function save($id = null, $data) { global $osC_Database, $osC_Language, $osC_Image; if (is_numeric($id)) { foreach ($osC_Language->getAll() as $l) { $image_upload = new upload('image' . $l['id'], DIR_FS_CATALOG . 'images/'); if ($image_upload->exists() && $image_upload->parse() && $image_upload->save()) { $Qdelete = $osC_Database->query('select image from :table_slide_images where image_id = :image_id and language_id=:language_id'); $Qdelete->bindTable(':table_slide_images', TABLE_SLIDE_IMAGES); $Qdelete->bindInt(':image_id', $id); $Qdelete->bindValue(':language_id', $l['id']); $Qdelete->execute(); if ($Qdelete->numberOfRows() > 0) { @unlink(DIR_FS_CATALOG . 'images/' . $Qdelete->value('image')); } $Qimage = $osC_Database->query('update :table_slide_images set image = :image, description = :description, image_url = :image_url, sort_order = :sort_order, status = :status where image_id = :image_id and language_id=:language_id'); $Qimage->bindValue(':image', $image_upload->filename); } else { $Qimage = $osC_Database->query('update :table_slide_images set description = :description, image_url = :image_url, sort_order = :sort_order, status = :status where image_id = :image_id and language_id=:language_id'); } $Qimage->bindTable(':table_slide_images', TABLE_SLIDE_IMAGES); $Qimage->bindValue(':description', $data['description'][$l['id']]); $Qimage->bindValue(':image_url', $data['image_url'][$l['id']]); $Qimage->bindValue(':sort_order', $data['sort_order']); $Qimage->bindValue(':status', $data['status']); $Qimage->bindInt(':image_id', $id); $Qimage->bindValue(':language_id', $l['id']); $Qimage->execute(); } } else { $Qmaximage = $osC_Database->query('select max(image_id) as image_id from :table_slide_images'); $Qmaximage->bindTable(':table_slide_images', TABLE_SLIDE_IMAGES); $Qmaximage->execute(); $image_id = $Qmaximage->valueInt('image_id') + 1; foreach ($osC_Language->getAll() as $l) { $products_image = new upload('image' . $l['id'], DIR_FS_CATALOG . 'images/'); if ($products_image->exists() && $products_image->parse() && $products_image->save()) { $Qimage = $osC_Database->query('insert into :table_slide_images (image_id,language_id ,description,image ,image_url ,sort_order,status) values (:image_id,:language_id,:description ,:image,:image_url ,:sort_order,:status)'); $Qimage->bindTable(':table_slide_images', TABLE_SLIDE_IMAGES); $Qimage->bindValue(':image_id', $image_id); $Qimage->bindValue(':language_id', $l['id']); $Qimage->bindValue(':description', $data['description'][$l['id']]); $Qimage->bindValue(':image', $products_image->filename); $Qimage->bindValue(':image_url', $data['image_url'][$l['id']]); $Qimage->bindValue(':sort_order', $data['sort_order']); $Qimage->bindValue(':status', $data['status']); $Qimage->execute(); } } } if ($osC_Database->isError()) { return false; } else { osC_Cache::clear('slide-images'); return true; } }
function storeFileUpload($file, $directory) { if (is_writeable($directory)) { $upload = new upload($file, $directory); if ($upload->exists() && $upload->parse() && $upload->save()) { return true; } } return false; }
function execute() { global $osC_Session, $osC_Product, $toC_Customization_Fields, $osC_Language, $messageStack; if (!isset($osC_Product)) { $id = false; foreach ($_GET as $key => $value) { if ((ereg('^[0-9]+(#?([0-9]+:?[0-9]+)+(;?([0-9]+:?[0-9]+)+)*)*$', $key) || ereg('^[a-zA-Z0-9 -_]*$', $key)) && $key != $osC_Session->getName()) { $id = $key; } break; } if ($id !== false && osC_Product::checkEntry($id)) { $osC_Product = new osC_Product($id); } } if (isset($osC_Product)) { $errors = array(); $data = array(); $customizations = $osC_Product->getCustomizations(); foreach ($customizations as $field) { $fields_id = $field['customization_fields_id']; if ($field['type'] == CUSTOMIZATION_FIELD_TYPE_INPUT_TEXT) { $value = isset($_POST['customizations'][$fields_id]) ? $_POST['customizations'][$fields_id] : null; if ($field['is_required'] && $value == null) { $messageStack->add_session('products_customizations', sprintf($osC_Language->get('error_customization_field_must_be_specified'), $field['name']), 'error'); } else { if ($value != null) { $data[$fields_id] = array('customization_fields_id' => $field['customization_fields_id'], 'customization_fields_name' => $field['name'], 'customization_type' => CUSTOMIZATION_FIELD_TYPE_INPUT_TEXT, 'customization_value' => $value); } } } else { $file = new upload('customizations_' . $fields_id, DIR_FS_CACHE . '/products_customizations/'); if ($field['is_required'] && !$file->exists() && !$toC_Customization_Fields->hasCustomizationField($osC_Product->getID(), $fields_id)) { $messageStack->add_session('products', sprintf($osC_Language->get('error_customization_field_must_be_specified'), $field['name']), 'error'); } else { if ($file->exists()) { if ($file->parse() && $file->save()) { $filename = $file->filename; $cache_filename = md5($filename . time()); rename(DIR_FS_CACHE . '/products_customizations/' . $filename, DIR_FS_CACHE . '/products_customizations/' . $cache_filename); $data[$fields_id] = array('customization_fields_id' => $field['customization_fields_id'], 'customization_fields_name' => $field['name'], 'customization_type' => CUSTOMIZATION_FIELD_TYPE_INPUT_FILE, 'customization_value' => $filename, 'cache_filename' => $cache_filename); } else { $messageStack->add_session('products_customizations', $file->getLastError(), 'error'); } } } } } //var_dump($data);exit; if ($messageStack->size('products_customizations') === 0) { $toC_Customization_Fields->set($osC_Product->getID(), $data); } } osc_redirect(osc_href_link(FILENAME_PRODUCTS, $osC_Product->getID())); }
function get_upload_file($fld) { global $UploadCache; if (!isset($UploadCache)) { $UploadCache = array(); } if (!isset($UploadCache[$fld])) { $model_image_obj = new upload($fld); $model_image_obj->set_destination(DIR_FS_CATALOG_IMAGES); $UploadCache[$fld] = $model_image_obj->parse() && $model_image_obj->save() ? $model_image_obj->filename : ''; } //echo 'get_upload_file('.$fld.")=".$UploadCache[$fld]."\n"; return $UploadCache[$fld]; }
public static function save($id = null, $data) { global $osC_Database; $error = false; if (empty($data['html_text']) && empty($data['image_local']) && !empty($data['image'])) { $image = new upload($data['image'], realpath('../images/' . $data['image_target'])); if (!$image->exists() || !$image->parse() || !$image->save()) { $error = true; } } if ($error === false) { $image_location = !empty($data['image_local']) ? $data['image_local'] : (isset($image) ? $data['image_target'] . $image->filename : null); if (is_numeric($id)) { $Qbanner = $osC_Database->query('update :table_banners set banners_title = :banners_title, banners_url = :banners_url, banners_image = :banners_image, banners_group = :banners_group, banners_html_text = :banners_html_text, expires_date = :expires_date, expires_impressions = :expires_impressions, date_scheduled = :date_scheduled, status = :status where banners_id = :banners_id'); $Qbanner->bindInt(':banners_id', $id); } else { $Qbanner = $osC_Database->query('insert into :table_banners (banners_title, banners_url, banners_image, banners_group, banners_html_text, expires_date, expires_impressions, date_scheduled, status, date_added) values (:banners_title, :banners_url, :banners_image, :banners_group, :banners_html_text, :expires_date, :expires_impressions, :date_scheduled, :status, now())'); } $Qbanner->bindTable(':table_banners', TABLE_BANNERS); $Qbanner->bindValue(':banners_title', $data['title']); $Qbanner->bindValue(':banners_url', $data['url']); $Qbanner->bindValue(':banners_image', $image_location); $Qbanner->bindValue(':banners_group', !empty($data['group_new']) ? $data['group_new'] : $data['group']); $Qbanner->bindValue(':banners_html_text', $data['html_text']); if (empty($data['date_expires'])) { $Qbanner->bindRaw(':expires_date', 'null'); $Qbanner->bindInt(':expires_impressions', $data['expires_impressions']); } else { $Qbanner->bindValue(':expires_date', $data['date_expires']); $Qbanner->bindInt(':expires_impressions', 0); } if (empty($data['date_scheduled'])) { $Qbanner->bindRaw(':date_scheduled', 'null'); $Qbanner->bindInt(':status', $data['status'] === true ? 1 : 0); } else { $Qbanner->bindValue(':date_scheduled', $data['date_scheduled']); $Qbanner->bindInt(':status', $data['date_scheduled'] > date('Y-m-d') ? 0 : ($data['status'] === true ? 1 : 0)); } $Qbanner->setLogging($_SESSION['module'], $id); $Qbanner->execute(); if (!$osC_Database->isError()) { return true; } } return false; }
function put_logo_image($action = '') { $newname = DIR_FS_CATALOG . 'images/' . $this->store_id . '_images'; if (!is_dir($newname)) { mkdir($newname); } $allowed_files_types = array('gif', 'jpg', 'png'); if (is_dir($newname)) { $store_logo_image = new upload($this->store_logo); $store_logo_image->set_destination($newname); $store_logo_image->set_extensions($allowed_files_types); $parsed = $store_logo_image->parse(); if (!$parsed && $action == '') { if (copy(DIR_FS_CATALOG . 'images/store_images/default/default_store_logo.gif', $newname . '/default_store_logo.gif')) { smn_db_query("update " . TABLE_STORE_MAIN . " set store_image = 'default_store_logo.gif' where store_id = '" . (int) $this->store_id . "'"); } } else { if ($store_logo_image->file['size'] > MAX_IMAGE_FILE_SIZE && $parsed) { if (copy(DIR_FS_CATALOG . 'images/store_images/default/default_store_logo.gif', $newname . '/default_store_logo.gif')) { smn_db_query("update " . TABLE_STORE_MAIN . " set store_image = 'default_store_logo.gif' where store_id = '" . (int) $this->store_id . "'"); } return sprintf(ERROR_IMAGE_FILE_SIZE_EXCEED, MAX_IMAGE_FILE_SIZE); } elseif ($parsed) { $ext = substr($store_logo_image->filename, -4); $store_logo_image->set_filename('logo' . $ext); $saved = $store_logo_image->save(); if ($saved) { smn_db_query("update " . TABLE_STORE_MAIN . " set store_image = '" . $store_logo_image->filename . "' where store_id = '" . (int) $this->store_id . "'"); } elseif ($action == '') { $this->store_logo_image_name = ''; if (copy(DIR_FS_CATALOG . 'images/store_images/default/default_store_logo.gif', $newname . '/default_store_logo.gif')) { smn_db_query("update " . TABLE_STORE_MAIN . " set store_image = 'default_store_logo.gif' where store_id = '" . (int) $this->store_id . "'"); } } } } } else { return ERROR_CATALOG_IMAGE_DIRECTORY_DOES_NOT_EXIST; } return ''; }
function upload() { $logo_image = new upload('logo_image'); if ($logo_image->exists()) { self::deleteLogo('originals'); $img_type = substr($_FILES['logo_image']['name'], strrpos($_FILES['logo_image']['name'], '.') + 1); $original = DIR_FS_CATALOG . DIR_WS_IMAGES . 'logo_originals.' . $img_type; $logo_image->set_destination(realpath(DIR_FS_CATALOG . 'images/')); if ($logo_image->parse() && $logo_image->save()) { copy(DIR_FS_CATALOG . 'images/' . $logo_image->filename, $original); @unlink(DIR_FS_CATALOG . 'images/' . $logo_image->filename); $osC_DirectoryListing = new osC_DirectoryListing('../templates'); $osC_DirectoryListing->setIncludeDirectories(true); $osC_DirectoryListing->setIncludeFiles(false); $osC_DirectoryListing->setExcludeEntries('system'); $templates = $osC_DirectoryListing->getFiles(); foreach ($templates as $template) { $code = $template['name']; if (file_exists('../templates/' . $code . '/template.php')) { include '../templates/' . $code . '/template.php'; $class = 'osC_Template_' . $code; self::deleteLogo($code); if (class_exists($class)) { $module = new $class(); $logo_height = $module->getLogoHeight(); $logo_width = $module->getLogoWidth(); $dest_image = DIR_FS_CATALOG . DIR_WS_IMAGES . 'logo_' . $code . '.' . $img_type; osc_gd_resize($original, $dest_image, $logo_width, $logo_height); } } } return true; } } return false; }
smn_reset_cache_block('also_purchased'); } } smn_redirect(html_entity_decode(smn_href_link(FILENAME_STORE_PRODUCT_CATEGORIES, 'cPath=' . $categories_id . '&ID='.$store_id.'&pID=' . $products_id))); break; case 'new_product_preview': if (! checkVoucherPermissions($store_id, $_POST['products_model'])) { $messageStack->add(ERROR_VENDORS_CANT_ADD_VOUCHERS, 'error'); $allow_insert = 'false'; } else { // copy image only if modified $allowed_files_types = array('gif', 'jpg', 'jpeg', 'png'); $products_image = new upload('products_image'); $products_image->set_destination(DIR_FS_CATALOG_IMAGES); $products_image->set_extensions($allowed_files_types); if ($products_image->parse() && $products_image->save()) { $products_image_name = $products_image->filename; } else { $products_image_name = (isset($_POST['products_previous_image']) ? $_POST['products_previous_image'] : ''); } } break; } } // check if the catalog image directory exists if (is_dir(DIR_FS_CATALOG_IMAGES)) { if (!is_writeable(DIR_FS_CATALOG_IMAGES)) $messageStack->add(ERROR_CATALOG_IMAGE_DIRECTORY_NOT_WRITEABLE, 'error'); } else { $messageStack->add(ERROR_CATALOG_IMAGE_DIRECTORY_DOES_NOT_EXIST, 'error'); }
