/**
* Sends the requested file to the browser
* and assures that the requested file is no payable product download file
* @author soeren
* @param int $file_id
* @param int $product_id
* @return mixed
*/
function send_file($file_id, $product_id)
{
global $VM_LANG, $vmLogger, $mosConfig_absolute_path;
$dbf = new ps_DB();
$html = "";
$sql = 'SELECT attribute_value FROM #__{vm}_product_attribute WHERE `product_id` = ' . intval($product_id) . ' AND attribute_name=\'download\'';
$dbf->query($sql);
$dbf->next_record();
$exclude_filename = $GLOBALS['vmInputFilter']->safeSQL($dbf->f("attribute_value"));
$sql = 'SELECT file_mimetype, file_name' . ' FROM `#__{vm}_product_files` WHERE ';
if ($exclude_filename) {
$sql .= ' file_title != \'' . $exclude_filename . '\' AND ';
}
$sql .= ' file_product_id = \'' . $product_id . '\' AND file_published = \'1\' AND file_id = \'' . $file_id . '\' AND file_is_image = \'0\'';
$dbf->setQuery($sql);
$dbf->query();
if (!$dbf->next_record()) {
$vmLogger->err($VM_LANG->_('PHPSHOP_FILES_NOT_FOUND', false));
return false;
}
$filename = $mosConfig_absolute_path . str_replace($mosConfig_absolute_path, '', $dbf->f("file_name"));
// dump anything in the buffer
while (@ob_end_clean()) {
}
if (strtolower(substr($filename, 0, 4)) == 'http') {
vmRedirect($filename);
}
if ($filename) {
require_once CLASSPATH . 'connectionTools.class.php';
vmConnector::sendFile($filename, $dbf->f("file_mimetype"));
$GLOBALS['vm_mainframe']->close(true);
} else {
$vmLogger->err($VM_LANG->_('PHPSHOP_FILES_NOT_FOUND', false));
}
return true;
}
require_once CLASSPATH . 'ps_order_change.php';
require_once CLASSPATH . 'ps_order_change_html.php';
$ps_product = new ps_product();
$order_id = vmRequest::getInt('order_id');
$ps_order_change_html = new ps_order_change_html($order_id);
//Added Option to resend the Confirmation Mail
$resend_action = vmRequest::getVar('func');
if ($resend_action == 'resendconfirm' && $order_id) {
ps_checkout::email_receipt($order_id);
$redirurl = $_SERVER['PHP_SELF'];
foreach ($_POST as $key => $value) {
if ($value != 'resendconfirm') {
$redirurl .= !strpos($redirurl, '?') ? '?' : '&' . $key . '=' . vmRequest::getVar($key);
}
}
vmRedirect($redirurl, $VM_LANG->_('PHPSHOP_ORDER_RESEND_CONFIRMATION_MAIL_SUCCESS'));
}
if (!is_numeric($order_id)) {
echo "<h2>The Order ID {$order_id} is not valid.</h2>";
} else {
$dbc = new ps_DB();
$q = "SELECT * FROM #__{vm}_orders WHERE order_id='{$order_id}'";
$db->query($q);
if ($db->next_record()) {
// Print View Icon
$print_url = $_SERVER['PHP_SELF'] . "?page=order.order_printdetails&order_id={$order_id}&no_menu=1&pop=1";
if (vmIsJoomla('1.5', '>=')) {
$print_url .= "&tmpl=component";
}
$print_url = $sess->url($print_url);
$print_url = defined('_VM_IS_BACKEND') ? str_replace("index2.php", "index3.php", $print_url) : str_replace("index.php", "index2.php", $print_url);
/**
* Lists the payment methods of all available payment modules
* @static
* @param int $payment_method_id
*/
function list_payment_methods($payment_method_id = 0)
{
global $order_total, $sess, $VM_CHECKOUT_MODULES;
$ps_vendor_id = $_SESSION['ps_vendor_id'];
$auth = $_SESSION['auth'];
$ship_to_info_id = vmGet($_REQUEST, 'ship_to_info_id');
$shipping_rate_id = vmGet($_REQUEST, 'shipping_rate_id');
require_once CLASSPATH . 'ps_payment_method.php';
$ps_payment_method = new ps_payment_method();
require_once CLASSPATH . 'ps_creditcard.php';
$ps_creditcard = new ps_creditcard();
$count = 0;
// Do we have Credit Card Payments?
$db_cc = new ps_DB();
$q = "SELECT * from #__{vm}_payment_method,#__{vm}_shopper_group WHERE ";
$q .= "#__{vm}_payment_method.shopper_group_id=#__{vm}_shopper_group.shopper_group_id ";
$q .= "AND (#__{vm}_payment_method.shopper_group_id='" . $auth['shopper_group_id'] . "' ";
$q .= "OR #__{vm}_shopper_group.default='1') ";
$q .= "AND (enable_processor='' OR enable_processor='Y') ";
$q .= "AND payment_enabled='Y' ";
$q .= "AND #__{vm}_payment_method.vendor_id='{$ps_vendor_id}' ";
$q .= " ORDER BY list_order";
$db_cc->query($q);
if ($db_cc->num_rows()) {
$first_payment_method_id = $db_cc->f("payment_method_id");
$count += $db_cc->num_rows();
$cc_payments = true;
} else {
$cc_payments = false;
}
$db_nocc = new ps_DB();
$q = "SELECT * from #__{vm}_payment_method,#__{vm}_shopper_group WHERE ";
$q .= "#__{vm}_payment_method.shopper_group_id=#__{vm}_shopper_group.shopper_group_id ";
$q .= "AND (#__{vm}_payment_method.shopper_group_id='" . $auth['shopper_group_id'] . "' ";
$q .= "OR #__{vm}_shopper_group.default='1') ";
$q .= "AND (enable_processor='B' OR enable_processor='N' OR enable_processor='P') ";
$q .= "AND payment_enabled='Y' ";
$q .= "AND #__{vm}_payment_method.vendor_id='{$ps_vendor_id}' ";
$q .= " ORDER BY list_order";
$db_nocc->query($q);
if ($db_nocc->next_record()) {
$nocc_payments = true;
$first_payment_method_id = $db_nocc->f("payment_method_id");
$count += $db_nocc->num_rows();
$db_nocc->reset();
} else {
$nocc_payments = false;
}
// Redirect to the last step when there's only one payment method
if ($VM_CHECKOUT_MODULES['CHECK_OUT_GET_PAYMENT_METHOD']['order'] != $VM_CHECKOUT_MODULES['CHECK_OUT_GET_FINAL_CONFIRMATION']['order']) {
if ($count <= 1 && $cc_payments == false) {
vmRedirect($sess->url(SECUREURL . basename($_SERVER['PHP_SELF']) . "?page=checkout.index&payment_method_id={$first_payment_method_id}&ship_to_info_id={$ship_to_info_id}&shipping_rate_id=" . urlencode($shipping_rate_id) . "&checkout_stage=" . $VM_CHECKOUT_MODULES['CHECK_OUT_GET_FINAL_CONFIRMATION']['order'], false, false), "");
} elseif (isset($order_total) && $order_total <= 0.0) {
// In case the order total is less than or equal zero, we don't need a payment method
vmRedirect($sess->url(SECUREURL . basename($_SERVER['PHP_SELF']) . "?page=checkout.index&ship_to_info_id={$ship_to_info_id}&shipping_rate_id=" . urlencode($shipping_rate_id) . "&checkout_stage=" . $VM_CHECKOUT_MODULES['CHECK_OUT_GET_FINAL_CONFIRMATION']['order'], false, false), "");
}
}
$theme = new $GLOBALS['VM_THEMECLASS']();
$theme->set_vars(array('db_nocc' => $db_nocc, 'db_cc' => $db_cc, 'nocc_payments' => $nocc_payments, 'payment_method_id' => $payment_method_id, 'first_payment_method_id' => $first_payment_method_id, 'count' => $count, 'cc_payments' => $cc_payments, 'ps_creditcard' => $ps_creditcard, 'ps_payment_method' => $ps_payment_method));
echo $theme->fetch('checkout/list_payment_methods.tpl.php');
}
$row->load((int) $user_id);
if ($user_id) {
$query = "SELECT *" . "\n FROM #__contact_details" . "\n WHERE user_id = " . (int) $row->id;
$database->setQuery($query);
$contact = $database->loadObjectList();
$row->name = trim($row->name);
$row->email = trim($row->email);
$row->username = trim($row->username);
$row->password = trim($row->password);
} else {
$contact = NULL;
$row->block = 0;
}
// check to ensure only super admins can edit super admin info
if ($my->gid < 25 && $row->gid == 25) {
vmRedirect('index2.php?option=com_users', _NOT_AUTH);
}
$my_group = strtolower($acl->get_group_name($row->gid, 'ARO'));
if ($my_group == 'super administrator' && $my->gid != 25) {
$lists['gid'] = '<input type="hidden" name="gid" value="' . $my->gid . '" /><strong>Super Administrator</strong>';
} else {
if ($my->gid == 24 && $row->gid == 24) {
