function product_details()
{
if (!$_GET["id"]) {
return is_redirect("./?object=shop");
}
// Get products from database
if (is_numeric($_GET["id"])) {
$add_sql = "id= '" . intval($_GET["id"]);
} else {
$add_sql = "url='" . _es($_GET['id']);
}
$sql = "SELECT * FROM " . db('shop_products') . " WHERE active='1' AND " . $add_sql . "'";
$product_info = db()->query_fetch($sql);
// Required for comments
module("shop")->_comments_params["object_id"] = $product_info["id"];
module("shop")->_comments_params["objects_ids"] = $product_info["id"];
$N = module("shop")->_get_num_comments();
$N = $N[$product_info["id"]];
if ($N == "") {
$N = 0;
}
$dirs = sprintf("%06s", $product_info["id"]);
$dir2 = substr($dirs, -3, 3);
$dir1 = substr($dirs, -6, 3);
$mpath = $dir1 . "/" . $dir2 . "/";
$group_prices = module("shop")->_get_group_prices($product_info["id"]);
$product_info["_group_price"] = $group_prices[module("shop")->USER_GROUP];
module("shop")->_product_info = $product_info;
$atts = module("shop")->_products_get_attributes($product_info["id"]);
$thumb_path = $product_info["url"] . "_" . $product_info["id"] . "_" . $product_info["image"] . module("shop")->THUMB_SUFFIX . ".jpg";
$img_path = $product_info["url"] . "_" . $product_info["id"] . "_" . $product_info["image"] . module("shop")->FULL_IMG_SUFFIX . ".jpg";
if ($product_info["image"] == 0) {
$image = "";
} else {
$image_files = _class('dir')->scan_dir(module("shop")->products_img_dir . $mpath, true, "/" . $product_info["url"] . "_" . $product_info["id"] . ".+?_small\\.jpg" . "/");
$reg = "/" . $product_info["url"] . "_" . $product_info["id"] . "_(?P<content>[\\d]+)_small\\.jpg/";
foreach ((array) $image_files as $filepath) {
preg_match($reg, $filepath, $rezult);
$i = $rezult["content"];
if ($i != $product_info["image"]) {
$thumb_temp = module("shop")->products_img_webdir . $mpath . $product_info["url"] . "_" . $product_info["id"] . "_" . $i . module("shop")->THUMB_SUFFIX . ".jpg";
$img_temp = module("shop")->products_img_webdir . $mpath . $product_info["url"] . "_" . $product_info["id"] . "_" . $i . module("shop")->FULL_IMG_SUFFIX . ".jpg";
$replace2 = ["thumb_path" => $thumb_temp, "img_path" => $img_temp, "name" => $product_info["url"]];
$image .= tpl()->parse("shop/image_items", $replace2);
}
}
}
$URL_PRODUCT_ID = module("shop")->_product_id_url($product_info);
$sql_man = "SELECT * FROM " . db('shop_manufacturers') . " WHERE id = " . $product_info["manufacturer_id"];
$manufacturer = db()->query_fetch($sql_man);
if (module("shop")->SHOW_products_similar_by_price == true) {
$products_similar_by_price = module("shop")->products_similar_by_price($product_info["price"], $product_info["id"]);
}
if (module("shop")->products_similar_by_basket == true) {
$products_similar_by_basket = module("shop")->products_similar_by_basket($product_info["id"]);
}
$replace = ["name" => _prepare_html($product_info["name"]), "model" => _prepare_html($product_info["model"]), "desc" => $product_info["description"], "manufacturer" => _prepare_html(module("shop")->_manufacturer[$product_info["manufacturer_id"]]["name"]), "url_manufacturer" => process_url("./?object=shop&action=products_show&id=" . module("shop")->_manufacturer[$product_info["manufacturer_id"]]["url"]), "date" => _format_date($product_info["add_date"], "long"), "price" => module("shop")->_format_price(module("shop")->_product_get_price($product_info)), "currency" => _prepare_html(module("shop")->CURRENCY), "thumb_path" => file_exists(module("shop")->products_img_dir . $mpath . $img_path) ? module("shop")->products_img_webdir . $mpath . $img_path : "", "img_path" => file_exists(module("shop")->products_img_dir . $mpath . $img_path) ? module("shop")->products_img_webdir . $mpath . $img_path : "", "image" => $image, "basket_add_url" => $product_info["external_url"] ? $product_info["external_url"] : process_url("./?object=shop&action=basket_add&id=" . $URL_PRODUCT_ID), "external_url" => intval((bool) $product_info["external_url"]), "back_url" => process_url("./?object=shop"), "show_basket_url" => process_url("./?object=shop&action=basket"), "dynamic_atts" => module("shop")->_get_select_attributes($atts), "cats_block" => module("shop")->_categories_show(), "cat_name" => _prepare_html(module("shop")->_shop_cats[$product_info["cat_id"]]), "cat_url" => process_url("./?object=shop&action=product_details&id=" . module("shop")->_shop_cats_all[$product_info["cat_id"]]['url']), 'comments' => module("shop")->_view_comments(), "N" => $N, "products_similar_by_price" => $products_similar_by_price, "products_similar_by_basket" => $products_similar_by_basket, "product_related" => module("shop")->products_related($product_info["id"])];
db()->query("UPDATE " . db('shop_products') . " SET viewed = viewed+1 , last_viewed_date = " . time() . " WHERE " . $add_sql . "'");
return tpl()->parse("shop/details", $replace);
}
function products_similar_by_price($price, $id)
{
$price_min = floor($price - $price * 10 / 100);
$price_max = ceil($price + $price * 10 / 100);
$sql1 = "SELECT category_id FROM " . db('shop_product_to_category') . " WHERE product_id = " . $id . "";
$cat_id = db()->query($sql1);
while ($A = db()->fetch_assoc($cat_id)) {
$cats_id .= $A["category_id"] . ",";
}
$cats_id = rtrim($cats_id, ",");
$sql2 = "SELECT product_id FROM " . db('shop_product_to_category') . " WHERE category_id IN ( " . $cats_id . ")";
$prod = db()->query($sql2);
while ($A = db()->fetch_assoc($prod)) {
$prods .= $A["product_id"] . ",";
}
$prods = rtrim($prods, ",");
$sql = "SELECT * FROM " . db('shop_products') . " WHERE price > " . $price_min . " AND price < " . $price_max . " AND id != " . $id . " AND id IN(" . $prods . ")";
$product = db()->query_fetch_all($sql);
foreach ((array) $product as $k => $product_info) {
$thumb_path = $product_info["url"] . "_" . $product_info["id"] . "_1" . module("shop")->THUMB_SUFFIX . ".jpg";
$URL_PRODUCT_ID = module("shop")->_product_id_url($product_info);
$items[$product_info["id"]] = ["name" => _prepare_html($product_info["name"]), "price" => module("shop")->_format_price(module("shop")->_product_get_price($product_info)), "currency" => _prepare_html(module("shop")->CURRENCY), "image" => file_exists(module("shop")->products_img_dir . $thumb_path) ? module("shop")->products_img_webdir . $thumb_path : "", "link" => $product_info["external_url"] ? $product_info["external_url"] : process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "special" => ""];
}
$replace = ["items" => $items, "title" => "Similar price"];
return tpl()->parse("shop/products_similar_by_price", $replace);
}
/**
* Order step
*/
function _order_step_start($FORCE_DISPLAY_FORM = false)
{
module('shop')->_basket_save();
$basket_contents = module('shop')->_basket_api()->get_all();
$products_ids = [];
foreach ((array) $basket_contents as $_item_id => $_info) {
if ($_info["product_id"]) {
$products_ids[$_info["product_id"]] = $_info["product_id"];
}
}
if (!empty($products_ids)) {
$products_infos = db()->query_fetch_all("SELECT * FROM " . db('shop_products') . " WHERE id IN(" . implode(",", $products_ids) . ") AND active='1'");
$products_atts = module('shop')->_products_get_attributes($products_ids);
$group_prices = module('shop')->_get_group_prices($products_ids);
}
$total_price = 0;
foreach ((array) $products_infos as $_info) {
$_product_id = $_info["id"];
$_info["_group_price"] = $group_prices[$_product_id][module('shop')->USER_GROUP];
$quantity = $basket_contents[$_info["id"]]["quantity"];
$price = module('shop')->_product_get_price($_info);
$dynamic_atts = [];
foreach ((array) $products_atts[$_product_id] as $_attr_id => $_attr_info) {
if ($basket_contents[$_product_id]["atts"][$_attr_info["name"]] == $_attr_info["value"]) {
$dynamic_atts[$_attr_id] = "- " . $_attr_info["name"] . " " . $_attr_info["value"];
$price += $_attr_info["price"];
}
}
$URL_PRODUCT_ID = module('shop')->_product_id_url($_info);
$products[$_info["id"]] = ["name" => _prepare_html($_info["name"]), "price" => module('shop')->_format_price($price), "currency" => _prepare_html(module('shop')->CURRENCY), "quantity" => intval($quantity), "details_link" => process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "dynamic_atts" => !empty($dynamic_atts) ? implode("\n<br />", $dynamic_atts) : "", "cat_name" => _prepare_html(module('shop')->_shop_cats[$_info["cat_id"]]), "cat_url" => process_url("./?object=shop&action=products_show&id=" . module('shop')->_shop_cats_all[$_info["cat_id"]]['url'])];
$total_price += $price * $quantity;
}
$replace = ["products" => $products, "total_price" => module('shop')->_format_price($total_price), "currency" => _prepare_html(module('shop')->CURRENCY), "back_link" => "./?object=shop&action=basket", "next_link" => "./?object=shop&action=order&id=delivery", "cats_block" => module('shop')->_categories_show()];
return tpl()->parse("shop/order_start", $replace);
}
function products_similar_by_basket($id)
{
$sql_order_id = "SELECT order_id FROM " . db('shop_order_items') . " WHERE product_id = " . $id;
$orders = db()->query($sql_order_id);
while ($A = db()->fetch_assoc($orders)) {
$order_id .= $A["order_id"] . ",";
}
$order_id = rtrim($order_id, ",");
if (!empty($order_id)) {
$sql_product_id = "SELECT product_id FROM " . db('shop_order_items') . " WHERE order_id IN ( " . $order_id . ") AND product_id != " . $id;
$products = db()->query($sql_product_id);
while ($A = db()->fetch_assoc($products)) {
$product_id .= $A["product_id"] . ",";
}
$product_id = rtrim($product_id, ",");
}
if (!empty($product_id)) {
$sql = "SELECT * FROM " . db('shop_products') . " WHERE id in ( " . $product_id . ")";
$product = db()->query_fetch_all($sql);
foreach ((array) $product as $k => $product_info) {
