require OWP_LANGUAGES_DIR . $language . '/' . $owpFilename['define_language']; switch ($_GET['action']) { case 'save': if ($_GET['lngdir'] && $_GET['filename']) { $file = OWP_LANG_PATH . $_GET['lngdir'] . '/' . $_GET['filename']; if (file_exists($file)) { if (file_exists('bak' . $file)) { @unlink('bak' . $file); } @rename($file, 'bak' . $file); $new_file = fopen($file, 'w'); $file_contents = stripslashes($_POST['file_contents']); fwrite($new_file, $file_contents, strlen($file_contents)); fclose($new_file); } owpRedirect(owpLink($owpFilename['define_language'], 'lngdir=' . $_GET['lngdir'])); } break; } if (!isset($_GET['lngdir'])) { $_GET['lngdir'] = $language; } $languages_array = array(); $languages = owpGetLanguages(); $lng_exists = false; for ($i = 0; $i < sizeof($languages); $i++) { if ($languages[$i]['iso_639_2'] == $_GET['lngdir']) { $lng_exists = true; } $languages_array[] = array('id' => $languages[$i]['iso_639_2'], 'text' => $languages[$i]['name']); }
---------------------------------------------------------------------- Released under the GNU General Public License ---------------------------------------------------------------------- */ require 'includes/system.php'; if (!isset($_SESSION['user_id'])) { $_SESSION['navigation']->set_snapshot(); owpRedirect(owpLink($owpFilename['login'], '', 'SSL')); } require OWP_LANGUAGES_DIR . $language . '/' . $owpFilename['configuration']; $breadcrumb->add(NAVBAR_TITLE, owpLink($owpFilename['configuration'], 'gID=1', 'NONSSL')); if ($_GET['action']) { switch ($_GET['action']) { case 'save': $today = date("Y-m-d H:i:s"); $db->Execute("UPDATE " . $owpDBTable['configuration'] . " \n\t SET configuration_value = " . $db->qstr($configuration_value) . ", \n last_modified = " . $db->DBTimeStamp($today) . "\n WHERE configuration_id = '" . $_GET['cID'] . "'"); owpRedirect(owpLink($owpFilename['configuration'], 'gID=' . $_GET['gID'] . '&cID=' . $_GET['cID'])); break; } } $sql = "SELECT configuration_group_title \n FROM " . $owpDBTable['configuration_group'] . " \n WHERE configuration_group_id = '" . $_GET['gID'] . "'"; $cfg_group_query = $db->Execute($sql); $cfg_group = $cfg_group_query->fields; ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?> > <head> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=<?php echo CHARSET;
---------------------------------------------------------------------- Based on: File: account.php,v 1.57 2002/07/21 23:38:57 hpdl ---------------------------------------------------------------------- osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2002 osCommerce ---------------------------------------------------------------------- Released under the GNU General Public License ---------------------------------------------------------------------- */ require 'includes/system.php'; if (!isset($_SESSION['user_id'])) { $_SESSION['navigation']->set_snapshot(); owpRedirect(owpLink($owpFilename['login'], '', 'SSL')); } require OWP_LANGUAGES_DIR . $language . '/' . $owpFilename['account']; $breadcrumb->add(NAVBAR_TITLE, owpLink($owpFilename['account'], '', 'NONSSL')); ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?> > <head> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=<?php echo CHARSET; ?> "> <title><?php
