function product_details() { if (!$_GET["id"]) { return is_redirect("./?object=shop"); } // Get products from database if (is_numeric($_GET["id"])) { $add_sql = "id= '" . intval($_GET["id"]); } else { $add_sql = "url='" . _es($_GET['id']); } $sql = "SELECT * FROM " . db('shop_products') . " WHERE active='1' AND " . $add_sql . "'"; $product_info = db()->query_fetch($sql); // Required for comments module("shop")->_comments_params["object_id"] = $product_info["id"]; module("shop")->_comments_params["objects_ids"] = $product_info["id"]; $N = module("shop")->_get_num_comments(); $N = $N[$product_info["id"]]; if ($N == "") { $N = 0; } $dirs = sprintf("%06s", $product_info["id"]); $dir2 = substr($dirs, -3, 3); $dir1 = substr($dirs, -6, 3); $mpath = $dir1 . "/" . $dir2 . "/"; $group_prices = module("shop")->_get_group_prices($product_info["id"]); $product_info["_group_price"] = $group_prices[module("shop")->USER_GROUP]; module("shop")->_product_info = $product_info; $atts = module("shop")->_products_get_attributes($product_info["id"]); $thumb_path = $product_info["url"] . "_" . $product_info["id"] . "_" . $product_info["image"] . module("shop")->THUMB_SUFFIX . ".jpg"; $img_path = $product_info["url"] . "_" . $product_info["id"] . "_" . $product_info["image"] . module("shop")->FULL_IMG_SUFFIX . ".jpg"; if ($product_info["image"] == 0) { $image = ""; } else { $image_files = _class('dir')->scan_dir(module("shop")->products_img_dir . $mpath, true, "/" . $product_info["url"] . "_" . $product_info["id"] . ".+?_small\\.jpg" . "/"); $reg = "/" . $product_info["url"] . "_" . $product_info["id"] . "_(?P<content>[\\d]+)_small\\.jpg/"; foreach ((array) $image_files as $filepath) { preg_match($reg, $filepath, $rezult); $i = $rezult["content"]; if ($i != $product_info["image"]) { $thumb_temp = module("shop")->products_img_webdir . $mpath . $product_info["url"] . "_" . $product_info["id"] . "_" . $i . module("shop")->THUMB_SUFFIX . ".jpg"; $img_temp = module("shop")->products_img_webdir . $mpath . $product_info["url"] . "_" . $product_info["id"] . "_" . $i . module("shop")->FULL_IMG_SUFFIX . ".jpg"; $replace2 = ["thumb_path" => $thumb_temp, "img_path" => $img_temp, "name" => $product_info["url"]]; $image .= tpl()->parse("shop/image_items", $replace2); } } } $URL_PRODUCT_ID = module("shop")->_product_id_url($product_info); $sql_man = "SELECT * FROM " . db('shop_manufacturers') . " WHERE id = " . $product_info["manufacturer_id"]; $manufacturer = db()->query_fetch($sql_man); if (module("shop")->SHOW_products_similar_by_price == true) { $products_similar_by_price = module("shop")->products_similar_by_price($product_info["price"], $product_info["id"]); } if (module("shop")->products_similar_by_basket == true) { $products_similar_by_basket = module("shop")->products_similar_by_basket($product_info["id"]); } $replace = ["name" => _prepare_html($product_info["name"]), "model" => _prepare_html($product_info["model"]), "desc" => $product_info["description"], "manufacturer" => _prepare_html(module("shop")->_manufacturer[$product_info["manufacturer_id"]]["name"]), "url_manufacturer" => process_url("./?object=shop&action=products_show&id=" . module("shop")->_manufacturer[$product_info["manufacturer_id"]]["url"]), "date" => _format_date($product_info["add_date"], "long"), "price" => module("shop")->_format_price(module("shop")->_product_get_price($product_info)), "currency" => _prepare_html(module("shop")->CURRENCY), "thumb_path" => file_exists(module("shop")->products_img_dir . $mpath . $img_path) ? module("shop")->products_img_webdir . $mpath . $img_path : "", "img_path" => file_exists(module("shop")->products_img_dir . $mpath . $img_path) ? module("shop")->products_img_webdir . $mpath . $img_path : "", "image" => $image, "basket_add_url" => $product_info["external_url"] ? $product_info["external_url"] : process_url("./?object=shop&action=basket_add&id=" . $URL_PRODUCT_ID), "external_url" => intval((bool) $product_info["external_url"]), "back_url" => process_url("./?object=shop"), "show_basket_url" => process_url("./?object=shop&action=basket"), "dynamic_atts" => module("shop")->_get_select_attributes($atts), "cats_block" => module("shop")->_categories_show(), "cat_name" => _prepare_html(module("shop")->_shop_cats[$product_info["cat_id"]]), "cat_url" => process_url("./?object=shop&action=product_details&id=" . module("shop")->_shop_cats_all[$product_info["cat_id"]]['url']), 'comments' => module("shop")->_view_comments(), "N" => $N, "products_similar_by_price" => $products_similar_by_price, "products_similar_by_basket" => $products_similar_by_basket, "product_related" => module("shop")->products_related($product_info["id"])]; db()->query("UPDATE " . db('shop_products') . " SET viewed = viewed+1 , last_viewed_date = " . time() . " WHERE " . $add_sql . "'"); return tpl()->parse("shop/details", $replace); }
function products_similar_by_price($price, $id) { $price_min = floor($price - $price * 10 / 100); $price_max = ceil($price + $price * 10 / 100); $sql1 = "SELECT category_id FROM " . db('shop_product_to_category') . " WHERE product_id = " . $id . ""; $cat_id = db()->query($sql1); while ($A = db()->fetch_assoc($cat_id)) { $cats_id .= $A["category_id"] . ","; } $cats_id = rtrim($cats_id, ","); $sql2 = "SELECT product_id FROM " . db('shop_product_to_category') . " WHERE category_id IN ( " . $cats_id . ")"; $prod = db()->query($sql2); while ($A = db()->fetch_assoc($prod)) { $prods .= $A["product_id"] . ","; } $prods = rtrim($prods, ","); $sql = "SELECT * FROM " . db('shop_products') . " WHERE price > " . $price_min . " AND price < " . $price_max . " AND id != " . $id . " AND id IN(" . $prods . ")"; $product = db()->query_fetch_all($sql); foreach ((array) $product as $k => $product_info) { $thumb_path = $product_info["url"] . "_" . $product_info["id"] . "_1" . module("shop")->THUMB_SUFFIX . ".jpg"; $URL_PRODUCT_ID = module("shop")->_product_id_url($product_info); $items[$product_info["id"]] = ["name" => _prepare_html($product_info["name"]), "price" => module("shop")->_format_price(module("shop")->_product_get_price($product_info)), "currency" => _prepare_html(module("shop")->CURRENCY), "image" => file_exists(module("shop")->products_img_dir . $thumb_path) ? module("shop")->products_img_webdir . $thumb_path : "", "link" => $product_info["external_url"] ? $product_info["external_url"] : process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "special" => ""]; } $replace = ["items" => $items, "title" => "Similar price"]; return tpl()->parse("shop/products_similar_by_price", $replace); }
/** * Order step */ function _order_step_start($FORCE_DISPLAY_FORM = false) { module('shop')->_basket_save(); $basket_contents = module('shop')->_basket_api()->get_all(); $products_ids = []; foreach ((array) $basket_contents as $_item_id => $_info) { if ($_info["product_id"]) { $products_ids[$_info["product_id"]] = $_info["product_id"]; } } if (!empty($products_ids)) { $products_infos = db()->query_fetch_all("SELECT * FROM " . db('shop_products') . " WHERE id IN(" . implode(",", $products_ids) . ") AND active='1'"); $products_atts = module('shop')->_products_get_attributes($products_ids); $group_prices = module('shop')->_get_group_prices($products_ids); } $total_price = 0; foreach ((array) $products_infos as $_info) { $_product_id = $_info["id"]; $_info["_group_price"] = $group_prices[$_product_id][module('shop')->USER_GROUP]; $quantity = $basket_contents[$_info["id"]]["quantity"]; $price = module('shop')->_product_get_price($_info); $dynamic_atts = []; foreach ((array) $products_atts[$_product_id] as $_attr_id => $_attr_info) { if ($basket_contents[$_product_id]["atts"][$_attr_info["name"]] == $_attr_info["value"]) { $dynamic_atts[$_attr_id] = "- " . $_attr_info["name"] . " " . $_attr_info["value"]; $price += $_attr_info["price"]; } } $URL_PRODUCT_ID = module('shop')->_product_id_url($_info); $products[$_info["id"]] = ["name" => _prepare_html($_info["name"]), "price" => module('shop')->_format_price($price), "currency" => _prepare_html(module('shop')->CURRENCY), "quantity" => intval($quantity), "details_link" => process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "dynamic_atts" => !empty($dynamic_atts) ? implode("\n<br />", $dynamic_atts) : "", "cat_name" => _prepare_html(module('shop')->_shop_cats[$_info["cat_id"]]), "cat_url" => process_url("./?object=shop&action=products_show&id=" . module('shop')->_shop_cats_all[$_info["cat_id"]]['url'])]; $total_price += $price * $quantity; } $replace = ["products" => $products, "total_price" => module('shop')->_format_price($total_price), "currency" => _prepare_html(module('shop')->CURRENCY), "back_link" => "./?object=shop&action=basket", "next_link" => "./?object=shop&action=order&id=delivery", "cats_block" => module('shop')->_categories_show()]; return tpl()->parse("shop/order_start", $replace); }
