
                        <div class="welcome-screen-overlay">
                            <a class="btn cm-dialog-closer welcome-screen-overlink"><?php 
                echo $_smarty_tpl->__("welcome_screen.go_admin_panel");
                ?>
</a>
                        </div>
                    </div>
                    <div class="welcome-screen-arrow"></div>
                    <p>
                        <?php 
                echo $_smarty_tpl->__("welcome_screen.go_settings_wizard");
                ?>

                    </p>
                    <?php 
                $_smarty_tpl->tpl_vars['c_url'] = new Smarty_variable(rawurlencode($_smarty_tpl->tpl_vars['config']->value['current_url']), null, 0);
                ?>
                    <a class="cm-dialog-opener cm-ajax btn btn-primary strong" data-ca-target-id="content_settings_wizard" title="<?php 
                echo $_smarty_tpl->__("settings_wizard");
                ?>
" href="<?php 
                echo htmlspecialchars(fn_url("settings_wizard.view?return_url=" . (string) $_smarty_tpl->tpl_vars['c_url']->value), ENT_QUOTES, 'UTF-8');
                ?>
" target="_blank"><?php 
                echo $_smarty_tpl->__("welcome_screen.run_settings_wizard");
                ?>
</a>
                </div>
                <div class="welcome-location-block pull-right center">
                    <h4 class="install-title"><?php 
                echo $_smarty_tpl->__("storefront");
                ?>
</h4>
                    <div class="welcome-screen-location welcome-screen-store">
                        <div class="welcome-screen-overlay">
                            <a class="btn welcome-screen-overlink" href="<?php 
                echo htmlspecialchars($_smarty_tpl->tpl_vars['link_storefront']->value, ENT_QUOTES, 'UTF-8');
                ?>
" target="_blank"><?php 
                echo $_smarty_tpl->__("welcome_screen.go_storefront");
                ?>
</a>
                        </div>
                    </div>
                    <div class="welcome-screen-arrow"></div>
                    <p>
                        <?php 
                echo $_smarty_tpl->__("welcome_screen.learn_more_configuration");
                ?>

                    </p>
                    <a class="kbase-link" href="<?php 
                echo htmlspecialchars($_smarty_tpl->tpl_vars['config']->value['resources']['knowledge_base'], ENT_QUOTES, 'UTF-8');
                ?>
" target="_blank"><?php 
                echo $_smarty_tpl->__("welcome_screen.knowledge_base");
                ?>
</a>
                </div>
            </div>
            <div class="welcome-screen-social center">
                <p>
                    <?php 
                echo $_smarty_tpl->__("welcome_screen.thanks", array("[product]" => @constant('PRODUCT_NAME')));
                ?>

                </p>
                <?php 
                echo $_smarty_tpl->getSubTemplate("common/share.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array(), 0);
                ?>

            </div>
        </div>
    </div>
<?php 
            }
            $_block_content = ob_get_clean();
            $_block_repeat = false;
            echo smarty_block_hook(array('name' => "index:welcome_dialog"), $_block_content, $_smarty_tpl, $_block_repeat);
        }
        array_pop($_smarty_tpl->smarty->_tag_stack);
        ?>

<?php 
    }
Esempio n. 12
0
 $cart['payment_info'] = !empty($_REQUEST['payment_info']) ? $_REQUEST['payment_info'] : array();
 list($order_id, $process_payment) = fn_place_order($cart, $customer_auth, $action, $auth['user_id']);
 if (!empty($order_id)) {
     if ($action != 'save') {
         $action = 'route';
     }
     if ($process_payment == true) {
         $payment_info = !empty($cart['payment_info']) ? $cart['payment_info'] : array();
         fn_start_payment($order_id, fn_get_notification_rules($_REQUEST), $payment_info);
     }
     if (!empty($_REQUEST['update_order']['details'])) {
         db_query('UPDATE ?:orders SET details = ?s WHERE order_id = ?i', $_REQUEST['update_order']['details'], $order_id);
     }
     $notification_rules = fn_get_notification_rules($_REQUEST);
     // change status if it posted
     if (!empty($_REQUEST['order_status']) && fn_check_permissions('orders', 'update_status', 'admin')) {
         $order_info = fn_get_order_short_info($order_id);
         if ($order_info['status'] != $_REQUEST['order_status']) {
             if ($process_payment == true) {
                 fn_set_notification('W', __('warning'), __('status_changed_after_process_payment'));
             } elseif (fn_change_order_status($order_id, $_REQUEST['order_status'], '', $notification_rules)) {
                 $order_info = fn_get_order_short_info($order_id);
                 $new_status = $order_info['status'];
                 if ($_REQUEST['order_status'] != $new_status) {
                     fn_set_notification('W', __('warning'), __('status_changed'));
                 }
             } else {
