$sql .= " AND shopprod_lang='" . aporeplace($plugin['data']['shopprod_lang']) . "'";
//}
if (_dbCount($sql)) {
$plugin['error']['shopprod_ordernumber'] = 'Unique order number necessary';
}
}
$plugin['data']['shopprod_price'] = str_replace($BLM['thousands_sep'], '', $plugin['data']['shopprod_price']);
$plugin['data']['shopprod_price'] = str_replace($BLM['dec_point'], '.', $plugin['data']['shopprod_price']);
$plugin['data']['shopprod_price'] = floatval($plugin['data']['shopprod_price']);
if (abs($plugin['data']['shopprod_price']) > 10000000000) {
$plugin['error']['shopprod_price'] = 'Check price';
}
$plugin['data']['shopprod_weight'] = str_replace($BLM['thousands_sep'], '', $plugin['data']['shopprod_weight']);
$plugin['data']['shopprod_weight'] = str_replace($BLM['dec_point'], '.', $plugin['data']['shopprod_weight']);
$plugin['data']['shopprod_weight'] = floatval($plugin['data']['shopprod_weight']);
$plugin['data']['shopprod_tag'] = strtolower(preg_replace('/[^0-9a-z, \\-_]/i', '', phpwcms_remove_accents($_POST['shopprod_tag'])));
$plugin['data']['shopprod_tag'] = implode(', ', convertStringToArray($plugin['data']['shopprod_tag']));
// Images
$plugin['data']['shopprod_caption'] = clean_slweg($_POST["shopprod_caption"], 0, false);
$plugin['data']['shopprod_caption'] = explode(LF, $plugin['data']['shopprod_caption']);
$plugin['data']['shopprod_images'] = isset($_POST['shopprod_images']) && is_array($_POST['shopprod_images']) ? $_POST['shopprod_images'] : array();
if (is_array($plugin['data']['shopprod_images']) && count($plugin['data']['shopprod_images'])) {
$plugin['data']['shopprod_images'] = array_map('intval', $plugin['data']['shopprod_images']);
$plugin['data']['shopprod_images'] = array_diff($plugin['data']['shopprod_images'], array(0, '', NULL, false));
if (count($plugin['data']['shopprod_images'])) {
$img_all = _dbQuery('SELECT * FROM ' . DB_PREPEND . 'phpwcms_file WHERE f_id IN (' . implode(',', $plugin['data']['shopprod_images']) . ')');
// take all values from db
$temp_img_row = array();
foreach ($img_all as $value) {
$temp_img_row[$value['f_id']] = $value;
}
function attribute_name_clean($name = '')
{
$name = trim(phpwcms_remove_accents($name));
$name = str_replace(array(' ', '/', '\\', '#', '+', ':', '.'), array('_', '-', '-', '_', '-', '-', '-'), $name);
$name = preg_replace('/[^a-zA-Z0-9\\-_]/', '', $name);
$name = preg_replace('/^\\d+/', '', $name);
return $name;
}
} elseif ($file = isset($_GET['file']) ? clean_slweg($_GET['file'], 40) : '') {
$filename = basename($file);
$file = PHPWCMS_ROOT . '/' . PHPWCMS_FILES . $filename;
if (is_file($file)) {
$mime = empty($_GET['type']) ? '' : clean_slweg($_GET['type'], 100);
if (!is_mimetype_format($mime)) {
$mime = get_mimetype_by_extension(which_ext($file));
}
header('Content-Type: ' . $mime);
if (BROWSER_OS == 'iOS') {
require_once PHPWCMS_ROOT . '/include/inc_lib/functions.file.inc.php';
rangeDownload($file);
} else {
header('Content-Transfer-Encoding: binary');
if (!isset($_GET['ios'])) {
header('Content-Disposition: inline; filename="' . ($phpwcms['sanitize_dlname'] ? phpwcms_remove_accents($filename) : $filename) . '"');
}
header('Content-Length: ' . filesize($file));
readfile($file);
}
$success = true;
}
}
if ($success) {
$sql = "UPDATE " . DB_PREPEND . "phpwcms_file SET f_dlfinal=f_dlfinal+1 ";
$sql .= "WHERE f_hash=" . _dbEscape($download["f_hash"]) . " LIMIT 1";
_dbQuery($sql, 'UPDATE');
if ($countonly) {
headerRedirect(PHPWCMS_URL . PHPWCMS_FILES . $fileinfo['filename']);
}
} else {
$pagelayout["layout_header_bgimage"] = clean_slweg($_POST["layout_header_bgimage"]);
$pagelayout["layout_header_class"] = clean_slweg($_POST["layout_header_class"]);
$pagelayout["layout_topspace_height"] = get_pix_or_percent($_POST["layout_topspace_height"]);
$pagelayout["layout_topspace_bgcolor"] = clean_slweg($_POST["layout_topspace_bgcolor"], 7);
$pagelayout["layout_topspace_bgimage"] = clean_slweg($_POST["layout_topspace_bgimage"]);
$pagelayout["layout_topspace_class"] = clean_slweg($_POST["layout_topspace_class"]);
$pagelayout["layout_bottomspace_height"] = get_pix_or_percent($_POST["layout_bottomspace_height"]);
$pagelayout["layout_bottomspace_bgcolor"] = clean_slweg($_POST["layout_bottomspace_bgcolor"], 7);
$pagelayout["layout_bottomspace_bgimage"] = clean_slweg($_POST["layout_bottomspace_bgimage"]);
$pagelayout["layout_bottomspace_class"] = clean_slweg($_POST["layout_bottomspace_class"]);
$pagelayout["layout_footer_height"] = get_pix_or_percent($_POST["layout_footer_height"]);
$pagelayout["layout_footer_bgcolor"] = clean_slweg($_POST["layout_footer_bgcolor"], 7);
$pagelayout["layout_footer_bgimage"] = clean_slweg($_POST["layout_footer_bgimage"]);
$pagelayout["layout_footer_class"] = clean_slweg($_POST["layout_footer_class"]);
$pagelayout["layout_render"] = intval($_POST["layout_render"]);
$pagelayout["layout_customblocks"] = phpwcms_remove_accents(str_replace(' ', ',', strtoupper(clean_slweg($_POST['layout_customblocks']))));
$pagelayout["layout_customblocks"] = convertStringToArray($pagelayout["layout_customblocks"]);
if (is_array($pagelayout["layout_customblocks"]) && count($pagelayout["layout_customblocks"])) {
// now remove the default pre-defined block name CONTENT and cut to max length of 50
if (is_array($pagelayout["layout_customblocks"]) && count($pagelayout["layout_customblocks"])) {
foreach ($pagelayout["layout_customblocks"] as $key => $value) {
$value = substr($value, 0, 20);
$pagelayout["layout_customblocks"][$key] = $value;
if (in_array($value, array('CONTENT', 'LEFT', 'RIGHT', 'HEADER', 'FOOTER', 'CPSET', 'SYSTEM'))) {
unset($pagelayout["layout_customblocks"][$key]);
}
}
}
$pagelayout["layout_customblocks"] = implode(', ', $pagelayout["layout_customblocks"]);
} else {
$pagelayout["layout_customblocks"] = '';