$lists['gid'] = '<input type="hidden" name="gid" value="' . $my->gid . '" /><strong>Administrator</strong>';
} else {
// ensure user can't add group higher than themselves
$my_groups = $acl->get_object_groups('users', $my->id, 'ARO');
if (is_array($my_groups) && count($my_groups) > 0) {
$ex_groups = $acl->get_group_children($my_groups[0], 'ARO', 'RECURSE');
if (!$ex_groups) {
$ex_groups = array();
}
$sql = 'SELECT attribute_value FROM #__{vm}_product_attribute WHERE `product_id` = ' . $product_id . ' AND attribute_name=\'download\'';
$dbf->query($sql);
$downloadFiles = array();
while ($dbf->next_record()) {
$downloadFiles[] = $dbf->f('attribute_value');
}
$q = "SELECT file_id, file_is_image, file_product_id, file_extension, file_url, file_published, file_name, file_title, file_image_thumb_height, file_image_thumb_width FROM #__{vm}_product_files ";
$q .= "WHERE file_product_id = '{$product_id}' ";
$q .= "ORDER BY file_is_image DESC";
$db->query($q);
$db->next_record();
if (!empty($files)) {
$db->record = array_merge($files, $db->record);
}
if ($db->num_rows() < 1 && $task != "cancel") {
vmRedirect($_SERVER['PHP_SELF'] . "?option=com_virtuemart&page=product.file_form&product_id={$product_id}&no_menu=" . @$_REQUEST['no_menu']);
}
$db->reset();
$arr = array();
$arr2 = array();
while ($db->next_record()) {
// Reorder the whole recordset and put pay-download files at the top
$filename = $mosConfig_absolute_path . str_replace($mosConfig_absolute_path, '', $db->f("file_name"));
$isProductDownload = in_array(basename($filename), $downloadFiles) ? true : false;
if ($isProductDownload) {
$arr[] = $db->getCurrentRow();
} else {
$arr2[] = $db->getCurrentRow();
}
}
$db->record = array_merge($arr, $arr2);
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See /administrator/components/com_virtuemart/COPYRIGHT.php for copyright notices and details.
*
* http://virtuemart.net
*/
mm_showMyFileName(__FILE__);
require_once CLASSPATH . "pageNavigation.class.php";
require_once CLASSPATH . "htmlTools.class.php";
$country_id = vmGet($_REQUEST, 'country_id');
if (is_array($country_id)) {
$country_id = $country_id[0];
}
if (empty($country_id)) {
vmRedirect($_SERVER['PHP_SELF'] . "?option=com_virtuemart&page=admin.country_list", "A country ID could not be found");
}
$db->query("SELECT country_name FROM #__{vm}_country WHERE country_id='{$country_id}'");
$db->next_record();
$title = $VM_LANG->_('PHPSHOP_STATE_LIST_LBL') . " " . $db->f("country_name");
$q = "SELECT SQL_CALC_FOUND_ROWS * FROM #__{vm}_state ";
$search = '';
if (!empty($keyword)) {
$search .= "AND ( state_name LIKE '%{$keyword}%' OR ";
$search .= "state_2_code LIKE '%{$keyword}%' OR ";
$search .= "state_3_code LIKE '%{$keyword}%' ";
$search .= ") ";
}
$q .= "WHERE country_id='{$country_id}' ";
$q .= $search;
$q .= "ORDER BY state_name ";
* See /administrator/components/com_virtuemart/COPYRIGHT.php for copyright notices and details.
*
* http://virtuemart.net
*/
mm_showMyFileName(__FILE__);
global $mosConfig_allowUserRegistration, $mosConfig_useractivation;
require_once CLASSPATH . "ps_userfield.php";
require_once CLASSPATH . "htmlTools.class.php";
$missing = vmGet($_REQUEST, "missing", "");
if (!empty($missing)) {
echo "<script type=\"text/javascript\">alert('" . $VM_LANG->_('CONTACT_FORM_NC', false) . "'); </script>\n";
}
// If not using NO_REGISTRATION, redirect with a warning when Joomla doesn't allow user registration
if ($mosConfig_allowUserRegistration == "0" && VM_REGISTRATION_TYPE != 'NO_REGISTRATION') {
$msg = 'User registration is disabled, it must be enabled in order to proceed.';
vmRedirect($sess->url('index.php?page=' . HOMEPAGE, true, false), $msg);
return;
}
if (vmIsJoomla('1.5')) {
// Set the validation value
$validate = JUtility::getToken();
} else {
$validate = function_exists('josspoofvalue') ? josSpoofValue(1) : vmSpoofValue(1);
}
$fields = ps_userfield::getUserFields('registration', false, '', false);
// Read-only fields on registration don't make sense.
foreach ($fields as $field) {
$field->readonly = 0;
}
$skip_fields = array();
if ($my->id > 0 || VM_REGISTRATION_TYPE != 'NORMAL_REGISTRATION' && VM_REGISTRATION_TYPE != 'OPTIONAL_REGISTRATION' && ($page == 'checkout.index' || $page == 'shop.registration')) {
function redirectToPayment(&$d)
{
require_once CLASSPATH . 'ps_checkout.php';
$checkout_steps = ps_checkout::get_checkout_steps();
$current_stage = 0;
foreach ($checkout_steps as $step) {
if (in_array('CHECK_OUT_GET_PAYMENT_METHOD', $checkout_steps[$current_stage])) {
break;
} else {
$current_stage++;
}
}
//Request used for when going from a regular link instead of a post from form
$_REQUEST['checkout_stage'] = $current_stage;
$_POST['checkout_this_step'] = $checkout_steps[$current_stage];
ps_paypal_api::destroyPaypalSession();
vmRedirect($sess->url('index.php?page=checkout.index&shipping_rate_id=' . urlencode($d['shipping_rate_id']) . '&ship_to_info_id=' . $d['ship_to_info_id'] . '&checkout_stage=' . $current_stage, false, false));
}
echo "<tr><td> </td><td> </td></tr>\n";
echo "<tr><td> </td><td><input name=\"submit\" type=\"submit\" value=\"" . $VM_LANG->_('PHPSHOP_SUBMIT') . "\" /></td></tr>\n";
echo "</table>\n";
echo "<input type=\"hidden\" name=\"option\" value=\"com_virtuemart\" />\n";
echo "<input type=\"hidden\" name=\"Itemid\" value=\"{$Itemid}\" />\n";
echo "<input type=\"hidden\" name=\"payment_method_id\" value=\"{$payment_method_id}\" />\n";
echo "<input type=\"hidden\" name=\"task\" value=\"changekey\" />\n";
echo "<input type=\"hidden\" name=\"pshop_mode\" value=\"admin\" />\n";
echo "<input type=\"hidden\" name=\"page\" value=\"store.payment_method_keychange\" />\n";
echo "</form>\n";
} elseif ($auth_result && !empty($passkey) && $task == "changekey") {
$q = "UPDATE #__{vm}_payment_method ";
$q .= "SET payment_passkey = " . VM_ENCRYPT_FUNCTION . "('{$passkey}','" . ENCODE_KEY . "')\n";
$q .= "WHERE payment_method_id='{$payment_method_id}';";
$db->query($q);
vmRedirect($sess->url($_SERVER['PHP_SELF'] . "?page=store.payment_method_form&payment_method_id={$payment_method_id}", false, false), $VM_LANG->_('PHPSHOP_CHANGE_PASSKEY_SUCCESS'));
} else {
require_once CLASSPATH . "ps_checkout.php";
echo "<form action=\"" . $_SERVER['PHP_SELF'] . "\" method=\"post\">\n";
echo "<table class=\"adminForm\">\n";
echo "<tr><td>" . $VM_LANG->_('PHPSHOP_CURRENT_TRANSACTION_KEY') . ":</td><td>" . ($db->f('passkey') ? ps_checkout::asterisk_pad($db->f('passkey'), 4) : '<i>(empty!)</i>') . "</td></tr>\n";
echo "<tr><td> </td><td> </td></tr>\n";
echo "<tr><td>" . $VM_LANG->_('PHPSHOP_TYPE_PASSWORD') . ":</td>\n";
echo "<td><input type=\"password\" name=\"passwd\" value=\"\" /></td></tr>\n";
echo "<tr><td> </td><td> </td></tr>\n";
echo "<tr><td> </td><td><input name=\"submit\" type=\"submit\" value=\"" . $VM_LANG->_('PHPSHOP_SUBMIT') . "\" /></td></tr>\n";
echo "</table>\n";
echo "<input type=\"hidden\" name=\"option\" value=\"com_virtuemart\" />\n";
echo "<input type=\"hidden\" name=\"Itemid\" value=\"{$Itemid}\" />\n";
echo "<input type=\"hidden\" name=\"pshop_mode\" value=\"admin\" />\n";
echo "<input type=\"hidden\" name=\"payment_method_id\" value=\"{$payment_method_id}\" />\n";
* other free or open source software licenses.
