function affiliate_insert($sql_data_array, $affiliate_parent = 0) { // LOCK TABLES @mysql_query("LOCK TABLES " . TABLE_AFFILIATE . " WRITE"); if ($affiliate_parent > 0) { $affiliate_root_query = vam_db_query("select affiliate_root, affiliate_rgt, affiliate_lft from " . TABLE_AFFILIATE . " where affiliate_id = '" . $affiliate_parent . "' "); // Check if we have a parent affiliate if ($affiliate_root_array = vam_db_fetch_array($affiliate_root_query)) { vam_db_query("update " . TABLE_AFFILIATE . " SET affiliate_lft = affiliate_lft + 2 WHERE affiliate_root = '" . $affiliate_root_array['affiliate_root'] . "' and affiliate_lft > " . $affiliate_root_array['affiliate_rgt'] . " AND affiliate_rgt >= " . $affiliate_root_array['affiliate_rgt'] . " "); vam_db_query("update " . TABLE_AFFILIATE . " SET affiliate_rgt = affiliate_rgt + 2 WHERE affiliate_root = '" . $affiliate_root_array['affiliate_root'] . "' and affiliate_rgt >= " . $affiliate_root_array['affiliate_rgt'] . " "); $sql_data_array['affiliate_root'] = $affiliate_root_array['affiliate_root']; $sql_data_array['affiliate_lft'] = $affiliate_root_array['affiliate_rgt']; $sql_data_array['affiliate_rgt'] = $affiliate_root_array['affiliate_rgt'] + 1; vam_db_perform(TABLE_AFFILIATE, $sql_data_array); $affiliate_id = vam_db_insert_id(); } // no parent -> new root } else { $sql_data_array['affiliate_lft'] = '1'; $sql_data_array['affiliate_rgt'] = '2'; vam_db_perform(TABLE_AFFILIATE, $sql_data_array); $affiliate_id = vam_db_insert_id(); vam_db_query("update " . TABLE_AFFILIATE . " set affiliate_root = '" . $affiliate_id . "' where affiliate_id = '" . $affiliate_id . "' "); } // UNLOCK TABLES @mysql_query("UNLOCK TABLES"); return $affiliate_id; }
function updateBill($login, $password, $txn, $status) { //обработка возможных ошибок авторизации if ($login != MODULE_PAYMENT_QIWI_ID) { return 150; } if (!empty($password) && $password != strtoupper(md5($txn . strtoupper(md5(MODULE_PAYMENT_QIWI_SECRET_KEY))))) { return 150; } // получаем номер заказа $transaction = intval($txn); // проверяем, есть ли такой заказ в базе $order_query = vam_db_query("select count(*) as total from " . TABLE_ORDERS . " where orders_id = '" . (int) $transaction . "'"); $order_exists = vam_db_fetch_array($order_query); if ($order_exists['total'] <= 0) { return 210; } // меняем статус заказа при условии оплаты счёта if ($status == 60) { $sql_data_array = array('orders_status' => MODULE_PAYMENT_QIWI_ORDER_STATUS_ID); vam_db_perform('orders', $sql_data_array, 'update', "orders_id='" . $transaction . "'"); $sql_data_arrax = array('orders_id' => $transaction, 'orders_status_id' => MODULE_PAYMENT_QIWI_ORDER_STATUS_ID, 'date_added' => 'now()', 'customer_notified' => '0', 'comments' => 'QIWI accepted this order payment'); vam_db_perform('orders_status_history', $sql_data_arrax); // Отправляем письмо клиенту и админу о смене статуса заказа require_once DIR_WS_CLASSES . 'order.php'; $order = new order($transaction); $vamTemplate = new vamTemplate(); // assign language to template for caching $vamTemplate->assign('language', $_SESSION['language']); $vamTemplate->caching = false; $vamTemplate->assign('tpl_path', 'templates/' . CURRENT_TEMPLATE . '/'); $vamTemplate->assign('logo_path', HTTP_SERVER . DIR_WS_CATALOG . 'templates/' . CURRENT_TEMPLATE . '/img/'); $vamTemplate->assign('NAME', $order->customer['firstname'] . ' ' . $order->customer['lastname']); $vamTemplate->assign('ORDER_NR', $transaction); $vamTemplate->assign('ORDER_LINK', vam_href_link(FILENAME_ACCOUNT_HISTORY_INFO, 'order_id=' . $transaction, 'SSL')); $vamTemplate->assign('ORDER_DATE', vam_date_long($order->info['date_purchased'])); $lang_query = vam_db_query("select languages_id from " . TABLE_LANGUAGES . " where directory = '" . $_SESSION['language'] . "'"); $lang = vam_db_fetch_array($lang_query); $lang = $lang['languages_id']; if (!isset($lang)) { $lang = $_SESSION['languages_id']; } $orders_status_array = array(); $orders_status_query = vam_db_query("select orders_status_id, orders_status_name from " . TABLE_ORDERS_STATUS . " where language_id = '" . $lang . "'"); while ($orders_status = vam_db_fetch_array($orders_status_query)) { $orders_statuses[] = array('id' => $orders_status['orders_status_id'], 'text' => $orders_status['orders_status_name']); $orders_status_array[$orders_status['orders_status_id']] = $orders_status['orders_status_name']; } $vamTemplate->assign('ORDER_STATUS', $orders_status_array[MODULE_PAYMENT_QIWI_ORDER_STATUS_ID]); $html_mail = $vamTemplate->fetch(CURRENT_TEMPLATE . '/admin/mail/' . $_SESSION['language'] . '/change_order_mail.html'); $txt_mail = $vamTemplate->fetch(CURRENT_TEMPLATE . '/admin/mail/' . $_SESSION['language'] . '/change_order_mail.txt'); include_once DIR_WS_LANGUAGES . $_SESSION['language'] . '/modules/payment/qiwi.php'; // create subject $order_subject = str_replace('{$nr}', $transaction, MODULE_PAYMENT_QIWI_EMAIL_SUBJECT); // send mail to admin vam_php_mail(EMAIL_BILLING_ADDRESS, EMAIL_BILLING_NAME, EMAIL_BILLING_ADDRESS, STORE_NAME, EMAIL_BILLING_FORWARDING_STRING, $order->customer['email_address'], $order->customer['firstname'], '', '', $order_subject, $html_mail, $txt_mail); // send mail to customer vam_php_mail(EMAIL_BILLING_ADDRESS, EMAIL_BILLING_NAME, $order->customer['email_address'], $order->customer['firstname'] . ' ' . $order->customer['lastname'], '', EMAIL_BILLING_REPLY_ADDRESS, EMAIL_BILLING_REPLY_ADDRESS_NAME, '', '', $order_subject, $html_mail, $txt_mail); } }
$sql = "\n SELECT sum(affiliate_payment) as affiliate_payment\n FROM " . TABLE_AFFILIATE_SALES . " \n WHERE affiliate_id='" . $affiliate_payment['affiliate_id'] . "' and affiliate_billing_status=99 \n "; $affiliate_billing_query = vam_db_query($sql); $affiliate_billing = vam_db_fetch_array($affiliate_billing_query); // Get affiliate Informations $sql = "\n SELECT a.*, c.countries_id, c.countries_name, c.countries_iso_code_2, c.countries_iso_code_3, c.address_format_id \n from " . TABLE_AFFILIATE . " a \n left join " . TABLE_ZONES . " z on (a.affiliate_zone_id = z.zone_id) \n left join " . TABLE_COUNTRIES . " c on (a.affiliate_country_id = c.countries_id)\n WHERE affiliate_id = '" . $affiliate_payment['affiliate_id'] . "' \n "; $affiliate_query = vam_db_query($sql); $affiliate = vam_db_fetch_array($affiliate_query); // Get need tax informations for the affiliate $affiliate_tax_rate = vam_get_affiliate_tax_rate(AFFILIATE_TAX_ID, $affiliate['affiliate_country_id'], $affiliate['affiliate_zone_id']); $affiliate_tax = vam_round($affiliate_billing['affiliate_payment'] * $affiliate_tax_rate / 100, 2); // Netto-Provision $affiliate_payment_total = $affiliate_billing['affiliate_payment']; // Bill the order $affiliate['affiliate_state'] = vam_get_zone_code($affiliate['affiliate_country_id'], $affiliate['affiliate_zone_id'], $affiliate['affiliate_state']); $sql_data_array = array('affiliate_id' => $affiliate_payment['affiliate_id'], 'affiliate_payment' => $affiliate_billing['affiliate_payment'] - $affiliate_tax, 'affiliate_payment_tax' => $affiliate_tax, 'affiliate_payment_total' => $affiliate_payment_total, 'affiliate_payment_date' => 'now()', 'affiliate_payment_status' => '0', 'affiliate_firstname' => $affiliate['affiliate_firstname'], 'affiliate_lastname' => $affiliate['affiliate_lastname'], 'affiliate_street_address' => $affiliate['affiliate_street_address'], 'affiliate_suburb' => $affiliate['affiliate_suburb'], 'affiliate_city' => $affiliate['affiliate_city'], 'affiliate_country' => $affiliate['countries_name'], 'affiliate_postcode' => $affiliate['affiliate_postcode'], 'affiliate_company' => $affiliate['affiliate_company'], 'affiliate_state' => $affiliate['affiliate_state'], 'affiliate_address_format_id' => $affiliate['address_format_id']); vam_db_perform(TABLE_AFFILIATE_PAYMENT, $sql_data_array); $insert_id = vam_db_insert_id(); // Set the Sales to Final State vam_db_query("update " . TABLE_AFFILIATE_SALES . " set affiliate_payment_id = '" . $insert_id . "', affiliate_billing_status = 1, affiliate_payment_date = now() where affiliate_id = '" . $affiliate_payment['affiliate_id'] . "' and affiliate_billing_status = 99"); // Notify Affiliate if (AFFILIATE_NOTIFY_AFTER_BILLING == 'true') { $check_status_query = vam_db_query("select af.affiliate_email_address, ap.affiliate_lastname, ap.affiliate_firstname, ap.affiliate_payment_status, ap.affiliate_payment_date, ap.affiliate_payment_date from " . TABLE_AFFILIATE_PAYMENT . " ap, " . TABLE_AFFILIATE . " af where affiliate_payment_id = '" . $insert_id . "' and af.affiliate_id = ap.affiliate_id "); $check_status = vam_db_fetch_array($check_status_query); $email = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . EMAIL_TEXT_AFFILIATE_PAYMENT_NUMBER . ' ' . $insert_id . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . vam_catalog_href_link(FILENAME_CATALOG_AFFILIATE_PAYMENT_INFO, 'payment_id=' . $insert_id, 'SSL') . "\n" . EMAIL_TEXT_PAYMENT_BILLED . ' ' . vam_date_long($check_status['affiliate_payment_date']) . "\n\n" . EMAIL_TEXT_NEW_PAYMENT; vam_php_mail(AFFILIATE_EMAIL_ADDRESS, EMAIL_SUPPORT_NAME, $check_status['affiliate_email_address'], $check_status['affiliate_firstname'] . ' ' . $check_status['affiliate_lastname'], '', EMAIL_SUPPORT_REPLY_ADDRESS, EMAIL_SUPPORT_REPLY_ADDRESS_NAME, '', '', EMAIL_TEXT_SUBJECT, nl2br($email), $email); } } $messageStack->add_session(SUCCESS_BILLING, 'success'); vam_redirect(vam_href_link(FILENAME_AFFILIATE_PAYMENT, vam_get_all_get_params(array('action')) . 'action=edit')); break; case 'update_payment':