function products_similar_by_basket($id) { $sql_order_id = "SELECT order_id FROM " . db('shop_order_items') . " WHERE product_id = " . $id; $orders = db()->query($sql_order_id); while ($A = db()->fetch_assoc($orders)) { $order_id .= $A["order_id"] . ","; } $order_id = rtrim($order_id, ","); if (!empty($order_id)) { $sql_product_id = "SELECT product_id FROM " . db('shop_order_items') . " WHERE order_id IN ( " . $order_id . ") AND product_id != " . $id; $products = db()->query($sql_product_id); while ($A = db()->fetch_assoc($products)) { $product_id .= $A["product_id"] . ","; } $product_id = rtrim($product_id, ","); } if (!empty($product_id)) { $sql = "SELECT * FROM " . db('shop_products') . " WHERE id in ( " . $product_id . ")"; $product = db()->query_fetch_all($sql); foreach ((array) $product as $k => $product_info) { $thumb_path = $product_info["url"] . "_" . $product_info["id"] . "_1" . module("shop")->THUMB_SUFFIX . ".jpg"; $URL_PRODUCT_ID = module("shop")->_product_id_url($product_info); $items[$product_info["id"]] = ["name" => _prepare_html($product_info["name"]), "price" => module("shop")->_format_price(module("shop")->_product_get_price($product_info)), "currency" => _prepare_html(module("shop")->CURRENCY), "image" => file_exists(module("shop")->products_img_dir . $thumb_path) ? module("shop")->products_img_webdir . $thumb_path : "", "link" => $product_info["external_url"] ? $product_info["external_url"] : process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "special" => ""]; } } $replace = ["items" => $items, "title" => "Those who purchased this product also buy"]; return tpl()->parse("shop/products_similar_by_price", $replace); }
function _manufacturer_show() { // Prepare manufacturer $replace = ["brand" => module("shop")->_manufacturer, "manufacturer_box" => common()->select_box("manufacturer", module("shop")->_man_for_select, $_SESSION['man_id'], false, 2), "url_manufacturer" => process_url("./?object=shop&action=products_show")]; unset($_SESSION["man_id"]); return tpl()->parse("shop/manufacturer", $replace); }
/** * Order step */ function _order_step_finish($FORCE_DISPLAY_FORM = false) { module('shop')->_basket_api()->clean(); if (isset($_GET["page"])) { $_GET["id"] = intval($_GET["page"]); unset($_GET["page"]); } $_GET["id"] = intval($_GET["id"]); if ($_GET["id"]) { $order_info = db()->query_fetch("SELECT * FROM " . db('shop_orders') . " WHERE id=" . intval($_GET["id"]) . " AND user_id=" . intval(main()->USER_ID)); } if (empty($order_info)) { return _e("No such order"); } $products_ids = []; $Q = db()->query("SELECT * FROM " . db('shop_order_items') . " WHERE `order_id`=" . intval($order_info["id"])); while ($_info = db()->fetch_assoc($Q)) { if ($_info["product_id"]) { $products_ids[$_info["product_id"]] = $_info["product_id"]; } $order_items[$_info["product_id"]] = $_info; } if (!empty($products_ids)) { $products_infos = db()->query_fetch_all("SELECT * FROM " . db('shop_products') . " WHERE id IN(" . implode(",", $products_ids) . ") AND active='1'"); $products_atts = module('shop')->_products_get_attributes($products_ids); } foreach ((array) $order_items as $_info) { $_product_id = $_info["product_id"]; $_product = $products_infos[$_product_id]; $price = $_info["sum"]; $dynamic_atts = []; if (strlen($_info["attributes"]) > 3) { foreach ((array) unserialize($_info["attributes"]) as $_attr_id) { $_attr_info = $products_atts[$_info["product_id"]][$_attr_id]; $dynamic_atts[$_attr_id] = "- " . $_attr_info["name"] . " " . $_attr_info["value"]; $price += $_attr_info["price"]; } } $URL_PRODUCT_ID = module('shop')->_product_id_url($_product); $products[$_info["product_id"]] = ["name" => _prepare_html($_product["name"]), "price" => module('shop')->_format_price($price), "sum" => module('shop')->_format_price($_info["sum"]), "currency" => _prepare_html(module('shop')->CURRENCY), "quantity" => intval($_info["quantity"]), "details_link" => process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "dynamic_atts" => !empty($dynamic_atts) ? implode("\n<br />", $dynamic_atts) : "", "cat_name" => _prepare_html(module('shop')->_shop_cats[$_product["cat_id"]]), "cat_url" => process_url("./?object=shop&action=products_show&id=" . module('shop')->_shop_cats_all[$_product["cat_id"]]['url'])]; $total_price += $price * $quantity; } $total_price = $order_info["total_sum"]; if (main()->USER_ID) { $order_info = my_array_merge(module('shop')->_user_info, $order_info); } else { $order_info["email"] = $order_info["email"]; $order_info["phone"] = $order_info["phone"]; } $order_info = my_array_merge(module('shop')->COMPANY_INFO, $order_info); $replace2 = my_array_merge($order_info, ["id" => $_GET["id"], "products" => $products, "ship_cost" => module('shop')->_format_price(0), "total_cost" => module('shop')->_format_price($total_price), "password" => ""]); // Prepare email template $message = tpl()->parse("shop/invoice_email", $replace2); common()->quick_send_mail($order_info["email"], "invoice #" . $_GET["id"], $message); $replace = my_array_merge($replace2, ["error_message" => _e(), "products" => $products, "ship_price" => module('shop')->_format_price(module('shop')->_ship_types_names[$order_info["ship_type"]]), "total_price" => module('shop')->_format_price($total_price), "order_no" => str_pad($order_info["id"], 8, "0", STR_PAD_LEFT), "hash" => _prepare_html($order_info["hash"]), "back_link" => "./?object=shop&action=show", "cats_block" => module('shop')->_categories_show()]); return tpl()->parse("shop/order_finish", $replace); }
function _products_last_viewed() { $sql_prod_id = "SELECT * FROM " . db('shop_products') . " ORDER BY last_viewed_date DESC LIMIT 5"; $item_prod_id = db()->query_fetch_all($sql_prod_id); $items = []; foreach ((array) $item_prod_id as $k => $product_info) { $thumb_path = $product_info["url"] . "_" . $product_info["id"] . "_1" . module("shop")->THUMB_SUFFIX . ".jpg"; $URL_PRODUCT_ID = module("shop")->_product_id_url($product_info); $items[$product_info["id"]] = ["name" => _prepare_html($product_info["name"]), "price" => module("shop")->_format_price(module("shop")->_product_get_price($product_info)), "currency" => _prepare_html(module("shop")->CURRENCY), "image" => file_exists(module("shop")->products_img_dir . $thumb_path) ? module("shop")->products_img_webdir . $thumb_path : "", "link" => $product_info["external_url"] ? $product_info["external_url"] : process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "special" => ""]; } return tpl()->parse("shop/last_viewed", ["items" => $items]); }
function _show_shop_best_sales() { $sql_prod_id = "SELECT product_id, COUNT(quantity) FROM " . db('shop_order_items') . " GROUP BY product_id ORDER BY COUNT(quantity) DESC LIMIT 0,5"; $item_prod_id = db()->query_fetch_all($sql_prod_id); $items = []; foreach ((array) $item_prod_id as $k => $v) { $sql = "SELECT * FROM " . db('shop_products') . " WHERE active='1' AND id = " . $v["product_id"]; $product_info = db()->query_fetch($sql); $thumb_path = $product_info["url"] . "_" . $product_info["id"] . "_1" . module("shop")->THUMB_SUFFIX . ".jpg"; $URL_PRODUCT_ID = module("shop")->_product_id_url($product_info); $items[$product_info["id"]] = ["name" => _prepare_html($product_info["name"]), "price" => module("shop")->_format_price(module("shop")->_product_get_price($product_info)), "currency" => _prepare_html(module("shop")->CURRENCY), "image" => file_exists(module("shop")->products_img_dir . $thumb_path) ? module("shop")->products_img_webdir . $thumb_path : "", "link" => $product_info["external_url"] ? $product_info["external_url"] : process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "special" => ""]; } return tpl()->parse("shop/best_sales", ["items" => $items]); }
function _categories_show() { $shop_cats = []; foreach ((array) module("shop")->_shop_cats_for_select as $_cat_id => $_cat_name) { if (!$_cat_name) { continue; } $shop_cats[_prepare_html($_cat_name)] = process_url("./?object=shop&action=show&id=" . module("shop")->_shop_cats_all[$_cat_id]['url']); } if (empty($shop_cats)) { $shop_cats = ""; } return tpl()->parse("shop/cats_block", ["shop_cats" => $shop_cats]); }
/** * Edit user var */ function user_var_edit() { $_GET['id'] = intval($_GET['id']); $A = db()->query_fetch('SELECT * FROM ' . db('locale_user_tr') . ' WHERE id=' . intval($_GET['id'])); if (!$A) { return _e('No id'); } if (main()->is_post()) { db()->UPDATE('locale_user_tr', ['name' => _es($_POST['name']), 'translation' => _es($_POST['translation']), 'last_update' => time()], 'id=' . intval($_GET['id'])); return js_redirect('./?object=' . $_GET['object'] . '&action=user_vars'); } $DATA = my_array_merge($A, $_POST); $replace = ['form_action' => './?object=' . $_GET['object'] . '&action=' . $_GET['action'] . ($_GET['id'] ? '&id=' . $_GET['id'] : ''), 'back_url' => process_url('./?object=' . $_GET['object'] . '&action=user_vars'), 'error' => _e(), 'for_edit' => 1, 'id' => _prepare_html($DATA['id']), 'user_id' => _prepare_html($DATA['user_id']), 'name' => _prepare_html($DATA['name']), 'translation' => _prepare_html($DATA['translation']), 'locale' => _prepare_html($DATA['locale']), 'site_id' => _prepare_html($DATA['site_id'])]; return tpl()->parse($_GET['object'] . '/user_vars_edit', $replace); }