} // download if (CVS_DOWNLOAD == 'true') { $fp = fopen(OWP_CSV_TEMP . $db_table_file, 'r'); $buffer = fread($fp, filesize(OWP_CSV_TEMP . $db_table_file)); fclose($fp); header('Content-Type: application/vnd.ms-excel'); header('Content-Disposition: attachment; filename="' . $db_table_file . '"'); header('Expires: 0'); header('Pragma: no-cache'); echo $buffer; } if (CVS_DELETE_FILE == 'true') { @unlink(OWP_CSV_TEMP . $db_table_file); } owpRedirect(owpLink($owpFilename['zones'], 'page=' . $_GET['page'])); break; } } if (OWP_CSV_EXCEL == 'true') { $dir_ok = false; if (is_dir(owpGetLocalPath(OWP_CSV_TEMP))) { $dir_ok = true; if (!is_writeable(owpGetLocalPath(OWP_CSV_TEMP))) { $messageStack->add(ERROR_CSV_TEMP_DIRECTORY_NOT_WRITEABLE, 'error'); } } else { $messageStack->add(ERROR_CSV_TEMP_DIRECTORY_DOES_NOT_EXIST, 'error'); } } ?>
$fp = fopen(OWP_CSV_TEMP . $db_table_file, 'r'); $buffer = fread($fp, filesize(OWP_CSV_TEMP . $db_table_file)); fclose($fp); if (CVS_DELETE_FILE == 'true' && CVS_SEND_MAIL == 'false') { @unlink(OWP_CSV_TEMP . $db_table_file); } header('Content-Type: application/vnd.ms-excel'); header('Content-Disposition: attachment; filename="' . $db_table_file . '"'); header('Expires: 0'); header('Pragma: no-cache'); echo $buffer; } if (CVS_DELETE_FILE == 'true') { @unlink(OWP_CSV_TEMP . $db_table_file); } owpRedirect(owpLink($owpFilename['countries'], 'page=' . $_GET['page'])); break; } } if (OWP_CSV_EXCEL == 'true') { $dir_ok = false; if (is_dir(owpGetLocalPath(OWP_CSV_TEMP))) { $dir_ok = true; if (!is_writeable(owpGetLocalPath(OWP_CSV_TEMP))) { $messageStack->add(ERROR_CSV_TEMP_DIRECTORY_NOT_WRITEABLE, 'error'); } } else { $messageStack->add(ERROR_CSV_TEMP_DIRECTORY_DOES_NOT_EXIST, 'error'); } } ?>
header('Content-disposition: attachment; filename=' . $_GET['file']); echo $buffer; exit; } } else { $messageStack->add(ERROR_DOWNLOAD_LINK_NOT_ACCEPTABLE, 'error'); } break; case 'deleteconfirm': if (strstr($_GET['file'], '..')) { owpRedirect(owpLink($owpFilename['backup'])); } owpRemove(OWP_BACKUP_PATH . '/' . $_GET['file']); if (!$owpRemoveError) { $messageStack->add_session(SUCCESS_BACKUP_DELETED, 'success'); owpRedirect(owpLink($owpFilename['backup'])); } break; } } // check if the backup directory exists $dir_ok = false; if (is_dir(owpGetLocalPath(OWP_BACKUP_PATH))) { $dir_ok = true; if (!is_writeable(owpGetLocalPath(OWP_BACKUP_PATH))) { $messageStack->add(ERROR_BACKUP_DIRECTORY_NOT_WRITEABLE, 'error'); } } else { $messageStack->add(ERROR_BACKUP_DIRECTORY_DOES_NOT_EXIST, 'error'); } ?>
blake@intechra.net Updated Version 1.1.0 (03/01/2002) by Christopher Conkie chris@conkiec.freeserve.co.uk This is a new admin module for osCommerce pr2.2 that allows for login/logoff from the admin section of TEP. This way only valid administrators can access your site and in varying degrees. This module is built around osCommerce CVS pr2.2 snapshot 02/01/2002 ---------------------------------------------------------------------- The Exchange Project - Community Made Shopping! http://www.theexchangeproject.org Copyright (c) 2000,2001 The Exchange Project Login.php: Blake Schwendiman (blake@intechra.net) http://www.intechra.net/ ---------------------------------------------------------------------- osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2002 osCommerce ---------------------------------------------------------------------- Released under the GNU General Public License ---------------------------------------------------------------------- */ require 'includes/system.php'; session_destroy(); owpRedirect(owpLink($owpFilename['index'], '', 'NONSSL')); require OWP_INCLUDES_DIR . 'nice_exit.php';
