while ($file = $dir->read()) {
if (is_dir(DIR_FS_CATALOG_TEMPLATES . $file) && strtoupper($file) != 'CVS' && $file != 'template_default') {
if (file_exists(DIR_FS_CATALOG_TEMPLATES . $file . '/template_info.php')) {
require DIR_FS_CATALOG_TEMPLATES . $file . '/template_info.php';
$template_info[$file] = array('name' => $template_name, 'version' => $template_version, 'author' => $template_author, 'description' => $template_description, 'screenshot' => $template_screenshot);
}
}
}
$action = isset($_GET['action']) ? $_GET['action'] : '';
if (zen_not_null($action)) {
switch ($action) {
case 'insert':
$check_query = $gBitDb->Execute("select * from " . TABLE_TEMPLATE_SELECT . " where template_language = '" . $_POST['lang'] . "'");
if ($check_query->RecordCount() < 1) {
$gBitDb->Execute("insert into " . TABLE_TEMPLATE_SELECT . " (template_dir, template_language) values ('" . $_POST['ln'] . "', '" . $_POST['lang'] . "')");
$_GET['tID'] = zen_db_insert_id(TABLE_TEMPLATE_SELECT, 'template_id');
}
$action = "";
break;
case 'save':
$gBitDb->Execute("update " . TABLE_TEMPLATE_SELECT . " set template_dir = '" . $_POST['ln'] . "' where template_id = '" . $_GET['tID'] . "'");
break;
case 'deleteconfirm':
$check_query = $gBitDb->Execute("select template_language from " . TABLE_TEMPLATE_SELECT . " where template_id = '" . $_GET['tID'] . "'");
if ($check_query->fields['template_language'] != 0) {
$gBitDb->Execute("delete from " . TABLE_TEMPLATE_SELECT . " where template_id = '" . $_GET['tID'] . "'");
zen_redirect(zen_href_link_admin(FILENAME_TEMPLATE_SELECT, 'page=' . $_GET['page']));
}
$action = "";
break;
}
$newsletter_error = false;
if (empty($title)) {
$messageStack->add(ERROR_NEWSLETTER_TITLE, 'error');
$newsletter_error = true;
}
if (empty($newsletter_module)) {
$messageStack->add(ERROR_NEWSLETTER_MODULE, 'error');
$newsletter_error = true;
}
if ($newsletter_error == false) {
$sql_data_array = array('title' => $title, 'content' => $content, 'content_html' => $content_html, 'module' => $newsletter_module);
if ($action == 'insert') {
$sql_data_array['date_added'] = 'now()';
$sql_data_array['status'] = '0';
zen_db_perform(TABLE_NEWSLETTERS, $sql_data_array);
$newsletter_id = zen_db_insert_id();
} elseif ($action == 'update') {
zen_db_perform(TABLE_NEWSLETTERS, $sql_data_array, 'update', "newsletters_id = '" . (int) $newsletter_id . "'");
}
zen_redirect(zen_href_link(FILENAME_NEWSLETTERS, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . 'nID=' . $newsletter_id));
} else {
$action = 'new';
}
break;
case 'deleteconfirm':
$newsletter_id = zen_db_prepare_input($_GET['nID']);
$db->Execute("delete from " . TABLE_NEWSLETTERS . "\n where newsletters_id = '" . (int) $newsletter_id . "'");
zen_redirect(zen_href_link(FILENAME_NEWSLETTERS, 'page=' . $_GET['page']));
break;
case 'delete':
case 'new':
$banners_image = new upload('banners_image');
$banners_image->set_destination(DIR_FS_CATALOG_IMAGES . $banners_image_target);
if ($banners_image->parse() == false || $banners_image->save() == false) {
$messageStack->add(ERROR_BANNER_IMAGE_REQUIRED, 'error');
$banner_error = true;
}
}
}
if ($banner_error == false) {
$db_image_location = zen_not_null($banners_image_local) ? $banners_image_local : $banners_image_target . $banners_image->filename;
$sql_data_array = array('banners_title' => $banners_title, 'banners_url' => $banners_url, 'banners_image' => $db_image_location, 'banners_group' => $banners_group, 'banners_html_text' => $banners_html_text, 'status' => $status, 'banners_open_new_windows' => $banners_open_new_windows, 'banners_on_ssl' => $banners_on_ssl, 'banners_sort_order' => (int) $banners_sort_order);
if ($action == 'insert') {
$insert_sql_data = array('date_added' => 'now()', 'status' => '1');
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
zen_db_perform(TABLE_BANNERS, $sql_data_array);
$banners_id = zen_db_insert_id();
$messageStack->add_session(SUCCESS_BANNER_INSERTED, 'success');
} elseif ($action == 'update') {
zen_db_perform(TABLE_BANNERS, $sql_data_array, 'update', "banners_id = '" . (int) $banners_id . "'");
$messageStack->add_session(SUCCESS_BANNER_UPDATED, 'success');
}
// NOTE: status will be reset by the /functions/banner.php
// build new update sql for date_scheduled, expires_date and expires_impressions
$sql = "UPDATE " . TABLE_BANNERS . "\n SET\n date_scheduled = :scheduledDate,\n expires_date = DATE_ADD(:expiresDate, INTERVAL '23:59:59' HOUR_SECOND),\n expires_impressions = " . ($expires_impressions == 0 ? "null" : ":expiresImpressions") . "\n WHERE banners_id = :bannersID";
if ($expires_impressions > 0) {
$sql = $db->bindVars($sql, ':expiresImpressions', $expires_impressions, 'integer');
}
if ($date_scheduled != '') {
$sql = $db->bindVars($sql, ':scheduledDate', $date_scheduled, 'date');
}
if ($expires_date != '') {
$messageStack->add('submit_link', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
}
if (SUBMIT_LINK_REQUIRE_RECIPROCAL == 'true') {
if (strlen($links_reciprocal_url) < ENTRY_LINKS_URL_MIN_LENGTH) {
$error = true;
$messageStack->add('submit_link', ENTRY_LINKS_RECIPROCAL_URL_ERROR);
}
}
if ($error == false) {
// default values
$links_date_added = 'now()';
$links_status = '0';
// Pending approval
$sql_data_array = array('links_url' => $links_url, 'links_contact_name' => $links_contact_name, 'links_contact_email' => $links_contact_email, 'links_reciprocal_url' => $links_reciprocal_url, 'links_date_added' => $links_date_added, 'links_status' => $links_status);
zen_db_perform(TABLE_LINKS, $sql_data_array);
$links_id = zen_db_insert_id();
// Upload an image when form field is filled in by user
if ($links_image = new upload('links_image_url')) {
$links_image->set_destination(DIR_WS_IMAGES . LINK_IMAGE_DIRECTORY);
if ($links_image->parse() && $links_image->save()) {
$links_image_name = LINK_IMAGE_DIRECTORY . $links_image->filename;
}
if ($links_image->filename != '') {
$db->Execute("update " . TABLE_LINKS . "\n set links_image_url = '" . $links_image_name . "'\n where links_id = '" . (int) $links_id . "'");
} else {
// Use default image if form field is left blank
$links_image_name = LINK_IMAGE_DIRECTORY . DEFAULT_LINK_IMAGE;
$db->Execute("update " . TABLE_LINKS . "\n set links_image_url = '" . $links_image_name . "'\n where links_id = '" . (int) $links_id . "'");
$messageStack->add_session('header', WARNING_DEFAULT_FILE_UPLOADED, 'success');
}
}
require 'includes/application_top.php';
$action = isset($_GET['action']) ? $_GET['action'] : '';
if (zen_not_null($action)) {
switch ($action) {
case 'insert':
case 'save':
if (isset($_GET['mID'])) {
$manufacturers_id = zen_db_prepare_input($_GET['mID']);
}
$manufacturers_name = zen_db_prepare_input($_POST['manufacturers_name']);
$sql_data_array = array('manufacturers_name' => $manufacturers_name);
if ($action == 'insert') {
$insert_sql_data = array('date_added' => 'now()');
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
zen_db_perform(TABLE_MANUFACTURERS, $sql_data_array);
$manufacturers_id = zen_db_insert_id();
} elseif ($action == 'save') {
$update_sql_data = array('last_modified' => 'now()');
$sql_data_array = array_merge($sql_data_array, $update_sql_data);
zen_db_perform(TABLE_MANUFACTURERS, $sql_data_array, 'update', "manufacturers_id = '" . (int) $manufacturers_id . "'");
}
if ($_POST['manufacturers_image_manual'] != '') {
// add image manually
$manufacturers_image_name = zen_db_input($_POST['img_dir'] . $_POST['manufacturers_image_manual']);
$db->Execute("update " . TABLE_MANUFACTURERS . "\n set manufacturers_image = '" . $manufacturers_image_name . "'\n where manufacturers_id = '" . (int) $manufacturers_id . "'");
} else {
$manufacturers_image = new upload('manufacturers_image');
$manufacturers_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']);
