function nexform_importForm($_SQL, $cntr)
{
global $CONF_FE, $_TABLES;
DB_query($_SQL[0], '1');
if (DB_error()) {
COM_errorLog("nexform SQL error importing form: {$_SQL[0]}");
}
$newformid = DB_insertID();
/* Delete any previous imported form field definition records
New field definition records will have a formid of '99999' assigned
Insert the new records and then update to match the new form definition
*/
DB_query("DELETE FROM {$_TABLES['nxform_fields']} WHERE formid='{$cntr}'");
next($_SQL);
// Increment to the field definition records
for ($i = 1; $i < count($_SQL); $i++) {
DB_query(current($_SQL), '1');
if (DB_error()) {
COM_errorLog("executing " . current($_SQL));
COM_errorLog("Error executing SQL", 1);
exit;
}
next($_SQL);
}
DB_query("UPDATE {$_TABLES['nxform_fields']} set formid='{$newformid}' WHERE formid='{$cntr}'");
// Need to cycle thru the fields now and update any fieldnames if auto fieldname used
$query = DB_query("SELECT id,type FROM {$_TABLES['nxform_fields']} WHERE formid='{$newformid}' AND field_name LIKE '%_frm%'");
while (list($fieldid, $fieldtype) = DB_fetchArray($query)) {
$fieldname = "{$CONF_FE['fieldtypes'][$fieldtype][0]}{$newformid}_{$fieldid}";
DB_query("UPDATE {$_TABLES['nxform_fields']} set field_name='{$fieldname}' WHERE id='{$fieldid}'");
}
}
function _ff_check4files($id, $tempfile = false)
{
global $_FILES, $_CONF, $_TABLES, $_USER, $_FF_CONF, $LANG_GF00, $_FF_CONF, $filemgmt_FileStore;
$retval = '';
for ($z = 1; $z <= $_FF_CONF['maxattachments']; $z++) {
$filelinks = '';
$varName = 'file_forum' . $z;
$chk_usefilemgmt = 'chk_usefilemgmt' . $z;
$filemgmtcat = 'filemgmtcat' . $z;
$filemgmt_desc = 'filemgmt_desc' . $z;
if (isset($_FILES[$varName]) && is_array($_FILES[$varName])) {
$uploadfile = $_FILES[$varName];
} else {
$uploadfile['name'] = '';
}
if ($uploadfile['name'] != '') {
if (isset($_POST[$chk_usefilemgmt]) && $_POST[$chk_usefilemgmt] == 1) {
$filename = $uploadfile['name'];
$pos = strrpos($uploadfile['name'], '.') + 1;
$ext = strtolower(substr($uploadfile['name'], $pos));
} else {
$uploadfilename = glfRandomFilename();
$pos = strrpos($uploadfile['name'], '.') + 1;
$ext = strtolower(substr($uploadfile['name'], $pos));
$filename = "{$uploadfilename}.{$ext}";
}
$set_chk_usefilemgmt = isset($_POST[$chk_usefilemgmt]) ? (int) $_POST[$chk_usefilemgmt] : 0;
if (_ff_uploadfile($filename, $uploadfile, $_FF_CONF['allowablefiletypes'], $set_chk_usefilemgmt)) {
if (array_key_exists($uploadfile['type'], $_FF_CONF['inlineimageypes'])) {
if (isset($_POST[$chk_usefilemgmt]) && $_POST[$chk_usefilemgmt] == 1) {
$srcImage = "{$filemgmt_FileStore}{$filename}";
$destImage = "{$_FF_CONF['uploadpath']}/tn/{$filename}";
} else {
$srcImage = "{$_FF_CONF['uploadpath']}/{$filename}";
$destImage = "{$_FF_CONF['uploadpath']}/tn/{$uploadfilename}.{$ext}";
}
$ret = IMG_resizeImage($srcImage, $destImage, $_FF_CONF['inlineimage_height'], $_FF_CONF['inlineimage_width']);
}
// Store both the created filename and the real file source filename
$realfilename = $filename;
$filename = "{$filename}:{$uploadfile['name']}";
if ($tempfile) {
$temp = 1;
} else {
$temp = 0;
}
if (isset($_POST[$chk_usefilemgmt]) && $_POST[$chk_usefilemgmt] == 1) {
$cid = COM_applyFilter($_POST[$filemgmtcat], true);
$sql = "INSERT INTO {$_TABLES['filemgmt_filedetail']} (cid, title, url, size, submitter, status,date ) ";
$sql .= "VALUES ('" . DB_escapeString($cid) . "', '" . DB_escapeString($realfilename) . "', '" . DB_escapeString($realfilename) . "', '" . DB_escapeString($uploadfile['size']) . "', '{$_USER['uid']}', 1, UNIX_TIMESTAMP())";
DB_query($sql);
$newid = DB_insertID();
DB_query("INSERT INTO {$_TABLES['ff_attachments']} (topic_id,repository_id,filename,tempfile)\n VALUES ('" . DB_escapeString($id) . "',{$newid},'" . DB_escapeString($filename) . "',{$temp})");
$description = glfPrepareForDB($_POST[$filemgmt_desc]);
DB_query("INSERT INTO {$_TABLES['filemgmt_filedesc']} (lid, description) VALUES ({$newid}, '{$description}')");
} else {
DB_query("INSERT INTO {$_TABLES['ff_attachments']} (topic_id,filename,tempfile)\n VALUES ('" . DB_escapeString($id) . "','" . DB_escapeString($filename) . "',{$temp})");
}
} else {
COM_errorlog("upload error:" . $GLOBALS['ff_errmsg']);
$retval .= $GLOBALS['ff_errmsg'];
$filelinks = -1;
}
}
}
if (!$tempfile and isset($_POST['uniqueid']) and COM_applyFilter($_POST['uniqueid'], true) > 0 and DB_COUNT($_TABLES['ff_topic'], 'id', (int) $id)) {
$tid = COM_applyFilter($_POST['uniqueid']);
DB_query("UPDATE {$_TABLES['ff_attachments']} SET topic_id=" . (int) $id . ", tempfile=0 WHERE topic_id=" . (int) $tid);
}
return $retval;
}
// Check if new logical Task ID = 0 - not allowed
}
// lets determine if there are any other tasks in this workflow.. otherwise we have to set the first task bit..
