function create_plugin_instance()
{
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
if ($_GET['file'] != $aFilename['info_down_for_maintenance']) {
MyOOS_CoreApi::redirect(oos_href_link($aModules['info'], $aFilename['info_down_for_maintenance'], '', 'NONSSL', true, false));
}
return true;
}
function create_plugin_instance()
{
if (!isset($_SESSION['customer_id'])) {
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
if ($_GET['mp'] != $aModules['user']) {
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aModules['user'], $aFilename['login'], '', 'SSL'));
}
}
return true;
}
function create_plugin_instance()
{
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
if ($_GET['file'] != $aFilename['login'] && !isset($_SESSION['customer_id'])) {
$cookie_url_array = parse_url((ENABLE_SSL == true ? OOS_HTTPS_SERVER : OOS_HTTP_SERVER) . substr(OOS_SHOP, 0, -1));
$cookie_path = $cookie_url_array['path'];
if (isset($_COOKIE['email_address']) && isset($_COOKIE['password'])) {
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$customerstable = $oostable['customers'];
$sql = "SELECT customers_id, customers_gender, customers_firstname, customers_lastname,\n customers_password, customers_wishlist_link_id, customers_language,\n customers_vat_id_status, customers_email_address, customers_default_address_id,\n customers_max_order\n FROM {$customerstable}\n WHERE customers_login = '******'\n AND customers_email_address = '" . oos_db_input($_COOKIE['email_address']) . "'";
$check_customer_result = $dbconn->Execute($sql);
if ($check_customer_result->RecordCount()) {
$check_customer = $check_customer_result->fields;
if (oos_validate_password($_COOKIE['password'], $check_customer['customers_password'])) {
$address_booktable = $oostable['address_book'];
$sql = "SELECT entry_country_id, entry_zone_id\n FROM {$address_booktable}\n WHERE customers_id = '" . $check_customer['customers_id'] . "'\n AND address_book_id = '1'";
$check_country = $dbconn->GetRow($sql);
if ($check_customer['customers_language'] == '') {
$sLanguage = oos_var_prep_for_os($_SESSION['language']);
$customerstable = $oostable['customers'];
$dbconn->Execute("UPDATE {$customerstable}\n SET customers_language = '" . oos_db_input($sLanguage) . "'\n WHERE customers_id = '" . intval($check_customer['customers_id']) . "'");
}
$_SESSION['customer_wishlist_link_id'] = $check_customer['customers_wishlist_link_id'];
$_SESSION['customer_id'] = $check_customer['customers_id'];
$_SESSION['customer_default_address_id'] = $check_customer['customers_default_address_id'];
if (ACCOUNT_GENDER == '1') {
$_SESSION['customer_gender'] = $check_customer['customers_gender'];
}
$_SESSION['customer_first_name'] = $check_customer['customers_firstname'];
$_SESSION['customer_lastname'] = $check_customer['customers_lastname'];
$_SESSION['customer_max_order'] = $check_customer['customers_max_order'];
$_SESSION['customer_country_id'] = $check_country['entry_country_id'];
$_SESSION['customer_zone_id'] = $check_country['entry_zone_id'];
if (ACCOUNT_VAT_ID == '1') {
$_SESSION['customers_vat_id_status'] = $check_customer['customers_vat_id_status'];
}
$_SESSION['member']->restore_group();
setcookie('email_address', $email_address, time() + 365 * 24 * 3600, $cookie_path, '', getenv('HTTPS') == 'on' ? 1 : 0);
setcookie('password', $check_customer['customers_password'], time() + 365 * 24 * 3600, $cookie_path, '', getenv('HTTPS') == 'on' ? 1 : 0);
$customers_infotable = $oostable['customers_info'];
$dbconn->Execute("UPDATE {$customers_infotable}\n SET customers_info_date_of_last_logon = '" . date("Y-m-d H:i:s", time()) . "',\n customers_info_number_of_logons = customers_info_number_of_logons+1\n WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'");
$_SESSION['cart']->restore_contents();
// restore cart contents
}
}
}
}
return true;
}
/**
* Smarty {categories_link} function plugin
*
* Type: function<br>
* Name: categories_link<br>
* Date: Oct 27, 2008<br>
* Purpose: URL for the categorie info<br>
* Input:<br>
* - categories
*
* Examples: {categories_link categories=17}
* Output: http:// ... index.php?mp=mp&file=shop&categories=17
* @author r23 <*****@*****.**>
* @version 1.0
* @param array
* @param Smarty
* @return string
* @uses smarty_function_html_href_link()
*/
function smarty_function_categories_link($params, &$smarty)
{
require_once $smarty->_get_plugin_filepath('function', 'html_href_link');
$aModules = oos_get_modules();
$aFilename = oos_get_filename();
$result = array();
$link_params = array();
$link_params = array('modul' => $aModules['main'], 'file' => $aFilename['shop']);
if (is_array($params)) {
$result = array_merge($link_params, $params);
} else {
$smarty->trigger_error("categories_link: extra attribute '{$params}' must an array", E_USER_NOTICE);
}
return smarty_function_html_href_link($result, $smarty);
}
/**
* Protects better diverse attempts of Cross-Site Scripting
* attacks, thanks to webmedic, Timax, larsneo.
*
* Lets validate the current php version and set globals
* accordingly.
* Do not change this value unless you know what you are
* doing you have been warned!