                 $error = false;
                 if ($order_info['is_parent_order'] == 'Y') {
                     $suborders = fn_get_suborders_info($order_id);
                     if ($suborders) {
Esempio n. 13
0
<?php

/***************************************************************************
*                                                                          *
*   (c) 2004 Vladimir V. Kalynyak, Alexey V. Vinokurov, Ilya M. Shalnev    *
*                                                                          *
* This  is  commercial  software,  only  users  who have purchased a valid *
* license  and  accept  to the terms of the  License Agreement can install *
* and use this program.                                                    *
*                                                                          *
****************************************************************************
* PLEASE READ THE FULL TEXT  OF THE SOFTWARE  LICENSE   AGREEMENT  IN  THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE.            *
****************************************************************************/
if (fn_check_permissions('seo_rules', 'manage', 'admin', 'GET')) {
    $schema['central']['website']['items']['seo']['href'] = 'seo_rules.manage';
}
$schema['central']['website']['items']['seo']['subitems']['seo_rules'] = array('attrs' => array('class' => 'is-addon'), 'href' => 'seo_rules.manage', 'position' => 100);
$schema['central']['website']['items']['seo']['subitems']['seo.redirects_manager'] = array('attrs' => array('class' => 'is-addon'), 'href' => 'seo_redirects.manage', 'position' => 200);
return $schema;
Esempio n. 14
0
 public function update($id, $params)
 {
     fn_define('ORDER_MANAGEMENT', true);
     $data = array();
     $valid_params = true;
     $status = Response::STATUS_BAD_REQUEST;
     if ($valid_params) {
         fn_clear_cart($cart, true);
         $customer_auth = fn_fill_auth(array(), array(), false, 'C');
         $cart_status = md5(serialize($cart));
         // Order info was not found or customer does not have enought permissions
         if (fn_form_cart($id, $cart, $customer_auth) && $cart_status != md5(serialize($cart))) {
             unset($params['product_groups']);
             if (empty($params['shipping_id'])) {
                 $shipping = reset($cart['shipping']);
                 if (!empty($shipping['shipping_id'])) {
                     $params['shipping_id'] = $shipping['shipping_id'];
                 }
             }
             $cart['order_id'] = $id;
             fn_calculate_cart_content($cart, $customer_auth);
             if (!empty($params['user_id'])) {
                 $cart['user_data'] = fn_get_user_info($params['user_id']);
             } elseif (!empty($params)) {
                 $cart['user_data'] = array_merge($cart['user_data'], $params);
             }
             if (!empty($cart['product_groups']) && !empty($params['shipping_id'])) {
                 foreach ($cart['product_groups'] as $key => $group) {
                     foreach ($group['shippings'] as $shipping_id => $shipping) {
                         if ($params['shipping_id'] == $shipping['shipping_id']) {
                             $cart['chosen_shipping'][$key] = $shipping_id;
                             break;
                         }
                     }
                 }
             }
             if (!empty($params['payment_id'])) {
                 if (!empty($params['payment_info'])) {
                     $cart['payment_info'] = $params['payment_info'];
                 } elseif ($params['payment_id'] != $cart['payment_id']) {
                     $cart['payment_info'] = array();
                 }
                 $cart['payment_id'] = $params['payment_id'];
             }
             if (!empty($params['products'])) {
                 $cart['products'] = $params['products'];
             }
             fn_calculate_cart_content($cart, $customer_auth);
             if (!empty($cart) && empty($cart['shipping_failed'])) {
                 $cart['parent_order_id'] = 0;
                 fn_update_payment_surcharge($cart, $customer_auth);
                 list($order_id, $order_status) = fn_update_order($cart, $id);
                 if ($order_id) {
                     if (!empty($params['status']) && fn_check_permissions('orders', 'update_status', 'admin')) {
                         fn_change_order_status($order_id, $params['status'], '', fn_get_notification_rules($params, false));
                     } elseif (!empty($order_status)) {
                         fn_change_order_status($order_id, $order_status, '', fn_get_notification_rules($params, false));
                     }
                     $status = Response::STATUS_OK;
                     $data = array('order_id' => $order_id);
                 }
             }
         }
     }
     return array('status' => $status, 'data' => $data);
 }
Esempio n. 15
0
/**
 * Create/update shipment
 *
 * @param array $shipment_data Array of shipment data.