$sql = "SELECT count( * ) FROM {$_TABLES['nf_templatedata']} WHERE nf_templateID = '{$templateID}'";
$fields = 'logicalID, nf_templateID,nf_stepType, nf_handlerId, function, formid, optionalParm, firstTask, taskname, regenerate,reminderInterval';
if (DB_numRows(DB_Query($sql))) {
// no rows.. thus first task
$sql = "INSERT INTO {$_TABLES['nf_templatedata']} ({$fields}) ";
$sql .= "VALUES ('{$lID}','{$templateID}','{$stepID}','{$handlerID}','{$taskFunction}','{$task_formid}','{$optionalParm}',1,'{$taskName}','{$regen}','{$notifyinterval}')";
$result = DB_Query($sql);
$taskID = DB_insertID();
} else {
$sql = "INSERT INTO {$_TABLES['nf_templatedata']} ({$fields}) ";
$sql .= "VALUES ('{$lID}','{$templateID}','{$stepID}','{$handlerID}','{$taskFunction}','{$task_formid}','{$optonalParm}',0,'{$taskName}','{$regen}','{$notifyinterval}')";
$result = DB_Query($sql);
$taskID = DB_insertID();
}
// echo $sql;
}
// Update the timestamp - used to sort records if we have duplicates that need to be re-ordered
// Assume the latest updated record should have the logical ID entered - in case of new duplicate
DB_query("UPDATE {$_TABLES['nf_templatedata']} set last_updated = now() WHERE id='{$taskID}'");
// Check and see if we have any duplicate logical ID's and need to reorder
$sql = "SELECT id FROM {$_TABLES['nf_templatedata']} WHERE nf_templateID='{$templateID}' AND logicalID = '{$lID}'";
if (DB_numRows(DB_query($sql)) > 1) {
$sql = "SELECT id,logicalID FROM {$_TABLES['nf_templatedata']} WHERE nf_templateID='{$templateID}' ";
$sql .= "AND logicalID >= '{$lID}' ORDER BY logicalID ASC, last_updated DESC";
$query = DB_query($sql);
$id = $lID;
while ($A = DB_fetchArray($query)) {
// Reset field firstTask
function prj_insertProject($parentID = 0)
{
global $_TABLES;
//first check if this has a parent project ID..
//if it dosent, then we're insertting a top level task
$newid = 0;
// New project record id
if ($parentID == 0) {
if (!prj_checkTableSemaphore("{$_TABLES['prj_projects']}")) {
//its locked....
//we can loop here, or bail.. I'd loop 1/2 the wait duration if i really had to...
COM_errorLog('prj_insertproject - Table is locked, will try again ...');
} else {
//its not locked
//first, lock the table
prj_lockTable("{$_TABLES['prj_projects']}");
//we're now locked for X seconds depending on the lockduration field
//you could conceivably just keep relocking before each sql call to make sure....
$sql = "SELECT max(rhs) FROM {$_TABLES['prj_projects']}";
$res = DB_query($sql);
list($lhs) = DB_fetchArray($res);
$lhs = $lhs + 1;
$rhs = $lhs + 1;
$sql = "INSERT INTO {$_TABLES['prj_projects']} (lhs, rhs, parent_id) ";
$sql .= "VALUES ('{$lhs}', '{$rhs}', 0 )";
DB_query($sql);
$newid = DB_insertID();
prj_unlockTable("{$_TABLES['prj_projects']}");
//set it free!
}
} else {
//we have a pid and have to do our crafty inserts here...
if (!prj_checkTableSemaphore("{$_TABLES['prj_projects']}")) {
//its locked.... we can loop here, or bail.. I'd loop 1/2 the wait duration if i really had to...
COM_errorLog('prj_insertProject - Table is locked, will try again ...');
} else {
//its not locked need to first, lock the table
prj_lockTable("{$_TABLES['prj_projects']}");
$sql = "SELECT rhs FROM {$_TABLES['prj_projects']} WHERE pid='{$parentID}'";
$res = DB_query($sql);
list($rhs) = DB_fetchArray($res);
$sql = "UPDATE {$_TABLES['prj_projects']} set lhs = lhs+2 where lhs >= '{$rhs}'";
DB_query($sql);
$sql = "UPDATE {$_TABLES['prj_projects']} set rhs = rhs+2 where rhs >= '{$rhs}'";
DB_query($sql);
$lhs = $rhs;
$rhs = $rhs + 1;
$sql = "INSERT INTO {$_TABLES['prj_projects']} (lhs, rhs, parent_id) ";
$sql .= "VALUES ( '{$lhs}', '{$rhs}', '{$parentID}')";
DB_query($sql);
$newid = DB_insertID();
prj_unlockTable("{$_TABLES['prj_projects']}");
//set it free!
}
}
//end else for testing if we have a pid
return $newid;
}
/**
* Save the current values to the database.
*
* @param array $A Attributeal array of values from $_POST
* @return boolean True if no errors, False otherwise
*/
function Save($A = array())
{
global $_TABLES, $_PP_CONF;
if (is_array($A)) {
// Put this field at the end of the line by default
if (empty($A['orderby'])) {
$A['orderby'] = 65535;
}
$this->SetVars($A);
}
// Get the option group in from the text field, or selection
if (isset($_POST['attr_name']) && !empty($_POST['attr_name'])) {
$this->attr_name = $_POST['attr_name'];
} else {
$this->attr_name = $_POST['attr_name_sel'];
}
// Make sure the necessary fields are filled in
if (!$this->isValidRecord()) {
return false;
}
// Insert or update the record, as appropriate.
