function save($id = null, $data)
{
global $osC_Database, $osC_Language, $osC_Image;
if (is_numeric($id)) {
foreach ($osC_Language->getAll() as $l) {
$image_upload = new upload('image' . $l['id'], DIR_FS_CATALOG . 'images/');
if ($image_upload->exists() && $image_upload->parse() && $image_upload->save()) {
$Qdelete = $osC_Database->query('select image from :table_slide_images where image_id = :image_id and language_id=:language_id');
$Qdelete->bindTable(':table_slide_images', TABLE_SLIDE_IMAGES);
$Qdelete->bindInt(':image_id', $id);
$Qdelete->bindValue(':language_id', $l['id']);
$Qdelete->execute();
if ($Qdelete->numberOfRows() > 0) {
@unlink(DIR_FS_CATALOG . 'images/' . $Qdelete->value('image'));
}
$Qimage = $osC_Database->query('update :table_slide_images set image = :image, description = :description, image_url = :image_url, sort_order = :sort_order, status = :status where image_id = :image_id and language_id=:language_id');
$Qimage->bindValue(':image', $image_upload->filename);
} else {
$Qimage = $osC_Database->query('update :table_slide_images set description = :description, image_url = :image_url, sort_order = :sort_order, status = :status where image_id = :image_id and language_id=:language_id');
}
$Qimage->bindTable(':table_slide_images', TABLE_SLIDE_IMAGES);
$Qimage->bindValue(':description', $data['description'][$l['id']]);
$Qimage->bindValue(':image_url', $data['image_url'][$l['id']]);
$Qimage->bindValue(':sort_order', $data['sort_order']);
$Qimage->bindValue(':status', $data['status']);
$Qimage->bindInt(':image_id', $id);
$Qimage->bindValue(':language_id', $l['id']);
$Qimage->execute();
}
} else {
$Qmaximage = $osC_Database->query('select max(image_id) as image_id from :table_slide_images');
$Qmaximage->bindTable(':table_slide_images', TABLE_SLIDE_IMAGES);
$Qmaximage->execute();
$image_id = $Qmaximage->valueInt('image_id') + 1;
foreach ($osC_Language->getAll() as $l) {
$products_image = new upload('image' . $l['id'], DIR_FS_CATALOG . 'images/');
if ($products_image->exists() && $products_image->parse() && $products_image->save()) {
$Qimage = $osC_Database->query('insert into :table_slide_images (image_id,language_id ,description,image ,image_url ,sort_order,status) values (:image_id,:language_id,:description ,:image,:image_url ,:sort_order,:status)');
$Qimage->bindTable(':table_slide_images', TABLE_SLIDE_IMAGES);
$Qimage->bindValue(':image_id', $image_id);
$Qimage->bindValue(':language_id', $l['id']);
$Qimage->bindValue(':description', $data['description'][$l['id']]);
$Qimage->bindValue(':image', $products_image->filename);
$Qimage->bindValue(':image_url', $data['image_url'][$l['id']]);
$Qimage->bindValue(':sort_order', $data['sort_order']);
$Qimage->bindValue(':status', $data['status']);
$Qimage->execute();
}
}
}
if ($osC_Database->isError()) {
return false;
} else {
osC_Cache::clear('slide-images');
return true;
}
}
function storeFileUpload($file, $directory)
{
if (is_writeable($directory)) {
$upload = new upload($file, $directory);
if ($upload->exists() && $upload->parse() && $upload->save()) {
return true;
}
}
return false;
}
function execute()
{
global $osC_Session, $osC_Product, $toC_Customization_Fields, $osC_Language, $messageStack;
if (!isset($osC_Product)) {
$id = false;
foreach ($_GET as $key => $value) {
if ((ereg('^[0-9]+(#?([0-9]+:?[0-9]+)+(;?([0-9]+:?[0-9]+)+)*)*$', $key) || ereg('^[a-zA-Z0-9 -_]*$', $key)) && $key != $osC_Session->getName()) {
$id = $key;
}
break;
}
if ($id !== false && osC_Product::checkEntry($id)) {
$osC_Product = new osC_Product($id);
}
}
if (isset($osC_Product)) {
$errors = array();
$data = array();
$customizations = $osC_Product->getCustomizations();
foreach ($customizations as $field) {
$fields_id = $field['customization_fields_id'];
if ($field['type'] == CUSTOMIZATION_FIELD_TYPE_INPUT_TEXT) {
$value = isset($_POST['customizations'][$fields_id]) ? $_POST['customizations'][$fields_id] : null;
if ($field['is_required'] && $value == null) {
$messageStack->add_session('products_customizations', sprintf($osC_Language->get('error_customization_field_must_be_specified'), $field['name']), 'error');
} else {
if ($value != null) {
$data[$fields_id] = array('customization_fields_id' => $field['customization_fields_id'], 'customization_fields_name' => $field['name'], 'customization_type' => CUSTOMIZATION_FIELD_TYPE_INPUT_TEXT, 'customization_value' => $value);
}
}
} else {
$file = new upload('customizations_' . $fields_id, DIR_FS_CACHE . '/products_customizations/');
if ($field['is_required'] && !$file->exists() && !$toC_Customization_Fields->hasCustomizationField($osC_Product->getID(), $fields_id)) {
$messageStack->add_session('products', sprintf($osC_Language->get('error_customization_field_must_be_specified'), $field['name']), 'error');
} else {
if ($file->exists()) {
if ($file->parse() && $file->save()) {
$filename = $file->filename;
$cache_filename = md5($filename . time());
rename(DIR_FS_CACHE . '/products_customizations/' . $filename, DIR_FS_CACHE . '/products_customizations/' . $cache_filename);
$data[$fields_id] = array('customization_fields_id' => $field['customization_fields_id'], 'customization_fields_name' => $field['name'], 'customization_type' => CUSTOMIZATION_FIELD_TYPE_INPUT_FILE, 'customization_value' => $filename, 'cache_filename' => $cache_filename);
} else {
$messageStack->add_session('products_customizations', $file->getLastError(), 'error');
}
}
}
}
}
//var_dump($data);exit;
if ($messageStack->size('products_customizations') === 0) {
$toC_Customization_Fields->set($osC_Product->getID(), $data);
}
}
osc_redirect(osc_href_link(FILENAME_PRODUCTS, $osC_Product->getID()));
}
function get_upload_file($fld)
{
global $UploadCache;
if (!isset($UploadCache)) {
$UploadCache = array();
}
if (!isset($UploadCache[$fld])) {
$model_image_obj = new upload($fld);
$model_image_obj->set_destination(DIR_FS_CATALOG_IMAGES);
$UploadCache[$fld] = $model_image_obj->parse() && $model_image_obj->save() ? $model_image_obj->filename : '';
}
//echo 'get_upload_file('.$fld.")=".$UploadCache[$fld]."\n";
return $UploadCache[$fld];
}
public static function save($id = null, $data)
{
global $osC_Database;
$error = false;
if (empty($data['html_text']) && empty($data['image_local']) && !empty($data['image'])) {
$image = new upload($data['image'], realpath('../images/' . $data['image_target']));
if (!$image->exists() || !$image->parse() || !$image->save()) {
$error = true;
}
}
if ($error === false) {
$image_location = !empty($data['image_local']) ? $data['image_local'] : (isset($image) ? $data['image_target'] . $image->filename : null);
if (is_numeric($id)) {
$Qbanner = $osC_Database->query('update :table_banners set banners_title = :banners_title, banners_url = :banners_url, banners_image = :banners_image, banners_group = :banners_group, banners_html_text = :banners_html_text, expires_date = :expires_date, expires_impressions = :expires_impressions, date_scheduled = :date_scheduled, status = :status where banners_id = :banners_id');
$Qbanner->bindInt(':banners_id', $id);
} else {
$Qbanner = $osC_Database->query('insert into :table_banners (banners_title, banners_url, banners_image, banners_group, banners_html_text, expires_date, expires_impressions, date_scheduled, status, date_added) values (:banners_title, :banners_url, :banners_image, :banners_group, :banners_html_text, :expires_date, :expires_impressions, :date_scheduled, :status, now())');
}
$Qbanner->bindTable(':table_banners', TABLE_BANNERS);
$Qbanner->bindValue(':banners_title', $data['title']);
$Qbanner->bindValue(':banners_url', $data['url']);
$Qbanner->bindValue(':banners_image', $image_location);
$Qbanner->bindValue(':banners_group', !empty($data['group_new']) ? $data['group_new'] : $data['group']);
$Qbanner->bindValue(':banners_html_text', $data['html_text']);
if (empty($data['date_expires'])) {
$Qbanner->bindRaw(':expires_date', 'null');
$Qbanner->bindInt(':expires_impressions', $data['expires_impressions']);
} else {
$Qbanner->bindValue(':expires_date', $data['date_expires']);
$Qbanner->bindInt(':expires_impressions', 0);
}
if (empty($data['date_scheduled'])) {
$Qbanner->bindRaw(':date_scheduled', 'null');
$Qbanner->bindInt(':status', $data['status'] === true ? 1 : 0);
} else {
$Qbanner->bindValue(':date_scheduled', $data['date_scheduled']);
$Qbanner->bindInt(':status', $data['date_scheduled'] > date('Y-m-d') ? 0 : ($data['status'] === true ? 1 : 0));
}
$Qbanner->setLogging($_SESSION['module'], $id);
$Qbanner->execute();
if (!$osC_Database->isError()) {
return true;
}
}
return false;
}
function put_logo_image($action = '')
{
$newname = DIR_FS_CATALOG . 'images/' . $this->store_id . '_images';
if (!is_dir($newname)) {
mkdir($newname);
}
$allowed_files_types = array('gif', 'jpg', 'png');
if (is_dir($newname)) {
$store_logo_image = new upload($this->store_logo);
$store_logo_image->set_destination($newname);
$store_logo_image->set_extensions($allowed_files_types);
$parsed = $store_logo_image->parse();
if (!$parsed && $action == '') {
if (copy(DIR_FS_CATALOG . 'images/store_images/default/default_store_logo.gif', $newname . '/default_store_logo.gif')) {
smn_db_query("update " . TABLE_STORE_MAIN . " set store_image = 'default_store_logo.gif' where store_id = '" . (int) $this->store_id . "'");
}
} else {
if ($store_logo_image->file['size'] > MAX_IMAGE_FILE_SIZE && $parsed) {
if (copy(DIR_FS_CATALOG . 'images/store_images/default/default_store_logo.gif', $newname . '/default_store_logo.gif')) {
smn_db_query("update " . TABLE_STORE_MAIN . " set store_image = 'default_store_logo.gif' where store_id = '" . (int) $this->store_id . "'");
}
return sprintf(ERROR_IMAGE_FILE_SIZE_EXCEED, MAX_IMAGE_FILE_SIZE);
} elseif ($parsed) {
$ext = substr($store_logo_image->filename, -4);
$store_logo_image->set_filename('logo' . $ext);
$saved = $store_logo_image->save();
if ($saved) {
smn_db_query("update " . TABLE_STORE_MAIN . " set store_image = '" . $store_logo_image->filename . "' where store_id = '" . (int) $this->store_id . "'");
} elseif ($action == '') {
$this->store_logo_image_name = '';
if (copy(DIR_FS_CATALOG . 'images/store_images/default/default_store_logo.gif', $newname . '/default_store_logo.gif')) {
smn_db_query("update " . TABLE_STORE_MAIN . " set store_image = 'default_store_logo.gif' where store_id = '" . (int) $this->store_id . "'");
}
}
}
}
} else {
return ERROR_CATALOG_IMAGE_DIRECTORY_DOES_NOT_EXIST;
}
return '';
}
function upload()
{
$logo_image = new upload('logo_image');
if ($logo_image->exists()) {
self::deleteLogo('originals');
$img_type = substr($_FILES['logo_image']['name'], strrpos($_FILES['logo_image']['name'], '.') + 1);
$original = DIR_FS_CATALOG . DIR_WS_IMAGES . 'logo_originals.' . $img_type;
$logo_image->set_destination(realpath(DIR_FS_CATALOG . 'images/'));
if ($logo_image->parse() && $logo_image->save()) {
copy(DIR_FS_CATALOG . 'images/' . $logo_image->filename, $original);
@unlink(DIR_FS_CATALOG . 'images/' . $logo_image->filename);
$osC_DirectoryListing = new osC_DirectoryListing('../templates');
$osC_DirectoryListing->setIncludeDirectories(true);
$osC_DirectoryListing->setIncludeFiles(false);
$osC_DirectoryListing->setExcludeEntries('system');
$templates = $osC_DirectoryListing->getFiles();
foreach ($templates as $template) {
$code = $template['name'];
if (file_exists('../templates/' . $code . '/template.php')) {
include '../templates/' . $code . '/template.php';
$class = 'osC_Template_' . $code;
self::deleteLogo($code);
if (class_exists($class)) {
$module = new $class();
$logo_height = $module->getLogoHeight();
$logo_width = $module->getLogoWidth();
$dest_image = DIR_FS_CATALOG . DIR_WS_IMAGES . 'logo_' . $code . '.' . $img_type;
osc_gd_resize($original, $dest_image, $logo_width, $logo_height);
}
}
}
return true;
}
}
return false;
}
smn_reset_cache_block('also_purchased');
}
}
smn_redirect(html_entity_decode(smn_href_link(FILENAME_STORE_PRODUCT_CATEGORIES, 'cPath=' . $categories_id . '&ID='.$store_id.'&pID=' . $products_id)));
break;
case 'new_product_preview':
if (! checkVoucherPermissions($store_id, $_POST['products_model'])) {
$messageStack->add(ERROR_VENDORS_CANT_ADD_VOUCHERS, 'error');
$allow_insert = 'false';
} else {
// copy image only if modified
$allowed_files_types = array('gif', 'jpg', 'jpeg', 'png');
$products_image = new upload('products_image');
$products_image->set_destination(DIR_FS_CATALOG_IMAGES);
$products_image->set_extensions($allowed_files_types);
if ($products_image->parse() && $products_image->save()) {
$products_image_name = $products_image->filename;
} else {
$products_image_name = (isset($_POST['products_previous_image']) ? $_POST['products_previous_image'] : '');
}
}
break;
}
}
// check if the catalog image directory exists
if (is_dir(DIR_FS_CATALOG_IMAGES)) {
if (!is_writeable(DIR_FS_CATALOG_IMAGES)) $messageStack->add(ERROR_CATALOG_IMAGE_DIRECTORY_NOT_WRITEABLE, 'error');
} else {
$messageStack->add(ERROR_CATALOG_IMAGE_DIRECTORY_DOES_NOT_EXIST, 'error');
}
}
$manufacturers_name = tep_db_prepare_input($HTTP_POST_VARS['manufacturers_name']);