 * @param int $shipment_id Shipment identifier
 * @param int $group_key Group number
 * @param bool $all_products
 * @param mixed $force_notification user notification flag (true/false), if not set, will be retrieved from status parameters
 * @return int $shipment_id
 */
function fn_update_shipment($shipment_data, $shipment_id = 0, $group_key = 0, $all_products = false, $force_notification = array())
{
    if (!empty($shipment_id)) {
        $arow = db_query("UPDATE ?:shipments SET tracking_number = ?s, carrier = ?s WHERE shipment_id = ?i", $shipment_data['tracking_number'], $shipment_data['carrier'], $shipment_id);
        if ($arow === false) {
            fn_set_notification('E', __('error'), __('object_not_found', array('[object]' => __('shipment'))), '', '404');
            $shipment_id = false;
        }
    } else {
        if (empty($shipment_data['order_id']) || empty($shipment_data['shipping_id'])) {
            return false;
        }
        $order_info = fn_get_order_info($shipment_data['order_id'], false, true, true);
        $use_shipments = Settings::instance()->getValue('use_shipments', '', $order_info['company_id']) == 'Y' ? true : false;
        if (!$use_shipments && empty($shipment_data['tracking_number']) && empty($shipment_data['tracking_number'])) {
            return false;
        }
        if (!$use_shipments && $all_products) {
            foreach ($order_info['product_groups'] as $group) {
                foreach ($group['products'] as $item_key => $product) {
                    if (!empty($product['extra']['group_key'])) {
                        if ($group_key == $product['extra']['group_key']) {
                            $shipment_data['products'][$item_key] = $product['amount'];
                        }
                    } elseif ($group_key == 0) {
                        $shipment_data['products'][$item_key] = $product['amount'];
                    }
                }
            }
        }
        if (!empty($shipment_data['products']) && fn_check_shipped_products($shipment_data['products'])) {
            fn_set_hook('create_shipment', $shipment_data, $order_info, $group_key, $all_products);
            foreach ($shipment_data['products'] as $key => $amount) {
                if (isset($order_info['products'][$key])) {
                    $amount = intval($amount);
                    if ($amount > $order_info['products'][$key]['amount'] - $order_info['products'][$key]['shipped_amount']) {
                        $shipment_data['products'][$key] = $order_info['products'][$key]['amount'] - $order_info['products'][$key]['shipped_amount'];
                    }
                }
            }
            if (fn_check_shipped_products($shipment_data['products'])) {
                $shipment_data['timestamp'] = time();
                $shipment_id = db_query("INSERT INTO ?:shipments ?e", $shipment_data);
                foreach ($shipment_data['products'] as $key => $amount) {
                    if ($amount == 0) {
                        continue;
                    }
                    $_data = array('item_id' => $key, 'shipment_id' => $shipment_id, 'order_id' => $shipment_data['order_id'], 'product_id' => $order_info['products'][$key]['product_id'], 'amount' => $amount);
                    db_query("INSERT INTO ?:shipment_items ?e", $_data);
                }
                if (fn_check_permissions('orders', 'update_status', 'admin') && !empty($shipment_data['order_status'])) {
                    fn_change_order_status($shipment_data['order_id'], $shipment_data['order_status']);
                }
                /**
                 * Called after new shipment creation.
                 *
                 * @param array $shipment_data Array of shipment data.
                 * @param array $order_info Shipment order info
                 * @param int $group_key Group number
                 * @param bool $all_products
                 * @param int $shipment_id Created shipment identifier
                 */
                fn_set_hook('create_shipment_post', $shipment_data, $order_info, $group_key, $all_products, $shipment_id);
                if (!empty($force_notification['C'])) {
                    $shipment = array('shipment_id' => $shipment_id, 'timestamp' => $shipment_data['timestamp'], 'shipping' => db_get_field('SELECT shipping FROM ?:shipping_descriptions WHERE shipping_id = ?i AND lang_code = ?s', $shipment_data['shipping_id'], $order_info['lang_code']), 'tracking_number' => $shipment_data['tracking_number'], 'carrier' => $shipment_data['carrier'], 'comments' => $shipment_data['comments'], 'items' => $shipment_data['products']);
                    Mailer::sendMail(array('to' => $order_info['email'], 'from' => 'company_orders_department', 'data' => array('shipment' => $shipment, 'order_info' => $order_info), 'tpl' => 'shipments/shipment_products.tpl', 'company_id' => $order_info['company_id']), 'C', $order_info['lang_code']);
                }
                fn_set_notification('N', __('notice'), __('shipment_has_been_created'));
            }
        } else {
            fn_set_notification('E', __('error'), __('products_for_shipment_not_selected'));
        }
    }
    return $shipment_id;
}
Esempio n. 16
0
/**
 * Dispathes the execution control to correct controller
 *
 * @return nothing
 */
function fn_dispatch($controller = '', $mode = '', $action = '', $dispatch_extra = '', $area = AREA)
{
    Debugger::checkpoint('After init');
    $auth = $_SESSION['auth'];
    $controller = empty($controller) ? Registry::get('runtime.controller') : $controller;
    $mode = empty($mode) ? Registry::get('runtime.mode') : $mode;
    $action = empty($action) ? Registry::get('runtime.action') : $action;
    $dispatch_extra = empty($dispatch_extra) ? Registry::get('runtime.dispatch_extra') : $dispatch_extra;
    fn_set_hook('before_dispatch', $controller, $mode, $action, $dispatch_extra, $area);
    $view = Registry::get('view');
    $run_controllers = true;
    $external = false;
    $status = CONTROLLER_STATUS_NO_PAGE;
    // CSRF protection
    if (fn_is_csrf_protection_enabled($auth) && !fn_csrf_validate_request(array('server' => $_SERVER, 'request' => $_REQUEST, 'session' => $_SESSION, 'controller' => $controller, 'mode' => $mode, 'action' => $action, 'dispatch_extra' => $dispatch_extra, 'area' => $area, 'auth' => $auth))) {
        fn_set_notification('E', __('error'), __('text_csrf_attack'));
        fn_redirect(fn_url());
    }
    // If $config['http_host'] was different from the domain name, there was redirection to $config['http_host'] value.
