function fn_update_product_filter($filter_data, $filter_id, $lang_code = DESCR_SL) { if (fn_allowed_for('ULTIMATE') && Registry::get('runtime.company_id')) { if (!empty($filter_id) && !fn_check_company_id('product_filters', 'filter_id', $filter_id)) { fn_company_access_denied_notification(); return false; } if (!empty($filter_id)) { unset($filter_data['company_id']); } } // Parse filter type if (strpos($filter_data['filter_type'], 'FF-') === 0 || strpos($filter_data['filter_type'], 'RF-') === 0 || strpos($filter_data['filter_type'], 'DF-') === 0) { $filter_data['feature_id'] = str_replace(array('RF-', 'FF-', 'DF-'), '', $filter_data['filter_type']); $filter_data['feature_type'] = db_get_field("SELECT feature_type FROM ?:product_features WHERE feature_id = ?i", $filter_data['feature_id']); } else { $filter_data['field_type'] = str_replace(array('R-', 'B-'), '', $filter_data['filter_type']); $filter_fields = fn_get_product_filter_fields(); } if (!empty($filter_id)) { db_query('UPDATE ?:product_filters SET ?u WHERE filter_id = ?i', $filter_data, $filter_id); db_query('UPDATE ?:product_filter_descriptions SET ?u WHERE filter_id = ?i AND lang_code = ?s', $filter_data, $filter_id, $lang_code); } else { $filter_data['filter_id'] = $filter_id = db_query('INSERT INTO ?:product_filters ?e', $filter_data); foreach (fn_get_translation_languages() as $filter_data['lang_code'] => $_d) { db_query("INSERT INTO ?:product_filter_descriptions ?e", $filter_data); } } fn_set_hook('update_product_filter', $filter_data, $filter_id, $lang_code); return $filter_id; }
public function delete($id) { $data = array(); $status = Response::STATUS_NOT_FOUND; if (fn_check_company_id('shippings', 'shipping_id', $id)) { if (fn_delete_shipping($id)) { $status = Response::STATUS_NO_CONTENT; } } return array('status' => $status, 'data' => $data); }
/** * Deletes product tab with related descriptions * * @param int $tab_id Product tab identifier * @param bool $force Delete tab if it is primary or no * @return bool True in case of success, false otherwise */ public function delete($tab_id, $force = false) { if (!empty($tab_id) && (fn_check_company_id('product_tabs', 'tab_id', $tab_id) || !$this->_company_id)) { /** * Before delete product tab * @param int $tab_id Id of product tab for delete */ fn_set_hook('delete_product_tab_pre', $tab_id); if (!$this->isPrimary($tab_id) || $force) { db_query("DELETE FROM ?:product_tabs WHERE tab_id = ?i", $tab_id); db_query("DELETE FROM ?:product_tabs_descriptions WHERE tab_id = ?i", $tab_id); /** * After delete product tab * @param int $tab_id Id of product tab for delete */ fn_set_hook('delete_product_tab_post', $tab_id); return true; } } return false; }
/** * Deletes product tab with reliated descriptions * @static * @param integer $menu_id ID of tab for delete * @return bool */ public static function delete($menu_id) { if (!empty($menu_id) && fn_check_company_id('menus', 'menu_id', $menu_id)) { /** * Before delete product tab * @param int $menu_id Id of product tab for delete */ fn_set_hook('delete_menu_pre', $menu_id); db_query("DELETE FROM ?:menus WHERE menu_id = ?i", $menu_id); db_query("DELETE FROM ?:menus_descriptions WHERE menu_id = ?i", $menu_id); // Remove data from static data $static_datas = db_get_array("SELECT param_id FROM ?:static_data WHERE param_5 = ?i AND section = 'A'", $menu_id); foreach ($static_datas as $static_data) { fn_delete_static_data($static_data['param_id']); } /** * After delete product tab * @param int $menu_id Id of product tab for delete */ fn_set_hook('delete_menu_post', $menu_id); return true; } return false; }