$sql_data_array = array('manufacturers_name' => $manufacturers_name);
if ($action == 'insert') {
$insert_sql_data = array('date_added' => 'now()');
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
tep_db_perform(TABLE_MANUFACTURERS, $sql_data_array);
$manufacturers_id = tep_db_insert_id();
} elseif ($action == 'save') {
$update_sql_data = array('last_modified' => 'now()');
$sql_data_array = array_merge($sql_data_array, $update_sql_data);
tep_db_perform(TABLE_MANUFACTURERS, $sql_data_array, 'update', "manufacturers_id = '" . (int) $manufacturers_id . "'");
}
$manufacturers_image = new upload('manufacturers_image');
$manufacturers_image->set_destination(DIR_FS_CATALOG_IMAGES);
if ($manufacturers_image->parse() && $manufacturers_image->save()) {
tep_db_query("update " . TABLE_MANUFACTURERS . " set manufacturers_image = '" . tep_db_input($manufacturers_image->filename) . "' where manufacturers_id = '" . (int) $manufacturers_id . "'");
}
$languages = tep_get_languages();
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
$manufacturers_url_array = $HTTP_POST_VARS['manufacturers_url'];
$language_id = $languages[$i]['id'];
$sql_data_array = array('manufacturers_url' => tep_db_prepare_input($manufacturers_url_array[$language_id]));
if ($action == 'insert') {
$insert_sql_data = array('manufacturers_id' => $manufacturers_id, 'languages_id' => $language_id);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
tep_db_perform(TABLE_MANUFACTURERS_INFO, $sql_data_array);
} elseif ($action == 'save') {
tep_db_perform(TABLE_MANUFACTURERS_INFO, $sql_data_array, 'update', "manufacturers_id = '" . (int) $manufacturers_id . "' and languages_id = '" . (int) $language_id . "'");
}
}
/**
* Method to handle cart Action - add product
*
* @param string forward destination
* @param url parameters
*/
function actionAddProduct($goto, $parameters)
{
global $db, $messageStack;
if ($this->display_debug_messages) {
$messageStack->add_session('header', 'A: FUNCTION ' . __FUNCTION__, 'caution');
}
if (isset($_POST['products_id']) && is_numeric($_POST['products_id'])) {
// verify attributes and quantity first
if ($this->display_debug_messages) {
$messageStack->add_session('header', 'A2: FUNCTION ' . __FUNCTION__, 'caution');
}
$the_list = '';
$adjust_max = 'false';
if (isset($_POST['id'])) {
foreach ($_POST['id'] as $key => $value) {
$check = zen_get_attributes_valid($_POST['products_id'], $key, $value);
if ($check == false) {
$the_list .= TEXT_ERROR_OPTION_FOR . '<span class="alertBlack">' . zen_options_name($key) . '</span>' . TEXT_INVALID_SELECTION . '<span class="alertBlack">' . ($value == (int) PRODUCTS_OPTIONS_VALUES_TEXT_ID ? TEXT_INVALID_USER_INPUT : zen_values_name($value)) . '</span>' . '<br />';
}
}
}
if (!is_numeric($_POST['cart_quantity']) || $_POST['cart_quantity'] < 0) {
// adjust quantity when not a value
$chk_link = '<a href="' . zen_href_link(zen_get_info_page($_POST['products_id']), 'cPath=' . zen_get_generated_category_path_rev(zen_get_products_category_id($_POST['products_id'])) . '&products_id=' . $_POST['products_id']) . '">' . zen_get_products_name($_POST['products_id']) . '</a>';
$messageStack->add_session('header', ERROR_CORRECTIONS_HEADING . ERROR_PRODUCT_QUANTITY_UNITS_SHOPPING_CART . $chk_link . ' ' . PRODUCTS_ORDER_QTY_TEXT . zen_output_string_protected($_POST['cart_quantity']), 'caution');
$_POST['cart_quantity'] = 0;
}
// verify qty to add
$add_max = zen_get_products_quantity_order_max($_POST['products_id']);
$cart_qty = $this->in_cart_mixed($_POST['products_id']);
if ($this->display_debug_messages) {
$messageStack->add_session('header', 'B: FUNCTION ' . __FUNCTION__ . ' Products_id: ' . $_POST['products_id'] . ' cart_qty: ' . $cart_qty . ' $_POST[cart_quantity]: ' . $_POST['cart_quantity'] . ' <br>', 'caution');
}
$new_qty = $_POST['cart_quantity'];
$new_qty = $this->adjust_quantity($new_qty, $_POST['products_id'], 'shopping_cart');
// bof: adjust new quantity to be same as current in stock
$chk_current_qty = zen_get_products_stock($_POST['products_id']);
$this->flag_duplicate_msgs_set = FALSE;
if (STOCK_ALLOW_CHECKOUT == 'false' && $cart_qty + $new_qty > $chk_current_qty) {
$new_qty = $chk_current_qty;
$messageStack->add_session('shopping_cart', ($this->display_debug_messages ? 'C: FUNCTION ' . __FUNCTION__ . ': ' : '') . WARNING_PRODUCT_QUANTITY_ADJUSTED . zen_get_products_name($_POST['products_id']), 'caution');
$this->flag_duplicate_msgs_set = TRUE;
}
// eof: adjust new quantity to be same as current in stock
if ($add_max == 1 and $cart_qty == 1) {
// do not add
$new_qty = 0;
$adjust_max = 'true';
} else {
// bof: adjust new quantity to be same as current in stock
if (STOCK_ALLOW_CHECKOUT == 'false' && $new_qty + $cart_qty > $chk_current_qty) {
$adjust_new_qty = 'true';
$alter_qty = $chk_current_qty - $cart_qty;
$new_qty = $alter_qty > 0 ? $alter_qty : 0;
if (!$this->flag_duplicate_msgs_set) {
$messageStack->add_session('shopping_cart', ($this->display_debug_messages ? 'D: FUNCTION ' . __FUNCTION__ . ': ' : '') . WARNING_PRODUCT_QUANTITY_ADJUSTED . zen_get_products_name($_POST['products_id']), 'caution');
}
}
// eof: adjust new quantity to be same as current in stock
// adjust quantity if needed
if ($new_qty + $cart_qty > $add_max and $add_max != 0) {
$adjust_max = 'true';
$new_qty = $add_max - $cart_qty;
}
}
if (zen_get_products_quantity_order_max($_POST['products_id']) == 1 and $this->in_cart_mixed($_POST['products_id']) == 1) {
// do not add
} else {
// process normally
// bof: set error message
if ($the_list != '') {
$messageStack->add('product_info', ERROR_CORRECTIONS_HEADING . $the_list, 'caution');
} else {
// process normally
// iii 030813 added: File uploading: save uploaded files with unique file names
$real_ids = isset($_POST['id']) ? $_POST['id'] : "";
if (isset($_GET['number_of_uploads']) && $_GET['number_of_uploads'] > 0) {
/**
* Need the upload class for attribute type that allows user uploads.
*
*/
include DIR_WS_CLASSES . 'upload.php';
for ($i = 1, $n = $_GET['number_of_uploads']; $i <= $n; $i++) {
if (zen_not_null($_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]]) and $_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] != 'none') {
$products_options_file = new upload('id');
$products_options_file->set_destination(DIR_FS_UPLOADS);
$products_options_file->set_output_messages('session');
if ($products_options_file->parse(TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i])) {
$products_image_extension = substr($products_options_file->filename, strrpos($products_options_file->filename, '.'));
if ($_SESSION['customer_id']) {
$db->Execute("insert into " . TABLE_FILES_UPLOADED . " (sesskey, customers_id, files_uploaded_name) values('" . zen_session_id() . "', '" . $_SESSION['customer_id'] . "', '" . zen_db_input($products_options_file->filename) . "')");
} else {
$db->Execute("insert into " . TABLE_FILES_UPLOADED . " (sesskey, files_uploaded_name) values('" . zen_session_id() . "', '" . zen_db_input($products_options_file->filename) . "')");
}
$insert_id = $db->Insert_ID();
$real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $insert_id . ". " . $products_options_file->filename;
$products_options_file->set_filename("{$insert_id}" . $products_image_extension);
if (!$products_options_file->save()) {
break;
}
} else {
break;
}
} else {
// No file uploaded -- use previous value
$real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $_POST[TEXT_PREFIX . UPLOAD_PREFIX . $i];
}
}
}
$this->add_cart($_POST['products_id'], $this->get_quantity(zen_get_uprid($_POST['products_id'], $real_ids)) + $new_qty, $real_ids);
// iii 030813 end of changes.
}
// eof: set error message
}
// eof: quantity maximum = 1
if ($adjust_max == 'true') {
$messageStack->add_session('shopping_cart', ERROR_MAXIMUM_QTY . zen_get_products_name($_POST['products_id']), 'caution');
if ($this->display_debug_messages) {
$messageStack->add_session('header', 'E: FUNCTION ' . __FUNCTION__ . '<br>' . ERROR_MAXIMUM_QTY . zen_get_products_name($_POST['products_id']), 'caution');
}
}
}
if ($the_list == '') {
// no errors
// display message if all is good and not on shopping_cart page
if (DISPLAY_CART == 'false' && $_GET['main_page'] != FILENAME_SHOPPING_CART && $messageStack->size('shopping_cart') == 0) {
$messageStack->add_session('header', ($this->display_debug_messages ? 'FUNCTION ' . __FUNCTION__ . ': ' : '') . SUCCESS_ADDED_TO_CART_PRODUCT, 'success');
zen_redirect(zen_href_link($goto, zen_get_all_get_params($parameters)));
} else {
zen_redirect(zen_href_link(FILENAME_SHOPPING_CART));
}
} else {
// errors found with attributes - perhaps display an additional message here, using an observer class to add to the messageStack
$this->notify('NOTIFIER_CART_OPTIONAL_ATTRIBUTE_ERROR_MESSAGE_HOOK', $_POST, $the_list);
}
}
if (is_writable($_SESSION['current_path']) && ($fp = fopen($_SESSION['current_path'] . '/' . basename($_POST['filename']), 'w+'))) {
fputs($fp, stripslashes($_POST['file_contents']));
fclose($fp);
xos_redirect(xos_href_link(FILENAME_FILE_MANAGER, 'info=' . urlencode(basename($_POST['filename']))));
}
} else {
$action = 'new_file';
$directory_writeable = true;
$messageStack->add('header', ERROR_FILENAME_EMPTY, 'error');
}
break;
case 'processuploads':
for ($i = 1; $i < 6; $i++) {
if (!empty($_FILES['file_' . $i]['name'])) {
$upload = new upload('file_' . $i, $_SESSION['current_path'], '644');
$upload->parse();
$upload->save();
}
}
xos_redirect(xos_href_link(FILENAME_FILE_MANAGER));
break;
case 'download':
header_remove();
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
header('Content-Type: application/octet-stream');
header('Content-Length: ' . @filesize($_SESSION['current_path'] . '/' . urldecode($_GET['filename'])));
header('Content-Disposition: attachment; filename="' . urldecode($_GET['filename']) . '"');
function save($id = null, $data)
{
global $osC_Database, $osC_Language, $osC_Image, $osC_Session;
$error = false;
$osC_Database->startTransaction();
//products
if (is_numeric($id)) {
$Qproduct = $osC_Database->query('update :table_products set products_type = :products_type, products_sku = :products_sku, products_model = :products_model, products_price = :products_price, products_quantity = :products_quantity, products_moq = :products_moq, products_max_order_quantity = :products_max_order_quantity, order_increment = :order_increment, quantity_unit_class = :quantity_unit_class, products_date_available = :products_date_available, products_weight = :products_weight, products_weight_class = :products_weight_class, products_status = :products_status, products_tax_class_id = :products_tax_class_id, manufacturers_id = :manufacturers_id, quantity_discount_groups_id = :quantity_discount_groups_id, products_last_modified = now(), products_attributes_groups_id = :products_attributes_groups_id where products_id = :products_id');
$Qproduct->bindInt(':products_id', $id);
} else {
$Qproduct = $osC_Database->query('insert into :table_products (products_type, products_sku, products_model, products_price, products_quantity, products_moq, products_max_order_quantity, order_increment, quantity_unit_class, products_date_available, products_weight, products_weight_class, products_status, products_tax_class_id, manufacturers_id, products_date_added, quantity_discount_groups_id, products_attributes_groups_id) values (:products_type, :products_sku, :products_model, :products_price, :products_quantity, :products_moq, :products_max_order_quantity, :order_increment, :quantity_unit_class, :products_date_available, :products_weight, :products_weight_class, :products_status, :products_tax_class_id, :manufacturers_id, :products_date_added, :quantity_discount_groups_id, :products_attributes_groups_id)');
$Qproduct->bindRaw(':products_date_added', 'now()');
}
$Qproduct->bindTable(':table_products', TABLE_PRODUCTS);
$Qproduct->bindInt(':products_type', $data['products_type']);
$Qproduct->bindValue(':products_sku', $data['products_sku']);
$Qproduct->bindValue(':products_model', $data['products_model']);
$Qproduct->bindValue(':products_price', $data['price']);
$Qproduct->bindInt(':products_quantity', $data['quantity']);
$Qproduct->bindInt(':products_moq', $data['products_moq']);
$Qproduct->bindInt(':products_max_order_quantity', $data['products_max_order_quantity']);
$Qproduct->bindInt(':order_increment', $data['order_increment']);
$Qproduct->bindInt(':quantity_unit_class', $data['quantity_unit_class']);
if (date('Y-m-d') < $data['date_available']) {
$Qproduct->bindValue(':products_date_available', $data['date_available']);
} else {
$Qproduct->bindRaw(':products_date_available', 'null');
}
$Qproduct->bindValue(':products_weight', $data['weight']);
$Qproduct->bindInt(':products_weight_class', $data['weight_class']);
$Qproduct->bindInt(':products_status', $data['status']);
$Qproduct->bindInt(':products_tax_class_id', $data['tax_class_id']);
$Qproduct->bindInt(':manufacturers_id', $data['manufacturers_id']);
$Qproduct->bindInt(':quantity_discount_groups_id', $data['quantity_discount_groups_id']);