    if (strtolower(Registry::get('config.current_host')) != strtolower(REAL_HOST) && $_SERVER['REQUEST_METHOD'] == 'GET' && !defined('CONSOLE')) {
        if (!empty($_SERVER['REDIRECT_URL'])) {
            $qstring = $_SERVER['REDIRECT_URL'];
        } else {
            if (!empty($_SERVER['REQUEST_URI'])) {
                $qstring = $_SERVER['REQUEST_URI'];
            } else {
                $qstring = Registry::get('config.current_url');
            }
        }
        $curent_path = Registry::get('config.current_path');
        if (!empty($curent_path) && strpos($qstring, $curent_path) === 0) {
            $qstring = substr_replace($qstring, '', 0, fn_strlen($curent_path));
        }
        fn_redirect(Registry::get('config.current_location') . $qstring, false, true);
    }
    $upload_max_filesize = Bootstrap::getIniParam('upload_max_filesize');
    $post_max_size = Bootstrap::getIniParam('post_max_size');
    if (!defined('AJAX_REQUEST') && isset($_SERVER['CONTENT_LENGTH']) && ($_SERVER['CONTENT_LENGTH'] > fn_return_bytes($upload_max_filesize) || $_SERVER['CONTENT_LENGTH'] > fn_return_bytes($post_max_size))) {
        $max_size = fn_return_bytes($upload_max_filesize) < fn_return_bytes($post_max_size) ? $upload_max_filesize : $post_max_size;
        fn_set_notification('E', __('error'), __('text_forbidden_uploaded_file_size', array('[size]' => $max_size)));
        fn_redirect($_SERVER['HTTP_REFERER']);
    }
    // If URL contains session ID, remove it
    if (!defined('AJAX_REQUEST') && !empty($_REQUEST[Session::getName()]) && $_SERVER['REQUEST_METHOD'] == 'GET') {
        fn_redirect(fn_query_remove(Registry::get('config.current_url'), Session::getName()));
    }
    // If demo mode is enabled, check permissions FIX ME - why did we need one more user login check?
    if ($area == 'A') {
        if (Registry::get('config.demo_mode') == true) {
            $run_controllers = fn_check_permissions($controller, $mode, 'demo');
            if ($run_controllers == false) {
                fn_set_notification('W', __('demo_mode'), __('demo_mode_content_text'), 'K', 'demo_mode');
                if (defined('AJAX_REQUEST')) {
                    exit;
                }
                fn_delete_notification('changes_saved');
                $status = CONTROLLER_STATUS_REDIRECT;
                $_REQUEST['redirect_url'] = !empty($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : fn_url('');
            }
        } else {
            $run_controllers = fn_check_permissions($controller, $mode, 'admin', '', $_REQUEST);
            if ($run_controllers == false) {
                if (defined('AJAX_REQUEST')) {
                    $_info = Debugger::isActive() || fn_is_development() ? ' ' . $controller . '.' . $mode : '';
                    fn_set_notification('W', __('warning'), __('access_denied') . $_info);
                    exit;
                }
                $status = CONTROLLER_STATUS_DENIED;
            }
        }
    }
    if ($_SERVER['REQUEST_METHOD'] != 'POST' && !defined('AJAX_REQUEST')) {
        if ($area == 'A' && empty($_REQUEST['keep_location']) && !defined('CONSOLE')) {
            if (!defined('HTTPS') && Registry::get('settings.Security.secure_admin') == 'Y') {
                fn_redirect(Registry::get('config.https_location') . '/' . Registry::get('config.current_url'));
            } elseif (defined('HTTPS') && Registry::get('settings.Security.secure_admin') != 'Y') {
                fn_redirect(Registry::get('config.http_location') . '/' . Registry::get('config.current_url'));
            }
        } elseif ($area == 'C') {
            $secure_controllers = fn_get_secure_controllers();
            // if we are not on https but controller is secure, redirect to https
            if (!defined('HTTPS') && (Registry::get('settings.Security.secure_storefront') == 'full' || isset($secure_controllers[$controller]) && $secure_controllers[$controller] == 'active')) {
                fn_redirect(Registry::get('config.https_location') . '/' . Registry::get('config.current_url'), false, true);
            }
            // if we are on https and the controller is insecure, redirect to http
            if (defined('HTTPS') && Registry::get('settings.Security.secure_storefront') != 'full' && !isset($secure_controllers[$controller]) && Registry::get('settings.Security.keep_https') != 'Y') {
                fn_redirect(Registry::get('config.http_location') . '/' . Registry::get('config.current_url'), false, true);
            }
        }
    }
    LastView::instance()->prepare($_REQUEST);
    $controllers_cascade = array();
    $controllers_list = array('init');
    if ($run_controllers == true) {
        $controllers_list[] = $controller;
        $controllers_list = array_unique($controllers_list);
    }
    foreach ($controllers_list as $ctrl) {
        $core_controllers = fn_init_core_controllers($ctrl);
        list($addon_controllers) = fn_init_addon_controllers($ctrl);
        if (empty($core_controllers) && empty($addon_controllers)) {
            //$controllers_cascade = array(); // FIXME: controllers_cascade contains INIT. We should not clear initiation code.
