/** * Updates a Vendor Category * * @param array $d * @return boolean */ function update(&$d) { $db = new ps_DB(); if (!$this->validate_update($d)) { return False; } $fields = array('vendor_category_name' => $d["vendor_category_name"], 'vendor_category_desc' => $d["vendor_category_desc"]); $db->buildQuery('UPDATE', '#__{vm}_vendor_category', $fields, ' WHERE vendor_category_id=' . (int) $d["vendor_category_id"]); $res = $db->query(); if ($res !== false) { $GLOBALS['vmLogger']->info('The Vendor Category has been updated.'); return true; } $GLOBALS['vmLogger']->err('Failed to update the Vendor Category.'); return false; }
/** * updates Parameter information * @author Zdenek Dvorak * @param array $d * @return boolean */ function update_parameter(&$d) { $db = new ps_DB(); if ($this->validate_update_parameter($d)) { if ($d["parameter_old_type"] == "B") { // delete record and call add_parameter() $q = "DELETE FROM #__{vm}_product_type_parameter WHERE product_type_id='" . $d["product_type_id"] . "' "; $q .= "AND parameter_name='" . $db->getEscaped(vmGet($d, 'parameter_name')) . "'"; $db->setQuery($q); $db->query(); return $this->add_parameter($d); } // added for custom parameter modification // strips the trailing semi-colon from an values if (';' == substr($d["parameter_values"], strlen($d["parameter_values"]) - 1, 1)) { $d["parameter_values"] = substr($d["parameter_values"], 0, strlen($d["parameter_values"]) - 1); } if (empty($d["parameter_multiselect"])) { $d["parameter_multiselect"] = "N"; } // delete "\n" from field parameter_description $d["parameter_description"] = str_replace("\r\n", "", $d["parameter_description"]); $d["parameter_description"] = str_replace("\n", "", $d["parameter_description"]); $fields = array('parameter_name' => vmGet($d, 'parameter_name'), 'parameter_label' => vmGet($d, 'parameter_label'), 'parameter_description' => vmGet($d, 'parameter_description'), 'parameter_list_order' => vmRequest::getInt('list_order'), 'parameter_type' => vmGet($d, 'parameter_type'), 'parameter_values' => vmGet($d, 'parameter_values'), 'parameter_multiselect' => vmGet($d, 'parameter_multiselect'), 'parameter_default' => vmGet($d, 'parameter_default'), 'parameter_unit' => vmGet($d, 'parameter_unit')); $db->buildQuery('UPDATE', '#__{vm}_product_type_parameter', $fields, "WHERE `product_type_id`='" . $d["product_type_id"] . "' AND `parameter_name`='" . $db->getEscaped(vmGet($d, 'parameter_old_name')) . "'"); $db->query(); /* Re-Order the Parameter table IF the list_order has been changed */ if (intval($d['list_order']) != intval($d['currentpos'])) { $dbu = new ps_DB(); /* Moved UP in the list order */ if (intval($d['list_order']) < intval($d['currentpos'])) { $q = "SELECT product_type_id,parameter_name FROM #__{vm}_product_type_parameter WHERE "; $q .= "product_type_id=' " . $d["product_type_id"]; $q .= "' AND parameter_name <> '" . $db->getEscaped(vmGet($d, 'parameter_name')); $q .= "' AND parameter_list_order >= '" . intval($d["list_order"]) . "'"; $db->query($q); while ($db->next_record()) { $dbu->query("UPDATE #__{vm}_product_type_parameter SET parameter_list_order=parameter_list_order+1 WHERE product_type_id='" . $db->f("product_type_id") . "' AND parameter_name='" . $db->f("parameter_name") . "'"); } } else { $q = "SELECT product_type_id,parameter_name FROM #__{vm}_product_type_parameter WHERE "; $q .= "product_type_id='" . $d["product_type_id"]; $q .= "' AND parameter_name <> '" . $db->getEscaped(vmGet($d, 'parameter_name')); $q .= "' AND parameter_list_order > '" . intval($d["currentpos"]); $q .= "' AND parameter_list_order <= '" . intval($d["list_order"]) . "'"; $db->query($q); while ($db->next_record()) { $dbu->query("UPDATE #__{vm}_product_type_parameter SET parameter_list_order=parameter_list_order-1 WHERE product_type_id='" . $db->f("product_type_id") . "' AND parameter_name='" . $db->f("parameter_name") . "'"); } } } /* END Re-Ordering */ if ($d["parameter_type"] != "B") { // != Break Line // Delete old index $q = "ALTER TABLE `#__{vm}_product_type_"; $q .= $d["product_type_id"] . "` DROP INDEX `idx_product_type_" . $d["product_type_id"] . "_"; $q .= $db->getEscaped(vmGet($d, 'parameter_old_name')) . "`;"; $db->setQuery($q); $db->query(); // Update column in table product_type_<id> $q = "ALTER TABLE `#__{vm}_product_type_"; $q .= $d["product_type_id"] . "` CHANGE `"; $q .= $db->getEscaped(vmGet($d, 'parameter_old_name')) . "` `"; $q .= $db->getEscaped(vmGet($d, 'parameter_name')) . "` "; switch ($d["parameter_type"]) { case "I": $q .= "int(11) "; break; // Integer // Integer case "T": $q .= "text "; break; // Text // Text case "S": $q .= "varchar(255) "; break; // Short Text // Short Text case "F": $q .= "float "; break; // Float // Float case "C": $q .= "char(1) "; break; // Char // Char case "D": $q .= "datetime "; break; // Date & Time // Date & Time case "A": $q .= "date "; break; // Date // Date case "V": $q .= "varchar(255) "; break; // Multiple Value // Multiple Value case "M": $q .= "time "; break; // Time // Time default: $q .= "varchar(255) "; // Default type Short Text } if ($d["parameter_default"] != "" && $d["parameter_type"] != "T") { $q .= "DEFAULT '" . $db->getEscaped(vmGet($d, 'parameter_default')) . "' NOT NULL;"; } $db->setQuery($q); $db->query(); // Make index for this column if ($d["parameter_type"] == "T") { $q = "ALTER TABLE `#__{vm}_product_type_"; $q .= $d["product_type_id"] . "` ADD FULLTEXT `idx_product_type_" . $d["product_type_id"] . "_"; $q .= $d["parameter_name"] . "` (`" . $db->getEscaped(vmGet($d, 'parameter_name')) . "`);"; $db->setQuery($q); $db->query(); } else { $q = "ALTER TABLE `#__{vm}_product_type_"; $q .= $d["product_type_id"] . "` ADD KEY `idx_product_type_" . $d["product_type_id"] . "_"; $q .= $db->getEscaped(vmGet($d, 'parameter_name')) . "` (`" . $db->getEscaped(vmGet($d, 'parameter_name')) . "`);"; $db->setQuery($q); $db->query(); } } return True; } else { return False; } }
/** * Updates a Vendor (and the Store) Record * * @param array $d * @return boolean */ function update(&$d) { global $vendor_currency, $VM_LANG; $db = new ps_DB(); $timestamp = time(); if (!$this->validate_update($d)) { return False; } if (!vmImageTools::process_images($d)) { return false; } foreach ($d as $key => $value) { if (!is_array($value)) { $d[$key] = addslashes($value); } } $d['display_style'][1] = ps_vendor::checkCurrencySymbol($d['display_style'][1]); $d['display_style'] = implode("|", $d['display_style']); if (empty($d['vendor_accepted_currencies'])) { $d['vendor_accepted_currencies'] = array($vendor_currency); } $fields = array('vendor_name' => $d["vendor_name"], 'contact_last_name' => $d["contact_last_name"], 'contact_first_name' => $d["contact_first_name"], 'contact_middle_name' => $d["contact_middle_name"], 'contact_title' => $d["contact_title"], 'contact_phone_1' => $d["contact_phone_1"], 'contact_phone_2' => $d["contact_phone_2"], 'contact_fax' => $d["contact_fax"], 'contact_email' => $d["contact_email"], 'vendor_phone' => $d["vendor_phone"], 'vendor_address_1' => $d["vendor_address_1"], 'vendor_address_2' => $d["vendor_address_2"], 'vendor_city' => $d["vendor_city"], 'vendor_state' => $d["vendor_state"], 'vendor_country' => $d["vendor_country"], 'vendor_zip' => $d["vendor_zip"], 'vendor_store_name' => $d["vendor_store_name"], 'vendor_store_desc' => $d["vendor_store_desc"], 'vendor_thumb_image' => $d["vendor_thumb_image"], 'vendor_full_image' => $d["vendor_full_image"], 'vendor_currency' => $d["vendor_currency"], 'vendor_url' => $d["vendor_url"], 'mdate' => $timestamp, 'vendor_terms_of_service' => $d["vendor_terms_of_service"], 'vendor_min_pov' => $d["vendor_min_pov"], 'vendor_currency_display_style' => $d["display_style"], 'vendor_freeshipping' => $d['vendor_freeshipping'], 'vendor_accepted_currencies' => implode(',', $d['vendor_accepted_currencies']), 'vendor_address_format' => $d['vendor_address_format'], 'vendor_date_format' => $d['vendor_date_format']); if (!empty($d["vendor_category_id"])) { $fields['vendor_category_id'] = $d["vendor_category_id"]; } if (!empty($d["vendor_image_path"])) { $fields['vendor_image_path'] = $d["vendor_image_path"]; } $db->buildQuery('UPDATE', '#__{vm}_vendor', $fields, 'WHERE vendor_id = ' . $d["vendor_id"]); $db->query(); if ($d['vendor_id'] == 1) { $GLOBALS['vmLogger']->info($VM_LANG->_('VM_STORE_UPDATED')); } else { $GLOBALS['vmLogger']->info($VM_LANG->_('VM_VENDOR_UPDATED')); } return True; }