if (empty($data['products_attributes_groups_id'])) {
$Qproduct->bindRaw(':products_attributes_groups_id', 'null');
} else {
$Qproduct->bindInt(':products_attributes_groups_id', $data['products_attributes_groups_id']);
}
$Qproduct->setLogging($_SESSION['module'], $id);
$Qproduct->execute();
if ($osC_Database->isError()) {
$error = true;
} else {
if (is_numeric($id)) {
$products_id = $id;
} else {
$products_id = $osC_Database->nextID();
}
//products_to_categories
$Qcategories = $osC_Database->query('delete from :table_products_to_categories where products_id = :products_id');
$Qcategories->bindTable(':table_products_to_categories', TABLE_PRODUCTS_TO_CATEGORIES);
$Qcategories->bindInt(':products_id', $products_id);
$Qcategories->setLogging($_SESSION['module'], $products_id);
$Qcategories->execute();
if ($osC_Database->isError()) {
$error = true;
} else {
if (isset($data['categories']) && !empty($data['categories'])) {
foreach ($data['categories'] as $category_id) {
$Qp2c = $osC_Database->query('insert into :table_products_to_categories (products_id, categories_id) values (:products_id, :categories_id)');
$Qp2c->bindTable(':table_products_to_categories', TABLE_PRODUCTS_TO_CATEGORIES);
$Qp2c->bindInt(':products_id', $products_id);
$Qp2c->bindInt(':categories_id', $category_id);
$Qp2c->setLogging($_SESSION['module'], $products_id);
$Qp2c->execute();
if ($osC_Database->isError()) {
$error = true;
break;
}
}
}
}
}
if ($error === false && is_numeric($id)) {
$Qdelete = $osC_Database->query('delete from :table_products_attachments_to_products where products_id = :products_id');
$Qdelete->bindTable(':table_products_attachments_to_products', TABLE_PRODUCTS_ATTACHMENTS_TO_PRODUCTS);
$Qdelete->bindInt(':products_id', $products_id);
$Qdelete->setLogging($_SESSION['module'], $products_id);
$Qdelete->execute();
if ($osC_Database->isError()) {
$error = true;
}
}
if ($error === false && sizeof($data['attachments']) > 0) {
foreach ($data['attachments'] as $attachments_id) {
$Qp2a = $osC_Database->query('insert into :table_products_attachments_to_products (products_id, attachments_id) values (:products_id, :attachments_id)');
$Qp2a->bindTable(':table_products_attachments_to_products', TABLE_PRODUCTS_ATTACHMENTS_TO_PRODUCTS);
$Qp2a->bindInt(':products_id', $products_id);
$Qp2a->bindInt(':attachments_id', $attachments_id);
$Qp2a->setLogging($_SESSION['module'], $products_id);
$Qp2a->execute();
if ($osC_Database->isError()) {
$error = true;
break;
}
}
}
//accessories
if ($error === false) {
if (is_numeric($id)) {
$Qdelete = $osC_Database->query('delete from :table_products_accessories where products_id = :products_id');
$Qdelete->bindTable(':table_products_accessories', TABLE_PRODUCTS_ACCESSORIES);
$Qdelete->bindInt(':products_id', $products_id);
$Qdelete->setLogging($_SESSION['module'], $products_id);
$Qdelete->execute();
if ($osC_Database->isError()) {
$error = true;
}
}
if (sizeof($data['accessories_ids']) > 0) {
foreach ($data['accessories_ids'] as $accessories_id) {
$Qinsert = $osC_Database->query('insert into :table_products_accessories (products_id, accessories_id) values (:products_id, :accessories_id)');
$Qinsert->bindTable(':table_products_accessories', TABLE_PRODUCTS_ACCESSORIES);
$Qinsert->bindInt(':products_id', $products_id);
$Qinsert->bindInt(':accessories_id', $accessories_id);
$Qinsert->setLogging($_SESSION['module'], $products_id);
$Qinsert->execute();
if ($osC_Database->isError()) {
$error = true;
break;
}
}
}
}
//downloadable products & gift certificates
if ($data['products_type'] == PRODUCT_TYPE_DOWNLOADABLE) {
if (is_numeric($id)) {
$Qdownloadables = $osC_Database->query('update :table_products_downloadables set number_of_downloads = :number_of_downloads, number_of_accessible_days = :number_of_accessible_days where products_id = :products_id');
} else {
$Qdownloadables = $osC_Database->query('insert into :table_products_downloadables (products_id, number_of_downloads, number_of_accessible_days) values (:products_id, :number_of_downloads, :number_of_accessible_days)');
}
$Qdownloadables->bindTable(':table_products_downloadables', TABLE_PRODUCTS_DOWNLOADABLES);
$Qdownloadables->bindInt(':products_id', $products_id);
$Qdownloadables->bindInt(':number_of_downloads', $data['number_of_downloads']);
$Qdownloadables->bindInt(':number_of_accessible_days', $data['number_of_accessible_days']);
$Qdownloadables->setLogging($_SESSION['module'], $products_id);
$Qdownloadables->execute();
if ($osC_Database->isError()) {
$error = true;
} else {
$filename = null;
$cache_filename = null;
$file = new upload('downloadable_file');
if ($file->exists()) {
$file->set_destination(realpath('../download'));
if ($file->parse() && $file->save()) {
$filename = $file->filename;
$cache_filename = md5($filename . time());
rename(DIR_FS_DOWNLOAD . $filename, DIR_FS_DOWNLOAD . $cache_filename);
}
}
if (!is_null($filename)) {
if (is_numeric($id)) {
$Qfile = $osC_Database->query('select cache_filename from :table_products_downloadables where products_id = :products_id');
$Qfile->bindTable(':table_products_downloadables', TABLE_PRODUCTS_DOWNLOADABLES);
$Qfile->bindInt(':products_id', $products_id);
$Qfile->execute();
if ($Qfile->numberOfRows() > 0) {
$file = $Qfile->value('cache_filename');
unlink(DIR_FS_DOWNLOAD . $file);
}
}
$Qupdate = $osC_Database->query('update :table_products_downloadables set filename = :filename, cache_filename = :cache_filename where products_id = :products_id');
$Qupdate->bindTable(':table_products_downloadables', TABLE_PRODUCTS_DOWNLOADABLES);
$Qupdate->bindInt(':products_id', $products_id);
$Qupdate->bindValue(':filename', $filename);
$Qupdate->bindValue(':cache_filename', $cache_filename);
$Qupdate->setLogging($_SESSION['module'], $products_id);
$Qupdate->execute();
if ($osC_Database->isError()) {
$error = true;
}
}
if ($error === false) {
$sample_filename = null;
$cache_sample_filename = null;
$sample_file = new upload('sample_downloadable_file');
if ($sample_file->exists()) {
$sample_file->set_destination(realpath('../download'));
if ($sample_file->parse() && $sample_file->save()) {
$sample_filename = $sample_file->filename;
$cache_sample_filename = md5($sample_filename . time());
@rename(DIR_FS_DOWNLOAD . $sample_filename, DIR_FS_DOWNLOAD . $cache_sample_filename);
}
}
if (!is_null($sample_filename) && $error === false) {
if (is_numeric($id)) {
$Qfile = $osC_Database->query('select cache_sample_filename from :table_products_downloadables where products_id = :products_id');
$Qfile->bindTable(':table_products_downloadables', TABLE_PRODUCTS_DOWNLOADABLES);
$Qfile->bindInt(':products_id', $products_id);
$Qfile->execute();
if ($Qfile->numberOfRows() > 0) {
$file = $Qfile->value('cache_sample_filename');
unlink(DIR_FS_DOWNLOAD . $file);
}
}
$Qfiles = $osC_Database->query('update :table_products_downloadables set sample_filename = :sample_filename, cache_sample_filename = :cache_sample_filename where products_id = :products_id');
$Qfiles->bindTable(':table_products_downloadables', TABLE_PRODUCTS_DOWNLOADABLES);
$Qfiles->bindInt(':products_id', $products_id);
$Qfiles->bindValue(':sample_filename', $sample_filename);
$Qfiles->bindValue(':cache_sample_filename', $cache_sample_filename);
$Qfiles->setLogging($_SESSION['module'], $products_id);
$Qfiles->execute();
if ($osC_Database->isError()) {
$error = true;
}
}
}
}
} else {
if ($data['products_type'] == PRODUCT_TYPE_GIFT_CERTIFICATE) {
if (is_numeric($id)) {
$Qcertificates = $osC_Database->query('update :table_products_gift_certificates set gift_certificates_type = :gift_certificates_type, gift_certificates_amount_type = :gift_certificates_amount_type, open_amount_max_value = :open_amount_max_value, open_amount_min_value = :open_amount_min_value where products_id = :products_id');
} else {
$Qcertificates = $osC_Database->query('insert into :table_products_gift_certificates (products_id, gift_certificates_type, gift_certificates_amount_type, open_amount_max_value, open_amount_min_value) values (:products_id, :gift_certificates_type, :gift_certificates_amount_type, :open_amount_max_value, :open_amount_min_value)');
}
$Qcertificates->bindTable(':table_products_gift_certificates', TABLE_PRODUCTS_GIFT_CERTIFICATES);
$Qcertificates->bindInt(':products_id', $products_id);
$Qcertificates->bindInt(':gift_certificates_type', $data['gift_certificates_type']);
$Qcertificates->bindInt(':gift_certificates_amount_type', $data['gift_certificates_amount_type']);
$Qcertificates->bindValue(':open_amount_max_value', $data['open_amount_max_value']);
$Qcertificates->bindValue(':open_amount_min_value', $data['open_amount_min_value']);
$Qcertificates->setLogging($_SESSION['module'], $products_id);
$Qcertificates->execute();
if ($osC_Database->isError()) {
$error = true;
}
}
}
//products_description
if ($error === false) {
foreach ($osC_Language->getAll() as $l) {
if (is_numeric($id)) {
$Qpd = $osC_Database->query('update :table_products_description set products_name = :products_name, products_short_description = :products_short_description, products_description = :products_description, products_tags = :products_tags, products_url = :products_url, products_friendly_url = :products_friendly_url, products_page_title = :products_page_title, products_meta_keywords = :products_meta_keywords, products_meta_description = :products_meta_description where products_id = :products_id and language_id = :language_id');
} else {
$Qpd = $osC_Database->query('insert into :table_products_description (products_id, language_id, products_name, products_short_description, products_description, products_tags, products_url, products_friendly_url, products_page_title, products_meta_keywords, products_meta_description) values (:products_id, :language_id, :products_name, :products_short_description, :products_description, :products_tags, :products_url, :products_friendly_url, :products_page_title, :products_meta_keywords, :products_meta_description)');
}
$Qpd->bindTable(':table_products_description', TABLE_PRODUCTS_DESCRIPTION);
$Qpd->bindInt(':products_id', $products_id);
$Qpd->bindInt(':language_id', $l['id']);
$Qpd->bindValue(':products_name', $data['products_name'][$l['id']]);
$Qpd->bindValue(':products_short_description', $data['products_short_description'][$l['id']]);
$Qpd->bindValue(':products_description', $data['products_description'][$l['id']]);
$Qpd->bindValue(':products_tags', $data['products_tags'][$l['id']]);
$Qpd->bindValue(':products_url', $data['products_url'][$l['id']]);
$Qpd->bindValue(':products_friendly_url', $data['products_friendly_url'][$l['id']]);
$Qpd->bindValue(':products_page_title', $data['products_page_title'][$l['id']]);
$Qpd->bindValue(':products_meta_keywords', $data['products_meta_keywords'][$l['id']]);
$Qpd->bindValue(':products_meta_description', $data['products_meta_description'][$l['id']]);
$Qpd->setLogging($_SESSION['module'], $products_id);
$Qpd->execute();
if ($osC_Database->isError()) {
$error = true;
break;
}
}
}
//BEGIN: products images
if ($error === false) {
$images = array();
$image_path = '../images/products/_upload/' . $osC_Session->getID() . '/';
$osC_DirectoryListing = new osC_DirectoryListing($image_path, true);
$osC_DirectoryListing->setIncludeDirectories(false);
foreach ($osC_DirectoryListing->getFiles() as $file) {
@copy($image_path . $file['name'], '../images/products/originals/' . $file['name']);
@unlink($image_path . $file['name']);
$images[$file['name']] = -1;
}
osc_remove($image_path);
$default_flag = 1;
foreach (array_keys($images) as $image) {
$Qimage = $osC_Database->query('insert into :table_products_images (products_id, default_flag, sort_order, date_added) values (:products_id, :default_flag, :sort_order, :date_added)');
$Qimage->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES);
$Qimage->bindInt(':products_id', $products_id);
$Qimage->bindInt(':default_flag', $default_flag);
$Qimage->bindInt(':sort_order', 0);
$Qimage->bindRaw(':date_added', 'now()');
$Qimage->execute();
if ($osC_Database->isError()) {
$error = true;
} else {
$image_id = $osC_Database->nextID();
$images[$image] = $image_id;
$new_image_name = $products_id . '_' . $image_id . '_' . $image;
@rename('../images/products/originals/' . $image, '../images/products/originals/' . $new_image_name);
$Qupdate = $osC_Database->query('update :table_products_images set image = :image where id = :id');
$Qupdate->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES);
$Qupdate->bindValue(':image', $new_image_name);
$Qupdate->bindInt(':id', $image_id);
$Qupdate->setLogging($_SESSION['module'], $products_id);
$Qupdate->execute();
foreach ($osC_Image->getGroups() as $group) {
if ($group['id'] != '1') {
$osC_Image->resize($new_image_name, $group['id'], 'products');
}
}
}
$default_flag = 0;
}
}
//END: products images
//BEGIN: products variants
if ($error === false) {
//if edit product, delete variant first
if (is_numeric($id)) {
$Qvariants = $osC_Database->query('select * from :table_products_variants where products_id = :products_id order by products_variants_id');
