function _set_list_fields_($var_table)
{
$var_query_link = set_query("SELECT * FROM " . $var_table);
$var_array_field = array();
for ($var_counter = 0; $var_counter < mysql_num_fields($var_query_link); $var_counter++) {
$var_array_field[$var_counter] = mysql_field_name($var_query_link, $var_counter);
}
return $var_array_field;
}
Redirect(set_query('save_settings=ok'));
break;
}
#loading data for subpages
switch ($SubPage) {
case 'balance':
$Commissions = affp_getCommissionsAmount($customerID);
$Payments = affp_getPaymentsAmount($customerID);
$smarty->assign('CommissionsNumber', count($Commissions));
$smarty->assign('PaymentsNumber', count($Payments));
$smarty->assign('CommissionsAmount', $Commissions);
$smarty->assign('PaymentsAmount', $Payments);
$smarty->assign('CurrencyISO3', currGetAllCurrencies());
break;
case 'payments_history':
$Payments = affp_getPayments($customerID);
$smarty->assign('PaymentsNumber', count($Payments));
$smarty->assign('Payments', html_spchars(affp_getPayments($customerID, '', '', '', 'pID ASC')));
break;
case 'settings':
$smarty->assign('SettingsSaved', isset($_GET['save_settings']));
$smarty->assign('Settings', affp_getSettings($customerID));
break;
case 'attract_guide':
$smarty->assign('_AFFP_STRING_ATTRACT_GUIDE', str_replace(array('{URL}', '{aff_percent}', '{login}'), array('http://' . $_SERVER['HTTP_HOST'] . set_query('') . '?refid=' . $customerID, CONF_AFFILIATE_AMOUNT_PERCENT, $_SESSION["log"]), AFFP_STRING_ATTRACT_GUIDE));
break;
}
$smarty->assign('affiliate_customers', $affp_CustomersNum);
$smarty->assign('SubPage', $SubPage);
$smarty->assign("main_content_template", "affiliate_program.tpl");
}
function _settingRates($_ModuleConfigID)
{
$smarty = new Smarty();
$Courier = new CourierShippingModule2($_ModuleConfigID);
$Rates = array();
if (isset($_GET['delete_rate'])) {
$Courier->_deleteRate($_GET['delete_rate']);
Redirect(set_query('delete_rate='));
}
if (isset($_POST['save'])) {
$_Rates = array();
$_Amounts = array();
foreach ($_POST['fORDER_AMOUNTS'] as $_Ind => $_Amount) {
if ((double) $_Amount <= 0 || (double) $_POST['fRATES'][$_Ind] <= 0 || in_array($_Amount, $_Amounts)) {
continue;
}
$_Rate = array();
$_Rate['rate'] = preg_replace('/([0-9]+)\\%/', '$1', $_POST['fRATES'][$_Ind]);
if ($_Rate['rate'] != $_POST['fRATES'][$_Ind]) {
$_Rate['isPercent'] = 1;
} else {
$_Rate['isPercent'] = 0;
}
$_Rate['orderAmount'] = $_Amount;
$_Amounts[] = $_Amount;
$_Rates[] = $_Rate;
}
$Courier->_saveRates($_Rates);
}
if (!count($Rates)) {
$Rates = $Courier->_getRates();
}
$smarty->hassign('Rates', $Rates);
return $smarty->fetch($Courier->TemplatesDir . 'courier2.tpl');
}
} else {
$_GET['page'] = (int) $_GET['page'] > $TotalPages ? $TotalPages : (int) $_GET['page'];
}
if (isset($_GET['added']) || isset($_POST['added'])) {
$error = STRING_ERROR_LE_LINK_ADDED;
}
$_SERVER['REQUEST_URI'] = set_query('added=');
$lister = getListerRange($_GET['page'], $TotalPages);
$le_Categories = le_getCategories();
if (isset($_GET['show_all']) || isset($_POST['show_all'])) {
$ob_per_list = $ob_per_list * $TotalPages;
