protected final function __construct()
{
if (isset($GLOBALS['session'])) {
//If the language is trying to be changed try to change it
if ((isset($_POST['set_language']) && ($switch = $_POST['set_language']) || isset($_GET['set_language']) && ($switch = $_GET['set_language'])) && $this->_valid($switch)) {
$GLOBALS['session']->set('language', $switch, 'client');
httpredir(currentPage(array('set_language')));
} else {
//See if the language is set in the session
if (!CC_IN_ADMIN && $GLOBALS['session']->has('language', 'client')) {
$this->_language = $GLOBALS['session']->get('language', 'client');
} elseif (CC_IN_ADMIN) {
$admin_lang = $GLOBALS['session']->get('user_language', 'admin');
$this->_language = !empty($admin_lang) ? $admin_lang : $GLOBALS['config']->get('config', 'default_language');
} else {
//Try the default config language
$cl = $GLOBALS['config']->get('config', 'default_language');
$this->_language = !empty($cl) && file_exists(CC_ROOT_DIR . '/language/' . $cl . '.xml') && $this->_valid($cl) ? $cl : 'en-GB';
if (file_exists(CC_ROOT_DIR . '/language/' . $this->_language . '.xml')) {
//Set the language to the session
$GLOBALS['session']->set('language', $this->_language, 'client');
} else {
trigger_error('No valid language found!', E_USER_ERROR);
}
}
}
} else {
$this->_language = 'en-GB';
}
$GLOBALS['smarty']->assign("CURRENT_LANGUAGE", $this->_language);
$this->loadLang();
}
public function process()
{
$order = Order::getInstance();
$cart_order_id = $_POST['orderRef'];
$order_summary = $order->getSummary($cart_order_id);
if (isset($_POST['signature'])) {
$check = $_POST;
unset($check['signature']);
ksort($check);
$build_query = http_build_query($check, '', '&');
$build_query = preg_replace('/%0D%0A|%0A%0D|%0A|%0D/i', '%0A', $build_query);
$sig_check = $_POST['signature'] == hash("SHA512", $build_query . $this->_module['merchant_passphrase']);
} else {
$sig_check = true;
}
if ($_POST['responseCode'] == '0' && $sig_check) {
$order->orderStatus(Order::ORDER_PROCESS, $cart_order_id);
$order->paymentStatus(Order::PAYMENT_SUCCESS, $cart_order_id);
}
$transData['notes'] = $sig_check == true ? 'response signature check verified' : 'response signature check failed';
$transData['gateway'] = 'CharityClear';
$transData['order_id'] = $_POST['orderRef'];
$transData['trans_id'] = $_POST['xref'];
$transData['amount'] = $_POST['amountReceived'] > 0 ? $_POST['amountReceived'] / 100 : '';
$transData['status'] = $_POST['responseMessage'];
$transData['customer_id'] = $order_summary['customer_id'];
$transData['extra'] = '';
$order->logTransaction($transData);
$url = explode('/modules/gateway/CharityClear', $GLOBALS['storeURL']);
httpredir($url[0] . '/index.php?_a=complete');
// ccNow doesn't send back any data at all right now so we have to leave it pending
//httpredir(currentPage(array('_g', 'type', 'cmd', 'module'), array('_a' => 'complete')));
return false;
}
protected final function __construct()
{
$cache = Cache::getInstance();
// Should we be showing prices?
if (Config::getInstance()->get('config', 'catalogue_hide_prices') && !User::getInstance()->is() && !CC_IN_ADMIN && !$GLOBALS['session']->has('admin_id', 'admin_data')) {
Session::getInstance()->set('hide_prices', true);
} else {
Session::getInstance()->delete('hide_prices');
}
// Switch Currency
if (isset($_POST['set_currency']) && !empty($_POST['set_currency']) && ($switch = $_POST['set_currency']) || isset($_GET['set_currency']) && !empty($_GET['set_currency']) && ($switch = $_GET['set_currency'])) {
if (preg_match('#^[A-Z]{3}$#i', $switch) && ($currency = $GLOBALS['db']->select('CubeCart_currency', array('updated'), array('code' => (string) $switch, 'active' => 1)))) {
$GLOBALS['session']->set('currency', $switch, 'client');
}
httpredir(currentPage(array('set_currency')));
}
// Autoload tax tables
$this->loadCurrencyVars();
}
public function __construct()
{
if ($GLOBALS['config']->get('config', 'ssl') && !ADMIN_CP && !CC_SSL && !in_array($_GET['_g'], $this->_ignored_pages)) {
$current_url = currentPage();
$current_url = preg_replace('#^http://#', 'https://', $current_url);
$ssl_url = $GLOBALS['config']->get('config', 'ssl_url');
if (preg_match('#^' . $ssl_url . '#', $current_url)) {
// Make sure the domain for SSL is expected
httpredir($current_url, '', false, 301);
} else {
// If not we try to make it based on what we have
$url_parts = parse_url($current_url);
$url_parts['path'] = str_replace($GLOBALS['config']->get('config', 'ssl_path'), '/', $url_parts['path']);
$ssl_url .= !empty($url_parts['path']) ? $url_parts['path'] : '';
$ssl_url .= !empty($url_parts['query']) ? '?' . $url_parts['query'] : '';
$anchor = !empty($url_parts['fragment']) ? '#' . $url_parts['fragment'] : '';
httpredir($ssl_url, $anchor, false, 301);
}
}
}
public function process()
{
$coinbase_order = $this->coinbase->call("orders/" . $_GET["order"]["uuid"])->data;
$order = Order::getInstance();
if ($coinbase_order->status == "mispaid") {
$order->orderStatus(Order::ORDER_PENDING, $this->order_number);
$order->paymentStatus(Order::PAYMENT_PENDING, $this->order_number);
$transData['notes'] = "Bitcoin payment mispaid";
$order->logTransaction($transData);
$GLOBALS['gui']->setError("Your Bitcoin payment was the incorrect amount. Please contact support to resolve your order.");
} elseif ($coinbase_order->status == "expired") {
$order->orderStatus(Order::ORDER_PENDING, $this->order_number);
$order->paymentStatus(Order::PAYMENT_PENDING, $this->order_number);
$transData['notes'] = "Bitcoin payment expired";
$order->logTransaction($transData);
$GLOBALS['gui']->setError("Your Bitcoin payment has expired before you could make your payment. Please contact support to resolve your order.");
} else {
$order->orderStatus(Order::ORDER_PROCESS, $this->order_number);
$order->paymentStatus(Order::PAYMENT_SUCCESS, $this->order_number);
$transData['notes'] = "Bitcoin payment successful";
$order->logTransaction($transData);
}
httpredir(currentPage(array('_g', 'type', 'cmd', 'module'), array('_a' => 'complete')));
}
<?php
/**
* CubeCart v6
* ========================================
* CubeCart is a registered trade mark of CubeCart Limited
* Copyright CubeCart Limited 2015. All rights reserved.
