/** * Method to handle cart Action - add product * * @param string forward destination * @param url parameters */ function actionAddProduct($goto, $parameters) { global $db, $messageStack; if ($this->display_debug_messages) { $messageStack->add_session('header', 'A: FUNCTION ' . __FUNCTION__, 'caution'); } if (isset($_POST['products_id']) && is_numeric($_POST['products_id'])) { // verify attributes and quantity first if ($this->display_debug_messages) { $messageStack->add_session('header', 'A2: FUNCTION ' . __FUNCTION__, 'caution'); } $the_list = ''; $adjust_max = 'false'; if (isset($_POST['id'])) { foreach ($_POST['id'] as $key => $value) { $check = zen_get_attributes_valid($_POST['products_id'], $key, $value); if ($check == false) { $the_list .= TEXT_ERROR_OPTION_FOR . '<span class="alertBlack">' . zen_options_name($key) . '</span>' . TEXT_INVALID_SELECTION . '<span class="alertBlack">' . ($value == (int) PRODUCTS_OPTIONS_VALUES_TEXT_ID ? TEXT_INVALID_USER_INPUT : zen_values_name($value)) . '</span>' . '<br />'; } } } if (!is_numeric($_POST['cart_quantity']) || $_POST['cart_quantity'] < 0) { // adjust quantity when not a value $chk_link = '<a href="' . zen_href_link(zen_get_info_page($_POST['products_id']), 'cPath=' . zen_get_generated_category_path_rev(zen_get_products_category_id($_POST['products_id'])) . '&products_id=' . $_POST['products_id']) . '">' . zen_get_products_name($_POST['products_id']) . '</a>'; $messageStack->add_session('header', ERROR_CORRECTIONS_HEADING . ERROR_PRODUCT_QUANTITY_UNITS_SHOPPING_CART . $chk_link . ' ' . PRODUCTS_ORDER_QTY_TEXT . zen_output_string_protected($_POST['cart_quantity']), 'caution'); $_POST['cart_quantity'] = 0; } // verify qty to add $add_max = zen_get_products_quantity_order_max($_POST['products_id']); $cart_qty = $this->in_cart_mixed($_POST['products_id']); if ($this->display_debug_messages) { $messageStack->add_session('header', 'B: FUNCTION ' . __FUNCTION__ . ' Products_id: ' . $_POST['products_id'] . ' cart_qty: ' . $cart_qty . ' $_POST[cart_quantity]: ' . $_POST['cart_quantity'] . ' <br>', 'caution'); } $new_qty = $_POST['cart_quantity']; $new_qty = $this->adjust_quantity($new_qty, $_POST['products_id'], 'shopping_cart'); // bof: adjust new quantity to be same as current in stock $chk_current_qty = zen_get_products_stock($_POST['products_id']); $this->flag_duplicate_msgs_set = FALSE; if (STOCK_ALLOW_CHECKOUT == 'false' && $cart_qty + $new_qty > $chk_current_qty) { $new_qty = $chk_current_qty; $messageStack->add_session('shopping_cart', ($this->display_debug_messages ? 'C: FUNCTION ' . __FUNCTION__ . ': ' : '') . WARNING_PRODUCT_QUANTITY_ADJUSTED . zen_get_products_name($_POST['products_id']), 'caution'); $this->flag_duplicate_msgs_set = TRUE; } // eof: adjust new quantity to be same as current in stock if ($add_max == 1 and $cart_qty == 1) { // do not add $new_qty = 0; $adjust_max = 'true'; } else { // bof: adjust new quantity to be same as current in stock if (STOCK_ALLOW_CHECKOUT == 'false' && $new_qty + $cart_qty > $chk_current_qty) { $adjust_new_qty = 'true'; $alter_qty = $chk_current_qty - $cart_qty; $new_qty = $alter_qty > 0 ? $alter_qty : 0; if (!$this->flag_duplicate_msgs_set) { $messageStack->add_session('shopping_cart', ($this->display_debug_messages ? 'D: FUNCTION ' . __FUNCTION__ . ': ' : '') . WARNING_PRODUCT_QUANTITY_ADJUSTED . zen_get_products_name($_POST['products_id']), 'caution'); } } // eof: adjust new quantity to be same as current in stock // adjust quantity if needed if ($new_qty + $cart_qty > $add_max and $add_max != 0) { $adjust_max = 'true'; $new_qty = $add_max - $cart_qty; } } if (zen_get_products_quantity_order_max($_POST['products_id']) == 1 and $this->in_cart_mixed($_POST['products_id']) == 1) { // do not add } else { // process normally // bof: set error message if ($the_list != '') { $messageStack->add('product_info', ERROR_CORRECTIONS_HEADING . $the_list, 'caution'); } else { // process normally // iii 030813 added: File uploading: save uploaded files with unique file names $real_ids = isset($_POST['id']) ? $_POST['id'] : ""; if (isset($_GET['number_of_uploads']) && $_GET['number_of_uploads'] > 0) { /** * Need the upload class for attribute type that allows user uploads. * */ include DIR_WS_CLASSES . 