function xtc_get_next_ibillnr()
    $query = "select \r\n              configuration_value \r\n            from " . TABLE_CONFIGURATION . "\r\n            where \r\n              configuration_key = 'IBN_BILLNR'";
    $result = xtc_db_query($query);
    $data = xtc_db_fetch_array($result);
    return $data['configuration_value'];
function affiliate_insert($sql_data_array, $affiliate_parent = 0)
    @mysql_query("LOCK TABLES " . TABLE_AFFILIATE . " WRITE");
    if ($affiliate_parent > 0) {
        $affiliate_root_query = xtc_db_query("select affiliate_root, affiliate_rgt, affiliate_lft�from  " . TABLE_AFFILIATE . " where affiliate_id = '" . $affiliate_parent . "' ");
        // Check if we have a parent affiliate
        if ($affiliate_root_array = xtc_db_fetch_array($affiliate_root_query)) {
            xtc_db_query("update " . TABLE_AFFILIATE . " SET affiliate_lft = affiliate_lft + 2 WHERE affiliate_root  =  '" . $affiliate_root_array['affiliate_root'] . "' and  affiliate_lft > " . $affiliate_root_array['affiliate_rgt'] . "  AND affiliate_rgt >= " . $affiliate_root_array['affiliate_rgt'] . " ");
            xtc_db_query("update " . TABLE_AFFILIATE . " SET affiliate_rgt = affiliate_rgt + 2 WHERE affiliate_root  =  '" . $affiliate_root_array['affiliate_root'] . "' and  affiliate_rgt >= " . $affiliate_root_array['affiliate_rgt'] . "  ");
            $sql_data_array['affiliate_root'] = $affiliate_root_array['affiliate_root'];
            $sql_data_array['affiliate_lft'] = $affiliate_root_array['affiliate_rgt'];
            $sql_data_array['affiliate_rgt'] = $affiliate_root_array['affiliate_rgt'] + 1;
            xtc_db_perform(TABLE_AFFILIATE, $sql_data_array);
            $affiliate_id = xtc_db_insert_id();
        // no parent -> new root
    } else {
        $sql_data_array['affiliate_lft'] = '1';
        $sql_data_array['affiliate_rgt'] = '2';
        xtc_db_perform(TABLE_AFFILIATE, $sql_data_array);
        $affiliate_id = xtc_db_insert_id();
        xtc_db_query("update " . TABLE_AFFILIATE . " set affiliate_root = '" . $affiliate_id . "' where affiliate_id = '" . $affiliate_id . "' ");
    @mysql_query("UNLOCK TABLES");
    return $affiliate_id;
function xtc_oe_customer_infos($customers_id)
    $customer_query = xtc_db_query("select a.entry_country_id, a.entry_zone_id from " . TABLE_CUSTOMERS . " c, " . TABLE_ADDRESS_BOOK . " a where c.customers_id  = '" . xtc_db_input((int) $customers_id) . "' and c.customers_id = a.customers_id and c.customers_default_address_id = a.address_book_id");
    $customer = xtc_db_fetch_array($customer_query);
    $customer_info_array = array('country_id' => $customer['entry_country_id'], 'zone_id' => $customer['entry_zone_id']);
    return $customer_info_array;
function checkAttribute($current_value_id, $current_pid, $current_product_option_id)
    global $attr_array, $attr_dl_array;
    //web28 - 2012-07-15 - change global variable list to array
    $query = "SELECT *\n                FROM " . TABLE_PRODUCTS_ATTRIBUTES . "\n               WHERE options_values_id = '" . $current_value_id . "'\n                 AND products_id = ' " . $current_pid . "'\n                 AND options_id = '" . $current_product_option_id . "'";
    $result = xtc_db_query($query);
    $isFound = xtc_db_num_rows($result);
    $attr_array = array();
    $attr_dl_array = array();
    if ($isFound) {
        while ($line = xtc_db_fetch_array($result)) {
            // download function start
            $attr_array = $line;
            $dl_sql = xtc_db_query("SELECT products_attributes_maxdays,\n                                       products_attributes_filename,\n                                       products_attributes_maxcount\n                                 FROM " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . "\n                                 WHERE products_attributes_id = '" . $line['products_attributes_id'] . "'") or die(mysqli_error(xtc_db_connect()));
            $attr_dl_array = xtc_db_fetch_array($dl_sql);
            // download function end
            //price prefixes