*/
function oos_secure_input()
{
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
# Cross-Site Scripting attack defense - Sent by larsneo
# some syntax checking against injected javascript
# extended by Neo
/**
* Lets now sanitize the GET vars
*/
if (count($_GET) > 0) {
foreach ($_GET as $secvalue) {
if (!is_array($secvalue)) {
if (eregi("<[^>]*script*\"?[^>]*>", $secvalue) || eregi(".*[[:space:]](or|and)[[:space:]].*(=|like).*", $secvalue) || eregi("<[^>]*object*\"?[^>]*>", $secvalue) || eregi("<[^>]*iframe*\"?[^>]*>", $secvalue) || eregi("<[^>]*applet*\"?[^>]*>", $secvalue) || eregi("<[^>]*meta*\"?[^>]*>", $secvalue) || eregi("<[^>]*style*\"?[^>]*>", $secvalue) || eregi("<[^>]*form*\"?[^>]*>", $secvalue) || eregi("<[^>]*window.*\"?[^>]*>", $secvalue) || eregi("<[^>]*alert*\"?[^>]*>", $secvalue) || eregi("<[^>]*img*\"?[^>]*>", $secvalue) || eregi("<[^>]*document.*\"?[^>]*>", $secvalue) || eregi("<[^>]*cookie*\"?[^>]*>", $secvalue) || eregi("\"", $secvalue)) {
MyOOS_CoreApi::redirect(oos_href_link($aModules['main'], $aFilename['main']));
}
}
}
}
/**
* Lets now sanitize the POST vars
*/
if (count($_POST) > 0) {
foreach ($_POST as $secvalue) {
if (!is_array($secvalue)) {
if (eregi("<[^>]*script*\"?[^>]*>", $secvalue) || eregi("<[^>]*object*\"?[^>]*>", $secvalue) || eregi("<[^>]*iframe*\"?[^>]*>", $secvalue) || eregi("<[^>]*applet*\"?[^>]*>", $secvalue) || eregi("<[^>]*window.*\"?[^>]*>", $secvalue) || eregi("<[^>]*alert*\"?[^>]*>", $secvalue) || eregi("<[^>]*document.*\"?[^>]*>", $secvalue) || eregi("<[^>]*cookie*\"?[^>]*>", $secvalue) || eregi("<[^>]*meta*\"?[^>]*>", $secvalue)) {
MyOOS_CoreApi::redirect(oos_href_link($aModules['main'], $aFilename['main']));
}
}
}
}
/**
* Lets now sanitize the COOKIE vars
*/
if (count($_COOKIE) > 0) {
foreach ($_COOKIE as $secvalue) {
if (!is_array($secvalue)) {
if (eregi("<[^>]*script*\"?[^>]*>", $secvalue) || eregi(".*[[:space:]](or|and)[[:space:]].*(=|like).*", $secvalue) || eregi("<[^>]*object*\"?[^>]*>", $secvalue) || eregi("<[^>]*iframe*\"?[^>]*>", $secvalue) || eregi("<[^>]*applet*\"?[^>]*>", $secvalue) || eregi("<[^>]*meta*\"?[^>]*>", $secvalue) || eregi("<[^>]*style*\"?[^>]*>", $secvalue) || eregi("<[^>]*form*\"?[^>]*>", $secvalue) || eregi("<[^>]*window.*\"?[^>]*>", $secvalue) || eregi("<[^>]*alert*\"?[^>]*>", $secvalue) || eregi("<[^>]*document.*\"?[^>]*>", $secvalue) || eregi("<[^>]*cookie*\"?[^>]*>", $secvalue) || eregi("<[^>]*img*\"?[^>]*>", $secvalue)) {
MyOOS_CoreApi::redirect(oos_href_link($aModules['main'], $aFilename['main']));
}
}
}
}
}
function create_plugin_instance()
{
global $oLang, $aLang;
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
if (!isset($_SESSION['language']) || isset($_GET['language'])) {
MyOOS_CoreApi::requireOnce('classes/class_language.php');
$oLang = new language();
if (isset($_GET['language']) && oos_is_not_null($_GET['language'])) {
$oLang->set($_GET['language']);
} else {
$oLang->get_browser_language();
}
}
$sLanguage = oos_var_prep_for_os($_SESSION['language']);
include 'includes/languages/' . $sLanguage . '.php';
return true;
}
/**
* Return a customer greeting
*
* @return string
*/
function oos_customer_greeting()
{
global $aLang;
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
$personal_text = '';
if (isset($_SESSION['customer_lastname']) && ACCOUNT_GENDER == '1') {
if ($_SESSION['customer_gender'] == 'm') {
$personal_text = $aLang['male_address'] . ' ' . $_SESSION['customer_lastname'];
} else {
$personal_text = $aLang['female_address'] . ' ' . $_SESSION['customer_lastname'];
}
}
if (isset($_SESSION['customer_lastname']) && isset($_SESSION['customer_id'])) {
$sGreeting = sprintf($aLang['text_greeting_personal'], $personal_text, oos_href_link($aModules['products'], $aFilename['products_new']));
} else {
$sGreeting = '';
// $sGreeting = sprintf($aLang['text_greeting_guest'], oos_href_link($aModules['user'], $aFilename['login'], '', 'SSL'), oos_href_link($aModules['user'], $aFilename['create_account'], '', 'SSL'));
}
return $sGreeting;
}
function process_button()
{
global $oOrder, $oCurrencies;
if (MODULE_PAYMENT_MONEYBOOKERS_LANGUAGE == 'Selected Language') {
$my_language = 'EN';
} else {
$my_language = MODULE_PAYMENT_MONEYBOOKERS_LANGUAGE;
}
if (MODULE_PAYMENT_MONEYBOOKERS_CURRENCY == 'Selected Currency') {
$my_currency = $_SESSION['currency'];
} else {
$my_currency = substr(MODULE_PAYMENT_MONEYBOOKERS_CURRENCY, 5);
}
if (!in_array($my_currency, array('EUR', 'USD', 'GBP', 'HKD', 'SGD', 'JPY', 'CAD', 'AUD', 'CHF', 'DKK', 'SEK', 'NOK', 'ILS', 'MYR', 'NZD', 'TWD', 'THB', 'CZK', 'HUF', 'SKK', 'ISK', 'INR'))) {
$my_currency = 'EUR';
}
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
$process_button_string = oos_draw_hidden_field('pay_to_email', MODULE_PAYMENT_MONEYBOOKERS_ID) . oos_draw_hidden_field('language', $my_language) . oos_draw_hidden_field('amount', number_format($oOrder->info['total'] * $oCurrencies->get_value($my_currency), $oCurrencies->get_decimal_places($my_currency))) . oos_draw_hidden_field('currency', $my_currency) . oos_draw_hidden_field('detail1_description', STORE_NAME) . oos_draw_hidden_field('detail1_text', 'Order - ' . date('d. M Y - H:i')) . oos_draw_hidden_field('firstname', $oOrder->billing['firstname']) . oos_draw_hidden_field('lastname', $oOrder->billing['lastname']) . oos_draw_hidden_field('address', $oOrder->billing['street_address']) . oos_draw_hidden_field('postal_code', $oOrder->billing['postcode']) . oos_draw_hidden_field('city', $oOrder->billing['city']) . oos_draw_hidden_field('country', $oOrder->billing['country']['moneybookers']) . oos_draw_hidden_field('pay_from_email', $oOrder->customer['email_address']) . oos_draw_hidden_field('return', oos_href_link($aModules['checkout'], $aFilename['checkout_process'], '', 'SSL')) . oos_draw_hidden_field('cancel_return', oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], '', 'SSL'));
return $process_button_string;
}
/**
* Smarty {css_back_button} function plugin
*
* Type: function
* Name: css_back_button
* @Version: $Revision: 1.1 $ - changed by $Author: r23 $ on $Date: 2008/01/09 22:03:20 $
*/
function smarty_function_css_back_button($params, &$smarty)
{
global $oEvent, $spider_kill_sid;
MyOOS_CoreApi::requireOnce('lib/smarty/libs/plugins/shared.escape_special_chars.php');
$title = '';
$color = 'btnR green';
foreach ($params as $_key => $_val) {
switch ($_key) {
case 'title':
${$_key} = (string) $_val;
break;
case 'color':
${$_key} = (string) $_val;
break;
default:
break;
}
}
$aModules = oos_get_modules();
$aFilename = oos_get_filename();
if (count($_SESSION['navigation']->path) - 2 > 0) {
$back = count($_SESSION['navigation']->path) - 2;
$link = oos_href_link($_SESSION['navigation']->path[$back]['modules'], $_SESSION['navigation']->path[$back]['file'], $_SESSION['navigation']->path[$back]['get'] . '&history_back=true', $_SESSION['navigation']->path[$back]['mode']);
} else {
if (strstr(HTTP_SERVER, $_SERVER['HTTP_REFERER'])) {
