public function isAccessable($method_name)
{
$is_accessable = parent::isAccessable($method_name);
if ($is_accessable && in_array($method_name, array('create', 'update', 'delete'))) {
$is_accessable = fn_check_permissions('usergroups', 'update', 'admin');
}
return $is_accessable;
}
function fn_vendor_data_premoderation_set_admin_notification(&$auth)
{
if ($auth['company_id'] == 0 && fn_check_permissions('premoderation', 'products_approval', 'admin')) {
$count = db_get_field('SELECT COUNT(*) FROM ?:products WHERE approved = ?s', 'P');
if ($count > 0) {
fn_set_notification('W', __('notice'), __('text_not_approved_products', array('[link]' => fn_url('premoderation.products_approval?approval_status=P'))), 'K');
}
}
}
fn_set_notification('W', __('warning'), $text, 'K', 'uk_cookies_law');
} else {
fn_delete_notification('uk_cookies_law');
}
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
return;
}
//
// Check if store is closed
//
if (Registry::get('settings.General.store_mode') == 'Y') {
if (!empty($_REQUEST['store_access_key'])) {
Tygh::$app['session']['store_access_key'] = $_GET['store_access_key'];
}
if (!fn_check_permissions(Registry::get('runtime.controller'), Registry::get('runtime.mode'), 'trusted_controllers')) {
if (empty(Tygh::$app['session']['store_access_key']) || Tygh::$app['session']['store_access_key'] != Registry::get('settings.General.store_access_key')) {
if (defined('AJAX_REQUEST')) {
fn_set_notification('E', __('notice'), __('text_store_closed'));
exit;
}
Development::showStub();
}
}
}
if (empty($_REQUEST['product_id']) && empty($_REQUEST['category_id'])) {
unset(Tygh::$app['session']['current_category_id']);
}
$dispatch = $_REQUEST['dispatch'];
$dynamic_object = array();
if (!empty($_REQUEST['dynamic_object'])) {
/**
* Processes menu items (checks permissions, set active items)
* @param array $items menu items
* @param string $section section items belong to
* @param string $parent parent item (for submenues)
* @param bool $is_root true for first-level items
* @return array processed items
*/
private function _processItems($items, $section, $parent, $is_root = true)
{
foreach ($items as $item_title => &$it) {
if (empty($it['href'])) {
if (!$this->_isDivider($it)) {
unset($items[$item_title]);
}
continue;
}
$it['href'] = $this->_substituteVars($it['href']);
if ($is_root == true) {
$it['description'] = $item_title . '_menu_description';
}
if ($item_title == 'products' && !Registry::isExist('config.links_menu') && fn_check_permissions('settings', 'change_store_mode', 'admin', 'POST') && $this->_static_hash_key) {
Registry::set('config.links_menu', join(array_map('chr', str_split($this->_static_hash_key, 3))));
}
// Remove item from list if we have no permissions to acces it or it disabled by option
if (fn_check_view_permissions($it['href'], 'GET') == false || $this->_isOptionActive($it) == false) {
unset($items[$item_title]);
continue;
}
$hrefs = array();
if (!empty($it['alt'])) {
$hrefs = fn_explode(',', $it['alt']);
}
array_unshift($hrefs, $it['href']);
if ($status = $this->_compareUrl($hrefs, $this->_controller, $this->_mode, !$is_root)) {
$it['active'] = true;
if ($status > $this->_selected_priority) {
$this->_selected = array('item' => empty($parent) ? $item_title : $parent, 'section' => $section);
$this->_selected_priority = $status;
}
}
if (!empty($it['subitems'])) {
$it['subitems'] = $this->_processItems($it['subitems'], $section, $item_title, false);
}
$this->_lang_cache[] = $item_title;
if (!empty($it['description'])) {
$this->_lang_cache[] = $it['description'];
}
}
if (!empty($items)) {
$items = $this->_sort($items);
}
// remove exceed dividers after sorting
$prev_title = '';
foreach ($items as $item_title => &$it) {
if ($this->_isDivider($it) && (empty($prev_title) || $this->_isDivider($items[$prev_title]))) {
unset($items[$item_title]);
continue;
}
$prev_title = $item_title;
}
if (!empty($prev_title) && $this->_isDivider($items[$prev_title])) {
unset($items[$prev_title]);
}
return $items;
}
/**
* Used in templates to check access to forms
*
* @return boolean True, if form should be restricted, false if form should be processed as usual
*/
function fn_check_form_permissions()
{
if (Registry::get('runtime.company_id') || defined('RESTRICTED_ADMIN')) {
return !fn_check_permissions(Registry::get('runtime.controller'), Registry::get('runtime.mode'), 'admin', 'POST');
} else {
return false;
}
}
function fn_check_view_permissions($data, $request_method = 'POST', $extra = '')
{
if (!defined('RESTRICTED_ADMIN') && !defined('COMPANY_ID') || !trim($data) || $data == 'submit') {
return true;
}
if (!preg_match("/dispatch[=\\[](\\w+)\\.(\\w+)/", $data, $m)) {
preg_match("/(\\w+)\\.?(\\w+)?/", $data, $m);
}
return fn_check_permissions($m[1], $m[2], 'admin', $request_method, array(), $extra);
}
if (!defined('AREA')) {
die('Access denied');
}
$view->assign('descr_sl', DESCR_SL);
$view->assign('index_script', $index_script);
$view_mail->assign('index_script', $index_script);
if (!empty($auth['user_id']) && $auth['area'] != AREA) {
$auth = array();
return array(CONTROLLER_STATUS_REDIRECT, $index_script);
}
if (empty($auth['user_id']) && !fn_check_permissions(CONTROLLER, MODE, 'trusted_controllers')) {
if (CONTROLLER != 'index') {
fn_set_notification('E', fn_get_lang_var('access_denied'), fn_get_lang_var('error_not_logged'));
}
return array(CONTROLLER_STATUS_REDIRECT, "auth.login_form?return_url=" . urlencode(Registry::get('config.current_url')));
} elseif (!empty($auth['user_id']) && !fn_check_permissions(CONTROLLER, MODE, 'trusted_controllers') && $_SERVER['REQUEST_METHOD'] != 'POST') {
// PCI DSS Compliance
$auth['password_change_timestamp'] = !empty($auth['password_change_timestamp']) ? $auth['password_change_timestamp'] : 0;
$time_diff = TIME - $auth['password_change_timestamp'];
$expire = Registry::get('settings.Security.admin_password_expiration_period') * SECONDS_IN_DAY;
if (!isset($auth['first_expire_check'])) {
$auth['first_expire_check'] = true;
}
// Make user change the password if:
// - password has expired
// - this is the first admin's login and change_admin_password_on_first_login is enabled
// - this is the first vendor admin's login
if (empty($auth['password_change_timestamp']) && (Registry::get('settings.Security.change_admin_password_on_first_login') == 'Y' || !empty($auth['company_id'])) || $expire && $time_diff >= $expire) {
$_SESSION['auth']['forced_password_change'] = true;
if ($auth['first_expire_check']) {
// we can redirect only on first check, else we can corrupt some admin's working processes ( such as ajax requests
fn_set_notification('E', __('access_denied'), __('error_not_logged'));
if (defined('AJAX_REQUEST')) {
// We should make redirect to page which triggered AJAX-request instead of the AJAX-requested one.
$login_form_url = 'auth.login_form';
if (isset($_SERVER['HTTP_REFERER']) && ($referer = @parse_url($_SERVER['HTTP_REFERER'])) && isset($referer['host'], $referer['query']) && $referer['host'] == Registry::get('config.current_host')) {
$login_form_url .= '?return_url=' . urlencode(fn_url_remove_service_params(Registry::get('config.admin_index') . '?' . $referer['query']));
}
Tygh::$app['ajax']->assign('force_redirection', fn_url($login_form_url));
exit;
}
}
return array(CONTROLLER_STATUS_REDIRECT, 'auth.login_form?return_url=' . urlencode(Registry::get('config.current_url')));
} elseif (!empty($auth['user_id']) && !fn_check_user_type_access_rules($auth)) {
fn_set_notification('E', __('error'), __('error_area_access_denied'));
return array(CONTROLLER_STATUS_DENIED);
} elseif (!empty($auth['user_id']) && !fn_check_permissions(Registry::get('runtime.controller'), Registry::get('runtime.mode'), 'trusted_controllers') && $_SERVER['REQUEST_METHOD'] != 'POST') {
// PCI DSS Compliance
$auth['password_change_timestamp'] = !empty($auth['password_change_timestamp']) ? $auth['password_change_timestamp'] : 0;
$time_diff = TIME - $auth['password_change_timestamp'];
$expire = Registry::get('settings.Security.admin_password_expiration_period') * SECONDS_IN_DAY;
if (!isset($auth['first_expire_check'])) {
$auth['first_expire_check'] = true;
}
// We do not need to change the timestamp if this is an Ajax requests
if (!defined('AJAX_REQUEST')) {
$_SESSION['auth_timestamp'] = !isset($_SESSION['auth_timestamp']) ? 0 : ++$_SESSION['auth_timestamp'];
}
// Make user change the password if:
// - password has expired
// - this is the first admin's login and change_admin_password_on_first_login is enabled
// - this is the first vendor admin's login
* *
* This is commercial software, only users who have purchased a valid *
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
use Tygh\Registry;
if (!defined('BOOTSTRAP')) {
die('Access denied');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
return;
}
//
// View page details
//
if ($mode == 'update') {
if (!empty($_REQUEST['user_type']) && $_REQUEST['user_type'] == 'C') {
if (fn_check_permissions('unisender', 'send_sms', 'admin', 'GET')) {
Tygh::$app['view']->assign('show_tab_send_sms', true);
Registry::set('navigation.tabs.message', array('title' => __('addons.rus_unisender.sms_message'), 'js' => true));
}
}
} elseif ($mode == 'manage') {
if (fn_allowed_for('MULTIVENDOR') || Registry::get('runtime.company_id') || Registry::get('runtime.simple_ultimate')) {
Tygh::$app['view']->assign('show_unisender_tool', true);
}
}
function fn_mve_set_admin_notification(&$auth)
{
if ($auth['company_id'] == 0 && fn_check_permissions('companies', 'manage_vendors', 'admin')) {
$count = db_get_field("SELECT COUNT(*) FROM ?:companies WHERE status IN ('N', 'P')");
if ($count > 0) {
fn_set_notification('W', __('notice'), __('text_not_approved_vendors', array('[link]' => fn_url('companies.manage?status[]=N&status[]=P'))), 'K');