            $attr_array['posCheck'] = $line['price_prefix'] == '+' ? ' SELECTED' : '';
            $attr_array['negCheck'] = $line['price_prefix'] == '-' ? ' SELECTED' : '';
            //weight prefixes
            $attr_array['posCheck_weight'] = $line['weight_prefix'] == '+' ? ' SELECTED' : '';
            $attr_array['negCheck_weight'] = $line['weight_prefix'] == '-' ? ' SELECTED' : '';
            //echo print_r($attr_array).'<br>';
        return true;
    } else {
        return false;
function xtc_get_download($content_id)
    $content_query = xtc_db_query("SELECT\n\t\t\t\t\tcontent_file,\n\t\t\t\t\tcontent_read\n\t\t\t\t\tFROM " . TABLE_PRODUCTS_CONTENT . "\n\t\t\t\t\tWHERE content_id='" . xtc_db_input((int) $content_id) . "'");
    $content_data = xtc_db_fetch_array($content_query);
    // update file counter
    xtc_db_query("UPDATE \n\t\t\t" . TABLE_PRODUCTS_CONTENT . " \n\t\t\tSET content_read='" . ($content_data['content_read'] + 1) . "'\n\t\t\tWHERE content_id='" . xtc_db_input((int) $content_id) . "'");
    // original filename
    $filename = DIR_FS_CATALOG . 'media/products/' . $content_data['content_file'];
    $backup_filename = DIR_FS_CATALOG . 'media/products/backup/' . $content_data['content_file'];
    // create md5 hash id from original file
    $orign_hash_id = md5_file($filename);
    // create new filename with timestamp
    $timestamp = str_replace('.', '', microtime());
    $timestamp = str_replace(' ', '', $timestamp);
    $new_filename = DIR_FS_CATALOG . 'media/products/' . $timestamp . strstr($content_data['content_file'], '.');
    // rename file
    rename($filename, $new_filename);
    if (file_exists($new_filename)) {
        header("Content-type: application/force-download");
        header("Content-Disposition: attachment; filename=" . $new_filename);
        // rename file to original name
        rename($new_filename, $filename);
        $new_hash_id = md5_file($filename);
        // check hash id of file again, if not same, get backup!
        if ($new_hash_id != $orign_hash_id) {
            copy($backup_filename, $filename);
  * Perform a checkOrder
  * @param int    $id          order id
  * @param string $paymentCode payment option code
  * @return void
 public function checkOrder($id, $paymentCode)
     global $xtPrice;
     $orderId = mysqli_real_escape_string(xtc_db_connect(), $_GET['oID']);
     $comments = $this->_getComments($orderId);
     // Don't update orderstatus if it is already updated to approved once.
     foreach ($comments as $comment) {
         if (strstr($comment, $this->_assembleOrderComment(self::APPROVED))) {
             $this->_showError("Klarna Status already updated and approved.");
     $ref = $this->_getRefNumber($orderId);
     if ($ref === null) {
         $this->_showError("No matching reference found for order id {$orderId}.");
     $statusName = null;
     try {
         $statusName = $this->_getStatus(KiTT::api($this->_getOrderCountry()), $ref);
     } catch (Exception $e) {
         $this->_showError($e->getMessage() . " Is {$paymentCode} configured?");
     if ($statusName === null) {
     $newComment = $this->_assembleOrderComment($statusName);
     echo "<br /> {$newComment} <br />";
     $order_status_id = $this->_getPaymentStatusID($paymentCode, $statusName);
     $sql_data_arr = array('orders_id' => $orderId, 'orders_status_id' => $order_status_id, 'comments' => $newComment, 'customer_notified' => 0, 'date_added' => date("Y-m-d H:i:s"));
     $this->_klarnaDB->perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_arr);
     xtc_db_query("UPDATE " . TABLE_ORDERS . " SET orders_status='" . $order_status_id . "' WHERE orders_id='" . $orderId . "'");
function xtc_get_shop_conf($configuration_key, $result_type = 'ASSOC')
    $configuration_values = false;
    if ($result_type == 'ASSOC' || $result_type == 'NUMERIC') {
        if (is_array($configuration_key)) {
            foreach ($configuration_key as $key) {
