} else { $products_subimage4_name = $_POST['products_previous_subimage4']; } // copy subimage5 only if modified if ($_POST['products_subimage5'] != 'none' && isset($_FILES['products_subimage5'])) { $products_subimage5 = oos_get_uploaded_file('products_subimage5'); $subimage5_directory = oos_get_local_path(OOS_ABSOLUTE_PATH . OOS_IMAGES); } if (is_uploaded_file($products_subimage5['tmp_name'])) { $products_subimage5_name = oos_copy_uploaded_file($products_subimage5, $subimage5_directory); } else { $products_subimage5_name = $_POST['products_previous_subimage5']; } // copy subimage6 only if modified if ($_POST['products_subimage6'] != 'none' && isset($_FILES['products_subimage6'])) { $products_subimage6 = oos_get_uploaded_file('products_subimage6'); $subimage6_directory = oos_get_local_path(OOS_ABSOLUTE_PATH . OOS_IMAGES); } if (is_uploaded_file($products_subimage6['tmp_name'])) { $products_subimage6_name = oos_copy_uploaded_file($products_subimage6, $subimage6_directory); } else { $products_subimage6_name = $_POST['products_previous_subimage6']; } $products_sort_order = $_POST['products_sort_order']; } else { $product_result = $dbconn->Execute("SELECT pd.products_name, pd.products_description, pd.products_description_meta, products_keywords_meta, pd.products_url, p.products_id, p.products_quantity, p.products_reorder_level, p.products_model, p.products_ean, p.products_image, p.products_subimage1, p.products_subimage2, p.products_subimage3, p.products_subimage4, p.products_subimage5, p.products_subimage6, p.products_zoomify, p.products_price, p.products_base_price, p.products_base_unit, p.products_weight, p.products_date_added, p.products_last_modified, date_format(p.products_date_available, '%Y-%m-%d') as products_date_available, p.products_status, p.products_tax_class_id, p.products_units_id, p.manufacturers_id, p.products_price_list, p.products_discount_allowed, p.products_quantity_order_min, p.products_quantity_order_units, p.products_discount1, p.products_discount2, p.products_discount3, p.products_discount4, p.products_discount1_qty, p.products_discount2_qty, p.products_discount3_qty, p.products_discount4_qty, p.products_sort_order FROM " . $oostable['products'] . " p, " . $oostable['products_description'] . " pd WHERE p.products_id = '" . $_GET['pID'] . "' and p.products_id = pd.products_id and pd.products_languages_id = '" . intval($_SESSION['language_id']) . "'"); $product = $product_result->fields; $pInfo = new objectInfo($product); $products_image_name = $pInfo->products_image; $products_subimage1_name = $pInfo->products_subimage1; $products_subimage2_name = $pInfo->products_subimage2;
if (isset($_GET['mID'])) { $manufacturers_id = oos_db_prepare_input($_GET['mID']); } $manufacturers_name = oos_db_prepare_input($_POST['manufacturers_name']); $sql_data_array = array('manufacturers_name' => $manufacturers_name); if ($action == 'insert') { $insert_sql_data = array('date_added' => '" . date("Y-m-d H:i:s", time()) . "'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); oos_db_perform($oostable['manufacturers'], $sql_data_array); $manufacturers_id = $dbconn->Insert_ID(); } elseif ($action == 'save') { $update_sql_data = array('last_modified' => '" . date("Y-m-d H:i:s", time()) . "'); $sql_data_array = array_merge($sql_data_array, $update_sql_data); oos_db_perform($oostable['manufacturers'], $sql_data_array, 'update', "manufacturers_id = '" . oos_db_input($manufacturers_id) . "'"); } $manufacturers_image = oos_get_uploaded_file('manufacturers_image'); $image_directory = oos_get_local_path(OOS_ABSOLUTE_PATH . OOS_IMAGES); if (is_uploaded_file($manufacturers_image['tmp_name'])) { if (!is_writeable($image_directory)) { if (is_dir($image_directory)) { $messageStack->add_session(sprintf(ERROR_DIRECTORY_NOT_WRITEABLE, $image_directory), 'error'); } else { $messageStack->add_session(sprintf(ERROR_DIRECTORY_DOES_NOT_EXIST, $image_directory), 'error'); } } else { $dbconn->Execute("UPDATE " . $oostable['manufacturers'] . " SET manufacturers_image = '" . $manufacturers_image['name'] . "' WHERE manufacturers_id = '" . oos_db_input($manufacturers_id) . "'"); oos_get_copy_uploaded_file($manufacturers_image, $image_directory); } } $languages = oos_get_languages(); for ($i = 0, $n = count($languages); $i < $n; $i++) {
