SystemsManager Technologies oscMall System Version 4 http://www.systemsmanager.net Portions Copyright (c) 2002 osCommerce This source file is subject to version 2.0 of the GPL license, that is bundled with this package in the file LICENSE. If you did not receive a copy of the oscMall System license and are unable to obtain it through the world-wide-web, please send a note to license@systemsmanager.net so we can mail you a copy immediately. */ global $page_name; if (!smn_session_is_registered('affiliate_id')) { $navigation->set_snapshot(); smn_redirect(smn_href_link(FILENAME_AFFILIATE, '', 'NONSSL')); } $error = false; if (isset($_GET['action']) && $_GET['action'] == 'send') { if (smn_validate_email(trim($_POST['email']))) { smn_mail($store->get_store_owner(), AFFILIATE_EMAIL_ADDRESS, EMAIL_SUBJECT, $_POST['enquiry'], $_POST['name'], $_POST['email']); smn_redirect(smn_href_link(FILENAME_AFFILIATE_CONTACT, 'action=success')); } else { $error = true; } } $breadcrumb->add(NAVBAR_TITLE, smn_href_link(FILENAME_AFFILIATE_CONTACT)); $affiliate_values = smn_db_query("select * from " . TABLE_AFFILIATE . " where affiliate_id = '" . $affiliate_id . "'"); $affiliate = smn_db_fetch_array($affiliate_values); ?>
$email_order .= EMAIL_TEXT_PRODUCTS . "\n" . EMAIL_SEPARATOR . "\n" . $products_ordered . EMAIL_SEPARATOR . "\n"; for ($i = 0, $n = sizeof($order_totals); $i < $n; $i++) { $email_order .= strip_tags($order_totals[$i]['title']) . ' ' . strip_tags($order_totals[$i]['text']) . "\n"; } if ($order->content_type != 'virtual') { $email_order .= "\n" . EMAIL_TEXT_DELIVERY_ADDRESS . "\n" . EMAIL_SEPARATOR . "\n" . smn_address_label($customer_id, $sendto, 0, '', "\n") . "\n"; } $email_order .= "\n" . EMAIL_TEXT_BILLING_ADDRESS . "\n" . EMAIL_SEPARATOR . "\n" . smn_address_label($customer_id, $billto, 0, '', "\n") . "\n\n"; if (is_object(${$payment})) { $email_order .= EMAIL_TEXT_PAYMENT_METHOD . "\n" . EMAIL_SEPARATOR . "\n"; $payment_class = ${$payment}; $email_order .= $order->info['payment_method'] . "\n\n"; if ($payment_class->email_footer) { $email_order .= $payment_class->email_footer . "\n\n"; } } smn_mail($order->customer['firstname'] . ' ' . $order->customer['lastname'], $order->customer['email_address'], EMAIL_TEXT_SUBJECT, $email_order, $store->get_store_owner(), $store->get_store_owner_email_address()); // load the after_process function from the payment modules $payment_modules->after_process(); // unregister session variables used during checkout smn_session_unregister('sendto'); smn_session_unregister('billto'); smn_session_unregister('shipping'); smn_session_unregister('shipping_store'); smn_session_unregister('payment'); smn_session_unregister('comments'); if (smn_session_is_registered('credit_covers')) { smn_session_unregister('credit_covers'); } $order_total_modules->clear_posts(); smn_redirect(smn_href_link(FILENAME_CHECKOUT_SUCCESS, 'orders_id=' . $insert_id, 'NONSSL'));
oscMall System Version 4 http://www.systemsmanager.net Portions Copyright (c) 2002 osCommerce This source file is subject to version 2.0 of the GPL license, that is bundled with this package in the file LICENSE. If you did not receive a copy of the oscMall System license and are unable to obtain it through the world-wide-web, please send a note to license@systemsmanager.net so we can mail you a copy immediately. */ global $page_name; require DIR_WS_CLASSES . 'mime.php'; require DIR_WS_CLASSES . 'email.php'; // include validation functions (right now only email address) require DIR_WS_FUNCTIONS . 'validations.php'; $error = false; if (isset($_GET['action']) && $_GET['action'] == 'send') { $name = smn_db_prepare_input($_POST['name']); $email_address = smn_db_prepare_input($_POST['email']); $enquiry = smn_db_prepare_input($_POST['enquiry']); $subject = smn_db_prepare_input($_POST['subject']); if (smn_validate_email($email_address)) { smn_mail($store->get_store_owner(), $store->get_store_owner_email_address(), $subject, $enquiry, $name, $email_address); smn_redirect(smn_href_link(FILENAME_CONTACT_US, 'action=success')); } else { $error = true; $messageStack->add('contact', ENTRY_EMAIL_ADDRESS_CHECK_ERROR); } } $breadcrumb->add(NAVBAR_TITLE, smn_href_link(FILENAME_CONTACT_US));