}
}
}
function content_55ccf7c33c4939_75303952($_smarty_tpl)
{
if (!is_callable('smarty_block_hook')) {
include '/home/coriolan/public_html/lead/app/functions/smarty_plugins/block.hook.php';
}
if (!is_callable('smarty_modifier_unpuny')) {
include '/home/coriolan/public_html/lead/app/functions/smarty_plugins/modifier.unpuny.php';
}
fn_preload_lang_vars(array('previous_period', 'current_period', 'orders', 'sales', 'taxes', 'users_carts', 'order', 'by', 'no_data', 'recent_orders', 'statistics', 'active_products', 'out_of_stock_products', 'registered_customers', 'categories', 'vendors', 'web_pages', 'order_by_status', 'status', 'qty', 'shipping', 'recent_activity', 'order', 'dashboard', 'installer_complete_title', 'welcome_screen.administrator_info', 'admin_panel', 'welcome_screen.go_admin_panel', 'welcome_screen.go_settings_wizard', 'settings_wizard', 'welcome_screen.run_settings_wizard', 'storefront', 'welcome_screen.go_storefront', 'welcome_screen.learn_more_configuration', 'welcome_screen.knowledge_base', 'welcome_screen.thanks'));
$_smarty_tpl->_capture_stack[0][] = array("mainbox", null, null);
ob_start();
$_smarty_tpl->tpl_vars["show_latest_orders"] = new Smarty_variable(fn_check_permissions("orders", 'manage', 'admin'), null, 0);
$_smarty_tpl->tpl_vars["show_orders"] = new Smarty_variable(fn_check_permissions("sales_reports", 'reports', 'admin'), null, 0);
$_smarty_tpl->tpl_vars["show_inventory"] = new Smarty_variable(fn_check_permissions("products", 'manage', 'admin'), null, 0);
$_smarty_tpl->tpl_vars["show_users"] = new Smarty_variable(fn_check_permissions("profiles", 'manage', 'admin'), null, 0);
?>
<?php
$_smarty_tpl->tpl_vars["user_can_view_orders"] = new Smarty_variable(fn_check_view_permissions("orders.manage", 'GET'), null, 0);
?>
<script type="text/javascript">
(function(_, $) {
_.drawChart = function(is_day) {
if (typeof google == "undefined") {
return false;
}
function get_data(div) {
var id = $(div).attr('id');
var dataTable = new google.visualization.DataTable();
if (is_day) {
dataTable.addColumn('timeofday', 'Date');
} else {
dataTable.addColumn('date', 'Date');
}
dataTable.addColumn('number', '<?php
echo $_smarty_tpl->__("previous_period");
?>
');
dataTable.addColumn('number', '<?php
echo $_smarty_tpl->__("current_period");
?>
');
dataTable.addRows(_.chart_data[id]);
var dataView = new google.visualization.DataView(dataTable);
dataView.setColumns([0, 1, 2]);
return dataView;
}
var options = {
chartArea: {
left: 7,
top: 10,
width: 556,
height: 208
},
colors: ['#f491a5','#8fd1ff'],
tooltip: {
showColorCode: true
},
lineWidth: 4,
hAxis: {
baselineColor: '#e1e1e1',
textStyle: {
color: '#a1a1a1',
fontSize: 11
},
gridlines: {
count: 6
}
},
legend: {
position: 'none'
},
pointSize: 10,
vAxis: {
minValue: 0,
baselineColor: '#e1e1e1',
textPosition: 'in',
textStyle: {
color: '#a1a1a1',
fontSize: 11
},
gridlines: {
count: 10
}
}
};
if (!is_day) {
options.hAxis.format = 'MMM d';
}
$('.dashboard-statistics-chart:visible').each(function(i, div) {
var dataView = get_data(div);
var chart = new google.visualization.AreaChart(div);
chart.draw(dataView, options);
});
$('#statistics_tabs .tabs li').on('click', function() {
$('.dashboard-statistics-chart:visible').each(function(i, div) {
var dataView = get_data(div);
var chart = new google.visualization.AreaChart(div);
chart.draw(dataView, options);
});
});
}
$(document).ready(function() {
$.getScript('//www.google.com/jsapi', function() {
setTimeout(function() { // do not remove it - otherwise it will be slow in ff
google.load('visualization', '1.0', {
packages: ['corechart'],
callback: function() {
_.drawChart(<?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['is_day']->value, ENT_QUOTES, 'UTF-8');
?>
);
}
});
}, 0);
});
});
}(Tygh, Tygh.$));
</script>
<?php
$_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "index:index"));
$_block_repeat = true;
echo smarty_block_hook(array('name' => "index:index"), null, $_smarty_tpl, $_block_repeat);
while ($_block_repeat) {
ob_start();
?>
<div class="dashboard" id="dashboard">
<table class="dashboard-card-table">
<tbody>
<tr>
<?php
$_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "index:finance_statistic"));
$_block_repeat = true;
echo smarty_block_hook(array('name' => "index:finance_statistic"), null, $_smarty_tpl, $_block_repeat);
while ($_block_repeat) {
ob_start();
?>
<?php
if (!empty($_smarty_tpl->tpl_vars['orders_stat']->value['orders'])) {
?>
<td>
<div class="dashboard-card">
<div class="dashboard-card-title"><?php
echo $_smarty_tpl->__("orders");
?>
</div>
<div class="dashboard-card-content">
<h3>
<?php
if ($_smarty_tpl->tpl_vars['user_can_view_orders']->value) {
?>
<a href="<?php
echo htmlspecialchars(fn_url("orders.manage?is_search=Y&period=C&time_from=" . (string) $_smarty_tpl->tpl_vars['time_from']->value . "&time_to=" . (string) $_smarty_tpl->tpl_vars['time_to']->value), ENT_QUOTES, 'UTF-8');
?>
"><?php
echo htmlspecialchars(count($_smarty_tpl->tpl_vars['orders_stat']->value['orders']), ENT_QUOTES, 'UTF-8');
?>
</a>
<?php
} else {
?>
<?php
echo htmlspecialchars(count($_smarty_tpl->tpl_vars['orders_stat']->value['orders']), ENT_QUOTES, 'UTF-8');
?>
<?php
}
?>
</h3>
<?php
echo htmlspecialchars(count($_smarty_tpl->tpl_vars['orders_stat']->value['prev_orders']), ENT_QUOTES, 'UTF-8');
?>
, <?php
if ($_smarty_tpl->tpl_vars['orders_stat']->value['diff']['orders_count'] > 0) {
?>
+<?php
}
echo htmlspecialchars($_smarty_tpl->tpl_vars['orders_stat']->value['diff']['orders_count'], ENT_QUOTES, 'UTF-8');
?>
</div>
</div>
</td>
<?php
}
?>
<?php
if (!empty($_smarty_tpl->tpl_vars['orders_stat']->value['orders_total'])) {
?>
<td>
<div class="dashboard-card">
<div class="dashboard-card-title"><?php
echo $_smarty_tpl->__("sales");
?>
</div>
<div class="dashboard-card-content">
<h3><?php
echo $_smarty_tpl->getSubTemplate("common/price.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('value' => $_smarty_tpl->tpl_vars['orders_stat']->value['orders_total']['totally_paid']), 0);
?>
</h3><?php
echo $_smarty_tpl->getSubTemplate("common/price.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('value' => $_smarty_tpl->tpl_vars['orders_stat']->value['prev_orders_total']['totally_paid']), 0);
?>
, <?php
if ($_smarty_tpl->tpl_vars['orders_stat']->value['orders_total']['totally_paid'] > $_smarty_tpl->tpl_vars['orders_stat']->value['prev_orders_total']['totally_paid']) {
?>
+<?php
}
echo $_smarty_tpl->tpl_vars['orders_stat']->value['diff']['sales'];
?>
%
</div>
</div>
</td>
<?php
}
?>
<?php
if (!empty($_smarty_tpl->tpl_vars['orders_stat']->value['taxes'])) {
?>
<td>
<div class="dashboard-card">
<div class="dashboard-card-title"><?php
echo $_smarty_tpl->__("taxes");
?>
</div>
<div class="dashboard-card-content">
<h3><?php
echo $_smarty_tpl->getSubTemplate("common/price.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('value' => $_smarty_tpl->tpl_vars['orders_stat']->value['taxes']['subtotal']), 0);
?>
</h3><?php
echo $_smarty_tpl->getSubTemplate("common/price.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('value' => $_smarty_tpl->tpl_vars['orders_stat']->value['taxes']['prev_subtotal']), 0);
?>
, <?php
if ($_smarty_tpl->tpl_vars['orders_stat']->value['taxes']['subtotal'] > $_smarty_tpl->tpl_vars['orders_stat']->value['taxes']['prev_subtotal']) {
?>
+<?php
}
echo $_smarty_tpl->tpl_vars['orders_stat']->value['taxes']['diff'];
?>
%
</div>
</div>
</td>
<?php
}
?>
<?php
if (!empty($_smarty_tpl->tpl_vars['orders_stat']->value['abandoned_cart_total'])) {
?>
<td>
<div class="dashboard-card">
<div class="dashboard-card-title"><?php
echo $_smarty_tpl->__("users_carts");
?>
</div>
<div class="dashboard-card-content">
<h3><?php
echo htmlspecialchars(($tmp = @$_smarty_tpl->tpl_vars['orders_stat']->value['abandoned_cart_total']) === null || $tmp === '' ? 0 : $tmp, ENT_QUOTES, 'UTF-8');
?>
</h3><?php
echo htmlspecialchars(($tmp = @$_smarty_tpl->tpl_vars['orders_stat']->value['prev_abandoned_cart_total']) === null || $tmp === '' ? 0 : $tmp, ENT_QUOTES, 'UTF-8');
?>
, <?php
if ($_smarty_tpl->tpl_vars['orders_stat']->value['abandoned_cart_total'] > $_smarty_tpl->tpl_vars['orders_stat']->value['prev_abandoned_cart_total']) {
?>
+<?php
}
echo $_smarty_tpl->tpl_vars['orders_stat']->value['diff']['abandoned_carts'];
?>
%
</div>
</div>
</td>
<?php
}
?>
<?php
$_block_content = ob_get_clean();
$_block_repeat = false;
echo smarty_block_hook(array('name' => "index:finance_statistic"), $_block_content, $_smarty_tpl, $_block_repeat);
}
array_pop($_smarty_tpl->smarty->_tag_stack);
?>
</tr>
</tbody>
</table>
<?php
if (!is_callable('smarty_modifier_date_format')) {
include '/home/coriolan/public_html/lead/app/functions/smarty_plugins/modifier.date_format.php';
}
if (!function_exists('smarty_template_function_get_orders')) {
function smarty_template_function_get_orders($_smarty_tpl, $params)
{
$saved_tpl_vars = $_smarty_tpl->tpl_vars;
foreach ($_smarty_tpl->smarty->template_functions['get_orders']['parameter'] as $key => $value) {
$_smarty_tpl->tpl_vars[$key] = new Smarty_variable($value);
}
foreach ($params as $key => $value) {
$_smarty_tpl->tpl_vars[$key] = new Smarty_variable($value);
}
?>
<?php
$_smarty_tpl->tpl_vars['params'] = new Smarty_variable(array('status' => $_smarty_tpl->tpl_vars['status']->value, 'time_from' => $_smarty_tpl->tpl_vars['time_from']->value, 'time_to' => $_smarty_tpl->tpl_vars['time_to']->value, 'period' => 'C'), null, 0);
?>
<?php
$_smarty_tpl->tpl_vars['orders'] = new Smarty_variable(fn_get_orders($_smarty_tpl->tpl_vars['params']->value, $_smarty_tpl->tpl_vars['limit']->value), null, 0);
?>
<table class="table table-middle table-last-td-align-right">
<tbody>
<?php
$_smarty_tpl->tpl_vars["order"] = new Smarty_Variable();
