while ($file = $dir->read()) { if (is_dir(DIR_FS_CATALOG_TEMPLATES . $file) && strtoupper($file) != 'CVS' && $file != 'template_default') { if (file_exists(DIR_FS_CATALOG_TEMPLATES . $file . '/template_info.php')) { require DIR_FS_CATALOG_TEMPLATES . $file . '/template_info.php'; $template_info[$file] = array('name' => $template_name, 'version' => $template_version, 'author' => $template_author, 'description' => $template_description, 'screenshot' => $template_screenshot); } } } $action = isset($_GET['action']) ? $_GET['action'] : ''; if (zen_not_null($action)) { switch ($action) { case 'insert': $check_query = $gBitDb->Execute("select * from " . TABLE_TEMPLATE_SELECT . " where template_language = '" . $_POST['lang'] . "'"); if ($check_query->RecordCount() < 1) { $gBitDb->Execute("insert into " . TABLE_TEMPLATE_SELECT . " (template_dir, template_language) values ('" . $_POST['ln'] . "', '" . $_POST['lang'] . "')"); $_GET['tID'] = zen_db_insert_id(TABLE_TEMPLATE_SELECT, 'template_id'); } $action = ""; break; case 'save': $gBitDb->Execute("update " . TABLE_TEMPLATE_SELECT . " set template_dir = '" . $_POST['ln'] . "' where template_id = '" . $_GET['tID'] . "'"); break; case 'deleteconfirm': $check_query = $gBitDb->Execute("select template_language from " . TABLE_TEMPLATE_SELECT . " where template_id = '" . $_GET['tID'] . "'"); if ($check_query->fields['template_language'] != 0) { $gBitDb->Execute("delete from " . TABLE_TEMPLATE_SELECT . " where template_id = '" . $_GET['tID'] . "'"); zen_redirect(zen_href_link_admin(FILENAME_TEMPLATE_SELECT, 'page=' . $_GET['page'])); } $action = ""; break; }
$newsletter_error = false; if (empty($title)) { $messageStack->add(ERROR_NEWSLETTER_TITLE, 'error'); $newsletter_error = true; } if (empty($newsletter_module)) { $messageStack->add(ERROR_NEWSLETTER_MODULE, 'error'); $newsletter_error = true; } if ($newsletter_error == false) { $sql_data_array = array('title' => $title, 'content' => $content, 'content_html' => $content_html, 'module' => $newsletter_module); if ($action == 'insert') { $sql_data_array['date_added'] = 'now()'; $sql_data_array['status'] = '0'; zen_db_perform(TABLE_NEWSLETTERS, $sql_data_array); $newsletter_id = zen_db_insert_id(); } elseif ($action == 'update') { zen_db_perform(TABLE_NEWSLETTERS, $sql_data_array, 'update', "newsletters_id = '" . (int) $newsletter_id . "'"); } zen_redirect(zen_href_link(FILENAME_NEWSLETTERS, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . 'nID=' . $newsletter_id)); } else { $action = 'new'; } break; case 'deleteconfirm': $newsletter_id = zen_db_prepare_input($_GET['nID']); $db->Execute("delete from " . TABLE_NEWSLETTERS . "\n where newsletters_id = '" . (int) $newsletter_id . "'"); zen_redirect(zen_href_link(FILENAME_NEWSLETTERS, 'page=' . $_GET['page'])); break; case 'delete': case 'new':
$banners_image = new upload('banners_image'); $banners_image->set_destination(DIR_FS_CATALOG_IMAGES . $banners_image_target); if ($banners_image->parse() == false || $banners_image->save() == false) { $messageStack->add(ERROR_BANNER_IMAGE_REQUIRED, 'error'); $banner_error = true; } } } if ($banner_error == false) { $db_image_location = zen_not_null($banners_image_local) ? $banners_image_local : $banners_image_target . $banners_image->filename; $sql_data_array = array('banners_title' => $banners_title, 'banners_url' => $banners_url, 'banners_image' => $db_image_location, 'banners_group' => $banners_group, 'banners_html_text' => $banners_html_text, 'status' => $status, 'banners_open_new_windows' => $banners_open_new_windows, 'banners_on_ssl' => $banners_on_ssl, 'banners_sort_order' => (int) $banners_sort_order); if ($action == 'insert') { $insert_sql_data = array('date_added' => 'now()', 'status' => '1'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); zen_db_perform(TABLE_BANNERS, $sql_data_array); $banners_id = zen_db_insert_id(); $messageStack->add_session(SUCCESS_BANNER_INSERTED, 'success'); } elseif ($action == 'update') { zen_db_perform(TABLE_BANNERS, $sql_data_array, 'update', "banners_id = '" . (int) $banners_id . "'"); $messageStack->add_session(SUCCESS_BANNER_UPDATED, 'success'); } // NOTE: status will be reset by the /functions/banner.php // build new update sql for date_scheduled, expires_date and expires_impressions $sql = "UPDATE " . TABLE_BANNERS . "\n SET\n date_scheduled = :scheduledDate,\n expires_date = DATE_ADD(:expiresDate, INTERVAL '23:59:59' HOUR_SECOND),\n expires_impressions = " . ($expires_impressions == 0 ? "null" : ":expiresImpressions") . "\n WHERE banners_id = :bannersID"; if ($expires_impressions > 0) { $sql = $db->bindVars($sql, ':expiresImpressions', $expires_impressions, 'integer'); } if ($date_scheduled != '') { $sql = $db->bindVars($sql, ':scheduledDate', $date_scheduled, 'date'); } if ($expires_date != '') {
$messageStack->add('submit_link', ENTRY_EMAIL_ADDRESS_CHECK_ERROR); } if (SUBMIT_LINK_REQUIRE_RECIPROCAL == 'true') { if (strlen($links_reciprocal_url) < ENTRY_LINKS_URL_MIN_LENGTH) { $error = true; $messageStack->add('submit_link', ENTRY_LINKS_RECIPROCAL_URL_ERROR); } } if ($error == false) { // default values $links_date_added = 'now()'; $links_status = '0'; // Pending approval $sql_data_array = array('links_url' => $links_url, 'links_contact_name' => $links_contact_name, 'links_contact_email' => $links_contact_email, 'links_reciprocal_url' => $links_reciprocal_url, 'links_date_added' => $links_date_added, 'links_status' => $links_status); zen_db_perform(TABLE_LINKS, $sql_data_array); $links_id = zen_db_insert_id(); // Upload an image when form field is filled in by user if ($links_image = new upload('links_image_url')) { $links_image->set_destination(DIR_WS_IMAGES . LINK_IMAGE_DIRECTORY); if ($links_image->parse() && $links_image->save()) { $links_image_name = LINK_IMAGE_DIRECTORY . $links_image->filename; } if ($links_image->filename != '') { $db->Execute("update " . TABLE_LINKS . "\n set links_image_url = '" . $links_image_name . "'\n where links_id = '" . (int) $links_id . "'"); } else { // Use default image if form field is left blank $links_image_name = LINK_IMAGE_DIRECTORY . DEFAULT_LINK_IMAGE; $db->Execute("update " . TABLE_LINKS . "\n set links_image_url = '" . $links_image_name . "'\n where links_id = '" . (int) $links_id . "'"); $messageStack->add_session('header', WARNING_DEFAULT_FILE_UPLOADED, 'success'); } }
require 'includes/application_top.php'; $action = isset($_GET['action']) ? $_GET['action'] : ''; if (zen_not_null($action)) { switch ($action) { case 'insert': case 'save': if (isset($_GET['mID'])) { $manufacturers_id = zen_db_prepare_input($_GET['mID']); } $manufacturers_name = zen_db_prepare_input($_POST['manufacturers_name']); $sql_data_array = array('manufacturers_name' => $manufacturers_name); if ($action == 'insert') { $insert_sql_data = array('date_added' => 'now()'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); zen_db_perform(TABLE_MANUFACTURERS, $sql_data_array); $manufacturers_id = zen_db_insert_id(); } elseif ($action == 'save') { $update_sql_data = array('last_modified' => 'now()'); $sql_data_array = array_merge($sql_data_array, $update_sql_data); zen_db_perform(TABLE_MANUFACTURERS, $sql_data_array, 'update', "manufacturers_id = '" . (int) $manufacturers_id . "'"); } if ($_POST['manufacturers_image_manual'] != '') { // add image manually $manufacturers_image_name = zen_db_input($_POST['img_dir'] . $_POST['manufacturers_image_manual']); $db->Execute("update " . TABLE_MANUFACTURERS . "\n set manufacturers_image = '" . $manufacturers_image_name . "'\n where manufacturers_id = '" . (int) $manufacturers_id . "'"); } else { $manufacturers_image = new upload('manufacturers_image'); $manufacturers_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']); if ($manufacturers_image->parse() && $manufacturers_image->save()) { // remove image from database if none if ($manufacturers_image->filename != 'none') {