$smarty->assign('showAllLinks', '1');
$_GET['page'] = 1;
}
$smarty->assign('REQUEST_URI', html_amp($_SERVER['REQUEST_URI']));
$smarty->assign('url_allcategories', set_query('le_categoryID='));
$smarty->assign('le_categories', $le_Categories);
$smarty->assign('le_CategoryID', $_GET['le_categoryID']);
$smarty->assign('curr_page', $_GET['page']);
$smarty->assign('last_page', $TotalPages);
if (isset($error)) {
if ($error != STRING_ERROR_LE_LINK_ADDED) {
$smarty->assign('error', $error);
$smarty->assign('pst_LINK', html_spchars($_POST['LINK']));
} else {
$smarty->assign('error_ok', $error);
}
}
isset($_GET['le_categoryID']) ? (int) $_GET['le_categoryID'] : 1;
$smarty->assign('le_links', le_getLinks((int) $_GET['page'], (int) $ob_per_list, ($_GET['le_categoryID'] ? "le_lCategoryID = {$_GET['le_categoryID']}" : '1') . " AND (le_lVerified IS NOT NULL AND le_lVerified <>'0000-00-00 00:00:00' )", 'le_lID, le_lText, le_lDesk, le_lURL, le_lCategoryID, le_lVerified', 'le_lVerified ASC, le_lURL ASC'));
if ($lister['start'] < $lister['end']) {
/**
* Return url for transaction result
*
* @param string $_Type - success or failure
* @return string
*/
function getTransactionResultURL($_Type)
{
$scURL = trim(CONF_FULL_SHOP_URL);
$scURL = str_replace("http://", "", $scURL);
$scURL = str_replace("https://", "", $scURL);
$scURL = "http://" . $scURL;
return set_query('&transaction_result=' . $_Type, $scURL);
}
}
if (isset($_GET["customerID"])) {
$res .= "&customerID=" . $_GET["customerID"];
}
return $res;
}
if (isset($_GET['activateID'])) {
if (CONF_BACKEND_SAFEMODE) {
Redirect(set_query('&activateID=&safemode=yes'));
}
regActivateCustomer($_GET['activateID']);
Redirect(set_query('activateID='));
}
if (isset($_GET["deleteCustomerID"])) {
if (CONF_BACKEND_SAFEMODE) {
Redirect(set_query("&safemode=yes&deleteCustomerID="));
}
regDeleteCustomer($_GET["deleteCustomerID"]);
if (isset($_GET['encodedReturnUrl'])) {
Redirect(base64_decode($_GET["encodedReturnUrl"]));
} else {
Redirect(ADMIN_FILE . '?dpt=custord&sub=custlist');
}
}
if (!isset($_GET["customer_details"])) {
if (isset($_GET["search"]) || isset($_GET["export_to_excel"])) {
if (CONF_BACKEND_SAFEMODE) {
Redirect(ADMIN_FILE . "?dpt=custord&sub=custlist&safemode=yes");
}
$_GET["search"] = 1;
_copyFromGetVarsToPage($smarty);
<?php
if (!strcmp($sub, "subscribers")) {
//show news subscribers
if (CONF_BACKEND_SAFEMODE != 1 && (!isset($_SESSION["log"]) || !in_array(8, $relaccess))) {
//unauthorized
$smarty->assign("admin_sub_dpt", "error_forbidden.tpl");
} else {
if (isset($_POST['fACTION'])) {
$xREQUEST_URI = set_query('&QWERTY=');
/**
* this action is forbidden when SAFE MODE is ON
*/
if (CONF_BACKEND_SAFEMODE) {
Redirect(_getUrlToUnsub() . "&safemode=yes");
}
if (!session_is_registered('SUBSCRIBE_MESSAGE')) {
session_register('SUBSCRIBE_MESSAGE');
}
switch ($_POST['fACTION']) {
case 'fLoadSubscribersListFile':
$UploadError = false;
do {
if (!isset($_FILES['fSubscribersListFile']['tmp_name'])) {
$UploadError = true;
break;
}
if (!$_FILES['fSubscribersListFile']['tmp_name']) {