'upload.php'; for ($i = 1, $n = $_GET['number_of_uploads']; $i <= $n; $i++) { if (zen_not_null($_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]]) and $_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] != 'none') { $products_options_file = new upload('id'); $products_options_file->set_destination(DIR_FS_UPLOADS); $products_options_file->set_output_messages('session'); if ($products_options_file->parse(TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i])) { $products_image_extension = substr($products_options_file->filename, strrpos($products_options_file->filename, '.')); if ($_SESSION['customer_id']) { $db->Execute("insert into " . TABLE_FILES_UPLOADED . " (sesskey, customers_id, files_uploaded_name) values('" . zen_session_id() . "', '" . $_SESSION['customer_id'] . "', '" . zen_db_input($products_options_file->filename) . "')"); } else { $db->Execute("insert into " . TABLE_FILES_UPLOADED . " (sesskey, files_uploaded_name) values('" . zen_session_id() . "', '" . zen_db_input($products_options_file->filename) . "')"); } $insert_id = $db->Insert_ID(); $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $insert_id . ". " . $products_options_file->filename; $products_options_file->set_filename("{$insert_id}" . $products_image_extension); if (!$products_options_file->save()) { break; } } else { break; } } else { // No file uploaded -- use previous value $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $_POST[TEXT_PREFIX . UPLOAD_PREFIX . $i]; } } } $this->add_cart($_POST['products_id'], $this->get_quantity(zen_get_uprid($_POST['products_id'], $real_ids)) + $new_qty, $real_ids); // iii 030813 end of changes. } // eof: set error message } // eof: quantity maximum = 1 if ($adjust_max == 'true') { $messageStack->add_session('shopping_cart', ERROR_MAXIMUM_QTY . zen_get_products_name($_POST['products_id']), 'caution'); if ($this->display_debug_messages) { $messageStack->add_session('header', 'E: FUNCTION ' . __FUNCTION__ . '<br>' . ERROR_MAXIMUM_QTY . zen_get_products_name($_POST['products_id']), 'caution'); } } } if ($the_list == '') { // no errors // display message if all is good and not on shopping_cart page if (DISPLAY_CART == 'false' && $_GET['main_page'] != FILENAME_SHOPPING_CART && $messageStack->size('shopping_cart') == 0) { $messageStack->add_session('header', ($this->display_debug_messages ? 'FUNCTION ' . __FUNCTION__ . ': ' : '') . SUCCESS_ADDED_TO_CART_PRODUCT, 'success'); zen_redirect(zen_href_link($goto, zen_get_all_get_params($parameters))); } else { zen_redirect(zen_href_link(FILENAME_SHOPPING_CART)); } } else { // errors found with attributes - perhaps display an additional message here, using an observer class to add to the messageStack $this->notify('NOTIFIER_CART_OPTIONAL_ATTRIBUTE_ERROR_MESSAGE_HOOK', $_POST, $the_list); } }
function actionAJAXAddProduct() { global $messageStack, $db; if (isset($_POST['products_id']) && is_numeric($_POST['products_id'])) { // verify attributes and quantity first $the_list = ''; $adjust_max = 'false'; if (isset($_POST['id'])) { foreach ($_POST['id'] as $key => $value) { $check = zen_get_attributes_valid($_POST['products_id'], $key, $value); if ($check == false) { $the_list .= TEXT_ERROR_OPTION_FOR . '<span class="alertBlack">' . zen_options_name($key) . '</span>' . TEXT_INVALID_SELECTION . '<span class="alertBlack">' . (zen_values_name($value) == 'TEXT' ? TEXT_INVALID_USER_INPUT : zen_values_name($value)) . '</span>' . '<br />'; } } } // verify qty to add // $real_ids = $_POST['id']; //die('I see Add to Cart: ' . $_POST['products_id'] . 