//
// XOS-Shop is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with XOS-Shop. If not, see <http://www.gnu.org/licenses/>.
////////////////////////////////////////////////////////////////////////////////
require 'includes/application_top.php';
if (!(@(include DIR_FS_SMARTY . 'admin/templates/' . ADMIN_TPL . '/php/' . FILENAME_ATTRIBUTES_QTY_LIST) == 'overwrite_all')) {
require DIR_FS_SMARTY . 'admin/languages/' . $_SESSION['language'] . '/' . FILENAME_CATEGORIES;
if (xos_has_product_attributes((int) $_GET['products_id']) && STOCK_CHECK == 'true') {
$product_query = xos_db_query("select attributes_quantity, attributes_not_updated from " . TABLE_PRODUCTS . " where products_status = '1' and products_id = '" . (int) $_GET['products_id'] . "'");
$product = xos_db_fetch_array($product_query);
$attributes_quantity = xos_get_attributes_quantity($product['attributes_quantity']);
if (xos_not_null($attributes_quantity) && !xos_not_null($product['attributes_not_updated'])) {
$opt_query = xos_db_query("select pa.options_id, po.products_options_name from " . TABLE_PRODUCTS_ATTRIBUTES . " pa, " . TABLE_PRODUCTS_OPTIONS . " po where pa.products_id = '" . (int) $_GET['products_id'] . "' and pa.options_id = po.products_options_id and po.language_id = '" . (int) $_SESSION['used_lng_id'] . "' order by pa.options_sort_order asc, pa.options_id asc");
$opt_array = array();
$opt_values_array = array();
$opt_result_array = array();
$opt_rows_array = array();
$opt_out_array = array();
$i = 0;
$ii = 1;
$option_id = '';
while ($opt = xos_db_fetch_array($opt_query)) {
if ($option_id == $opt['options_id']) {
$i--;
}
$opt_array[$i] = array('options_id' => $opt['options_id'], 'options_name' => $opt['products_options_name'], 'options_values_qty' => $option_id == $opt['options_id'] || $option_id == '' ? $ii : ($ii = 1));
// Stock Update
if (STOCK_LIMITED == 'true' && STOCK_CHECK == 'true') {
$product_id = xos_get_prid($order->products[$i]['id']);
if ($product_id == $order->products[$i]['id']) {
$stock_query = xos_db_query("select products_quantity from " . TABLE_PRODUCTS . " where products_id = '" . (int) $product_id . "'");
$stock_values = xos_db_fetch_array($stock_query);
$stock_left = $stock_values['products_quantity'] - $order->products[$i]['qty'];
xos_db_query("update " . TABLE_PRODUCTS . " set products_quantity = '" . (int) $stock_left . "' where products_id = '" . (int) $product_id . "'");
if ($stock_left < 1 && STOCK_ALLOW_CHECKOUT == 'false') {
xos_db_query("update " . TABLE_PRODUCTS . " set products_status = '0' where products_id = '" . (int) $product_id . "'");
$smarty->clearAllCache();
}
} else {
$stock_query = xos_db_query("select products_quantity, attributes_quantity from " . TABLE_PRODUCTS . " where products_id = '" . (int) $product_id . "'");
$stock_values = xos_db_fetch_array($stock_query);
$attributes_quantity = xos_get_attributes_quantity($stock_values['attributes_quantity']);
if (xos_not_null($attributes_quantity)) {
list($prid, $params_sting) = explode('-', $order->products[$i]['id']);
$stock_left = $attributes_quantity[$params_sting] - $order->products[$i]['qty'];
if ($attributes_quantity[$params_sting] > 0) {
$stock_values['products_quantity'] = $stock_values['products_quantity'] - min($attributes_quantity[$params_sting], $order->products[$i]['qty']);
}
$attributes_quantity[$params_sting] = $stock_left;
xos_db_query("update " . TABLE_PRODUCTS . " set products_quantity = '" . (int) max(0, $stock_values['products_quantity']) . "', attributes_quantity = '" . xos_db_input(serialize($attributes_quantity)) . "' where products_id = '" . (int) $product_id . "'");
if ($stock_left < 1) {
$smarty->clearCache(null, 'L3|cc_product_info');
}
if ($stock_values['products_quantity'] < 1 && STOCK_ALLOW_CHECKOUT == 'false') {