function after_process() { global $order, $insert_id; if (MODULE_PAYMENT_PM2CHECKOUT_TESTMODE == 'Test') { $sql_data_array = array('orders_id' => (int) $insert_id, 'orders_status_id' => (int) $order->info['order_status'], 'date_added' => 'now()', 'customer_notified' => '0', 'comments' => MODULE_PAYMENT_PM2CHECKOUT_TEXT_WARNING_DEMO_MODE); vam_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array); } if (vam_not_null(MODULE_PAYMENT_PM2CHECKOUT_SECRET_WORD) && MODULE_PAYMENT_PM2CHECKOUT_TESTMODE == 'Production') { if (md5(MODULE_PAYMENT_PM2CHECKOUT_SECRET_WORD . MODULE_PAYMENT_PM2CHECKOUT_LOGIN . $_POST['order_number'] . number_format($order->info['total'], 2)) != $_POST['key']) { $sql_data_array = array('orders_id' => (int) $insert_id, 'orders_status_id' => (int) $order->info['order_status'], 'date_added' => 'now()', 'customer_notified' => '0', 'comments' => MODULE_PAYMENT_PM2CHECKOUT_TEXT_WARNING_TRANSACTION_ORDER); vam_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array); } } }
function confirmation() { global $cartID, $customer_id, $languages_id, $order, $order_total_modules; if (isset($_SESSION['cartID'])) { $insert_order = false; if (isset($_SESSION['cart_yandex_id'])) { $order_id = substr($_SESSION['cart_yandex_id'], strpos($_SESSION['cart_yandex_id'], '-') + 1); $curr_check = vam_db_query("select currency from " . TABLE_ORDERS . " where orders_id = '" . (int) $order_id . "'"); $curr = vam_db_fetch_array($curr_check); if ($curr['currency'] != $order->info['currency'] || $cartID != substr($_SESSION['cart_yandex_id'], 0, strlen($cartID))) { $check_query = vam_db_query('select orders_id from ' . TABLE_ORDERS_STATUS_HISTORY . ' where orders_id = "' . (int) $order_id . '" limit 1'); if (vam_db_num_rows($check_query) < 1) { vam_db_query('delete from ' . TABLE_ORDERS . ' where orders_id = "' . (int) $order_id . '"'); vam_db_query('delete from ' . TABLE_ORDERS_TOTAL . ' where orders_id = "' . (int) $order_id . '"'); vam_db_query('delete from ' . TABLE_ORDERS_STATUS_HISTORY . ' where orders_id = "' . (int) $order_id . '"'); vam_db_query('delete from ' . TABLE_ORDERS_PRODUCTS . ' where orders_id = "' . (int) $order_id . '"'); vam_db_query('delete from ' . TABLE_ORDERS_PRODUCTS_ATTRIBUTES . ' where orders_id = "' . (int) $order_id . '"'); vam_db_query('delete from ' . TABLE_ORDERS_PRODUCTS_DOWNLOAD . ' where orders_id = "' . (int) $order_id . '"'); } $insert_order = true; } } else { $insert_order = true; } if ($insert_order == true) { $order_totals = array(); if (is_array($order_total_modules->modules)) { reset($order_total_modules->modules); while (list(, $value) = each($order_total_modules->modules)) { $class = substr($value, 0, strrpos($value, '.')); if ($GLOBALS[$class]->enabled) { for ($i = 0, $n = sizeof($GLOBALS[$class]->output); $i < $n; $i++) { if (vam_not_null($GLOBALS[$class]->output[$i]['title']) && vam_not_null($GLOBALS[$class]->output[$i]['text'])) { $order_totals[] = array('code' => $GLOBALS[$class]->code, 'title' => $GLOBALS[$class]->output[$i]['title'], 'text' => $GLOBALS[$class]->output[$i]['text'], 'value' => $GLOBALS[$class]->output[$i]['value'], 'sort_order' => $GLOBALS[$class]->sort_order); } } } } } if ($_SESSION['customers_status']['customers_status_ot_discount_flag'] == 1) { $discount = $_SESSION['customers_status']['customers_status_ot_discount']; } else { $discount = '0.00'; } if ($_SERVER["HTTP_X_FORWARDED_FOR"]) { $customers_ip = $_SERVER["HTTP_X_FORWARDED_FOR"]; } else { $customers_ip = $_SERVER["REMOTE_ADDR"]; } $sql_data_array = array('customers_id' => $_SESSION['customer_id'], 'customers_name' => $order->customer['firstname'] . ' ' . $order->customer['lastname'], 'customers_cid' => $order->customer['csID'], 'customers_vat_id' => $_SESSION['customer_vat_id'], 'customers_company' => $order->customer['company'], 'customers_status' => $_SESSION['customers_status']['customers_status_id'], 'customers_status_name' => $_SESSION['customers_status']['customers_status_name'], 'customers_status_image' => $_SESSION['customers_status']['customers_status_image'], 'customers_status_discount' => $discount, 'customers_street_address' => $order->customer['street_address'], 'customers_suburb' => $order->customer['suburb'], 'customers_city' => $order->customer['city'], 'customers_postcode' => $order->customer['postcode'], 'customers_state' => $order->customer['state'], 'customers_country' => $order->customer['country']['title'], 'customers_telephone' => $order->customer['telephone'], 'customers_email_address' => $order->customer['email_address'], 'customers_address_format_id' => $order->customer['format_id'], 'delivery_name' => $order->delivery['firstname'] . ' ' . $order->delivery['lastname'], 'delivery_company' => $order->delivery['company'], 'delivery_street_address' => $order->delivery['street_address'], 'delivery_suburb' => $order->delivery['suburb'], 'delivery_city' => $order->delivery['city'], 'delivery_postcode' => $order->delivery['postcode'], 'delivery_state' => $order->delivery['state'], 'delivery_country' => $order->delivery['country']['title'], 'delivery_address_format_id' => $order->delivery['format_id'], 'billing_name' => $order->billing['firstname'] . ' ' . $order->billing['lastname'], 'billing_company' => $order->billing['company'], 'billing_street_address' => $order->billing['street_address'], 'billing_suburb' => $order->billing['suburb'], 'billing_city' => $order->billing['city'], 'billing_postcode' => $order->billing['postcode'], 'billing_state' => $order->billing['state'], 'billing_country' => $order->billing['country']['title'], 'billing_address_format_id' => $order->billing['format_id'], 'payment_method' => $order->info['payment_method'], 'payment_class' => $order->info['payment_class'], 'shipping_method' => $order->info['shipping_method'], 'shipping_class' => $order->info['shipping_class'], 'language' => $_SESSION['language'], 'comments' => $order->info['comments'], 'customers_ip' => $customers_ip, 'orig_reference' => $order->customer['orig_reference'], 'login_reference' => $order->customer['login_reference'], 'cc_type' => $order->info['cc_type'], 'cc_owner' => $order->info['cc_owner'], 'cc_number' => $order->info['cc_number'], 'cc_expires' => $order->info['cc_expires'], 'date_purchased' => 'now()', 'orders_status' => $order->info['order_status'], 'currency' => $order->info['currency'], 'currency_value' => $order->info['currency_value']); vam_db_perform(TABLE_ORDERS, $sql_data_array); $insert_id = vam_db_insert_id(); $customer_notification = SEND_EMAILS == 'true' ? '1' : '0'; $sql_data_array = array('orders_id' => $insert_id, 'orders_status_id' => $order->info['order_status'], 'date_added' => 'now()', 'customer_notified' => $customer_notification, 'comments' => $order->info['comments']); vam_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array); for ($i = 0, $n = sizeof($order_totals); $i < $n; $i++) { $sql_data_array = array('orders_id' => $insert_id, 'title' => $order_totals[$i]['title'], 'text' => $order_totals[$i]['text'], 'value' => $order_totals[$i]['value'], 'class' => $order_totals[$i]['code'], 'sort_order' => $order_totals[$i]['sort_order']); vam_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array); } for ($i = 0, $n = sizeof($order->products); $i < $n; $i++) { $sql_data_array = array('orders_id' => $insert_id, 'products_id' => vam_get_prid($order->products[$i]['id']), 'products_model' => $order->products[$i]['model'], 'products_name' => $order->products[$i]['name'], 'products_price' => $order->products[$i]['price'], 'final_price' => $order->products[$i]['final_price'], 'products_tax' => $order->products[$i]['tax'], 