'real id ' . zen_get_uprid($_POST['products_id'], $real_ids) . ' add qty: ' . $add_max . ' - cart qty: ' . $cart_qty . ' - newqty: ' . $new_qty); $add_max = zen_get_products_quantity_order_max($_POST['products_id']); $cart_qty = $this->in_cart_mixed($_POST['products_id']); $new_qty = $_POST['cart_quantity']; if ($new_qty > 400000) { $new_qty = 400000; } //echo 'I SEE actionAddProduct: ' . $_POST['products_id'] . '<br>'; $new_qty = $this->adjust_quantity($new_qty, $_POST['products_id'], 'shopping_cart'); if ($add_max == 1 and $cart_qty == 1) { // do not add $new_qty = 0; $adjust_max = 'true'; } else { // adjust quantity if needed if ($new_qty + $cart_qty > $add_max and $add_max != 0) { $adjust_max = 'true'; $new_qty = $add_max - $cart_qty; } } if (zen_get_products_quantity_order_max($_POST['products_id']) == 1 and $this->in_cart_mixed($_POST['products_id']) == 1) { // do not add } else { // process normally // bof: set error message if ($the_list != '') { $messageStack->add('product_info', ERROR_CORRECTIONS_HEADING . $the_list, 'caution'); // $messageStack->add('header', 'REMOVE ME IN SHOPPING CART CLASS BEFORE RELEASE<br/><BR />' . ERROR_CORRECTIONS_HEADING . $the_list, 'error'); } else { // process normally // iii 030813 added: File uploading: save uploaded files with unique file names $real_ids = isset($_POST['id']) ? $_POST['id'] : ""; if (isset($_GET['number_of_uploads']) && $_GET['number_of_uploads'] > 0) { /** * Need the upload class for attribute type that allows user uploads. * */ include DIR_WS_CLASSES . 'upload.php'; for ($i = 1, $n = $_GET['number_of_uploads']; $i <= $n; $i++) { if (zen_not_null($_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]]) and $_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] != 'none') { $products_options_file = new upload('id'); $products_options_file->set_destination(DIR_FS_UPLOADS); $products_options_file->set_output_messages('session'); if ($products_options_file->parse(TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i])) { $products_image_extension = substr($products_options_file->filename, strrpos($products_options_file->filename, '.')); if ($_SESSION['customer_id']) { $db->Execute("insert into " . TABLE_FILES_UPLOADED . " (sesskey, customers_id, files_uploaded_name) values('" . zen_session_id() . "', '" . $_SESSION['customer_id'] . "', '" . zen_db_input($products_options_file->filename) . "')"); } else { $db->Execute("insert into " . TABLE_FILES_UPLOADED . " (sesskey, files_uploaded_name) values('" . zen_session_id() . "', '" . zen_db_input($products_options_file->filename) . "')"); } $insert_id = $db->Insert_ID(); $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $insert_id . ". " . $products_options_file->filename; $products_options_file->set_filename("{$insert_id}" . $products_image_extension); if (!$products_options_file->save()) { break; } } else { break; } } else { // No file uploaded -- use previous value $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $_POST[TEXT_PREFIX . UPLOAD_PREFIX . $i]; } } } $this->add_cart($_POST['products_id'], $this->get_quantity(zen_get_uprid($_POST['products_id'], $real_ids)) + $new_qty, $real_ids); // iii 030813 end of changes. } // eof: set error message } // eof: quantity maximum = 1 if ($adjust_max == 'true') { // $messageStack->add_session('shopping_cart', ERROR_MAXIMUM_QTY . ' B: - ' . zen_get_products_name($_POST['products_id']), 'caution'); $messageStack->add_session('shopping_cart', ERROR_MAXIMUM_QTY . zen_get_products_name($_POST['products_id']), 'caution'); } } }
/** * Method to handle cart Action - add product * * @param string forward destination * @param url parameters */ public function actionAddProduct($goto, $parameters) { if (isset($_POST['products_id']) && is_numeric($_POST['products_id'])) { // verify attributes and quantity first $the_list = ''; $adjust_max = 'false'; if (isset($_POST['id'])) { foreach ($_POST['id'] as $key => $value) { $check = zen_get_attributes_valid($_POST['products_id'], $key, $value); if ($check == false) { $the_list .