xos_db_query("update " . TABLE_PRODUCTS . " set products_status = '0' where products_id = '" . (int) $product_id . "'");
$smarty->clearAllCache();
}
$qty = 0;
if (xos_not_null($combinations['attributes_combinations'])) {
$attributes_not_updated = xos_get_attributes_not_updated($combinations['attributes_not_updated']);
foreach ($attributes_not_updated as $key_not_updated => $val_not_updated) {
if ($val_not_updated == $combinations['options_id'] . ',' . $combinations['options_values_id']) {
unset($attributes_not_updated[$key_not_updated]);
}
}
ksort($attributes_not_updated);
if (empty($attributes_not_updated)) {
$not_updated = "attributes_not_updated = null";
} else {
$not_updated = "attributes_not_updated = '" . xos_db_input(serialize($attributes_not_updated)) . "'";
}
$qty = $combinations['products_quantity'];
$attributes_quantity = xos_get_attributes_quantity($combinations['attributes_quantity']);
$combinations['attributes_combinations'] = trim($combinations['attributes_combinations'], '|');
$elements_comb = explode('|', $combinations['attributes_combinations']);
for ($i = 0, $n = sizeof($elements_comb); $i < $n; $i++) {
if (strpos($elements_comb[$i], $combinations['options_id'] . ',' . $combinations['options_values_id']) !== false) {
$qty -= $attributes_quantity[$elements_comb[$i]] > 0 ? $attributes_quantity[$elements_comb[$i]] : 0;
unset($attributes_quantity[$elements_comb[$i]]);
unset($elements_comb[$i]);
}
}
ksort($attributes_quantity);
ksort($elements_comb);
$comb_str = '';
$comb_str = implode('|', $elements_comb);
$qty < 1 || $comb_str == '' ? $qty = 0 : '';
if ($comb_str != '') {
function xos_remove_order($order_id, $restock = false, $orders_status_code = '')
{
global $messageStack;
$order_query = xos_db_query("select products_id, products_model, products_name, products_attributes_sting, products_quantity from " . TABLE_ORDERS_PRODUCTS . " where orders_id = '" . (int) $order_id . "'");
while ($order = xos_db_fetch_array($order_query)) {
$error = false;
if ($restock == 'on') {
$stock_query = xos_db_query("select products_quantity, attributes_quantity from " . TABLE_PRODUCTS . " where products_id = '" . (int) $order['products_id'] . "'");
$stock_values = xos_db_fetch_array($stock_query);
if (xos_not_null($order['products_attributes_sting'])) {
$attributes_quantity = xos_get_attributes_quantity($stock_values['attributes_quantity']);
if (xos_not_null($attributes_quantity[$order['products_attributes_sting']])) {
$stock_new = $attributes_quantity[$order['products_attributes_sting']] + $order['products_quantity'];
if ($attributes_quantity[$order['products_attributes_sting']] >= 0) {
$stock_values['products_quantity'] = $stock_values['products_quantity'] + $order['products_quantity'];
} else {
$stock_values['products_quantity'] = $stock_values['products_quantity'] + max(0, $stock_new);
}
$attributes_quantity[$order['products_attributes_sting']] = $stock_new;
xos_db_query("update " . TABLE_PRODUCTS . " set products_quantity = '" . (int) $stock_values['products_quantity'] . "', products_last_modified = now(), attributes_quantity = '" . xos_db_input(serialize($attributes_quantity)) . "' where products_id = '" . (int) $order['products_id'] . "'");
} else {
$error = true;
$messageStack->add_session('header', sprintf(COULD_NOT_RESTOCK_PRODUCT_QUANTITY, $order['products_model'], $order['products_name']), 'error');
}
} else {
if (xos_not_null($stock_values['attributes_quantity'])) {
$error = true;
$messageStack->add_session('header', sprintf(COULD_NOT_RESTOCK_PRODUCT_QUANTITY, $order['products_model'], $order['products_name']), 'error');
} else {
xos_db_query("update " . TABLE_PRODUCTS . " set products_quantity = products_quantity + " . $order['products_quantity'] . ", products_last_modified = now() where products_id = '" . (int) $order['products_id'] . "'");