// | http://www.zen-cart.com/license/2_0.txt. | // | If you did not receive a copy of the zen-cart license and are unable | // | to obtain it through the world-wide-web, please send a note to | // | license@zen-cart.com so we can mail you a copy immediately. | // +----------------------------------------------------------------------+ // $Id: tax_classes.php 3780 2006-06-16 03:04:43Z drbyte $ // require 'includes/application_top.php'; $action = isset($_GET['action']) ? $_GET['action'] : ''; if (zen_not_null($action)) { switch ($action) { case 'insert': $tax_class_title = zen_db_prepare_input($_POST['tax_class_title']); $tax_class_description = zen_db_prepare_input($_POST['tax_class_description']); $db->Execute("insert into " . TABLE_TAX_CLASS . "\r\n (tax_class_title, tax_class_description, date_added)\r\n values ('" . zen_db_input($tax_class_title) . "',\r\n '" . zen_db_input($tax_class_description) . "',\r\n now())"); $tax_class_id = zen_db_insert_id(); $tax_class_title_m17n = zen_db_prepare_input($_POST['tax_class_title_m17n']); $tax_class_description_m17n = zen_db_prepare_input($_POST['tax_class_description_m17n']); $languages = zen_get_languages(); for ($i = 0, $n = sizeof($languages); $i < $n; $i++) { $db->Execute("insert into " . TABLE_TAX_CLASS_M17N . "\n (tax_class_id, language_id, tax_class_title, tax_class_description)\n values ('" . (int) $tax_class_id . "',\n '" . (int) $languages[$i]['id'] . "',\n '" . zen_db_input($tax_class_title_m17n[$languages[$i]['id']]) . "',\n '" . zen_db_input($tax_class_description_m17n[$languages[$i]['id']]) . "')"); } zen_redirect(zen_href_link(FILENAME_TAX_CLASSES)); break; case 'save': $tax_class_id = zen_db_prepare_input($_GET['tID']); $tax_class_title = zen_db_prepare_input($_POST['tax_class_title']); $tax_class_description = zen_db_prepare_input($_POST['tax_class_description']); $db->Execute("update " . TABLE_TAX_CLASS . "\r\n set tax_class_id = '" . (int) $tax_class_id . "',\r\n tax_class_title = '" . zen_db_input($tax_class_title) . "',\r\n tax_class_description = '" . zen_db_input($tax_class_description) . "',\r\n last_modified = now()\r\n where tax_class_id = '" . (int) $tax_class_id . "'"); $tax_class_title_m17n = zen_db_prepare_input($_POST['tax_class_title_m17n']); $tax_class_description_m17n = zen_db_prepare_input($_POST['tax_class_description_m17n']);
require 'includes/application_top.php'; $action = isset($_GET['action']) ? $_GET['action'] : ''; if (zen_not_null($action)) { switch ($action) { case 'insert': case 'save': if (isset($_GET['mID'])) { $artists_id = zen_db_prepare_input($_GET['mID']); } $artists_name = zen_db_prepare_input($_POST['artists_name']); $sql_data_array = array('artists_name' => $artists_name); if ($action == 'insert') { $insert_sql_data = array('date_added' => 'now()'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); zen_db_perform(TABLE_RECORD_ARTISTS, $sql_data_array); $artists_id = zen_db_insert_id(); } elseif ($action == 'save') { $update_sql_data = array('last_modified' => 'now()'); $sql_data_array = array_merge($sql_data_array, $update_sql_data); zen_db_perform(TABLE_RECORD_ARTISTS, $sql_data_array, 'update', "artists_id = '" . (int) $artists_id . "'"); } if ($_POST['artists_image_manual'] != '') { // add image manually $artists_image_name = zen_db_input($_POST['img_dir'] . $_POST['artists_image_manual']); $db->Execute("update " . TABLE_RECORD_ARTISTS . "\r\n set artists_image = '" . $artists_image_name . "'\r\n where artists_id = '" . (int) $artists_id . "'"); } else { $artists_image = new upload('artists_image'); $artists_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']); if ($artists_image->parse() && $artists_image->save()) { // remove image from database if none if ($artists_image->filename != 'none') {
if (zen_not_null($action)) { switch ($action) { case 'insert': case 'save': if (isset($_GET['gID'])) { $group_id = zen_db_prepare_input($_GET['gID']); } $group_name = zen_db_prepare_input($_POST['group_name']); $group_percentage = zen_db_prepare_input($_POST['group_percentage']); if ($group_name) { $sql_data_array = array('group_name' => $group_name, 'group_percentage' => $group_percentage); if ($action == 'insert') { $insert_sql_data = array('date_added' => $gBitDb->NOW()); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); $gBitDb->associateInsert(TABLE_GROUP_PRICING, $sql_data_array); $group_id = zen_db_insert_id(TABLE_GROUP_PRICING, 'group_id'); } elseif ($action == 'save') { $update_sql_data = array('last_modified' => $gBitDb->NOW()); $sql_data_array = array_merge($sql_data_array, $update_sql_data); $gBitDb->associateInsert(TABLE_GROUP_PRICING, $sql_data_array, 'update', "group_id = '" . (int) $group_id . "'"); } } zen_redirect(zen_href_link_admin(FILENAME_GROUP_PRICING, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . 'gID=' . $group_id)); break; case 'deleteconfirm': if (zen_admin_demo()) { $_GET['action'] = ''; $messageStack->add_session(ERROR_ADMIN_DEMO, 'caution'); zen_redirect(zen_href_link_admin(FILENAME_GROUP_PRICING, 'page=' . $_GET['page'])); } $group_id = zen_db_prepare_input($_GET['gID']);
$faqs_id = zen_db_prepare_input($_GET['pID']); } $sql_data_array = array('faqs_type' => zen_db_prepare_input($_GET['faq_type']), 'faqs_status' => zen_db_prepare_input($_POST['faqs_status']), 'faqs_sort_order' => zen_db_prepare_input($_POST['faqs_sort_order'])); // when set to none remove from database if (isset($_POST['faqs_image']) && zen_not_null($_POST['faqs_image']) && $_POST['faqs_image'] != 'none') { $sql_data_array['faqs_image'] = zen_db_prepare_input($_POST['faqs_image']); $new_image = 'true'; } else { $sql_data_array['faqs_image'] = ''; $new_image = 'false'; } if ($action == 'insert_faq') { $insert_sql_data = array('faqs_date_added' => 'now()', 'master_faq_categories_id' => (int) $current_faq_category_id); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); zen_db_perform(TABLE_FAQS, $sql_data_array); $faqs_id = zen_db_insert_id(); $db->Execute("insert into " . TABLE_FAQS_TO_FAQ_CATEGORIES . "\n (faqs_id, faq_categories_id)\n values ('" . (int) $faqs_id . "', '" . (int) $current_faq_category_id . "')"); } elseif ($action == 'update_faq') { $update_sql_data = array('faqs_last_modified' => 'now()', 'master_faq_categories_id' => $_POST['master_faq_category'] > 0 ? zen_db_prepare_input($_POST['master_faq_category']) : zen_db_prepare_input($_POST['master_faq_categories_id'])); $sql_data_array = array_merge($sql_data_array, $update_sql_data); zen_db_perform(TABLE_FAQS, $sql_data_array, 'update', "faqs_id = '" . (int) $faqs_id . "'"); } $languages = zen_get_languages(); for ($i = 0, $n = sizeof($languages); $i < $n; $i++) { $language_id = $languages[$i]['id']; $sql_data_array = array('faqs_name' => zen_db_prepare_input($_POST['faqs_name'][$language_id]), 'faqs_contact_name' => zen_db_prepare_input($_POST['faqs_contact_name'][$language_id]), 'faqs_contact_mail' => zen_db_prepare_input($_POST['faqs_contact_mail'][$language_id]), 'faqs_description' => zen_db_prepare_input($_POST['faqs_description'][$language_id]), 'faqs_answer' => zen_db_prepare_input($_POST['faqs_answer'][$language_id]), 'faqs_url' => zen_db_prepare_input($_POST['faqs_url'][$language_id])); if ($action == 'insert_faq') { $insert_sql_data = array('faqs_id' => $faqs_id, 'language_id' => $language_id); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); zen_db_perform(TABLE_FAQS_DESCRIPTION, $sql_data_array); } elseif ($action == 'update_faq') {