* UK Private Limited Company No. 5323904
* ========================================
* Web: http://www.cubecart.com
* Email: sales@cubecart.com
* License: GPL-3.0 https://www.gnu.org/licenses/quick-guide-gplv3.html
*/
if (!defined('CC_INI_SET')) {
die('Access Denied');
}
Admin::getInstance()->permissions('settings', CC_PERM_FULL, true);
global $lang, $glob;
$hash = randomString();
$file = CC_ROOT_DIR . '/files/hash.' . $hash . '.php';
$fp = fopen($file, 'w');
fwrite($fp, '<?php echo "' . $hash . '"; unlink("' . $file . '"); ?>');
fclose($fp);
httpredir('https://www.cubecart.com/store/auth/?hash=' . $hash . '&url=' . urlencode(CC_STORE_URL));
/**
* Redirect to product page
*/
public function redirectToProductPage($productID)
{
if (isset($_GET['_g']) && $_GET['_g'] == 'ajaxadd') {
$GLOBALS['debug']->supress();
die('Redir:' . $GLOBALS['seo']->buildURL('prod', $productID));
} else {
httpredir("index.php?_a=product&product_id={$productID}");
}
}
$existing_languages = $db->select('CubeCart_email_content', 'DISTINCT `language`');
$missing_languages = $languages;
## Loop existing languages and remove to leave missing languages array with the ones we need to import
if ($existing_languages) {
foreach ($existing_languages as $key => $value) {
unset($missing_languages[$value['language']]);
}
}
## Import missing language email templates if they exist... pukka
if (is_array($missing_languages)) {
foreach ($missing_languages as $code => $lang) {
$language->importEmail('email_' . $code . '.xml');
}
}
// Set version number
if (!$GLOBALS['db']->select('CubeCart_history', false, array('version' => CC_VERSION))) {
$GLOBALS['db']->insert('CubeCart_history', array('version' => CC_VERSION, 'time' => time()));
}
## Progressive updates completed
## Redirect to the 'complete' page
$_SESSION['setup']['complete'] = true;
if ($_SESSION['setup']['autoupgrade']) {
httpredir('../admin.php?_g=maintenance&node=index#upgrade');
}
httpredir('index.php', 'upgraded');
}
$GLOBALS['smarty']->assign('LANG_UPGRADE_IN_PROGRESS', sprintf($strings['setup']['upgrade_in_progress'], $current, $version));
$GLOBALS['smarty']->append('MODE_UPGRADE_PROGRESS', true);
}
$GLOBALS['smarty']->assign('MODE_UPGRADE', true);
}
* ========================================
* CubeCart is a registered trade mark of CubeCart Limited
* Copyright CubeCart Limited 2015. All rights reserved.
* UK Private Limited Company No. 5323904
* ========================================
* Web: http://www.cubecart.com
* Email: sales@cubecart.com
* License: GPL-3.0 https://www.gnu.org/licenses/quick-guide-gplv3.html
*/
if (!defined('CC_INI_SET')) {
die('Access Denied');
}
Admin::getInstance()->permissions('statistics', CC_PERM_READ, true);
global $lang;
if (isset($_POST['select'])) {
httpredir(currentPage(null, $_POST['select']));
}
$select['year'] = isset($_GET['year']) && is_numeric($_GET['year']) ? (int) $_GET['year'] : date('Y');
$select['month'] = isset($_GET['month']) && in_array($_GET['month'], range(1, 12)) ? str_pad((int) $_GET['month'], 2, '0', STR_PAD_LEFT) : date('m');
$select['day'] = isset($_GET['day']) && in_array($_GET['day'], range(1, 31)) ? str_pad((int) $_GET['day'], 2, '0', STR_PAD_LEFT) : date('d');
$select['status'] = isset($_GET['status']) && in_array($_GET['status'], range(1, 6)) ? (int) $_GET['status'] : 3;
// Sales
$GLOBALS['main']->addTabControl($lang['statistics']['title_sales'], 'stats_sales');
$earliest_order = $GLOBALS['db']->select('CubeCart_order_summary', array('MIN' => 'order_date'), array('status' => $select['status']), array('order_date' => 'ASC'));
// $earliest_order will always return true but MIN_order_date may not have a value
$yearly = $monthly = $daily = $hourly = array();
if (!empty($earliest_order[0]['MIN_order_date'])) {
$earliest = array('year' => date('Y', $earliest_order[0]['MIN_order_date']), 'month' => date('m', $earliest_order[0]['MIN_order_date']), 'day' => date('d', $earliest_order[0]['MIN_order_date']));
$orders_all = $GLOBALS['db']->select('CubeCart_order_summary', array('total', 'cart_order_id', 'order_date'), array('status' => (int) $select['status']));
if ($orders_all) {
foreach ($orders_all as $key => $data) {
$filter['field'] = $_GET['field'];
$filter['sort'] = $_GET['sort'];
} else {
$filter['field'] = 'time';
$filter['sort'] = 'DESC';
}
if (!empty($_GET['keywords'])) {
$where = array('review' => '~' . $_GET['keywords']);
}
$reviews = $GLOBALS['db']->select('CubeCart_reviews', false, $where, array($filter['field'] => $filter['sort']), $per_page, $page);
if (isset($_GET['product_id']) && is_numeric($_GET['product_id'])) {
$product = $GLOBALS['db']->select('CubeCart_inventory', array('name'), array('product_id' => (int) $_GET['product_id']));
}
if (!$reviews && isset($product) && $product) {
$GLOBALS['main']->setACPWarning($lang['reviews']['error_reviews_none']);
httpredir(currentPage(array('product_id')), 'search');
}
if ($reviews) {
$GLOBALS['smarty']->assign('PAGINATION', $GLOBALS['db']->pagination(false, $per_page, $page, 9));
foreach ($reviews as $review) {
if (($product = $GLOBALS['db']->select('CubeCart_inventory', array('name'), array('product_id' => $review['product_id']))) !== false) {
$review['product'] = $product[0];
$review['date'] = formatTime($review['time']);
$review['delete'] = currentPage(null, array('delete' => (int) $review['id']));
$review['edit'] = currentPage(null, array('edit' => (int) $review['id']));
$smarty_data['reviews'][] = $review;
} else {
$GLOBALS['db']->delete('CubeCart_reviews', array('product_id' => $review['product_id']));
}
}
if (isset($smarty_data['reviews'])) {
* Copyright CubeCart Limited 2015. All rights reserved.
* UK Private Limited Company No. 5323904
* ========================================
* Web: http://www.cubecart.com
* Email: sales@cubecart.com
* License: GPL-3.0 https://www.gnu.org/licenses/quick-guide-gplv3.html
*/
if (!defined('CC_INI_SET')) {
die('Access Denied');
}
// Load admin user details
if (!isset($_GET['_g']) || !in_array(strtolower($_GET['_g']), array('login', 'logout', 'password', 'recovery'))) {
$GLOBALS['main']->setTemplate();
}
if (isset($_GET['_g']) && in_array($_GET['_g'], array('login', 'password', 'recovery'))) {
httpredir('?');
}
if (isset($_GET['_g']) && !empty($_GET['_g']) && $_GET['_g'] != 'plugins') {
$GLOBALS['gui']->addBreadcrumb(ucwords($_GET['_g']));
}
if (!empty($_GET['_g'])) {
$module_type = isset($_GET['type']) && preg_match("/[a-z]/i", $_GET['type']) ? $_GET['type'] : '';
$node = !empty($_GET['node']) ? strtolower($_GET['node']) : 'index';
if (!isset($_GET['delete']) && strtolower($_GET['_g']) == 'plugins' && !empty($module_type)) {
$module_type = preg_match("/[a-z]/i", $_GET['type']) ? $_GET['type'] : '';
$GLOBALS['gui']->addBreadcrumb($lang['navigation']['nav_plugins'], '?_g=plugins');
// Display Modules
$GLOBALS['main']->wikiNamespace('Modules');
if (!empty($_GET['module'])) {
// Load Module
$GLOBALS['main']->wikiPage($_GET['module']);
* CubeCart is a registered trade mark of CubeCart Limited
* Copyright CubeCart Limited 2015. All rights reserved.