if ($manufacturers_image->parse() && $manufacturers_image->save()) {
// remove image from database if none
if ($manufacturers_image->filename != 'none') {
// | http://www.zen-cart.com/license/2_0.txt. |
// | If you did not receive a copy of the zen-cart license and are unable |
// | to obtain it through the world-wide-web, please send a note to |
// | license@zen-cart.com so we can mail you a copy immediately. |
// +----------------------------------------------------------------------+
// $Id: tax_classes.php 3780 2006-06-16 03:04:43Z drbyte $
//
require 'includes/application_top.php';
$action = isset($_GET['action']) ? $_GET['action'] : '';
if (zen_not_null($action)) {
switch ($action) {
case 'insert':
$tax_class_title = zen_db_prepare_input($_POST['tax_class_title']);
$tax_class_description = zen_db_prepare_input($_POST['tax_class_description']);
$db->Execute("insert into " . TABLE_TAX_CLASS . "\r\n (tax_class_title, tax_class_description, date_added)\r\n values ('" . zen_db_input($tax_class_title) . "',\r\n '" . zen_db_input($tax_class_description) . "',\r\n now())");
$tax_class_id = zen_db_insert_id();
$tax_class_title_m17n = zen_db_prepare_input($_POST['tax_class_title_m17n']);
$tax_class_description_m17n = zen_db_prepare_input($_POST['tax_class_description_m17n']);
$languages = zen_get_languages();
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
$db->Execute("insert into " . TABLE_TAX_CLASS_M17N . "\n (tax_class_id, language_id, tax_class_title, tax_class_description)\n values ('" . (int) $tax_class_id . "',\n '" . (int) $languages[$i]['id'] . "',\n '" . zen_db_input($tax_class_title_m17n[$languages[$i]['id']]) . "',\n '" . zen_db_input($tax_class_description_m17n[$languages[$i]['id']]) . "')");
}
zen_redirect(zen_href_link(FILENAME_TAX_CLASSES));
break;
case 'save':
$tax_class_id = zen_db_prepare_input($_GET['tID']);
$tax_class_title = zen_db_prepare_input($_POST['tax_class_title']);
$tax_class_description = zen_db_prepare_input($_POST['tax_class_description']);
$db->Execute("update " . TABLE_TAX_CLASS . "\r\n set tax_class_id = '" . (int) $tax_class_id . "',\r\n tax_class_title = '" . zen_db_input($tax_class_title) . "',\r\n tax_class_description = '" . zen_db_input($tax_class_description) . "',\r\n last_modified = now()\r\n where tax_class_id = '" . (int) $tax_class_id . "'");
$tax_class_title_m17n = zen_db_prepare_input($_POST['tax_class_title_m17n']);
$tax_class_description_m17n = zen_db_prepare_input($_POST['tax_class_description_m17n']);
require 'includes/application_top.php';
$action = isset($_GET['action']) ? $_GET['action'] : '';
if (zen_not_null($action)) {
switch ($action) {
case 'insert':
case 'save':
if (isset($_GET['mID'])) {
$artists_id = zen_db_prepare_input($_GET['mID']);
}
$artists_name = zen_db_prepare_input($_POST['artists_name']);
$sql_data_array = array('artists_name' => $artists_name);
if ($action == 'insert') {
$insert_sql_data = array('date_added' => 'now()');
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
zen_db_perform(TABLE_RECORD_ARTISTS, $sql_data_array);
$artists_id = zen_db_insert_id();
} elseif ($action == 'save') {
$update_sql_data = array('last_modified' => 'now()');
$sql_data_array = array_merge($sql_data_array, $update_sql_data);
zen_db_perform(TABLE_RECORD_ARTISTS, $sql_data_array, 'update', "artists_id = '" . (int) $artists_id . "'");
}
if ($_POST['artists_image_manual'] != '') {
// add image manually
$artists_image_name = zen_db_input($_POST['img_dir'] . $_POST['artists_image_manual']);
$db->Execute("update " . TABLE_RECORD_ARTISTS . "\r\n set artists_image = '" . $artists_image_name . "'\r\n where artists_id = '" . (int) $artists_id . "'");
} else {
$artists_image = new upload('artists_image');
$artists_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']);
if ($artists_image->parse() && $artists_image->save()) {
// remove image from database if none
if ($artists_image->filename != 'none') {
if (zen_not_null($action)) {
switch ($action) {
case 'insert':
case 'save':
if (isset($_GET['gID'])) {
$group_id = zen_db_prepare_input($_GET['gID']);
}
$group_name = zen_db_prepare_input($_POST['group_name']);
$group_percentage = zen_db_prepare_input($_POST['group_percentage']);
if ($group_name) {
$sql_data_array = array('group_name' => $group_name, 'group_percentage' => $group_percentage);
if ($action == 'insert') {
$insert_sql_data = array('date_added' => $gBitDb->NOW());
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
$gBitDb->associateInsert(TABLE_GROUP_PRICING, $sql_data_array);
$group_id = zen_db_insert_id(TABLE_GROUP_PRICING, 'group_id');
} elseif ($action == 'save') {
$update_sql_data = array('last_modified' => $gBitDb->NOW());
$sql_data_array = array_merge($sql_data_array, $update_sql_data);
$gBitDb->associateInsert(TABLE_GROUP_PRICING, $sql_data_array, 'update', "group_id = '" . (int) $group_id . "'");
}
}
zen_redirect(zen_href_link_admin(FILENAME_GROUP_PRICING, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . 'gID=' . $group_id));
break;
case 'deleteconfirm':
if (zen_admin_demo()) {
$_GET['action'] = '';
$messageStack->add_session(ERROR_ADMIN_DEMO, 'caution');
zen_redirect(zen_href_link_admin(FILENAME_GROUP_PRICING, 'page=' . $_GET['page']));
}
$group_id = zen_db_prepare_input($_GET['gID']);
$faqs_id = zen_db_prepare_input($_GET['pID']);
}
$sql_data_array = array('faqs_type' => zen_db_prepare_input($_GET['faq_type']), 'faqs_status' => zen_db_prepare_input($_POST['faqs_status']), 'faqs_sort_order' => zen_db_prepare_input($_POST['faqs_sort_order']));
// when set to none remove from database
if (isset($_POST['faqs_image']) && zen_not_null($_POST['faqs_image']) && $_POST['faqs_image'] != 'none') {
$sql_data_array['faqs_image'] = zen_db_prepare_input($_POST['faqs_image']);
$new_image = 'true';
} else {
$sql_data_array['faqs_image'] = '';
$new_image = 'false';
}
if ($action == 'insert_faq') {
$insert_sql_data = array('faqs_date_added' => 'now()', 'master_faq_categories_id' => (int) $current_faq_category_id);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
zen_db_perform(TABLE_FAQS, $sql_data_array);
$faqs_id = zen_db_insert_id();
$db->Execute("insert into " . TABLE_FAQS_TO_FAQ_CATEGORIES . "\n (faqs_id, faq_categories_id)\n values ('" . (int) $faqs_id . "', '" . (int) $current_faq_category_id . "')");
} elseif ($action == 'update_faq') {
$update_sql_data = array('faqs_last_modified' => 'now()', 'master_faq_categories_id' => $_POST['master_faq_category'] > 0 ? zen_db_prepare_input($_POST['master_faq_category']) : zen_db_prepare_input($_POST['master_faq_categories_id']));
$sql_data_array = array_merge($sql_data_array, $update_sql_data);
zen_db_perform(TABLE_FAQS, $sql_data_array, 'update', "faqs_id = '" . (int) $faqs_id . "'");
}
$languages = zen_get_languages();
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
$language_id = $languages[$i]['id'];
$sql_data_array = array('faqs_name' => zen_db_prepare_input($_POST['faqs_name'][$language_id]), 'faqs_contact_name' => zen_db_prepare_input($_POST['faqs_contact_name'][$language_id]), 'faqs_contact_mail' => zen_db_prepare_input($_POST['faqs_contact_mail'][$language_id]), 'faqs_description' => zen_db_prepare_input($_POST['faqs_description'][$language_id]), 'faqs_answer' => zen_db_prepare_input($_POST['faqs_answer'][$language_id]), 'faqs_url' => zen_db_prepare_input($_POST['faqs_url'][$language_id]));
if ($action == 'insert_faq') {
$insert_sql_data = array('faqs_id' => $faqs_id, 'language_id' => $language_id);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
zen_db_perform(TABLE_FAQS_DESCRIPTION, $sql_data_array);
} elseif ($action == 'update_faq') {
// Copy attributes to duplicate product
$products_id_from = $products_id;
if ($_POST['copy_as'] == 'link') {