$thumb_path = $product_info["url"] . "_" . $product_info["id"] . "_1" . module("shop")->THUMB_SUFFIX . ".jpg";
$URL_PRODUCT_ID = module("shop")->_product_id_url($product_info);
$items[$product_info["id"]] = ["name" => _prepare_html($product_info["name"]), "price" => module("shop")->_format_price(module("shop")->_product_get_price($product_info)), "currency" => _prepare_html(module("shop")->CURRENCY), "image" => file_exists(module("shop")->products_img_dir . $thumb_path) ? module("shop")->products_img_webdir . $thumb_path : "", "link" => $product_info["external_url"] ? $product_info["external_url"] : process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "special" => ""];
}
}
$replace = ["items" => $items, "title" => "Those who purchased this product also buy"];
return tpl()->parse("shop/products_similar_by_price", $replace);
}
function _manufacturer_show()
{
// Prepare manufacturer
$replace = ["brand" => module("shop")->_manufacturer, "manufacturer_box" => common()->select_box("manufacturer", module("shop")->_man_for_select, $_SESSION['man_id'], false, 2), "url_manufacturer" => process_url("./?object=shop&action=products_show")];
unset($_SESSION["man_id"]);
return tpl()->parse("shop/manufacturer", $replace);
}
/**
* Order step
*/
function _order_step_finish($FORCE_DISPLAY_FORM = false)
{
module('shop')->_basket_api()->clean();
if (isset($_GET["page"])) {
$_GET["id"] = intval($_GET["page"]);
unset($_GET["page"]);
}
$_GET["id"] = intval($_GET["id"]);
if ($_GET["id"]) {
$order_info = db()->query_fetch("SELECT * FROM " . db('shop_orders') . " WHERE id=" . intval($_GET["id"]) . " AND user_id=" . intval(main()->USER_ID));
}
if (empty($order_info)) {
return _e("No such order");
}
$products_ids = [];
$Q = db()->query("SELECT * FROM " . db('shop_order_items') . " WHERE `order_id`=" . intval($order_info["id"]));
while ($_info = db()->fetch_assoc($Q)) {
if ($_info["product_id"]) {
$products_ids[$_info["product_id"]] = $_info["product_id"];
}
$order_items[$_info["product_id"]] = $_info;
}
if (!empty($products_ids)) {
$products_infos = db()->query_fetch_all("SELECT * FROM " . db('shop_products') . " WHERE id IN(" . implode(",", $products_ids) . ") AND active='1'");
$products_atts = module('shop')->_products_get_attributes($products_ids);
}
foreach ((array) $order_items as $_info) {
$_product_id = $_info["product_id"];
$_product = $products_infos[$_product_id];
$price = $_info["sum"];
$dynamic_atts = [];
if (strlen($_info["attributes"]) > 3) {
foreach ((array) unserialize($_info["attributes"]) as $_attr_id) {
$_attr_info = $products_atts[$_info["product_id"]][$_attr_id];
$dynamic_atts[$_attr_id] = "- " . $_attr_info["name"] . " " . $_attr_info["value"];
$price += $_attr_info["price"];
}
}
$URL_PRODUCT_ID = module('shop')->_product_id_url($_product);
$products[$_info["product_id"]] = ["name" => _prepare_html($_product["name"]), "price" => module('shop')->_format_price($price), "sum" => module('shop')->_format_price($_info["sum"]), "currency" => _prepare_html(module('shop')->CURRENCY), "quantity" => intval($_info["quantity"]), "details_link" => process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "dynamic_atts" => !empty($dynamic_atts) ? implode("\n<br />", $dynamic_atts) : "", "cat_name" => _prepare_html(module('shop')->_shop_cats[$_product["cat_id"]]), "cat_url" => process_url("./?object=shop&action=products_show&id=" . module('shop')->_shop_cats_all[$_product["cat_id"]]['url'])];
$total_price += $price * $quantity;
}
$total_price = $order_info["total_sum"];
if (main()->USER_ID) {
$order_info = my_array_merge(module('shop')->_user_info, $order_info);
} else {
$order_info["email"] = $order_info["email"];
$order_info["phone"] = $order_info["phone"];
}
$order_info = my_array_merge(module('shop')->COMPANY_INFO, $order_info);
$replace2 = my_array_merge($order_info, ["id" => $_GET["id"], "products" => $products, "ship_cost" => module('shop')->_format_price(0), "total_cost" => module('shop')->_format_price($total_price), "password" => ""]);
// Prepare email template
$message = tpl()->parse("shop/invoice_email", $replace2);
common()->quick_send_mail($order_info["email"], "invoice #" . $_GET["id"], $message);
$replace = my_array_merge($replace2, ["error_message" => _e(), "products" => $products, "ship_price" => module('shop')->_format_price(module('shop')->_ship_types_names[$order_info["ship_type"]]), "total_price" => module('shop')->_format_price($total_price), "order_no" => str_pad($order_info["id"], 8, "0", STR_PAD_LEFT), "hash" => _prepare_html($order_info["hash"]), "back_link" => "./?object=shop&action=show", "cats_block" => module('shop')->_categories_show()]);
return tpl()->parse("shop/order_finish", $replace);
}
function _products_last_viewed()
{
$sql_prod_id = "SELECT * FROM " . db('shop_products') . " ORDER BY last_viewed_date DESC LIMIT 5";
$item_prod_id = db()->query_fetch_all($sql_prod_id);
$items = [];
foreach ((array) $item_prod_id as $k => $product_info) {
$thumb_path = $product_info["url"] . "_" . $product_info["id"] . "_1" . module("shop")->THUMB_SUFFIX . ".jpg";
$URL_PRODUCT_ID = module("shop")->_product_id_url($product_info);
$items[$product_info["id"]] = ["name" => _prepare_html($product_info["name"]), "price" => module("shop")->_format_price(module("shop")->_product_get_price($product_info)), "currency" => _prepare_html(module("shop")->CURRENCY), "image" => file_exists(module("shop")->products_img_dir . $thumb_path) ? module("shop")->products_img_webdir . $thumb_path : "", "link" => $product_info["external_url"] ? $product_info["external_url"] : process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "special" => ""];
}
return tpl()->parse("shop/last_viewed", ["items" => $items]);
}
function _show_shop_best_sales()
{
$sql_prod_id = "SELECT product_id, COUNT(quantity) FROM " . db('shop_order_items') . " GROUP BY product_id ORDER BY COUNT(quantity) DESC LIMIT 0,5";
$item_prod_id = db()->query_fetch_all($sql_prod_id);
$items = [];
foreach ((array) $item_prod_id as $k => $v) {
$sql = "SELECT * FROM " . db('shop_products') . " WHERE active='1' AND id = " . $v["product_id"];
$product_info = db()->query_fetch($sql);
$thumb_path = $product_info["url"] . "_" . $product_info["id"] . "_1" . module("shop")->THUMB_SUFFIX . ".jpg";
$URL_PRODUCT_ID = module("shop")->_product_id_url($product_info);
$items[$product_info["id"]] = ["name" => _prepare_html($product_info["name"]), "price" => module("shop")->_format_price(module("shop")->_product_get_price($product_info)), "currency" => _prepare_html(module("shop")->CURRENCY), "image" => file_exists(module("shop")->products_img_dir . $thumb_path) ? module("shop")->products_img_webdir . $thumb_path : "", "link" => $product_info["external_url"] ? $product_info["external_url"] : process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "special" => ""];
}
return tpl()->parse("shop/best_sales", ["items" => $items]);
}
function _categories_show()
{
$shop_cats = [];
foreach ((array) module("shop")->_shop_cats_for_select as $_cat_id => $_cat_name) {
if (!$_cat_name) {
continue;
}
$shop_cats[_prepare_html($_cat_name)] = process_url("./?object=shop&action=show&id=" . module("shop")->_shop_cats_all[$_cat_id]['url']);
}
if (empty($shop_cats)) {
$shop_cats = "";
}
return tpl()->parse("shop/cats_block", ["shop_cats" => $shop_cats]);
}
/**
* Edit user var
*/
function user_var_edit()
{
$_GET['id'] = intval($_GET['id']);
$A = db()->query_fetch('SELECT * FROM ' . db('locale_user_tr') . ' WHERE id=' . intval($_GET['id']));
if (!$A) {
return _e('No id');
}
if (main()->is_post()) {
db()->UPDATE('locale_user_tr', ['name' => _es($_POST['name']), 'translation' => _es($_POST['translation']), 'last_update' => time()], 'id=' . intval($_GET['id']));
return js_redirect('./?object=' . $_GET['object'] . '&action=user_vars');
}
$DATA = my_array_merge($A, $_POST);
$replace = ['form_action' => './?object=' . $_GET['object'] . '&action=' . $_GET['action'] . ($_GET['id'] ? '&id=' . $_GET['id'] : ''), 'back_url' => process_url('./?object=' . $_GET['object'] . '&action=user_vars'), 'error' => _e(), 'for_edit' => 1, 'id' => _prepare_html($DATA['id']), 'user_id' => _prepare_html($DATA['user_id']), 'name' => _prepare_html($DATA['name']), 'translation' => _prepare_html($DATA['translation']), 'locale' => _prepare_html($DATA['locale']), 'site_id' => _prepare_html($DATA['site_id'])];
return tpl()->parse($_GET['object'] . '/user_vars_edit', $replace);
}
/**
* view orders
*/
function _order_view()
{
if ($_POST["order_id"]) {
$_GET["id"] = intval($_POST["order_id"]);
} else {
$_GET["id"] = intval($_GET["id"]);
}
if ($_GET["id"]) {
$order_info = db()->query_fetch("SELECT * FROM " . db('shop_orders') . " WHERE id=" . intval($_GET["id"]));
}
if (empty($order_info)) {
return _e("No such order");
}
if (!empty($_POST["status"])) {
db()->UPDATE(db('shop_orders'), ["status" => _es($_POST["status"])], "id=" . intval($_GET["id"]));
return js_redirect("./?object=shop&action=orders");
}
$products_ids = [];
$Q = db()->query("SELECT * FROM " . db('shop_order_items') . " WHERE `order_id`=" . intval($order_info["id"]));
while ($_info = db()->fetch_assoc($Q)) {
if ($_info["product_id"]) {
$products_ids[$_info["product_id"]] = $_info["product_id"];
}
$order_items[$_info["product_id"]] = $_info;
}
if (!empty($products_ids)) {
$products_infos = db()->query_fetch_all("SELECT * FROM " . db('shop_products') . " WHERE id IN(" . implode(",", $products_ids) . ") AND active='1'");
$products_atts = module('shop')->_products_get_attributes($products_ids);
}
foreach ((array) $order_items as $_info) {
$_product = $products_infos[$_info["product_id"]];
$dynamic_atts = [];
if (strlen($_info["attributes"]) > 3) {
foreach ((array) unserialize($_info["attributes"]) as $_attr_id) {
$_attr_info = $products_atts[$_info["product_id"]][$_attr_id];