* UK Private Limited Company No. 5323904
* ========================================
* Web: http://www.cubecart.com
* Email: sales@cubecart.com
* License: GPL-3.0 https://www.gnu.org/licenses/quick-guide-gplv3.html
*/
if (!defined('CC_INI_SET')) {
die('Access Denied');
}
Admin::getInstance()->permissions('orders', CC_PERM_READ, true);
$GLOBALS['main']->addTabControl($GLOBALS['language']->orders['title_transaction_logs'], 'logs');
$GLOBALS['gui']->addBreadcrumb($GLOBALS['language']->orders['title_transaction_logs']);
if (isset($_POST['search'])) {
httpredir(currentPage(null, array('search' => $_POST['search'])));
}
$per_page = 20;
$page = isset($_GET['page']) ? $_GET['page'] : 1;
if (isset($_GET['order_id'])) {
$GLOBALS['smarty']->assign('TRANSACTION_LOGS_TITLE', sprintf($GLOBALS['lang']['orders']['title_transaction_logs_for_order'], $_GET['order_id']));
if (($transactions = $GLOBALS['db']->select('CubeCart_transactions', false, array('order_id' => $_GET['order_id']), array('time' => 'DESC'))) !== false) {
$GLOBALS['gui']->addBreadcrumb($transactions[0]['order_id'], currentPage());
foreach ($transactions as $transaction) {
$transaction['time'] = formatTime($transaction['time']);
$transaction['amount'] = Tax::getInstance()->priceFormat($transaction['amount']);
$transaction['trans_id'] = empty($transaction['trans_id']) ? $GLOBALS['lang']['common']['null'] : $transaction['trans_id'];
$smarty_data['transactions'][] = $transaction;
}
$GLOBALS['smarty']->assign('ORDER_TRANSACTIONS', $smarty_data['transactions']);
}
}
$GLOBALS['smarty']->assign('DISPLAY_SEND', true);
} else {
if (isset($_GET['action']) && in_array(strtolower($_GET['action']), array('add', 'edit'))) {
Admin::getInstance()->permissions('customers', CC_PERM_EDIT, true);
$GLOBALS['main']->addTabControl($lang['common']['general'], 'general');
$GLOBALS['main']->addTabControl($lang['email']['title_content_html'], 'email_html');
$GLOBALS['main']->addTabControl($lang['email']['title_content_text'], 'email_text');
$GLOBALS['main']->addTabControl($lang['email']['title_send_test'], 'send_test');
if (isset($_GET['newsletter_id']) && is_numeric($_GET['newsletter_id'])) {
if (($content = $GLOBALS['db']->select('CubeCart_newsletter', false, array('newsletter_id' => (int) $_GET['newsletter_id']))) !== false) {
// Render editor window
$GLOBALS['gui']->addBreadcrumb($content[0]['subject'], currentPage());
$GLOBALS['smarty']->assign('NEWSLETTER', $content[0]);
} else {
httpredir(currentPage(array('newsletter_id')));
}
}
// Get template list
if (($templates = $GLOBALS['db']->select('CubeCart_email_template', array('template_default', 'template_id', 'title'))) !== false) {
foreach ($templates as $template) {
if (isset($content)) {
$template['selected'] = $template['template_id'] == $content[0]['template_id'] ? ' selected="selected"' : '';
} else {
$template['selected'] = '';
}
$existing_templates[] = $template;
}
$GLOBALS['smarty']->assign('EXISTING_TEMPLATES', $existing_templates);
}
$GLOBALS['smarty']->assign('DISPLAY_FORM', true);
protected final function __construct()
{
// Turn error reporting off as it is displayed in debugger mode only!
ini_set('display_errors', false);
// Show ALL errors & notices
error_reporting(E_ALL ^ E_NOTICE);
ini_set('ignore_repeated_errors', true);
ini_set('ignore_repeated_source', true);
// Enable HTML Error messages
ini_set('html_errors', true);
ini_set('docref_root', 'http://docs.php.net/manual/en/');
ini_set('docref_ext', '.php');
// Define the Error & Exception handlers
set_error_handler(array(&$this, 'errorLogger'), ini_get('error_reporting'));
set_exception_handler(array(&$this, 'exceptionHandler'));
// Enable debugger
if (isset($GLOBALS['config']) && is_object($GLOBALS['config'])) {
$this->_enabled = (bool) $GLOBALS['config']->get('config', 'debug');
$ip_string = $GLOBALS['config']->get('config', 'debug_ip_addresses');
if (!empty($ip_string)) {
if (strstr($ip_string, ',')) {
$ip_addresses = explode(',', $ip_string);
if (!in_array(get_ip_address(), $ip_addresses)) {
$this->_enabled = false;
}
} else {
if ($ip_string !== get_ip_address()) {
$this->_enabled = false;
}
}
}
}
//If its time to clear the cache
if (isset($_GET['debug-cache-clear'])) {
$GLOBALS['cache']->clear();
$GLOBALS['cache']->tidy();
httpredir(currentPage(array('debug-cache-clear')));
}
//Check for xdebug
if (extension_loaded('xdebug') && function_exists('xdebug_is_enabled')) {
$this->_xdebug = xdebug_is_enabled();
}
$this->_debug_timer = $this->_getTime();
// Check register_globals
if (ini_get('register_globals')) {
trigger_error('register_globals are enabled. It is highly recommended that you disable this in your PHP configuration, as it is a large security hole, and may wreak havoc.', E_USER_WARNING);
}
Sanitize::cleanGlobals();
}
/**
* Load customer data
*/
private function _load()
{
foreach ($GLOBALS['hooks']->load('class.user.load') as $hook) {
include $hook;
}
if ($GLOBALS['session']->session_data['customer_id'] == '0') {
return;
}
if ($GLOBALS['session']->session_data['customer_id'] && ($result = $GLOBALS['db']->select('CubeCart_customer', false, array('customer_id' => (int) $GLOBALS['session']->session_data['customer_id']), null, 1))) {
$this->_user_data = $result[0];
foreach ($GLOBALS['hooks']->load('class.user.load.user') as $hook) {
include $hook;
}
$this->_logged_in = true;
if (!$GLOBALS['session']->has('user_language', 'client')) {
$GLOBALS['session']->set('user_language', isset($result[0]['language']) && preg_match(Language::LANG_REGEX, $result[0]['language']) ? $result[0]['language'] : $GLOBALS['config']->get('config', 'default_language'), 'client');
}
if ((empty($this->_user_data['email']) || !filter_var($this->_user_data['email'], FILTER_VALIDATE_EMAIL) || empty($this->_user_data['first_name']) || empty($this->_user_data['last_name'])) && !in_array(strtolower($_GET['_a']), array('profile', 'logout'))) {
// Force account details page
$GLOBALS['session']->set('temp_profile_required', true);
httpredir(currentPage(null, array('_a' => 'profile')));
}
}
}
$GLOBALS['hooks']->install($module_name);
} else {
$GLOBALS['hooks']->uninstall($module_name);
}
}
// Delete to prevent potential duplicate nightmare