/** * Delete installed payment * * @param int $payment_id Payment id to be deleted * @return bool True if payment was successfully deleted, false otherwise */ function fn_delete_payment($payment_id) { $result = true; $payment_id = (int) $payment_id; if (empty($payment_id) || !fn_check_company_id('payments', 'payment_id', $payment_id)) { return false; } fn_set_hook('delete_payment_pre', $payment_id, $result); $res = db_query("DELETE FROM ?:payments WHERE payment_id = ?i", $payment_id); db_query("DELETE FROM ?:payment_descriptions WHERE payment_id = ?i", $payment_id); fn_delete_image_pairs($payment_id, 'payment'); $result = $result && $res; fn_set_hook('delete_payment_post', $payment_id, $result); /** * Delete the certificate file (if exists). */ fn_rm(Registry::get('config.dir.certificates') . $payment_id); return $result; }
/** * Deletes banner and all related data * * @param int $banner_id Banner identificator */ function fn_delete_banner_by_id($banner_id) { if (!empty($banner_id) && fn_check_company_id('banners', 'banner_id', $banner_id)) { db_query("DELETE FROM ?:banners WHERE banner_id = ?i", $banner_id); db_query("DELETE FROM ?:banner_descriptions WHERE banner_id = ?i", $banner_id); fn_set_hook('delete_banners', $banner_id); Block::instance()->removeDynamicObjectData('banners', $banner_id); $banner_images_ids = db_get_fields("SELECT banner_image_id FROM ?:banner_images WHERE banner_id = ?i", $banner_id); foreach ($banner_images_ids as $banner_image_id) { fn_delete_image_pairs($banner_image_id, 'promo'); } db_query("DELETE FROM ?:banner_images WHERE banner_id = ?i", $banner_id); } }
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. * ****************************************************************************/ use Tygh\Registry; if (!defined('BOOTSTRAP')) { die('Access denied'); } $_REQUEST['promotion_id'] = empty($_REQUEST['promotion_id']) ? 0 : $_REQUEST['promotion_id']; if ($_SERVER['REQUEST_METHOD'] == 'POST') { fn_trusted_vars('promotion_data', 'promotions'); $suffix = ''; // // Update promotion // if ($mode == 'update') { if (fn_allowed_for('ULTIMATE') && Registry::get('runtime.company_id')) { if (!empty($_REQUEST['promotion_id']) && !fn_check_company_id('promotions', 'promotion_id', $_REQUEST['promotion_id'])) { fn_company_access_denied_notification(); return array(CONTROLLER_STATUS_OK, 'promotions.update?promotion_id=' . $_REQUEST['promotion_id']); } if (!empty($_REQUEST['promotion_id'])) { unset($_REQUEST['promotion_data']['company_id']); } } $promotion_id = fn_update_promotion($_REQUEST['promotion_data'], $_REQUEST['promotion_id'], DESCR_SL); $suffix = ".update?promotion_id={$promotion_id}"; } // // Delete selected promotions // if ($mode == 'm_delete') { if (!empty($_REQUEST['promotion_ids'])) {
function fn_ult_check_store_permission_profiles($params, $table, $key, $key_id) { if (Registry::get('runtime.company_id')) { $auth = $_SESSION['auth']; $result = fn_check_company_id($table, $key, $key_id) || !empty($params['area']); $result = $result || fn_check_company_id($table, $key, $key_id, 0) && $auth['user_id'] == $key_id; if (!$result && Registry::get('settings.Stores.share_users') == 'Y') { $company_customers_ids = db_get_fields("SELECT user_id FROM ?:orders WHERE company_id = ?i", Registry::get('runtime.company_id')); $result = in_array($key_id, $company_customers_ids); } } else { $result = true; } return $result; }
function fn_delete_gift_certificate($gift_cert_id, $extra = array()) { if (!empty($gift_cert_id) && fn_check_company_id('gift_certificates', 'gift_cert_id', $gift_cert_id)) { $gift_data = db_get_row("SELECT gift_cert_code, order_ids FROM ?:gift_certificates WHERE gift_cert_id = ?i", $gift_cert_id); if (!empty($gift_data['order_ids'])) { fn_set_notification('W', __('warning'), __('text_gift_cert_cannot_delete', array('[code]' => $gift_data['gift_cert_code'], '[ids]' => $gift_data['order_ids']))); return false; } db_query("DELETE FROM ?:gift_certificates WHERE gift_cert_id = ?i", $gift_cert_id); db_query("DELETE FROM ?:gift_certificates_log WHERE gift_cert_id = ?i", $gift_cert_id); fn_set_hook('delete_gift_certificate', $gift_cert_id, $extra); return true; } else { return false; } }