/** * update export module * @param array * @return bool * @author Manfred Dennerlein */ function update(&$d) { global $vmLogger, $VM_LANG; $db = new ps_DB(); $ps_vendor_id = $_SESSION['ps_vendor_id']; $timestamp = time(); if (!$this->validate_update($d)) { return False; } if (!empty($d['export_class'])) { $export_class = basename($d['export_class']); if (include_once CLASSPATH . 'export/' . $export_class . '.php') { $_EXPORT = new $export_class(); } } else { include_once CLASSPATH . 'export/ps_xmlexport.php'; $_EXPORT = new ps_xmlexport(); } if ($_EXPORT->configfile_writeable()) { $_EXPORT->write_configuration($d); $vmLogger->info($VM_LANG->_('VM_CONFIGURATION_CHANGE_SUCCESS', false)); } else { $vmLogger->err(sprintf($VM_LANG->_('VM_CONFIGURATION_CHANGE_FAILURE', false), CLASSPATH . "export/" . $_EXPORT->classname . ".cfg.php")); return false; } $fields = array('export_enabled' => $d['export_enabled'], 'export_config' => $d['export_config']); if (!$d['iscore']) { $fields['export_name'] = $d['export_name']; $fields['export_desc'] = $d['export_desc']; $fields['export_class'] = $d['export_class']; } $db->buildQuery('INSERT', '#__{vm}_export', $fields, 'WHERE export_id=' . (int) $d['export_id'] . " AND vendor_id='{$ps_vendor_id}'"); return $db->query() !== false; }
/** * Updates an Order Status * * @param array $d * @return boolean */ function update(&$d) { global $VM_LANG; $db = new ps_DB(); $ps_vendor_id = $_SESSION["ps_vendor_id"]; if (!$this->validate_update($d)) { return False; } $fields = array('order_status_code' => vmGet($d, 'order_status_code'), 'order_status_name' => vmGet($d, 'order_status_name'), 'order_status_description' => vmGet($d, 'order_status_description'), 'list_order' => vmRequest::getInt('list_order')); $db->buildQuery('UPDATE', $this->_table_name, $fields, "WHERE order_status_id=" . (int) $d["order_status_id"] . " AND vendor_id={$ps_vendor_id}"); if ($db->query() !== false) { $GLOBALS['vmLogger']->info($VM_LANG->_('VM_ORDERSTATUS_UPDATED')); return true; } return false; }
/** * Updates a given Credit Card Record * * @param array $d * @return boolean */ function update(&$d) { global $VM_LANG; $db = new ps_DB(); $timestamp = time(); if (!$this->validate_update($d)) { $d["error"] = $this->error; return False; } $fields = array('vendor_id' => $_SESSION["ps_vendor_id"], 'creditcard_name' => vmGet($d, 'creditcard_name'), 'creditcard_code' => vmGet($d, 'creditcard_code')); $db->buildQuery('UPDATE', '#__{vm}_creditcard', $fields, 'WHERE creditcard_id=' . (int) $d["creditcard_id"]); if ($db->query()) { $GLOBALS['vmLogger']->info($VM_LANG->_('VM_CREDITCARD_UPDATED')); $_REQUEST['creditcard_id'] = $db->last_insert_id(); return true; } return false; }
/** * Updates an attribute record * * @param array $d * @return boolean True when successful, false when not */ function update(&$d) { global $VM_LANG; if (!$this->validate($d)) { return false; } $db = new ps_DB(); $fields = array('attribute_name' => $d["attribute_name"], 'attribute_list' => $d["attribute_list"]); $db->buildQuery('UPDATE', '#__{vm}_product_attribute_sku', $fields, "WHERE product_id='" . (int) $d["product_id"] . "' AND attribute_name='" . $db->getEscaped($d["old_attribute_name"]) . "'"); if ($db->query() === false) { $GLOBALS['vmLogger']->err($VM_LANG->_('VM_PRODUCT_ATTRIBUTE_ERR_UPDATING')); return false; } if ($d["old_attribute_name"] != $d["attribute_name"]) { $ps_product = new ps_product(); $child_pid = $ps_product->get_child_product_ids($d["product_id"]); for ($i = 0; $i < count($child_pid); $i++) { $fields = array('attribute_name' => $d["attribute_name"]); $db->buildQuery('UPDATE', '#__{vm}_product_attribute', $fields, "WHERE product_id='" . $child_pid[$i] . "' AND attribute_name='" . $db->getEscaped($d["old_attribute_name"]) . "' "); $db->query(); } } $GLOBALS['vmLogger']->info($VM_LANG->_('VM_PRODUCT_ATTRIBUTE_UPDATED')); return true; }
/** * updates discount information * * @param array $d * @return boolean */ function update(&$d) { global $VM_LANG; $db = new ps_DB(); if (!empty($d["start_date"])) { $day = substr($d["start_date"], 8, 2); $month = substr($d["start_date"], 5, 2); $year = substr($d["start_date"], 0, 4); $d["start_date"] = mktime(0, 0, 0, $month, $day, $year); } else { $d["start_date"] = ""; } if (!empty($d["end_date"])) { $day = substr($d["end_date"], 8, 2); $month = substr($d["end_date"], 5, 2); $year = substr($d["end_date"], 0, 4); $d["end_date"] = mktime(0, 0, 0, $month, $day, $year); } else { $d["end_date"] = ""; } if (!$this->validate_update($d)) { return False; } $fields = array('amount' => (double) vmGet($d, 'amount'), 'is_percent' => (int) vmGet($d, 'is_percent'), 'start_date' => $d["start_date"], 'end_date' => $d["end_date"]); $db->buildQuery('UPDATE', '#__{vm}_product_discount', $fields, 'WHERE discount_id=' . (int) $d["discount_id"]); $db->query(); $GLOBALS['vmLogger']->info($VM_LANG->_('VM_PRODUCT_DISCOUNT_UPDATED')); return True; }
/** * Sorts ALL categories in the store alphabetically * This is VERY recursive... * @author soeren * * @param int $category_id * @param int $level */ function sort_alphabetically($category_id = 0, $level = 0) { static $ibg = 0; $ps_vendor_id = $_SESSION["ps_vendor_id"]; $db = new ps_DB(); $level++; $q = "SELECT `c`.`category_id`, `cx`.`category_child_id`, `cx`.`category_parent_id` as cpid \n\t\t\t\tFROM `#__{vm}_category` as `c`,`#__{vm}_category_xref` as `cx` "; $q .= "WHERE `c`.`category_id`=`cx`.`category_child_id` AND `cx`.`category_parent_id`={$category_id} "; $q .= "AND `c`.`vendor_id`={$ps_vendor_id} "; $q .= "ORDER BY `category_name` ASC "; $db->query($q); $i = 1; while ($db->next_record()) { // Update the categories in this level $fields = array('category_list' => $i); $dbu = new ps_DB(); $dbu->buildQuery('UPDATE', '#__{vm}_category_xref', $fields, 'WHERE `category_child_id`=' . $db->f('category_child_id')); $dbu->query(); $fields = array('list_order' => $i); $dbu->buildQuery('UPDATE', '#__{vm}_category', $fields, 'WHERE `category_id`=' . $db->f('category_child_id')); $dbu->query(); // Traverse the tree down $this->sort_alphabetically($db->f('category_child_id'), $level); $i++; } }