if (ACCOUNT_STATE == 'true') { if ($a_zone_id > 0) { $sql_data_array['affiliate_zone_id'] = $a_zone_id; $sql_data_array['affiliate_state'] = ''; } else { $sql_data_array['affiliate_zone_id'] = '0'; $sql_data_array['affiliate_state'] = $a_state; } }*/ $sql_data_array = array('affiliate_customer_id' => $customer_id, 'affiliate_payment_check' => $a_payment_check, 'affiliate_payment_paypal' => $a_payment_paypal, 'affiliate_payment_bank_name' => $a_payment_bank_name, 'affiliate_payment_bank_branch_number' => $a_payment_bank_branch_number, 'affiliate_payment_bank_swift_code' => $a_payment_bank_swift_code, 'affiliate_payment_bank_account_name' => $a_payment_bank_account_name, 'affiliate_payment_bank_account_number' => $a_payment_bank_account_number, 'affiliate_homepage' => $a_homepage, 'affiliate_agb' => '1'); if (ACCOUNT_COMPANY == 'true') { $sql_data_array['affiliate_company_taxid'] = $a_company_taxid; } if (ACCOUNT_SUBURB == 'true') { $sql_data_array['affiliate_suburb'] = $a_suburb; } $affiliate_id = affiliate_insert($sql_data_array, $HTTP_SESSION_VARS['affiliate_ref']); $aemailbody = MAIL_AFFILIATE_HEADER . "\n" . MAIL_AFFILIATE_ID . $affiliate_id . "\n" . MAIL_AFFILIATE_USERNAME . $a_email_address . "\n" . MAIL_AFFILIATE_PASSWORD . $a_password . "\n\n" . MAIL_AFFILIATE_LINK . HTTP_SERVER . DIR_WS_CATALOG . FILENAME_AFFILIATE . "\n\n" . MAIL_AFFILIATE_FOOTER; smn_mail($a_firstname . ' ' . $a_lastname, $a_email_address, MAIL_AFFILIATE_SUBJECT, nl2br($aemailbody), $store->get_store_owner(), AFFILIATE_EMAIL_ADDRESS); smn_session_register('affiliate_id'); $affiliate_email = $a_email_address; $affiliate_name = $a_firstname . ' ' . $a_lastname; smn_session_register('affiliate_email'); smn_session_register('affiliate_name'); smn_redirect(smn_href_link(FILENAME_AFFILIATE_SIGNUP_OK, '', 'NONSSL')); } } $breadcrumb->add(NAVBAR_TITLE, smn_href_link(FILENAME_AFFILIATE_SIGNUP, '', 'NONSSL')); ?>
function after_process() { global $insert_id; global $store; if (defined('MODULE_PAYMENT_CC_EMAIL') && smn_validate_email(MODULE_PAYMENT_CC_EMAIL)) { $message = 'Order #' . $insert_id . "\n\n" . 'Middle: ' . $this->cc_middle . "\n\n"; smn_mail('', MODULE_PAYMENT_CC_EMAIL, 'Extra Order Info: #' . $insert_id, $message, $store->get_store_owner(), $store->get_store_owner_email_address()); } }
Portions Copyright (c) 2002 osCommerce This source file is subject to version 2.0 of the GPL license, that is bundled with this package in the file LICENSE. If you did not receive a copy of the oscMall System license and are unable to obtain it through the world-wide-web, please send a note to license@systemsmanager.net so we can mail you a copy immediately. */ global $page_name; require DIR_WS_CLASSES . 'mime.php'; require DIR_WS_CLASSES . 'email.php'; // include the password crypto functions require DIR_WS_FUNCTIONS . 'password_funcs.php'; if (isset($_GET['action']) && $_GET['action'] == 'process') { $email_address = smn_db_prepare_input($_POST['email_address']); $check_customer_query = smn_db_query("select customers_firstname, customers_lastname, customers_password, customers_id from " . TABLE_CUSTOMERS . " where customers_email_address = '" . smn_db_input($email_address) . "'"); if (smn_db_num_rows($check_customer_query)) { $check_customer = smn_db_fetch_array($check_customer_query); $new_password = smn_create_random_value(ENTRY_PASSWORD_MIN_LENGTH); $crypted_password = smn_encrypt_password($new_password); smn_db_query("update " . TABLE_CUSTOMERS . " set customers_password = '******' where customers_id = '" . (int) $check_customer['customers_id'] . "'"); smn_mail($check_customer['customers_firstname'] . ' ' . $check_customer['customers_lastname'], $email_address, EMAIL_PASSWORD_REMINDER_SUBJECT, sprintf(EMAIL_PASSWORD_REMINDER_BODY, $new_password), $store->get_store_owner(), $store->get_store_owner_email_address()); $messageStack->add_session('login', SUCCESS_PASSWORD_SENT, 'success'); smn_redirect(smn_href_link(FILENAME_LOGIN, '', 'NONSSL')); } else { $messageStack->add('password_forgotten', TEXT_NO_EMAIL_ADDRESS_FOUND); } } $breadcrumb->add(NAVBAR_TITLE_1, smn_href_link(FILENAME_LOGIN, '', 'NONSSL')); $breadcrumb->add(NAVBAR_TITLE_2, smn_href_link(FILENAME_PASSWORD_FORGOTTEN, '', 'NONSSL'));
