Esempio n. 1
0
function buynowPayPal($ItemNum)
{
    global $Tpl;
    global $EP;
    $Tpl->SetBlockVar("Confirm_PayPal", "");
    $iteminfo = new clsDBNetConnect();
    $query = "Select * from items where ItemNum={$ItemNum}";
    $iteminfo->query($query);
    $iteminfo->next_record();
    $sellerid = $iteminfo->f("user_id");
    $sellerinfo = new clsDBNetConnect();
    $query = "select first_name, last_name, email, user_login from users where user_id={$sellerid}";
    $sellerinfo->query($query);
    $sellerinfo->next_record();
    $userinfo = new clsDBNetConnect();
    $from_user_id = CCGetSession("UserID");
    $query = "select first_name, last_name, email, user_login from users where user_id={$from_user_id}";
    $userinfo->query($query);
    $userinfo->next_record();
    $shipoption = 1;
    while ($iteminfo->f("ship" . $shipoption) != "") {
        if ($shipoption == 1) {
            $Tpl->setVar("checked", "checked");
        } else {
            $Tpl->setVar("checked", "");
        }
        if ($iteminfo->f("shipfee" . $shipoption) == 0 || $iteminfo->f("shipfee" . $shipoption) == "") {
            $price = "0.00";
        } else {
            $price = $iteminfo->f("shipfee" . $shipoption);
        }
        $Tpl->setVar("method", $iteminfo->f("ship" . $shipoption));
        $Tpl->setVar("option", $shipoption);
        $Tpl->setVar("price", "\$" . $price);
        $Tpl->Parse("Row", True);
        $shipoption++;
    }
    if (!$iteminfo->f("ship1")) {
        $Tpl->setVar("method", "No Shipping Specified");
        $Tpl->setVar("option", "999999");
        $Tpl->setVar("price", "\$" . "0.00");
        $Tpl->setVar("checked", "checked");
        $Tpl->Parse("Row", True);
    }
    $Tpl->setVar("ItemNum", $ItemNum);
    $Tpl->setVar("title", $iteminfo->f("title"));
    $Tpl->setVar("asking_price", $iteminfo->f("asking_price"));
    $Tpl->Parse("Confirm_PayPal", True);
}
Esempio n. 2
0
define("RelativePath", ".");
include RelativePath . "/Common.php";
include RelativePath . "/Template.php";
include RelativePath . "/Sorter.php";
include RelativePath . "/Navigator.php";
//End Include Common Files
//Include Page implementation @33-503267A8
include "./Header.php";
//End Include Page implementation
$admins = new clsDBNetConnect();
$admins->query("select * from administrators");
if ($admins->next_record()) {
    $key = md5($admins->f("username") . "AdMin kkkkkey" . $admins->f("password"));
}
if ($_GET["delete"] && $_GET["adminkey"] == $key) {
    $db = new clsDBNetConnect();
    $query = "select * from items where ItemNum = " . $_GET["delete"];
    $db->query($query);
    if ($db->next_record()) {
        if ($db->f("image_one")) {
            unlink("../" . $db->f("image_one"));
        }
        if ($db->f("image_two")) {
            unlink("../" . $db->f("image_two"));
        }
        if ($db->f("image_three")) {
            unlink("../" . $db->f("image_three"));
        }
        if ($db->f("image_four")) {
            unlink("../" . $db->f("image_four"));
        }
Esempio n. 3
0
function buildpage($id)
{
    global $Tpl;
    global $now;
    global $accounting;
    global $regcharges;
    $db = new clsDBNetConnect();
    $query = "select * from subscription_plans where id = " . $id;
    $db->query($query);
    if ($db->next_record()) {
        $id = $db->f("id");
        $title = $db->f("title");
        $description = $db->f("description");
        $group = $db->f("group");
        $duration = $db->f("duration");
        $unlimited = $db->f("unlimited");
        $price = $db->f("price");
        $recurring = $db->f("recurring");
        if ($recurring == 1) {
            $recurring = "Yes";
        } else {
            $recurring = "No";
        }
        if ($unlimited) {
            $duration = 9999;
        }
        $intro = $db->f("intro");
        $intro_duration = $db->f("intro_duration");
        $intro_price = $db->f("intro_price");
        $paypal = $db->f("paypal");
        $authnet = $db->f("authnet");
        $co2 = $db->f("co2");
        $active = $db->f("active");
        $icon = $db->f("icon");
        $date_added = $db->f("date_added");
        if ($active) {
            if ($paypal && $recurring == "No") {
                $paypallink = "https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=" . urlencode($accounting["paypal"]) . "&return=" . urlencode($now["homeurl"]) . "&no_note=1&currency_code=" . $regcharges["currencycode"] . "&notify_url=" . urlencode($now["homeurl"]) . "paypalipn.php&custom=" . CCGetUserID() . "&amount=" . $price . "&item_name=" . urlencode($now["sitename"] . "-Subscription") . "&item_number=" . $id;
                $Tpl->SetBlockVar("PayPal", "");
                $Tpl->setVar("paypallink", $paypallink);
                $Tpl->Parse("PayPal", True);
            }
            if ($paypal && $recurring == "Yes") {
                $days = $duration;
                $duration2 = "&p3=" . $days . "&t3=D";
                if ($days > 90 && $days < 730 && $days != 365 && $days != 730 && $db->f("recurring") == 1) {
                    $days = round($days / 30, 0);
                    $duration2 = "&p3=" . $days . "&t3=M";
                } elseif ($days > 730 && $db->f("recurring") == 1 || $days == 365 || $days == 730) {
                    $days = round($days / 365, 0);
                    $duration2 = "&p3=" . $days . "&t3=Y";
                }
                $rdays = $intro_duration;
                if ($rdays) {
                    $intro_duration2 = "&p1=" . $rdays . "&t1=D";
                }
                if ($rdays > 90 && $rdays < 730 && $rdays != 365 && $rdays != 730 && $db->f("recurring") == 1) {
                    $rdays = round($rdays / 30, 0);
                    $intro_duration2 = "&p1=" . $rdays . "&t1=M";
                } elseif ($rdays > 730 && $db->f("recurring") == 1 || $rdays == 365 || $rdays == 730) {
                    $rdays = round($rdays / 365, 0);
                    $intro_duration2 = "&p1=" . $rdays . "&t1=Y";
                }
                $paypallink = "https://www.paypal.com/cgi-bin/webscr?cmd=_xclick-subscriptions&business=" . urlencode($accounting["paypal"]) . "&return=" . urlencode($now["homeurl"]) . "&no_note=1&currency_code=" . $regcharges["currencycode"] . "&notify_url=" . urlencode($now["homeurl"]) . "paypalipn.php&custom=" . CCGetUserID() . "&amount=" . $intro_price . "&item_name=" . urlencode($now["sitename"] . "-Subscription") . "&item_number=" . $id . "&a1=" . $intro_price . $intro_duration2 . "&a3=" . $price . $duration2;
                if ($intro) {
                    $Tpl->SetBlockVar("intro", "");
                    $Tpl->setVar("currency", $regcharges["currency"]);
                    $Tpl->setVar("intro_price", $intro_price);
                    $Tpl->setVar("intro_duration", $intro_duration);
                    $Tpl->Parse("intro", True);
                }
                $Tpl->SetBlockVar("PayPal", "");
                $Tpl->setVar("paypallink", $paypallink);
                $Tpl->Parse("PayPal", True);
            }
            if ($co2) {
            }
            if ($authnet && $paypal) {
                $Tpl->SetBlockVar("or", "");
                $Tpl->Parse("or", True);
            }
            $Tpl->setVar("id", $id);
            $Tpl->setVar("title", $title);
            $Tpl->setVar("description", $description);
            $Tpl->setVar("price", $price);
            if ($unlimited) {
                $duration = "Unlimited";
            }
            $Tpl->setVar("duration", $duration);
            $Tpl->setVar("recurring", $recurring);
            $Tpl->setVar("intro_duration", $intro_duration);
            $Tpl->setVar("date_added", $date_added);
            $Tpl->setVar("icon", $icon);
        }
    }
}
Esempio n. 4
0
            echo "Attempted to connect to {$ftp_url} for user {$ftpusername} <br>";
            echo "Please double check your login information here and on your Froogle Merchant account and try again later.  <a href=\"FroogleSubmit.php\">BACK</a>";
            exit;
        }
        $upload = ftp_put($ftp, $frooglefilename . ".txt", "../uploads/" . $frooglefilename . ".txt", FTP_ASCII);
        if (!$upload) {
            echo "Froogle FTP transfer has failed!<br>";
            echo "Please double check your login information here and on your Froogle Merchant account and try again later.  <a href=\"FroogleSubmit.php\">BACK</a>";
            exit;
        }
        ftp_close($ftp);
        header("Location:FroogleSubmit.php");
        exit;
    }
} else {
    $db = new clsDBNetConnect();
    $query = "Select * from `settings_froogle` where `set_id` = '1'";
    $db->query($query);
    if ($db->next_record()) {
        $filename = $db->f("frooglefile");
        if ($db->f("frooglefile") != "" && $db->f("frooglefile") != "NULL") {
            $lastdate = $db->f("submit_date");
            if ($lastdate != "" && $lastdate != "0" && $lastdate != "NULL") {
                $fileurl = "<a href=\"../uploads/" . $filename . ".txt\">Right Click and \"Save As\"</a>";
                $mostrecentdate = date("F j, Y", $lastdate);
                $query = "select count(ItemNum) from `items` where `status` = 1 and `started` > {$lastdate}";
                $db->query($query);
                if ($db->next_record()) {
                    $count = $db->f("count(ItemNum)");
                    if ($count == 0) {
                        $error = "Feed Submitted Successfully";
Esempio n. 5
0
function items_BeforeShow()
{
    //items_BeforeShow @4-10DCF469
    //Custom Code @7-2A29BDB7
    global $Tpl;
    global $itemvars;
    global $items;
    global $newvars;
    global $currency;
    global $emails1;
    global $joinJS;
    global $admingroup;
    global $editorCSS;
    global $PHP_SELF;
    if (CCGetFromGet("ItemNum", "") || CCGetFromGet("PreviewNum", "")) {
        $db = new clsDBNetConnect();
        $db->connect();
        $SQL = "SELECT * FROM items WHERE ItemNum=" . CCGetFromGet("ItemNum", "");
        if (CCGetFromGet("PreviewNum", "")) {
            $SQL = "SELECT * FROM items_preview WHERE ItemNum=" . CCGetFromGet("PreviewNum", "");
        }
        $db->query($SQL);
        $Result = $db->next_record();
        if ($Result) {
            $itemvars = array("ItemNum" => $db->f(ItemNum), "category" => $db->f(category), "user_id" => $db->f(user_id), "title" => $db->f(title), "status" => $db->f(status), "end_reason" => $db->f(end_reason), "started" => $db->f(started), "closes" => $db->f(closes), "image_preview" => $db->f(image_preview), "slide_show" => $db->f(slide_show), "counter" => $db->f(counter), "added_description" => $db->f("added_description"), "dateadded" => $db->f("dateadded"), "make_offer" => $db->f(make_offer), "image_one" => $db->f(image_one), "image_two" => $db->f(image_two), "image_three" => $db->f(image_three), "image_four" => $db->f(image_four), "image_five" => $db->f(image_five), "asking_price" => $db->f(asking_price), "quantity" => $db->f(quantity), "city_town" => $db->f(city_town), "state_province" => $db->f(state_province), "country" => $db->f("country"), "ship1" => $db->f("ship1"), "shipfee1" => $db->f("shipfee1"), "ship2" => $db->f("ship2"), "shipfee2" => $db->f("shipfee2"), "ship3" => $db->f("ship3"), "shipfee3" => $db->f("shipfee3"), "ship4" => $db->f("ship4"), "shipfee4" => $db->f("shipfee4"), "ship5" => $db->f("ship5"), "shipfee5" => $db->f("shipfee5"), "item_paypal" => $db->f("item_paypal"), "hits" => $db->f(hits));
            if (!CCGetUserID()) {
                $mustbe = "<table class=\"ct\" width=\"80%\" cellspacing=\"1\" cellpadding=\"1\">\n\n        <tr>\n\n          <td bgcolor=\"#ffffff\" align=\"middle\" valign=\"bottom\">\n            <form method=\"post\" action=\"login.php?ret_link=" . $_SERVER["REQUEST_URI"] . "&type=notLogged&ccsForm=Login\" name=\"Login\">\n\n              <font class=\"fhf\">Login To Ask A Question</font>\n\n              <table cellpadding=\"5\" cellspacing=\"1\" class=\"ft\">\n                <tr>\n\n                  <td></td>\n\n                </tr>\n\n                <tr>\n\n                  <td align=\"right\"><b>Username:</b>&nbsp;</td>\n\n                  <td align=\"left\"><input name=\"login\" value=\"\" maxlength=\"100\" class=\"input\">&nbsp;</td>\n\n                </tr>\n\n                <tr>\n\n                  <td align=\"right\"><b>Password:</b>&nbsp;</td>\n\n                  <td align=\"left\"><input type=\"password\" name=\"password\" value=\"\" maxlength=\"100\" class=\"input\">&nbsp;<a href=\"login.php\">Forgot Password</a></td>\n\n                </tr>\n\n                <tr>\n\n                  <td align=\"middle\" colspan=\"2\">\n\n                    <input name=\"DoLogin\" type=\"submit\" value=\"Login\" class=\"button\">&nbsp;</td>\n\n                </tr>\n\n                <tr>\n\n                   <td align=\"middle\" colspan=\"2\">\n\n                   New Users:&nbsp;<a href=\"register.php\">Register</a>\n\n                   </td>\n\n                </tr>\n\n              </table>\n\n            </form>\n\n           </td>\n\n        </tr>\n\n      </table>";
            }
            if (!CCGetUserID() && $itemvars["make_offer"] == 1) {
                $mustbeoffer = "<b>You must be logged in to make an offer</b>";
            }
            if (CCGetUserID() && $itemvars["status"] == 1 && $itemvars["item_paypal"] != "") {
                $Tpl->SetVar("item_paypal", "&nbsp;&nbsp;<a href=\"confirm.php?what=buynowPayPal&ItemNum=" . $itemvars["ItemNum"] . "\"><B>Buy Now</b></a>");
            }
            if (!CCGetUserID() && $itemvars["make_offer"] == 1 && $itemvars["status"] == 1 && $itemvars["item_paypal"] == "") {
                $Tpl->SetVar("makeoffer", "&nbsp;&nbsp;<a href=\"login.php?ret_link=ViewItem.php?ItemNum=" . $itemvars["ItemNum"] . "&type=notLogged\">Login to Make an Offer<a>");
                $Tpl->SetVar("item_paypal", "");
            }
            if (!CCGetUserID() && $itemvars["make_offer"] == 1 && $itemvars["status"] == 1 && $itemvars["item_paypal"] != "") {
                $Tpl->SetVar("makeoffer", "&nbsp;&nbsp;<a href=\"login.php?ret_link=ViewItem.php?ItemNum=" . $itemvars["ItemNum"] . "&type=notLogged\">Login to Buy this Item Or Make an Offer<a>");
                $Tpl->SetVar("item_paypal", "");
            }
            $Tpl->SetVar("NotLogged", $mustbe);
            $Tpl->SetVar("NotLogged2", $mustbeoffer);
            $ldb = new clsDBNetConnect();
            $ldb->connect();
            $ldb2 = new clsDBNetConnect();
            $ldb2->connect();
            $ldb3 = new clsDBNetConnect();
            $ldb3->connect();
            $ldb4 = new clsDBNetConnect();
            $ldb4->connect();
            $ldb5 = new clsDBNetConnect();
            $ldb5->connect();
            $ldb->query("SELECT name, sub_cat_id, cat_id FROM categories WHERE cat_id=" . $itemvars["category"]);
            if ($ldb->next_record()) {
                $newvars["catlist"] = "<a href=\"ViewCat.php?CatID=" . $ldb->f("cat_id") . "\">" . $ldb->f("name") . "</a>";
                $ldb2->query("SELECT name, sub_cat_id, cat_id FROM categories WHERE cat_id=" . $ldb->f("sub_cat_id"));
                if ($ldb2->next_record()) {
                    $newvars["catlist"] = "<a href=\"ViewCat.php?CatID=" . $ldb2->f("cat_id") . "\">" . $ldb2->f("name") . "</a> > " . $newvars["catlist"];
                    $ldb3->query("SELECT name, sub_cat_id, cat_id FROM categories WHERE cat_id=" . $ldb2->f("sub_cat_id"));
                    if ($ldb3->next_record()) {
                        $newvars["catlist"] = "<a href=\"ViewCat.php?CatID=" . $ldb3->f("cat_id") . "\">" . $ldb3->f("name") . "</a> > " . $newvars["catlist"];
                        $ldb4->query("SELECT name, sub_cat_id, cat_id FROM categories WHERE cat_id=" . $ldb3->f("sub_cat_id"));
                        if ($ldb4->next_record()) {
                            $newvars["catlist"] = "<a href=\"ViewCat.php?CatID=" . $ldb4->f("cat_id") . "\">" . $ldb4->f("name") . "</a> > " . $newvars["catlist"];
                            $ldb5->query("SELECT name, sub_cat_id, cat_id FROM categories WHERE cat_id=" . $ldb4->f("sub_cat_id"));
                            if ($ldb5->next_record()) {
                                $newvars["catlist"] = "<a href=\"ViewCat.php?CatID=" . $ldb5->f("cat_id") . "\">" . $ldb5->f("name") . "</a> > " . $newvars["catlist"];
                            }
                        }
                    }
                }
            }
            $newvars["category"] = CCDLookUP("name", "categories", "cat_id=" . $itemvars["category"], $db);
            $newvars["categoryid"] = CCDLookUP("sub_cat_id", "categories", "cat_id=" . $itemvars["category"], $db);
            $newvars["categoryparent"] = CCDLookUP("name", "categories", "cat_id=" . $newvars["categoryid"], $db);
            if ($newvars["categoryparent"]) {
                $newvars["categoryparent"] = "<a href=\"ViewCat.php?CatID=" . $newvars["categoryid"] . "\">" . $newvars["categoryparent"] . "</a> >> ";
            }
            $newvars["sellerid"] = $itemvars["user_id"];
            $newvars["seller"] = CCDLookUP("user_login", "users", "user_id=" . $itemvars["user_id"], $db);
            if ($itemvars["status"] == 1) {
                $newvars["status"] = "Open";
            }
