} $cc_number_security = get_setting_value($cc_info, "cc_number_security", 0); $cc_code_security = get_setting_value($cc_info, "cc_code_security", 0); $r = new VA_Record($table_prefix . "orders"); $r->errors = $order_errors; if ($payment_error == 1) { $r->errors .= $error_message; } $r->add_where("order_id", INTEGER); $r->add_textbox("cc_name", TEXT, CC_NAME_FIELD); $r->add_textbox("cc_first_name", TEXT, CC_FIRST_NAME_FIELD); $r->add_textbox("cc_last_name", TEXT, CC_LAST_NAME_FIELD); $r->add_textbox("cc_number", TEXT, CC_NUMBER_FIELD); $r->parameters["cc_number"][MIN_LENGTH] = 10; $r->add_textbox("cc_start_date", DATETIME, CC_START_DATE_FIELD); $r->change_property("cc_start_date", VALUE_MASK, array("MM", " / ", "YYYY")); $r->add_textbox("cc_expiry_date", DATETIME, CC_EXPIRY_DATE_FIELD); $r->change_property("cc_expiry_date", VALUE_MASK, array("MM", " / ", "YYYY")); $credit_cards = get_db_values("SELECT credit_card_id, credit_card_name FROM " . $table_prefix . "credit_cards", array(array("", PLEASE_CHOOSE_MSG))); $r->add_select("cc_type", INTEGER, $credit_cards, CC_TYPE_FIELD); $issue_numbers = get_db_values("SELECT issue_number AS issue_value, issue_number AS issue_description FROM " . $table_prefix . "issue_numbers", array(array("", NOT_AVAILABLE_MSG))); $r->add_select("cc_issue_number", INTEGER, $issue_numbers, CC_ISSUE_NUMBER_FIELD); $r->add_textbox("cc_security_code", TEXT, CC_SECURITY_CODE_FIELD); $r->add_textbox("pay_without_cc", TEXT, PAY_WITHOUT_CC_FIELD); // 3D fields $r->add_textbox("secure_3d_check", TEXT); $r->add_textbox("secure_3d_status", TEXT); $r->add_textbox("secure_3d_md", TEXT); $r->add_textbox("secure_3d_xid", TEXT); $r->add_textbox("secure_3d_eci", TEXT); $r->add_textbox("secure_3d_cavv", TEXT);
$r->add_select("notes_type", INTEGER, $keywords_types); $r->add_checkbox("meta_title_index", INTEGER); $r->add_textbox("meta_title_rank", INTEGER); $r->add_select("meta_title_type", INTEGER, $keywords_types); $r->add_checkbox("meta_description_index", INTEGER); $r->add_textbox("meta_description_rank", INTEGER); $r->add_select("meta_description_type", INTEGER, $keywords_types); $r->add_checkbox("meta_keywords_index", INTEGER); $r->add_textbox("meta_keywords_rank", INTEGER); $r->add_select("meta_keywords_type", INTEGER, $keywords_types); $r->get_form_values(); // categories columns $ip = new VA_Record($table_prefix . "categories_columns", "categories_columns"); $ip->add_where("column_id", INTEGER); $ip->add_hidden("category_id", INTEGER); $ip->change_property("category_id", USE_IN_INSERT, true); $ip->add_textbox("column_order", INTEGER, ADMIN_ORDER_MSG); $ip->change_property("column_order", REQUIRED, true); $ip->add_textbox("column_code", TEXT, CODE_MSG); $ip->change_property("column_code", REQUIRED, true); $ip->change_property("column_code", MAX_LENGTH, 64); $ip->add_textbox("column_title", TEXT, TITLE_MSG); $ip->change_property("column_title", REQUIRED, true); $ip->change_property("column_title", MAX_LENGTH, 255); $ip->add_textbox("column_html", TEXT, HTML_MSG); $columns_number = get_param("cc_number"); $cc_eg = new VA_EditGrid($ip, "categories_columns"); $cc_eg->order_by = " ORDER BY column_order "; $cc_eg->get_form_values($columns_number); $param_site_id = get_session("session_site_id"); $tab = get_param("tab");
if ($operation == "save_template") { $template_name = get_param("template_name"); if (!strlen($template_name)) { $template_errors = str_replace("{field_name}", EXPORT_TEMPLATE_MSG, REQUIRED_MESSAGE); } if (!strlen($errors) && !strlen($template_errors)) { // save new export template $r = new VA_Record($table_prefix . "export_templates"); $r->add_where("template_id", INTEGER); $r->add_textbox("template_name", TEXT); $r->add_textbox("table_name", TEXT); $r->add_textbox("admin_id_added_by", INTEGER); $r->add_textbox("date_added", DATETIME); if ($db_type == "postgre") { $new_template_id = get_db_value(" SELECT NEXTVAL('seq_" . $table_prefix . "export_templates') "); $r->change_property("template_id", USE_IN_INSERT, true); $r->set_value("template_id", $new_template_id); } $r->set_value("template_name", $template_name); $r->set_value("table_name", $table); $r->set_value("admin_id_added_by", get_session("session_admin_id")); $r->set_value("date_added", va_time()); $r->insert_record(); if ($db_type == "mysql") { $new_template_id = get_db_value(" SELECT LAST_INSERT_ID() "); $r->set_value("template_id", $new_template_id); } elseif ($db_type == "access") { $new_template_id = get_db_value(" SELECT @@IDENTITY "); $r->set_value("template_id", $new_template_id); } elseif ($db_type == "db2") { $new_template_id = get_db_value(" SELECT PREVVAL FOR seq_" . $table_prefix . "export_templates FROM " . $table_prefix . "export_templates");