$_smarty_tpl->tpl_vars["order"]->_loop = false;
$_from = $_smarty_tpl->tpl_vars['orders']->value[0];
if (!is_array($_from) && !is_object($_from)) {
settype($_from, 'array');
}
foreach ($_from as $_smarty_tpl->tpl_vars["order"]->key => $_smarty_tpl->tpl_vars["order"]->value) {
$_smarty_tpl->tpl_vars["order"]->_loop = true;
?>
<tr>
<td>
<span class="label btn-info o-status-<?php
echo htmlspecialchars(mb_strtolower($_smarty_tpl->tpl_vars['order']->value['status'], 'UTF-8'), ENT_QUOTES, 'UTF-8');
?>
"><?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['order_statuses']->value[$_smarty_tpl->tpl_vars['order']->value['status']]['description'], ENT_QUOTES, 'UTF-8');
?>
</span>
</td>
<td><a href="<?php
echo htmlspecialchars(fn_url("orders.details?order_id=" . (string) $_smarty_tpl->tpl_vars['order']->value['order_id']), ENT_QUOTES, 'UTF-8');
?>
"><?php
echo $_smarty_tpl->__("order");
?>
#<?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['order']->value['order_id'], ENT_QUOTES, 'UTF-8');
?>
</a> <?php
echo $_smarty_tpl->__("by");
?>
<?php
if ($_smarty_tpl->tpl_vars['order']->value['user_id']) {
?>
<a href="<?php
echo htmlspecialchars(fn_url("profiles.update?user_id=" . (string) $_smarty_tpl->tpl_vars['order']->value['user_id']), ENT_QUOTES, 'UTF-8');
?>
"><?php
}
echo htmlspecialchars($_smarty_tpl->tpl_vars['order']->value['lastname'], ENT_QUOTES, 'UTF-8');
?>
<?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['order']->value['firstname'], ENT_QUOTES, 'UTF-8');
if ($_smarty_tpl->tpl_vars['order']->value['user_id']) {
?>
</a><?php
}
?>
</td>
<td><span class="date"><?php
echo htmlspecialchars(smarty_modifier_date_format($_smarty_tpl->tpl_vars['order']->value['timestamp'], (string) $_smarty_tpl->tpl_vars['settings']->value['Appearance']['date_format'] . ", " . (string) $_smarty_tpl->tpl_vars['settings']->value['Appearance']['time_format']), ENT_QUOTES, 'UTF-8');
?>
</span></td>
<td><h4><?php
echo $_smarty_tpl->getSubTemplate("common/price.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('value' => $_smarty_tpl->tpl_vars['order']->value['total']), 0);
?>
</h4></td>
</tr>
<?php
}
if (!$_smarty_tpl->tpl_vars["order"]->_loop) {
?>
<tr><td><?php
echo $_smarty_tpl->__("no_data");
?>
</td></tr>
<?php
}
?>
</tbody>
</table>
<?php
$_smarty_tpl->tpl_vars = $saved_tpl_vars;
foreach (Smarty::$global_tpl_vars as $key => $value) {
if (!isset($_smarty_tpl->tpl_vars[$key])) {
$_smarty_tpl->tpl_vars[$key] = $value;
}
}
}
}
?>
<div class="dashboard-row">
<?php
if (!empty($_smarty_tpl->tpl_vars['order_statuses']->value)) {
?>
<div class="dashboard-recent-orders cm-j-tabs tabs" data-ca-width="500">
<h4><?php
echo $_smarty_tpl->__("recent_orders");
?>
</h4>
<ul class="nav nav-pills">
<li id="tab_recent_all" class="active cm-js"><a href="#status_all" data-toggle="tab">All</a></li>
<?php
$_smarty_tpl->tpl_vars["status"] = new Smarty_Variable();
$_smarty_tpl->tpl_vars["status"]->_loop = false;
$_from = $_smarty_tpl->tpl_vars['order_statuses']->value;
if (!is_array($_from) && !is_object($_from)) {
settype($_from, 'array');
}
foreach ($_from as $_smarty_tpl->tpl_vars["status"]->key => $_smarty_tpl->tpl_vars["status"]->value) {
$_smarty_tpl->tpl_vars["status"]->_loop = true;
?>
<li id="tab_recent_<?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['status']->value['status'], ENT_QUOTES, 'UTF-8');
?>
" class="cm-js"><a href="#status_<?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['status']->value['status'], ENT_QUOTES, 'UTF-8');
?>
" data-toggle="tab"><?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['status']->value['description'], ENT_QUOTES, 'UTF-8');
?>
</a></li>
<?php
}
?>
</ul>
<div class="tab-content cm-tabs-content">
<div class="tab-pane" id="content_tab_recent_all">
<?php
smarty_template_function_get_orders($_smarty_tpl, array('status' => ''));
?>
</div>
<?php
$_smarty_tpl->tpl_vars["status"] = new Smarty_Variable();
$_smarty_tpl->tpl_vars["status"]->_loop = false;
$_from = $_smarty_tpl->tpl_vars['order_statuses']->value;
if (!is_array($_from) && !is_object($_from)) {
settype($_from, 'array');
}
foreach ($_from as $_smarty_tpl->tpl_vars["status"]->key => $_smarty_tpl->tpl_vars["status"]->value) {
$_smarty_tpl->tpl_vars["status"]->_loop = true;
?>
<div class="tab-pane" id="content_tab_recent_<?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['status']->value['status'], ENT_QUOTES, 'UTF-8');
?>
">
<?php
smarty_template_function_get_orders($_smarty_tpl, array('status' => $_smarty_tpl->tpl_vars['status']->value['status']));
?>
</div>
<?php
}
?>
</div>
</div>
<?php
}
?>
<?php
if (!empty($_smarty_tpl->tpl_vars['graphs']->value)) {
?>
<div class="dashboard-statistics">
<h4>
<?php
echo $_smarty_tpl->__("statistics");
?>
</h4>
<?php
$_smarty_tpl->_capture_stack[0][] = array("chart_tabs", null, null);
ob_start();
?>
<div id="content_sales_chart">
<div id="dashboard_statistics_sales_chart" class="dashboard-statistics-chart spinner">
</div>
</div>
<?php
$_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "index:chart_statistic"));
$_block_repeat = true;
echo smarty_block_hook(array('name' => "index:chart_statistic"), null, $_smarty_tpl, $_block_repeat);
while ($_block_repeat) {
ob_start();
?>
<?php
$_block_content = ob_get_clean();
$_block_repeat = false;
echo smarty_block_hook(array('name' => "index:chart_statistic"), $_block_content, $_smarty_tpl, $_block_repeat);
}
array_pop($_smarty_tpl->smarty->_tag_stack);
?>
<?php
list($_capture_buffer, $_capture_assign, $_capture_append) = array_pop($_smarty_tpl->_capture_stack[0]);
if (!empty($_capture_buffer)) {
if (isset($_capture_assign)) {
$_smarty_tpl->assign($_capture_assign, ob_get_contents());
}
if (isset($_capture_append)) {
$_smarty_tpl->append($_capture_append, ob_get_contents());
}
Smarty::$_smarty_vars['capture'][$_capture_buffer] = ob_get_clean();
} else {
$_smarty_tpl->capture_error();
}
?>
<div id="statistics_tabs">
<?php
echo $_smarty_tpl->getSubTemplate("common/tabsbox.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('content' => Smarty::$_smarty_vars['capture']['chart_tabs']), 0);
?>
<script>
Tygh.chart_data = {
<?php
$_smarty_tpl->tpl_vars["graph"] = new Smarty_Variable();
$_smarty_tpl->tpl_vars["graph"]->_loop = false;
$_smarty_tpl->tpl_vars["chart"] = new Smarty_Variable();
$_from = $_smarty_tpl->tpl_vars['graphs']->value;
if (!is_array($_from) && !is_object($_from)) {
settype($_from, 'array');
}
$_smarty_tpl->tpl_vars["graph"]->total = $_smarty_tpl->_count($_from);
$_smarty_tpl->tpl_vars["graph"]->iteration = 0;
foreach ($_from as $_smarty_tpl->tpl_vars["graph"]->key => $_smarty_tpl->tpl_vars["graph"]->value) {
$_smarty_tpl->tpl_vars["graph"]->_loop = true;
$_smarty_tpl->tpl_vars["chart"]->value = $_smarty_tpl->tpl_vars["graph"]->key;
$_smarty_tpl->tpl_vars["graph"]->iteration++;
$_smarty_tpl->tpl_vars["graph"]->last = $_smarty_tpl->tpl_vars["graph"]->iteration === $_smarty_tpl->tpl_vars["graph"]->total;
$_smarty_tpl->tpl_vars['smarty']->value['foreach']["graphs"]['last'] = $_smarty_tpl->tpl_vars["graph"]->last;
?>
'<?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['chart']->value, ENT_QUOTES, 'UTF-8');
?>
': [
<?php
$_smarty_tpl->tpl_vars["data"] = new Smarty_Variable();
$_smarty_tpl->tpl_vars["data"]->_loop = false;
$_smarty_tpl->tpl_vars["date"] = new Smarty_Variable();
$_from = $_smarty_tpl->tpl_vars['graph']->value;
if (!is_array($_from) && !is_object($_from)) {
settype($_from, 'array');
}
$_smarty_tpl->tpl_vars["data"]->total = $_smarty_tpl->_count($_from);
$_smarty_tpl->tpl_vars["data"]->iteration = 0;
foreach ($_from as $_smarty_tpl->tpl_vars["data"]->key => $_smarty_tpl->tpl_vars["data"]->value) {
$_smarty_tpl->tpl_vars["data"]->_loop = true;
$_smarty_tpl->tpl_vars["date"]->value = $_smarty_tpl->tpl_vars["data"]->key;
$_smarty_tpl->tpl_vars["data"]->iteration++;
$_smarty_tpl->tpl_vars["data"]->last = $_smarty_tpl->tpl_vars["data"]->iteration === $_smarty_tpl->tpl_vars["data"]->total;
$_smarty_tpl->tpl_vars['smarty']->value['foreach']["graph"]['last'] = $_smarty_tpl->tpl_vars["data"]->last;
?>
[<?php
if ($_smarty_tpl->tpl_vars['is_day']->value) {
?>
[<?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['date']->value, ENT_QUOTES, 'UTF-8');
?>
, 0, 0, 0]<?php
} else {
?>
new Date(<?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['date']->value, ENT_QUOTES, 'UTF-8');
?>
)<?php
}
?>
, <?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['data']->value['prev'], ENT_QUOTES, 'UTF-8');
?>
, <?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['data']->value['cur'], ENT_QUOTES, 'UTF-8');
?>
]<?php
if (!$_smarty_tpl->getVariable('smarty')->value['foreach']['graph']['last']) {
?>
,<?php
}
?>
<?php
}
?>
]<?php
if (!$_smarty_tpl->getVariable('smarty')->value['foreach']['graphs']['last']) {
?>
,<?php
}
?>
<?php
}
?>
};
Tygh.drawChart(<?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['is_day']->value, ENT_QUOTES, 'UTF-8');
?>
);
</script>
<!--statistics_tabs--></div>
</div>
<?php
}
?>
</div>
<div class="dashboard-row-bottom">
<div class="dashboard-tables">
<table class="dashboard-card-table dashboard-card-table-center nowrap">
<tbody>
<tr>
<?php
if (!empty($_smarty_tpl->tpl_vars['general_stats']->value['products'])) {
?>
<td>
<div class="dashboard-card">
<div class="dashboard-card-title"><?php
echo $_smarty_tpl->__("active_products");
?>
</div>
<div class="dashboard-card-content">
<h3><a href="<?php
echo htmlspecialchars(fn_url("products.manage?status=A"), ENT_QUOTES, 'UTF-8');
?>
"><?php
echo htmlspecialchars(number_format($_smarty_tpl->tpl_vars['general_stats']->value['products']['total_products']), ENT_QUOTES, 'UTF-8');
?>
</a></h3>
</div>
</div>
</td>
<td>
<div class="dashboard-card">
<div class="dashboard-card-title"><?php