            if ($itemvars["status"] == 2) {
                $newvars["status"] = "Closed";
            }
            if ($itemvars["status"] == 0) {
                $newvars["status"] = "This Item has not been started yet";
            }
            $newvars["preview_image"] = "<img src=\"images/blank.jpg\">";
            $newvars["cellbreaker2"] = "";
            $newvars["cellbreaker1"] = "</td><td class=\"data\">";
            //if(itemvars["image_preview"] == 1){
            if ($itemvars["image_five"] != "") {
                $newvars["preview_image"] = thumbnail($itemvars["image_five"], 225, 225, 0, 0);
                $newvars["cellbreaker2"] = "</td><td class=\"data\">";
                $newvars["cellbreaker1"] = "";
                $newvars["imageFive"] = "<tr><td align=\"center\"><img src=\"" . $itemvars["image_five"] . "\"></td></tr>";
            }
            if ($itemvars["image_four"] != "") {
                $newvars["preview_image"] = thumbnail($itemvars["image_four"], 225, 225, 0, 0);
                $newvars["cellbreaker2"] = "</td><td class=\"data\">";
                $newvars["cellbreaker1"] = "";
                $newvars["imageFour"] = "<tr><td align=\"center\"><img src=\"" . $itemvars["image_four"] . "\"></td></tr>";
            }
            if ($itemvars["image_three"] != "") {
                $newvars["preview_image"] = thumbnail($itemvars["image_three"], 225, 225, 0, 0);
                $newvars["cellbreaker2"] = "</td><td class=\"data\">";
                $newvars["cellbreaker1"] = "";
                $newvars["imageThree"] = "<tr><td align=\"center\"><img src=\"" . $itemvars["image_three"] . "\"></td></tr>";
            }
            if ($itemvars["image_two"] != "") {
                $newvars["preview_image"] = thumbnail($itemvars["image_two"], 225, 225, 0, 0);
                $newvars["cellbreaker2"] = "</td><td class=\"data\">";
                $newvars["cellbreaker1"] = "";
                $newvars["imageTwo"] = "<tr><td align=\"center\"><img src=\"" . $itemvars["image_two"] . "\"></td></tr>";
            }
            if ($itemvars["image_one"] != "") {
                $newvars["preview_image"] = thumbnail($itemvars["image_one"], 225, 225, 0, 0);
                $newvars["cellbreaker2"] = "</td><td class=\"data\">";
                $newvars["cellbreaker1"] = "";
                $newvars["imageOne"] = "<tr><td align=\"center\"><img src=\"" . $itemvars["image_one"] . "\"></td></tr>";
            }
            //}
            $javafirst = 0;
            $javalast = 0;
            if ($itemvars["image_five"] != "") {
                $imreturn = thumbnail($itemvars["image_five"], 225, 225, 0, 1);
                $imreturn2 = thumbnail($itemvars["image_five"], 100, 100, 0, 1);
                $imreturn3 = thumbnail($itemvars["image_five"], 350, 350, 0, 1);
                $sone = explode("^", $imreturn);
                $sone2 = explode("^", $imreturn2);
                $sone3 = explode("^", $imreturn3);
                if ($javalast == 0) {
                    $endatt = "\n";
                    $javalast = 1;
                } elseif ($javalast == 1) {
                    $endatt = ",\n";
                }
                $newvars["slidesrc"] = "\"{$sone['0']}\"" . $endatt . $newvars["slidesrc"];
                $newvars["slideht"] = "\"{$sone['1']}\"" . $endatt . $newvars["slideht"];
                $newvars["slidewt"] = "\"{$sone['2']}\"" . $endatt . $newvars["slidewt"];
                $newvars["slideht2"] = "\"{$sone2['1']}\"" . $endatt . $newvars["slideht2"];
                $newvars["slidewt2"] = "\"{$sone2['2']}\"" . $endatt . $newvars["slidewt2"];
                $newvars["slideht3"] = "\"{$sone3['1']}\"" . $endatt . $newvars["slideht3"];
                $newvars["slidewt3"] = "\"{$sone3['2']}\"" . $endatt . $newvars["slidewt3"];
                unset($imreturn);
                unset($sone);
            }
            if ($itemvars["image_four"] != "") {
                $imreturn = thumbnail($itemvars["image_four"], 225, 225, 0, 1);
                $imreturn2 = thumbnail($itemvars["image_four"], 100, 100, 0, 1);
                $imreturn3 = thumbnail($itemvars["image_four"], 350, 350, 0, 1);
                $sone = explode("^", $imreturn);
                $sone2 = explode("^", $imreturn2);
                $sone3 = explode("^", $imreturn3);
                if ($javalast == 0) {
                    $endatt = "\n";
                    $javalast = 1;
                } elseif ($javalast == 1) {
                    $endatt = ",\n";
                }
                $newvars["slidesrc"] = "\"{$sone['0']}\"" . $endatt . $newvars["slidesrc"];
                $newvars["slideht"] = "\"{$sone['1']}\"" . $endatt . $newvars["slideht"];
                $newvars["slidewt"] = "\"{$sone['2']}\"" . $endatt . $newvars["slidewt"];
                $newvars["slideht2"] = "\"{$sone2['1']}\"" . $endatt . $newvars["slideht2"];
                $newvars["slidewt2"] = "\"{$sone2['2']}\"" . $endatt . $newvars["slidewt2"];
                $newvars["slideht3"] = "\"{$sone3['1']}\"" . $endatt . $newvars["slideht3"];
                $newvars["slidewt3"] = "\"{$sone3['2']}\"" . $endatt . $newvars["slidewt3"];
                unset($imreturn);
                unset($sone);
            }
            if ($itemvars["image_three"] != "") {
                $imreturn = thumbnail($itemvars["image_three"], 225, 225, 0, 1);
                $imreturn2 = thumbnail($itemvars["image_three"], 100, 100, 0, 1);
                $imreturn3 = thumbnail($itemvars["image_three"], 350, 350, 0, 1);
                $sone = explode("^", $imreturn);
                $sone2 = explode("^", $imreturn2);
                $sone3 = explode("^", $imreturn3);
                if ($javalast == 0) {
                    $endatt = "\n";
                    $javalast = 1;
                } elseif ($javalast == 1) {
                    $endatt = ",\n";
                }
                $newvars["slidesrc"] = "\"{$sone['0']}\"" . $endatt . $newvars["slidesrc"];
                $newvars["slideht"] = "\"{$sone['1']}\"" . $endatt . $newvars["slideht"];
                $newvars["slidewt"] = "\"{$sone['2']}\"" . $endatt . $newvars["slidewt"];
                $newvars["slideht2"] = "\"{$sone2['1']}\"" . $endatt . $newvars["slideht2"];
                $newvars["slidewt2"] = "\"{$sone2['2']}\"" . $endatt . $newvars["slidewt2"];
                $newvars["slideht3"] = "\"{$sone3['1']}\"" . $endatt . $newvars["slideht3"];
                $newvars["slidewt3"] = "\"{$sone3['2']}\"" . $endatt . $newvars["slidewt3"];
                unset($imreturn);
                unset($sone);
            }
            if ($itemvars["image_two"] != "") {
                $imreturn = thumbnail($itemvars["image_two"], 225, 225, 0, 1);
                $imreturn2 = thumbnail($itemvars["image_two"], 100, 100, 0, 1);
                $imreturn3 = thumbnail($itemvars["image_two"], 350, 350, 0, 1);
                $sone = explode("^", $imreturn);
                $sone2 = explode("^", $imreturn2);
                $sone3 = explode("^", $imreturn3);
                if ($javalast == 0) {
                    $endatt = "\n";
                    $javalast = 1;
                } elseif ($javalast == 1) {
                    $endatt = ",\n";
                }
                $newvars["slidesrc"] = "\"{$sone['0']}\"" . $endatt . $newvars["slidesrc"];
                $newvars["slideht"] = "\"{$sone['1']}\"" . $endatt . $newvars["slideht"];
                $newvars["slidewt"] = "\"{$sone['2']}\"" . $endatt . $newvars["slidewt"];
                $newvars["slideht2"] = "\"{$sone2['1']}\"" . $endatt . $newvars["slideht2"];
                $newvars["slidewt2"] = "\"{$sone2['2']}\"" . $endatt . $newvars["slidewt2"];
                $newvars["slideht3"] = "\"{$sone3['1']}\"" . $endatt . $newvars["slideht3"];
                $newvars["slidewt3"] = "\"{$sone3['2']}\"" . $endatt . $newvars["slidewt3"];
                unset($imreturn);
                unset($sone);
            }
            if ($itemvars["image_one"] != "") {
                $imreturn = thumbnail($itemvars["image_one"], 225, 225, 0, 1);
                $imreturn2 = thumbnail($itemvars["image_one"], 100, 100, 0, 1);
                $imreturn3 = thumbnail($itemvars["image_one"], 350, 350, 0, 1);
                $sone = explode("^", $imreturn);
                $sone2 = explode("^", $imreturn2);
                $sone3 = explode("^", $imreturn3);
                if ($javalast == 0) {
                    $endatt = "\n";
                    $javalast = 1;
                } elseif ($javalast == 1) {
                    $endatt = ",\n";
                }
                $newvars["slidesrc"] = "\"{$sone['0']}\"" . $endatt . $newvars["slidesrc"];
                $newvars["slideht"] = "\"{$sone['1']}\"" . $endatt . $newvars["slideht"];
                $newvars["slidewt"] = "\"{$sone['2']}\"" . $endatt . $newvars["slidewt"];
                $newvars["slideht2"] = "\"{$sone2['1']}\"" . $endatt . $newvars["slideht2"];
                $newvars["slidewt2"] = "\"{$sone2['2']}\"" . $endatt . $newvars["slidewt2"];
                $newvars["slideht3"] = "\"{$sone3['1']}\"" . $endatt . $newvars["slideht3"];
                $newvars["slidewt3"] = "\"{$sone3['2']}\"" . $endatt . $newvars["slidewt3"];
                unset($imreturn);
                unset($sone);
            }
            if ($itemvars["slide_show"] == 1) {
                $sliderun = "1";
                $newvars["cellbreaker2"] = "</td><td class=\"data\">";
                $newvars["cellbreaker1"] = "";
                $newvars["preview_image"] = "<table width=\"235\" align=\"center\" valign=\"middle\" class=\"ct\" height=\"235\" border=\"1\"><tr><td align=\"center\" valign=\"middle\" class=\"ltdt\">" . $newvars["preview_image"] . "\n</td></tr>\n</table>\n<table class=\"ct\" width=\"235\"><tr bgcolor=\"#FFFFFF\">\n<td align=\"center\" width=\"33%\"><a href=\"javascript:chgImg(-1)\"><img src=\"images/prev.gif\" border=\"0\"></a></td>\n<td align=\"center\" width=\"33%\"><a href=\"javascript:auto()\"><img src=\"images/play.gif\" border=\"0\"></a></td>\n<td align=\"center\" width=\"33%\"><a href=\"javascript:chgImg(1)\"><img src=\"images/next.gif\" border=\"0\"></a></td>\n</tr>\n</table>";
            } elseif ($itemvars["image_preview"] == 1) {
                $sliderun = "0";
                $newvars["preview_image"] = "<table width=\"235\" align=\"center\" valign=\"middle\" class=\"ct\" height=\"235\" border=\"1\"><tr><td align=\"center\" valign=\"middle\" class=\"ltdt\">" . $newvars["preview_image"] . "\n</td></tr>\n</table>\n<table width=\"235\"><tr>\n<td align=\"right\"></td>\n<td align=\"center\"></td>\n<td align=\"left\"></td>\n</tr>\n</table>";
            } else {
                $sliderun = "0";
                $newvars["preview_image"] = "<img src=\"images/blank.jpg\">";
            }
            $theday = getdate($itemvars["started"]);
            $startdate = $theday["weekday"] . ", " . $theday["month"] . " " . $theday["mday"] . ", " . $theday["year"];
            $newvars["started"] = $startdate;
            unset($theday);
            $theday = getdate($itemvars["closes"]);
            $enddate = $theday["weekday"] . ", " . $theday["month"] . " " . $theday["mday"] . ", " . $theday["year"];
            $newvars["closes"] = $enddate;
            if ($itemvars["city_town"] != "") {
                $newvars["city_town"] = $itemvars["city_town"] . ", ";
            }
            if ($itemvars["make_offer"] == 0 || $itemvars["make_offer"] == "" || $itemvars["make_offer"] == NULL) {
                $emails1->Visible = false;
            }
            $newvars["thiscat"] = "<a href=\"ViewCat.php?CatID=" . $itemvars["category"] . "\">" . $newvars["category"] . "</a>";
            $hits = "";
            if ($itemvars["counter"] == 1) {
                $hits = $itemvars["hits"];
            }
            if ($itemvars["dateadded"] != "" and $itemvars["added_description"] != "") {
                $newvars["dateadded"] = "<b>On " . date("F j, Y", $itemvars["dateadded"]) . ", " . $newvars["seller"] . " added:";
            }
            if ($itemvars["country"] != "") {
                $cnt = new clsDBNetConnect();
                $cnt->connect();
                $countryi = CCDLookUP("country_desc", "lookup_countries", "country_id=" . $itemvars["country"], $cnt);
            }
            //*********************************//
            //Get Custom Category template Vars//
            //*********************************//
            $cats = "(";
            $db = new clsDBNetConnect();
            $query = "select * from categories where cat_id='" . $itemvars["category"] . "'";
            $db->query($query);
            $db->next_record();
            $cats .= "cat_id=" . $db->f("cat_id");
            if ($db->f("sub_cat_id") > 0) {
                $cats .= " or ";
                $sub = $db->f("sub_cat_id");
                $query = "select * from categories where cat_id={$sub}";
                $db->query($query);
                $db->next_record();
                $cats .= "cat_id=" . $db->f("cat_id");
                if ($db->f("sub_cat_id") > 0) {
                    $cats .= " or ";
                    $sub = $db->f("sub_cat_id");
                    $query = "select * from categories where cat_id={$sub}";
                    $db->query($query);
                    $db->next_record();
                    $cats .= "cat_id=" . $db->f("cat_id");
                    if ($db->f("sub_cat_id") > 0) {
                        $cats .= " or ";
                        $sub = $db->f("sub_cat_id");
                        $query = "select * from categories where cat_id={$sub}";
                        $db->query($query);
                        $db->next_record();
                        $cats .= "cat_id=" . $db->f("cat_id");
                        if ($db->f("sub_cat_id") > 0) {
                            $cats .= " or ";
                            $sub = $db->f("sub_cat_id");
                            $query = "select * from categories where cat_id={$sub}";
                            $db->query($query);
                            $db->next_record();
                            $cats .= "cat_id=" . $db->f("cat_id");
                            if ($db->f("sub_cat_id") > 0) {
                                $cats .= " or ";
                                $sub = $db->f("sub_cat_id");
                                $query = "select * from categories where cat_id={$sub}";
                                $db->query($query);
                                $db->next_record();
                                $cats .= "cat_id=" . $db->f("cat_id");
                                if ($db->f("sub_cat_id") > 0) {
                                    $cats .= " or ";
                                    $sub = $db->f("sub_cat_id");
                                    $query = "select * from categories where cat_id={$sub}";
                                    $db->query($query);
                                    $db->next_record();
                                    $cats .= "cat_id=" . $db->f("cat_id");
                                } else {
                                    $cats .= ")";
                                }
                            } else {
                                $cats .= ")";
                            }
                        } else {
                            $cats .= ")";
                        }
                    } else {
                        $cats .= ")";
                    }
                } else {
                    $cats .= ")";
                }
            } else {
                $cats .= ")";
            }
            /////////////////////////////////
            //Send Custom TextArea Plugins //
            /////////////////////////////////
            $custtxt = new clsDBNetConnect();
            $query = "select * from custom_textarea where {$cats}";
            $custtxt->query($query);
            $queryfields = "(";
            $count = 0;
            while ($custtxt->next_record()) {
                if ($count > 0) {
                    $queryfields .= " or ";
                }
                $queryfields .= "field_id='" . $custtxt->f("id") . "'";
                $fields[$custtxt->f("id")] = $custtxt->f("template_var");
                $count++;
            }
            $queryfields .= ") and";
            if ($queryfields != "() and") {
                $query = "select * from custom_textarea_values where {$queryfields} ItemNum=" . $itemvars["ItemNum"];
                $custtxt->query($query);
                while ($custtxt->next_record()) {
                    //AdminEdit	abilities section
                    if ($admingroup) {
                        $editorCSS .= "\n#ta_" . $fields[$custtxt->f("field_id")] . "_" . $custtxt->f("field_id") . "_View {\n\nborder: 1px solid #fff;\n\npadding: top:8px;\n\nwidth: 500px;\n\nmax-width: 100%;\n\nvalign: center;\n\n}\n\n\n\n#ta_" . $fields[$custtxt->f("field_id")] . "_" . $custtxt->f("field_id") . "_View:hover {\n\n\tbackground-color: #ffcccc;\n\n\tborder-color: #ccc;\n\n}\n\n#ta_" . $fields[$custtxt->f("field_id")] . "_" . $custtxt->f("field_id") . "_Edit {\n\n\twidth: 100%;\n\n\tborder: 1px solid #fff;\n\n\tpadding: 1px;\n\n\tbackground-color: #eeeeee;\n\n\tvalign: center;\n\n}\n";