switch ($_GET['action']) { case 'delete': $error = ERROR_REMOVE_UNLOCKED_NEWSLETTER; break; case 'new': $error = ERROR_EDIT_UNLOCKED_NEWSLETTER; break; case 'send': $error = ERROR_SEND_UNLOCKED_NEWSLETTER; break; case 'confirm_send': $error = ERROR_SEND_UNLOCKED_NEWSLETTER; break; } $messageStack->add_session($error, 'error'); owpRedirect(owpLink($owpFilename['newsletters'], 'page=' . $_GET['page'] . '&nID=' . $_GET['nID'])); } break; } } ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?> > <head> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=<?php echo CHARSET; ?> ">
while ($mail = $mail_query->fields) { if ($mail['admin_gender'] == 'm') { $body = EMAIL_GREET_MR . $mail['admin_lastname'] . ',' . "\n\n"; } else { $body = EMAIL_GREET_MS . $mail['admin_lastname'] . ',' . "\n\n"; } $body .= $message . "\n\n"; $body .= EMAIL_FOOT; $send_mail->Body = $body; $send_mail->AddAddress($mail['admin_email_address'], $mail['admin_firstname'] . ' ' . $mail['admin_lastname']); $send_mail->Send(); $send_mail->ClearAddresses(); $send_mail->ClearAttachments(); $mail_query->MoveNext(); } owpRedirect(owpLink($owpFilename['mail'], 'mail_sent_to=' . urlencode($mail_sent_to))); } if ($_GET['mail_sent_to']) { $messageStack->add(sprintf(NOTICE_EMAIL_SENT_TO, $_GET['mail_sent_to']), 'notice'); } if ($_GET['action'] == 'preview') { $noerror = true; if (!$_POST['user_email_address']) { $messageStack->add(ERROR_NO_USER_SELECTED, 'error'); $noerror = false; } if ($_POST['from_name'] == '') { $messageStack->add(ERROR_NO_FROM_NAME, 'error'); $noerror = false; } if ($_POST['from_mail'] == '') {
</td> <td class="owp-title" align="right"><?php echo owpTransLine('1', '10'); ?> </td> <td class="owp-title" align="right"><?php echo owpPullDownMenu('goto', $goto_array, $current_path, 'onChange="this.form.submit();"'); ?> </td> </form></tr> </table></td> </tr> <?php if ($directory_writeable && $_GET['action'] == 'new_file' || $_GET['action'] == 'edit') { if (strstr($_GET['info'], '..')) { owpRedirect(owpLink($owpFilename['file_manager'])); } if (!isset($file_writeable)) { $file_writeable = true; } $file_contents = ''; if ($_GET['action'] == 'new_file') { $filename_input_field = owpInputField('filename'); } elseif ($_GET['action'] == 'edit') { if ($file_array = file($current_path . '/' . $_GET['info'])) { $file_contents = htmlspecialchars(implode('', $file_array)); } $filename_input_field = $_GET['info'] . owpDrawHiddenField('filename', $_GET['info']); } ?> <tr>
$sPages = $_POST['adm_pages']; if ($adm_type == 'all') { $aPages = '*'; } else { $aPages = implode('|', $sPages); } $db->Execute("UPDATE " . $owpDBTable['administrators'] . " \n\t SET admin_gender = " . $db->qstr($admin_gender) . ", \n admin_firstname = " . $db->qstr($admin_firstname) . ", \n admin_lastname = " . $db->qstr($admin_lastname) . ",\n admin_email_address = " . $db->qstr($admin_email_address) . ", \n admin_telephone = " . $db->qstr($admin_telephone) . ",\n admin_fax = " . $db->qstr($admin_fax) . ",\n admin_allowed_pages = " . $db->qstr($aPages) . ", \n admin_newsletter = " . $db->qstr($admin_newsletter) . " \n WHERE admin_id = '" . $_GET['aID'] . "'"); $today = date("Y-m-d H:i:s"); $db->Execute("UPDATE " . $owpDBTable['administrators_info'] . " \n\t SET admin_info_date_account_last_modified = " . $db->DBTimeStamp($today) . "\n WHERE admin_info_id = '" . $_GET['aID'] . "'"); owpRedirect(owpLink($owpFilename['administrators'], 'page=' . $_GET['page'] . '&aID=' . $_GET['aID'])); break; case 'deleteconfirm': $db->Execute("DELETE FROM " . $owpDBTable['administrators'] . " WHERE admin_id = '" . $_GET['aID'] . "'"); $db->Execute("DELETE FROM " . $owpDBTable['administrators_info'] . " WHERE admin_info_id = '" . $_GET['aID'] . "'"); $messageStack->add_session(SUCCESS_DELETE_USER, 'success'); owpRedirect(owpLink($owpFilename['administrators'], 'page=' . $_GET['page'])); break; } } ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?> > <head> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=<?php echo CHARSET; ?> "> <title><?php
} else { $allowed_pages = '---'; $number_of_logons = '0'; $login = DEFAULT_ADMIN_LOGIN; $today = date("Y-m-d H:i:s"); $adminsequence = OWP_DB_PREFIX . '_sequence_admin'; $admin_id = $db->GenID($adminsequence); $sql = "INSERT INTO " . $owpDBTable['administrators'] . " \n (admin_id,\n admin_gender,\n admin_firstname,\n admin_lastname,\n admin_email_address,\n admin_telephone,\n admin_fax,\n admin_allowed_pages,\n admin_login)\n VALUES (" . $db->qstr($admin_id) . ',' . $db->qstr($gender) . ',' . $db->qstr($firstname) . ',' . $db->qstr($lastname) . ',' . $db->qstr($email_address) . ',' . $db->qstr($telephone) . ',' . $db->qstr($fax) . ',' . $db->qstr($allowed_pages) . ',' . $db->qstr($login) . ")"; $db->Execute($sql); $sql = "INSERT INTO " . $owpDBTable['administrators_info'] . "\n (admin_info_id,\n admin_info_number_of_logons,\n admin_info_date_account_created)\n VALUES (" . $db->qstr($admin_id) . ',' . $db->qstr($number_of_logons) . ',' . $db->DBTimeStamp($today) . ")"; $db->Execute($sql); // build the message content $name = $firstname . " " . $lastname; if ($_POST['gender'] == 'm') { $email_text = EMAIL_GREET_MR . $_POST['lastname'] . ',' . "\n\n"; } else { $email_text = EMAIL_GREET_MS . $_POST['lastname'] . ',' . "\n\n"; } $email_text .= EMAIL_WELCOME . EMAIL_TEXT . EMAIL_CONTACT . EMAIL_FOOT; owpMail($name, $email_address, EMAIL_SUBJECT, nl2br($email_text), OWP_OWNER, OWP_OWNER_EMAIL_ADDRESS); $email_owner = OWNER_EMAIL_SUBJECT . "\n" . EMAIL_SEPARATOR . "\n" . OWNER_EMAIL_NUMBER . ' ' . $admin_id . "\n" . OWNER_EMAIL_URL . "\n" . OWP_HTTP_SERVER . '/' . $owpFilename['administrators'] . '?selected_box=administrators&page=1&aID=' . $admin_id . '&action=edit' . "\n" . OWNER_EMAIL_DATE . ' ' . strftime(DATE_FORMAT_LONG) . "\n\n" . EMAIL_SEPARATOR . "\n"; $email_owner .= OWNER_EMAIL_FIRST_NAME . ' ' . $firstname . "\n" . OWNER_EMAIL_LAST_NAME . ' ' . $lastname . "\n\n" . OWNER_EMAIL_CONTACT . "\n" . OWNER_EMAIL_TELEPHONE_NUMBER . ' ' . $telephone . "\n" . OWNER_EMAIL_FAX_NUMBER . ' ' . $fax . "\n" . OWNER_EMAIL_ADDRESS . ' ' . $email_address . "\n" . EMAIL_SEPARATOR . "\n\n" . OWNER_EMAIL_OPTIONS . "\n"; if ($newsletter == '1') { $email_owner .= OWNER_EMAIL_NEWSLETTER . ENTRY_NEWSLETTER_YES . "\n"; } else { $email_owner .= OWNER_EMAIL_NEWSLETTER . ENTRY_NEWSLETTER_NO . "\n"; } owpMail(OWP_OWNER, OWP_OWNER_EMAIL_ADDRESS, EMAIL_SUBJECT, nl2br($email_owner), $name, $email_address); owpRedirect(owpLink($owpFilename['create_account_success'], '', 'SSL')); } require DIR_WS_INCLUDES . 'nice_exit.php';