/** * view orders */ function _order_view() { if ($_POST["order_id"]) { $_GET["id"] = intval($_POST["order_id"]); } else { $_GET["id"] = intval($_GET["id"]); } if ($_GET["id"]) { $order_info = db()->query_fetch("SELECT * FROM " . db('shop_orders') . " WHERE id=" . intval($_GET["id"])); } if (empty($order_info)) { return _e("No such order"); } if (!empty($_POST["status"])) { db()->UPDATE(db('shop_orders'), ["status" => _es($_POST["status"])], "id=" . intval($_GET["id"])); return js_redirect("./?object=shop&action=orders"); } $products_ids = []; $Q = db()->query("SELECT * FROM " . db('shop_order_items') . " WHERE `order_id`=" . intval($order_info["id"])); while ($_info = db()->fetch_assoc($Q)) { if ($_info["product_id"]) { $products_ids[$_info["product_id"]] = $_info["product_id"]; } $order_items[$_info["product_id"]] = $_info; } if (!empty($products_ids)) { $products_infos = db()->query_fetch_all("SELECT * FROM " . db('shop_products') . " WHERE id IN(" . implode(",", $products_ids) . ") AND active='1'"); $products_atts = module('shop')->_products_get_attributes($products_ids); } foreach ((array) $order_items as $_info) { $_product = $products_infos[$_info["product_id"]]; $dynamic_atts = []; if (strlen($_info["attributes"]) > 3) { foreach ((array) unserialize($_info["attributes"]) as $_attr_id) { $_attr_info = $products_atts[$_info["product_id"]][$_attr_id]; $dynamic_atts[$_attr_id] = "- " . $_attr_info["name"] . " " . $_attr_info["value"]; $price += $_attr_info["price"]; } } $products[$_info["product_id"]] = ["name" => _prepare_html($_product["name"]), "price" => module('shop')->_format_price($_info["sum"]), "currency" => _prepare_html(module('shop')->CURRENCY), "quantity" => intval($_info["quantity"]), "details_link" => process_url("./?object=shop&action=view&id=" . $_product["id"]), "dynamic_atts" => !empty($dynamic_atts) ? implode("\n<br />", $dynamic_atts) : ""]; $total_price += $_info["price"] * $quantity; } $total_price = $order_info["total_sum"]; $replace = my_array_merge($replace, _prepare_html($order_info)); $replace = my_array_merge($replace, ["form_action" => "./?object=shop&action=" . $_GET["action"] . "&id=" . $_GET["id"], "order_id" => $order_info["id"], "total_sum" => module('shop')->_format_price($order_info["total_sum"]), "user_link" => _profile_link($order_info["user_id"]), "user_name" => _display_name(user($order_info["user_id"])), "error_message" => _e(), "products" => (array) $products, "total_price" => module('shop')->_format_price($total_price), "ship_type" => module('shop')->_ship_type[$order_info["ship_type"]], "pay_type" => module('shop')->_pay_types[$order_info["pay_type"]], "date" => _format_date($order_info["date"], "long"), "status_box" => module('shop')->_statuses[$order_info["status"]], "back_url" => "./?object=shop&action=orders"]); return tpl()->parse("shop/order_view", $replace); }
/** * Display page contents */ function show() { $a = $this->_get_page_from_db(); if (!$a) { return _404(); } $this->_set_global_info($a); // Get sub-pages (from menu) $sub_pages = []; $menus = main()->get_data('menus'); $cur_menu_id = 0; // Find first user menu if (!$cur_menu_id) { foreach ((array) $menus as $_info) { if ($_info['type'] == 'user' && $_info['active']) { $cur_menu_id = $_info['id']; break; } } } $cur_menu_item_id = 0; if ($cur_menu_id) { $menu_items = main()->get_data('menu_items'); foreach ((array) $menu_items[$cur_menu_id] as $item_info) { if (!$item_info['active'] || $item_info['parent_id']) { continue; } if ($item_info['location'] == 'object=' . $_GET['object'] . '&action=' . $_GET['action'] . '&id=' . $_GET['id']) { $cur_menu_item_id = $item_info['parent_id'] ? $item_info['parent_id'] : $item_info['id']; break; } } } if ($cur_menu_id && $cur_menu_item_id) { foreach ((array) $menu_items[$cur_menu_id] as $item_info) { if (!$item_info['active'] || $item_info['parent_id'] != $cur_menu_item_id) { continue; } $sub_pages[$item_info['id']] = ['name' => _prepare_html($item_info['name']), 'link' => process_url('./?' . $item_info['location'])]; } } $content = tpl()->parse_string(stripslashes($a['text']), [], 'static_page__' . $a['id']); // Process template $replace = ['id' => intval($a['id']), 'name' => stripslashes($a['name']), 'content' => $content, 'page_heading' => _prepare_html(_ucfirst($a['page_heading'])), 'page_page_title' => _prepare_html(_ucfirst($a['page_title'])), 'print_link' => './?object=' . $_GET['object'] . '&action=print_view&id=' . $a['id'], 'pdf_link' => './?object=' . $_GET['object'] . '&action=pdf_view&id=' . $a['id'], 'email_link' => './?object=' . $_GET['object'] . '&action=email_page&id=' . $a['id'], 'sub_pages' => $sub_pages]; return tpl()->parse($_GET['object'] . '/main', $replace); }
/** * Order step */ function _order_step_select_payment($FORCE_DISPLAY_FORM = false) { // Show previous form if needed if (common()->_error_exists() || empty($_POST)) { return module('shop')->_order_step_delivery(); } if (module('shop')->FORCE_PAY_METHOD) { $_POST["pay_type"] = module('shop')->FORCE_PAY_METHOD; $FORCE_DISPLAY_FORM = false; } if (main()->is_post() && !$FORCE_DISPLAY_FORM) { module('shop')->_order_validate_select_payment(); // Verify products if (!common()->_error_exists()) { $ORDER_ID = module('shop')->_order_create(); $ORDER_ID = intval($ORDER_ID); } // Order id is required to continue, check it again if (empty($ORDER_ID) && !common()->_error_exists()) { _re("SHOP: Error while creating `order`, please <a href='" . process_url("./?object=support") . "'>contact</a> site admin"); } // Display next form if we have no errors if (!common()->_error_exists()) { module('shop')->_CUR_ORDER_ID = $ORDER_ID; return module('shop')->_order_step_do_payment(true); } } $DATA = $_POST; if (!isset($DATA["pay_type"])) { $DATA["pay_type"] = key(module('shop')->_pay_types); } $hidden_fields = ""; $hidden_fields .= module('shop')->_hidden_field("ship_type", $_POST["ship_type"]); foreach ((array) module('shop')->_b_fields as $_field) { $hidden_fields .= module('shop')->_hidden_field($_field, $_POST[$_field]); } /* foreach ((array)module('shop')->_s_fields as $_field) { $hidden_fields .= module('shop')->_hidden_field($_field, $_POST[$_field]); } */ $hidden_fields .= module('shop')->_hidden_field('card_num', $_POST['card_num']); $hidden_fields .= module('shop')->_hidden_field('exp_date', $_POST['exp_date']); $replace = ["form_action" => "./?object=shop&action=" . $_GET["action"] . "&id=" . $SELF_METHOD_ID, "error_message" => _e(), "pay_type_box" => module('shop')->_box("pay_type", $DATA["pay_type"]), "hidden_fields" => $hidden_fields, "back_link" => "./?object=shop&action=order&id=delivery", "cats_block" => module('shop')->_categories_show()]; return tpl()->parse("shop/order_select_payment", $replace); }
/** */ function search_fast($str_search) { $str_search2 = implode(" ", $str_search); $str_search = implode("%", $str_search); $sql = "SELECT id FROM " . db('shop_products') . " WHERE name LIKE "; $_sql = ""; $_sql = $sql . "'%" . $str_search . "%'"; $Q = db()->query($_sql); $product_ids = ""; while ($product_id = db()->fetch_assoc($Q)) { $product_ids .= $product_id["id"] . ","; } $product_ids = rtrim($product_ids, ","); if ($product_ids == "") { $replace = ["str_search" => $str_search2, "form_action" => process_url("./?object=shop&action=search&id=fast")]; return tpl()->parse("shop/no_search_results", $replace); } else { $replace = module('shop')->products_show($product_ids, $str_search2); } return $replace; }
/** * Display basket contents (save changes also here) */ function basket($params = []) { $STPL_NAME = $params["STPL"] ? $params["STPL"] : "shop/basket"; $basket_contents = module('shop')->_basket_api()->get_all(); // Save basket contents if (!empty($_POST["quantity"]) && !module('shop')->_basket_is_processed) { module('shop')->_basket_save(); return js_redirect("./?object=shop&action=" . $_GET["action"]); } // Get products from db $products_ids = []; foreach ((array) $basket_contents as $_item_id => $_info) { if ($_info["product_id"]) { $products_ids[$_info["product_id"]] = $_info["product_id"]; } } if (!empty($products_ids)) { $products_infos = db()->query_fetch_all("SELECT * FROM " . db('shop_products') . " WHERE active='1' AND id IN(" . implode(",", $products_ids) . ")"); $products_atts = module('shop')->_products_get_attributes($products_ids); $group_prices = module('shop')->_get_group_prices($products_ids); } $total_price = 0; foreach ((array) $products_infos as $_info) { $_product_id = $_info["id"]; $_info["_group_price"] = $group_prices[$_product_id][module('shop')->USER_GROUP]; $quantity = $basket_contents[$_info["id"]]["quantity"]; $price = module('shop')->_product_get_price($_info); $dynamic_atts = []; foreach ((array) $products_atts[$_product_id] as $_attr_id => $_attr_info) { if ($basket_contents[$_product_id]["atts"][$_attr_info["name"]] == $_attr_info["value"]) { $dynamic_atts[$_attr_id] = "- " . $_attr_info["name"] . " " . $_attr_info["value"]; $price += $_attr_info["price"]; } } $URL_PRODUCT_ID = module('shop')->_product_id_url($_info); $products[$_info["id"]] = ["name" => _prepare_html($_info["name"]), "price" => module('shop')->_format_price($price), "currency" => _prepare_html(module('shop')->CURRENCY), "quantity" => intval($quantity), "delete_link" => "./?object=shop&action=basket_clean&id=" . $URL_PRODUCT_ID, "details_link" => process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "dynamic_atts" => !empty($dynamic_atts) ? implode("\n<br />", $dynamic_atts) : "", "cat_name" => _prepare_html(module('shop')->_shop_cats[$_info["cat_id"]]), "cat_url" => process_url("./?object=shop&action=products_show&id=" . module('shop')->_shop_cats_all[$_info["cat_id"]]['url'])]; $total_price += $price * $quantity; } return tpl()->parse($STPL_NAME, ["form_action" => "./?object=shop&action=" . $_GET["action"], "products" => $products, "total_price" => module('shop')->_format_price($total_price), "currency" => _prepare_html(module('shop')->CURRENCY), "clean_all_link" => "./?object=shop&action=basket_clean", "order_link" => "./?object=shop&action=order", "back_link" => js_redirect($_SERVER["HTTP_REFERER"], false), "cats_block" => module('shop')->_categories_show()]); }