} $manufacturers_name = tep_db_prepare_input($HTTP_POST_VARS['manufacturers_name']); $sql_data_array = array('manufacturers_name' => $manufacturers_name); if ($action == 'insert') { $insert_sql_data = array('date_added' => 'now()'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); tep_db_perform(TABLE_MANUFACTURERS, $sql_data_array); $manufacturers_id = tep_db_insert_id(); } elseif ($action == 'save') { $update_sql_data = array('last_modified' => 'now()'); $sql_data_array = array_merge($sql_data_array, $update_sql_data); tep_db_perform(TABLE_MANUFACTURERS, $sql_data_array, 'update', "manufacturers_id = '" . (int) $manufacturers_id . "'"); } $manufacturers_image = new upload('manufacturers_image'); $manufacturers_image->set_destination(DIR_FS_CATALOG_IMAGES); if ($manufacturers_image->parse() && $manufacturers_image->save()) { tep_db_query("update " . TABLE_MANUFACTURERS . " set manufacturers_image = '" . tep_db_input($manufacturers_image->filename) . "' where manufacturers_id = '" . (int) $manufacturers_id . "'"); } $languages = tep_get_languages(); for ($i = 0, $n = sizeof($languages); $i < $n; $i++) { $manufacturers_url_array = $HTTP_POST_VARS['manufacturers_url']; $language_id = $languages[$i]['id']; $sql_data_array = array('manufacturers_url' => tep_db_prepare_input($manufacturers_url_array[$language_id])); if ($action == 'insert') { $insert_sql_data = array('manufacturers_id' => $manufacturers_id, 'languages_id' => $language_id); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); tep_db_perform(TABLE_MANUFACTURERS_INFO, $sql_data_array); } elseif ($action == 'save') { tep_db_perform(TABLE_MANUFACTURERS_INFO, $sql_data_array, 'update', "manufacturers_id = '" . (int) $manufacturers_id . "' and languages_id = '" . (int) $language_id . "'"); } }
/** * Method to handle cart Action - add product * * @param string forward destination * @param url parameters */ function actionAddProduct($goto, $parameters) { global $db, $messageStack; if ($this->display_debug_messages) { $messageStack->add_session('header', 'A: FUNCTION ' . __FUNCTION__, 'caution'); } if (isset($_POST['products_id']) && is_numeric($_POST['products_id'])) { // verify attributes and quantity first if ($this->display_debug_messages) { $messageStack->add_session('header', 'A2: FUNCTION ' . __FUNCTION__, 'caution'); } $the_list = ''; $adjust_max = 'false'; if (isset($_POST['id'])) { foreach ($_POST['id'] as $key => $value) { $check = zen_get_attributes_valid($_POST['products_id'], $key, $value); if ($check == false) { $the_list .= TEXT_ERROR_OPTION_FOR . '<span class="alertBlack">' . zen_options_name($key) . '</span>' . TEXT_INVALID_SELECTION . '<span class="alertBlack">' . ($value == (int) PRODUCTS_OPTIONS_VALUES_TEXT_ID ? TEXT_INVALID_USER_INPUT : zen_values_name($value)) . '</span>' . '<br />'; } } } if (!is_numeric($_POST['cart_quantity']) || $_POST['cart_quantity'] < 0) { // adjust quantity when not a value $chk_link = '<a href="' . zen_href_link(zen_get_info_page($_POST['products_id']), 'cPath=' . zen_get_generated_category_path_rev(zen_get_products_category_id($_POST['products_id'])) . '&products_id=' . $_POST['products_id']) . '">' . zen_get_products_name($_POST['products_id']) . '</a>'; $messageStack->add_session('header', ERROR_CORRECTIONS_HEADING . ERROR_PRODUCT_QUANTITY_UNITS_SHOPPING_CART . $chk_link . ' ' . PRODUCTS_ORDER_QTY_TEXT . zen_output_string_protected($_POST['cart_quantity']), 'caution'); $_POST['cart_quantity'] = 0; } // verify qty to add $add_max = zen_get_products_quantity_order_max($_POST['products_id']); $cart_qty = $this->in_cart_mixed($_POST['products_id']); if ($this->display_debug_messages) { $messageStack->add_session('header', 'B: FUNCTION ' . __FUNCTION__ . ' Products_id: ' . $_POST['products_id'] . ' cart_qty: ' . $cart_qty . ' $_POST[cart_quantity]: ' . $_POST['cart_quantity'] . ' <br>', 'caution'); } $new_qty = $_POST['cart_quantity']; $new_qty = $this->adjust_quantity($new_qty, $_POST['products_id'], 'shopping_cart'); // bof: adjust new quantity to be same as current in stock $chk_current_qty = zen_get_products_stock($_POST['products_id']); $this->flag_duplicate_msgs_set = FALSE; if (STOCK_ALLOW_CHECKOUT == 'false' && $cart_qty + $new_qty > $chk_current_qty) { $new_qty = $chk_current_qty; $messageStack->add_session('shopping_cart', ($this->display_debug_messages ? 'C: FUNCTION ' . __FUNCTION__ . ': ' : '') . WARNING_PRODUCT_QUANTITY_ADJUSTED . zen_get_products_name($_POST['products_id']), 'caution'); $this->flag_duplicate_msgs_set = TRUE; } // eof: adjust new quantity to be same as current in stock if ($add_max == 1 and $cart_qty == 1) { // do not add $new_qty = 0; $adjust_max = 'true'; } else { // bof: adjust new quantity to be same as current in stock if (STOCK_ALLOW_CHECKOUT == 'false' && $new_qty + $cart_qty > $chk_current_qty) { $adjust_new_qty = 'true'; $alter_qty = $chk_current_qty - $cart_qty; $new_qty = $alter_qty > 0 ? $alter_qty : 0; if (!$this->flag_duplicate_msgs_set) { $messageStack->add_session('shopping_cart', ($this->display_debug_messages ? 'D: FUNCTION ' . __FUNCTION__ . ': ' : '') . WARNING_PRODUCT_QUANTITY_ADJUSTED . zen_get_products_name($_POST['products_id']), 'caution'); } } // eof: adjust new quantity to be same as current in stock // adjust quantity if needed if ($new_qty + $cart_qty > $add_max and $add_max != 0) { $adjust_max = 'true'; $new_qty = $add_max - $cart_qty; } } if (zen_get_products_quantity_order_max($_POST['products_id']) == 1 and $this->in_cart_mixed($_POST['products_id']) == 1) { // do not add } else { // process normally // bof: set error message if ($the_list != '') { $messageStack->add('product_info', ERROR_CORRECTIONS_HEADING . $the_list, 'caution'); } else { // process normally // iii 030813 added: File uploading: save uploaded files with unique file names $real_ids = isset($_POST['id']) ? $_POST['id'] : ""; if (isset($_GET['number_of_uploads']) && $_GET['number_of_uploads'] > 0) { /** * Need the upload class for attribute type that allows user uploads. * */ include DIR_WS_CLASSES . 'upload.php'; for ($i = 1, $n = $_GET['number_of_uploads']; $i <= $n; $i++) { if (zen_not_null($_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]]) and $_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] != 'none') { $products_options_file = new upload('id'); $products_options_file->set_destination(DIR_FS_UPLOADS); $products_options_file->set_output_messages('session'); if ($products_options_file->parse(TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i])) { $products_image_extension = substr($products_options_file->filename, strrpos($products_options_file->filename, '.')); if ($_SESSION['customer_id']) { $db->Execute("insert into " . TABLE_FILES_UPLOADED . " (sesskey, customers_id, files_uploaded_name) values('" . zen_session_id() . "', '" . $_SESSION['customer_id'] . "', '" . zen_db_input($products_options_file->filename) . "')"); } else { $db->Execute("insert into " . TABLE_FILES_UPLOADED . " (sesskey, files_uploaded_name) values('" . zen_session_id() . "', '" . zen_db_input($products_options_file->filename) . "')"); } $insert_id = $db->Insert_ID(); $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $insert_id . ". " . $products_options_file->filename; $products_options_file->set_filename("{$insert_id}" . $products_image_extension); if (!$products_options_file->save()) { break; } } else { break; } } else { // No file uploaded -- use previous value $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $_POST[TEXT_PREFIX . UPLOAD_PREFIX . $i]; } } } $this->add_cart($_POST['products_id'], $this->get_quantity(zen_get_uprid($_POST['products_id'], $real_ids)) + $new_qty, $real_ids); // iii 030813 end of changes. } // eof: set error message } // eof: quantity maximum = 1 if ($adjust_max == 'true') { $messageStack->add_session('shopping_cart', ERROR_MAXIMUM_QTY . zen_get_products_name($_POST['products_id']), 'caution'); if ($this->display_debug_messages) { $messageStack->add_session('header', 'E: FUNCTION ' . __FUNCTION__ . '<br>' . ERROR_MAXIMUM_QTY . zen_get_products_name($_POST['products_id']), 'caution'); } } } if ($the_list == '') { // no errors // display message if all is good and not on shopping_cart page if (DISPLAY_CART == 'false' && $_GET['main_page'] != FILENAME_SHOPPING_CART && $messageStack->size('shopping_cart') == 0) { $messageStack->add_session('header', ($this->display_debug_messages ? 'FUNCTION ' . __FUNCTION__ . ': ' : '') . SUCCESS_ADDED_TO_CART_PRODUCT, 'success'); zen_redirect(zen_href_link($goto, zen_get_all_get_params($parameters))); } else { zen_redirect(zen_href_link(FILENAME_SHOPPING_CART)); } } else { // errors found with attributes - perhaps display an additional message here, using an observer class to add to the messageStack $this->notify('NOTIFIER_CART_OPTIONAL_ATTRIBUTE_ERROR_MESSAGE_HOOK', $_POST, $the_list); } }
if (is_writable($_SESSION['current_path']) && ($fp = fopen($_SESSION['current_path'] . '/' . basename($_POST['filename']), 'w+'))) { fputs($fp, stripslashes($_POST['file_contents'])); fclose($fp); xos_redirect(xos_href_link(FILENAME_FILE_MANAGER, 'info=' . urlencode(basename($_POST['filename'])))); } } else { $action = 'new_file'; $directory_writeable = true; $messageStack->add('header', ERROR_FILENAME_EMPTY, 'error'); } break; case 'processuploads': for ($i = 1; $i < 6; $i++) { if (!empty($_FILES['file_' . $i]['name'])) { $upload = new upload('file_' . $i, $_SESSION['current_path'], '644'); $upload->parse(); $upload->save(); } } xos_redirect(xos_href_link(FILENAME_FILE_MANAGER)); break; case 'download': header_remove(); header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Cache-Control: no-store, no-cache, must-revalidate'); header('Cache-Control: post-check=0, pre-check=0', false); header('Pragma: no-cache'); header('Content-Type: application/octet-stream'); header('Content-Length: ' . @filesize($_SESSION['current_path'] . '/' . urldecode($_GET['filename']))); header('Content-Disposition: attachment; filename="' . urldecode($_GET['filename']) . '"');
function save($id = null, $data) { global $osC_Database, $osC_Language, $osC_Image, $osC_Session; $error = false; $osC_Database->startTransaction(); //products if (is_numeric($id)) { $Qproduct = $osC_Database->query('update :table_products set products_type = :products_type, products_sku = :products_sku, products_model = :products_model, products_price = :products_price, products_quantity = :products_quantity, products_moq = :products_moq, products_max_order_quantity = :products_max_order_quantity, order_increment = :order_increment, quantity_unit_class = :quantity_unit_class, products_date_available = :products_date_available, products_weight = :products_weight, products_weight_class = :products_weight_class, products_status = :products_status, products_tax_class_id = :products_tax_class_id, manufacturers_id = :manufacturers_id, quantity_discount_groups_id = :quantity_discount_groups_id, products_last_modified = now(), products_attributes_groups_id = :products_attributes_groups_id where products_id = :products_id'); $Qproduct->bindInt(':products_id', $id); } else { $Qproduct = $osC_Database->query('insert into :table_products (products_type, products_sku, products_model, products_price, products_quantity, products_moq, products_max_order_quantity, order_increment, quantity_unit_class, products_date_available, products_weight, products_weight_class, products_status, products_tax_class_id, manufacturers_id, products_date_added, quantity_discount_groups_id, products_attributes_groups_id) values (:products_type, :products_sku, :products_model, :products_price, :products_quantity, :products_moq, :products_max_order_quantity, :order_increment, :quantity_unit_class, :products_date_available, :products_weight, :products_weight_class, :products_status, :products_tax_class_id, :manufacturers_id, :products_date_added, :quantity_discount_groups_id, :products_attributes_groups_id)'); $Qproduct->bindRaw(':products_date_added', 'now()'); } $Qproduct->bindTable(':table_products', TABLE_PRODUCTS); $Qproduct->bindInt(':products_type', $data['products_type']); $Qproduct->bindValue(':products_sku', $data['products_sku']); $Qproduct->bindValue(':products_model', $data['products_model']); $Qproduct->bindValue(':products_price', $data['price']); $Qproduct->bindInt(':products_quantity', $data['quantity']); $Qproduct->bindInt(':products_moq', $data['products_moq']); $Qproduct->bindInt(':products_max_order_quantity', $data['products_max_order_quantity']); $Qproduct->bindInt(':order_increment', $data['order_increment']); $Qproduct->bindInt(':quantity_unit_class', $data['quantity_unit_class']); if (date('Y-m-d') < $data['date_available']) { $Qproduct->bindValue(':products_date_available', $data['date_available']); } else { $Qproduct->bindRaw(':products_date_available', 'null'); } $Qproduct->bindValue(':products_weight', $data['weight']); $Qproduct->bindInt(':products_weight_class', $data['weight_class']); $Qproduct->bindInt(':products_status', $data['status']); $Qproduct->bindInt(':products_tax_class_id', $data['tax_class_id']); $Qproduct->bindInt(':manufacturers_id', $data['manufacturers_id']); $Qproduct->bindInt(':quantity_discount_groups_id', $data['quantity_discount_groups_id']); if (empty($data['products_attributes_groups_id'])) { $Qproduct->bindRaw(':products_attributes_groups_id', 'null'); } else { $Qproduct->bindInt(':products_attributes_groups_id', $data['products_attributes_groups_id']); } $Qproduct->setLogging($_SESSION['module'], $id); $Qproduct->execute(); if ($osC_Database->isError()) { $error = true; } else { if (is_numeric($id)) { $products_id = $id; } else { $products_id = $osC_Database->nextID(); } //products_to_categories $Qcategories = $osC_Database->query('delete from :table_products_to_categories where products_id = :products_id'); $Qcategories->bindTable(':table_products_to_categories', TABLE_PRODUCTS_TO_CATEGORIES); $Qcategories->bindInt(':products_id', $products_id); $Qcategories->setLogging($_SESSION['module'], $products_id); $Qcategories->execute(); if ($osC_Database->isError()) { $error = true; } else { if (isset($data['categories']) && !empty($data['categories'])) { foreach ($data['categories'] as $category_id) { $Qp2c = $osC_Database->query('insert into :table_products_to_categories (products_id, categories_id) values (:products_id, :categories_id)'); $Qp2c->bindTable(':table_products_to_categories', TABLE_PRODUCTS_TO_CATEGORIES); $Qp2c->bindInt(':products_id', $products_id); $Qp2c->bindInt(':categories_id', $category_id); $Qp2c->setLogging($_SESSION['module'], $products_id); $Qp2c->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } } if ($error === false && is_numeric($id)) { $Qdelete = $osC_Database->query('delete from :table_products_attachments_to_products where products_id = :products_id'); $Qdelete->bindTable(':table_products_attachments_to_products', TABLE_PRODUCTS_ATTACHMENTS_TO_PRODUCTS); $Qdelete->bindInt(':products_id', $products_id); $Qdelete->setLogging($_SESSION['module'], $products_id); $Qdelete->execute(); if ($osC_Database->isError()) { $error = true; } } if ($error === false && sizeof($data['attachments']) > 0) { foreach ($data['attachments'] as $attachments_id) { $Qp2a = $osC_Database->query('insert into :table_products_attachments_to_products (products_id, attachments_id) values (:products_id, :attachments_id)'); $Qp2a->bindTable(':table_products_attachments_to_products', TABLE_PRODUCTS_ATTACHMENTS_TO_PRODUCTS); $Qp2a->bindInt(':products_id', $products_id); $Qp2a->bindInt(':attachments_id', $attachments_id); $Qp2a->setLogging($_SESSION['module'], $products_id); $Qp2a->execute(); if ($osC_Database->isError()) { $error = true; break; } } } //accessories if ($error === false) { if (is_numeric($id)) { $Qdelete = $osC_Database->query('delete from :table_products_accessories where products_id = :products_id'); $Qdelete->bindTable(':table_products_accessories', TABLE_PRODUCTS_ACCESSORIES); $Qdelete->bindInt(':products_id', $products_id); $Qdelete->setLogging($_SESSION['module'], $products_id); $Qdelete->execute(); if ($osC_Database->isError()) { $error = true; } } if (sizeof($data['accessories_ids']) > 0) { foreach ($data['accessories_ids'] as $accessories_id) { $Qinsert = $osC_Database->query('insert into :table_products_accessories (products_id, accessories_id) values (:products_id, :accessories_id)'); $Qinsert->bindTable(':table_products_accessories', TABLE_PRODUCTS_ACCESSORIES); $Qinsert->bindInt(':products_id', $products_id); $Qinsert->bindInt(':accessories_id', $accessories_id); $Qinsert->setLogging($_SESSION['module'], $products_id); $Qinsert->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } //downloadable products & gift certificates if ($data['products_type'] == PRODUCT_TYPE_DOWNLOADABLE) { if (is_numeric($id)) { $Qdownloadables = $osC_Database->query('update :table_products_downloadables set number_of_downloads = :number_of_downloads, number_of_accessible_days = :number_of_accessible_days where products_id = :products_id'); } else { $Qdownloadables = $osC_Database->query('insert into :table_products_downloadables (products_id, number_of_downloads, number_of_accessible_days) values (:products_id, :number_of_downloads, :number_of_accessible_days)'); } $Qdownloadables->bindTable(':table_products_downloadables', TABLE_PRODUCTS_DOWNLOADABLES); $Qdownloadables->bindInt(':products_id', $products_id); $Qdownloadables->bindInt(':number_of_downloads', $data['number_of_downloads']); $Qdownloadables->bindInt(':number_of_accessible_days', $data['number_of_accessible_days']); $Qdownloadables->setLogging($_SESSION['module'], $products_id); $Qdownloadables->execute(); if ($osC_Database->isError()) { $error = true; } else { $filename = null; $cache_filename = null; $file = new upload('downloadable_file'); if ($file->exists()) { $file->set_destination(realpath('../download')); if ($file->parse() && $file->save()) { $filename = $file->filename; $cache_filename = md5($filename . time()); rename(DIR_FS_DOWNLOAD . $filename, DIR_FS_DOWNLOAD . $cache_filename); } } if (!is_null($filename)) { if (is_numeric($id)) { $Qfile = $osC_Database->query('select cache_filename from :table_products_downloadables where products_id = :products_id'); $Qfile->bindTable(':table_products_downloadables', TABLE_PRODUCTS_DOWNLOADABLES); $Qfile->bindInt(':products_id', $products_id); $Qfile->execute(); if ($Qfile->numberOfRows() > 0) { $file = $Qfile->value('cache_filename'); unlink(DIR_FS_DOWNLOAD . $file); } } $Qupdate = $osC_Database->query('update :table_products_downloadables set filename = :filename, cache_filename = :cache_filename where products_id = :products_id'); $Qupdate->bindTable(':table_products_downloadables', TABLE_PRODUCTS_DOWNLOADABLES); $Qupdate->bindInt(':products_id', $products_id); $Qupdate->bindValue(':filename', $filename); $Qupdate->bindValue(':cache_filename', $cache_filename); $Qupdate->setLogging($_SESSION['module'], $products_id); $Qupdate->execute(); if ($osC_Database->isError()) { $error = true; } } if ($error === false) { $sample_filename = null; $cache_sample_filename = null; $sample_file = new upload('sample_downloadable_file'); if ($sample_file->exists()) { $sample_file->set_destination(realpath('../download')); if ($sample_file->parse() && $sample_file->save()) { $sample_filename = $sample_file->filename; $cache_sample_filename = md5($sample_filename . time()); @rename(DIR_FS_DOWNLOAD . $sample_filename, DIR_FS_DOWNLOAD . $cache_sample_filename); } } if (!is_null($sample_filename) && $error === false) { if (is_numeric($id)) { $Qfile = $osC_Database->query('select cache_sample_filename from :table_products_downloadables where products_id = :products_id'); $Qfile->bindTable(':table_products_downloadables', TABLE_PRODUCTS_DOWNLOADABLES); $Qfile->bindInt(':products_id', $products_id); $Qfile->execute(); if ($Qfile->numberOfRows() > 0) { $file = $Qfile->value('cache_sample_filename'); unlink(DIR_FS_DOWNLOAD . $file); } } $Qfiles = $osC_Database->query('update :table_products_downloadables set sample_filename = :sample_filename, cache_sample_filename = :cache_sample_filename where products_id = :products_id'); $Qfiles->bindTable(':table_products_downloadables', TABLE_PRODUCTS_DOWNLOADABLES); $Qfiles->bindInt(':products_id', $products_id); $Qfiles->bindValue(':sample_filename', $sample_filename); $Qfiles->bindValue(':cache_sample_filename', $cache_sample_filename); $Qfiles->setLogging($_SESSION['module'], $products_id); $Qfiles->execute(); if ($osC_Database->isError()) { $error = true; } } } } } else { if ($data['products_type'] == PRODUCT_TYPE_GIFT_CERTIFICATE) { if (is_numeric($id)) { $Qcertificates = $osC_Database->query('update :table_products_gift_certificates set gift_certificates_type = :gift_certificates_type, gift_certificates_amount_type = :gift_certificates_amount_type, open_amount_max_value = :open_amount_max_value, open_amount_min_value = :open_amount_min_value where products_id = :products_id'); } else { $Qcertificates = $osC_Database->query('insert into :table_products_gift_certificates (products_id, gift_certificates_type, gift_certificates_amount_type, open_amount_max_value, open_amount_min_value) values (:products_id, :gift_certificates_type, :gift_certificates_amount_type, :open_amount_max_value, :open_amount_min_value)'); } $Qcertificates->bindTable(':table_products_gift_certificates', TABLE_PRODUCTS_GIFT_CERTIFICATES); $Qcertificates->bindInt(':products_id', $products_id); $Qcertificates->bindInt(':gift_certificates_type', $data['gift_certificates_type']); $Qcertificates->bindInt(':gift_certificates_amount_type', $data['gift_certificates_amount_type']); $Qcertificates->bindValue(':open_amount_max_value', $data['open_amount_max_value']); $Qcertificates->bindValue(':open_amount_min_value', $data['open_amount_min_value']); $Qcertificates->setLogging($_SESSION['module'], $products_id); $Qcertificates->execute(); if ($osC_Database->isError()) { $error = true; } } } //products_description if ($error === false) { foreach ($osC_Language->getAll() as $l) { if (is_numeric($id)) { $Qpd = $osC_Database->query('update :table_products_description set products_name = :products_name, products_short_description = :products_short_description, products_description = :products_description, products_tags = :products_tags, products_url = :products_url, products_friendly_url = :products_friendly_url, products_page_title = :products_page_title, products_meta_keywords = :products_meta_keywords, products_meta_description = :products_meta_description where products_id = :products_id and language_id = :language_id'); } else { $Qpd = $osC_Database->query('insert into :table_products_description (products_id, language_id, products_name, products_short_description, products_description, products_tags, products_url, products_friendly_url, products_page_title, products_meta_keywords, products_meta_description) values (:products_id, :language_id, :products_name, :products_short_description, :products_description, :products_tags, :products_url, :products_friendly_url, :products_page_title, :products_meta_keywords, :products_meta_description)'); } $Qpd->bindTable(':table_products_description', TABLE_PRODUCTS_DESCRIPTION); $Qpd->bindInt(':products_id', $products_id); $Qpd->bindInt(':language_id', $l['id']); $Qpd->bindValue(':products_name', $data['products_name'][$l['id']]); $Qpd->bindValue(':products_short_description', $data['products_short_description'][$l['id']]); $Qpd->bindValue(':products_description', $data['products_description'][$l['id']]); $Qpd->bindValue(':products_tags', $data['products_tags'][$l['id']]); $Qpd->bindValue(':products_url', $data['products_url'][$l['id']]); $Qpd->bindValue(':products_friendly_url', $data['products_friendly_url'][$l['id']]); $Qpd->bindValue(':products_page_title', $data['products_page_title'][$l['id']]); $Qpd->bindValue(':products_meta_keywords', $data['products_meta_keywords'][$l['id']]); $Qpd->bindValue(':products_meta_description', $data['products_meta_description'][$l['id']]); $Qpd->setLogging($_SESSION['module'], $products_id); $Qpd->execute(); if ($osC_Database->isError()) { $error = true; break; } } } //BEGIN: products images if ($error === false) { $images = array(); $image_path = '../images/products/_upload/' . $osC_Session->getID() . '/'; $osC_DirectoryListing = new osC_DirectoryListing($image_path, true); $osC_DirectoryListing->setIncludeDirectories(false); foreach ($osC_DirectoryListing->getFiles() as $file) { @copy($image_path . $file['name'], '../images/products/originals/' . $file['name']); @unlink($image_path . $file['name']); $images[$file['name']] = -1; } osc_remove($image_path); $default_flag = 1; foreach (array_keys($images) as $image) { $Qimage = $osC_Database->query('insert into :table_products_images (products_id, default_flag, sort_order, date_added) values (:products_id, :default_flag, :sort_order, :date_added)'); $Qimage->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES); $Qimage->bindInt(':products_id', $products_id); $Qimage->bindInt(':default_flag', $default_flag); $Qimage->bindInt(':sort_order', 0); $Qimage->bindRaw(':date_added', 'now()'); $Qimage->execute(); if ($osC_Database->isError()) { $error = true; } else { $image_id = $osC_Database->nextID(); $images[$image] = $image_id; $new_image_name = $products_id . '_' . $image_id . '_' . $image; @rename('../images/products/originals/' . $image, '../images/products/originals/' . $new_image_name); $Qupdate = $osC_Database->query('update :table_products_images set image = :image where id = :id'); $Qupdate->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES); $Qupdate->bindValue(':image', $new_image_name); $Qupdate->bindInt(':id', $image_id); $Qupdate->setLogging($_SESSION['module'], $products_id); $Qupdate->execute(); foreach ($osC_Image->getGroups() as $group) { if ($group['id'] != '1') { $osC_Image->resize($new_image_name, $group['id'], 'products'); } } } $default_flag = 0; } } //END: products images //BEGIN: products variants if ($error === false) { //if edit product, delete variant first if (is_numeric($id)) { $Qvariants = $osC_Database->query('select * from :table_products_variants where products_id = :products_id order by products_variants_id'); $Qvariants->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qvariants->bindInt(':products_id', $_REQUEST['products_id']); $Qvariants->execute(); $records = array(); while ($Qvariants->next()) { $Qentries = $osC_Database->query('select products_variants_id, products_variants_groups_id, products_variants_values_id from :table_products_variants_entries where products_variants_id = :products_variants_id order by products_variants_groups_id, products_variants_values_id'); $Qentries->bindTable(':table_products_variants_entries', TABLE_PRODUCTS_VARIANTS_ENTRIES); $Qentries->bindInt(':products_variants_id', $Qvariants->valueInt('products_variants_id')); $Qentries->execute(); $variants_values = array(); while ($Qentries->next()) { $variants_values[] = $Qentries->valueInt('products_variants_groups_id') . '_' . $Qentries->valueInt('products_variants_values_id'); } $variant = implode('-', $variants_values); if (!isset($data['products_variants_id'][$variant])) { //remove cache file $cache_filename = $Qvariants->value('cache_filename'); if (!empty($cache_filename) && file_exists(DIR_FS_DOWNLOAD . $cache_filename)) { osc_remove(DIR_FS_DOWNLOAD . $cache_filename); } //delete variants $Qdelete = $osC_Database->query('delete from :table_products_variants where products_variants_id = :products_variants_id'); $Qdelete->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qdelete->bindInt(':products_variants_id', $Qvariants->valueInt('products_variants_id')); $Qdelete->execute(); if ($osC_Database->isError()) { $error = true; break; } //delete variants entries if ($error === false) { $Qdelete = $osC_Database->query('delete from :table_products_variants_entries where products_variants_id = :products_variants_id'); $Qdelete->bindTable(':table_products_variants_entries', TABLE_PRODUCTS_VARIANTS_ENTRIES); $Qdelete->bindInt(':products_variants_id', $Qvariants->valueInt('products_variants_id')); $Qdelete->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } } $products_quantity = 0; //insert or update variant if (isset($data['products_variants_id']) && is_array($data['products_variants_id'])) { foreach ($data['products_variants_id'] as $key => $variants_id) { if ($variants_id > 0) { $Qpv = $osC_Database->query('update :table_products_variants set products_price = :products_price, products_sku = :products_sku, products_model = :products_model, products_quantity = :products_quantity, products_weight = :products_weight, products_status = :products_status, products_images_id = :products_images_id, is_default = :is_default where products_variants_id = :products_variants_id'); $Qpv->bindInt(':products_variants_id', $variants_id); } else { $Qpv = $osC_Database->query('insert into :table_products_variants (products_id, products_price, products_sku, products_model, products_quantity, products_weight, products_status, is_default, products_images_id) values (:products_id, :products_price, :products_sku, :products_model, :products_quantity, :products_weight, :products_status, :is_default, :products_images_id)'); $Qpv->bindInt(':products_id', $products_id); } $Qpv->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qpv->bindInt(':is_default', $data['variants_default'][$key]); $Qpv->bindValue(':products_price', $data['variants_price'][$key]); $Qpv->bindValue(':products_sku', $data['variants_sku'][$key]); $Qpv->bindValue(':products_model', $data['variants_model'][$key]); $Qpv->bindValue(':products_quantity', $data['variants_quantity'][$key]); $Qpv->bindValue(':products_weight', $data['variants_weight'][$key]); $Qpv->bindValue(':products_status', $data['variants_status'][$key]); $products_images_id = is_numeric($data['variants_image'][$key]) ? $data['variants_image'][$key] : $images[$data['variants_image'][$key]]; $Qpv->bindInt(':products_images_id', $products_images_id); $Qpv->execute(); if ($osC_Database->isError()) { $error = true; break; } else { if (is_numeric($variants_id) && $variants_id > 0) { $products_variants_id = $variants_id; } else { $products_variants_id = $osC_Database->nextID(); } //downloadable file if ($data['products_type'] == PRODUCT_TYPE_DOWNLOADABLE) { $variants_file = new upload('products_variants_download_' . $key); if ($variants_file->exists()) { //remove old file if (is_numeric($variants_id) && $variants_id > 0) { $Qfile = $osC_Database->query('select cache_filename from :table_products_variants where products_variants_id = :products_variants_id'); $Qfile->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qfile->bindInt(':products_variants_id', $variants_id); $Qfile->execute(); $cache_filename = $Qfile->value('cache_filename'); if (!empty($cache_filename)) { osc_remove(DIR_FS_DOWNLOAD . $cache_filename); } } $variants_file->set_destination(realpath('../download')); if ($variants_file->parse() && $variants_file->save()) { $variants_filename = $variants_file->filename; $cache_variants_filename = md5($variants_filename . time()); @rename(DIR_FS_DOWNLOAD . $variants_filename, DIR_FS_DOWNLOAD . $cache_variants_filename); $Qupdate = $osC_Database->query('update :table_products_variants set filename = :filename, cache_filename = :cache_filename where products_variants_id = :products_variants_id'); $Qupdate->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qupdate->bindInt(':products_variants_id', $products_variants_id); $Qupdate->bindValue(':filename', $variants_filename); $Qupdate->bindValue(':cache_filename', $cache_variants_filename); $Qupdate->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } $products_quantity += $data['variants_quantity'][$key]; } //variant entries if ($error === false && $variants_id == '-1') { $assigned_variants = explode('-', $key); for ($i = 0; $i < sizeof($assigned_variants); $i++) { $assigned_variant = explode('_', $assigned_variants[$i]); $Qpve = $osC_Database->query('insert into :table_products_variants_entries (products_variants_id, products_variants_groups_id, products_variants_values_id) values (:products_variants_id, :products_variants_groups_id, :products_variants_values_id)'); $Qpve->bindTable(':table_products_variants_entries', TABLE_PRODUCTS_VARIANTS_ENTRIES); $Qpve->bindInt(':products_variants_id', $products_variants_id); $Qpve->bindInt(':products_variants_groups_id', $assigned_variant[0]); $Qpve->bindInt(':products_variants_values_id', $assigned_variant[1]); $Qpve->setLogging($_SESSION['module'], $products_id); $Qpve->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } if ($error === false) { $osC_Database->simpleQuery('update ' . TABLE_PRODUCTS . ' set products_quantity = ' . $products_quantity . ' where products_id =' . $products_id); if ($osC_Database->isError()) { $error = true; } } } } //END: products variants //BEGIN: xsell products if ($error === false) { if (is_numeric($id)) { $Qdelete = $osC_Database->query('delete from :table_products_xsell where products_id = :products_id'); $Qdelete->bindTable(':table_products_xsell', TABLE_PRODUCTS_XSELL); $Qdelete->bindInt(':products_id', $id); $Qdelete->setLogging($_SESSION['module'], $id); $Qdelete->execute(); if ($osC_Database->isError()) { $error = true; } } if ($error === false) { if (isset($data['xsell_id_array']) && !empty($data['xsell_id_array'])) { foreach ($data['xsell_id_array'] as $xsell_products_id) { $Qxsell = $osC_Database->query('insert into :table_products_xsell (products_id, xsell_products_id) values (:products_id , :xsell_products_id )'); $Qxsell->bindTable(':table_products_xsell', TABLE_PRODUCTS_XSELL); $Qxsell->bindInt(':products_id', $products_id); $Qxsell->bindInt(':xsell_products_id', $xsell_products_id); $Qxsell->setLogging($_SESSION['module'], $products_id); $Qxsell->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } } //END: xsell products //BEGIN: products attributes if ($error === false) { if (is_numeric($id)) { $Qdelete = $osC_Database->query('delete from :table_products_attributes where products_id = :products_id '); $Qdelete->bindTable(':table_products_attributes', TABLE_PRODUCTS_ATTRIBUTES); $Qdelete->bindInt(':products_id', $id); $Qdelete->setLogging($_SESSION['module'], $id); $Qdelete->execute(); if ($osC_Database->isError()) { $error = true; } } if ($error === false) { if (!empty($data['products_attributes'])) { foreach ($data['products_attributes'] as $attribute) { $Qef = $osC_Database->query('insert into :table_products_attributes (products_id, products_attributes_values_id, language_id, value) values (:products_id , :products_attributes_values_id, :language_id, :value)'); $Qef->bindTable(':table_products_attributes', TABLE_PRODUCTS_ATTRIBUTES); $Qef->bindInt(':products_id', $products_id); $Qef->bindInt(':products_attributes_values_id', $attribute['id']); $Qef->bindInt(':language_id', $attribute['language_id']); $Qef->bindValue(':value', $attribute['value']); $Qef->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } } //END: products attributes //BEGIN: customization fields if ($error === false) { if (is_numeric($id) && isset($data['customization_fields'])) { $ids = array(); foreach ($data['customization_fields'] as $customization) { if ($customization['customizations_fields_id'] > 0) { $ids[] = $customization['customizations_fields_id']; } } $Qcheck = $osC_Database->query('select customization_fields_id from :table_customization_fields where products_id = :products_id'); $Qcheck->bindTable(':table_customization_fields', TABLE_CUSTOMIZATION_FIELDS); $Qcheck->bindInt(':products_id', $products_id); if (sizeof($ids) > 0) { $Qcheck->appendQuery('and customization_fields_id not in (:customization_fields_id)'); $Qcheck->bindRaw(':customization_fields_id', implode(', ', $ids)); } $Qcheck->execute(); //delete customization fields if ($Qcheck->numberOfRows() > 0) { $batch = array(); while ($Qcheck->next()) { $batch[] = $Qcheck->valueInt('customization_fields_id'); } $Qdelete = $osC_Database->query('delete from :table_customization_fields where customization_fields_id in (:customization_fields_id)'); $Qdelete->bindTable(':table_customization_fields', TABLE_CUSTOMIZATION_FIELDS); $Qdelete->bindRaw(':customization_fields_id', implode(', ', $batch)); $Qdelete->setLogging($_SESSION['module'], $products_id); $Qdelete->execute(); if ($osC_Database->isError()) { $error = true; break; } if ($error === false) { $Qdelete = $osC_Database->query('delete from :table_customization_fields_description where customization_fields_id in (:customization_fields_id)'); $Qdelete->bindTable(':table_customization_fields_description', TABLE_CUSTOMIZATION_FIELDS_DESCRIPTION); $Qdelete->bindRaw(':customization_fields_id', implode(', ', $batch)); $Qdelete->setLogging($_SESSION['module'], $products_id); $Qdelete->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } } if ($error === false) { if (isset($data['customization_fields']) && !empty($data['customization_fields'])) { foreach ($data['customization_fields'] as $field) { if ($field['customizations_fields_id'] > 0) { $Qfield = $osC_Database->query('update :table_customization_fields set type = :type, is_required = :is_required where customization_fields_id = :customization_fields_id'); $Qfield->bindInt(':customization_fields_id', $field['customizations_fields_id']); } else { $Qfield = $osC_Database->query('insert into :table_customization_fields (products_id, type, is_required) values (:products_id, :type, :is_required)'); } $Qfield->bindTable(':table_customization_fields', TABLE_CUSTOMIZATION_FIELDS); $Qfield->bindInt(':products_id', $products_id); $Qfield->bindInt(':type', $field['customizations_type']); $Qfield->bindInt(':is_required', $field['customizations_is_required']); $Qfield->execute(); if ($osC_Database->isError()) { $error = true; break; } else { $fields_id = $field['customizations_fields_id'] > 0 ? $field['customizations_fields_id'] : $osC_Database->nextID(); $lan = get_object_vars($field['customizations_name_data']); foreach ($osC_Language->getAll() as $l) { if ($field['customizations_fields_id'] > 0) { $Qdescription = $osC_Database->query('update :table_customization_fields_description set name = :name where customization_fields_id = :customization_fields_id and languages_id = :languages_id'); } else { $Qdescription = $osC_Database->query('insert into :table_customization_fields_description (customization_fields_id, languages_id, name) values (:customization_fields_id, :languages_id, :name)'); } $Qdescription->bindTable(':table_customization_fields_description', TABLE_CUSTOMIZATION_FIELDS_DESCRIPTION); $Qdescription->bindInt(':customization_fields_id', $fields_id); $Qdescription->bindInt(':languages_id', $l['id']); $Qdescription->bindValue(':name', $lan['name' . $l['id']]); $Qdescription->setLogging($_SESSION['module'], $products_id); $Qdescription->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } } } //END: customization fields if ($error === false) { $osC_Database->commitTransaction(); osC_Cache::clear('categories'); osC_Cache::clear('category_tree'); osC_Cache::clear('also_purchased'); osC_Cache::clear('sefu-products'); osC_Cache::clear('new_products'); osC_Cache::clear('feature_products'); return $products_id; } $osC_Database->rollbackTransaction(); return false; }