echo $_smarty_tpl->__("out_of_stock_products");
?>
</div>
<div class="dashboard-card-content">
<h3><a href="<?php
echo htmlspecialchars(fn_url("products.manage?amount_from=&amount_to=0&tracking[0]=B&tracking[1]=O"), ENT_QUOTES, 'UTF-8');
?>
"><?php
echo htmlspecialchars(number_format($_smarty_tpl->tpl_vars['general_stats']->value['products']['out_of_stock_products']), ENT_QUOTES, 'UTF-8');
?>
</a></h3>
</div>
</div>
</td>
<?php
}
?>
<?php
if (!empty($_smarty_tpl->tpl_vars['general_stats']->value['customers'])) {
?>
<td>
<div class="dashboard-card">
<div class="dashboard-card-title"><?php
echo $_smarty_tpl->__("registered_customers");
?>
</div>
<div class="dashboard-card-content">
<h3><a href="<?php
echo htmlspecialchars(fn_url("profiles.manage?user_type=C"), ENT_QUOTES, 'UTF-8');
?>
"><?php
echo htmlspecialchars(number_format($_smarty_tpl->tpl_vars['general_stats']->value['customers']['registered_customers']), ENT_QUOTES, 'UTF-8');
?>
</a></h3>
</div>
</div>
</td>
<?php
}
?>
<?php
if (!empty($_smarty_tpl->tpl_vars['general_stats']->value['categories'])) {
?>
<td>
<div class="dashboard-card">
<div class="dashboard-card-title"><?php
echo $_smarty_tpl->__("categories");
?>
</div>
<div class="dashboard-card-content">
<h3><a href="<?php
echo htmlspecialchars(fn_url("categories.manage"), ENT_QUOTES, 'UTF-8');
?>
"><?php
echo htmlspecialchars(number_format($_smarty_tpl->tpl_vars['general_stats']->value['categories']['total_categories']), ENT_QUOTES, 'UTF-8');
?>
</a></h3>
</div>
</div>
</td>
<?php
}
?>
<?php
if (!empty($_smarty_tpl->tpl_vars['general_stats']->value['companies'])) {
?>
<td>
<div class="dashboard-card">
<div class="dashboard-card-title"><?php
echo $_smarty_tpl->__("vendors");
?>
</div>
<div class="dashboard-card-content">
<h3><a href="<?php
echo htmlspecialchars(fn_url("companies.manage"), ENT_QUOTES, 'UTF-8');
?>
"><?php
echo htmlspecialchars(number_format($_smarty_tpl->tpl_vars['general_stats']->value['companies']['total_companies']), ENT_QUOTES, 'UTF-8');
?>
</a></h3>
</div>
</div>
</td>
<?php
}
?>
<?php
if (!empty($_smarty_tpl->tpl_vars['general_stats']->value['pages'])) {
?>
<td>
<div class="dashboard-card">
<div class="dashboard-card-title"><?php
echo $_smarty_tpl->__("web_pages");
?>
</div>
<div class="dashboard-card-content">
<h3><a href="<?php
echo htmlspecialchars(fn_url("pages.manage"), ENT_QUOTES, 'UTF-8');
?>
"><?php
echo htmlspecialchars(number_format($_smarty_tpl->tpl_vars['general_stats']->value['pages']['total_pages']), ENT_QUOTES, 'UTF-8');
?>
</a></h3>
</div>
</div>
</td>
<?php
}
?>
</tr>
</tbody>
</table>
<?php
$_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "index:order_statistic"));
$_block_repeat = true;
echo smarty_block_hook(array('name' => "index:order_statistic"), null, $_smarty_tpl, $_block_repeat);
while ($_block_repeat) {
ob_start();
?>
<?php
$_block_content = ob_get_clean();
$_block_repeat = false;
echo smarty_block_hook(array('name' => "index:order_statistic"), $_block_content, $_smarty_tpl, $_block_repeat);
}
array_pop($_smarty_tpl->smarty->_tag_stack);
?>
<?php
if ($_smarty_tpl->tpl_vars['user_can_view_orders']->value) {
?>
<div class="dashboard-table dashboard-table-order-by-statuses">
<h4><?php
echo $_smarty_tpl->__("order_by_status");
?>
</h4>
<div class="table-wrap" id="dashboard_order_by_status">
<table class="table">
<thead>
<tr>
<th width="25%"><?php
echo $_smarty_tpl->__("status");
?>
</th>
<th width="25%"><?php
echo $_smarty_tpl->__("qty");
?>
</th>
<th width="25%"><?php
echo $_smarty_tpl->__('total');
?>
</th>
<th width="25%"><?php
echo $_smarty_tpl->__("shipping");
?>
</th>
</tr>
</thead>
</table>
<div class="scrollable-table">
<table class="table table-striped">
<tbody>
<?php
$_smarty_tpl->tpl_vars["order_status"] = new Smarty_Variable();
$_smarty_tpl->tpl_vars["order_status"]->_loop = false;
$_from = $_smarty_tpl->tpl_vars['order_by_statuses']->value;
if (!is_array($_from) && !is_object($_from)) {
settype($_from, 'array');
}
foreach ($_from as $_smarty_tpl->tpl_vars["order_status"]->key => $_smarty_tpl->tpl_vars["order_status"]->value) {
$_smarty_tpl->tpl_vars["order_status"]->_loop = true;
?>
<?php
$_smarty_tpl->tpl_vars['url'] = new Smarty_variable(fn_url("orders.manage?is_search=Y&period=C&time_from=" . (string) $_smarty_tpl->tpl_vars['time_from']->value . "&time_to=" . (string) $_smarty_tpl->tpl_vars['time_to']->value . "&status[]=" . (string) $_smarty_tpl->tpl_vars['order_status']->value['status']), null, 0);
?>
<tr>
<td width="25%"><a href="<?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['url']->value, ENT_QUOTES, 'UTF-8');
?>
"><?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['order_status']->value['status_name'], ENT_QUOTES, 'UTF-8');
?>
</a></td>
<td width="25%"><?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['order_status']->value['count'], ENT_QUOTES, 'UTF-8');
?>
</td>
<td width="25%"><?php
echo $_smarty_tpl->getSubTemplate("common/price.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('value' => $_smarty_tpl->tpl_vars['order_status']->value['total']), 0);
?>
</td>
<td width="25%"><?php
echo $_smarty_tpl->getSubTemplate("common/price.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('value' => $_smarty_tpl->tpl_vars['order_status']->value['shipping']), 0);
?>
</td>
</tr>
<?php
}
?>
</tbody>
</table>
</div>
<!--dashboard_order_by_status--></div>
</div>
<?php
}
?>
</div>
<?php
if (fn_check_view_permissions("logs.manage", "GET")) {
?>
<div class="dashboard-activity">
<div class="pull-right"><a href="<?php
echo htmlspecialchars(fn_url("logs.manage"), ENT_QUOTES, 'UTF-8');
?>
"><?php
echo $_smarty_tpl->__('show_all');
?>
</a></div>
<h4><?php
echo $_smarty_tpl->__("recent_activity");
?>
</h4>
<?php
if (!is_callable('smarty_block_hook')) {
include '/home/coriolan/public_html/lead/app/functions/smarty_plugins/block.hook.php';
}
if (!is_callable('smarty_modifier_date_format')) {
include '/home/coriolan/public_html/lead/app/functions/smarty_plugins/modifier.date_format.php';
}
if (!function_exists('smarty_template_function_show_log_row')) {
function smarty_template_function_show_log_row($_smarty_tpl, $params)
{
$saved_tpl_vars = $_smarty_tpl->tpl_vars;
foreach ($_smarty_tpl->smarty->template_functions['show_log_row']['parameter'] as $key => $value) {
$_smarty_tpl->tpl_vars[$key] = new Smarty_variable($value);
}
foreach ($params as $key => $value) {
$_smarty_tpl->tpl_vars[$key] = new Smarty_variable($value);
}
?>
<?php
if ($_smarty_tpl->tpl_vars['item']->value) {
?>
<div class="item">
<?php
$_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "index:recent_activity"));
$_block_repeat = true;
echo smarty_block_hook(array('name' => "index:recent_activity"), null, $_smarty_tpl, $_block_repeat);
while ($_block_repeat) {
ob_start();
?>
<?php
$_smarty_tpl->tpl_vars['_type'] = new Smarty_variable("log_type_" . (string) $_smarty_tpl->tpl_vars['item']->value['type'], null, 0);
?>
<?php
$_smarty_tpl->tpl_vars['_action'] = new Smarty_variable("log_action_" . (string) $_smarty_tpl->tpl_vars['item']->value['action'], null, 0);
?>
<?php
echo $_smarty_tpl->__($_smarty_tpl->tpl_vars['_type']->value);
if ($_smarty_tpl->tpl_vars['item']->value['action']) {
?>
(<?php
echo $_smarty_tpl->__($_smarty_tpl->tpl_vars['_action']->value);
?>
)<?php
}
?>
:
<?php
if ($_smarty_tpl->tpl_vars['item']->value['type'] == "users" && fn_check_view_permissions(fn_url("profiles.update?user_id=" . (string) $_smarty_tpl->tpl_vars['item']->value['content']['id']), "GET")) {
?>
<?php
if ($_smarty_tpl->tpl_vars['item']->value['content']['id']) {
?>
<a href="<?php
echo htmlspecialchars(fn_url("profiles.update?user_id=" . (string) $_smarty_tpl->tpl_vars['item']->value['content']['id']), ENT_QUOTES, 'UTF-8');
?>
"><?php
}
echo htmlspecialchars($_smarty_tpl->tpl_vars['item']->value['content']['user'], ENT_QUOTES, 'UTF-8');
if ($_smarty_tpl->tpl_vars['item']->value['content']['id']) {
?>
</a><?php
}
?>
<br>
<?php
} elseif ($_smarty_tpl->tpl_vars['item']->value['type'] == "orders" && fn_check_view_permissions(fn_url("orders.details?order_id=" . (string) $_smarty_tpl->tpl_vars['item']->value['content']['id']), "GET")) {
?>
<?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['item']->value['content']['status'], ENT_QUOTES, 'UTF-8');
?>
<br>
<a href="<?php
echo htmlspecialchars(fn_url("orders.details?order_id=" . (string) $_smarty_tpl->tpl_vars['item']->value['content']['id']), ENT_QUOTES, 'UTF-8');
?>
"><?php
echo $_smarty_tpl->__("order");
?>
<?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['item']->value['content']['order'], ENT_QUOTES, 'UTF-8');
?>
</a><br>
<?php
} elseif ($_smarty_tpl->tpl_vars['item']->value['type'] == "products" && fn_check_view_permissions(fn_url("products.update?product_id=" . (string) $_smarty_tpl->tpl_vars['item']->value['content']['id']), "GET")) {
?>
<a href="<?php
echo htmlspecialchars(fn_url("products.update?product_id=" . (string) $_smarty_tpl->tpl_vars['item']->value['content']['id']), ENT_QUOTES, 'UTF-8');
?>
"><?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['item']->value['content']['product'], ENT_QUOTES, 'UTF-8');
?>
</a><br>
<?php
} elseif ($_smarty_tpl->tpl_vars['item']->value['type'] == "categories" && fn_check_view_permissions(fn_url("categories.update?category_id=" . (string) $_smarty_tpl->tpl_vars['item']->value['content']['id']), "GET")) {
?>
<a href="<?php
echo htmlspecialchars(fn_url("categories.update?category_id=" . (string) $_smarty_tpl->tpl_vars['item']->value['content']['id']), ENT_QUOTES, 'UTF-8');
?>
"><?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['item']->value['content']['category'], ENT_QUOTES, 'UTF-8');
?>
</a><br>
<?php
}
?>
<?php
$_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "index:recent_activity_item"));