// Copy attributes to duplicate product $products_id_from = $products_id; if ($_POST['copy_as'] == 'link') { if ($categories_id != $current_category_id) { $check = $gBitDb->Execute("select count(*) as `total`\n from " . TABLE_PRODUCTS_TO_CATEGORIES . "\n where `products_id` = '" . (int) $products_id . "'\n and `categories_id` = '" . (int) $categories_id . "'"); if ($check->fields['total'] < '1') { $gBitDb->Execute("insert into " . TABLE_PRODUCTS_TO_CATEGORIES . "\n (`products_id`, `categories_id`)\n values ('" . (int) $products_id . "', '" . (int) $categories_id . "')"); } } else { $messageStack->add_session(ERROR_CANNOT_LINK_TO_SAME_CATEGORY, 'error'); } } elseif ($_POST['copy_as'] == 'duplicate') { $old_products_id = (int) $products_id; $product = $gBitDb->Execute("select `products_type`, `products_quantity`, `products_model`, `products_image`,\n `products_price`, `products_virtual`, `products_date_available`, `products_weight`,\n `products_tax_class_id`, `manufacturers_id`,\n `products_quantity_order_min`, `products_quantity_order_units`, `products_priced_by_attribute`,\n `product_is_free`, `product_is_call`, `products_quantity_mixed`,\n `product_is_always_free_ship`, `products_qty_box_status`, `products_quantity_order_max`, `products_sort_order`,\n `lowest_purchase_price`, `master_categories_id`\n from " . TABLE_PRODUCTS . "\n where `products_id` = '" . (int) $products_id . "'"); $gBitDb->Execute("insert into " . TABLE_PRODUCTS . "\n (`products_type`, `products_quantity`, `products_model`, `products_image`,\n `products_price`, `products_virtual`, `products_date_added`, `products_date_available`,\n `products_weight`, `products_status`, `products_tax_class_id`,\n `manufacturers_id`,\n `products_quantity_order_min`, `products_quantity_order_units`, `products_priced_by_attribute`,\n `product_is_free`, product_is_call`, `products_quantity_mixed`,\n `product_is_always_free_ship`, `products_qty_box_status`, `products_quantity_order_max`, `products_sort_order`,\n `lowest_purchase_price`, `master_categories_id`\n )\n values ('" . zen_db_input($product->fields['products_type']) . "',\n '" . zen_db_input($product->fields['products_quantity']) . "',\n '" . zen_db_input($product->fields['products_model']) . "',\n '" . zen_db_input($product->fields['products_image']) . "',\n '" . zen_db_input($product->fields['products_price']) . "',\n '" . zen_db_input($product->fields['products_virtual']) . "',\n now(),\n '" . zen_db_input($product->fields['products_date_available']) . "',\n '" . zen_db_input($product->fields['products_weight']) . "', '0',\n '" . (int) $product->fields['products_tax_class_id'] . "',\n '" . (int) $product->fields['manufacturers_id'] . "',\n '" . zen_db_input($product->fields['products_quantity_order_min']) . "',\n '" . zen_db_input($product->fields['products_quantity_order_units']) . "',\n '" . zen_db_input($product->fields['products_priced_by_attribute']) . "',\n '" . (int) $product->fields['product_is_free'] . "',\n '" . (int) $product->fields['product_is_call'] . "',\n '" . (int) $product->fields['products_quantity_mixed'] . "',\n '" . zen_db_input($product->fields['product_is_always_free_ship']) . "',\n '" . zen_db_input($product->fields['products_qty_box_status']) . "',\n '" . zen_db_input($product->fields['products_quantity_order_max']) . "',\n '" . zen_db_input($product->fields['products_sort_order']) . "',\n '" . zen_db_input($product->fields['lowest_purchase_price']) . "',\n '" . zen_db_input($product->fields['master_categories_id']) . "')"); $dup_products_id = zen_db_insert_id(TABLE_PRODUCTS, 'products_id'); if (isset($_POST['copy_media']) && $_POST['copy_media'] == 'on') { $product_media = $gBitDb->Execute("select `media_id` from " . TABLE_MEDIA_TO_PRODUCTS . "\n where `product_id` = '" . (int) $products_id . "'"); while (!$product_media->EOF) { $gBitDb->Execute("insert into " . TABLE_MEDIA_TO_PRODUCTS . "\n (`media_id`, `product_id`)\n values (\n '" . $product_media->fields['media_id'] . "',\n '" . $dup_products_id . "')"); $product_media->MoveNext(); } } $music_extra = $gBitDb->Execute("select `artists_id`, `record_company_id`, `music_genre_id` from " . TABLE_PRODUCT_MUSIC_EXTRA . " where `products_id` = '" . (int) $products_id . "'"); $gBitDb->Execute("insert into " . TABLE_PRODUCT_MUSIC_EXTRA . "\n (`products_id`, `artists_id`, `record_company_id`, `music_genre_id`)\n values (\n '" . (int) $dup_products_id . "',\n '" . zen_db_input($music_extra->fields['artists_id']) . "',\n '" . zen_db_input($music_extra->fields['record_company_id']) . "',\n '" . zen_db_input($music_extra->fields['music_genre_id']) . "')"); $description = $gBitDb->Execute("select `language_id`, `products_name`, `products_description`,\n `products_url`\n from " . TABLE_PRODUCTS_DESCRIPTION . "\n where `products_id` = '" . (int) $products_id . "'"); while (!$description->EOF) { $gBitDb->Execute("insert into " . TABLE_PRODUCTS_DESCRIPTION . "\n (`products_id`, `language_id`, `products_name`, `products_description`,\n `products_url`, `products_viewed`)\n values ('" . (int) $dup_products_id . "',\n '" . (int) $description->fields['language_id'] . "',\n '" . zen_db_input($description->fields['products_name']) . "',\n '" . zen_db_input($description->fields['products_description']) . "',\n '" . zen_db_input($description->fields['products_url']) . "', '0')"); $description->MoveNext(); } $gBitDb->Execute("insert into " . TABLE_PRODUCTS_TO_CATEGORIES . "\n (`products_id`, `categories_id`)\n values ('" . (int) $dup_products_id . "', '" . (int) $categories_id . "')");