function fn_update_product_filter($filter_data, $filter_id, $lang_code = DESCR_SL) { if (fn_allowed_for('ULTIMATE') && Registry::get('runtime.company_id')) { if (!empty($filter_id) && !fn_check_company_id('product_filters', 'filter_id', $filter_id)) { fn_company_access_denied_notification(); return false; } if (!empty($filter_id)) { unset($filter_data['company_id']); } } // Parse filter type if (strpos($filter_data['filter_type'], 'FF-') === 0 || strpos($filter_data['filter_type'], 'RF-') === 0 || strpos($filter_data['filter_type'], 'DF-') === 0) { $filter_data['feature_id'] = str_replace(array('RF-', 'FF-', 'DF-'), '', $filter_data['filter_type']); $filter_data['feature_type'] = db_get_field("SELECT feature_type FROM ?:product_features WHERE feature_id = ?i", $filter_data['feature_id']); } else { $filter_data['field_type'] = str_replace(array('R-', 'B-'), '', $filter_data['filter_type']); $filter_fields = fn_get_product_filter_fields(); } if (isset($filter_data['display_more_count']) && isset($filter_data['display_count']) && $filter_data['display_more_count'] < $filter_data['display_count']) { $filter_data['display_more_count'] = $filter_data['display_count']; } if (!empty($filter_id)) { db_query('UPDATE ?:product_filters SET ?u WHERE filter_id = ?i', $filter_data, $filter_id); db_query('UPDATE ?:product_filter_descriptions SET ?u WHERE filter_id = ?i AND lang_code = ?s', $filter_data, $filter_id, $lang_code); } else { $filter_data['filter_id'] = $filter_id = db_query('INSERT INTO ?:product_filters ?e', $filter_data); foreach (fn_get_translation_languages() as $filter_data['lang_code'] => $_d) { db_query("INSERT INTO ?:product_filter_descriptions ?e", $filter_data); } } $delete_all_ranges = false; // if filter has ranges if (!empty($filter_data['feature_type']) && strpos('ODN', $filter_data['feature_type']) !== false || !empty($filter_data['field_type']) && !empty($filter_fields[$filter_data['field_type']]['is_range'])) { $range_ids = array(); foreach ($filter_data['ranges'] as $k => $range) { if (!empty($filter_data['feature_type']) && $filter_data['feature_type'] == 'D') { $range['to'] = fn_parse_date($filter_data['dates_ranges'][$k]['to']); $range['from'] = fn_parse_date($filter_data['dates_ranges'][$k]['from']); } $range['filter_id'] = $filter_id; if (!empty($filter_data['feature_id'])) { $range['feature_id'] = $filter_data['feature_id']; } if (!empty($range['range_id'])) { db_query("UPDATE ?:product_filter_ranges SET ?u WHERE range_id = ?i", $range, $range['range_id']); db_query('UPDATE ?:product_filter_ranges_descriptions SET ?u WHERE range_id = ?i AND lang_code = ?s', $range, $range['range_id'], $lang_code); } elseif ((!empty($range['from']) || !empty($range['to'])) && !empty($range['range_name'])) { $range['range_id'] = db_query("INSERT INTO ?:product_filter_ranges ?e", $range); foreach (fn_get_translation_languages() as $range['lang_code'] => $_d) { db_query("INSERT INTO ?:product_filter_ranges_descriptions ?e", $range); } } if (!empty($range['range_id'])) { $range_ids[] = $range['range_id']; } } if (!empty($range_ids)) { $deleted_ranges = db_get_fields("SELECT range_id FROM ?:product_filter_ranges WHERE filter_id = ?i AND range_id NOT IN (?n)", $filter_id, $range_ids); if (!empty($deleted_ranges)) { db_query("DELETE FROM ?:product_filter_ranges