$link = $_SERVER['HTTP_REFERER'];
} else {
$link = oos_href_link($aModules['main'], $aFilename['main']);
}
}
while (substr($link, -5) == '&' || substr($link, -1) == '?') {
if (substr($link, -1) == '?') {
$link = substr($link, 0, -1);
} else {
$link = substr($link, 0, -5);
}
}
$title = decode($title);
return '<a href="' . $link . '" title="' . $title . '" class="' . $color . '">' . $title . '</a>';
}
function smarty_function_oos_back_link($params, &$smarty)
{
$aModules = oos_get_modules();
$aFilename = oos_get_filename();
if (count($_SESSION['navigation']->path) - 2 > 0) {
$back = count($_SESSION['navigation']->path) - 2;
$link = oos_href_link($_SESSION['navigation']->path[$back]['modules'], $_SESSION['navigation']->path[$back]['file'], $_SESSION['navigation']->path[$back]['get'] . '&history_back=true', $_SESSION['navigation']->path[$back]['mode']);
} else {
if (isset($_SERVER['HTTP_REFERER']) && strstr(HTTP_SERVER, $_SERVER['HTTP_REFERER'])) {
$link = $_SERVER['HTTP_REFERER'];
} else {
$link = oos_href_link($aModules['main'], $aFilename['main']);
}
}
while (substr($link, -5) == '&' || substr($link, -1) == '?') {
if (substr($link, -1) == '?') {
$link = substr($link, 0, -1);
} else {
$link = substr($link, 0, -5);
}
}
return $link;
}
function create_plugin_instance()
{
global $oBreadcrumb, $aLang, $aCategoryPath;
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
// include the breadcrumb class and start the breadcrumb trail
MyOOS_CoreApi::requireOnce('classes/class_breadcrumb.php');
$oBreadcrumb = new breadcrumb();
$oBreadcrumb->add($aLang['header_title_top'], oos_href_link($aModules['main'], $aFilename['main']));
// add category names or the manufacturer name to the breadcrumb trail
if (isset($aCategoryPath) && count($aCategoryPath) > 0) {
$nLanguageID = isset($_SESSION['language_id']) ? $_SESSION['language_id'] + 0 : 1;
for ($i = 0, $n = count($aCategoryPath); $i < $n; $i++) {
$categories_descriptiontable = $oostable['categories_description'];
$categories_sql = "SELECT categories_name\n FROM {$categories_descriptiontable}\n WHERE categories_id = '" . intval($aCategoryPath[$i]) . "'\n AND categories_languages_id = '" . intval($nLanguageID) . "'";
$categories = $dbconn->Execute($categories_sql);
if ($categories->RecordCount() > 0) {
$oBreadcrumb->add($categories->fields['categories_name'], oos_href_link($aModules['main'], $aFilename['shop'], 'categories=' . implode('_', array_slice($aCategoryPath, 0, $i + 1))));
} else {
break;
}
}
} elseif (isset($_GET['manufacturers_id']) && is_numeric($_GET['manufacturers_id'])) {
$manufacturers_id = intval($_GET['manufacturers_id']);
$manufacturerstable = $oostable['manufacturers'];
$manufacturers_sql = "SELECT manufacturers_name\n FROM {$manufacturerstable}\n WHERE manufacturers_id = '" . intval($manufacturers_id) . "'";
$manufacturers = $dbconn->Execute($manufacturers_sql);
if ($manufacturers->RecordCount() > 0) {
$oBreadcrumb->add($aLang['header_title_catalog'], oos_href_link($aModules['main'], $aFilename['shop']));
$oBreadcrumb->add($manufacturers->fields['manufacturers_name'], oos_href_link($aModules['main'], $aFilename['shop'], 'manufacturers_id=' . $_GET['manufacturers_id']));
}
}
return true;
}
/**
* Smarty {tooltip} function plugin
*
* Type: function<br>
* Name: tooltip<br>
* Purpose: make text pop up in windows via wz_tooltip
* Author: r23 <info at r23 dot de>
* @param array
* @param Smarty
* @return string
*/
function smarty_function_tooltip($params, &$smarty)
{
require_once $smarty->_get_plugin_filepath('function', 'html_href_link');
$aModules = oos_get_modules();
$aFilename = oos_get_filename();
$basedir = OOS_IMAGES;
$height = SMALL_IMAGE_HEIGHT;
$width = SMALL_IMAGE_WIDTH;
$align = 'right';
$image = '';
$sLanguage = oos_var_prep_for_os($_SESSION['language']);
foreach ($params as $_key => $_val) {
switch ($_key) {
case 'image':
case 'height':
case 'width':
case 'basedir':
case 'align':
case 'products_description':
case 'products_id':
${$_key} = (string) $_val;
break;
default:
$smarty->trigger_error("[tooltip] unknown parameter {$_key}", E_USER_WARNING);
break;
}
}
$image = $basedir . $image;
if ((empty($image) || $image == OOS_IMAGES) && IMAGE_REQUIRED == '0') {
return false;
}
if ((empty($image) || $image == OOS_IMAGES) && IMAGE_REQUIRED == '1') {
if (is_readable(OOS_ABSOLUTE_PATH . OOS_IMAGES . 'no_picture_' . $sLanguage . '.gif')) {
$image = OOS_IMAGES . 'no_picture_' . $sLanguage . '.gif';
} elseif (is_readable(OOS_ABSOLUTE_PATH . OOS_IMAGES . 'no_picture.gif')) {
$image = OOS_IMAGES . 'no_picture.gif';
} else {
return false;
}
$image_size = @getimagesize($image);
$width = $image_size[0];
$height = $image_size[1];
} elseif (CONFIG_CALCULATE_IMAGE_SIZE == '1' && (empty($width) || empty($height))) {
if (is_readable(OOS_ABSOLUTE_PATH . $image)) {
$image_size = @getimagesize($image);
if (empty($width) && oos_is_not_null($height)) {
$ratio = $height / $image_size[1];
$width = $image_size[0] * $ratio;
} elseif (oos_is_not_null($width) && empty($height)) {
$ratio = $width / $image_size[0];
$height = $image_size[1] * $ratio;
} elseif (empty($width) && empty($height)) {
$width = $image_size[0];
$height = $image_size[1];
}
} elseif (IMAGE_REQUIRED == '1') {
if (is_readable(OOS_ABSOLUTE_PATH . OOS_IMAGES . 'no_picture_' . $sLanguage . '.gif')) {
$image = OOS_IMAGES . 'no_picture_' . $sLanguage . '.gif';
} elseif (is_readable(OOS_ABSOLUTE_PATH . OOS_IMAGES . 'no_picture.gif')) {
$image = OOS_IMAGES . 'no_picture.gif';
} else {
return false;
}
$image_size = @getimagesize($image);
$width = $image_size[0];
$height = $image_size[1];
} else {
return false;
}
}
$image = '<img src=' . $image . ' align=' . $align . ' width=' . $width . ' height=' . $height . '>';
$link_params = array();
$link_params = array('modul' => $aModules['products'], 'file' => $aFilename['product_info'], 'products_id' => $params['products_id']);
$link = smarty_function_html_href_link($link_params, $smarty);
$products_description = strip_tags($products_description);
$products_description = preg_replace(array("!'!", "![\r\n]!"), array("\\'", '\\r'), $products_description);
$products_description = str_replace('"', ' ', $products_description);
return '<a onmouseover="Tip(\'' . $image . ' ' . $products_description . '\', WIDTH, 200)" onmouseout="UnTip()" href="' . $link . '" target="_top">';
}
function before_process()
{
global $aLang;
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
if ($_POST['x_response_code'] == '1') {
return;
}
if ($_POST['x_response_code'] == '2') {
$_SESSION['error_message'] = $aLang['module_payment_authorizenet_text_declined_message'];
MyOOS_CoreApi::redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], '', 'SSL', true, false));
}
// Code 3 is an error - but anything else is an error too (IMHO)
$_SESSION['error_message'] = $aLang['module_payment_authorizenet_text_error_message'];
MyOOS_CoreApi::redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], '', 'SSL', true, false));