if ($categories_id != $current_category_id) {
$check = $gBitDb->Execute("select count(*) as `total`\n from " . TABLE_PRODUCTS_TO_CATEGORIES . "\n where `products_id` = '" . (int) $products_id . "'\n and `categories_id` = '" . (int) $categories_id . "'");
if ($check->fields['total'] < '1') {
$gBitDb->Execute("insert into " . TABLE_PRODUCTS_TO_CATEGORIES . "\n (`products_id`, `categories_id`)\n values ('" . (int) $products_id . "', '" . (int) $categories_id . "')");
}
} else {
$messageStack->add_session(ERROR_CANNOT_LINK_TO_SAME_CATEGORY, 'error');
}
} elseif ($_POST['copy_as'] == 'duplicate') {
$old_products_id = (int) $products_id;
$product = $gBitDb->Execute("select `products_type`, `products_quantity`, `products_model`, `products_image`,\n `products_price`, `products_virtual`, `products_date_available`, `products_weight`,\n `products_tax_class_id`, `manufacturers_id`,\n `products_quantity_order_min`, `products_quantity_order_units`, `products_priced_by_attribute`,\n `product_is_free`, `product_is_call`, `products_quantity_mixed`,\n `product_is_always_free_ship`, `products_qty_box_status`, `products_quantity_order_max`, `products_sort_order`,\n `lowest_purchase_price`, `master_categories_id`\n from " . TABLE_PRODUCTS . "\n where `products_id` = '" . (int) $products_id . "'");
$gBitDb->Execute("insert into " . TABLE_PRODUCTS . "\n (`products_type`, `products_quantity`, `products_model`, `products_image`,\n `products_price`, `products_virtual`, `products_date_added`, `products_date_available`,\n `products_weight`, `products_status`, `products_tax_class_id`,\n `manufacturers_id`,\n `products_quantity_order_min`, `products_quantity_order_units`, `products_priced_by_attribute`,\n `product_is_free`, product_is_call`, `products_quantity_mixed`,\n `product_is_always_free_ship`, `products_qty_box_status`, `products_quantity_order_max`, `products_sort_order`,\n `lowest_purchase_price`, `master_categories_id`\n )\n values ('" . zen_db_input($product->fields['products_type']) . "',\n '" . zen_db_input($product->fields['products_quantity']) . "',\n '" . zen_db_input($product->fields['products_model']) . "',\n '" . zen_db_input($product->fields['products_image']) . "',\n '" . zen_db_input($product->fields['products_price']) . "',\n '" . zen_db_input($product->fields['products_virtual']) . "',\n now(),\n '" . zen_db_input($product->fields['products_date_available']) . "',\n '" . zen_db_input($product->fields['products_weight']) . "', '0',\n '" . (int) $product->fields['products_tax_class_id'] . "',\n '" . (int) $product->fields['manufacturers_id'] . "',\n '" . zen_db_input($product->fields['products_quantity_order_min']) . "',\n '" . zen_db_input($product->fields['products_quantity_order_units']) . "',\n '" . zen_db_input($product->fields['products_priced_by_attribute']) . "',\n '" . (int) $product->fields['product_is_free'] . "',\n '" . (int) $product->fields['product_is_call'] . "',\n '" . (int) $product->fields['products_quantity_mixed'] . "',\n '" . zen_db_input($product->fields['product_is_always_free_ship']) . "',\n '" . zen_db_input($product->fields['products_qty_box_status']) . "',\n '" . zen_db_input($product->fields['products_quantity_order_max']) . "',\n '" . zen_db_input($product->fields['products_sort_order']) . "',\n '" . zen_db_input($product->fields['lowest_purchase_price']) . "',\n '" . zen_db_input($product->fields['master_categories_id']) . "')");
$dup_products_id = zen_db_insert_id(TABLE_PRODUCTS, 'products_id');
if (isset($_POST['copy_media']) && $_POST['copy_media'] == 'on') {
$product_media = $gBitDb->Execute("select `media_id` from " . TABLE_MEDIA_TO_PRODUCTS . "\n where `product_id` = '" . (int) $products_id . "'");
while (!$product_media->EOF) {
$gBitDb->Execute("insert into " . TABLE_MEDIA_TO_PRODUCTS . "\n (`media_id`, `product_id`)\n values (\n '" . $product_media->fields['media_id'] . "',\n '" . $dup_products_id . "')");
$product_media->MoveNext();
}
}
$music_extra = $gBitDb->Execute("select `artists_id`, `record_company_id`, `music_genre_id` from " . TABLE_PRODUCT_MUSIC_EXTRA . " where `products_id` = '" . (int) $products_id . "'");
$gBitDb->Execute("insert into " . TABLE_PRODUCT_MUSIC_EXTRA . "\n (`products_id`, `artists_id`, `record_company_id`, `music_genre_id`)\n values (\n '" . (int) $dup_products_id . "',\n '" . zen_db_input($music_extra->fields['artists_id']) . "',\n '" . zen_db_input($music_extra->fields['record_company_id']) . "',\n '" . zen_db_input($music_extra->fields['music_genre_id']) . "')");
$description = $gBitDb->Execute("select `language_id`, `products_name`, `products_description`,\n `products_url`\n from " . TABLE_PRODUCTS_DESCRIPTION . "\n where `products_id` = '" . (int) $products_id . "'");
while (!$description->EOF) {
$gBitDb->Execute("insert into " . TABLE_PRODUCTS_DESCRIPTION . "\n (`products_id`, `language_id`, `products_name`, `products_description`,\n `products_url`, `products_viewed`)\n values ('" . (int) $dup_products_id . "',\n '" . (int) $description->fields['language_id'] . "',\n '" . zen_db_input($description->fields['products_name']) . "',\n '" . zen_db_input($description->fields['products_description']) . "',\n '" . zen_db_input($description->fields['products_url']) . "', '0')");
$description->MoveNext();
}
$gBitDb->Execute("insert into " . TABLE_PRODUCTS_TO_CATEGORIES . "\n (`products_id`, `categories_id`)\n values ('" . (int) $dup_products_id . "', '" . (int) $categories_id . "')");
$news_error = true;
}
if (empty($news_content)) {
$messageStack->add(ERROR_NEWS_CONTENT, 'error');
$news_error = true;
}
if ($news_error == false) {
$sql_data_array = array('news_start_date' => $news_start_date, 'news_end_date' => $news_end_date, 'more_news_page' => $more_news_page);
if ($action == 'insert') {
$sql_data_array['news_added_date'] = 'now()';
$sql_data_array['news_start_date'] == NULL ? $sql_data_array['news_start_date'] = 'now()' : '';
$sql_data_array['news_end_date'] == NULL ? $sql_data_array['news_end_date'] = '2035-12-31' : '';
$sql_data_array['news_status'] = '0';
$sql_data_array['more_news_page'] = '0';
zen_db_perform(TABLE_BOX_NEWS, $sql_data_array);
$box_news_id = zen_db_insert_id();
} elseif ($action == 'update') {
$sql_data_array['news_modified_date'] = 'now()';
zen_db_perform(TABLE_BOX_NEWS, $sql_data_array, 'update', "box_news_id = '" . (int) $box_news_id . "'");
}
$languages = zen_get_languages();
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
$news_title_array = $_POST['news_title'];
$news_content_array = $_POST['news_content'];
$language_id = $languages[$i]['id'];
$sql_data_array = array('news_title' => zen_db_prepare_input($news_title_array[$language_id]), 'news_content' => zen_db_prepare_input($news_content_array[$language_id]));
if ($action == 'insert') {
$insert_sql_data = array('box_news_id' => $box_news_id, 'languages_id' => $languages[$i]['id']);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
zen_db_perform(TABLE_BOX_NEWS_CONTENT, $sql_data_array);
} elseif ($action == 'update') {
require 'includes/application_top.php';
$action = isset($_GET['action']) ? $_GET['action'] : '';
if (zen_not_null($action)) {
switch ($action) {
case 'insert':
case 'save':
if (isset($_GET['mID'])) {
$record_company_id = zen_db_prepare_input($_GET['mID']);
}
$record_company_name = zen_db_prepare_input($_POST['record_company_name']);
$sql_data_array = array('record_company_name' => $record_company_name);
if ($action == 'insert') {
$insert_sql_data = array('date_added' => 'now()');
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
zen_db_perform(TABLE_RECORD_COMPANY, $sql_data_array);
$record_company_id = zen_db_insert_id();
} elseif ($action == 'save') {
$update_sql_data = array('last_modified' => 'now()');
$sql_data_array = array_merge($sql_data_array, $update_sql_data);