$news_error = true; } if (empty($news_content)) { $messageStack->add(ERROR_NEWS_CONTENT, 'error'); $news_error = true; } if ($news_error == false) { $sql_data_array = array('news_start_date' => $news_start_date, 'news_end_date' => $news_end_date, 'more_news_page' => $more_news_page); if ($action == 'insert') { $sql_data_array['news_added_date'] = 'now()'; $sql_data_array['news_start_date'] == NULL ? $sql_data_array['news_start_date'] = 'now()' : ''; $sql_data_array['news_end_date'] == NULL ? $sql_data_array['news_end_date'] = '2035-12-31' : ''; $sql_data_array['news_status'] = '0'; $sql_data_array['more_news_page'] = '0'; zen_db_perform(TABLE_BOX_NEWS, $sql_data_array); $box_news_id = zen_db_insert_id(); } elseif ($action == 'update') { $sql_data_array['news_modified_date'] = 'now()'; zen_db_perform(TABLE_BOX_NEWS, $sql_data_array, 'update', "box_news_id = '" . (int) $box_news_id . "'"); } $languages = zen_get_languages(); for ($i = 0, $n = sizeof($languages); $i < $n; $i++) { $news_title_array = $_POST['news_title']; $news_content_array = $_POST['news_content']; $language_id = $languages[$i]['id']; $sql_data_array = array('news_title' => zen_db_prepare_input($news_title_array[$language_id]), 'news_content' => zen_db_prepare_input($news_content_array[$language_id])); if ($action == 'insert') { $insert_sql_data = array('box_news_id' => $box_news_id, 'languages_id' => $languages[$i]['id']); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); zen_db_perform(TABLE_BOX_NEWS_CONTENT, $sql_data_array); } elseif ($action == 'update') {
require 'includes/application_top.php'; $action = isset($_GET['action']) ? $_GET['action'] : ''; if (zen_not_null($action)) { switch ($action) { case 'insert': case 'save': if (isset($_GET['mID'])) { $record_company_id = zen_db_prepare_input($_GET['mID']); } $record_company_name = zen_db_prepare_input($_POST['record_company_name']); $sql_data_array = array('record_company_name' => $record_company_name); if ($action == 'insert') { $insert_sql_data = array('date_added' => 'now()'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); zen_db_perform(TABLE_RECORD_COMPANY, $sql_data_array); $record_company_id = zen_db_insert_id(); } elseif ($action == 'save') { $update_sql_data = array('last_modified' => 'now()'); $sql_data_array = array_merge($sql_data_array, $update_sql_data); zen_db_perform(TABLE_RECORD_COMPANY, $sql_data_array, 'update', "record_company_id = '" . (int) $record_company_id . "'"); } if ($_POST['record_company_image_manual'] != '') { // add image manually $artists_image_name = zen_db_input($_POST['img_dir'] . $_POST['record_company_image_manual']); $db->Execute("update " . TABLE_RECORD_COMPANY . "\n set record_company_image = '" . $artists_image_name . "'\n where record_company_id = '" . (int) $record_company_id . "'"); } else { $record_company_image = new upload('record_company_image'); $record_company_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']); if ($record_company_image->parse() && $record_company_image->save()) { // remove image from database if none if ($record_company_image->filename != 'none') {
require 'includes/application_top.php'; $action = isset($_GET['action']) ? $_GET['action'] : ''; if (zen_not_null($action)) { switch ($action) { case 'insert': $name = zen_db_prepare_input($_POST['name']); $code = zen_db_prepare_input($_POST['code']); $image = zen_db_prepare_input($_POST['image']); $directory = zen_db_prepare_input($_POST['directory']); $sort_order = zen_db_prepare_input($_POST['sort_order']); $check = $gBitDb->Execute("select * from " . TABLE_LANGUAGES . " where `code` = '" . $code . "'"); if ($check->RecordCount() > 0) { $messageStack->add(ERROR_DUPLICATE_LANGUAGE_CODE, 'error'); } else { $gBitDb->Execute("insert into " . TABLE_LANGUAGES . "\n (`name`, `code`, `image`, `directory`, `sort_order`)\n values ('" . zen_db_input($name) . "', '" . zen_db_input($code) . "',\n '" . zen_db_input($image) . "', '" . zen_db_input($directory) . "',\n '" . zen_db_input($sort_order) . "')"); $insert_id = zen_db_insert_id(TABLE_LANGUAGES, 'languages_id'); // create additional categories_description records $categories = $gBitDb->Execute("select c.`categories_id`, cd.`categories_name`,\n `categories_description`\n from " . TABLE_CATEGORIES . " c\n left join " . TABLE_CATEGORIES_DESCRIPTION . " cd\n on c.`categories_id` = cd.`categories_id`\n where cd.`language_id` = '" . (int) $_SESSION['languages_id'] . "'"); while (!$categories->EOF) { $gBitDb->Execute("insert into " . TABLE_CATEGORIES_DESCRIPTION . "\n (`categories_id`, `language_id`, `categories_name`,\n `categories_description`)\n values ('" . (int) $categories->fields['categories_id'] . "', '" . (int) $insert_id . "',\n '" . zen_db_input($categories->fields['categories_name']) . "',\n '" . zen_db_input($categories->fields['categories_description']) . "')"); $categories->MoveNext(); } // create additional products_description records $products = $gBitDb->Execute("select p.`products_id`, pd.`products_name`, pd.`products_description`,\n pd.`products_url`\n from " . TABLE_PRODUCTS . " p\n left join " . TABLE_PRODUCTS_DESCRIPTION . " pd\n on p.`products_id` = pd.`products_id`\n where pd.`language_id` = '" . (int) $_SESSION['languages_id'] . "'"); while (!$products->EOF) { $gBitDb->Execute("insert into " . TABLE_PRODUCTS_DESCRIPTION . "\n (`products_id`, `language_id`, `products_name`, `products_description`, `products_url`)\n values ('" . (int) $products->fields['products_id'] . "',\n '" . (int) $insert_id . "',\n '" . zen_db_input($products->fields['products_name']) . "',\n '" . zen_db_input($products->fields['products_description']) . "',\n '" . zen_db_input($products->fields['products_url']) . "')"); $products->MoveNext(); } // create additional products_options records $products_options = $gBitDb->Execute("select `products_options_id`, `products_options_name`,\n `products_options_sort_order`, `products_options_type`, `products_options_length`, `products_options_comment`, `products_options_size`,\n `products_options_images_per_row`, `products_options_images_style`\n from " . TABLE_PRODUCTS_OPTIONS . "\n where `language_id` = '" . (int) $_SESSION['languages_id'] . "'"); while (!$products_options->EOF) {
<?php include 'tiosafe_config.php'; if (postNotEmpty('person_id')) { $customers_id = $_POST['person_id']; $countries_name = $_POST['country']; $street = $_POST['street']; $zip = $_POST['zip']; $city = $_POST['city']; $countries_id = getCountryId($_POST['country'], $db); //Insert the new address $sql_array = array('customers_id' => zen_db_prepare_input($customers_id), 'entry_street_address' => zen_db_prepare_input($street), 'entry_postcode' => zen_db_prepare_input($zip), 'entry_city' => zen_db_prepare_input($city), 'entry_country_id' => $countries_id); zen_db_perform(TABLE_ADDRESS_BOOK, $sql_array); //XXX Create a function using an sql query, // we are not sure mysql_insert_id return the right customer id $address_book_id = zen_db_insert_id(); // Check if the customer has a default_address // If not, set this one as default $query = $db->Execute("SELECT customers_default_address_id\n FROM " . TABLE_CUSTOMERS . "\n WHERE customers_id = '" . $customers_id . "'"); if ($query->RecordCount() > 0) { if (empty($query->fields['customers_default_address_id'])) { $query = 'UPDATE ' . TABLE_CUSTOMERS . ' SET customers_default_address_id = ' . $address_book_id . ' where customers_id = ' . $customers_id; executeSQL($query, $db); } } } else { echo '\\nInvalid query: person_id parameter is required!'; } $db->close();