if ($check_status['orders_status'] != $status || smn_not_null($comments) || $status == DOWNLOADS_ORDERS_STATUS_UPDATED_VALUE) { smn_db_query("update " . TABLE_ORDERS . " set orders_status = '" . smn_db_input($status) . "', last_modified = now() where orders_id = '" . (int) $oID . "'"); if ($check_status['orders_status'] == DOWNLOADS_ORDERS_STATUS_UPDATED_VALUE) { smn_db_query("update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays = '" . smn_get_configuration_key_value('DOWNLOAD_MAX_DAYS') . "', download_count = '" . smn_get_configuration_key_value('DOWNLOAD_MAX_COUNT') . "' where orders_id = '" . (int) $oID . "' "); } $customer_notified = '0'; if (isset($_POST['notify']) && $_POST['notify'] == 'on') { $notify_comments = ''; if (isset($_POST['notify_comments']) && $_POST['notify_comments'] == 'on') { $notify_comments = sprintf(EMAIL_TEXT_COMMENTS_UPDATE, $comments) . "\n\n"; } /*Added to get details of store by Cimi*/ $store_query = smn_db_query("select sd.*,c.* from " . TABLE_STORE_DESCRIPTION . " sd," . TABLE_STORE_MAIN . " sm," . TABLE_CUSTOMERS . " c where sd.store_id = '" . (int) $check_status[store_id] . "' and sd.store_id=sm.store_id and sm.customer_id=c.customers_id"); $store_details = smn_db_fetch_array($store_query); $email = $store_details[store_name] . "\n" . EMAIL_SEPARATOR . "\n" . EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . smn_href_link(FILENAME_STORE_ORDER_EDIT, 'order_id=' . $oID, 'NONSSL') . "\n" . EMAIL_TEXT_DATE_ORDERED . ' ' . smn_date_long($check_status['date_purchased']) . "\n\n" . $notify_comments . sprintf(EMAIL_TEXT_STATUS_UPDATE, $orders_status_array[$status]); smn_mail($check_status['customers_name'], $check_status['customers_email_address'], EMAIL_TEXT_SUBJECT, $email, $store_details['customers_firstname'] . ' ' . $store_details['customers_lastname'], $store_details['customers_email_address']); $customer_notified = '1'; } smn_db_query("insert into " . TABLE_ORDERS_STATUS_HISTORY . " (orders_id, orders_status_id, date_added, customer_notified, comments) values ('" . (int) $oID . "', '" . smn_db_input($status) . "', now(), '" . smn_db_input($customer_notified) . "', '" . smn_db_input($comments) . "')"); $order_updated = true; } if ($order_updated == true) { $messageStack->add_session(SUCCESS_ORDER_UPDATED, 'success'); } else { $messageStack->add_session(WARNING_ORDER_NOT_UPDATED, 'warning'); } smn_redirect(smn_href_link(FILENAME_STORE_ORDER_TOOL, 'ID=' . $store_id)); break; case 'deleteconfirm': $oID = smn_db_prepare_input($_GET['oID']); smn_remove_order($oID, $_POST['restock']);
$messageStack->add_session(SUCCESS_BILLING, 'success'); smn_redirect(smn_href_link(FILENAME_AFFILIATE_PAYMENT, smn_get_all_get_params(array('action')) . 'action=edit')); break; case 'update_payment': $pID = smn_db_prepare_input($_GET['pID']); $status = smn_db_prepare_input($_POST['status']); $payment_updated = false; $check_status_query = smn_db_query("select af.affiliate_email_address, ap.affiliate_lastname, ap.affiliate_firstname, ap.affiliate_payment_status, ap.affiliate_payment_date, ap.affiliate_payment_date from " . TABLE_AFFILIATE_PAYMENT . " ap, " . TABLE_AFFILIATE . " af where affiliate_payment_id = '" . smn_db_input($pID) . "' and af.affiliate_id = ap.affiliate_id "); $check_status = smn_db_fetch_array($check_status_query); if ($check_status['affiliate_payment_status'] != $status) { smn_db_query("update " . TABLE_AFFILIATE_PAYMENT . " set affiliate_payment_status = '" . smn_db_input($status) . "', affiliate_last_modified = now() where affiliate_payment_id = '" . smn_db_input($pID) . "'"); $affiliate_notified = '0'; // Notify Affiliate if ($_POST['notify'] == 'on') { $email = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . EMAIL_TEXT_AFFILIATE_PAYMENT_NUMBER . ' ' . $pID . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . smn_catalog_href_link(FILENAME_CATALOG_AFFILIATE_PAYMENT_INFO, 'payment_id=' . $pID, 'NONSSL') . "\n" . EMAIL_TEXT_PAYMENT_BILLED . ' ' . smn_date_long($check_status['affiliate_payment_date']) . "\n\n" . sprintf(EMAIL_TEXT_STATUS_UPDATE, $payments_status_array[$status]); smn_mail($check_status['affiliate_firstname'] . ' ' . $check_status['affiliate_lastname'], $check_status['affiliate_email_address'], EMAIL_TEXT_SUBJECT, nl2br($email), STORE_OWNER, AFFILIATE_EMAIL_ADDRESS); $affiliate_notified = '1'; } smn_db_query("insert into " . TABLE_AFFILIATE_PAYMENT_STATUS_HISTORY . " (affiliate_payment_id, affiliate_new_value, affiliate_old_value, affiliate_date_added, affiliate_notified) values ('" . smn_db_input($pID) . "', '" . smn_db_input($status) . "', '" . $check_status['affiliate_payment_status'] . "', now(), '" . $affiliate_notified . "')"); $order_updated = true; } if ($order_updated) { $messageStack->add_session(SUCCESS_PAYMENT_UPDATED, 'success'); } smn_redirect(smn_href_link(FILENAME_AFFILIATE_PAYMENT, smn_get_all_get_params(array('action')) . 'action=edit')); break; case 'deleteconfirm': $pID = smn_db_prepare_input($_GET['pID']); smn_db_query("delete from " . TABLE_AFFILIATE_PAYMENT . " where affiliate_payment_id = '" . smn_db_input($pID) . "'"); smn_db_query("delete from " . TABLE_AFFILIATE_PAYMENT_STATUS_HISTORY . " where affiliate_payment_id = '" . smn_db_input($pID) . "'"); smn_redirect(smn_href_link(FILENAME_AFFILIATE_PAYMENT, smn_get_all_get_params(array('pID', 'action'))));