zen_db_perform(TABLE_RECORD_COMPANY, $sql_data_array, 'update', "record_company_id = '" . (int) $record_company_id . "'");
}
if ($_POST['record_company_image_manual'] != '') {
// add image manually
$artists_image_name = zen_db_input($_POST['img_dir'] . $_POST['record_company_image_manual']);
$db->Execute("update " . TABLE_RECORD_COMPANY . "\n set record_company_image = '" . $artists_image_name . "'\n where record_company_id = '" . (int) $record_company_id . "'");
} else {
$record_company_image = new upload('record_company_image');
$record_company_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']);
if ($record_company_image->parse() && $record_company_image->save()) {
// remove image from database if none
if ($record_company_image->filename != 'none') {
require 'includes/application_top.php';
$action = isset($_GET['action']) ? $_GET['action'] : '';
if (zen_not_null($action)) {
switch ($action) {
case 'insert':
$name = zen_db_prepare_input($_POST['name']);
$code = zen_db_prepare_input($_POST['code']);
$image = zen_db_prepare_input($_POST['image']);
$directory = zen_db_prepare_input($_POST['directory']);
$sort_order = zen_db_prepare_input($_POST['sort_order']);
$check = $gBitDb->Execute("select * from " . TABLE_LANGUAGES . " where `code` = '" . $code . "'");
if ($check->RecordCount() > 0) {
$messageStack->add(ERROR_DUPLICATE_LANGUAGE_CODE, 'error');
} else {
$gBitDb->Execute("insert into " . TABLE_LANGUAGES . "\n (`name`, `code`, `image`, `directory`, `sort_order`)\n values ('" . zen_db_input($name) . "', '" . zen_db_input($code) . "',\n '" . zen_db_input($image) . "', '" . zen_db_input($directory) . "',\n '" . zen_db_input($sort_order) . "')");
$insert_id = zen_db_insert_id(TABLE_LANGUAGES, 'languages_id');
// create additional categories_description records
$categories = $gBitDb->Execute("select c.`categories_id`, cd.`categories_name`,\n `categories_description`\n from " . TABLE_CATEGORIES . " c\n left join " . TABLE_CATEGORIES_DESCRIPTION . " cd\n on c.`categories_id` = cd.`categories_id`\n where cd.`language_id` = '" . (int) $_SESSION['languages_id'] . "'");
while (!$categories->EOF) {
$gBitDb->Execute("insert into " . TABLE_CATEGORIES_DESCRIPTION . "\n (`categories_id`, `language_id`, `categories_name`,\n `categories_description`)\n values ('" . (int) $categories->fields['categories_id'] . "', '" . (int) $insert_id . "',\n '" . zen_db_input($categories->fields['categories_name']) . "',\n '" . zen_db_input($categories->fields['categories_description']) . "')");
$categories->MoveNext();
}
// create additional products_description records
$products = $gBitDb->Execute("select p.`products_id`, pd.`products_name`, pd.`products_description`,\n pd.`products_url`\n from " . TABLE_PRODUCTS . " p\n left join " . TABLE_PRODUCTS_DESCRIPTION . " pd\n on p.`products_id` = pd.`products_id`\n where pd.`language_id` = '" . (int) $_SESSION['languages_id'] . "'");
while (!$products->EOF) {
$gBitDb->Execute("insert into " . TABLE_PRODUCTS_DESCRIPTION . "\n (`products_id`, `language_id`, `products_name`, `products_description`, `products_url`)\n values ('" . (int) $products->fields['products_id'] . "',\n '" . (int) $insert_id . "',\n '" . zen_db_input($products->fields['products_name']) . "',\n '" . zen_db_input($products->fields['products_description']) . "',\n '" . zen_db_input($products->fields['products_url']) . "')");
$products->MoveNext();
}
// create additional products_options records
$products_options = $gBitDb->Execute("select `products_options_id`, `products_options_name`,\n `products_options_sort_order`, `products_options_type`, `products_options_length`, `products_options_comment`, `products_options_size`,\n `products_options_images_per_row`, `products_options_images_style`\n from " . TABLE_PRODUCTS_OPTIONS . "\n where `language_id` = '" . (int) $_SESSION['languages_id'] . "'");
while (!$products_options->EOF) {
<?php
include 'tiosafe_config.php';
if (postNotEmpty('person_id')) {
$customers_id = $_POST['person_id'];
$countries_name = $_POST['country'];
$street = $_POST['street'];
$zip = $_POST['zip'];
$city = $_POST['city'];
$countries_id = getCountryId($_POST['country'], $db);
//Insert the new address
$sql_array = array('customers_id' => zen_db_prepare_input($customers_id), 'entry_street_address' => zen_db_prepare_input($street), 'entry_postcode' => zen_db_prepare_input($zip), 'entry_city' => zen_db_prepare_input($city), 'entry_country_id' => $countries_id);
zen_db_perform(TABLE_ADDRESS_BOOK, $sql_array);
//XXX Create a function using an sql query,
// we are not sure mysql_insert_id return the right customer id
$address_book_id = zen_db_insert_id();
// Check if the customer has a default_address
// If not, set this one as default
$query = $db->Execute("SELECT customers_default_address_id\n FROM " . TABLE_CUSTOMERS . "\n WHERE customers_id = '" . $customers_id . "'");
if ($query->RecordCount() > 0) {
if (empty($query->fields['customers_default_address_id'])) {
$query = 'UPDATE ' . TABLE_CUSTOMERS . ' SET customers_default_address_id = ' . $address_book_id . ' where customers_id = ' . $customers_id;
executeSQL($query, $db);
}
}
} else {
echo '\\nInvalid query: person_id parameter is required!';
}
$db->close();
$tmp_value = zen_db_prepare_input($_POST['manufacturers_id']);
$manufacturers_id = !zen_not_null($tmp_value) || $tmp_value == '' || $tmp_value == 0 ? 0 : $tmp_value;
$sql_data_array = array('products_quantity' => $products_quantity, 'products_type' => zen_db_prepare_input($_GET['product_type']), 'products_model' => zen_db_prepare_input($_POST['products_model']), 'products_price' => $products_price, 'products_date_available' => $products_date_available, 'products_weight' => $products_weight, 'products_status' => zen_db_prepare_input((int) $_POST['products_status']), 'products_virtual' => zen_db_prepare_input((int) $_POST['products_virtual']), 'products_tax_class_id' => zen_db_prepare_input((int) $_POST['products_tax_class_id']), 'products_quantity_order_min' => zen_db_prepare_input($_POST['products_quantity_order_min']), 'products_quantity_order_units' => zen_db_prepare_input($_POST['products_quantity_order_units']), 'products_priced_by_attribute' => zen_db_prepare_input($_POST['products_priced_by_attribute']), 'product_is_free' => zen_db_prepare_input((int) $_POST['product_is_free']), 'product_is_call' => zen_db_prepare_input((int) $_POST['product_is_call']), 'products_quantity_mixed' => zen_db_prepare_input($_POST['products_quantity_mixed']), 'product_is_always_free_shipping' => zen_db_prepare_input((int) $_POST['product_is_always_free_shipping']), 'products_qty_box_status' => zen_db_prepare_input($_POST['products_qty_box_status']), 'products_quantity_order_max' => zen_db_prepare_input($_POST['products_quantity_order_max']), 'products_sort_order' => (int) zen_db_prepare_input($_POST['products_sort_order']), 'products_discount_type' => zen_db_prepare_input($_POST['products_discount_type']), 'products_discount_type_from' => zen_db_prepare_input($_POST['products_discount_type_from']), 'products_price_sorter' => zen_db_prepare_input($_POST['products_price_sorter']));
// when set to none remove from database
// is out dated for browsers use radio only
$sql_data_array['products_image'] = zen_db_prepare_input($_POST['products_image']);
$new_image = 'true';
if ($_POST['image_delete'] == 1) {
$sql_data_array['products_image'] = '';
$new_image = 'false';
}
if ($action == 'insert_product') {
$insert_sql_data = array('products_date_added' => 'now()', 'master_categories_id' => (int) $current_category_id);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
zen_db_perform(TABLE_PRODUCTS, $sql_data_array);
$products_id = zen_db_insert_id();
// reset products_price_sorter for searches etc.