}
}
}
// Update products_ordered (for bestsellers list)
if (!$error && $orders_status_code != 'paypal_st') {
xos_db_query("update " . TABLE_PRODUCTS . " set products_ordered = products_ordered - " . $order['products_quantity'] . " where products_id = '" . (int) $order['products_id'] . "'");
}
}
xos_db_query("delete from " . TABLE_ORDERS . " where orders_id = '" . (int) $order_id . "'");
xos_db_query("delete from " . TABLE_ORDERS_PRODUCTS . " where orders_id = '" . (int) $order_id . "'");
xos_db_query("delete from " . TABLE_ORDERS_PRODUCTS_ATTRIBUTES . " where orders_id = '" . (int) $order_id . "'");
xos_db_query("delete from " . TABLE_ORDERS_STATUS_HISTORY . " where orders_id = '" . (int) $order_id . "'");
xos_db_query("delete from " . TABLE_ORDERS_TOTAL . " where orders_id = '" . (int) $order_id . "'");
xos_db_query('delete from ' . TABLE_ORDERS_PRODUCTS_DOWNLOAD . ' where orders_id = "' . (int) $order_id . '"');
}
function xos_check_stock($products_id, $products_quantity)
{
$out_of_stock = '';
$product_id = xos_get_prid($products_id);
if ($product_id == $products_id) {
$stock_query = xos_db_query("select products_quantity from " . TABLE_PRODUCTS . " where products_id = '" . (int) $product_id . "'");
$stock_values = xos_db_fetch_array($stock_query);
} else {
$stock_query = xos_db_query("select attributes_quantity from " . TABLE_PRODUCTS . " where products_id = '" . (int) $product_id . "'");
$stock_values = xos_db_fetch_array($stock_query);
$attributes_quantity = xos_get_attributes_quantity($stock_values['attributes_quantity']);
list($prid, $params_sting) = explode('-', $products_id);
$stock_values['products_quantity'] = $attributes_quantity[$params_sting];
}
if ($stock_values['products_quantity'] - $products_quantity < 0) {
$out_of_stock = '<span class="mark-product-out-of-stock">' . STOCK_MARK_PRODUCT_OUT_OF_STOCK . '</span>';
}
return $out_of_stock;
}
function restore_contents()
{
if (!isset($_SESSION['customer_id'])) {
return false;
}
// insert current cart contents in database
if (is_array($this->contents)) {
reset($this->contents);
while (list($products_id, ) = each($this->contents)) {
$qty = $this->contents[$products_id]['qty'];
$product_query = xos_db_query("select products_id from " . TABLE_CUSTOMERS_BASKET . " where customers_id = '" . (int) $_SESSION['customer_id'] . "' and products_id = '" . xos_db_input($products_id) . "'");
if (!xos_db_num_rows($product_query)) {
xos_db_query("insert into " . TABLE_CUSTOMERS_BASKET . " (customers_id, products_id, customers_basket_quantity, customers_basket_date_added) values ('" . (int) $_SESSION['customer_id'] . "', '" . xos_db_input($products_id) . "', '" . $qty . "', '" . date('Ymd') . "')");
} else {
xos_db_query("update " . TABLE_CUSTOMERS_BASKET . " set customers_basket_quantity = '" . $qty . "' where customers_id = '" . (int) $_SESSION['customer_id'] . "' and products_id = '" . xos_db_input($products_id) . "'");
}
}
}
// reset per-session cart contents, but not the database contents
$this->reset(false);
$products_query = xos_db_query("select products_id, customers_basket_quantity from " . TABLE_CUSTOMERS_BASKET . " where customers_id = '" . (int) $_SESSION['customer_id'] . "' order by customers_basket_id ");
while ($products = xos_db_fetch_array($products_query)) {
$this->contents[$products['products_id']] = array('qty' => $products['customers_basket_quantity']);
// attributes
if (strpos($products['products_id'], '-') !== false) {
list($prid, $attributes_sting) = explode('-', $products['products_id']);
$attributes_values = explode('_', $attributes_sting);
for ($i = 0, $n = sizeof($attributes_values); $i < $n; $i++) {
list($key, $value) = explode(',', $attributes_values[$i]);
if (is_numeric($key) && is_numeric($value)) {