function check() { main()->NO_GRAPHICS = true; $out = []; $online_class = _class('online_users', 'classes/'); $online_class->process(); // user part $R = db()->get_all("SELECT `id`,`notification_id` FROM `" . db('notifications_receivers') . "` WHERE `receiver_id`='" . $online_class->online_user_id . "' AND `receiver_type`='" . $online_class->online_user_type . "' AND `is_read`=0"); $notifications_ids = []; foreach ((array) $R as $A) { $notifications_ids[$A['id']] = $A['notification_id']; } if (count($notifications_ids) != 0) { $notifications = db()->get_all("SELECT `id`,`title`,`content`,`add_date` FROM `" . db('notifications') . "` WHERE `id` IN (" . implode(",", $notifications_ids) . ")"); $add_info = db()->get_all("SELECT `id`,`text`,`url` FROM `" . db('notifications_receivers_add_info') . "` WHERE `id` IN (" . implode(",", array_keys($notifications_ids)) . ")"); foreach ($notifications_ids as $k => $v) { $out[$k] = ['id' => $k, 'title' => $notifications[$v]['title'], 'content' => $notifications[$v]['content'], 'add_date' => $notifications[$v]['add_date'], 'text' => $add_info[$k]['text'], 'url' => $add_info[$k]['url'] != '' ? process_url($add_info[$k]['url'] . "¬ification_id=" . $k) : '']; } } echo json_encode($out); exit; }
/** */ function view_order() { $_GET['id'] = intval($_GET['id']); if ($_GET['id']) { if ($this->SUPPLIER_ID) { $sql = 'SELECT o.* FROM ' . db('shop_orders') . ' AS o INNER JOIN ' . db('shop_order_items') . ' AS i ON i.order_id = o.id INNER JOIN ' . db('shop_products') . ' AS p ON i.product_id = p.id INNER JOIN ' . db('shop_admin_to_supplier') . ' AS m ON m.supplier_id = p.supplier_id WHERE o.id=' . intval($_GET['id']) . ' AND m.admin_id=' . intval(main()->ADMIN_ID) . ' GROUP BY o.id'; } else { $sql = 'SELECT * FROM ' . db('shop_orders') . ' WHERE id=' . intval($_GET['id']); } $order_info = db()->query_fetch($sql); } if (empty($order_info)) { return _e('No such order'); } $recount_price = false; $_class_price = _class('_shop_price', 'modules/shop/'); $_class_units = _class('_shop_product_units', 'modules/shop/'); $_class_basket = _class('shop_basket', 'modules/shop/'); if (main()->is_post()) { module('manage_shop')->_product_check_first_revision('order', intval($_GET['id'])); $order_id = (int) $_GET['id']; foreach ($_POST as $k => $v) { if ($k == 'status_item') { foreach ($v as $k1 => $status) { list($product_id, $param_id) = explode('_', $k1); db()->UPDATE(db('shop_order_items'), ['status' => $status], ' order_id=' . $_GET['id'] . ' AND product_id=' . intval($product_id) . ' AND param_id=' . intval($param_id)); } } elseif ($k == 'delete') { foreach ($v as $k1 => $is_del) { list($product_id, $param_id) = explode('_', $k1); if ($is_del == 1) { db()->query('DELETE FROM ' . db('shop_order_items') . ' WHERE order_id=' . $_GET['id'] . ' AND product_id=' . intval($product_id) . ' AND param_id=' . intval($param_id)); } } $recount_price = true; } elseif ($k == 'qty') { foreach ($v as $k1 => $qty) { list($product_id, $param_id) = explode('_', $k1); if (intval($qty) == 0) { db()->query('DELETE FROM ' . db('shop_order_items') . ' WHERE order_id=' . $_GET['id'] . ' AND product_id=' . intval($product_id) . ' AND param_id=' . intval($param_id)); } else { db()->UPDATE(db('shop_order_items'), ['quantity' => intval($qty)], ' order_id=' . $_GET['id'] . ' AND product_id=' . intval($product_id) . ' AND param_id=' . intval($param_id)); } $recount_price = true; } } elseif ($k == 'unit') { foreach ($v as $k1 => $unit) { $unit = (int) $unit; list($product_id, $param_id) = explode('_', $k1); $product_id = (int) $product_id; $param_id = (int) $param_id; if ($unit > 0) { $units = $_class_units->get_by_product_ids($product_id); if (isset($units[$product_id][$unit])) { db()->UPDATE(db('shop_order_items'), ['unit' => $unit], ' order_id=' . $order_id . ' AND product_id=' . $product_id . ' AND param_id=' . $param_id); $products = db_get_all('SELECT * FROM ' . db('shop_products') . ' WHERE id = ' . $product_id); $product = $products[$product_id]; list($price) = $_class_price->markup_down($product['price'], $product_id); $item = ['price' => $price, 'unit' => $unit, 'units' => $units[$product_id]]; $price_one = $_class_basket->_get_price_one($item); $item = ['order_id' => $order_id, 'product_id' => $product_id, 'param_id' => $param_id]; $item_price = $item + ['price' => $price_one]; $this->_item_update_price_unit($item_price); $recount_price = true; } } } } elseif ($k == 'price_unit') { foreach ($v as $k1 => $price) { list($product_id, $param_id) = explode('_', $k1); $this->_item_update_price_unit(['price' => $price, 'order_id' => $order_id, 'product_id' => (int) $product_id, 'param_id' => (int) $param_id]); $recount_price = true; } } } $sql = []; foreach (['address', 'phone', 'address', 'house', 'apartment', 'floor', 'porch', 'intercom', 'delivery_price', 'status', 'region', 'discount', 'discount_add', 'delivery_type', 'delivery_id', 'delivery_location'] as $f) { if (isset($_POST[$f])) { $sql[$f] = $_POST[$f]; if ($f == 'delivery_price' && $_POST['delivery_price'] != $order_info['delivery_price']) { $sql['is_manual_delivery_price'] = 1; $order_info['is_manual_delivery_price'] = 1; $order_info['delivery_price'] = $sql['delivery_price']; $recount_price = true; } if ($f == 'discount') { $discount = $_class_price->_number_mysql($sql['discount']); $order_info['discount'] = $discount; $sql['discount'] = $discount; $recount_price = true; } if ($f == 'discount_add') { $discount = $_class_price->_number_mysql($sql['discount_add']); $order_info['discount_add'] = $discount; $sql['discount_add'] = $discount; } if ($f == 'delivery_id') { $value = (int) $sql[$f]; $value = $value > 0 ? $value : $order_info[$f]; $sql[$f] = $value; } if ($f == 'delivery_type') { $value = (int) $sql[$f]; $order_info['payment'] = $value; $sql['payment'] = $value; } } } if (count($sql) > 0) { db()->update_safe(db('shop_orders'), $sql, 'id=' . intval($_GET['id'])); } if ($recount_price) { list($order_info['total_sum'], $order_info['delivery_price']) = $this->_order_recount_price($order_info['id'], $order_info); } module('manage_shop')->_order_add_revision('edit', intval($_GET['id'])); return js_redirect('./?object=' . main()->_get('object') . '&action=view_order&id=' . $order_info['id']); } $products_ids = []; $Q = db()->query('SELECT * FROM ' . db('shop_order_items') . ' WHERE `order_id`=' . intval($order_info['id'])); while ($_info = db()->fetch_assoc($Q)) { if ($_info['product_id']) { $products_ids[$_info['product_id']] = $_info['product_id']; } $order_items[$_info['product_id'] . "_" . $_info['param_id']] = $_info; } if (!empty($products_ids)) { $products_infos = db()->query_fetch_all('SELECT * FROM ' . db('shop_products') . ' WHERE id IN(' . implode(',', $products_ids) . ')'); $products_atts = module('manage_shop')->_get_products_attributes($products_ids); } $price_total = 0; foreach ((array) $order_items as $_info) { $_product = $products_infos[$_info['product_id']]; $_units = []; if (intval($_info['type']) == 1) { $images[0]['thumb'] = _class('_shop_products', 'modules/shop/')->_product_set_image($_info["product_id"], $_product['cat_id'], 'thumb', false); $link = './?object=' . main()->_get('object') . '&action=product_set_edit&id=' . $_info['product_id']; } else { $images = _class('_shop_products', 'modules/shop/')->_product_image($_info["product_id"], false, false); $link = './?object=' . main()->_get('object') . '&action=product_edit&id=' . $_info['product_id']; $_units = $_class_units->get_by_product_ids($_info['product_id']); } $image = $images[0]['thumb'] ?: _class('_shop_categories', 'modules/shop/')->get_icon_url($_product['cat_id'], 'item'); $dynamic_atts = []; if (strlen($_info['attributes']) > 3) { foreach ((array) unserialize($_info['attributes']) as $_attr_id) { $_attr_info = $products_atts[$_info['product_id']][$_attr_id]; $dynamic_atts[$_attr_id] = '- ' . $_attr_info['name'] . ' ' . $_attr_info['value']; $price += $_attr_info['price']; } } $product_id = (int) $_info['product_id']; $param_id = (int) $_info['param_id']; $price_one = tofloat($_info['price']); $quantity = (int) $_info['quantity']; $price_item = $price_one * $quantity; // product unit $unit = (int) $_info['unit']; $units = null; $unit_name = 'шт.'; if ($_units[$product_id]) { $units = $_units[$product_id]; $units[$unit] && ($unit_name = $units[$unit]['title']); } $products[$_info['product_id'] . '_' . $_info['param_id']] = ['product_id' => intval($_info['product_id']), 'param_id' => intval($_info['param_id']), 'param_name' => _class('_shop_product_params', 'modules/shop/')->_get_name_by_option_id($_info['param_id']), 'name' => _prepare_html($_product['name']), 'image' => $image, 'link' => $link, 'unit' => $unit, 'unit_name' => $unit_name, 'units' => $units, 'price_unit' => $price_one, 'price' => $price_item, 'currency' => _prepare_html(module('manage_shop')->CURRENCY), 'quantity' => intval($_info['quantity']), 'details_link' => process_url('./?object=' . main()->_get('object') . '&action=view&id=' . $_product['id']), 'dynamic_atts' => !empty($dynamic_atts) ? implode('<br />' . PHP_EOL, $dynamic_atts) : '', 'status' => module('manage_shop')->_box('status_item', $_info['status']), 'delete' => '']; $price_total += $price_item; } // discount $discount = $order_info['discount']; $discount_add = $order_info['discount_add']; $_discount = $discount; $discount_price = $_class_price->apply_price($price_total, $_discount); $discount_price -= $price_total; $discount_price = $_class_price->_number_round($discount_price); $_discount = $discount_add; $discount_add_price = $_class_price->apply_price($price_total, $_discount); $discount_add_price -= $price_total; $total_price = tofloat($order_info['total_sum']); $replace = my_array_merge($replace, _prepare_html($order_info)); $replace = my_array_merge($replace, ['form_action' => './?object=' . main()->_get('object') . '&action=' . $_GET['action'] . '&id=' . $_GET['id'], 'order_id' => $order_info['id'], 'price_total_info' => module('manage_shop')->_format_price($price_total), 'discount' => $_class_price->_number_format($discount), 