$UploadError = true;
break;
}
function regAuthenticate($login, $password, $Redirect = true)
{
$sql = '
SELECT DISTINCT
cust_password,
CID,
ActivationCode
FROM ' . CUSTOMERS_TABLE . '
WHERE Login="******"';
$q = db_query($sql);
$row = db_fetch_row($q);
if (CONF_ENABLE_REGCONFIRMATION && $row['ActivationCode']) {
if ($Redirect) {
RedirectProtected(set_query('&act_customer=1¬act=1'));
} else {
return false;
}
}
if ($row && strlen(trim($login)) > 0) {
if ($row["cust_password"] == cryptPasswordCrypt($password, null)) {
// set session variables
$_SESSION["log"] = $login;
$_SESSION["pass"] = cryptPasswordCrypt($password, null);
$_SESSION["current_currency"] = $row["CID"];
// update statistic
stAddCustomerLog($login);
// move cart content into DB
moveCartFromSession2DB();
return true;
}
}
return false;
}
$msg = 'ok';
}
break;
case 'VERIFY_LINKS':
if (isset($_POST['LINKS_IDS'])) {
foreach ($_POST['LINKS_IDS'] as $_linkID) {
le_SaveLink(array('le_lID' => $_linkID, 'le_lVerified' => date("Y-m-d H:i:s")));
}
}
$msg = 'ok';
break;
case 'UNVERIFY_LINKS':
if (isset($_POST['LINKS_IDS'])) {
foreach ($_POST['LINKS_IDS'] as $_linkID) {
le_SaveLink(array('le_lID' => $_linkID, 'le_lVerified' => 'NULL'));
}
}
$msg = 'ok';
break;
case 'DELETE_LINKS':
if (isset($_POST['LINKS_IDS'])) {
foreach ($_POST['LINKS_IDS'] as $_le_lID) {
le_DeleteLink($_le_lID);
}
}
$msg = 'ok';
break;
}
if ($_POST['fREDIRECT'] && $msg == 'ok') {
Redirect(set_query('action=' . $msg, $_POST['fREDIRECT']));
}
}
if ($_GET['till']) {
if (isTemplateDate($_GET['till'])) {
$show_tables = $show_tables && true;
} else {
$show_tables = false;
$error_date_format = true;
}
} elseif (!isset($_POST['till'])) {
$_GET['till'] = $CurrDate;
$show_tables = false;
} else {
$show_tables = false;
$error_date_format = true;
}
$XREQUEST_URI = set_query('safemode=&new_commission=&delete_pay=&delete_commission=&new_pay=&till=' . rawurlencode($_GET['till']) . '&from=' . rawurlencode($_GET['from']));
if (isset($show_tables)) {
#get payments
if (!isset($_GET['OrderField'])) {
$_GET['OrderField'] = 'pID';
}
if (!isset($_GET['OrderDiv'])) {
$_GET['OrderDiv'] = 'ASC';
}
if ($_GET['OrderField'] == 'Amount') {
$_GET['OrderField'] = ' CurrencyISO3 ' . $_GET['OrderDiv'] . ', ' . $_GET['OrderField'];
}
$Payments = affp_getPayments($customerID, '', TransformTemplateToDATE($_GET['from'], CONF_DATE_FORMAT), TransformTemplateToDATE($_GET['till'], CONF_DATE_FORMAT), $_GET['OrderField'] . ' ' . $_GET['OrderDiv']);
#get commissions
if (!isset($_GET['OrderFieldC'])) {
$_GET['OrderFieldC'] = 'cID';
if (isset($_GET['act_customer']) && CONF_ENABLE_REGCONFIRMATION) {
$ActErr = false;
if (isset($_GET['act_code'])) {
if ($_GET['act_code']) {
$sql = 'SELECT customerID, Login, cust_password FROM ' . CUSTOMERS_TABLE . '
WHERE ActivationCode="' . xEscapeSQLstring($_GET['act_code']) . '"
AND ActivationCode!="" AND ActivationCode IS NOT NULL';
$Result = db_query($sql);
$Customer = db_fetch_row($Result);
if (isset($Customer['Login']) && $Customer['Login']) {
regActivateCustomer($Customer['customerID']);