$Qvariants->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
$Qvariants->bindInt(':products_id', $_REQUEST['products_id']);
$Qvariants->execute();
$records = array();
while ($Qvariants->next()) {
$Qentries = $osC_Database->query('select products_variants_id, products_variants_groups_id, products_variants_values_id from :table_products_variants_entries where products_variants_id = :products_variants_id order by products_variants_groups_id, products_variants_values_id');
$Qentries->bindTable(':table_products_variants_entries', TABLE_PRODUCTS_VARIANTS_ENTRIES);
$Qentries->bindInt(':products_variants_id', $Qvariants->valueInt('products_variants_id'));
$Qentries->execute();
$variants_values = array();
while ($Qentries->next()) {
$variants_values[] = $Qentries->valueInt('products_variants_groups_id') . '_' . $Qentries->valueInt('products_variants_values_id');
}
$variant = implode('-', $variants_values);
if (!isset($data['products_variants_id'][$variant])) {
//remove cache file
$cache_filename = $Qvariants->value('cache_filename');
if (!empty($cache_filename) && file_exists(DIR_FS_DOWNLOAD . $cache_filename)) {
osc_remove(DIR_FS_DOWNLOAD . $cache_filename);
}
//delete variants
$Qdelete = $osC_Database->query('delete from :table_products_variants where products_variants_id = :products_variants_id');
$Qdelete->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
$Qdelete->bindInt(':products_variants_id', $Qvariants->valueInt('products_variants_id'));
$Qdelete->execute();
if ($osC_Database->isError()) {
$error = true;
break;
}
//delete variants entries
if ($error === false) {
$Qdelete = $osC_Database->query('delete from :table_products_variants_entries where products_variants_id = :products_variants_id');
$Qdelete->bindTable(':table_products_variants_entries', TABLE_PRODUCTS_VARIANTS_ENTRIES);
$Qdelete->bindInt(':products_variants_id', $Qvariants->valueInt('products_variants_id'));
$Qdelete->execute();
if ($osC_Database->isError()) {
$error = true;
break;
}
}
}
}
}
$products_quantity = 0;
//insert or update variant
if (isset($data['products_variants_id']) && is_array($data['products_variants_id'])) {
foreach ($data['products_variants_id'] as $key => $variants_id) {
if ($variants_id > 0) {
$Qpv = $osC_Database->query('update :table_products_variants set products_price = :products_price, products_sku = :products_sku, products_model = :products_model, products_quantity = :products_quantity, products_weight = :products_weight, products_status = :products_status, products_images_id = :products_images_id, is_default = :is_default where products_variants_id = :products_variants_id');
$Qpv->bindInt(':products_variants_id', $variants_id);
} else {
$Qpv = $osC_Database->query('insert into :table_products_variants (products_id, products_price, products_sku, products_model, products_quantity, products_weight, products_status, is_default, products_images_id) values (:products_id, :products_price, :products_sku, :products_model, :products_quantity, :products_weight, :products_status, :is_default, :products_images_id)');
$Qpv->bindInt(':products_id', $products_id);
}
$Qpv->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
$Qpv->bindInt(':is_default', $data['variants_default'][$key]);
$Qpv->bindValue(':products_price', $data['variants_price'][$key]);
$Qpv->bindValue(':products_sku', $data['variants_sku'][$key]);
$Qpv->bindValue(':products_model', $data['variants_model'][$key]);
$Qpv->bindValue(':products_quantity', $data['variants_quantity'][$key]);
$Qpv->bindValue(':products_weight', $data['variants_weight'][$key]);
$Qpv->bindValue(':products_status', $data['variants_status'][$key]);
$products_images_id = is_numeric($data['variants_image'][$key]) ? $data['variants_image'][$key] : $images[$data['variants_image'][$key]];
$Qpv->bindInt(':products_images_id', $products_images_id);
$Qpv->execute();
if ($osC_Database->isError()) {
$error = true;
break;
} else {
if (is_numeric($variants_id) && $variants_id > 0) {
$products_variants_id = $variants_id;
} else {
$products_variants_id = $osC_Database->nextID();
}
//downloadable file
if ($data['products_type'] == PRODUCT_TYPE_DOWNLOADABLE) {
$variants_file = new upload('products_variants_download_' . $key);
if ($variants_file->exists()) {
//remove old file
if (is_numeric($variants_id) && $variants_id > 0) {
$Qfile = $osC_Database->query('select cache_filename from :table_products_variants where products_variants_id = :products_variants_id');
$Qfile->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
$Qfile->bindInt(':products_variants_id', $variants_id);
$Qfile->execute();
$cache_filename = $Qfile->value('cache_filename');
if (!empty($cache_filename)) {
osc_remove(DIR_FS_DOWNLOAD . $cache_filename);
}
}
$variants_file->set_destination(realpath('../download'));
if ($variants_file->parse() && $variants_file->save()) {
$variants_filename = $variants_file->filename;
$cache_variants_filename = md5($variants_filename . time());
@rename(DIR_FS_DOWNLOAD . $variants_filename, DIR_FS_DOWNLOAD . $cache_variants_filename);
$Qupdate = $osC_Database->query('update :table_products_variants set filename = :filename, cache_filename = :cache_filename where products_variants_id = :products_variants_id');
$Qupdate->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
$Qupdate->bindInt(':products_variants_id', $products_variants_id);
$Qupdate->bindValue(':filename', $variants_filename);
$Qupdate->bindValue(':cache_filename', $cache_variants_filename);
$Qupdate->execute();
if ($osC_Database->isError()) {
$error = true;
break;
}
}
}
}
$products_quantity += $data['variants_quantity'][$key];
}
//variant entries
if ($error === false && $variants_id == '-1') {
$assigned_variants = explode('-', $key);
for ($i = 0; $i < sizeof($assigned_variants); $i++) {
$assigned_variant = explode('_', $assigned_variants[$i]);
$Qpve = $osC_Database->query('insert into :table_products_variants_entries (products_variants_id, products_variants_groups_id, products_variants_values_id) values (:products_variants_id, :products_variants_groups_id, :products_variants_values_id)');
$Qpve->bindTable(':table_products_variants_entries', TABLE_PRODUCTS_VARIANTS_ENTRIES);
$Qpve->bindInt(':products_variants_id', $products_variants_id);
$Qpve->bindInt(':products_variants_groups_id', $assigned_variant[0]);
$Qpve->bindInt(':products_variants_values_id', $assigned_variant[1]);
$Qpve->setLogging($_SESSION['module'], $products_id);
$Qpve->execute();
if ($osC_Database->isError()) {
$error = true;
break;
}
}
}
}
if ($error === false) {
$osC_Database->simpleQuery('update ' . TABLE_PRODUCTS . ' set products_quantity = ' . $products_quantity . ' where products_id =' . $products_id);
if ($osC_Database->isError()) {
$error = true;
}
}
}
}
//END: products variants
//BEGIN: xsell products
if ($error === false) {
if (is_numeric($id)) {
$Qdelete = $osC_Database->query('delete from :table_products_xsell where products_id = :products_id');
$Qdelete->bindTable(':table_products_xsell', TABLE_PRODUCTS_XSELL);
$Qdelete->bindInt(':products_id', $id);
$Qdelete->setLogging($_SESSION['module'], $id);
$Qdelete->execute();
if ($osC_Database->isError()) {
$error = true;
}
}
if ($error === false) {
if (isset($data['xsell_id_array']) && !empty($data['xsell_id_array'])) {
foreach ($data['xsell_id_array'] as $xsell_products_id) {
$Qxsell = $osC_Database->query('insert into :table_products_xsell (products_id, xsell_products_id) values (:products_id , :xsell_products_id )');
$Qxsell->bindTable(':table_products_xsell', TABLE_PRODUCTS_XSELL);
$Qxsell->bindInt(':products_id', $products_id);
$Qxsell->bindInt(':xsell_products_id', $xsell_products_id);
$Qxsell->setLogging($_SESSION['module'], $products_id);
$Qxsell->execute();
if ($osC_Database->isError()) {
$error = true;
break;
}
}
}
}
}
//END: xsell products
//BEGIN: products attributes
if ($error === false) {
if (is_numeric($id)) {
$Qdelete = $osC_Database->query('delete from :table_products_attributes where products_id = :products_id ');
$Qdelete->bindTable(':table_products_attributes', TABLE_PRODUCTS_ATTRIBUTES);
$Qdelete->bindInt(':products_id', $id);
$Qdelete->setLogging($_SESSION['module'], $id);
$Qdelete->execute();
if ($osC_Database->isError()) {
$error = true;
}
}
if ($error === false) {
if (!empty($data['products_attributes'])) {
foreach ($data['products_attributes'] as $attribute) {
$Qef = $osC_Database->query('insert into :table_products_attributes (products_id, products_attributes_values_id, language_id, value) values (:products_id , :products_attributes_values_id, :language_id, :value)');
$Qef->bindTable(':table_products_attributes', TABLE_PRODUCTS_ATTRIBUTES);
$Qef->bindInt(':products_id', $products_id);
$Qef->bindInt(':products_attributes_values_id', $attribute['id']);
$Qef->bindInt(':language_id', $attribute['language_id']);
$Qef->bindValue(':value', $attribute['value']);
$Qef->execute();
if ($osC_Database->isError()) {
$error = true;
break;
}
}
}
}
}
//END: products attributes
//BEGIN: customization fields
if ($error === false) {
if (is_numeric($id) && isset($data['customization_fields'])) {
$ids = array();
foreach ($data['customization_fields'] as $customization) {
if ($customization['customizations_fields_id'] > 0) {
$ids[] = $customization['customizations_fields_id'];
}
}
$Qcheck = $osC_Database->query('select customization_fields_id from :table_customization_fields where products_id = :products_id');
$Qcheck->bindTable(':table_customization_fields', TABLE_CUSTOMIZATION_FIELDS);
$Qcheck->bindInt(':products_id', $products_id);
if (sizeof($ids) > 0) {
$Qcheck->appendQuery('and customization_fields_id not in (:customization_fields_id)');
$Qcheck->bindRaw(':customization_fields_id', implode(', ', $ids));
}
$Qcheck->execute();
//delete customization fields
if ($Qcheck->numberOfRows() > 0) {
$batch = array();
while ($Qcheck->next()) {
$batch[] = $Qcheck->valueInt('customization_fields_id');
}
$Qdelete = $osC_Database->query('delete from :table_customization_fields where customization_fields_id in (:customization_fields_id)');
$Qdelete->bindTable(':table_customization_fields', TABLE_CUSTOMIZATION_FIELDS);
$Qdelete->bindRaw(':customization_fields_id', implode(', ', $batch));
$Qdelete->setLogging($_SESSION['module'], $products_id);
$Qdelete->execute();
if ($osC_Database->isError()) {
$error = true;
break;
}
if ($error === false) {
$Qdelete = $osC_Database->query('delete from :table_customization_fields_description where customization_fields_id in (:customization_fields_id)');
$Qdelete->bindTable(':table_customization_fields_description', TABLE_CUSTOMIZATION_FIELDS_DESCRIPTION);
$Qdelete->bindRaw(':customization_fields_id', implode(', ', $batch));
$Qdelete->setLogging($_SESSION['module'], $products_id);
$Qdelete->execute();
if ($osC_Database->isError()) {
$error = true;
break;
}
}
}
}
}
if ($error === false) {
if (isset($data['customization_fields']) && !empty($data['customization_fields'])) {
foreach ($data['customization_fields'] as $field) {
if ($field['customizations_fields_id'] > 0) {
$Qfield = $osC_Database->query('update :table_customization_fields set type = :type, is_required = :is_required where customization_fields_id = :customization_fields_id');
$Qfield->bindInt(':customization_fields_id', $field['customizations_fields_id']);
} else {
$Qfield = $osC_Database->query('insert into :table_customization_fields (products_id, type, is_required) values (:products_id, :type, :is_required)');
}
$Qfield->bindTable(':table_customization_fields', TABLE_CUSTOMIZATION_FIELDS);
$Qfield->bindInt(':products_id', $products_id);
$Qfield->bindInt(':type', $field['customizations_type']);
$Qfield->bindInt(':is_required', $field['customizations_is_required']);
$Qfield->execute();
if ($osC_Database->isError()) {
$error = true;
break;
} else {
$fields_id = $field['customizations_fields_id'] > 0 ? $field['customizations_fields_id'] : $osC_Database->nextID();
$lan = get_object_vars($field['customizations_name_data']);
foreach ($osC_Language->getAll() as $l) {
if ($field['customizations_fields_id'] > 0) {
$Qdescription = $osC_Database->query('update :table_customization_fields_description set name = :name where customization_fields_id = :customization_fields_id and languages_id = :languages_id');
} else {
$Qdescription = $osC_Database->query('insert into :table_customization_fields_description (customization_fields_id, languages_id, name) values (:customization_fields_id, :languages_id, :name)');
}
$Qdescription->bindTable(':table_customization_fields_description', TABLE_CUSTOMIZATION_FIELDS_DESCRIPTION);
$Qdescription->bindInt(':customization_fields_id', $fields_id);
$Qdescription->bindInt(':languages_id', $l['id']);
$Qdescription->bindValue(':name', $lan['name' . $l['id']]);
$Qdescription->setLogging($_SESSION['module'], $products_id);
$Qdescription->execute();
if ($osC_Database->isError()) {
$error = true;
break;
}
}
}
}
}
}
//END: customization fields
if ($error === false) {
$osC_Database->commitTransaction();
osC_Cache::clear('categories');
osC_Cache::clear('category_tree');