}
/**
* Redirect to another page or site
*
* @param string $sUrl
* @return string
*/
function redirect($sUrl)
{
if (strpos($sUrl, "\n") !== false || strpos($sUrl, "\r") !== false) {
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
$sUrl = oos_href_link($aModules['main'], $aFilename['main'], null, 'NONSSL', false);
}
if (strpos($sUrl, '&') !== false) {
$sUrl = str_replace('&', '&', $sUrl);
}
header('Location: ' . $sUrl);
oos_exit();
}
function pre_confirmation_check()
{
global $banktransfer_number, $banktransfer_blz, $aLang;
if ($_POST['banktransfer_fax'] == false) {
include 'includes/classes/class_banktransfer_validation.php';
$banktransfer_validation = new AccountCheck();
$banktransfer_result = $banktransfer_validation->CheckAccount($banktransfer_number, $banktransfer_blz);
if ($banktransfer_result > 0 || $_POST['banktransfer_owner'] == '') {
if ($_POST['banktransfer_owner'] == '') {
$error = 'Name des Kontoinhabers fehlt!';
$recheckok = '';
} else {
switch ($banktransfer_result) {
case 1:
// number & blz not ok
$error = $aLang['module_payment_banktransfer_text_bank_error_1'];
$recheckok = '1';
break;
case 5:
// BLZ not found
$error = $aLang['module_payment_banktransfer_text_bank_error_5'];
$recheckok = '1';
break;
case 8:
// no blz entered
$error = $aLang['module_payment_banktransfer_text_bank_error_8'];
$recheckok = '';
break;
case 9:
// no number entered
$error = $aLang['module_payment_banktransfer_text_bank_error_9'];
$recheckok = '';
break;
default:
$error = $aLang['module_payment_banktransfer_text_bank_error_4'];
$recheckok = '1';
break;
}
}
if ($_POST['recheckok'] != '1') {
$payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&banktransfer_owner=' . urlencode($_POST['banktransfer_owner']) . '&banktransfer_number=' . urlencode($_POST['banktransfer_number']) . '&banktransfer_blz=' . urlencode($_POST['banktransfer_blz']) . '&banktransfer_bankname=' . urlencode($_POST['banktransfer_bankname']) . '&recheckok=' . $recheckok;
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
MyOOS_CoreApi::redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], $payment_error_return, 'SSL', true, false));
}
}
$this->banktransfer_owner = oos_prepare_input($_POST['banktransfer_owner']);
$this->banktransfer_blz = oos_prepare_input($_POST['banktransfer_blz']);
$this->banktransfer_number = oos_prepare_input($_POST['banktransfer_number']);
$this->banktransfer_prz = $banktransfer_validation->PRZ;
$this->banktransfer_status = $banktransfer_result;
if ($banktransfer_validation->Bankname != '') {
$this->banktransfer_bankname = $banktransfer_validation->Bankname;
} else {
$this->banktransfer_bankname = oos_prepare_input($_POST['banktransfer_bankname']);
}
}
}
function process_button()
{
global $oOrder, $oCurrencies;
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
$process_button_string = oos_draw_hidden_field('cmd', '_xclick') . oos_draw_hidden_field('email', MODULE_PAYMENT_NOCHEX_ID) . oos_draw_hidden_field('amount', number_format($oOrder->info['total'] * $oCurrencies->currencies['GBP']['value'], $oCurrencies->currencies['GBP']['decimal_places'])) . oos_draw_hidden_field('ordernumber', $_SESSION['customer_id'] . '-' . date('Ymdhis')) . oos_draw_hidden_field('returnurl', oos_href_link($aModules['checkout'], $aFilename['checkout_process'], '', 'SSL')) . oos_draw_hidden_field('cancel_return', oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], '', 'SSL'));
return $process_button_string;
}
function before_process()
{
global $aLang;
if ($_POST['x_response_code'] != '1') {
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
$_SESSION['error_message'] = $aLang['module_payment_2checkout_text_error_message'];
MyOOS_CoreApi::redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], '', 'SSL', true, false));
}
}
function create_plugin_instance()
{
global $request_type, $spider_flag, $spider_kill_sid;
$user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
$spider_flag = false;
$spider_kill_sid = '0';
// set the top level domains
$http_domain = oos_server_get_top_level_domain(OOS_HTTP_SERVER);
$https_domain = oos_server_get_top_level_domain(OOS_HTTPS_SERVER);
$current_domain = $request_type == 'NONSSL' ? $http_domain : $https_domain;
// set the session cookie parameters
if (function_exists('session_set_cookie_params')) {
session_set_cookie_params(0, '/', oos_is_not_null($current_domain) ? '.' . $current_domain : '');
} elseif (function_exists('ini_set')) {
ini_set('session.cookie_lifetime', '0');
ini_set('session.cookie_path', '/');
ini_set('session.cookie_domain', oos_is_not_null($current_domain) ? '.' . $current_domain : '');
}
// set the session ID if it exists
if (isset($_POST[oos_session_name()]) && ctype_alnum($_POST[oos_session_name()])) {
oos_session_id($_POST[oos_session_name()]);
} elseif (isset($_GET[oos_session_name()]) && ctype_alnum($_GET[oos_session_name()])) {
oos_session_id($_GET[oos_session_name()]);
}
if (empty($user_agent) === false) {
$spider_agent = @parse_ini_file('includes/ini/spiders.ini');
foreach ($spider_agent as $spider) {
if (empty($spider) === false) {
if (strpos($user_agent, trim($spider)) !== false) {
$spider_kill_sid = '1';
$spider_flag = true;
break;
}
}
}
}
if ($spider_flag === false) {
// set the session name and save path
oos_session_name('OOSSID');
// lets start our session
oos_session_start();
}
if (!isset($_SESSION)) {
$_SESSION = array();
}
// create the shopping cart
if (!isset($_SESSION['cart'])) {
$_SESSION['cart'] = new shoppingCart();
}
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new oosNavigationHistory();
}
if (!isset($_SESSION['error_cart_msg'])) {
$_SESSION['error_cart_msg'] = '';
}
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
// verify the browser user agent
$http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
if (!isset($_SESSION['session_user_agent'])) {
$_SESSION['session_user_agent'] = $http_user_agent;
}
if ($_SESSION['session_user_agent'] != $http_user_agent) {
unset($_SESSION['customer_id']);
unset($_SESSION['session_user_agent']);
$_SESSION['cart']->reset();
$_SESSION['member']->default_member();
MyOOS_CoreApi::redirect(oos_href_link($aModules['user'], $aFilename['login'], '', 'SSL'));
}
// verify the IP address
if (!isset($_SESSION['session_ip_address'])) {
$_SESSION['session_ip_address'] = MyOOS_Utilities::getRemoteHostAddress();
}
if ($_SESSION['session_ip_address'] != MyOOS_Utilities::getRemoteHostAddress()) {
unset($_SESSION['customer_id']);
unset($_SESSION['session_ip_address']);
$_SESSION['cart']->reset();
$_SESSION['member']->default_member();
MyOOS_CoreApi::redirect(oos_href_link($aModules['user'], $aFilename['login'], '', 'SSL'));
}
return true;
}
function process_button()
{
global $oOrder, $oCurrencies;
if (MODULE_PAYMENT_PAYPAL_CURRENCY == 'Selected Currency') {
$my_currency = $_SESSION['currency'];
} else {
$my_currency = substr(MODULE_PAYMENT_PAYPAL_CURRENCY, 5);
}
