<?php
include 'tiosafe_config.php';
$customers_id = "";
if (postNotEmpty('person_id')) {
$customers_id = $_POST['person_id'];
}
$req_select = "SELECT address_book_id AS id, ";
$req_select .= "entry_street_address AS street, ";
$req_select .= "entry_postcode AS zip, ";
$req_select .= "entry_city AS city, ";
$req_select .= "cnt.countries_name AS country ";
$req_select .= "FROM " . TABLE_ADDRESS_BOOK . " adr ";
$req_select .= "LEFT OUTER JOIN " . TABLE_COUNTRIES . " cnt ";
$req_select .= "ON adr.entry_country_id = cnt.countries_id ";
if (!empty($customers_id)) {
$req_select .= "WHERE adr.customers_id = " . $customers_id . " ";
}
$req_select .= "ORDER BY address_book_id ASC";
//header('Content-type: text/xml');
//echo executeSQL($req_select, $db);
$db->close();
?>
<?php
/**
* Returns the ID of the last inserted element in a table
* We don't use this WSR because the way the ID is retrieved is not efficient
* and we manage to retrieve directly the after the insertion of the element
* @see createPerson.php
* @see createProduct.php
*/
include_once 'database.php';
include_once 'functions.php';
include_once '../includes/configure.php';
include_once '../includes/database_tables.php';
include_once '../includes/functions/database.php';
if (!postNotEmpty('type')) {
die('Type not given');
}
tep_db_connect() or die('Unable to connect to database');
$type = $_POST['type'];
$query = "";
switch ($type) {
case 'Person':
$query = 'select max(customers_id) as id from ' . TABLE_CUSTOMERS;
break;
case 'Product':
$query = 'select max(products_id) as id from ' . TABLE_PRODUCTS;
break;
default:
die('Unknown type');
}
$xml = executeSQL($query);
<?php
include 'tiosafe_config.php';
if (postNotEmpty('address_id')) {
$address_id = zen_db_prepare_input($_POST['address_id']);
$query = 'DELETE FROM ' . TABLE_ADDRESS_BOOK . ' WHERE address_book_id = ' . $address_id;
echo executeSQL($query, $db);
} else {
echo '\\nInvalid query: the parameter address_id is required!';
}
$db->close();
<?php
include 'tiosafe_config.php';
if (postNotEmpty('product_id')) {
$products_id = $_POST['product_id'];
//$products_id = 181;
/*
$query = 'DELETE FROM ' . TABLE_PRODUCTS . ' WHERE products_id = ' . $products_id;
zen_db_query($query);
$query = 'DELETE FROM ' . TABLE_PRODUCTS_DESCRIPTION . ' WHERE products_id = ' . $products_id;
zen_db_query($query); */
zen_remove_product($products_id);
} else {
echo '\\nInvalid query: The parameter product_id is required!';
}
$db->close();
<?php
include 'tiosafe_config.php';
$order_id = "";
if (postNotEmpty('person_id')) {
$order_id = $_POST['person_id'];
} elseif (postNotEmpty('personnode_id')) {
$order_id = $_POST['personnode_id'];
}
$req_select = "SELECT ordr.orders_id AS id, ";
$req_select .= "delivery_name AS title, ";
$req_select .= "entry_firstname AS firstname, ";
$req_select .= "entry_lastname AS lastname, ";
$req_select .= "cst.customers_email_address AS email, ";
$req_select .= "delivery_company AS company, ";
$req_select .= "delivery_street_address AS street, ";
$req_select .= "delivery_postcode AS zip, ";
$req_select .= "delivery_city AS city, ";
$req_select .= "delivery_country AS country, ";
$req_select .= "'type/person' AS category ";
$req_select .= "FROM " . TABLE_ORDERS . " ordr ";
$req_select .= "RIGHT OUTER JOIN " . TABLE_CUSTOMERS . " cst ON ordr.customers_id=cst.customers_id ";
$req_select .= "LEFT OUTER JOIN " . TABLE_ADDRESS_BOOK . " adr ON \n (ordr.customers_id=adr.customers_id \n AND CONCAT(adr.entry_firstname, ' ', adr.entry_lastname)=delivery_name\n AND adr.entry_street_address=delivery_street_address) ";
//cst.customers_default_address_id=adr.address_book_id
$req_select .= "LEFT OUTER JOIN " . TABLE_ORDERS_STATUS_HISTORY . " stat ON ordr.orders_id=stat.orders_id ";
$req_select .= "WHERE orders_status_id = '1' ";
if ($order_id != "") {
$req_select .= "AND ordr.orders_id = '" . $order_id . "' ";
}
$req_select .= "ORDER BY ordr.orders_id ASC";