$GLOBALS['db']->delete('CubeCart_modules', array('folder' => $module_name, 'module' => $module_type));
$GLOBALS['db']->insert('CubeCart_modules', array('status' => (int) $status, 'folder' => $module_name, 'module' => $module_type));
// Update config
$GLOBALS['config']->set($module_name, 'status', $status);
}
$after = md5(serialize($GLOBALS['db']->select('CubeCart_modules')));
if ($before !== $after) {
$GLOBALS['gui']->setNotify($lang['module']['notify_module_status']);
}
httpredir('?_g=plugins');
}
$module_paths = glob("modules/*/*/config.xml");
$i = 0;
$modules = false;
foreach ($module_paths as $module_path) {
$xml = new SimpleXMLElement(file_get_contents($module_path));
$basename = (string) basename(str_replace('config.xml', '', $module_path));
$key = trim((string) $xml->info->name . $i);
$module_config = $GLOBALS['db']->select('CubeCart_modules', '*', array('folder' => $basename, 'module' => (string) $xml->info->type));
$modules[$key] = array('uid' => (string) $xml->info->uid, 'type' => (string) $xml->info->type, 'mobile_optimized' => (string) $xml->info->mobile_optimized, 'name' => str_replace('_', ' ', (string) $xml->info->name), 'description' => (string) $xml->info->description, 'version' => (string) $xml->info->version, 'minVersion' => (string) $xml->info->minVersion, 'maxVersion' => (string) $xml->info->maxVersion, 'creator' => (string) $xml->info->creator, 'homepage' => (string) $xml->info->homepage, 'block' => (string) $xml->info->block, 'basename' => $basename, 'config' => $module_config[0], 'edit_url' => '?_g=plugins&type=' . (string) $xml->info->type . '&module=' . $basename, 'delete_url' => '?_g=plugins&type=' . (string) $xml->info->type . '&module=' . $basename . '&delete=1');
$i++;
}
if (is_array($modules)) {
ksort($modules);
}
if ($i == 1) {
$GLOBALS['gui']->setNotify($lang['newsletter']['subscriber_removed']);
} else {
$GLOBALS['gui']->setNotify(sprintf($lang['newsletter']['subscribers_removed'], $i));
}
} else {
if ($i == 1) {
$GLOBALS['gui']->setError($lang['newsletter']['subscriber_not_removed']);
} else {
$GLOBALS['gui']->setError($lang['newsletter']['subscribers_not_removed']);
}
}
$redirect = true;
}
if ($redirect) {
httpredir('?_g=customers&node=subscribers#general');
}
$per_page = 20;
$page = isset($_GET['page']) ? $_GET['page'] : 1;
if ($GLOBALS['session']->has('email_filter') && ($email_filter = $GLOBALS['session']->get('email_filter'))) {
$GLOBALS['smarty']->assign('EMAIL_FILTER', $email_filter);
if (filter_var($email_filter, FILTER_VALIDATE_EMAIL)) {
$where = array('email' => $email_filter);
} else {
$where = "`email` LIKE '%{$email_filter}%'";
}
} else {
$where = false;
}
$subscriber_count = $GLOBALS['db']->select('CubeCart_newsletter_subscriber', false, $where);
$count = count($subscriber_count);
}
}
$category['children'] = currentPage(null, array('parent' => $category['cat_id']));
$category['translate'] = currentPage(null, array('action' => 'translate', 'cat_id' => $category['cat_id']));
$category['edit'] = currentPage(null, array('action' => 'edit', 'cat_id' => $category['cat_id']));
$category['delete'] = currentPage(null, array('delete' => $category['cat_id']));
$children = false;
$children = $GLOBALS['db']->count('CubeCart_category', 'cat_id', array('cat_parent_id' => $category['cat_id']));
$category['no_children'] = $children;
$category['alt_text'] = sprintf((int) $children == 1 ? $lang['settings']['category_has_subcat'] : $lang['settings']['category_has_subcats'], (int) $children);
$category['visible'] = $category['hide'] ? 0 : 1;
$category_list[] = $category;
++$i;
}
}
// If no categories exist but parent is set redirect back to next level up
if (!isset($category_list) && isset($_GET['parent']) && $_GET['parent'] > 0) {
$parent_cat = $GLOBALS['db']->select('CubeCart_category', array('cat_parent_id'), array('cat_id' => $_GET['parent']));
if ($parent_cat && $parent_cat[0]['cat_parent_id'] > 0) {
httpredir('?_g=categories&parent=' . $parent_cat[0]['cat_parent_id']);
} else {
httpredir('?_g=categories');
}
}
foreach ($GLOBALS['hooks']->load('admin.category.pre_smarty') as $hook) {
include $hook;
}
$GLOBALS['smarty']->assign('LIST_CATEGORIES', true);
$GLOBALS['smarty']->assign('CATEGORIES', $category_list);
}
$page_content = $GLOBALS['smarty']->fetch('templates/categories.index.php');
}
$GLOBALS['smarty']->assign('PASSWORD', true);
break;
default:
switch (true) {
case isset($_GET['redir']) && !empty($_GET['redir']):
$redir = $_GET['redir'];
break;
case isset($_POST['redir']) && !empty($_POST['redir']):
$redir = $_POST['redir'];
break;
default:
$redir = currentPage();
}
if (isset($_GET['redir']) && !empty($_GET['redir']) && preg_match('/^(http(s?)\\:\\/\\/|ftp\\:\\/\\/|\\/\\/)/i', $redir)) {
httpredir(currentPage(array('redir')));
}
if ($GLOBALS['config']->get('config', 'ssl')) {
$current_page = currentPage();
if (CC_SSL) {
$ssl = array('url' => preg_replace('#^https#', 'http', $current_page), 'icon' => $GLOBALS['config']->get('config', 'adminFolder') . '/skins/' . $GLOBALS['config']->get('config', 'admin_skin') . '/images/ssl_true.png', 'state' => true);
} else {
$ssl = array('url' => preg_replace('#^http#', 'https', $current_page), 'icon' => $GLOBALS['config']->get('config', 'adminFolder') . '/skins/' . $GLOBALS['config']->get('config', 'admin_skin') . '/images/ssl_false.png', 'state' => true);
}
$GLOBALS['smarty']->assign('SSL', $ssl);
}
if (isset($redir) && !empty($redir)) {
$GLOBALS['smarty']->assign('REDIRECT_TO', $redir);
}
}
$GLOBALS['gui']->displayCommon();
$_SESSION['setup']['permissions'] = true;
} else {
if (isset($_POST['progress'])) {
$redir = false;
}
}
}
}
}
if (!isset($errors) && $redir) {
httpredir('index.php');
}
} else {
if (isset($_POST['cancel']) || isset($_GET['cancel'])) {
$_SESSION['setup'] = null;
httpredir('index.php', 'cancelled');
}
}
if (!isset($_SESSION['setup']) || is_null($_SESSION['setup'])) {
$restart = false;
$step = 1;
// Compatibility Test