'discount_add' => $_class_price->_number_format($discount_add), 'discount_price_info' => $_class_price->_price_format($discount_price), 'discount_add_price_info' => $_class_price->_price_format($discount_add_price), 'delivery_info' => module('manage_shop')->_format_price($order_info['delivery_price']), 'total_sum' => module('manage_shop')->_format_price($total_price), 'user_link' => _profile_link($order_info['user_id']), 'user_name' => _display_name(user($order_info['user_id'])), 'error_message' => _e(), 'products' => (array) $products, 'total_price' => module('manage_shop')->_format_price($total_price), 'ship_type' => module('manage_shop')->_ship_types[$order_info['ship_type']], 'pay_type' => module('manage_shop')->_pay_types[$order_info['pay_type']], 'date' => $order_info['date'], 'status_box' => module('manage_shop')->_box('status', $order_info['status']), 'back_url' => './?object=' . main()->_get('object') . '&action=show_orders', 'print_url' => './?object=' . main()->_get('object') . '&action=show_print&id=' . $order_info['id'], 'payment' => common()->get_static_conf('payment_methods', $order_info['payment'])]); $link_invoice = './?object=manage_shop&action=invoice&id=' . $replace['id']; $link_invoice_add = $link_invoice . '&with_discount_add=y'; $link_pdf_invoice = $link_invoice . '&pdf=y'; $link_pdf_invoice_add = $link_invoice_add . '&pdf=y'; $region = _class('_shop_region', 'modules/shop/')->_get_list(); array_unshift($region, '- регион не выбран -'); $out = form2($replace, ['dd_mode' => 1, 'big_labels' => true])->info('id')->info('price_total_info', ['desc' => 'Сумма'])->row_start(['desc' => 'Скидка, %'])->number('discount', ['desc' => 'Скидка, %'])->info('discount_price_info')->link('Invoice', $link_invoice, ['title' => 'Накладная без учета добавочной скидки', 'icon' => 'fa fa-file-o', 'target' => '_blank'])->link('PDF', $link_pdf_invoice, ['title' => 'Накладная PDF без учета добавочной скидки', 'icon' => 'fa fa-file-text-o', 'target' => '_blank'])->row_end()->row_start(['desc' => 'Скидка добавочная, %'])->number('discount_add', ['desc' => 'Скидка добавочная, %'])->info('discount_add_price_info', ['desc' => ' '])->link(t('Invoice') . '+', $link_invoice_add, ['title' => 'Накладная с учетом добавочной скидки', 'icon' => 'fa fa-file-o', 'target' => '_blank'])->link(t('PDF') . '+', $link_pdf_invoice_add, ['title' => 'Накладная PDF с учетом добавочной скидки', 'icon' => 'fa fa-file-text-o', 'target' => '_blank'])->row_end()->info('delivery_info', ['desc' => 'Доставка'])->info('total_sum', '', ['desc' => 'Итоговая сумма', 'tip' => 'Итоговая сумма без учета добавочной скидки', 'no_escape' => 1])->info_date('date', ['format' => 'full'])->info('name')->email('email')->info('phone')->container('<a href="./?object=' . main()->_get('object') . '&action=send_sms&phone=' . urlencode($replace["phone"]) . '" class="btn">Send SMS</a><br /><br />')->select_box('region', $region, ['desc' => 'Регион доставки', 'class_add_wrapper' => 'region_type_wrap'])->select_box('delivery_type', _class('_shop_delivery', 'modules/shop/')->_get_types(), ['desc' => 'Тип доставки', 'class_add_wrapper' => 'delivery_type_wrap'])->select_box('delivery_id', _class('_shop_delivery', 'modules/shop/')->_get_locations_by_type($replace['delivery_type']), ['class' => 'delivery_id', 'class_add_wrapper' => 'delivery_id_wrap', 'desc' => 'Отделение'])->text('delivery_location', 'Отделение доставки', ['class' => 'delivery_location', 'class_add_wrapper' => 'delivery_location_wrap'])->text('address')->text('house')->text('apartment')->text('floor')->text('porch')->text('intercom')->info('comment')->text('delivery_time')->price('delivery_price')->user_info('user_id')->info('payment', 'Payment method')->info('transaction_id', 'Transaction id')->container(table2($products)->image('product_id', ['width' => '50px', 'no_link' => true, 'web_path' => '', 'img_path_check' => false, 'img_path_callback' => function ($_p1, $_p2, $row) { return $row['image']; }])->func('link', function ($f, $p, $row) { $result = "<a class='btn' href='{$row[link]}'>{$row[product_id]}</a>"; return $result; })->func('name', function ($f, $p, $row) { $row['name'] = $row['name'] . ($row['param_name'] != '' ? "<br /><small>" . $row['param_name'] . "</small>" : ''); return $row['name']; })->func('unit', function ($f, $p, $row) { $values = []; if (!empty($row['units'])) { $values[0] = ' - '; foreach ($row['units'] as $id => $item) { $values[$id] = $item['title']; } } $desc = 'Ед. измерения'; $width = '7em'; $result = sprintf(' <style> .unit_current { width: %s; } </style> <div class="unit_current"> %s <span class="btn btn-mini unit_change"> <i class="icon-edit fa fa-edit"></i> </span> </div> ', $width, $row['unit_name']) . _class('html')->select2_box(['desc' => $desc, 'name' => 'unit[' . $row['product_id'] . '_' . $row['param_id'] . ']', 'values' => $values, 'js_options' => ['width' => $width, 'containerCssClass' => 'select2_box']]); return $result; })->func('quantity', function ($f, $p, $row) { $row['quantity'] = "<input type='text' name='qty[" . $row['product_id'] . "_" . $row['param_id'] . "]' value='" . intval($row['quantity']) . "' style='width:50px;'>"; return $row['quantity']; })->func('price_unit', function ($f, $p, $row) { $row['price_unit'] = "<input type='text' name='price_unit[" . $row['product_id'] . "_" . $row['param_id'] . "]' value='" . $row['price_unit'] . "' style='width:100px;'>"; return $row['price_unit']; })->text('price')->func('status', function ($f, $p, $row) { $row['status'] = str_replace("status_item", "status_item[" . $row['product_id'] . "_" . $row['param_id'] . "]", $row['status']); return $row['status']; })->func('delete', function ($f, $p, $row) { $row['delete'] = "<input type='checkbox' name='delete[" . $row['product_id'] . "_" . $row['param_id'] . "]' value='1'>"; return $row['delete']; }), ['wide' => 1])->container(tpl()->parse('manage_shop/product_search_order', ['order_id' => $_GET['id']]), 'Add product')->box('status_box', 'Status order', ['selected' => $order_info['status']])->save_and_back(); // misc handlers css(' .select2_box { display: none; } .unit_current { position : relative; } .btn.unit_change { display : none; position : absolute; right : 0; } '); jquery(' $(".delivery_id").on( "change", function( event ) { var location = $(this).find( "option:selected" ).text(); $(".delivery_location").val( location ); }); var delivery_type__on_change = function( target ) { var value = +$(target).find( "option:selected" ).val(); if( value == 1 ) { $(".delivery_id_wrap").hide(); $(".delivery_location_wrap").hide(); } else if( value == 2 ) { var count = +$(".delivery_id_wrap").find( "option" ).length; if( count > 1 ) { $(".delivery_id_wrap").show(); $(".delivery_location_wrap").show(); } } } delivery_type__on_change( $(".delivery_type_wrap") ); $(".delivery_type_wrap").on( "change", function( event ) { delivery_type__on_change( event.target ); }); $( ".unit_change" ).on( "click", function( event ) { var $this = $( this ); var $select2 = $this.parent().next(); $select2.toggle() }).each( function( i ) { var $this = $( this ); if( $this.parent().next().length ) { $this.show(); } }); '); // get similar orders $sql = "SELECT o.*, COUNT(*) AS num_items FROM `" . db('shop_orders') . "` AS `o`\n\t\t\t\tINNER JOIN " . db('shop_order_items') . " AS i ON i.order_id = o.id\n\t\t\t\tWHERE `o`.`id`!='" . $order_info['id'] . "'\n\t\t\t\t\tAND `o`.`phone`='" . $order_info['phone'] . "'\n\t\t\t\t\tAND `o`.`status`='" . $order_info['status'] . "'\n\t\t\t\tGROUP BY o.id ORDER BY o.id DESC"; $out .= "<br /><br /><h3>" . t('Similar orders') . "</h3>" . table($sql)->text('id')->date('date', ['format' => 'full', 'nowrap' => 1])->user('user_id')->text('name')->text('phone')->text('total_sum', ['nowrap' => 1])->text('num_items')->btn_edit('', './?object=' . main()->_get('object') . '&action=view_order&id=%d', ['no_ajax' => 1])->btn('Merge', './?object=' . main()->_get('object') . '&action=merge_order&id=' . $order_info['id'] . '&merge_id=%d', ['no_ajax' => 1]); // $out .= tpl()->parse('manage_shop/product_search',array()); return $out; }
/** * Allows to call code here before we begin with graphics */ function _after_init_hook() { $this->PROFILING && ($this->_timing[] = [microtime(true), __CLASS__, __FUNCTION__, $this->trace_string(), func_get_args()]); $this->events->fire('main.after_init_begin'); $this->_check_site_maintenance(); $this->_do_rewrite(); $this->_init_cur_user_info($this); if ($this->TRACK_ONLINE_STATUS) { $this->_class('online_users')->process(); } if ($this->type == 'admin' && $this->ENABLE_NOTIFICATIONS_ADMIN) { $this->_module('notifications')->_prepare(); } elseif ($this->type == 'user' && $this->ENABLE_NOTIFICATIONS_USER) { $this->_module('notifications')->_prepare(); } if ($this->TRACK_USER_PAGE_VIEWS && $this->USER_ID) { $this->_add_shutdown_code(function () { if (!main()->NO_GRAPHICS) { db()->update_safe('user', ['last_view' => time(), 'num_views' => ++$this->_user_info['num_views']], $this->USER_ID); } }); } conf('filter_hidden', $_COOKIE['filter_hidden'] ? 1 : 0); conf('qm_hidden', $_COOKIE['qm_hidden'] ? 1 : 0); $https_needed = $this->USE_ONLY_HTTPS; if (!$https_needed) { $query_string = $this->_server('QUERY_STRING'); foreach ((array) $this->HTTPS_ENABLED_FOR as $item) { if (is_callable($item)) { if ($item($query_string)) { $https_needed = true; break; } } elseif (preg_match('@' . $item . '@ims', $query_string)) { $https_needed = true; break; } } } if ($https_needed && !$this->is_console() && !($this->_server('HTTPS') || $this->_server('SSL_PROTOCOL'))) { $redirect_url = str_replace('http://', 'https://', WEB_PATH) . $this->_server('QUERY_STRING'); return js_redirect(process_url($redirect_url)); } if ($this->INTRUSION_DETECTION) { $this->modules['common']->intrusion_detection(); } $this->events->fire('main.after_init'); }