regAuthenticate($Customer['Login'], cryptPasswordDeCrypt($Customer['cust_password'], null));
if (isset($_GET['order2']) && xDataExists('xREGMAILCONF_URLORDER2')) {
Redirect(xPopData('xREGMAILCONF_URLORDER2'));
} else {
Redirect(set_query('&act_code=&act_ok=1'));
}
} else {
$smarty->hassign('ActCode', $_GET['act_code']);
$ActErr = true;
}
} else {
$ActErr = true;
}
}
if (isset($_GET['act_ok'])) {
$smarty->assign('ActOk', 1);
}
if (isset($_GET['notact'])) {
$smarty->assign('NoAct', 1);
}
//$selected_currency_details = $all_currencies[$current_currency];
if (isset($_GET["do"])) {
if (in_array($_GET["do"], array("invoice", "invoice_jur", "invoice_phys", "configurator", "wishcat", "wishlist", "wishprod", "get_file"))) {
include "core/includes/processor/" . $_GET["do"] . ".php";
} else {
header("HTTP/1.0 404 Not Found");
header("HTTP/1.1 404 Not Found");
header("Status: 404 Not Found");
die(ERROR_404_HTML);
}
} else {
$relaccess = checklogin();
if (CONF_BACKEND_SAFEMODE != 1 && (!isset($_SESSION["log"]) || !in_array(100, $relaccess))) {
if (isset($_POST['user_login']) && isset($_POST['user_pw'])) {
if (regAuthenticate($_POST['user_login'], $_POST['user_pw'])) {
Redirect(set_query('&__tt='));
}
die(ERROR_FORBIDDEN);
}
die(ERROR_FORBIDDEN);
}
$eaction = isset($_REQUEST['eaction']) ? $_REQUEST['eaction'] : '';
switch ($eaction) {
case 'cat':
if (isset($_SESSION["log"])) {
$admintempname = $_SESSION["log"];
}
//get new orders count
$q = db_query("select count(*) from " . ORDERS_TABLE . " WHERE statusID=" . (int) CONF_NEW_ORDER_STATUS);
$n = db_fetch_row($q);
$new_orders_count = $n[0];
eval("\$module = new " . $className . "();");
if ($module->get_id() == $_GET["setting_up"]) {
$shipping_module = $module;
break;
}
}
}
$constants = $shipping_module->settings_list();
$settings = array();
$controls = array();
foreach ($constants as $constant) {
$settings[] = settingGetSetting($constant);
$controls[] = settingCallHtmlFunction($constant);
}
if (isset($_POST['save'])) {
Redirect(set_query('Pustishka='));
}
$smarty->assign("settings", $settings);
$smarty->assign("controls", $controls);
$smarty->assign("shipping_module", $shipping_module);
$smarty->assign("constant_managment", 1);
} else {
$shipping_configs = modGetAllInstalledModuleObjs(SHIPPING_RATE_MODULE);
foreach ($shipping_configs as $_Ind => $_Conf) {
$shipping_configs[$_Ind] = array('ConfigID' => $_Conf->get_id(), 'ConfigName' => $_Conf->title, 'ConfigClassName' => get_class($_Conf));
}
$shipping_modules = array();
$shipping_methods_by_modules = array();
foreach ($moduleFiles as $fileName) {
$className = GetClassName($fileName);
if (!$className) {
$custinfo = regGetCustomerInfo2($_SESSION["log"]);
$customer_name = $custinfo["first_name"] . " " . $custinfo["last_name"];
$customer_email = $custinfo["Email"];
}
$message_text = "";
}
if (Message::isMessage($Message) && $Message->is_set() && isset($Message->prd_request)) {
$smarty->assign('prd_request', $Message->prd_request);
}
if (isset($_GET["sent"])) {
$smarty->assign("sent", 1);
}