= TEXT_ERROR_OPTION_FOR . '<span class="alertBlack">' . zen_options_name($key) . '</span>' . TEXT_INVALID_SELECTION . '<span class="alertBlack">' . (zen_values_name($value) == 'TEXT' ? TEXT_INVALID_USER_INPUT : zen_values_name($value)) . '</span>' . '<br />'; } } } // verify qty to add $add_max = zen_get_products_quantity_order_max($_POST['products_id']); $cart_qty = $this->in_cart_mixed($_POST['products_id']); $new_qty = $_POST['cart_quantity']; $new_qty = $this->adjust_quantity($new_qty, $_POST['products_id'], 'shopping_cart'); if ($add_max == 1 and $cart_qty == 1) { // do not add $new_qty = 0; $adjust_max = 'true'; } else { // adjust quantity if needed if ($new_qty + $cart_qty > $add_max and $add_max != 0) { $adjust_max = 'true'; $new_qty = $add_max - $cart_qty; } } if (zen_get_products_quantity_order_max($_POST['products_id']) == 1 and $this->in_cart_mixed($_POST['products_id']) == 1) { // do not add } else { // process normally // bof: set error message if ($the_list != '') { $this->getMessageStack()->add('product_info', ERROR_CORRECTIONS_HEADING . $the_list, 'caution'); } else { // process normally // iii 030813 added: File uploading: save uploaded files with unique file names $real_ids = isset($_POST['id']) ? $_POST['id'] : ""; if (isset($_GET['number_of_uploads']) && $_GET['number_of_uploads'] > 0) { /** * Need the upload class for attribute type that allows user uploads. * */ include DIR_WS_CLASSES . 'upload.php'; for ($i = 1, $n = $_GET['number_of_uploads']; $i <= $n; $i++) { if (zen_not_null($_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]]) and $_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] != 'none') { $products_options_file = new \upload('id'); $products_options_file->set_destination(DIR_FS_UPLOADS); $products_options_file->set_output_messages('session'); if ($products_options_file->parse(TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i])) { $products_image_extension = substr($products_options_file->filename, strrpos($products_options_file->filename, '.')); if ($this->getSessionVar('customer_id')) { $this->getDb()->Execute("insert into %table.files_uploaded% (sesskey, customers_id, files_uploaded_name) values('" . zen_session_id() . "', '" . $this->getSessionVar('customer_id') . "', '" . addslashes($products_options_file->filename) . "')"); } else { $this->getDb()->Execute("insert into %table.files_uploaded% (sesskey, files_uploaded_name) values('" . zen_session_id() . "', '" . addslashes($products_options_file->filename) . "')"); } $insert_id = $this->getDb()->Insert_ID(); $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $insert_id . ". " . $products_options_file->filename; $products_options_file->set_filename("{$insert_id}" . $products_image_extension); if (!$products_options_file->save()) { break; } } else { break; } } else { // No file uploaded -- use previous value $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $_POST[TEXT_PREFIX . UPLOAD_PREFIX . $i]; } } } $this->add_cart($_POST['products_id'], $this->get_quantity(zen_get_uprid($_POST['products_id'], $real_ids)) + $new_qty, $real_ids); // iii 030813 end of changes. } // eof: set error message } // eof: quantity maximum = 1 if ($adjust_max == 'true') { $this->getMessageStack()->add_session('shopping_cart', ERROR_MAXIMUM_QTY . zen_get_products_name($_POST['products_id']), 'caution'); } } if ($the_list == '') { // no errors // display message if all is good and not on shopping_cart page if (DISPLAY_CART == 'false' && $this->getMainPage() != 'shopping_cart') { $this->getMessageStack()->add_session('header', SUCCESS_ADDED_TO_CART_PRODUCT, 'success'); } zen_redirect(zen_href_link($goto, zen_get_all_get_params($parameters))); } else { // errors - display popup message } }
$value = isset($_POST['value']) ? tep_db_prepare_input($_POST['value']) : ''; $order = isset($_POST['sort_order']) ? tep_db_prepare_input($_POST['sort_order']) : 0; $depends_on = isset($_POST['depends_on']) ? tep_db_prepare_input($_POST['depends_on']) : 0; $excludes = isset($_POST['excludes']) ? $_POST['excludes'] : array(); if (!tep_not_null($value)) { $error = true; $messages[] = ERROR_VALUE; $action = 'edit'; } $check = tep_db_query("select value_image from " . TABLE_EPF_VALUES . " where value_id = " . (int) $vid); $current = tep_db_fetch_array($check); $data_array = array('sort_order' => (int) $order, 'value_depends_on' => (int) $depends_on, 'epf_value' => $value); $value_image = new upload('values_image'); $webimgetypes = array('jpg', 'jpeg', 'gif', 'png'); $value_image->set_extensions($webimgtypes); $value_image->set_output_messages('session'); $value_image->set_destination(DIR_FS_CATALOG_IMAGES . 