if ($this->isNew) {
$sql1 = "INSERT INTO {$_TABLES['paypal.prod_attr']}";
$sql3 = '';
} else {
$sql1 = "UPDATE {$_TABLES['paypal.prod_attr']}";
$sql3 = " WHERE attr_id={$this->attr_id}";
}
$sql2 = " SET item_id='{$this->item_id}',\n attr_name='" . DB_escapeString($this->attr_name) . "',\n attr_value='" . DB_escapeString($this->attr_value) . "',\n orderby='{$this->orderby}',\n attr_price='{$this->attr_price}',\n enabled='{$this->enabled}'";
$sql = $sql1 . $sql2 . $sql3;
DB_query($sql, 1);
$err = DB_error();
if ($err == '') {
if ($this->isNew) {
$this->attr_id = DB_insertID();
}
$this->ReOrder();
return true;
} else {
$this->AddError($err);
return false;
}
}
function nexform_check4files($result_id = 0, $single_file = '')
{
global $_CONF, $_TABLES, $CONF_FE, $LANG_FE_ERR;
if ($CONF_FE['debug']) {
COM_errorLog("Check4files - result_id:{$result_id}");
}
/* Check if custom hidden field is used on the form to specify allowable file types */
if ($uploadFileTypesAllowed != '' and !is_array($allowablefiletypes)) {
$formtypes = explode(',', $uploadFileTypesAllowed);
$allowablefiletypes = array();
foreach ($CONF_FE['allowablefiletypes'] as $key => $haystack) {
foreach ($formtypes as $needle) {
if (strpos($haystack, $needle) !== false) {
$allowablefiletypes[$key] = $haystack;
} else {
}
}
}
}
if (!is_array($allowablefiletypes)) {
$allowablefiletypes = $CONF_FE['allowablefiletypes'];
}
foreach ($_FILES as $var => $uploadfile) {
if ($single_file != '' and $single_file != $var) {
continue;
}
if ($uploadfile['size'][0] <= 0 and $single_file != '') {
return false;
}
/* The variable names contain the fieldtype and fieldid */
/* XXX_frm{formid}_{fieldid} - where XXX is the fieldtype */
$parts = explode('_', $var);
$fieldtype = $parts[0];
$field_id = (int) $parts[2];
$is_dynamicfield_result = false;
if (isset($parts[4])) {
$dynamicFieldInstance = $parts['4'];
$sfield_id = (int) $parts['2'];
$field_id = (int) $parts['3'];
$instance = (int) $parts['4'];
$is_dynamicfield_result = true;
$dynamicForm = DB_getItem($_TABLES['nxform_fields'], 'formid', "id='{$field_id}'");
// Get the results currently recorded for the source form field
$dynamicResults = explode('|', DB_getItem($_TABLES['nxform_resdata'], 'field_data', "result_id='{$result_id}' AND field_id='{$sfield_id}'"));
// Check if this instance of the dynamic form is already created as a result.
if (isset($dynamicResults[$instance]) and $dynamicResults[0] != '' and count($dynamicResults) > 0) {
$dynamicResult = $dynamicResults[$instance];
} else {
// User must be submitting the form with a new instance of this dynamic subform (field)
// Need to create a new result record and update relating fields with the new resultid
DB_query("INSERT INTO {$_TABLES['nxform_results']} (form_id,uid,date)\r\n VALUES ('{$dynamicForm}','{$userid}','{$date}') ");
$dynamicResult = DB_insertID();
$dynamicResults[$instance] = $dynamicResult;
$relatedFieldResults = implode('|', $dynamicResults);
DB_query("UPDATE {$_TABLES['nxform_resdata']} set field_data = '{$relatedFieldResults}' WHERE result_id='{$result_id}' AND field_id='{$sfield_id}'");
// Now need to update the related Results field in the main results records
}
} else {
$field_id = (int) $parts['2'];
$is_dynamicfield_result = false;
}
if (is_array($uploadfile['name'])) {
/* Skip if no files uploaded in the multi-file field */
if ($uploadfile[name][0] != '') {
for ($i = 0; $i < count($uploadfile[name]); $i++) {
/* Upload class is not expecting an array of upload files - so pass a single associative array */
$upload_newfile = array('name' => $uploadfile['name'][$i], 'type' => $uploadfile['type'][$i], 'tmp_name' => $uploadfile['tmp_name'][$i], 'error' => $uploadfile['error'][$i], 'size' => $uploadfile['size'][$i]);
$uploadfilename = ppRandomFilename();
$pos = strrpos($uploadfile['name'][$i], '.') + 1;
$ext = strtolower(substr($uploadfile['name'][$i], $pos));
$filename = "{$uploadfilename}.{$ext}";
if ($CONF_FE['debug']) {
COM_errorLog("Mfile upload: Original file: {$uploadfile['name'][$i]} and new filename: {$filename}");
}
if (nexform_uploadfile($filename, $upload_newfile, $allowablefiletypes)) {
// Store both the created filename and the real file source filename
$realfilename = $filename;
$filename = "{$filename}:{$upload_newfile['name']}";
if ($is_dynamicfield_result) {
DB_query("INSERT INTO {$_TABLES['nxform_resdata']} (result_id,field_id,field_data,is_dynamicfield_result)\r\n VALUES ('{$dynamicResult}','{$field_id}','{$filename}',1) ");
if ($single_file != '') {
$retval = DB_insertID();
}
} else {
DB_query("INSERT INTO {$_TABLES['nxform_resdata']} (result_id,field_id,field_data)\r\n VALUES ('{$result_id}','{$field_id}','{$filename}') ");
if ($single_file != '') {
$retval = DB_insertID();
}
}
} else {
COM_errorLog("upload error:" . $GLOBALS['fe_errmsg']);
$errmsg = $GLOBALS['fe_errmsg'];
return false;
}
}
}
} else {
if ($uploadfile['size'] > 0 and $uploadfile['name'] != '') {
$uploadfilename = ppRandomFilename();
$pos = strrpos($uploadfile['name'], '.') + 1;
$ext = strtolower(substr($uploadfile['name'], $pos));
$filename = "{$uploadfilename}.{$ext}";
if ($CONF_FE['debug']) {
COM_errorLog("Upload file - random name: {$filename}");
}
if (nexform_uploadfile($filename, $uploadfile, $allowablefiletypes)) {
// Store both the created filename and the real file source filename
$realfilename = $filename;
$filename = "{$filename}:{$uploadfile['name']}";
if (DB_count($_TABLES['nxform_resdata'], array('result_id', 'field_id'), array($dynamicResult, $field_id)) > 0) {
DB_query("UPDATE {$_TABLES['nxform_resdata']} set field_data = '{$filename}' WHERE result_id='{$dynamicResult}' AND field_id='{$field_id}'");
} else {
if ($is_dynamicfield_result) {
if (DB_count($_TABLES['nxform_resdata'], array('result_id', 'field_id'), array($dynamicResult, $field_id)) > 0) {
DB_query("UPDATE {$_TABLES['nxform_resdata']} set field_data = '{$filename}' WHERE result_id='{$dynamicResult}' AND field_id='{$field_id}'");
} else {
DB_query("INSERT INTO {$_TABLES['nxform_resdata']} (result_id,field_id,field_data,is_dynamicfield_result)\r\n VALUES ('{$dynamicResult}','{$field_id}','{$filename}',1) ");
}
} else {
DB_query("INSERT INTO {$_TABLES['nxform_resdata']} (result_id,field_id,field_data)\r\n VALUES ('{$result_id}','{$field_id}','{$filename}') ");
}
}
} else {
COM_errorLog("upload error:" . $GLOBALS['fe_errmsg']);
$errmsg = $GLOBALS['fe_errmsg'];
return false;
break;
}
}
}
}
if ($retval != 0) {
return $retval;
} else {
return true;
}
}
/**
* Save the current values to the database.