'products_quantity' => $order->products[$i]['qty']); vam_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array); $order_products_id = vam_db_insert_id(); $attributes_exist = '0'; if (isset($order->products[$i]['attributes'])) { $attributes_exist = '1'; for ($j = 0, $n2 = sizeof($order->products[$i]['attributes']); $j < $n2; $j++) { if (DOWNLOAD_ENABLED == 'true') { $attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename, pad.products_attributes_is_pin\n from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n on pa.products_attributes_id=pad.products_attributes_id\n where pa.products_id = '" . $order->products[$i]['id'] . "'\n and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "'\n and pa.options_id = popt.products_options_id\n and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "'\n and pa.options_values_id = poval.products_options_values_id\n and popt.language_id = '" . $_SESSION['languages_id'] . "'\n and poval.language_id = '" . $_SESSION['languages_id'] . "'"; $attributes = vam_db_query($attributes_query); } else { $attributes = vam_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . $order->products[$i]['id'] . "' and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $_SESSION['languages_id'] . "' and poval.language_id = '" . $_SESSION['languages_id'] . "'"); } // update attribute stock vam_db_query("UPDATE " . TABLE_PRODUCTS_ATTRIBUTES . " set\n\t\t\t\t\t\t attributes_stock=attributes_stock - '" . $order->products[$i]['qty'] . "'\n\t\t\t\t\t\t where\n\t\t\t\t\t\t products_id='" . $order->products[$i]['id'] . "'\n\t\t\t\t\t\t and options_values_id='" . $order->products[$i]['attributes'][$j]['value_id'] . "'\n\t\t\t\t\t\t and options_id='" . $order->products[$i]['attributes'][$j]['option_id'] . "'\n\t\t\t\t\t\t "); $attributes_values = vam_db_fetch_array($attributes); $sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'products_options' => $attributes_values['products_options_name'], 'products_options_values' => $attributes_values['products_options_values_name'], 'options_values_price' => $attributes_values['options_values_price'], 'price_prefix' => $attributes_values['price_prefix']); vam_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array); if (DOWNLOAD_ENABLED == 'true' && (isset($attributes_values['products_attributes_filename']) && vam_not_null($attributes_values['products_attributes_filename']) or $attributes_values['products_attributes_is_pin'])) { //PIN add for ($pincycle = 0; $pincycle < $order->products[$i]['qty']; $pincycle++) { if ($attributes_values['products_attributes_is_pin']) { $pin_query = vam_db_query("SELECT products_pin_id, products_pin_code FROM " . TABLE_PRODUCTS_PINS . " WHERE products_id = '" . $order->products[$i]['id'] . "' AND products_pin_used='0' LIMIT 1"); if (vam_db_num_rows($pin_query) == '0') { // We have no PIN for this product // insert some error notifying here $pin = PIN_NOT_AVAILABLE; } else { $pin_res = vam_db_fetch_array($pin_query); $pin = $pin_res['products_pin_code']; vam_db_query("UPDATE " . TABLE_PRODUCTS_PINS . " SET products_pin_used='" . $insert_id . "' WHERE products_pin_id = '" . $pin_res['products_pin_id'] . "'"); } } //PIN $sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'orders_products_filename' => $attributes_values['products_attributes_filename'], 'download_maxdays' => $attributes_values['products_attributes_maxdays'], 'download_count' => $attributes_values['products_attributes_maxcount'], 'download_is_pin' => $attributes_values['products_attributes_is_pin'], 'download_pin_code' => $pin); vam_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array); } } } } } $_SESSION['cart_yandex_id'] = $cartID . '-' . $insert_id; } } return array('title' => MODULE_PAYMENT_YANDEX_MERCHANT_TEXT_DESCRIPTION); }
------------------------------------------------------------------------------*/ function get_var($name, $default = 'none') { return isset($_GET[$name]) ? $_GET[$name] : (isset($_POST[$name]) ? $_POST[$name] : $default); } require 'includes/application_top.php'; require DIR_WS_CLASSES . 'order.php'; // logging //$fp = fopen('webmoney.log', 'a+'); //$str=date('Y-m-d H:i:s').' - '; //foreach ($_REQUEST as $vn=>$vv) { // $str.=$vn.'='.$vv.';'; //} //fwrite($fp, $str."\n"); //fclose($fp); // variables prepearing $crc = get_var('LMI_HASH'); $inv_id = get_var('LMI_PAYMENT_NO'); $order = new order($inv_id); $order_sum = $order->info['total']; $hash = strtoupper(md5($_POST['LMI_PAYEE_PURSE'] . $_POST['LMI_PAYMENT_AMOUNT'] . $_POST['LMI_PAYMENT_NO'] . $_POST['LMI_MODE'] . $_POST['LMI_SYS_INVS_NO'] . $_POST['LMI_SYS_TRANS_NO'] . $_POST['LMI_SYS_TRANS_DATE'] . MODULE_PAYMENT_Z_PAYMENT_SECRET_KEY . $_POST['LMI_PAYER_PURSE'] . $_POST['LMI_PAYER_WM'])); // checking and handling if ($hash == $crc) { if (number_format($_POST['LMI_PAYMENT_AMOUNT'], 0) == number_format($order->info['total'], 0)) { $sql_data_array = array('orders_status' => MODULE_PAYMENT_Z_PAYMENT_ORDER_STATUS_ID); vam_db_perform('orders', $sql_data_array, 'update', "orders_id='" . $inv_id . "'"); $sql_data_arrax = array('orders_id' => $inv_id, 'orders_status_id' => MODULE_PAYMENT_Z_PAYMENT_ORDER_STATUS_ID, 'date_added' => 'now()', 'customer_notified' => '0', 'comments' => 'Z-Payment accepted this order payment'); vam_db_perform('orders_status_history', $sql_data_arrax); echo 'OK' . $inv_id; } }
require 'includes/application_top.php'; switch ($_GET['action']) { case 'insert': case 'save': $blacklist_id = vam_db_prepare_input($_GET['bID']); $blacklist_card_number = vam_db_prepare_input($_POST['blacklist_card_number']); $sql_data_array = array('blacklist_card_number' => $blacklist_card_number); if ($_GET['action'] == 'insert') { $insert_sql_data = array('date_added' => 'now()'); $sql_data_array = vam_array_merge($sql_data_array, $insert_sql_data); vam_db_perform(TABLE_BLACKLIST, $sql_data_array); $blacklist_id = vam_db_insert_id(); } elseif ($_GET['action'] == 'save') { $update_sql_data = array('last_modified' => 'now()'); $sql_data_array = vam_array_merge($sql_data_array, $update_sql_data); vam_db_perform(TABLE_BLACKLIST, $sql_data_array, 'update', "blacklist_id = '" . vam_db_input($blacklist_id) . "'"); } if (USE_CACHE == 'true') { vam_reset_cache_block('blacklist'); } vam_redirect(vam_href_link(FILENAME_BLACKLIST, 'page=' . $_GET['page'] . '&bID=' . $blacklist_id)); break; case 'deleteconfirm': $blacklist_id = vam_db_prepare_input($_GET['bID']); vam_db_query("delete from " . TABLE_BLACKLIST . " where blacklist_id = '" . vam_db_input($blacklist_id) . "'"); if (USE_CACHE == 'true') { vam_reset_cache_block('manufacturers'); } vam_redirect(vam_href_link(FILENAME_BLACKLIST, 'page=' . $_GET['page'])); break; }
/** * Insert products to categories connection * @param int $pID products ID * @param int $cID categories ID */ function insertPtoCconnection($pID, $cID) { $prod2cat_query = vam_db_query("SELECT *\n\t\t\t\t\t\t\t\t\t\t FROM " . TABLE_PRODUCTS_TO_CATEGORIES . "\n\t\t\t\t\t\t\t\t\t\t WHERE\n\t\t\t\t\t\t\t\t\t\t categories_id='" . $cID . "'\n\t\t\t\t\t\t\t\t\t\t and products_id='" . $pID . "'"); if (!vam_db_num_rows($prod2cat_query)) { $insert_data = array('products_id' => $pID, 'categories_id' => $cID); vam_db_perform(TABLE_PRODUCTS_TO_CATEGORIES, $insert_data); } }
$vamTemplate->caching = false; $vamTemplate->assign('tpl_path', 'templates/' . CURRENT_TEMPLATE . '/'); $vamTemplate->assign('logo_path', HTTP_SERVER . DIR_WS_CATALOG . 'templates/' . CURRENT_TEMPLATE . '/img/'); $vamTemplate->assign('NAME', $customers_lastname . ' ' . $customers_firstname); $vamTemplate->assign('EMAIL', $customers_email_address); $vamTemplate->assign('COMMENTS', $customers_mail_comments); $vamTemplate->assign('PASSWORD', $customers_password_encrypted); $html_mail = $vamTemplate->fetch(CURRENT_TEMPLATE . '/admin/mail/' . $_SESSION['language'] . '/create_account_mail.html'); $txt_mail = $vamTemplate->fetch(CURRENT_TEMPLATE . '/admin/mail/' . $_SESSION['language'] . '/create_account_mail.txt'); vam_php_mail(EMAIL_SUPPORT_ADDRESS, EMAIL_SUPPORT_NAME, $customers_email_address, $customers_lastname . ' ' . $customers_firstname, EMAIL_SUPPORT_FORWARDING_STRING, EMAIL_SUPPORT_REPLY_ADDRESS, EMAIL_SUPPORT_REPLY_ADDRESS_NAME, '', '', EMAIL_SUPPORT_SUBJECT, $html_mail, $txt_mail); } vam_db_query("delete from " . TABLE_CUSTOMERS_TO_EXTRA_FIELDS . " where customers_id=" . (int) $cc_id); $extra_fields_query = vam_db_query("select ce.fields_id from " . TABLE_EXTRA_FIELDS . " ce where ce.fields_status=1 "); while ($extra_fields = vam_db_fetch_array($extra_fields_query)) { $sql_extra_data_array = array('customers_id' => (int) $cc_id, 'fields_id' => $extra_fields['fields_id'], 'value' => $_POST['fields_' . $extra_fields['fields_id']]); vam_db_perform(TABLE_CUSTOMERS_TO_EXTRA_FIELDS, $sql_extra_data_array); } vam_redirect(vam_href_link(FILENAME_CUSTOMERS, 'cID=' . $cc_id, 'SSL')); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html <?php echo HTML_PARAMS; ?> > <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo $_SESSION['language_charset']; ?> ">