if (!in_array($my_currency, array('CAD', 'EUR', 'GBP', 'JPY', 'USD'))) {
$my_currency = 'EUR';
}
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
$process_button_string = oos_draw_hidden_field('cmd', '_xclick') . oos_draw_hidden_field('business', MODULE_PAYMENT_PAYPAL_ID) . oos_draw_hidden_field('item_name', oos_replace_chars(STORE_NAME)) . oos_draw_hidden_field('amount', number_format(($oOrder->info['total'] - $oOrder->info['shipping_cost']) * $oCurrencies->get_value($my_currency), $oCurrencies->get_decimal_places($my_currency))) . oos_draw_hidden_field('first_name', oos_replace_chars($oOrder->billing['firstname'])) . oos_draw_hidden_field('last_name', oos_replace_chars($oOrder->billing['lastname'])) . oos_draw_hidden_field('address1', oos_replace_chars($oOrder->billing['street_address'])) . oos_draw_hidden_field('address2', oos_replace_chars($oOrder->billing['suburb'])) . oos_draw_hidden_field('city', oos_replace_chars($oOrder->billing['city'])) . oos_draw_hidden_field('state', oos_replace_chars($oOrder->billing['state'])) . oos_draw_hidden_field('zip', $oOrder->billing['postcode']) . oos_draw_hidden_field('lc', $oOrder->billing['country']['iso_code_2']) . oos_draw_hidden_field('email', $oOrder->customer['email_address']) . oos_draw_hidden_field('shipping', number_format($oOrder->info['shipping_cost'] * $oCurrencies->get_value($my_currency), $oCurrencies->get_decimal_places($my_currency))) . oos_draw_hidden_field('currency_code', $my_currency) . oos_draw_hidden_field('rm', '2') . oos_draw_hidden_field('bn', 'OOS [OSIS Online Shop]') . oos_draw_hidden_field('no_note', '1');
$process_button_string .= '<input type="hidden" name="return" value="' . oos_href_link($aModules['checkout'], $aFilename['checkout_process'], '', 'SSL') . '" >';
$process_button_string .= '<input type="hidden" name="cancel_return" value="' . oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], '', 'SSL') . '" >';
return $process_button_string;
}
function process_button()
{
global $oOrder, $oCurrencies;
switch (MODULE_PAYMENT_IPAYMENT_CURRENCY) {
case 'Always EUR':
$trx_currency = 'EUR';
break;
case 'Always USD':
$trx_currency = 'USD';
break;
case 'Either EUR or USD, else EUR':
if ($_SESSION['currency'] == 'EUR' || $_SESSION['currency'] == 'USD') {
$trx_currency = $_SESSION['currency'];
} else {
$trx_currency = 'EUR';
}
break;
case 'Either EUR or USD, else USD':
if ($_SESSION['currency'] == 'EUR' || $_SESSION['currency'] == 'USD') {
$trx_currency = $_SESSION['currency'];
} else {
$trx_currency = 'USD';
}
break;
}
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
$process_button_string = oos_draw_hidden_field('silent', '1') . oos_draw_hidden_field('trx_paymenttyp', 'cc') . oos_draw_hidden_field('trxuser_id', MODULE_PAYMENT_IPAYMENT_USER_ID) . oos_draw_hidden_field('trxpassword', MODULE_PAYMENT_IPAYMENT_PASSWORD) . oos_draw_hidden_field('item_name', STORE_NAME) . oos_draw_hidden_field('trx_currency', $trx_currency) . oos_draw_hidden_field('trx_amount', number_format($oOrder->info['total'] * 100 * $oCurrencies->get_value($trx_currency), 0, '', '')) . oos_draw_hidden_field('cc_expdate_month', $_POST['ipayment_cc_expires_month']) . oos_draw_hidden_field('cc_expdate_year', $_POST['ipayment_cc_expires_year']) . oos_draw_hidden_field('cc_number', $_POST['ipayment_cc_number']) . oos_draw_hidden_field('cc_checkcode', $_POST['ipayment_cc_checkcode']) . oos_draw_hidden_field('addr_name', $_POST['ipayment_cc_owner']) . oos_draw_hidden_field('addr_email', $oOrder->customer['email_address']) . oos_draw_hidden_field('redirect_url', oos_href_link($aModules['checkout'], $aFilename['checkout_process'], '', 'SSL', true)) . oos_draw_hidden_field('silent_error_url', oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], 'payment_error=' . $this->code . '&ipayment_cc_owner=' . urlencode($_POST['ipayment_cc_owner']), 'SSL', true));
return $process_button_string;
}
function collect_posts()
{
global $oCurrencies, $aLang;
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
if ($_POST['gv_redeem_code']) {
// get some info from the coupon table
$couponstable = $oostable['coupons'];
$sql = "SELECT coupon_id, coupon_amount, coupon_type, coupon_minimum_order,\n uses_per_coupon, uses_per_user, restrict_to_products,\n restrict_to_categories\n FROM {$couponstable}\n WHERE coupon_code = '" . oos_db_input($_POST['gv_redeem_code']) . "'\n AND coupon_active = 'Y'";
$coupon_query = $dbconn->Execute($sql);
$coupon_result = $coupon_query->fields;
if ($coupon_result['coupon_type'] != 'G') {
if ($coupon_query->RecordCount() == 0) {
$_SESSION['error_message'] = $aLang['error_no_invalid_redeem_coupon'];
oos_redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], '', 'SSL'));
}
$couponstable = $oostable['coupons'];
$sql = "SELECT coupon_start_date\n FROM {$couponstable}\n WHERE coupon_start_date <= '" . date("Y-m-d H:i:s", time()) . "'\n AND coupon_code= '" . oos_db_input($_POST['gv_redeem_code']) . "'";
$date_query = $dbconn->Execute($sql);
if ($date_query->RecordCount() == 0) {
$_SESSION['error_message'] = $aLang['error_invalid_startdate_coupon'];
oos_redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], '', 'SSL'));
}
$couponstable = $oostable['coupons'];
$sql = "SELECT coupon_expire_date\n FROM {$couponstable}\n WHERE coupon_expire_date >= '" . date("Y-m-d H:i:s", time()) . "'\n AND coupon_code= '" . oos_db_input($_POST['gv_redeem_code']) . "'";
$date_query = $dbconn->Execute($sql);
if ($date_query->RecordCount() == 0) {
$_SESSION['error_message'] = $aLang['error_invalid_finisdate_coupon'];
oos_redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], '', 'SSL'));
}
$coupon_redeem_tracktable = $oostable['coupon_redeem_track'];
$sql = "SELECT coupon_id\n FROM {$coupon_redeem_tracktable}\n WHERE coupon_id = '" . $coupon_result['coupon_id'] . "'";
$coupon_count = $dbconn->Execute($sql);
$coupon_redeem_tracktable = $oostable['coupon_redeem_track'];
$sql = "SELECT coupon_id\n FROM {$coupon_redeem_tracktable}\n WHERE coupon_id = '" . $coupon_result['coupon_id'] . "'\n AND customer_id = '" . intval($_SESSION['customer_id']) . "'";
$coupon_count_customer = $dbconn->Execute($sql);
if ($coupon_count->RecordCount() >= $coupon_result['uses_per_coupon'] && $coupon_result['uses_per_coupon'] > 0) {
$_SESSION['error_message'] = $aLang['error_invalid_uses_coupon'] . $coupon_result['uses_per_coupon'] . $aLang['times'];
oos_redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], '', 'SSL'));
}
if ($coupon_count_customer->RecordCount() >= $coupon_result['uses_per_user'] && $coupon_result['uses_per_user'] > 0) {
$_SESSION['error_message'] = $aLang['error_invalid_uses_user_coupon'] . $coupon_result['uses_per_user'] . $aLang['times'];
oos_redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], '', 'SSL'));
}
if ($coupon_result['coupon_type'] == 'S') {
$coupon_amount = $oOrder->info['shipping_cost'];
} else {
$coupon_amount = $oCurrencies->format($coupon_result['coupon_amount']) . ' ';