* Appends error messages to the $Errors property.
*
* @param array $A Optional array of values from $_POST
* @return boolean True if no errors, False otherwise
*/
public function Save($A = '')
{
global $_TABLES, $_PP_CONF;
USES_paypal_class_productimage();
USES_paypal_class_ppFile();
if (is_array($A)) {
$this->SetVars($A);
}
// Zero out the shipping amount if a non-fixed value is chosen
if ($this->shipping_type < 2) {
$this->shipping_amt = 0;
}
// Handle file uploads. This is done first so we know whether
// there is a valid filename for a download product
// No weight or shipping for downloads
if (!empty($_FILES['uploadfile']['tmp_name'])) {
$F = new ppFile('uploadfile');
$filename = $F->uploadFiles();
if ($F->areErrors() > 0) {
$this->Errors[] = $F->printErrors(true);
} elseif ($filename != '') {
$this->file = $filename;
}
PAYPAL_debug('Uploaded file: ' . $this->file);
}
// For downloadable files, physical product options don't apply
if ($this->prod_type == PP_PROD_DOWNLOAD) {
$this->weight = 0;
$this->shipping_type = 0;
$this->shipping_amt = 0;
}
// Serialize the quantity discount array
$qty_discounts = $this->qty_discounts;
if (!is_array($qty_discounts)) {
$qty_discounts = array();
}
$qty_discounts = DB_escapeString(@serialize($qty_discounts));
// Insert or update the record, as appropriate
if ($this->id > 0) {
PAYPAL_debug('Preparing to update product id ' . $this->id);
$sql1 = "UPDATE {$_TABLES['paypal.products']} SET ";
$sql3 = " WHERE id='{$this->id}'";
} else {
PAYPAL_debug('Preparing to save a new product.');
$sql1 = "INSERT INTO {$_TABLES['paypal.products']} SET \n dt_add = '" . DB_escapeString($_PP_CONF['now']->toMySQL()) . "',";
$sql3 = '';
}
$sql2 = "name='" . DB_escapeString($this->name) . "',\n cat_id='" . (int) $this->cat_id . "',\n short_description='" . DB_escapeString($this->short_description) . "',\n description='" . DB_escapeString($this->description) . "',\n keywords='" . DB_escapeString($this->keywords) . "',\n price='" . (double) $this->price . "',\n prod_type='" . (int) $this->prod_type . "',\n weight='" . (double) $this->weight . "',\n file='" . DB_escapeString($this->file) . "',\n expiration='" . (int) $this->expiration . "',\n enabled='" . (int) $this->enabled . "',\n featured='" . (int) $this->featured . "',\n views='" . (int) $this->views . "',\n taxable='" . (int) $this->taxable . "',\n shipping_type='" . (int) $this->shipping_type . "',\n shipping_amt='" . (double) $this->shipping_amt . "',\n comments_enabled='" . (int) $this->comments_enabled . "',\n rating_enabled='" . (int) $this->rating_enabled . "',\n show_random='" . (int) $this->show_random . "',\n show_popular='" . (int) $this->show_popular . "',\n onhand='{$this->onhand}',\n track_onhand='{$this->track_onhand}',\n oversell = '{$this->oversell}',\n qty_discounts = '{$qty_discounts}',\n options='{$options}',\n custom='" . DB_escapeString($this->custom) . "',\n sale_price={$this->sale_price},\n sale_beg='" . DB_escapeString($this->sale_beg) . "',\n sale_end='" . DB_escapeString($this->sale_end) . "',\n avail_beg='" . DB_escapeString($this->avail_beg) . "',\n avail_end='" . DB_escapeString($this->avail_end) . "',\n buttons= '" . DB_escapeString($this->btn_type) . "'";
$sql = $sql1 . $sql2 . $sql3;
//echo $sql;die;
DB_query($sql);
if (!DB_error()) {
if ($this->isNew) {
$this->id = DB_insertID();
}
$status = true;
} else {
COM_errorLog("Paypal- SQL error in Product::Save: {$sql}", 1);
$status = false;
}
PAYPAL_debug('Status of last update: ' . print_r($status, true));
if ($status) {
// Handle image uploads. This is done last because we need
// the product id to name the images filenames.
if (!empty($_FILES['images'])) {
$U = new ProductImage($this->id, 'images');
$U->uploadFiles();
if ($U->areErrors() > 0) {
$this->Errors[] = $U->printErrors(false);
}
}
// Clear the button cache
self::DeleteButtons($this->id);
}
// Update the category crossref
/*DB_delete($_TABLES['paypal.prodXcat'], 'prod_id', $prod_id);
foreach ($this->categories as $cat) {
DB_query("INSERT INTO {$_TABLES['paypal.prodXcat']}
(prod_id, cat_id)
VALUES
({$prod_id}, " . (int)$cat . ")");
}*/
if (empty($this->Errors)) {
PAYPAL_debug('Update of product ' . $this->id . ' succeeded.');
return true;
} else {
PAYPAL_debug('Update of product ' . $this->id . ' failed.');
return false;
}
}
function updateMenuRecord($mode)
{
global $_CONF, $CONF_NEXMENU, $_TABLES, $id, $idCurrent;
$parent = ppPrepareForDB($_POST['menu_parent']);
$order = ppPrepareForDB($_POST['menu_order']);
$label = addslashes(ppPrepareForDB(htmlspecialchars($_POST['menu_label'], ENT_QUOTES, $CONF_NEXMENU['charset'])));
$image = ppPrepareForDB($_POST['menu_image']);
$menutype = ppPrepareForDB($_POST['menutype']);
$menu_location = ppPrepareForDB($_POST['menu_location']);
$coremenutype = ppPrepareForDB($_POST['coremenutype']);
$phpfunction = ppPrepareForDB($_POST['phpfunction']);
$grp_access = ppPrepareForDB($_POST['grp_access']);
$is_enabled = isset($_POST['menu_status']) ? 1 : 0;
if ($label == '') {
$GLOBALS['statusmsg'] = 'Error adding or updating Record. Label can not be blank';
return;
}
switch ($menutype) {
case 1:
$url = $_POST['menu_url'];
break;
case 2:
$url = $_POST['menu_url'];
break;
case 3:
$url = '';
break;
case 4:
$url = $CONF_NEXMENU['coremenu'][$coremenutype];
break;
case 5:
$url = $phpfunction;
break;
}
if ($mode == 'add') {
if ($order < 1) {
$query = DB_query("SELECT MAX(menuorder) FROM {$_TABLES['nexmenu']} WHERE pid={$parent}");