* See /administrator/components/com_virtuemart/COPYRIGHT.php for copyright notices and details.
*
* http://virtuemart.net
*/
mm_showMyFileName(__FILE__);
global $ps_order_status;
require_once CLASSPATH . 'ps_checkout.php';
require_once CLASSPATH . 'ps_userfield.php';
require_once CLASSPATH . 'ps_product.php';
$ps_product = new ps_product();
$registrationfields = ps_userfield::getUserFields('registration', false, '', true, true);
$shippingfields = ps_userfield::getUserFields('shipping', false, '', true, true);
$order_id = vmRequest::getInt('order_id', 0);
if (empty($order_id)) {
vmRedirect($_SERVER['SCRIPT_NAME'] . '?option=com_virtuemart&page=order.order_list');
}
$dbc = new ps_DB();
$q = "SELECT * FROM #__{vm}_orders WHERE order_id={$order_id} and vendor_id = {$ps_vendor_id}";
$db->query($q);
$db->next_record();
echo "<style type='text/css' media='print'>.vmNoPrint { display: none }</style>";
?>
<br />
<?php
echo vmCommonHTML::PrintIcon();
?>
<br /><br />
<table width="100%" align="center" border="0" cellspacing="0" cellpadding="2">
<tr>
<td valign="top">
}
if (!in_array('CHECK_OUT_GET_FINAL_CONFIRMATION', $checkout_steps[$current_stage])) {
?>
<div align="center">
<input type="submit" class="button" name="formSubmit" value="<?php
echo $VM_LANG->_('PHPSHOP_CHECKOUT_NEXT');
?>
>>" />
</div>
<?php
}
// Close the Checkout Form, which was opened in the first checkout template using the variable $basket_html
echo '</form>';
if (!in_array('CHECK_OUT_GET_FINAL_CONFIRMATION', $checkout_steps[$current_stage])) {
echo "<script type=\"text/javascript\"><!--\r\n function submit_order( form ) { return true; }\r\n --></script>";
}
} else {
if (!empty($auth['user_id'])) {
// USER IS LOGGED IN, BUT NO REGISTERED CUSTOMER
// WE NEED SOME ADDITIONAL INFORMATION HERE,
// SO REDIRECT HIM TO shop/shopper_add
$vmLogger->info($VM_LANG->_('PHPSHOP_NO_CUSTOMER', false));
include PAGEPATH . 'checkout_register_form.php';
} else {
// user is not logged in
echo $theme->fetch('checkout/login_registration.tpl.php');
}
}
} else {
vmRedirect($sess->url('index.php?page=shop.cart', false, false));
}
/**
* adds an item to the shopping cart
* @author pablo
* @param array $d
*/
function add(&$d)
{
global $sess, $VM_LANG, $cart, $vmLogger, $func;
$d = $GLOBALS['vmInputFilter']->process($d);
include_class("product");
$db = new ps_DB();
$ci = 0;
$request_stock = "";
$total_quantity = 0;
$total_updated = 0;
$total_deleted = 0;
$_SESSION['last_page'] = "shop.product_details";
if (!empty($d['product_id']) && !isset($d["prod_id"])) {
if (empty($d['prod_id'])) {
$d['prod_id'] = array();
}
if (is_array($d['product_id'])) {
$d['prod_id'] = array_merge($d['prod_id'], $d['product_id']);
} else {
$d['prod_id'] = array_merge($d['prod_id'], array($d['product_id']));
}
}
//Check to see if a prod_id has been set
if (!isset($d["prod_id"])) {
return true;
}
$multiple_products = sizeof($d["prod_id"]);
//Iterate through the prod_id's and perform an add to cart for each one
for ($ikey = 0; $ikey < $multiple_products; $ikey++) {
// Create single array from multi array
$key_fields = array_keys($d);
foreach ($key_fields as $key) {
if (is_array($d[$key])) {
$e[$key] = @$d[$key][$ikey];
} else {
$e[$key] = $d[$key];
}
}
if ($multiple_products > 1) {
$func = "cartUpdate";
}
$e['product_id'] = $d['product_id'];
$e['Itemid'] = $d['Itemid'];
if (is_array($d["prod_id"])) {
$product_id = $d["prod_id"][$ikey];
} else {
$product_id = $e["prod_id"];
}
if (is_array($d["quantity"])) {
$quantity = @$d['quantity'][$ikey];
} else {
$quantity = @$e['quantity'];
}
// Check for negative quantity
if ($quantity < 0) {
vmRequest::setVar('product_id', $product_id);
$vmLogger->warning($VM_LANG->_('PHPSHOP_CART_ERROR_NO_NEGATIVE', false));
return False;
}
if (!is_numeric($quantity)) {
vmRequest::setVar('product_id', $product_id);
$vmLogger->warning($VM_LANG->_('PHPSHOP_CART_ERROR_NO_VALID_QUANTITY', false));
return False;
}
$quantity = intval($quantity);
// Check to see if checking stock quantity
if (CHECK_STOCK) {
$product_in_stock = ps_product::get_field($product_id, 'product_in_stock');
if (empty($product_in_stock)) {
$product_in_stock = 0;
}
if ($quantity > $product_in_stock) {
//Create an array for out of stock items and continue to next item
$request_stock[$ci]['product_id'] = $product_id;
$request_stock[$ci]['quantity'] = $quantity;
$ci++;
continue;
}
}
// Check if product exists and is published
if (!ps_product::product_exists($product_id)) {
$vmLogger->tip($VM_LANG->_('VM_CART_PRODUCT_NOTEXIST', false));
return false;
}
// Quick add of item
$q = "SELECT product_id FROM #__{vm}_product WHERE ";
$q .= "product_parent_id = " . (int) $product_id;
$db->query($q);
if ($db->num_rows()) {
vmRequest::setVar('product_id', $e["product_id"]);
$vmLogger->tip($VM_LANG->_('PHPSHOP_CART_SELECT_ITEM', false));
$_REQUEST['flypage'] = ps_product::get_flypage($e["product_id"]);
$GLOBALS['page'] = 'shop.product_details';
return true;
}
// Check to see if we already have it
$updated = 0;
$result = ps_product_attribute::cartGetAttributes($e);
if ($result["attribute_given"] == false && !empty($result["advanced_attribute_list"]) || $multiple_products == 1 && ($result["custom_attribute_given"] == false && !empty($result["custom_attribute_list"]))) {
$_REQUEST['flypage'] = ps_product::get_flypage($product_id);
$GLOBALS['page'] = 'shop.product_details';
$vmLogger->tip($VM_LANG->_('PHPSHOP_CART_SELECT_ITEM', false));
return true;
}
//Check for empty custom field and quantity>0 for multiple addto
//Normally means no info added to a custom field, but once added to a cart the quantity is automatically placed
//If another item is added and the custom field is left blank for another product already added this will just ignore that item
if ($multiple_products != 1 && $quantity != 0 && ($result["custom_attribute_given"] == false && !empty($result["custom_attribute_list"]))) {
$vmLogger->tip($VM_LANG->_('PHPSHOP_CART_SELECT_ITEM', false));
continue;
}
// Check for duplicate and do not add to current quantity
for ($i = 0; $i < $_SESSION["cart"]["idx"]; $i++) {
// modified for advanced attributes
if ($_SESSION['cart'][$i]["product_id"] == $product_id && $_SESSION['cart'][$i]["description"] == $e["description"]) {
$updated = 1;
}
}
list($min, $max) = ps_product::product_order_levels($product_id);
if ($min != 0 && $quantity != 0 && $quantity < $min) {
eval("\$msg = \"" . $VM_LANG->_('VM_CART_MIN_ORDER', false) . "\";");
$vmLogger->warning($msg);
continue;
}
if ($max != 0 && $quantity != 0 && $quantity > $max) {
eval("\$msg = \"" . $VM_LANG->_('VM_CART_MAX_ORDER', false) . "\";");
$vmLogger->warning($msg);
continue;
}
// If we did not update then add the item
if (!$updated && $quantity) {
$k = $_SESSION['cart']["idx"];
$_SESSION['cart'][$k]["quantity"] = $quantity;
$_SESSION['cart'][$k]["product_id"] = $product_id;
$_SESSION['cart'][$k]["parent_id"] = $e["product_id"];
$_SESSION['cart'][$k]["category_id"] = vmGet($e, 'category_id', 0);
// added for the advanced attribute modification
$_SESSION['cart'][$k]["description"] = $e["description"];
$_SESSION['cart']["idx"]++;
$total_quantity += $quantity;
} else {
list($updated_prod, $deleted_prod) = $this->update($e);
$total_updated += $updated_prod;
$total_deleted += $deleted_prod;
}
/* next 3 lines added by Erich for coupon code */
/* if the cart was updated we gotta update any coupon discounts to avoid ppl getting free stuff */
if (!empty($_SESSION['coupon_discount'])) {
// Update the Coupon Discount !!