'epf/'); if ($value_image->parse()) { $check_query = tep_db_query('select value_id from ' . TABLE_EPF_VALUES . ' where value_image = "' . tep_db_input($value_image->filename) . '"'); $num_found = tep_db_num_rows($check_query); $check = tep_db_fetch_array($check_query); if ($num_found > 0 && $check['value_id'] != $vid) { $error = true; $messages[] = ERROR_FILENAME_USED; $action = 'edit'; } elseif ($value_image->save()) { $data_array['value_image'] = $value_image->filename; if ($current['value_image'] != '' && $value_image->filename != $current['value_image']) { // image file name has changed, remove old file if (file_exists(DIR_FS_CATALOG_IMAGES . 'epf/' . $current['value_image'])) { @unlink(DIR_FS_CATALOG_IMAGES . 'epf/' . $current['value_image']);
function restore($filename = false) { global $osC_Database, $osC_Session; osc_set_time_limit(0); if ($filename !== false) { if (file_exists(DIR_FS_BACKUP . $filename)) { $restore_file = DIR_FS_BACKUP . $filename; $extension = substr($filename, -3); if ($extension == 'sql' || $extension == '.gz' || $extension == 'zip') { switch ($extension) { case 'sql': $restore_from = $restore_file; $remove_raw = false; break; case '.gz': $restore_from = substr($restore_file, 0, -3); exec(CFG_APP_GUNZIP . ' ' . $restore_file . ' -c > ' . $restore_from); $remove_raw = true; break; case 'zip': $restore_from = substr($restore_file, 0, -4); exec(CFG_APP_UNZIP . ' ' . $restore_file . ' -d ' . DIR_FS_BACKUP); $remove_raw = true; break; } if (isset($restore_from) && file_exists($restore_from)) { $fd = fopen($restore_from, 'rb'); $restore_query = fread($fd, filesize($restore_from)); fclose($fd); } } } } else { $sql_file = new upload('sql_file'); $sql_file->set_output_messages('session'); if ($sql_file->parse()) { $restore_query = fread(fopen($sql_file->tmp_filename, 'r'), filesize($sql_file->tmp_filename)); $filename = $sql_file->filename; } } if (isset($restore_query) && !empty($restore_query)) { $sql_array = array(); $sql_length = strlen($restore_query); $pos = strpos($restore_query, ';'); for ($i = $pos; $i < $sql_length; $i++) { if ($restore_query[0] == '#') { $restore_query = ltrim(substr($restore_query, strpos($restore_query, "\n"))); $sql_length = strlen($restore_query); $i = strpos($restore_query, ';') - 1; continue; } if ($restore_query[$i + 1] == "\n") { for ($j = $i + 2; $j < $sql_length; $j++) { if (trim($restore_query[$j]) != '') { $next = substr($restore_query, $j, 6); if ($next[0] == '#') { // find out where the break position is so we can remove this line (#comment line) for ($k = $j; $k < $sql_length; $k++) { if ($restore_query[$k] == "\n") { break; } } $query = substr($restore_query, 0, $i + 1); $restore_query = substr($restore_query, $k); // join the query before the comment appeared, with the rest of the dump $restore_query = $query . $restore_query; $sql_length = strlen($restore_query); $i = strpos($restore_query, ';') - 1; continue 2; } break; } } if ($next == '') { // get the last insert query $next = 'insert'; } if (eregi('create', $next) || eregi('insert', $next) || eregi('drop t', $next)) { $next = ''; $sql_array[] = substr($restore_query, 0, $i); $restore_query = ltrim(substr($restore_query, $i + 1)); $sql_length = strlen($restore_query); $i = strpos($restore_query, ';') - 1; } } } // drop all tables defined in oscommerce/includes/database_tables.php $tables_array = array(); foreach (get_defined_constants() as $key => $value) { if (substr($key, 0, 6) == 'TABLE_') { $tables_array[] = $value; } } if (!empty($tables_array)) { $Qdrop = $osC_Database->query('drop table if exists :tables'); $Qdrop->bindRaw(':tables', implode(', ', $tables_array)); $Qdrop->execute(); } for ($i = 0, $n = sizeof($sql_array); $i < $n; $i++) { $osC_Database->simpleQuery($sql_array[$i]); } $osC_Session->close(); // empty the sessions table $Qsessions = $osC_Database->query('delete