list($order) = DB_fetchArray($query);
$order++;
}
$sql = "INSERT INTO {$_TABLES['nexmenu']} (pid,menutype,location,menuorder,label,url,grp_access,image,is_enabled) ";
$sql .= "VALUES ('{$parent}','{$menutype}','{$menu_location}','{$order}','{$label}','{$url}','{$grp_access}','{$image}','{$is_enabled}')";
DB_query($sql);
$GLOBALS['id'] = DB_insertID();
$GLOBALS['statusmsg'] = 'Record Added';
$idCurrent = DB_insertID();
// Make the new record the current record
foreach ($_POST['alternatelabel'] as $langid => $languagelabel) {
if (trim($languagelabel) != '') {
if (DB_count($_TABLES['nexmenu_language'], array('menuitem', 'language'), array($id, $langid))) {
DB_query("UPDATE {$_TABLES['nexmenu_language']} SET label = '{$languagelabel}' WHERE menuitem={$idCurrent} AND language={$langid} ");
} else {
DB_query("INSERT INTO {$_TABLES['nexmenu_language']} (menuitem,language,label) VALUES ({$idCurrent},{$langid},'{$languagelabel}')");
}
}
}
} elseif (DB_count($_TABLES['nexmenu'], "id", $id) == 1) {
if ($order < 1) {
$query = DB_query("SELECT MAX(menuorder) FROM {$_TABLES['nexmenu']} WHERE pid={$parent}");
list($order) = DB_fetchArray($query);
$order++;
}
/* Check if this is a menu and the location has changed (header or block location of menu */
$curLocation = DB_getItem($_TABLES['nexmenu'], "location", "id='{$id}'");
if ($menutype == 3 and $menu_location != '$curlocation') {
/* update any menuitems or submenus as well - need to move them all */
updateFolderLocation($id, $menu_location);
}
$sql = "UPDATE {$_TABLES['nexmenu']} SET pid='{$parent}',menutype='{$menutype}',location='{$menu_location}', image='{$image}', ";
$sql .= "menuorder='{$order}',label='{$label}', url='{$url}',grp_access='{$grp_access}',is_enabled='{$is_enabled}' WHERE id='{$id}'";
DB_query($sql);
foreach ($_POST['alternatelabel'] as $langid => $languagelabel) {
if (trim($languagelabel) != '') {
if (DB_count($_TABLES['nexmenu_language'], array('menuitem', 'language'), array($id, $langid))) {
DB_query("UPDATE {$_TABLES['nexmenu_language']} SET label = '{$languagelabel}' WHERE menuitem={$id} AND language={$langid} ");
} else {
DB_query("INSERT INTO {$_TABLES['nexmenu_language']} (menuitem,language,label) VALUES ({$id},{$langid},'{$languagelabel}')");
}
}
}
$GLOBALS['statusmsg'] = 'Record Updated';
} else {
COM_errorLOG("nexmenu Plugin: Admin Error updating Record");
$GLOBALS['statusmsg'] = 'Error adding or updating Record';
}
}
/**
* Save the current values to the database.
*
* @param array $A Optional array of values from $_POST
* @return boolean True if no errors, False otherwise
*/
public function Save($A = array())
{
global $_TABLES, $_PP_CONF;
if (is_array($A)) {
$this->SetVars($A);
}
// Handle image uploads.
// We don't want to delete the existing image if one isn't
// uploaded, we should leave it unchanged. So we'll first
// retrieve the existing image filename, if any.
if (!$this->isNew) {
$img_filename = DB_getItem($_TABLES['paypal.categories'], 'image', "cat_id='" . $this->cat_id . "'");
} else {
// New entry, assume no image
$img_filename = '';
}
if (is_uploaded_file($_FILES['imagefile']['tmp_name'])) {
$img_filename = rand(100, 999) . "_" . COM_sanitizeFilename($_FILES['imagefile']['name'], true);
$status = IMG_resizeImage($_FILES['imagefile']['tmp_name'], $_PP_CONF['catimgpath'] . "/{$img_filename}", $_PP_CONF['max_thumb_size'], $_PP_CONF['max_thumb_size'], '', true);
if ($status[0] == false) {
$this->AddError('Error Moving Image');
} else {
// If a new image was uploaded, and this is an existing
// category, then delete the old image file, if any.
// The DB still has the old filename at this point.
if (!$this->isNew) {
$this->DeleteImage(false);
}
}
}
$this->image = $img_filename;
// Insert or update the record, as appropriate, as long as a
// previous error didn't occur.
if (empty($this->Errors)) {
if ($this->isNew) {
$sql1 = "INSERT INTO {$_TABLES['paypal.categories']} SET ";
$sql3 = '';
} else {
$sql1 = "UPDATE {$_TABLES['paypal.categories']} SET ";
$sql3 = " WHERE cat_id='{$this->cat_id}'";
}
$sql2 = "parent_id='" . $this->parent_id . "',\n cat_name='" . DB_escapeString($this->cat_name) . "',\n description='" . DB_escapeString($this->description) . "',\n enabled='{$this->enabled}',\n grp_access ='{$this->grp_access}',\n image='" . DB_escapeString($this->image) . "'";
$sql = $sql1 . $sql2 . $sql3;
DB_query($sql);
if (!DB_error()) {
if ($this->isNew) {
$this->cat_id = DB_insertID();
}
} else {
$this->AddError('Failed to insert or update record');
}
}
if (empty($this->Errors)) {
return true;
} else {
return false;
}
}
function nc_copyRecord($table, $primary_key, $value)
{
//first get the values of the requested record
$record = DB_query("SELECT * FROM {$table} WHERE {$primary_key} = '{$value}';");
$R = DB_fetchArray($record, false);
//then discover the schema of the table
$schema = DB_query("DESCRIBE {$table};");
//now build an sql string to copy one to the other
$fields = '';
$values = '';
while ($A = DB_fetchArray($schema, false)) {
if ($A['Field'] != $primary_key) {
if ($fields != '') {
$fields .= ', ';
$values .= ', ';
}
$fields .= $A['Field'];
$values .= "'" . addslashes($R[$A['Field']]) . "'";
}
}
$sql = "INSERT INTO {$table} ({$fields}) VALUES ({$values});";
DB_query($sql);
$retval = DB_insertID();
return $retval;
}
/**
* Save the current values to the database.
* Appends error messages to the $Errors property.