osC_Cache::clear('also_purchased');
osC_Cache::clear('sefu-products');
osC_Cache::clear('new_products');
osC_Cache::clear('feature_products');
return $products_id;
}
$osC_Database->rollbackTransaction();
return false;
}
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
zen_db_perform(TABLE_RECORD_ARTISTS, $sql_data_array);
$artists_id = zen_db_insert_id();
} elseif ($action == 'save') {
$update_sql_data = array('last_modified' => 'now()');
$sql_data_array = array_merge($sql_data_array, $update_sql_data);
zen_db_perform(TABLE_RECORD_ARTISTS, $sql_data_array, 'update', "artists_id = '" . (int) $artists_id . "'");
}
if ($_POST['artists_image_manual'] != '') {
// add image manually
$artists_image_name = zen_db_input($_POST['img_dir'] . $_POST['artists_image_manual']);
$db->Execute("update " . TABLE_RECORD_ARTISTS . "\r\n set artists_image = '" . $artists_image_name . "'\r\n where artists_id = '" . (int) $artists_id . "'");
} else {
$artists_image = new upload('artists_image');
$artists_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']);
if ($artists_image->parse() && $artists_image->save()) {
// remove image from database if none
if ($artists_image->filename != 'none') {
$db->Execute("update " . TABLE_RECORD_ARTISTS . "\r\n set artists_image = '" . zen_db_input($_POST['img_dir'] . $artists_image->filename) . "'\r\n where artists_id = '" . (int) $artists_id . "'");
} else {
$db->Execute("update " . TABLE_RECORD_ARTISTS . "\r\n set artists_image = ''\r\n where artists_id = '" . (int) $artists_id . "'");
}
}
}
$languages = zen_get_languages();
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
$artists_url_array = $_POST['artists_url'];
$language_id = $languages[$i]['id'];
$sql_data_array = array('artists_url' => zen_db_prepare_input($artists_url_array[$language_id]));
if ($action == 'insert') {
$insert_sql_data = array('artists_id' => $artists_id, 'languages_id' => $language_id);
function save($id = null, $data)
{
global $osC_Database, $osC_Language;
$category_id = '';
$error = false;
$osC_Database->startTransaction();
if (is_numeric($id)) {
$Qcat = $osC_Database->query('update :table_categories set categories_status = :categories_status, sort_order = :sort_order, last_modified = now() where categories_id = :categories_id');
$Qcat->bindInt(':categories_id', $id);
} else {
$Qcat = $osC_Database->query('insert into :table_categories (parent_id, categories_status, sort_order, date_added) values (:parent_id, :categories_status, :sort_order, now())');
$Qcat->bindInt(':parent_id', $data['parent_id']);
}
$Qcat->bindTable(':table_categories', TABLE_CATEGORIES);
$Qcat->bindInt(':sort_order', $data['sort_order']);
$Qcat->bindInt(':categories_status', $data['categories_status']);
$Qcat->setLogging($_SESSION['module'], $id);
$Qcat->execute();
if (!$osC_Database->isError()) {
$category_id = is_numeric($id) ? $id : $osC_Database->nextID();
if (is_numeric($id)) {
if ($data['categories_status']) {
$Qpstatus = $osC_Database->query('update :table_products set products_status = 1 where products_id in (select products_id from :table_products_to_categories where categories_id = :categories_id)');
$Qpstatus->bindTable(':table_products', TABLE_PRODUCTS);
$Qpstatus->bindTable(':table_products_to_categories', TABLE_PRODUCTS_TO_CATEGORIES);
$Qpstatus->bindInt(":categories_id", $id);
$Qpstatus->execute();
} else {
if ($data['flag']) {
$Qpstatus = $osC_Database->query('update :table_products set products_status = 0 where products_id in (select products_id from :table_products_to_categories where categories_id = :categories_id)');
$Qpstatus->bindTable(':table_products', TABLE_PRODUCTS);
$Qpstatus->bindTable(':table_products_to_categories', TABLE_PRODUCTS_TO_CATEGORIES);
$Qpstatus->bindInt(":categories_id", $id);
$Qpstatus->execute();
}
}
}
if ($osC_Database->isError()) {
$error = true;
}
foreach ($osC_Language->getAll() as $l) {
if (is_numeric($id)) {
$Qcd = $osC_Database->query('update :table_categories_description set categories_name = :categories_name, categories_url = :categories_url, categories_page_title = :categories_page_title, categories_meta_keywords = :categories_meta_keywords, categories_meta_description = :categories_meta_description where categories_id = :categories_id and language_id = :language_id');
} else {
$Qcd = $osC_Database->query('insert into :table_categories_description (categories_id, language_id, categories_name, categories_url, categories_page_title, categories_meta_keywords, categories_meta_description) values (:categories_id, :language_id, :categories_name, :categories_url, :categories_page_title, :categories_meta_keywords, :categories_meta_description)');
}
$Qcd->bindTable(':table_categories_description', TABLE_CATEGORIES_DESCRIPTION);
$Qcd->bindInt(':categories_id', $category_id);
$Qcd->bindInt(':language_id', $l['id']);
$Qcd->bindValue(':categories_name', $data['name'][$l['id']]);
$Qcd->bindValue(':categories_url', $data['url'][$l['id']] == '' ? $data['name'][$l['id']] : $data['url'][$l['id']]);
$Qcd->bindValue(':categories_page_title', $data['page_title'][$l['id']]);
$Qcd->bindValue(':categories_meta_keywords', $data['meta_keywords'][$l['id']]);
$Qcd->bindValue(':categories_meta_description', $data['meta_description'][$l['id']]);
$Qcd->setLogging($_SESSION['module'], $category_id);
$Qcd->execute();
if ($osC_Database->isError()) {
$error = true;
break;
}
}
$Qdelete = $osC_Database->query('delete from :toc_categories_ratings where categories_id = :categories_id');
$Qdelete->bindTable(':toc_categories_ratings', TABLE_CATEGORIES_RATINGS);
$Qdelete->bindInt(':categories_id', $category_id);
$Qdelete->execute();
if (!empty($data['ratings'])) {
$ratings = explode(',', $data['ratings']);
foreach ($ratings as $ratings_id) {
$Qinsert = $osC_Database->query('insert into :toc_categories_ratings (categories_id, ratings_id) values (:categories_id, :ratings_id)');
$Qinsert->bindTable(':toc_categories_ratings', TABLE_CATEGORIES_RATINGS);
$Qinsert->bindInt(':categories_id', $category_id);
$Qinsert->bindInt(':ratings_id', $ratings_id);
$Qinsert->execute();
if ($osC_Database->isError()) {
$error = true;
break;
}
}
}
if ($error === false) {
$categories_image = new upload($data['image'], realpath('../' . DIR_WS_IMAGES . 'categories'));
if ($categories_image->exists() && $categories_image->parse() && $categories_image->save()) {
$Qimage = $osC_Database->query('select categories_image from :table_categories where categories_id = :categories_id');
$Qimage->bindTable(':table_categories', TABLE_CATEGORIES);
$Qimage->bindInt(':categories_id', $category_id);
$Qimage->execute();
$old_image = $Qimage->value('categories_image');
if (!empty($old_image)) {
$Qcheck = $osC_Database->query('select count(*) as image_count from :table_categories where categories_image = :categories_image');
$Qcheck->bindTable(':table_categories', TABLE_CATEGORIES);
$Qcheck->bindValue(':categories_image', $old_image);
$Qcheck->execute();
if ($Qcheck->valueInt('image_count') == 1) {
$path = realpath('../' . DIR_WS_IMAGES . 'categories') . '/' . $old_image;
unlink($path);
}
}
$Qcf = $osC_Database->query('update :table_categories set categories_image = :categories_image where categories_id = :categories_id');
$Qcf->bindTable(':table_categories', TABLE_CATEGORIES);
$Qcf->bindValue(':categories_image', $categories_image->filename);
$Qcf->bindInt(':categories_id', $category_id);
$Qcf->setLogging($_SESSION['module'], $category_id);
$Qcf->execute();
if ($osC_Database->isError()) {
$error = true;
}
}
}
}
if ($error === false) {
$osC_Database->commitTransaction();
osC_Cache::clear('categories');
osC_Cache::clear('category_tree');
osC_Cache::clear('also_purchased');
return true;
}
$osC_Database->rollbackTransaction();
return false;
}
}
if (isset($_POST['action']) && $_POST['action'] == 'add_customers_image' && (isset($_SESSION['formid']) && $_SESSION['formid'] == $_POST['formid'])) {
if ($_POST['remove_image'] == 'yes' && isset($_SESSION['customer_id'])) {
$customerstable = $oostable['customers'];
$query = "SELECT customers_image\n FROM {$customerstable}\n WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'";
$customers_image = $dbconn->GetOne($query);
@unlink(OOS_ABSOLUTE_PATH . OOS_IMAGES . OOS_CUSTOMERS_IMAGES . $customers_image);
$customerstable = $oostable['customers'];
$query = "UPDATE {$customerstable}" . " SET customers_image = ?" . " WHERE customers_id = ?";
$result =& $dbconn->Execute($query, array('', (int) $_SESSION['customer_id']));
}
require_once 'includes/classes/class_upload.php';
if (oos_is_not_null($_FILES['id']['tmp_name']) and $_FILES['id']['tmp_name'] != 'none') {
$customers_image_file = new upload('id');
$customers_image_file->set_destination(OOS_ABSOLUTE_PATH . OOS_IMAGES . OOS_CUSTOMERS_IMAGES);
if ($customers_image_file->parse()) {
if (isset($_SESSION['customer_id'])) {
$extension = oos_get_extension($_FILES['id']['name']);
$picture_tempname = oos_get_random_picture_name(26, $extension);
$customers_image_file->set_filename($picture_tempname);
$customerstable = $oostable['customers'];
$query = "UPDATE {$customerstable}" . " SET customers_image = ?" . " WHERE customers_id = ?";
$result =& $dbconn->Execute($query, array((string) $picture_tempname, (int) $_SESSION['customer_id']));
$customers_image_file->save();
}
}
}
}
require 'includes/languages/' . $sLanguage . '/user_customers_image.php';
$customerstable = $oostable['customers'];
$address_bookstable = $oostable['address_book'];
public static function save($id = null, $data)
{
global $osC_Database, $osC_Language, $osC_Image;
$error = false;
$osC_Database->startTransaction();
if (is_numeric($id)) {
$Qproduct = $osC_Database->query('update :table_products set products_quantity = :products_quantity, products_price = :products_price, products_model = :products_model, products_weight = :products_weight, products_weight_class = :products_weight_class, products_status = :products_status, products_tax_class_id = :products_tax_class_id, products_last_modified = now() where products_id = :products_id');
$Qproduct->bindInt(':products_id', $id);
} else {
$Qproduct = $osC_Database->query('insert into :table_products (products_quantity, products_price, products_model, products_weight, products_weight_class, products_status, products_tax_class_id, products_date_added) values (:products_quantity, :products_price, :products_model, :products_weight, :products_weight_class, :products_status, :products_tax_class_id, :products_date_added)');
$Qproduct->bindRaw(':products_date_added', 'now()');
}
$Qproduct->bindTable(':table_products', TABLE_PRODUCTS);
$Qproduct->bindInt(':products_quantity', $data['quantity']);
$Qproduct->bindFloat(':products_price', $data['price']);
$Qproduct->bindValue(':products_model', $data['model']);
$Qproduct->bindFloat(':products_weight', $data['weight']);
$Qproduct->bindInt(':products_weight_class', $data['weight_class']);
$Qproduct->bindInt(':products_status', $data['status']);
$Qproduct->bindInt(':products_tax_class_id', $data['tax_class_id']);
// $Qproduct->setLogging($_SESSION['module'], $id);
$Qproduct->execute();
if ($osC_Database->isError()) {
$error = true;
} else {
if (is_numeric($id)) {
$products_id = $id;
} else {
$products_id = $osC_Database->nextID();
}
$Qcategories = $osC_Database->query('delete from :table_products_to_categories where products_id = :products_id');
$Qcategories->bindTable(':table_products_to_categories', TABLE_PRODUCTS_TO_CATEGORIES);
$Qcategories->bindInt(':products_id', $products_id);
// $Qcategories->setLogging($_SESSION['module'], $products_id);
$Qcategories->execute();
if ($osC_Database->isError()) {
$error = true;
} else {
if (isset($data['categories']) && !empty($data['categories'])) {
foreach ($data['categories'] as $category_id) {
$Qp2c = $osC_Database->query('insert into :table_products_to_categories (products_id, categories_id) values (:products_id, :categories_id)');
$Qp2c->bindTable(':table_products_to_categories', TABLE_PRODUCTS_TO_CATEGORIES);
$Qp2c->bindInt(':products_id', $products_id);
$Qp2c->bindInt(':categories_id', $category_id);
// $Qp2c->setLogging($_SESSION['module'], $products_id);
$Qp2c->execute();
if ($osC_Database->isError()) {
$error = true;
break;
}
}
}
}
}
if ($error === false) {
$images = array();
$products_image = new upload('products_image');
$products_image->set_extensions(array('gif', 'jpg', 'jpeg', 'png'));
if ($products_image->exists()) {
$products_image->set_destination(realpath('../images/products/originals'));
if ($products_image->parse() && $products_image->save()) {
$images[] = $products_image->filename;
}
}
if (isset($data['localimages'])) {
foreach ($data['localimages'] as $image) {
$image = basename($image);
if (file_exists('../images/products/_upload/' . $image)) {
copy('../images/products/_upload/' . $image, '../images/products/originals/' . $image);
@unlink('../images/products/_upload/' . $image);
$images[] = $image;
}
}
}
$default_flag = 1;
foreach ($images as $image) {