                        $joinJS .= "join(\"ta_" . $fields[$custtxt->f("field_id")] . "_" . $custtxt->f("field_id") . "_\", true)\n";
                        $Tpl->SetVar($fields[$custtxt->f("field_id")], "\n<DIV id=\"ta_" . $fields[$custtxt->f("field_id")] . "_" . $custtxt->f("field_id") . "_View\">\n" . stripslashes($custtxt->f("value")) . "\n</div>\n" . "<textarea id=\"ta_" . $fields[$custtxt->f("field_id")] . "_" . $custtxt->f("field_id") . "_Edit\" class=\"inplace\" tabindex=\"1\" name=\"ta_" . $fields[$custtxt->f("field_id")] . "_" . $custtxt->f("field_id") . "_Edit\"></textarea>\n");
                    } else {
                        $Tpl->SetVar($fields[$custtxt->f("field_id")], stripslashes($custtxt->f("value")));
                    }
                }
            }
            /////////////////////////////////
            //Send Custom TextBox Plugins  //
            /////////////////////////////////
            $fields = "";
            $custtxt = new clsDBNetConnect();
            $query = "select * from custom_textbox where {$cats}";
            $custtxt->query($query);
            $queryfields = "(";
            $count = 0;
            while ($custtxt->next_record()) {
                if ($count > 0) {
                    $queryfields .= " or ";
                }
                $queryfields .= "field_id='" . $custtxt->f("id") . "'";
                $fields[$custtxt->f("id")] = $custtxt->f("template_var");
                $count++;
            }
            $queryfields .= ") and";
            if ($queryfields != "() and") {
                $query = "select * from custom_textbox_values where {$queryfields} ItemNum=" . $itemvars["ItemNum"];
                $custtxt->query($query);
                while ($custtxt->next_record()) {
                    //AdminEdit	abilities section
                    if ($admingroup) {
                        $editorCSS .= "\n#tb_" . $fields[$custtxt->f("field_id")] . "_" . $custtxt->f("field_id") . "_View {\n\nborder: 1px solid #fff;\n\npadding: top:8px;\n\nwidth: 500px;\n\nmax-width: 100%;\n\nvalign: center;\n\n}\n\n\n\n#tb_" . $fields[$custtxt->f("field_id")] . "_" . $custtxt->f("field_id") . "_View:hover {\n\n\tbackground-color: #ffcccc;\n\n\tborder-color: #ccc;\n\n}\n\n#tb_" . $fields[$custtxt->f("field_id")] . "_" . $custtxt->f("field_id") . "_Edit {\n\n\twidth: 100%;\n\n\tborder: 1px solid #fff;\n\n\tpadding: 1px;\n\n\tbackground-color: #eeeeee;\n\n\tvalign: center;\n\n}\n";
                        $joinJS .= "join(\"tb_" . $fields[$custtxt->f("field_id")] . "_" . $custtxt->f("field_id") . "_\", true)\n";
                        $Tpl->SetVar($fields[$custtxt->f("field_id")], "\n<DIV id=\"tb_" . $fields[$custtxt->f("field_id")] . "_" . $custtxt->f("field_id") . "_View\">\n" . stripslashes($custtxt->f("value")) . "\n</div>\n" . "<textarea id=\"tb_" . $fields[$custtxt->f("field_id")] . "_" . $custtxt->f("field_id") . "_Edit\" class=\"inplace\" tabindex=\"1\" name=\"tb_" . $fields[$custtxt->f("field_id")] . "_" . $custtxt->f("field_id") . "_Edit\"></textarea>\n");
                    } else {
                        $Tpl->SetVar($fields[$custtxt->f("field_id")], stripslashes($custtxt->f("value")));
                    }
                }
            }
            //////////////////////////////////
            //Send Custom DropDown Plugins  //
            //////////////////////////////////
            $fields = "";
            $custtxt = new clsDBNetConnect();
            $query = "select * from custom_dropdown where {$cats}";
            $custtxt->query($query);
            $queryfields = "(";
            $count = 0;
            while ($custtxt->next_record()) {
                if ($count > 0) {
                    $queryfields .= " or ";
                }
                $queryfields .= "field_id='" . $custtxt->f("id") . "'";
                $fields[$custtxt->f("id")] = $custtxt->f("template_var");
                $count++;
            }
            $queryfields .= ")";
            if ($queryfields != "()") {
                $query = "select * from custom_dropdown_options where {$queryfields}";
                $custtxt->query($query);
                while ($custtxt->next_record()) {
                    $value[$custtxt->f("id")] = $custtxt->f("option");
                }
                $queryfields .= " and";
                $query = "select * from custom_dropdown_values where {$queryfields} ItemNum=" . $itemvars["ItemNum"];
                $custtxt->query($query);
                while ($custtxt->next_record()) {
                    $Tpl->SetVar($fields[$custtxt->f("field_id")], stripslashes($value[$custtxt->f("option_id")]));
                }
            }
            if ($itemvars["ship1"]) {
                $Tpl->SetBlockVar("shipping", "");
                $i = 1;
                $ship = "";
                while ($itemvars["ship{$i}"]) {
                    $ship .= "\t\t\t<tr>\n";
                    //ADMIN EDIT ABILITY SECTION
                    if ($admingroup) {
                        $editorCSS .= "\n#ship" . $i . "View {\n\nborder: 1px solid #fff;\n\npadding: top:8px;\n\nwidth: 500px;\n\nmax-width: 100%;\n\nvalign: center;\n\n}\n\n\n\n#ship" . $i . "View:hover {\n\n\tbackground-color: #ffcccc;\n\n\tborder-color: #ccc;\n\n}\n\n#ship" . $i . "Edit {\n\n\twidth: 100%;\n\n\tborder: 1px solid #fff;\n\n\tpadding: 1px;\n\n\tbackground-color: #eeeeee;\n\n\tvalign: center;\n\n}\n";
                        $editorCSS .= "\n#shipfee" . $i . "View {\n\nborder: 1px solid #fff;\n\npadding: top:8px;\n\nwidth: 500px;\n\nmax-width: 100%;\n\nvalign: center;\n\n}\n\n\n\n#shipfee" . $i . "View:hover {\n\n\tbackground-color: #ffcccc;\n\n\tborder-color: #ccc;\n\n}\n\n#shipfee" . $i . "Edit {\n\n\twidth: 100%;\n\n\tborder: 1px solid #fff;\n\n\tpadding: 1px;\n\n\tbackground-color: #eeeeee;\n\n\tvalign: center;\n\n}\n";
                        $joinJS .= "join(\"shipfee" . $i . "\", true)\n";
                        $joinJS .= "join(\"ship" . $i . "\", true)\n";
                        $ship .= "\t\t\t\t<td width=\"20%\">";
                        $ship .= "\n<DIV id=\"ship" . $i . "View\">\n" . $itemvars["ship{$i}"] . "\n</div>\n" . "<textarea id=\"ship" . $i . "Edit\" class=\"inplace\" tabindex=\"1\" name=\"ship" . $i . "Edit\"></textarea>\n";
                        $ship .= "</td>\n";
                        $ship .= "\t\t\t\t<td width=\"80%\">";
                        $ship .= "\n<DIV id=\"shipfee" . $i . "View\">\n" . $itemvars["shipfee{$i}"] . "\n</div>\n" . "<textarea id=\"shipfee" . $i . "Edit\" class=\"inplace\" tabindex=\"1\" name=\"shipfee" . $i . "Edit\"></textarea>\n";
                        $ship .= "</td>\n";
                    } else {
                        ///NOT ADMIN EDITABLE
                        $ship .= "\t\t\t\t<td width=\"20%\">" . $itemvars["ship{$i}"] . "</td>\n";
                        $ship .= "\t\t\t\t<td width=\"80%\">" . $itemvars["shipfee{$i}"] . "</td>\n";
                    }
                    $ship .= "\t\t\t</tr>\n";
                    $i++;
                }
                $Tpl->setVar("shippingoptions", $ship);
                $Tpl->parse("shipping", "");
            }
            $subsc_memb = subscription_membership($newvars["sellerid"], "icontext", "&nbsp;&nbsp;");
            if ($_GET["PreviewNum"]) {
                $Tpl->setblockvar("Preview", "");
                $Tpl->setvar("finalcat", $itemvars["category"]);
                $Tpl->setvar("ItemNum", $itemvars["ItemNum"]);
                $Tpl->parse("Preview", True);
            }
            if ($admingroup) {
                //Title AdminEdit
                $editorCSS .= "\n.inspector {\n\tfont-size: 11px;\n}\n\n#titleView {\n\nborder: 1px solid #fff;\n\npadding: top:8px;\n\nwidth: 500px;\n\nmax-width: 100%;\n\nvalign: center;\n\n}\n\n\n\n#titleView:hover {\n\n\tbackground-color: #ffcccc;\n\n\tborder-color: #ccc;\n\n}\n\n#titleEdit {\n\n\twidth: 100%;\n\n\tborder: 1px solid #fff;\n\n\tpadding: 1px;\n\n\tbackground-color: #eeeeee;\n\n\tvalign: center;\n\n}\n";
                $joinJS .= "join(\"title\", true)\n";
                $itemvars["title2"] = "\n<DIV id=\"titleView\">\n" . $itemvars["title"] . "\n</div>\n" . "<textarea id=\"titleEdit\" class=\"inplace\" tabindex=\"1\" name=\"titleEdit\"></textarea>\n";
                //Added Description AdminEdit
                if ($itemvars["added_description"]) {
                    $editorCSS .= "\n#added_descriptionView {\n\nborder: 1px solid #fff;\n\npadding: top:8px;\n\nwidth: 500px;\n\nmax-width: 100%;\n\nvalign: center;\n\n}\n\n\n\n#added_descriptionView:hover {\n\n\tbackground-color: #ffcccc;\n\n\tborder-color: #ccc;\n\n}\n\n#added_descriptionEdit {\n\n\twidth: 100%;\n\n\tborder: 1px solid #fff;\n\n\tpadding: 1px;\n\n\tbackground-color: #eeeeee;\n\n\tvalign: center;\n\n}\n";
                    $joinJS .= "join(\"added_description\", true)\n";
                    $itemvars["added_description"] = "\n<DIV id=\"added_descriptionView\">\n" . $itemvars["added_description"] . "\n</div>\n" . "<textarea id=\"added_descriptionEdit\" class=\"inplace\" tabindex=\"1\" name=\"added_descriptionEdit\"></textarea>\n";
                }
                //Asking Price AdminEdit
                $editorCSS .= "\n#asking_priceView {\n\nborder: 1px solid #fff;\n\npadding: top:8px;\n\nwidth: 500px;\n\nmax-width: 100%;\n\nvalign: center;\n\n}\n\n\n\n#asking_priceView:hover {\n\n\tbackground-color: #ffcccc;\n\n\tborder-color: #ccc;\n\n}\n\n#asking_priceEdit {\n\n\twidth: 100%;\n\n\tborder: 1px solid #fff;\n\n\tpadding: 1px;\n\n\tbackground-color: #eeeeee;\n\n\tvalign: center;\n\n}\n";
                $joinJS .= "join(\"asking_price\", true)\n";
                $itemvars["asking_price"] = "\n<DIV id=\"asking_priceView\">\n" . $itemvars["asking_price"] . "\n</div>\n" . "<textarea id=\"asking_priceEdit\" class=\"inplace\" tabindex=\"1\" name=\"asking_priceEdit\"></textarea>\n";
                //City_Town AdminEdit
                $editorCSS .= "\n#city_townView {\n\nborder: 1px solid #fff;\n\npadding: top:8px;\n\nwidth: 500px;\n\nmax-width: 100%;\n\nvalign: center;\n\n}\n\n\n\n#city_townView:hover {\n\n\tbackground-color: #ffcccc;\n\n\tborder-color: #ccc;\n\n}\n\n#city_townEdit {\n\n\twidth: 100%;\n\n\tborder: 1px solid #fff;\n\n\tpadding: 1px;\n\n\tbackground-color: #eeeeee;\n\n\tvalign: center;\n\n}\n";
                $joinJS .= "join(\"city_town\", true)\n";
                $newvars["city_town"] = "\n<DIV id=\"city_townView\">\n" . $itemvars["city_town"] . "\n</div>\n" . "<textarea id=\"city_townEdit\" class=\"inplace\" tabindex=\"1\" name=\"city_townEdit\"></textarea>\n";
                //State_Province AdminEdit
                $editorCSS .= "\n#state_provinceView {\n\nborder: 1px solid #fff;\n\npadding: top:8px;\n\nwidth: 500px;\n\nmax-width: 100%;\n\nvalign: center;\n\n}\n\n\n\n#state_provinceView:hover {\n\n\tbackground-color: #ffcccc;\n\n\tborder-color: #ccc;\n\n}\n\n#state_provinceEdit {\n\n\twidth: 100%;\n\n\tborder: 1px solid #fff;\n\n\tpadding: 1px;\n\n\tbackground-color: #eeeeee;\n\n\tvalign: center;\n\n}\n";
                $joinJS .= "join(\"state_province\", true)\n";
                $itemvars["state_province"] = "\n<DIV id=\"state_provinceView\">\n" . $itemvars["state_province"] . "\n</div>\n" . "<textarea id=\"state_provinceEdit\" class=\"inplace\" tabindex=\"1\" name=\"state_provinceEdit\"></textarea>\n";
                //quantity AdminEdit
                $editorCSS .= "\n#quantityView {\n\nborder: 1px solid #fff;\n\npadding: top:8px;\n\nwidth: 500px;\n\nmax-width: 100%;\n\nvalign: center;\n\n}\n\n\n\n#quantityView:hover {\n\n\tbackground-color: #ffcccc;\n\n\tborder-color: #ccc;\n\n}\n\n#quantityEdit {\n\n\twidth: 100%;\n\n\tborder: 1px solid #fff;\n\n\tpadding: 1px;\n\n\tbackground-color: #eeeeee;\n\n\tvalign: center;\n\n}\n";
                $joinJS .= "join(\"quantity\", true)\n";
                $itemvars["quantity"] = "\n<DIV id=\"quantityView\">\n" . $itemvars["quantity"] . "\n</div>\n" . "<textarea id=\"quantityEdit\" class=\"inplace\" tabindex=\"1\" name=\"quantityEdit\"></textarea>\n";
                $catoptions = "";
                $catlist = new clsDBNetConnect();
                $catlist->query("select * from categories where sub_cat_id=1");
                while ($catlist->next_record()) {
                    if ($itemvars["category"] == $catlist->f("cat_id")) {
                        $selected = " selected";
                    }
                    $catoptions .= "<option value=\"" . $catlist->f("cat_id") . "\"{$selected}>" . $catlist->f("name") . "</option>";
                    $selected = "";
                    $catlist2 = new clsDBNetConnect();
                    $catlist2->query("select * from categories where sub_cat_id=" . $catlist->f("cat_id"));
                    while ($catlist2->next_record()) {
                        if ($itemvars["category"] == $catlist2->f("cat_id")) {
                            $selected = " selected";
                        }
                        $catoptions .= "<option value=\"" . $catlist2->f("cat_id") . "\"{$selected}>--" . $catlist2->f("name") . "</option>";
                        $selected = "";
                        $catlist3 = new clsDBNetConnect();
                        $catlist3->query("select * from categories where sub_cat_id=" . $catlist2->f("cat_id"));
                        while ($catlist3->next_record()) {
                            if ($itemvars["category"] == $catlist3->f("cat_id")) {
                                $selected = " selected";
                            }
                            $catoptions .= "<option value=\"" . $catlist3->f("cat_id") . "\"{$selected}>----" . $catlist3->f("name") . "</option>";
                            $selected = "";
                            $catlist4 = new clsDBNetConnect();
                            $catlist4->query("select * from categories where sub_cat_id=" . $catlist3->f("cat_id"));
                            while ($catlist4->next_record()) {
                                if ($itemvars["category"] == $catlist4->f("cat_id")) {
                                    $selected = " selected";
                                }
                                $catoptions .= "<option value=\"" . $catlist4->f("cat_id") . "\"{$selected}>------" . $catlist4->f("name") . "</option>";
                                $selected = "";
                                $catlist5 = new clsDBNetConnect();
                                $catlist5->query("select * from categories where sub_cat_id=" . $catlist4->f("cat_id"));
                                while ($catlist5->next_record()) {
                                    if ($itemvars["category"] == $catlist5->f("cat_id")) {
                                        $selected = " selected";
                                    }
                                    $catoptions .= "<option value=\"" . $catlist5->f("cat_id") . "\"{$selected}>--------" . $catlist5->f("name") . "</option>";
                                    $selected = "";
                                    $catlist6 = new clsDBNetConnect();
                                    $catlist6->query("select * from categories where sub_cat_id=" . $catlist5->f("cat_id"));
                                    while ($catlist6->next_record()) {
                                        if ($itemvars["category"] == $catlist6->f("cat_id")) {
                                            $selected = " selected";
                                        }
                                        $catoptions .= "<option value=\"" . $catlist6->f("cat_id") . "\"{$selected}>----------" . $catlist6->f("name") . "</option>";
                                        $selected = "";
                                    }
                                }
                            }
                        }
                    }
                }
                $QueryString = CCGetQueryString("QueryString", array());
                $AdminMenu = <<<EOD
    
<script>
\t\tfunction toggleDisplayadminrow() {
\t\t\tif (document.getElementById) {
\t\t\t\tif(document.getElementById("adminrow").style.display=="block") {
\t\t\t\t\tdocument.getElementById("adminrow").style.display="none";
\t\t\t\t\tdocument.getElementById("adminrow_icon").src="images/expand.gif";
\t\t\t\t}
\t\t\t\telse {
\t\t\t\t\tdocument.getElementById("adminrow").style.display="block";
\t\t\t\t\tdocument.getElementById("adminrow_icon").src="images/minimize.gif";
\t\t\t\t}
\t\t\t}
\t\t}
\t</script>
\t<table width="100%" border="0">
\t<tr><td>
\t<img id="adminrow_icon" src="images/expand.gif" width="16" height="16" onclick="javascript:toggleDisplayadminrow();" onmouseover="javascript:this.style.cursor='hand';"><b> -- Expand FrontEnd Admin Menu</b>
\t</td></tr>
\t<table id="adminrow" style="display:none;" width="100%">
\t<tr><td>
\t<form name="AdminMenu" method="POST" action="ViewItem.php?{$QueryString}">
\tMove Item to Categories: <select name="movecategory">{$catoptions}</select><br>
\t<br><input class="inspector" type="submit" value="Move to Selected Category" name="saveMoveCats"/>
\t</form>
\tOther 'In Place' edits on this page:  Most Fields on this Page can be Double Clicked and Edited.