$tmp_value = zen_db_prepare_input($_POST['manufacturers_id']); $manufacturers_id = !zen_not_null($tmp_value) || $tmp_value == '' || $tmp_value == 0 ? 0 : $tmp_value; $sql_data_array = array('products_quantity' => $products_quantity, 'products_type' => zen_db_prepare_input($_GET['product_type']), 'products_model' => zen_db_prepare_input($_POST['products_model']), 'products_price' => $products_price, 'products_date_available' => $products_date_available, 'products_weight' => $products_weight, 'products_status' => zen_db_prepare_input((int) $_POST['products_status']), 'products_virtual' => zen_db_prepare_input((int) $_POST['products_virtual']), 'products_tax_class_id' => zen_db_prepare_input((int) $_POST['products_tax_class_id']), 'products_quantity_order_min' => zen_db_prepare_input($_POST['products_quantity_order_min']), 'products_quantity_order_units' => zen_db_prepare_input($_POST['products_quantity_order_units']), 'products_priced_by_attribute' => zen_db_prepare_input($_POST['products_priced_by_attribute']), 'product_is_free' => zen_db_prepare_input((int) $_POST['product_is_free']), 'product_is_call' => zen_db_prepare_input((int) $_POST['product_is_call']), 'products_quantity_mixed' => zen_db_prepare_input($_POST['products_quantity_mixed']), 'product_is_always_free_shipping' => zen_db_prepare_input((int) $_POST['product_is_always_free_shipping']), 'products_qty_box_status' => zen_db_prepare_input($_POST['products_qty_box_status']), 'products_quantity_order_max' => zen_db_prepare_input($_POST['products_quantity_order_max']), 'products_sort_order' => (int) zen_db_prepare_input($_POST['products_sort_order']), 'products_discount_type' => zen_db_prepare_input($_POST['products_discount_type']), 'products_discount_type_from' => zen_db_prepare_input($_POST['products_discount_type_from']), 'products_price_sorter' => zen_db_prepare_input($_POST['products_price_sorter'])); // when set to none remove from database // is out dated for browsers use radio only $sql_data_array['products_image'] = zen_db_prepare_input($_POST['products_image']); $new_image = 'true'; if ($_POST['image_delete'] == 1) { $sql_data_array['products_image'] = ''; $new_image = 'false'; } if ($action == 'insert_product') { $insert_sql_data = array('products_date_added' => 'now()', 'master_categories_id' => (int) $current_category_id); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); zen_db_perform(TABLE_PRODUCTS, $sql_data_array); $products_id = zen_db_insert_id(); // reset products_price_sorter for searches etc. zen_update_products_price_sorter($products_id); $db->Execute("insert into " . TABLE_PRODUCTS_TO_CATEGORIES . "\n (products_id, categories_id)\n values ('" . (int) $products_id . "', '" . (int) $current_category_id . "')"); /////////////////////////////////////////////////////// //// INSERT PRODUCT-TYPE-SPECIFIC *INSERTS* HERE ////// $tmp_value = zen_db_prepare_input($_POST['artists_id']); $artists_id = !zen_not_null($tmp_value) || $tmp_value == '' || $tmp_value == 0 ? 0 : $tmp_value; $tmp_value = zen_db_prepare_input($_POST['record_company_id']); $record_company_id = !zen_not_null($tmp_value) || $tmp_value == '' || $tmp_value == 0 ? 0 : $tmp_value; $tmp_value = zen_db_prepare_input($_POST['music_genre_id']); $music_genre_id = !zen_not_null($tmp_value) || $tmp_value == '' || $tmp_value == 0 ? 0 : $tmp_value; $sql_data_array = array('products_id' => $products_id, 'artists_id' => $artists_id, 'record_company_id' => $record_company_id, 'music_genre_id' => $music_genre_id); zen_db_perform(TABLE_PRODUCT_MUSIC_EXTRA, $sql_data_array); //// *END OF PRODUCT-TYPE-SPECIFIC INSERTS* //////// ///////////////////////////////////////////////////////
} $action = isset($_GET['action']) ? $_GET['action'] : ''; if (zen_not_null($action)) { switch ($action) { case 'insert': case 'save': if (isset($_GET['mID'])) { $manufacturers_id = zen_db_prepare_input($_GET['mID']); } $manufacturers_name = zen_db_prepare_input($_POST['manufacturers_name']); $sql_data_array = array('manufacturers_name' => $manufacturers_name); if ($action == 'insert') { $insert_sql_data = array('date_added' => $gBitDb->NOW()); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); $gBitDb->associateInsert(TABLE_MANUFACTURERS, $sql_data_array); $manufacturers_id = zen_db_insert_id(TABLE_MANUFACTURERS, 'manufacturers_id'); } elseif ($action == 'save') { $update_sql_data = array('last_modified' => $gBitDb->NOW()); $sql_data_array = array_merge($sql_data_array, $update_sql_data); $gBitDb->associateUpdate(TABLE_MANUFACTURERS, $sql_data_array, array('manufacturers_id' => (int) $manufacturers_id)); } $manufacturers_image = new upload('manufacturers_image'); $manufacturers_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']); if ($manufacturers_image->parse() && $manufacturers_image->save()) { // remove image from database if none if ($manufacturers_image->filename != 'none') { $gBitDb->Execute("update " . TABLE_MANUFACTURERS . "\n set `manufacturers_image` = '" . $_POST['img_dir'] . $manufacturers_image->filename . "'\n where `manufacturers_id` = '" . (int) $manufacturers_id . "'"); } else { $gBitDb->Execute("update " . TABLE_MANUFACTURERS . "\n set `manufacturers_image` = ''\n where `manufacturers_id` = '" . (int) $manufacturers_id . "'"); } }
require 'includes/application_top.php'; $action = isset($_GET['action']) ? $_GET['action'] : ''; if (zen_not_null($action)) { switch ($action) { case 'insert': case 'save': if (isset($_GET['mID'])) { $record_company_id = zen_db_prepare_input($_GET['mID']); } $record_company_name = zen_db_prepare_input($_POST['record_company_name']); $sql_data_array = array('record_company_name' => $record_company_name); if ($action == 'insert') { $insert_sql_data = array('date_added' => $gBitDb->NOW()); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); $gBitDb->associateInsert(TABLE_RECORD_COMPANY, $sql_data_array); $record_company_id = zen_db_insert_id(TABLE_RECORD_COMPANY, 'record_company_id'); } elseif ($action == 'save') { $update_sql_data = array('last_modified' => $gBitDb->NOW()); $sql_data_array = array_merge($sql_data_array, $update_sql_data); $gBitDb->associateInsert(TABLE_RECORD_COMPANY, $sql_data_array, 'update', "record_company_id = '" . (int) $record_company_id . "'"); } $record_company_image = new upload('record_company_image'); $record_company_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']); if ($record_company_image->parse() && $record_company_image->save()) { // remove image from database if none if ($record_company_image->filename != 'none') { // remove image from database if none $gBitDb->Execute("update " . TABLE_RECORD_COMPANY . "\n set record_company_image = '" . $_POST['img_dir'] . $record_company_image->filename . "'\n where record_company_id = '" . (int) $record_company_id . "'"); } else { $gBitDb->Execute("update " . TABLE_RECORD_COMPANY . "\n set record_company_image = ''\n where record_company_id = '" . (int) $record_company_id . "'"); }