from :table_sessions'); $Qsessions->bindTable(':table_sessions', TABLE_SESSIONS); $Qsessions->execute(); // empty the who's online table $Qwho = $osC_Database->query('delete from :table_whos_online'); $Qwho->bindTable(':table_whos_online', TABLE_WHOS_ONLINE); $Qwho->execute(); $Qcfg = $osC_Database->query('delete from :table_configuration where configuration_key = :configuration_key'); $Qcfg->bindTable(':table_configuration', TABLE_CONFIGURATION); $Qcfg->bindValue(':configuration_key', 'DB_LAST_RESTORE'); $Qcfg->execute(); $Qcfg = $osC_Database->query('insert into :table_configuration values ("", "Last Database Restore", "DB_LAST_RESTORE", :filename, "Last database restore file", "6", "", "", now(), "", "")'); $Qcfg->bindTable(':table_configuration', TABLE_CONFIGURATION); $Qcfg->bindValue(':filename', $filename); $Qcfg->execute(); osC_Cache::clear('configuration'); if (isset($remove_raw) && $remove_raw === true) { unlink($restore_from); } return true; } return false; }
$messageStack->add('product_info', ERROR_CORRECTIONS_HEADING . $the_list, 'caution'); } else { // process normally // iii 030813 added: File uploading: save uploaded files with unique file names $real_ids = isset($_POST['id']) ? $_POST['id'] : ""; if (isset($_GET['number_of_uploads']) && $_GET['number_of_uploads'] > 0) { /** * Need the upload class for attribute type that allows user uploads. * */ include DIR_WS_CLASSES . 'upload.php'; for ($i = 1, $n = $_GET['number_of_uploads']; $i <= $n; $i++) { if (zen_not_null($_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]]) and $_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] != 'none') { $products_options_file = new upload('id'); $products_options_file->set_destination(DIR_FS_UPLOADS); $products_options_file->set_output_messages('session'); if ($products_options_file->parse(TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i])) { $products_image_extension = substr($products_options_file->filename, strrpos($products_options_file->filename, '.')); if ($_SESSION['customer_id']) { $db->Execute("insert into " . TABLE_FILES_UPLOADED . " (sesskey, customers_id, files_uploaded_name) values('" . zen_session_id() . "', '" . $_SESSION['customer_id'] . "', '" . zen_db_input($products_options_file->filename) . "')"); } else { $db->Execute("insert into " . TABLE_FILES_UPLOADED . " (sesskey, files_uploaded_name) values('" . zen_session_id() . "', '" . zen_db_input($products_options_file->filename) . "')"); } $insert_id = $db->Insert_ID(); $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $insert_id . ". " . $products_options_file->filename; $products_options_file->set_filename("{$insert_id}" . $products_image_extension); if (!$products_options_file->save()) { break; } } else { break;
function upload($name, $img_dir, $overwrite, &$image_name) { $image = new upload($name); $image->set_output_messages('direct'); $image->set_destination(DIR_FS_CATALOG_IMAGES . $img_dir); if ($image->parse() && $image->save($overwrite)) { $image_name = $img_dir . $image->filename; return true; } else { return false; } }
break; case 'zip': $restore_from = substr($restore_file, 0, -4); exec(LOCAL_EXE_UNZIP . ' ' . $restore_file . ' -d ' . DIR_FS_BACKUP); $remove_raw = true; } if (isset($restore_from) && file_exists($restore_from) && filesize($restore_from) > 15000) { $fd = fopen($restore_from, 'rb'); $restore_query = fread($fd, filesize($restore_from)); fclose($fd); } } } } elseif ($action == 'restorelocalnow') { $sql_file = new upload('sql_file'); $sql_file->set_output_messages('session'); if ($sql_file->parse() == true) { $restore_query = fread(fopen($sql_file->tmp_filename, 'r'), filesize($sql_file->tmp_filename)); $read_from = $sql_file->filename; } } if (isset($restore_query)) { $sql_array = array(); $sql_length = strlen($restore_query); $pos = strpos($restore_query, ';'); for ($i = $pos; $i < $sql_length; $i++) { if ($restore_query[0] == '#') { $restore_query = ltrim(substr($restore_query, strpos($restore_query, "\n"))); $sql_length = strlen($restore_query); $i = strpos($restore_query, ';') - 1; continue;