WHERE range_id IN (?n)", $deleted_ranges); db_query("DELETE FROM ?:product_filter_ranges_descriptions WHERE range_id IN (?n)", $deleted_ranges); } } else { $delete_all_ranges = true; } } else { $delete_all_ranges = true; } if ($delete_all_ranges) { $deleted_ranges = db_get_fields("SELECT range_id FROM ?:product_filter_ranges WHERE filter_id = ?i", $filter_id); db_query("DELETE FROM ?:product_filter_ranges WHERE filter_id = ?i", $filter_id); db_query("DELETE FROM ?:product_filter_ranges_descriptions WHERE range_id IN (?n)", $deleted_ranges); } fn_set_hook('update_product_filter', $filter_data, $filter_id, $lang_code); return $filter_id; }
/** * Removes product feature * * @param int $feature_id Feature identifier * @return boolean Always true */ function fn_delete_feature($feature_id) { $feature_deleted = true; if (fn_allowed_for('ULTIMATE')) { if (!fn_check_company_id('product_features', 'feature_id', $feature_id)) { fn_company_access_denied_notification(); return false; } } /** * Adds additional actions before product feature deleting * * @param int $feature_id Feature identifier */ fn_set_hook('delete_feature_pre', $feature_id); $feature_type = db_get_field("SELECT feature_type FROM ?:product_features WHERE feature_id = ?i", $feature_id); fn_set_hook('delete_product_feature', $feature_id, $feature_type); if ($feature_type == 'G') { $fids = db_get_fields("SELECT feature_id FROM ?:product_features WHERE parent_id = ?i", $feature_id); if (!empty($fids)) { foreach ($fids as $fid) { fn_delete_feature($fid); } } } $affected_rows = db_query("DELETE FROM ?:product_features WHERE feature_id = ?i", $feature_id); db_query("DELETE FROM ?:product_features_descriptions WHERE feature_id = ?i", $feature_id); if ($affected_rows == 0) { fn_set_notification('E', __('error'), __('object_not_found', array('[object]' => __('feature'))), '', '404'); $feature_deleted = false; } $variant_ids = fn_delete_product_feature_variants($feature_id); if (!fn_allowed_for('ULTIMATE:FREE')) { $filter_ids = db_get_fields("SELECT filter_id FROM ?:product_filters WHERE feature_id = ?i", $feature_id); foreach ($filter_ids as $_filter_id) { fn_delete_product_filter($_filter_id); } } /** * Adds additional actions after product feature deleting * * @param int $feature_id Deleted feature identifier * @param array $variant_ids Deleted feature variants */ fn_set_hook('delete_feature_post', $feature_id, $variant_ids); return $feature_deleted; }
function fn_import_feature($data, &$processed_data, &$skip_record, $category_delimiter = '///') { static $new_groups = array(); $skip_record = true; $feature = reset($data); $langs = array_keys($data); $main_lang = reset($langs); if (Registry::get('runtime.company_id')) { $company_id = Registry::get('runtime.company_id'); } else { if (!empty($feature['company'])) { $company_id = fn_get_company_id_by_name($feature['company']); } else { $company_id = isset($feature['company_id']) ? $feature['company_id'] : Registry::get('runtime.company_id'); } } if (!empty($feature['feature_id'])) { $feature_id = db_get_field('SELECT ?:product_features.feature_id FROM ?:product_features WHERE feature_id = ?i', $feature['feature_id']); } $parent_id = fn_exim_get_product_feature_group_id($feature['parent_id'], $company_id, $new_groups, $main_lang); if (empty($feature_id)) { $condition = db_quote("WHERE description = ?s AND lang_code = ?s AND feature_type = ?s", $feature['description'], $main_lang, $feature['feature_type']); $condition .= db_quote(" AND parent_id = ?i", $parent_id); $feature_id = db_get_field('SELECT ?:product_features.feature_id FROM ?:product_features_descriptions ' . 