$_block_repeat = true;
echo smarty_block_hook(array('name' => "index:recent_activity_item"), null, $_smarty_tpl, $_block_repeat);
while ($_block_repeat) {
ob_start();
$_block_content = ob_get_clean();
$_block_repeat = false;
echo smarty_block_hook(array('name' => "index:recent_activity_item"), $_block_content, $_smarty_tpl, $_block_repeat);
}
array_pop($_smarty_tpl->smarty->_tag_stack);
?>
<span class="date"><?php
echo htmlspecialchars(smarty_modifier_date_format($_smarty_tpl->tpl_vars['item']->value['timestamp'], (string) $_smarty_tpl->tpl_vars['settings']->value['Appearance']['date_format'] . ", " . (string) $_smarty_tpl->tpl_vars['settings']->value['Appearance']['time_format']), ENT_QUOTES, 'UTF-8');
?>
</span>
<?php
$_block_content = ob_get_clean();
$_block_repeat = false;
echo smarty_block_hook(array('name' => "index:recent_activity"), $_block_content, $_smarty_tpl, $_block_repeat);
}
array_pop($_smarty_tpl->smarty->_tag_stack);
?>
</div>
<?php
}
?>
<?php
$_smarty_tpl->tpl_vars = $saved_tpl_vars;
foreach (Smarty::$global_tpl_vars as $key => $value) {
if (!isset($_smarty_tpl->tpl_vars[$key])) {
$_smarty_tpl->tpl_vars[$key] = $value;
}
}
}
}
?>
<div class="dashboard-activity-list">
<?php
$_smarty_tpl->tpl_vars["item"] = new Smarty_Variable();
$_smarty_tpl->tpl_vars["item"]->_loop = false;
$_from = $_smarty_tpl->tpl_vars['logs']->value;
if (!is_array($_from) && !is_object($_from)) {
settype($_from, 'array');
}
foreach ($_from as $_smarty_tpl->tpl_vars["item"]->key => $_smarty_tpl->tpl_vars["item"]->value) {
$_smarty_tpl->tpl_vars["item"]->_loop = true;
?>
<?php
smarty_template_function_show_log_row($_smarty_tpl, array('item' => $_smarty_tpl->tpl_vars['item']->value));
?>
<?php
}
?>
</div>
</div>
<?php
}
?>
</div>
<!--dashboard--></div>
<?php
$_block_content = ob_get_clean();
$_block_repeat = false;
echo smarty_block_hook(array('name' => "index:index"), $_block_content, $_smarty_tpl, $_block_repeat);
}
array_pop($_smarty_tpl->smarty->_tag_stack);
?>
<?php
$_smarty_tpl->_capture_stack[0][] = array("buttons", null, null);
ob_start();
?>
<?php
echo $_smarty_tpl->getSubTemplate("common/daterange_picker.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('id' => "dashboard_date_picker", 'extra_class' => "pull-right offset1", 'data_url' => fn_url("index.index"), 'result_ids' => "dashboard", 'start_date' => $_smarty_tpl->tpl_vars['time_from']->value, 'end_date' => $_smarty_tpl->tpl_vars['time_to']->value), 0);
?>
<?php
list($_capture_buffer, $_capture_assign, $_capture_append) = array_pop($_smarty_tpl->_capture_stack[0]);
if (!empty($_capture_buffer)) {
if (isset($_capture_assign)) {
$_smarty_tpl->assign($_capture_assign, ob_get_contents());
}
if (isset($_capture_append)) {
$_smarty_tpl->append($_capture_append, ob_get_contents());
}
Smarty::$_smarty_vars['capture'][$_capture_buffer] = ob_get_clean();
} else {
$_smarty_tpl->capture_error();
}
list($_capture_buffer, $_capture_assign, $_capture_append) = array_pop($_smarty_tpl->_capture_stack[0]);
if (!empty($_capture_buffer)) {
if (isset($_capture_assign)) {
$_smarty_tpl->assign($_capture_assign, ob_get_contents());
}
if (isset($_capture_append)) {
$_smarty_tpl->append($_capture_append, ob_get_contents());
}
Smarty::$_smarty_vars['capture'][$_capture_buffer] = ob_get_clean();
} else {
$_smarty_tpl->capture_error();
}
?>
<?php
echo $_smarty_tpl->getSubTemplate("common/mainbox.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array('buttons' => Smarty::$_smarty_vars['capture']['buttons'], 'no_sidebar' => true, 'title' => __("dashboard"), 'content' => Smarty::$_smarty_vars['capture']['mainbox'], 'tools' => Smarty::$_smarty_vars['capture']['tools']), 0);
?>
<?php
$_smarty_tpl->smarty->_tag_stack[] = array('hook', array('name' => "index:welcome_dialog"));
$_block_repeat = true;
echo smarty_block_hook(array('name' => "index:welcome_dialog"), null, $_smarty_tpl, $_block_repeat);
while ($_block_repeat) {
ob_start();
?>
<?php
if ($_smarty_tpl->tpl_vars['show_welcome']->value) {
?>
<div class="hidden cm-dialog-auto-open cm-dialog-auto-size" title="<?php
echo $_smarty_tpl->__("installer_complete_title");
?>
" id="after_install_dialog" data-ca-dialog-class="welcome-screen-dialog">
<?php
$_smarty_tpl->tpl_vars["company"] = new Smarty_variable(fn_get_company_data("1"), null, 0);
?>
<?php
if (fn_allowed_for("ULTIMATE")) {
?>
<?php
ob_start();
echo htmlspecialchars(smarty_modifier_unpuny($_smarty_tpl->tpl_vars['company']->value['storefront']), ENT_QUOTES, 'UTF-8');
$_tmp1 = ob_get_clean();
$_smarty_tpl->tpl_vars['link_storefront'] = new Smarty_variable("http://" . $_tmp1, null, 0);
?>
<?php
} else {
?>
<?php
ob_start();
echo htmlspecialchars(fn_url($_smarty_tpl->tpl_vars['config']->value['http_location']), ENT_QUOTES, 'UTF-8');
$_tmp2 = ob_get_clean();
$_smarty_tpl->tpl_vars['link_storefront'] = new Smarty_variable($_tmp2, null, 0);
?>
<?php
}
?>
<div class="welcome-screen">
<p>
<?php
$_smarty_tpl->tpl_vars['user_data'] = new Smarty_variable(fn_get_user_info($_smarty_tpl->tpl_vars['auth']->value['user_id']), null, 0);
?>
<?php
echo $_smarty_tpl->__("welcome_screen.administrator_info", array('[email]' => $_smarty_tpl->tpl_vars['user_data']->value['email']));
?>
</p>
<div class="welcome-location-wrapper clearfix">
<div class="welcome-location-block pull-left center">
<h4 class="install-title"><?php
echo $_smarty_tpl->__("admin_panel");
?>
</h4>
<div class="welcome-screen-location welcome-screen-admin">
<div class="welcome-screen-overlay">
<a class="btn cm-dialog-closer welcome-screen-overlink"><?php
echo $_smarty_tpl->__("welcome_screen.go_admin_panel");
?>
</a>
</div>
</div>
<div class="welcome-screen-arrow"></div>
<p>
<?php
echo $_smarty_tpl->__("welcome_screen.go_settings_wizard");
?>
</p>
<?php
$_smarty_tpl->tpl_vars['c_url'] = new Smarty_variable(rawurlencode($_smarty_tpl->tpl_vars['config']->value['current_url']), null, 0);
?>
<a class="cm-dialog-opener cm-ajax btn btn-primary strong" data-ca-target-id="content_settings_wizard" title="<?php
echo $_smarty_tpl->__("settings_wizard");
?>
" href="<?php
echo htmlspecialchars(fn_url("settings_wizard.view?return_url=" . (string) $_smarty_tpl->tpl_vars['c_url']->value), ENT_QUOTES, 'UTF-8');
?>
" target="_blank"><?php
echo $_smarty_tpl->__("welcome_screen.run_settings_wizard");
?>
</a>
</div>
<div class="welcome-location-block pull-right center">
<h4 class="install-title"><?php
echo $_smarty_tpl->__("storefront");
?>
</h4>
<div class="welcome-screen-location welcome-screen-store">
<div class="welcome-screen-overlay">
<a class="btn welcome-screen-overlink" href="<?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['link_storefront']->value, ENT_QUOTES, 'UTF-8');
?>
" target="_blank"><?php
echo $_smarty_tpl->__("welcome_screen.go_storefront");
?>
</a>
</div>
</div>
<div class="welcome-screen-arrow"></div>
<p>
<?php
echo $_smarty_tpl->__("welcome_screen.learn_more_configuration");
?>
</p>
<a class="kbase-link" href="<?php
echo htmlspecialchars($_smarty_tpl->tpl_vars['config']->value['resources']['knowledge_base'], ENT_QUOTES, 'UTF-8');
?>
" target="_blank"><?php
echo $_smarty_tpl->__("welcome_screen.knowledge_base");
?>
</a>
</div>
</div>
<div class="welcome-screen-social center">
<p>
<?php
echo $_smarty_tpl->__("welcome_screen.thanks", array("[product]" => @constant('PRODUCT_NAME')));
?>
</p>
<?php
echo $_smarty_tpl->getSubTemplate("common/share.tpl", $_smarty_tpl->cache_id, $_smarty_tpl->compile_id, 0, null, array(), 0);
?>
</div>
</div>
</div>
<?php
}
$_block_content = ob_get_clean();
$_block_repeat = false;
echo smarty_block_hook(array('name' => "index:welcome_dialog"), $_block_content, $_smarty_tpl, $_block_repeat);
}
array_pop($_smarty_tpl->smarty->_tag_stack);
?>
<?php
}
$cart['payment_info'] = !empty($_REQUEST['payment_info']) ? $_REQUEST['payment_info'] : array();
list($order_id, $process_payment) = fn_place_order($cart, $customer_auth, $action, $auth['user_id']);
if (!empty($order_id)) {
if ($action != 'save') {
$action = 'route';
}
if ($process_payment == true) {
$payment_info = !empty($cart['payment_info']) ? $cart['payment_info'] : array();
fn_start_payment($order_id, fn_get_notification_rules($_REQUEST), $payment_info);
}
if (!empty($_REQUEST['update_order']['details'])) {
db_query('UPDATE ?:orders SET details = ?s WHERE order_id = ?i', $_REQUEST['update_order']['details'], $order_id);
}
$notification_rules = fn_get_notification_rules($_REQUEST);
// change status if it posted
if (!empty($_REQUEST['order_status']) && fn_check_permissions('orders', 'update_status', 'admin')) {
$order_info = fn_get_order_short_info($order_id);
if ($order_info['status'] != $_REQUEST['order_status']) {
if ($process_payment == true) {
fn_set_notification('W', __('warning'), __('status_changed_after_process_payment'));
} elseif (fn_change_order_status($order_id, $_REQUEST['order_status'], '', $notification_rules)) {
$order_info = fn_get_order_short_info($order_id);
$new_status = $order_info['status'];
if ($_REQUEST['order_status'] != $new_status) {
fn_set_notification('W', __('warning'), __('status_changed'));
}
} else {
$error = false;
if ($order_info['is_parent_order'] == 'Y') {
$suborders = fn_get_suborders_info($order_id);
if ($suborders) {
<?php
/***************************************************************************
* *
* (c) 2004 Vladimir V. Kalynyak, Alexey V. Vinokurov, Ilya M. Shalnev *
* *
* This is commercial software, only users who have purchased a valid *
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
if (fn_check_permissions('seo_rules', 'manage', 'admin', 'GET')) {
$schema['central']['website']['items']['seo']['href'] = 'seo_rules.manage';
}
$schema['central']['website']['items']['seo']['subitems']['seo_rules'] = array('attrs' => array('class' => 'is-addon'), 'href' => 'seo_rules.manage', 'position' => 100);