/** * updates manufacturer information * * @param array $d * @return boolean */ function update(&$d) { global $VM_LANG; $db = new ps_DB(); if (!$this->validate_update($d)) { return False; } $fields = array('mf_name' => vmGet($d, 'mf_name'), 'mf_email' => vmGet($d, 'mf_email'), 'mf_desc' => vmGet($d, 'mf_desc', '', VMREQUEST_ALLOWHTML), 'mf_category_id' => vmRequest::getInt('mf_category_id'), 'mf_url' => vmGet($d, 'mf_url')); $db->buildQuery('UPDATE', '#__{vm}_manufacturer', $fields, 'WHERE manufacturer_id=' . (int) $d["manufacturer_id"]); if ($db->query()) { $GLOBALS['vmLogger']->info($VM_LANG->_('VM_MANUF_UPDATED')); return true; } return false; }
/** * Inserts or Updates the user information * * @param array $user_info * @param int $user_id */ function setUserInfo($user_info, $user_id = 0) { $db = new ps_DB(); if (empty($user_id)) { // INSERT NEW USER $db->buildQuery('INSERT', '#__{vm}_user_info', $user_info); // Run the query now! $db->query(); } else { // UPDATE EXISTING USER $db->buildQuery('UPDATE', '#__{vm}_user_info', $user_info, 'WHERE `user_id`=' . $user_id); // Run the query now! $db->query(); } }
/** * Updates a product price * * @param array $d * @return boolean */ function update(&$d) { global $vmLogger, $VM_LANG; if (!$this->validate($d)) { return false; } if ($d["product_price"] === '') { return $this->delete($d); } $timestamp = time(); $db = new ps_DB(); if (empty($d["product_price_vdate"])) { $d["product_price_vdate"] = ''; } if (empty($d["product_price_edate"])) { $d["product_price_edate"] = ''; } $fields = array('shopper_group_id' => vmRequest::getInt('shopper_group_id'), 'product_price' => vmRequest::getFloat('product_price'), 'product_currency' => vmGet($d, 'product_currency'), 'product_price_vdate' => vmGet($d, 'product_price_vdate'), 'product_price_edate' => vmGet($d, 'product_price_edate'), 'mdate' => $timestamp, 'price_quantity_start' => vmRequest::getInt('price_quantity_start'), 'price_quantity_end' => vmRequest::getInt('price_quantity_end')); $db = new ps_DB(); $db->buildQuery('UPDATE', '#__{vm}_product_price', $fields, 'WHERE product_price_id=' . (int) $d["product_price_id"]); if ($db->query() !== false) { $vmLogger->info($VM_LANG->_('VM_PRODUCT_PRICE_UPDATED', false)); return true; } $vmLogger->err($VM_LANG->_('VM_PRODUCT_PRICE_UPDATING_FAILED', false)); return false; }
function changeOrdering($table, $name, $k, $entity_name, $where = '', $table2_name = '') { global $db, $vmLogger; if (strtolower(@$_REQUEST['task']) == 'saveorder') { $i = 0; foreach ($_REQUEST[$k] as $item) { $sql = "UPDATE `{$table}` SET `{$name}` =" . intval($_REQUEST['order'][$i]) . " WHERE `{$k}`=" . intval($item); $sql .= $where ? "\n\tAND {$where}" : ''; $db->query($sql); $i++; } $this->fixOrdering($table, $name, $k, $where); } elseif (strtolower(@$_REQUEST['task']) == 'sort_alphabetically') { $select_where = $where; $q = 'SELECT `' . $name . '`, `' . $table . '`.`' . $k . '`, `' . $entity_name . '` FROM `' . $table . '`'; if ($table2_name != '') { $q .= $table2_name != '' ? ',`' . $table2_name . '`' : ''; $select_where = $where . "\n AND `{$table}`.`{$k}`=`{$table2_name}`.`{$k}`"; } $q .= ' WHERE ' . $select_where . ' ORDER BY `' . $entity_name . '`'; $db->query($q); $i = 1; $dbu = new ps_DB(); while ($db->next_record()) { $fields = array($name => $i); $where_query = "WHERE `{$k}`=" . intval($db->f($k)); $where_query .= $where ? "\n\tAND {$where}" : ''; $dbu->buildQuery('UPDATE', $table, $fields, $where_query); //echo $dbu->_sql; $dbu->query(); $i++; } } else { $item = intval($_REQUEST[$k][0]); $db->query("SELECT `{$name}` FROM `{$table}` WHERE `{$k}`={$item}"); $db->next_record(); $this->{$name} = $db->f($name); $this->{$k} = $item; $sql = "SELECT {$k}, {$name} FROM `{$table}`"; if ($_REQUEST['task'] == 'orderup') { $sql .= "\n WHERE `{$name}` < " . intval($this->{$name}); $sql .= $where ? "\n\tAND {$where}" : ''; $sql .= "\n ORDER BY `{$name}` DESC"; $sql .= "\n LIMIT 1"; } elseif ($_REQUEST['task'] == 'orderdown') { $sql .= "\n WHERE `{$name}` > " . intval($this->{$name}); $sql .= $where ? "\n\tAND {$where}" : ''; $sql .= "\n ORDER BY `{$name}`"; $sql .= "\n LIMIT 1"; } else { $sql .= "\nWHERE `{$name}` = " . intval($this->{$name}); $sql .= $where ? "\n AND {$where}" : ''; $sql .= "\n ORDER BY `{$name}`"; $sql .= "\n LIMIT 1"; } $db->query($sql); //echo 'A: ' . $db->_database->_sql; if ($db->next_record()) { $field_value = $db->f($name); $field_key_value = $db->f($k); $query = "UPDATE `{$table}`" . "\n SET `{$name}` = '" . $field_value . "'" . "\n WHERE `{$k}` = '" . $this->{$k} . "'"; $db->setQuery($query); if (!$db->query()) { $err = $db->getErrorMsg(); //die( $err ); } //echo 'B: ' . $db->getQuery(); $query = "UPDATE `{$table}`" . "\n SET `{$name}` = '" . $this->{$name} . "'" . "\n WHERE `{$k}` = '" . $field_key_value . "'"; $db->setQuery($query); //echo 'C: ' . $db->getQuery(); if (!$db->query()) { $err = $db->getErrorMsg(); //die( $err ); } $this->{$name} = $field_value; } else { $query = "UPDATE `{$table}`" . "\n SET `{$name}` = '" . $this->{$name} . "'" . "\n WHERE `{$k}`= '" . $this->{$k} . "'"; $db->setQuery($query); //echo 'D: ' . $db->getQuery(); if (!$db->query()) { $err = $db->getErrorMsg(); //die( $err ); } } } return true; }
function update_permissions(&$d) { $db = new ps_DB(); $i = 0; foreach ($d['module_perms'] as $module) { $modules = implode(',', array_keys($module)); $module_id = (int) $d['module_id'][$i]; $db->buildQuery('UPDATE', '#__{vm}_module', array('module_perms' => $modules), 'WHERE module_id=' . $module_id); $db->query(); $i++; } return true; }
function saveField(&$d) { global $my, $mosConfig_live_site, $VM_LANG; $db = new ps_DB(); if ($d['type'] == 'webaddress') { $d['rows'] = $d['webaddresstypes']; if (!($d['rows'] == 0 || $d['rows'] == 2)) { $d['rows'] = 0; } } $d['name'] = str_replace(" ", "", strtolower($d['name'])); if (!$this->validateOnSave($d)) { return false; } // Prevent unpublishing and renaming of IMPORTANT Fields like "email", "username", "password",... $fieldObj = $this->get($d['fieldid']); if ($fieldObj !== false) { if (in_array($fieldObj->f('name'), $this->getSkipFields())) { $d['name'] = $fieldObj->f('name'); $d['required'] = $fieldObj->f('required'); $d['published'] = $fieldObj->f('published'); } } $fields = array('name' => vmGet($d, 'name'), 'title' => vmGet($d, 'title'), 'description' => vmGet($d, 'description'), 'type' => vmGet($d, 'type'), 'maxlength' => vmGet($d, 'maxlength'), 'size' => vmGet($d, 'size'), 'required' => vmGet($d, 'required'), 'ordering' => vmGet($d, 'ordering'), 'cols' => vmGet($d, 'cols'), 'rows' => vmGet($d, 'rows'), 'value' => vmGet($d, 'value'), 'default' => vmGet($d, 'default'), 'published' => vmGet($d, 'published'), 'registration' => vmGet($d, 'registration'), 'shipping' => vmGet($d, 'shipping'), 'account' => vmGet($d, 'account'), 'readonly' => vmGet($d, 'readonly'), 'calculated' => vmGet($d, 'calculated'), 'params' => vmGet($d, 'params'), 'vendor_id' => vmGet($_SESSION, 'ps_vendor_id', 1)); if (!empty($d['fieldid'])) { // existing record $db->buildQuery('UPDATE', '#__{vm}_userfield', $fields, 'WHERE `fieldid` =' . intval($d['fieldid'])); $db->query(); if ($d['type'] != 'delimiter') { $this->changeColumn($d['name'], $d['cType'], 'update'); } } else { // add a new record $sql = "SELECT MAX(ordering) as max FROM #__{vm}_userfield"; $db->query($sql); $db->next_record(); $d['ordering'] = $db->f('max') + 1; $db->buildQuery('INSERT', '#__{vm}_userfield', $fields); $db->query(); $_REQUEST['fieldid'] = $db->last_insert_id(); if ($d['type'] != 'delimiter') { $this->changeColumn($d['name'], $d['cType'], 'add'); } } $fieldNames = vmGet($d, 'vNames', array()); $fieldValues = vmGet($d, 'vValues', array()); $j = 1; if (!empty($d['fieldid'])) { $db->query("DELETE FROM #__{vm}_userfield_values" . " WHERE fieldid=" . (int) $d['fieldid'] . ' LIMIT 1'); } else { $db->query("SELECT MAX(fieldid) as max FROM `#__{vm}_userfield`"); $maxID = $db->loadResult(); $d['fieldid'] = $maxID; } $n = count($fieldNames); for ($i = 0; $i < $n; $i++) { if (trim($fieldNames[$i]) != null || trim($fieldNames[$i]) != '') { $fields = array('fieldid' => (int) $d['fieldid'], 'fieldtitle' => htmlspecialchars($fieldNames[$i]), 'fieldvalue' => htmlspecialchars($fieldValues[$i]), 'ordering' => $j); $db->buildQuery('INSERT', '#__{vm}_userfield_values', $fields); $db->query(); $j++; } } $GLOBALS['vmLogger']->info($VM_LANG->_('VM_USERFIELD_SAVED')); return true; }