$dynamic_atts[$_attr_id] = "- " . $_attr_info["name"] . " " . $_attr_info["value"];
$price += $_attr_info["price"];
}
}
$products[$_info["product_id"]] = ["name" => _prepare_html($_product["name"]), "price" => module('shop')->_format_price($_info["sum"]), "currency" => _prepare_html(module('shop')->CURRENCY), "quantity" => intval($_info["quantity"]), "details_link" => process_url("./?object=shop&action=view&id=" . $_product["id"]), "dynamic_atts" => !empty($dynamic_atts) ? implode("\n<br />", $dynamic_atts) : ""];
$total_price += $_info["price"] * $quantity;
}
$total_price = $order_info["total_sum"];
$replace = my_array_merge($replace, _prepare_html($order_info));
$replace = my_array_merge($replace, ["form_action" => "./?object=shop&action=" . $_GET["action"] . "&id=" . $_GET["id"], "order_id" => $order_info["id"], "total_sum" => module('shop')->_format_price($order_info["total_sum"]), "user_link" => _profile_link($order_info["user_id"]), "user_name" => _display_name(user($order_info["user_id"])), "error_message" => _e(), "products" => (array) $products, "total_price" => module('shop')->_format_price($total_price), "ship_type" => module('shop')->_ship_type[$order_info["ship_type"]], "pay_type" => module('shop')->_pay_types[$order_info["pay_type"]], "date" => _format_date($order_info["date"], "long"), "status_box" => module('shop')->_statuses[$order_info["status"]], "back_url" => "./?object=shop&action=orders"]);
return tpl()->parse("shop/order_view", $replace);
}
/**
* Display page contents
*/
function show()
{
$a = $this->_get_page_from_db();
if (!$a) {
return _404();
}
$this->_set_global_info($a);
// Get sub-pages (from menu)
$sub_pages = [];
$menus = main()->get_data('menus');
$cur_menu_id = 0;
// Find first user menu
if (!$cur_menu_id) {
foreach ((array) $menus as $_info) {
if ($_info['type'] == 'user' && $_info['active']) {
$cur_menu_id = $_info['id'];
break;
}
}
}
$cur_menu_item_id = 0;
if ($cur_menu_id) {
$menu_items = main()->get_data('menu_items');
foreach ((array) $menu_items[$cur_menu_id] as $item_info) {
if (!$item_info['active'] || $item_info['parent_id']) {
continue;
}
if ($item_info['location'] == 'object=' . $_GET['object'] . '&action=' . $_GET['action'] . '&id=' . $_GET['id']) {
$cur_menu_item_id = $item_info['parent_id'] ? $item_info['parent_id'] : $item_info['id'];
break;
}
}
}
if ($cur_menu_id && $cur_menu_item_id) {
foreach ((array) $menu_items[$cur_menu_id] as $item_info) {
if (!$item_info['active'] || $item_info['parent_id'] != $cur_menu_item_id) {
continue;
}
$sub_pages[$item_info['id']] = ['name' => _prepare_html($item_info['name']), 'link' => process_url('./?' . $item_info['location'])];
}
}
$content = tpl()->parse_string(stripslashes($a['text']), [], 'static_page__' . $a['id']);
// Process template
$replace = ['id' => intval($a['id']), 'name' => stripslashes($a['name']), 'content' => $content, 'page_heading' => _prepare_html(_ucfirst($a['page_heading'])), 'page_page_title' => _prepare_html(_ucfirst($a['page_title'])), 'print_link' => './?object=' . $_GET['object'] . '&action=print_view&id=' . $a['id'], 'pdf_link' => './?object=' . $_GET['object'] . '&action=pdf_view&id=' . $a['id'], 'email_link' => './?object=' . $_GET['object'] . '&action=email_page&id=' . $a['id'], 'sub_pages' => $sub_pages];
return tpl()->parse($_GET['object'] . '/main', $replace);
}
/**
* Order step
*/
function _order_step_select_payment($FORCE_DISPLAY_FORM = false)
{
// Show previous form if needed
if (common()->_error_exists() || empty($_POST)) {
return module('shop')->_order_step_delivery();
}
if (module('shop')->FORCE_PAY_METHOD) {
$_POST["pay_type"] = module('shop')->FORCE_PAY_METHOD;
$FORCE_DISPLAY_FORM = false;
}
if (main()->is_post() && !$FORCE_DISPLAY_FORM) {
module('shop')->_order_validate_select_payment();
// Verify products
if (!common()->_error_exists()) {
$ORDER_ID = module('shop')->_order_create();
$ORDER_ID = intval($ORDER_ID);
}
// Order id is required to continue, check it again
if (empty($ORDER_ID) && !common()->_error_exists()) {
_re("SHOP: Error while creating `order`, please <a href='" . process_url("./?object=support") . "'>contact</a> site admin");
}
// Display next form if we have no errors
if (!common()->_error_exists()) {
module('shop')->_CUR_ORDER_ID = $ORDER_ID;
return module('shop')->_order_step_do_payment(true);
}
}
$DATA = $_POST;
if (!isset($DATA["pay_type"])) {
$DATA["pay_type"] = key(module('shop')->_pay_types);
}
$hidden_fields = "";
$hidden_fields .= module('shop')->_hidden_field("ship_type", $_POST["ship_type"]);
foreach ((array) module('shop')->_b_fields as $_field) {
$hidden_fields .= module('shop')->_hidden_field($_field, $_POST[$_field]);
}
/* foreach ((array)module('shop')->_s_fields as $_field) {
$hidden_fields .= module('shop')->_hidden_field($_field, $_POST[$_field]);
} */
$hidden_fields .= module('shop')->_hidden_field('card_num', $_POST['card_num']);
$hidden_fields .= module('shop')->_hidden_field('exp_date', $_POST['exp_date']);
$replace = ["form_action" => "./?object=shop&action=" . $_GET["action"] . "&id=" . $SELF_METHOD_ID, "error_message" => _e(), "pay_type_box" => module('shop')->_box("pay_type", $DATA["pay_type"]), "hidden_fields" => $hidden_fields, "back_link" => "./?object=shop&action=order&id=delivery", "cats_block" => module('shop')->_categories_show()];
return tpl()->parse("shop/order_select_payment", $replace);
}
/**
*/
function search_fast($str_search)
{
$str_search2 = implode(" ", $str_search);
$str_search = implode("%", $str_search);
$sql = "SELECT id FROM " . db('shop_products') . " WHERE name LIKE ";
$_sql = "";
$_sql = $sql . "'%" . $str_search . "%'";
$Q = db()->query($_sql);
$product_ids = "";
while ($product_id = db()->fetch_assoc($Q)) {
$product_ids .= $product_id["id"] . ",";
}
$product_ids = rtrim($product_ids, ",");
if ($product_ids == "") {
$replace = ["str_search" => $str_search2, "form_action" => process_url("./?object=shop&action=search&id=fast")];
return tpl()->parse("shop/no_search_results", $replace);
} else {
$replace = module('shop')->products_show($product_ids, $str_search2);
}
return $replace;
}
/**
* Display basket contents (save changes also here)
*/
function basket($params = [])
{
$STPL_NAME = $params["STPL"] ? $params["STPL"] : "shop/basket";
$basket_contents = module('shop')->_basket_api()->get_all();
// Save basket contents
if (!empty($_POST["quantity"]) && !module('shop')->_basket_is_processed) {
module('shop')->_basket_save();
return js_redirect("./?object=shop&action=" . $_GET["action"]);
}
// Get products from db
$products_ids = [];
foreach ((array) $basket_contents as $_item_id => $_info) {
if ($_info["product_id"]) {
$products_ids[$_info["product_id"]] = $_info["product_id"];
}
}
if (!empty($products_ids)) {
$products_infos = db()->query_fetch_all("SELECT * FROM " . db('shop_products') . " WHERE active='1' AND id IN(" . implode(",", $products_ids) . ")");
$products_atts = module('shop')->_products_get_attributes($products_ids);
$group_prices = module('shop')->_get_group_prices($products_ids);
}
$total_price = 0;
foreach ((array) $products_infos as $_info) {
$_product_id = $_info["id"];
$_info["_group_price"] = $group_prices[$_product_id][module('shop')->USER_GROUP];
$quantity = $basket_contents[$_info["id"]]["quantity"];
$price = module('shop')->_product_get_price($_info);
$dynamic_atts = [];
foreach ((array) $products_atts[$_product_id] as $_attr_id => $_attr_info) {
if ($basket_contents[$_product_id]["atts"][$_attr_info["name"]] == $_attr_info["value"]) {
$dynamic_atts[$_attr_id] = "- " . $_attr_info["name"] . " " . $_attr_info["value"];
$price += $_attr_info["price"];
}
}
$URL_PRODUCT_ID = module('shop')->_product_id_url($_info);
$products[$_info["id"]] = ["name" => _prepare_html($_info["name"]), "price" => module('shop')->_format_price($price), "currency" => _prepare_html(module('shop')->CURRENCY), "quantity" => intval($quantity), "delete_link" => "./?object=shop&action=basket_clean&id=" . $URL_PRODUCT_ID, "details_link" => process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "dynamic_atts" => !empty($dynamic_atts) ? implode("\n<br />", $dynamic_atts) : "", "cat_name" => _prepare_html(module('shop')->_shop_cats[$_info["cat_id"]]), "cat_url" => process_url("./?object=shop&action=products_show&id=" . module('shop')->_shop_cats_all[$_info["cat_id"]]['url'])];
$total_price += $price * $quantity;
}
return tpl()->parse($STPL_NAME, ["form_action" => "./?object=shop&action=" . $_GET["action"], "products" => $products, "total_price" => module('shop')->_format_price($total_price), "currency" => _prepare_html(module('shop')->CURRENCY), "clean_all_link" => "./?object=shop&action=basket_clean", "order_link" => "./?object=shop&action=order", "back_link" => js_redirect($_SERVER["HTTP_REFERER"], false), "cats_block" => module('shop')->_categories_show()]);
}
function check()
{
main()->NO_GRAPHICS = true;
$out = [];
$online_class = _class('online_users', 'classes/');
$online_class->process();
// user part
$R = db()->get_all("SELECT `id`,`notification_id` FROM `" . db('notifications_receivers') . "` WHERE `receiver_id`='" . $online_class->online_user_id . "' AND `receiver_type`='" . $online_class->online_user_type . "' AND `is_read`=0");
$notifications_ids = [];
foreach ((array) $R as $A) {
$notifications_ids[$A['id']] = $A['notification_id'];
}
if (count($notifications_ids) != 0) {
$notifications = db()->get_all("SELECT `id`,`title`,`content`,`add_date` FROM `" . db('notifications') . "` WHERE `id` IN (" . implode(",", $notifications_ids) . ")");
$add_info = db()->get_all("SELECT `id`,`text`,`url` FROM `" . db('notifications_receivers_add_info') . "` WHERE `id` IN (" . implode(",", array_keys($notifications_ids)) . ")");
foreach ($notifications_ids as $k => $v) {
