}
$cc_number_security = get_setting_value($cc_info, "cc_number_security", 0);
$cc_code_security = get_setting_value($cc_info, "cc_code_security", 0);
$r = new VA_Record($table_prefix . "orders");
$r->errors = $order_errors;
if ($payment_error == 1) {
$r->errors .= $error_message;
}
$r->add_where("order_id", INTEGER);
$r->add_textbox("cc_name", TEXT, CC_NAME_FIELD);
$r->add_textbox("cc_first_name", TEXT, CC_FIRST_NAME_FIELD);
$r->add_textbox("cc_last_name", TEXT, CC_LAST_NAME_FIELD);
$r->add_textbox("cc_number", TEXT, CC_NUMBER_FIELD);
$r->parameters["cc_number"][MIN_LENGTH] = 10;
$r->add_textbox("cc_start_date", DATETIME, CC_START_DATE_FIELD);
$r->change_property("cc_start_date", VALUE_MASK, array("MM", " / ", "YYYY"));
$r->add_textbox("cc_expiry_date", DATETIME, CC_EXPIRY_DATE_FIELD);
$r->change_property("cc_expiry_date", VALUE_MASK, array("MM", " / ", "YYYY"));
$credit_cards = get_db_values("SELECT credit_card_id, credit_card_name FROM " . $table_prefix . "credit_cards", array(array("", PLEASE_CHOOSE_MSG)));
$r->add_select("cc_type", INTEGER, $credit_cards, CC_TYPE_FIELD);
$issue_numbers = get_db_values("SELECT issue_number AS issue_value, issue_number AS issue_description FROM " . $table_prefix . "issue_numbers", array(array("", NOT_AVAILABLE_MSG)));
$r->add_select("cc_issue_number", INTEGER, $issue_numbers, CC_ISSUE_NUMBER_FIELD);
$r->add_textbox("cc_security_code", TEXT, CC_SECURITY_CODE_FIELD);
$r->add_textbox("pay_without_cc", TEXT, PAY_WITHOUT_CC_FIELD);
// 3D fields
$r->add_textbox("secure_3d_check", TEXT);
$r->add_textbox("secure_3d_status", TEXT);
$r->add_textbox("secure_3d_md", TEXT);
$r->add_textbox("secure_3d_xid", TEXT);
$r->add_textbox("secure_3d_eci", TEXT);
$r->add_textbox("secure_3d_cavv", TEXT);
$r->add_select("notes_type", INTEGER, $keywords_types);
$r->add_checkbox("meta_title_index", INTEGER);
$r->add_textbox("meta_title_rank", INTEGER);
$r->add_select("meta_title_type", INTEGER, $keywords_types);
$r->add_checkbox("meta_description_index", INTEGER);
$r->add_textbox("meta_description_rank", INTEGER);
$r->add_select("meta_description_type", INTEGER, $keywords_types);
$r->add_checkbox("meta_keywords_index", INTEGER);
$r->add_textbox("meta_keywords_rank", INTEGER);
$r->add_select("meta_keywords_type", INTEGER, $keywords_types);
$r->get_form_values();
// categories columns
$ip = new VA_Record($table_prefix . "categories_columns", "categories_columns");
$ip->add_where("column_id", INTEGER);
$ip->add_hidden("category_id", INTEGER);
$ip->change_property("category_id", USE_IN_INSERT, true);
$ip->add_textbox("column_order", INTEGER, ADMIN_ORDER_MSG);
$ip->change_property("column_order", REQUIRED, true);
$ip->add_textbox("column_code", TEXT, CODE_MSG);
$ip->change_property("column_code", REQUIRED, true);
$ip->change_property("column_code", MAX_LENGTH, 64);
$ip->add_textbox("column_title", TEXT, TITLE_MSG);
$ip->change_property("column_title", REQUIRED, true);
$ip->change_property("column_title", MAX_LENGTH, 255);
$ip->add_textbox("column_html", TEXT, HTML_MSG);
$columns_number = get_param("cc_number");
$cc_eg = new VA_EditGrid($ip, "categories_columns");
$cc_eg->order_by = " ORDER BY column_order ";
$cc_eg->get_form_values($columns_number);
$param_site_id = get_session("session_site_id");
$tab = get_param("tab");
if ($operation == "save_template") {
$template_name = get_param("template_name");
if (!strlen($template_name)) {
$template_errors = str_replace("{field_name}", EXPORT_TEMPLATE_MSG, REQUIRED_MESSAGE);
}
if (!strlen($errors) && !strlen($template_errors)) {
// save new export template
$r = new VA_Record($table_prefix . "export_templates");
$r->add_where("template_id", INTEGER);
$r->add_textbox("template_name", TEXT);
$r->add_textbox("table_name", TEXT);
$r->add_textbox("admin_id_added_by", INTEGER);
$r->add_textbox("date_added", DATETIME);
if ($db_type == "postgre") {
$new_template_id = get_db_value(" SELECT NEXTVAL('seq_" . $table_prefix . "export_templates') ");
$r->change_property("template_id", USE_IN_INSERT, true);
$r->set_value("template_id", $new_template_id);
}
$r->set_value("template_name", $template_name);
$r->set_value("table_name", $table);