$Qimage = $osC_Database->query('insert into :table_products_images (products_id, image, default_flag, sort_order, date_added) values (:products_id, :image, :default_flag, :sort_order, :date_added)');
$Qimage->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES);
$Qimage->bindInt(':products_id', $products_id);
$Qimage->bindValue(':image', $image);
$Qimage->bindInt(':default_flag', $default_flag);
$Qimage->bindInt(':sort_order', 0);
$Qimage->bindRaw(':date_added', 'now()');
// $Qimage->setLogging($_SESSION['module'], $products_id);
$Qimage->execute();
if ($osC_Database->isError()) {
$error = true;
} else {
foreach ($osC_Image->getGroups() as $group) {
if ($group['id'] != '1') {
$osC_Image->resize($image, $group['id']);
}
}
}
$default_flag = 0;
}
}
if ($error === false) {
foreach ($osC_Language->getAll() as $l) {
if (is_numeric($id)) {
$Qpd = $osC_Database->query('update :table_products_description set products_name = :products_name, products_description = :products_description, products_keyword = :products_keyword, products_tags = :products_tags, products_url = :products_url where products_id = :products_id and language_id = :language_id');
} else {
$Qpd = $osC_Database->query('insert into :table_products_description (products_id, language_id, products_name, products_description, products_keyword, products_tags, products_url) values (:products_id, :language_id, :products_name, :products_description, :products_keyword, :products_tags, :products_url)');
}
$Qpd->bindTable(':table_products_description', TABLE_PRODUCTS_DESCRIPTION);
$Qpd->bindInt(':products_id', $products_id);
$Qpd->bindInt(':language_id', $l['id']);
$Qpd->bindValue(':products_name', $data['products_name'][$l['id']]);
$Qpd->bindValue(':products_description', $data['products_description'][$l['id']]);
$Qpd->bindValue(':products_keyword', $data['products_keyword'][$l['id']]);
$Qpd->bindValue(':products_tags', $data['products_tags'][$l['id']]);
$Qpd->bindValue(':products_url', $data['products_url'][$l['id']]);
// $Qpd->setLogging($_SESSION['module'], $products_id);
$Qpd->execute();
if ($osC_Database->isError()) {
$error = true;
break;
}
}
}
if ($error === false) {
if (isset($data['attributes']) && !empty($data['attributes'])) {
foreach ($data['attributes'] as $attributes_id => $value) {
if (is_array($value)) {
} elseif (!empty($value)) {
$Qcheck = $osC_Database->query('select id from :table_product_attributes where products_id = :products_id and id = :id limit 1');
$Qcheck->bindTable(':table_product_attributes', TABLE_PRODUCT_ATTRIBUTES);
$Qcheck->bindInt(':products_id', $products_id);
$Qcheck->bindInt(':id', $attributes_id);
$Qcheck->execute();
if ($Qcheck->numberOfRows() === 1) {
$Qattribute = $osC_Database->query('update :table_product_attributes set value = :value where products_id = :products_id and id = :id');
} else {
$Qattribute = $osC_Database->query('insert into :table_product_attributes (id, products_id, languages_id, value) values (:id, :products_id, :languages_id, :value)');
$Qattribute->bindInt(':languages_id', 0);
}
$Qattribute->bindTable(':table_product_attributes', TABLE_PRODUCT_ATTRIBUTES);
$Qattribute->bindValue(':value', $value);
$Qattribute->bindInt(':products_id', $products_id);
$Qattribute->bindInt(':id', $attributes_id);
$Qattribute->execute();
if ($osC_Database->isError()) {
$error = true;
break;
}
}
}
}
}
if ($error === false) {
$variants_array = array();
$default_variant_combo = null;
if (isset($data['variants_combo']) && !empty($data['variants_combo'])) {
foreach ($data['variants_combo'] as $key => $combos) {
if (isset($data['variants_combo_db'][$key])) {
$Qsubproduct = $osC_Database->query('update :table_products set products_quantity = :products_quantity, products_price = :products_price, products_model = :products_model, products_weight = :products_weight, products_weight_class = :products_weight_class, products_status = :products_status, products_tax_class_id = :products_tax_class_id where products_id = :products_id');
$Qsubproduct->bindInt(':products_id', $data['variants_combo_db'][$key]);
} else {
$Qsubproduct = $osC_Database->query('insert into :table_products (parent_id, products_quantity, products_price, products_model, products_weight, products_weight_class, products_status, products_tax_class_id, products_date_added) values (:parent_id, :products_quantity, :products_price, :products_model, :products_weight, :products_weight_class, :products_status, :products_tax_class_id, :products_date_added)');
$Qsubproduct->bindInt(':parent_id', $products_id);
$Qsubproduct->bindRaw(':products_date_added', 'now()');
}
$Qsubproduct->bindTable(':table_products', TABLE_PRODUCTS);
$Qsubproduct->bindInt(':products_quantity', $data['variants_quantity'][$key]);
$Qsubproduct->bindFloat(':products_price', $data['variants_price'][$key]);
$Qsubproduct->bindValue(':products_model', $data['variants_model'][$key]);
$Qsubproduct->bindFloat(':products_weight', $data['variants_weight'][$key]);
$Qsubproduct->bindInt(':products_weight_class', $data['variants_weight_class'][$key]);
$Qsubproduct->bindInt(':products_status', $data['variants_status'][$key]);
$Qsubproduct->bindInt(':products_tax_class_id', $data['variants_tax_class_id'][$key]);
// $Qsubproduct->setLogging($_SESSION['module'], $id);
$Qsubproduct->execute();
if (isset($data['variants_combo_db'][$key])) {
$subproduct_id = $data['variants_combo_db'][$key];
} else {
$subproduct_id = $osC_Database->nextID();
}
if ($data['variants_default_combo'] == $key) {
$default_variant_combo = $subproduct_id;
}
/*
if ( $osC_Database->isError() ) {
$error = true;
break;
}
*/
$combos_array = explode(';', $combos);
foreach ($combos_array as $combo) {
list($vgroup, $vvalue) = explode('_', $combo);
$variants_array[$subproduct_id][] = $vvalue;
$check_combos_array[] = $vvalue;
$Qcheck = $osC_Database->query('select products_id from :table_products_variants where products_id = :products_id and products_variants_values_id = :products_variants_values_id');
$Qcheck->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
$Qcheck->bindInt(':products_id', $subproduct_id);
$Qcheck->bindInt(':products_variants_values_id', $vvalue);
$Qcheck->execute();
if ($Qcheck->numberOfRows() < 1) {
$Qvcombo = $osC_Database->query('insert into :table_products_variants (products_id, products_variants_values_id) values (:products_id, :products_variants_values_id)');
$Qvcombo->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
$Qvcombo->bindInt(':products_id', $subproduct_id);
$Qvcombo->bindInt(':products_variants_values_id', $vvalue);
// $Qvcombo->setLogging($_SESSION['module'], $products_id);
$Qvcombo->execute();
if ($osC_Database->isError()) {
$error = true;
break 2;
}
}
}
}
}
if ($error === false) {
if (empty($variants_array)) {
$Qcheck = $osC_Database->query('select pv.* from :table_products p, :table_products_variants pv where p.parent_id = :parent_id and p.products_id = pv.products_id');
$Qcheck->bindTable(':table_products', TABLE_PRODUCTS);
$Qcheck->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
$Qcheck->bindInt(':parent_id', $products_id);
$Qcheck->execute();
while ($Qcheck->next()) {
$Qdel = $osC_Database->query('delete from :table_products_variants where products_id = :products_id');
$Qdel->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
$Qdel->bindInt(':products_id', $Qcheck->valueInt('products_id'));
$Qdel->execute();
$Qdel = $osC_Database->query('delete from :table_products where products_id = :products_id');
$Qdel->bindTable(':table_products', TABLE_PRODUCTS);
$Qdel->bindInt(':products_id', $Qcheck->valueInt('products_id'));
$Qdel->execute();
}
} else {
$Qcheck = $osC_Database->query('select pv.* from :table_products p, :table_products_variants pv where p.parent_id = :parent_id and p.products_id = pv.products_id and pv.products_id not in (":products_id")');
$Qcheck->bindTable(':table_products', TABLE_PRODUCTS);
$Qcheck->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
$Qcheck->bindInt(':parent_id', $products_id);
$Qcheck->bindRaw(':products_id', implode('", "', array_keys($variants_array)));
$Qcheck->execute();
while ($Qcheck->next()) {
$Qdel = $osC_Database->query('delete from :table_products_variants where products_id = :products_id and products_variants_values_id = :products_variants_values_id');
$Qdel->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
$Qdel->bindInt(':products_id', $Qcheck->valueInt('products_id'));
$Qdel->bindInt(':products_variants_values_id', $Qcheck->valueInt('products_variants_values_id'));
$Qdel->execute();
$Qdel = $osC_Database->query('delete from :table_products where products_id = :products_id');
$Qdel->bindTable(':table_products', TABLE_PRODUCTS);
$Qdel->bindInt(':products_id', $Qcheck->valueInt('products_id'));
$Qdel->execute();
}
foreach ($variants_array as $key => $values) {
$Qdel = $osC_Database->query('delete from :table_products_variants where products_id = :products_id and products_variants_values_id not in (":products_variants_values_id")');
$Qdel->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
$Qdel->bindInt(':products_id', $key);
$Qdel->bindRaw(':products_variants_values_id', implode('", "', $values));
$Qdel->execute();
}
}
}
$Qupdate = $osC_Database->query('update :table_products set has_children = :has_children where products_id = :products_id');
$Qupdate->bindTable(':table_products', TABLE_PRODUCTS);
$Qupdate->bindInt(':has_children', empty($variants_array) ? 0 : 1);
$Qupdate->bindInt(':products_id', $products_id);
$Qupdate->execute();
}
if ($error === false) {
$Qupdate = $osC_Database->query('update :table_products_variants set default_combo = :default_combo where products_id in (":products_id")');
$Qupdate->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
$Qupdate->bindInt(':default_combo', 0);
$Qupdate->bindRaw(':products_id', implode('", "', array_keys($variants_array)));
$Qupdate->execute();
if (is_numeric($default_variant_combo)) {
$Qupdate = $osC_Database->query('update :table_products_variants set default_combo = :default_combo where products_id = :products_id');
$Qupdate->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
$Qupdate->bindInt(':default_combo', 1);
$Qupdate->bindInt(':products_id', $default_variant_combo);
$Qupdate->execute();
}
}
if ($error === false) {
$osC_Database->commitTransaction();
osC_Cache::clear('categories');
osC_Cache::clear('category_tree');
osC_Cache::clear('also_purchased');
return true;
}
$osC_Database->rollbackTransaction();
return false;
}
function uploadLanguage()
{
global $toC_Json, $osC_Language, $osC_Currencies;
$osC_Currencies = new osC_Currencies();
$error = false;
$feedback = array();
$language = $_FILES['upload_file'];
$tmp_path = DIR_FS_CACHE . 'languages/' . time();
if (!is_dir(DIR_FS_CACHE . 'languages')) {
if (!mkdir(DIR_FS_CACHE . 'languages', 0777)) {
$error = true;
}
}
if ($error === false && mkdir($tmp_path, 0777)) {
$temp_file = new upload($language, $tmp_path);
if ($temp_file->exists() && $temp_file->parse() && $temp_file->save()) {
require_once '../ext/zip/pclzip.lib.php';
$archive = new PclZip($tmp_path . '/' . $temp_file->filename);
if ($archive->extract(PCLZIP_OPT_PATH, $tmp_path) == 0) {
$error = true;
$feedback[] = $osC_Language->get('ms_error_wrong_zip_file_format');
}
} else {
$error = true;
$feedback[] = $osC_Language->get('ms_error_save_file_failed');
}
} else {
$error = true;
$feedback[] = sprintf($osC_Language->get('ms_error_creating_directory_failed'), DIR_FS_CACHE);
}
if ($error === false) {
$osC_DirectoryListing = new osC_DirectoryListing($tmp_path);
$osC_DirectoryListing->setIncludeDirectories(true);
$osC_DirectoryListing->setIncludeFiles(false);
$files = $osC_DirectoryListing->getFiles();
$code = null;
foreach ($files as $file) {
if (is_dir($tmp_path . '/' . $file['name'] . '/includes') && is_dir($tmp_path . '/' . $file['name'] . '/' . DIR_FS_ADMIN) && is_dir($tmp_path . '/' . $file['name'] . '/install')) {
$code = $file['name'];
break;
}
}
if ($code != null) {
toc_dircopy($tmp_path . '/' . $code . "/includes/languages", DIR_FS_CATALOG . 'includes/languages');
toc_dircopy($tmp_path . '/' . $code . "/" . DIR_FS_ADMIN . "includes/languages", DIR_FS_CATALOG . DIR_FS_ADMIN . 'includes/languages');
toc_dircopy($tmp_path . '/' . $code . "/install/includes/languages", DIR_FS_CATALOG . 'install/includes/languages');
toc_dircopy($tmp_path . '/' . $code . "/install/templates", DIR_FS_CATALOG . 'install/templates');
osc_remove($tmp_path);
} else {
$error = true;
$feedback[] = $osC_Language->get('ms_error_wrong_language_package');
}
}
if ($error === false) {
if (osC_Language_Admin::import($code, 'replace')) {
$response = array('success' => true, 'feedback' => $osC_Language->get('ms_success_action_performed'));
} else {
$response = array('success' => false, 'feedback' => $osC_Language->get('ms_error_action_not_performed'));
}
} else {
$response = array('success' => false, 'feedback' => $osC_Language->get('ms_error_action_not_performed') . '<br />' . implode('<br />', $feedback));
}
header('Content-Type: text/html');
echo $toC_Json->encode($response);
}
function _upload_new_template(&$result)
{