$out[$k] = ['id' => $k, 'title' => $notifications[$v]['title'], 'content' => $notifications[$v]['content'], 'add_date' => $notifications[$v]['add_date'], 'text' => $add_info[$k]['text'], 'url' => $add_info[$k]['url'] != '' ? process_url($add_info[$k]['url'] . "¬ification_id=" . $k) : ''];
}
}
echo json_encode($out);
exit;
}
/**
*/
function view_order()
{
$_GET['id'] = intval($_GET['id']);
if ($_GET['id']) {
if ($this->SUPPLIER_ID) {
$sql = 'SELECT o.* FROM ' . db('shop_orders') . ' AS o
INNER JOIN ' . db('shop_order_items') . ' AS i ON i.order_id = o.id
INNER JOIN ' . db('shop_products') . ' AS p ON i.product_id = p.id
INNER JOIN ' . db('shop_admin_to_supplier') . ' AS m ON m.supplier_id = p.supplier_id
WHERE
o.id=' . intval($_GET['id']) . '
AND m.admin_id=' . intval(main()->ADMIN_ID) . '
GROUP BY o.id';
} else {
$sql = 'SELECT * FROM ' . db('shop_orders') . ' WHERE id=' . intval($_GET['id']);
}
$order_info = db()->query_fetch($sql);
}
if (empty($order_info)) {
return _e('No such order');
}
$recount_price = false;
$_class_price = _class('_shop_price', 'modules/shop/');
$_class_units = _class('_shop_product_units', 'modules/shop/');
$_class_basket = _class('shop_basket', 'modules/shop/');
if (main()->is_post()) {
module('manage_shop')->_product_check_first_revision('order', intval($_GET['id']));
$order_id = (int) $_GET['id'];
foreach ($_POST as $k => $v) {
if ($k == 'status_item') {
foreach ($v as $k1 => $status) {
list($product_id, $param_id) = explode('_', $k1);
db()->UPDATE(db('shop_order_items'), ['status' => $status], ' order_id=' . $_GET['id'] . ' AND product_id=' . intval($product_id) . ' AND param_id=' . intval($param_id));
}
} elseif ($k == 'delete') {
foreach ($v as $k1 => $is_del) {
list($product_id, $param_id) = explode('_', $k1);
if ($is_del == 1) {
db()->query('DELETE FROM ' . db('shop_order_items') . ' WHERE order_id=' . $_GET['id'] . ' AND product_id=' . intval($product_id) . ' AND param_id=' . intval($param_id));
}
}
$recount_price = true;
} elseif ($k == 'qty') {
foreach ($v as $k1 => $qty) {
list($product_id, $param_id) = explode('_', $k1);
if (intval($qty) == 0) {
db()->query('DELETE FROM ' . db('shop_order_items') . ' WHERE order_id=' . $_GET['id'] . ' AND product_id=' . intval($product_id) . ' AND param_id=' . intval($param_id));
} else {
db()->UPDATE(db('shop_order_items'), ['quantity' => intval($qty)], ' order_id=' . $_GET['id'] . ' AND product_id=' . intval($product_id) . ' AND param_id=' . intval($param_id));
}
$recount_price = true;
}
} elseif ($k == 'unit') {
foreach ($v as $k1 => $unit) {
$unit = (int) $unit;
list($product_id, $param_id) = explode('_', $k1);
$product_id = (int) $product_id;
$param_id = (int) $param_id;
if ($unit > 0) {
$units = $_class_units->get_by_product_ids($product_id);
if (isset($units[$product_id][$unit])) {
db()->UPDATE(db('shop_order_items'), ['unit' => $unit], ' order_id=' . $order_id . ' AND product_id=' . $product_id . ' AND param_id=' . $param_id);
$products = db_get_all('SELECT * FROM ' . db('shop_products') . ' WHERE id = ' . $product_id);
$product = $products[$product_id];
list($price) = $_class_price->markup_down($product['price'], $product_id);
$item = ['price' => $price, 'unit' => $unit, 'units' => $units[$product_id]];
$price_one = $_class_basket->_get_price_one($item);
$item = ['order_id' => $order_id, 'product_id' => $product_id, 'param_id' => $param_id];
$item_price = $item + ['price' => $price_one];
$this->_item_update_price_unit($item_price);
$recount_price = true;
}
}
}
} elseif ($k == 'price_unit') {
foreach ($v as $k1 => $price) {
list($product_id, $param_id) = explode('_', $k1);
$this->_item_update_price_unit(['price' => $price, 'order_id' => $order_id, 'product_id' => (int) $product_id, 'param_id' => (int) $param_id]);
$recount_price = true;
}
}
}
$sql = [];
foreach (['address', 'phone', 'address', 'house', 'apartment', 'floor', 'porch', 'intercom', 'delivery_price', 'status', 'region', 'discount', 'discount_add', 'delivery_type', 'delivery_id', 'delivery_location'] as $f) {
if (isset($_POST[$f])) {
$sql[$f] = $_POST[$f];
if ($f == 'delivery_price' && $_POST['delivery_price'] != $order_info['delivery_price']) {
$sql['is_manual_delivery_price'] = 1;
$order_info['is_manual_delivery_price'] = 1;
$order_info['delivery_price'] = $sql['delivery_price'];
$recount_price = true;
}
if ($f == 'discount') {
$discount = $_class_price->_number_mysql($sql['discount']);
$order_info['discount'] = $discount;
$sql['discount'] = $discount;
$recount_price = true;
}
if ($f == 'discount_add') {
$discount = $_class_price->_number_mysql($sql['discount_add']);
$order_info['discount_add'] = $discount;
$sql['discount_add'] = $discount;
}
if ($f == 'delivery_id') {
$value = (int) $sql[$f];
$value = $value > 0 ? $value : $order_info[$f];
$sql[$f] = $value;
}
if ($f == 'delivery_type') {
$value = (int) $sql[$f];
$order_info['payment'] = $value;
$sql['payment'] = $value;
}
}
}
if (count($sql) > 0) {
db()->update_safe(db('shop_orders'), $sql, 'id=' . intval($_GET['id']));
}
if ($recount_price) {
list($order_info['total_sum'], $order_info['delivery_price']) = $this->_order_recount_price($order_info['id'], $order_info);
}
module('manage_shop')->_order_add_revision('edit', intval($_GET['id']));
return js_redirect('./?object=' . main()->_get('object') . '&action=view_order&id=' . $order_info['id']);
}
$products_ids = [];
$Q = db()->query('SELECT * FROM ' . db('shop_order_items') . ' WHERE `order_id`=' . intval($order_info['id']));
while ($_info = db()->fetch_assoc($Q)) {
if ($_info['product_id']) {
$products_ids[$_info['product_id']] = $_info['product_id'];
}
$order_items[$_info['product_id'] . "_" . $_info['param_id']] = $_info;
}
if (!empty($products_ids)) {
$products_infos = db()->query_fetch_all('SELECT * FROM ' . db('shop_products') . ' WHERE id IN(' . implode(',', $products_ids) . ')');
$products_atts = module('manage_shop')->_get_products_attributes($products_ids);
}
$price_total = 0;
foreach ((array) $order_items as $_info) {
$_product = $products_infos[$_info['product_id']];
$_units = [];
if (intval($_info['type']) == 1) {
$images[0]['thumb'] = _class('_shop_products', 'modules/shop/')->_product_set_image($_info["product_id"], $_product['cat_id'], 'thumb', false);
$link = './?object=' . main()->_get('object') . '&action=product_set_edit&id=' . $_info['product_id'];
} else {
$images = _class('_shop_products', 'modules/shop/')->_product_image($_info["product_id"], false, false);
$link = './?object=' . main()->_get('object') . '&action=product_edit&id=' . $_info['product_id'];
$_units = $_class_units->get_by_product_ids($_info['product_id']);
}
$image = $images[0]['thumb'] ?: _class('_shop_categories', 'modules/shop/')->get_icon_url($_product['cat_id'], 'item');
$dynamic_atts = [];
if (strlen($_info['attributes']) > 3) {
foreach ((array) unserialize($_info['attributes']) as $_attr_id) {
$_attr_info = $products_atts[$_info['product_id']][$_attr_id];
$dynamic_atts[$_attr_id] = '- ' . $_attr_info['name'] . ' ' . $_attr_info['value'];
$price += $_attr_info['price'];
}
}
$product_id = (int) $_info['product_id'];
$param_id = (int) $_info['param_id'];
$price_one = tofloat($_info['price']);
$quantity = (int) $_info['quantity'];
$price_item = $price_one * $quantity;
// product unit
$unit = (int) $_info['unit'];
$units = null;
$unit_name = 'шт.';
if ($_units[$product_id]) {
$units = $_units[$product_id];
$units[$unit] && ($unit_name = $units[$unit]['title']);
}
$products[$_info['product_id'] . '_' . $_info['param_id']] = ['product_id' => intval($_info['product_id']), 'param_id' => intval($_info['param_id']), 'param_name' => _class('_shop_product_params', 'modules/shop/')->_get_name_by_option_id($_info['param_id']), 'name' => _prepare_html($_product['name']), 'image' => $image, 'link' => $link, 'unit' => $unit, 'unit_name' => $unit_name, 'units' => $units, 'price_unit' => $price_one, 'price' => $price_item, 'currency' => _prepare_html(module('manage_shop')->CURRENCY), 'quantity' => intval($_info['quantity']), 'details_link' => process_url('./?object=' . main()->_get('object') . '&action=view&id=' . $_product['id']), 'dynamic_atts' => !empty($dynamic_atts) ? implode('<br />' . PHP_EOL, $dynamic_atts) : '', 'status' => module('manage_shop')->_box('status_item', $_info['status']), 'delete' => ''];
$price_total += $price_item;
}
// discount
$discount = $order_info['discount'];
$discount_add = $order_info['discount_add'];
$_discount = $discount;
$discount_price = $_class_price->apply_price($price_total, $_discount);
$discount_price -= $price_total;
$discount_price = $_class_price->_number_round($discount_price);
$_discount = $discount_add;
$discount_add_price = $_class_price->apply_price($price_total, $_discount);
$discount_add_price -= $price_total;
$total_price = tofloat($order_info['total_sum']);
$replace = my_array_merge($replace, _prepare_html($order_info));
$replace = my_array_merge($replace, ['form_action' => './?object=' . main()->_get('object') . '&action=' . $_GET['action'] . '&id=' . $_GET['id'], 'order_id' => $order_info['id'], 'price_total_info' => module('manage_shop')->_format_price($price_total), 'discount' => $_class_price->_number_format($discount), 'discount_add' => $_class_price->_number_format($discount_add), 'discount_price_info' => $_class_price->_price_format($discount_price), 'discount_add_price_info' => $_class_price->_price_format($discount_add_price), 'delivery_info' => module('manage_shop')->_format_price($order_info['delivery_price']), 'total_sum' => module('manage_shop')->_format_price($total_price), 'user_link' => _profile_link($order_info['user_id']), 'user_name' => _display_name(user($order_info['user_id'])), 'error_message' => _e(), 'products' => (array) $products, 'total_price' => module('manage_shop')->_format_price($total_price), 'ship_type' => module('manage_shop')->_ship_types[$order_info['ship_type']], 'pay_type' => module('manage_shop')->_pay_types[$order_info['pay_type']], 'date' => $order_info['date'], 'status_box' => module('manage_shop')->_box('status', $order_info['status']), 'back_url' => './?object=' . main()->_get('object') . '&action=show_orders', 'print_url' => './?object=' . main()->_get('object') . '&action=show_print&id=' . $order_info['id'], 'payment' => common()->get_static_conf('payment_methods', $order_info['payment'])]);