/** * Function to update a Shopper Entry * (uses who have perms='shopper') */ function update(&$d) { global $my, $perm, $sess, $vmLogger, $page; $auth = $_SESSION['auth']; $db = new ps_DB(); if (@$d["user_id"] != $my->id && @$d["user_id"] != $auth['user_id'] && $auth["perms"] != "admin") { $vmLogger->crit("Tricky tricky, but we know about this one."); return False; } require_once CLASSPATH . 'ps_user.php'; if (!empty($d['username'])) { $_POST['username'] = $d['username']; } else { $_POST['username'] = $my->username; } $_POST['name'] = $d['first_name'] . " " . $d['last_name']; $_POST['id'] = $auth["user_id"]; $_POST['gid'] = $my->gid; $d['error'] = ""; if (VM_REGISTRATION_TYPE != 'NO_REGISTRATION') { ps_user::saveUser($d); } if (!empty($d['error'])) { return false; } if (!$this->validate_update($d)) { return false; } $user_id = $auth["user_id"]; /* Update Bill To */ // Get all fields which where shown to the user $userFields = ps_userfield::getUserFields('account', false, '', true); $skip_fields = ps_userfield::getSkipFields(); $fields = array('mdate' => time()); foreach ($userFields as $userField) { if (!in_array($userField->name, $skip_fields)) { $fields[$userField->name] = ps_userfield::prepareFieldDataSave($userField->type, $userField->name, vmGet($d, $userField->name, strtoupper($userField->name))); } } $fields['user_email'] = $fields['email']; unset($fields['email']); $db->buildQuery('UPDATE', '#__{vm}_user_info', $fields, " WHERE user_id=" . $user_id . " AND address_type='BT'"); // Run the query! $db->query(); // UPDATE #__{vm}_shopper group relationship $q = "SELECT shopper_group_id FROM #__{vm}_shopper_vendor_xref "; $q .= "WHERE user_id = '" . $user_id . "'"; $db->query($q); if (!$db->num_rows()) { //add $shopper_db = new ps_DB(); // get the default shopper group $q = "SELECT shopper_group_id from #__{vm}_shopper_group WHERE "; $q .= "`default`='1'"; $shopper_db->query($q); if (!$shopper_db->num_rows()) { // when there is no "default", take the first in the table $q = "SELECT shopper_group_id from #__{vm}_shopper_group"; $shopper_db->query($q); } $shopper_db->next_record(); $my_shopper_group_id = $shopper_db->f("shopper_group_id"); if (empty($d['customer_number'])) { $d['customer_number'] = ""; } $q = "INSERT INTO #__{vm}_shopper_vendor_xref "; $q .= "(user_id,vendor_id,shopper_group_id) "; $q .= "VALUES ('"; $q .= $_SESSION['auth']['user_id'] . "','"; $q .= $_SESSION['ps_vendor_id'] . "','"; $q .= $my_shopper_group_id . "')"; $db->query($q); } $q = "SELECT user_id FROM #__{vm}_auth_user_vendor "; $q .= "WHERE user_id = '" . $_SESSION['auth']['user_id'] . "'"; $db->query($q); if (!$db->num_rows()) { // Insert vendor relationship $q = "INSERT INTO #__{vm}_auth_user_vendor (user_id,vendor_id)"; $q .= " VALUES "; $q .= "('" . $_SESSION['auth']['user_id'] . "','"; $q .= $_SESSION['ps_vendor_id'] . "') "; $db->query($q); } return True; }
/** * Checks to see if the incoming address from paypal express checkout is already added * If the address is not added, then it adds the address to the ship to of the user's account * @param &$auth * @return false on failure */ function checkAddress(&$auth) { global $vmLogger, $VM_LANG; /* Select all the ship to information for this user id and * order by modification date; most recently changed to oldest */ if ($auth['user_id']) { $db = new ps_DB(); $q = "SELECT * from #__{vm}_user_info WHERE "; $q .= "user_id=" . (int) $auth['user_id'] . ' '; $q .= "AND address_type='BT'"; $db->query($q); $db->next_record(); // check if an alternative shipping address was returned from PayPal if ($_SESSION['ppex_userdata']['address_1'] != $db->f("address_1") || $_SESSION['ppex_userdata']['city'] != $db->f("city")) { $q = "SELECT * FROM #__{vm}_user_info i "; $q .= "INNER JOIN #__{vm}_country c ON (i.country=c.country_3_code) "; $q .= "LEFT JOIN #__{vm}_state s ON (i.state=s.state_2_code AND s.country_id=c.country_id) "; $q .= "WHERE user_id =" . (int) $auth['user_id'] . ' '; $q .= "AND address_type = 'ST' "; $q .= "ORDER by address_type_name, mdate DESC"; $db->query($q); $add_address = true; if ($db->num_rows() > 0) { while ($db->next_record()) { if ($_SESSION['ppex_userdata']['address_1'] == $db->f("address_1") && $_SESSION['ppex_userdata']['city'] == $db->f("city")) { $add_address = false; break; } } } // Add the new shipping address if not yet available if ($add_address) { $fields = array('address_type' => 'ST', 'address_type_name' => $_SESSION['ppex_userdata']['address_1'] . ', ' . $_SESSION['ppex_userdata']['city'], 'company' => $_SESSION['ppex_userdata']['company'], 'address_1' => $_SESSION['ppex_userdata']['address_1'], 'address_2' => vmget($_SESSION['ppex_userdata'], 'address_2'), 'city' => $_SESSION['ppex_userdata']['city'], 'zip' => $_SESSION['ppex_userdata']['zip'], 'country' => $_SESSION['ppex_userdata']['country'], 'state' => $_SESSION['ppex_userdata']['state']); if (!empty($_SESSION['ppex_userdata']['shiptoname'])) { $fields['first_name'] = $_SESSION['ppex_userdata']['shiptoname']; $fields['last_name'] = ''; } else { $fields['first_name'] = $_SESSION['ppex_userdata']['first_name']; $fields['last_name'] = $_SESSION['ppex_userdata']['last_name']; } $fields['user_id'] = $_SESSION['auth']['user_id']; $fields['user_info_id'] = md5(uniqid($_SESSION['ppex_userdata']['payer_id'])); $fields['address_type'] = 'ST'; $timestamp = time(); $fields['cdate'] = $timestamp; $fields['mdate'] = $timestamp; $db->buildQuery('INSERT', '#__{vm}_user_info', $fields); if ($db->query() === false) { $vmLogger->err($VM_LANG->_('VM_USERADDRESS_ADD_FAILED')); return false; } $vmLogger->info($VM_LANG->_('VM_USERADDRESS_ADDED')); } } } }
/** * This function inserts the DOWNLOAD IDs for all files associated with this product * so the customer can later download the purchased files * @static * @since 1.1.0 * @param int $product_id * @param int $order_id * @param int $user_id */ function insert_downloads_for_product(&$d) { $db = new ps_DB(); $dbd = new ps_DB(); if (empty($d['product_id']) || empty($d['order_id'])) { return false; } $dl = "SELECT attribute_name,attribute_value "; $dl .= "FROM #__{vm}_product_attribute WHERE product_id='" . $d['product_id'] . "'"; $dl .= " AND attribute_name='download'"; $db->query($dl); $dlnum = 0; while ($db->next_record()) { $str = (int) $d['order_id']; $str .= $d['product_id']; $str .= uniqid('download_'); $str .= $dlnum++; $str .= time(); $download_id = md5($str); $fields = array('product_id' => $d['product_id'], 'user_id' => (int) $d['user_id'], 'order_id' => (int) $d['order_id'], 'end_date' => '0', 'download_max' => DOWNLOAD_MAX, 'download_id' => $download_id, 'file_name' => $db->f("attribute_value")); $dbd->buildQuery('INSERT', '#__{vm}_product_download', $fields); $dbd->query(); } }