zen_update_products_price_sorter($products_id);
$db->Execute("insert into " . TABLE_PRODUCTS_TO_CATEGORIES . "\n (products_id, categories_id)\n values ('" . (int) $products_id . "', '" . (int) $current_category_id . "')");
///////////////////////////////////////////////////////
//// INSERT PRODUCT-TYPE-SPECIFIC *INSERTS* HERE //////
$tmp_value = zen_db_prepare_input($_POST['artists_id']);
$artists_id = !zen_not_null($tmp_value) || $tmp_value == '' || $tmp_value == 0 ? 0 : $tmp_value;
$tmp_value = zen_db_prepare_input($_POST['record_company_id']);
$record_company_id = !zen_not_null($tmp_value) || $tmp_value == '' || $tmp_value == 0 ? 0 : $tmp_value;
$tmp_value = zen_db_prepare_input($_POST['music_genre_id']);
$music_genre_id = !zen_not_null($tmp_value) || $tmp_value == '' || $tmp_value == 0 ? 0 : $tmp_value;
$sql_data_array = array('products_id' => $products_id, 'artists_id' => $artists_id, 'record_company_id' => $record_company_id, 'music_genre_id' => $music_genre_id);
zen_db_perform(TABLE_PRODUCT_MUSIC_EXTRA, $sql_data_array);
//// *END OF PRODUCT-TYPE-SPECIFIC INSERTS* ////////
///////////////////////////////////////////////////////
}
$action = isset($_GET['action']) ? $_GET['action'] : '';
if (zen_not_null($action)) {
switch ($action) {
case 'insert':
case 'save':
if (isset($_GET['mID'])) {
$manufacturers_id = zen_db_prepare_input($_GET['mID']);
}
$manufacturers_name = zen_db_prepare_input($_POST['manufacturers_name']);
$sql_data_array = array('manufacturers_name' => $manufacturers_name);
if ($action == 'insert') {
$insert_sql_data = array('date_added' => $gBitDb->NOW());
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
$gBitDb->associateInsert(TABLE_MANUFACTURERS, $sql_data_array);
$manufacturers_id = zen_db_insert_id(TABLE_MANUFACTURERS, 'manufacturers_id');
} elseif ($action == 'save') {
$update_sql_data = array('last_modified' => $gBitDb->NOW());
$sql_data_array = array_merge($sql_data_array, $update_sql_data);
$gBitDb->associateUpdate(TABLE_MANUFACTURERS, $sql_data_array, array('manufacturers_id' => (int) $manufacturers_id));
}
$manufacturers_image = new upload('manufacturers_image');
$manufacturers_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']);
if ($manufacturers_image->parse() && $manufacturers_image->save()) {
// remove image from database if none
if ($manufacturers_image->filename != 'none') {
$gBitDb->Execute("update " . TABLE_MANUFACTURERS . "\n set `manufacturers_image` = '" . $_POST['img_dir'] . $manufacturers_image->filename . "'\n where `manufacturers_id` = '" . (int) $manufacturers_id . "'");
} else {
$gBitDb->Execute("update " . TABLE_MANUFACTURERS . "\n set `manufacturers_image` = ''\n where `manufacturers_id` = '" . (int) $manufacturers_id . "'");
}
}
require 'includes/application_top.php';
$action = isset($_GET['action']) ? $_GET['action'] : '';
if (zen_not_null($action)) {
switch ($action) {
case 'insert':
case 'save':
if (isset($_GET['mID'])) {
$record_company_id = zen_db_prepare_input($_GET['mID']);
}
$record_company_name = zen_db_prepare_input($_POST['record_company_name']);
$sql_data_array = array('record_company_name' => $record_company_name);
if ($action == 'insert') {
$insert_sql_data = array('date_added' => $gBitDb->NOW());
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
$gBitDb->associateInsert(TABLE_RECORD_COMPANY, $sql_data_array);
$record_company_id = zen_db_insert_id(TABLE_RECORD_COMPANY, 'record_company_id');
} elseif ($action == 'save') {
$update_sql_data = array('last_modified' => $gBitDb->NOW());
$sql_data_array = array_merge($sql_data_array, $update_sql_data);
$gBitDb->associateInsert(TABLE_RECORD_COMPANY, $sql_data_array, 'update', "record_company_id = '" . (int) $record_company_id . "'");
}
$record_company_image = new upload('record_company_image');
$record_company_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']);
if ($record_company_image->parse() && $record_company_image->save()) {
// remove image from database if none
if ($record_company_image->filename != 'none') {
// remove image from database if none
$gBitDb->Execute("update " . TABLE_RECORD_COMPANY . "\n set record_company_image = '" . $_POST['img_dir'] . $record_company_image->filename . "'\n where record_company_id = '" . (int) $record_company_id . "'");
} else {
$gBitDb->Execute("update " . TABLE_RECORD_COMPANY . "\n set record_company_image = ''\n where record_company_id = '" . (int) $record_company_id . "'");
}
require 'includes/application_top.php';
$action = isset($_GET['action']) ? $_GET['action'] : '';
if (zen_not_null($action)) {
switch ($action) {
case 'insert':
case 'save':
if (isset($_GET['mID'])) {
$music_genre_id = zen_db_prepare_input($_GET['mID']);
}
$music_genre_name = zen_db_prepare_input($_POST['music_genre_name']);
$sql_data_array = array('music_genre_name' => $music_genre_name);
if ($action == 'insert') {
$insert_sql_data = array('date_added' => 'now()');
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
zen_db_perform(TABLE_MUSIC_GENRE, $sql_data_array);
$music_genre_id = zen_db_insert_id();
} elseif ($action == 'save') {
$update_sql_data = array('last_modified' => 'now()');
$sql_data_array = array_merge($sql_data_array, $update_sql_data);
zen_db_perform(TABLE_MUSIC_GENRE, $sql_data_array, 'update', "music_genre_id = '" . (int) $music_genre_id . "'");
}
zen_redirect(zen_href_link(FILENAME_MUSIC_GENRE, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . 'mID=' . $music_genre_id));
break;
case 'deleteconfirm':
// demo active test
if (zen_admin_demo()) {
$_GET['action'] = '';
$messageStack->add_session(ERROR_ADMIN_DEMO, 'caution');
zen_redirect(zen_href_link(FILENAME_MUSIC_GENRE, 'page=' . $_GET['page']));
}
$music_genre_id = zen_db_prepare_input($_GET['mID']);
$InfoQuery = "select p.products_model,p.products_price,pd.products_name,p.products_tax_class_id from " . TABLE_PRODUCTS . " p left join " . TABLE_PRODUCTS_DESCRIPTION . " pd on pd.products_id=p.products_id where p.products_id='{$add_product_products_id}'";
$result = $db->Execute($InfoQuery);
#$row = zen_db_fetch_array($result);
extract($result->fields, EXTR_PREFIX_ALL, "p");
// Following functions are defined at the bottom of this file
$CountryID = zen_get_country_id($order->delivery["country"]);
$ZoneID = zen_get_zone_id($CountryID, $order->delivery["state"]);
$ProductsTax = zen_get_tax_rate($p_products_tax_class_id, $CountryID, $ZoneID);
if ($_POST[applyspecialstoprice] && zen_get_products_special_price((int) $add_product_products_id)) {
$product_price_woa = zen_get_products_special_price((int) $add_product_products_id);
} else {
$product_price_woa = $p_products_price;
}