$link_invoice = './?object=manage_shop&action=invoice&id=' . $replace['id'];
$link_invoice_add = $link_invoice . '&with_discount_add=y';
$link_pdf_invoice = $link_invoice . '&pdf=y';
$link_pdf_invoice_add = $link_invoice_add . '&pdf=y';
$region = _class('_shop_region', 'modules/shop/')->_get_list();
array_unshift($region, '- регион не выбран -');
$out = form2($replace, ['dd_mode' => 1, 'big_labels' => true])->info('id')->info('price_total_info', ['desc' => 'Сумма'])->row_start(['desc' => 'Скидка, %'])->number('discount', ['desc' => 'Скидка, %'])->info('discount_price_info')->link('Invoice', $link_invoice, ['title' => 'Накладная без учета добавочной скидки', 'icon' => 'fa fa-file-o', 'target' => '_blank'])->link('PDF', $link_pdf_invoice, ['title' => 'Накладная PDF без учета добавочной скидки', 'icon' => 'fa fa-file-text-o', 'target' => '_blank'])->row_end()->row_start(['desc' => 'Скидка добавочная, %'])->number('discount_add', ['desc' => 'Скидка добавочная, %'])->info('discount_add_price_info', ['desc' => ' '])->link(t('Invoice') . '+', $link_invoice_add, ['title' => 'Накладная с учетом добавочной скидки', 'icon' => 'fa fa-file-o', 'target' => '_blank'])->link(t('PDF') . '+', $link_pdf_invoice_add, ['title' => 'Накладная PDF с учетом добавочной скидки', 'icon' => 'fa fa-file-text-o', 'target' => '_blank'])->row_end()->info('delivery_info', ['desc' => 'Доставка'])->info('total_sum', '', ['desc' => 'Итоговая сумма', 'tip' => 'Итоговая сумма без учета добавочной скидки', 'no_escape' => 1])->info_date('date', ['format' => 'full'])->info('name')->email('email')->info('phone')->container('<a href="./?object=' . main()->_get('object') . '&action=send_sms&phone=' . urlencode($replace["phone"]) . '" class="btn">Send SMS</a><br /><br />')->select_box('region', $region, ['desc' => 'Регион доставки', 'class_add_wrapper' => 'region_type_wrap'])->select_box('delivery_type', _class('_shop_delivery', 'modules/shop/')->_get_types(), ['desc' => 'Тип доставки', 'class_add_wrapper' => 'delivery_type_wrap'])->select_box('delivery_id', _class('_shop_delivery', 'modules/shop/')->_get_locations_by_type($replace['delivery_type']), ['class' => 'delivery_id', 'class_add_wrapper' => 'delivery_id_wrap', 'desc' => 'Отделение'])->text('delivery_location', 'Отделение доставки', ['class' => 'delivery_location', 'class_add_wrapper' => 'delivery_location_wrap'])->text('address')->text('house')->text('apartment')->text('floor')->text('porch')->text('intercom')->info('comment')->text('delivery_time')->price('delivery_price')->user_info('user_id')->info('payment', 'Payment method')->info('transaction_id', 'Transaction id')->container(table2($products)->image('product_id', ['width' => '50px', 'no_link' => true, 'web_path' => '', 'img_path_check' => false, 'img_path_callback' => function ($_p1, $_p2, $row) {
return $row['image'];
}])->func('link', function ($f, $p, $row) {
$result = "<a class='btn' href='{$row[link]}'>{$row[product_id]}</a>";
return $result;
})->func('name', function ($f, $p, $row) {
$row['name'] = $row['name'] . ($row['param_name'] != '' ? "<br /><small>" . $row['param_name'] . "</small>" : '');
return $row['name'];
})->func('unit', function ($f, $p, $row) {
$values = [];
if (!empty($row['units'])) {
$values[0] = ' - ';
foreach ($row['units'] as $id => $item) {
$values[$id] = $item['title'];
}
}
$desc = 'Ед. измерения';
$width = '7em';
$result = sprintf('
<style>
.unit_current {
width: %s;
}
</style>
<div class="unit_current">
%s
<span class="btn btn-mini unit_change">
<i class="icon-edit fa fa-edit"></i>
</span>
</div>
', $width, $row['unit_name']) . _class('html')->select2_box(['desc' => $desc, 'name' => 'unit[' . $row['product_id'] . '_' . $row['param_id'] . ']', 'values' => $values, 'js_options' => ['width' => $width, 'containerCssClass' => 'select2_box']]);
return $result;
})->func('quantity', function ($f, $p, $row) {
$row['quantity'] = "<input type='text' name='qty[" . $row['product_id'] . "_" . $row['param_id'] . "]' value='" . intval($row['quantity']) . "' style='width:50px;'>";
return $row['quantity'];
})->func('price_unit', function ($f, $p, $row) {
$row['price_unit'] = "<input type='text' name='price_unit[" . $row['product_id'] . "_" . $row['param_id'] . "]' value='" . $row['price_unit'] . "' style='width:100px;'>";
return $row['price_unit'];
})->text('price')->func('status', function ($f, $p, $row) {
$row['status'] = str_replace("status_item", "status_item[" . $row['product_id'] . "_" . $row['param_id'] . "]", $row['status']);
return $row['status'];
})->func('delete', function ($f, $p, $row) {
$row['delete'] = "<input type='checkbox' name='delete[" . $row['product_id'] . "_" . $row['param_id'] . "]' value='1'>";
return $row['delete'];
}), ['wide' => 1])->container(tpl()->parse('manage_shop/product_search_order', ['order_id' => $_GET['id']]), 'Add product')->box('status_box', 'Status order', ['selected' => $order_info['status']])->save_and_back();
// misc handlers
css('
.select2_box {
display: none;
}
.unit_current {
position : relative;
}
.btn.unit_change {
display : none;
position : absolute;
right : 0;
}
');
jquery('
$(".delivery_id").on( "change", function( event ) {
var location = $(this).find( "option:selected" ).text();
$(".delivery_location").val( location );
});
var delivery_type__on_change = function( target ) {
var value = +$(target).find( "option:selected" ).val();
if( value == 1 ) {
$(".delivery_id_wrap").hide();
$(".delivery_location_wrap").hide();
} else if( value == 2 ) {
var count = +$(".delivery_id_wrap").find( "option" ).length;
if( count > 1 ) {
$(".delivery_id_wrap").show();
$(".delivery_location_wrap").show();
}
}
}
delivery_type__on_change( $(".delivery_type_wrap") );
$(".delivery_type_wrap").on( "change", function( event ) {
delivery_type__on_change( event.target );
});
$( ".unit_change" ).on( "click", function( event ) {
var $this = $( this );
var $select2 = $this.parent().next();
$select2.toggle()
}).each( function( i ) {
var $this = $( this );
if( $this.parent().next().length ) {
$this.show();
}
});
');
// get similar orders
$sql = "SELECT o.*, COUNT(*) AS num_items FROM `" . db('shop_orders') . "` AS `o`\n\t\t\t\tINNER JOIN " . db('shop_order_items') . " AS i ON i.order_id = o.id\n\t\t\t\tWHERE `o`.`id`!='" . $order_info['id'] . "'\n\t\t\t\t\tAND `o`.`phone`='" . $order_info['phone'] . "'\n\t\t\t\t\tAND `o`.`status`='" . $order_info['status'] . "'\n\t\t\t\tGROUP BY o.id ORDER BY o.id DESC";
$out .= "<br /><br /><h3>" . t('Similar orders') . "</h3>" . table($sql)->text('id')->date('date', ['format' => 'full', 'nowrap' => 1])->user('user_id')->text('name')->text('phone')->text('total_sum', ['nowrap' => 1])->text('num_items')->btn_edit('', './?object=' . main()->_get('object') . '&action=view_order&id=%d', ['no_ajax' => 1])->btn('Merge', './?object=' . main()->_get('object') . '&action=merge_order&id=' . $order_info['id'] . '&merge_id=%d', ['no_ajax' => 1]);
// $out .= tpl()->parse('manage_shop/product_search',array());
return $out;
}
/**
* Allows to call code here before we begin with graphics
*/
function _after_init_hook()
{
$this->PROFILING && ($this->_timing[] = [microtime(true), __CLASS__, __FUNCTION__, $this->trace_string(), func_get_args()]);
$this->events->fire('main.after_init_begin');
$this->_check_site_maintenance();
$this->_do_rewrite();
$this->_init_cur_user_info($this);
if ($this->TRACK_ONLINE_STATUS) {
$this->_class('online_users')->process();
}
if ($this->type == 'admin' && $this->ENABLE_NOTIFICATIONS_ADMIN) {
$this->_module('notifications')->_prepare();
} elseif ($this->type == 'user' && $this->ENABLE_NOTIFICATIONS_USER) {
$this->_module('notifications')->_prepare();
}
if ($this->TRACK_USER_PAGE_VIEWS && $this->USER_ID) {
$this->_add_shutdown_code(function () {
if (!main()->NO_GRAPHICS) {
db()->update_safe('user', ['last_view' => time(), 'num_views' => ++$this->_user_info['num_views']], $this->USER_ID);
}
});
}
conf('filter_hidden', $_COOKIE['filter_hidden'] ? 1 : 0);
conf('qm_hidden', $_COOKIE['qm_hidden'] ? 1 : 0);
$https_needed = $this->USE_ONLY_HTTPS;
if (!$https_needed) {
$query_string = $this->_server('QUERY_STRING');
foreach ((array) $this->HTTPS_ENABLED_FOR as $item) {
if (is_callable($item)) {
if ($item($query_string)) {
$https_needed = true;
break;
}
} elseif (preg_match('@' . $item . '@ims', $query_string)) {
$https_needed = true;
break;
}
}
}
if ($https_needed && !$this->is_console() && !($this->_server('HTTPS') || $this->_server('SSL_PROTOCOL'))) {
$redirect_url = str_replace('http://', 'https://', WEB_PATH) . $this->_server('QUERY_STRING');
return js_redirect(process_url($redirect_url));
}
if ($this->INTRUSION_DETECTION) {
$this->modules['common']->intrusion_detection();
}
$this->events->fire('main.after_init');
}
/**
*
*/
function _unread()
{
if (empty($this->_user_info['last_view'])) {
return;
}
$Q = db()->query('SELECT id FROM ' . db('comments') . ' WHERE user_id != ' . intval(main()->USER_ID) . ' AND add_date > ' . $this->_user_info['last_view']);
while ($A = db()->fetch_assoc($Q)) {
$ids[$A['id']] = $A['id'];
}
$link = process_url('./?object=comments&action=view_unread');
$unread = ['count' => count($ids), 'ids' => $ids, 'link' => $link];