\t<ul><li><b>Edit-In-Place - </b>The majority of the text fields on this page can be edited in place, just double click on them, then click 'Save Changes'<br>
\tThe 'Title', 'Quantity', 'Asking Price', 'Location', 'Description', 'Added Description', 'Shipping Options', and 'Custom Text Area/Box' fields can be edited here, any other fileds must be edited from the Listings section in siteadmin.</li>
\t</ul><hr>
\t</td></tr></table>
\t</table>
EOD;
                $savebutton = <<<EOD
\t<tr>
      <td align="center" colspan="2">
  \t  <input type="submit" name="SaveChanges" title="Save Changes" value="Save Changes">
  \t  </td>
  \t</tr>
EOD;
                if ($itemvars["status"] == 99) {
                    $approve = <<<EOD
\t\t<tr>
      \t\t<td align="center" colspan="2" bgcolor="lightgrey">
  \t  \t\t<a href="ViewItem.php?{$QueryString}&approved=1">CLICK HERE TO MARK THIS LISTING AS 'APPROVED' AND START IT</a>
  \t  \t\t</td>
  \t\t</tr>
EOD;
                }
                $Tpl->SetVar("approve", $approve);
                $Tpl->SetVar("SaveButton", $savebutton);
                $Tpl->SetVar("AdminMenu", $AdminMenu);
            }
            $Tpl->SetVar("make_offer_form", $outform);
            $Tpl->SetVar("added_description", $itemvars["added_description"]);
            $Tpl->SetVar("dateadded", $newvars["dateadded"]);
            $Tpl->SetVar("title", $itemvars["title"]);
            $Tpl->SetVar("title2", $itemvars["title2"]);
            $Tpl->SetVar("categoryparent", $newvars["catlist"]);
            $Tpl->SetVar("ItemNum", $itemvars["ItemNum"]);
            $Tpl->SetVar("category", $newvars["category"]);
            $Tpl->SetVar("thiscat", "");
            $Tpl->SetVar("askingprice", $itemvars["asking_price"]);
            $Tpl->SetVar("quantity", $itemvars["quantity"]);
            $Tpl->SetVar("seller", $newvars["seller"]);
            $Tpl->SetVar("sellerid", $newvars["sellerid"]);
            $Tpl->SetVar("UserRating", "<a href=\"Feedback.php?user_id=" . $newvars["sellerid"] . "\">(" . Getfeedbacktotal($newvars["sellerid"]) . ")</a>");
            $Tpl->SetVar("subscriptions", $subsc_memb);
            $Tpl->SetVar("end_reason", $itemvars["end_reason"]);
            $Tpl->SetVar("started", $newvars["started"]);
            $Tpl->SetVar("closes", $newvars["closes"]);
            $Tpl->SetVar("initial_image", $newvars["preview_image"]);
            $Tpl->SetVar("cellbreaker1", $newvars["cellbreaker1"]);
            $Tpl->SetVar("cellbreaker2", $newvars["cellbreaker2"]);
            $Tpl->SetVar("city_town", $newvars["city_town"]);
            $Tpl->SetVar("state_province", $itemvars["state_province"]);
            $Tpl->SetVar("country", $countryi);
            $Tpl->SetVar("hits", $hits);
            $Tpl->SetVar("status", $newvars["status"]);
            $Tpl->SetVar("imageOne", $newvars["imageOne"]);
            $Tpl->SetVar("imageTwo", $newvars["imageTwo"]);
            $Tpl->SetVar("imageThree", $newvars["imageThree"]);
            $Tpl->SetVar("imageFour", $newvars["imageFour"]);
            $Tpl->SetVar("imageFive", $newvars["imageFive"]);
            $Tpl->SetVar("imgarray", $newvars["slidesrc"]);
            $Tpl->SetVar("imgarrayht", $newvars["slideht"]);
            $Tpl->SetVar("imgarraywd", $newvars["slidewt"]);
            $Tpl->SetVar("imgarrayht2", $newvars["slideht2"]);
            $Tpl->SetVar("imgarraywd2", $newvars["slidewt2"]);
            $Tpl->SetVar("imgarrayht3", $newvars["slideht3"]);
            $Tpl->SetVar("imgarraywd3", $newvars["slidewt3"]);
            $Tpl->SetVar("Loader", $sliderun);
            //{imageOne}{imageTwo}{imageThree}{imageFour}{imageFive} //HTML Usage
            unset($db);
            unset($SQL);
            unset($Result);
            $itemvars["hits"]++;
            $db = new clsDBNetConnect();
            $db->connect();
            if (CCGetFromGet("ItemNum", "")) {
                $SQL = "UPDATE items SET hits=" . $itemvars["hits"] . " WHERE ItemNum=" . $itemvars["ItemNum"];
                $db->query($SQL);
            }
            unset($db);
            unset($SQL);
        }
    }
    //End Custom Code
}
Esempio n. 6
0
 function Open()
 {
     global $Tpl;
     global $terms;
     global $savedresults;
     $this->CCSEventResult = CCGetEvent($this->CCSEvents, "BeforeBuildSelect");
     $this->CountSQL = "SELECT COUNT(*)  " . "FROM items";
     $this->SQL = "SELECT *  " . "FROM items";
     $this->CCSEventResult = CCGetEvent($this->CCSEvents, "BeforeExecuteSelect");
     $this->RecordsCount = CCGetDBValue(CCBuildSQL($this->CountSQL, $this->Where, ""), $this);
     $this->query(CCBuildSQL($this->SQL, $this->Where, $this->Order));
     //print CCBuildSQL($this->SQL, $this->Where, $this->Order);
     if ($terms && !$savedresults || $terms && $_GET["refreshresults"]) {
         $db = new clsDBNetConnect();
         $db->query(CCBuildSQL($this->SQL, $this->Where, $this->Order));
         $resultstring = "";
         while ($db->next_record()) {
             $resultstring .= $db->f("ItemNum") . " ::!:!: " . $db->f("title") . " :!:!:: ";
         }
         $db->query("update search_history set `results` = '" . mysql_escape_string($resultstring) . "' where `id` = '" . $_GET["search_id"] . "'");
     }
     $Tpl->SetVar("Results", $this->nf());
     $this->CCSEventResult = CCGetEvent($this->CCSEvents, "AfterExecuteSelect");
     $this->MoveToPage($this->AbsolutePage);
 }
Esempio n. 7
0
<?php 
$value = 'cualquier cosa';
$key = 'a8217d1f9bc025b3bfe8d1c61eb21fa6';
setcookie("THE_KEY", $key);
?>

<?php 
define("RelativePath", ".");
include RelativePath . "/Common.php";
include RelativePath . "/Template.php";
include RelativePath . "/Sorter.php";
include RelativePath . "/Navigator.php";
$admingroup = 0;
$admingroup = test_admin_group();
if ($_POST["SaveChanges"] && $admingroup) {
    $db = new clsDBNetConnect();
    foreach ($_POST as $key => $value) {
        if (rtrim(current(explode("_", $key))) == "cat") {
            if ($value) {
                $keyarray = explode("_", $key);
                $db->query("update categories set `name` = '" . mysql_escape_string(html_entity_decode($value)) . "' where `cat_id` = '" . $keyarray[1] . "'");
            }
        }
    }
    $order = explode("|", $_POST["order"]);
    $i = 0;
    while ($order[$i]) {
        $x = $i + 1;
        $db->query("update categories set `weight` = '" . $x . "' where `cat_id` = '" . $order[$i] . "'");
        $i++;
    }
Esempio n. 8
0
    header("Location: " . $Redirect);
    exit;
}
//End Go to destination page

//Initialize HTML Template @1-A0111C9D
$CCSEventResult = CCGetEvent($CCSEvents, "OnInitializeView");
$Tpl = new clsTemplate();
include './Lang/lang_class.php';
$Tpl->LoadTemplate(TemplatePath . $TemplateFileName, "main");
$CCSEventResult = CCGetEvent($CCSEvents, "BeforeShow");
//End Initialize HTML Template

	$db = new clsDBNetConnect;
	$db2 = new clsDBNetConnect;
	$db3 = new clsDBNetConnect;
	//Print "1";
	if (!$_GET["itemID"])
		$itemID = 0;
	else
		$itemID = $_GET["itemID"];
	if (!$_GET["count"])
		$count = 0;
	else
		$count = $_GET["count"];
	if (!$_GET["totalterms"])
		$totalterms = 0;
	else
		$totalterms = $_GET["totalterms"];
	$terms = 0;
	$pageterms = 0;
Esempio n. 9
0
function index_search($text)
{
    if (strstr($text, "debugmeplease")) {
        $debug = 1;
        $text = str_replace("debugmeplease", "", $text);
    } else {
        $debug = "";
    }
    $db = new clsDBNetConnect();
    if ($debug) {
        print $_POST["search"] . "<br>";
    }
    $text = str_replace("\n", " ", $text);
    $text = " " . $text . " ";
    $text = preg_replace("/[^A-Z,^a-z,^\\',^0-9,^\\+,^\",^\\-,^\\*]/", " ", $text);
    if ($debug) {
        print $text . "<br>";
    }
    preg_match_all("/\\s\"([A-Z,a-z,0-9,\\',\\s]+?)\"\\s/", $text, $quotedtext);
    if ($debug) {
        echo ($count = count($quotedtext[1])) . " Quoted delimited strings:";
        Print_r($quotedtext[1]);
    }
    $text = preg_replace("/\\s\"([A-Z,a-z,0-9,\\',\\s]+?)\"\\s/", " ", $text);
    $text = str_replace(" ", "  ", $text);
    $text = " " . $text . " ";
    if ($debug) {
        print "<br>" . $text . "<br>";
    }
    preg_match_all("/\\s([A-Z,a-z,0-9,\\']+?)\\s/", $text, $ortext);
    if ($debug) {
        echo ($count = count($ortext[1])) . " space delimited strings:";
        Print_r($ortext[1]);
        print "<br>";
    }
    preg_match_all("/\\s\\+([A-Z,a-z,\\',0-9]+?)\\s/", $text, $includetext);
    if ($debug) {
        echo ($count = count($includetext[1])) . " included strings:";
        Print_r($includetext[1]);
        print "<br>";
    }
    preg_match_all("/\\s\\-([A-Z,a-z,\\',0-9]+?)\\s/", $text, $excludetext);
    if ($debug) {
        echo ($count = count($excludetext[1])) . " excluded strings:";
        Print_r($excludetext[1]);
        print "<br>";
    }
    preg_match_all("/\\s\\*([A-Z,a-z,\\',0-9]+?)\\s/", $text, $wildtext1);
    if ($debug) {
        echo ($count = count($wildtext1[1])) . " wild1 strings:";
        Print_r($wildtext1[1]);
        print "<br>";
    }
    preg_match_all("/\\s([A-Z,a-z,\\',0-9]+?)\\*\\s/", $text, $wildtext2);
    if ($debug) {
        echo ($count = count($wildtext2[1])) . " wild2 strings:";
        Print_r($wildtext2[1]);
        print "<br>";
    }
    preg_match_all("/\\s\\*([A-Z,a-z,\\',0-9]+?)\\*\\s/", $text, $wildtext3);
    if ($debug) {
        echo ($count = count($wildtext3[1])) . " wild3 strings:";
        Print_r($wildtext3[1]);
        print "<br>";
    }
    $i = 0;
    $x = 1;
    // Now for the Queries
    // Regular text, 'or' query
    if (count($ortext[1]) > 0) {
        $where = " where";
        $i = 0;
        while ($ortext[1]["{$i}"]) {
            $where .= " value = '" . mysql_escape_string($ortext[1]["{$i}"]) . "'";
            $i++;
            if ($ortext[1]["{$i}"]) {
                $where .= " or";
            } else {
                $where .= "";
            }
        }
        $query = "select distinct(ItemNum) from listing_index" . $where;
        $db->query($query);
        if ($debug) {
            print "<hr><b>Or Section!</b> Items matching: <br><b>" . $query . "</b><hr>";
        }
        $ItemArray = "";
        $OrItemNumbers = "";
        while ($db->next_record()) {
            if (!$ItemArray || !in_array($db->f("ItemNum"), $ItemArray)) {
                $ItemArray[] = $db->f("ItemNum");
            }
        }
        $i = 0;
        $ItemWhere = "";
        while ($ItemArray["{$i}"]) {
            $ItemWhere .= " ItemNum = '" . mysql_escape_string($ItemArray["{$i}"]) . "'";
            $i++;
            if ($ItemArray["{$i}"]) {
                $ItemWhere .= " or";
            } else {
                $ItemWhere .= "";
            }
        }
        if ($debug) {
            print_r($ItemArray);
        }
    }
    // Require Include
    if (count($includetext[1]) > 0) {
        if ($debug) {
            print "<hr><b>Required Include Section!</b><br>";
        }
        //$where = " where (";
        $i = 0;
        while ($includetext[1]["{$i}"]) {
            //$where .= "value = '" . mysql_escape_string($includetext[1]["$i"]) . "'";
            //if ($includetext[1]["$i"] && $includetext[1]["$i"] != "")
            //	$where .= " or ";
            //else
            //	$where .= "";
            //}
            if ($ItemWhere) {
                $ItemWhere = " and (" . $ItemWhere . ")";
            }
            $query = "select distinct(ItemNum) from listing_index where value = '" . mysql_escape_string($includetext[1]["{$i}"]) . "'" . $ItemWhere;
            $db->query($query);
            if ($debug) {
                print "<b>Query for: </b>" . $includetext[1]["{$i}"] . "<br>" . $query . "<br>";
            }
            $ItemArray = "";
            $IncludeItemNumbers = "";
            while ($db->next_record()) {
                if (!$ItemArray || !in_array($db->f("ItemNum"), $ItemArray)) {
                    $ItemArray[] = $db->f("ItemNum");
                }
            }
            $x = 0;
            $ItemWhere = "";
            while ($ItemArray["{$x}"]) {
                $ItemWhere .= " ItemNum = '" . mysql_escape_string($ItemArray["{$x}"]) . "'";
                $x++;
                if ($ItemArray["{$x}"]) {
                    $ItemWhere .= " or";
                } else {
                    $ItemWhere .= "";
                }
            }
            $i++;
        }
        if ($debug) {
            print_r($ItemArray);
        }
    }
    // Pre-Wild Text
    if (count($wildtext1[1]) > 0) {
        $where = " where (";
        $i = 0;
        while ($wildtext1[1]["{$i}"]) {
            $where .= "value like '%" . mysql_escape_string($wildtext1[1]["{$i}"]) . "'";
            $i++;
            if ($wildtext1[1]["{$i}"] && $wildtext1[1]["{$i}"] != "") {
                $where .= " or ";
            } else {
                $where .= "";
            }
        }
        $where .= ")";
        if ($ItemWhere) {
            $where = $where . " and ({$ItemWhere})";
        }
        $query = "select distinct(ItemNum) from listing_index" . $where;
        $db->query($query);
        if ($debug) {
            print "<hr><b>Pre-Wild Section!</b> Items matching: <br><b>" . $query . "</b><hr>";
        }
        $ItemArray = "";
        $Wild1ItemNumbers = "";
        $i = 0;
        $ItemWhere = "";
        while ($db->next_record()) {
            if (!$ItemArray || !in_array($db->f("ItemNum"), $ItemArray)) {
                $ItemArray[] = $db->f("ItemNum");
            }
        }
        while ($ItemArray["{$i}"]) {
            $ItemWhere .= " ItemNum = '" . mysql_escape_string($ItemArray["{$i}"]) . "'";
            $i++;
            if ($ItemArray["{$i}"]) {
                $ItemWhere .= " or";
            } else {
                $ItemWhere .= "";
            }
        }
        if ($debug) {
            print_r($ItemArray);
        }
    }
    // Post-Wild Text
    if (count($wildtext2[1]) > 0) {
        $where = " where (";
        $i = 0;
        while ($wildtext2[1]["{$i}"]) {
            $where .= "value like '" . mysql_escape_string($wildtext2[1]["{$i}"]) . "%'";
            $i++;
            if ($wildtext2[1]["{$i}"] && $wildtext2[1]["{$i}"] != "") {
                $where .= " or ";
            } else {
                $where .= "";
            }
        }
        $where .= ")";
        if ($ItemWhere) {
            $where = $where . " and ({$ItemWhere})";
        }
        $query = "select distinct(ItemNum) from listing_index" . $where;
        $db->query($query);
        if ($debug) {
            print "<hr><b>Post-Wild Section!</b> Items matching: <br><b>" . $query . "</b><hr>";
        }
        $ItemArray = "";
        $Wild2ItemNumbers = "";
        $i = 0;
        $ItemWhere = "";
        while ($db->next_record()) {
            if (!$ItemArray || !in_array($db->f("ItemNum"), $ItemArray)) {
                $ItemArray[] = $db->f("ItemNum");
            }
        }
        while ($ItemArray["{$i}"]) {
            $ItemWhere .= " ItemNum = '" . mysql_escape_string($ItemArray["{$i}"]) . "'";
            $i++;
            if ($ItemArray["{$i}"]) {
                $ItemWhere .= " or";
            } else {
                $ItemWhere .= "";
            }
        }
        if ($debug) {
            print_r($ItemArray);
        }
    }
    // Pre-Post-Wild Text
    if (count($wildtext3[1]) > 0) {
        $where = " where (";
        $i = 0;
        while ($wildtext3[1]["{$i}"]) {