if (empty($html_text)) { if (!($banners_image =& vam_try_upload('banners_image', DIR_FS_CATALOG_IMAGES . 'banner/' . $banners_image_target)) && $_POST['banners_image_local'] == '') { $banner_error = true; } } if (!$banner_error) { $db_image_location = vam_not_null($banners_image_local) ? $banners_image_local : $banners_image_target . $banners_image->filename; $sql_data_array = array('banners_title' => $banners_title, 'banners_url' => $banners_url, 'banners_image' => $db_image_location, 'banners_group' => $banners_group, 'banners_html_text' => $html_text); if ($_GET['action'] == 'insert') { $insert_sql_data = array('date_added' => 'now()', 'status' => '1'); $sql_data_array = vam_array_merge($sql_data_array, $insert_sql_data); vam_db_perform(TABLE_BANNERS, $sql_data_array); $banners_id = vam_db_insert_id(); $messageStack->add_session(SUCCESS_BANNER_INSERTED, 'success'); } elseif ($_GET['action'] == 'update') { vam_db_perform(TABLE_BANNERS, $sql_data_array, 'update', 'banners_id = \'' . $banners_id . '\''); $messageStack->add_session(SUCCESS_BANNER_UPDATED, 'success'); } if ($_POST['expires_date']) { $expires_date = vam_db_prepare_input($_POST['expires_date']); list($day, $month, $year) = explode('/', $expires_date); $expires_date = $year . (strlen($month) == 1 ? '0' . $month : $month) . (strlen($day) == 1 ? '0' . $day : $day); vam_db_query("update " . TABLE_BANNERS . " set expires_date = '" . vam_db_input($expires_date) . "', expires_impressions = null where banners_id = '" . $banners_id . "'"); } elseif ($_POST['impressions']) { $impressions = vam_db_prepare_input($_POST['impressions']); vam_db_query("update " . TABLE_BANNERS . " set expires_impressions = '" . vam_db_input($impressions) . "', expires_date = null where banners_id = '" . $banners_id . "'"); } if ($_POST['date_scheduled']) { $date_scheduled = vam_db_prepare_input($_POST['date_scheduled']); list($day, $month, $year) = explode('/', $date_scheduled); $date_scheduled = $year . (strlen($month) == 1 ? '0' . $month : $month) . (strlen($day) == 1 ? '0' . $day : $day);
function write_to_database() { if (!$this->is_database_table_exists()) { $this->create_database_table(); } $data = $this->data; $data['cip_id'] = $this->get_cip_id(); $data['tag_id'] = $this->get_id(); vam_db_perform($this->table, $data); }
case 'save': $currency_id = vam_db_prepare_input($_GET['cID']); $title = vam_db_prepare_input($_POST['title']); $code = vam_db_prepare_input($_POST['code']); $symbol_left = vam_db_prepare_input($_POST['symbol_left']); $symbol_right = vam_db_prepare_input($_POST['symbol_right']); $decimal_point = vam_db_prepare_input($_POST['decimal_point']); $thousands_point = vam_db_prepare_input($_POST['thousands_point']); $decimal_places = vam_db_prepare_input($_POST['decimal_places']); $value = vam_db_prepare_input($_POST['value']); $sql_data_array = array('title' => $title, 'code' => $code, 'symbol_left' => $symbol_left, 'symbol_right' => $symbol_right, 'decimal_point' => $decimal_point, 'thousands_point' => $thousands_point, 'decimal_places' => $decimal_places, 'value' => $value); if ($_GET['action'] == 'insert') { vam_db_perform(TABLE_CURRENCIES, $sql_data_array); $currency_id = vam_db_insert_id(); } elseif ($_GET['action'] == 'save') { vam_db_perform(TABLE_CURRENCIES, $sql_data_array, 'update', "currencies_id = '" . vam_db_input($currency_id) . "'"); } if ($_POST['default'] == 'on') { vam_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . vam_db_input($code) . "' where configuration_key = 'DEFAULT_CURRENCY'"); } vam_redirect(vam_href_link(FILENAME_CURRENCIES, 'page=' . $_GET['page'] . '&cID=' . $currency_id)); break; case 'deleteconfirm': $currencies_id = vam_db_prepare_input($_GET['cID']); $currency_query = vam_db_query("select currencies_id from " . TABLE_CURRENCIES . " where code = '" . DEFAULT_CURRENCY . "'"); $currency = vam_db_fetch_array($currency_query); if ($currency['currencies_id'] == $currencies_id) { vam_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '' where configuration_key = 'DEFAULT_CURRENCY'"); } vam_db_query("delete from " . TABLE_CURRENCIES . " where currencies_id = '" . vam_db_input($currencies_id) . "'"); vam_redirect(vam_href_link(FILENAME_CURRENCIES, 'page=' . $_GET['page']));
if (isset($_POST['primary']) && $_POST['primary'] == 'on') { $_SESSION['customer_first_name'] = $firstname; $_SESSION['customer_second_name'] = $secondname; $_SESSION['customer_country_id'] = $country_id; $_SESSION['customer_zone_id'] = $zone_id > 0 ? (int) $zone_id : '0'; if (isset($_POST['primary']) && $_POST['primary'] == 'on') { $_SESSION['customer_default_address_id'] = $new_address_book_id; } $sql_data_array = array('customers_firstname' => $firstname, 'customers_secondname' => $secondname, 'customers_lastname' => $lastname, 'customers_last_modified' => 'now()', 'customers_date_added' => 'now()'); if (ACCOUNT_GENDER == 'true') { $sql_data_array['customers_gender'] = $gender; } if (isset($_POST['primary']) && $_POST['primary'] == 'on') { $sql_data_array['customers_default_address_id'] = $new_address_book_id; } vam_db_perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id = '" . (int) $_SESSION['customer_id'] . "'"); } } $messageStack->add_session('addressbook', SUCCESS_ADDRESS_BOOK_ENTRY_UPDATED, 'success'); vam_redirect(vam_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL')); } } if (isset($_GET['edit']) && is_numeric($_GET['edit'])) { $entry_query = vam_db_query("select entry_gender, entry_company, entry_firstname, entry_secondname, entry_lastname, entry_street_address, entry_suburb, entry_postcode, entry_city, entry_state, entry_zone_id, entry_country_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int) $_SESSION['customer_id'] . "' and address_book_id = '" . (int) $_GET['edit'] . "'"); if (vam_db_num_rows($entry_query) == false) { $messageStack->add_session('addressbook', ERROR_NONEXISTING_ADDRESS_BOOK_ENTRY); vam_redirect(vam_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL')); } $entry = vam_db_fetch_array($entry_query); } elseif (isset($_GET['delete']) && is_numeric($_GET['delete'])) { if ($_GET['delete'] == $_SESSION['customer_default_address_id']) {
function before_process() { global $customer_id, $order, $vamPrice, $order_totals, $sendto, $billto, $languages_id, $payment, $currencies, $cart, $cart_webtopay_id; global ${$payment}; $order_id = substr($_SESSION['cart_webmoney_id'], strpos($_SESSION['cart_webmoney_id'], '-') + 1); $check_query = vam_db_query("select orders_status from " . TABLE_ORDERS . " where orders_id = '" . (int) $order_id . "'"); if (vam_db_num_rows($check_query)) { $check = vam_db_fetch_array($check_query); if ($check['orders_status'] == MODULE_PAYMENT_WEBTOPAY_PREPARE_ORDER_STATUS_ID) { $sql_data_array = array('orders_id' => $order_id, 'orders_status_id' => MODULE_PAYMENT_WEBTOPAY_PREPARE_ORDER_STATUS_ID, 'date_added' => 'now()', 'customer_notified' => '0', 'comments' => ''); vam_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array); } } vam_db_query("update " . TABLE_ORDERS . " set orders_status = '" . (MODULE_PAYMENT_WEBTOPAY_ORDER_STATUS_ID > 0 ? (int) MODULE_PAYMENT_WEBTOPAY_ORDER_STATUS_ID : (int) DEFAULT_ORDERS_STATUS_ID) . "', last_modified = now() where orders_id = '" . (int) $order_id . "'"); $sql_data_array = array('orders_id' => $order_id, 'orders_status_id' => MODULE_PAYMENT_WEBTOPAY_ORDER_STATUS_ID > 0 ? (int) MODULE_PAYMENT_WEBTOPAY_ORDER_STATUS_ID : (int) DEFAULT_ORDERS_STATUS_ID, 'date_added' => 'now()', 'customer_notified' => SEND_EMAILS == 'true' ? '1' : '0', 'comments' => $order->info['comments']); vam_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array); // initialized for the email confirmation $products_ordered = ''; $subtotal = 0; $total_tax = 0; for ($i = 0, $n = sizeof($order->products); $i < $n; $i++) { // Stock Update - Joao Correia if (STOCK_LIMITED == 'true') { if (DOWNLOAD_ENABLED == 'true') { $stock_query_raw = "SELECT products_quantity, pad.products_attributes_filename\n FROM " . TABLE_PRODUCTS . " p\n LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n ON p.products_id=pa.products_id\n LEFT JOIN " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n ON pa.products_attributes_id=pad.products_attributes_id\n WHERE p.products_id = '" . vam_get_prid($order->products[$i]['id']) . "'"; // Will work with only one option for downloadable products // otherwise, we have to build the query dynamically with a loop $products_attributes = $order->products[$i]['attributes']; if (is_array($products_attributes)) { $stock_query_raw .