require_once CLASSPATH . 'ps_coupon.php';
ps_coupon::process_coupon_code($d);
}
}
// End Iteration through Prod id's
$cart = $_SESSION['cart'];
ps_cart::saveCart();
// Ouput info message with cart update details /*
if ($total_quantity != 0 || $total_updated != 0 || $total_deleted != 0) {
if ($total_quantity > 0 && $total_updated == 0) {
$msg = $VM_LANG->_('VM_CART_PRODUCT_ADDED', false);
} else {
$msg = $VM_LANG->_('VM_CART_PRODUCT_UPDATED', false);
}
// Comment out the following line to turn off msg i.e. //$vmLogger->tip( $msg );
$vmLogger->info($msg);
} else {
if (@$request_stock) {
$vmLogger->tip($VM_LANG->_('PHPSHOP_CART_GOTO_WAITING_LIST', false));
} elseif ($total_quantity == 0) {
vmRequest::setVar('product_id', $product_id);
$GLOBALS['last_page'] = 'shop.product_details';
$vmLogger->warning($VM_LANG->_('PHPSHOP_CART_ERROR_NO_VALID_QUANTITY', false));
return false;
} else {
$vmLogger->tip($VM_LANG->_('PHPSHOP_CART_QUANTITY_EXCEEDED', false));
}
}
// end cart update message */
// Perform notification of out of stock items
if (@$request_stock) {
global $notify;
$_SESSION['notify'] = array();
$_SESSION['notify']['idx'] = 0;
$k = 0;
$notify = $_SESSION['notify'];
foreach ($request_stock as $request) {
$_SESSION['notify'][$k]["prod_id"] = $request['product_id'];
$_SESSION['notify'][$k]["quantity"] = $request['quantity'];
$_SESSION['notify']['idx']++;
$k++;
}
if (vmIsXHR()) {
$GLOBALS['vm_mainframe']->scriptRedirect($sess->url('index.php?page=shop.waiting_list&product_id=' . $product_id, true, false));
} else {
vmRedirect($sess->url('index.php?page=shop.waiting_list&product_id=' . $product_id, true, false));
}
}
return True;
}
/**
* This is a solution for the Shared SSL problem
* We have to copy some cookies from the Main Mambo site domain into
* the shared SSL domain (only when necessary!)
*
* The function is called on each page load.
*/
function prepare_SSL_Session()
{
global $mainframe, $my, $database, $mosConfig_secret, $page, $VM_MODULES_FORCE_HTTPS;
if (vmIsAdminMode() && vmIsJoomla('1.0')) {
return;
}
$ssl_redirect = vmGet($_GET, "ssl_redirect", 0);
$redirected = vmGet($_GET, "redirected", 0);
$martID = vmGet($_GET, 'martID', '');
$ssl_domain = "";
if (!empty($VM_MODULES_FORCE_HTTPS)) {
$pagearr = explode('.', $page);
$module = $pagearr[0];
// When NOT in https mode, but the called page is part of a shop module that is
// forced to use https, we prepare the redirection to https here
if (array_search($module, $VM_MODULES_FORCE_HTTPS) !== false && !vmIsHttpsMode() && $this->check_Shared_SSL($ssl_domain)) {
$ssl_redirect = 1;
}
}
// Generally redirect to HTTP (from HTTPS) when it is not necessary? (speed up the pageload)
if (VM_GENERALLY_PREVENT_HTTPS == '1' && vmIsHttpsMode() && $redirected != 1 && $ssl_redirect == 0 && !vmIsAdminMode() && URL != SECUREURL && @$_REQUEST['option'] == 'com_virtuemart') {
$pagearr = explode('.', $page);
$module = $pagearr[0];
// When it is not necessary to stay in https mode, we leave it here
if (array_search($module, $VM_MODULES_FORCE_HTTPS) === false) {
if ($this->check_Shared_SSL($ssl_domain)) {
$this->saveSessionAndRedirect(false);
}
$query_string = vmGet($_SERVER, 'QUERY_STRING');
if (!empty($query_string) && empty($_POST)) {
vmRedirect($this->url(URL . basename($_SERVER['PHP_SELF']) . '?' . vmGet($_SERVER, 'QUERY_STRING') . '&redirected=1', true, false, true));
}
}
}
/**
* This is the first part of the Function:
* We check if the function must be called at all
* Usually this is only called once: Before we go to the checkout.
* The variable ssl_redirect=1 is appended to the URL, just for this function knows
* is must be active! This has nothing to do with SSL / Shared SSL or whatever
*/
if ($ssl_redirect == 1) {
$_SERVER['QUERY_STRING'] = str_replace('&ssl_redirect=1', '', vmGet($_SERVER, 'QUERY_STRING'));
// check_Shared_SSL compares the normal http domain name
// and the https Domain Name. If both do not match, we move on
// else we leave this function.
if ($this->check_Shared_SSL($ssl_domain) && !vmIsHttpsMode() && $redirected == 0) {
$this->saveSessionAndRedirect(true);
} elseif (!vmIsHttpsMode() && $redirected == 0) {
vmRedirect($this->url(SECUREURL . basename($_SERVER['PHP_SELF']) . "?" . vmGet($_SERVER, 'QUERY_STRING') . '&redirected=1', true, false, true));
}
}
/**
* This is part two of the function
* If the redirect (see 4/5 lines above) was successful
* and the Store uses Shared SSL, we have the variable martID
* So let's copy the Session contents ton the new domain and start the session again
* othwerwise: do nothing.