header('Content-type: text/xml');
<?php
include 'tiosafe_config.php';
$customer_id = "";
if (postNotEmpty('person_id')) {
$customer_id = $_POST['person_id'];
//Prepare update list
$update_list = array('firstname', 'lastname', 'email');
$db_list = array('customers_firstname', 'customers_lastname', 'customers_email_address');
$set_update = create_update_list($update_list, $db_list);
if (postNotEmpty('birthday')) {
//$dob = tep_date_raw($_POST['birthday']);
$dob = $_POST['birthday'];
if (empty($set_update)) {
$set_update .= 'customers_dob = "' . $dob . '"';
} else {
$set_update .= ', customers_dob = "' . $dob . '"';
}
}
if (!empty($set_update)) {
$query = "UPDATE " . TABLE_CUSTOMERS . " SET {$set_update} WHERE customers_id = " . (int) $customer_id;
echo executeSQL($query, $db);
}
} else {
echo '\\nInvalid query: The parameter person_id is required!';
}
$db->close();
<?php
include 'tiosafe_config.php';
if (postNotEmpty('title')) {
$products_name = $_POST['title'];
$products_sale_price = 0;
$language_id = getDefaultLanguageID($db);
$products_date_added = date('Y/m/d h:i:s');
// Setting the products_status as '1' ie available
$sql_array = array('products_price' => $products_sale_price, 'products_status' => '1', 'products_date_added' => $products_date_added);
zen_db_perform(TABLE_PRODUCTS, $sql_array);
$products_id = zen_db_insert_id();
$sql_array = array('products_id' => $products_id, 'language_id' => $language_id, 'products_name' => zen_sanitize_string($products_name));
zen_db_perform(TABLE_PRODUCTS_DESCRIPTION, $sql_array);
} else {
echo '\\nInvalid query: The parameter title is required!';
}
$db->close();
<?php
include 'tiosafe_config.php';
if (postNotEmpty('address_id')) {
$address_id = $_POST['address_id'];
$post_update_list = array('street', 'zip', 'city');
$db_update_list = array('entry_street_address', 'entry_postcode', 'entry_city');
$set_update = create_update_list($post_update_list, $db_update_list);
//If the country is posted, get the id
if (postNotEmpty('country')) {
$countries_id = getCountryId($_POST['country'], $db);
if (empty($set_update)) {
$set_update = 'entry_country_id = ' . $countries_id;
} else {
$set_update .= ', entry_country_id = ' . $countries_id;
}
}
if (!empty($set_update) && !empty($address_id)) {
$query = "UPDATE " . TABLE_ADDRESS_BOOK . " SET {$set_update} WHERE address_book_id = " . $address_id;
echo executeSQL($query, $db);
}
} else {
echo '\\nInvalid query: the parameter address_id is required!';
}
$db->close();
<?php
include_once 'functions.php';
include_once '../includes/configure.php';
include_once '../includes/database_tables.php';
include_once '../includes/functions/database.php';
if (!postNotEmpty('id')) {
die('Product Id not given');
}
$products_id = $_POST['id'];
if (postOK('category')) {
$category = explode('/', $_POST['category']);
$option = $category[0];
$value = $category[1];
$optionId = optionExists($option);
$valueId = valueExists($value);
if (!$optionId) {
$optionId = createOption($option);
}
if (!$valueId) {
$valueId = createValue($value);
}
if (!isOptionLinkedToValue($optionId, $valueId)) {
createLink($optionId, $valueId);
}
if (!isProductLinked($optionId, $valueId, $products_id)) {
createLinkToProduct($optionId, $valueId, $products_id);
}
die;
}
tep_db_connect() or die('Unable to connect to database');
<?php
include 'tiosafe_config.php';
$language_id = getDefaultLanguageID($db);
if (postNotEmpty('product_id') && postNotEmpty('base_category') && postNotEmpty('variation')) {
$products_id = $_POST['product_id'];
$product_base_category = $_POST['base_category'];
$product_variation = $_POST['variation'];
$products_options_id = $products_options_values_id = "";
//Get the option ID
$query1 = 'SELECT po.products_options_id,
po.products_options_name
FROM ' . TABLE_PRODUCTS_OPTIONS . ' AS po
WHERE po.language_id = "' . $language_id . '"
AND po.products_options_name = "' . $product_base_category . '"';