            $status = CONTROLLER_STATUS_NO_PAGE;
            $run_controllers = false;
            break;
        }
        if (count($core_controllers) + count($addon_controllers) > 1) {
            throw new DeveloperException('Duplicate controller ' . $controller . var_export(array_merge($core_controllers, $addon_controllers), true));
        }
        $core_pre_controllers = fn_init_core_controllers($ctrl, GET_PRE_CONTROLLERS);
        $core_post_controllers = fn_init_core_controllers($ctrl, GET_POST_CONTROLLERS);
        list($addon_pre_controllers) = fn_init_addon_controllers($ctrl, GET_PRE_CONTROLLERS);
        list($addon_post_controllers, $addons) = fn_init_addon_controllers($ctrl, GET_POST_CONTROLLERS);
        // we put addon post-controller to the top of post-controller cascade if current addon serves this request
        if (count($addon_controllers)) {
            $addon_post_controllers = fn_reorder_post_controllers($addon_post_controllers, $addon_controllers[0]);
        }
        $controllers_cascade = array_merge($controllers_cascade, $addon_pre_controllers, $core_pre_controllers, $core_controllers, $addon_controllers, $core_post_controllers, $addon_post_controllers);
        if (empty($controllers_cascade)) {
            throw new DeveloperException("No controllers for: {$ctrl}");
        }
    }
    if ($mode == 'add') {
        $tpl = 'update.tpl';
    } elseif (strpos($mode, 'add_') === 0) {
        $tpl = str_replace('add_', 'update_', $mode) . '.tpl';
    } else {
        $tpl = $mode . '.tpl';
    }
    $view = Registry::get('view');
    if ($view->templateExists('views/' . $controller . '/' . $tpl)) {
        // try to find template in base views
        $view->assign('content_tpl', 'views/' . $controller . '/' . $tpl);
    } elseif (defined('LOADED_ADDON_PATH') && $view->templateExists('addons/' . LOADED_ADDON_PATH . '/views/' . $controller . '/' . $tpl)) {
        // try to find template in addon views
        $view->assign('content_tpl', 'addons/' . LOADED_ADDON_PATH . '/views/' . $controller . '/' . $tpl);
    } elseif (!empty($addons)) {
        // try to find template in addon views that extend base views
        foreach ($addons as $addon => $_v) {
            if ($view->templateExists('addons/' . $addon . '/views/' . $controller . '/' . $tpl)) {
                $view->assign('content_tpl', 'addons/' . $addon . '/views/' . $controller . '/' . $tpl);
                break;
            }
        }
    }
    /**
     * Performs actions after template assignment and before controller run
     *
     * @param string $controller          controller name
     * @param string $mode                controller mode name
     * @param string $area                current working area
     * @param array  $controllers_cascade list of controllers to run
     */
    fn_set_hook('dispatch_assign_template', $controller, $mode, $area, $controllers_cascade);
    foreach ($controllers_cascade as $item) {
        $_res = fn_run_controller($item, $controller, $mode, $action, $dispatch_extra);
        // 0 - status, 1 - url
        $url = !empty($_res[1]) ? $_res[1] : '';
        $external = !empty($_res[2]) ? $_res[2] : false;
        $permanent = !empty($_res[3]) ? $_res[3] : false;
        // Status could be changed only if we allow to run controllers despite of init controller
        if ($run_controllers == true) {
            $status = !empty($_res[0]) ? $_res[0] : CONTROLLER_STATUS_OK;
        }
        if ($status == CONTROLLER_STATUS_OK && !empty($url)) {
            $redirect_url = $url;
        } elseif ($status == CONTROLLER_STATUS_REDIRECT && !empty($url)) {
            $redirect_url = $url;
            break;
        } elseif ($status == CONTROLLER_STATUS_DENIED || $status == CONTROLLER_STATUS_NO_PAGE) {
            break;
        }
    }
    LastView::instance()->init($_REQUEST);
    // In console mode, just stop here
    if (defined('CONSOLE')) {
        $notifications = fn_get_notifications();
        $exit_code = 0;
        foreach ($notifications as $n) {
            fn_echo('[' . $n['title'] . '] ' . $n['message'] . "\n");
            if ($n['type'] == 'E') {
                $exit_code = 1;
            }
        }
        exit($exit_code);
    }
    if (!empty($auth['this_login']) && Registry::ifGet($auth['this_login'], 'N') === 'Y') {
        fn_set_notification('E', __('error'), __(ACCOUNT_TYPE . LOGIN_STATUS_USER_DISABLED));
        $status = CONTROLLER_STATUS_DENIED;
    }
    // [Block manager]
    // block manager is disabled for vendors.