return $unread;
}
function compact_info()
{
main()->NO_GRAPHICS = true;
conf('no_ajax_here', true);
// Check user id
$USER_ID = $_REQUEST["id"];
if (empty($USER_ID)) {
$error_message = "No id";
}
if (empty($error_message)) {
// Try to get user info
$this->_user_info = db()->query_fetch("SELECT * FROM " . db('user') . " WHERE id=" . intval($USER_ID) . " AND active='1'");
if (empty($this->_user_info)) {
$error_message = "No info";
}
}
if (empty($error_message)) {
// Get live quick user stats
$totals = _class_safe("user_stats")->_get_live_stats(["user_id" => $this->_user_info["id"]]);
// Check if this user is in favorites (also check if this is own profile)
$DISPLAY_CONTACT_ITEMS = 0;
if (main()->USER_ID && $this->_user_info["id"] != main()->USER_ID) {
if ($totals["favorite_users"]) {
$is_in_favorites = db()->query_num_rows("SELECT 1 FROM " . db('favorites') . " WHERE user_id=" . intval(main()->USER_ID) . " AND target_user_id=" . intval($this->_user_info["id"]));
}
if ($totals["ignored_users"]) {
$is_ignored = db()->query_num_rows("SELECT 1 FROM " . db('ignore_list') . " WHERE user_id=" . intval(main()->USER_ID) . " AND target_user_id=" . intval($this->_user_info["id"]));
}
// Check friendship
$FRIENDS_OBJ = module("friends");
$is_a_friend = is_object($FRIENDS_OBJ) ? $FRIENDS_OBJ->_is_a_friend(main()->USER_ID, $this->_user_info["id"]) : -1;
if (!empty($totals["try_friends"])) {
$is_friend_of = $FRIENDS_OBJ->_is_a_friend($this->_user_info["id"], main()->USER_ID);
}
$is_mutual_friends = $is_a_friend && $is_friend_of;
// Switch for contact items
$DISPLAY_CONTACT_ITEMS = 1;
}
// Interests
$totals["interests"] = 0;
if (!empty($totals["try_interests"])) {
$INTERESTS_OBJ = module("interests");
if (is_object($INTERESTS_OBJ)) {
$user_interests = $INTERESTS_OBJ->_get_for_user_id($user_id);
if (!empty($user_interests) && is_array($user_interests)) {
$totals["interests"] = count($user_interests);
}
}
}
// Process user reputation
$reput_text = "";
$REPUT_OBJ = module("reputation");
if (is_object($REPUT_OBJ)) {
$reput_info = ["points" => $totals["reput_points"]];
$reput_text = $REPUT_OBJ->_show_for_user($this->_user_info["id"], $reput_info);
}
// Array of $_GET vars to skip
$skip_get = ["page", "escort_id", "q", "show"];
if (empty($this->_user_info["last_login"])) {
$this->_user_info["last_login"] = $this->_user_info["add_date"];
}
// Process template
$replace = ["user_id" => intval($USER_ID), "user_avatar" => _show_avatar($USER_ID), "user_name" => _prepare_html(_display_name($this->_user_info)), "user_group" => t($this->_account_types[$this->_user_info["group"]]), "user_profile_link" => process_url(_profile_link($USER_ID)), "user_level" => intval($this->_user_info["level"]), "user_level_name" => _prepare_html($this->_user_levels[$this->_user_info["level"]]), "emails_received" => intval($this->_user_info["emails"]), "emails_sent" => intval($this->_user_info["emailssent"]), "reg_date" => _format_date($this->_user_info["add_date"]), "last_update" => _format_date($this->_user_info["last_update"], "long"), "last_login" => _format_date($this->_user_info["last_login"], "long"), "num_logins" => intval($this->_user_info["num_logins"]), "site_visits" => intval($this->_user_info["sitevisits"]), "gallery_link" => $totals["gallery_photos"] ? process_url("./?object=gallery&action=show_gallery&id=" . $this->_user_info["id"] . _add_get($skip_get)) : "", "blog_link" => $totals["blog_posts"] ? process_url("./?object=blog&action=show_posts&id=" . $this->_user_info["id"] . _add_get($skip_get)) : "", "articles_link" => $totals["articles"] ? process_url("./?object=articles&action=view_by_user&id=" . $this->_user_info["id"] . _add_get($skip_get)) : "", "interests_link" => $totals["interests"] ? process_url("./?object=interests&action=view&id=" . $this->_user_info["id"] . _add_get($skip_get)) : "", "contact_link" => main()->USER_ID && main()->USER_ID != $this->_user_info["id"] ? process_url(main()->USER_ID ? "./?object=email&action=send_form&id=" . $this->_user_info["id"] : "./?object=login_form&go_url=email;send_form;id=" . $this->_user_info["id"]) : "", "favorites_link" => !empty($is_in_favorites) ? process_url("./?object=account&action=favorite_delete&id=" . $this->_user_info["id"]) : process_url("./?object=account&action=favorite_add&id=" . $this->_user_info["id"]), "is_in_favorites" => isset($is_in_favorites) ? intval((bool) $is_in_favorites) : "", "ignore_link" => !empty($is_ignored) ? process_url("./?object=account&action=unignore_user&id=" . $this->_user_info["id"]) : process_url("./?object=account&action=ignore_user&id=" . $this->_user_info["id"]), "is_ignored" => isset($is_ignored) ? intval((bool) $is_ignored) : "", "make_friend_link" => empty($is_a_friend) ? process_url("./?object=friends&action=add&id=" . $this->_user_info["id"]) : "", "is_a_friend" => isset($is_a_friend) ? intval($is_a_friend) : "", "is_friend_of" => isset($is_friend_of) ? intval($is_friend_of) : "", "is_mutual_friends" => isset($is_mutual_friends) ? intval($is_mutual_friends) : "", "display_contact_items" => intval($DISPLAY_CONTACT_ITEMS), "sex" => _prepare_html($this->_user_info["sex"]), "country" => _prepare_html($this->_user_info["country"]), "state" => _prepare_html($this->_user_info["state"]), "city" => _prepare_html($this->_user_info["city"]), "country_code_lower" => strtolower($this->_user_info["country"]), "reput_text" => $reput_text, "reput_points" => MAIN_TYPE_ADMIN ? intval($totals["reput_points"]) : "", "alt_power" => MAIN_TYPE_ADMIN ? intval($REPUT_INFO["alt_power"]) : "", "activity_points" => intval($totals["activity_points"]), "is_admin" => MAIN_TYPE_ADMIN ? 1 : 0];
// Admin-only methods
if (MAIN_TYPE_ADMIN) {
$replace = array_merge($replace, ["login_stats" => process_url("./?object=log_auth_view&action=save_filter&user_id=" . $this->_user_info["id"]), "multi_accounts_link" => process_url("./?object=check_multi_accounts&action=show_by_user&id=" . $this->_user_info["id"]), "user_errors" => process_url("./?object=log_user_errors_viewer&action=save_filter&user_id=" . $this->_user_info["id"]), "ban_popup_link" => _class("manage_auto_ban", "admin_modules/")->_popup_link(["user_id" => intval($this->_user_info["id"])]), "verify_link" => !$this->_user_info["photo_verified"] ? "./?object=manage_photo_verify&action=add&id=" . intval($this->_user_info["id"]) : ""]);
}
$body = tpl()->parse($_GET["object"] . "/compact_info", $replace);
}
if (!empty($error_message)) {
$body = $error_message;
}
if (DEBUG_MODE) {
$body .= "<hr class='clearfloat'>DEBUG INFO:\r\n";
$body .= common()->_show_execution_time();
// $body .= common()->show_debug_info();
}
echo $body;
}
}
}
}
empty($url) == true ? $entered_url = '' : ($entered_url = escape($url));
empty($code) == true ? $entered_alias = '' : ($entered_alias = escape($code));
if (empty($url)) {
$error = ERR_INVALID_REQUEST;
goto out;
}
$format == 'json' ? $request_type = 'api' : ($format = 'text');
$url = polish_url($url);
$protocol = @parse_url($url, PHP_URL_SCHEME);
if ($protocol == null) {
$url = 'http://' . $url;
}
$error = process_url($url);
if ($error > 0) {
goto out;
}
$url = trim($url, '/');
$codes = get_codes_for_url($url);
$ip = get_IP();
$uuid = DEFAULT_UUID;
if (strlen($code) == 0) {
if (count($codes) == 0) {
$id = get_next_id();
$code = int2code($id, false);
if (code_spam_exists($code)) {
$id = mt_rand(get_next_id() + 1, 0xffffff);
$code = int2code($id, false);
}
/**
* Do delete comment
*/
function _delete($params = [])
{
if (empty(main()->USER_ID) && MAIN_TYPE_USER) {
return _error_need_login();
}
$_GET['id'] = intval($_GET['id']);
$comment_info = db()->query_fetch('SELECT * FROM ' . db('comments') . ' WHERE id=' . intval($_GET['id']));
if (empty($comment_info['id'])) {
return _e('No such comment!');
}
$OBJECT_NAME = !empty($params['object_name']) ? $params['object_name'] : $_GET['object'];
$OBJECT_ID = !empty($params['object_id']) ? intval($params['object_id']) : intval($_GET['id']);
$SILENT_MODE = !empty($params['silent_mode']) ? 1 : 0;
$RETURN_PATH = $_SERVER['HTTP_REFERER'];
if (!empty($params['return_path'])) {
$RETURN_PATH = process_url($params['return_path']);
} elseif (!empty($params['return_action'])) {
$RETURN_PATH = process_url('./?object=' . $_GET['object'] . '&action=' . $params['return_action'] . '&id=' . $comment_info['object_id']);
}
if (empty($OBJECT_NAME) || empty($OBJECT_ID)) {
return '';
}
if (module('comments')->_user_info['ban_comments'] && MAIN_TYPE_USER) {
return _e('Sorry, you are not allowed to post comments!' . PHP_EOL . 'Perhaps, you broke some of our rules and moderator has banned you from using this feature. Please, enjoy our site in some other way!' . 'For more details <a href=\'./?object=faq&action=view&id=16\'>click here</a>');
}
$module_obj = module($_GET['object']);
// Check if user is allowed to perform this action
$delete_allowed = false;
$delete_allowed_check_method = is_object($module_obj) && method_exists($module_obj, module('comments')->_delete_allowed_method);
if ($delete_allowed_check_method) {
$m = module('comments')->_delete_allowed_method;
$delete_allowed = (bool) module($_GET['object'])->{$m}(['user_id' => $comment_info['user_id'], 'object_id' => $comment_info['object_id']]);
} else {
$delete_allowed = main()->USER_ID && $comment_info['user_id'] == main()->USER_ID;
}
if (MAIN_TYPE_ADMIN || $SILENT_MODE) {
$delete_allowed = true;
} else {
// get elapse time
if (!empty(module('comments')->EDIT_LIMIT_TIME)) {
$elapse_time = time() - $comment_info['add_date'];
if ($elapse_time > module('comments')->EDIT_LIMIT_TIME) {
return _e('allowed time to delete has expired');
}
}
}
if (!$delete_allowed) {
return _e('You are not allowed to perform this action');
}
module('unread')->_set_read('comments', $_GET['id']);