}
if ($coupon_result['type'] == 'P') {
$coupon_amount = $coupon_result['coupon_amount'] . '% ';
}
if ($coupon_result['coupon_minimum_order'] > 0) {
$coupon_amount .= 'on orders greater than ' . $coupon_result['coupon_minimum_order'];
}
$_SESSION['cc_id'] = $coupon_result['coupon_id'];
}
if ($_POST['submit_redeem_coupon_x'] && !$_POST['gv_redeem_code']) {
$_SESSION['error_message'] = $aLang['error_no_invalid_redeem_coupon'];
oos_redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], '', 'SSL'));
}
}
}
function pre_confirmation_check()
{
global $aLang;
include 'includes/classes/class_cc_validation.php';
$cc_validation = new cc_validation();
$result = $cc_validation->validate($_POST['cc_number'], $_POST['cc_expires_month'], $_POST['cc_expires_year'], $_POST['cc_start_month'], $_POST['cc_start_year'], $_POST['cc_cvv'], $_POST['cc_issue']);
$error = '';
switch ($result) {
case -1:
$error = sprintf($aLang['text_ccval_error_unknown_card'], substr($cc_validation->cc_number, 0, 4));
break;
case -2:
case -3:
case -4:
$error = $aLang['text_ccval_error_invalid_date'];
break;
case -5:
$cards = '';
if (MODULE_PAYMENT_CC_ACCEPT_VISA == '1') {
$cards .= ' Visa,';
}
if (MODULE_PAYMENT_CC_ACCEPT_MASTERCARD == '1') {
$cards .= ' Master Card,';
}
if (MODULE_PAYMENT_CC_ACCEPT_AMERICANEXPRESS == '1') {
$cards .= ' American Express,';
}
if (MODULE_PAYMENT_CC_ACCEPT_DINERSCLUB == '1') {
$cards .= ' Diners Club,';
}
if (MODULE_PAYMENT_CC_ACCEPT_DISCOVERNOVUS == '1') {
$cards .= ' Discover,';
}
if (MODULE_PAYMENT_CC_ACCEPT_JCB == '1') {
$cards .= ' JCB,';
}
if (MODULE_PAYMENT_CC_ACCEPT_OZBANKCARD == '1') {
$cards .= ' Australian BankCard,';
}
$error = sprintf($aLang['text_card_not_aczepted'], $cc_validation->cc_type) . $cards;
break;
case false:
$error = $aLang['text_ccval_error_invalid_number'];
break;
}
if ($result == false || $result < 1) {
$payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&cc_owner=' . urlencode($_POST['cc_owner']) . '&cc_expires_month=' . $_POST['cc_expires_month'] . '&cc_expires_year=' . $_POST['cc_expires_year'];
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
MyOOS_CoreApi::redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], $payment_error_return, 'SSL', true, false));
}
if (USE_CC_CVV != '1') {
$this->cc_cvv = '000';
}
$this->cc_card_type = $cc_validation->cc_type;
$this->cc_card_number = $cc_validation->cc_number;
}
function before_process()
{
global $aLang;
if (!isset($_GET['transStatus']) && $transStatus != "Y") {
$error = $aLang['module_payment_worldpay_text_error_1'];
$payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error);
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
MyOOS_CoreApi::redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], $payment_error_return, 'SSL', true, false));
}
}
function before_process()
{
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
if ($_POST['valid'] == '1') {
if ($remote_host = oos_server_get_var('REMOTE_HOST')) {
if ($remote_host != 'secpay.com') {
$remote_host = @gethostbyaddr($remote_host);
}
if ($remote_host != 'secpay.com') {
MyOOS_CoreApi::redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], oos_session_name() . '=' . $_POST[oos_session_name()] . '&payment_error=' . $this->code, 'SSL', false, false));
}
} else {
MyOOS_CoreApi::redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], oos_session_name() . '=' . $_POST[oos_session_name()] . '&payment_error=' . $this->code, 'SSL', false, false));
}
}
}
function buildBranch($parent_id, $level = 0)
{
$result = $this->parent_group_start_string;
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
if (isset($this->data[$parent_id])) {
foreach ($this->data[$parent_id] as $category_id => $category) {
if ($this->breadcrumb_usage == true) {
$category_link = $this->buildBreadcrumb($category_id);
} else {
$category_link = $category_id;
}
$sLink = '<a href="' . oos_href_link($aModules['main'], $aFilename['shop'], 'categories=' . $category_link) . '" title="' . $category['name'] . '">';
$result .= $this->child_start_string;
if (isset($this->data[$category_id])) {
$result .= $this->parent_start_string;
}
if ($level == 0) {
$result .= $this->root_start_string;
}
$result .= str_repeat($this->spacer_string, $this->spacer_multiplier * $level);
if ($this->show_image_folder === true) {
$result .= $sLink;
if (in_array($category_id, $this->cpath_array)) {
$result .= oos_image_folder('current_folder.png', $category['name']);
} else {
$result .= oos_image_folder('folder.png', $category['name']);
}
$result .= '</a> ';
}
$result .= $sLink;
if ($this->follow_cpath === true) {
if (in_array($category_id, $this->cpath_array)) {
$result .= $this->cpath_start_string . $category['name'] . $this->cpath_end_string;
} else {
$result .= $category['name'];
}
} else {
$result .= $category['name'];
}
$result .= '</a>';
if ($this->show_category_product_count === true) {
$result .= $this->category_product_count_start_string . $category['count'] . $this->category_product_count_end_string;
}
if ($level == 0) {
$result .= $this->root_end_string;
}
if (isset($this->data[$category_id])) {
$result .= $this->parent_end_string;
}
$result .= $this->child_end_string;
if (isset($this->data[$category_id]) && ($this->max_level == '0' || $this->max_level > $level + 1)) {
if ($this->follow_cpath === true) {
if (in_array($category_id, $this->cpath_array)) {
$result .= $this->buildBranch($category_id, $level + 1);
}
} else {
$result .= $this->buildBranch($category_id, $level + 1);
}
}
}
}
$result .= $this->parent_group_end_string;
return $result;
}
/**
* Funciton to generate category sitemap data
*
* @return boolean
*/
function GenerateCategorySitemap()
{
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
$categoriestable = $oostable['categories'];
$sql = "SELECT categories_id as cID, date_added, last_modified as last_mod\n FROM {$categoriestable}\n WHERE categories_status = '1'\n AND access = '0'\n ORDER BY parent_id ASC, sort_order ASC, categories_id ASC";
if ($categories_query = $dbconn->Execute($sql)) {
$this->debug['QUERY']['CATEOGRY']['STATUS'] = 'success';
$this->debug['QUERY']['CATEOGRY']['NUM_ROWS'] = $categories_query->RecordCount();
$container = array();
$number = 0;
while ($result = $categories_query->fields) {
$location = oos_href_link($aModules['main'], $aFilename['shop'], 'categories=' . $this->GetFullcategories($result['cID']), 'NONSSL', false, true);
$lastmod = oos_is_not_null($result['last_mod']) ? $result['last_mod'] : $result['date_added'];
$changefreq = GOOGLE_SITEMAP_CAT_CHANGE_FREQ;
$priority = 0.5;
$container[] = array('loc' => htmlspecialchars(utf8_encode($location)), 'lastmod' => date("Y-m-d", strtotime($lastmod)), 'changefreq' => $changefreq, 'priority' => $priority);
if (sizeof($container) >= 50000) {
$type = $number == 0 ? 'categories' : 'categories' . $number;
$this->GenerateSitemap($container, $type);
$container = array();
$number++;
}
// Move that ADOdb pointer!