require 'includes/application_top.php'; $action = isset($_GET['action']) ? $_GET['action'] : ''; if (zen_not_null($action)) { switch ($action) { case 'insert': case 'save': if (isset($_GET['mID'])) { $music_genre_id = zen_db_prepare_input($_GET['mID']); } $music_genre_name = zen_db_prepare_input($_POST['music_genre_name']); $sql_data_array = array('music_genre_name' => $music_genre_name); if ($action == 'insert') { $insert_sql_data = array('date_added' => 'now()'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); zen_db_perform(TABLE_MUSIC_GENRE, $sql_data_array); $music_genre_id = zen_db_insert_id(); } elseif ($action == 'save') { $update_sql_data = array('last_modified' => 'now()'); $sql_data_array = array_merge($sql_data_array, $update_sql_data); zen_db_perform(TABLE_MUSIC_GENRE, $sql_data_array, 'update', "music_genre_id = '" . (int) $music_genre_id . "'"); } zen_redirect(zen_href_link(FILENAME_MUSIC_GENRE, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . 'mID=' . $music_genre_id)); break; case 'deleteconfirm': // demo active test if (zen_admin_demo()) { $_GET['action'] = ''; $messageStack->add_session(ERROR_ADMIN_DEMO, 'caution'); zen_redirect(zen_href_link(FILENAME_MUSIC_GENRE, 'page=' . $_GET['page'])); } $music_genre_id = zen_db_prepare_input($_GET['mID']);
$InfoQuery = "select p.products_model,p.products_price,pd.products_name,p.products_tax_class_id from " . TABLE_PRODUCTS . " p left join " . TABLE_PRODUCTS_DESCRIPTION . " pd on pd.products_id=p.products_id where p.products_id='{$add_product_products_id}'"; $result = $db->Execute($InfoQuery); #$row = zen_db_fetch_array($result); extract($result->fields, EXTR_PREFIX_ALL, "p"); // Following functions are defined at the bottom of this file $CountryID = zen_get_country_id($order->delivery["country"]); $ZoneID = zen_get_zone_id($CountryID, $order->delivery["state"]); $ProductsTax = zen_get_tax_rate($p_products_tax_class_id, $CountryID, $ZoneID); if ($_POST[applyspecialstoprice] && zen_get_products_special_price((int) $add_product_products_id)) { $product_price_woa = zen_get_products_special_price((int) $add_product_products_id); } else { $product_price_woa = $p_products_price; } $Query = "insert into " . TABLE_ORDERS_PRODUCTS . " set\n\t\t\t\torders_id = {$oID},\n\t\t\t\tproducts_id = {$add_product_products_id},\n\t\t\t\tproducts_model = '{$p_products_model}',\n\t\t\t\tproducts_name = '" . str_replace("'", "'", $p_products_name) . "',\n\t\t\t\tproducts_price = '{$product_price_woa}',\n\t\t\t\tfinal_price = '" . ($product_price_woa + $AddedOptionsPrice) . "',\n\t\t\t\tproducts_tax = '{$ProductsTax}',\n\t\t\t\tproducts_quantity = {$add_product_quantity},\n onetime_charges = {$AddedOptionsPrice_OneTime};"; $db->Execute($Query); $new_product_id = zen_db_insert_id(); //UPDATE_INVENTORY_QUANTITY_START############################################################################################################## if (STOCK_LIMITED == "true") { $db->Execute("update " . TABLE_PRODUCTS . " set products_quantity = products_quantity - " . $add_product_quantity . ", products_ordered = products_ordered + " . $add_product_quantity . " where products_id = '" . $add_product_products_id . "'"); } else { $db->Execute("update " . TABLE_PRODUCTS . " set products_ordered = products_ordered + " . $add_product_quantity . " where products_id = '" . $add_product_products_id . "'"); } //UPDATE_INVENTORY_QUANTITY_END############################################################################################################## if ($_POST[optionstoadd] != NULL) { for ($i = 1; $i <= $_POST[optionstoadd]; $i++) { $sendoptionon = "add_product_options" . $i; $query = mysql_query("SELECT products_attributes_id, product_attribute_is_free, products_attributes_weight, products_attributes_weight_prefix, attributes_discounted, attributes_price_base_included, attributes_price_onetime, attributes_price_factor, attributes_price_factor_offset, attributes_price_factor_onetime, attributes_price_factor_onetime_offset, attributes_qty_prices, attributes_qty_prices_onetime, attributes_price_words, attributes_price_words_free, attributes_price_letters, attributes_price_letters_free FROM " . TABLE_PRODUCTS_ATTRIBUTES . " WHERE products_id='{$add_product_products_id}' AND options_id='{$attributestypenumber[$i]}' AND options_values_id='{$_POST[$sendoptionon]}'") or die('Failed to connect database: 3'); while ($row4 = mysql_fetch_array($query, MYSQL_NUM)) { $sendoptionontv = $sendoptionon . "tv"; if ($_POST[$sendoptionontv]) { $povid4topa = $_POST[$sendoptionontv];
if (zen_not_null($newname)) { $salemaker_sales = $gBitDb->Execute("select * from " . TABLE_SALEMAKER_SALES . " where `sale_id` = '" . zen_db_input($_GET['sID']) . "'"); if ($salemaker_sales->RecordCount() > 0) { $salemaker_sales->fields['sale_id'] = 'null'; $salemaker_sales->fields['sale_name'] = $newname; $salemaker_sales->fields['sale_status'] = 0; $salemaker_sales->fields['sale_date_added'] = $gBitDb->NOW(); $salemaker_sales->fields['sale_date_last_modified'] = '0001-01-01'; $salemaker_sales->fields['sale_date_status_change'] = '0001-01-01'; $gBitDb->associateInsert(TABLE_SALEMAKER_SALES, $salemaker_sales, 'insert'); $sale_id = zen_db_insert_id(TABLE_SALEMAKER_SALES, 'sale_id'); // update prices for products in sale zen_update_salemaker_product_prices($sale_id); } } zen_redirect(zen_href_link_admin(FILENAME_SALEMAKER, 'page=' . $_GET['page'] . '&sID=' . ($sale_id = zen_db_insert_id(TABLE_SALEMAKER_SALES, 'sale_id')))); break; case 'deleteconfirm': $sale_id = zen_db_prepare_input($_GET['sID']); // set sale off to update prices before removing $gBitDb->Execute("update " . TABLE_SALEMAKER_SALES . " set sale_status=0 where sale_id='" . $sale_id . "'"); // update prices for products in sale zen_update_salemaker_product_prices($sale_id); $gBitDb->Execute("delete from " . TABLE_SALEMAKER_SALES . " where `sale_id` = '" . (int) $sale_id . "'"); zen_redirect(zen_href_link_admin(FILENAME_SALEMAKER, 'page=' . $_GET['page'])); break; } } ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php
case 'save': if (isset($_GET['mID'])) { $type_id = zen_db_prepare_input($_GET['mID']); } if (isset($_POST['type_ext'])) { $type_ext = zen_db_prepare_input($_POST['type_ext']); } if (isset($_POST['type_name'])) { $type_name = zen_db_prepare_input($_POST['type_name']); } $sql_data_array = array('type_ext' => $type_ext); if ($action == 'insert') { $insert_data_array = array('type_name' => $type_name); $sql_data_array = array_merge($sql_data_array, $insert_data_array); zen_db_perform(TABLE_MEDIA_TYPES, $sql_data_array); $type_id = zen_db_insert_id(); } elseif ($action == 'save') { $insert_data_array = array('type_name' => $type_name); $sql_data_array = array_merge($sql_data_array, $insert_data_array); zen_db_perform(TABLE_MEDIA_TYPES, $sql_data_array, 'update', "type_id = '" . (int) $type_id . "'"); } zen_redirect(zen_href_link(FILENAME_MEDIA_TYPES, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . 'mID=' . $type_id)); break; case 'deleteconfirm': // demo active test if (zen_admin_demo()) { $_GET['action'] = ''; $messageStack->add_session(ERROR_ADMIN_DEMO, 'caution'); zen_redirect(zen_href_link(FILENAME_MEDIA_TYPES, 'page=' . $_GET['page'])); } $type_id = zen_db_prepare_input($_GET['mID']);