$checks = array('PHP' => array('title' => 'PHP 5.2.3+', 'status' => version_compare(PHP_VERSION, '5.2.3', '>='), 'pass' => PHP_VERSION, 'fail' => PHP_VERSION), 'MySQL' => array('title' => 'MySQL 4.1+', 'status' => extension_loaded('mysqli') || extension_loaded('mysql'), 'pass' => function_exists('mysqli_get_client_info') ? mysqli_get_client_info() : mysql_get_client_info(), 'fail' => function_exists('mysqli_get_client_info') ? mysqli_get_client_info() : mysql_get_client_info()), 'GD' => array('title' => 'GD Image Library', 'status' => detectGD(), 'pass' => $strings['common']['installed'], 'fail' => $strings['common']['not_installed']), 'XML' => array('title' => 'Simple XML Parser', 'status' => extension_loaded('simplexml'), 'pass' => $strings['common']['installed'], 'fail' => $strings['common']['not_installed']), 'cURL' => array('title' => 'cURL', 'status' => extension_loaded('curl'), 'pass' => $strings['common']['installed'], 'fail' => $strings['common']['not_installed']));
$GLOBALS['smarty']->assign('CHECKS', $checks);
$GLOBALS['smarty']->assign('MODE_COMPAT', true);
} else {
if (!isset($_SESSION['setup']['method'])) {
$step = 2;
// Select Install/Upgrade
$GLOBALS['smarty']->assign('LANG_INSTALL_CUBECART_TITLE', sprintf($strings['setup']['install_cubecart_title'], CC_VERSION));
// Check if upgrading is possible
/**
* Create .htaccess exists and write if not
*
* @return bool
*/
private static function _checkModRewrite()
{
$cache_id = 'seo_check';
if (!isset($GLOBALS['cache']) || !is_object($GLOBALS['cache']) || $GLOBALS['cache']->read($cache_id)) {
return false;
} else {
$htaccess_path = CC_ROOT_DIR . '/.htaccess';
$htaccess_content = '##### START CubeCart .htaccess #####
## File Security
<FilesMatch "\\.(htaccess)$">
Order Allow,Deny
Deny from all
</FilesMatch>
#### Apache directory listing rules ####
DirectoryIndex index.php index.htm index.html
IndexIgnore *
#### Rewrite rules for SEO functionality ####
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase ' . CC_ROOT_REL . '
######## START v4 SEO URL BACKWARD COMPATIBILITY ########
RewriteCond %{QUERY_STRING} (.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule cat_([0-9]+)(\\.[a-z]{3,4})?(.*)$ index.php?_a=category&cat_id=$1&%1 [NC]
RewriteCond %{QUERY_STRING} (.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule prod_([0-9]+)(\\.[a-z]{3,4})?$ index.php?_a=product&product_id=$1&%1 [NC]
RewriteCond %{QUERY_STRING} (.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule info_([0-9]+)(\\.[a-z]{3,4})?$ index.php?_a=document&doc_id=$1&%1 [NC]
RewriteCond %{QUERY_STRING} (.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule tell_([0-9]+)(\\.[a-z]{3,4})?$ index.php?_a=product&product_id=$1&%1 [NC]
RewriteCond %{QUERY_STRING} (.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule _saleItems(\\.[a-z]+)?(\\?.*)?$ index.php?_a=saleitems&%1 [NC,L]
######## END v4 SEO URL BACKWARD COMPATIBILITY ########
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*)\\.html?$ index.php?seo_path=$1 [L,QSA]
</IfModule>
## Default store 404 page
ErrorDocument 404 ' . CC_ROOT_REL . 'index.php
##### END CubeCart .htaccess #####';
if (!file_exists($htaccess_path)) {
if (!file_put_contents($htaccess_path, $htaccess_content)) {
die('Failed to create .htaccess file for Search Engine Friendly URL\'s. Please create this file in the stores root directory with the content.<textarea style="width: 400px; height: 300px;" readonly>' . $htaccess_content . '</textarea>');
}
$GLOBALS['cache']->write('1', $cache_id);
httpredir();
} else {
$current_contents = file_get_contents($htaccess_path);
if (!strstr($current_contents, 'seo_path')) {
$htaccess_content = $current_contents . "\r\n\r\n" . $htaccess_content;
if (!file_put_contents($htaccess_path, $htaccess_content)) {
die('Failed to update existing .htaccess file for Search Engine Friendly URL\'s. Please edit this file in the stores root directory to have the content.<textarea style="width: 400px; height: 300px;" readonly>' . $htaccess_content . '</textarea>');
}
$GLOBALS['cache']->write('1', $cache_id);
httpredir();
}
}
}
}
$GLOBALS['db']->delete('CubeCart_customer_membership', array('customer_id' => $customer[0]['customer_id']));
$GLOBALS['db']->delete('CubeCart_newsletter_subscriber', array('customer_id' => $customer[0]['customer_id']));
foreach ($GLOBALS['hooks']->load('admin.customer.delete') as $hook) {
include $hook;
}
$GLOBALS['main']->setACPNotify($lang['customer']['notify_customer_delete']);
} else {
$GLOBALS['main']->setACPWarning($lang['customer']['error_customer_delete']);
}
} else {
$GLOBALS['main']->setACPWarning($lang['customer']['error_customer_delete_orders']);
}
} else {
$GLOBALS['main']->setACPWarning($lang['customer']['error_customer_found']);
}
httpredir(currentPage(array('action', 'customer_id')));
}
$GLOBALS['main']->addTabControl($lang['common']['general'], 'general');
$GLOBALS['main']->addTabControl($lang['customer']['title_address'], 'address');
if ($_GET['action'] == 'edit' && isset($_GET['customer_id']) && is_numeric($_GET['customer_id'])) {
if (($customer = $GLOBALS['db']->select('CubeCart_customer', false, array('customer_id' => (int) $_GET['customer_id']))) !== false) {
$customer = $customer[0];
$GLOBALS['main']->addTabControl('<i class="fa fa-sign-in"></i> ' . sprintf($lang['customer']['signinas'], $customer['first_name'], $customer['last_name']), '', currentPage('', array('action' => 'signinas', 'customer_id' => $customer['customer_id'])), null, false, '_blank');
$customer_id = (int) $customer['customer_id'];
$GLOBALS['smarty']->assign('ADD_EDIT_CUSTOMER', $lang['customer']['title_customer_edit']);
$GLOBALS['gui']->addBreadcrumb(sprintf('%s %s', $customer['first_name'], $customer['last_name']), currentPage(array('address_id')));
if (isset($_GET['address_id']) && is_numeric($_GET['address_id'])) {
if (($address = $GLOBALS['db']->select('CubeCart_addressbook', false, array('customer_id' => $customer_id, 'address_id' => (int) $_GET['address_id']))) !== false) {
$GLOBALS['gui']->addBreadcrumb($address[0]['description'], currentPage());
if (($countries = $GLOBALS['db']->select('CubeCart_geo_country', array('id', 'numcode', 'name'))) !== false) {
$smarty_data = array();
/**
* Authenticate user as admin
*
* @param string $username
* @param string $password
* @return bool
*/
private function _authenticate($username, $password)
{
$hash_password = '';
if (!empty($username)) {
// Fetch salt