                $configuration_query = xtc_db_query("\n\t\t\t\t\t\t\t\t\t\t\tSELECT\n\t\t\t\t\t\t\t\t\t\t\t\tconfiguration_value\n\t\t\t\t\t\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t\t\t\t\t\tshop_configuration\n\t\t\t\t\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\t\t\t\t\tconfiguration_key = '" . xtc_db_input($key) . "'\n\t\t\t\t\t\t\t\t\t\t\t\tLIMIT 1\n\t\t\t\t\t\t\t\t\t\t\t");
                if (xtc_db_num_rows($configuration_query) == 1) {
                    if ($configuration_values == false) {
                        $configuration_values = array();
                    $configuration_row = xtc_db_fetch_array($configuration_query);
                    if ($result_type == 'ASSOC') {
                        $configuration_values[$key] = $configuration_row['configuration_value'];
                    } else {
                        $configuration_values[] = $configuration_row['configuration_value'];
        } else {
            $configuration_query = xtc_db_query("\n\t\t\t\t\t\t\t\t\t\tSELECT\n\t\t\t\t\t\t\t\t\t\t\tconfiguration_value\n\t\t\t\t\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t\t\t\t\tshop_configuration\n\t\t\t\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\t\t\t\tconfiguration_key = '" . xtc_db_input($configuration_key) . "'\n\t\t\t\t\t\t\t\t\t\t\tLIMIT 1\n\t\t\t\t\t\t\t\t\t\t");
            if (xtc_db_num_rows($configuration_query) == 1) {
                if ($configuration_values == false) {
                    $configuration_values = '';
                $configuration_row = xtc_db_fetch_array($configuration_query);
                $configuration_values = $configuration_row['configuration_value'];
    return $configuration_values;
function xtc_address_format($address_format_id, $address, $html, $boln, $eoln)
    $address_format_query = xtc_db_query("select address_format as format from " . TABLE_ADDRESS_FORMAT . " where address_format_id = '" . xtc_db_input((int) $address_format_id) . "'");
    $address_format = xtc_db_fetch_array($address_format_query);
    $company = addslashes($address['company']);
    $firstname = addslashes($address['firstname']);
    $lastname = addslashes($address['lastname']);
    $street = addslashes($address['street_address']);
    $suburb = addslashes($address['suburb']);
    $city = addslashes($address['city']);
    $state = addslashes($address['state']);
    $country_id = $address['country_id'];
    $zone_id = $address['zone_id'];
    $postcode = addslashes($address['postcode']);
    $zip = $postcode;
    $country = xtc_get_country_name($country_id);
    $state = xtc_get_zone_code($country_id, $zone_id, $state);
    if ($html) {
        // HTML Mode
        $HR = '<hr />';
        $hr = '<hr />';
        if ($boln == '' && $eoln == "\n") {
            // Values not specified, use rational defaults
            $CR = '<br />';
            $cr = '<br />';
            $eoln = $cr;
        } else {
            // Use values supplied
            $CR = $eoln . $boln;
            $cr = $CR;
    } else {
        // Text Mode
        $CR = $eoln;
        $cr = $CR;
        $HR = '----------------------------------------';
        $hr = '----------------------------------------';
    $statecomma = '';
    $streets = $street;
    if ($suburb != '') {
        $streets = $street . $cr . $suburb;
    if ($firstname == '') {
        $firstname = addslashes($address['name']);
    if ($country == '') {
        $country = addslashes($address['country']);
    if ($state != '') {
        $statecomma = $state . ', ';
    $fmt = $address_format['format'];
    eval("\$address = \"{$fmt}\";");
    if (ACCOUNT_COMPANY == 'true' && xtc_not_null($company)) {
        $address = $company . $cr . $address;
    $address = stripslashes($address);
    return $address;
function xtc_address_label($customers_id, $address_id = 1, $html = false, $boln = '', $eoln = "\n")
    $address_query = xtc_db_query("select entry_firstname as firstname, entry_lastname as lastname, entry_company as company, entry_street_address as street_address, entry_suburb as suburb, entry_city as city, entry_postcode as postcode, entry_state as state, entry_zone_id as zone_id, entry_country_id as country_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . xtc_db_input((int) $customers_id) . "' and address_book_id = '" . xtc_db_input((int) $address_id) . "'");