function update(&$d) { global $VM_LANG, $vmLogger, $perm, $my, $mosConfig_offset; $db = new ps_DB(); $d["comment"] = trim($d["comment"]); if (strlen($d["comment"]) < VM_REVIEWS_MINIMUM_COMMENT_LENGTH) { $vmLogger->err(sprintf($VM_LANG->_('PHPSHOP_REVIEW_ERR_COMMENT1', false), VM_REVIEWS_MINIMUM_COMMENT_LENGTH)); return false; } if (strlen($d["comment"]) > VM_REVIEWS_MAXIMUM_COMMENT_LENGTH) { $vmLogger->err(sprintf($VM_LANG->_('PHPSHOP_REVIEW_ERR_COMMENT2', false), VM_REVIEWS_MAXIMUM_COMMENT_LENGTH)); return false; } $time = time() + $mosConfig_offset * 60 * 60; $db->query("SELECT user_rating FROM #__{vm}_product_reviews WHERE product_id='" . $d['product_id'] . "' AND userid=" . vmRequest::getInt('userid')); $db->next_record(); $previous_vote = $db->f("user_rating"); $fields = array('product_id' => $d['product_id'], 'userid' => vmRequest::getInt('userid'), 'comment' => vmGet($d, 'comment'), 'user_rating' => vmRequest::getInt('user_rating'), 'time' => $time); $db->buildQuery('REPLACE', '#__{vm}_product_reviews', $fields); $db->query(); $this->process_vote($d, $previous_vote); $vmLogger->info($VM_LANG->_('PHPSHOP_REVIEW_MODIFIED', false)); return true; }
/** * Updates a Currency Record * * @param array $d * @return boolean */ function update(&$d) { global $VM_LANG; $db = new ps_DB(); if (!$this->validate_update($d)) { return False; } $fields = array('currency_name' => vmGet($d, 'currency_name'), 'currency_code' => vmGet($d, 'currency_code')); $db->buildQuery('UPDATE', '#__{vm}_currency', $fields, 'WHERE currency_id=' . (int) $d["currency_id"]); if ($db->query()) { $GLOBALS['vmLogger']->info($VM_LANG->_('VM_CURRENCY_UPDATED')); return true; } return false; }
/** * Updates a state entry * * @param array $d * @return boolean */ function updateState(&$d) { $db = new ps_DB(); if (empty($d['state_id']) || empty($d['country_id'])) { $GLOBALS['vmLogger']->err('Please select a state or country for update!'); return False; } $fields = array('state_name' => vmGet($d, 'state_name'), 'country_id' => vmRequest::getInt('country_id'), 'state_2_code' => vmGet($d, 'state_2_code'), 'state_3_code' => vmGet($d, 'state_3_code')); $db->buildQuery('UPDATE', '#__{vm}_state', $fields, 'WHERE state_id=' . (int) $d["state_id"]); if ($db->query()) { $GLOBALS['vmLogger']->info('The state has been updated.'); return True; } return false; }
/** * updates Product Type information * @author Zdenek Dvorak * @param array $d * @return boolean */ function update(&$d) { $db = new ps_DB(); if ($this->validate_update($d)) { if (empty($d["product_type_publish"])) { $d["product_type_publish"] = "N"; } $fields = array('product_type_name' => vmGet($d, 'product_type_name'), 'product_type_description' => vmGet($d, 'product_type_description'), 'product_type_publish' => vmGet($d, 'product_type_publish'), 'product_type_browsepage' => vmGet($d, 'product_type_browsepage'), 'product_type_flypage' => vmGet($d, 'product_type_flypage'), 'product_type_list_order' => vmRequest::getInt('list_order')); $db->buildQuery('UPDATE', '#__{vm}_product_type', $fields, 'WHERE product_type_id=' . (int) $d["product_type_id"]); $db->query(); // Re-Order the Product Type table IF the list_order has been changed if (intval($d['list_order']) != intval($d['currentpos'])) { $dbu = new ps_DB(); /* Moved UP in the list order */ if (intval($d['list_order']) < intval($d['currentpos'])) { $q = "SELECT product_type_id FROM #__{vm}_product_type WHERE "; $q .= "product_type_id <> '" . $d["product_type_id"] . "' "; $q .= "AND product_type_list_order >= '" . intval($d["list_order"]) . "'"; $db->query($q); while ($db->next_record()) { $dbu->query("UPDATE #__{vm}_product_type SET product_type_list_order=product_type_list_order+1 WHERE product_type_id='" . $db->f("product_type_id") . "'"); } } else { $q = "SELECT product_type_id FROM #__{vm}_product_type WHERE "; $q .= "product_type_id <> '" . $d["product_type_id"] . "' "; $q .= "AND product_type_list_order > '" . intval($d["currentpos"]) . "'"; $q .= "AND product_type_list_order <= '" . intval($d["list_order"]) . "'"; $db->query($q); while ($db->next_record()) { $dbu->query("UPDATE #__{vm}_product_type SET product_type_list_order=product_type_list_order-1 WHERE product_type_id='" . $db->f("product_type_id") . "'"); } } } // END Re-Ordering return True; } else { return False; } }
/** * Updates an existing Shopper Group * * @param array $d * @return boolean */ function update($d) { global $perm, $VM_LANG; if ($perm->check("admin")) { $vendor_id = $d["vendor_id"]; } else { $vendor_id = $_SESSION["ps_vendor_id"]; } $db = new ps_DB(); $default = @$d["default"] == "1" ? "1" : "0"; if (!$this->validate_update($d)) { return false; } $fields = array('vendor_id' => $vendor_id, 'shopper_group_name' => $d["shopper_group_name"], 'shopper_group_desc' => $d["shopper_group_desc"], 'shopper_group_discount' => $d["shopper_group_discount"], 'show_price_including_tax' => $d["show_price_including_tax"], 'default' => $default); $db->buildQuery('UPDATE', '#__{vm}_shopper_group', $fields, 'WHERE shopper_group_id=' . (int) $d["shopper_group_id"]); if ($db->query()) { $GLOBALS['vmLogger']->info($VM_LANG->_('SHOPPER_GROUP_UPDATED')); if ($default == "1") { $q = "UPDATE #__{vm}_shopper_group "; $q .= "SET `default`=0 "; $q .= "WHERE shopper_group_id !=" . $d["shopper_group_id"]; $q .= " AND vendor_id ={$vendor_id}"; $db->query($q); $db->next_record(); } return true; } $GLOBALS['vmLogger']->err($VM_LANG->_('SHOPPER_GROUP_UPDATE_FAILED')); return false; }
/** * updates manufacturer information * * @param array $d * @return boolean */ function update(&$d) { global $VM_LANG; $db = new ps_DB(); $GLOBALS['vmInputFilter']->safeSQL($d); if (!$this->validate_update($d)) { return False; } $fields = array('mf_category_name' => vmGet($d, 'mf_category_name'), 'mf_category_desc' => vmGet($d, 'mf_category_desc')); $db->buildQuery('UPDATE', '#__{vm}_manufacturer_category', $fields, "WHERE mf_category_id=" . (int) $d["mf_category_id"]); if ($db->query() !== false) { $_REQUEST['mf_category_id'] = $db->last_insert_id(); $GLOBALS['vmLogger']->info($VM_LANG->_('VM_MANUF_CAT_UPDATED')); return True; } return false; }
/** * Function to update product $d['product_id'] in the product table * * @param array $d The input vars * @return boolean True, when the product was updated, false when not */ function update(&$d) { global $vmLogger, $perm, $VM_LANG; require_once CLASSPATH . 'ps_product_attribute.php'; if (!