break; case 'insert': case 'save': $information_id = oos_db_prepare_input($_GET['mID']); $sql_data_array_sort = array('sort_order' => $sort_order); if ($action == 'insert') { $insert_sql_data = array('date_added' => '" . date("Y-m-d H:i:s", time()) . "'); $sql_data_array = array_merge($insert_sql_data, $sql_data_array_sort); oos_db_perform($oostable['information'], $sql_data_array); $information_id = $dbconn->Insert_ID(); } elseif ($action == 'save') { $update_sql_data = array('last_modified' => '" . date("Y-m-d H:i:s", time()) . "'); $sql_data_array = array_merge($update_sql_data, $sql_data_array_sort); oos_db_perform($oostable['information'], $sql_data_array, 'update', "information_id = '" . oos_db_input($information_id) . "'"); } $information_image = oos_get_uploaded_file('information_image'); $image_directory = oos_get_local_path(OOS_ABSOLUTE_PATH . OOS_IMAGES); if (is_uploaded_file($information_image['tmp_name'])) { if (!is_writeable($image_directory)) { if (is_dir($image_directory)) { $messageStack->add_session(sprintf(ERROR_DIRECTORY_NOT_WRITEABLE, $image_directory), 'error'); } else { $messageStack->add_session(sprintf(ERROR_DIRECTORY_DOES_NOT_EXIST, $image_directory), 'error'); } } else { $dbconn->Execute("UPDATE " . $oostable['information'] . " SET information_image = '" . $information_image['name'] . "' WHERE information_id = '" . oos_db_input($information_id) . "'"); oos_get_copy_uploaded_file($information_image, $image_directory); } } $languages = oos_get_languages(); for ($i = 0, $n = count($languages); $i < $n; $i++) {
$sql_data_array = array('customers_status_name' => $customers_status_name_array[$lang_id], 'customers_status_public' => $customers_status_public, 'customers_status_show_price' => $customers_status_show_price, 'customers_status_show_price_tax' => $customers_status_show_price_tax, 'customers_status_discount' => $customers_status_discount, 'customers_status_ot_discount_flag' => $customers_status_ot_discount_flag, 'customers_status_ot_discount' => $customers_status_ot_discount, 'customers_status_ot_minimum' => $customers_status_ot_minimum, 'customers_status_qty_discounts' => $customers_status_qty_discounts, 'customers_status_payment' => $customers_status_payment); if ($action == 'insert') { if (oos_empty($customers_status_id)) { $next_id_result = $dbconn->Execute("SELECT max(customers_status_id) as customers_status_id FROM " . $oostable['customers_status'] . ""); $next_id = $next_id_result->fields; $customers_status_id = $next_id['customers_status_id'] + 1; } $insert_sql_data = array('customers_status_id' => oos_db_prepare_input($customers_status_id), 'customers_status_languages_id' => $lang_id); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); oos_db_perform($oostable['customers_status'], $sql_data_array); } elseif ($action == 'save') { oos_db_perform($oostable['customers_status'], $sql_data_array, 'update', "customers_status_id = '" . oos_db_input($customers_status_id) . "' and customers_status_languages_id = '" . intval($lang_id) . "'"); } } // Changes by Guido Start $customers_status_image = oos_get_uploaded_file('customers_status_image'); $image_directory = oos_get_local_path(OOS_ABSOLUTE_PATH . OOS_IMAGES . 