*
* @param array $A Optional array of values from $_POST
* @return boolean True if no errors, False otherwise
*/
public function Save($A = '')
{
global $_TABLES, $_EV_CONF;
if (is_array($A)) {
$this->SetVars($A);
}
$this->isNew = $this->det_id > 0 ? false : true;
// If integrating with the Locator plugin, try to get and save
// the coordinates to be used when displaying the event.
// At least a city and state/province is required.
if ($_EV_CONF['use_locator'] == 1 && $this->city != '' && $this->province != '') {
$address = $this->street . ' ' . $this->city . ', ' . $this->province . ' ' . $this->postal . ' ' . $this->country;
$lat = $this->lat;
$lng = $this->lng;
if ($lat == 0 && $lng == 0) {
$status = LGLIB_invokeService('locator', 'getCoords', $address, $output, $svc_msg);
if ($status == PLG_RET_OK) {
$this->lat = $output['lat'];
$this->lng = $output['lng'];
}
}
}
$fld_set = array();
foreach ($this->fields as $fld_name) {
$fld_set[] = "{$fld_name}='" . DB_escapeString($this->{$fld_name}) . "'";
}
$fld_sql = implode(',', $fld_set);
// Fix decimal if PHP locale uses the comma.
$lat = number_format($this->lat, 8, '.', '');
$lng = number_format($this->lng, 8, '.', '');
// Insert or update the record, as appropriate
if (!$this->isNew) {
// For updates, delete the event from the cache table.
$sql = "UPDATE {$_TABLES['evlist_detail']}\n SET {$fld_sql},\n lat = '{$lat}',\n lng = '{$lng}'\n WHERE det_id='" . (int) $this->det_id . "'";
//echo $sql;die;
DB_query($sql);
} else {
$sql = "INSERT INTO {$_TABLES['evlist_detail']}\n SET \n det_id = 0,\n lat = '{$lat}',\n lng = '{$lng}',\n {$fld_sql}";
//echo $sql;die;
DB_query($sql);
$this->det_id = DB_insertID();
}
return $this->det_id;
}
function addDownload()
{
global $_CONF, $_USER, $_FM_TABLES, $filemgmt_FileStore, $filemgmt_SnapStore, $myts, $eh;
$filename = $myts->makeTboxData4Save($_FILES['newfile']['name']);
$url = $myts->makeTboxData4Save(rawurlencode($filename));
$snapfilename = $myts->makeTboxData4Save($_FILES['newfileshot']['name']);
$logourl = $myts->makeTboxData4Save(rawurlencode($snapfilename));
$title = $myts->makeTboxData4Save($_POST['title']);
$homepage = $myts->makeTboxData4Save($_POST['homepage']);
$version = $myts->makeTboxData4Save($_POST['version']);
$description = $myts->makeTareaData4Save($_POST['description']);
$commentoption = $_POST['commentoption'];
$submitter = $_USER['uid'];
$size = $myts->makeTboxData4Save(intval($_FILES['newfile']['size']));
$result = DB_query("SELECT COUNT(*) FROM {$_FM_TABLES['filemgmt_filedetail']} WHERE url='{$url}'");
list($numrows) = DB_fetchArray($result);
$errormsg = "";
// Check if Title blank
if ($title == "") {
$eh->show("1104");
}
// Check if Description blank
if ($description == "") {
$eh->show("1105");
}
// Check if a file was uploaded
if ($_FILES['newfile']['size'] == 0) {
$eh->show("1017");
}
if (!empty($_POST['cid'])) {
$cid = $_POST['cid'];
} else {
$cid = 0;
}
if (uploadNewFile($_FILES["newfile"], $filemgmt_FileStore)) {
$AddNewFile = true;
}
if (uploadNewFile($_FILES["newfileshot"], $filemgmt_SnapStore)) {
$AddNewFile = true;
}
if ($AddNewFile) {
DB_query("INSERT INTO {$_FM_TABLES['filemgmt_filedetail']} " . "(cid, title, url, homepage, version, size, " . "logourl, submitter, status, date, hits, rating, votes, comments) " . "VALUES ('{$cid}', '{$title}', '{$url}', '{$homepage}', '{$version}', '{$size}', '{$logourl}', " . "'{$submitter}', 1, " . time() . ", 0, 0, 0,'{$commentoption}')");
$newid = DB_insertID();
DB_query("INSERT INTO {$_FM_TABLES['filemgmt_filedesc']} " . "(lid, description) VALUES ({$newid}, '{$description}')");
if ($duplicatefile) {
redirect_header("{$_CONF['site_admin_url']}/plugins/filemgmt/index.php", 2, _MD_NEWDLADDED_DUPFILE);
} elseif ($duplicatesnap) {
redirect_header("{$_CONF['site_admin_url']}/plugins/filemgmt/index.php", 2, _MD_NEWDLADDED_DUPSNAP);
} else {
redirect_header("{$_CONF['site_admin_url']}/plugins/filemgmt/index.php", 2, _MD_NEWDLADDED);
}
exit;
} else {
redirect_header("index.php", 2, _MD_ERRUPLOAD . "");
exit;
}
}
while (list($id, $qorder) = DB_fetchArray($query)) {
$order++;
DB_query("UPDATE {$_TABLES['quiz_questions']} SET qorder='{$order}' WHERE qid={$id}");
}
}
// Handling of submit code
switch ($op) {
case 'savequestion':
$HTTP_POST_VARS = qz_cleandata($HTTP_POST_VARS);
$question = $HTTP_POST_VARS['question'];
$qanswer = $HTTP_POST_VARS['qanswer'];
$qvalue = $HTTP_POST_VARS['qvalue'];
$qorder = $HTTP_POST_VARS['qorder'] == "" ? "99" : $HTTP_POST_VARS['qorder'];
if (!empty($question) and !empty($qvalue)) {
DB_query("INSERT INTO {$_TABLES['quiz_questions']} (quizid,question,qanswer,qvalue,qorder) VALUES ('{$quizid}', '{$question}', '{$qanswer}', '{$qvalue}', '{$qorder}')");
$qid = DB_insertID();
qz_updateQuestionOrder($quizid);
$questionDir = $_CONF['path_html'] . "quiz/question_images/{$qid}/";
if (isset($HTTP_POST_FILES['image'])) {
include 'addimage.php';
}
} else {
echo "Please complete all fields<br>";
}
break;
case 'savemultiquestions':
$HTTP_POST_VARS = qz_cleandata($HTTP_POST_VARS);
$question = $HTTP_POST_VARS['question'];