*/
if (!empty($martID)) {
if ($this->check_Shared_SSL($ssl_domain)) {
// We now need to copy the Session Data to the SSL Domain
if ($martID) {
require_once ADMINPATH . 'install.copy.php';
$sessionFile = IMAGEPATH . md5($martID) . '.sess';
// Read the contents of the session file
$session_data = file_get_contents($sessionFile);
// Delete it for security and disk space reasons
unlink($sessionFile);
// Read the session data into $_SESSION
// From now on, we can use all the data in $_SESSION
session_decode($session_data);
$check = base64_decode($martID);
$checkValArr = explode("|", $check);
if (defined('_JEXEC')) {
//TODO
} elseif (class_exists('mambocore')) {
//TODO
} elseif ($GLOBALS['_VERSION']->RELEASE == '1.0' && (int) $GLOBALS['_VERSION']->DEV_LEVEL >= 13) {
if (!empty($GLOBALS['real_mosConfig_live_site']) && empty($_REQUEST['real_mosConfig_live_site'])) {
$GLOBALS['mosConfig_live_site'] = $GLOBALS['real_mosConfig_live_site'];
}
if (!empty($checkValArr[2])) {
// Joomla! >= 1.0.13 can be cheated to log in a user who has previsously logged in and checked the "Remember me" box
setcookie(mosmainframe::remCookieName_User(), $checkValArr[2], false, '/');
// there's no need to call "$mainframe->login"
}
} else {
// Check if the user was logged in in the http domain
// and is not yet logged in at the Shared SSL domain
if (isset($checkValArr[1]) && !$my->id) {
// user should expect to be logged in,
// we can use the values from $_SESSION['auth'] now
$username = $database->getEscaped(trim($_SESSION['auth']['user_name']));
if (!empty($username)) {
$database->setQuery('SELECT username, password FROM `#__users` WHERE `username` = \'' . $username . '\';');
$database->loadObject($user);
if (is_object($user)) {
// a last security check using the transmitted md5 hash and the rebuilt hash
$check = md5($user->username . $user->password . $mosConfig_secret);
if ($check === $checkValArr[1]) {
// Log the user in with his username
$mainframe->login($user->username, $user->password);
}
}
}
}
}
session_write_close();
// Prevent the martID from being displayed in the URL
if (!empty($_GET['martID'])) {
$query_string = substr_replace(vmGet($_SERVER, 'QUERY_STRING'), '', strpos(vmGet($_SERVER, 'QUERY_STRING'), '&martID'));
$url = vmIsHttpsMode() ? SECUREURL : URL;
vmRedirect($this->url($url . "index.php?{$query_string}&cartReset=N&redirected=1", true, false, true));
}
}
}
}
}
/**
* Applies the Patch Package
*
* @param array $d
* @return boolean
*/
function applyPatch(&$d)
{
global $vm_mainframe, $vmLogger, $mosConfig_absolute_path, $db, $sess, $VM_LANG;
$updatepackage = vmget($_SESSION, 'vm_updatepackage');
if (empty($updatepackage)) {
$vmLogger->err($VM_LANG->_('VM_UPDATE_ERR_DOWNLOAD'));
return false;
}
$patchdir = vmUpdate::getPackageDir($updatepackage);
// RickG - Save the location of the patch file
JRequest::setVar('patchdir', $patchdir);
$packageContents = vmUpdate::getPatchContents($updatepackage);
if (!vmUpdate::verifyPackage($packageContents)) {
return false;
}
$errors = 0;
foreach ($packageContents['fileArr'] as $fileentry) {
$file = $fileentry['filename'];
$patch_file = $patchdir . '/' . $file;
$orig_file = $mosConfig_absolute_path . '/' . $file;
if (file_exists($orig_file)) {
if (!is_writable($orig_file) && !@chmod($orig_file, 0644)) {
$vmLogger->err(sprintf($VM_LANG->_('VM_UPDATE_ERR_FILE_UNWRITABLE'), $mosConfig_absolute_path . '/' . $file));
$errors++;
}
} else {
if ($fileentry['copy_policy'] == 'only_if_exists') {
continue;
}
$dirname = is_dir($patch_file) ? $orig_file : dirname($orig_file);
if (is_dir($patch_file) || !file_exists($dirname)) {
if (!vmUpdate::mkdirR($dirname, 0755)) {
$vmLogger->err(sprintf($VM_LANG->_('VM_UPDATE_ERR_DIR_UNWRITABLE'), $dirname));
$errors++;
}
} elseif (!is_writable($mosConfig_absolute_path . '/' . dirname($file)) && !@chmod($mosConfig_absolute_path . '/' . dirname($file), 0755)) {
$vmLogger->err(sprintf($VM_LANG->_('VM_UPDATE_ERR_DIR_UNWRITABLE'), $mosConfig_absolute_path . '/' . $file));
$errors++;
}
}
}
if ($errors > 0) {
return false;
}
foreach ($packageContents['fileArr'] as $fileentry) {
$file = $fileentry['filename'];
$patch_file = $patchdir . '/' . $file;
$orig_file = $mosConfig_absolute_path . '/' . $file;
if (!file_exists($orig_file) && $fileentry['copy_policy'] == 'only_if_exists') {
continue;
}
if (is_dir($patch_file) || !file_exists(dirname($orig_file))) {
$dirname = is_dir($patch_file) ? $orig_file : dirname($orig_file);
if (!vmUpdate::mkdirR($dirname, 755)) {
$vmLogger->crit('Failed to create a necessary directory');
}
} elseif (!@copy($patch_file, $orig_file)) {
$vmLogger->crit(sprintf($VM_LANG->_('VM_UPDATE_ERR_OVERWRITE_FAILED'), $file));
return false;
} else {
$vmLogger->debug(sprintf($VM_LANG->_('VM_UPDATE_FILE_OVERWROTE'), $file));
}
}
foreach ($packageContents['queryArr'] as $query) {
if ($db->query($query) === false) {
$vmLogger->crit(sprintf($VM_LANG->_('VM_UPDATE_ERR_QUERY_FAILED'), $query));
} else {
$vmLogger->debug(sprintf($VM_LANG->_('VM_UPDATE_QUERY_EXECUTED'), $query));
}
}
// RickG - Run the install file if it exists
if ($packageContents['installfile']) {
include $packageContents['installfile'];
com_vminstall($patchdir);
}
$db->query('UPDATE `#__components` SET `params` = \'RELEASE=' . $packageContents['toversion'] . '\\nDEV_STATUS=stable\' WHERE `name` = \'virtuemart_version\'');
$_SESSION['vmupdatemessage'] = sprintf($VM_LANG->_('VM_UPDATE_SUCCESS'), $packageContents['forversion'], $packageContents['toversion']);
// Delete the patch package file
vmUpdate::removePackageFile($d);
if (vmIsXHR()) {
$vm_mainframe->addResponseScript('parent.loadPage("' . $GLOBALS['sess']->url($_SERVER['PHP_SELF'] . '?page=admin.update_result', false, false) . '");');
} else {
// Redirect to the Result Page and display the Update Message there
vmRedirect($sess->url($_SERVER['PHP_SELF'] . '?page=admin.update_result', false, false));
}
}
$Itemid = $sess->getShopItemid();
$db_product = new ps_DB();
// Check for non-numeric product id
if (!empty($product_id)) {
if (!is_numeric($product_id)) {
$product_id = '';
}
}
// Get the product info from the database
$q = "SELECT * FROM `#__{vm}_product` WHERE ";
if (!empty($product_id)) {
$q .= "`product_id`={$product_id}";
} elseif (!empty($product_sku)) {
$q .= "`product_sku`='{$product_sku}'";
} else {
vmRedirect($sess->url($_SERVER['PHP_SELF'] . "?keyword=" . urlencode($keyword) . "&category_id={$_SESSION['session_userstate']['category_id']}&limitstart={$_SESSION['limitstart']}&page=shop.browse", false, false), $VM_LANG->_('PHPSHOP_PRODUCT_NOT_FOUND'));
}
if (!$perm->check("admin,storeadmin")) {
$q .= " AND `product_publish`='Y'";
if (CHECK_STOCK && PSHOP_SHOW_OUT_OF_STOCK_PRODUCTS != "1") {
$q .= " AND `product_in_stock` > 0 ";
}
}
$db_product->query($q);
// Redirect back to Product Browse Page on Error
if (!$db_product->next_record()) {
$vmLogger->err($VM_LANG->_('PHPSHOP_PRODUCT_NOT_FOUND', false));
return;
}
if (empty($product_id)) {
$product_id = $db_product->f('product_id');
/**
* Function to add a new Shopper into the Shop and Joomla
*
* @param array $d
* @return boolean
*/
function add(&$d)
{
global $my, $auth, $mainframe, $mosConfig_absolute_path, $sess, $VM_LANG, $vmLogger, $database, $mosConfig_useractivation;
$ps_vendor_id = $_SESSION["ps_vendor_id"];