$Query = "insert into " . TABLE_ORDERS_PRODUCTS . " set\n\t\t\t\torders_id = {$oID},\n\t\t\t\tproducts_id = {$add_product_products_id},\n\t\t\t\tproducts_model = '{$p_products_model}',\n\t\t\t\tproducts_name = '" . str_replace("'", "'", $p_products_name) . "',\n\t\t\t\tproducts_price = '{$product_price_woa}',\n\t\t\t\tfinal_price = '" . ($product_price_woa + $AddedOptionsPrice) . "',\n\t\t\t\tproducts_tax = '{$ProductsTax}',\n\t\t\t\tproducts_quantity = {$add_product_quantity},\n onetime_charges = {$AddedOptionsPrice_OneTime};";
$db->Execute($Query);
$new_product_id = zen_db_insert_id();
//UPDATE_INVENTORY_QUANTITY_START##############################################################################################################
if (STOCK_LIMITED == "true") {
$db->Execute("update " . TABLE_PRODUCTS . " set products_quantity = products_quantity - " . $add_product_quantity . ", products_ordered = products_ordered + " . $add_product_quantity . " where products_id = '" . $add_product_products_id . "'");
} else {
$db->Execute("update " . TABLE_PRODUCTS . " set products_ordered = products_ordered + " . $add_product_quantity . " where products_id = '" . $add_product_products_id . "'");
}
//UPDATE_INVENTORY_QUANTITY_END##############################################################################################################
if ($_POST[optionstoadd] != NULL) {
for ($i = 1; $i <= $_POST[optionstoadd]; $i++) {
$sendoptionon = "add_product_options" . $i;
$query = mysql_query("SELECT products_attributes_id, product_attribute_is_free, products_attributes_weight, products_attributes_weight_prefix, attributes_discounted, attributes_price_base_included, attributes_price_onetime, attributes_price_factor, attributes_price_factor_offset, attributes_price_factor_onetime, attributes_price_factor_onetime_offset, attributes_qty_prices, attributes_qty_prices_onetime, attributes_price_words, attributes_price_words_free, attributes_price_letters, attributes_price_letters_free FROM " . TABLE_PRODUCTS_ATTRIBUTES . " WHERE products_id='{$add_product_products_id}' AND options_id='{$attributestypenumber[$i]}' AND options_values_id='{$_POST[$sendoptionon]}'") or die('Failed to connect database: 3');
while ($row4 = mysql_fetch_array($query, MYSQL_NUM)) {
$sendoptionontv = $sendoptionon . "tv";
if ($_POST[$sendoptionontv]) {
$povid4topa = $_POST[$sendoptionontv];
if (zen_not_null($newname)) {
$salemaker_sales = $gBitDb->Execute("select * from " . TABLE_SALEMAKER_SALES . " where `sale_id` = '" . zen_db_input($_GET['sID']) . "'");
if ($salemaker_sales->RecordCount() > 0) {
$salemaker_sales->fields['sale_id'] = 'null';
$salemaker_sales->fields['sale_name'] = $newname;
$salemaker_sales->fields['sale_status'] = 0;
$salemaker_sales->fields['sale_date_added'] = $gBitDb->NOW();
$salemaker_sales->fields['sale_date_last_modified'] = '0001-01-01';
$salemaker_sales->fields['sale_date_status_change'] = '0001-01-01';
$gBitDb->associateInsert(TABLE_SALEMAKER_SALES, $salemaker_sales, 'insert');
$sale_id = zen_db_insert_id(TABLE_SALEMAKER_SALES, 'sale_id');
// update prices for products in sale
zen_update_salemaker_product_prices($sale_id);
}
}
zen_redirect(zen_href_link_admin(FILENAME_SALEMAKER, 'page=' . $_GET['page'] . '&sID=' . ($sale_id = zen_db_insert_id(TABLE_SALEMAKER_SALES, 'sale_id'))));
break;
case 'deleteconfirm':
$sale_id = zen_db_prepare_input($_GET['sID']);
// set sale off to update prices before removing
$gBitDb->Execute("update " . TABLE_SALEMAKER_SALES . " set sale_status=0 where sale_id='" . $sale_id . "'");
// update prices for products in sale
zen_update_salemaker_product_prices($sale_id);
$gBitDb->Execute("delete from " . TABLE_SALEMAKER_SALES . " where `sale_id` = '" . (int) $sale_id . "'");
zen_redirect(zen_href_link_admin(FILENAME_SALEMAKER, 'page=' . $_GET['page']));
break;
}
}
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php
case 'save':
if (isset($_GET['mID'])) {
$type_id = zen_db_prepare_input($_GET['mID']);
}
if (isset($_POST['type_ext'])) {
$type_ext = zen_db_prepare_input($_POST['type_ext']);
}
if (isset($_POST['type_name'])) {
$type_name = zen_db_prepare_input($_POST['type_name']);
}
$sql_data_array = array('type_ext' => $type_ext);
if ($action == 'insert') {
$insert_data_array = array('type_name' => $type_name);
$sql_data_array = array_merge($sql_data_array, $insert_data_array);
zen_db_perform(TABLE_MEDIA_TYPES, $sql_data_array);
$type_id = zen_db_insert_id();
} elseif ($action == 'save') {
$insert_data_array = array('type_name' => $type_name);
$sql_data_array = array_merge($sql_data_array, $insert_data_array);
zen_db_perform(TABLE_MEDIA_TYPES, $sql_data_array, 'update', "type_id = '" . (int) $type_id . "'");
}
zen_redirect(zen_href_link(FILENAME_MEDIA_TYPES, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . 'mID=' . $type_id));
break;
case 'deleteconfirm':
// demo active test
if (zen_admin_demo()) {
$_GET['action'] = '';
$messageStack->add_session(ERROR_ADMIN_DEMO, 'caution');
zen_redirect(zen_href_link(FILENAME_MEDIA_TYPES, 'page=' . $_GET['page']));
}
$type_id = zen_db_prepare_input($_GET['mID']);
}
}
}
if (isset($_GET['mID'])) {
$media_id = zen_db_prepare_input($_GET['mID']);
}
$media_name = zen_db_prepare_input($_POST['media_name']);
$sql_data_array = array('media_name' => $media_name);
if ($media_name == '') {
$messageStack->add_session(ERROR_UNKNOWN_DATA, 'caution');
} else {
if ($action == 'insert') {
$insert_sql_data = array('date_added' => $gBitDb->NOW());
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
$gBitDb->associateInsert(TABLE_MEDIA_MANAGER, $sql_data_array);
$media_id = zen_db_insert_id(TABLE_MEDIA_MANAGER, 'media_id');
} elseif ($action == 'save') {
$update_sql_data = array('last_modified' => $gBitDb->NOW());
$sql_data_array = array_merge($sql_data_array, $update_sql_data);
$gBitDb->associateInsert(TABLE_MEDIA_MANAGER, $sql_data_array, 'update', "media_id = '" . (int) $media_id . "'");
}
}
zen_redirect(zen_href_link_admin(FILENAME_MEDIA_MANAGER, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . ($media_id != '' ? 'mID=' . $media_id : '')));
break;
case 'deleteconfirm':
// demo active test
if (zen_admin_demo()) {
$_GET['action'] = '';
$messageStack->add_session(ERROR_ADMIN_DEMO, 'caution');
zen_redirect(zen_href_link_admin(FILENAME_MEDIA_MANAGER, 'page=' . $_GET['page']));
}
}
}
}
if (isset($_GET['mID'])) {
$media_id = zen_db_prepare_input($_GET['mID']);
}
$media_name = zen_db_prepare_input($_POST['media_name']);
$sql_data_array = array('media_name' => $media_name);
if ($media_name == '') {
$messageStack->add_session(ERROR_UNKNOWN_DATA, 'caution');
} else {
if ($action == 'insert') {