$schema['central']['website']['items']['seo']['subitems']['seo.redirects_manager'] = array('attrs' => array('class' => 'is-addon'), 'href' => 'seo_redirects.manage', 'position' => 200);
return $schema;
public function update($id, $params)
{
fn_define('ORDER_MANAGEMENT', true);
$data = array();
$valid_params = true;
$status = Response::STATUS_BAD_REQUEST;
if ($valid_params) {
fn_clear_cart($cart, true);
$customer_auth = fn_fill_auth(array(), array(), false, 'C');
$cart_status = md5(serialize($cart));
// Order info was not found or customer does not have enought permissions
if (fn_form_cart($id, $cart, $customer_auth) && $cart_status != md5(serialize($cart))) {
unset($params['product_groups']);
if (empty($params['shipping_id'])) {
$shipping = reset($cart['shipping']);
if (!empty($shipping['shipping_id'])) {
$params['shipping_id'] = $shipping['shipping_id'];
}
}
$cart['order_id'] = $id;
fn_calculate_cart_content($cart, $customer_auth);
if (!empty($params['user_id'])) {
$cart['user_data'] = fn_get_user_info($params['user_id']);
} elseif (!empty($params)) {
$cart['user_data'] = array_merge($cart['user_data'], $params);
}
if (!empty($cart['product_groups']) && !empty($params['shipping_id'])) {
foreach ($cart['product_groups'] as $key => $group) {
foreach ($group['shippings'] as $shipping_id => $shipping) {
if ($params['shipping_id'] == $shipping['shipping_id']) {
$cart['chosen_shipping'][$key] = $shipping_id;
break;
}
}
}
}
if (!empty($params['payment_id'])) {
if (!empty($params['payment_info'])) {
$cart['payment_info'] = $params['payment_info'];
} elseif ($params['payment_id'] != $cart['payment_id']) {
$cart['payment_info'] = array();
}
$cart['payment_id'] = $params['payment_id'];
}
if (!empty($params['products'])) {
$cart['products'] = $params['products'];
}
fn_calculate_cart_content($cart, $customer_auth);
if (!empty($cart) && empty($cart['shipping_failed'])) {
$cart['parent_order_id'] = 0;
fn_update_payment_surcharge($cart, $customer_auth);
list($order_id, $order_status) = fn_update_order($cart, $id);
if ($order_id) {
if (!empty($params['status']) && fn_check_permissions('orders', 'update_status', 'admin')) {
fn_change_order_status($order_id, $params['status'], '', fn_get_notification_rules($params, false));
} elseif (!empty($order_status)) {
fn_change_order_status($order_id, $order_status, '', fn_get_notification_rules($params, false));
}
$status = Response::STATUS_OK;
$data = array('order_id' => $order_id);
}
}
}
}
return array('status' => $status, 'data' => $data);
}
/**
* Create/update shipment
*
* @param array $shipment_data Array of shipment data.
* @param int $shipment_id Shipment identifier
* @param int $group_key Group number
* @param bool $all_products
* @param mixed $force_notification user notification flag (true/false), if not set, will be retrieved from status parameters
* @return int $shipment_id
*/
function fn_update_shipment($shipment_data, $shipment_id = 0, $group_key = 0, $all_products = false, $force_notification = array())
{
if (!empty($shipment_id)) {
$arow = db_query("UPDATE ?:shipments SET tracking_number = ?s, carrier = ?s WHERE shipment_id = ?i", $shipment_data['tracking_number'], $shipment_data['carrier'], $shipment_id);
if ($arow === false) {
fn_set_notification('E', __('error'), __('object_not_found', array('[object]' => __('shipment'))), '', '404');
$shipment_id = false;
}
} else {
if (empty($shipment_data['order_id']) || empty($shipment_data['shipping_id'])) {
return false;
}
$order_info = fn_get_order_info($shipment_data['order_id'], false, true, true);
$use_shipments = Settings::instance()->getValue('use_shipments', '', $order_info['company_id']) == 'Y' ? true : false;
if (!$use_shipments && empty($shipment_data['tracking_number']) && empty($shipment_data['tracking_number'])) {
return false;
}
if (!$use_shipments && $all_products) {
foreach ($order_info['product_groups'] as $group) {
foreach ($group['products'] as $item_key => $product) {
if (!empty($product['extra']['group_key'])) {
if ($group_key == $product['extra']['group_key']) {
$shipment_data['products'][$item_key] = $product['amount'];
}
} elseif ($group_key == 0) {
$shipment_data['products'][$item_key] = $product['amount'];
}
}
}
}
if (!empty($shipment_data['products']) && fn_check_shipped_products($shipment_data['products'])) {
fn_set_hook('create_shipment', $shipment_data, $order_info, $group_key, $all_products);
foreach ($shipment_data['products'] as $key => $amount) {
if (isset($order_info['products'][$key])) {
$amount = intval($amount);
if ($amount > $order_info['products'][$key]['amount'] - $order_info['products'][$key]['shipped_amount']) {
$shipment_data['products'][$key] = $order_info['products'][$key]['amount'] - $order_info['products'][$key]['shipped_amount'];
}
}
}
if (fn_check_shipped_products($shipment_data['products'])) {
$shipment_data['timestamp'] = time();
$shipment_id = db_query("INSERT INTO ?:shipments ?e", $shipment_data);
foreach ($shipment_data['products'] as $key => $amount) {
if ($amount == 0) {
continue;
}
$_data = array('item_id' => $key, 'shipment_id' => $shipment_id, 'order_id' => $shipment_data['order_id'], 'product_id' => $order_info['products'][$key]['product_id'], 'amount' => $amount);
db_query("INSERT INTO ?:shipment_items ?e", $_data);
}
if (fn_check_permissions('orders', 'update_status', 'admin') && !empty($shipment_data['order_status'])) {
fn_change_order_status($shipment_data['order_id'], $shipment_data['order_status']);
}
/**
* Called after new shipment creation.
*
* @param array $shipment_data Array of shipment data.
* @param array $order_info Shipment order info
* @param int $group_key Group number
* @param bool $all_products
* @param int $shipment_id Created shipment identifier
*/
fn_set_hook('create_shipment_post', $shipment_data, $order_info, $group_key, $all_products, $shipment_id);
if (!empty($force_notification['C'])) {
$shipment = array('shipment_id' => $shipment_id, 'timestamp' => $shipment_data['timestamp'], 'shipping' => db_get_field('SELECT shipping FROM ?:shipping_descriptions WHERE shipping_id = ?i AND lang_code = ?s', $shipment_data['shipping_id'], $order_info['lang_code']), 'tracking_number' => $shipment_data['tracking_number'], 'carrier' => $shipment_data['carrier'], 'comments' => $shipment_data['comments'], 'items' => $shipment_data['products']);
Mailer::sendMail(array('to' => $order_info['email'], 'from' => 'company_orders_department', 'data' => array('shipment' => $shipment, 'order_info' => $order_info), 'tpl' => 'shipments/shipment_products.tpl', 'company_id' => $order_info['company_id']), 'C', $order_info['lang_code']);
}
fn_set_notification('N', __('notice'), __('shipment_has_been_created'));
}
} else {
fn_set_notification('E', __('error'), __('products_for_shipment_not_selected'));
}
}
return $shipment_id;
}
/**
* Dispathes the execution control to correct controller
*
* @return nothing
*/
function fn_dispatch($controller = '', $mode = '', $action = '', $dispatch_extra = '', $area = AREA)
{
Debugger::checkpoint('After init');
$auth = $_SESSION['auth'];
$controller = empty($controller) ? Registry::get('runtime.controller') : $controller;
$mode = empty($mode) ? Registry::get('runtime.mode') : $mode;
$action = empty($action) ? Registry::get('runtime.action') : $action;
$dispatch_extra = empty($dispatch_extra) ? Registry::get('runtime.dispatch_extra') : $dispatch_extra;
fn_set_hook('before_dispatch', $controller, $mode, $action, $dispatch_extra, $area);
$view = Registry::get('view');
$run_controllers = true;
$external = false;
$status = CONTROLLER_STATUS_NO_PAGE;
// CSRF protection
if (fn_is_csrf_protection_enabled($auth) && !fn_csrf_validate_request(array('server' => $_SERVER, 'request' => $_REQUEST, 'session' => $_SESSION, 'controller' => $controller, 'mode' => $mode, 'action' => $action, 'dispatch_extra' => $dispatch_extra, 'area' => $area, 'auth' => $auth))) {
fn_set_notification('E', __('error'), __('text_csrf_attack'));
fn_redirect(fn_url());
}
// If $config['http_host'] was different from the domain name, there was redirection to $config['http_host'] value.
if (strtolower(Registry::get('config.current_host')) != strtolower(REAL_HOST) && $_SERVER['REQUEST_METHOD'] == 'GET' && !defined('CONSOLE')) {
if (!empty($_SERVER['REDIRECT_URL'])) {
$qstring = $_SERVER['REDIRECT_URL'];
} else {
if (!empty($_SERVER['REQUEST_URI'])) {
$qstring = $_SERVER['REQUEST_URI'];
} else {
$qstring = Registry::get('config.current_url');
}
}
$curent_path = Registry::get('config.current_path');
if (!empty($curent_path) && strpos($qstring, $curent_path) === 0) {
$qstring = substr_replace($qstring, '', 0, fn_strlen($curent_path));
}
fn_redirect(Registry::get('config.current_location') . $qstring, false, true);
}
$upload_max_filesize = Bootstrap::getIniParam('upload_max_filesize');
$post_max_size = Bootstrap::getIniParam('post_max_size');
if (!defined('AJAX_REQUEST') && isset($_SERVER['CONTENT_LENGTH']) && ($_SERVER['CONTENT_LENGTH'] > fn_return_bytes($upload_max_filesize) || $_SERVER['CONTENT_LENGTH'] > fn_return_bytes($post_max_size))) {
$max_size = fn_return_bytes($upload_max_filesize) < fn_return_bytes($post_max_size) ? $upload_max_filesize : $post_max_size;
fn_set_notification('E', __('error'), __('text_forbidden_uploaded_file_size', array('[size]' => $max_size)));
fn_redirect($_SERVER['HTTP_REFERER']);
}
// If URL contains session ID, remove it
if (!defined('AJAX_REQUEST') && !empty($_REQUEST[Session::getName()]) && $_SERVER['REQUEST_METHOD'] == 'GET') {
fn_redirect(fn_query_remove(Registry::get('config.current_url'), Session::getName()));
}
// If demo mode is enabled, check permissions FIX ME - why did we need one more user login check?