$hash_secret = "VirtueMartIsCool";
$db = new ps_DB();
$timestamp = time();
if (!$this->validate_add($d)) {
return False;
}
if (empty($my->id)) {
$_POST['name'] = vmGet($d, 'first_name', 'First Name') . " " . vmGet($d, 'last_name', 'Last Name');
if (VM_REGISTRATION_TYPE == 'SILENT_REGISTRATION' || VM_REGISTRATION_TYPE == 'NO_REGISTRATION' || VM_REGISTRATION_TYPE == 'OPTIONAL_REGISTRATION' && empty($d['register_account'])) {
// Silent Registration, Optional Registration with no account wanted and No Registration
// means we need to create a hidden user
if (vmIsJoomla('1.5')) {
$username_length = 100;
} else {
$username_length = 25;
}
$silent_username = substr(str_replace('-', '_', vmGet($d, 'email')), 0, $username_length);
$db->query('SELECT username FROM `#__users` WHERE username=\'' . $silent_username . '\'');
$i = 0;
while ($db->next_record()) {
$silent_username = substr_replace($silent_username, $i, strlen($silent_username) - 1);
$db->query('SELECT username FROM `#__users` WHERE username=\'' . $silent_username . '\'');
$i++;
}
$_POST['username'] = $d['username'] = $silent_username;
$_POST['password'] = $d['password'] = vmGenRandomPassword();
$_POST['password2'] = $_POST['password'];
}
if (VM_REGISTRATION_TYPE == 'NO_REGISTRATION' || VM_REGISTRATION_TYPE == 'OPTIONAL_REGISTRATION' && empty($d['register_account'])) {
// If no user shall be registered into the global user table, we just add the registration info into the vm_user_info table
// Make sure that "dummy" entries for non-existing Joomla! users won't ever have the same user_id as a future Joomla! user
$db->query("SELECT MIN(user_id)-1 as uid FROM `#__{vm}_user_info`");
$db->next_record();
// Don't allow a user id of zero
$uid = $db->f('uid') == 0 ? -1 : $db->f('uid');
} else {
// Process the CMS registration
if (vmIsJoomla('1.5')) {
if (!$this->register_save()) {
return false;
}
} else {
if (!$this->saveRegistration()) {
return false;
}
}
$db->query("SELECT id FROM #__users WHERE username='******'username'] . "'");
$db->next_record();
$uid = $db->f('id');
}
} else {
$uid = $my->id;
$d['email'] = $_POST['email'] = $my->email;
$d['username'] = $_POST['username'] = $my->username;
}
// Prevent empty USER ID
if (empty($uid)) {
$vmLogger->crit("Failed to retrieve a valid USER ID when attempting to add a new user");
return false;
}
if (!empty($auth['user_id'])) {
$db->query('SELECT user_id FROM #__{vm}_user_info WHERE user_id=' . $auth['user_id']);
$db->next_record();
if ($db->f('user_id')) {
return $this->update($d);
}
}
// Get all fields which where shown to the user
$userFields = ps_userfield::getUserFields('registration', false, '', true);
$skipFields = ps_userfield::getSkipFields();
// Insert billto;
// The first 7 fields are FIX and not built dynamically
$fields = array('user_info_id' => md5(uniqid($hash_secret)), 'user_id' => $uid, 'address_type' => 'BT', 'address_type_name' => '-default-', 'cdate' => $timestamp, 'mdate' => $timestamp, 'perms' => 'shopper');
foreach ($userFields as $userField) {
if (!in_array($userField->name, $skipFields)) {
$fields[$userField->name] = ps_userfield::prepareFieldDataSave($userField->type, $userField->name, vmGet($d, $userField->name, strtoupper($userField->name)));
// Catch a newsletter registration!
if (stristr($userField->params, 'newsletter')) {
if (!empty($d[$userField->name])) {
require_once CLASSPATH . 'parameters.class.php';
$subscribeTo = new vmParameters($userField->params);
$vmLogger->debug('Adding the user to the Newsletter.');
}
}
}
}
$fields['user_email'] = $fields['email'];
unset($fields['email']);
$db->buildQuery('INSERT', '#__{vm}_user_info', $fields);
// Run the query now!
$db->query();
// Insert vendor relationship
$q = "INSERT INTO #__{vm}_auth_user_vendor (user_id,vendor_id)";
$q .= " VALUES ";
$q .= "('" . $uid . "','";
$q .= $ps_vendor_id . "') ";
$db->query($q);
$d['shopper_group_id'] = '';
// Get the ID of the shopper group for this customer
if ($d['isValidVATID']) {
if (trim($d['__euvatid_field']->params) != '') {
$shopper_group = new vmParameters($d['__euvatid_field']->params);
$d['shopper_group_id'] = $shopper_group->get('shopper_group_id');
}
}
if (empty($d['shopper_group_id'])) {
$q = "SELECT shopper_group_id from #__{vm}_shopper_group WHERE ";
$q .= "`default`='1' ";
$db->query($q);
if (!$db->num_rows()) {
// take the first in the table
$q = "SELECT shopper_group_id from #__{vm}_shopper_group";
$db->query($q);
}
$db->next_record();
$d['shopper_group_id'] = $db->f("shopper_group_id");
}
$customer_nr = uniqid(rand());
// Insert Shopper -ShopperGroup - Relationship
$q = "INSERT INTO #__{vm}_shopper_vendor_xref ";
$q .= "(user_id,vendor_id,shopper_group_id,customer_number) ";
$q .= "VALUES ('{$uid}', '{$ps_vendor_id}','" . $d['shopper_group_id'] . "', '{$customer_nr}')";
$db->query($q);
// Process the Newsletter subscription
if (!empty($subscribeTo) && strtolower(get_class($subscribeTo)) == 'vmparameters') {
switch ($subscribeTo->get('newsletter', 'letterman')) {
// TODO:
case 'ccnewsletter':
$db->query("INSERT INTO `#__ccnewsletter_subscribers` ( `name`, `email`, `plainText`, `enabled`, `sdate`) \r\n\t\t\t\t\t\t\tVALUES('" . $d['first_name'] . " " . $d['last_name'] . "','" . $d['email'] . "', '0', '1', NOW())");
// case 'anjel':
// case 'anjel':
case 'letterman':
default:
if (file_exists($mosConfig_absolute_path . '/components/com_letterman/letterman.php')) {
$db->query("INSERT INTO `#__letterman_subscribers` (`user_id`, `subscriber_name`, `subscriber_email`, `confirmed`, `subscribe_date`)\r\n\t\t\t\t\t\t\t\t\t\tVALUES('{$uid}','" . $d['first_name'] . " " . $d['last_name'] . "','" . $d['email'] . "', '1', NOW())");
}
}
}
if (VM_REGISTRATION_TYPE == 'NO_REGISTRATION' || VM_REGISTRATION_TYPE == 'OPTIONAL_REGISTRATION' && empty($d['register_account'])) {
$auth['user_id'] = $uid;
$auth['username'] = $d['email'];
$_SESSION['auth'] = $auth;
} elseif (!$my->id && $mosConfig_useractivation == '0') {
// HANDLE LOGIN
if (vmIsJoomla('1.5')) {
// Username and password must be passed in an array
$credentials = array('username' => vmGet($d, 'username'), 'password' => vmGet($d, 'password'));
$mainframe->login($credentials);
} elseif (class_exists('mambocore') || vmIsJoomla('1.0.13', '>=', false)) {
// Login for Mambo 4.6.x and Joomla >= 1.0.13
$mainframe->login($d['username'], $d['password']);
} else {
// Login for Joomla < 1.0.13 (and Mambo 4.5.2.3)
$mainframe->login($d['username'], md5($d['password']));
}
// Redirect to the Checkout Page if the cart is not empty
if (!empty($_SESSION['cart']['idx'])) {
$redirect_to_page = 'checkout.index';
} else {
$redirect_to_page = HOMEPAGE;
}
vmRedirect($sess->url('index.php?page=' . $redirect_to_page, false, false), $VM_LANG->_('REG_COMPLETE'));
}
if (!empty($my->id) || !empty($auth['user_id'])) {
vmRedirect($sess->url('index.php?page=checkout.index', false, false));
} else {
$GLOBALS['page'] = 'shop.cart';
$msg = strip_tags($VM_LANG->_('REG_COMPLETE_ACTIVATE', false));
$vmLogger->info($msg);
}
return true;
}
<?php
if (!defined('_VALID_MOS') && !defined('_JEXEC')) {
die('Direct Access to ' . basename(__FILE__) . ' is not allowed.');
}
/**
*
* @version $Id: store.user_list.php 1095 2007-12-19 20:19:16Z soeren_nb $
* @package VirtueMart
* @subpackage html
* @copyright Copyright (C) 2004-2007 soeren - All rights reserved.