            $where .= "value like '%" . mysql_escape_string($wildtext3[1]["{$i}"]) . "%'";
            $i++;
            if ($wildtext3[1]["{$i}"] && $wildtext3[1]["{$i}"] != "") {
                $where .= " or ";
            } else {
                $where .= "";
            }
        }
        $where .= ")";
        if ($ItemWhere) {
            $where = $where . " and ({$ItemWhere})";
        }
        $query = "select distinct(ItemNum) from listing_index" . $where;
        $db->query($query);
        if ($debug) {
            print "<hr><b>Pre-Post-Wild Section!</b> Items matching: <br><b>" . $query . "</b><hr>";
        }
        $ItemArray = "";
        $Wild3ItemNumbers = "";
        $i = 0;
        $ItemWhere = "";
        while ($db->next_record()) {
            if (!$ItemArray || !in_array($db->f("ItemNum"), $ItemArray)) {
                $ItemArray[] = $db->f("ItemNum");
            }
        }
        while ($ItemArray["{$i}"]) {
            $ItemWhere .= " ItemNum = '" . mysql_escape_string($ItemArray["{$i}"]) . "'";
            $i++;
            if ($ItemArray["{$i}"]) {
                $ItemWhere .= " or";
            } else {
                $ItemWhere .= "";
            }
        }
        if ($debug) {
            print_r($ItemArray);
        }
    }
    // Require exclude
    if (count($excludetext[1]) > 0) {
        $where = " where (";
        $i = 0;
        while ($excludetext[1]["{$i}"]) {
            $where .= "value = '" . mysql_escape_string($excludetext[1]["{$i}"]) . "'";
            $i++;
            if ($excludetext[1]["{$i}"] && $excludetext[1]["{$i}"] != "") {
                $where .= " or ";
            } else {
                $where .= "";
            }
        }
        $where .= ")";
        if ($ItemWhere) {
            $where = $where . " and ({$ItemWhere})";
        }
        $query = "select distinct(ItemNum) from listing_index" . $where;
        $db->query($query);
        if ($debug) {
            print "<hr><b>Required Exclude Section!</b> Items matching: <br><b>" . $query . "</b><hr>";
        }
        $DiffArray = "";
        $ExcludeItemNumbers = "";
        while ($db->next_record()) {
            if (!$DiffArray || !in_array($db->f("ItemNum"), $DiffArray)) {
                $DiffArray[] = $db->f("ItemNum");
            }
        }
        if ($DiffArray && $ItemWhere) {
            $i = 0;
            $temp = "";
            while ($ItemArray["{$i}"]) {
                if (!$ItemArray || !in_array($ItemArray["{$i}"], $DiffArray)) {
                    $temp[] = $ItemArray["{$i}"];
                }
                $i++;
            }
            $ItemArray = $temp;
        }
        if (!$ItemWhere) {
            $where = " where (";
            $i = 0;
            while ($DiffArray["{$i}"]) {
                $where .= "ItemNum != '" . mysql_escape_string($DiffArray["{$i}"]) . "'";
                $i++;
                if ($DiffArray["{$i}"] && $DiffArray["{$i}"] != "") {
                    $where .= " and ";
                } else {
                    $where .= "";
                }
            }
            $where .= ")";
            $query = "select distinct(ItemNum) from listing_index" . $where;
            $db->query($query);
            if ($debug) {
                print "<hr><b>Required Exclude (No Other Matches) Section!</b> Items matching: <br><b>" . $query . "</b><hr>";
            }
            $ExcludeItemNumbers = "";
            while ($db->next_record()) {
                if (!$ItemArray || !in_array($db->f("ItemNum"), $ItemArray)) {
                    $ItemArray[] = $db->f("ItemNum");
                }
            }
        }
        $i = 0;
        $ItemWhere = "";
        while ($ItemArray["{$i}"]) {
            $ItemWhere .= " ItemNum = '" . mysql_escape_string($ItemArray["{$i}"]) . "'";
            $i++;
            if ($ItemArray["{$i}"]) {
                $ItemWhere .= " or";
            } else {
                $ItemWhere .= "";
            }
        }
        if ($debug) {
            print_r($ItemArray);
        }
    }
    // Quoted Comment Search
    if (count($quotedtext[1]) > 0) {
        if ($debug) {
            print "<hr><b>Quoted Match Section!</b><hr>";
        }
        $i = 0;
        $finalmatch = "";
        while ($quotedtext[1]["{$i}"]) {
            $quoteword = explode(" ", $quotedtext[1]["{$i}"]);
            $x = 0;
            $match = "";
            while ($quoteword[$x]) {
                if ($where1 != " ") {
                    if ($ItemWhere && !$where1) {
                        $query = "select * from listing_index where `value` = '" . mysql_escape_string($quoteword[$x]) . "' and (" . $ItemWhere . ")";
                    } elseif ($where1 && $where1 != " ") {
                        $query = "select * from listing_index where `value` = '" . mysql_escape_string($quoteword[$x]) . "' and ({$where1})";
                    } else {
                        $query = "select * from listing_index where `value` = '" . mysql_escape_string($quoteword[$x]) . "'";
                    }
                    if ($debug) {
                        print $query . " - " . $ItemWhere;
                    }
                    $db->query($query);
                    $where1 = " ";
                    while ($db->next_record()) {
                        $pos = $db->f("pos");
                        if ($match[$x - 1]) {
                            $prevpos = $pos - 1;
                            if ($match[$x - 1][$db->f("ItemNum")]["{$prevpos}"]) {
                                $match[$x][$db->f("ItemNum")][$pos] = $pos;
                                if (!stristr($where1, $db->f("ItemNum"))) {
                                    if ($where1 != " ") {
                                        $where1 .= " or ";
                                    }
                                    $where1 .= " ItemNum = '" . mysql_escape_string($db->f("ItemNum")) . "'";
                                }
                            }
                        } else {
                            $match[$x][$db->f("ItemNum")][$pos] = $pos;
                            if (!stristr($where1, $db->f("ItemNum"))) {
                                if ($where1 != " ") {
                                    $where1 .= " or ";
                                }
                                $where1 .= " ItemNum = '" . mysql_escape_string($db->f("ItemNum")) . "'";
                            }
                        }
                    }
                    $where1 .= "";
                    if ($debug) {
                        print "<br><br> values:  ";
                        print $quoteword[$x] . "<br><br>";
                        print_r($match[$x]);
                        print "<br><br>" . $where1;
                        print "<hr>";
                    }
                }
                $x++;
            }
            $i++;
        }
        $ItemWhere = $where1;
    }
    if ($debug) {
        print "<br><br><b>FINAL WHERE Statement</b>: " . $ItemWhere;
    }
    return $ItemWhere;
}
Esempio n. 10
0
function freesubsc($id)
{
    CCSecurityRedirect("1;2", "login.php", "ViewSubscriptions.php", CCGetQueryString("QueryString", ""));
    $db = new clsDBNetConnect();
    $query = "select * from subscription_plans where id = " . $id . " and price = '0.00'";
    $db->query($query);
    if ($db->next_record()) {
        subscribe(CCGetUserID(), $id, "0.00");
    }
    header("Location: myaccount.php");
}
Esempio n. 11
0
//Include Common Files @1-5471E0F2
define("RelativePath", ".");
include RelativePath . "/Common.php";
include RelativePath . "/Template.php";
include RelativePath . "/Sorter.php";
include RelativePath . "/Navigator.php";
//End Include Common Files
//Include Page implementation @12-503267A8
include "./Header.php";
//End Include Page implementation
if (!$_GET["cat_id"]) {
    $_GET["cat_id"] = 1;
}
if ($_GET["cat_id"] != 1) {
    $check = new clsDBNetConnect();
    $query = "select * from lookup_listing_dates where cat_id = '" . $_GET["cat_id"] . "'";
    $check->query($query);
    if (!$check->next_record()) {
        $check->query("select * from settings_charges where set_id = '" . $_GET["cat_id"] . "'");
        if (!$check->next_record()) {
            $check->query("select * from category_details where cat_id = '" . $_GET["cat_id"] . "'");
            if ($check->next_record()) {
                $check->query("update category_details set `pricing` = 0 where cat_id = '" . $_GET["cat_id"] . "'");
            }
        }
    } else {
        $check->query("select * from category_details where cat_id = '" . $_GET["cat_id"] . "'");
        if ($check->next_record()) {
            $check->query("update category_details set `pricing` = 1 where cat_id = '" . $_GET["cat_id"] . "'");
        } else {
Esempio n. 12
0
 function Insert()
 {
     $this->CCSEventResult = CCGetEvent($this->CCSEvents, "BeforeBuildInsert");
     $SQL = "INSERT INTO users(" . "user_login, " . "email, " . "first_name, " . "last_name, " . "address1, " . "address2, " . "city, " . "state_id, " . "zip, " . "country_id, " . "phone_day, " . "phone_evn, " . "fax, " . "age, " . "gender, " . "education, " . "income, " . "newsletter, " . "agreement_id, " . "user_password, " . "date_created, " . "ip_insert, " . "ip_update, " . "status" . ") VALUES (" . $this->ToSQL($this->user_login->DBValue, $this->user_login->DataType) . ", " . $this->ToSQL($this->email->DBValue, $this->email->DataType) . ", " . $this->ToSQL($this->first_name->DBValue, $this->first_name->DataType) . ", " . $this->ToSQL($this->last_name->DBValue, $this->last_name->DataType) . ", " . $this->ToSQL($this->address1->DBValue, $this->address1->DataType) . ", " . $this->ToSQL($this->address2->DBValue, $this->address2->DataType) . ", " . $this->ToSQL($this->city->DBValue, $this->city->DataType) . ", " . $this->ToSQL($this->state_id->DBValue, $this->state_id->DataType) . ", " . $this->ToSQL($this->zip->DBValue, $this->zip->DataType) . ", " . $this->ToSQL($this->country_id->DBValue, $this->country_id->DataType) . ", " . $this->ToSQL($this->phone_day->DBValue, $this->phone_day->DataType) . ", " . $this->ToSQL($this->phone_evn->DBValue, $this->phone_evn->DataType) . ", " . $this->ToSQL($this->fax->DBValue, $this->fax->DataType) . ", " . $this->ToSQL($this->age->DBValue, $this->age->DataType) . ", " . $this->ToSQL($this->gender->DBValue, $this->gender->DataType) . ", " . $this->ToSQL($this->education->DBValue, $this->education->DataType) . ", " . $this->ToSQL($this->income->DBValue, $this->income->DataType) . ", " . $this->ToSQL($this->newsletter->DBValue, $this->newsletter->DataType) . ", " . $this->ToSQL($this->agreement_id->DBValue, $this->agreement_id->DataType) . ", " . $this->ToSQL($this->user_password->DBValue, $this->user_password->DataType) . ", " . $this->ToSQL($this->date_created->DBValue, $this->date_created->DataType) . ", " . $this->ToSQL($this->ip_insert->DBValue, $this->ip_insert->DataType) . ", " . $this->ToSQL($this->ip_update->DBValue, $this->ip_update->DataType) . ", " . $this->ToSQL($this->status->DBValue, $this->status->DataType) . ")";
     $this->CCSEventResult = CCGetEvent($this->CCSEvents, "BeforeExecuteInsert");
     $this->query($SQL);
     $this->CCSEventResult = CCGetEvent($this->CCSEvents, "AfterExecuteInsert");
     if ($this->Errors->Count() > 0) {
         $this->Errors->AddError($this->Errors->ToString());
     }
     $new_id = mysql_insert_id();
     $query = "insert into groups_users (`user_id`,`group_id`) values ('" . $new_id . "', '1')";
     $group = new clsDBNetConnect();
     $group->query($query);
 }
Esempio n. 13
0
 function Show()
 {
     global $Tpl;
     global $FileName;
     $Error = "";
     if (!$this->Visible) {
         return;
     }
     $this->ds->open();
     $RecordBlock = "Record " . $this->ComponentName;
     $Tpl->block_path = $RecordBlock;
     if ($this->EditMode) {
         if ($this->Errors->Count() == 0) {
             if ($this->ds->Errors->Count() > 0) {
                 echo "Error in Record watchlist";
             } else {
                 if ($this->ds->next_record()) {
                     $this->ds->SetValues();
                     if (!$this->FormSubmitted) {
                         $lookupdb = new clsDBNetConnect();
                         $lookupdb->connect();
                         if (CCGetFromGet("ItemNum", "")) {
                             $newtitle = CCDLookUp("title", "items", "ItemNum='" . CCGetFromGet("ItemNum", "") . "'", $lookupdb);
                         }
                         $this->ItemTitle->SetValue($newtitle);
                         $this->itemID->SetValue(CCGetFromGet("ItemNum", ""));
                         $this->user_id->SetValue(CCGetUserID());
                         unset($lookupdb);
                     }
                 } else {
                     $this->EditMode = false;
                 }
             }
         }
     }
     $this->CCSEventResult = CCGetEvent($this->CCSEvents, "BeforeShow");
     if ($this->FormSubmitted) {
         $Error .= $this->ItemTitle->Errors->ToString();
         $Error .= $this->itemID->Errors->ToString();
         $Error .= $this->user_id->Errors->ToString();
         $Error .= $this->Errors->ToString();
         $Error .= $this->ds->Errors->ToString();
         $Tpl->SetVar("Error", $Error);
         $Tpl->Parse("Error", false);
     }
     $Tpl->SetVar("Action", $this->HTMLFormAction);
     $this->Insert->Visible = !$this->EditMode;
     $lookupdb = new clsDBNetConnect();
     $lookupdb->connect();
     if (CCGetFromGet("ItemNum", "")) {
         $newtitle = CCDLookUp("title", "items", "ItemNum='" . CCGetFromGet("ItemNum", "") . "'", $lookupdb);
     }
     $this->ItemTitle->SetValue($newtitle);
     $this->itemID->SetValue(CCGetFromGet("ItemNum", ""));
     $this->user_id->SetValue(CCGetUserID());
     unset($lookupdb);
     $this->ItemTitle->Show();
     $this->Insert->Show();
     $this->Cancel->Show();
     $this->itemID->Show();
     $this->user_id->Show();
     $Tpl->parse("", false);
     $Tpl->block_path = "";
 }
Esempio n. 14
0
    $thiscat .= "<b><a class=ItechClsDataLink href=\"customdd.php?cat={$cat}&field=" . $db->f("id") . "\">&nbsp;&nbsp;&nbsp;" . stripslashes($db->f("name")) . "  ---Edit</a>&nbsp;&nbsp;&nbsp;&nbsp;<a class=ItechClsDataLink href=\"customdd.php?cat=" . $db->f("cat_id") . "&field=" . $db->f("id") . "&action=delete\">---!Delete!---</a></b><br>\n";
    $dropd->query($query);
    $thiscat .= "<ul>";
    while ($dropd->next_record()) {
        if ($dropd->f("default") == 1) {
            $picked = "   ---Default Option";
        } else {
            $picked = "";
        }
        $thiscat .= "<a class=ItechClsDataLink href=\"customdd.php?cat={$cat}&field=" . $db->f("id") . "&option_id=" . $dropd->f("id") . "\"><li>" . stripslashes($dropd->f("option")) . $picked . "</li></a>\n";
    }
    $thiscat .= "</ul>";
}
if ($field_id || $_GET["action"] == "deleteoption") {
    $thisfield = "";
    $dropd = new clsDBNetConnect();
    $query = "select * from custom_dropdown_options where field_id=" . $field_id;
    $thisfield .= "<b><a class=ItechClsDataLink href=\"customdd.php?cat={$CatID}&field=" . $field_id . "\">&nbsp;&nbsp;&nbsp;Options List:</a>&nbsp;&nbsp;&nbsp;&nbsp;<a class=ItechClsDataLink href=\"customdd.php?cat=" . $CatID . "&field=" . $field_id . "&action=delete\">---!Delete Field!---</a></b><br>\n";