$categories_query->MoveNext();
}
if (sizeof($container) > 1) {
$type = $number == 0 ? 'categories' : 'categories' . $number;
return $this->GenerateSitemap($container, $type);
}
} else {
$this->debug['QUERY']['CATEOGRY']['STATUS'] = '0';
$this->debug['QUERY']['CATEOGRY']['NUM_ROWS'] = '0';
}
}
function collect_posts()
{
global $oCurrencies, $coupon_no, $aLang;
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
if ($_POST['gv_redeem_code']) {
$couponstable = $oostable['coupons'];
$gv_query = $dbconn->Execute("SELECT coupon_id, coupon_type, coupon_amount FROM {$couponstable} WHERE coupon_code = '" . oos_db_input($_POST['gv_redeem_code']) . "'");
$gv_result = $gv_query->fields;
if ($gv_query->RecordCount() != 0) {
$coupon_redeem_tracktable = $oostable['coupon_redeem_track'];
$redeem_query = $dbconn->Execute("SELECT * FROM {$coupon_redeem_tracktable} WHERE coupon_id = '" . $gv_result['coupon_id'] . "'");
if ($redeem_query->RecordCount() != 0 && $gv_result['coupon_type'] == 'G') {
$_SESSION['error_message'] = $aLang['error_no_invalid_redeem_gv'];
MyOOS_CoreApi::redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], '', 'SSL'));
}
}
if ($gv_result['coupon_type'] == 'G') {
$gv_amount = $gv_result['coupon_amount'];
// Things to set
// ip address of claimant
// customer id of claimant
// date
// redemption flag
// now update customer account with gv_amount
$coupon_gv_customertable = $oostable['coupon_gv_customer'];
$gv_amount_query = $dbconn->Execute("SELECT amount FROM {$coupon_gv_customertable} WHERE customer_id = '" . intval($_SESSION['customer_id']) . "'");
$customer_gv = false;
$total_gv_amount = $gv_amount;
if ($gv_amount_result = $gv_amount_query->fields) {
$total_gv_amount = $gv_amount_result['amount'] + $gv_amount;
$customer_gv = true;
}
$couponstable = $oostable['coupons'];
$gv_update = $dbconn->Execute("UPDATE {$couponstable}\n SET coupon_active = 'N'\n WHERE coupon_id = '" . $gv_result['coupon_id'] . "'");
$remote_addr = $_SESSION['session_ip_address'];
$coupon_redeem_tracktable = $oostable['coupon_redeem_track'];
$gv_redeem = $dbconn->Execute("INSERT INTO {$coupon_redeem_tracktable}\n (coupon_id,\n customer_id,\n redeem_date,\n redeem_ip) VALUES ('" . $gv_result['coupon_id'] . "',\n '" . intval($_SESSION['customer_id']) . "',\n '" . date("Y-m-d H:i:s", time()) . "',\n '" . oos_db_input($remote_addr) . "')");
if ($customer_gv) {
$coupon_gv_customertable = $oostable['coupon_gv_customer'];
// already has gv_amount so update
$gv_update = $dbconn->Execute("UPDATE {$coupon_gv_customertable}\n SET amount = '" . $total_gv_amount . "'\n WHERE customer_id = '" . intval($_SESSION['customer_id']) . "'");
} else {
// no gv_amount so insert
$coupon_gv_customertable = $oostable['coupon_gv_customer'];
$gv_insert = $dbconn->Execute("INSERT INTO {$coupon_gv_customertable}\n (customer_id,\n amount) VALUES ('" . intval($_SESSION['customer_id']) . "',\n '" . $total_gv_amount . "')");
}
$_SESSION['error_message'] = $aLang['error_redeemed_amount'] . $oCurrencies->format($gv_amount);
MyOOS_CoreApi::redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], '', 'SSL'));
}
}
if ($_POST['submit_redeem_x'] && $gv['coupon_type'] == 'G') {
MyOOS_CoreApi::redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], 'error_message=' . urlencode(decode($aLang['error_no_redeem_code'])), 'SSL'));
}
}
/**
* Display a banner from the specified group or banner id ($identifier)
*
* @param $action
* @param $identifier
* @return string
*/
function oos_display_banner($action, $identifier)
{
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
if ($action == 'dynamic') {
$bannerstable = $oostable['banners'];
$banners = $dbconn->Execute("SELECT COUNT(*) AS total FROM {$bannerstable} WHERE status = '1' AND banners_group = '" . oos_db_input($identifier) . "'");
if ($banners->fields['total'] > 0) {
$bannerstable = $oostable['banners'];
$banner = oos_random_select("SELECT banners_id, banners_title, banners_image, banners_html_text FROM {$bannerstable} WHERE status = '1' AND banners_group = '" . oos_db_input($identifier) . "'");
} else {
trigger_error("oos_display_banner(' . {$action} . ', ' . {$identifier} . ') -> No banners with group \\'' . {$identifier} . '\\' found!", E_USER_ERROR);
return false;
}
} elseif ($action == 'static') {
if (is_array($identifier)) {
$banner = $identifier;
} else {
$bannerstable = $oostable['banners'];
$banner_result = $dbconn->Execute("SELECT banners_id, banners_title, banners_image, banners_html_text FROM {$bannerstable} WHERE status = '1' AND banners_id = '" . oos_db_input($identifier) . "'");
if ($banner_result->RecordCount() > 0) {
$banner = $banner_result->fields;
} else {
trigger_error("oos_display_banner(' . {$action} . ', ' . {$identifier} . ') -> Banner with ID \\'' . {$identifier} . '\\' not found, or status inactive", E_USER_ERROR);
return false;
}
}
} else {
trigger_error("oos_display_banner(' . {$action} . ', ' . {$identifier} . ') -> Unknown {$action} parameter value - it must be either \\'dynamic\\' or \\'static\\'", E_USER_ERROR);
return false;
}
if (oos_is_not_null($banner['banners_html_text'])) {
$banner_string = $banner['banners_html_text'];
} else {
$banner_string = '<a href="' . oos_href_link($aModules['main'], $aFilename['redirect'], 'action=banner&goto=' . $banner['banners_id']) . '" target="_blank">' . oos_image(OOS_IMAGES . $banner['banners_image'], $banner['banners_title']) . '</a>';
}
oos_update_banner_display_count($banner['banners_id']);
return $banner_string;
}
function process_button()
{
global $oOrder, $oCurrencies;