'LEFT JOIN ?:product_features ON ?:product_features.feature_id = ?:product_features_descriptions.feature_id ' . $condition); } unset($feature['feature_id']); $feature['company_id'] = $company_id; $feature['parent_id'] = $parent_id; $feature['variants'] = array(); if (!empty($feature['Variants'])) { $variants = str_getcsv($feature['Variants'], ',', "'"); array_walk($variants, 'fn_trim_helper'); list($origin_variants) = fn_get_product_feature_variants(array('feature_id' => $feature_id), 0, $main_lang); $feature['original_var_ids'] = implode(',', array_keys($origin_variants)); foreach ($variants as $variant) { $feature['variants'][]['variant'] = $variant; } } $skip = false; if (empty($feature_id)) { $feature_id = fn_update_product_feature($feature, 0, $main_lang); $processed_data['N']++; fn_set_progress('echo', __('updating') . ' features <b>' . $feature_id . '</b>. ', false); } else { if (!fn_check_company_id('product_features', 'feature_id', $feature_id)) { $processed_data['S']++; $skip = true; } else { // Convert categories from Names to C_IDS: Electronics,Processors -> 3,45 $_data = $feature; $_data['categories_path'] = fn_exim_get_features_convert_category_path($feature, $main_lang, $category_delimiter); fn_update_product_feature($_data, $feature_id, $main_lang); if (in_array($feature_id, $new_groups)) { $processed_data['N']++; } else { $processed_data['E']++; fn_set_progress('echo', __('creating') . ' features <b>' . $feature_id . '</b>. ', false); } } } if (!$skip) { fn_exim_set_product_feature_categories($feature_id, $feature, $main_lang, $category_delimiter); foreach ($data as $lang_code => $feature_data) { unset($feature_data['feature_id']); db_query('UPDATE ?:product_features_descriptions SET ?u WHERE feature_id = ?i AND lang_code = ?s', $feature_data, $feature_id, $lang_code); } if (fn_allowed_for('ULTIMATE')) { if (!empty($company_id)) { fn_exim_update_share_feature($feature_id, $company_id); } } } return $feature_id; }
function fn_mve_clone_page_pre(&$page_id, &$data) { if (!fn_check_company_id('pages', 'page_id', $page_id)) { fn_company_access_denied_notification(); unset($data); } }
Registry::get('view')->assign('taxes', fn_get_taxes()); Registry::get('view')->assign('usergroups', fn_get_usergroups('C', DESCR_SL)); // Show all shipping methods } elseif ($mode == 'manage') { $company_id = Registry::ifGet('runtime.company_id', null); Registry::get('view')->assign('shippings', fn_get_available_shippings($company_id)); Registry::get('view')->assign('usergroups', fn_get_usergroups('C', DESCR_SL)); // Delete shipping method } elseif ($mode == 'delete') { if (!empty($_REQUEST['shipping_id']) && fn_check_company_id('shippings', 'shipping_id', $_REQUEST['shipping_id'])) { fn_delete_shipping($_REQUEST['shipping_id']); } return array(CONTROLLER_STATUS_REDIRECT, "shippings.manage"); // Delete selected rate } elseif ($mode == 'delete_rate_value') { if (fn_check_company_id('shippings', 'shipping_id', $_REQUEST['shipping_id'])) { fn_delete_rate_values(array($_REQUEST['rate_type'] => array($_REQUEST['amount'] => 'Y')), $_REQUEST['shipping_id'], $_REQUEST['destination_id']); } return array(CONTROLLER_STATUS_REDIRECT, "shippings.update?shipping_id={$_REQUEST['shipping_id']}&destination_id={$_REQUEST['destination_id']}&selected_section=shipping_charges"); } function fn_delete_rate_values($delete_rate_data, $shipping_id, $destination_id) { $rate_values = db_get_field("SELECT rate_value FROM ?:shipping_rates WHERE shipping_id = ?i AND destination_id = ?i", $shipping_id, $destination_id); if (!empty($rate_values)) { $rate_values = unserialize($rate_values); } foreach ((array) $rate_values as $rate_type => $rd) { foreach ((array) $rd as $amount => $data) { if (isset($delete_rate_data[$rate_type][$amount]) && $delete_rate_data[$rate_type][$amount] == 'Y') { unset($rate_values[$rate_type][$amount]); }