= " AND pa.options_id = '" . $products_attributes[0]['option_id'] . "' AND pa.options_values_id = '" . $products_attributes[0]['value_id'] . "'"; } $stock_query = vam_db_query($stock_query_raw); } else { $stock_query = vam_db_query("select products_quantity from " . TABLE_PRODUCTS . " where products_id = '" . vam_get_prid($order->products[$i]['id']) . "'"); } if (vam_db_num_rows($stock_query) > 0) { $stock_values = vam_db_fetch_array($stock_query); // do not decrement quantities if products_attributes_filename exists if (DOWNLOAD_ENABLED != 'true' || !$stock_values['products_attributes_filename']) { $stock_left = $stock_values['products_quantity'] - $order->products[$i]['qty']; } else { $stock_left = $stock_values['products_quantity']; } vam_db_query("update " . TABLE_PRODUCTS . " set products_quantity = '" . $stock_left . "' where products_id = '" . vam_get_prid($order->products[$i]['id']) . "'"); if ($stock_left < 1 && STOCK_ALLOW_CHECKOUT == 'false') { vam_db_query("update " . TABLE_PRODUCTS . " set products_status = '0' where products_id = '" . vam_get_prid($order->products[$i]['id']) . "'"); } } } // Update products_ordered (for bestsellers list) vam_db_query("update " . TABLE_PRODUCTS . " set products_ordered = products_ordered + " . sprintf('%d', $order->products[$i]['qty']) . " where products_id = '" . vam_get_prid($order->products[$i]['id']) . "'"); //------insert customer choosen option to order-------- $attributes_exist = '0'; $products_ordered_attributes = ''; if (isset($order->products[$i]['attributes'])) { $attributes_exist = '1'; for ($j = 0, $n2 = sizeof($order->products[$i]['attributes']); $j < $n2; $j++) { if (DOWNLOAD_ENABLED == 'true') { $attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename\n from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa\n left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad\n on pa.products_attributes_id=pad.products_attributes_id\n where pa.products_id = '" . $order->products[$i]['id'] . "'\n and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "'\n and pa.options_id = popt.products_options_id\n and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "'\n and pa.options_values_id = poval.products_options_values_id\n and popt.language_id = '" . $_SESSION['languages_id'] . "'\n and poval.language_id = '" . $_SESSION['languages_id'] . "'"; $attributes = vam_db_query($attributes_query); } else { $attributes = vam_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . $order->products[$i]['id'] . "' and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $_SESSION['languages_id'] . "' and poval.language_id = '" . $_SESSION['languages_id'] . "'"); } $attributes_values = vam_db_fetch_array($attributes); $products_ordered_attributes .= "\n\t" . $attributes_values['products_options_name'] . ' ' . $attributes_values['products_options_values_name']; } } //------insert customer choosen option eof ---- $total_weight += $order->products[$i]['qty'] * $order->products[$i]['weight']; $total_tax += vam_calculate_tax($total_products_price, $products_tax) * $order->products[$i]['qty']; $total_cost += $total_products_price; $products_ordered .= $order->products[$i]['qty'] . ' x ' . $order->products[$i]['name'] . ' (' . $order->products[$i]['model'] . ') = ' . $vamPrice->Format($order->products[$i]['final_price'], true) . $products_ordered_attributes . "\n"; } // initialize templates $vamTemplate = new vamTemplate(); $vamTemplate->assign('address_label_customer', vam_address_format($order->customer['format_id'], $order->customer, 1, '', '<br />')); $vamTemplate->assign('address_label_shipping', vam_address_format($order->delivery['format_id'], $order->delivery, 1, '', '<br />')); if ($_SESSION['credit_covers'] != '1') { $vamTemplate->assign('address_label_payment', vam_address_format($order->billing['format_id'], $order->billing, 1, '', '<br />')); } $vamTemplate->assign('csID', $order->customer['csID']); $it = 0; $semextrfields = vamDBquery("select * from " . TABLE_EXTRA_FIELDS . " where fields_required_email = '1'"); while ($dataexfes = vam_db_fetch_array($semextrfields, true)) { $cusextrfields = vamDBquery("select * from " . TABLE_CUSTOMERS_TO_EXTRA_FIELDS . " where customers_id = '" . (int) $_SESSION['customer_id'] . "' and fields_id = '" . $dataexfes['fields_id'] . "'"); $rescusextrfields = vam_db_fetch_array($cusextrfields, true); $extrfieldsinf = vamDBquery("select fields_name from " . TABLE_EXTRA_FIELDS_INFO . " where fields_id = '" . $dataexfes['fields_id'] . "' and languages_id = '" . $_SESSION['languages_id'] . "'"); $extrfieldsres = vam_db_fetch_array($extrfieldsinf, true); $extra_fields .= $extrfieldsres['fields_name'] . ' : ' . $rescusextrfields['value'] . "\n"; $vamTemplate->assign('customer_extra_fields', $extra_fields); } $order_total = $order->getTotalData($order_id); $vamTemplate->assign('order_data', $order->getOrderData($order_id)); $vamTemplate->assign('order_total', $order_total['data']); // assign language to template for caching $vamTemplate->assign('language', $_SESSION['language']); $vamTemplate->assign('tpl_path', 'templates/' . CURRENT_TEMPLATE . '/'); $vamTemplate->assign('logo_path', HTTP_SERVER . DIR_WS_CATALOG . 'templates/' . CURRENT_TEMPLATE . '/img/'); $vamTemplate->assign('oID', $order_id); if ($order->info['payment_method'] != '' && $order->info['payment_method'] != 'no_payment') { include DIR_WS_LANGUAGES . $_SESSION['language'] . '/modules/payment/' . $order->info['payment_method'] . '.php'; $payment_method = constant(strtoupper('MODULE_PAYMENT_' . $order->info['payment_method'] . '_TEXT_TITLE')); } $vamTemplate->assign('PAYMENT_METHOD', $payment_method); if ($order->info['shipping_method'] != '') { $shipping_method = $order->info['shipping_method']; } $vamTemplate->assign('SHIPPING_METHOD', $shipping_method); $vamTemplate->assign('DATE', vam_date_long($order->info['date_purchased'])); $vamTemplate->assign('NAME', $order->customer['name']); $vamTemplate->assign('COMMENTS', $order->info['comments']); $vamTemplate->assign('EMAIL', $order->customer['email_address']); $vamTemplate->assign('PHONE', $order->customer['telephone']); // dont allow cache $vamTemplate->caching = false; $html_mail = $vamTemplate->fetch(CURRENT_TEMPLATE . '/mail/' . $_SESSION['language'] . '/order_mail.html'); $txt_mail = $vamTemplate->fetch(CURRENT_TEMPLATE . '/mail/' . $_SESSION['language'] . '/order_mail.txt'); // create subject $order_subject = str_replace('{$nr}', $order_id, EMAIL_BILLING_SUBJECT_ORDER); $order_subject = str_replace('{$date}', strftime(DATE_FORMAT_LONG), $order_subject); $order_subject = str_replace('{$lastname}', $order->customer['lastname'], $order_subject); $order_subject = str_replace('{$firstname}', $order->customer['firstname'], $order_subject); // send mail to admin vam_php_mail(EMAIL_BILLING_ADDRESS, EMAIL_BILLING_NAME, EMAIL_BILLING_ADDRESS, STORE_NAME, EMAIL_BILLING_FORWARDING_STRING, $order->customer['email_address'], $order->customer['firstname'], '', '', $order_subject, $html_mail, $txt_mail); // send mail to customer vam_php_mail(EMAIL_BILLING_ADDRESS, EMAIL_BILLING_NAME, $order->customer['email_address'], $order->customer['firstname'] . ' ' . $order->customer['lastname'], '', EMAIL_BILLING_REPLY_ADDRESS, EMAIL_BILLING_REPLY_ADDRESS_NAME, '', '', $order_subject, $html_mail, $txt_mail); // load the after_process function from the payment modules $this->after_process(); $_SESSION['cart']->reset(true); // unregister session variables used during checkout unset($_SESSION['sendto']); unset($_SESSION['billto']); unset($_SESSION['shipping']); unset($_SESSION['payment']); unset($_SESSION['comments']); unset($_SESSION['cart_webtopay_id']); vam_redirect(vam_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL')); }