    $address = xtc_db_fetch_array($address_query);
    $format_id = xtc_get_address_format_id($address['country_id']);
    return xtc_address_format($format_id, $address, $html, $boln, $eoln);
function xtc_display_banner($action, $identifier)
    if ($action == 'dynamic') {
        $banners_query = xtc_db_query("select count(*) as count from " . TABLE_BANNERS . " where status = '1' and banners_group = '" . xtc_db_input($identifier) . "'");
        $banners = xtc_db_fetch_array($banners_query);
        if ($banners['count'] > 0) {
            $banner = xtc_random_select("select banners_id, banners_title, banners_image, banners_html_text from " . TABLE_BANNERS . " where status = '1' and banners_group = '" . xtc_db_input($identifier) . "'");
        } else {
            return '<strong>XTC ERROR! (xtc_display_banner(' . $action . ', ' . $identifier . ') -> No banners with group \'' . $identifier . '\' found!</strong>';
    } elseif ($action == 'static') {
        if (is_array($identifier)) {
            $banner = $identifier;
        } else {
            $banner_query = xtc_db_query("select banners_id, banners_title, banners_image, banners_html_text from " . TABLE_BANNERS . " where status = '1' and banners_id = '" . xtc_db_input($identifier) . "'");
            if (xtc_db_num_rows($banner_query)) {
                $banner = xtc_db_fetch_array($banner_query);
            } else {
                return '<strong>XTC ERROR! (xtc_display_banner(' . $action . ', ' . $identifier . ') -> Banner with ID \'' . $identifier . '\' not found, or status inactive</strong>';
    } else {
        return '<strong>XTC ERROR! (xtc_display_banner(' . $action . ', ' . $identifier . ') -> Unknown $action parameter value - it must be either \'dynamic\' or \'static\'</strong>';
    if (xtc_not_null($banner['banners_html_text'])) {
        $banner_string = $banner['banners_html_text'];
    } else {
        $banner_string = '<a href="' . xtc_href_link(FILENAME_REDIRECT, 'action=banner&goto=' . $banner['banners_id']) . '" onclick="; return false;">' . xtc_image(DIR_WS_IMAGES . 'banner/' . $banner['banners_image'], $banner['banners_title']) . '</a>';
    return $banner_string;
function xtc_get_products_stock($products_id)
    $products_id = xtc_get_prid($products_id);
    $stock_query = xtc_db_query("select products_quantity from " . TABLE_PRODUCTS . " where products_id = '" . xtc_db_input((int) $products_id) . "'");
    $stock_values = xtc_db_fetch_array($stock_query);
    return $stock_values['products_quantity'];
 function proceed()
     // Nur laden wenn StyleEdit deaktiviert ist.
     if ($_SESSION['style_edit_mode'] != 'edit' && $_SESSION['style_edit_mode'] != 'sos') {
         // Gibt es einen aktiven Slider für die Startseite?
         $_ceck = xtc_db_query("SELECT\n                                        slider_id,\n                                        slider_parameter\n                                    FROM\n                                        multislider\n                                    WHERE\n                                        slider_position = 'startpage'\n                                    AND\n                                        slider_status = 1");
         if (xtc_db_num_rows($_ceck) > 0) {
             // die benötigten Scripte einbinden
             include_once DIR_FS_CATALOG . 'multislider/js/jquery.easing.1.3.min.js';
             include_once DIR_FS_CATALOG . 'multislider/js/jquery.banner-rotator.min.js';
             $_s = xtc_db_fetch_array(xtc_db_query("SELECT slider_parameter FROM multislider WHERE slider_position = 'startpage' AND slider_status = 1"));
             $_d = unserialize(urldecode($_s['slider_parameter']));
             $j = "\$(window).load(function(){ \$('#startpage_slider').bannerRotator({";
             foreach ($_d as $key => $val) {
                 if (is_numeric($val) or $val == 'true' or $val == 'false') {