    if (!(fn_allowed_for('MULTIVENDOR') && Registry::get('runtime.company_id') || fn_allowed_for('ULTIMATE') && !Registry::get('runtime.company_id'))) {
        if (fn_check_permissions('block_manager', 'manage', 'admin')) {
            $dynamic_object = SchemesManager::getDynamicObject($_REQUEST['dispatch'], $area, $_REQUEST);
            if (!empty($dynamic_object)) {
                if ($area == 'A' && Registry::get('runtime.mode') != 'add' && !empty($_REQUEST[$dynamic_object['key']])) {
                    $object_id = $_REQUEST[$dynamic_object['key']];
                    $location = Location::instance()->get($dynamic_object['customer_dispatch'], $dynamic_object, CART_LANGUAGE);
                    if (!empty($location) && $location['is_default'] != 1) {
                        $params = array('dynamic_object' => array('object_type' => $dynamic_object['object_type'], 'object_id' => $object_id), $dynamic_object['key'] => $object_id, 'manage_url' => Registry::get('config.current_url'));
                        Registry::set('navigation.tabs.blocks', array('title' => __('layouts'), 'href' => 'block_manager.manage_in_tab?' . http_build_query($params), 'ajax' => true));
                    }
                }
            }
        }
    }
    // [/Block manager]
    // Redirect if controller returned successful/redirect status only
    if (in_array($status, array(CONTROLLER_STATUS_OK, CONTROLLER_STATUS_REDIRECT)) && !empty($_REQUEST['redirect_url']) && !$external) {
        $redirect_url = $_REQUEST['redirect_url'];
    }
    // If controller returns "Redirect" status, check if redirect url exists
    if ($status == CONTROLLER_STATUS_REDIRECT && empty($redirect_url)) {
        $status = CONTROLLER_STATUS_NO_PAGE;
    }
    // In backend show "changes saved" notification
    if ($area == 'A' && $_SERVER['REQUEST_METHOD'] == 'POST' && in_array($status, array(CONTROLLER_STATUS_OK, CONTROLLER_STATUS_REDIRECT))) {
        if (strpos($mode, 'update') !== false && $mode != 'update_status' && $mode != 'update_mode' && !fn_notification_exists('extra', 'demo_mode') && !fn_notification_exists('type', 'E')) {
            fn_set_notification('N', __('notice'), __('text_changes_saved'), 'I', 'changes_saved');
        }
    }
    // Attach params and redirect if needed
    if (in_array($status, array(CONTROLLER_STATUS_OK, CONTROLLER_STATUS_REDIRECT)) && !empty($redirect_url)) {
        if (!isset($_REQUEST['return_to_list'])) {
            $params = array('page', 'selected_section', 'active_tab');
            $url_params = array();
            foreach ($params as $param) {
                if (!empty($_REQUEST[$param])) {
                    $url_params[$param] = $_REQUEST[$param];
                }
            }
            if (!empty($url_params)) {
                $redirect_url = fn_link_attach($redirect_url, http_build_query($url_params));
            }
        }
        if (!isset($external)) {
            $external = false;
        }
        if (!isset($permanent)) {
            $permanent = false;
        }
        fn_redirect($redirect_url, $external, $permanent);
    }
    if (!$view->getTemplateVars('content_tpl') && $status == CONTROLLER_STATUS_OK) {
        // FIXME
        $status = CONTROLLER_STATUS_NO_PAGE;
    }
    if ($status != CONTROLLER_STATUS_OK) {
        if ($status == CONTROLLER_STATUS_NO_PAGE) {
            if ($area == 'A' && empty($auth['user_id'])) {
                // If admin is not logged in redirect to login page from not found page
                fn_set_notification('W', __('page_not_found'), __('page_not_found_text'));
                fn_redirect("auth.login_form");
            }
            header(' ', true, 404);
        }
        $view->assign('exception_status', $status);
        if ($area == 'A') {
            $view->assign('content_tpl', 'exception.tpl');
            // for backend only
        }
        if ($status == CONTROLLER_STATUS_DENIED) {
            $view->assign('page_title', __('access_denied'));
        } elseif ($status == CONTROLLER_STATUS_NO_PAGE) {
            $view->assign('page_title', __('page_not_found'));
        }
    }
    fn_set_hook('dispatch_before_display');
    Debugger::checkpoint('Before TPL');
    // Pass current URL to ajax response only if we render whole page
    if (defined('AJAX_REQUEST') && Registry::get('runtime.root_template') == 'index.tpl') {
        Registry::get('ajax')->assign('current_url', fn_url(Registry::get('config.current_url'), $area, 'current'));
    }
    Registry::get('view')->display(Registry::get('runtime.root_template'));
    Debugger::checkpoint('After TPL');
    Debugger::display();
    fn_set_hook('complete');
    if (defined('AJAX_REQUEST')) {
        // HHVM workaround. Destroy Ajax object manually if it has been created.
        $ajax = Registry::get('ajax');
        $ajax = null;
    }
    exit;
    // stop execution
}
Esempio n. 17
0
/**
 * Dispathes the execution control to correct controller
 *
 * @return nothing
 */
function fn_dispatch()
{
    Profiler::checkpoint('After init');
    fn_set_hook('before_dispatch');
    $regexp = "/^[a-zA-Z0-9_\\+]+\$/";
    $view =& Registry::get('view');
    $run_controllers = true;
    $external = false;
    $status = CONTROLLER_STATUS_NO_PAGE;
    // Security
    if (Registry::get('config.tweaks.anti_csfr') == true) {
        if ($_SERVER['REQUEST_METHOD'] == 'POST' && (empty($_SESSION['security_hash']) || empty($_REQUEST['security_hash']) || $_REQUEST['security_hash'] != $_SESSION['security_hash'])) {
            die('Access denied: CSRF attack');
        }
    }
    //If $config['http_host'] was different from the domain name, there was redirection to $config['http_host'] value.