$r->set_value("admin_id_added_by", get_session("session_admin_id"));
$r->set_value("date_added", va_time());
$r->insert_record();
if ($db_type == "mysql") {
$new_template_id = get_db_value(" SELECT LAST_INSERT_ID() ");
$r->set_value("template_id", $new_template_id);
} elseif ($db_type == "access") {
$new_template_id = get_db_value(" SELECT @@IDENTITY ");
$r->set_value("template_id", $new_template_id);
} elseif ($db_type == "db2") {
$new_template_id = get_db_value(" SELECT PREVVAL FOR seq_" . $table_prefix . "export_templates FROM " . $table_prefix . "export_templates");
$sql .= " AND (site_id=1 OR site_id=" . $db->tosql($site_id, INTEGER, true, false) . ")";
$sql .= " ORDER BY site_id ASC ";
} else {
$sql .= " AND site_id=1 ";
}
$db->query($sql);
while ($db->next_record()) {
$order_confirmation[$db->f("setting_name")] = $db->f("setting_value");
}
$confirmed_order_status = 3;
$r = new VA_Record($table_prefix . "orders");
$r->errors = $order_errors;
$r->add_where("order_id", INTEGER);
$r->set_value("order_id", $order_id);
$r->add_textbox("is_confirmed", INTEGER);
$r->change_property("is_confirmed", USE_IN_UPDATE, false);
$r->add_textbox("error_message", TEXT);
$r->add_textbox("pending_message", TEXT);
$r->add_textbox("transaction_id", TEXT);
$r->change_property("transaction_id", USE_IN_UPDATE, false);
$r->add_textbox("authorization_code", TEXT);
// AVS fields
$r->add_textbox("avs_response_code", TEXT);
$r->add_textbox("avs_message", TEXT);
$r->add_textbox("avs_address_match", TEXT);
$r->add_textbox("avs_zip_match", TEXT);
$r->add_textbox("cvv2_match", TEXT);
// 3D fields
$r->add_textbox("secure_3d_check", TEXT);
$r->add_textbox("secure_3d_status", TEXT);
$r->add_textbox("secure_3d_md", TEXT);
$t->set_var("user_home_href", get_custom_friendly_url("user_home.php"));
$t->set_var("referer", $referer);
$t->set_var("referrer", $referer);
$t->set_var("HTTP_REFERER", $referer);
$t->set_var("initial_ip", $initial_ip);
$t->set_var("cookie_ip", $cookie_ip);
$t->set_var("visit_number", $visit_number);
$t->set_var("login_desc", $login_desc);
$t->set_var("short_description_editor", $short_description_editor);
$t->set_var("full_description_editor", $full_description_editor);
$subscribe = get_param("subscribe");
$r = new VA_Record($table_prefix . "users");
$r->add_where("user_id", INTEGER);
$r->add_hidden("type", INTEGER);
$r->add_textbox("user_type_id", INTEGER, "User Type");
$r->change_property("user_type_id", REQUIRED, true);
$r->change_property("user_type_id", USE_IN_UPDATE, false);
$r->add_textbox("is_approved", INTEGER);
$r->add_textbox("registration_last_step", INTEGER);
$r->add_textbox("registration_total_steps", INTEGER);
$r->add_textbox("login", TEXT);
$r->change_property("login", USE_IN_UPDATE, false);
$r->change_property("login", SHOW, false);
// subscription information
$r->add_textbox("subscription_id", INTEGER, SUBSCRIPTION_MSG);
$r->change_property("subscription_id", USE_SQL_NULL, false);
$r->change_property("subscription_id", USE_IN_UPDATE, false);
if ($is_subscription && !$user_id && !$new_user_id) {
$r->change_property("subscription_id", REQUIRED, true);
}
if ($is_subscription) {
$s->set_sorter(ORDER_ADDED_COLUMN, "sorter_date", "2", "o.order_placed_date");
$s->set_sorter(STATUS_MSG, "sorter_status", "3", "o.order_status");
$s->set_sorter(ADMIN_ORDER_TOTAL_MSG, "sorter_total", "4", "o.order_total");
if (get_setting_value($order_info, "show_delivery_country_id", 0) == 1) {
$s->set_sorter(EMAIL_TO_MSG, "sorter_ship_to", "5", "o.delivery_country_id");
} else {
$s->set_sorter(EMAIL_TO_MSG, "sorter_ship_to", "5", "o.country_id");
}
$s->set_sorter(SITE_NAME_MSG, "sorter_site_name", "6", "sti.site_name");
$n = new VA_Navigator($settings["admin_templates_dir"], "navigator.html", "admin_orders.php");
include_once "./admin_header.php";
include_once "./admin_footer.php";
$where = "";
$r = new VA_Record($table_prefix . "orders");
$r->add_textbox("s_on", TEXT, ORDER_NUMBER_MSG);
$r->change_property("s_on", TRIM, true);
$r->add_textbox("s_ne", TEXT);
$r->change_property("s_ne", TRIM, true);
$r->add_textbox("s_kw", TEXT);
$r->change_property("s_kw", TRIM, true);
$r->add_textbox("s_coupon", TEXT);