$result1 = $db->Execute($query1);
if (!$result1->EOF) {
$products_options_id = $result1->fields['products_options_id'];
}
//Get the option value id
$query2 = 'SELECT pov.products_options_values_id,
pov.products_options_values_name
FROM ' . TABLE_PRODUCTS_OPTIONS_VALUES . ' AS pov
WHERE pov.language_id = ' . $language_id . '
AND pov.products_options_values_name = "' . zen_sanitize_string($product_variation) . '"';
//echo $query2;
$result2 = $db->Execute($query2);
if (!$result2->EOF) {
$products_options_values_id = $result2->fields['products_options_values_id'];
}
//delete the attribute
<?php
include 'tiosafe_config.php';
$order_id = "";
if (postNotEmpty('sale_order_id')) {
$order_id = $_POST['sale_order_id'];
}
$req_select = "SELECT ordr.orders_id AS id, ";
$req_select .= "delivery_company AS title, ";
$req_select .= "delivery_street_address AS street, ";
$req_select .= "delivery_postcode AS zip, ";
$req_select .= "delivery_city AS city, ";
$req_select .= "delivery_country AS country, ";
$req_select .= "customers_telephone AS phone, ";
$req_select .= "customers_email_address AS email, ";
$req_select .= "'type/organisation' AS category ";
$req_select .= "FROM " . TABLE_ORDERS . " ordr ";
$req_select .= "LEFT JOIN " . TABLE_ORDERS_STATUS_HISTORY . " stat ON ordr.orders_id=stat.orders_id ";
$req_select .= "WHERE orders_status_id = '1' AND delivery_company is not NULL and delivery_company != ''";
//AND (customers_company != billing_company AND customers_street_address != billing_street_address )
if ($order_id != "") {
$req_select .= "AND ordr.orders_id = '" . $order_id . "' ";
}
$req_select .= "ORDER BY ordr.orders_id ASC";
header('Content-type: text/xml');
echo executeSQL($req_select, $db);
$db->close();
?>
<?php
include 'tiosafe_config.php';
$organisation_id = $title = $email = "";
if (postNotEmpty('organisation_id')) {
$organisation_id = $_POST['organisation_id'];
}
if (postNotEmpty('title')) {
$title = $_POST['title'];
}
if (postNotEmpty('email')) {
$email = $_POST['email'];
}
$req_select = "SELECT address_book_id AS id, ";
$req_select .= "entry_company AS title, ";
//$req_select .= "entry_firstname AS firstname, ";
//$req_select .= "entry_lastname AS lastname, ";
$req_select .= "entry_street_address AS street, ";
$req_select .= "entry_postcode AS zip, ";
$req_select .= "entry_city AS city, ";
$req_select .= "countries_name AS country, ";
$req_select .= "customers_email_address AS email, ";
$req_select .= "'type/organisation' AS category ";
$req_select .= "FROM " . TABLE_ADDRESS_BOOK . " adr ";
$req_select .= "LEFT JOIN " . TABLE_COUNTRIES . " cnt ";
$req_select .= "ON adr.entry_country_id = cnt.countries_id ";
$req_select .= "LEFT JOIN " . TABLE_CUSTOMERS . " cst ";
$req_select .= "ON (adr.address_book_id = cst.customers_default_address_id OR \n adr.customers_id=cst.customers_id ) ";
$req_select .= "WHERE entry_company is not NULL and entry_company != '' ";
if (!empty($organisation_id)) {
$req_select .= "AND address_book_id='" . $organisation_id . "' ";
<?php
include 'functions.php';
include '../includes/configure.php';
include '../includes/functions/database.php';
include '../includes/database_tables.php';
include '../includes/functions/general.php';
tep_db_connect() or die('Unable to connect to database');
$post_update_list = array('customers_id', 'start_date', 'stop_date', 'currency');
$db_update_list = array('customers_id', 'date_purchased', 'orders_date_finished', 'currency');
$set_update_list = create_update_list($post_update_list, $db_update_list);
if (!empty($set_update_list)) {
$orders_id = $_POST['id'];
$query = "update " . TABLE_ORDERS . " set {$set_update_list} where orders_id = " . $orders_id;
tep_db_query($query);
// Updating the currency value
if (postNotEmpty('currency')) {
$currency_value = getCurrencyValue($_POST['currency']);
$query = 'update ' . TABLE_ORDERS . ' set currency_value = "' . $currency_value . '"';
tep_db_query($query);
}
}