    if ((defined('HTTPS') ? Registry::get('config.https_host') : Registry::get('config.http_host')) != REAL_HOST && $_SERVER['REQUEST_METHOD'] == 'GET' && !defined('CONSOLE')) {
        fn_redirect((defined('HTTPS') ? Registry::get('config.https_location') : Registry::get('config.http_location')) . '/' . Registry::get('config.current_url'));
    }
    if (isset($_SERVER['CONTENT_LENGTH']) && ($_SERVER['CONTENT_LENGTH'] > fn_return_bytes(ini_get('upload_max_filesize')) || $_SERVER['CONTENT_LENGTH'] > fn_return_bytes(ini_get('post_max_size')))) {
        $max_size = fn_return_bytes(ini_get('upload_max_filesize')) < fn_return_bytes(ini_get('post_max_size')) ? ini_get('upload_max_filesize') : ini_get('post_max_size');
        $msg = fn_get_lang_var('text_forbidden_uploaded_file_size');
        $msg = str_replace('[size]', $max_size, $msg);
        fn_set_notification('E', fn_get_lang_var('error'), $msg);
        fn_redirect($_SERVER['HTTP_REFERER'], false);
    }
    // If URL contains session ID, remove it
    if (!empty($_REQUEST[SESS_NAME]) && $_SERVER['REQUEST_METHOD'] == 'GET') {
        fn_redirect(fn_query_remove(Registry::get('config.current_url'), SESS_NAME));
    }
    if (!preg_match($regexp, CONTROLLER) || !preg_match($regexp, MODE)) {
        $status = CONTROLLER_STATUS_NO_PAGE;
        $run_controllers = false;
    }
    // If demo mode is enabled, check permissions FIX ME - why did we need one more user login check?
    if (AREA == 'A') {
        if (Registry::get('config.demo_mode') == true) {
            $run_controllers = fn_check_permissions(CONTROLLER, MODE, 'demo');
            if ($run_controllers == false) {
                fn_set_notification('W', fn_get_lang_var('demo_mode'), fn_get_lang_var('demo_mode_content_text'));
                if (defined('AJAX_REQUEST')) {
                    exit;
                }
                $status = CONTROLLER_STATUS_REDIRECT;
                $_REQUEST['redirect_url'] = !empty($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : INDEX_SCRIPT;
            }
        } elseif (!empty($_SESSION['auth']['usergroup_ids']) || defined('COMPANY_ID')) {
            $run_controllers = fn_check_permissions(CONTROLLER, MODE, 'admin', '', $_REQUEST);
            if ($run_controllers == false) {
                if (defined('AJAX_REQUEST')) {
                    $ajax =& Registry::get('ajax');
                    $force_redirection = !empty($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
                    //$ajax->assign('force_redirection', $force_redirection);
                    $_info = defined('DEVELOPMENT') ? ' ' . CONTROLLER . '.' . MODE : '';
                    fn_set_notification('W', fn_get_lang_var('warning'), fn_get_lang_var('access_denied') . $_info, true);
                    exit;
                }
                $status = CONTROLLER_STATUS_DENIED;
            }
        }
    }
    // Check if request was rewritten and not handled
    // In this case this means that request was incorrect
    if (isset($_REQUEST['sef_rewrite'])) {
        $status = CONTROLLER_STATUS_NO_PAGE;
        $run_controllers = false;
    }
    if (AREA == 'A' && Registry::get('settings.General.secure_admin') == 'Y' && !defined('HTTPS') && $_SERVER['REQUEST_METHOD'] != 'POST' && !defined('AJAX_REQUEST') && empty($_REQUEST['keep_location']) && !defined('CONSOLE')) {
        fn_redirect(Registry::get('config.https_location') . '/' . Registry::get('config.current_url'));
    } elseif (AREA == 'C' && $_SERVER['REQUEST_METHOD'] != 'POST' && !defined('AJAX_REQUEST')) {
        $secure_controllers = fn_get_secure_controllers();
        // if we are not on https but controller is secure, redirect to https
        if (isset($secure_controllers[CONTROLLER]) && $secure_controllers[CONTROLLER] == 'active' && !defined('HTTPS')) {
            fn_redirect(Registry::get('config.https_location') . '/' . Registry::get('config.current_url'));
        }
        // if we are on https and the controller is insecure, redirect to http
        if (!isset($secure_controllers[CONTROLLER]) && defined('HTTPS') && Registry::get('settings.General.keep_https') != 'Y') {
            fn_redirect(Registry::get('config.http_location') . '/' . Registry::get('config.current_url'));
        }
    }
    if (AREA == 'A') {
        fn_init_last_view($_REQUEST);
    }
    $controllers_cascade = array();
    $controllers_list = array('init');
    if ($run_controllers == true) {
        $controllers_list[] = CONTROLLER;
        $controllers_list = array_unique($controllers_list);
    }
    foreach ($controllers_list as $ctrl) {
        $core_controllers = fn_init_core_controllers($ctrl);
        list($addon_controllers) = fn_init_addon_controllers($ctrl);
        if (empty($core_controllers) && empty($addon_controllers)) {
            $controllers_cascade = array();
            $status = CONTROLLER_STATUS_NO_PAGE;
            break;
        }
        if (count($core_controllers) + count($addon_controllers) > 1) {
            die('Duplicate controller ' . CONTROLLER . fn_print_r(array_merge($core_controllers, $addon_controllers), 1));
        }
        $core_pre_controllers = fn_init_core_controllers($ctrl, GET_PRE_CONTROLLERS);