$qanswer = $HTTP_POST_VARS['qanswer'];
$qvalue = $HTTP_POST_VARS['qvalue'];
$qorder = $HTTP_POST_VARS['qorder'] == "" ? "99" : $HTTP_POST_VARS['qorder'];
function updatePage($mode, $type)
{
global $_CONF, $_TABLES, $_FILES, $_POST, $CONF_SE, $LANG_SE_ERR;
global $_DB_name, $catid, $pageid;
include_once $_CONF['path_system'] . 'classes/upload.class.php';
$name = substr(htmlentities($_POST['name']), 0, 32);
$pid = ppPrepareForDB($_POST['category']);
$old_sid = ppPrepareForDB($_POST['old_sid']);
$sid = ppPrepareForDB($_POST['sid'], true, 40);
$pageorder = COM_applyFilter($_POST['pageorder'], true);
if ($type == 'link') {
$menutype = 3;
} else {
$menutype = COM_applyFilter($_POST['menu_type'], true);
}
$blkformat = ppPrepareForDB($_POST['blk_format']);
$heading = substr(htmlentities($_POST['heading']), 0, 255);
$grp_access = ppPrepareForDB($_POST['grp_access']);
$imgdelete = $_POST['imgdelete'];
$chkscale = $_POST['chkscale'];
$submenutype = COM_applyFilter($_POST['rad_submenu'], true);
$blockmenutype = COM_applyFilter($_POST['rad_blockmenu'], true);
$is_menu_newpage = $_POST['chknewwindow'] == 1 ? 1 : 0;
$is_draft = $_POST['chkdraft'] == 1 ? 1 : 0;
$show_breadcrumbs = $_POST['chkbreadcrumbs'] == 1 ? 1 : 0;
$owner_id = ppPrepareForDB($_POST['owner_id']);
$group_id = ppPrepareForDB($_POST['group_id']);
$perm_owner = $_POST['perm_owner'];
$perm_group = $_POST['perm_group'];
$perm_members = $_POST['perm_members'];
$perm_anon = $_POST['perm_anon'];
$pagetitle = substr(htmlentities($_POST['pagetitle']), 0, 255);
$metadesc = ppPrepareForDB($_POST['metadesc']);
$metakeywords = ppPrepareForDB($_POST['metakeywords']);
// Convert array values to numeric permission values
list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
// Allow full HTML in the introtext field
if (!get_magic_quotes_gpc()) {
$content = addslashes($_POST['sitecontent']);
$help = addslashes($_POST['help']);
} else {
$content = $_POST['sitecontent'];
$help = $_POST['help'];
}
if ($sid != '') {
$sid = COM_sanitizeID($sid);
}
if ($sid != '' and DB_count($_TABLES['nexcontent_pages'], 'sid', $sid) > 0) {
if ($sid != $old_sid) {
$duplicate_sid = true;
if ($old_sid == '') {
$sid = "{$sid}_{$pid}";
$dupmsg = ' - Duplicate Page ID';
} else {
$sid = $old_sid;
$dupmsg = ' - Duplicate Page ID, Page ID not changed.';
}
}
} else {
$duplicate_sid = false;
}
if ($mode == 'add') {
$gid = uniqid($_DB_name, FALSE);
$category = COM_applyFilter($category, true);
if ($type == 'category') {
// Create a new record - set the category value to 0
DB_query("INSERT INTO {$_TABLES['nexcontent_pages']} (pid,gid,type) values ({$category},'{$gid}','category')");
$pageid = DB_insertID();
$GLOBALS['statusmsg'] = 'New Category Added';
$query = DB_query("SELECT max(pageorder) FROM {$_TABLES['nexcontent_pages']} WHERE type='category'");
list($maxorder) = DB_fetchArray($query);
$order = $maxorder + 10;
DB_query("UPDATE {$_TABLES['nexcontent_pages']} SET pageorder='{$order}' WHERE id='{$pageid}'");
} else {
// Create a new record - need to get the record id for the category
DB_query("INSERT INTO {$_TABLES['nexcontent_pages']} (pid,gid,type) values ('{$category}','{$gid}','{$type}')");
$pageid = DB_insertID();
$GLOBALS['statusmsg'] = 'New Page Added';
$query = DB_query("SELECT max(pageorder) FROM {$_TABLES['nexcontent_pages']} WHERE pid='category'");
list($maxorder) = DB_fetchArray($query);
$order = $maxorder + 10;
DB_query("UPDATE {$_TABLES['nexcontent_pages']} SET pageorder='{$order}' WHERE id='{$pageid}'");
}
} else {
if ($type == 'category') {
$GLOBALS['statusmsg'] = "{$name} Updated";
} else {
$GLOBALS['statusmsg'] = "{$name} Updated";
}
if ($duplicate_sid) {
$GLOBALS['statusmsg'] .= $dupmsg;
}
}
DB_query("UPDATE {$_TABLES['nexcontent_pages']} SET name='{$name}', blockformat='{$blkformat}', pid='{$pid}', sid='{$sid}', heading='{$heading}',content='{$content}', menutype='{$menutype}', is_menu_newpage='{$is_menu_newpage}', show_submenu='{$submenutype}', show_blockmenu='{$blockmenutype}', show_breadcrumbs='{$show_breadcrumbs}', is_draft='{$is_draft}', owner_id='{$owner_id}', group_id='{$group_id}', perm_owner='{$perm_owner}', perm_group='{$perm_group}', perm_members='{$perm_members}', perm_anon='{$perm_anon}' , pagetitle='{$pagetitle}', meta_description='{$metadesc}', meta_keywords='{$metakeywords}' WHERE id='{$pageid}'");
DB_query("UPDATE {$_TABLES['nexcontent']} SET help='{$help}'");
//update the page order
if ($pageorder != '' and $pageid != '') {
DB_query("UPDATE {$_TABLES['nexcontent_pages']} SET pageorder={$pageorder} WHERE id={$pageid};");
$porder = DB_query("SELECT id FROM {$_TABLES['nexcontent_pages']} WHERE pid={$pid} ORDER BY pageorder ASC;");
$i = 0;
while ($ORDER = DB_fetchArray($porder)) {
$i += 10;
DB_query("UPDATE {$_TABLES['nexcontent_pages']} SET pageorder={$i} WHERE id={$ORDER['id']};");
}
}
$pageImageDir = $CONF_SE['uploadpath'] . "/{$pageid}/";
// Check and see if directories exist
if (!file_exists($pageImageDir)) {
$mkdir = @mkdir($pageImageDir);
$chmod = @chmod($pageImageDir, $CONF_SE['imagedir_perms']);
}
// Delete any images if needed