$sql .= " AND (site_id=1 OR site_id=" . $db->tosql($site_id, INTEGER, true, false) . ")"; $sql .= " ORDER BY site_id ASC "; } else { $sql .= " AND site_id=1 "; } $db->query($sql); while ($db->next_record()) { $order_confirmation[$db->f("setting_name")] = $db->f("setting_value"); } $confirmed_order_status = 3; $r = new VA_Record($table_prefix . "orders"); $r->errors = $order_errors; $r->add_where("order_id", INTEGER); $r->set_value("order_id", $order_id); $r->add_textbox("is_confirmed", INTEGER); $r->change_property("is_confirmed", USE_IN_UPDATE, false); $r->add_textbox("error_message", TEXT); $r->add_textbox("pending_message", TEXT); $r->add_textbox("transaction_id", TEXT); $r->change_property("transaction_id", USE_IN_UPDATE, false); $r->add_textbox("authorization_code", TEXT); // AVS fields $r->add_textbox("avs_response_code", TEXT); $r->add_textbox("avs_message", TEXT); $r->add_textbox("avs_address_match", TEXT); $r->add_textbox("avs_zip_match", TEXT); $r->add_textbox("cvv2_match", TEXT); // 3D fields $r->add_textbox("secure_3d_check", TEXT); $r->add_textbox("secure_3d_status", TEXT); $r->add_textbox("secure_3d_md", TEXT);
$t->set_var("user_home_href", get_custom_friendly_url("user_home.php")); $t->set_var("referer", $referer); $t->set_var("referrer", $referer); $t->set_var("HTTP_REFERER", $referer); $t->set_var("initial_ip", $initial_ip); $t->set_var("cookie_ip", $cookie_ip); $t->set_var("visit_number", $visit_number); $t->set_var("login_desc", $login_desc); $t->set_var("short_description_editor", $short_description_editor); $t->set_var("full_description_editor", $full_description_editor); $subscribe = get_param("subscribe"); $r = new VA_Record($table_prefix . "users"); $r->add_where("user_id", INTEGER); $r->add_hidden("type", INTEGER); $r->add_textbox("user_type_id", INTEGER, "User Type"); $r->change_property("user_type_id", REQUIRED, true); $r->change_property("user_type_id", USE_IN_UPDATE, false); $r->add_textbox("is_approved", INTEGER); $r->add_textbox("registration_last_step", INTEGER); $r->add_textbox("registration_total_steps", INTEGER); $r->add_textbox("login", TEXT); $r->change_property("login", USE_IN_UPDATE, false); $r->change_property("login", SHOW, false); // subscription information $r->add_textbox("subscription_id", INTEGER, SUBSCRIPTION_MSG); $r->change_property("subscription_id", USE_SQL_NULL, false); $r->change_property("subscription_id", USE_IN_UPDATE, false); if ($is_subscription && !$user_id && !$new_user_id) { $r->change_property("subscription_id", REQUIRED, true); } if ($is_subscription) {
$s->set_sorter(ORDER_ADDED_COLUMN, "sorter_date", "2", "o.order_placed_date"); $s->set_sorter(STATUS_MSG, "sorter_status", "3", "o.order_status"); $s->set_sorter(ADMIN_ORDER_TOTAL_MSG, "sorter_total", "4", "o.order_total"); if (get_setting_value($order_info, "show_delivery_country_id", 0) == 1) { $s->set_sorter(EMAIL_TO_MSG, "sorter_ship_to", "5", "o.delivery_country_id"); } else { $s->set_sorter(EMAIL_TO_MSG, "sorter_ship_to", "5", "o.country_id"); } $s->set_sorter(SITE_NAME_MSG, "sorter_site_name", "6", "sti.site_name"); $n = new VA_Navigator($settings["admin_templates_dir"], "navigator.html", "admin_orders.php"); include_once "./admin_header.php"; include_once "./admin_footer.php"; $where = ""; $r = new VA_Record($table_prefix . "orders"); $r->add_textbox("s_on", TEXT, ORDER_NUMBER_MSG); $r->change_property("s_on", TRIM, true); $r->add_textbox("s_ne", TEXT); $r->change_property("s_ne", TRIM, true); $r->add_textbox("s_kw", TEXT); $r->change_property("s_kw", TRIM, true); $r->add_textbox("s_coupon", TEXT); $r->change_property("s_coupon", TRIM, true); $r->add_textbox("s_sku", TEXT); $r->change_property("s_sku", TRIM, true); $r->add_textbox("s_sd", DATE, FROM_DATE_MSG); $r->change_property("s_sd", VALUE_MASK, $date_edit_format); $r->change_property("s_sd", TRIM, true); $r->add_textbox("s_ed", DATE, END_DATE_MSG); $r->change_property("s_ed", VALUE_MASK, $date_edit_format); $r->change_property("s_ed", TRIM, true); $r->add_checkboxlist("s_os_list", INTEGER, $order_statuses);