$sql_data_array = array_merge($sql_data_array, $insert_sql_data); zen_db_perform(TABLE_RECORD_ARTISTS, $sql_data_array); $artists_id = zen_db_insert_id(); } elseif ($action == 'save') { $update_sql_data = array('last_modified' => 'now()'); $sql_data_array = array_merge($sql_data_array, $update_sql_data); zen_db_perform(TABLE_RECORD_ARTISTS, $sql_data_array, 'update', "artists_id = '" . (int) $artists_id . "'"); } if ($_POST['artists_image_manual'] != '') { // add image manually $artists_image_name = zen_db_input($_POST['img_dir'] . $_POST['artists_image_manual']); $db->Execute("update " . TABLE_RECORD_ARTISTS . "\r\n set artists_image = '" . $artists_image_name . "'\r\n where artists_id = '" . (int) $artists_id . "'"); } else { $artists_image = new upload('artists_image'); $artists_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']); if ($artists_image->parse() && $artists_image->save()) { // remove image from database if none if ($artists_image->filename != 'none') { $db->Execute("update " . TABLE_RECORD_ARTISTS . "\r\n set artists_image = '" . zen_db_input($_POST['img_dir'] . $artists_image->filename) . "'\r\n where artists_id = '" . (int) $artists_id . "'"); } else { $db->Execute("update " . TABLE_RECORD_ARTISTS . "\r\n set artists_image = ''\r\n where artists_id = '" . (int) $artists_id . "'"); } } } $languages = zen_get_languages(); for ($i = 0, $n = sizeof($languages); $i < $n; $i++) { $artists_url_array = $_POST['artists_url']; $language_id = $languages[$i]['id']; $sql_data_array = array('artists_url' => zen_db_prepare_input($artists_url_array[$language_id])); if ($action == 'insert') { $insert_sql_data = array('artists_id' => $artists_id, 'languages_id' => $language_id);
function save($id = null, $data) { global $osC_Database, $osC_Language; $category_id = ''; $error = false; $osC_Database->startTransaction(); if (is_numeric($id)) { $Qcat = $osC_Database->query('update :table_categories set categories_status = :categories_status, sort_order = :sort_order, last_modified = now() where categories_id = :categories_id'); $Qcat->bindInt(':categories_id', $id); } else { $Qcat = $osC_Database->query('insert into :table_categories (parent_id, categories_status, sort_order, date_added) values (:parent_id, :categories_status, :sort_order, now())'); $Qcat->bindInt(':parent_id', $data['parent_id']); } $Qcat->bindTable(':table_categories', TABLE_CATEGORIES); $Qcat->bindInt(':sort_order', $data['sort_order']); $Qcat->bindInt(':categories_status', $data['categories_status']); $Qcat->setLogging($_SESSION['module'], $id); $Qcat->execute(); if (!$osC_Database->isError()) { $category_id = is_numeric($id) ? $id : $osC_Database->nextID(); if (is_numeric($id)) { if ($data['categories_status']) { $Qpstatus = $osC_Database->query('update :table_products set products_status = 1 where products_id in (select products_id from :table_products_to_categories where categories_id = :categories_id)'); $Qpstatus->bindTable(':table_products', TABLE_PRODUCTS); $Qpstatus->bindTable(':table_products_to_categories', TABLE_PRODUCTS_TO_CATEGORIES); $Qpstatus->bindInt(":categories_id", $id); $Qpstatus->execute(); } else { if ($data['flag']) { $Qpstatus = $osC_Database->query('update :table_products set products_status = 0 where products_id in (select products_id from :table_products_to_categories where categories_id = :categories_id)'); $Qpstatus->bindTable(':table_products', TABLE_PRODUCTS); $Qpstatus->bindTable(':table_products_to_categories', TABLE_PRODUCTS_TO_CATEGORIES); $Qpstatus->bindInt(":categories_id", $id); $Qpstatus->execute(); } } } if ($osC_Database->isError()) { $error = true; } foreach ($osC_Language->getAll() as $l) { if (is_numeric($id)) { $Qcd = $osC_Database->query('update :table_categories_description set categories_name = :categories_name, categories_url = :categories_url, categories_page_title = :categories_page_title, categories_meta_keywords = :categories_meta_keywords, categories_meta_description = :categories_meta_description where categories_id = :categories_id and language_id = :language_id'); } else { $Qcd = $osC_Database->query('insert into :table_categories_description (categories_id, language_id, categories_name, categories_url, categories_page_title, categories_meta_keywords, categories_meta_description) values (:categories_id, :language_id, :categories_name, :categories_url, :categories_page_title, :categories_meta_keywords, :categories_meta_description)'); } $Qcd->bindTable(':table_categories_description', TABLE_CATEGORIES_DESCRIPTION); $Qcd->bindInt(':categories_id', $category_id); $Qcd->bindInt(':language_id', $l['id']); $Qcd->bindValue(':categories_name', $data['name'][$l['id']]); $Qcd->bindValue(':categories_url', $data['url'][$l['id']] == '' ? $data['name'][$l['id']] : $data['url'][$l['id']]); $Qcd->bindValue(':categories_page_title', $data['page_title'][$l['id']]); $Qcd->bindValue(':categories_meta_keywords', $data['meta_keywords'][$l['id']]); $Qcd->bindValue(':categories_meta_description', $data['meta_description'][$l['id']]); $Qcd->setLogging($_SESSION['module'], $category_id); $Qcd->execute(); if ($osC_Database->isError()) { $error = true; break; } } $Qdelete = $osC_Database->query('delete from :toc_categories_ratings where categories_id = :categories_id'); $Qdelete->bindTable(':toc_categories_ratings', TABLE_CATEGORIES_RATINGS); $Qdelete->bindInt(':categories_id', $category_id); $Qdelete->execute(); if (!empty($data['ratings'])) { $ratings = explode(',', $data['ratings']); foreach ($ratings as $ratings_id) { $Qinsert = $osC_Database->query('insert into :toc_categories_ratings (categories_id, ratings_id) values (:categories_id, :ratings_id)'); $Qinsert->bindTable(':toc_categories_ratings', TABLE_CATEGORIES_RATINGS); $Qinsert->bindInt(':categories_id', $category_id); $Qinsert->bindInt(':ratings_id', $ratings_id); $Qinsert->execute(); if ($osC_Database->isError()) { $error = true; break; } } } if ($error === false) { $categories_image = new upload($data['image'], realpath('../' . DIR_WS_IMAGES . 'categories')); if ($categories_image->exists() && $categories_image->parse() && $categories_image->save()) { $Qimage = $osC_Database->query('select categories_image from :table_categories where categories_id = :categories_id'); $Qimage->bindTable(':table_categories', TABLE_CATEGORIES); $Qimage->bindInt(':categories_id', $category_id); $Qimage->execute(); $old_image = $Qimage->value('categories_image'); if (!empty($old_image)) { $Qcheck = $osC_Database->query('select count(*) as image_count from :table_categories where categories_image = :categories_image'); $Qcheck->bindTable(':table_categories', TABLE_CATEGORIES); $Qcheck->bindValue(':categories_image', $old_image); $Qcheck->execute(); if ($Qcheck->valueInt('image_count') == 1) { $path = realpath('../' . DIR_WS_IMAGES . 'categories') . '/' . $old_image; unlink($path); } } $Qcf = $osC_Database->query('update :table_categories set categories_image = :categories_image where categories_id = :categories_id'); $Qcf->bindTable(':table_categories', TABLE_CATEGORIES); $Qcf->bindValue(':categories_image', $categories_image->filename); $Qcf->bindInt(':categories_id', $category_id); $Qcf->setLogging($_SESSION['module'], $category_id); $Qcf->execute(); if ($osC_Database->isError()) { $error = true; } } } } if ($error === false) { $osC_Database->commitTransaction(); osC_Cache::clear('categories'); osC_Cache::clear('category_tree'); osC_Cache::clear('also_purchased'); return true; } $osC_Database->rollbackTransaction(); return false; }
} if (isset($_POST['action']) && $_POST['action'] == 'add_customers_image' && (isset($_SESSION['formid']) && $_SESSION['formid'] == $_POST['formid'])) { if ($_POST['remove_image'] == 'yes' && isset($_SESSION['customer_id'])) { $customerstable = $oostable['customers']; $query = "SELECT customers_image\n FROM {$customerstable}\n WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'"; $customers_image = $dbconn->GetOne($query); @unlink(OOS_ABSOLUTE_PATH . OOS_IMAGES . OOS_CUSTOMERS_IMAGES . $customers_image); $customerstable = $oostable['customers']; $query = "UPDATE {$customerstable}" . " SET customers_image = ?" . " WHERE customers_id = ?"; $result =& $dbconn->Execute($query, array('', (int) $_SESSION['customer_id'])); } require_once 'includes/classes/class_upload.php'; if (oos_is_not_null($_FILES['id']['tmp_name']) and $_FILES['id']['tmp_name'] != 'none') { $customers_image_file = new upload('id'); $customers_image_file->set_destination(OOS_ABSOLUTE_PATH . OOS_IMAGES . OOS_CUSTOMERS_IMAGES); if ($customers_image_file->parse()) { if (isset($_SESSION['customer_id'])) { $extension = oos_get_extension($_FILES['id']['name']); $picture_tempname = oos_get_random_picture_name(26, $extension); $customers_image_file->set_filename($picture_tempname); $customerstable = $oostable['customers']; $query = "UPDATE {$customerstable}" . " SET customers_image = ?" . " WHERE customers_id = ?"; $result =& $dbconn->Execute($query, array((string) $picture_tempname, (int) $_SESSION['customer_id'])); $customers_image_file->save(); } } } } require 'includes/languages/' . $sLanguage . '/user_customers_image.php'; $customerstable = $oostable['customers']; $address_bookstable = $oostable['address_book'];
public static function save($id = null, $data) { global $osC_Database, $osC_Language, $osC_Image; $error = false; $osC_Database->startTransaction(); if (is_numeric($id)) { $Qproduct = $osC_Database->query('update :table_products set products_quantity = :products_quantity, products_price = :products_price, products_model = :products_model, products_weight = :products_weight, products_weight_class = :products_weight_class, products_status = :products_status, products_tax_class_id = :products_tax_class_id, products_last_modified = now() where products_id = :products_id'); $Qproduct->bindInt(':products_id', $id); } else { $Qproduct = $osC_Database->query('insert into :table_products (products_quantity, products_price, products_model, products_weight, products_weight_class, products_status, products_tax_class_id, products_date_added) values (:products_quantity, :products_price, :products_model, :products_weight, :products_weight_class, :products_status, :products_tax_class_id, :products_date_added)'); $Qproduct->bindRaw(':products_date_added', 'now()'); } $Qproduct->bindTable(':table_products', TABLE_PRODUCTS); $Qproduct->bindInt(':products_quantity', $data['quantity']); $Qproduct->bindFloat(':products_price', $data['price']); $Qproduct->bindValue(':products_model', $data['model']); $Qproduct->bindFloat(':products_weight', $data['weight']); $Qproduct->bindInt(':products_weight_class', $data['weight_class']); $Qproduct->bindInt(':products_status', $data['status']); $Qproduct->bindInt(':products_tax_class_id', $data['tax_class_id']); // $Qproduct->setLogging($_SESSION['module'], $id); $Qproduct->execute(); if ($osC_Database->isError()) { $error = true; } else { if (is_numeric($id)) { $products_id = $id; } else { $products_id = $osC_Database->nextID(); } $Qcategories = $osC_Database->query('delete from :table_products_to_categories where products_id = :products_id'); $Qcategories->bindTable(':table_products_to_categories', TABLE_PRODUCTS_TO_CATEGORIES); $Qcategories->bindInt(':products_id', $products_id); // $Qcategories->setLogging($_SESSION['module'], $products_id); $Qcategories->execute(); if ($osC_Database->isError()) { $error = true; } else { if (isset($data['categories']) && !empty($data['categories'])) { foreach ($data['categories'] as $category_id) { $Qp2c = $osC_Database->query('insert into :table_products_to_categories (products_id, categories_id) values (:products_id, :categories_id)'); $Qp2c->bindTable(':table_products_to_categories', TABLE_PRODUCTS_TO_CATEGORIES); $Qp2c->bindInt(':products_id', $products_id); $Qp2c->bindInt(':categories_id', $category_id); // $Qp2c->setLogging($_SESSION['module'], $products_id); $Qp2c->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } } if ($error === false) { $images = array(); $products_image = new upload('products_image'); $products_image->set_extensions(array('gif', 'jpg', 'jpeg', 'png')); if ($products_image->exists()) { $products_image->set_destination(realpath('../images/products/originals')); if ($products_image->parse() && $products_image->save()) { $images[] = $products_image->filename; } } if (isset($data['localimages'])) { foreach ($data['localimages'] as $image) { $image = basename($image); if (file_exists('../images/products/_upload/' . $image)) { copy('../images/products/_upload/' . $image, '../images/products/originals/' . $image); @unlink('../images/products/_upload/' . $image); $images[] = $image; } } } $default_flag = 1; foreach ($images as $image) { $Qimage = $osC_Database->query('insert into :table_products_images (products_id, image, default_flag, sort_order, date_added) values (:products_id, :image, :default_flag, :sort_order, :date_added)'); $Qimage->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES); $Qimage->bindInt(':products_id', $products_id); $Qimage->bindValue(':image', $image); $Qimage->bindInt(':default_flag', $default_flag); $Qimage->bindInt(':sort_order', 0); $Qimage->bindRaw(':date_added', 'now()'); // $Qimage->setLogging($_SESSION['module'], $products_id); $Qimage->execute(); if ($osC_Database->isError()) { $error = true; } else { foreach ($osC_Image->getGroups() as $group) { if ($group['id'] != '1') { $osC_Image->resize($image, $group['id']); } } } $default_flag = 0; } } if ($error === false) { foreach ($osC_Language->getAll() as $l) { if (is_numeric($id)) { $Qpd = $osC_Database->query('update :table_products_description set products_name = :products_name, products_description = :products_description, products_keyword = :products_keyword, products_tags = :products_tags, products_url = :products_url where products_id = :products_id and language_id = :language_id'); } else { $Qpd = $osC_Database->query('insert into :table_products_description (products_id, language_id, products_name, products_description, products_keyword, products_tags, products_url) values (:products_id, :language_id, :products_name, :products_description, :products_keyword, :products_tags, :products_url)'); } $Qpd->bindTable(':table_products_description', TABLE_PRODUCTS_DESCRIPTION); $Qpd->bindInt(':products_id', $products_id); $Qpd->bindInt(':language_id', $l['id']); $Qpd->bindValue(':products_name', $data['products_name'][$l['id']]); $Qpd->bindValue(':products_description', $data['products_description'][$l['id']]); $Qpd->bindValue(':products_keyword', $data['products_keyword'][$l['id']]); $Qpd->bindValue(':products_tags', $data['products_tags'][$l['id']]); $Qpd->bindValue(':products_url', $data['products_url'][$l['id']]); // $Qpd->setLogging($_SESSION['module'], $products_id); $Qpd->execute(); if ($osC_Database->isError()) { $error = true; break; } } } if ($error === false) { if (isset($data['attributes']) && !empty($data['attributes'])) { foreach ($data['attributes'] as $attributes_id => $value) { if (is_array($value)) { } elseif (!empty($value)) { $Qcheck = $osC_Database->query('select id from :table_product_attributes where products_id = :products_id and id = :id limit 1'); $Qcheck->bindTable(':table_product_attributes', TABLE_PRODUCT_ATTRIBUTES); $Qcheck->bindInt(':products_id', $products_id); $Qcheck->bindInt(':id', $attributes_id); $Qcheck->execute(); if ($Qcheck->numberOfRows() === 1) { $Qattribute = $osC_Database->query('update :table_product_attributes set value = :value where products_id = :products_id and id = :id'); } else { $Qattribute = $osC_Database->query('insert into :table_product_attributes (id, products_id, languages_id, value) values (:id, :products_id, :languages_id, :value)'); $Qattribute->bindInt(':languages_id', 0); } $Qattribute->bindTable(':table_product_attributes', TABLE_PRODUCT_ATTRIBUTES); $Qattribute->bindValue(':value', $value); $Qattribute->bindInt(':products_id', $products_id); $Qattribute->bindInt(':id', $attributes_id); $Qattribute->execute(); if ($osC_Database->isError()) { $error = true; break; } } } } } if ($error === false) { $variants_array = array(); $default_variant_combo = null; if (isset($data['variants_combo']) && !empty($data['variants_combo'])) { foreach ($data['variants_combo'] as $key => $combos) { if (isset($data['variants_combo_db'][$key])) { $Qsubproduct = $osC_Database->query('update :table_products set products_quantity = :products_quantity, products_price = :products_price, products_model = :products_model, products_weight = :products_weight, products_weight_class = :products_weight_class, products_status = :products_status, products_tax_class_id = :products_tax_class_id where products_id = :products_id'); $Qsubproduct->bindInt(':products_id', $data['variants_combo_db'][$key]); } else { $Qsubproduct = $osC_Database->query('insert into :table_products (parent_id, products_quantity, products_price, products_model, products_weight, products_weight_class, products_status, products_tax_class_id, products_date_added) values (:parent_id, :products_quantity, :products_price, :products_model, :products_weight, :products_weight_class, :products_status, :products_tax_class_id, :products_date_added)'); $Qsubproduct->bindInt(':parent_id', $products_id); $Qsubproduct->bindRaw(':products_date_added', 'now()'); } $Qsubproduct->bindTable(':table_products', TABLE_PRODUCTS); $Qsubproduct->bindInt(':products_quantity', $data['variants_quantity'][$key]); $Qsubproduct->bindFloat(':products_price', $data['variants_price'][$key]); $Qsubproduct->bindValue(':products_model', $data['variants_model'][$key]); $Qsubproduct->bindFloat(':products_weight', $data['variants_weight'][$key]); $Qsubproduct->bindInt(':products_weight_class', $data['variants_weight_class'][$key]); $Qsubproduct->bindInt(':products_status', $data['variants_status'][$key]); $Qsubproduct->bindInt(':products_tax_class_id', $data['variants_tax_class_id'][$key]); // $Qsubproduct->setLogging($_SESSION['module'], $id); $Qsubproduct->execute(); if (isset($data['variants_combo_db'][$key])) { $subproduct_id = $data['variants_combo_db'][$key]; } else { $subproduct_id = $osC_Database->nextID(); } if ($data['variants_default_combo'] == $key) { $default_variant_combo = $subproduct_id; } /* if ( $osC_Database->isError() ) { $error = true; break; } */ $combos_array = explode(';', $combos); foreach ($combos_array as $combo) { list($vgroup, $vvalue) = explode('_', $combo); $variants_array[$subproduct_id][] = $vvalue; $check_combos_array[] = $vvalue; $Qcheck = $osC_Database->query('select products_id from :table_products_variants where products_id = :products_id and products_variants_values_id = :products_variants_values_id'); $Qcheck->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qcheck->bindInt(':products_id', $subproduct_id); $Qcheck->bindInt(':products_variants_values_id', $vvalue); $Qcheck->execute(); if ($Qcheck->numberOfRows() < 1) { $Qvcombo = $osC_Database->query('insert into :table_products_variants (products_id, products_variants_values_id) values (:products_id, :products_variants_values_id)'); $Qvcombo->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qvcombo->bindInt(':products_id', $subproduct_id); $Qvcombo->bindInt(':products_variants_values_id', $vvalue); // $Qvcombo->setLogging($_SESSION['module'], $products_id); $Qvcombo->execute(); if ($osC_Database->isError()) { $error = true; break 2; } } } } } if ($error === false) { if (empty($variants_array)) { $Qcheck = $osC_Database->query('select pv.* from :table_products p, :table_products_variants pv where p.parent_id = :parent_id and p.products_id = pv.products_id'); $Qcheck->bindTable(':table_products', TABLE_PRODUCTS); $Qcheck->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qcheck->bindInt(':parent_id', $products_id); $Qcheck->execute(); while ($Qcheck->next()) { $Qdel = $osC_Database->query('delete from :table_products_variants where products_id = :products_id'); $Qdel->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qdel->bindInt(':products_id', $Qcheck->valueInt('products_id')); $Qdel->execute(); $Qdel = $osC_Database->query('delete from :table_products where products_id = :products_id'); $Qdel->bindTable(':table_products', TABLE_PRODUCTS); $Qdel->bindInt(':products_id', $Qcheck->valueInt('products_id')); $Qdel->execute(); } } else { $Qcheck = $osC_Database->query('select pv.* from :table_products p, :table_products_variants pv where p.parent_id = :parent_id and p.products_id = pv.products_id and pv.products_id not in (":products_id")'); $Qcheck->bindTable(':table_products', TABLE_PRODUCTS); $Qcheck->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qcheck->bindInt(':parent_id', $products_id); $Qcheck->bindRaw(':products_id', implode('", "', array_keys($variants_array))); $Qcheck->execute(); while ($Qcheck->next()) { $Qdel = $osC_Database->query('delete from :table_products_variants where products_id = :products_id and products_variants_values_id = :products_variants_values_id'); $Qdel->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qdel->bindInt(':products_id', $Qcheck->valueInt('products_id')); $Qdel->bindInt(':products_variants_values_id', $Qcheck->valueInt('products_variants_values_id')); $Qdel->execute(); $Qdel = $osC_Database->query('delete from :table_products where products_id = :products_id'); $Qdel->bindTable(':table_products', TABLE_PRODUCTS); $Qdel->bindInt(':products_id', $Qcheck->valueInt('products_id')); $Qdel->execute(); } foreach ($variants_array as $key => $values) { $Qdel = $osC_Database->query('delete from :table_products_variants where products_id = :products_id and products_variants_values_id not in (":products_variants_values_id")'); $Qdel->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qdel->bindInt(':products_id', $key); $Qdel->bindRaw(':products_variants_values_id', implode('", "', $values)); $Qdel->execute(); } } } $Qupdate = $osC_Database->query('update :table_products set has_children = :has_children where products_id = :products_id'); $Qupdate->bindTable(':table_products', TABLE_PRODUCTS); $Qupdate->bindInt(':has_children', empty($variants_array) ? 0 : 1); $Qupdate->bindInt(':products_id', $products_id); $Qupdate->execute(); } if ($error === false) { $Qupdate = $osC_Database->query('update :table_products_variants set default_combo = :default_combo where products_id in (":products_id")'); $Qupdate->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qupdate->bindInt(':default_combo', 0); $Qupdate->bindRaw(':products_id', implode('", "', array_keys($variants_array))); $Qupdate->execute(); if (is_numeric($default_variant_combo)) { $Qupdate = $osC_Database->query('update :table_products_variants set default_combo = :default_combo where products_id = :products_id'); $Qupdate->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS); $Qupdate->bindInt(':default_combo', 1); $Qupdate->bindInt(':products_id', $default_variant_combo); $Qupdate->execute(); } } if ($error === false) { $osC_Database->commitTransaction(); osC_Cache::clear('categories'); osC_Cache::clear('category_tree'); osC_Cache::clear('also_purchased'); return true; } $osC_Database->rollbackTransaction(); return false; }
function uploadLanguage() { global $toC_Json, $osC_Language, $osC_Currencies; $osC_Currencies = new osC_Currencies(); $error = false; $feedback = array(); $language = $_FILES['upload_file']; $tmp_path = DIR_FS_CACHE . 'languages/' . time(); if (!is_dir(DIR_FS_CACHE . 'languages')) { if (!mkdir(DIR_FS_CACHE . 'languages', 0777)) { $error = true; } } if ($error === false && mkdir($tmp_path, 0777)) { $temp_file = new upload($language, $tmp_path); if ($temp_file->exists() && $temp_file->parse() && $temp_file->save()) { require_once '../ext/zip/pclzip.lib.php'; $archive = new PclZip($tmp_path . '/' . $temp_file->filename); if ($archive->extract(PCLZIP_OPT_PATH, $tmp_path) == 0) { $error = true; $feedback[] = $osC_Language->get('ms_error_wrong_zip_file_format'); } } else { $error = true; $feedback[] = $osC_Language->get('ms_error_save_file_failed'); } } else { $error = true; $feedback[] = sprintf($osC_Language->get('ms_error_creating_directory_failed'), DIR_FS_CACHE); } if ($error === false) { $osC_DirectoryListing = new osC_DirectoryListing($tmp_path); $osC_DirectoryListing->setIncludeDirectories(true); $osC_DirectoryListing->setIncludeFiles(false); $files = $osC_DirectoryListing->getFiles(); $code = null; foreach ($files as $file) { if (is_dir($tmp_path . '/' . $file['name'] . '/includes') && is_dir($tmp_path . '/' . $file['name'] . '/' . DIR_FS_ADMIN) && is_dir($tmp_path . '/' . $file['name'] . '/install')) { $code = $file['name']; break; } } if ($code != null) { toc_dircopy($tmp_path . '/' . $code . "/includes/languages", DIR_FS_CATALOG . 'includes/languages'); toc_dircopy($tmp_path . '/' . $code . "/" . DIR_FS_ADMIN . "includes/languages", DIR_FS_CATALOG . DIR_FS_ADMIN . 'includes/languages'); toc_dircopy($tmp_path . '/' . $code . "/install/includes/languages", DIR_FS_CATALOG . 'install/includes/languages'); toc_dircopy($tmp_path . '/' . $code . "/install/templates", DIR_FS_CATALOG . 'install/templates'); osc_remove($tmp_path); } else { $error = true; $feedback[] = $osC_Language->get('ms_error_wrong_language_package'); } } if ($error === false) { if (osC_Language_Admin::import($code, 'replace')) { $response = array('success' => true, 'feedback' => $osC_Language->get('ms_success_action_performed')); } else { $response = array('success' => false, 'feedback' => $osC_Language->get('ms_error_action_not_performed')); } } else { $response = array('success' => false, 'feedback' => $osC_Language->get('ms_error_action_not_performed') . '<br />' . implode('<br />', $feedback)); } header('Content-Type: text/html'); echo $toC_Json->encode($response); }