$this->validate($d)) { return false; } if (!vmImageTools::process_images($d)) { return false; } $timestamp = time(); $db = new ps_DB(); $ps_vendor_id = $_SESSION["ps_vendor_id"]; if ($perm->check('admin')) { $vendor_id = $d['vendor_id']; } else { $vendor_id = $ps_vendor_id; } $old_vendor_id = $this->get_field($d['product_id'], 'vendor_id'); // Insert into DB $fields = array('vendor_id' => $vendor_id, 'product_sku' => vmGet($d, 'product_sku'), 'product_name' => vmGet($d, 'product_name'), 'product_desc' => vmRequest::getVar('product_desc', '', 'default', '', VMREQUEST_ALLOWHTML), 'product_s_desc' => vmRequest::getVar('product_s_desc', '', 'default', '', VMREQUEST_ALLOWHTML), 'product_thumb_image' => vmGet($d, 'product_thumb_image'), 'product_full_image' => vmGet($d, 'product_full_image'), 'product_publish' => $d['product_publish'], 'product_weight' => vmRequest::getFloat('product_weight'), 'product_weight_uom' => vmGet($d, 'product_weight_uom'), 'product_length' => vmRequest::getFloat('product_length'), 'product_width' => vmRequest::getFloat('product_width'), 'product_height' => vmRequest::getFloat('product_height'), 'product_lwh_uom' => vmGet($d, 'product_lwh_uom'), 'product_unit' => vmGet($d, 'product_unit'), 'product_packaging' => $d["product_box"] << 16 | $d["product_packaging"] & 0xffff, 'product_url' => vmGet($d, 'product_url'), 'product_in_stock' => vmRequest::getInt('product_in_stock'), 'attribute' => ps_product_attribute::formatAttributeX(), 'custom_attribute' => vmGet($d, 'product_custom_attribute'), 'product_available_date' => $d['product_available_date_timestamp'], 'product_availability' => vmGet($d, 'product_availability'), 'product_special' => $d['product_special'], 'child_options' => $d['child_options'], 'quantity_options' => $d['quantity_options'], 'product_discount_id' => vmRequest::getInt('product_discount_id'), 'mdate' => $timestamp, 'product_tax_id' => vmRequest::getInt('product_tax_id'), 'child_option_ids' => vmGet($d, 'included_product_id'), 'product_order_levels' => $d['order_levels']); $db->buildQuery('UPDATE', '#__{vm}_product', $fields, 'WHERE product_id=' . (int) $d["product_id"] . ' AND vendor_id=' . (int) $old_vendor_id); $db->query(); /* notify the shoppers that the product is here */ /* see zw_waiting_list */ if ($d["product_in_stock"] > "0" && @$d['notify_users'] == '1' && $d['product_in_stock_old'] == '0') { require_once CLASSPATH . 'zw_waiting_list.php'; $zw_waiting_list = new zw_waiting_list(); $zw_waiting_list->notify_list($d["product_id"]); } // Check if the Manufacturer XRef is missing if ($this->get_manufacturer_id($d['product_id'])) { $q = "UPDATE #__{vm}_product_mf_xref SET "; $q .= 'manufacturer_id=' . vmRequest::getInt('manufacturer_id') . ' '; $q .= 'WHERE product_id = ' . $d['product_id']; } else { $q = "INSERT INTO #__{vm}_product_mf_xref (product_id,manufacturer_id) VALUES ('" . $d['product_id'] . "','" . vmRequest::getInt('manufacturer_id') . "')"; } $db->query($q); /* If is Item, update attributes */ if (!empty($d["product_parent_id"])) { $q = "SELECT attribute_name FROM #__{vm}_product_attribute_sku "; $q .= 'WHERE product_id=' . (int) $d["product_parent_id"] . ' '; $q .= "ORDER BY attribute_list,attribute_name"; $db->query($q); $db2 = new ps_DB(); $i = 0; while ($db->next_record()) { $i++; $q2 = "UPDATE #__{vm}_product_attribute SET "; $q2 .= "attribute_value='" . vmGet($d, 'attribute_' . $i) . "' "; $q2 .= "WHERE product_id = '" . $d["product_id"] . "' "; $q2 .= "AND attribute_name = '" . $db->f("attribute_name", false) . "' "; $db2->setQuery($q2); $db2->query(); } /* If it is a Product, update Category */ } else { // Handle category selection: product_category_xref $q = "SELECT `category_id` FROM `#__{vm}_product_category_xref` "; $q .= "WHERE `product_id` = '" . $d["product_id"] . "' "; $db->setQuery($q); $db->query(); $old_categories = array(); while ($db->next_record()) { $old_categories[$db->f('category_id')] = $db->f('category_id'); } // NOW Insert new categories $new_categories = array(); if (empty($d['product_categories']) || !is_array(@$d['product_categories'])) { $d['product_categories'] = explode('|', $d['category_ids']); } foreach ($d["product_categories"] as $category_id) { if (!in_array($category_id, $old_categories)) { $db->query('SELECT MAX(`product_list`) as list_order FROM `#__{vm}_product_category_xref` WHERE `category_id`=' . (int) $category_id); $db->next_record(); $q = "INSERT INTO #__{vm}_product_category_xref "; $q .= "(category_id,product_id,product_list) "; $q .= "VALUES ('" . (int) $category_id . "','" . $d["product_id"] . "', " . intval($db->f('max') + 1) . ")"; $db->setQuery($q); $db->query(); $new_categories[$category_id] = $category_id; } else { unset($old_categories[$category_id]); } } // The rest of the old categories can be deleted foreach ($old_categories as $category_id) { $q = "DELETE FROM `#__{vm}_product_category_xref` "; $q .= "WHERE `product_id` = '" . $d["product_id"] . "' "; $q .= "AND `category_id` = '" . $category_id . "' "; $db->query($q); } } if (!empty($d["related_products"])) { /* Insert Pipe separated Related Product IDs */ $related_products = vmGet($d, "related_products"); $q = "REPLACE INTO #__{vm}_product_relations (product_id, related_products)"; $q .= " VALUES( '" . $d["product_id"] . "', '{$related_products}') "; $db->query($q); } else { $q = "DELETE FROM #__{vm}_product_relations WHERE product_id='" . $d["product_id"] . "'"; $db->query($q); } // UPDATE THE PRICE, IF EMPTY ADD 0 if (empty($d['product_currency'])) { $d['product_currency'] = $_SESSION['vendor_currency']; } // look if we have a price for this product $q = "SELECT product_price_id, price_quantity_start, price_quantity_end FROM #__{vm}_product_price "; $q .= "WHERE shopper_group_id=" . vmRequest::getInt('shopper_group_id'); $q .= ' AND product_id = ' . $d["product_id"]; $db->query($q); if ($db->next_record()) { $d["product_price_id"] = $db->f("product_price_id"); require_once CLASSPATH . 'ps_product_price.php'; $my_price = new ps_product_price(); if (@$d['product_price'] != '') { // update prices $d["price_quantity_start"] = $db->f("price_quantity_start"); $d["price_quantity_end"] = $db->f("price_quantity_end"); $my_price->update($d); } else { // delete the price $my_price->delete($d); } } else { if ($d['product_price'] != '') { // add the price $d["price_quantity_start"] = 0; $d["price_quantity_end"] = ""; require_once CLASSPATH . 'ps_product_price.php'; $my_price = new ps_product_price(); $my_price->add($d); } } // Product Type Parameters! $this->handleParameters($d); $vmLogger->info($VM_LANG->_('VM_PRODUCT_UPDATED', false)); return true; }
/** * Updates a Payment Entry * * @param array $d * @return boolean */ function update(&$d) { global $VM_LANG; global $vmLogger, $VM_LANG; $ps_vendor_id = $_SESSION["ps_vendor_id"]; $db = new ps_DB(); if (!$this->validate_update($d)) { return False; } if (!empty($d["payment_class"])) { $payment_class = basename($d["payment_class"]); @(include CLASSPATH . "payment/" . $payment_class . ".php"); if (class_exists($payment_class)) { $_PAYMENT = new $payment_class(); } else { $GLOBALS['vmLogger']->err($VM_LANG->_('VM_PAYMENTMETHOD_CLASS_NOT_EXIST')); return false; } } else { include CLASSPATH . "payment/ps_payment.php"; $_PAYMENT = new ps_payment(); } if ($_PAYMENT->configfile_writeable() || $_PAYMENT->classname == 'ps_payment') { $_PAYMENT->write_configuration($d); $vmLogger->info($VM_LANG->_('VM_CONFIGURATION_CHANGE_SUCCESS', false)); } else { $vmLogger->err(sprintf($VM_LANG->_('VM_CONFIGURATION_CHANGE_FAILURE', false), CLASSPATH . "payment/" . $_PAYMENT->classname . ".cfg.php")); return false; } $fields = array('payment_method_name' => vmGet($d, 'payment_method_name'), 'payment_class' => vmGet($d, 'payment_class'), 'shopper_group_id' => vmRequest::getInt('shopper_group_id'), 'payment_method_discount' => vmRequest::getFloat('payment_method_discount'), 'payment_method_discount_is_percent' => vmGet($d, 'payment_method_discount_is_percent'), 'payment_method_discount_max_amount' => (double) str_replace(',', '.', $d["payment_method_discount_max_amount"]), 'payment_method_discount_min_amount' => (double) str_replace(',', '.', $d["payment_method_discount_min_amount"]), 'payment_method_code' => vmGet($d, 'payment_method_code'), 'enable_processor' => vmGet($d, 'enable_processor'), 'list_order' => vmRequest::getInt('list_order'), 'is_creditcard' => vmGet($d, 'is_creditcard'), 'payment_enabled' => vmGet($d, 'payment_enabled'), 'accepted_creditcards' => vmGet($d, 'accepted_creditcards'), 'payment_extrainfo' => vmGet($_POST, 'payment_extrainfo', null, VMREQUEST_ALLOWRAW)); $db->buildQuery('UPDATE', '#__{vm}_payment_method', $fields, 'WHERE payment_method_id=' . (int) $d["payment_method_id"] . ' AND vendor_id=' . $ps_vendor_id); $db->query(); return True; }