                     $j .= $key . ":{$val},";
                 } else {
                     $j .= $key . ":'{$val}',";
             $j .= "borderWidth:0,layerOnHover:false });});";
             echo $j . "\n";
function xtc_get_customers_country($customers_id)
    $customers_query = xtc_db_query("select customers_default_address_id from " . TABLE_CUSTOMERS . " where customers_id = '" . xtc_db_input((int) $customers_id) . "'");
    $customers = xtc_db_fetch_array($customers_query);
    $address_book_query = xtc_db_query("select entry_country_id from " . TABLE_ADDRESS_BOOK . " where address_book_id = '" . xtc_db_input((int) $customers['customers_default_address_id']) . "'");
    $address_book = xtc_db_fetch_array($address_book_query);
    return $address_book['entry_country_id'];
 * Get the order details
 * @global <type> $last_order
 * @param mixed $goal
 * @return string Code for the eCommerce tracking
function getOrderDetailsPiwik($goal)
    global $last_order;
    // from checkout_success.php
    $query = xtc_db_query("-- function.piwik.php\n    SELECT value\n    FROM " . TABLE_ORDERS_TOTAL . "\n    WHERE orders_id = '" . $last_order . "' AND class='ot_total'");
    $orders_total = xtc_db_fetch_array($query);
    return "_paq.push(['trackGoal', '" . $goal . "', '" . $orders_total['value'] . "' ]);\n";
예제 #15
 function currencies()
     $this->currencies = array();
     $currencies_query = xtc_db_query("select code, title, symbol_left, symbol_right, decimal_point, thousands_point, decimal_places, value from " . TABLE_CURRENCIES);
     while ($currencies = xtc_db_fetch_array($currencies_query)) {
         $this->currencies[$currencies['code']] = array('title' => $currencies['title'], 'symbol_left' => $currencies['symbol_left'], 'symbol_right' => $currencies['symbol_right'], 'decimal_point' => $currencies['decimal_point'], 'thousands_point' => $currencies['thousands_point'], 'decimal_places' => $currencies['decimal_places'], 'value' => $currencies['value']);
 public function readDB($sql)
     try {
         $result = xtc_db_query($sql);
         return array(xtc_db_fetch_array($result));
     } catch (Exception $e) {
function xtc_set_customer_status_upgrade($customer_id)
    if ($_SESSION['customer_status_value']['customers_status_id'] == "' . DEFAULT_CUSTOMERS_STATUS_ID_NEWSLETTER .'" and $_SESSION['customer_status_value']['customers_is_newsletter'] == 0) {
        xtc_db_query("update " . TABLE_CUSTOMERS . " set customers_status = '" . DEFAULT_CUSTOMERS_STATUS_ID . "' where customers_id = '" . xtc_db_input((int) $_SESSION['customer_id']) . "'");
        xtc_db_query("insert into " . TABLE_CUSTOMERS_STATUS_HISTORY . " (customers_id, new_value, old_value, date_added, customer_notified) values ('" . xtc_db_input((int) $_SESSION['customer_id']) . "', '" . DEFAULT_CUSTOMERS_STATUS_ID . "', '" . DEFAULT_CUSTOMERS_STATUS_ID_NEWSLETTER . "', now(), '" . $customer_notified . "')");
    return 1;
 function splitPageResults($query, $page, $max_rows, $count_key = '*')
     $this->sql_query = $query;
     if (empty($page) || !is_numeric($page)) {
         $page = 1;
     $this->current_page_number = $page;
     $this->number_of_rows_per_page = $max_rows;
     $pos_to = strlen($this->sql_query);
     $pos_from = strpos(strtoupper($this->sql_query), ' FROM', 0);
     $pos_group_by = strpos(strtoupper($this->sql_query), ' GROUP BY', $pos_from);
     if ($pos_group_by < $pos_to && $pos_group_by != false) {
         $pos_to = $pos_group_by;
     $pos_having = strpos(strtoupper($this->sql_query), ' HAVING', $pos_from);
     if ($pos_having < $pos_to && $pos_having != false) {
         $pos_to = $pos_having;
     $pos_order_by = strpos(strtoupper($this->sql_query), ' ORDER BY', $pos_from);
     if ($pos_order_by < $pos_to && $pos_order_by != false) {
         $pos_to = $pos_order_by;
     if (strpos(strtoupper($this->sql_query), 'DISTINCT') || strpos(strtoupper($this->sql_query), 'GROUP BY')) {
         $count_string = 'DISTINCT ' . xtc_db_input($count_key);
         //$count_string = xtc_db_input($count_key);
     } else {