if (module('comments')->USE_TREE_MODE) {
$have_children = db()->query_fetch('SELECT id FROM ' . db('comments') . '
WHERE object_name="' . $comment_info['object_name'] . '" AND object_id=' . $comment_info['object_id'] . ' AND parent_id=' . $comment_info['id'] . '
LIMIT 1');
if ($have_children) {
db()->UPDATE('comments', ['text' => '__comment was deleted__', 'user_id' => 0], 'id=' . intval($_GET['id']));
} else {
db()->query('DELETE FROM ' . db('comments') . ' WHERE id=' . intval($_GET['id']) . ' LIMIT 1');
}
} else {
db()->query('DELETE FROM ' . db('comments') . ' WHERE id=' . intval($_GET['id']) . ' LIMIT 1');
}
// Execute custom on_update trigger (if exists one)
$try_trigger_callback = [module($_GET['object']), module('comments')->_on_update_trigger];
if (is_callable($try_trigger_callback)) {
call_user_func($try_trigger_callback, $params);
}
return !$SILENT_MODE ? js_redirect($RETURN_PATH, false) : '';
}
/**
* Hook for the RSS module
*/
function _rss_general()
{
foreach ((array) module('comments')->COMMENT_LINKS as $key => $value) {
$where .= 'object_name="' . $key . '"';
if ($value !== end(module('comments')->COMMENT_LINKS)) {
$where .= ' OR ';
}
}
$Q = db()->query('SELECT * FROM ' . db('comments') . ' WHERE (' . $where . ') AND active=1 ORDER BY add_date DESC LIMIT ' . module('comments')->NUM_RSS);
while ($A = db()->fetch_assoc($Q)) {
$comments[$A['id']] = $A;
$user_ids[$A['user_id']] = $A['user_id'];
$A['object_name'] == 'news' ? $news_ids[$A['object_id']] = $A['object_id'] : '';
$A['object_name'] == 'articles' ? $articles_ids[$A['object_id']] = $A['object_id'] : '';
$A['object_name'] == 'blog' ? $blog_ids[$A['object_id']] = $A['object_id'] : '';
$A['object_name'] == 'gallery' ? $gallery_ids[$A['object_id']] = $A['object_id'] : '';
}
$user_names = user($user_ids, ['nick']);
if (!empty($articles_ids)) {
$Q = db()->query('SELECT id,title FROM ' . db('articles_texts') . ' WHERE id IN(' . implode(',', $articles_ids) . ')');
while ($A = db()->fetch_assoc($Q)) {
$titles['articles' . $A['id']] = $A['title'];
}
}
if (!empty($news_ids)) {
$Q = db()->query('SELECT id,title FROM ' . db('news') . ' WHERE id IN(' . implode(',', $news_ids) . ')');
while ($A = db()->fetch_assoc($Q)) {
$titles['news' . $A['id']] = $A['title'];
}
}
if (!empty($blog_ids)) {
$Q = db()->query('SELECT id,title FROM ' . db('blog_posts') . ' WHERE id IN(' . implode(',', $blog_ids) . ')');
while ($A = db()->fetch_assoc($Q)) {
$titles['blog' . $A['id']] = $A['title'];
}
}
if (!empty($gallery_ids)) {
$Q = db()->query('SELECT id,name FROM ' . db('gallery_photos') . ' WHERE id IN(' . implode(',', $gallery_ids) . ')');
while ($A = db()->fetch_assoc($Q)) {
$titles['gallery' . $A['id']] = $A['name'] !== '' ? $A['name'] : t('No title');
}
}
if (!empty($comments)) {
foreach ((array) $comments as $comment) {
$data[] = ['title' => _prepare_html(t('Comments in ') . $comment['object_name'] . ' - ' . $titles[$comment['object_name'] . $comment['object_id']]), 'link' => process_url(module('comments')->COMMENT_LINKS[$comment['object_name']] . $comment['object_id'] . '#cid_' . $comment['id']), 'description' => nl2br(_cut_bb_codes(_prepare_html($comment['text']))), 'date' => $comment['add_date'], 'author' => $user_names[$comment['user_id']]['nick'], 'source' => ''];
}
}
return $data;
}
function outputRPCSubscribedBoards($boards)
{
$response = '
<params>
<param>
<value>
<struct>
<member>
<name>total_forums_num</name>
<value><int>' . count($boards) . '</int></value>
</member>
<member>
<name>forums</name>
<value>
<array><data>';
foreach ($boards as $board) {
$response .= '
<value><struct>
<member>
<name>forum_id</name>
<value><string>' . $board['id'] . '</string></value>
</member>
<member>
<name>forum_name</name>
<value><base64>' . base64_encode(mobi_unescape_html($board['name'])) . '</base64></value>
</member>
<member>
<name>icon_url</name>
<value><string>' . process_url($board['icon']) . '</string></value>
</member>
<member>
<name>is_protected</name>
<value><boolean>0</boolean></value>
</member>
<member>
<name>sub_only</name>
<value><boolean>0</boolean></value>
</member>
<member>
<name>new_post</name>
<value><boolean>' . (empty($board['new']) ? '0' : '1') . '</boolean></value>
</member>
</struct></value>';
}
$response .= '
</data></array>
</value>
</member>
</struct>
</value>
</param>
</params>';
outputRPCResponse($response);
}
/**
* Order payment method by authorize.net
*/
function _order_pay_authorize_net($params = [])
{
$order_info = $params["order_info"];
$params = $params["params"];
$PAY_METHOD_ID = 2;
$PAY_METHOD_PARAMS = module('shop')->_pay_method_params[$PAY_METHOD_ID];
$amount = $order_info["total_sum"];
$description = $params["DESCRIPTION"] ? $params["DESCRIPTION"] : $PAY_METHOD_PARAMS["DESCRIPTION"];
$login_id = $PAY_METHOD_PARAMS["LOGIN_ID"];
$transaction_key = $PAY_METHOD_PARAMS["TRANSACTION_KEY"];
$TEST_MODE = $PAY_METHOD_PARAMS["TEST_MODE"] ? "true" : "false";
$IN_PRODUCTION = $PAY_METHOD_PARAMS["IN_PRODUCTION"];
// By default, this sample code is designed to post to our test server for
// developer accounts: https://test.authorize.net/gateway/transact.dll
// for real accounts (even in test mode), please make sure that you are
// posting to: https://secure.authorize.net/gateway/transact.dll
// Useful for debugging:
// $url = "https://developer.authorize.net/param_dump.asp";
if ($IN_PRODUCTION) {
$url = "https://secure.authorize.net/gateway/transact.dll";
} else {
$url = "https://test.authorize.net/gateway/transact.dll";
}
// an invoice is generated using the date and time
$invoice = date("YmdHis");
// a sequence number is randomly generated
$sequence = rand(1, 1000);
// a timestamp is generated
$time_stamp = time();
// The following lines generate the SIM fingerprint. PHP versions 5.1.2 and
// newer have the necessary hmac function built in. For older versions, it
// will try to use the mhash library.
if (phpversion() >= '5.1.2') {
$fingerprint = hash_hmac("md5", $login_id . "^" . $sequence . "^" . $time_stamp . "^" . $amount . "^", $transaction_key);
} else {
$fingerprint = bin2hex(mhash(MHASH_MD5, $login_id . "^" . $sequence . "^" . $time_stamp . "^" . $amount . "^", $transaction_key));
}
// Required authorise.net fields
$_fields_and_values = ["x_login" => substr($login_id, 0, 20), "x_amount" => substr($amount, 0, 15), "x_description" => substr($description, 0, 255), "x_invoice_num" => substr($invoice, 0, 128), "x_fp_sequence" => $sequence, "x_fp_timestamp" => $time_stamp, "x_fp_hash" => $fingerprint, "x_test_request" => $TEST_MODE, "x_delim_char" => '|', "x_delim_data" => 'TRUE', "x_version" => '3.1', "x_relay_response" => "FALSE"];
// Test mode only
if ($TEST_MODE) {
$_fields_and_values = my_array_merge($_fields_and_values, ["x_card_num" => "370000000000002", "x_exp_date" => "1220"]);
}
$_order_fields_values = ["x_cust_id" => substr($order_info["user_id"], 0, 20), "x_customer_ip" => substr($_SERVER["REMOTE_ADDR"], 0, 20), "x_card_num" => substr($order_info["card_num"], 0, 50), "x_exp_date" => substr($order_info["exp_date"], 0, 4), "x_first_name" => substr($order_info["b_first_name"], 0, 50), "x_last_name" => substr($order_info["b_last_name"], 0, 50), "x_address" => substr($order_info["b_address"], 0, 60), "x_city" => substr($order_info["b_city"], 0, 40), "x_state" => substr($order_info["b_state"], 0, 40), "x_zip" => substr($order_info["b_zip_code"], 0, 20), "x_country" => substr($order_info["b_country"], 0, 60), "x_phone" => substr($order_info["b_phone"], 0, 25), "x_company" => substr($order_info["b_company"], 0, 50), "x_email" => substr($order_info["b_email"], 0, 255), "x_ship_to_first_name" => substr($order_info["s_first_name"], 0, 50), "x_ship_to_last_name" => substr($order_info["s_last_name"], 0, 50), "x_ship_to_address" => substr($order_info["s_address"], 0, 60), "x_ship_to_city" => substr($order_info["s_city"], 0, 40), "x_ship_to_state" => substr($order_info["s_state"], 0, 40), "x_ship_to_zip" => substr($order_info["s_zip_code"], 0, 20), "x_ship_to_country" => substr($order_info["s_country"], 0, 60), "x_ship_to_company" => substr($order_info["s_company"], 0, 50)];
$_fields_and_values = my_array_merge($_fields_and_values, $_order_fields_values);
$_data_to_post = [];
foreach ((array) $_fields_and_values as $k => $v) {
$_data_to_post[$k] = $k . '=' . urlencode(str_replace('|', '', $v));
}
$_data_to_post = implode("&", $_data_to_post);
db()->UPDATE(db('shop_orders'), ["status" => "pending payment"], "id=" . intval($order_info['id']));
// Try to post data
$ch = curl_init();
if ($ch) {
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_REFERER, process_url("./?object=shop&action=" . $_GET["action"] . "&id=" . $_GET["id"]));
curl_setopt($ch, CURLOPT_VERBOSE, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $_data_to_post);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec($ch);
$error = curl_error($ch);
curl_close($ch);
if ($error) {
trigger_error("SHOP: authorize.net response error: " . $error, E_USER_WARNING);
return _e("SHOP: Payment gateway error #1. Please <a href='" . process_url("./?object=support") . "'>contact</a> site admin");
}
} else {
return _e("SHOP: Payment gateway error #2. Please <a href='" . process_url("./?object=support") . "'>contact</a> site admin");
}
// Sample good response:
// 1,1,1,This transaction has been approved.,Ms6s3z,P,2148412154,20090317055427,Shop Description Here,32.95,CC,auth_capture,14,fixit,fixit,,fixit 78,fixit,fixit,12345,,,,,fixit,fixit,,fixit 78,fixit,fixit,12345,,,,,,,2E9E8E7E6236B4344F9985FDE9E6522E,,2,,,,,,,,,,,,,,,,,,,,,,,,,,,,
$gateway_response = explode('|', $response);
// Even though authorize.net is told to return the data delimited with the pipe character,
// many times it will return data comma-delimited.