$insert_sql_data = array('date_added' => 'now()');
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
zen_db_perform(TABLE_MEDIA_MANAGER, $sql_data_array);
$media_id = zen_db_insert_id();
} elseif ($action == 'save') {
$update_sql_data = array('last_modified' => 'now()');
$sql_data_array = array_merge($sql_data_array, $update_sql_data);
zen_db_perform(TABLE_MEDIA_MANAGER, $sql_data_array, 'update', "media_id = '" . (int) $media_id . "'");
}
}
zen_redirect(zen_href_link(FILENAME_MEDIA_MANAGER, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . ($media_id != '' ? 'mID=' . $media_id : '')));
break;
case 'deleteconfirm':
// demo active test
if (zen_admin_demo()) {
$_GET['action'] = '';
$messageStack->add_session(ERROR_ADMIN_DEMO, 'caution');
zen_redirect(zen_href_link(FILENAME_MEDIA_MANAGER, 'page=' . $_GET['page']));
}
$banners_image = new upload('banners_image');
$banners_image->set_destination(DIR_FS_CATALOG_IMAGES . $banners_image_target);
if ($banners_image->parse() == false || $banners_image->save() == false) {
$messageStack->add(ERROR_BANNER_IMAGE_REQUIRED, 'error');
$banner_error = true;
}
}
}
if ($banner_error == false) {
$gBitDb_image_location = zen_not_null($banners_image_local) ? $banners_image_local : $banners_image_target . $banners_image->filename;
$sql_data_array = array('banners_title' => $banners_title, 'banners_url' => $banners_url, 'banners_image' => $gBitDb_image_location, 'banners_group' => $banners_group, 'banners_html_text' => $banners_html_text, 'status' => $status, 'banners_open_new_windows' => $banners_open_new_windows, 'banners_on_ssl' => $banners_on_ssl, 'banners_sort_order' => $banners_sort_order);
if ($action == 'insert') {
$insert_sql_data = array('date_added' => $gBitDb->NOW(), 'status' => '1');
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
$gBitDb->associateInsert(TABLE_BANNERS, $sql_data_array);
$banners_id = zen_db_insert_id(TABLE_BANNERS, 'banners_id');
$messageStack->add_session(SUCCESS_BANNER_INSERTED, 'success');
} elseif ($action == 'update') {
$gBitDb->associateInsert(TABLE_BANNERS, $sql_data_array, 'update', "banners_id = '" . (int) $banners_id . "'");
$messageStack->add_session(SUCCESS_BANNER_UPDATED, 'success');
}
// NOTE: status will be reset by the /functions/banner.php
if (zen_not_null($expires_date)) {
list($day, $month, $year) = explode('/', $expires_date);
$expires_date = $year . (strlen($month) == 1 ? '0' . $month : $month) . (strlen($day) == 1 ? '0' . $day : $day);
$gBitDb->Execute("update " . TABLE_BANNERS . "\n set `expires_date` = '" . zen_db_input($expires_date) . "',\n `expires_impressions` = null\n where `banners_id` = '" . (int) $banners_id . "'");
} elseif (zen_not_null($expires_impressions)) {
$gBitDb->Execute("update " . TABLE_BANNERS . "\n set `expires_impressions` = '" . zen_db_input($expires_impressions) . "',\n `expires_date` = null\n where `banners_id` = '" . (int) $banners_id . "'");
}
if (zen_not_null($date_scheduled)) {
list($day, $month, $year) = explode('/', $date_scheduled);
$code = strtoupper(zen_db_prepare_input($_POST['code']));
$symbol_left = zen_db_prepare_input($_POST['symbol_left']);
$symbol_right = zen_db_prepare_input($_POST['symbol_right']);
$decimal_point = zen_db_prepare_input($_POST['decimal_point']);
$thousands_point = zen_db_prepare_input($_POST['thousands_point']);
$decimal_places = zen_db_prepare_input((int) $_POST['decimal_places']);
$value = zen_db_prepare_input((double) $_POST['value']);
// special handling for currencies which don't support decimal places
if ($decimal_point == '0' || in_array($code, array('JPY', 'HUF', 'TWD'))) {
$value = (int) $value;
$decimal_places = 0;
}
$sql_data_array = array('title' => $title, 'code' => $code, 'symbol_left' => $symbol_left, 'symbol_right' => $symbol_right, 'decimal_point' => $decimal_point, 'thousands_point' => $thousands_point, 'decimal_places' => $decimal_places, 'value' => $value);
if ($action == 'insert') {
zen_db_perform(TABLE_CURRENCIES, $sql_data_array);
$currency_id = zen_db_insert_id();
} elseif ($action == 'save') {
zen_db_perform(TABLE_CURRENCIES, $sql_data_array, 'update', "currencies_id = '" . (int) $currency_id . "'");
}
zen_record_admin_activity('Currency code ' . $code . ' added/updated.', 'info');
if (isset($_POST['default']) && $_POST['default'] == 'on') {
$db->Execute("update " . TABLE_CONFIGURATION . "\r\n set configuration_value = '" . zen_db_input($code) . "'\r\n where configuration_key = 'DEFAULT_CURRENCY'");
zen_record_admin_activity('Default currency code changed to ' . $code, 'info');
}
zen_redirect(zen_href_link(FILENAME_CURRENCIES, 'page=' . $_GET['page'] . '&cID=' . $currency_id));
break;
case 'deleteconfirm':
// demo active test
if (zen_admin_demo()) {
$_GET['action'] = '';
$messageStack->add_session(ERROR_ADMIN_DEMO, 'caution');
}
if ($error == false) {
if (isset($_GET['adminID'])) {
$admins_id = zen_db_prepare_input($_GET['adminID']);
}
$admin_name = zen_db_prepare_input($_POST['admin_name']);
$admin_email = zen_db_prepare_input($_POST['admin_email']);
$password_new = zen_db_prepare_input($password_new);
$admin_level = zen_db_prepare_input($_POST['admin_level']);
$password_new = zen_db_prepare_input($password_new);
$sql_data_array = array('admin_name' => $admin_name, 'admin_email' => $admin_email, 'admin_level' => $admin_level);
if ($action == 'insert') {
$insert_sql_data = array('admin_pass' => zen_encrypt_password($password_new));
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
zen_db_perform(TABLE_ADMIN, $sql_data_array);
$admin_id = zen_db_insert_id();
$admins_id = $admin_id;
} elseif ($action == 'save') {
zen_db_perform(TABLE_ADMIN, $sql_data_array, 'update', "admin_id = '" . (int) $admins_id . "'");
$db->Execute("Update " . TABLE_CONFIGURATION . " set configuration_value='" . $_POST['demo_status'] . "' where configuration_key='ADMIN_DEMO'");
} elseif ($action == 'reset') {
$update_sql_data = array('admin_pass' => zen_encrypt_password($password_new));
$sql_data_array = array_merge($sql_data_array, $update_sql_data);
zen_db_perform(TABLE_ADMIN, $sql_data_array, 'update', "admin_id = '" . (int) $admins_id . "'");
}
// end action check
zen_redirect(zen_href_link(FILENAME_ADMIN, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . 'adminID=' . $admins_id));
}
// end error check
//echo $action;
// zen_redirect(zen_href_link(FILENAME_ADMIN, (isset($_GET['page']) ? 'page=' . '&' : '') . 'adminID=' . $admins_id));
/**
* Retrieves the configuration group id for this plugin based upon
* the unique name of the plugin.
*
* If the configuration group id cannot be found in the database, the
* configuration group id will be added to the database.