/** * */ function _unread() { if (empty($this->_user_info['last_view'])) { return; } $Q = db()->query('SELECT id FROM ' . db('comments') . ' WHERE user_id != ' . intval(main()->USER_ID) . ' AND add_date > ' . $this->_user_info['last_view']); while ($A = db()->fetch_assoc($Q)) { $ids[$A['id']] = $A['id']; } $link = process_url('./?object=comments&action=view_unread'); $unread = ['count' => count($ids), 'ids' => $ids, 'link' => $link]; return $unread; }
function compact_info() { main()->NO_GRAPHICS = true; conf('no_ajax_here', true); // Check user id $USER_ID = $_REQUEST["id"]; if (empty($USER_ID)) { $error_message = "No id"; } if (empty($error_message)) { // Try to get user info $this->_user_info = db()->query_fetch("SELECT * FROM " . db('user') . " WHERE id=" . intval($USER_ID) . " AND active='1'"); if (empty($this->_user_info)) { $error_message = "No info"; } } if (empty($error_message)) { // Get live quick user stats $totals = _class_safe("user_stats")->_get_live_stats(["user_id" => $this->_user_info["id"]]); // Check if this user is in favorites (also check if this is own profile) $DISPLAY_CONTACT_ITEMS = 0; if (main()->USER_ID && $this->_user_info["id"] != main()->USER_ID) { if ($totals["favorite_users"]) { $is_in_favorites = db()->query_num_rows("SELECT 1 FROM " . db('favorites') . " WHERE user_id=" . intval(main()->USER_ID) . " AND target_user_id=" . intval($this->_user_info["id"])); } if ($totals["ignored_users"]) { $is_ignored = db()->query_num_rows("SELECT 1 FROM " . db('ignore_list') . " WHERE user_id=" . intval(main()->USER_ID) . " AND target_user_id=" . intval($this->_user_info["id"])); } // Check friendship $FRIENDS_OBJ = module("friends"); $is_a_friend = is_object($FRIENDS_OBJ) ? $FRIENDS_OBJ->_is_a_friend(main()->USER_ID, $this->_user_info["id"]) : -1; if (!empty($totals["try_friends"])) { $is_friend_of = $FRIENDS_OBJ->_is_a_friend($this->_user_info["id"], main()->USER_ID); } $is_mutual_friends = $is_a_friend && $is_friend_of; // Switch for contact items $DISPLAY_CONTACT_ITEMS = 1; } // Interests $totals["interests"] = 0; if (!empty($totals["try_interests"])) { $INTERESTS_OBJ = module("interests"); if (is_object($INTERESTS_OBJ)) { $user_interests = $INTERESTS_OBJ->_get_for_user_id($user_id); if (!empty($user_interests) && is_array($user_interests)) { $totals["interests"] = count($user_interests); } } } // Process user reputation $reput_text = ""; $REPUT_OBJ = module("reputation"); if (is_object($REPUT_OBJ)) { $reput_info = ["points" => $totals["reput_points"]]; $reput_text = $REPUT_OBJ->_show_for_user($this->_user_info["id"], $reput_info); } // Array of $_GET vars to skip $skip_get = ["page", "escort_id", "q", "show"]; if (empty($this->_user_info["last_login"])) { $this->_user_info["last_login"] = $this->_user_info["add_date"]; } // Process template $replace = ["user_id" => intval($USER_ID), "user_avatar" => _show_avatar($USER_ID), "user_name" => _prepare_html(_display_name($this->_user_info)), "user_group" => t($this->_account_types[$this->_user_info["group"]]), "user_profile_link" => process_url(_profile_link($USER_ID)), "user_level" => intval($this->_user_info["level"]), "user_level_name" => _prepare_html($this->_user_levels[$this->_user_info["level"]]), "emails_received" => intval($this->_user_info["emails"]), "emails_sent" => intval($this->_user_info["emailssent"]), "reg_date" => _format_date($this->_user_info["add_date"]), "last_update" => _format_date($this->_user_info["last_update"], "long"), "last_login" => _format_date($this->_user_info["last_login"], "long"), "num_logins" => intval($this->_user_info["num_logins"]), "site_visits" => intval($this->_user_info["sitevisits"]), "gallery_link" => $totals["gallery_photos"] ? process_url("./?object=gallery&action=show_gallery&id=" . $this->_user_info["id"] . _add_get($skip_get)) : "", "blog_link" => $totals["blog_posts"] ? process_url("./?object=blog&action=show_posts&id=" . $this->_user_info["id"] . _add_get($skip_get)) : "", "articles_link" => $totals["articles"] ? process_url("./?object=articles&action=view_by_user&id=" . $this->_user_info["id"] . _add_get($skip_get)) : "", "interests_link" => $totals["interests"] ? process_url("./?object=interests&action=view&id=" . $this->_user_info["id"] . _add_get($skip_get)) : "", "contact_link" => main()->USER_ID && main()->USER_ID != $this->_user_info["id"] ? process_url(main()->USER_ID ? "./?object=email&action=send_form&id=" . $this->_user_info["id"] : "./?object=login_form&go_url=email;send_form;id=" . $this->_user_info["id"]) : "", "favorites_link" => !empty($is_in_favorites) ? process_url("./?object=account&action=favorite_delete&id=" . $this->_user_info["id"]) : process_url("./?object=account&action=favorite_add&id=" . $this->_user_info["id"]), "is_in_favorites" => isset($is_in_favorites) ? intval((bool) $is_in_favorites) : "", "ignore_link" => !empty($is_ignored) ? process_url("./?object=account&action=unignore_user&id=" . $this->_user_info["id"]) : process_url("./?object=account&action=ignore_user&id=" . $this->_user_info["id"]), "is_ignored" => isset($is_ignored) ? intval((bool) $is_ignored) : "", "make_friend_link" => empty($is_a_friend) ? process_url("./?object=friends&action=add&id=" . $this->_user_info["id"]) : "", "is_a_friend" => isset($is_a_friend) ? intval($is_a_friend) : "", "is_friend_of" => isset($is_friend_of) ? intval($is_friend_of) : "", "is_mutual_friends" => isset($is_mutual_friends) ? intval($is_mutual_friends) : "", "display_contact_items" => intval($DISPLAY_CONTACT_ITEMS), "sex" => _prepare_html($this->_user_info["sex"]), "country" => _prepare_html($this->_user_info["country"]), "state" => _prepare_html($this->_user_info["state"]), "city" => _prepare_html($this->_user_info["city"]), "country_code_lower" => strtolower($this->_user_info["country"]), "reput_text" => $reput_text, "reput_points" => MAIN_TYPE_ADMIN ? intval($totals["reput_points"]) : "", "alt_power" => MAIN_TYPE_ADMIN ? intval($REPUT_INFO["alt_power"]) : "", "activity_points" => intval($totals["activity_points"]), "is_admin" => MAIN_TYPE_ADMIN ? 1 : 0]; // Admin-only methods if (MAIN_TYPE_ADMIN) { $replace = array_merge($replace, ["login_stats" => process_url("./?object=log_auth_view&action=save_filter&user_id=" . $this->_user_info["id"]), "multi_accounts_link" => process_url("./?object=check_multi_accounts&action=show_by_user&id=" . $this->_user_info["id"]), "user_errors" => process_url("./?object=log_user_errors_viewer&action=save_filter&user_id=" . $this->_user_info["id"]), "ban_popup_link" => _class("manage_auto_ban", "admin_modules/")->_popup_link(["user_id" => intval($this->_user_info["id"])]), "verify_link" => !$this->_user_info["photo_verified"] ? "./?object=manage_photo_verify&action=add&id=" . intval($this->_user_info["id"]) : ""]); } $body = tpl()->parse($_GET["object"] . "/compact_info", $replace); } if (!empty($error_message)) { $body = $error_message; } if (DEBUG_MODE) { $body .= "<hr class='clearfloat'>DEBUG INFO:\r\n"; $body .= common()->_show_execution_time(); // $body .= common()->show_debug_info(); } echo $body; }
} } } empty($url) == true ? $entered_url = '' : ($entered_url = escape($url)); empty($code) == true ? $entered_alias = '' : ($entered_alias = escape($code)); if (empty($url)) { $error = ERR_INVALID_REQUEST; goto out; } $format == 'json' ? $request_type = 'api' : ($format = 'text'); $url = polish_url($url); $protocol = @parse_url($url, PHP_URL_SCHEME); if ($protocol == null) { $url = 'http://' . $url; } $error = process_url($url); if ($error > 0) { goto out; } $url = trim($url, '/'); $codes = get_codes_for_url($url); $ip = get_IP(); $uuid = DEFAULT_UUID; if (strlen($code) == 0) { if (count($codes) == 0) { $id = get_next_id(); $code = int2code($id, false); if (code_spam_exists($code)) { $id = mt_rand(get_next_id() + 1, 0xffffff); $code = int2code($id, false); }
/** * Do delete comment */ function _delete($params = []) { if (empty(main()->USER_ID) && MAIN_TYPE_USER) { return _error_need_login(); } $_GET['id'] = intval($_GET['id']); $comment_info = db()->query_fetch('SELECT * FROM ' . db('comments') . ' WHERE id=' . intval($_GET['id'])); if (empty($comment_info['id'])) { return _e('No such comment!'); } $OBJECT_NAME = !empty($params['object_name']) ? $params['object_name'] : $_GET['object']; $OBJECT_ID = !empty($params['object_id']) ? intval($params['object_id']) : intval($_GET['id']); $SILENT_MODE = !empty($params['silent_mode']) ? 1 : 0; $RETURN_PATH = $_SERVER['HTTP_REFERER']; if (!empty($params['return_path'])) { $RETURN_PATH = process_url($params['return_path']); } elseif (!empty($params['return_action'])) { $RETURN_PATH = process_url('./?object=' . $_GET['object'] . '&action=' . $params['return_action'] . '&id=' . $comment_info['object_id']); } if (empty($OBJECT_NAME) || empty($OBJECT_ID)) { return ''; } if (module('comments')->_user_info['ban_comments'] && MAIN_TYPE_USER) { return _e('Sorry, you are not allowed to post comments!' . PHP_EOL . 'Perhaps, you broke some of our rules and moderator has banned you from using this feature. Please, enjoy our site in some other way!' . 