'icons/'); if (is_uploaded_file($customers_status_image['tmp_name'])) { if (!is_writeable($image_directory)) { if (is_dir($image_directory)) { $messageStack->add_session(sprintf(ERROR_DIRECTORY_NOT_WRITEABLE, $image_directory), 'error'); } else { $messageStack->add_session(sprintf(ERROR_DIRECTORY_DOES_NOT_EXIST, $image_directory), 'error'); } } else { $dbconn->Execute("UPDATE " . $oostable['customers_status'] . " SET customers_status_image = '" . $customers_status_image['name'] . "' WHERE customers_status_id = '" . oos_db_input($customers_status_id) . "'"); oos_get_copy_uploaded_file($customers_status_image, $image_directory); } } // Changes by Guido END if (isset($_POST['default']) && $_POST['default'] == 'on') {
<td class="main" align="right"><?php echo oos_draw_hidden_field('categories_date_added', $cInfo->date_added ? $cInfo->date_added : date('Y-m-d')) . oos_draw_hidden_field('parent_id', $cInfo->parent_id) . oos_image_swap_submits('preview', 'preview_off.gif', IMAGE_PREVIEW) . ' <a href="' . oos_href_link_admin($aFilename['categories'], 'categories=' . $categories . '&cID=' . $_GET['cID']) . '">' . oos_image_swap_button('cancel', 'cancel_off.gif', IMAGE_CANCEL) . '</a>'; ?> </td> </form></tr> <?php } elseif ($action == 'new_category_preview') { if (oos_is_not_null($_POST)) { $cInfo = new objectInfo($_POST); $categories_name = $_POST['categories_name']; $categories_heading_title = $_POST['categories_heading_title']; $categories_description = $_POST['categories_description']; $categories_description_meta = $_POST['categories_description_meta']; $categories_keywords_meta = $_POST['categories_keywords_meta']; if ($_POST['categories_image'] != 'none' && isset($_FILES['categories_image'])) { $categories_image = oos_get_uploaded_file('categories_image'); $image_directory = oos_get_local_path(OOS_ABSOLUTE_PATH . OOS_IMAGES); } // copy image only if modified if (is_uploaded_file($categories_image['tmp_name'])) { oos_get_copy_uploaded_file($categories_image, $image_directory); $categories_image_name = $categories_image['name']; } else { $categories_image_name = $_POST['categories_previous_image']; } } else { $categoriestable = $oostable['categories']; $categories_descriptiontable = $oostable['categories_description']; $query = "SELECT c.categories_id, cd.categories_languages_id, cd.categories_name,\r\n cd.categories_heading_title, cd.categories_description,\r\n cd.categories_description_meta, cd.categories_keywords_meta,\r\n c.categories_image, c.access, c.sort_order, c.date_added, c.last_modified\r\n FROM {$categoriestable} c,\r\n {$categories_descriptiontable} cd\r\n WHERE c.categories_id = cd.categories_id AND\r\n c.categories_id = '" . intval($_GET['cID']) . "'"; $category_result = $dbconn->Execute($query); $category = $category_result->fields;
fputs($fp, stripslashes($_POST['file_contents'])); fclose($fp); oos_redirect_admin(oos_href_link_admin($aFilename['file_manager'], 'info=' . urlencode($_POST['filename']))); } break; case 'processuploads': $_current_path = oos_get_local_path($_SESSION['current_path']); if (!is_writeable($_current_path)) { if (is_dir($_current_path)) { $messageStack->add_session(sprintf(ERROR_DIRECTORY_NOT_WRITEABLE, $_current_path), 'error'); } else { $messageStack->add_session(sprintf(ERROR_DIRECTORY_DOES_NOT_EXIST, $_current_path), 'error'); } } else { for ($i = 1; $i < 6; $i++) { $file = oos_get_uploaded_file('file_' . $i); if (is_uploaded_file($file['tmp_name'])) { oos_get_copy_uploaded_file($file, $_current_path); } } } oos_redirect_admin(oos_href_link_admin($aFilename['file_manager'])); break; case 'download': header('Content-type: application/x-octet-stream'); header('Content-disposition: attachment; filename=' . urldecode($_GET['filename'])); readfile($_SESSION['current_path'] . '/' . urldecode($_GET['filename'])); exit; break; case 'upload': case 'new_folder':