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
* VirtueMart is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See /administrator/components/com_virtuemart/COPYRIGHT.php for copyright notices and details.
*
* http://virtuemart.net
*/
mm_showMyFileName(__FILE__);
if (!$acl->acl_check('administration', 'manage', 'users', $my->usertype, 'components', 'com_users')) {
vmRedirect('index2.php', _NOT_AUTH);
}
require_once PAGEPATH . 'admin.user_list.php';
$desc = vmCommonHTML::ParseContentByPlugins($desc);
/* Prepend Product Short Description Meta Tag "description" when applicable */
$mainframe->prependMetaTag("description", substr(strip_tags($desc), 0, 255));
}
// when nothing has been found we tell this here and say goodbye
if ($num_rows == 0 && (!empty($keyword) || !empty($keyword1))) {
echo $VM_LANG->_('PHPSHOP_NO_SEARCH_RESULT');
} elseif ($num_rows == 0 && empty($product_type_id) && !empty($child_list)) {
echo $VM_LANG->_('EMPTY_CATEGORY');
} elseif ($num_rows == 1 && (!empty($keyword) || !empty($keyword1))) {
// If just one product has been found, we directly show the details page of it
$db_browse->query($list);
$db_browse->next_record();
$flypage = $db_browse->sf("category_flypage") ? $db_browse->sf("category_flypage") : FLYPAGE;
$url_parameters = "page=shop.product_details&flypage={$flypage}&product_id=" . $db_browse->f("product_id") . "&category_id=" . $db_browse->f("category_id");
vmRedirect($sess->url($url_parameters, true, false));
} else {
// NOW START THE PRODUCT LIST
$tpl = vmTemplate::getInstance();
if ($category_id) {
/**
* CATEGORY DESCRIPTION
*/
$browsepage_lbl = $category_name;
$tpl->set('browsepage_lbl', $browsepage_lbl);
$tpl->set('desc', $desc);
$category_childs = $ps_product_category->get_child_list($category_id);
$tpl->set('categories', $category_childs);
$navigation_childlist = $tpl->fetch('common/categoryChildlist.tpl.php');
$tpl->set('navigation_childlist', $navigation_childlist);
// Set up the CMS pathway
/**
* Logs out a customer from the store
*
*/
function logout($complete_logout = true)
{
global $auth, $sess, $mainframe, $page;
$auth = array();
$_SESSION['auth'] = array();
if ($complete_logout) {
$mainframe->logout();
}
vmRedirect($sess->url('index.php?page=' . HOMEPAGE, true, false));
}
if (!defined('_VALID_MOS') && !defined('_JEXEC')) {
die('Direct Access to ' . basename(__FILE__) . ' is not allowed.');
}
/**
*
* @version $Id: shop.cart_reset.php 1095 2007-12-19 20:19:16Z soeren_nb $
* @package VirtueMart
* @subpackage html
* @copyright Copyright (C) 2004-2007 soeren - All rights reserved.
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
* VirtueMart is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See /administrator/components/com_virtuemart/COPYRIGHT.php for copyright notices and details.
*
* http://virtuemart.net
*/
mm_showMyFileName(__FILE__);
global $return, $option, $option2, $product_id, $category_id, $Itemid, $flypage;
require_once CLASSPATH . 'ps_cart.php';
$ps_cart =& new ps_cart();
$loc = $_SERVER['HTTP_REFERER'];
$set = $ps_cart->reset();
//header("Location: $loc");
if ($option2 != "com_virtuemart") {
vmRedirect($loc);
} else {
vmRedirect($sess->url($_SERVER['PHP_SELF'] . "?page={$return}&product_id={$product_id}&category_id={$category_id}&flypage={$flypage}", false, false));
//
}
$q .= "`product_id`={$product_id}";
} elseif (!empty($product_sku)) {
$q .= "`product_sku`='{$product_sku}'";
} else {
vmRedirect($sess->url($_SERVER['PHP_SELF'] . "?page=shop.product_details&keyword=" . urlencode($_SESSION['keyword']) . "&category_id={$_SESSION['category_id']}&limitstart={$_SESSION['limitstart']}", false, false), $VM_LANG->_('PHPSHOP_PRODUCT_NOT_FOUND'));
}
if (!$perm->check("admin,storeadmin")) {
$q .= " AND `product_publish`='Y'";
if (CHECK_STOCK && PSHOP_SHOW_OUT_OF_STOCK_PRODUCTS != "1") {
$q .= " AND `product_in_stock` > 0 ";
}
}
$db_product->query($q);
// Redirect back to Product Browse Page on Error
if (!$db_product->next_record()) {
vmRedirect($sess->url($_SERVER['PHP_SELF'] . "?page=shop.product_details&keyword=" . urlencode($_SESSION['keyword']) . "&category_id={$_SESSION['category_id']}&limitstart={$_SESSION['limitstart']}", false, false), $VM_LANG->_('PHPSHOP_PRODUCT_NOT_FOUND'));
}
/* Set Dynamic Page Title */
$pagetitle = $VM_LANG->_('ENQUIRY') . ' - ' . substr($db_product->f('product_name'), 0, 60);
$mainframe->setPageTitle($pagetitle);
// set up return to product link
$product_link = $sess->url($mm_action_url . basename($_SERVER['PHP_SELF']) . "?page=shop.product_details&flypage={$flypage}&product_id={$product_id}&category_id={$category_id}");
$name = $my->name;
$email = $my->email;
$pathway_item = new stdClass();
$pathway_item->link = $product_link;
$pathway_item->name = $db_product->f('product_name');
$page_pathway[] = $pathway_item;
$pathway_item = new stdClass();
$pathway_item->name = $pagetitle;
$page_pathway[] = $pathway_item;
/**
* Writes the configuration file of the current theme
*
* @param array $d
*/
function writeThemeConfig(&$d)
{
global $page, $VM_LANG, $vmLogger;
$my_config_array = array();
$config = "<?php\r\nif( !defined( '_VALID_MOS' ) && !defined( '_JEXEC' ) ) die( 'Direct Access to '.basename(__FILE__).' is not allowed.' );\r\n/**\r\n* The configuration file for the " . basename(VM_THEMEPATH) . " theme\r\n*\r\n* @package VirtueMart\r\n* @subpackage themes\r\n* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php\r\n* VirtueMart is free software. This version may have been modified pursuant\r\n* to the GNU General Public License, and as distributed it includes or\r\n* is derivative of works licensed under the GNU General Public License or\r\n* other free or open source software licenses.\r\n* See /administrator/components/com_virtuemart/COPYRIGHT.php for copyright notices and details.\r\n*\r\n* http://virtuemart.net\r\n*/\r\n?>\r\n";
$params = vmGet($_POST, 'params', '');
if (is_array($params)) {
$txt = array();
foreach ($params as $k => $v) {
$txt[] = "{$k}={$v}";
}
if (is_callable(array('mosParameters', 'textareaHandling'))) {
$_POST['params'] = mosParameters::textareaHandling($txt);
} else {
$total = count($txt);
for ($i = 0; $i < $total; $i++) {
if (strstr($txt[$i], "\n")) {
$txt[$i] = str_replace("\n", '<br />', $txt[$i]);
}
}
$_POST['params'] = implode("\n", $txt);
}
}
$config .= $_POST['params'];
if ($fp = fopen(VM_THEMEPATH . "theme.config.php", "w")) {
fputs($fp, $config, strlen($config));
fclose($fp);
if (!empty($_REQUEST['ajax_request'])) {
$vmLogger->info($VM_LANG->_('VM_CONFIGURATION_CHANGE_SUCCESS', false));
} else {
$task = vmGet($_REQUEST, 'task', '');
if ($task == 'apply') {
$page = 'admin.theme_config_form';
$theme = '&theme=' . basename(VM_THEMEURL);
} else {
$page = 'admin.show_cfg';
$theme = '';
}
if (!empty($_REQUEST['ajax_request'])) {
$vmLogger->info($VM_LANG->_('VM_CONFIGURATION_CHANGE_SUCCESS', false));
} else {
vmRedirect($_SERVER['PHP_SELF'] . "?page={$page}{$theme}&option=com_virtuemart", $VM_LANG->_('VM_CONFIGURATION_CHANGE_SUCCESS'));
}
}
return true;
} else {
$vmLogger->err($VM_LANG->_('VM_CONFIGURATION_CHANGE_FAILURE', false) . ' (' . VM_THEMEPATH . "theme.config.php)");
return false;
}
}
<?php
if (!defined('_VALID_MOS') && !defined('_JEXEC')) {
die('Direct Access to ' . basename(__FILE__) . ' is not allowed.');
}
/**
*
* @version $Id: shop.registration.php 1529 2008-09-19 18:04:46Z soeren_nb $
* @package VirtueMart
* @subpackage html
* @copyright Copyright (C) 2004-2008 soeren - All rights reserved.