'For more details <a href=\'./?object=faq&action=view&id=16\'>click here</a>'); } $module_obj = module($_GET['object']); // Check if user is allowed to perform this action $delete_allowed = false; $delete_allowed_check_method = is_object($module_obj) && method_exists($module_obj, module('comments')->_delete_allowed_method); if ($delete_allowed_check_method) { $m = module('comments')->_delete_allowed_method; $delete_allowed = (bool) module($_GET['object'])->{$m}(['user_id' => $comment_info['user_id'], 'object_id' => $comment_info['object_id']]); } else { $delete_allowed = main()->USER_ID && $comment_info['user_id'] == main()->USER_ID; } if (MAIN_TYPE_ADMIN || $SILENT_MODE) { $delete_allowed = true; } else { // get elapse time if (!empty(module('comments')->EDIT_LIMIT_TIME)) { $elapse_time = time() - $comment_info['add_date']; if ($elapse_time > module('comments')->EDIT_LIMIT_TIME) { return _e('allowed time to delete has expired'); } } } if (!$delete_allowed) { return _e('You are not allowed to perform this action'); } module('unread')->_set_read('comments', $_GET['id']); if (module('comments')->USE_TREE_MODE) { $have_children = db()->query_fetch('SELECT id FROM ' . db('comments') . ' WHERE object_name="' . $comment_info['object_name'] . '" AND object_id=' . $comment_info['object_id'] . ' AND parent_id=' . $comment_info['id'] . ' LIMIT 1'); if ($have_children) { db()->UPDATE('comments', ['text' => '__comment was deleted__', 'user_id' => 0], 'id=' . intval($_GET['id'])); } else { db()->query('DELETE FROM ' . db('comments') . ' WHERE id=' . intval($_GET['id']) . ' LIMIT 1'); } } else { db()->query('DELETE FROM ' . db('comments') . ' WHERE id=' . intval($_GET['id']) . ' LIMIT 1'); } // Execute custom on_update trigger (if exists one) $try_trigger_callback = [module($_GET['object']), module('comments')->_on_update_trigger]; if (is_callable($try_trigger_callback)) { call_user_func($try_trigger_callback, $params); } return !$SILENT_MODE ? js_redirect($RETURN_PATH, false) : ''; }
/** * Hook for the RSS module */ function _rss_general() { foreach ((array) module('comments')->COMMENT_LINKS as $key => $value) { $where .= 'object_name="' . $key . '"'; if ($value !== end(module('comments')->COMMENT_LINKS)) { $where .= ' OR '; } } $Q = db()->query('SELECT * FROM ' . db('comments') . ' WHERE (' . $where . ') AND active=1 ORDER BY add_date DESC LIMIT ' . module('comments')->NUM_RSS); while ($A = db()->fetch_assoc($Q)) { $comments[$A['id']] = $A; $user_ids[$A['user_id']] = $A['user_id']; $A['object_name'] == 'news' ? $news_ids[$A['object_id']] = $A['object_id'] : ''; $A['object_name'] == 'articles' ? $articles_ids[$A['object_id']] = $A['object_id'] : ''; $A['object_name'] == 'blog' ? $blog_ids[$A['object_id']] = $A['object_id'] : ''; $A['object_name'] == 'gallery' ? $gallery_ids[$A['object_id']] = $A['object_id'] : ''; } $user_names = user($user_ids, ['nick']); if (!empty($articles_ids)) { $Q = db()->query('SELECT id,title FROM ' . db('articles_texts') . ' WHERE id IN(' . implode(',', $articles_ids) . ')'); while ($A = db()->fetch_assoc($Q)) { $titles['articles' . $A['id']] = $A['title']; } } if (!empty($news_ids)) { $Q = db()->query('SELECT id,title FROM ' . db('news') . ' WHERE id IN(' . implode(',', $news_ids) . ')'); while ($A = db()->fetch_assoc($Q)) { $titles['news' . $A['id']] = $A['title']; } } if (!empty($blog_ids)) { $Q = db()->query('SELECT id,title FROM ' . db('blog_posts') . ' WHERE id IN(' . implode(',', $blog_ids) . ')'); while ($A = db()->fetch_assoc($Q)) { $titles['blog' . $A['id']] = $A['title']; } } if (!empty($gallery_ids)) { $Q = db()->query('SELECT id,name FROM ' . db('gallery_photos') . ' WHERE id IN(' . implode(',', $gallery_ids) . ')'); while ($A = db()->fetch_assoc($Q)) { $titles['gallery' . $A['id']] = $A['name'] !== '' ? $A['name'] : t('No title'); } } if (!empty($comments)) { foreach ((array) $comments as $comment) { $data[] = ['title' => _prepare_html(t('Comments in ') . $comment['object_name'] . ' - ' . $titles[$comment['object_name'] . $comment['object_id']]), 'link' => process_url(module('comments')->COMMENT_LINKS[$comment['object_name']] . $comment['object_id'] . '#cid_' . $comment['id']), 'description' => nl2br(_cut_bb_codes(_prepare_html($comment['text']))), 'date' => $comment['add_date'], 'author' => $user_names[$comment['user_id']]['nick'], 'source' => '']; } } return $data; }
function outputRPCSubscribedBoards($boards) { $response = ' <params> <param> <value> <struct> <member> <name>total_forums_num</name> <value><int>' . count($boards) . '</int></value> </member> <member> <name>forums</name> <value> <array><data>'; foreach ($boards as $board) { $response .= ' <value><struct> <member> <name>forum_id</name> <value><string>' . $board['id'] . '</string></value> </member> <member> <name>forum_name</name> <value><base64>' . base64_encode(mobi_unescape_html($board['name'])) . '</base64></value> </member> <member> <name>icon_url</name> <value><string>' . process_url($board['icon']) . '</string></value> </member> <member> <name>is_protected</name> <value><boolean>0</boolean></value> </member> <member> <name>sub_only</name> <value><boolean>0</boolean></value> </member> <member> <name>new_post</name> <value><boolean>' . (empty($board['new']) ? '0' : '1') . '</boolean></value> </member> </struct></value>'; } $response .= ' </data></array> </value> </member> </struct> </value> </param> </params>'; outputRPCResponse($response); }
/** * Order payment method by authorize.net */ function _order_pay_authorize_net($params = []) { $order_info = $params["order_info"]; $params = $params["params"]; $PAY_METHOD_ID = 2; $PAY_METHOD_PARAMS = module('shop')->_pay_method_params[$PAY_METHOD_ID]; $amount = $order_info["total_sum"]; $description = $params["DESCRIPTION"] ? $params["DESCRIPTION"] : $PAY_METHOD_PARAMS["DESCRIPTION"]; $login_id = $PAY_METHOD_PARAMS["LOGIN_ID"]; $transaction_key = $PAY_METHOD_PARAMS["TRANSACTION_KEY"]; $TEST_MODE = $PAY_METHOD_PARAMS["TEST_MODE"] ? "true" : "false"; $IN_PRODUCTION = $PAY_METHOD_PARAMS["IN_PRODUCTION"]; // By default, this sample code is designed to post to our test server for // developer accounts: https://test.authorize.net/gateway/transact.dll // for real accounts (even in test mode), please make sure that you are // posting to: https://secure.authorize.net/gateway/transact.dll // Useful for debugging: // $url = "https://developer.authorize.net/param_dump.asp"; if ($IN_PRODUCTION) { $url = "https://secure.authorize.net/gateway/transact.dll"; } else { $url = "https://test.authorize.net/gateway/transact.dll"; } // an invoice is generated using the date and time $invoice = date("YmdHis"); // a sequence number is randomly generated $sequence = rand(1, 1000); // a timestamp is generated $time_stamp = time(); // The following lines generate the SIM fingerprint. PHP versions 5.1.2 and // newer have the necessary hmac function built in. For older versions, it // will try to use the mhash library. if (phpversion() >= '5.1.2') { $fingerprint = hash_hmac("md5", $login_id . "^" . $sequence . "^" . $time_stamp . "^" . $amount . "^", $transaction_key); } else { $fingerprint = bin2hex(mhash(MHASH_MD5, $login_id . "^" . $sequence . "^" . $time_stamp . "^" . $amount . "^", $transaction_key)); } // Required authorise.net fields $_fields_and_values = ["x_login" => substr($login_id, 0, 20), "x_amount" => substr($amount, 0, 15), "x_description" => substr($description, 0, 255), "x_invoice_num" => substr($invoice, 0, 128), "x_fp_sequence" => $sequence, "x_fp_timestamp" => $time_stamp, "x_fp_hash" => $fingerprint, "x_test_request" => $TEST_MODE, "x_delim_char" => '|', "x_delim_data" => 'TRUE', "x_version" => '3.1', "x_relay_response" => "FALSE"]; // Test mode only if ($TEST_MODE) { $_fields_and_values = my_array_merge($_fields_and_values, ["x_card_num" => "370000000000002", "x_exp_date" => "1220"]); } $_order_fields_values = ["x_cust_id" => substr($order_info["user_id"], 0, 20), "x_customer_ip" => substr($_SERVER["REMOTE_ADDR"], 0, 20), "x_card_num" => substr($order_info["card_num"], 0, 50), "x_exp_date" => substr($order_info["exp_date"], 0, 4), "x_first_name" => substr($order_info["b_first_name"], 0, 50), "x_last_name" => substr($order_info["b_last_name"], 0, 50), "x_address" => substr($order_info["b_address"], 0, 60), "x_city" => substr($order_info["b_city"], 0, 40), "x_state" => substr($order_info["b_state"], 0, 40), "x_zip" => substr($order_info["b_zip_code"], 0, 20), "x_country" => substr($order_info["b_country"], 0, 60), "x_phone" => substr($order_info["b_phone"], 0, 25), "x_company" => substr($order_info["b_company"], 0, 50), "x_email" => substr($order_info["b_email"], 0, 255), "x_ship_to_first_name" => substr($order_info["s_first_name"], 0, 50), "x_ship_to_last_name" => substr($order_info["s_last_name"], 0, 50), "x_ship_to_address" => substr($order_info["s_address"], 0, 60), "x_ship_to_city" => substr($order_info["s_city"], 0, 40), "x_ship_to_state" => substr($order_info["s_state"], 0, 40), "x_ship_to_zip" => substr($order_info["s_zip_code"], 0, 20), "x_ship_to_country" => substr($order_info["s_country"], 0, 60), "x_ship_to_company" => substr($order_info["s_company"], 0, 50)]; $_fields_and_values = my_array_merge($_fields_and_values, $_order_fields_values); $_data_to_post = []; foreach ((array) $_fields_and_values as $k => $v) { $_data_to_post[$k] = $k . '=' . urlencode(str_replace('|', '', $v)); } $_data_to_post = implode("&", $_data_to_post); db()->UPDATE(db('shop_orders'), ["status" => "pending payment"], "id=" . intval($order_info['id'])); // Try to post data $ch = curl_init(); if ($ch) { curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_REFERER, process_url("./?object=shop&action=" . $_GET["action"] . "&id=" . $_GET["id"])); curl_setopt($ch, CURLOPT_VERBOSE, 0); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $_data_to_post); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $response = curl_exec($ch); $error = curl_error($ch); curl_close($ch); if ($error) { trigger_error("SHOP: authorize.net response error: " . $error, E_USER_WARNING); return _e("SHOP: Payment gateway error #1. Please <a href='" . process_url("./?object=support") . "'>contact</a> site admin"); } } else { return _e("SHOP: Payment gateway error #2. Please <a href='" . process_url("./?object=support") . "'>contact</a> site admin"); } // Sample good response: // 1,1,1,This transaction has been approved.,Ms6s3z,P,2148412154,20090317055427,Shop Description Here,32.95,CC,auth_capture,14,fixit,fixit,,fixit 78,fixit,fixit,12345,,,,,fixit,fixit,,fixit 78,fixit,fixit,12345,,,,,,,2E9E8E7E6236B4344F9985FDE9E6522E,,2,,,,,,,,,,,,,,,,,,,,,,,,,,,, $gateway_response = explode('|', $response); // Even though authorize.net is told to return the data delimited with the pipe character, // many times it will return data comma-delimited. if (count($gateway_response) < 5) { $gateway_response = explode(',', $response); } // If the response code is not 1 (approved) then redirect back to the payment page // with the appropriate error message if ($gateway_response[0] != '1') { trigger_error("SHOP: authorize.net not approved: " . $response, E_USER_WARNING); return _e("SHOP: Payment gateway error #3. Please <a href='" . process_url("./?object=support") . "'>contact</a> site admin"); } else { db()->UPDATE(db('shop_orders'), ["status" => "processed"], "id=" . intval($order_info['id'])); } // Display order result $_GET["id"] = $order_info['id']; return module('shop')->_order_step_finish(); }
function _short_search_form() { $replace = ["search_string" => "", "form_action" => process_url("./?object=shop&action=search&id=fast")]; return tpl()->parse("shop/short_search_form", $replace); }
/** */ function _hook_side_column() { if (!$this->_used_modules) { return false; } $items = []; $url = process_url(url('/@object')); foreach ((array) $this->_used_modules as $module_name) { $items[] = '<li><a href="' . $url . '#module_' . $module_name . '"><i class="icon-chevron-right fa fa-chevron-right"></i> ' . t($module_name) . '</a></li>'; } return '<div class="span3 bs-docs-sidebar"><ul class="nav nav-list bs-docs-sidenav">' . implode(PHP_EOL, $items) . '</ul></div>'; }
/** * Account Inactive */ function account_inactive() { $replace = ['login_form_url' => process_url('./?object=login_form')]; return tpl()->parse(__CLASS__ . '/account_inactive', $replace); }
/** * Show given array as RSS page */ function show_rss_page($data = [], $params = []) { require_php_lib('yf_feedcreator'); $rss = new UniversalFeedCreator(); if (!isset($params['use_cached']) || !empty($params['use_cached'])) { $rss->useCached(); } $rss->title = _prepare_html(!empty($params['feed_title']) ? $params['feed_title'] : 'Site feed title'); $rss->description = _prepare_html(!empty($params['feed_desc']) ? $params['feed_desc'] : 'Site feed description'); // optional feed params $rss->descriptionTruncSize = !empty($params['feed_trunc_size']) ? intval($params['item_trunc_size']) : 500; $rss->descriptionHtmlSyndicated = isset($params['feed_insert_html']) ? (bool) $params['feed_insert_html'] : true; $rss->link = _prepare_html(process_url($params['feed_url'] ?: './?object=' . $_GET['object'])); $this->self_link = $rss->link; $rss->syndicationURL = _prepare_html(process_url($params['feed_source'] ?: './?object=' . $_GET['object'] . '&action=' . $_GET['action'] . (!empty($_GET['id']) ? '&id=' . $_GET['id'] : ''))); if (!empty($this->SHOW_RSS_ENCODING)) { $rss->encoding = $this->SHOW_RSS_ENCODING; } foreach ((array) $data as $A) { $item = new FeedItem(); if (isset($A['date'])) { $A['date'] = intval($A['date']); } if (isset($A['link'])) { $A['link'] = process_url($A['link']); } // Process known fields foreach ((array) $this->avail_item_fields as $field_name) { if (isset($A[$field_name])) { $item->{$field_name} = $A[$field_name]; } } if (!isset($item->guid)) { $item->guid = $A['link'] . '#' . md5($params['feed_source'] . '&' . $A['date'] . '&' . $A['title'] . '&' . $A['author']); } // optional params $item->descriptionTruncSize = !empty($params['item_trunc_size']) ? intval($params['item_trunc_size']) : $this->DESC_TRUNC_SIZE; $item->descriptionHtmlSyndicated = isset($params['item_insert_html']) ? (bool) $params['item_insert_html'] : true; // optional (enclosure) // Sample: $A['enclosure'] = array('url'=>'http://lh3.ggpht.com/smoliarov/Rwygj8ucrbE/AAAAAAAABIA/UkNlwQ7eniw/_200708.jpg','length'=>'65036','type'=>'image/jpeg'); if (!empty($A['enclosure']) && is_array($A['enclosure'])) { $E = $A['enclosure']; $item->enclosure = new EnclosureItem(); $item->enclosure->url = _prepare_html($E['url']); $item->enclosure->length = intval($E['length']); $item->enclosure->type = _prepare_html($E['type']); } $rss->addItem($item); } // Set format of the resulting feed $feed_format = isset($params['feed_format']) && in_array($params['feed_format'], $this->avail_formats) ? $params['feed_format'] : 'RSS2.0'; $feed_file_name = $params['feed_file_name']; if (!strlen($feed_file_name)) { $feed_file_name = md5($_SERVER['HTTP_HOST'] . '_' . $rss->title . $rss->description . $this->self_link); } $feed_file_name = common()->_propose_url_from_name($feed_file_name); $feed_cache_path = $this->FEEDS_CACHE_PATH . $feed_file_name . '.xml'; $feed_cache_dir = dirname($feed_cache_path); if (!file_exists($feed_cache_dir)) { _mkdir_m($feed_cache_dir); } $feed_redirect = $params['return_feed_text'] ? false : true; $body = $rss->saveFeed($feed_format, $feed_cache_path, $feed_redirect); if (!empty($params['return_feed_text'])) { if ($body) { return $body; } elseif (file_exists($feed_cache_path)) { return file_get_contents($feed_cache_path); } } else { main()->NO_GRAPHICS = true; echo $body; } }
/** * Do upload image to server */ function go($new_file_path, $name_in_form = 'image', $max_image_size = 0, $is_local = false) { // We do not want to user break our operation ignore_user_abort(true); // New name is required if (empty($new_file_path)) { trigger_error('UPLOAD_IMAGE: New file path id required', E_USER_WARNING); return false; } // Default name in form if (empty($name_in_form)) { $name_in_form = 'image'; } // Prepare params // If $name_in_form is an array - then we think that it is $_FILES array with cur image info // (useful when uploading several images at once) $PHOTO = is_array($name_in_form) ? $name_in_form : $_FILES[$name_in_form]; $MAX_IMAGE_SIZE = $max_image_size; // Check image size (first attempt) if (empty($PHOTO['size']) || !empty($MAX_IMAGE_SIZE) && $PHOTO['size'] > $MAX_IMAGE_SIZE) { _re('Invalid image size'); } // First mime type check (quick and simple) if (!$PHOTO['type'] || !isset($this->ALLOWED_MIME_TYPES[$PHOTO['type']])) { _re('Invalid image type'); } // Check for errors and stop if exists if (common()->_error_exists()) { return false; } // Create folder if not exists $photo_dir = dirname($new_file_path); if (!file_exists($photo_dir)) { _class('dir')->mkdir_m($photo_dir, 0777, 1); } // Upload original photo $photo_path = $new_file_path; if ($is_local) { $move_result = false; if (!file_exists($photo_path) && file_exists($PHOTO['tmp_name'])) { file_put_contents($photo_path, file_get_contents($PHOTO['tmp_name'])); unlink($PHOTO['tmp_name']); $move_result = true; } } else { $move_result = move_uploaded_file($PHOTO['tmp_name'], $photo_path); } // Check if file uploaded successfully if (!$move_result || !file_exists($photo_path) || !filesize($photo_path) || !is_readable($photo_path)) { _re('Uploading image error #001. Please <a href="' . process_url('./?object=help&action=email_form') . '">contact</a> site admin.'); trigger_error('Moving uploaded image error', E_USER_WARNING); return false; } // Second image type check (using GD) $real_image_info = @getimagesize($photo_path); if (empty($real_image_info) || !$real_image_info['mime'] || !isset($this->ALLOWED_MIME_TYPES[$real_image_info['mime']])) { _re('Invalid image type'); trigger_error('Invalid image type', E_USER_WARNING); unlink($photo_path); return false; } $_image_type_short = $this->ALLOWED_MIME_TYPES[$real_image_info['mime']]; // Check for wrong photos that crashed GD (only if we do not have NETPBM) if ((!defined('NETPBM_PATH') || NETPBM_PATH == '') && (!defined('IMAGICK_PATH') || IMAGICK_PATH == '')) { if ($_image_type_short == 'jpeg') { $c_func = 'imagecreatefromjpeg'; } elseif ($_image_type_short == 'png') { $c_func = 'imagecreatefrompng'; } elseif ($_image_type_short == 'gif') { $c_func = 'imagecreatefromgif'; } if ($c_func && false === @$c_func($photo_path)) { _re('Uploading image error #002. Please <a href="' . process_url('./?object=help&action=email_form') . '">contact</a> site admin.'); trigger_error('Image that crashes GD found', E_USER_WARNING); unlink($photo_path); return false; } } // Second image size checking (from the real file) if (!empty($MAX_IMAGE_SIZE) && filesize($photo_path) > $MAX_IMAGE_SIZE) { _re('Invalid image size'); trigger_error('Image size hacking attempt', E_USER_WARNING); unlink($photo_path); return false; } // Third image size checking (force resize it if needed) $LIMIT_X = defined('FORCE_RESIZE_WIDTH') ? FORCE_RESIZE_WIDTH : 1280; $LIMIT_Y = defined('FORCE_RESIZE_HEIGHT') ? FORCE_RESIZE_HEIGHT : 1024; if (defined('FORCE_RESIZE_IMAGE_SIZE') && filesize($photo_path) > FORCE_RESIZE_IMAGE_SIZE || defined('FORCE_RESIZE_WIDTH') && $real_image_info[0] > FORCE_RESIZE_WIDTH || defined('FORCE_RESIZE_HEIGHT') && $real_image_info[1] > FORCE_RESIZE_HEIGHT) { return common()->make_thumb($photo_path, $photo_path, $LIMIT_X, $LIMIT_Y); } return true; }