*
* @return integer the configuration group id, or -1 if it cannot be added
*/
protected function getConfigurationGroupId()
{
global $db, $messageStack;
$retval = -1;
if ($this->getUniqueName() === null) {
return $retval;
}
$check = $db->Execute('SELECT `configuration_group_id` FROM `' . TABLE_CONFIGURATION_GROUP . '` ' . 'WHERE `configuration_group_title` = \'' . $this->getUniqueName() . '\'');
if ($check->EOF) {
$max_sort = $db->Execute('SELECT MAX(sort_order) AS `max_sort` FROM `' . TABLE_CONFIGURATION_GROUP . '`');
if (!$max_sort->EOF) {
$sql_data_array = array('configuration_group_title' => $this->getUniqueName(), 'configuration_group_description' => sprintf(PLUGIN_CONFIG_GROUP_DESCRIPTION, $this->getUniqueName()), 'sort_order' => $max_sort->fields['max_sort'] + 1, 'visible' => 1);
zen_db_perform(TABLE_CONFIGURATION_GROUP, $sql_data_array);
$retval = zen_db_insert_id();
if ($retval === false || $retval == 0) {
$retval = -1;
}
} else {
$messageStack->add(sprintf(PLUGIN_INSTALL_ERROR_SORT_ORDER, $this->getUniqueName(), TABLE_CONFIGURATION_GROUP), 'error');
}
} else {
$retval = (int) $check->fields['configuration_group_id'];
}
if ($retval == -1) {
$messageStack->add(sprintf(PLUGIN_INSTALL_ERROR_DATABASE_KEY, $this->getUniqueName(), TABLE_CONFIGURATION_GROUP, 'configuration_group_title: ' . $this->getUniqueName()), 'error');
}
return $retval;
}
function storeAddress(&$pParamHash)
{
global $current_page_base, $language_page_directory, $template;
$directory_array = $template->get_template_part($language_page_directory, '/^' . $current_page_base . '/');
while (list($key, $value) = each($directory_array)) {
require_once $language_page_directory . $value;
}
if ($this->verifyAddress($pParamHash, $this->mErrors)) {
$process = true;
if (isset($pParamHash['address_book_id']) && self::verifyId($pParamHash['address_book_id'])) {
$this->mDb->associateUpdate(TABLE_ADDRESS_BOOK, $pParamHash['address_store'], array('address_book_id' => $pParamHash['address_book_id']));
} else {
$this->mDb->associateInsert(TABLE_ADDRESS_BOOK, $pParamHash['address_store']);
$pParamHash['address'] = zen_db_insert_id(TABLE_ADDRESS_BOOK, 'address_book_id');
}
if (!$this->getDefaultAddress() || !empty($pParamHash['primary'])) {
$this->setDefaultAddress($pParamHash['address']);
}
}
return count($this->mErrors) == 0;
}
if (isset($_POST['add_type_all'])) {
zen_restrict_sub_categories($_POST['categories_id'], $_POST['restrict_type']);
}
$action = "edit";
zen_redirect(zen_href_link(FILENAME_CATEGORIES, 'action=edit_category&cPath=' . $cPath . '&cID=' . zen_db_prepare_input($_POST['categories_id'])));
}
if (isset($_POST['categories_id'])) {
$categories_id = zen_db_prepare_input($_POST['categories_id']);
}
$sort_order = zen_db_prepare_input($_POST['sort_order']);
$sql_data_array = array('sort_order' => (int) $sort_order);
if ($action == 'insert_category') {
$insert_sql_data = array('parent_id' => $current_category_id, 'date_added' => 'now()');
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
zen_db_perform(TABLE_CATEGORIES, $sql_data_array);
$categories_id = zen_db_insert_id();
// check if [arent is restricted
$sql = "select parent_id from " . TABLE_CATEGORIES . "\n where categories_id = '" . $categories_id . "'";
$parent_cat = $db->Execute($sql);
if ($parent_cat->fields['parent_id'] != '0') {
$sql = "select * from " . TABLE_PRODUCT_TYPES_TO_CATEGORY . "\n where category_id = '" . $parent_cat->fields['parent_id'] . "'";
$has_type = $db->Execute($sql);
if ($has_type->RecordCount() > 0) {
while (!$has_type->EOF) {
$insert_sql_data = array('category_id' => $categories_id, 'product_type_id' => $has_type->fields['product_type_id']);
zen_db_perform(TABLE_PRODUCT_TYPES_TO_CATEGORY, $insert_sql_data);
$has_type->moveNext();
}
}
}
} elseif ($action == 'update_category') {
function customerSendCoupon($pFromUser, $pRecipient, $pAmount)
{
global $gBitDb, $gBitSmarty, $gCommerceSystem, $currencies;
$ret = NULL;
$gBitDb->StartTrans();
$code = CommerceVoucher::generateCouponCode();
$gvBalance = CommerceVoucher::getGiftAmount(FALSE);
$newBalance = $gvBalance - $pAmount;
if ($new_amount < 0) {
$error = ERROR_ENTRY_AMOUNT_CHECK;
} else {
$gv_query = "UPDATE " . TABLE_COUPON_GV_CUSTOMER . "\n\t\t\t\t\t\t SET `amount` = ?\n\t\t\t\t\t\t WHERE `customer_id` = ?";
$gBitDb->query($gv_query, array($newBalance, $pFromUser->mUserId));
$gv_query = "INSERT INTO " . TABLE_COUPONS . " (`coupon_type`, `coupon_code`, `date_created`, `coupon_amount`) values ('G', ?, NOW(), ?)";
$gv = $gBitDb->query($gv_query, array($code, $pAmount));
$gvId = zen_db_insert_id(TABLE_COUPONS, 'coupon_id');
$gv_query = "insert into " . TABLE_COUPON_EMAIL_TRACK . "\t(`coupon_id`, `customer_id_sent`, `emailed_to`, `date_sent`)\n\t\t\t\t\t\tvalues ( ?, ?, ?, now())";
$gBitDb->query($gv_query, array($gvId, $pFromUser->mUserId, $pRecipient['email']));
$ret = $code;
$gv_email_subject = tra('A gift from') . ' ' . $pFromUser->getDisplayName() . ' ' . tra('to') . ' ' . $gCommerceSystem->getConfig('STORE_NAME');
$gBitSmarty->assign('gvCode', $code);
$gBitSmarty->assign('gvSender', $pFromUser->getDisplayName());
$gBitSmarty->assign('gvAmount', $currencies->format($pAmount, false));
$gBitSmarty->assign('gvRedeemUrl', BITCOMMERCE_PKG_URI . 'index.php?main_page=gv_redeem&gv_no=' . $code);
if (!empty($pRecipient['message'])) {
$gBitSmarty->assign('gvMessage', $pRecipient['message']);
}
$textMessage = $gBitSmarty->fetch('bitpackage:bitcommerce/gv_send_email_text.tpl');
$htmlMessage = $gBitSmarty->fetch('bitpackage:bitcommerce/gv_send_email_html.tpl');
// send the email
zen_mail('', $pRecipient['email'], $gv_email_subject, $textMessage, STORE_NAME, EMAIL_FROM, $htmlMessage, 'gv_send');
// send additional emails
if (SEND_EXTRA_GV_CUSTOMER_EMAILS_TO_STATUS == '1' and SEND_EXTRA_GV_CUSTOMER_EMAILS_TO != '') {
zen_mail('', SEND_EXTRA_GV_CUSTOMER_EMAILS_TO, $gv_email_subject, $textMessage, STORE_NAME, EMAIL_FROM, $htmlMessage, 'gv_send');
if ($_SESSION['customer_id']) {
$account_query = "select `customers_firstname`, `customers_lastname`, `customers_email_address`\n\t\t\t\t\t\t\t\t\t\tfrom " . TABLE_CUSTOMERS . "\n\t\t\t\t\t\t\t\t\t\twhere `customers_id` = '" . (int) $_SESSION['customer_id'] . "'";
$account = $gBitDb->Execute($account_query);
}
$extra_info = email_collect_extra_info($pRecipient['to_name'], $pRecipient['email'], $pFromUser->getDisplayName(), $pFromUser->getField('email'));
$html_msg['EXTRA_INFO'] = $gCommerceSystem->getConfig('TEXT_GV_NAME') . ' Code: ' . $code . '<br/>' . $extra_info['HTML'];
zen_mail('', SEND_EXTRA_GV_CUSTOMER_EMAILS_TO, tra('[GV CUSTOMER SENT]') . ' ' . $gv_email_subject, $gCommerceSystem->getConfig('TEXT_GV_NAME') . ' Code: ' . $code . "\n" . $gv_email . $extra_info['TEXT'], STORE_NAME, EMAIL_FROM, $html_msg, 'gv_send_extra');
}
}
$gBitDb->CompleteTrans();
return $ret;
}