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
* VirtueMart is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See /administrator/components/com_virtuemart/COPYRIGHT.php for copyright notices and details.
*
* http://virtuemart.net
*/
mm_showMyFileName(__FILE__);
$vm_mainframe->setpagetitle($VM_LANG->_('REGISTER_TITLE'));
$pathway[] = $vm_mainframe->vmPathwayItem($VM_LANG->_('REGISTER_TITLE'));
$vm_mainframe->vmAppendPathway($pathway);
if (empty($auth['user_id'])) {
include PAGEPATH . 'checkout_register_form.php';
} else {
vmRedirect($sess->url(URL . 'index.php?page=' . HOMEPAGE, false, false));
}
* @subpackage html
* @copyright Copyright (C) 2004-2008 soeren - All rights reserved.
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
* VirtueMart is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See /administrator/components/com_virtuemart/COPYRIGHT.php for copyright notices and details.
*
* http://virtuemart.net
*/
mm_showMyFileName(__FILE__);
$shipping_module = vmGet($_REQUEST, 'shipping_module', null);
if ($shipping_module) {
if (!(include CLASSPATH . 'shipping/' . basename($shipping_module))) {
vmRedirect($_SERVER['PHP_SELF'] . "?option=com_virtuemart&page=store.shipping_modules", str_replace('{shipping_module}', $shipping_module, $VM_LANG->_('VM_SHIPPING_MODULE_CLASSERROR')));
} else {
$classname = basename($shipping_module, ".php");
if (class_exists($classname)) {
$_SHIPPING = new $classname();
}
}
$ps_html->writableIndicator(CLASSPATH . "shipping/" . basename($shipping_module, ".php") . '.cfg.php');
?>
<div id="overDiv" style="position:absolute; visibility:hidden; z-index:10000;"></div>
<script type="text/javascript" src="<?php
echo $mosConfig_live_site;
?>
/includes/js/overlib_mini.js"></script>
<table class="adminform">
<tr>
die('Direct Access to ' . basename(__FILE__) . ' is not allowed.');
}
/**
*
* @version $Id: admin.update_result.php 1431 2008-06-20 17:46:57Z soeren_nb $
* @package VirtueMart
* @subpackage html
* @copyright Copyright (C) 2008 soeren - All rights reserved.
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php
* VirtueMart is free software. This version may have been modified pursuant
* to the GNU General Public License, and as distributed it includes or
* is derivative of works licensed under the GNU General Public License or
* other free or open source software licenses.
* See /administrator/components/com_virtuemart/COPYRIGHT.php for copyright notices and details.
*
* http://virtuemart.net
*
*/
global $VM_LANG;
require_once CLASSPATH . 'update.class.php';
vmUpdate::stepBar(3);
if (!empty($_SESSION['vmupdatemessage'])) {
echo '<div class="shop_info">' . shopMakeHtmlSafe($_SESSION['vmupdatemessage']) . '<br /><br /><br />' . $VM_LANG->_('VM_UPDATE_RESULT_TITLE') . ':<br />';
unset($_SESSION['vmupdatemessage']);
require_once ADMINPATH . 'version.php';
echo $myVersion . '<br /><br />
<input class="vmicon vmicon32 vmicon-32-apply" type="button" onclick="document.location=\'' . $sess->url($_SERVER['PHP_SELF'] . '?page=store.index') . '\';" value="' . $VM_LANG->_('CMN_CONTINUE') . '" name="submitbutton" />';
echo '</div>';
} else {
vmRedirect($sess->url($_SERVER['PHP_SELF'] . '?page=admin.update_check', false, false));
}
if (!empty($user) && is_object($user)) {
$old_user = $user;
}
$user = $dbbt->record[0];
/** Retrieve Payment Info **/
$dbpm = new ps_DB();
$q = "SELECT * FROM `#__{vm}_payment_method` p, `#__{vm}_order_payment` op, `#__{vm}_orders` o ";
$q .= "WHERE op.order_id='{$order_id}' ";
$q .= "AND p.payment_method_id=op.payment_method_id ";
$q .= "AND o.user_id='" . $auth["user_id"] . "' ";
$q .= "AND o.order_id='{$order_id}' ";
$dbpm->query($q);
$dbpm->next_record();
$registrationfields = ps_userfield::getUserFields('registration', false, '', true, true);
$shippingfields = ps_userfield::getUserFields('shipping', false, '', true, true);
$tpl->set('db', $db);
$tpl->set('dbbt', $dbbt);
$tpl->set('dbpm', $dbpm);
$tpl->set('user', $user);
$tpl->set('order_id', $order_id);
$tpl->set('registrationfields', $registrationfields);
$tpl->set('shippingfields', $shippingfields);
$tpl->set('time_offset', $mosConfig_offset);
// Get the template for this page
echo $tpl->fetch('pages/account.order_details.tpl.php');
if (!empty($old_user) && is_object($old_user)) {
$user = $old_user;
}
} else {
vmRedirect($sess->url(SECUREURL . 'index.php?page=account.index'));
}
$lName = $dbbt->f("last_name");
$tax_total = $db->f("order_tax") + $db->f("order_shipping_tax");
$discount_total = $db->f("coupon_discount") + $db->f("order_discount");
$shipping = sprintf("%.2f", $db->f("order_shipping"));
$post_variables = array("trnOrderNumber" => $db->f("order_id"), "trnAmount" => round($db->f("order_subtotal") + $tax_total + $shipping - $discount_total, 2), "trnCardOwner" => $dbbt->f("first_name") . " " . $dbbt->f("last_name"), "ordAddress1" => $dbbt->f('address_1'), "ordAddress2" => $dbbt->f('address_2'), "ordCity" => $dbbt->f('city'), "ordProvince" => $dbbt->f('state'), "ordPostalCode" => $dbbt->f('zip'), "ordName" => $dbbt->f("first_name") . " " . $dbbt->f("last_name"), "ordEmailAddress" => $dbbt->f('user_email'), "ordPhoneNumber" => $dbbt->f('phone_1'), "ordCountry" => $db1->f('country_2_code'), "merchant_id" => "YOUR_MERCH_ID");
if ($page == "checkout.thankyou") {
$query_string = "?";
foreach ($post_variables as $name => $value) {
$query_string .= $name . "=" . urlencode($value) . "&";
}
// ## SEND AN EMAIL ##
// NOTE: I haven't tested this mailout yet... it could be modified to
// send a confirmation email upon successful transaction. I am not sure which
// variables Beanstream sends back to server upon successful (or failed) transaction.
$to = "*****@*****.**";
$subject = "the subject";
$message = "hello world from PHP Mail\nthe transaction ID was " . $db->f("order_id");
$headers = "From: bar@example.com" . '\\r\\n' . "Reply-To: bar@example.com" . '\\r\\n' . "X-Mailer: PHP/" . phpversion();
mail($to, $subject, $message, $headers);
// ## END PHP MAIL ##
vmRedirect($url . $query_string);
} else {
// ## MODIFY THIS TEXT TO SUIT YOUR NEEDS ##
echo ' <div class="BS"> <h3>Please read the following information, and click the button to continue.</h3> <p>You will be directed to a secure payment form hosted by Beanstream, where you may pay for your order using VISA or Mastercard. Once we receive confirmation of payment from Beanstream, we will ship your order. Thank you.</p> </div>';
echo '<form class="BS" name="BS_FORM" action="' . $url . '" method="post" target="_blank">';
echo '<label><h4>Proceed to Credit Card Processing →</h4></label> <input type="image" name="submit" src="https://www.beanstream.com/public/assets/images/media/beanstream_secure/beanstream_secure_light.gif" alt="Click to pay with Beanstream - secure online payment processing!" />';
foreach ($post_variables as $name => $value) {
echo '<input type="hidden" name="' . $name . '" value="' . htmlspecialchars($value) . '" />';
}
echo '</form>';
}