} $affiliate_total = round($affiliate_total, 2); // Check for individual commission $affiliate_percentage = 0; if (AFFILATE_INDIVIDUAL_PERCENTAGE == 'true') { $affiliate_commission_query = vam_db_query("select affiliate_commission_percent from " . TABLE_AFFILIATE . " where affiliate_id = '" . $_SESSION['affiliate_ref'] . "'"); $affiliate_commission = vam_db_fetch_array($affiliate_commission_query); $affiliate_percent = $affiliate_commission['affiliate_commission_percent']; } if ($affiliate_percent < AFFILIATE_PERCENT) { $affiliate_percent = AFFILIATE_PERCENT; } $affiliate_payment = round($affiliate_total * $affiliate_percent / 100, 2); if (isset($_SESSION['affiliate_ref'])) { $sql_data_array = array('affiliate_id' => $_SESSION['affiliate_ref'], 'affiliate_date' => $affiliate_clientdate, 'affiliate_browser' => $affiliate_clientbrowser, 'affiliate_ipaddress' => $affiliate_clientip, 'affiliate_value' => $affiliate_total, 'affiliate_payment' => $affiliate_payment, 'affiliate_orders_id' => $insert_id, 'affiliate_clickthroughs_id' => $_SESSION['affiliate_clickthroughs_id'], 'affiliate_percent' => $affiliate_percent, 'affiliate_salesman' => $_SESSION['affiliate_ref'], 'affiliate_level' => '0'); vam_db_perform(TABLE_AFFILIATE_SALES, $sql_data_array); if (AFFILATE_USE_TIER == 'true') { $affiliate_tiers_query = vam_db_query("SELECT aa2.affiliate_id, (aa2.affiliate_rgt - aa2.affiliate_lft) as height\n FROM " . TABLE_AFFILIATE . " AS aa1, " . TABLE_AFFILIATE . " AS aa2\n WHERE aa1.affiliate_root = aa2.affiliate_root \n AND aa1.affiliate_lft BETWEEN aa2.affiliate_lft AND aa2.affiliate_rgt\n AND aa1.affiliate_rgt BETWEEN aa2.affiliate_lft AND aa2.affiliate_rgt\n AND aa1.affiliate_id = '" . $_SESSION['affiliate_ref'] . "'\n ORDER by height asc limit 1, " . AFFILIATE_TIER_LEVELS); $affiliate_tier_percentage = preg_split("/[;]/", AFFILIATE_TIER_PERCENTAGE); $i = 0; while ($affiliate_tiers_array = vam_db_fetch_array($affiliate_tiers_query)) { $affiliate_percent = $affiliate_tier_percentage[$i]; $affiliate_payment = round($affiliate_total * $affiliate_percent / 100, 2); if ($affiliate_payment > 0) { $sql_data_array = array('affiliate_id' => $affiliate_tiers_array['affiliate_id'], 'affiliate_date' => $affiliate_clientdate, 'affiliate_browser' => $affiliate_clientbrowser, 'affiliate_ipaddress' => $affiliate_clientip, 'affiliate_value' => $affiliate_total, 'affiliate_payment' => $affiliate_payment, 'affiliate_orders_id' => $insert_id, 'affiliate_clickthroughs_id' => $_SESSION['affiliate_clickthroughs_id'], 'affiliate_percent' => $affiliate_percent, 'affiliate_salesman' => $_SESSION['affiliate_ref'], 'affiliate_level' => $i + 1); vam_db_perform(TABLE_AFFILIATE_SALES, $sql_data_array); } $i++; } } }
$insert_query = vam_db_query("insert into " . TABLE_COUPON_EMAIL_TRACK . " (coupon_id, customer_id_sent, sent_firstname, emailed_to, date_sent) values ('" . $coupon_id . "', '0', 'Admin', '" . $email_address . "', now() )"); $vamTemplate->assign('SEND_COUPON', 'true'); $vamTemplate->assign('COUPON_DESC', $coupon_desc['coupon_description']); $vamTemplate->assign('COUPON_CODE', $coupon['coupon_code']); } // ICW - CREDIT CLASS CODE BLOCK ADDED ******************************************************* END // GV Code End // create templates } $vamTemplate->caching = 0; $vamTemplate->assign('EMAIL_ADDRESS', $email_address); $vamTemplate->assign('PASSWORD', $password); if ($newsletter) { $vlcode = vam_random_charcode(32); $link = vam_href_link(FILENAME_NEWSLETTER, 'action=activate&email=' . $email_address . '&key=' . $vlcode, 'NONSSL'); $sql_data_array = array('customers_email_address' => vam_db_input($email_address), 'customers_id' => vam_db_input($_SESSION['customer_id']), 'customers_status' => 2, 'customers_firstname' => vam_db_input($firstname), 'customers_lastname' => vam_db_input($lastname), 'mail_status' => '1', 'mail_key' => vam_db_input($vlcode), 'date_added' => 'now()'); vam_db_perform(TABLE_NEWSLETTER_RECIPIENTS, $sql_data_array); // assign vars $vamTemplate->assign('LINK', $link); } else { $vamTemplate->assign('LINK', false); } $html_mail = $vamTemplate->fetch(CURRENT_TEMPLATE . '/mail/' . $_SESSION['language'] . '/create_account_mail.html'); $vamTemplate->caching = 0; $txt_mail = $vamTemplate->fetch(CURRENT_TEMPLATE . '/mail/' . $_SESSION['language'] . '/create_account_mail.txt'); vam_php_mail(EMAIL_SUPPORT_ADDRESS, EMAIL_SUPPORT_NAME, $email_address, $name, EMAIL_SUPPORT_FORWARDING_STRING, EMAIL_SUPPORT_REPLY_ADDRESS, EMAIL_SUPPORT_REPLY_ADDRESS_NAME, '', '', EMAIL_SUPPORT_SUBJECT, $html_mail, $txt_mail); if (!isset($_SESSION['sendto'])) { $_SESSION['sendto'] = $_SESSION['customer_default_address_id']; } vam_redirect(vam_href_link(FILENAME_CHECKOUT_CONFIRMATION, '', 'SSL')); } }
$products_image = substr(strrchr($product->picture, "/"), 1); $products_name = unhtmlentities($product->name); $products_description = unhtmlentities($product->description); $products_status = 1; $products_query = vam_db_query("select products_id, products_price from " . TABLE_PRODUCTS . " where products_id = '" . $products_id . "' limit 1"); if (vam_db_num_rows($products_query)) { $row = vam_db_fetch_array($products_query); if ($row['products_price'] != $products_price) { vam_db_perform(TABLE_PRODUCTS, array('products_last_modified' => 'now()', 'products_price' => $products_price, 'products_image' => $products_image, 'group_permission_0' => 1, 'group_permission_1' => 1, 'group_permission_2' => 1, 'group_permission_3' => 1, 'products_startpage' => 1, 'products_status' => $products_status, 'products_quantity' => $products_quantity, 'products_date_available' => 'now()'), 'update', 'products_id=\'' . $products_id . '\''); vam_db_perform(TABLE_PRODUCTS_DESCRIPTION, array('products_name' => $products_name, 'products_description' => $products_description), 'update', 'products_id=\'' . $products_id . '\' and language_id=\'' . $_SESSION['languages_id'] . '\''); $count_upd++; } } else { vam_db_perform(TABLE_PRODUCTS, array('products_id' => $products_id, 'products_last_modified' => 'now()', 'products_price' => $products_price, 'products_image' => $products_image, 'group_permission_0' => 1, 'group_permission_1' => 1, 'group_permission_2' => 1, 'group_permission_3' => 1, 'products_startpage' => 1, 'products_status' => $products_status, 'products_quantity' => $products_quantity, 'products_date_available' => 'now()')); vam_db_perform(TABLE_PRODUCTS_DESCRIPTION, array('products_id' => $products_id, 'products_name' => $products_name, 'products_description' => $products_description, 'language_id' => $_SESSION['languages_id'])); vam_db_perform(TABLE_PRODUCTS_TO_CATEGORIES, array('products_id' => $products_id, 'categories_id' => $categoryId)); $count_add++; } $count++; } $messageStack->add_session(TEXT_YML_UPDATED . $count_upd, 'success'); $messageStack->add_session(TEXT_YML_CHANGED . ($count - $count_upd), 'success'); $messageStack->add_session(TEXT_YML_ADDED . $count_add, 'success'); $messageStack->add_session(TEXT_YML_CAT_ADDED . $count_cat_add, 'success'); $messageStack->add_session(TEXT_YML_CAT_UPDATED . $count_cat_upd, 'success'); } else { $messageStack->add_session(TEXT_YML_ERROR, 'error'); } vam_redirect(vam_href_link(FILENAME_YML_IMPORT)); } ?>
$languages = vam_get_languages(); for ($i = 0, $n = sizeof($languages); $i < $n; $i++) { $products_vpe_name_array = $_POST['products_vpe_name']; $language_id = $languages[$i]['id']; $sql_data_array = array('products_vpe_name' => vam_db_prepare_input($products_vpe_name_array[$language_id])); if ($_GET['action'] == 'insert') { if (!vam_not_null($products_vpe_id)) { $next_id_query = vam_db_query("select max(products_vpe_id) as products_vpe_id from " . TABLE_PRODUCTS_VPE . ""); $next_id = vam_db_fetch_array($next_id_query); $products_vpe_id = $next_id['products_vpe_id'] + 1; } $insert_sql_data = array('products_vpe_id' => $products_vpe_id, 'language_id' => $language_id); $sql_data_array = vam_array_merge($sql_data_array, $insert_sql_data); vam_db_perform(TABLE_PRODUCTS_VPE, $sql_data_array); } elseif ($_GET['action'] == 'save') { vam_db_perform(TABLE_PRODUCTS_VPE, $sql_data_array, 'update', "products_vpe_id = '" . vam_db_input($products_vpe_id) . "' and language_id = '" . $language_id . "'"); } } if ($_POST['default'] == 'on') { vam_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . vam_db_input($products_vpe_id) . "' where configuration_key = 'DEFAULT_PRODUCTS_VPE_ID'"); } vam_redirect(vam_href_link(FILENAME_PRODUCTS_VPE, 'page=' . $_GET['page'] . '&oID=' . $products_vpe_id)); break; case 'deleteconfirm': $oID = vam_db_prepare_input($_GET['oID']); $products_vpe_query = vam_db_query("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'DEFAULT_PRODUCTS_VPE_ID'"); $products_vpe = vam_db_fetch_array($products_vpe_query); if ($products_vpe['configuration_value'] == $oID) { vam_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '' where configuration_key = 'DEFAULT_PRODUCTS_VPE_ID'"); } vam_db_query("delete from " . TABLE_PRODUCTS_VPE . " where products_vpe_id = '" . vam_db_input($oID) . "'");