global $osC_Language, $osC_Database;
$template_file = new upload('template_file', realpath('../templates'), '777', 'zip');
if ($template_file->exists()) {
if ($template_file->parse() && $template_file->save()) {
$module_name = substr($template_file->filename, 0, strpos($template_file->filename, '.'));
$directory = realpath('../templates') . '/' . $module_name;
if (is_dir($directory)) {
$result[] = $osC_Language->get('ms_error_template_directory_exist');
osc_remove(realpath('../templates') . '/' . $template_file->filename);
return false;
}
require_once '../ext/zip/pclzip.lib.php';
$archive = new PclZip(realpath('../templates') . '/' . $template_file->filename);
if ($archive->extract(PCLZIP_OPT_PATH, realpath('../templates')) == 0) {
return false;
}
osc_remove(realpath('../templates') . '/' . $template_file->filename);
if (file_exists('../templates/' . $module_name . '/template.php')) {
include '../templates/' . $module_name . '/template.php';
$class = 'osC_Template_' . $module_name;
if (!class_exists($class)) {
$result[] = $osC_Language->get('ms_error_template_class_not_exist');
osc_remove(realpath('../templates') . '/' . $module_name);
return false;
}
$module = new $class();
$Qtemplate = $osC_Database->query('select id from :table_templates where code = :code');
$Qtemplate->bindTable(':table_templates', TABLE_TEMPLATES);
$Qtemplate->bindvalue(':code', $module->_code);
$Qtemplate->execute();
if ($Qtemplate->numberOfRows() > 0) {
$result[] = $osC_Language->get('ms_error_template_code_exist');
osc_remove(realpath('../templates') . '/' . $module_name);
return false;
}
return true;
} else {
$result[] = $osC_Language->get('ms_error_template_file_not_exist');
osc_remove(realpath('../templates') . '/' . $module_name);
return false;
}
} else {
$result[] = $osC_Language->get('ms_error_wrong_zip_file');
osc_remove(realpath('../templates') . '/' . $template_file->filename);
}
}
return false;
}
function save($id, $data)
{
global $osC_Database, $osC_Language;
$error = false;
if ($data['attachments_file']) {
$file = new upload($data['attachments_file']);
if ($file->exists()) {
//remove old attachment file
if (is_numeric($id)) {
$Qfile = $osC_Database->query('select cache_filename from :table_products_attachments where attachments_id = :id');
$Qfile->bindTable(':table_products_attachments', TABLE_PRODUCTS_ATTACHMENTS);
$Qfile->bindInt(':id', $id);
$Qfile->execute();
if ($Qfile->numberOfRows() == 1) {
@unlink(DIR_FS_CACHE . '/products_attachments/' . $Qfile->value('cache_filename'));
}
}
$file->set_destination(realpath(DIR_FS_CACHE . '/products_attachments'));
if ($file->parse() && $file->save()) {
$filename = $file->filename;
$cache_filename = md5($filename . time());
@rename(DIR_FS_CACHE . 'products_attachments/' . $file->filename, DIR_FS_CACHE . '/products_attachments/' . $cache_filename);
if (is_numeric($id)) {
$Qattachment = $osC_Database->query('update :table_products_attachments set filename = :filename , cache_filename = :cache_filename where attachments_id = :id');
$Qattachment->bindTable(':table_products_attachments', TABLE_PRODUCTS_ATTACHMENTS);
$Qattachment->bindInt(':id', $id);
} else {
$Qattachment = $osC_Database->query('insert into :table_products_attachments (filename, cache_filename) values (:filename, :cache_filename)');
$Qattachment->bindTable(':table_products_attachments', TABLE_PRODUCTS_ATTACHMENTS);
}
$Qattachment->bindValue(':filename', $filename);
$Qattachment->bindValue(':cache_filename', $cache_filename);
$Qattachment->setLogging($_SESSION['module'], $id);
$Qattachment->execute();
if ($osC_Database->isError()) {
$error = true;
}
}
}
}
if ($error === false) {
$attachments_id = is_numeric($id) ? $id : $osC_Database->nextID();
foreach ($osC_Language->getAll() as $l) {
if (is_numeric($id)) {
$Qad = $osC_Database->query('update :table_products_attachments_description set attachments_name = :attachments_name, attachments_description = :attachments_description where attachments_id = :id and languages_id = :language_id');
} else {
$Qad = $osC_Database->query('insert into :table_products_attachments_description (attachments_id, languages_id, attachments_name, attachments_description) values (:id, :language_id, :attachments_name, :attachments_description)');
}
$Qad->bindTable(':table_products_attachments_description', TABLE_PRODUCTS_ATTACHMENTS_DESCRIPTION);
$Qad->bindInt(':id', $attachments_id);
$Qad->bindInt(':language_id', $l['id']);
$Qad->bindValue(':attachments_name', $data['attachments_name'][$l['id']]);
$Qad->bindValue(':attachments_description', $data['attachments_description'][$l['id']]);
$Qad->setLogging($_SESSION['module'], $attachments_id);
$Qad->execute();
if ($osC_Database->isError()) {
$error = true;
break;
}
}
} else {
$error = true;
}
if ($error === false) {
$osC_Database->commitTransaction();
return true;
}
$osC_Database->rollbackTransaction();
return false;
}
} else {
$products_image_sm_6 = new upload('products_image_sm_6');
$products_image_sm_6->set_destination(DIR_FS_CATALOG_IMAGES);
if ($products_image_sm_6->parse() && $products_image_sm_6->save()) {
$products_image_sm_6_name = $products_image_sm_6->filename;
} else {
$products_image_sm_6_name = isset($_POST['products_previous_image_sm_6']) ? $_POST['products_previous_image_sm_6'] : '';
}
}
if ($_POST['unlink_image_xl_6'] == 'yes' or $_POST['delete_image_xl_6'] == 'yes') {
$products_image_xl_6 = '';
$products_image_xl_6_name = '';
} else {
$products_image_xl_6 = new upload('products_image_xl_6');
$products_image_xl_6->set_destination(DIR_FS_CATALOG_IMAGES);
if ($products_image_xl_6->parse() && $products_image_xl_6->save()) {
$products_image_xl_6_name = $products_image_xl_6->filename;
} else {
$products_image_xl_6_name = isset($_POST['products_previous_image_xl_6']) ? $_POST['products_previous_image_xl_6'] : '';
}
}
break;
// EOF MaxiDVD: Modified For Ultimate Images Pack!
}
}
// check if the catalog image directory exists
if (is_dir(DIR_FS_CATALOG_IMAGES)) {
if (!is_writeable(DIR_FS_CATALOG_IMAGES)) {
$messageStack->add(ERROR_CATALOG_IMAGE_DIRECTORY_NOT_WRITEABLE, 'error');
}
} else {
case 'add_product':
// customer adds a product from the products page
if (isset($_POST['products_id']) && is_numeric($_POST['products_id'])) {
if (isset($_POST['edit_product'])) {
$_SESSION['cart']->remove($_POST['edit_product']);
}
$real_ids = $_POST['id'];
// File_upload
if (isset($_POST['number_of_uploads']) && is_numeric($_POST['number_of_uploads']) && $_POST['number_of_uploads'] > 0) {
require_once 'includes/classes/class_upload.php';
for ($i = 1; $i <= $_POST['number_of_uploads']; $i++) {
if (oos_is_not_null($_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]]) and $_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] != 'none') {
$products_options_file = new upload('id');
$products_options_file->set_destination(OOS_UPLOADS);
$files_uploadedtable = $oostable['files_uploaded'];
if ($products_options_file->parse(TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i])) {
if (isset($_SESSION['customer_id'])) {
$dbconn->Execute("INSERT INTO " . $files_uploadedtable . " (sesskey, customers_id, files_uploaded_name) VALUES ('" . oos_session_id() . "', '" . intval($_SESSION['customer_id']) . "', '" . oos_db_input($products_options_file->filename) . "')");
} else {
$dbconn->Execute("INSERT INTO " . $files_uploadedtable . " (sesskey, files_uploaded_name) VALUES ('" . oos_session_id() . "', '" . oos_db_input($products_options_file->filename) . "')");
}
$insert_id = $dbconn->Insert_ID();
$real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $insert_id . ". " . $products_options_file->filename;
$products_options_file->set_filename("{$insert_id}" . $products_options_file->filename);
if (!$products_options_file->save()) {
break 2;
}
} else {
break 2;
}
} else {
break;
case 'zip':
$restore_from = substr($restore_file, 0, -4);
exec(LOCAL_EXE_UNZIP . ' ' . $restore_file . ' -d ' . DIR_FS_BACKUP);
$remove_raw = true;
}
if (isset($restore_from) && file_exists($restore_from) && filesize($restore_from) > 15000) {
$fd = fopen($restore_from, 'rb');
$restore_query = fread($fd, filesize($restore_from));
fclose($fd);
}
}
}
} elseif ($action == 'restorelocalnow') {
$sql_file = new upload('sql_file');
if ($sql_file->parse() == true) {
$restore_query = fread(fopen($sql_file->tmp_filename, 'r'), filesize($sql_file->tmp_filename));
$read_from = $sql_file->filename;
}
}
if (isset($restore_query)) {
$sql_array = array();
$sql_length = strlen($restore_query);
$pos = strpos($restore_query, ';');
for ($i = $pos; $i < $sql_length; $i++) {
if ($restore_query[0] == '#') {
$restore_query = ltrim(substr($restore_query, strpos($restore_query, "\n")));
$sql_length = strlen($restore_query);
$i = strpos($restore_query, ';') - 1;
continue;
}
$attributes_price_letters_free = zen_db_prepare_input($_POST['attributes_price_letters_free']);
$attributes_required = zen_db_prepare_input($_POST['attributes_required']);
$attribute_id = zen_db_prepare_input($_POST['attribute_id']);
// edit
// attributes images
// when set to none remove from database
if (isset($_POST['attributes_image']) && zen_not_null($_POST['attributes_image']) && $_POST['attributes_image'] != 'none') {
$attributes_image = zen_db_prepare_input($_POST['attributes_image']);
$attributes_image_none = false;
} else {
$attributes_image = '';
$attributes_image_none = true;
}
$attributes_image = new upload('attributes_image');
$attributes_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']);
if ($attributes_image->parse() && $attributes_image->save($_POST['overwrite'])) {
$attributes_image_name = $attributes_image->filename != 'none' ? $_POST['img_dir'] . $attributes_image->filename : '';
} else {
$attributes_image_name = (isset($_POST['attributes_previous_image']) and $_POST['attributes_image'] != 'none') ? $_POST['attributes_previous_image'] : '';
}
if ($_POST['image_delete'] == 1) {
$attributes_image_name = '';
}
// turned off until working
$db->Execute("update " . TABLE_PRODUCTS_ATTRIBUTES . "\n set attributes_image = '" . zen_db_input($attributes_image_name) . "'\n where products_attributes_id = '" . (int) $attribute_id . "'");
$db->Execute("update " . TABLE_PRODUCTS_ATTRIBUTES . "\n set products_id = '" . (int) $products_id . "',\n options_id = '" . (int) $options_id . "',\n options_values_id = '" . (int) $values_id . "',\n options_values_price = '" . zen_db_input($value_price) . "',\n price_prefix = '" . zen_db_input($price_prefix) . "',\n products_options_sort_order = '" . zen_db_input($products_options_sort_order) . "',\n product_attribute_is_free = '" . zen_db_input($product_attribute_is_free) . "',\n products_attributes_weight = '" . zen_db_input($products_attributes_weight) . "',\n products_attributes_weight_prefix = '" . zen_db_input($products_attributes_weight_prefix) . "',\n attributes_display_only = '" . zen_db_input($attributes_display_only) . "',\n attributes_default = '" . zen_db_input($attributes_default) . "',\n attributes_discounted = '" . zen_db_input($attributes_discounted) . "',\n attributes_price_base_included = '" . zen_db_input($attributes_price_base_included) . "',\n attributes_price_onetime = '" . zen_db_input($attributes_price_onetime) . "',\n attributes_price_factor = '" . zen_db_input($attributes_price_factor) . "',\n attributes_price_factor_offset = '" . zen_db_input($attributes_price_factor_offset) . "',\n attributes_price_factor_onetime = '" . zen_db_input($attributes_price_factor_onetime) . "',\n attributes_price_factor_onetime_offset = '" . zen_db_input($attributes_price_factor_onetime_offset) . "',\n attributes_qty_prices = '" . zen_db_input($attributes_qty_prices) . "',\n attributes_qty_prices_onetime = '" . zen_db_input($attributes_qty_prices_onetime) . "',\n attributes_price_words = '" . zen_db_input($attributes_price_words) . "',\n attributes_price_words_free = '" . zen_db_input($attributes_price_words_free) . "',\n attributes_price_letters = '" . zen_db_input($attributes_price_letters) . "',\n attributes_price_letters_free = '" . zen_db_input($attributes_price_letters_free) . "',\n attributes_required = '" . zen_db_input($attributes_required) . "'\n where products_attributes_id = '" . (int) $attribute_id . "'");
if (DOWNLOAD_ENABLED == 'true') {
$products_attributes_filename = zen_db_prepare_input($_POST['products_attributes_filename']);
$products_attributes_maxdays = zen_db_prepare_input($_POST['products_attributes_maxdays']);
$products_attributes_maxcount = zen_db_prepare_input($_POST['products_attributes_maxcount']);
if (zen_not_null($products_attributes_filename)) {
function uploadImage()
{
global $toC_Json, $osC_Database, $osC_Session;
$osC_Image = new osC_Image_Admin();
if (is_array($_FILES)) {
$products_image = array_keys($_FILES);
$products_image = $products_image[0];
}
$products_image = new upload($products_image);
if (isset($_REQUEST['products_id']) && $_REQUEST['products_id'] > 0) {
if ($products_image->exists()) {
$image_path = '../images/products/originals/';
$products_image->set_destination($image_path);
if ($products_image->parse() && $products_image->save()) {