    $dropd->query($query);
    $thisfield .= "<ul>";
    while ($dropd->next_record()) {
        if ($dropd->f("default") == 1) {
            $picked = "   ---Default Option";
        } else {
            $picked = "";
        }
        $thisfield .= "<a class=ItechClsDataLink href=\"customdd.php?cat={$CatID}&field=" . $field_id . "&option_id=" . $dropd->f("id") . "\"><li>" . $dropd->f("option") . $picked . "</a>&nbsp;&nbsp;&nbsp;&nbsp;<a class=ItechClsDataLink href=\"customdd.php?cat=" . $CatID . "&field=" . $field_id . "&option_id=" . $dropd->f("id") . "&action=deleteoption\">---!Delete Option!---</a></li>\n";
    }
    $thisfield .= "<br><a class=ItechClsDataLink href=\"customdd.php?cat=" . $cat . "&field=" . $field_id . "\"> >>Add New<< </a></ul>\n";
    if ($option_id) {
        $query = "select * from custom_dropdown_options where id = '" . $option_id . "'";
Esempio n. 15
0
 function Delete()
 {
     $imr = new clsDBNetConnect();
     $imr->connect();
     $imr->query("SELECT image_one, image_two, image_three, image_four, image_five, `status`, `category`, `ItemNum` FROM items WHERE " . $this->Where);
     while ($imr->next_record()) {
         $removeImage = @unlink("./" . $imr->f(0));
         $removeImage1 = @unlink("./" . $imr->f(1));
         $removeImage2 = @unlink("./" . $imr->f(2));
         $removeImage3 = @unlink("./" . $imr->f(3));
         $removeImage4 = @unlink("./" . $imr->f(4));
         if ($imr->f("status") == 1) {
             subtract_catcounts($imr->f("category"));
         }
         $imr->query("delete from listing_index where `ItemNum` = '" . $imr->f("ItemNum") . "'");
     }
     unset($imr);
     $this->CCSEventResult = CCGetEvent($this->CCSEvents, "BeforeBuildDelete");
     $SQL = "DELETE FROM items WHERE " . $this->Where;
     $this->CCSEventResult = CCGetEvent($this->CCSEvents, "BeforeExecuteDelete");
     $this->query($SQL);
     $this->CCSEventResult = CCGetEvent($this->CCSEvents, "AfterExecuteDelete");
     if ($this->Errors->Count() > 0) {
         $this->Errors->AddError($this->Errors->ToString());
     }
     $del = new clsDBNetConnect();
     $del->query("DELETE FROM custom_textarea_values WHERE ItemNum='" . $_GET["ItemNum"] . "'");
     $del->query("DELETE FROM custom_textbox_values WHERE ItemNum='" . $_GET["ItemNum"] . "'");
     $del->query("DELETE FROM custom_dropdown_values WHERE ItemNum='" . $_GET["ItemNum"] . "'");
     $del->query("DELETE FROM listing_index WHERE ItemNum='" . $_GET["ItemNum"] . "'");
 }
Esempio n. 16
0
function Page_BeforeShow()
{
    //Page_BeforeShow @1-66DC429C
    //Custom Code @32-2A29BDB7
    global $Tpl;
    $finalcat = CCGetFromGet("finalcat", "");
    $ItemNum = CCGetFromGet("Item_Number", "");
    if (CCGetSession("RecentPreviewItem")) {
        $ItemNum = CCGetSession("RecentPreviewItem");
    }
    $cats = "(";
    $db = new clsDBNetConnect();
    $query = "select * from categories where cat_id='" . $finalcat . "'";
    $db->query($query);
    $db->next_record();
    $Tpl->SetVar("category", $finalcat);
    $Tpl->SetVar("cat_name", $db->f("name"));
    $cats .= "cat_id=" . $db->f("cat_id");
    if ($db->f("sub_cat_id") > 0) {
        $cats .= " or ";
        $sub = $db->f("sub_cat_id");
        $query = "select * from categories where cat_id={$sub}";
        $db->query($query);
        $db->next_record();
        $cats .= "cat_id=" . $db->f("cat_id");
        if ($db->f("sub_cat_id") > 0) {
            $cats .= " or ";
            $sub = $db->f("sub_cat_id");
            $query = "select * from categories where cat_id={$sub}";
            $db->query($query);
            $db->next_record();
            $cats .= "cat_id=" . $db->f("cat_id");
            if ($db->f("sub_cat_id") > 0) {
                $cats .= " or ";
                $sub = $db->f("sub_cat_id");
                $query = "select * from categories where cat_id={$sub}";
                $db->query($query);
                $db->next_record();
                $cats .= "cat_id=" . $db->f("cat_id");
                if ($db->f("sub_cat_id") > 0) {
                    $cats .= " or ";
                    $sub = $db->f("sub_cat_id");
                    $query = "select * from categories where cat_id={$sub}";
                    $db->query($query);
                    $db->next_record();
                    $cats .= "cat_id=" . $db->f("cat_id");
                    if ($db->f("sub_cat_id") > 0) {
                        $cats .= " or ";
                        $sub = $db->f("sub_cat_id");
                        $query = "select * from categories where cat_id={$sub}";
                        $db->query($query);
                        $db->next_record();
                        $cats .= "cat_id=" . $db->f("cat_id");
                        if ($db->f("sub_cat_id") > 0) {
                            $cats .= " or ";
                            $sub = $db->f("sub_cat_id");
                            $query = "select * from categories where cat_id={$sub}";
                            $db->query($query);
                            $db->next_record();
                            $cats .= "cat_id=" . $db->f("cat_id");
                        } else {
                            $cats .= ")";
                        }
                    } else {
                        $cats .= ")";
                    }
                } else {
                    $cats .= ")";
                }
            } else {
                $cats .= ")";
            }
        } else {
            $cats .= ")";
        }
    } else {
        $cats .= ")";
    }
    $Tpl->SetBlockVar("Custom_TextArea", "");
    $custtxt = new clsDBNetConnect();
    $query = "select * from custom_textarea where {$cats}";
    $custtxt->query($query);
    if ($custtxt->next_record()) {
        $custtxt->seek();
        $queryfields = "(";
        $count = 0;
        while ($custtxt->next_record()) {
            if ($count > 0) {
                $queryfields .= " or ";
            }
            $queryfields .= "field_id='" . $custtxt->f("id") . "'";
            $textvar[$custtxt->f("id")] = $custtxt->f("template_var");
            $textdesc[$custtxt->f("id")] = $custtxt->f("description");
            $textname[$custtxt->f("id")] = $custtxt->f("name");
            $count++;
        }
        $custtxt->seek();
        $queryfields .= ") and";
        if (!$_POST["closes"] && $_GET["Item_Number"]) {
            $custtxtvalues = new clsDBNetConnect();
            $query = "select * from custom_textarea_values where {$queryfields} ItemNum=" . $ItemNum;
            $custtxtvalues->query($query);
            while ($custtxtvalues->next_record()) {
                $fieldvalues[$custtxtvalues->f("field_id")] = $custtxtvalues->f("value");
            }
        }
        if ($_POST && !$_GET["Item_Number"]) {
            $custtxt->seek();
            while ($custtxt->next_record()) {
                $fieldvalues[$custtxt->f("id")] = $_POST["custtxt_area::" . $textvar[$custtxt->f("id")] . "::" . $custtxt->f("id")];
            }
        }
        $custtxt->seek();
        while ($custtxt->next_record()) {
            $Tpl->SetVar("ta_name", multiline($textname[$custtxt->f("id")]));
            $Tpl->SetVar("ta_description", multiline($textdesc[$custtxt->f("id")]));
            $Tpl->SetVar("ta_var", "custtxt_area::" . $textvar[$custtxt->f("id")] . "::" . $custtxt->f("id"));
            $Tpl->SetVar("ta_value", stripslashes($fieldvalues[$custtxt->f("id")]));
            $Tpl->SetVar("ta_name_" . $custtxt->f("id"), multiline($textname[$custtxt->f("id")]));
            $Tpl->SetVar("ta_description_" . $custtxt->f("id"), multiline($textdesc[$custtxt->f("id")]));
            $Tpl->SetVar("ta_var_" . $custtxt->f("id"), "custtxt_area::" . $textvar[$custtxt->f("id")] . "::" . $custtxt->f("id"));
            $Tpl->SetVar("ta_value_" . $custtxt->f("id"), stripslashes($fieldvalues[$custtxt->f("id")]));
            $Tpl->Parse("Row", True);
        }
        $Tpl->Parse("Custom_TextArea", True);
    }
    //////////////////////////////
    //Custom TextBox
    //////////////////////////////
    $txtvar = "";
    $txtdesc = "";
    $txtname = "";
    $custtxtvalues = "";
    $custtxt = "";
    $fieldvalues = "";
    $Tpl->SetBlockVar("Custom_TextBox", "");
    $custtxt = new clsDBNetConnect();
    $query = "select * from custom_textbox where {$cats}";
    $custtxt->query($query);
    if ($custtxt->next_record()) {
        $custtxt->seek();
        $queryfields = "(";
        $count = 0;
        while ($custtxt->next_record()) {
            if ($count > 0) {
                $queryfields .= " or ";
            }
            $queryfields .= "field_id='" . $custtxt->f("id") . "'";
            $textvar[$custtxt->f("id")] = $custtxt->f("template_var");
            $textdesc[$custtxt->f("id")] = $custtxt->f("description");
            $textname[$custtxt->f("id")] = $custtxt->f("name");
            $count++;
        }
        $custtxt->seek();
        $queryfields .= ") and";
        if ($_GET["Item_Number"] && !$_POST["closes"]) {
            $custtxtvalues = new clsDBNetConnect();
            $query = "select * from custom_textbox_values where {$queryfields} ItemNum=" . $ItemNum;
            $custtxtvalues->query($query);
            while ($custtxtvalues->next_record()) {
                $fieldvalues[$custtxtvalues->f("field_id")] = $custtxtvalues->f("value");
            }
        }
        if ($_POST && !$_GET["Item_Number"]) {
            $custtxt->seek();
            while ($custtxt->next_record()) {
                $fieldvalues[$custtxt->f("id")] = $_POST["custtxt_box::" . $textvar[$custtxt->f("id")] . "::" . $custtxt->f("id")];
            }
        }
        $custtxt->seek();
        while ($custtxt->next_record()) {
            $Tpl->SetVar("tb_name", multiline($textname[$custtxt->f("id")]));
            $Tpl->SetVar("tb_description", multiline($textdesc[$custtxt->f("id")]));
            $Tpl->SetVar("tb_value", stripslashes($fieldvalues[$custtxt->f("id")]));
            $Tpl->SetVar("tb_var", "custtxt_box::" . $textvar[$custtxt->f("id")] . "::" . $custtxt->f("id"));
            $Tpl->SetVar("tb_name_" . $custtxt->f("id"), multiline($textname[$custtxt->f("id")]));
            $Tpl->SetVar("tb_description_" . $custtxt->f("id"), multiline($textdesc[$custtxt->f("id")]));
            $Tpl->SetVar("tb_value_" . $custtxt->f("id"), stripslashes($fieldvalues[$custtxt->f("id")]));
            $Tpl->SetVar("tb_var_" . $custtxt->f("id"), "custtxt_box::" . $textvar[$custtxt->f("id")] . "::" . $custtxt->f("id"));
            $Tpl->Parse("tb_Row", True);
        }
        $Tpl->Parse("Custom_TextBox", True);
    }
    /////////////////////////////////////////////////////////////////
    //Custom DropDown Fields
    /////////////////////////////////////////////////////////////////
    $txtvar = "";
    $txtdesc = "";
    $txtname = "";
    $custtxtvalues = "";
    $custtxt = "";
    $fieldvalues = "";
    $optionlist = "";
    $checked = "";
    $selected = "";
    $Tpl->SetBlockVar("Custom_DropDown", "");
    $custtxt = new clsDBNetConnect();
    $custoptions = new clsDBNetConnect();
    $query = "select * from custom_dropdown where {$cats}";
    $custtxt->query($query);
    if ($custtxt->next_record()) {
        $custtxt->seek();
        $queryfields = "(";
        $count = 0;
        while ($custtxt->next_record()) {
            if ($count > 0) {
                $queryfields .= " or ";
            }
            $query = "select * from custom_dropdown_options where field_id = '" . $custtxt->f("id") . "'";
            $custoptions->query($query);
            if ($_GET["Item_Number"] && !$_POST["custddbox::" . $custtxt->f("template_var") . "::" . $custtxt->f("id")]) {
                $dvalue = new clsDBNetConnect();
                $query = "select * from custom_dropdown_values where ItemNum = {$ItemNum} and field_id = " . $custtxt->f("id");
                $dvalue->query($query);
                if ($dvalue->next_record()) {
                    $selected[$custtxt->f("id")] = $dvalue->f("option_id");
                } else {
                    $selected[$custtxt->f("id")] = "default";
                }
            } elseif ($_POST["custddbox::" . $custtxt->f("template_var") . "::" . $custtxt->f("id")]) {
                $selected[$custtxt->f("id")] = $_POST["custddbox::" . $custtxt->f("template_var") . "::" . $custtxt->f("id")];
            }
            while ($custoptions->next_record()) {
                $checked = "";
                if (!$_GET["Item_Number"] && !$_POST["custddbox::" . $custtxt->f("template_var") . "::" . $custtxt->f("id")] && $custoptions->f("default") == 1 || $custoptions->f("default") == 1 && $selected[$custtxt->f("id")] == "default") {
                    $checked = " selected ";
                } elseif ($custoptions->f("id") == $selected[$custtxt->f("id")]) {
                    $checked = " selected ";
                } else {
                    $checked = "";
                }
                $optionlist[$custtxt->f("id")][] = "<option value=\"" . $custoptions->f("id") . "\"{$checked}>" . $custoptions->f("option") . "</option>\n";
            }
            $queryfields .= "field_id='" . $custtxt->f("id") . "'";
            $textvar[$custtxt->f("id")] = $custtxt->f("template_var");
            $textdesc[$custtxt->f("id")] = $custtxt->f("description");
            $textname[$custtxt->f("id")] = $custtxt->f("name");
            $count++;
        }
        $custtxt->seek();
        $count = 0;
        while ($custtxt->next_record()) {
            $i = 0;
            $builtoptions = "";
            while ($optionlist[$custtxt->f("id")][$i]) {
                $builtoptions .= $optionlist[$custtxt->f("id")][$i];
                $i++;
            }
            $Tpl->SetVar("dd_name", multiline($textname[$custtxt->f("id")]));
            $Tpl->SetVar("dd_description", multiline($textdesc[$custtxt->f("id")]));
            $Tpl->SetVar("dd_var", "custddbox::" . $textvar[$custtxt->f("id")] . "::" . $custtxt->f("id"));
            $Tpl->SetVar("dropdown_Options", $builtoptions);
            $Tpl->SetVar("dd_name_" . $custtxt->f("id"), multiline($textname[$custtxt->f("id")]));
            $Tpl->SetVar("dd_description_" . $custtxt->f("id"), multiline($textdesc[$custtxt->f("id")]));
            $Tpl->SetVar("dd_var_" . $custtxt->f("id"), "custddbox::" . $textvar[$custtxt->f("id")] . "::" . $custtxt->f("id"));
            $Tpl->SetVar("dropdown_Options_" . $custtxt->f("id"), $builtoptions);
            $Tpl->Parse("dd_Row", True);
        }
        $Tpl->Parse("Custom_DropDown", True);
    }
    //////////////////////////////////
    //End Custom Vars/////////////////
    //////////////////////////////////
    global $regcharges;
    $sql = "SELECT * FROM categories WHERE sub_cat_id > '0' ORDER BY weight, name";
    $db = new clsDBNetConnect();
    $db->connect();
    $db->query($sql);
    while ($db->next_record()) {
        $catid = $db->f(0);
        $subid = $db->f(1);
        $name = $db->f(2);
        if ($subid == 1) {
            $inis .= "<OPTION value=\"" . $catid . "\">" . $name . "</OPTION>";
        }
        $dsper .= "catlist[" . $catid . "] = new Array(" . $subid . " , \"" . $name . "\");\r\n";
    }
    $closestCat = getparents($_GET["finalcat"]);
    if (!$closestCat) {
        $closestCat = 1;
    }
    $db2 = new clsDBNetConnect();
    $db2->connect();
    $db2->query("SELECT * FROM lookup_listing_dates WHERE charge_for='1' and cat_id={$closestCat}");