set_query('&sent=', '', true);
if (count($all_product_pictures) > 1) {
$smarty->assign("all_product_pictures", $all_product_pictures);
}
$smarty->assign("m_all_product_pictures", $all_product_pictures);
$smarty->assign('conf_image', URL_ROOT . '/imgval.php?' . generateRndCode(4) . '=1');
$smarty->assign("product_info", $a);
$smarty->assign("product_reviews_count", $k);
$smarty->assign('product_last_reviews', discGetLastDiscussions($productID, 2));
/*if(file_exists(DIR_RSS."/{$productID}.xml")){
$smarty->assign('rss_link',URL_RSS."/{$productID}.xml");
}*/
$smarty->assign("product_extra", $extra);
$smarty->assign("product_related", $related);
$smarty->assign('vote_completed', isset($_SESSION["vote_completed"][$productID]) && $_SESSION["vote_completed"][$productID] ? 1 : 0);
}
}
set_query('&picture_id=', '', true);
//EOF
function main()
{
$Register =& Register::getInstance();
$smarty =& $Register->get(VAR_SMARTY);
/*@var $smarty Smarty*/
// shopping cart
//iframe cookie security workaround
if (isset($_GET['check_cookie'])) {
if ($_GET['check_cookie'] != session_id()) {
$productID = (int) $_GET['productID'];
$product_data = GetProduct($productID);
$product_slug = $product_data && isset($product_data['slug']) ? $product_data['slug'] : '';
$url = "?ukey=product_widget&productID={$productID}&product_slug={$product_slug}&check_cookie&";
$widgets = false;
$Register->set('widgets', $widgets);
$_SERVER['REQUEST_URI'] = preg_replace('/(^|&)widgets=1/', '', $_SERVER['REQUEST_URI']);
RedirectSQ($url);
} else {
renderURL('check_cookie&productID', '', true);
}
}
if (isset($_GET["make_more_exact_cart_content"])) {
$smarty->assign("make_more_exact_cart_content", 1);
}
if (isset($_GET["remove"]) && $_GET["remove"] > 0) {
//remove from cart product with productID == $remove
$cartEntry = new ShoppingCart();
$cartEntry->loadCurrentCart();
$cartEntry->setItemQuantity($_GET['remove'], 0);
$cartEntry->saveCurrentCart();
if ($cartEntry->isEmpty()) {
//remove coupon from empty cart
ClassManager::includeClass('discount_coupon');
discount_coupon::remove();
}
RedirectSQ('remove=');
}
$cart_view = $this->_detect_cart_view();
if (isset($_POST["update"]) || isset($_POST["recalculate"])) {
//update shopping cart content
if ($_POST['discount_coupon_code'] != '') {
$this->_check_and_apply_coupon($_POST['discount_coupon_code']);
}
$cartEntry = new ShoppingCart();
$cartEntry->loadCurrentCart();
$upd_data = scanArrayKeysForID($_POST, 'count');
foreach ($upd_data as $_itemID => $_data) {
$cartEntry->setItemQuantity($_itemID, intval($_data['count']));
}
$cartEntry->saveCurrentCart();
if ($cartEntry->isEmpty()) {
//remove coupon from empty cart
ClassManager::includeClass('discount_coupon');
discount_coupon::remove();
}
if (cartCheckMinOrderAmount() && cartCheckMinTotalOrderAmount()) {
switch ($cart_view) {
case CARTVIEW_FRAME:
if (isset($_POST['checkout']) && $Register->get('store_mode') == 'facebook') {
$store_mode = false;
$Register->set('store_mode', $store_mode);
$jsgoto = '?ukey=checkout&view=noframe';
RedirectSQ($jsgoto ? 'jsgoto=' . base64_encode(set_query($jsgoto)) : '');