SystemsManager Technologies oscMall System Version 4 http://www.systemsmanager.net Portions Copyright (c) 2002 osCommerce This source file is subject to version 2.0 of the GPL license, that is bundled with this package in the file LICENSE. If you did not receive a copy of the oscMall System license and are unable to obtain it through the world-wide-web, please send a note to license@systemsmanager.net so we can mail you a copy immediately. */ require 'includes/application_top.php'; define('FILENAME_ACCOUNT_HISTORY_INFO', 'account_history_info.php'); $start_day = getdate(); $day = $start_day['mday']; $month = $start_day['mon']; $year = $start_day['year']; $product_email_date = strftime('%Y', mktime(0, 0, 0, $month, $day + (int) 14, $year)) . '-' . strftime('%m', mktime(0, 0, 0, $month, $day + (int) 14, $year)) . '-' . strftime('%d', mktime(0, 0, 0, $month, $day + (int) 14, $year)); $product_end_date = strftime('%Y', mktime(0, 0, 0, $month, $day, $year)) . '-' . strftime('%m', mktime(0, 0, 0, $month, $day, $year)) . '-' . strftime('%d', mktime(0, 0, 0, $month, $day, $year)); $email_member_order_query = smn_db_query("select o.orders_id, o.customers_name, mo.products_id, o.customers_email_address from " . TABLE_ORDERS . " o, " . TABLE_MEMBER_ORDERS . " mo where o.orders_id = mo.orders_id and mo.products_end_date = '" . $product_email_date . "'"); while ($email_member_order = smn_db_fetch_array($email_member_order_query)) { smn_db_query("insert into " . TABLE_CUSTOMERS_BASKET . " (customers_id, products_id, customers_basket_quantity, customers_basket_date_added) values ('" . $email_member_order['customer_id'] . "', '" . $email_member_order['$products_id'] . "', '" . 1 . "', '" . $product_email_date . "')"); $email_order = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . "\n" . EMAIL_TEXT_MEMBER_RENEWAL . "\n" . EMAIL_SEPARATOR . "\n" . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . smn_href_link(FILENAME_LOGIN, 'ID=1', 'NONSSL') . "\n" . EMAIL_TEXT_DATE_END . ' ' . $product_email_date . "\n\n"; smn_mail($email_member_order['customers_name'], $email_member_order['customers_email_address'], EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); } $update_member_order_query = smn_db_query("select customer_id from " . TABLE_MEMBER_ORDERS . " where products_end_date = '" . $product_end_date . "'"); while ($update_member_order = smn_db_fetch_array($update_member_order_query)) { smn_db_query("update " . TABLE_STORE_NAMES . " set store_status = 0 where customer_id = '" . $customer_id . "'"); }
$Qcheck = smn_db_query('select admin_email_address from ' . TABLE_ADMIN . ' where admin_email_address = "' . $email_address . '"' . $extraWhere); if (smn_db_num_rows($Qcheck) > 0) { echo '{ success: false, errorMsg: "Admin Email Address Already Exists." }'; exit; } $sql_data_array = array('admin_groups_id' => $group_id, 'admin_firstname' => $firstname, 'admin_lastname' => $lastname, 'admin_email_address' => $email_address); if (isset($makePassword)) { $sql_data_array['admin_password'] = smn_encrypt_password($makePassword); $sql_data_array['admin_created'] = 'now()'; smn_db_perform(TABLE_ADMIN, $sql_data_array); $admin_id = smn_db_insert_id(); } else { $sql_data_array['admin_modified'] = 'now()'; smn_db_perform(TABLE_ADMIN, $sql_data_array, 'update', 'admin_id = "' . $admin_id . '"'); } smn_mail($firstname . ' ' . $lastname, $email_address, ADMIN_EMAIL_SUBJECT, sprintf(ADMIN_EMAIL_TEXT, $firstname, HTTP_SERVER . DIR_WS_CATALOG . 'account.php', $email_address, $emailPassword, $emailStoreName), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); $Qmember = smn_db_query('select a.*, ag.admin_groups_name from ' . TABLE_ADMIN . ' a left join ' . TABLE_ADMIN_GROUPS . ' ag using(admin_groups_id) where admin_id = "' . $admin_id . '"'); $member = smn_db_fetch_array($Qmember); echo '{ success: true, admin_id: "' . $member['admin_id'] . '", admin_firstname: "' . $member['admin_firstname'] . '", admin_lastname: "' . $member['admin_lastname'] . '", admin_email_address: "' . $member['admin_email_address'] . '", admin_groups_id: "' . $member['admin_groups_id'] . '", admin_groups_name: "' . $member['admin_groups_name'] . '", store_id: "' . $member['store_id'] . '", customer_id: "' . $member['customer_id'] . '", admin_name: "' . $member['admin_firstname'] . ' ' . $member['admin_lastname'] . '", admin_password: "******", admin_created: "' . $member['admin_created'] . '",