$r->change_property("s_coupon", TRIM, true);
$r->add_textbox("s_sku", TEXT);
$r->change_property("s_sku", TRIM, true);
$r->add_textbox("s_sd", DATE, FROM_DATE_MSG);
$r->change_property("s_sd", VALUE_MASK, $date_edit_format);
$r->change_property("s_sd", TRIM, true);
$r->add_textbox("s_ed", DATE, END_DATE_MSG);
$r->change_property("s_ed", VALUE_MASK, $date_edit_format);
$r->change_property("s_ed", TRIM, true);
$r->add_checkboxlist("s_os_list", INTEGER, $order_statuses);
// use php library to validate transaction
$order_step = "final";
if (file_exists($validation_php_lib)) {
include_once $validation_php_lib;
} else {
$error_message = APPROPRIATE_LIBRARY_ERROR_MSG . ": " . $validation_php_lib;
}
}
if ($update_order_data) {
$r = new VA_Record($table_prefix . "orders");
$r->add_where("order_id", INTEGER);
$r->set_value("order_id", $order_id);
$r->add_textbox("error_message", TEXT);
$r->add_textbox("pending_message", TEXT);
$r->add_textbox("transaction_id", TEXT);
$r->change_property("transaction_id", USE_IN_UPDATE, false);
$r->add_textbox("authorization_code", TEXT);
// AVS fields
$r->add_textbox("avs_response_code", TEXT);
$r->add_textbox("avs_message", TEXT);
$r->add_textbox("avs_address_match", TEXT);
$r->add_textbox("avs_zip_match", TEXT);
$r->add_textbox("cvv2_match", TEXT);
// 3D fields
$r->add_textbox("secure_3d_check", TEXT);
$r->add_textbox("secure_3d_status", TEXT);
$r->add_textbox("secure_3d_md", TEXT);
$r->add_textbox("secure_3d_eci", TEXT);
$r->add_textbox("secure_3d_cavv", TEXT);
$r->add_textbox("secure_3d_xid", TEXT);
// update order data
foreach ($gift_vouchers as $voucher_id => $voucher_info) {
if (isset($voucher_info["amount"]) && $voucher_info["amount"] > 0) {
$oc->set_value("coupon_id", $voucher_id);
$oc->set_value("coupon_code", $voucher_info["code"]);
$oc->set_value("coupon_title", $voucher_info["title"]);
$oc->set_value("discount_amount", $voucher_info["amount"]);
$oc->set_value("discount_tax_amount", 0);
$oc->insert_record();
}
}
$oi = new VA_Record($table_prefix . "orders_items");
$oi->add_where("order_item_id", INTEGER);
$oi->add_textbox("order_id", INTEGER);
$oi->set_value("order_id", $order_id);
$oi->add_textbox("site_id", INTEGER);
$oi->change_property("site_id", USE_SQL_NULL, false);
if (isset($site_id)) {
$oi->set_value("site_id", $site_id);
} else {
$oi->set_value("site_id", 1);
}
$oi->add_textbox("top_order_item_id", INTEGER);
$oi->change_property("top_order_item_id", USE_SQL_NULL, false);
$oi->add_textbox("user_id", INTEGER);
$oi->set_value("user_id", $user_id);
$oi->add_textbox("user_type_id", INTEGER);
$oi->set_value("user_type_id", $user_type_id);
$oi->add_textbox("item_id", INTEGER);
$oi->add_textbox("parent_item_id", INTEGER);
$oi->add_textbox("cart_item_id", INTEGER);
$oi->change_property("cart_item_id", USE_SQL_NULL, false);
<?php
check_user_session();
$html_template = get_setting_value($block, "html_template", "block_user_change_password.html");
$t->set_file("block_body", $html_template);
$t->set_var("user_change_password_href", get_custom_friendly_url("user_change_password.php"));
$t->set_var("user_home_href", get_custom_friendly_url("user_home.php"));
$r = new VA_Record($table_prefix . "users");
$r->add_where("user_id", INTEGER);
$r->add_textbox("modified_date", DATETIME);
$r->add_textbox("current_password", TEXT, CURRENT_PASS_FIELD);
$r->change_property("current_password", USE_IN_UPDATE, false);
$r->change_property("current_password", REQUIRED, true);
$r->add_textbox("password", TEXT, NEW_PASS_FIELD);
$r->change_property("password", REQUIRED, true);
$r->change_property("password", MIN_LENGTH, 5);
$r->add_textbox("confirm", TEXT, CONFIRM_PASS_FIELD);
$r->change_property("confirm", USE_IN_UPDATE, false);
$r->change_property("password", MATCHED, "confirm");
$action = get_param("action");
$user_id = get_session("session_user_id");
$site_url = get_setting_value($settings, "site_url", "");
$secure_user_profile = get_setting_value($settings, "secure_user_profile", 0);
$return_page = $site_url . get_custom_friendly_url("user_home.php");
$errors = "";
$r->get_form_values();
if (strlen($action)) {
if ($action == "cancel") {
header("Location: " . $return_page);
exit;
}