    $dayfees = "";
    while ($db2->next_record()) {
        $dayfees = $dayfees . $db2->f("days") . " Days - <font color='red'>" . $regcharges["currency"] . $db2->f("fee") . "</font><br>";
    }
    $Tpl->SetVar("cats", $dsper);
    $Tpl->SetVar("catbuild", $inis);
    $Tpl->SetVar("dayfees", $dayfees);
    unset($db);
    //End Custom Code
}
Esempio n. 17
0
            }
        }
        $EP["EMAIL:PAYMENT_SUBJECT"] = "PayPal Subscription";
        $EP["EMAIL:PAYMENT_AMOUNT"] = $charges["currency"] . $payment_gross;
        $EP["EMAIL:PAYER_EMAIL"] = $payer_email;
        $EP["EMAIL:CURRENT_USERNAME"] = $ld["user_login"];
        $EP["EMAIL:CURRENT_USERID"] = $ld["ID"];
        $EP["EMAIL:CURRENT_USER_FIRST_NAME"] = $ld["first"];
        $EP["EMAIL:CURRENT_USER_LAST_NAME"] = $ld["last"];
        $EP["EMAIL:CURRENT_USER_EMAIL"] = $ld["email"];
        $EP["EMAIL:CURRENT_USER_ADDRESS"] = $ld["address"];
        $EP["EMAIL:CURRENT_USER_ADDRESS2"] = $ld["address2"];
        $EP["EMAIL:CURRENT_USER_STATE"] = $ld["state"];
        $EP["EMAIL:CURRENT_USER_CITY"] = $ld["city"];
        $EP["EMAIL:CURRENT_USER_ZIP"] = $ld["zip"];
        $EP["EMAIL:CURRENT_USER_DAY_PHONE"] = $ld["phonedy"];
        $EP["EMAIL:CURRENT_USER_EVN_PHONE"] = $ld["phoneevn"];
        $EP["EMAIL:CURRENT_USER_FAX"] = $ld["fax"];
        $EP["EMAIL:CURRENT_USER_IP"] = getenv("REMOTE_ADDR");
        $EP["EMAIL:CURRENT_USER__REGISTERED_IP"] = $ld["ip"];
        $EP["EMAIL:CURRENT_USER_DATE_SIGNEDUP"] = date("F j, Y, g:i a", $ld["date_created"]);
        mailout("NewSubscribe", $now["notifyads"], $payer_id, 1000000000, time(), $EP);
    } else {
        if ($receiver_email == $accounting["paypal"]) {
            mailout("MakePaymentPaypal", 1, $payer_id, 1000000000, time(), $EP);
            $db4 = new clsDBNetConnect();
            $db4->connect();
            $db4->query("INSERT INTO charges (user_id, date, charge, cause) VALUES ('" . $payer_id . "', '" . time() . "', '" . $payment_gross . "', 'PayPal Deposit')");
        }
    }
}
Esempio n. 18
0
<?php

//Include Common Files @1-5471E0F2
define("RelativePath", ".");
include RelativePath . "/Common.php";
include RelativePath . "/Template.php";
include RelativePath . "/Sorter.php";
include RelativePath . "/Navigator.php";
//End Include Common Files
//Include Page implementation @33-503267A8
include "./Header.php";
//End Include Page implementation
$CatID = $_REQUEST["cat"];
$field_id = $_GET["field"];
$db = new clsDBNetConnect();
if ($field_id && !$_POST["field"]) {
    $query = "select * from custom_textbox where `id`='" . $field_id . "'";
    $db->query($query);
    if ($db->next_record()) {
        $_POST["name"] = $db->f("name");
        $_POST["template_var"] = $db->f("template_var");
        $_POST["description"] = $db->f("description");
        $_POST["cat"] = $db->f("cat_id");
        $_POST["field"] = $db->f("id");
        $_POST["searchable"] = $db->f("searchable");
    }
}
if ($_GET["action"] == "delete") {
    $error = "Are you sure you want to delete the following item?  This will also delete any data stored for these fields for all currently listed items.<br>Click \"Delete\" if you really wish to delete this field.";
    $deletebutton = "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input class=\"ItechClsButton\" type=\"submit\" value=\"Confirm Delete\" name=\"deleteconf\">";
}
Esempio n. 19
0
 $token->query($SQL);
 if ($token->next_record()) {
     $item_token = 1;
 }
 if ($Result) {
     $sum = new clsDBNetConnect();
     $query = "SELECT sum(charge) FROM `charges` WHERE user_id = " . CCGetUserID();
     $sum->query($query);
     if ($sum->next_record()) {
         $usertotal = $sum->f("sum(charge)");
     }
     $acct_credit = "0.00";
     global $regcharges;
     $currency = $regcharges["currency"];
     $acton = 0;
     $fdy = new clsDBNetConnect();
     $fdy->connect;
     $fdy->query("SELECT * FROM lookup_listing_dates WHERE date_id='" . $db->f("close") . "'");
     while ($fdy->next_record()) {
         $dy = $fdy->f("days");
         $dyfee = $fdy->f("fee");
         $acton = $fdy->f("charge_for");
     }
     $ttldis = "<b>Item Number:</b> " . $db->f(ItemNum);
     $ttldis .= "<br><b>Listing Fee:</b> " . $currency . $charges["listing_fee"];
     $ttlcal = $charges["listing_fee"];
     if ($db->f(bold) == 1) {
         $ttldis .= "<br><b>Bold</b> " . $currency . $charges["bold_fee"];
         $ttlcal = $ttlcal + $charges["bold_fee"];
     }
     if ($acton == 1) {
Esempio n. 20
0
function GetStorefrontTemplate($CatID)
{
    $db = new clsDBNetConnect();
    $query = "select * from categories where cat_id='" . $CatID . "'";
    $db->query($query);
    $db->next_record();
    if ($db->f("sub_cat_id") == 1) {
        $query = "select template from templates_storefront where cat_id=" . $CatID . " and active=1 and admin_override=1 ORDER BY cat_id DESC LIMIT 1";
        $db->query($query);
        if ($db->next_record()) {
            $file = "temp_templates/" . gen_rand(8) . ".html";
            $fp = fopen($file, "w");
            fwrite($fp, $db->f("template"), strlen($db->f("template")));
            fclose($fp);
        } else {
            $file = "templates/ViewCat.html";
        }
    } else {
        $file = "templates/ViewCat.html";
    }
    return $file;
}
Esempio n. 21
0
        $query = "update {$table} set template='" . mysql_escape_string(stripslashes($_POST["page_temp"])) . "', active='" . $_POST["active"] . "', admin_override='" . $_POST["ao"] . "' where cat_id=" . $cat . " and id=" . $temp->f("id");
        $temp->seek();
    } else {
        $query = "insert into {$table} (cat_id, template, active, admin_override) values ('" . $cat . "','" . mysql_escape_string(stripslashes($_POST["page_temp"])) . "', '" . $_POST["active"] . "', '" . $_POST["ao"] . "')";
        $save_temp->query("select * from category_details where cat_id = '" . $cat . "'");
        if ($save_temp->next_record()) {
            $save_temp->query("update category_details set {$field} = '1' where cat_id = '" . $cat . "'");
        } else {
            $save_temp->query("insert into category_details (cat_id, {$field}) values ('" . $cat . "', '1')");
        }
    }
    $save_temp->query($query);
    header("Location:CatDetails.php?cat=" . $cat);
}
if ($_POST["delete"]) {
    $del_temp = new clsDBNetConnect();
    if ($temp->next_record()) {
        $query = "delete from {$table} where cat_id=" . $cat . " and id=" . $temp->f("id");
        $temp->seek();
        $del_temp->query($query);
        if ($field != "storefront") {
            $del_temp->query("select id from templates_items where cat_id = '" . $cat . "'");
            if (!$del_temp->next_record()) {
                $del_temp->query("select id from templates_cat where cat_id = '" . $cat . "'");
                if (!$del_temp->next_record()) {
                    $del_temp->query("select id from templates_gal where cat_id = '" . $cat . "'");
                    if (!$del_temp->next_record()) {
                        $del_temp->query("select id from templates_newitem where cat_id = '" . $cat . "'");
                        if (!$del_temp->next_record()) {
                            $del_temp->query("update category_details set `template` = '0' where cat_id='" . $cat . "'");
                        }
Esempio n. 22
0
 function Delete()
 {
     $this->CCSEventResult = CCGetEvent($this->CCSEvents, "BeforeBuildDelete");
     $SQL = "DELETE FROM `settings_charges` WHERE " . $this->Where;
     $this->CCSEventResult = CCGetEvent($this->CCSEvents, "BeforeExecuteDelete");
     $this->query($SQL);
     $this->CCSEventResult = CCGetEvent($this->CCSEvents, "AfterExecuteDelete");
     if ($this->Errors->Count() > 0) {
         $this->Errors->AddError($this->Errors->ToString());
     }
     if ($_GET["cat_id"] && $_GET["cat_id"] != 1) {
         $db = new clsDBNetConnect();
         $query = "select * from category_details where cat_id = '" . $_GET["cat_id"] . "'";
         $db->query($query);
         if ($db->next_record()) {
             $query = "select * from lookup_listing_dates where cat_id = '" . $_GET["cat_id"] . "'";
             $db->query($query);
             if (!$db->next_record()) {
                 $db->query("update category_details set pricing = '0' where cat_id = '" . $_GET["cat_id"] . "'");
             }
         }
     }
 }
Esempio n. 23
0
$Footer->Operations();
//End Execute Components
//Go to destination page @1-BEB91355
if ($Redirect) {
    $CCSEventResult = CCGetEvent($CCSEvents, "BeforeUnload");
    header("Location: " . $Redirect);
    exit;
}
//End Go to destination page
//Initialize HTML Template @1-A0111C9D
$CCSEventResult = CCGetEvent($CCSEvents, "OnInitializeView");
$Tpl = new clsTemplate();
$Tpl->LoadTemplate(TemplatePath . $TemplateFileName, "main");
$CCSEventResult = CCGetEvent($CCSEvents, "BeforeShow");
//End Initialize HTML Template
$db = new clsDBNetConnect();
@$db->query("show tables like \"phpads_zones\"");
if ($db->next_record()) {
    if (file_exists("../phpads/index.php")) {
        $Tpl->SetVar("phpadsinstall", "<a class=\"ItechClsDataLink\" href=\"../phpads/\">Continue to the phpAdsNew Installer</a>");
    } else {
        $Tpl->SetVar("phpadsinstall", "Please Double Check Steps 2 and 3.  This will turn to the installation link when the /phpads/ directory has been properly uploaded");
    }
} else {
    $Tpl->SetVar("phpadsinstall", "Once steps 1-3 above have been properly executed this will turn into a 'Continue with Installation' link");
}
//Show Page @1-F9F38336
$Header->Show("Header");
$Footer->Show("Footer");
$Tpl->PParse("main", false);
//End Show Page
Esempio n. 24
0
 function InsertRow()
 {
     global $EP;
     global $now;
     global $charges;
     global $accounting;
     $EP = array("EMAIL:SITE_NAME" => $now["sitename"], "EMAIL:SITE_EMAIL" => $now["siteemail"], "EMAIL:SITE_EMAIL_LINK" => "<a href=\"mailto:" . $now["siteemail"] . "\">" . $now["siteemail"] . "</a>", "EMAIL:HOME_URL" => $now["homeurl"], "EMAIL:HOME_PAGE_LINK" => "<a href=\"" . $now["homeurl"] . "index.php\">Home</a>", "EMAIL:BROWSE_LINK" => "<a href=\"" . $now["homeurl"] . "browse.php\">Browse</a>", "EMAIL:SEARCH_LINK" => "<a href=\"" . $now["homeurl"] . "search.php\">Search</a>", "EMAIL:MY_ACCOUNT_LINK" => "<a href=\"" . $now["homeurl"] . "myaccount.php\">My Account</a>", "EMAIL:PAYMENT_LINK_SSL" => "<a href=\"" . $now["secureurl"] . "MakePayment.php\">Make a Payment</a>", "EMAIL:PAYMENT_LINK" => "<a href=\"" . $now["homeurl"] . "MakePayment.php\">Make a Payment</a>", "EMAIL:CURRENCY" => $charges["currency"], "EMAIL:LISTING_FEE" => $charges["listing_fee"], "EMAIL:HOMEPAGE_FEATURED_FEE" => $charges["homepage_fee"], "EMAIL:CATEGORY_FEATURED_FEE" => $charges["category_fee"], "EMAIL:GALLERY_FEE" => $charges["gallery_fee"], "EMAIL:IMAGE_PREVIEW_FEE" => $charges["image_preview_fee"], "EMAIL:SLIDE_SHOW_FEE" => $charges["slide_fee"], "EMAIL:COUNTER_FEE" => $charges["counter_fee"], "EMAIL:BOLD_FEE" => $charges["bold_fee"], "EMAIL:BACKGROUND_FEE" => $charges["highlight_fee"], "EMAIL:IMAGE_UPLOAD_FEE" => $charges["upload_fee"], "EMAIL:CURRENT_TIME" => date("F j, Y, g:i a"));
     $lookdb = new clsDBNetConnect();
     $lookdb->connect();
     $lookdb->query("SELECT * FROM users WHERE newsletter='1'");
     while ($lookdb->next_record()) {
         $ld = array("first" => $lookdb->f("first_name"), "username" => $lookdb->f("user_login"), "ID" => $lookdb->f("user_id"), "last" => $lookdb->f("last_name"), "email" => $lookdb->f("email"), "address" => $lookdb->f("address1"), "address2" => $lookdb->f("address2"), "state" => $lookdb->f("state_id"), "zip" => $lookdb->f("zip"), "city" => $lookdb->f("city"), "phonedy" => $lookdb->f("phone_day"), "phoneevn" => $lookdb->f("phone_evn"), "fax" => $lookdb->f("fax"), "ip" => $lookdb->f("ip_insert"), "date_created" => $lookdb->f("date_created"));
         $EP["EMAIL:CURRENT_USERNAME"] = $ld["username"];
         $EP["EMAIL:CURRENT_USERID"] = $ld["ID"];
         $EP["EMAIL:CURRENT_USER_FIRST_NAME"] = $ld["first"];
         $EP["EMAIL:CURRENT_USER_LAST_NAME"] = $ld["last"];
         $EP["EMAIL:CURRENT_USER_EMAIL"] = $ld["email"];
         $EP["EMAIL:CURRENT_USER_ADDRESS"] = $ld["address"];
         $EP["EMAIL:CURRENT_USER_ADDRESS2"] = $ld["address2"];
         $EP["EMAIL:CURRENT_USER_STATE"] = $ld["state"];
         $EP["EMAIL:CURRENT_USER_CITY"] = $ld["city"];
         $EP["EMAIL:CURRENT_USER_ZIP"] = $ld["zip"];
         $EP["EMAIL:CURRENT_USER_DAY_PHONE"] = $ld["phonedy"];
         $EP["EMAIL:CURRENT_USER_EVN_PHONE"] = $ld["phoneevn"];
         $EP["EMAIL:CURRENT_USER_FAX"] = $ld["fax"];
         $EP["EMAIL:CURRENT_USER_IP"] = getenv("REMOTE_ADDR");
         $EP["EMAIL:CURRENT_USER__REGISTERED_IP"] = $ld["ip"];
         $EP["EMAIL:CURRENT_USER_DATE_SIGNEDUP"] = date("F j, Y, g:i a", $ld["date_created"]);
         mailnews($ld["email"], $this->message->GetValue(), $this->subject->GetValue(), $EP);
     }
     $this->CCSEventResult = CCGetEvent($this->CCSEvents, "BeforeInsert");
     /*
     $this->ds->subject->SetValue($this->subject->GetValue());
             $this->ds->message->SetValue($this->message->GetValue());
             $this->ds->to_user_id->SetValue($this->to_user_id->GetValue());
             $this->ds->from_user_id->SetValue($this->from_user_id->GetValue());
             $this->ds->emaildate->SetValue($this->emaildate->GetValue());
             $this->ds->Insert();
     */
     $this->CCSEventResult = CCGetEvent($this->CCSEvents, "AfterInsert");
     if ($this->ds->Errors->Count() > 0) {
         echo "Error in Record " . $this->ComponentName . " / Insert Operation";
         $this->ds->Errors->Clear();
         $this->Errors->AddError("Database command error.");
     }
     return $this->Errors->Count() == 0;
 }
Esempio n. 25
0
{
    $CCSEventResult = CCGetEvent($CCSEvents, "BeforeUnload");
    header("Location: " . $Redirect);
    exit;
}
//End Go to destination page

//Initialize HTML Template @1-A0111C9D
$CCSEventResult = CCGetEvent($CCSEvents, "OnInitializeView");
$Tpl = new clsTemplate();
include './Lang/lang_class.php';
$Tpl->LoadTemplate(TemplatePath . $TemplateFileName, "main");
$CCSEventResult = CCGetEvent($CCSEvents, "BeforeShow");
//End Initialize HTML Template

	$db = new clsDBNetConnect;
	
//	require("items.txt");
	$import = fread(fopen("items.txt", 'r'), filesize("items.txt"));
	$rows = explode("::!!::", $import);
	$x = 1;
	while ($x < 100){
		$i = 0;
	
		while ($rows[$i]){
			$fields = explode(" ;;!!;; ", $rows[$i]);
			//print_r($fields);
			$ItemNum = $fields[1] + $x;