/** * Delete page and its subpages * * @param int $page_id Page ID * @param bool $recurse Delete page recursively or not * @return array Returns ids of deleted pages or false if function can't delete page */ function fn_delete_page($page_id, $recurse = true) { $page_id = (int) $page_id; if (!empty($page_id) && fn_check_company_id('pages', 'page_id', $page_id)) { // Delete all subpages if ($recurse == true) { $id_path = db_get_field("SELECT id_path FROM ?:pages WHERE page_id = ?i", $page_id); $page_ids = db_get_fields("SELECT page_id FROM ?:pages WHERE page_id = ?i OR id_path LIKE ?l", $page_id, "{$id_path}/%"); } else { $page_ids = array($page_id); } foreach ($page_ids as $v) { // Deleting page db_query("DELETE FROM ?:pages WHERE page_id = ?i", $v); db_query("DELETE FROM ?:page_descriptions WHERE page_id = ?i", $v); fn_set_hook('delete_page', $v); Block::instance()->removeDynamicObjectData('pages', $v); } return $page_ids; // Returns ids of deleted pages } else { return false; } }
fn_set_company_id($v); } fn_update_category($v, $k, DESCR_SL); } } } $suffix = ".manage"; } // // Processing deleting of multiple category elements // if ($mode == 'm_delete') { if (isset($_REQUEST['category_ids'])) { $category_deletion_queue = fn_filter_redundant_deleting_category_ids((array) $_REQUEST['category_ids']); foreach ($category_deletion_queue as $category_id) { if (fn_allowed_for('MULTIVENDOR') || fn_allowed_for('ULTIMATE') && fn_check_company_id('categories', 'category_id', $category_id)) { fn_delete_category($category_id, true); } } } unset($_SESSION['category_ids']); fn_set_notification('N', __('notice'), __('text_categories_have_been_deleted')); $suffix = ".manage"; } // // Store selected fields for using in 'm_update' mode // if ($mode == 'store_selection') { if (!empty($_REQUEST['category_ids'])) { $_SESSION['category_ids'] = $_REQUEST['category_ids']; $_SESSION['selected_fields'] = $_REQUEST['selected_fields'];
function fn_clone_page($page_id) { if (!fn_check_company_id('pages', 'page_id', $page_id)) { fn_company_access_denied_notification(false); return false; } // Clone main data $data = db_get_row("SELECT * FROM ?:pages WHERE page_id = ?i", $page_id); unset($data['page_id']); $data['status'] = 'D'; $new_page_id = db_query("INSERT INTO ?:pages ?e", $data); // Update parent-child deps $id_path = explode('/', $data['id_path']); array_pop($id_path); $id_path[] = $new_page_id; db_query("UPDATE ?:pages SET id_path = ?s WHERE page_id = ?i", implode('/', $id_path), $new_page_id); // Clone descriptions $data = db_get_array("SELECT * FROM ?:page_descriptions WHERE page_id = ?i", $page_id); foreach ($data as $v) { $v['page_id'] = $new_page_id; if ($v['lang_code'] == CART_LANGUAGE) { $orig_name = $v['page']; $new_name = $v['page'] . ' [CLONE]'; } $v['page'] .= ' [CLONE]'; db_query("INSERT INTO ?:page_descriptions ?e", $v); } fn_clone_block_links('pages', $page_id, $new_page_id); fn_set_hook('clone_page', $page_id, $new_page_id); return array('page_id' => $new_page_id, 'orig_name' => $orig_name, 'page' => $new_name); }
function fn_delete_promotions($promotion_ids) { if (!is_array($promotion_ids)) { $promotion_ids = array($promotion_ids); } if (fn_allowed_for('ULTIMATE')) { foreach ($promotion_ids as $promotion_id => $promotion) { if (!fn_check_company_id('promotions', 'promotion_id', $promotion)) { fn_set_notification('E', __('error'), __('access_denied')); unset($promotion_ids[$promotion_id]); } } } foreach ($promotion_ids as $pr_id) { db_query("DELETE FROM ?:promotions WHERE promotion_id = ?i", $pr_id); db_query("DELETE FROM ?:promotion_descriptions WHERE promotion_id = ?i", $pr_id); } }