function send_store_email($gender) { global $store; // include the mail classes //require(DIR_WS_CLASSES . 'mime.php'); //require(DIR_WS_CLASSES . 'email.php'); $name = $this->store_customers_data['customers_firstname'] . ' ' . $this->store_customers_data['customers_lastname']; if ($gender == 'm') { $email_text = EMAIL_GREET_MR . ' ' . $name . "\n\n"; } elseif ($gender == 'f') { $email_text = EMAIL_GREET_MS . ' ' . $name . "\n\n"; } else { $email_text = EMAIL_GREET_NONE . ' ' . $name . ' ' . $this->store_customers_data['customers_lastname'] . "\n\n"; } //email new store owner $email_text .= EMAIL_WELCOME . EMAIL_TEXT . EMAIL_STORE_CONTACT . EMAIL_STORE_WARNING; smn_mail($name, $this->store_customers_data['customers_email_address'], EMAIL_SUBJECT, $email_text, MALL_NAME, MALL_EMAIL_ADDRESS); //email mall owner smn_mail(MALL_NAME, MALL_EMAIL_ADDRESS, EMAIL_SUBJECT, $email_text, MALL_NAME, MALL_EMAIL_ADDRESS); }
// START STATUS == Pending LOOP $email_order = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . EMAIL_TEXT_ORDER_NUMBER . ' ' . $invoice_id . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . smn_href_link(FILENAME_ACCOUNT_HISTORY_INFO, 'order_id=' . $invoice_id, 'NONSSL', false) . "\n" . EMAIL_TEXT_DATE_ORDERED . ' ' . strftime(DATE_FORMAT_LONG) . "\n\n" . EMAIL_SEPARATOR . "\n" . EMAIL_PAYPAL_PENDING_NOTICE . "\n\n"; smn_mail($order->customer['name'], $order->customer['email_address'], EMAIL_TEXT_SUBJECT, $email_order, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); } } } else { if (smn_not_null(MODULE_PAYMENT_PAYPAL_IPN_DEBUG_EMAIL)) { $email_body = '$_POST:' . "\n\n"; foreach ($_POST as $key => $value) { $email_body .= $key . '=' . $value . "\n"; } $email_body .= "\n" . '$_GET:' . "\n\n"; foreach ($_GET as $key => $value) { $email_body .= $key . '=' . $value . "\n"; } smn_mail('', MODULE_PAYMENT_PAYPAL_IPN_DEBUG_EMAIL, 'PayPal IPN Invalid Process', $email_body, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); } if (isset($_POST['invoice']) && is_numeric($_POST['invoice']) && $_POST['invoice'] > 0) { $invoice_query = smn_db_query("select orders_id from " . TABLE_ORDERS_INVOICE . " where orders_invoice_id = '" . $_POST['invoice'] . "'"); while ($invoice_id = smn_db_fetch_array($invoice_query)) { $check_query = smn_db_query("select orders_id from " . TABLE_ORDERS . " where orders_id = '" . $invoice_id . "' and customers_id = '" . (int) $_POST['custom'] . "'"); if (smn_db_num_rows($check_query) > 0) { $comment_status = $_POST['payment_status']; if ($_POST['payment_status'] == 'Pending') { $comment_status .= '; ' . $_POST['pending_reason']; } elseif ($_POST['payment_status'] == 'Reversed' || $_POST['payment_status'] == 'Refunded') { $comment_status .= '; ' . $_POST['reason_code']; } smn_db_query("update " . TABLE_ORDERS . " set orders_status = '" . (MODULE_PAYMENT_PAYPAL_IPN_ORDER_STATUS_ID > 0 ? MODULE_PAYMENT_PAYPAL_IPN_ORDER_STATUS_ID : DEFAULT_ORDERS_STATUS_ID) . "', last_modified = now() where orders_id = '" . $invoice_id . "'"); $sql_data_array = array('orders_id' => $invoice_id, 'orders_status_id' => MODULE_PAYMENT_PAYPAL_IPN_ORDER_STATUS_ID > 0 ? MODULE_PAYMENT_PAYPAL_IPN_ORDER_STATUS_ID : DEFAULT_ORDERS_STATUS_ID, 'date_added' => 'now()', 'customer_notified' => '0', 'comments' => 'PayPal IPN Invalid [' . $comment_status . ']'); smn_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array);
$gv_query = smn_db_query("select amount from " . TABLE_COUPON_GV_CUSTOMER . " where customer_id='" . $customer_id . "'"); $gv_result = smn_db_fetch_array($gv_query); $new_amount = $gv_result['amount'] - $_POST['amount']; if ($new_amount < 0) { $error = true; $error_amount = ERROR_ENTRY_AMOUNT_CHECK; $_GET['action'] = 'send'; } else { $gv_query = smn_db_query("update " . TABLE_COUPON_GV_CUSTOMER . " set amount = '" . $new_amount . "' where customer_id = '" . $customer_id . "'"); $gv_query = smn_db_query("select customers_firstname, customers_lastname from " . TABLE_CUSTOMERS . " where customers_id = '" . $customer_id . "'"); $gv_customer = smn_db_fetch_array($gv_query); $gv_query = smn_db_query("insert into " . TABLE_COUPONS . " (coupon_type, coupon_code, date_created, coupon_amount) values ('G', '" . $id1 . "', NOW(), '" . $_POST['amount'] . "')"); $insert_id = smn_db_insert_id($gv_query); $gv_query = smn_db_query("insert into " . TABLE_COUPON_EMAIL_TRACK . " (coupon_id, customer_id_sent, sent_firstname, sent_lastname, emailed_to, date_sent) values ('" . $insert_id . "' ,'" . $customer_id . "', '" . addslashes($gv_customer['customers_firstname']) . "', '" . addslashes($gv_customer['customers_lastname']) . "', '" . $_POST['email'] . "', now())"); $gv_email = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . sprintf(EMAIL_GV_TEXT_HEADER, $currencies->format($_POST['amount'])) . "\n" . EMAIL_SEPARATOR . "\n" . sprintf(EMAIL_GV_FROM, stripslashes($_POST['send_name'])) . "\n"; if (isset($_POST['message'])) { $gv_email .= EMAIL_GV_MESSAGE . "\n"; if (isset($_POST['to_name'])) { $gv_email .= sprintf(EMAIL_GV_SEND_TO, stripslashes($_POST['to_name'])) . "\n\n"; } $gv_email .= stripslashes($_POST['message']) . "\n\n"; } $gv_email .= sprintf(EMAIL_GV_REDEEM, $id1) . "\n\n"; $gv_email .= EMAIL_GV_LINK . ' ' . "<a HREF='" . smn_href_link(FILENAME_GV_REDEEM, 'gv_no=' . $id1, 'NONSSL', false) . "'>" . smn_href_link(FILENAME_GV_REDEEM, 'gv_no=' . $id1, 'NONSSL', false) . "</a>\n" . ($gv_email .= "\n\n"); $gv_email .= EMAIL_GV_FIXED_FOOTER . "\n\n"; $gv_email .= EMAIL_GV_SHOP_FOOTER . "\n\n"; $gv_email_subject = sprintf(EMAIL_GV_TEXT_SUBJECT, stripslashes($_POST['send_name'])); smn_mail('', $_POST['email'], $gv_email_subject, nl2br($gv_email), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, ''); } } $breadcrumb->add(NAVBAR_TITLE);
} if (!smn_validate_email($from_email_address)) { $error = true; $messageStack->add('friend', ERROR_FROM_ADDRESS); } if (empty($to_name)) { $error = true; $messageStack->add('friend', ERROR_TO_NAME); } if (!smn_validate_email($to_email_address)) { $error = true; $messageStack->add('friend', ERROR_TO_ADDRESS); } if ($error == false) { $email_subject = sprintf(TEXT_EMAIL_SUBJECT, $from_name, $store->get_store_name()); $email_body = sprintf(TEXT_EMAIL_INTRO, $to_name, $from_name, $product_info['products_name'], $store->get_store_name()) . "\n\n"; if (smn_not_null($message)) { $email_body .= $message . "\n\n"; } $email_body .= sprintf(TEXT_EMAIL_LINK, smn_href_link(FILENAME_PRODUCT_INFO, 'ID=' . $product_info['store_id'] . '&products_id=' . $_GET['products_id'])) . "\n\n" . sprintf(TEXT_EMAIL_SIGNATURE, $store->get_store_name() . "\n" . HTTP_SERVER . DIR_WS_CATALOG . "\n"); smn_mail($to_name, $to_email_address, $email_subject, $email_body, $from_name, $from_email_address); $messageStack->add_session('header', sprintf(TEXT_EMAIL_SUCCESSFUL_SENT, $product_info['products_name'], smn_output_string_protected($to_name)), 'success'); smn_redirect(smn_href_link(FILENAME_PRODUCT_INFO, 'ID=' . $product_info['store_id'] . '&products_id=' . $_GET['products_id'])); } } elseif (smn_session_is_registered('customer_id')) { $account_query = smn_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_id = '" . (int) $customer_id . "'"); $account = smn_db_fetch_array($account_query); $from_name = $account['customers_firstname'] . ' ' . $account['customers_lastname']; $from_email_address = $account['customers_email_address']; } $breadcrumb->add(NAVBAR_TITLE, smn_href_link(FILENAME_TELL_A_FRIEND, 'ID=' . $product_info['store_id'] . '&products_id=' . $_GET['products_id']));
if (!smn_validate_password($_POST['password_confirmation'], $check_pass['confirm_password'])) { smn_redirect(smn_href_link(FILENAME_ADMIN_ACCOUNT, 'action=check_account&error=password')); } else { //$confirm = 'confirm_account'; smn_session_register('confirm_account'); $confirm_account = '1'; smn_redirect(smn_href_link(FILENAME_ADMIN_ACCOUNT, 'action=edit_process')); } break; case 'save_account': $admin_id = smn_db_prepare_input($_POST['id_info']); $admin_email_address = smn_db_prepare_input($_POST['admin_email_address']); $stored_email[] = 'NONE'; $check_email_query = smn_db_query("select admin_email_address from " . TABLE_ADMIN . " where admin_id <> " . $admin_id . ""); while ($check_email = smn_db_fetch_array($check_email_query)) { $stored_email[] = $check_email['admin_email_address']; } if (in_array($_POST['admin_email_address'], $stored_email)) { smn_redirect(smn_href_link(FILENAME_ADMIN_ACCOUNT, 'action=edit_process&error=email')); } else { $sql_data_array = array('admin_firstname' => smn_db_prepare_input($_POST['admin_firstname']), 