if (($user = $GLOBALS['db']->select('CubeCart_admin_users', array('admin_id', 'password', 'salt', 'new_password'), array('username' => $username, 'status' => '1'), null, 1)) !== false) {
if (empty($user[0]['salt'])) {
// Generate Salt
$salt = Password::getInstance()->createSalt();
//Update it to the newer MD5 so we can fix it later
$pass = Password::getInstance()->updateOld($user[0]['password'], $salt);
$update = array('salt' => $salt, 'password' => $pass, 'new_password' => 0);
if ($GLOBALS['db']->update('CubeCart_admin_users', $update, array('admin_id' => (int) $user[0]['admin_id']))) {
$hash_password = $pass;
}
} else {
if ($user[0]['new_password'] == 1) {
//Get the salted new password
$hash_password = Password::getInstance()->getSalted($password, $user[0]['salt']);
} else {
//Get the salted old password
$hash_password = Password::getInstance()->getSaltedOld($password, $user[0]['salt']);
}
}
} else {
$GLOBALS['gui']->setError($GLOBALS['language']->account['error_login']);
return false;
}
$result = $GLOBALS['db']->select('CubeCart_admin_users', array('admin_id', 'customer_id', 'logins', 'new_password'), array('username' => $username, 'password' => $hash_password, 'status' => '1'));
$GLOBALS['session']->blocker($username, 0, (bool) $result, Session::BLOCKER_BACKEND, $GLOBALS['config']->get('config', 'bfattempts'), $GLOBALS['config']->get('config', 'bftime'));
if ($result) {
if (!$GLOBALS['session']->blocked()) {
$this->_logged_in = true;
$update = array('blockTime' => 0, 'browser' => htmlspecialchars($_SERVER['HTTP_USER_AGENT']), 'failLevel' => 0, 'session_id' => $GLOBALS['session']->getId(), 'ip_address' => get_ip_address(), 'verify' => '', 'lastTime' => time(), 'logins' => $result[0]['logins'] + 1);
if ($result[0]['new_password'] != 1) {
$salt = Password::getInstance()->createSalt();
$pass = Password::getInstance()->getSalted($password, $salt);
$update = array_merge($update, array('salt' => $salt, 'password' => $pass, 'new_password' => 1));
}
$GLOBALS['db']->update('CubeCart_admin_users', $update, array('admin_id' => $result[0]['admin_id']));
$GLOBALS['session']->set('admin_id', $result[0]['admin_id'], 'client');
$this->_load();
} else {
$minutes_blocked = ceil($GLOBALS['config']->get('config', 'bftime') / 60);
$GLOBALS['gui']->setError(sprintf('Too many invalid logins have been made. Access has been blocked for %s minutes.', $minutes_blocked));
}
} else {
if (!$GLOBALS['session']->blocked()) {
if (($user = $GLOBALS['db']->select('CubeCart_admin_users', false, array('username' => $_POST['username']))) !== false) {
if ($user[0]['blockTime'] > 0 && $user[0]['blockTime'] < time()) {
// reset fail level and time
$newdata['failLevel'] = 1;
$newdata['blockTime'] = 0;
} else {
if ($user[0]['failLevel'] == $GLOBALS['config']->get('config', 'bfattempts') - 1) {
$timeAgo = time() - $GLOBALS['config']->get('config', 'bftime');
if ($user[0]['lastTime'] < $timeAgo) {
$newdata['failLevel'] = 1;
$newdata['blockTime'] = 0;
} else {
// block the account
$newdata['failLevel'] = $GLOBALS['config']->get('config', 'bfattempts');
$newdata['blockTime'] = time() + $GLOBALS['config']->get('config', 'bftime');
}
} else {
if ($user[0]['blockTime'] < time()) {
$timeAgo = time() - $GLOBALS['config']->get('config', 'bftime');
$newdata['failLevel'] = $user[0]['lastTime'] < $timeAgo ? 1 : $user[0]['failLevel'] + 1;
$newdata['blockTime'] = 0;
} else {
// Display Blocked message
$GLOBALS['gui']->setError(sprintf($GLOBALS['language']->account['error_login_block']($GLOBALS['config']->get('config', 'bftime') / 60)));
$this->_blocked = true;
}
}
}
if (isset($newdata)) {
$newdata['lastTime'] = time();
$GLOBALS['db']->update('CubeCart_admin_users', $newdata, array('admin_id' => $user[0]['admin_id']));
}
}
$GLOBALS['gui']->setError($GLOBALS['language']->account['error_login']);
} else {
$minutes_blocked = ceil($GLOBALS['config']->get('config', 'bftime') / 60);
$GLOBALS['gui']->setError(sprintf('Too many invalid logins have been made. Access has been blocked for %s minutes.', $minutes_blocked));
}
}
if (!$GLOBALS['session']->blocked()) {
$redir = '';
if (isset($_GET['redir']) && !empty($_GET['redir'])) {
$redir = $_GET['redir'];
} else {
if (isset($_POST['redir']) && !empty($_POST['redir'])) {
$redir = $_POST['redir'];
} else {
if ($GLOBALS['session']->has('redir')) {
$redir = $GLOBALS['session']->get('redir');
} else {
if ($GLOBALS['session']->has('back')) {
$redir = $GLOBALS['session']->get('back');
}
}
}
}
if (!empty($redir)) {
if (preg_match('#^http#iU', $redir)) {
// Prevent phishing attacks, or anything untoward, unless it's redirecting back to this store
if (substr($redir, 0, strlen(CC_STORE_URL)) == CC_STORE_URL || substr($redir, 0, strlen($GLOBALS['config']->get('config', 'ssl_url'))) == $GLOBALS['config']->get('config', 'ssl_url')) {
// All good, proceed
} else {
trigger_error(sprintf("Possible Phishing attack - Redirection to '%s' is not allowed.", $redir));
$redir = '';
if ($GLOBALS['session']->has('back') && $redir == $GLOBALS['session']->get('back')) {
$GLOBALS['session']->delete('back');
}
if ($GLOBALS['session']->has('redir') && $redir == $GLOBALS['session']->get('redir')) {
$GLOBALS['session']->delete('redir');
}
}
}
}
httpredir(isset($redir) && !empty($redir) ? $redir : $GLOBALS['rootRel'] . $GLOBALS['config']->get('config', 'adminFile'));
} else {
$minutes_blocked = ceil($GLOBALS['config']->get('config', 'bftime') / 60);
$GLOBALS['gui']->setError(sprintf('Too many invalid logins have been made. Access has been blocked for %s minutes.', $minutes_blocked));
}
} else {
$GLOBALS['gui']->setError($GLOBALS['language']->account['error_login']);
}
return false;
}
## Delete Tax Rule
if (isset($_GET['delete_rule']) && !empty($_GET['delete_rule']) && Admin::getInstance()->permissions('settings', CC_PERM_DELETE)) {
if ($GLOBALS['db']->delete('CubeCart_tax_rates', array('id' => (int) $_GET['delete_rule']))) {
$GLOBALS['main']->setACPNotify($lang['settings']['notify_tax_rule_delete']);
} else {
$GLOBALS['main']->setACPWarning($lang['settings']['error_tax_rule_delete']);
}
$redirect = true;
$anchor = 'taxrules';
}
if ($updated) {
## Generic message as a few things can be updated at once
$GLOBALS['main']->setACPNotify($lang['settings']['notify_tax_updated']);