if (count($gateway_response) < 5) {
$gateway_response = explode(',', $response);
}
// If the response code is not 1 (approved) then redirect back to the payment page
// with the appropriate error message
if ($gateway_response[0] != '1') {
trigger_error("SHOP: authorize.net not approved: " . $response, E_USER_WARNING);
return _e("SHOP: Payment gateway error #3. Please <a href='" . process_url("./?object=support") . "'>contact</a> site admin");
} else {
db()->UPDATE(db('shop_orders'), ["status" => "processed"], "id=" . intval($order_info['id']));
}
// Display order result
$_GET["id"] = $order_info['id'];
return module('shop')->_order_step_finish();
}
function _short_search_form()
{
$replace = ["search_string" => "", "form_action" => process_url("./?object=shop&action=search&id=fast")];
return tpl()->parse("shop/short_search_form", $replace);
}
/**
*/
function _hook_side_column()
{
if (!$this->_used_modules) {
return false;
}
$items = [];
$url = process_url(url('/@object'));
foreach ((array) $this->_used_modules as $module_name) {
$items[] = '<li><a href="' . $url . '#module_' . $module_name . '"><i class="icon-chevron-right fa fa-chevron-right"></i> ' . t($module_name) . '</a></li>';
}
return '<div class="span3 bs-docs-sidebar"><ul class="nav nav-list bs-docs-sidenav">' . implode(PHP_EOL, $items) . '</ul></div>';
}
/**
* Account Inactive
*/
function account_inactive()
{
$replace = ['login_form_url' => process_url('./?object=login_form')];
return tpl()->parse(__CLASS__ . '/account_inactive', $replace);
}
/**
* Show given array as RSS page
*/
function show_rss_page($data = [], $params = [])
{
require_php_lib('yf_feedcreator');
$rss = new UniversalFeedCreator();
if (!isset($params['use_cached']) || !empty($params['use_cached'])) {
$rss->useCached();
}
$rss->title = _prepare_html(!empty($params['feed_title']) ? $params['feed_title'] : 'Site feed title');
$rss->description = _prepare_html(!empty($params['feed_desc']) ? $params['feed_desc'] : 'Site feed description');
// optional feed params
$rss->descriptionTruncSize = !empty($params['feed_trunc_size']) ? intval($params['item_trunc_size']) : 500;
$rss->descriptionHtmlSyndicated = isset($params['feed_insert_html']) ? (bool) $params['feed_insert_html'] : true;
$rss->link = _prepare_html(process_url($params['feed_url'] ?: './?object=' . $_GET['object']));
$this->self_link = $rss->link;
$rss->syndicationURL = _prepare_html(process_url($params['feed_source'] ?: './?object=' . $_GET['object'] . '&action=' . $_GET['action'] . (!empty($_GET['id']) ? '&id=' . $_GET['id'] : '')));
if (!empty($this->SHOW_RSS_ENCODING)) {
$rss->encoding = $this->SHOW_RSS_ENCODING;
}
foreach ((array) $data as $A) {
$item = new FeedItem();
if (isset($A['date'])) {
$A['date'] = intval($A['date']);
}
if (isset($A['link'])) {
$A['link'] = process_url($A['link']);
}
// Process known fields
foreach ((array) $this->avail_item_fields as $field_name) {
if (isset($A[$field_name])) {
$item->{$field_name} = $A[$field_name];
}
}
if (!isset($item->guid)) {
$item->guid = $A['link'] . '#' . md5($params['feed_source'] . '&' . $A['date'] . '&' . $A['title'] . '&' . $A['author']);
}
// optional params
$item->descriptionTruncSize = !empty($params['item_trunc_size']) ? intval($params['item_trunc_size']) : $this->DESC_TRUNC_SIZE;
$item->descriptionHtmlSyndicated = isset($params['item_insert_html']) ? (bool) $params['item_insert_html'] : true;
// optional (enclosure)
// Sample: $A['enclosure'] = array('url'=>'http://lh3.ggpht.com/smoliarov/Rwygj8ucrbE/AAAAAAAABIA/UkNlwQ7eniw/_200708.jpg','length'=>'65036','type'=>'image/jpeg');
if (!empty($A['enclosure']) && is_array($A['enclosure'])) {
$E = $A['enclosure'];
$item->enclosure = new EnclosureItem();
$item->enclosure->url = _prepare_html($E['url']);
$item->enclosure->length = intval($E['length']);
$item->enclosure->type = _prepare_html($E['type']);
}
$rss->addItem($item);
}
// Set format of the resulting feed
$feed_format = isset($params['feed_format']) && in_array($params['feed_format'], $this->avail_formats) ? $params['feed_format'] : 'RSS2.0';
$feed_file_name = $params['feed_file_name'];
if (!strlen($feed_file_name)) {
$feed_file_name = md5($_SERVER['HTTP_HOST'] . '_' . $rss->title . $rss->description . $this->self_link);
}
$feed_file_name = common()->_propose_url_from_name($feed_file_name);
$feed_cache_path = $this->FEEDS_CACHE_PATH . $feed_file_name . '.xml';
$feed_cache_dir = dirname($feed_cache_path);
if (!file_exists($feed_cache_dir)) {
_mkdir_m($feed_cache_dir);
}
$feed_redirect = $params['return_feed_text'] ? false : true;
$body = $rss->saveFeed($feed_format, $feed_cache_path, $feed_redirect);
if (!empty($params['return_feed_text'])) {
if ($body) {
return $body;
} elseif (file_exists($feed_cache_path)) {
return file_get_contents($feed_cache_path);
}
} else {
main()->NO_GRAPHICS = true;
echo $body;
}
}
/**
* Do upload image to server
*/
function go($new_file_path, $name_in_form = 'image', $max_image_size = 0, $is_local = false)
{
// We do not want to user break our operation
ignore_user_abort(true);
// New name is required
if (empty($new_file_path)) {
trigger_error('UPLOAD_IMAGE: New file path id required', E_USER_WARNING);
return false;
}
// Default name in form
if (empty($name_in_form)) {
$name_in_form = 'image';
}
// Prepare params
// If $name_in_form is an array - then we think that it is $_FILES array with cur image info
// (useful when uploading several images at once)
$PHOTO = is_array($name_in_form) ? $name_in_form : $_FILES[$name_in_form];
$MAX_IMAGE_SIZE = $max_image_size;
// Check image size (first attempt)
if (empty($PHOTO['size']) || !empty($MAX_IMAGE_SIZE) && $PHOTO['size'] > $MAX_IMAGE_SIZE) {
_re('Invalid image size');
}
// First mime type check (quick and simple)
if (!$PHOTO['type'] || !isset($this->ALLOWED_MIME_TYPES[$PHOTO['type']])) {
_re('Invalid image type');
}
// Check for errors and stop if exists
if (common()->_error_exists()) {
return false;
}
// Create folder if not exists
$photo_dir = dirname($new_file_path);
if (!file_exists($photo_dir)) {
_class('dir')->mkdir_m($photo_dir, 0777, 1);
}
// Upload original photo
$photo_path = $new_file_path;
if ($is_local) {
$move_result = false;
if (!file_exists($photo_path) && file_exists($PHOTO['tmp_name'])) {
file_put_contents($photo_path, file_get_contents($PHOTO['tmp_name']));
unlink($PHOTO['tmp_name']);
$move_result = true;
}
} else {
$move_result = move_uploaded_file($PHOTO['tmp_name'], $photo_path);
}
// Check if file uploaded successfully
if (!$move_result || !file_exists($photo_path) || !filesize($photo_path) || !is_readable($photo_path)) {
_re('Uploading image error #001. Please <a href="' . process_url('./?object=help&action=email_form') . '">contact</a> site admin.');
trigger_error('Moving uploaded image error', E_USER_WARNING);
return false;
}
// Second image type check (using GD)
$real_image_info = @getimagesize($photo_path);
if (empty($real_image_info) || !$real_image_info['mime'] || !isset($this->ALLOWED_MIME_TYPES[$real_image_info['mime']])) {
_re('Invalid image type');
trigger_error('Invalid image type', E_USER_WARNING);
unlink($photo_path);
return false;
}
$_image_type_short = $this->ALLOWED_MIME_TYPES[$real_image_info['mime']];
// Check for wrong photos that crashed GD (only if we do not have NETPBM)
if ((!defined('NETPBM_PATH') || NETPBM_PATH == '') && (!defined('IMAGICK_PATH') || IMAGICK_PATH == '')) {
if ($_image_type_short == 'jpeg') {
$c_func = 'imagecreatefromjpeg';
} elseif ($_image_type_short == 'png') {
$c_func = 'imagecreatefrompng';
} elseif ($_image_type_short == 'gif') {
$c_func = 'imagecreatefromgif';
}
if ($c_func && false === @$c_func($photo_path)) {
_re('Uploading image error #002. Please <a href="' . process_url('./?object=help&action=email_form') . '">contact</a> site admin.');
trigger_error('Image that crashes GD found', E_USER_WARNING);
unlink($photo_path);
return false;
}
}
// Second image size checking (from the real file)
if (!empty($MAX_IMAGE_SIZE) && filesize($photo_path) > $MAX_IMAGE_SIZE) {
_re('Invalid image size');
trigger_error('Image size hacking attempt', E_USER_WARNING);
unlink($photo_path);
return false;
}
// Third image size checking (force resize it if needed)
$LIMIT_X = defined('FORCE_RESIZE_WIDTH') ? FORCE_RESIZE_WIDTH : 1280;
$LIMIT_Y = defined('FORCE_RESIZE_HEIGHT') ? FORCE_RESIZE_HEIGHT : 1024;
if (defined('FORCE_RESIZE_IMAGE_SIZE') && filesize($photo_path) > FORCE_RESIZE_IMAGE_SIZE || defined('FORCE_RESIZE_WIDTH') && $real_image_info[0] > FORCE_RESIZE_WIDTH || defined('FORCE_RESIZE_HEIGHT') && $real_image_info[1] > FORCE_RESIZE_HEIGHT) {
return common()->make_thumb($photo_path, $photo_path, $LIMIT_X, $LIMIT_Y);
}
return true;
}