$default_flag = 1;
$Qcheck = $osC_Database->query('select id from :table_products_images where products_id = :products_id and default_flag = :default_flag limit 1');
$Qcheck->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES);
$Qcheck->bindInt(':products_id', $_REQUEST['products_id']);
$Qcheck->bindInt(':default_flag', 1);
$Qcheck->execute();
if ($Qcheck->numberOfRows() === 1) {
$default_flag = 0;
}
$Qimage = $osC_Database->query('insert into :table_products_images (products_id, image, default_flag, sort_order, date_added) values (:products_id, :image, :default_flag, :sort_order, :date_added)');
$Qimage->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES);
$Qimage->bindInt(':products_id', $_REQUEST['products_id']);
$Qimage->bindValue(':image', $products_image->filename);
$Qimage->bindInt(':default_flag', $default_flag);
$Qimage->bindInt(':sort_order', 0);
$Qimage->bindRaw(':date_added', 'now()');
$Qimage->execute();
if (!$osC_Database->isError()) {
$image_id = $osC_Database->nextID();
$new_image_name = $_REQUEST['products_id'] . '_' . $image_id . '_' . $products_image->filename;
@rename($image_path . $products_image->filename, $image_path . $new_image_name);
$Qupdate = $osC_Database->query('update :table_products_images set image = :image where id = :id');
$Qupdate->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES);
$Qupdate->bindValue(':image', $new_image_name);
$Qupdate->bindInt(':id', $image_id);
$Qupdate->execute();
}
foreach ($osC_Image->getGroups() as $group) {
if ($group['id'] != '1') {
$osC_Image->resize($new_image_name, $group['id']);
}
}
}
}
} else {
$image_path = '../images/products/_upload/' . $osC_Session->getID() . '/';
toc_mkdir($image_path);
if ($products_image->exists()) {
$products_image->set_destination($image_path);
$products_image->parse();
$products_image->save();
}
}
header('Content-Type: text/html');
$response['success'] = true;
$response['feedback'] = $osC_Language->get('ms_success_action_performed');
echo $toC_Json->encode($response);
}
$banners_on_ssl = zen_db_prepare_input($_POST['banners_on_ssl']);
$banners_sort_order = zen_db_prepare_input($_POST['banners_sort_order']);
$banner_error = false;
if (empty($banners_title)) {
$messageStack->add(ERROR_BANNER_TITLE_REQUIRED, 'error');
$banner_error = true;
}
if (empty($banners_group)) {
$messageStack->add(ERROR_BANNER_GROUP_REQUIRED, 'error');
$banner_error = true;
}
if (empty($banners_html_text)) {
if (empty($banners_image_local)) {
$banners_image = new upload('banners_image');
$banners_image->set_destination(DIR_FS_CATALOG_IMAGES . $banners_image_target);
if ($banners_image->parse() == false || $banners_image->save() == false) {
$messageStack->add(ERROR_BANNER_IMAGE_REQUIRED, 'error');
$banner_error = true;
}
}
}
if ($banner_error == false) {
$db_image_location = zen_not_null($banners_image_local) ? $banners_image_local : $banners_image_target . $banners_image->filename;
$sql_data_array = array('banners_title' => $banners_title, 'banners_url' => $banners_url, 'banners_image' => $db_image_location, 'banners_group' => $banners_group, 'banners_html_text' => $banners_html_text, 'status' => $status, 'banners_open_new_windows' => $banners_open_new_windows, 'banners_on_ssl' => $banners_on_ssl, 'banners_sort_order' => (int) $banners_sort_order);
if ($action == 'insert') {
$insert_sql_data = array('date_added' => 'now()', 'status' => '1');
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
zen_db_perform(TABLE_BANNERS, $sql_data_array);
$banners_id = zen_db_insert_id();
$messageStack->add_session(SUCCESS_BANNER_INSERTED, 'success');
} elseif ($action == 'update') {
$error = true;
$messageStack->add('submit_link', ENTRY_LINKS_RECIPROCAL_URL_ERROR);
}
}
if ($error == false) {
// default values
$links_date_added = 'now()';
$links_status = '0';
// Pending approval
$sql_data_array = array('links_url' => $links_url, 'links_contact_name' => $links_contact_name, 'links_contact_email' => $links_contact_email, 'links_reciprocal_url' => $links_reciprocal_url, 'links_date_added' => $links_date_added, 'links_status' => $links_status);
zen_db_perform(TABLE_LINKS, $sql_data_array);
$links_id = zen_db_insert_id();
// Upload an image when form field is filled in by user
if ($links_image = new upload('links_image_url')) {
$links_image->set_destination(DIR_WS_IMAGES . LINK_IMAGE_DIRECTORY);
if ($links_image->parse() && $links_image->save()) {
$links_image_name = LINK_IMAGE_DIRECTORY . $links_image->filename;
}
if ($links_image->filename != '') {
$db->Execute("update " . TABLE_LINKS . "\n set links_image_url = '" . $links_image_name . "'\n where links_id = '" . (int) $links_id . "'");
} else {
// Use default image if form field is left blank
$links_image_name = LINK_IMAGE_DIRECTORY . DEFAULT_LINK_IMAGE;
$db->Execute("update " . TABLE_LINKS . "\n set links_image_url = '" . $links_image_name . "'\n where links_id = '" . (int) $links_id . "'");
$messageStack->add_session('header', WARNING_DEFAULT_FILE_UPLOADED, 'success');
}
}
$categories = $db->Execute("select link_categories_id from " . TABLE_LINK_CATEGORIES_DESCRIPTION . " where link_categories_name = '" . $links_category . "' and language_id = '" . (int) $_SESSION['languages_id'] . "' ");
$link_categories_id = $categories->fields['link_categories_id'];
$db->Execute("insert into " . TABLE_LINKS_TO_LINK_CATEGORIES . " (links_id, link_categories_id) values ('" . (int) $links_id . "', '" . (int) $link_categories_id . "')");
$language_id = (int) $_SESSION['languages_id'];
function save($id = null, $data)
{
global $osC_Database;
$error = false;
$image_location = '';
if ($data['banner_type'] == 'image') {
$image = null;
$old_image = null;
$new_image = false;
if (is_numeric($id)) {
$Qimage = $osC_Database->query('select banners_image from :table_banners where banners_id = :banners_id');
$Qimage->bindTable(':table_banners', TABLE_BANNERS);
$Qimage->bindInt(':banners_id', $id);
$Qimage->execute();
$old_image = $Qimage->value('banners_image');
}
if (!empty($data['image'])) {
$image = new upload($data['image'], realpath('../images/'));
if ($image->exists() && $image->parse() && $image->save()) {
$new_image = true;
}
}
if ($new_image === true) {
$image_location = $image->filename;
if (!empty($old_image) && is_file('../images/' . $old_image) && is_writeable('../images/' . $old_image)) {
@unlink('../images/' . $old_image);
}
} else {
if ($new_image === false && !empty($old_image)) {
$image_location = $old_image;
} else {
$error = true;
}
}
}
if (is_numeric($id)) {
if ($new_image == true && !empty($old_image) || $data['banner_type'] == 'text' && !empty($old_image)) {
$Qimage = $osC_Database->query('select count(*) as image_count from :table_banners where banners_image = :banners_image and banners_id <> :banners_id');
$Qimage->bindTable(':table_banners', TABLE_BANNERS);
$Qimage->bindInt(':banners_id', $id);
$Qimage->bindValue(':banners_image', $old_image);
$Qimage->execute();
if ($Qimage->value('image_count') == 0) {
if (!empty($old_image) && is_file('../images/' . $old_image) && is_writeable('../images/' . $old_image)) {
@unlink('../images/' . $old_image);
}
}
}
}
if ($error === false) {
if (is_numeric($id)) {
$Qbanner = $osC_Database->query('update :table_banners set banners_title = :banners_title, banners_url = :banners_url, banners_image = :banners_image, banners_group = :banners_group, banners_html_text = :banners_html_text, expires_date = :expires_date, expires_impressions = :expires_impressions, date_scheduled = :date_scheduled, status = :status where banners_id = :banners_id');
$Qbanner->bindInt(':banners_id', $id);
} else {
$Qbanner = $osC_Database->query('insert into :table_banners (banners_title, banners_url, banners_image, banners_group, banners_html_text, expires_date, expires_impressions, date_scheduled, status, date_added) values (:banners_title, :banners_url, :banners_image, :banners_group, :banners_html_text, :expires_date, :expires_impressions, :date_scheduled, :status, now())');
}
$Qbanner->bindTable(':table_banners', TABLE_BANNERS);
$Qbanner->bindValue(':banners_title', $data['title']);
$Qbanner->bindValue(':banners_url', $data['url']);
$Qbanner->bindValue(':banners_image', $image_location);
$Qbanner->bindValue(':banners_group', !empty($data['group_new']) ? $data['group_new'] : $data['group']);
$Qbanner->bindValue(':banners_html_text', $data['html_text']);
if (empty($data['date_expires'])) {
$Qbanner->bindRaw(':expires_date', 'null');
$Qbanner->bindInt(':expires_impressions', $data['expires_impressions']);
} else {
$Qbanner->bindValue(':expires_date', $data['date_expires']);
$Qbanner->bindInt(':expires_impressions', 0);
}
if (empty($data['date_scheduled'])) {
$Qbanner->bindRaw(':date_scheduled', 'null');
$Qbanner->bindInt(':status', $data['status'] === true ? 1 : 0);
} else {
$Qbanner->bindValue(':date_scheduled', $data['date_scheduled']);
$Qbanner->bindInt(':status', $data['date_scheduled'] > date('Y-m-d') ? 0 : ($data['status'] === true ? 1 : 0));
}
$Qbanner->setLogging($_SESSION['module'], $id);
$Qbanner->execute();
if (!$osC_Database->isError()) {
return true;
}
}
return false;
}
http://www.oscommerce.com
Copyright (c) 2010 osCommerce
Released under the GNU General Public License
*/
require 'includes/application_top.php';
$action = isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : '';
if (tep_not_null($action)) {
switch ($action) {
case 'save':
$error = false;
$store_logo = new upload('store_logo');
$store_logo->set_extensions('png');
$store_logo->set_destination(DIR_FS_CATALOG_IMAGES);
if ($store_logo->parse()) {
$store_logo->set_filename('store_logo.png');
if ($store_logo->save()) {
$messageStack->add_session(SUCCESS_LOGO_UPDATED, 'success');
} else {
$error = true;
}
} else {
$error = true;
}
if ($error == false) {
tep_redirect(tep_href_link(FILENAME_STORE_LOGO));
}
break;
}
}
if ($action == 'insert_category') {
$insert_sql_data = array('categories_id' => $categories_id, 'language_id' => $languages[$i]['id']);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
zen_db_perform(TABLE_CATEGORIES_DESCRIPTION, $sql_data_array);
} elseif ($action == 'update_category') {
zen_db_perform(TABLE_CATEGORIES_DESCRIPTION, $sql_data_array, 'update', "categories_id = '" . (int) $categories_id . "' and language_id = '" . (int) $languages[$i]['id'] . "'");
}
}
if ($_POST['categories_image_manual'] != '') {
// add image manually
$categories_image_name = $_POST['img_dir'] . $_POST['categories_image_manual'];
$db->Execute("update " . TABLE_CATEGORIES . "\n set categories_image = '" . $categories_image_name . "'\n where categories_id = '" . (int) $categories_id . "'");
} else {
if ($categories_image = new upload('categories_image')) {
$categories_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']);
if ($categories_image->parse() && $categories_image->save()) {
$categories_image_name = $_POST['img_dir'] . $categories_image->filename;
}
if ($categories_image->filename != 'none' && $categories_image->filename != '' && $_POST['image_delete'] != 1) {
// save filename when not set to none and not blank
$db->Execute("update " . TABLE_CATEGORIES . "\n set categories_image = '" . $categories_image_name . "'\n where categories_id = '" . (int) $categories_id . "'");
} else {
// remove filename when set to none and not blank
if ($categories_image->filename != '' || $_POST['image_delete'] == 1) {
$db->Execute("update " . TABLE_CATEGORIES . "\n set categories_image = ''\n where categories_id = '" . (int) $categories_id . "'");
}
}
}
}
zen_redirect(zen_href_link(FILENAME_CATEGORIES, 'cPath=' . $cPath . '&cID=' . $categories_id));
break;
$delete_query = "delete from " . TABLE_MEDIA_CLIPS . " where clip_id = '" . $_GET['clip_id'] . "'";
$db->Execute($delete_query);
zen_redirect(zen_href_link(FILENAME_MEDIA_MANAGER, 'action=edit&page=' . $_GET['page']));
break;
case 'insert':
case 'save':
if (isset($_POST['add_clip'])) {
$clip_name = $_FILES['clip_filename'];
$clip_name = zen_db_prepare_input($clip_name['name']);
if ($clip_name) {
$media_type = $_POST['media_type'];
$ext = $db->Execute("select type_ext from " . TABLE_MEDIA_TYPES . " where type_id = '" . $_POST['media_type'] . "'");
if (ereg($ext->fields['type_ext'], $clip_name)) {
if ($media_upload = new upload('clip_filename')) {
$media_upload->set_destination(DIR_FS_CATALOG_MEDIA . $_POST['media_dir']);
if ($media_upload->parse() && $media_upload->save()) {
$media_upload_filename = $_POST['media_dir'] . $media_upload->filename;
}
if ($media_upload->filename != 'none' && $media_upload->filename != '' && is_writable(DIR_FS_CATALOG_MEDIA . $_POST['media_dir'])) {
$db->Execute("insert into " . TABLE_MEDIA_CLIPS . "\n (media_id, clip_type, clip_filename, date_added) values (\n '" . $_GET['mID'] . "',\n '" . $media_type . "',\n '" . $media_upload_filename . "', now())");
}
}
}
}
}
if (isset($_GET['mID'])) {
$media_id = zen_db_prepare_input($_GET['mID']);
}
$media_name = zen_db_prepare_input($_POST['media_name']);
$sql_data_array = array('media_name' => $media_name);
if ($media_name == '') {