if (!isset($_SESSION['tracking']['ip'])) { $_SESSION['tracking']['ip'] = $_SERVER['REMOTE_ADDR']; } if (!isset($_SESSION['tracking']['refID'])) { // check if referer exists if (isset($_GET['refID'])) { $campaign_check_query_raw = "SELECT *\n\t\t\t FROM " . TABLE_CAMPAIGNS . " \n\t\t\t WHERE campaigns_refID = '" . vam_db_input($_GET['refID']) . "'"; $campaign_check_query = vam_db_query($campaign_check_query_raw); if (vam_db_num_rows($campaign_check_query) > 0) { $_SESSION['tracking']['refID'] = vam_db_input($_GET['refID']); // count hit (block IP for 1 hour) $insert_sql = array('user_ip' => $_SESSION['tracking']['ip'], 'campaign' => vam_db_input($_GET['refID']), 'time' => 'now()'); // $check_date = mktime(0, date("i")-1, 0, date("m"), date("d"), date("Y")); // $ip_query = vam_db_query("SELECT * FROM ".TABLE_CAMPAIGNS_IP." WHERE campaign='".vam_db_input($_GET['refID'])."' and user_ip='".$_SESSION['tracking']['ip']."' and time > '".$check_date."'"); // if (!vam_db_num_rows($ip_query)) vam_db_perform(TABLE_CAMPAIGNS_IP, $insert_sql); } } } if (!isset($_SESSION['tracking']['date'])) { $_SESSION['tracking']['date'] = date("Y-m-d H:i:s"); } if (!isset($_SESSION['tracking']['browser'])) { $_SESSION['tracking']['browser'] = $_SERVER["HTTP_USER_AGENT"]; } $i = count($_SESSION['tracking']['pageview_history']); if ($i > 6) { array_shift($_SESSION['tracking']['pageview_history']); $_SESSION['tracking']['pageview_history'][6] = $ref_url; } else { $_SESSION['tracking']['pageview_history'][$i] = $ref_url;
for ($pincycle = 0; $pincycle < $order->products[$i]['qty']; $pincycle++) { if ($attributes_values['products_attributes_is_pin']) { $pin_query = vam_db_query("SELECT products_pin_id, products_pin_code FROM " . TABLE_PRODUCTS_PINS . " WHERE products_id = '" . $order->products[$i]['id'] . "' AND products_pin_used='0' LIMIT 1"); if (vam_db_num_rows($pin_query) == '0') { // We have no PIN for this product // insert some error notifying here $pin = PIN_NOT_AVAILABLE; } else { $pin_res = vam_db_fetch_array($pin_query); $pin = $pin_res['products_pin_code']; vam_db_query("UPDATE " . TABLE_PRODUCTS_PINS . " SET products_pin_used='" . $insert_id . "' WHERE products_pin_id = '" . $pin_res['products_pin_id'] . "'"); } } //PIN $sql_data_array = array('orders_id' => $insert_id, 'orders_products_id' => $order_products_id, 'orders_products_filename' => $attributes_values['products_attributes_filename'], 'download_maxdays' => $attributes_values['products_attributes_maxdays'], 'download_count' => $attributes_values['products_attributes_maxcount'], 'download_is_pin' => $attributes_values['products_attributes_is_pin'], 'download_pin_code' => $pin); vam_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array); } } } } //------insert customer choosen option eof ---- $total_weight += $order->products[$i]['qty'] * $order->products[$i]['weight']; $total_tax += vam_calculate_tax($total_products_price, $products_tax) * $order->products[$i]['qty']; $total_cost += $total_products_price; } if (isset($_SESSION['tracking']['refID'])) { vam_db_query("update " . TABLE_ORDERS . " set\n\t refferers_id = '" . $_SESSION['tracking']['refID'] . "'\n\t where orders_id = '" . $insert_id . "'"); // check if late or direct sale $customers_logon_query = "SELECT customers_info_number_of_logons\n\t\t\t\t FROM " . TABLE_CUSTOMERS_INFO . " \n\t\t\t\t WHERE customers_info_id = '" . $_SESSION['customer_id'] . "'"; $customers_logon_query = vam_db_query($customers_logon_query); $customers_logon = vam_db_fetch_array($customers_logon_query);
function vam_set_groups($categories_id, $permission_array) { // get products in categorie $products_query = vam_db_query("SELECT products_id FROM " . TABLE_PRODUCTS_TO_CATEGORIES . " where categories_id='" . $categories_id . "'"); while ($products = vam_db_fetch_array($products_query)) { vam_db_perform(TABLE_PRODUCTS, $permission_array, 'update', 'products_id = \'' . $products['products_id'] . '\''); } // set status of categorie vam_db_perform(TABLE_CATEGORIES, $permission_array, 'update', 'categories_id = \'' . $categories_id . '\''); // look for deeper categories and go rekursiv $categories_query = vam_db_query("SELECT categories_id FROM " . TABLE_CATEGORIES . " where parent_id='" . $categories_id . "'"); while ($categories = vam_db_fetch_array($categories_query)) { vam_set_groups($categories['categories_id'], $permission_array); } }
(c) 2000-2001 The Exchange Project (earlier name of osCommerce) (c) 2002-2003 osCommercecoding standards www.oscommerce.com (c) 2004 xt:Commerce (popup_memo.php,v 1.7 2003/08/18); xt-commerce.com Released under the GNU General Public License --------------------------------------------------------------*/ require 'includes/application_top.php'; include DIR_FS_LANGUAGES . $_SESSION['language'] . '/admin/customers.php'; if ($_GET['action']) { switch ($_GET['action']) { case 'save': $memo_title = vam_db_prepare_input($_POST['memo_title']); $memo_text = vam_db_prepare_input($_POST['memo_text']); if ($memo_text != '' && $memo_title != '') { $sql_data_array = array('customers_id' => $_POST['ID'], 'memo_date' => date("Y-m-d"), 'memo_title' => $memo_title, 'memo_text' => nl2br($memo_text), 'poster_id' => $_SESSION['customer_id']); vam_db_perform(TABLE_CUSTOMERS_MEMO, $sql_data_array); } break; case 'remove': vam_db_query("DELETE FROM " . TABLE_CUSTOMERS_MEMO . " where memo_id='" . $_GET['mID'] . "'"); break; } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html <?php echo HTML_PARAMS; ?> > <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php
$languages = vam_get_languages(); for ($i = 0, $n = sizeof($languages); $i < $n; $i++) { $shipping_status_name_array = $_POST['shipping_status_name']; $language_id = $languages[$i]['id']; $sql_data_array = array('shipping_status_name' => vam_db_prepare_input($shipping_status_name_array[$language_id])); if ($_GET['action'] == 'insert') { if (!vam_not_null($shipping_status_id)) { $next_id_query = vam_db_query("select max(shipping_status_id) as shipping_status_id from " . TABLE_SHIPPING_STATUS . ""); $next_id = vam_db_fetch_array($next_id_query); $shipping_status_id = $next_id['shipping_status_id'] + 1; } $insert_sql_data = array('shipping_status_id' => $shipping_status_id, 'language_id' => $language_id); $sql_data_array = vam_array_merge($sql_data_array, $insert_sql_data); vam_db_perform(TABLE_SHIPPING_STATUS, $sql_data_array); } elseif ($_GET['action'] == 'save') { vam_db_perform(TABLE_SHIPPING_STATUS, $sql_data_array, 'update', "shipping_status_id = '" . vam_db_input($shipping_status_id) . "' and language_id = '" . $language_id . "'"); } } if ($shipping_status_image =& vam_try_upload('shipping_status_image', DIR_WS_ICONS)) { vam_db_query("update " . TABLE_SHIPPING_STATUS . " set shipping_status_image = '" . $shipping_status_image->filename . "' where shipping_status_id = '" . vam_db_input($shipping_status_id) . "'"); } if ($_POST['default'] == 'on') { vam_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . vam_db_input($shipping_status_id) . "' where configuration_key = 'DEFAULT_SHIPPING_STATUS_ID'"); } vam_redirect(vam_href_link(FILENAME_SHIPPING_STATUS, 'page=' . $_GET['page'] . '&oID=' . $shipping_status_id)); break; case 'deleteconfirm': $oID = vam_db_prepare_input($_GET['oID']); $shipping_status_query = vam_db_query("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'DEFAULT_SHIPPING_STATUS_ID'"); $shipping_status = vam_db_fetch_array($shipping_status_query); if ($shipping_status['configuration_value'] == $oID) {
} } for ($img = 0; $img < MO_PICS; $img++) { if ($pIMG =& vam_try_upload('mo_pics_' . $img, DIR_FS_CATALOG_IMAGES . 'product_options/', '777', '')) { $pname_arr = explode('.', $pIMG->filename); $nsuffix = array_pop($pname_arr); $value_image_name = $_POST['value_id'] . '_' . ($img + 1) . '.' . $nsuffix; rename(DIR_FS_CATALOG_IMAGES . 'product_options/' . $pIMG->filename, DIR_FS_CATALOG_IMAGES . 'product_options/' . $value_image_name); //get data & write to table $mo_img = array('products_options_values_id' => vam_db_prepare_input($_POST['value_id']), 'image_nr' => vam_db_prepare_input($img + 1), 'image_name' => vam_db_prepare_input($value_image_name)); // if ($action == 'insert') { $_imgQuery = vam_db_query("SELECT count(*) as count FROM " . TABLE_PRODUCTS_OPTIONS_IMAGES . " WHERE image_nr='" . ($img + 1) . "' and products_options_values_id='" . vam_db_prepare_input($_POST['value_id']) . "'"); $_imgQuery = vam_db_fetch_array($_imgQuery); if ($_imgQuery['count'] > 0) { } else { vam_db_perform(TABLE_PRODUCTS_OPTIONS_IMAGES, $mo_img); } } } if ($_POST['del_mo_pic'] != '') { foreach ($_POST['del_mo_pic'] as $dummy => $val) { @vam_del_image_options_file($val); vam_db_query("DELETE FROM " . TABLE_PRODUCTS_OPTIONS_IMAGES . "\n\t\t\t\t\t\t\t\t\t WHERE products_options_values_id = '" . vam_db_input($_POST['value_id']) . "' AND image_name = '" . $val . "'"); } } //are we asked to delete some pics? if ($_POST['del_pic'] != '') { @vam_del_image_options_file($products_data['del_pic']); // vam_db_query("UPDATE ".TABLE_PRODUCTS_OPTIONS_IMAGES." // SET products_options_values_id = '' // WHERE products_options_values_id = '".vam_db_input($_POST['del_pic'])."'");