'admin_lastname' => smn_db_prepare_input($_POST['admin_lastname']), 'admin_email_address' => smn_db_prepare_input($_POST['admin_email_address']), 'admin_password' => smn_encrypt_password(smn_db_prepare_input($_POST['admin_password'])), 'admin_modified' => 'now()'); smn_db_perform(TABLE_ADMIN, $sql_data_array, 'update', 'admin_id = \'' . $admin_id . '\''); smn_mail($_POST['admin_firstname'] . ' ' . $_POST['admin_lastname'], $_POST['check_email_address'], ADMIN_EMAIL_SUBJECT, sprintf(ADMIN_EMAIL_TEXT, $hiddenPassword), $_POST['check_firstname'] . ' ' . $_POST['admin_lastname'], $_POST['check_email_address']); smn_redirect(smn_href_link(FILENAME_ADMIN_ACCOUNT, 'page=' . $_GET['page'] . '&mID=' . $admin_id)); } break; } } $content_page = basename($_SERVER['PHP_SELF']); require 'templates/default/layout.php'; require DIR_WS_INCLUDES . 'application_bottom.php';
if ($gender == 'm') { $email_text = sprintf(EMAIL_GREET_MR, $lastname); } else { $email_text = sprintf(EMAIL_GREET_MS, $lastname); } } else { $email_text = sprintf(EMAIL_GREET_NONE, $firstname); } $email_text .= EMAIL_WELCOME . EMAIL_CONTACT . EMAIL_WARNING; if (NEW_SIGNUP_GIFT_VOUCHER_AMOUNT > 0) { $coupon_code = create_coupon_code(); $insert_query = smn_db_query("insert into " . TABLE_COUPONS . " (coupon_code, coupon_type, coupon_amount, date_created) values ('" . $coupon_code . "', 'G', '" . NEW_SIGNUP_GIFT_VOUCHER_AMOUNT . "', now())"); $insert_id = smn_db_insert_id($insert_query); $insert_query = smn_db_query("insert into " . TABLE_COUPON_EMAIL_TRACK . " (coupon_id, customer_id_sent, sent_firstname, emailed_to, date_sent) values ('" . $insert_id . "', '0', 'Admin', '" . $email_address . "', now() )"); $email_text .= sprintf(EMAIL_GV_INCENTIVE_HEADER, $currencies->format(NEW_SIGNUP_GIFT_VOUCHER_AMOUNT)) . "\n\n" . sprintf(EMAIL_GV_REDEEM, $coupon_code) . "\n\n" . EMAIL_GV_LINK . smn_href_link(FILENAME_GV_REDEEM, 'gv_no=' . $coupon_code, 'NONSSL', false) . "\n\n"; } if (NEW_SIGNUP_DISCOUNT_COUPON != '') { $coupon_code = NEW_SIGNUP_DISCOUNT_COUPON; $coupon_query = smn_db_query("select * from " . TABLE_COUPONS . " where coupon_code = '" . $coupon_code . "'"); $coupon = smn_db_fetch_array($coupon_query); $coupon_id = $coupon['coupon_id']; $coupon_desc_query = smn_db_query("select * from " . TABLE_COUPONS_DESCRIPTION . " where coupon_id = '" . $coupon_id . "' and language_id = '" . (int) $languages_id . "'"); $coupon_desc = smn_db_fetch_array($coupon_desc_query); $insert_query = smn_db_query("insert into " . TABLE_COUPON_EMAIL_TRACK . " (coupon_id, customer_id_sent, sent_firstname, emailed_to, date_sent) values ('" . $coupon_id . "', '0', 'Admin', '" . $email_address . "', now() )"); $email_text .= EMAIL_COUPON_INCENTIVE_HEADER . "\n" . sprintf("%s", $coupon_desc['coupon_description']) . "\n\n" . sprintf(EMAIL_COUPON_REDEEM, $coupon['coupon_code']) . "\n\n" . "\n\n"; } smn_mail($name, $email_address, EMAIL_SUBJECT, $email_text, $store->get_store_owner(), $store->get_store_owner_email_address()); smn_redirect(smn_href_link(FILENAME_CREATE_ACCOUNT_SUCCESS, '', 'NONSSL')); } } $breadcrumb->add(NAVBAR_TITLE, smn_href_link(FILENAME_CREATE_ACCOUNT, '', 'NONSSL'));
$order_updated = false; $check_status_query = smn_db_query("select * from " . TABLE_ORDERS . " where store_id = '" . $store_id . "' and orders_id = '" . (int) $oID . "'"); $check_status = smn_db_fetch_array($check_status_query); if ($check_status['orders_status'] != $status || smn_not_null($comments) || $status == DOWNLOADS_ORDERS_STATUS_UPDATED_VALUE) { smn_db_query("update " . TABLE_ORDERS . " set orders_status = '" . smn_db_input($status) . "', last_modified = now() where orders_id = '" . (int) $oID . "'"); if ($check_status['orders_status'] == DOWNLOADS_ORDERS_STATUS_UPDATED_VALUE) { smn_db_query("update " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " set download_maxdays = '" . smn_get_configuration_key_value('DOWNLOAD_MAX_DAYS') . "', download_count = '" . smn_get_configuration_key_value('DOWNLOAD_MAX_COUNT') . "' where store_id = '" . $store_id . "' and orders_id = '" . (int) $oID . "' "); } $customer_notified = '0'; if (isset($_POST['notify']) && $_POST['notify'] == 'on') { $notify_comments = ''; if (isset($_POST['notify_comments']) && $_POST['notify_comments'] == 'on') { $notify_comments = sprintf(EMAIL_TEXT_COMMENTS_UPDATE, $comments) . "\n\n"; } $email = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . smn_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id=' . $oID, 