/** * Deletes news by its ID * * @param int $news_id - News Identifier */ function fn_delete_news($news_id) { $news_deleted = false; if (!empty($news_id)) { if (fn_check_company_id('news', 'news_id', $news_id)) { // Log news deletion fn_log_event('news', 'delete', array('news_id' => $news_id)); Block::instance()->removeDynamicObjectData('news', $news_id); $affected_rows = db_query("DELETE FROM ?:news WHERE news_id = ?i", $news_id); db_query("DELETE FROM ?:news_descriptions WHERE news_id = ?i", $news_id); if ($affected_rows != 0) { $news_deleted = true; } else { fn_set_notification('E', __('error'), __('object_not_found', array('[object]' => __('news'))), '', '404'); } fn_set_hook('delete_news', $news_id); } else { fn_company_access_denied_notification(); } } return $news_deleted; }
fn_set_notification('W', __('warning'), __('access_denied')); return array(CONTROLLER_STATUS_REDIRECT, 'product_options.manage'); } } $_REQUEST['option_data'] = array_merge($option_data, $_REQUEST['option_data']); fn_set_company_id($_REQUEST['option_data']); } $option_id = fn_update_product_option($_REQUEST['option_data'], $_REQUEST['option_id'], DESCR_SL); if (!empty($_REQUEST['object']) && $_REQUEST['object'] == 'product') { // FIXME (when assigning page and current url will be removed from ajax) return array(CONTROLLER_STATUS_OK, $_SERVER['HTTP_REFERER'] . '&selected_section=options'); } $suffix = ".manage"; } if ($mode == 'delete') { if (!empty($_REQUEST['option_id']) && fn_check_company_id('product_options', 'option_id', $_REQUEST['option_id']) || !empty($_REQUEST['product_id']) && fn_check_company_id('products', 'product_id', $_REQUEST['product_id'])) { $p_id = db_get_field("SELECT product_id FROM ?:product_options WHERE option_id = ?i", $_REQUEST['option_id']); if (!empty($_REQUEST['product_id']) && empty($p_id)) { // we're deleting global option from the product db_query("DELETE FROM ?:product_global_option_links WHERE product_id = ?i AND option_id = ?i", $_REQUEST['product_id'], $_REQUEST['option_id']); } else { fn_delete_product_option($_REQUEST['option_id']); } if (empty($_REQUEST['product_id']) && empty($p_id)) { // we're deleting global option itself db_query("DELETE FROM ?:product_global_option_links WHERE option_id = ?i", $_REQUEST['option_id']); } } if (!empty($_REQUEST['product_id'])) { $_options = fn_get_product_options($_REQUEST['product_id']); if (empty($_options)) {
exit; } $pattern = !empty($_REQUEST['pattern']) ? $_REQUEST['pattern'] : ''; $start = !empty($_REQUEST['start']) ? $_REQUEST['start'] : 0; $limit = (!empty($_REQUEST['limit']) ? $_REQUEST['limit'] : 10) + 1; $sorting = db_quote("?:product_feature_variants.position, ?:product_feature_variant_descriptions.variant"); $join = db_quote(" LEFT JOIN ?:product_feature_variant_descriptions ON ?:product_feature_variant_descriptions.variant_id = ?:product_feature_variants.variant_id AND ?:product_feature_variant_descriptions.lang_code = ?s", DESCR_SL); $condition = db_quote(" AND ?:product_feature_variants.feature_id = ?i", $_REQUEST['feature_id']); fn_set_hook('get_feature_variants_list', $condition, $join, $pattern, $start, $limit); $objects = db_get_hash_array("SELECT SQL_CALC_FOUND_ROWS ?:product_feature_variants.variant_id AS value, ?:product_feature_variant_descriptions.variant AS name FROM ?:product_feature_variants {$join} WHERE 1 {$condition} AND ?:product_feature_variant_descriptions.variant LIKE ?l ORDER BY ?p LIMIT ?i, ?i", 'value', '%' . $pattern . '%', $sorting, $start, $limit); if (defined('AJAX_REQUEST') && sizeof($objects) < $limit) { Registry::get('ajax')->assign('completed', true); } else { array_pop($objects); } if (empty($_REQUEST['enter_other']) || $_REQUEST['enter_other'] != 'N') { $total = db_get_found_rows(); if (!Registry::get('runtime.company_id') || fn_allowed_for('ULTIMATE') && fn_check_company_id('product_features', 'feature_id', $_REQUEST['feature_id'])) { if ($start + $limit >= $total + 1) { $objects[] = array('value' => 'disable_select', 'name' => '-' . __('enter_other') . '-'); } } } if (!