}
if ($redirect) {
httpredir(currentPage(array('delete_class', 'delete_detail', 'delete_rule')), $anchor);
}
###############################################################
## Get countries
if (($countries = $GLOBALS['db']->select('CubeCart_geo_country', array('numcode', 'name'))) !== false) {
$GLOBALS['smarty']->assign('COUNTRIES', $countries);
## Get counties
$GLOBALS['smarty']->assign('VAL_JSON_COUNTY', state_json());
$GLOBALS['smarty']->assign('CONFIG', $GLOBALS['config']->get('config'));
}
## Get Tax Classes
if (($tax_classes = $GLOBALS['db']->select('CubeCart_tax_class')) !== false) {
$GLOBALS['smarty']->assign('TAX_CLASSES', $tax_classes);
foreach ($tax_classes as $class) {
$tax_class[$class['id']] = $class['tax_name'];
}
if ($_GET['action'] == 'edit') {
$page_title = $lang['email']['title_template_update'];
} elseif ($_GET['action'] == 'clone') {
$page_title = $lang['email']['title_template_clone'];
} else {
$page_title = $lang['email']['title_template_create'];
}
$GLOBALS['smarty']->assign('ADD_EDIT_TEMPLATE', $page_title);
$GLOBALS['smarty']->assign('TEMPLATE', $data);
$macros = array(array('name' => '{$EMAIL_CONTENT}', 'description' => $lang['email']['macro_template_content'], 'required' => 'Yes'), array('name' => '{$DATA.logoURL}', 'description' => $lang['email']['macro_template_store_logo'], 'required' => 'No'), array('name' => '{$DATA.store_name}', 'description' => $lang['email']['macro_template_store_name'], 'required' => 'No'), array('name' => '{$DATA.storeURL}', 'description' => $lang['email']['macro_template_store_url'], 'required' => 'No'), array('name' => '{$DATA.unsubscribeURL}', 'description' => $lang['email']['macro_template_unsubscribe'], 'required' => 'No'));
$GLOBALS['smarty']->assign('TEMPLATE_MACROS', $macros);
$GLOBALS['smarty']->assign('DISPLAY_TEMPLATE_FORM', true);
}
break;
default:
httpredir(currentPage(array('action', 'type')));
}
## Tabs
$GLOBALS['main']->addTabControl($lang['common']['general'], 'general');
$GLOBALS['main']->addTabControl($lang['email']['title_content_html'], 'email_html');
$GLOBALS['main']->addTabControl($lang['email']['title_content_text'], 'email_text');
## Breadcrumbs
$GLOBALS['gui']->addBreadcrumb($breadcrumb, currentPage());
// Delete link
if (isset($delete)) {
$GLOBALS['smarty']->assign('DISPLAY_DELETE_LINK', true);
}
} else {
$GLOBALS['main']->addTabControl($lang['email']['title_email_contents'], 'email_contents');
$GLOBALS['main']->addTabControl($lang['email']['title_email_templates'], 'email_templates');
$GLOBALS['main']->addTabControl($lang['common']['import'], 'email_import');
} else {
$full = $_POST['drop'] && $_POST['structure'] && $_POST['data'] ? '_full' : '';
$fileName = CC_ROOT_DIR . '/backup/database' . $full . '_' . CC_VERSION . '_' . $glob['dbdatabase'] . "_" . date("dMy-His") . '.sql';
$all_tables = isset($_POST['db_3rdparty']) && $_POST['db_3rdparty'] == '1' ? true : false;
$write = $GLOBALS['db']->doSQLBackup($_POST['drop'], $_POST['structure'], $_POST['data'], $fileName, $_POST['compress'], $all_tables);
if ($write) {
$GLOBALS['main']->setACPNotify($lang['maintain']['db_backup_complete']);
} else {
$GLOBALS['main']->setACPWarning($lang['maintain']['db_backup_failed']);
}
}
$clear_post = true;
}
}
if ($clear_post) {
httpredir(currentPage(array('clearLogs', 'emptyErrorLogs')));
}
########## Tabs ##########
$GLOBALS['main']->addTabControl($lang['maintain']['tab_rebuild'], 'rebuild');
$GLOBALS['main']->addTabControl($lang['maintain']['tab_backup'], 'backup');
$GLOBALS['main']->addTabControl($lang['common']['upgrade'], 'upgrade');
$GLOBALS['main']->addTabControl($lang['maintain']['tab_db'], 'database');
$GLOBALS['main']->addTabControl($lang['maintain']['tab_query_sql'], 'general', '?_g=maintenance&node=sql');
##########
## Database
if (isset($database_result) && $database_result) {
$GLOBALS['smarty']->assign('TABLES_AFTER', $database_result);
} elseif (($tables = $GLOBALS['db']->getRows()) !== false) {
foreach ($tables as $table) {
$table['Data_free'] = $table['Data_free'] > 0 ? formatBytes($table['Data_free'], true) : '-';
$table_size = $table['Data_length'] + $table['Index_length'];
/**
* Create order
*
* @param bool $force
* @return bool
*/
public function placeOrder($force_order = false)
{
foreach ($GLOBALS['hooks']->load('class.order.place_order') as $hook) {
include $hook;
}
if ($_GET['retrieve'] && isset($_GET['cart_order_id']) && !empty($_GET['cart_order_id'])) {
// Order retrieval
if ($this->_retrieveOrder($_GET['cart_order_id'])) {
httpredir(currentPage(array('cart_order_id', 'retrieve'), array('_a' => 'confirm')));
}
} else {
if (!empty($this->_basket)) {
// Order Creation/Updating
$this->_saveAddresses();
if (isset($this->_basket['cart_order_id']) && !empty($this->_basket['cart_order_id']) && ($check = $GLOBALS['db']->select('CubeCart_order_summary', array('cart_order_id'), array('cart_order_id' => $this->_basket['cart_order_id'], 'status' => 1), false, false, false, false))) {
// Order has already been placed and is still pending, so we only need to update
$this->_updateOrder();
$update = true;
} else {
// Create a new order
$this->createOrderId();
// Take basket data from session, and insert into database
foreach ($this->_basket['contents'] as $key => $item) {
$product = $this->_orderAddProduct($item, $key);
$this->_basket['contents'][$key] = is_array($product) ? array_merge($product, $item) : $item;
}
$update = false;
}
// Shipping - calculate taxes (if any)
if (isset($this->_basket['shipping']) && is_array($this->_basket['shipping'])) {
Tax::getInstance()->productTax($this->_basket['shipping']['value'], (int) $this->_basket['shipping']['tax_id'], false, 0, 'shipping');
}
// Insert Taxes
$GLOBALS['db']->delete('CubeCart_order_tax', array('cart_order_id' => $this->_order_id));
if (is_array($this->_basket['order_taxes'])) {
foreach ($this->_basket['order_taxes'] as $order_tax) {
$order_tax['cart_order_id'] = $this->_order_id;
$GLOBALS['db']->insert('CubeCart_order_tax', $order_tax);
}
}
if (isset($this->_basket['coupons']) && is_array($this->_basket['coupons'])) {
$codes_used = array();