/** * This is the main function which stores the order information in the database * * @author Ashish Solanki! * @return boolean */ function updateRecords($order_number, $order_total, &$d) { require_once CLASSPATH . 'ps_checkout.php'; $ps_chkout = new ps_checkout(); global $order_tax_details, $afid, $VM_LANG, $auth, $my, $mosConfig_offset, $vmLogger, $vmInputFilter, $discount_factor; $ps_vendor_id = $_SESSION["ps_vendor_id"]; $cart = $_SESSION['cart']; require_once CLASSPATH . 'ps_payment_method.php'; $ps_payment_method = new ps_payment_method(); require_once CLASSPATH . 'ps_product.php'; $ps_product = new ps_product(); require_once CLASSPATH . 'ps_cart.php'; $ps_cart = new ps_cart(); $db = new ps_DB(); $totals = $ps_chkout->calc_order_totals($d); extract($totals); $timestamp = time(); //Custom $vmLogger->debug('-- Checkout Debug-- Subtotal: ' . $order_subtotal . ' Taxable: ' . $order_taxable . ' Payment Discount: ' . $payment_discount . ' Coupon Discount: ' . $coupon_discount . ' Shipping: ' . $order_shipping . ' Shipping Tax : ' . $order_shipping_tax . ' Tax : ' . $order_tax . ' ------------------------ Order Total: ' . $order_total . ' ----------------------------'); // Check to see if Payment Class File exists $payment_class = $ps_payment_method->get_field($d["payment_method_id"], "payment_class"); $d['new_order_status'] = 'P'; // This is meant to be updated by a payment modules' process_payment method if (!class_exists($payment_class)) { include CLASSPATH . "payment/{$payment_class}.php"; } $_PAYMENT = new $payment_class(); // Remove the Coupon, because it is a Gift Coupon and now is used!! if (@$_SESSION['coupon_type'] == "gift") { $d['coupon_id'] = $_SESSION['coupon_id']; include_once CLASSPATH . 'ps_coupon.php'; ps_coupon::remove_coupon_code($d); } // Get the IP Address if (!empty($_SERVER['REMOTE_ADDR'])) { $ip = $_SERVER['REMOTE_ADDR']; } else { $ip = 'unknown'; } // Collect all fields and values to store them! $fields = array('user_id' => $auth["user_id"], 'vendor_id' => $ps_vendor_id, 'order_number' => $order_number, 'user_info_id' => $d["ship_to_info_id"], 'ship_method_id' => @urldecode($d["shipping_rate_id"]), 'order_total' => $order_total, 'order_subtotal' => $order_subtotal, 'order_tax' => $order_tax, 'order_tax_details' => serialize($order_tax_details), 'order_shipping' => $order_shipping, 'order_shipping_tax' => $order_shipping_tax, 'order_discount' => $payment_discount, 'coupon_discount' => $coupon_discount, 'coupon_code' => @$_SESSION['coupon_code'], 'order_currency' => $GLOBALS['product_currency'], 'order_status' => 'P', 'cdate' => $timestamp, 'mdate' => $timestamp, 'customer_note' => htmlspecialchars(vmRequest::getString('customer_note', '', 'POST', 'none'), ENT_QUOTES), 'ip_address' => $ip); // Insert the main order information $db->buildQuery('INSERT', '#__{vm}_orders', $fields); $result = $db->query(); $d["order_id"] = $order_id = $db->last_insert_id(); if ($result === false || empty($order_id)) { $vmLogger->crit('Adding the Order into the Database failed! User ID: ' . $auth["user_id"]); return false; } // Insert the initial Order History. $mysqlDatetime = date("Y-m-d G:i:s", $timestamp); $fields = array('order_id' => $order_id, 'order_status_code' => 'P', 'date_added' => $mysqlDatetime, 'customer_notified' => 1, 'comments' => ''); $db->buildQuery('INSERT', '#__{vm}_order_history', $fields); $db->query(); /** * Insert the Order payment info */ $payment_number = str_replace(array(' ', '|', '-'), '', @$_SESSION['ccdata']['order_payment_number']); $d["order_payment_code"] = @$_SESSION['ccdata']['credit_card_code']; // Payment number is encrypted using mySQL encryption functions. $fields = array('order_id' => $order_id, 'payment_method_id' => $d["payment_method_id"], 'order_payment_log' => @$d["order_payment_log"], 'order_payment_trans_id' => $vmInputFilter->safeSQL(@$d["order_payment_trans_id"])); if (!empty($payment_number) && VM_STORE_CREDITCARD_DATA == '1') { // Store Credit Card Information only if the Store Owner has decided to do so $fields['order_payment_code'] = $d["order_payment_code"]; $fields['order_payment_expire'] = @$_SESSION["ccdata"]["order_payment_expire"]; $fields['order_payment_name'] = @$_SESSION["ccdata"]["order_payment_name"]; $fields['order_payment_number'] = VM_ENCRYPT_FUNCTION . "( '{$payment_number}','" . ENCODE_KEY . "')"; $specialfield = array('order_payment_number'); } else { $specialfield = array(); } $db->buildQuery('INSERT', '#__{vm}_order_payment', $fields, '', $specialfield); $db->query(); /** * Insert the User Billto & Shipto Info */ // First: get all the fields from the user field list to copy them from user_info into the order_user_info $fields = array(); require_once CLASSPATH . 'ps_userfield.php'; $userfields = ps_userfield::getUserFields('', false, '', true, true); foreach ($userfields as $field) { if ($field->name == 'email') { $fields[] = 'user_email'; } else { $fields[] = $field->name; } } $fieldstr = implode(',', $fields); // Save current Bill To Address $q = "INSERT INTO `#__{vm}_order_user_info` \n\t\t\t(`order_info_id`,`order_id`,`user_id`,address_type, " . $fieldstr . ") "; $q .= "SELECT NULL, '{$order_id}', '" . $auth['user_id'] . "', address_type, " . $fieldstr . " FROM #__{vm}_user_info WHERE user_id='" . $auth['user_id'] . "' AND address_type='BT'"; $db->query($q); // Save current Ship to Address if applicable $q = "INSERT INTO `#__{vm}_order_user_info` \n\t\t\t(`order_info_id`,`order_id`,`user_id`,address_type, " . $fieldstr . ") "; $q .= "SELECT NULL, '{$order_id}', '" . $auth['user_id'] . "', address_type, " . $fieldstr . " FROM #__{vm}_user_info WHERE user_id='" . $auth['user_id'] . "' AND user_info_id='" . $d['ship_to_info_id'] . "' AND address_type='ST'"; $db->query($q); /** * Insert all Products from the Cart into order line items; * one row per product in the cart */ $dboi = new ps_DB(); for ($i = 0; $i < $cart["idx"]; $i++) { $r = "SELECT product_id,product_in_stock,product_sales,product_parent_id,product_sku,product_name "; $r .= "FROM #__{vm}_product WHERE product_id='" . $cart[$i]["product_id"] . "'"; $dboi->query($r); $dboi->next_record(); $product_price_arr = $ps_product->get_adjusted_attribute_price($cart[$i]["product_id"], $cart[$i]["description"]); $product_price = $GLOBALS['CURRENCY']->convert($product_price_arr["product_price"], $product_price_arr["product_currency"]); if (empty($_SESSION['product_sess'][$cart[$i]["product_id"]]['tax_rate'])) { $my_taxrate = $ps_product->get_product_taxrate($cart[$i]["product_id"]); } else { $my_taxrate = $_SESSION['product_sess'][$cart[$i]["product_id"]]['tax_rate']; } // Attribute handling $product_parent_id = $dboi->f('product_parent_id'); $description = ''; if ($product_parent_id > 0) { $db_atts = $ps_product->attribute_sql($dboi->f('product_id'), $product_parent_id); while ($db_atts->next_record()) { $description .