switch (MODULE_PAYMENT_PSIGATE_TRANSACTION_MODE) {
case 'Always Good':
$transaction_mode = '1';
break;
case 'Always Duplicate':
$transaction_mode = '2';
break;
case 'Always Decline':
$transaction_mode = '3';
break;
case 'Production':
default:
$transaction_mode = '0';
break;
}
switch (MODULE_PAYMENT_PSIGATE_TRANSACTION_TYPE) {
case 'Sale':
$transaction_type = '0';
break;
case 'PostAuth':
$transaction_type = '2';
break;
case 'PreAuth':
default:
$transaction_type = '1';
break;
}
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
$process_button_string = oos_draw_hidden_field('MerchantID', MODULE_PAYMENT_PSIGATE_MERCHANT_ID) . oos_draw_hidden_field('FullTotal', number_format($oOrder->info['total'] * $oCurrencies->get_value(MODULE_PAYMENT_PSIGATE_CURRENCY), $oCurrencies->currencies[MODULE_PAYMENT_PSIGATE_CURRENCY]['decimal_places'])) . oos_draw_hidden_field('ThanksURL', oos_href_link($aModules['checkout'], $aFilename['checkout_process'], '', 'SSL', true)) . oos_draw_hidden_field('NoThanksURL', oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], 'payment_error=' . $this->code, 'NONSSL', true)) . oos_draw_hidden_field('Bname', $oOrder->billing['firstname'] . ' ' . $oOrder->billing['lastname']) . oos_draw_hidden_field('Baddr1', $oOrder->billing['street_address']) . oos_draw_hidden_field('Bcity', $oOrder->billing['city']) . oos_draw_hidden_field('Bstate', $oOrder->billing['state']) . oos_draw_hidden_field('Bzip', $oOrder->billing['postcode']) . oos_draw_hidden_field('Bcountry', $oOrder->billing['country']['iso_code_2']) . oos_draw_hidden_field('Phone', $oOrder->customer['telephone']) . oos_draw_hidden_field('Email', $oOrder->customer['email_address']) . oos_draw_hidden_field('Sname', $oOrder->delivery['firstname'] . ' ' . $oOrder->delivery['lastname']) . oos_draw_hidden_field('Saddr1', $oOrder->delivery['street_address']) . oos_draw_hidden_field('Scity', $oOrder->delivery['city']) . oos_draw_hidden_field('Sstate', $oOrder->delivery['state']) . oos_draw_hidden_field('Szip', $oOrder->delivery['postcode']) . oos_draw_hidden_field('Scountry', $oOrder->delivery['country']['iso_code_2']) . oos_draw_hidden_field('ChargeType', $transaction_type) . oos_draw_hidden_field('Result', $transaction_mode) . oos_draw_hidden_field('IP', $_SERVER['REMOTE_ADDR']);
if (MODULE_PAYMENT_PSIGATE_INPUT_MODE == 'Local') {
$process_button_string .= oos_draw_hidden_field('CardNumber', $this->cc_card_number) . oos_draw_hidden_field('ExpMonth', $this->cc_expiry_month) . oos_draw_hidden_field('ExpYear', substr($this->cc_expiry_year, -2));
}
return $process_button_string;
}
function transform_uri($param)
{
unset($path);
unset($url);
$uri = explode("index.php/", $param);
$path = $uri[1];
$base = $uri[0];
$url_array = explode('/', $path);
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
if (in_array('categories', $url_array) || in_array($aFilename['product_info'], $url_array) && in_array($aModules['products'], $url_array)) {
$_filter = array('mp', 'file', $aModules['main'], $aModules['products'], $aFilename['shop'], oos_session_name(), oos_session_id());
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$nLanguageID = isset($_SESSION['language_id']) ? $_SESSION['language_id'] + 0 : 1;
$path = '';
$extention = '.html';
$nArrayCountUrl = count($url_array);
for ($i = 0; $i < $nArrayCountUrl; $i++) {
switch ($url_array[$i]) {
case 'categories':
unset($category);
$category = '';
$i++;
if (eregi('[_0-9]', $url_array[$i])) {
if ($category_array = explode('_', $url_array[$i])) {
foreach ($category_array as $value) {
$categoriestable = $oostable['categories'];
$categories_descriptiontable = $oostable['categories_description'];
$category_result = $dbconn->Execute("SELECT c.categories_id, cd.categories_name FROM {$categoriestable} c, {$categories_descriptiontable} cd WHERE c.categories_id = '" . intval($value) . "' AND c.categories_id = cd.categories_id AND cd.categories_languages_id = '" . intval($nLanguageID) . "'");
$category .= oos_make_filename($category_result->fields['categories_name']) . '/';
}
$category = substr($category, 0, -1);
$category .= '-c-' . $url_array[$i] . '/';
} else {
$category .= 'categories/' . $url_array[$i] . '/';
}
}
$path .= $category;
break;
case 'products_id':
unset($product);
$i++;
if ($url_array[$i]) {
$products_descriptiontable = $oostable['products_description'];
$product_result = $dbconn->Execute("SELECT products_name FROM {$products_descriptiontable} WHERE products_id = '" . intval($url_array[$i]) . "' AND products_languages_id = '" . intval($nLanguageID) . "'");
$product = oos_make_filename($product_result->fields['products_name']);
$path .= $product . '-p-' . $url_array[$i] . '/';
}
break;
case 'manufacturers_id':
unset($manufacturer);
$i++;
if ($url_array[$i]) {
$manufacturerstable = $oostable['manufacturers'];
$manufacturer_result = $dbconn->Execute("SELECT manufacturers_name FROM {$manufacturerstable} WHERE manufacturers_id = '" . intval($url_array[$i]) . "'");
$manufacturer = oos_make_filename($manufacturer_result->fields['manufacturers_name']);
$path .= $manufacturer . '-m-' . $url_array[$i] . '/';
}
break;
default:
if (!in_array($url_array[$i], $_filter)) {
$path .= $url_array[$i] . '/';
}
break;
}
}
$pos = strpos($path, "-p-");
if ($pos === false) {
// $remove = array('-c-');
} else {
$remove = array('-m-', '-c-');
}
$path = str_replace($remove, '', $path);
if (strpos($path, '//') !== false) {
$path = str_replace('//', '/', $path);
}
if (substr($path, -1) == '/') {
$path = substr($path, 0, -1);
}
$url = $base . $path . $extention;
} else {
$url = $param;
}
return $url;
}