}
RedirectSQ(isset($_POST['checkout']) ? '?ukey=checkout' : (isset($_POST['ppe_checkout_x']) ? 'ppexpresscheckout2=1' : (isset($_POST['google_checkout_x']) ? 'googlecheckout2=1' : '')));
break;
case CARTVIEW_WIDGET:
case CARTVIEW_FADE:
$jsgoto = isset($_POST['checkout']) ? '?ukey=checkout&view=noframe' : (isset($_POST['ppe_checkout_x']) ? 'ppexpresscheckout2=1&view=frame' : (isset($_POST['google_checkout_x']) ? 'googlecheckout2=1&view=frame' : ''));
RedirectSQ($jsgoto ? 'jsgoto=' . base64_encode(set_query($jsgoto)) : '');
break;
}
} elseif (isset($_POST['checkout']) || isset($_POST['google_checkout_x']) || isset($_POST['ppe_checkout_x'])) {
$smarty->assign('cart_error_show', '1');
}
}
if (isset($_GET["clear_cart"])) {
//completely clear shopping cart
$cartEntry = new ShoppingCart();
$cartEntry->loadCurrentCart();
$cartEntry->cleanCurrentCart('erase');
//remove coupon from empty cart
ClassManager::includeClass('discount_coupon');
discount_coupon::remove();
RedirectSQ('clear_cart=');
}
if (isset($_POST['checkout'])) {
if (SystemSettings::is_hosted() && file_exists(WBS_DIR . '/kernel/classes/class.metric.php')) {
include_once WBS_DIR . '/kernel/classes/class.metric.php';
$DB_KEY = SystemSettings::get('DB_KEY');
$U_ID = sc_getSessionData('U_ID');
$metric = metric::getInstance();
$metric->addAction($DB_KEY, $U_ID, 'SC', 'CHECKOUT', isset($_GET['widgets']) ? 'WIDGET' : 'STOREFRONT', '');
}
}
$resCart = cartGetCartContent();
$resDiscount = dscGetCartDiscounts($resCart["total_price"], isset($_SESSION["log"]) ? $_SESSION["log"] : "");
$currencyEntry = Currency::getSelectedCurrencyInstance();
$cart_discount_show = $resDiscount['other_discounts']['cu'] > 0 ? $currencyEntry->getView($resDiscount['other_discounts']['cu']) : '';
$coupon_discount_show = $resDiscount['coupon_discount']['cu'] > 0 ? $currencyEntry->getView($resDiscount['coupon_discount']['cu']) : '';
$smarty->assign("cart_content", xHtmlSpecialChars($resCart["cart_content"], null, 'name'));
$smarty->assign("cart_amount", $resCart["total_price"] - $resDiscount["discount_standart_unit"]);
$smarty->assign('cart_min', show_price(CONF_MINIMAL_ORDER_AMOUNT));
$smarty->assign("cart_total", $currencyEntry->getView($resDiscount['total']['cu']));
$smarty->assign('cart_discount', $cart_discount_show);
$smarty->assign('discount_percent', round($resDiscount['discount_percent'], 1));
$smarty->assign('coupon_discount', $coupon_discount_show);
$smarty->assign("current_coupon", discount_coupon::getCurrentCoupon());
if (isset($_SESSION['log'])) {
$smarty->assign('shippingAddressID', regGetDefaultAddressIDByLogin($_SESSION['log']));
}
if (isset($_GET['min_order'])) {
$smarty->assign('minOrder', 'error');
}
if (isset($_GET['jsgoto'])) {
$smarty->assign('jsgoto', base64_decode($_GET['jsgoto']));
}
$smarty->assign('main_content_template', 'shopping_cart.html');
$smarty->assign('main_body_style', 'style="' . (CONF_SHOPPING_CART_VIEW == 2 || $cart_view == CARTVIEW_FRAME ? '' : 'background:#FFFFFF;') . 'min-width:auto;width:auto;_width:auto;"');
}