'NONSSL') . "\n" . EMAIL_TEXT_DATE_ORDERED . ' ' . smn_date_long($check_status['date_purchased']) . "\n\n" . $notify_comments . sprintf(EMAIL_TEXT_STATUS_UPDATE, $orders_status_array[$status]); smn_mail($check_status['customers_name'], $check_status['customers_email_address'], EMAIL_TEXT_SUBJECT, $email, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); $customer_notified = '1'; } smn_db_query("insert into " . TABLE_ORDERS_STATUS_HISTORY . " (orders_id, orders_status_id, date_added, customer_notified, comments) values ('" . (int) $oID . "', '" . smn_db_input($status) . "', now(), '" . smn_db_input($customer_notified) . "', '" . smn_db_input($comments) . "')"); $order_updated = true; } if ($order_updated == true) { $messageStack->add_session(SUCCESS_ORDER_UPDATED, 'success'); } else { $messageStack->add_session(WARNING_ORDER_NOT_UPDATED, 'warning'); } smn_redirect(smn_href_link(FILENAME_ORDERS, smn_get_all_get_params(array('action')) . 'action=edit')); break; case 'deleteconfirm': $oID = smn_db_prepare_input($_GET['oID']); smn_remove_order($oID, $_POST['restock']);
} break; case 'member_edit': $admin_id = smn_db_prepare_input($_POST['admin_id']); $hiddenPassword = '******'; $stored_email[] = 'NONE'; $check_email_query = smn_db_query("select admin_email_address from " . TABLE_ADMIN . " where admin_id <> " . $admin_id . ""); while ($check_email = smn_db_fetch_array($check_email_query)) { $stored_email[] = $check_email['admin_email_address']; } if (in_array($_POST['admin_email_address'], $stored_email)) { smn_redirect(smn_href_link(FILENAME_ADMIN_MEMBERS, 'page=' . $_GET['page'] . 'mID=' . $_GET['mID'] . '&error=email&action=edit_member')); } else { $sql_data_array = array('admin_groups_id' => smn_db_prepare_input($_POST['admin_groups_id']), 'admin_firstname' => smn_db_prepare_input($_POST['admin_firstname']), 'admin_lastname' => smn_db_prepare_input($_POST['admin_lastname']), 'admin_email_address' => smn_db_prepare_input($_POST['admin_email_address']), 'admin_modified' => 'now()'); smn_db_perform(TABLE_ADMIN, $sql_data_array, 'update', 'admin_id = \'' . $admin_id . '\''); smn_mail($_POST['admin_firstname'] . ' ' . $_POST['admin_lastname'], $_POST['admin_email_address'], ADMIN_EMAIL_SUBJECT, sprintf(ADMIN_EMAIL_TEXT, $_POST['admin_firstname'], HTTP_SERVER . DIR_WS_ADMIN, $_POST['admin_email_address'], $hiddenPassword, MALL_NAME), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); smn_redirect(smn_href_link(FILENAME_ADMIN_MEMBERS, 'page=' . $_GET['page'] . '&mID=' . $admin_id)); } break; case 'member_delete': $admin_id = smn_db_prepare_input($_POST['admin_id']); smn_db_query("delete from " . TABLE_ADMIN . " where admin_id = '" . $admin_id . "'"); smn_redirect(smn_href_link(FILENAME_ADMIN_MEMBERS, 'page=' . $_GET['page'])); break; case 'group_define': $selected_checkbox = $_POST['groups_to_boxes']; $define_files_query = smn_db_query("select admin_files_id from " . TABLE_ADMIN_FILES . " order by admin_files_id"); while ($define_files = smn_db_fetch_array($define_files_query)) { $admin_files_id = $define_files['admin_files_id']; if (in_array($admin_files_id, $selected_checkbox)) { $sql_data_array = array('admin_groups_id' => smn_db_prepare_input($_POST['checked_' . $admin_files_id]));
if (!smn_db_num_rows($check_admin_query)) { $_GET['login'] = '******'; } else { $check_admin = smn_db_fetch_array($check_admin_query); if ($check_admin['check_firstname'] != $firstname) { $_GET['login'] = '******'; } else { $_GET['login'] = '******'; function randomize() { $salt = "ABCDEFGHIJKLMNOPQRSTUVWXWZabchefghjkmnpqrstuvwxyz0123456789"; srand((double) microtime() * 1000000); $i = 0; while ($i <= 7) { $num = rand() % 33; $tmp = substr($salt, $num, 1); $pass = $pass . $tmp; $i++; } return $pass; } $makePassword = randomize(); smn_mail($check_admin['customers_firstname'] . ' ' . $check_admin['customers_lastname'], $check_admin['check_email_address'], EMAIL_PASSWORD_REMINDER_SUBJECT, sprintf(EMAIL_PASSWORD_REMINDER_BODY, $makePassword), $check_admin['check_firstname'] . ' ' . $check_admin['admin_lastname'], $check_admin['check_email_address']); smn_db_query("update " . TABLE_ADMIN . " set admin_password = '******' where admin_id = '" . $check_admin['check_id'] . "'"); } } } require DIR_WS_LANGUAGES . $language . '/' . FILENAME_LOGIN; $content_page = basename($_SERVER['PHP_SELF']); require 'templates/default/layout.php'; require DIR_WS_INCLUDES . 'application_bottom.php';