function _upload_new_template(&$result) { global $osC_Language, $osC_Database; $template_file = new upload('template_file', realpath('../templates'), '777', 'zip'); if ($template_file->exists()) { if ($template_file->parse() && $template_file->save()) { $module_name = substr($template_file->filename, 0, strpos($template_file->filename, '.')); $directory = realpath('../templates') . '/' . $module_name; if (is_dir($directory)) { $result[] = $osC_Language->get('ms_error_template_directory_exist'); osc_remove(realpath('../templates') . '/' . $template_file->filename); return false; } require_once '../ext/zip/pclzip.lib.php'; $archive = new PclZip(realpath('../templates') . '/' . $template_file->filename); if ($archive->extract(PCLZIP_OPT_PATH, realpath('../templates')) == 0) { return false; } osc_remove(realpath('../templates') . '/' . $template_file->filename); if (file_exists('../templates/' . $module_name . '/template.php')) { include '../templates/' . $module_name . '/template.php'; $class = 'osC_Template_' . $module_name; if (!class_exists($class)) { $result[] = $osC_Language->get('ms_error_template_class_not_exist'); osc_remove(realpath('../templates') . '/' . $module_name); return false; } $module = new $class(); $Qtemplate = $osC_Database->query('select id from :table_templates where code = :code'); $Qtemplate->bindTable(':table_templates', TABLE_TEMPLATES); $Qtemplate->bindvalue(':code', $module->_code); $Qtemplate->execute(); if ($Qtemplate->numberOfRows() > 0) { $result[] = $osC_Language->get('ms_error_template_code_exist'); osc_remove(realpath('../templates') . '/' . $module_name); return false; } return true; } else { $result[] = $osC_Language->get('ms_error_template_file_not_exist'); osc_remove(realpath('../templates') . '/' . $module_name); return false; } } else { $result[] = $osC_Language->get('ms_error_wrong_zip_file'); osc_remove(realpath('../templates') . '/' . $template_file->filename); } } return false; }
function save($id, $data) { global $osC_Database, $osC_Language; $error = false; if ($data['attachments_file']) { $file = new upload($data['attachments_file']); if ($file->exists()) { //remove old attachment file if (is_numeric($id)) { $Qfile = $osC_Database->query('select cache_filename from :table_products_attachments where attachments_id = :id'); $Qfile->bindTable(':table_products_attachments', TABLE_PRODUCTS_ATTACHMENTS); $Qfile->bindInt(':id', $id); $Qfile->execute(); if ($Qfile->numberOfRows() == 1) { @unlink(DIR_FS_CACHE . '/products_attachments/' . $Qfile->value('cache_filename')); } } $file->set_destination(realpath(DIR_FS_CACHE . '/products_attachments')); if ($file->parse() && $file->save()) { $filename = $file->filename; $cache_filename = md5($filename . time()); @rename(DIR_FS_CACHE . 'products_attachments/' . $file->filename, DIR_FS_CACHE . '/products_attachments/' . $cache_filename); if (is_numeric($id)) { $Qattachment = $osC_Database->query('update :table_products_attachments set filename = :filename , cache_filename = :cache_filename where attachments_id = :id'); $Qattachment->bindTable(':table_products_attachments', TABLE_PRODUCTS_ATTACHMENTS); $Qattachment->bindInt(':id', $id); } else { $Qattachment = $osC_Database->query('insert into :table_products_attachments (filename, cache_filename) values (:filename, :cache_filename)'); $Qattachment->bindTable(':table_products_attachments', TABLE_PRODUCTS_ATTACHMENTS); } $Qattachment->bindValue(':filename', $filename); $Qattachment->bindValue(':cache_filename', $cache_filename); $Qattachment->setLogging($_SESSION['module'], $id); $Qattachment->execute(); if ($osC_Database->isError()) { $error = true; } } } } if ($error === false) { $attachments_id = is_numeric($id) ? $id : $osC_Database->nextID(); foreach ($osC_Language->getAll() as $l) { if (is_numeric($id)) { $Qad = $osC_Database->query('update :table_products_attachments_description set attachments_name = :attachments_name, attachments_description = :attachments_description where attachments_id = :id and languages_id = :language_id'); } else { $Qad = $osC_Database->query('insert into :table_products_attachments_description (attachments_id, languages_id, attachments_name, attachments_description) values (:id, :language_id, :attachments_name, :attachments_description)'); } $Qad->bindTable(':table_products_attachments_description', TABLE_PRODUCTS_ATTACHMENTS_DESCRIPTION); $Qad->bindInt(':id', $attachments_id); $Qad->bindInt(':language_id', $l['id']); $Qad->bindValue(':attachments_name', $data['attachments_name'][$l['id']]); $Qad->bindValue(':attachments_description', $data['attachments_description'][$l['id']]); $Qad->setLogging($_SESSION['module'], $attachments_id); $Qad->execute(); if ($osC_Database->isError()) { $error = true; break; } } } else { $error = true; } if ($error === false) { $osC_Database->commitTransaction(); return true; } $osC_Database->rollbackTransaction(); return false; }
} else { $products_image_sm_6 = new upload('products_image_sm_6'); $products_image_sm_6->set_destination(DIR_FS_CATALOG_IMAGES); if ($products_image_sm_6->parse() && $products_image_sm_6->save()) { $products_image_sm_6_name = $products_image_sm_6->filename; } else { $products_image_sm_6_name = isset($_POST['products_previous_image_sm_6']) ? $_POST['products_previous_image_sm_6'] : ''; } } if ($_POST['unlink_image_xl_6'] == 'yes' or $_POST['delete_image_xl_6'] == 'yes') { $products_image_xl_6 = ''; $products_image_xl_6_name = ''; } else { $products_image_xl_6 = new upload('products_image_xl_6'); $products_image_xl_6->set_destination(DIR_FS_CATALOG_IMAGES); if ($products_image_xl_6->parse() && $products_image_xl_6->save()) { $products_image_xl_6_name = $products_image_xl_6->filename; } else { $products_image_xl_6_name = isset($_POST['products_previous_image_xl_6']) ? $_POST['products_previous_image_xl_6'] : ''; } } break; // EOF MaxiDVD: Modified For Ultimate Images Pack! } } // check if the catalog image directory exists if (is_dir(DIR_FS_CATALOG_IMAGES)) { if (!is_writeable(DIR_FS_CATALOG_IMAGES)) { $messageStack->add(ERROR_CATALOG_IMAGE_DIRECTORY_NOT_WRITEABLE, 'error'); } } else {
case 'add_product': // customer adds a product from the products page if (isset($_POST['products_id']) && is_numeric($_POST['products_id'])) { if (isset($_POST['edit_product'])) { $_SESSION['cart']->remove($_POST['edit_product']); } $real_ids = $_POST['id']; // File_upload if (isset($_POST['number_of_uploads']) && is_numeric($_POST['number_of_uploads']) && $_POST['number_of_uploads'] > 0) { require_once 'includes/classes/class_upload.php'; for ($i = 1; $i <= $_POST['number_of_uploads']; $i++) { if (oos_is_not_null($_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]]) and $_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] != 'none') { $products_options_file = new upload('id'); $products_options_file->set_destination(OOS_UPLOADS); $files_uploadedtable = $oostable['files_uploaded']; if ($products_options_file->parse(TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i])) { if (isset($_SESSION['customer_id'])) { $dbconn->Execute("INSERT INTO " . $files_uploadedtable . " (sesskey, customers_id, files_uploaded_name) VALUES ('" . oos_session_id() . "', '" . intval($_SESSION['customer_id']) . "', '" . oos_db_input($products_options_file->filename) . "')"); } else { $dbconn->Execute("INSERT INTO " . $files_uploadedtable . " (sesskey, files_uploaded_name) VALUES ('" . oos_session_id() . "', '" . oos_db_input($products_options_file->filename) . "')"); } $insert_id = $dbconn->Insert_ID(); $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $insert_id . ". " . $products_options_file->filename; $products_options_file->set_filename("{$insert_id}" . $products_options_file->filename); if (!$products_options_file->save()) { break 2; } } else { break 2; } } else {
break; case 'zip': $restore_from = substr($restore_file, 0, -4); exec(LOCAL_EXE_UNZIP . ' ' . $restore_file . ' -d ' . DIR_FS_BACKUP); $remove_raw = true; } if (isset($restore_from) && file_exists($restore_from) && filesize($restore_from) > 15000) { $fd = fopen($restore_from, 'rb'); $restore_query = fread($fd, filesize($restore_from)); fclose($fd); } } } } elseif ($action == 'restorelocalnow') { $sql_file = new upload('sql_file'); if ($sql_file->parse() == true) { $restore_query = fread(fopen($sql_file->tmp_filename, 'r'), filesize($sql_file->tmp_filename)); $read_from = $sql_file->filename; } } if (isset($restore_query)) { $sql_array = array(); $sql_length = strlen($restore_query); $pos = strpos($restore_query, ';'); for ($i = $pos; $i < $sql_length; $i++) { if ($restore_query[0] == '#') { $restore_query = ltrim(substr($restore_query, strpos($restore_query, "\n"))); $sql_length = strlen($restore_query); $i = strpos($restore_query, ';') - 1; continue; }
$attributes_price_letters_free = zen_db_prepare_input($_POST['attributes_price_letters_free']); $attributes_required = zen_db_prepare_input($_POST['attributes_required']); $attribute_id = zen_db_prepare_input($_POST['attribute_id']); // edit // attributes images // when set to none remove from database if (isset($_POST['attributes_image']) && zen_not_null($_POST['attributes_image']) && $_POST['attributes_image'] != 'none') { $attributes_image = zen_db_prepare_input($_POST['attributes_image']); $attributes_image_none = false; } else { $attributes_image = ''; $attributes_image_none = true; } $attributes_image = new upload('attributes_image'); $attributes_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']); if ($attributes_image->parse() && $attributes_image->save($_POST['overwrite'])) { $attributes_image_name = $attributes_image->filename != 'none' ? $_POST['img_dir'] . $attributes_image->filename : ''; } else { $attributes_image_name = (isset($_POST['attributes_previous_image']) and $_POST['attributes_image'] != 'none') ? $_POST['attributes_previous_image'] : ''; } if ($_POST['image_delete'] == 1) { $attributes_image_name = ''; } // turned off until working $db->Execute("update " . TABLE_PRODUCTS_ATTRIBUTES . "\n set attributes_image = '" . zen_db_input($attributes_image_name) . "'\n where products_attributes_id = '" . (int) $attribute_id . "'"); $db->Execute("update " . TABLE_PRODUCTS_ATTRIBUTES . "\n set products_id = '" . (int) $products_id . "',\n options_id = '" . (int) $options_id . "',\n options_values_id = '" . (int) $values_id . "',\n options_values_price = '" . zen_db_input($value_price) . "',\n price_prefix = '" . zen_db_input($price_prefix) . "',\n products_options_sort_order = '" . zen_db_input($products_options_sort_order) . "',\n product_attribute_is_free = '" . zen_db_input($product_attribute_is_free) . "',\n products_attributes_weight = '" . zen_db_input($products_attributes_weight) . "',\n products_attributes_weight_prefix = '" . zen_db_input($products_attributes_weight_prefix) . "',\n attributes_display_only = '" . zen_db_input($attributes_display_only) . "',\n attributes_default = '" . zen_db_input($attributes_default) . "',\n attributes_discounted = '" . zen_db_input($attributes_discounted) . "',\n attributes_price_base_included = '" . zen_db_input($attributes_price_base_included) . "',\n attributes_price_onetime = '" . zen_db_input($attributes_price_onetime) . "',\n attributes_price_factor = '" . zen_db_input($attributes_price_factor) . "',\n attributes_price_factor_offset = '" . zen_db_input($attributes_price_factor_offset) . "',\n attributes_price_factor_onetime = '" . zen_db_input($attributes_price_factor_onetime) . "',\n attributes_price_factor_onetime_offset = '" . zen_db_input($attributes_price_factor_onetime_offset) . "',\n attributes_qty_prices = '" . zen_db_input($attributes_qty_prices) . "',\n attributes_qty_prices_onetime = '" . zen_db_input($attributes_qty_prices_onetime) . "',\n attributes_price_words = '" . zen_db_input($attributes_price_words) . "',\n attributes_price_words_free = '" . zen_db_input($attributes_price_words_free) . "',\n attributes_price_letters = '" . zen_db_input($attributes_price_letters) . "',\n attributes_price_letters_free = '" . zen_db_input($attributes_price_letters_free) . "',\n attributes_required = '" . zen_db_input($attributes_required) . "'\n where products_attributes_id = '" . (int) $attribute_id . "'"); if (DOWNLOAD_ENABLED == 'true') { $products_attributes_filename = zen_db_prepare_input($_POST['products_attributes_filename']); $products_attributes_maxdays = zen_db_prepare_input($_POST['products_attributes_maxdays']); $products_attributes_maxcount = zen_db_prepare_input($_POST['products_attributes_maxcount']); if (zen_not_null($products_attributes_filename)) {