			$query = "INSERT INTO items (`ItemNum`, `category`, `sub_category`, `user_id`, `title`, `status`, `end_reason`, `started`, `close`, `closes`, `bold`, `background`, `cat_featured`, `home_featured`, `gallery_featured`, `image_preview`, `slide_show`, `counter`, `make_offer`, `image_one`, `image_two`, `image_three`, `image_four`, `image_five`, `asking_price`, `quantity`, `city_town`, `state_province`, `country`, `description`, `added_description`, `dateadded`, `charges_incurred`, `totalcharges`, `hits`, `item_paypal`, `ship1`, `shipfee1`, `ship2`, `shipfee2`, `ship3`, `shipfee3`, `ship4`, `shipfee4`, `ship5`, `shipfee5`, `acct_credit_used`, `amt_due`, `notified`) VALUES ('" . $ItemNum . "', '" . $fields[2] . "', '" . $fields[3] . "', '" . $fields[4] . "', '" . mysql_escape_string($fields[5]) . "', '" . $fields[6] . "', '" . mysql_escape_string($fields[7]) . "', '" . $fields[8] . "', '" . $fields[9] . "', '" . $fields[10] . "', '" . $fields[11] . "', '" . $fields[12] . "', '" . $fields[13] . "', '" . $fields[14] . "', '" . $fields[15] . "', '" . $fields[16] . "', '" . $fields[17] . "', '" . $fields[18] . "', '" . $fields[19] . "', '" . mysql_escape_string($fields[21]) . "', '" . mysql_escape_string($fields[22]) . "', '" . mysql_escape_string($fields[23]) . "', '" . mysql_escape_string($fields[24]) . "', '" . mysql_escape_string($fields[25]) . "', '" . $fields[26] . "', '" . $fields[27] . "', '" . mysql_escape_string($fields[28]) . "', '" . mysql_escape_string($fields[29]) . "', '" . mysql_escape_string($fields[30]) . "', '" . mysql_escape_string($fields[31]) . "', '" . mysql_escape_string($fields[32]) . "', '" . $fields[33] . "', '" . $fields[34] . "', '" . $fields[35] . "', '" . mysql_escape_string($fields[36]) . "', '" . $fields[37] . "', '" . $fields[38] . "', '" . $fields[39] . "', '" . $fields[40] . "', '" . $fields[41] . "', '" . $fields[42] . "', '" . $fields[43] . "', '" . $fields[44] . "', '" . $fields[45] . "', '" . $fields[46] . "', '" . $fields[47] . "', '" . $fields[48] . "', '" . $fields[49] . "', '" . $fields[50] . "')";
			$db->query($query);
			$i++;
Esempio n. 26
0
$Tpl->LoadTemplate(TemplatePath . $TemplateFileName, "main");
$CCSEventResult = CCGetEvent($CCSEvents, "BeforeShow");
//End Initialize HTML Template
if ($_GET["code"] && !$_GET["Cancel"]) {
    $error = "";
    $query = "Select * from coupons where code='" . mysql_escape_string($_GET["code"]) . "'";
    $db = new clsDBNetConnect();
    $db->query($query);
    if ($db->next_record()) {
        if (time() < $db->f("start")) {
            $error = "This Coupon Has Not Started Yet";
        }
        if (time() > $db->f("end")) {
            $error = "This Coupon Has Expired";
        }
        $db2 = new clsDBNetConnect();
        $query = "select * from used_coupons where user_id = '" . CCGetUserID() . "' and coupon_id = '" . $db->f("id") . "'";
        $db2->query($query);
        if ($db2->next_record()) {
            $error = "You Have Already Used that Coupon";
        }
        $query = "select * from used_coupons where user_id = '" . CCGetUserID() . "' and ItemNum = '" . CCGetSession("RecentItemNum") . "'";
        $db2->query($query);
        if ($db2->next_record()) {
            $error = "You Have Already Used a Coupon on this Listing";
        }
    } else {
        $error = "This Is Not a Valid Coupon";
    }
    if (!$error) {
        $error = "Thank You!  Coupon Code Entered Successfully!  <br><a href=\"StartListing.php\">&lt;&lt;  Return to the \"Start Listing\" page to continue creating your listing!</a>";
Esempio n. 27
0
define("RelativePath", ".");
include RelativePath . "/Common.php";
include RelativePath . "/Template.php";
include RelativePath . "/Sorter.php";
include RelativePath . "/Navigator.php";
//End Include Common Files
$page = "Changing Newsletter Option";
global $REMOTE_ADDR;
global $now;
$ip = $REMOTE_ADDR;
$timeout = $now["timeout"];
$db1 = new clsDBNetConnect();
$db2 = new clsDBNetConnect();
$db3 = new clsDBNetConnect();
$db4 = new clsDBNetConnect();
$db5 = new clsDBNetConnect();
$times = time();
$SQL1 = "DELETE FROM online WHERE datet < {$times}";
$SQL2 = "SELECT * FROM online WHERE ip='{$ip}'";
$SQL3 = "UPDATE online SET datet={$times} + {$timeout}, page='{$page}', user='******' WHERE ip='{$ip}'";
$SQL4 = "INSERT INTO online (ip, datet, user, page) VALUES ('{$ip}', {$times}+{$timeout},'" . CCGetUserName() . "', '{$page}')";
$SQL5 = "SELECT * FROM online";
$db1->query($SQL1);
$db2->query($SQL2);
if ($db2->next_record()) {
    $db3->query($SQL3);
} else {
    $db4->query($SQL4);
}
$db5->query($SQL5);
$usersonline = $db5->num_rows();
Esempio n. 28
0
 function Show()
 {
     global $Tpl;
     if (!$this->Visible) {
         return;
     }
     $ShownRecords = 0;
     $this->ds->Parameters["urluser_id"] = CCGetFromGet("user_id", "");
     $this->ds->Parameters["urlexpires"] = CCGetFromGet("expires", "");
     $this->ds->Parameters["urlactive"] = CCGetFromGet("active", "");
     $this->ds->Parameters["urluser_id"] = CCGetFromGet("user_id", "");
     $this->ds->Parameters["urlemail"] = CCGetFromGet("email", "");
     $this->ds->Parameters["urlpaid"] = CCGetFromGet("paid", "");
     $this->ds->Parameters["urlsubsc_id"] = CCGetFromGet("subsc_id", "");
     $this->ds->Parameters["urldate"] = CCGetFromGet("date", "");
     $this->ds->Prepare();
     $this->ds->Open();
     $GridBlock = "Grid " . $this->ComponentName;
     $Tpl->block_path = $GridBlock;
     $this->CCSEventResult = CCGetEvent($this->CCSEvents, "BeforeShow");
     $is_next_record = $this->ds->next_record();
     if ($is_next_record && $ShownRecords < $this->PageSize) {
         do {
             $this->ds->SetValues();
             $Tpl->block_path = $GridBlock . "/Row";
             $this->Detail->Parameters = CCGetQueryString("QueryString", array("ccsForm"));
             $this->Detail->Parameters = CCAddParam($this->Detail->Parameters, "id", $this->ds->f("id"));
             $this->Detail->Page = "SubscribedUserMaintanence.php";
             $this->expires->SetValue(date("F j, Y, g:i a", $this->ds->expires->GetValue()));
             if ($this->ds->active->GetValue() == 1) {
                 $this->active->SetValue("Yes");
             } else {
                 $this->active->SetValue("No");
             }
             $this->user_id->SetValue($this->ds->user_id->GetValue());
             $this->email->SetValue($this->ds->email->GetValue());
             $this->paid->SetValue($this->ds->paid->GetValue());
             $this->subsc_id->SetValue($this->ds->subsc_id->GetValue());
             $this->date->SetValue(date("F j, Y, g:i a", $this->ds->date->GetValue()));
             $this->CCSEventResult = CCGetEvent($this->CCSEvents, "BeforeShowRow");
             $this->Detail->Show();
             $this->expires->Show();
             $this->active->Show();
             $this->user_id->Show();
             $this->email->Show();
             $this->paid->Show();
             $this->subsc_id->Show();
             $this->date->Show();
             $db = new clsDBNetConnect();
             $query = "select user_login, email from users where user_id = " . $this->ds->user_id->GetValue();
             $db->query($query);
             if ($db->next_record()) {
                 $Tpl->setVar("username", $db->f("user_login"));
                 $Tpl->setVar("email", $db->f("email"));
             }
             $query = "select title from subscription_plans where id = " . $this->ds->subsc_id->GetValue();
             $db->query($query);
             if ($db->next_record()) {
                 $Tpl->setVar("subscription", $db->f("title"));
             }
             if ($this->ds->expires->GetValue() == 9999999999.0) {
                 $Tpl->setVar("expires", "Never");
             }
             $Tpl->block_path = $GridBlock;
             $Tpl->parse("Row", true);
             $ShownRecords++;
             $is_next_record = $this->ds->next_record();
         } while ($is_next_record && $ShownRecords < $this->PageSize);
     } else {
         $Tpl->parse("NoRecords", false);
     }
     $this->Navigator->TotalPages = $this->ds->PageCount();
     $this->Sorter_expires->Show();
     $this->Sorter_active->Show();
     $this->Sorter_user_id->Show();
     $this->Sorter_email->Show();
     $this->Sorter_paid->Show();
     $this->Sorter_subsc_id->Show();
     $this->Sorter_date->Show();
     $this->users_Insert->Show();
     $this->Navigator->Show();
     $Tpl->parse("", false);
     $Tpl->block_path = "";
 }
Esempio n. 29
0
 function Show()
 {
     global $Tpl;
     global $now;
     if (!$this->Visible) {
         return;
     }
     $ShownRecords = 0;
     $this->ds->Parameters["sesUserID"] = CCGetSession("UserID");
     $this->ds->Prepare();
     $this->ds->Open();
     $GridBlock = "Grid " . $this->ComponentName;
     $Tpl->block_path = $GridBlock;
     $this->CCSEventResult = CCGetEvent($this->CCSEvents, "BeforeShow");
     $is_next_record = $this->ds->next_record();
     if ($is_next_record && $ShownRecords < $this->PageSize) {
         do {
             $this->ds->SetValues();
             $Tpl->block_path = $GridBlock . "/Row";
             $this->comment->SetValue($this->ds->comment->GetValue());
             $twodays = $this->ds->date->GetValue();
             $theday = getdate($twodays);
             $lastofyear = substr($theday["year"], -2);
             $enddate = $theday["mon"] . "/" . $theday["mday"] . "/" . $lastofyear;
             $this->date->SetValue(date("F j, Y, g:i a", $this->ds->date->GetValue()));
             if ($this->ds->doing_rating->GetValue() != "" && is_numeric($this->ds->doing_rating->GetValue()) && $this->ds->doing_rating->GetValue() != 1000000000) {
                 $lookupdb = new clsDBNetConnect();
                 $lookupdb->connect();
                 $thename = CCDLookUp("user_login", "users", "user_id='" . $this->ds->doing_rating->GetValue() . "'", $lookupdb);
                 $this->doing_rating->SetValue($thename);
                 unset($lookupdb);
             } else {
                 $this->doing_rating->SetValue($now["sitename"]);
             }
             $this->id->SetValue($this->ds->id->GetValue());
             $this->ItemNum->SetValue($this->ds->ItemNum->GetValue());
             if ($this->ds->rating->GetValue() == 1) {
                 $this->rating->SetValue("<img src=\"images/positive.gif\">");
             }
             if ($this->ds->rating->GetValue() == 0) {
                 $this->rating->SetValue("<img src=\"images/neutral.gif\">");
             }
             if ($this->ds->rating->GetValue() == -1) {
                 $this->rating->SetValue("<img src=\"images/negative.gif\">");
             }
             if ($this->ds->buysell->GetValue() == 1) {
                 $this->buysell->SetValue("Buyer");
             }
             if ($this->ds->buysell->GetValue() == 0) {
                 $this->buysell->SetValue("Seller");
             }
             $this->CCSEventResult = CCGetEvent($this->CCSEvents, "BeforeShowRow");
             $this->comment->Show();
             $this->date->Show();
             $this->doing_rating->Show();
             $this->buysell->Show();
             $this->id->Show();
             $this->ItemNum->Show();
             $this->rating->Show();
             $counter = new clsDBNetConnect();
             $query = "select * from feedback where `counter` = '" . $this->ds->id->GetValue() . "'";
             $counter->query($query);
             if ($counter->next_record()) {
                 $Tpl->SetBlockVar("counter", "");
                 $Tpl->setVar("countercomment", stripslashes($counter->f("comment")));
                 $Tpl->setVar("countericon", "<img src=\"images/CounterComment.gif\">");
                 $Tpl->setVar("counterlink", "");
                 $Tpl->parse("counter", "");
             } else {
                 $Tpl->SetBlockVar("counter", "");
                 $Tpl->setVar("countercomment", "");
                 $Tpl->setVar("countericon", "");
                 if (CCGetUserID() == $_GET["user_id"]) {
                     $Tpl->setVar("counterlink", "<a href=\"RateUser.php?id=" . $this->ds->id->GetValue() . "\">&nbsp;&nbsp;&nbsp;&nbsp;<i>Comment on this rating</i></a>");
                 }
             }
             $Tpl->block_path = $GridBlock;
             $Tpl->parse("Row", true);
             $ShownRecords++;
             $is_next_record = $this->ds->next_record();
         } while ($is_next_record && $ShownRecords < $this->PageSize);
     } else {
         $Tpl->parse("NoRecords", false);
     }
     $this->Navigator->TotalPages = $this->ds->PageCount();
     $this->Sorter_doing_rating->Show();
     $this->Sorter_date->Show();
     $this->Navigator->Show();
     $Tpl->parse("", false);
     $Tpl->block_path = "";
 }
Esempio n. 30
0
    function InsertRow()
    {
        global $finalamount;
        global $charges;
        global $EP;
        $this->CCSEventResult = CCGetEvent($this->CCSEvents, "BeforeInsert");
        $this->ds->charge->SetValue($finalamount);
        $this->ds->FirstName->SetValue($this->FirstName->GetValue());
        $this->ds->LastName->SetValue($this->LastName->GetValue());
        $this->ds->CCNumber->SetValue($this->CCNumber->GetValue());
        $this->ds->ExpDate->SetValue($this->ExpDate->GetValue());
        $this->ds->CardCode->SetValue($this->CardCode->GetValue());
        $this->ds->user_id->SetValue(CCGetUserID());
        $this->ds->date->SetValue(time());
        $this->ds->cause->SetValue("Credit Card Payment--Subscription");
        $this->ds->Insert();
        $this->CCSEventResult = CCGetEvent($this->CCSEvents, "AfterInsert");
        $lookdb = new clsDBNetConnect;
        $lookdb->connect();
        $lookdb->query("SELECT * FROM users WHERE user_login='******'");
                if($lookdb->next_record()) {
                        $ld = array(
                        "first" => $lookdb->f("first_name"),
                        "ID" => $lookdb->f("user_id"),
                        "last" => $lookdb->f("last_name"),
                        "email" => $lookdb->f("email"),
                        "address" => $lookdb->f("address1"),
                        "address2" => $lookdb->f("address2"),
                        "state" => $lookdb->f("state_id"),
                        "zip" => $lookdb->f("zip"),
                        "city" => $lookdb->f("city"),
                        "phonedy" => $lookdb->f("phone_day"),
                        "phoneevn" => $lookdb->f("phone_evn"),
                        "fax" => $lookdb->f("fax"),
                        "ip" => $lookdb->f("ip_insert"),
                        "date_created" => $lookdb->f("date_created"),
                        );
                }
                $EP["EMAIL:PAYMENT_SUBJECT"] = "Credit Card Deposit";
                $EP["EMAIL:PAYMENT_AMOUNT"] = $charges["currency"] . $finalamount;
                $EP["EMAIL:CURRENT_USERNAME"] = CCGetUserLogin();
                $EP["EMAIL:CURRENT_USERID"] = $ld["ID"];
                $EP["EMAIL:CURRENT_USER_FIRST_NAME"] = $ld["first"];
                $EP["EMAIL:CURRENT_USER_LAST_NAME"] = $ld["last"];
                $EP["EMAIL:CURRENT_USER_EMAIL"] = $ld["email"];
                $EP["EMAIL:CURRENT_USER_ADDRESS"] = $ld["address"];
                $EP["EMAIL:CURRENT_USER_ADDRESS2"] = $ld["address2"];
                $EP["EMAIL:CURRENT_USER_STATE"] = $ld["state"];
                $EP["EMAIL:CURRENT_USER_CITY"] = $ld["city"];
                $EP["EMAIL:CURRENT_USER_ZIP"] = $ld["zip"];
                $EP["EMAIL:CURRENT_USER_DAY_PHONE"] = $ld["phonedy"];
                $EP["EMAIL:CURRENT_USER_EVN_PHONE"] = $ld["phoneevn"];
                $EP["EMAIL:CURRENT_USER_FAX"] = $ld["fax"];
                $EP["EMAIL:CURRENT_USER_IP"] = getenv("REMOTE_ADDR");
                $EP["EMAIL:CURRENT_USER__REGISTERED_IP"] = $ld["ip"];
                $EP["EMAIL:CURRENT_USER_DATE_SIGNEDUP"] = date("F j, Y, g:i a", $ld["date_created"]);

            mailout("NewSubscribe", $now["notifyads"], $payer_id, 1000000000, time(), $EP);

        if($this->ds->Errors->Count() > 0)
        {
            echo "Error in Record " . $this->ComponentName . " / Insert Operation";
            $this->ds->Errors->Clear();
            $this->Errors->AddError("Database command error.");
        }
        return ($this->Errors->Count() == 0);
    }