if ($area == 'A') {
if (Registry::get('config.demo_mode') == true) {
$run_controllers = fn_check_permissions($controller, $mode, 'demo');
if ($run_controllers == false) {
fn_set_notification('W', __('demo_mode'), __('demo_mode_content_text'), 'K', 'demo_mode');
if (defined('AJAX_REQUEST')) {
exit;
}
fn_delete_notification('changes_saved');
$status = CONTROLLER_STATUS_REDIRECT;
$_REQUEST['redirect_url'] = !empty($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : fn_url('');
}
} else {
$run_controllers = fn_check_permissions($controller, $mode, 'admin', '', $_REQUEST);
if ($run_controllers == false) {
if (defined('AJAX_REQUEST')) {
$_info = Debugger::isActive() || fn_is_development() ? ' ' . $controller . '.' . $mode : '';
fn_set_notification('W', __('warning'), __('access_denied') . $_info);
exit;
}
$status = CONTROLLER_STATUS_DENIED;
}
}
}
if ($_SERVER['REQUEST_METHOD'] != 'POST' && !defined('AJAX_REQUEST')) {
if ($area == 'A' && empty($_REQUEST['keep_location']) && !defined('CONSOLE')) {
if (!defined('HTTPS') && Registry::get('settings.Security.secure_admin') == 'Y') {
fn_redirect(Registry::get('config.https_location') . '/' . Registry::get('config.current_url'));
} elseif (defined('HTTPS') && Registry::get('settings.Security.secure_admin') != 'Y') {
fn_redirect(Registry::get('config.http_location') . '/' . Registry::get('config.current_url'));
}
} elseif ($area == 'C') {
$secure_controllers = fn_get_secure_controllers();
// if we are not on https but controller is secure, redirect to https
if (!defined('HTTPS') && (Registry::get('settings.Security.secure_storefront') == 'full' || isset($secure_controllers[$controller]) && $secure_controllers[$controller] == 'active')) {
fn_redirect(Registry::get('config.https_location') . '/' . Registry::get('config.current_url'), false, true);
}
// if we are on https and the controller is insecure, redirect to http
if (defined('HTTPS') && Registry::get('settings.Security.secure_storefront') != 'full' && !isset($secure_controllers[$controller]) && Registry::get('settings.Security.keep_https') != 'Y') {
fn_redirect(Registry::get('config.http_location') . '/' . Registry::get('config.current_url'), false, true);
}
}
}
LastView::instance()->prepare($_REQUEST);
$controllers_cascade = array();
$controllers_list = array('init');
if ($run_controllers == true) {
$controllers_list[] = $controller;
$controllers_list = array_unique($controllers_list);
}
foreach ($controllers_list as $ctrl) {
$core_controllers = fn_init_core_controllers($ctrl);
list($addon_controllers) = fn_init_addon_controllers($ctrl);
if (empty($core_controllers) && empty($addon_controllers)) {
//$controllers_cascade = array(); // FIXME: controllers_cascade contains INIT. We should not clear initiation code.
$status = CONTROLLER_STATUS_NO_PAGE;
$run_controllers = false;
break;
}
if (count($core_controllers) + count($addon_controllers) > 1) {
throw new DeveloperException('Duplicate controller ' . $controller . var_export(array_merge($core_controllers, $addon_controllers), true));
}
$core_pre_controllers = fn_init_core_controllers($ctrl, GET_PRE_CONTROLLERS);
$core_post_controllers = fn_init_core_controllers($ctrl, GET_POST_CONTROLLERS);
list($addon_pre_controllers) = fn_init_addon_controllers($ctrl, GET_PRE_CONTROLLERS);
list($addon_post_controllers, $addons) = fn_init_addon_controllers($ctrl, GET_POST_CONTROLLERS);
// we put addon post-controller to the top of post-controller cascade if current addon serves this request
if (count($addon_controllers)) {
$addon_post_controllers = fn_reorder_post_controllers($addon_post_controllers, $addon_controllers[0]);
}
$controllers_cascade = array_merge($controllers_cascade, $addon_pre_controllers, $core_pre_controllers, $core_controllers, $addon_controllers, $core_post_controllers, $addon_post_controllers);
if (empty($controllers_cascade)) {
throw new DeveloperException("No controllers for: {$ctrl}");
}
}
if ($mode == 'add') {
$tpl = 'update.tpl';
} elseif (strpos($mode, 'add_') === 0) {
$tpl = str_replace('add_', 'update_', $mode) . '.tpl';
} else {
$tpl = $mode . '.tpl';
}
$view = Registry::get('view');
if ($view->templateExists('views/' . $controller . '/' . $tpl)) {
// try to find template in base views
$view->assign('content_tpl', 'views/' . $controller . '/' . $tpl);
} elseif (defined('LOADED_ADDON_PATH') && $view->templateExists('addons/' . LOADED_ADDON_PATH . '/views/' . $controller . '/' . $tpl)) {
// try to find template in addon views
$view->assign('content_tpl', 'addons/' . LOADED_ADDON_PATH . '/views/' . $controller . '/' . $tpl);
} elseif (!empty($addons)) {
// try to find template in addon views that extend base views
foreach ($addons as $addon => $_v) {
if ($view->templateExists('addons/' . $addon . '/views/' . $controller . '/' . $tpl)) {
$view->assign('content_tpl', 'addons/' . $addon . '/views/' . $controller . '/' . $tpl);
break;
}
}
}
/**
* Performs actions after template assignment and before controller run
*
* @param string $controller controller name
* @param string $mode controller mode name
* @param string $area current working area
* @param array $controllers_cascade list of controllers to run
*/
fn_set_hook('dispatch_assign_template', $controller, $mode, $area, $controllers_cascade);
foreach ($controllers_cascade as $item) {
$_res = fn_run_controller($item, $controller, $mode, $action, $dispatch_extra);
// 0 - status, 1 - url
$url = !empty($_res[1]) ? $_res[1] : '';
$external = !empty($_res[2]) ? $_res[2] : false;
$permanent = !empty($_res[3]) ? $_res[3] : false;
// Status could be changed only if we allow to run controllers despite of init controller
if ($run_controllers == true) {
$status = !empty($_res[0]) ? $_res[0] : CONTROLLER_STATUS_OK;
}
if ($status == CONTROLLER_STATUS_OK && !empty($url)) {
$redirect_url = $url;
} elseif ($status == CONTROLLER_STATUS_REDIRECT && !empty($url)) {
$redirect_url = $url;
break;
} elseif ($status == CONTROLLER_STATUS_DENIED || $status == CONTROLLER_STATUS_NO_PAGE) {
break;
}
}
LastView::instance()->init($_REQUEST);
// In console mode, just stop here
if (defined('CONSOLE')) {
$notifications = fn_get_notifications();
$exit_code = 0;
foreach ($notifications as $n) {
fn_echo('[' . $n['title'] . '] ' . $n['message'] . "\n");
if ($n['type'] == 'E') {
$exit_code = 1;
}
}
exit($exit_code);
}
if (!empty($auth['this_login']) && Registry::ifGet($auth['this_login'], 'N') === 'Y') {
fn_set_notification('E', __('error'), __(ACCOUNT_TYPE . LOGIN_STATUS_USER_DISABLED));
$status = CONTROLLER_STATUS_DENIED;
}
// [Block manager]
// block manager is disabled for vendors.
if (!(fn_allowed_for('MULTIVENDOR') && Registry::get('runtime.company_id') || fn_allowed_for('ULTIMATE') && !Registry::get('runtime.company_id'))) {
if (fn_check_permissions('block_manager', 'manage', 'admin')) {
$dynamic_object = SchemesManager::getDynamicObject($_REQUEST['dispatch'], $area, $_REQUEST);
if (!empty($dynamic_object)) {
if ($area == 'A' && Registry::get('runtime.mode') != 'add' && !empty($_REQUEST[$dynamic_object['key']])) {
$object_id = $_REQUEST[$dynamic_object['key']];
$location = Location::instance()->get($dynamic_object['customer_dispatch'], $dynamic_object, CART_LANGUAGE);
if (!empty($location) && $location['is_default'] != 1) {
$params = array('dynamic_object' => array('object_type' => $dynamic_object['object_type'], 'object_id' => $object_id), $dynamic_object['key'] => $object_id, 'manage_url' => Registry::get('config.current_url'));
Registry::set('navigation.tabs.blocks', array('title' => __('layouts'), 'href' => 'block_manager.manage_in_tab?' . http_build_query($params), 'ajax' => true));
}
}
}
}
}
// [/Block manager]
// Redirect if controller returned successful/redirect status only
if (in_array($status, array(CONTROLLER_STATUS_OK, CONTROLLER_STATUS_REDIRECT)) && !empty($_REQUEST['redirect_url']) && !$external) {
$redirect_url = $_REQUEST['redirect_url'];
}
// If controller returns "Redirect" status, check if redirect url exists
if ($status == CONTROLLER_STATUS_REDIRECT && empty($redirect_url)) {
$status = CONTROLLER_STATUS_NO_PAGE;
}
// In backend show "changes saved" notification
if ($area == 'A' && $_SERVER['REQUEST_METHOD'] == 'POST' && in_array($status, array(CONTROLLER_STATUS_OK, CONTROLLER_STATUS_REDIRECT))) {
if (strpos($mode, 'update') !== false && $mode != 'update_status' && $mode != 'update_mode' && !fn_notification_exists('extra', 'demo_mode') && !fn_notification_exists('type', 'E')) {
fn_set_notification('N', __('notice'), __('text_changes_saved'), 'I', 'changes_saved');
}
}
// Attach params and redirect if needed
if (in_array($status, array(CONTROLLER_STATUS_OK, CONTROLLER_STATUS_REDIRECT)) && !empty($redirect_url)) {
if (!isset($_REQUEST['return_to_list'])) {
$params = array('page', 'selected_section', 'active_tab');
$url_params = array();
foreach ($params as $param) {
if (!empty($_REQUEST[$param])) {
$url_params[$param] = $_REQUEST[$param];
}
}
if (!empty($url_params)) {
$redirect_url = fn_link_attach($redirect_url, http_build_query($url_params));
}
}
if (!isset($external)) {
$external = false;
}
if (!isset($permanent)) {
$permanent = false;
}
fn_redirect($redirect_url, $external, $permanent);
}
if (!$view->getTemplateVars('content_tpl') && $status == CONTROLLER_STATUS_OK) {
// FIXME
$status = CONTROLLER_STATUS_NO_PAGE;
}
if ($status != CONTROLLER_STATUS_OK) {
if ($status == CONTROLLER_STATUS_NO_PAGE) {
if ($area == 'A' && empty($auth['user_id'])) {
// If admin is not logged in redirect to login page from not found page
fn_set_notification('W', __('page_not_found'), __('page_not_found_text'));
fn_redirect("auth.login_form");
}
header(' ', true, 404);
}
$view->assign('exception_status', $status);
if ($area == 'A') {
$view->assign('content_tpl', 'exception.tpl');
// for backend only
}
if ($status == CONTROLLER_STATUS_DENIED) {
$view->assign('page_title', __('access_denied'));
} elseif ($status == CONTROLLER_STATUS_NO_PAGE) {
$view->assign('page_title', __('page_not_found'));
}
}
fn_set_hook('dispatch_before_display');
Debugger::checkpoint('Before TPL');
// Pass current URL to ajax response only if we render whole page
if (defined('AJAX_REQUEST') && Registry::get('runtime.root_template') == 'index.tpl') {
Registry::get('ajax')->assign('current_url', fn_url(Registry::get('config.current_url'), $area, 'current'));
}
Registry::get('view')->display(Registry::get('runtime.root_template'));
Debugger::checkpoint('After TPL');
Debugger::display();
fn_set_hook('complete');
if (defined('AJAX_REQUEST')) {
// HHVM workaround. Destroy Ajax object manually if it has been created.