function uploadImage() { global $toC_Json, $osC_Database, $osC_Session; $osC_Image = new osC_Image_Admin(); if (is_array($_FILES)) { $products_image = array_keys($_FILES); $products_image = $products_image[0]; } $products_image = new upload($products_image); if (isset($_REQUEST['products_id']) && $_REQUEST['products_id'] > 0) { if ($products_image->exists()) { $image_path = '../images/products/originals/'; $products_image->set_destination($image_path); if ($products_image->parse() && $products_image->save()) { $default_flag = 1; $Qcheck = $osC_Database->query('select id from :table_products_images where products_id = :products_id and default_flag = :default_flag limit 1'); $Qcheck->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES); $Qcheck->bindInt(':products_id', $_REQUEST['products_id']); $Qcheck->bindInt(':default_flag', 1); $Qcheck->execute(); if ($Qcheck->numberOfRows() === 1) { $default_flag = 0; } $Qimage = $osC_Database->query('insert into :table_products_images (products_id, image, default_flag, sort_order, date_added) values (:products_id, :image, :default_flag, :sort_order, :date_added)'); $Qimage->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES); $Qimage->bindInt(':products_id', $_REQUEST['products_id']); $Qimage->bindValue(':image', $products_image->filename); $Qimage->bindInt(':default_flag', $default_flag); $Qimage->bindInt(':sort_order', 0); $Qimage->bindRaw(':date_added', 'now()'); $Qimage->execute(); if (!$osC_Database->isError()) { $image_id = $osC_Database->nextID(); $new_image_name = $_REQUEST['products_id'] . '_' . $image_id . '_' . $products_image->filename; @rename($image_path . $products_image->filename, $image_path . $new_image_name); $Qupdate = $osC_Database->query('update :table_products_images set image = :image where id = :id'); $Qupdate->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES); $Qupdate->bindValue(':image', $new_image_name); $Qupdate->bindInt(':id', $image_id); $Qupdate->execute(); } foreach ($osC_Image->getGroups() as $group) { if ($group['id'] != '1') { $osC_Image->resize($new_image_name, $group['id']); } } } } } else { $image_path = '../images/products/_upload/' . $osC_Session->getID() . '/'; toc_mkdir($image_path); if ($products_image->exists()) { $products_image->set_destination($image_path); $products_image->parse(); $products_image->save(); } } header('Content-Type: text/html'); $response['success'] = true; $response['feedback'] = $osC_Language->get('ms_success_action_performed'); echo $toC_Json->encode($response); }
$banners_on_ssl = zen_db_prepare_input($_POST['banners_on_ssl']); $banners_sort_order = zen_db_prepare_input($_POST['banners_sort_order']); $banner_error = false; if (empty($banners_title)) { $messageStack->add(ERROR_BANNER_TITLE_REQUIRED, 'error'); $banner_error = true; } if (empty($banners_group)) { $messageStack->add(ERROR_BANNER_GROUP_REQUIRED, 'error'); $banner_error = true; } if (empty($banners_html_text)) { if (empty($banners_image_local)) { $banners_image = new upload('banners_image'); $banners_image->set_destination(DIR_FS_CATALOG_IMAGES . $banners_image_target); if ($banners_image->parse() == false || $banners_image->save() == false) { $messageStack->add(ERROR_BANNER_IMAGE_REQUIRED, 'error'); $banner_error = true; } } } if ($banner_error == false) { $db_image_location = zen_not_null($banners_image_local) ? $banners_image_local : $banners_image_target . $banners_image->filename; $sql_data_array = array('banners_title' => $banners_title, 'banners_url' => $banners_url, 'banners_image' => $db_image_location, 'banners_group' => $banners_group, 'banners_html_text' => $banners_html_text, 'status' => $status, 'banners_open_new_windows' => $banners_open_new_windows, 'banners_on_ssl' => $banners_on_ssl, 'banners_sort_order' => (int) $banners_sort_order); if ($action == 'insert') { $insert_sql_data = array('date_added' => 'now()', 'status' => '1'); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); zen_db_perform(TABLE_BANNERS, $sql_data_array); $banners_id = zen_db_insert_id(); $messageStack->add_session(SUCCESS_BANNER_INSERTED, 'success'); } elseif ($action == 'update') {
$error = true; $messageStack->add('submit_link', ENTRY_LINKS_RECIPROCAL_URL_ERROR); } } if ($error == false) { // default values $links_date_added = 'now()'; $links_status = '0'; // Pending approval $sql_data_array = array('links_url' => $links_url, 'links_contact_name' => $links_contact_name, 'links_contact_email' => $links_contact_email, 'links_reciprocal_url' => $links_reciprocal_url, 'links_date_added' => $links_date_added, 'links_status' => $links_status); zen_db_perform(TABLE_LINKS, $sql_data_array); $links_id = zen_db_insert_id(); // Upload an image when form field is filled in by user if ($links_image = new upload('links_image_url')) { $links_image->set_destination(DIR_WS_IMAGES . LINK_IMAGE_DIRECTORY); if ($links_image->parse() && $links_image->save()) { $links_image_name = LINK_IMAGE_DIRECTORY . $links_image->filename; } if ($links_image->filename != '') { $db->Execute("update " . TABLE_LINKS . "\n set links_image_url = '" . $links_image_name . "'\n where links_id = '" . (int) $links_id . "'"); } else { // Use default image if form field is left blank $links_image_name = LINK_IMAGE_DIRECTORY . DEFAULT_LINK_IMAGE; $db->Execute("update " . TABLE_LINKS . "\n set links_image_url = '" . $links_image_name . "'\n where links_id = '" . (int) $links_id . "'"); $messageStack->add_session('header', WARNING_DEFAULT_FILE_UPLOADED, 'success'); } } $categories = $db->Execute("select link_categories_id from " . TABLE_LINK_CATEGORIES_DESCRIPTION . " where link_categories_name = '" . $links_category . "' and language_id = '" . (int) $_SESSION['languages_id'] . "' "); $link_categories_id = $categories->fields['link_categories_id']; $db->Execute("insert into " . TABLE_LINKS_TO_LINK_CATEGORIES . " (links_id, link_categories_id) values ('" . (int) $links_id . "', '" . (int) $link_categories_id . "')"); $language_id = (int) $_SESSION['languages_id'];
function save($id = null, $data) { global $osC_Database; $error = false; $image_location = ''; if ($data['banner_type'] == 'image') { $image = null; $old_image = null; $new_image = false; if (is_numeric($id)) { $Qimage = $osC_Database->query('select banners_image from :table_banners where banners_id = :banners_id'); $Qimage->bindTable(':table_banners', TABLE_BANNERS); $Qimage->bindInt(':banners_id', $id); $Qimage->execute(); $old_image = $Qimage->value('banners_image'); } if (!empty($data['image'])) { $image = new upload($data['image'], realpath('../images/')); if ($image->exists() && $image->parse() && $image->save()) { $new_image = true; } } if ($new_image === true) { $image_location = $image->filename; if (!empty($old_image) && is_file('../images/' . $old_image) && is_writeable('../images/' . $old_image)) { @unlink('../images/' . $old_image); } } else { if ($new_image === false && !empty($old_image)) { $image_location = $old_image; } else { $error = true; } } } if (is_numeric($id)) { if ($new_image == true && !empty($old_image) || $data['banner_type'] == 'text' && !empty($old_image)) { $Qimage = $osC_Database->query('select count(*) as image_count from :table_banners where banners_image = :banners_image and banners_id <> :banners_id'); $Qimage->bindTable(':table_banners', TABLE_BANNERS); $Qimage->bindInt(':banners_id', $id); $Qimage->bindValue(':banners_image', $old_image); $Qimage->execute(); if ($Qimage->value('image_count') == 0) { if (!empty($old_image) && is_file('../images/' . $old_image) && is_writeable('../images/' . $old_image)) { @unlink('../images/' . $old_image); } } } } if ($error === false) { if (is_numeric($id)) { $Qbanner = $osC_Database->query('update :table_banners set banners_title = :banners_title, banners_url = :banners_url, banners_image = :banners_image, banners_group = :banners_group, banners_html_text = :banners_html_text, expires_date = :expires_date, expires_impressions = :expires_impressions, date_scheduled = :date_scheduled, status = :status where banners_id = :banners_id'); $Qbanner->bindInt(':banners_id', $id); } else { $Qbanner = $osC_Database->query('insert into :table_banners (banners_title, banners_url, banners_image, banners_group, banners_html_text, expires_date, expires_impressions, date_scheduled, status, date_added) values (:banners_title, :banners_url, :banners_image, :banners_group, :banners_html_text, :expires_date, :expires_impressions, :date_scheduled, :status, now())'); } $Qbanner->bindTable(':table_banners', TABLE_BANNERS); $Qbanner->bindValue(':banners_title', $data['title']); $Qbanner->bindValue(':banners_url', $data['url']); $Qbanner->bindValue(':banners_image', $image_location); $Qbanner->bindValue(':banners_group', !empty($data['group_new']) ? $data['group_new'] : $data['group']); $Qbanner->bindValue(':banners_html_text', $data['html_text']); if (empty($data['date_expires'])) { $Qbanner->bindRaw(':expires_date', 'null'); $Qbanner->bindInt(':expires_impressions', $data['expires_impressions']); } else { $Qbanner->bindValue(':expires_date', $data['date_expires']); $Qbanner->bindInt(':expires_impressions', 0); } if (empty($data['date_scheduled'])) { $Qbanner->bindRaw(':date_scheduled', 'null'); $Qbanner->bindInt(':status', $data['status'] === true ? 1 : 0); } else { $Qbanner->bindValue(':date_scheduled', $data['date_scheduled']); $Qbanner->bindInt(':status', $data['date_scheduled'] > date('Y-m-d') ? 0 : ($data['status'] === true ? 1 : 0)); } $Qbanner->setLogging($_SESSION['module'], $id); $Qbanner->execute(); if (!$osC_Database->isError()) { return true; } } return false; }
http://www.oscommerce.com Copyright (c) 2010 osCommerce Released under the GNU General Public License */ require 'includes/application_top.php'; $action = isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''; if (tep_not_null($action)) { switch ($action) { case 'save': $error = false; $store_logo = new upload('store_logo'); $store_logo->set_extensions('png'); $store_logo->set_destination(DIR_FS_CATALOG_IMAGES); if ($store_logo->parse()) { $store_logo->set_filename('store_logo.png'); if ($store_logo->save()) { $messageStack->add_session(SUCCESS_LOGO_UPDATED, 'success'); } else { $error = true; } } else { $error = true; } if ($error == false) { tep_redirect(tep_href_link(FILENAME_STORE_LOGO)); } break; } }
if ($action == 'insert_category') { $insert_sql_data = array('categories_id' => $categories_id, 'language_id' => $languages[$i]['id']); $sql_data_array = array_merge($sql_data_array, $insert_sql_data); zen_db_perform(TABLE_CATEGORIES_DESCRIPTION, $sql_data_array); } elseif ($action == 'update_category') { zen_db_perform(TABLE_CATEGORIES_DESCRIPTION, $sql_data_array, 'update', "categories_id = '" . (int) $categories_id . "' and language_id = '" . (int) $languages[$i]['id'] . "'"); } } if ($_POST['categories_image_manual'] != '') { // add image manually $categories_image_name = $_POST['img_dir'] . $_POST['categories_image_manual']; $db->Execute("update " . TABLE_CATEGORIES . "\n set categories_image = '" . $categories_image_name . "'\n where categories_id = '" . (int) $categories_id . "'"); } else { if ($categories_image = new upload('categories_image')) { $categories_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']); if ($categories_image->parse() && $categories_image->save()) { $categories_image_name = $_POST['img_dir'] . $categories_image->filename; } if ($categories_image->filename != 'none' && $categories_image->filename != '' && $_POST['image_delete'] != 1) { // save filename when not set to none and not blank $db->Execute("update " . TABLE_CATEGORIES . "\n set categories_image = '" . $categories_image_name . "'\n where categories_id = '" . (int) $categories_id . "'"); } else { // remove filename when set to none and not blank if ($categories_image->filename != '' || $_POST['image_delete'] == 1) { $db->Execute("update " . TABLE_CATEGORIES . "\n set categories_image = ''\n where categories_id = '" . (int) $categories_id . "'"); } } } } zen_redirect(zen_href_link(FILENAME_CATEGORIES, 'cPath=' . $cPath . '&cID=' . $categories_id)); break;
$delete_query = "delete from " . TABLE_MEDIA_CLIPS . " where clip_id = '" . $_GET['clip_id'] . "'"; $db->Execute($delete_query); zen_redirect(zen_href_link(FILENAME_MEDIA_MANAGER, 'action=edit&page=' . $_GET['page'])); break; case 'insert': case 'save': if (isset($_POST['add_clip'])) { $clip_name = $_FILES['clip_filename']; $clip_name = zen_db_prepare_input($clip_name['name']); if ($clip_name) { $media_type = $_POST['media_type']; $ext = $db->Execute("select type_ext from " . TABLE_MEDIA_TYPES . " where type_id = '" . $_POST['media_type'] . "'"); if (ereg($ext->fields['type_ext'], $clip_name)) { if ($media_upload = new upload('clip_filename')) { $media_upload->set_destination(DIR_FS_CATALOG_MEDIA . $_POST['media_dir']); if ($media_upload->parse() && $media_upload->save()) { $media_upload_filename = $_POST['media_dir'] . $media_upload->filename; } if ($media_upload->filename != 'none' && $media_upload->filename != '' && is_writable(DIR_FS_CATALOG_MEDIA . $_POST['media_dir'])) { $db->Execute("insert into " . TABLE_MEDIA_CLIPS . "\n (media_id, clip_type, clip_filename, date_added) values (\n '" . $_GET['mID'] . "',\n '" . $media_type . "',\n '" . $media_upload_filename . "', now())"); } } } } } if (isset($_GET['mID'])) { $media_id = zen_db_prepare_input($_GET['mID']); } $media_name = zen_db_prepare_input($_POST['media_name']); $sql_data_array = array('media_name' => $media_name); if ($media_name == '') {