         $count_string = xtc_db_input($count_key);
     //BOF - DokuMan - 2010-08-26 - performance improvement
     //$count_query = xtDBquery($query);
     //$count = xtc_db_num_rows($count_query,true);
     $reviews_count_query = xtc_db_query("select count(" . $count_string . ") as total " . substr($query, $pos_from, $pos_to - $pos_from));
     $reviews_count = xtc_db_fetch_array($reviews_count_query);
     $count = $reviews_count['total'];
     //EOF - DokuMan - 2010-08-26 - performance improvement
     $this->number_of_rows = $count;
     //BOF -web28- 2010-08-07 - FIX Division by Zero
     //$this->number_of_pages = ceil($this->number_of_rows / $this->number_of_rows_per_page);
     if ($this->number_of_rows_per_page > 0) {
         $this->number_of_pages = ceil($this->number_of_rows / $this->number_of_rows_per_page);
     } else {
         $this->number_of_pages = 0;
     //EOF -web28- 2010-08-07 - FIX Division by Zero
     if ($this->current_page_number > $this->number_of_pages) {
         $this->current_page_number = $this->number_of_pages;
     $offset = $this->number_of_rows_per_page * ($this->current_page_number - 1);
     //BOF -web28- 2010-08-07 - FIX possible $offset = -0
     if ($offset < 1) {
         $offset = 0;
     //EOF -web28- 2010-08-07 - FIX possible $offset = -0
     //BOF - DokuMan - 2010-08-26 - limit by highest offset
     //$this->sql_query .= " LIMIT " . $offset . ", " . $this->number_of_rows_per_page;
     $this->sql_query .= " LIMIT " . max((int) $offset, 0) . ", " . $this->number_of_rows_per_page;
     //EOF - DokuMan - 2010-08-26 - limit by highest offset
function xtc_get_cross_sell_name($cross_sell_group, $language_id = '')
    if (!$language_id) {
        $language_id = $_SESSION['languages_id'];
    $cross_sell_query = xtc_db_query("select groupname from " . TABLE_PRODUCTS_XSELL_GROUPS . " where products_xsell_grp_name_id = '" . xtc_db_input((int) $cross_sell_group) . "' and language_id = '" . xtc_db_input((int) $language_id) . "'");
    $cross_sell = xtc_db_fetch_array($cross_sell_query);
    return $cross_sell['groupname'];
function xtc_expire_specials()
    $specials_query = xtc_db_query("select specials_id from " . TABLE_SPECIALS . " where status = '1' and now() >= expires_date and expires_date > 0");
    if (xtc_db_num_rows($specials_query)) {
        while ($specials = xtc_db_fetch_array($specials_query)) {
            xtc_set_specials_status($specials['specials_id'], '0');
function xtc_oe_get_options_name($products_options_id, $language = '')
    if (empty($language)) {
        $language = $_SESSION['languages_id'];
    $product_query = xtc_db_query("select products_options_name from " . TABLE_PRODUCTS_OPTIONS . " where products_options_id = '" . xtc_db_input((int) $products_options_id) . "' and language_id = '" . xtc_db_input((int) $language) . "'");
    $product = xtc_db_fetch_array($product_query);
    return $product['products_options_name'];
function xtc_update_banner_display_count($banner_id)
    $banner_check_query = xtc_db_query("select count(*) as count from " . TABLE_BANNERS_HISTORY . " where banners_id = '" . xtc_db_input((int) $banner_id) . "' and date_format(banners_history_date, '%Y%m%d') = date_format(now(), '%Y%m%d')");
    $banner_check = xtc_db_fetch_array($banner_check_query);
    if ($banner_check['count'] > 0) {
        xtc_db_query("update " . TABLE_BANNERS_HISTORY . " set banners_shown = banners_shown + 1 where banners_id = '" . xtc_db_input((int) $banner_id) . "' and date_format(banners_history_date, '%Y%m%d') = date_format(now(), '%Y%m%d')");
    } else {
        xtc_db_query("insert into " . TABLE_BANNERS_HISTORY . " (banners_id, banners_shown, banners_history_date) values ('" . xtc_db_input((int) $banner_id) . "', 1, now())");
function xtc_get_zone_name($country_id, $zone_id, $default_zone)
    $zone_query = xtc_db_query("select zone_name from " . TABLE_ZONES . " where zone_country_id = '" . xtc_db_input((int) $country_id) . "' and zone_id = '" . xtc_db_input((int) $zone_id) . "'");
    if (xtc_db_num_rows($zone_query)) {
        $zone = xtc_db_fetch_array($zone_query);