} } } if (isset($_GET['mID'])) { $media_id = zen_db_prepare_input($_GET['mID']); } $media_name = zen_db_prepare_input($_POST['media_name']); $sql_data_array = array('media_name' => $media_name); if ($media_name == '') { $messageStack->add_session(ERROR_UNKNOWN_DATA, 'caution'); } else { if ($action == 'insert') { $insert_sql_data = array('date_added' => $gBitDb->NOW()); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); $gBitDb->associateInsert(TABLE_MEDIA_MANAGER, $sql_data_array); $media_id = zen_db_insert_id(TABLE_MEDIA_MANAGER, 'media_id'); } elseif ($action == 'save') { $update_sql_data = array('last_modified' => $gBitDb->NOW()); $sql_data_array = array_merge($sql_data_array, $update_sql_data); $gBitDb->associateInsert(TABLE_MEDIA_MANAGER, $sql_data_array, 'update', "media_id = '" . (int) $media_id . "'"); } } zen_redirect(zen_href_link_admin(FILENAME_MEDIA_MANAGER, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . ($media_id != '' ? 'mID=' . $media_id : ''))); break; case 'deleteconfirm': // demo active test if (zen_admin_demo()) { $_GET['action'] = ''; $messageStack->add_session(ERROR_ADMIN_DEMO, 'caution'); zen_redirect(zen_href_link_admin(FILENAME_MEDIA_MANAGER, 'page=' . $_GET['page'])); }
} } } if (isset($_GET['mID'])) { $media_id = zen_db_prepare_input($_GET['mID']); } $media_name = zen_db_prepare_input($_POST['media_name']); $sql_data_array = array('media_name' => $media_name); if ($media_name == '') { $messageStack->add_session(ERROR_UNKNOWN_DATA, 'caution'); } else { if ($action == 'insert') { $insert_sql_data = array('date_added' => 'now()'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); zen_db_perform(TABLE_MEDIA_MANAGER, $sql_data_array); $media_id = zen_db_insert_id(); } elseif ($action == 'save') { $update_sql_data = array('last_modified' => 'now()'); $sql_data_array = array_merge($sql_data_array, $update_sql_data); zen_db_perform(TABLE_MEDIA_MANAGER, $sql_data_array, 'update', "media_id = '" . (int) $media_id . "'"); } } zen_redirect(zen_href_link(FILENAME_MEDIA_MANAGER, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . ($media_id != '' ? 'mID=' . $media_id : ''))); break; case 'deleteconfirm': // demo active test if (zen_admin_demo()) { $_GET['action'] = ''; $messageStack->add_session(ERROR_ADMIN_DEMO, 'caution'); zen_redirect(zen_href_link(FILENAME_MEDIA_MANAGER, 'page=' . $_GET['page'])); }
$banners_image = new upload('banners_image'); $banners_image->set_destination(DIR_FS_CATALOG_IMAGES . $banners_image_target); if ($banners_image->parse() == false || $banners_image->save() == false) { $messageStack->add(ERROR_BANNER_IMAGE_REQUIRED, 'error'); $banner_error = true; } } } if ($banner_error == false) { $gBitDb_image_location = zen_not_null($banners_image_local) ? $banners_image_local : $banners_image_target . $banners_image->filename; $sql_data_array = array('banners_title' => $banners_title, 'banners_url' => $banners_url, 'banners_image' => $gBitDb_image_location, 'banners_group' => $banners_group, 'banners_html_text' => $banners_html_text, 'status' => $status, 'banners_open_new_windows' => $banners_open_new_windows, 'banners_on_ssl' => $banners_on_ssl, 'banners_sort_order' => $banners_sort_order); if ($action == 'insert') { $insert_sql_data = array('date_added' => $gBitDb->NOW(), 'status' => '1'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); $gBitDb->associateInsert(TABLE_BANNERS, $sql_data_array); $banners_id = zen_db_insert_id(TABLE_BANNERS, 'banners_id'); $messageStack->add_session(SUCCESS_BANNER_INSERTED, 'success'); } elseif ($action == 'update') { $gBitDb->associateInsert(TABLE_BANNERS, $sql_data_array, 'update', "banners_id = '" . (int) $banners_id . "'"); $messageStack->add_session(SUCCESS_BANNER_UPDATED, 'success'); } // NOTE: status will be reset by the /functions/banner.php if (zen_not_null($expires_date)) { list($day, $month, $year) = explode('/', $expires_date); $expires_date = $year . (strlen($month) == 1 ? '0' . $month : $month) . (strlen($day) == 1 ? '0' . $day : $day); $gBitDb->Execute("update " . TABLE_BANNERS . "\n set `expires_date` = '" . zen_db_input($expires_date) . "',\n `expires_impressions` = null\n where `banners_id` = '" . (int) $banners_id . "'"); } elseif (zen_not_null($expires_impressions)) { $gBitDb->Execute("update " . TABLE_BANNERS . "\n set `expires_impressions` = '" . zen_db_input($expires_impressions) . "',\n `expires_date` = null\n where `banners_id` = '" . (int) $banners_id . "'"); } if (zen_not_null($date_scheduled)) { list($day, $month, $year) = explode('/', $date_scheduled);
$code = strtoupper(zen_db_prepare_input($_POST['code'])); $symbol_left = zen_db_prepare_input($_POST['symbol_left']); $symbol_right = zen_db_prepare_input($_POST['symbol_right']); $decimal_point = zen_db_prepare_input($_POST['decimal_point']); $thousands_point = zen_db_prepare_input($_POST['thousands_point']); $decimal_places = zen_db_prepare_input((int) $_POST['decimal_places']); $value = zen_db_prepare_input((double) $_POST['value']); // special handling for currencies which don't support decimal places if ($decimal_point == '0' || in_array($code, array('JPY', 'HUF', 'TWD'))) { $value = (int) $value; $decimal_places = 0; } $sql_data_array = array('title' => $title, 'code' => $code, 'symbol_left' => $symbol_left, 'symbol_right' => $symbol_right, 'decimal_point' => $decimal_point, 'thousands_point' => $thousands_point, 'decimal_places' => $decimal_places, 'value' => $value); if ($action == 'insert') { zen_db_perform(TABLE_CURRENCIES, $sql_data_array); $currency_id = zen_db_insert_id(); } elseif ($action == 'save') { zen_db_perform(TABLE_CURRENCIES, $sql_data_array, 'update', "currencies_id = '" . (int) $currency_id . "'"); } zen_record_admin_activity('Currency code ' . $code . ' added/updated.', 'info'); if (isset($_POST['default']) && $_POST['default'] == 'on') { $db->Execute("update " . TABLE_CONFIGURATION . "\r\n set configuration_value = '" . zen_db_input($code) . "'\r\n where configuration_key = 'DEFAULT_CURRENCY'"); zen_record_admin_activity('Default currency code changed to ' . $code, 'info'); } zen_redirect(zen_href_link(FILENAME_CURRENCIES, 'page=' . $_GET['page'] . '&cID=' . $currency_id)); break; case 'deleteconfirm': // demo active test if (zen_admin_demo()) { $_GET['action'] = ''; $messageStack->add_session(ERROR_ADMIN_DEMO, 'caution');
} if ($error == false) { if (isset($_GET['adminID'])) { $admins_id = zen_db_prepare_input($_GET['adminID']); } $admin_name = zen_db_prepare_input($_POST['admin_name']); $admin_email = zen_db_prepare_input($_POST['admin_email']); $password_new = zen_db_prepare_input($password_new); $admin_level = zen_db_prepare_input($_POST['admin_level']); $password_new = zen_db_prepare_input($password_new); $sql_data_array = array('admin_name' => $admin_name, 'admin_email' => $admin_email, 'admin_level' => $admin_level); if ($action == 'insert') { $insert_sql_data = array('admin_pass' => zen_encrypt_password($password_new)); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); zen_db_perform(TABLE_ADMIN, $sql_data_array); $admin_id = zen_db_insert_id(); $admins_id = $admin_id; } elseif ($action == 'save') { zen_db_perform(TABLE_ADMIN, $sql_data_array, 'update', "admin_id = '" . (int) $admins_id . "'"); $db->Execute("Update " . TABLE_CONFIGURATION . " set configuration_value='" . $_POST['demo_status'] . "' where configuration_key='ADMIN_DEMO'"); } elseif ($action == 'reset') { $update_sql_data = array('admin_pass' => zen_encrypt_password($password_new)); $sql_data_array = array_merge($sql_data_array, $update_sql_data); zen_db_perform(TABLE_ADMIN, $sql_data_array, 'update', "admin_id = '" . (int) $admins_id . "'"); } // end action check zen_redirect(zen_href_link(FILENAME_ADMIN, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . 'adminID=' . $admins_id)); } // end error check //echo $action; // zen_redirect(zen_href_link(FILENAME_ADMIN, (isset($_GET['page']) ? 'page=' . '&' : '') . 'adminID=' . $admins_id));