switch ($action) { case 'insert': case 'save': $newsfeed_id = oos_db_prepare_input($_GET['nID']); $sql_data_array = array('newsfeed_type' => $newsfeed_type); if ($action == 'insert') { $insert_sql_data = array('date_added' => '" . date("Y-m-d H:i:s", time()) . "'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); oos_db_perform($oostable['newsfeed'], $sql_data_array); $newsfeed_id = $dbconn->Insert_ID(); } elseif ($action == 'save') { $update_sql_data = array('last_modified' => '" . date("Y-m-d H:i:s", time()) . "'); $sql_data_array = array_merge($sql_data_array, $update_sql_data); oos_db_perform($oostable['newsfeed'], $sql_data_array, 'update', "newsfeed_id = '" . oos_db_input($newsfeed_id) . "'"); } $newsfeed_image = oos_get_uploaded_file('newsfeed_image'); $image_directory = oos_get_local_path(OOS_ABSOLUTE_PATH . OOS_IMAGES); if (is_uploaded_file($newsfeed_image['tmp_name'])) { if (!is_writeable($image_directory)) { if (is_dir($image_directory)) { $messageStack->add_session(sprintf(ERROR_DIRECTORY_NOT_WRITEABLE, $image_directory), 'error'); } else { $messageStack->add_session(sprintf(ERROR_DIRECTORY_DOES_NOT_EXIST, $image_directory), 'error'); } } else { $newsfeedtable = $oostable['newsfeed']; $dbconn->Execute("UPDATE {$newsfeedtable} SET newsfeed_image = '" . $newsfeed_image['name'] . "' WHERE newsfeed_id = '" . oos_db_input($newsfeed_id) . "'"); oos_get_copy_uploaded_file($newsfeed_image, $image_directory); } } $languages = oos_get_languages();
$action = isset($_GET['action']) ? $_GET['action'] : ''; if (!empty($action)) { switch ($action) { case 'setflag': if ($_GET['flag'] == '0' || $_GET['flag'] == '1') { oos_set_banner_status($_GET['bID'], $_GET['flag']); $messageStack->add_session(SUCCESS_BANNER_STATUS_UPDATED, 'success'); } else { $messageStack->add_session(ERROR_UNKNOWN_STATUS_FLAG, 'error'); } oos_redirect_admin(oos_href_link_admin($aFilename['banner_manager'], 'page=' . $_GET['page'] . '&bID=' . $_GET['bID'])); break; case 'insert': case 'update': $banners_group = empty($new_banners_group) ? oos_db_prepare_input($_POST['banners_group']) : $new_banners_group; $banners_image = oos_get_uploaded_file('banners_image'); $db_image_location = ''; $image_directory = oos_get_local_path(OOS_ABSOLUTE_PATH . OOS_IMAGES . $banners_image_target); $banner_error = false; if (empty($banners_title)) { $messageStack->add(ERROR_BANNER_TITLE_REQUIRED, 'error'); $banner_error = true; } if (empty($banners_group)) { $messageStack->add(ERROR_BANNER_GROUP_REQUIRED, 'error'); $banner_error = true; } if (isset($banners_image) && $banners_image['name'] != 'none' && is_uploaded_file($banners_image['tmp_name'])) { $store_image = false; if (!is_writeable($image_directory)) { if (is_dir($image_directory)) {
$lll = 0; $filelayout = array(); foreach ($theheaders_array as $header) { $cleanheader = str_replace('"', '', $header); // echo "Fileheader was $header<br /><br /><br />"; $filelayout[$cleanheader] = $lll++; // } unset($readed[0]); // we don't want to process the headers with the data // now we've got the array broken into parts by the expicit end-of-row marker. array_walk($readed, 'walk'); } if (is_uploaded_file($usrfl) && $split == 1) { // move the file to where we can work with it $file = oos_get_uploaded_file('usrfl'); //echo "Trying to move file..."; if (is_uploaded_file($file['tmp_name'])) { oos_get_copy_uploaded_file($file, OOS_ABSOLUTE_PATH . $tempdir); } $infp = fopen(OOS_ABSOLUTE_PATH . $tempdir . $usrfl['name'], "r"); //toprow has the field headers $toprow = fgets($infp, 32768); $filecount = 1; echo CREATING_FILE . "EP_Split" . $filecount . ".txt ... "; $tmpfname = OOS_ABSOLUTE_PATH . $tempdir . "EP_Split" . $filecount . ".txt"; $fp = fopen($tmpfname, "w+"); fwrite($fp, $toprow); $linecount = 0; $line = fgets($infp, 32768); while ($line) {