        return $zone['zone_name'];
    } else {
        return $default_zone;
 * affiliate_get_status_array()
 * @return  array of available order status in current language
function affiliate_get_status_array()
    $status_array = array();
    $status_sql = "select orders_status_id, orders_status_name" . " FROM " . TABLE_ORDERS_STATUS . " WHERE language_id = " . $_SESSION['languages_id'] . " ORDER BY orders_status_id";
    $status = xtc_db_query($status_sql);
    while ($status_values = xtc_db_fetch_array($status)) {
        $status_array[] = array('orders_status_id' => $status_values['orders_status_id'], 'orders_status_name' => $status_values['orders_status_name']);
    return $status_array;
function xtc_set_banner_status($banners_id, $status)
    if ($status == '1') {
        return xtc_db_query("update " . TABLE_BANNERS . " set status = '1', date_status_change = now(), date_scheduled = NULL where banners_id = '" . xtc_db_input((int) $banners_id) . "'");
    } elseif ($status == '0') {
        return xtc_db_query("update " . TABLE_BANNERS . " set status = '0', date_status_change = now() where banners_id = '" . xtc_db_input((int) $banners_id) . "'");
    } else {
        return -1;
예제 #26
 function _getAddressBookIso2($ab_id)
     $t_query = "SELECT c.countries_iso_code_2\n\t\t\t\t\t\t      FROM " . TABLE_ADDRESS_BOOK . " ab\n\t\t\t\t\t\t      JOIN " . TABLE_COUNTRIES . " c \n\t\t\t\t\t\t           ON c.countries_id = ab.entry_country_id\n\t\t\t\t\t\t     WHERE ab.address_book_id = '" . $ab_id . "'";
     $t_result = xtc_db_query($t_query, 'db_link', false);
     $iso2 = false;
     while ($t_row = xtc_db_fetch_array($t_result)) {
         $iso2 = $t_row['countries_iso_code_2'];
     return $iso2;
 * Check the attributes Stock
 * @param int $products_id
 * @param int $options_id
 * @param int $options_values_id
 * @param int $attributes_quantity
 * @return boolean true = in Stock | false = out of Stock
function xtc_check_stock_attributes($products_id, $options_id, $options_values_id, $attributes_quantity)
    $stock_query = xtc_db_query("\tSELECT\n\t\t\t\t\t\t\t\t\t\tattributes_stock\n\t\t\t\t\t\t\t\t\tFROM " . TABLE_PRODUCTS_ATTRIBUTES . "\n\t\t\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\t\t\tproducts_id = '" . (int) $products_id . "'\n\t\t\t\t\t\t\t\t\t\tAND options_id = '" . (int) $options_id . "'\n\t\t\t\t\t\t\t\t\t\tAND options_values_id = '" . (int) $options_values_id . "';");
    $stock_data = xtc_db_fetch_array($stock_query);
    $stock_left = $stock_data['attributes_stock'] - $attributes_quantity;
    if ($stock_left >= 0) {
        return true;
    return false;
function xtc_get_address_format_id($country_id)
    $address_format_query = xtc_db_query("select address_format_id as format_id from " . TABLE_COUNTRIES . " where countries_id = '" . xtc_db_input((int) $country_id) . "'");
    if (xtc_db_num_rows($address_format_query)) {
        $address_format = xtc_db_fetch_array($address_format_query);
        return $address_format['format_id'];
    } else {
        return '1';
function xtc_activate_banners()
    $banners_query = xtc_db_query("select banners_id, date_scheduled from " . TABLE_BANNERS . " where date_scheduled != ''");
    if (xtc_db_num_rows($banners_query)) {
        while ($banners = xtc_db_fetch_array($banners_query)) {
            if (date('Y-m-d H:i:s') >= $banners['date_scheduled']) {
                xtc_set_banner_status($banners['banners_id'], '1');
function xtc_banner_exists($action, $identifier)
    if ($action == 'dynamic') {
        return xtc_random_select("select banners_id, banners_title, banners_image, banners_html_text from " . TABLE_BANNERS . " where status = '1' and banners_group = '" . xtc_db_input($identifier) . "'");
    } elseif ($action == 'static') {
        $banner_query = xtc_db_query("select banners_id, banners_title, banners_image, banners_html_text from " . TABLE_BANNERS . " where status = '1' and banners_id = '" . xtc_db_input($identifier) . "'");
        return xtc_db_fetch_array($banner_query);
    } else {
        return false;