/** * Retrieves the configuration group id for this plugin based upon * the unique name of the plugin. * * If the configuration group id cannot be found in the database, the * configuration group id will be added to the database. * * @return integer the configuration group id, or -1 if it cannot be added */ protected function getConfigurationGroupId() { global $db, $messageStack; $retval = -1; if ($this->getUniqueName() === null) { return $retval; } $check = $db->Execute('SELECT `configuration_group_id` FROM `' . TABLE_CONFIGURATION_GROUP . '` ' . 'WHERE `configuration_group_title` = \'' . $this->getUniqueName() . '\''); if ($check->EOF) { $max_sort = $db->Execute('SELECT MAX(sort_order) AS `max_sort` FROM `' . TABLE_CONFIGURATION_GROUP . '`'); if (!$max_sort->EOF) { $sql_data_array = array('configuration_group_title' => $this->getUniqueName(), 'configuration_group_description' => sprintf(PLUGIN_CONFIG_GROUP_DESCRIPTION, $this->getUniqueName()), 'sort_order' => $max_sort->fields['max_sort'] + 1, 'visible' => 1); zen_db_perform(TABLE_CONFIGURATION_GROUP, $sql_data_array); $retval = zen_db_insert_id(); if ($retval === false || $retval == 0) { $retval = -1; } } else { $messageStack->add(sprintf(PLUGIN_INSTALL_ERROR_SORT_ORDER, $this->getUniqueName(), TABLE_CONFIGURATION_GROUP), 'error'); } } else { $retval = (int) $check->fields['configuration_group_id']; } if ($retval == -1) { $messageStack->add(sprintf(PLUGIN_INSTALL_ERROR_DATABASE_KEY, $this->getUniqueName(), TABLE_CONFIGURATION_GROUP, 'configuration_group_title: ' . $this->getUniqueName()), 'error'); } return $retval; }
function storeAddress(&$pParamHash) { global $current_page_base, $language_page_directory, $template; $directory_array = $template->get_template_part($language_page_directory, '/^' . $current_page_base . '/'); while (list($key, $value) = each($directory_array)) { require_once $language_page_directory . $value; } if ($this->verifyAddress($pParamHash, $this->mErrors)) { $process = true; if (isset($pParamHash['address_book_id']) && self::verifyId($pParamHash['address_book_id'])) { $this->mDb->associateUpdate(TABLE_ADDRESS_BOOK, $pParamHash['address_store'], array('address_book_id' => $pParamHash['address_book_id'])); } else { $this->mDb->associateInsert(TABLE_ADDRESS_BOOK, $pParamHash['address_store']); $pParamHash['address'] = zen_db_insert_id(TABLE_ADDRESS_BOOK, 'address_book_id'); } if (!$this->getDefaultAddress() || !empty($pParamHash['primary'])) { $this->setDefaultAddress($pParamHash['address']); } } return count($this->mErrors) == 0; }
if (isset($_POST['add_type_all'])) { zen_restrict_sub_categories($_POST['categories_id'], $_POST['restrict_type']); } $action = "edit"; zen_redirect(zen_href_link(FILENAME_CATEGORIES, 'action=edit_category&cPath=' . $cPath . '&cID=' . zen_db_prepare_input($_POST['categories_id']))); } if (isset($_POST['categories_id'])) { $categories_id = zen_db_prepare_input($_POST['categories_id']); } $sort_order = zen_db_prepare_input($_POST['sort_order']); $sql_data_array = array('sort_order' => (int) $sort_order); if ($action == 'insert_category') { $insert_sql_data = array('parent_id' => $current_category_id, 'date_added' => 'now()'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); zen_db_perform(TABLE_CATEGORIES, $sql_data_array); $categories_id = zen_db_insert_id(); // check if [arent is restricted $sql = "select parent_id from " . TABLE_CATEGORIES . "\n where categories_id = '" . $categories_id . "'"; $parent_cat = $db->Execute($sql); if ($parent_cat->fields['parent_id'] != '0') { $sql = "select * from " . TABLE_PRODUCT_TYPES_TO_CATEGORY . "\n where category_id = '" . $parent_cat->fields['parent_id'] . "'"; $has_type = $db->Execute($sql); if ($has_type->RecordCount() > 0) { while (!$has_type->EOF) { $insert_sql_data = array('category_id' => $categories_id, 'product_type_id' => $has_type->fields['product_type_id']); zen_db_perform(TABLE_PRODUCT_TYPES_TO_CATEGORY, $insert_sql_data); $has_type->moveNext(); } } } } elseif ($action == 'update_category') {
function customerSendCoupon($pFromUser, $pRecipient, $pAmount) { global $gBitDb, $gBitSmarty, $gCommerceSystem, $currencies; $ret = NULL; $gBitDb->StartTrans(); $code = CommerceVoucher::generateCouponCode(); $gvBalance = CommerceVoucher::getGiftAmount(FALSE); $newBalance = $gvBalance - $pAmount; if ($new_amount < 0) { $error = ERROR_ENTRY_AMOUNT_CHECK; } else { $gv_query = "UPDATE " . TABLE_COUPON_GV_CUSTOMER . "\n\t\t\t\t\t\t SET `amount` = ?\n\t\t\t\t\t\t WHERE `customer_id` = ?"; $gBitDb->query($gv_query, array($newBalance, $pFromUser->mUserId)); $gv_query = "INSERT INTO " . TABLE_COUPONS . " (`coupon_type`, `coupon_code`, `date_created`, `coupon_amount`) values ('G', ?, NOW(), ?)"; $gv = $gBitDb->query($gv_query, array($code, $pAmount)); $gvId = zen_db_insert_id(TABLE_COUPONS, 'coupon_id'); $gv_query = "insert into " . TABLE_COUPON_EMAIL_TRACK . "\t(`coupon_id`, `customer_id_sent`, `emailed_to`, `date_sent`)\n\t\t\t\t\t\tvalues ( ?, ?, ?, now())"; $gBitDb->query($gv_query, array($gvId, $pFromUser->mUserId, $pRecipient['email'])); $ret = $code; $gv_email_subject = tra('A gift from') . ' ' . $pFromUser->getDisplayName() . ' ' . tra('to') . ' ' . $gCommerceSystem->getConfig('STORE_NAME'); $gBitSmarty->assign('gvCode', $code); $gBitSmarty->assign('gvSender', $pFromUser->getDisplayName()); $gBitSmarty->assign('gvAmount', $currencies->format($pAmount, false)); $gBitSmarty->assign('gvRedeemUrl', BITCOMMERCE_PKG_URI . 'index.php?main_page=gv_redeem&gv_no=' . $code); if (!empty($pRecipient['message'])) { $gBitSmarty->assign('gvMessage', $pRecipient['message']); } $textMessage = $gBitSmarty->fetch('bitpackage:bitcommerce/gv_send_email_text.tpl'); $htmlMessage = $gBitSmarty->fetch('bitpackage:bitcommerce/gv_send_email_html.tpl'); // send the email zen_mail('', $pRecipient['email'], $gv_email_subject, $textMessage, STORE_NAME, EMAIL_FROM, $htmlMessage, 'gv_send'); // send additional emails if (SEND_EXTRA_GV_CUSTOMER_EMAILS_TO_STATUS == '1' and SEND_EXTRA_GV_CUSTOMER_EMAILS_TO != '') { zen_mail('', SEND_EXTRA_GV_CUSTOMER_EMAILS_TO, $gv_email_subject, $textMessage, STORE_NAME, EMAIL_FROM, $htmlMessage, 'gv_send'); if ($_SESSION['customer_id']) { $account_query = "select `customers_firstname`, `customers_lastname`, `customers_email_address`\n\t\t\t\t\t\t\t\t\t\tfrom " . TABLE_CUSTOMERS . "\n\t\t\t\t\t\t\t\t\t\twhere `customers_id` = '" . (int) $_SESSION['customer_id'] . "'"; $account = $gBitDb->Execute($account_query); } $extra_info = email_collect_extra_info($pRecipient['to_name'], $pRecipient['email'], $pFromUser->getDisplayName(), $pFromUser->getField('email')); $html_msg['EXTRA_INFO'] = $gCommerceSystem->getConfig('TEXT_GV_NAME') . ' Code: ' . $code . '<br/>' . $extra_info['HTML']; zen_mail('', SEND_EXTRA_GV_CUSTOMER_EMAILS_TO, tra('[GV CUSTOMER SENT]') . ' ' . $gv_email_subject, $gCommerceSystem->getConfig('TEXT_GV_NAME') . ' Code: ' . $code . "\n" . $gv_email . $extra_info['TEXT'], STORE_NAME, EMAIL_FROM, $html_msg, 'gv_send_extra'); } } $gBitDb->CompleteTrans(); return $ret; }