$this->contents[$products['products_id']]['attributes'][$key] = $value;
}
}
}
}
if (isset($_SESSION['customer_id'])) {
xos_db_query("delete from " . TABLE_CUSTOMERS_BASKET . " where customers_id = '" . (int) $_SESSION['customer_id'] . "'");
}
// basket und cart auf Basis des Produktangebots aktualisieren (begin)
if (is_array($this->contents)) {
reset($this->contents);
while (list($products_id, ) = each($this->contents)) {
$check_basket = false;
$qty = $this->contents[$products_id]['qty'];
$product_check_query = xos_db_query("select p.products_id, p.attributes_quantity, p.attributes_combinations from " . TABLE_PRODUCTS . " p left join " . TABLE_PRODUCTS_TO_CATEGORIES . " p2c on p.products_id = p2c.products_id left join " . TABLE_CATEGORIES_OR_PAGES . " c on p2c.categories_or_pages_id = c.categories_or_pages_id where c.categories_or_pages_status = '1' and p.products_status = '1' and p.products_id = '" . xos_db_input(xos_get_prid($products_id)) . "'");
if (xos_db_num_rows($product_check_query) > 0) {
$product_check = xos_db_fetch_array($product_check_query);
$check_basket = true;
if (isset($this->contents[$products_id]['attributes'])) {
reset($this->contents[$products_id]['attributes']);
while (list($option, $value) = each($this->contents[$products_id]['attributes'])) {
$attributes_check_query = xos_db_query("select count(*) as total from " . TABLE_PRODUCTS_ATTRIBUTES . " where options_id = '" . (int) $option . "' and options_values_id = '" . (int) $value . "' and products_id = '" . xos_db_input(xos_get_prid($products_id)) . "'");
$attributes_check = xos_db_fetch_array($attributes_check_query);
if ($attributes_check['total'] > 0) {
if (xos_not_null($product_check['attributes_combinations']) && strpos($products_id, '-') !== false) {
list($prid, $attributes_sting) = explode('-', $products_id);
$combinations = explode('|', $product_check['attributes_combinations']);
if (!in_array($attributes_sting, $combinations)) {
$check_basket = false;
} elseif (STOCK_CHECK == 'true' && STOCK_ALLOW_CHECKOUT == 'false') {
$attributes_quantity = xos_get_attributes_quantity($product_check['attributes_quantity']);
if ($attributes_quantity[$attributes_sting] < 1) {
$check_basket = false;
}
}
}
} else {
$check_basket = false;
}
}
} elseif (xos_has_product_attributes($products_id)) {
$check_basket = false;
}
}
if ($check_basket == true) {
xos_db_query("insert into " . TABLE_CUSTOMERS_BASKET . " (customers_id, products_id, customers_basket_quantity, customers_basket_date_added) values ('" . (int) $_SESSION['customer_id'] . "', '" . xos_db_input($products_id) . "', '" . $qty . "', '" . date('Ymd') . "')");
}
}
}
// reset per-session cart contents, but not the database contents
$this->reset(false);
$products_query = xos_db_query("select products_id, customers_basket_quantity from " . TABLE_CUSTOMERS_BASKET . " where customers_id = '" . (int) $_SESSION['customer_id'] . "' order by customers_basket_id ");
while ($products = xos_db_fetch_array($products_query)) {
$this->contents[$products['products_id']] = array('qty' => $products['customers_basket_quantity']);
// attributes
if (strpos($products['products_id'], '-') !== false) {
list($prid, $attributes_sting) = explode('-', $products['products_id']);
$attributes_values = explode('_', $attributes_sting);
for ($i = 0, $n = sizeof($attributes_values); $i < $n; $i++) {
list($key1, $value1) = explode(',', $attributes_values[$i]);
if (is_numeric($key1) && is_numeric($value1)) {
$this->contents[$products['products_id']]['attributes'][$key1] = $value1;
}
}
}
}
// basket und cart auf Basis des Produktangebots aktualisieren (end)
$this->cleanup();
// assign a temporary unique ID to the order contents to prevent hack attempts during the checkout procedure
$this->cartID = $this->generate_cart_id();
}