} $sql_data_array = array('affiliate_id' => $_SESSION['affiliate_ref'], 'affiliate_clientdate' => $affiliate_clientdate, 'affiliate_clientbrowser' => $affiliate_clientbrowser, 'affiliate_clientip' => $affiliate_clientip, 'affiliate_clientreferer' => $affiliate_clientreferer, 'affiliate_products_id' => $affiliate_products_id, 'affiliate_banner_id' => $affiliate_banner_id); vam_db_perform(TABLE_AFFILIATE_CLICKTHROUGHS, $sql_data_array); $_SESSION['affiliate_clickthroughs_id'] = vam_db_insert_id(); // Banner has been clicked, update stats: if ($affiliate_banner_id && $_SESSION['affiliate_ref']) { $today = date('Y-m-d'); $sql = "select * from " . TABLE_AFFILIATE_BANNERS_HISTORY . " where affiliate_banners_id = '" . $affiliate_banner_id . "' and affiliate_banners_affiliate_id = '" . $_SESSION['affiliate_ref'] . "' and affiliate_banners_history_date = '" . $today . "'"; $banner_stats_query = vam_db_query($sql); // Banner has been shown today if (vam_db_fetch_array($banner_stats_query)) { vam_db_query("update " . TABLE_AFFILIATE_BANNERS_HISTORY . " set affiliate_banners_clicks = affiliate_banners_clicks + 1 where affiliate_banners_id = '" . $affiliate_banner_id . "' and affiliate_banners_affiliate_id = '" . $_SESSION['affiliate_ref'] . "' and affiliate_banners_history_date = '" . $today . "'"); // Initial entry if banner has not been shown } else { $sql_data_array = array('affiliate_banners_id' => $affiliate_banner_id, 'affiliate_banners_products_id' => $affiliate_products_id, 'affiliate_banners_affiliate_id' => $_SESSION['affiliate_ref'], 'affiliate_banners_clicks' => '1', 'affiliate_banners_history_date' => $today); vam_db_perform(TABLE_AFFILIATE_BANNERS_HISTORY, $sql_data_array); } } // Set Cookie if the customer comes back and orders it counts setcookie('affiliate_ref', $_SESSION['affiliate_ref'], time() + AFFILIATE_COOKIE_LIFETIME); } if ($_COOKIE['affiliate_ref']) { // Customer comes back and is registered in cookie $_SESSION['affiliate_ref'] = $_COOKIE['affiliate_ref']; } } //// // Compatibility to older Snapshots // set the type of request (secure or not) if (!isset($request_type)) { $request_type = getenv('HTTPS') == 'on' ? 'SSL' : 'NONSSL';
$faq_page_url = $alias; } else { $faq_page_url = $_POST['faq_page_url']; } $sql_data_array = array('question' => vam_db_prepare_input($_POST['question']), 'faq_page_url' => vam_db_prepare_input($faq_page_url), 'answer' => vam_db_prepare_input($_POST['answer']), 'date_added' => 'now()', 'language' => vam_db_prepare_input($_POST['item_language']), 'status' => '1'); vam_db_perform(TABLE_FAQ, $sql_data_array); $faq_id = vam_db_insert_id(); //not actually used ATM -- just there in case } // vam_redirect(vam_href_link(FILENAME_FAQ)); break; case 'update_faq': //user wants to modify a faq. if ($_GET['faq_id']) { $sql_data_array = array('question' => vam_db_prepare_input($_POST['question']), 'faq_page_url' => vam_db_prepare_input($_POST['faq_page_url']), 'answer' => vam_db_prepare_input($_POST['answer']), 'date_added' => vam_db_prepare_input($_POST['date_added']), 'language' => vam_db_prepare_input($_POST['item_language'])); vam_db_perform(TABLE_FAQ, $sql_data_array, 'update', "faq_id = '" . vam_db_prepare_input($_GET['faq_id']) . "'"); } // vam_redirect(vam_href_link(FILENAME_FAQ)); break; } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html <?php echo HTML_PARAMS; ?> > <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo $_SESSION['language_charset']; ?>
$update_sql_data = array('last_modified' => 'now()'); $sql_data_array = array_merge($sql_data_array, $update_sql_data); vam_db_perform(TABLE_AUTHORS, $sql_data_array, 'update', "authors_id = '" . (int) $authors_id . "'"); } $languages = vam_get_languages(); for ($i = 0, $n = sizeof($languages); $i < $n; $i++) { $authors_desc_array = $_POST['authors_description']; $authors_url_array = $_POST['authors_url']; $language_id = $languages[$i]['id']; $sql_data_array = array('authors_description' => vam_db_prepare_input($authors_desc_array[$language_id]), 'authors_url' => vam_db_prepare_input($authors_url_array[$language_id])); if ($action == 'insert') { $insert_sql_data = array('authors_id' => $authors_id, 'languages_id' => $language_id); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); vam_db_perform(TABLE_AUTHORS_INFO, $sql_data_array); } elseif ($action == 'save') { vam_db_perform(TABLE_AUTHORS_INFO, $sql_data_array, 'update', "authors_id = '" . (int) $authors_id . "' and languages_id = '" . (int) $language_id . "'"); } } if (USE_CACHE == 'true') { vam_reset_cache_block('authors'); } vam_redirect(vam_href_link(FILENAME_AUTHORS, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . 'auID=' . $authors_id)); break; case 'deleteconfirm': $authors_id = vam_db_prepare_input($_GET['auID']); vam_db_query("delete from " . TABLE_AUTHORS . " where authors_id = '" . (int) $authors_id . "'"); vam_db_query("delete from " . TABLE_AUTHORS_INFO . " where authors_id = '" . (int) $authors_id . "'"); if (isset($_POST['delete_articles']) && $_POST['delete_articles'] == 'on') { $articles_query = vam_db_query("select articles_id from " . TABLE_ARTICLES . " where authors_id = '" . (int) $authors_id . "'"); while ($articles = vam_db_fetch_array($articles_query)) { vam_remove_article($articles['articles_id']);
} //end 2 } else { //within 1 // $_POST['update_totals'] is not an array => write in all order total components that have been generated by the sundry modules for ($i = 0, $n = sizeof($order_totals); $i < $n; $i++) { //8 $new_order_totals[] = array('title' => strip_tags($order_totals[$i]['title']), 'text' => $order_totals[$i]['text'], 'value' => $order_totals[$i]['value'], 'code' => $order_totals[$i]['code'], 'sort_order' => $j); $j++; } //end 8 } //end if (is_array($_POST['update_totals'])) { //1 for ($i = 0, $n = sizeof($new_order_totals); $i < $n; $i++) { $sql_data_array = array('orders_id' => $oID, 'title' => strip_tags($new_order_totals[$i]['title']), 'text' => $new_order_totals[$i]['text'], 'value' => $new_order_totals[$i]['value'], 'class' => $new_order_totals[$i]['code'], 'sort_order' => $new_order_totals[$i]['sort_order']); vam_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array); } if (isset($_POST['subaction'])) { switch ($_POST['subaction']) { case 'add_product': vam_redirect(vam_href_link(FILENAME_ORDERS_EDIT, vam_get_all_get_params(array('action')) . 'action=edit#products')); break; } } // 1.5 SUCCESS MESSAGE ##### // CHECK FOR NEW EMAIL CONFIRMATION if (isset($_POST['nC1']) || isset($_POST['nC2']) || isset($_POST['nC3'])) { //then the user selected the option of sending a new email vam_redirect(vam_href_link(FILENAME_ORDERS_EDIT, vam_get_all_get_params(array('action')) . 'action=email')); //redirect to the email case } else {
function vam_write_user_info($customer_id) { $sql_data_array = array('customers_id' => $customer_id, 'customers_ip' => $_SESSION['tracking']['ip'], 'customers_ip_date' => 'now()', 'customers_host' => $_SESSION['tracking']['http_referer']['host'], 'customers_advertiser' => $_SESSION['tracking']['refID'], 'customers_referer_url' => $_SESSION['tracking']['http_referer']['host'] . $_SESSION['tracking']['http_referer']['path']); vam_db_perform(TABLE_CUSTOMERS_IP, $sql_data_array); return -1; }
if (ACCOUNT_COMPANY == 'true') { $sql_data_array['entry_company'] = $company; } if (ACCOUNT_SUBURB == 'true') { $sql_data_array['entry_suburb'] = $suburb; } if (ACCOUNT_STATE == 'true') { if ($zone_id > 0) { $sql_data_array['entry_zone_id'] = $zone_id; $sql_data_array['entry_state'] = ''; } else { $sql_data_array['entry_zone_id'] = '0'; $sql_data_array['entry_state'] = $state; } } vam_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array); $_SESSION['billto'] = vam_db_insert_id(); if (isset($_SESSION['payment'])) { unset($_SESSION['payment']); } vam_redirect(vam_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL')); } // process the selected billing destination } elseif (isset($_POST['address'])) { $reset_payment = false; if (isset($_SESSION['billto'])) { if ($billto != $_POST['address']) { if (isset($_SESSION['payment'])) { $reset_payment = true; } }