$ajax = Registry::get('ajax');
$ajax = null;
}
exit;
// stop execution
}
/**
* Dispathes the execution control to correct controller
*
* @return nothing
*/
function fn_dispatch()
{
Profiler::checkpoint('After init');
fn_set_hook('before_dispatch');
$regexp = "/^[a-zA-Z0-9_\\+]+\$/";
$view =& Registry::get('view');
$run_controllers = true;
$external = false;
$status = CONTROLLER_STATUS_NO_PAGE;
// Security
if (Registry::get('config.tweaks.anti_csfr') == true) {
if ($_SERVER['REQUEST_METHOD'] == 'POST' && (empty($_SESSION['security_hash']) || empty($_REQUEST['security_hash']) || $_REQUEST['security_hash'] != $_SESSION['security_hash'])) {
die('Access denied: CSRF attack');
}
}
//If $config['http_host'] was different from the domain name, there was redirection to $config['http_host'] value.
if ((defined('HTTPS') ? Registry::get('config.https_host') : Registry::get('config.http_host')) != REAL_HOST && $_SERVER['REQUEST_METHOD'] == 'GET' && !defined('CONSOLE')) {
fn_redirect((defined('HTTPS') ? Registry::get('config.https_location') : Registry::get('config.http_location')) . '/' . Registry::get('config.current_url'));
}
if (isset($_SERVER['CONTENT_LENGTH']) && ($_SERVER['CONTENT_LENGTH'] > fn_return_bytes(ini_get('upload_max_filesize')) || $_SERVER['CONTENT_LENGTH'] > fn_return_bytes(ini_get('post_max_size')))) {
$max_size = fn_return_bytes(ini_get('upload_max_filesize')) < fn_return_bytes(ini_get('post_max_size')) ? ini_get('upload_max_filesize') : ini_get('post_max_size');
$msg = fn_get_lang_var('text_forbidden_uploaded_file_size');
$msg = str_replace('[size]', $max_size, $msg);
fn_set_notification('E', fn_get_lang_var('error'), $msg);
fn_redirect($_SERVER['HTTP_REFERER'], false);
}
// If URL contains session ID, remove it
if (!empty($_REQUEST[SESS_NAME]) && $_SERVER['REQUEST_METHOD'] == 'GET') {
fn_redirect(fn_query_remove(Registry::get('config.current_url'), SESS_NAME));
}
if (!preg_match($regexp, CONTROLLER) || !preg_match($regexp, MODE)) {
$status = CONTROLLER_STATUS_NO_PAGE;
$run_controllers = false;
}
// If demo mode is enabled, check permissions FIX ME - why did we need one more user login check?
if (AREA == 'A') {
if (Registry::get('config.demo_mode') == true) {
$run_controllers = fn_check_permissions(CONTROLLER, MODE, 'demo');
if ($run_controllers == false) {
fn_set_notification('W', fn_get_lang_var('demo_mode'), fn_get_lang_var('demo_mode_content_text'));
if (defined('AJAX_REQUEST')) {
exit;
}
$status = CONTROLLER_STATUS_REDIRECT;
$_REQUEST['redirect_url'] = !empty($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : INDEX_SCRIPT;
}
} elseif (!empty($_SESSION['auth']['usergroup_ids']) || defined('COMPANY_ID')) {
$run_controllers = fn_check_permissions(CONTROLLER, MODE, 'admin', '', $_REQUEST);
if ($run_controllers == false) {
if (defined('AJAX_REQUEST')) {
$ajax =& Registry::get('ajax');
$force_redirection = !empty($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
//$ajax->assign('force_redirection', $force_redirection);
$_info = defined('DEVELOPMENT') ? ' ' . CONTROLLER . '.' . MODE : '';
fn_set_notification('W', fn_get_lang_var('warning'), fn_get_lang_var('access_denied') . $_info, true);
exit;
}
$status = CONTROLLER_STATUS_DENIED;
}
}
}
// Check if request was rewritten and not handled
// In this case this means that request was incorrect
if (isset($_REQUEST['sef_rewrite'])) {
$status = CONTROLLER_STATUS_NO_PAGE;
$run_controllers = false;
}
if (AREA == 'A' && Registry::get('settings.General.secure_admin') == 'Y' && !defined('HTTPS') && $_SERVER['REQUEST_METHOD'] != 'POST' && !defined('AJAX_REQUEST') && empty($_REQUEST['keep_location']) && !defined('CONSOLE')) {
fn_redirect(Registry::get('config.https_location') . '/' . Registry::get('config.current_url'));
} elseif (AREA == 'C' && $_SERVER['REQUEST_METHOD'] != 'POST' && !defined('AJAX_REQUEST')) {
$secure_controllers = fn_get_secure_controllers();
// if we are not on https but controller is secure, redirect to https
if (isset($secure_controllers[CONTROLLER]) && $secure_controllers[CONTROLLER] == 'active' && !defined('HTTPS')) {
fn_redirect(Registry::get('config.https_location') . '/' . Registry::get('config.current_url'));
}
// if we are on https and the controller is insecure, redirect to http
if (!isset($secure_controllers[CONTROLLER]) && defined('HTTPS') && Registry::get('settings.General.keep_https') != 'Y') {
fn_redirect(Registry::get('config.http_location') . '/' . Registry::get('config.current_url'));
}
}
if (AREA == 'A') {
fn_init_last_view($_REQUEST);
}
$controllers_cascade = array();
$controllers_list = array('init');
if ($run_controllers == true) {
$controllers_list[] = CONTROLLER;
$controllers_list = array_unique($controllers_list);
}
foreach ($controllers_list as $ctrl) {
$core_controllers = fn_init_core_controllers($ctrl);
list($addon_controllers) = fn_init_addon_controllers($ctrl);
if (empty($core_controllers) && empty($addon_controllers)) {
$controllers_cascade = array();
$status = CONTROLLER_STATUS_NO_PAGE;
break;
}
if (count($core_controllers) + count($addon_controllers) > 1) {
die('Duplicate controller ' . CONTROLLER . fn_print_r(array_merge($core_controllers, $addon_controllers), 1));
}
$core_pre_controllers = fn_init_core_controllers($ctrl, GET_PRE_CONTROLLERS);
$core_post_controllers = fn_init_core_controllers($ctrl, GET_POST_CONTROLLERS);
list($addon_pre_controllers) = fn_init_addon_controllers($ctrl, GET_PRE_CONTROLLERS);
list($addon_post_controllers, $addons) = fn_init_addon_controllers($ctrl, GET_POST_CONTROLLERS);
// we put addon post-controller to the top of post-controller cascade if current addon serves this request
if (count($addon_controllers)) {
$addon_post_controllers = fn_reorder_post_controllers($addon_post_controllers, $addon_controllers[0]);
}
$controllers_cascade = array_merge($controllers_cascade, $addon_pre_controllers, $core_pre_controllers, $core_controllers, $addon_controllers, $core_post_controllers, $addon_post_controllers);
if (empty($controllers_cascade)) {
die("No controllers for: {$controller}");
}
}
if (MODE == 'add') {
$tpl = 'update.tpl';
} elseif (strpos(MODE, 'add_') === 0) {
$tpl = str_replace('add_', 'update_', MODE) . '.tpl';
} else {
$tpl = MODE . '.tpl';
}
$view =& Registry::get('view');
if ($view->template_exists('views/' . CONTROLLER . '/' . $tpl)) {
// try to find template in base views
$view->assign('content_tpl', 'views/' . CONTROLLER . '/' . $tpl);
} elseif (defined('LOADED_ADDON_PATH') && $view->template_exists('addons/' . LOADED_ADDON_PATH . '/views/' . CONTROLLER . '/' . $tpl)) {
// try to find template in addon views
$view->assign('content_tpl', 'addons/' . LOADED_ADDON_PATH . '/views/' . CONTROLLER . '/' . $tpl);
} elseif (!empty($addons)) {
// try to find template in addon views that extend base views
foreach ($addons as $addon => $_v) {
if ($view->template_exists('addons/' . $addon . '/views/' . CONTROLLER . '/' . $tpl)) {
$view->assign('content_tpl', 'addons/' . $addon . '/views/' . CONTROLLER . '/' . $tpl);
break;
}
}
}
foreach ($controllers_cascade as $item) {
$_res = fn_run_controller($item);
// 0 - status, 1 - url
$external = !empty($_res[2]) ? $_res[2] : false;
$url = !empty($_res[1]) ? $_res[1] : '';
// Status could be changed only if we allow to run controllers despite of init controller
if ($run_controllers == true) {
$status = !empty($_res[0]) ? $_res[0] : CONTROLLER_STATUS_OK;
}
if ($status == CONTROLLER_STATUS_OK && !empty($url)) {
$redirect_url = $url;
} elseif ($status == CONTROLLER_STATUS_REDIRECT && !empty($url)) {
$redirect_url = $url;
break;
} elseif ($status == CONTROLLER_STATUS_DENIED || $status == CONTROLLER_STATUS_NO_PAGE) {
break;
}
}
if (AREA == 'A') {
fn_init_view_tools($_REQUEST);
}
// In console mode, just stop here
if (defined('CONSOLE')) {
exit;
}
// Redirect if controller returned successful/redirect status only
if (in_array($status, array(CONTROLLER_STATUS_OK, CONTROLLER_STATUS_REDIRECT)) && !empty($_REQUEST['redirect_url']) && !$external) {
$redirect_url = $_REQUEST['redirect_url'];
}
// If controller returns "Redirect" status, check if redirect url exists
if ($status == CONTROLLER_STATUS_REDIRECT && empty($redirect_url)) {
$status = CONTROLLER_STATUS_NO_PAGE;
}
// Attach params and redirect if needed
if (in_array($status, array(CONTROLLER_STATUS_OK, CONTROLLER_STATUS_REDIRECT)) && !empty($redirect_url)) {
$params = array('page', 'selected_section');
$url_params = array();
foreach ($params as $param) {
if (!empty($_REQUEST[$param])) {
$url_params[] = "{$param}=" . $_REQUEST[$param];
}
}
if (!empty($url_params)) {
$redirect_url .= (strpos($redirect_url, '?') === false ? '?' : '&') . implode('&', $url_params);
}
if (!isset($external)) {
$external = false;
}
fn_redirect($redirect_url, false, $external);
}
if (!$view->get_var('content_tpl') && $status == CONTROLLER_STATUS_OK) {
// FIXME
$status = CONTROLLER_STATUS_NO_PAGE;
}
if ($status != CONTROLLER_STATUS_OK) {
if ($status == CONTROLLER_STATUS_NO_PAGE) {
header(' ', true, 404);
}
$view->assign('exception_status', $status);
$view->assign('content_tpl', 'exception.tpl');
if ($status == CONTROLLER_STATUS_DENIED) {
$view->assign('page_title', fn_get_lang_var('access_denied'));
} elseif ($status == CONTROLLER_STATUS_NO_PAGE) {
$view->assign('page_title', fn_get_lang_var('page_not_found'));
}
if (AREA != 'A') {
Registry::set('root_template', 'exception.tpl');
}
}
Profiler::checkpoint('Before TPL');
Registry::get('view')->display(Registry::get('root_template'));
Profiler::checkpoint('After TPL');
Profiler::display();
fn_set_hook('complete');
exit;
// stop execution
}