        $core_post_controllers = fn_init_core_controllers($ctrl, GET_POST_CONTROLLERS);
        list($addon_pre_controllers) = fn_init_addon_controllers($ctrl, GET_PRE_CONTROLLERS);
        list($addon_post_controllers, $addons) = fn_init_addon_controllers($ctrl, GET_POST_CONTROLLERS);
        // we put addon post-controller to the top of post-controller cascade if current addon serves this request
        if (count($addon_controllers)) {
            $addon_post_controllers = fn_reorder_post_controllers($addon_post_controllers, $addon_controllers[0]);
        }
        $controllers_cascade = array_merge($controllers_cascade, $addon_pre_controllers, $core_pre_controllers, $core_controllers, $addon_controllers, $core_post_controllers, $addon_post_controllers);
        if (empty($controllers_cascade)) {
            die("No controllers for: {$controller}");
        }
    }
    if (MODE == 'add') {
        $tpl = 'update.tpl';
    } elseif (strpos(MODE, 'add_') === 0) {
        $tpl = str_replace('add_', 'update_', MODE) . '.tpl';
    } else {
        $tpl = MODE . '.tpl';
    }
    $view =& Registry::get('view');
    if ($view->template_exists('views/' . CONTROLLER . '/' . $tpl)) {
        // try to find template in base views
        $view->assign('content_tpl', 'views/' . CONTROLLER . '/' . $tpl);
    } elseif (defined('LOADED_ADDON_PATH') && $view->template_exists('addons/' . LOADED_ADDON_PATH . '/views/' . CONTROLLER . '/' . $tpl)) {
        // try to find template in addon views
        $view->assign('content_tpl', 'addons/' . LOADED_ADDON_PATH . '/views/' . CONTROLLER . '/' . $tpl);
    } elseif (!empty($addons)) {
        // try to find template in addon views that extend base views
        foreach ($addons as $addon => $_v) {
            if ($view->template_exists('addons/' . $addon . '/views/' . CONTROLLER . '/' . $tpl)) {
                $view->assign('content_tpl', 'addons/' . $addon . '/views/' . CONTROLLER . '/' . $tpl);
                break;
            }
        }
    }
    foreach ($controllers_cascade as $item) {
        $_res = fn_run_controller($item);
        // 0 - status, 1 - url
        $external = !empty($_res[2]) ? $_res[2] : false;
        $url = !empty($_res[1]) ? $_res[1] : '';
        // Status could be changed only if we allow to run controllers despite of init controller
        if ($run_controllers == true) {
            $status = !empty($_res[0]) ? $_res[0] : CONTROLLER_STATUS_OK;
        }
        if ($status == CONTROLLER_STATUS_OK && !empty($url)) {
            $redirect_url = $url;
        } elseif ($status == CONTROLLER_STATUS_REDIRECT && !empty($url)) {
            $redirect_url = $url;
            break;
        } elseif ($status == CONTROLLER_STATUS_DENIED || $status == CONTROLLER_STATUS_NO_PAGE) {
            break;
        }
    }
    if (AREA == 'A') {
        fn_init_view_tools($_REQUEST);
    }
    // In console mode, just stop here
    if (defined('CONSOLE')) {
        exit;
    }
    // Redirect if controller returned successful/redirect status only
    if (in_array($status, array(CONTROLLER_STATUS_OK, CONTROLLER_STATUS_REDIRECT)) && !empty($_REQUEST['redirect_url']) && !$external) {
        $redirect_url = $_REQUEST['redirect_url'];
    }
    // If controller returns "Redirect" status, check if redirect url exists
    if ($status == CONTROLLER_STATUS_REDIRECT && empty($redirect_url)) {
        $status = CONTROLLER_STATUS_NO_PAGE;
    }
    // Attach params and redirect if needed
    if (in_array($status, array(CONTROLLER_STATUS_OK, CONTROLLER_STATUS_REDIRECT)) && !empty($redirect_url)) {
        $params = array('page', 'selected_section');
        $url_params = array();
        foreach ($params as $param) {
            if (!empty($_REQUEST[$param])) {
                $url_params[] = "{$param}=" . $_REQUEST[$param];
            }
        }
        if (!empty($url_params)) {
            $redirect_url .= (strpos($redirect_url, '?') === false ? '?' : '&') . implode('&', $url_params);
        }
        if (!isset($external)) {
            $external = false;
        }
        fn_redirect($redirect_url, false, $external);
    }
    if (!$view->get_var('content_tpl') && $status == CONTROLLER_STATUS_OK) {
        // FIXME
        $status = CONTROLLER_STATUS_NO_PAGE;
    }
    if ($status != CONTROLLER_STATUS_OK) {
        if ($status == CONTROLLER_STATUS_NO_PAGE) {
            header(' ', true, 404);
        }
        $view->assign('exception_status', $status);
        $view->assign('content_tpl', 'exception.tpl');
        if ($status == CONTROLLER_STATUS_DENIED) {
            $view->assign('page_title', fn_get_lang_var('access_denied'));
        } elseif ($status == CONTROLLER_STATUS_NO_PAGE) {
            $view->assign('page_title', fn_get_lang_var('page_not_found'));
        }
        if (AREA != 'A') {
            Registry::set('root_template', 'exception.tpl');
        }
    }
    Profiler::checkpoint('Before TPL');
    Registry::get('view')->display(Registry::get('root_template'));
    Profiler::checkpoint('After TPL');
    Profiler::display();
    fn_set_hook('complete');
    exit;
    // stop execution
}