$start) { array_unshift($objects, array('value' => '', 'name' => '-' . __('none') . '-')); } Registry::get('view')->assign('objects', $objects); Registry::get('view')->assign('id', $_REQUEST['result_ids']); Registry::get('view')->display('common/ajax_select_object.tpl'); exit; }
} return array(CONTROLLER_STATUS_OK, 'gift_certificates' . $suffix); } if ($mode == 'add') { if (!empty($_REQUEST['user_id'])) { $user_data = fn_get_user_info($_REQUEST['user_id']); $gift_cert_data = array('send_via' => 'E', 'recipient' => "{$user_data['firstname']} {$user_data['lastname']}", 'sender' => Registry::get('settings.Company.company_name'), 'email' => $user_data['email'], 'address' => $user_data['s_address'], 'address_2' => $user_data['s_address_2'], 'city' => $user_data['s_city'], 'country' => $user_data['s_country'], 'state' => $user_data['s_state'], 'zipcode' => $user_data['s_zipcode'], 'phone' => $user_data['phone']); Tygh::$app['view']->assign('gift_cert_data', $gift_cert_data); } Tygh::$app['view']->assign('templates', fn_get_gift_certificate_templates()); Tygh::$app['view']->assign('states', fn_get_all_states()); Tygh::$app['view']->assign('countries', fn_get_simple_countries(true, CART_LANGUAGE)); } elseif ($mode == 'update') { $gift_cert_id = intval($_REQUEST['gift_cert_id']); $gift_cert_data = fn_get_gift_certificate_info($gift_cert_id); if (empty($gift_cert_data) || !empty($gift_cert_id) && !fn_check_company_id('gift_certificates', 'gift_cert_id', $gift_cert_id)) { return array(CONTROLLER_STATUS_NO_PAGE); } // [Page sections] Registry::set('navigation.tabs', array('detailed' => array('title' => __('detailed_info'), 'js' => true), 'log' => array('title' => __('history'), 'js' => true))); // [/Page sections] list($log, $search) = fn_get_gift_certificate_log($_REQUEST, Registry::get('settings.Appearance.admin_elements_per_page')); Tygh::$app['view']->assign('log', $log); Tygh::$app['view']->assign('search', $search); if (false != ($last_item = reset($log))) { $gift_cert_data['amount'] = $last_item['debit']; $gift_cert_data['products'] = $last_item['debit_products']; } Tygh::$app['view']->assign('templates', fn_get_gift_certificate_templates()); Tygh::$app['view']->assign('states', fn_get_all_states()); Tygh::$app['view']->assign('countries', fn_get_simple_countries(true, CART_LANGUAGE));
// Delete shipping methods // //TODO make security check for company_id if ($mode == 'm_delete') { if (!empty($_REQUEST['shipping_ids'])) { foreach ($_REQUEST['shipping_ids'] as $id) { if (fn_check_company_id('shippings', 'shipping_id', $id)) { fn_delete_shipping($id); } } } $suffix = '.manage'; } // Delete shipping method if ($mode == 'delete') { if (!empty($_REQUEST['shipping_id']) && fn_check_company_id('shippings', 'shipping_id', $_REQUEST['shipping_id'])) { fn_delete_shipping($_REQUEST['shipping_id']); } $suffix = '.manage'; } return array(CONTROLLER_STATUS_OK, 'shippings' . $suffix); } if ($mode == 'configure') { $shipping_id = !empty($_REQUEST['shipping_id']) ? $_REQUEST['shipping_id'] : 0; if (Registry::get('runtime.company_id')) { $shipping = db_get_row("SELECT company_id, service_params FROM ?:shippings WHERE shipping_id = ?i", $shipping_id); if ($shipping['company_id'] != Registry::get('runtime.company_id')) { exit; } } $module = !empty($_REQUEST['module']) ? basename($_REQUEST['module']) : '';