= $db_atts->f('attribute_name') . ': ' . $db_atts->f('attribute_value') . '; '; } } $description .= $ps_product->getDescriptionWithTax($_SESSION['cart'][$i]["description"], $dboi->f('product_id')); $product_final_price = round($product_price * ($my_taxrate + 1), 2); $vendor_id = $ps_vendor_id; $fields = array('order_id' => $order_id, 'user_info_id' => $d["ship_to_info_id"], 'vendor_id' => $vendor_id, 'product_id' => $cart[$i]["product_id"], 'order_item_sku' => $dboi->f("product_sku"), 'order_item_name' => $dboi->f("product_name"), 'product_quantity' => $cart[$i]["quantity"], 'product_item_price' => $product_price, 'product_final_price' => $product_final_price, 'order_item_currency' => $GLOBALS['product_currency'], 'order_status' => 'P', 'product_attribute' => $description, 'cdate' => $timestamp, 'mdate' => $timestamp); $db->buildQuery('INSERT', '#__{vm}_order_item', $fields); $db->query(); // Update Stock Level and Product Sales, decrease - no matter if in stock or not! $q = "UPDATE #__{vm}_product "; $q .= "SET product_in_stock = product_in_stock - " . (int) $cart[$i]["quantity"]; $q .= " WHERE product_id = '" . $cart[$i]["product_id"] . "'"; $db->query($q); $q = "UPDATE #__{vm}_product "; $q .= "SET product_sales= product_sales + " . (int) $cart[$i]["quantity"]; $q .= " WHERE product_id='" . $cart[$i]["product_id"] . "'"; $db->query($q); // Update stock of parent product, if all child products are sold, thanks Ragnar Brynjulfsson if ($dboi->f("product_parent_id") != 0) { $q = "SELECT COUNT(product_id) "; $q .= "FROM #__{vm}_product "; $q .= "WHERE product_parent_id = " . $dboi->f("product_parent_id"); $q .= " AND product_in_stock > 0"; $db->query($q); $db->next_record(); if (!$db->f("COUNT(product_id)")) { $q = "UPDATE #__{vm}_product "; $q .= "SET product_in_stock = 0 "; $q .= "WHERE product_id = " . $dboi->f("product_parent_id") . " LIMIT 1"; $db->query($q); } } } ######## BEGIN DOWNLOAD MOD ############### if (ENABLE_DOWNLOADS == "1") { require_once CLASSPATH . 'ps_order.php'; for ($i = 0; $i < $cart["idx"]; $i++) { // only handle downloadable products here if (ps_product::is_downloadable($cart[$i]["product_id"])) { $params = array('product_id' => $cart[$i]["product_id"], 'order_id' => $order_id, 'user_id' => $auth["user_id"]); ps_order::insert_downloads_for_product($params); if (@VM_DOWNLOADABLE_PRODUCTS_KEEP_STOCKLEVEL == '1') { // Update the product stock level back to where it was. $q = "UPDATE #__{vm}_product "; $q .= "SET product_in_stock = product_in_stock + " . (int) $cart[$i]["quantity"]; $q .= " WHERE product_id = '" . (int) $cart[$i]["product_id"] . "'"; $db->query($q); } } } } ################## END DOWNLOAD MOD ########### // Export the order_id so the checkout complete page can get it $d["order_id"] = $order_id; /* * Let the shipping module know which shipping method * was selected. This way it can save any information * it might need later to print a shipping label. */ if (is_callable(array($this->_SHIPPING, 'save_rate_info'))) { $this->_SHIPPING->save_rate_info($d); } // Now as everything else has been done, we can update the Order Status $update_order = false; if ($order_total == 0.0) { // code moved out of $_PAYMENT check as no payment will be needed when $order_total=0.0 // If the Order Total is zero, we can confirm the order to automatically enable the download $d['order_status'] = ENABLE_DOWNLOAD_STATUS; $update_order = true; } elseif (isset($_PAYMENT)) { if ($d['new_order_status'] != 'P') { $d['order_status'] = $d['new_order_status']; $update_order = true; } } if ($update_order) { require_once CLASSPATH . "ps_order.php"; $ps_order = new ps_order(); $ps_order->order_status_update($d); } // Send the e-mail confirmation messages $ps_chkout->email_receipt($order_id); // Reset the cart (=empty it) $ps_cart->reset(); $_SESSION['savedcart']['idx'] = 0; $ps_cart->saveCart(); // Unset the payment_method variables $d["payment_method_id"] = ""; $d["order_payment_number"] = ""; $d["order_payment_expire"] = ""; $d["order_payment_name"] = ""; $d["credit_card_code"] = ""; // Clear the sensitive Session data $_SESSION['ccdata']['order_payment_name'] = ""; $_SESSION['ccdata']['order_payment_number'] = ""; $_SESSION['ccdata']['order_payment_expire_month'] = ""; $_SESSION['ccdata']['order_payment_expire_year'] = ""; $_SESSION['ccdata']['credit_card_code'] = ""; $_SESSION['coupon_discount'] = ""; $_SESSION['coupon_id'] = ""; $_SESSION['coupon_redeemed'] = false; $_POST["payment_method_id"] = ""; $_POST["order_payment_number"] = ""; $_POST["order_payment_expire"] = ""; $_POST["order_payment_name"] = ""; $_SESSION['order_id'] = $order_id; }
/** * Updates a Shipping Adress for the specified user info ID * * @param array $d * @return boolean */ function update(&$d) { global $perm, $VM_LANG; require_once CLASSPATH . 'ps_userfield.php'; $db = new ps_DB(); $timestamp = time(); if (!$this->validate_update($d)) { return false; } // Get all fields which where shown to the user $shippingFields = ps_userfield::getUserFields('shipping', false, '', true); $skip_fields = ps_userfield::getSkipFields(); foreach ($shippingFields as $userField) { if (!in_array($userField->name, $skip_fields)) { $fields[$userField->name] = ps_userfield::prepareFieldDataSave($userField->type, $userField->name, vmGet($d, $userField->name, strtoupper($userField->name))); } } // These are pre-defined fields. $fields['user_id'] = !$perm->check("admin,storeadmin") ? $_SESSION['auth']['user_id'] : (int) $d["user_id"]; $fields['address_type'] = 'ST'; $fields['mdate'] = time(); $db->buildQuery('UPDATE', '#__{vm}_user_info', $fields, "WHERE user_info_id='" . $db->getEscaped($d["user_info_id"]) . "'" . (!$perm->check("admin,storeadmin") ? " AND user_id=" . $_SESSION['auth']['user_id'] : '')); if ($db->query() === false) { $GLOBALS['vmLogger']->err($VM_LANG->_('VM_USERADDRESS_UPDATED_FAILED')); return false; } $GLOBALS['vmLogger']->info($VM_LANG->_('VM_USERADDRESS_UPDATED')); vmRequest::setVar('ship_to_info_id', $d['user_info_id']); return true; }
/** * updates function information * @author pablo, soeren * * @param array $d * @return boolean */ function update(&$d) { global $vmLogger, $VM_LANG; $db = new ps_DB(); $timestamp = time(); if (!$this->validate_update($d)) { return False; } $fields = array('group_name' => $d["group_name"], 'group_level' => (int) $d["group_level"]); $db->buildQuery('UPDATE', $this->_table_name, $fields, 'WHERE ' . $this->_key . '=' . (int) $d[$this->_key]); if ($db->query()) { $vmLogger->info($VM_LANG->_('VM_USER_GROUP_UPDATED')); } return True; }
/** * Updates a tax record * @author pablo * * @param arry $d The _REQUEST array * @return boolean True on success, false on failure */ function update(&$d) { global $VM_LANG; $db = new ps_DB(); $ps_vendor_id = $_SESSION["ps_vendor_id"]; $timestamp = time(); if (!$this->validate_update($d)) { return False; } $fields = array('vendor_id' => $ps_vendor_id, 'tax_state' => vmget($d, 'tax_state'), 'tax_country' => vmget($d, 'tax_country'), 'tax_rate' => $d["tax_rate"], 'mdate' => $timestamp); $db->buildQuery('UPDATE', $this->getTable(), $fields, 'WHERE tax_rate_id=' . $d["tax_rate_id"] . ' AND vendor_id=' . $ps_vendor_id); if ($db->query() !== false) { $GLOBALS['vmLogger']->info($VM_LANG->_('VM_TAX_UPDATED')); return True; } $GLOBALS['vmLogger']->err($VM_LANG->_('VM_TAX_UPDATE_FAILED')); return false; }