foreach ($this->_basket['coupons'] as $key => $data) {
if ($data['gc']) {
// Update gift certificate balance
$GLOBALS['db']->update('CubeCart_coupons', array('discount_price' => $data['remainder']), array('code' => $data['voucher']));
$certificates_used[] = $data['voucher'];
} else {
$vouchers_used[] = $data['voucher'];
// Update usage count
$product_data = unserialize($data['product']);
if (is_array($product_data) && count($product_data) > 1) {
## Per product coupons
foreach ($this->_basket['contents'] as $hash => $item) {
if (!in_array($item['id'], $product_data)) {
continue;
}
$GLOBALS['db']->update('CubeCart_coupons', array('count' => '+' . (int) $item['quantity']), array('code' => $data['voucher']));
}
} else {
$GLOBALS['db']->update('CubeCart_coupons', array('count' => '+1'), array('code' => $data['voucher']));
}
}
}
$note_content = '';
if (is_array($certificates_used)) {
$note_content .= "\r\n" . $GLOBALS['language']->orders['certificate_codes_used'] . "\r\n" . implode("\r\n", $certificates_used);
}
if (is_array($vouchers_used)) {
$note_content .= "\r\n" . $GLOBALS['language']->orders['discount_codes_used'] . "\r\n" . implode("\r\n", $vouchers_used);
}
$this->addNote($this->_order_id, $note_content);
}
// Set order as 'Pending'
$this->_basket['order_status'] = constant('ORDER_PENDING');
foreach ($GLOBALS['hooks']->load('class.order.place_order.basket') as $hook) {
include $hook;
}
// Insert/Update the order summary
$this->_orderSummary($update, $force_order);
$this->_manageStock(self::ORDER_PENDING, $this->_basket['cart_order_id']);
$this->orderStatus(self::ORDER_PENDING, $this->_basket['cart_order_id'], true);
if ($this->_basket['total'] == 0) {
$this->orderStatus(self::ORDER_PROCESS, $this->_basket['cart_order_id']);
httpredir(currentPage(null, array('_a' => 'complete')));
}
return true;
}
}
// Go back to the basket page
httpredir(currentPage(array('cart_order_id'), array('_a' => 'basket')));
return false;
}
$deleted = true;
}
break;
}
}
if ($_POST['multi-action'] == 'delete') {
if ($deleted) {
$GLOBALS['main']->setACPNotify($lang['orders']['notify_orders_delete']);
} else {
$GLOBALS['main']->setACPWarning($lang['orders']['error_orders_delete']);
}
}
if ($updated) {
$GLOBALS['main']->setACPNotify($lang['orders']['notify_orders_status']);
}
httpredir(currentPage(array('print_hash', 'multi-action'), $add_array));
} else {
if (isset($_GET['search'])) {
// Search by date range
if (isset($_GET['search']['date']) && is_array($_GET['search']['date']) && (!empty($_GET['search']['date']['form']) || !empty($_GET['search']['date']['to']))) {
foreach ($_GET['search']['date'] as $key => $date) {
$dates[$key] = !empty($date) ? strtotime($date) : null;
}
if (!empty($dates['from']) && !empty($dates['to']) && $dates['from'] == $dates['to']) {
$where[] = "order_date = '" . $dates['from'] . "'";
} else {
if (!empty($dates['from'])) {
$where[] = "order_date >= '" . $dates['from'] . "'";
}
if (!empty($dates['to'])) {
$where[] = "order_date <= '" . $dates['to'] . "'";
} elseif (isset($_POST['create']) && !empty($_POST['create']['code'])) {
if ($GLOBALS['language']->create($_POST['create'])) {
$GLOBALS['main']->setACPNotify($lang['translate']['notify_language_create']);
## Set status to disabled to begin with
$GLOBALS['config']->set('languages', $_POST['create']['code'], "0");
httpredir(currentPage(null, array('language' => $_POST['create']['code'])));
} else {
$GLOBALS['main']->setACPWarning($lang['translate']['error_language_create']);
}
} elseif (isset($_POST['status']) && Admin::getInstance()->permissions('settings', CC_PERM_EDIT)) {
if ($GLOBALS['config']->set('languages', false, $_POST['status'])) {
$GLOBALS['main']->setACPNotify($lang['translate']['notify_language_status']);
} else {
$GLOBALS['main']->setACPWarning($lang['translate']['error_language_status']);
}
httpredir(currentPage());
}
$enabled = $GLOBALS['config']->get('languages');
$GLOBALS['main']->addTabControl($lang['translate']['title_languages'], 'lang_list');
## List available language files
if (($languageList = $GLOBALS['language']->listLanguages()) !== false) {
foreach ($languageList as $code => $info) {
$info['status'] = isset($enabled[$code]) ? (int) $enabled[$code] : 1;
if (file_exists('language/flags/' . $info['code'] . '.png')) {
$info['flag'] = 'language/flags/' . $info['code'] . '.png';
} else {
$info['flag'] = 'language/flags/unknown.png';
}
$info['edit'] = currentPage(null, array('language' => $info['code']));
$info['delete'] = currentPage(null, array('delete' => $info['code']));
$info['download'] = currentPage(null, array('download' => $info['code']));
}
httpredir(currentPage(array('delete')));
}
###############################################
if (isset($_GET['action'])) {
foreach ($GLOBALS['hooks']->load('admin.documents.pre_display') as $hook) {
include $hook;
}
$GLOBALS['main']->addTabControl($lang['common']['general'], 'general');
$GLOBALS['main']->addTabControl($lang['documents']['tab_content'], 'article');
$GLOBALS['main']->addTabControl($lang['settings']['tab_seo'], 'seo');
if (strtolower($_GET['action']) == ('edit' || 'translate') && isset($_GET['doc_id']) && is_numeric($_GET['doc_id'])) {
// Check to see if translation space is available
if ($_GET['action'] == 'translate' && $GLOBALS['language']->fullyTranslated('document', $_GET['doc_id'])) {
$GLOBALS['main']->setACPWarning($lang['common']['all_translated']);
httpredir('?_g=documents');
}
$GLOBALS['smarty']->assign('ADD_EDIT_DOCUMENT', $_GET['action'] == 'translate' ? $lang['documents']['document_translate'] : $lang['documents']['document_edit']);
if (($document = $GLOBALS['db']->select('CubeCart_documents', false, array('doc_id' => (int) $_GET['doc_id']))) !== false) {
if (strtolower($_GET['action']) == 'translate') {
$document[0]['doc_parent_id'] = $document[0]['doc_id'];
unset($document[0]['doc_id']);
}
$data = $document[0];
$GLOBALS['gui']->addBreadcrumb($data['doc_name'], currentPage());
$data['link']['delete'] = currentPage(array('doc_id', 'action'), array('delete' => $data['doc_id']));
$GLOBALS['smarty']->assign('DISPLAY_DELETE', true);
}
} else {
$GLOBALS['smarty']->assign('ADD_EDIT_DOCUMENT', $lang['documents']['document_create']);
$data = array();