// use php library to validate transaction $order_step = "final"; if (file_exists($validation_php_lib)) { include_once $validation_php_lib; } else { $error_message = APPROPRIATE_LIBRARY_ERROR_MSG . ": " . $validation_php_lib; } } if ($update_order_data) { $r = new VA_Record($table_prefix . "orders"); $r->add_where("order_id", INTEGER); $r->set_value("order_id", $order_id); $r->add_textbox("error_message", TEXT); $r->add_textbox("pending_message", TEXT); $r->add_textbox("transaction_id", TEXT); $r->change_property("transaction_id", USE_IN_UPDATE, false); $r->add_textbox("authorization_code", TEXT); // AVS fields $r->add_textbox("avs_response_code", TEXT); $r->add_textbox("avs_message", TEXT); $r->add_textbox("avs_address_match", TEXT); $r->add_textbox("avs_zip_match", TEXT); $r->add_textbox("cvv2_match", TEXT); // 3D fields $r->add_textbox("secure_3d_check", TEXT); $r->add_textbox("secure_3d_status", TEXT); $r->add_textbox("secure_3d_md", TEXT); $r->add_textbox("secure_3d_eci", TEXT); $r->add_textbox("secure_3d_cavv", TEXT); $r->add_textbox("secure_3d_xid", TEXT); // update order data
foreach ($gift_vouchers as $voucher_id => $voucher_info) { if (isset($voucher_info["amount"]) && $voucher_info["amount"] > 0) { $oc->set_value("coupon_id", $voucher_id); $oc->set_value("coupon_code", $voucher_info["code"]); $oc->set_value("coupon_title", $voucher_info["title"]); $oc->set_value("discount_amount", $voucher_info["amount"]); $oc->set_value("discount_tax_amount", 0); $oc->insert_record(); } } $oi = new VA_Record($table_prefix . "orders_items"); $oi->add_where("order_item_id", INTEGER); $oi->add_textbox("order_id", INTEGER); $oi->set_value("order_id", $order_id); $oi->add_textbox("site_id", INTEGER); $oi->change_property("site_id", USE_SQL_NULL, false); if (isset($site_id)) { $oi->set_value("site_id", $site_id); } else { $oi->set_value("site_id", 1); } $oi->add_textbox("top_order_item_id", INTEGER); $oi->change_property("top_order_item_id", USE_SQL_NULL, false); $oi->add_textbox("user_id", INTEGER); $oi->set_value("user_id", $user_id); $oi->add_textbox("user_type_id", INTEGER); $oi->set_value("user_type_id", $user_type_id); $oi->add_textbox("item_id", INTEGER); $oi->add_textbox("parent_item_id", INTEGER); $oi->add_textbox("cart_item_id", INTEGER); $oi->change_property("cart_item_id", USE_SQL_NULL, false);
<?php check_user_session(); $html_template = get_setting_value($block, "html_template", "block_user_change_password.html"); $t->set_file("block_body", $html_template); $t->set_var("user_change_password_href", get_custom_friendly_url("user_change_password.php")); $t->set_var("user_home_href", get_custom_friendly_url("user_home.php")); $r = new VA_Record($table_prefix . "users"); $r->add_where("user_id", INTEGER); $r->add_textbox("modified_date", DATETIME); $r->add_textbox("current_password", TEXT, CURRENT_PASS_FIELD); $r->change_property("current_password", USE_IN_UPDATE, false); $r->change_property("current_password", REQUIRED, true); $r->add_textbox("password", TEXT, NEW_PASS_FIELD); $r->change_property("password", REQUIRED, true); $r->change_property("password", MIN_LENGTH, 5); $r->add_textbox("confirm", TEXT, CONFIRM_PASS_FIELD); $r->change_property("confirm", USE_IN_UPDATE, false); $r->change_property("password", MATCHED, "confirm"); $action = get_param("action"); $user_id = get_session("session_user_id"); $site_url = get_setting_value($settings, "site_url", ""); $secure_user_profile = get_setting_value($settings, "secure_user_profile", 0); $return_page = $site_url . get_custom_friendly_url("user_home.php"); $errors = ""; $r->get_form_values(); if (strlen($action)) { if ($action == "cancel") { header("Location: " . $return_page); exit; }