for ($i = 0; $i < count($imgdelete); $i++) {
$curimage = DB_getitem($_TABLES['nexcontent_images'], "imagefile", "page_id='{$pageid}' AND imagenum='{$imgdelete[$i]}'");
$fullimage = $pageImageDir . $curimage;
if (!is_dir($fullimage) and file_exists($fullimage)) {
if (!unlink($fullimage)) {
echo COM_errorLog("Unable to delete image {$fullimage}. Please check file permissions");
$GLOBALS['statusmsg'] = "Unable to delete image {$fullimage}. Please check file permissions";
}
}
$pos = strrpos($curimage, '.');
$origimage = strtolower(substr($curimage, 0, $pos));
$ext = strtolower(substr($curimage, $pos));
$origimage .= "_original{$ext}";
$fullimage = $pageImageDir . $origimage;
if (!is_dir($fullimage) and file_exists($fullimage)) {
if (!unlink($fullimage)) {
echo COM_errorLog("Unable to delete image {$fullimage}. Please check file permissions");
$GLOBALS['statusmsg'] = "Unable to delete image {$fullimage}. Please check file permissions";
}
}
$curthumbnail = $pageImageDir . 'tn' . $curimage;
if (!is_dir($curthumbnail) and file_exists($curthumbnail)) {
if (!unlink($curthumbnail)) {
echo COM_errorLog("Unable to delete thumbnail for {$curthumbnail}. Please check file permissions");
$GLOBALS['statusmsg'] = "Unable to delete thumbnail for {$curthumbnail}. Please check file permissions";
}
}
DB_query("DELETE FROM {$_TABLES['nexcontent_images']} WHERE page_id='{$pageid}' and imagenum='{$imgdelete[$i]}'");
next($imgdelete);
}
$upload = new upload();
$upload->setLogging(false);
$upload->setDebug(false);
$upload->setLogFile($_CONF['path_log'] . 'error.log');
$upload->setMaxFileUploads($CONF_SE['max_num_images']);
if ($_CONF['image_lib'] == 'imagemagick') {
$upload->setMogrifyPath($_CONF['path_to_mogrify']);
} else {
$upload->setGDLib();
}
$upload->setAllowedMimeTypes($CONF_SE['allowableImageTypes']);
$upload->setMaxDimensions($CONF_SE['max_upload_width'], $CONF_SE['max_upload_height']);
$upload->setMaxFileSize($CONF_SE['max_uploadfile_size']);
$upload->setAutomaticResize(true);
$upload->keepOriginalImage(true);
$upload->setPerms($CONF_SE['image_perms']);
if (!$upload->setPath($pageImageDir)) {
$GLOBALS['statusmsg'] = $LANG_SE_ERR['upload1'] . ': ' . $upload->printErrors(false);
}
// OK, let's upload any pictures with this page
if (DB_count($_TABLES['nexcontent_images'], 'page_id', $pageid) > 0) {
$index_start = DB_getItem($_TABLES['nexcontent_images'], 'max(imagenum)', "page_id = '{$pageid}'") + 1;
} else {
$index_start = 1;
}
$index_start = 1;
$uniquename = time();
$filenames = array();
$imagenum = array();
for ($z = 1; $z <= $CONF_SE['max_num_images']; $z++) {
$curfile = current($_FILES);
if (!empty($curfile['name'])) {
$filenames[] = $uniquename . $z . '.jpg';
$imagenum[] = substr(key($_FILES), 9, 1);
}
next($_FILES);
}
$upload->setFileNames($filenames);
reset($_FILES);
$upload->setDebug(false);
$upload->uploadFiles();
if ($upload->areErrors()) {
$GLOBALS['statusmsg'] = $LANG_SE_ERR['upload1'] . ': ' . $upload->printErrors(false);
return false;
}
reset($filenames);
reset($imagenum);
if (DB_count($_TABLES['nexcontent_pages'], "id", $pageid) > 0) {
foreach ($filenames as $pageImage) {
$index = current($imagenum);
if (file_exists($pageImageDir . $pageImage)) {
$src = $pageImageDir . $pageImage;
$dest = $pageImageDir . 'tn' . $pageImage;
makethumbnail($pageImage, $src, $dest);
$iquery = DB_query("SELECT imagefile from {$_TABLES['nexcontent_images']} WHERE page_id='{$pageid}' AND imagenum='{$index}'");
if (DB_numRows($iquery) == 0) {
DB_query("INSERT INTO {$_TABLES['nexcontent_images']} (page_id,imagenum,imagefile) values ('{$pageid}', '{$index}','{$pageImage}')");
} elseif (DB_numRows($iquery) == 1) {
DB_query("UPDATE {$_TABLES['nexcontent_images']} SET imagefile='{$pageImage}' WHERE page_id='{$pageid}' and imagenum='{$index}'");
}
}
next($imagenum);
}
} else {
$GLOBALS['statusmsg'] = 'Error saving category';
}
// Update the image autoscale option for any images
$query = DB_query("SELECT id,imagenum from {$_TABLES['nexcontent_images']} WHERE page_id='{$pageid}'");
while (list($imageid, $imagenum) = DB_fetchArray($query)) {
if ($chkscale[$imagenum] == '1') {
DB_query("UPDATE {$_TABLES['nexcontent_images']} SET autoscale = '1' WHERE id='{$imageid}' AND imagenum='{$imagenum}'");
} else {
DB_query("UPDATE {$_TABLES['nexcontent_images']} SET autoscale = '0' WHERE id='{$imageid}' AND imagenum='{$imagenum}'");
}
}
}
function updateFieldRecord($mode)
{
global $_CONF, $_POST, $CONF_FE, $_TABLES, $formid, $fieldid;
$fieldname = $_POST['fieldname'];
$type = $_POST['type'];
$label = $_POST['label'];
$style = $_POST['style'];
$fieldorder = $_POST['fieldorder'];
$is_vertical = $_POST['is_vertical'];
$is_reverseorder = $_POST['is_reverseorder'];
$is_newline = COM_applyFilter($_POST['is_newline'], true);
$is_mandatory = COM_applyFilter($_POST['is_mandatory'], true);
$is_searchfield = COM_applyFilter($_POST['is_searchfield'], true);
$is_resultsfield = COM_applyFilter($_POST['is_resultsfield'], true);
$is_internaluse = COM_applyFilter($_POST['is_internaluse'], true);
$hidelabel = COM_applyFilter($_POST['hidelabel'], true);
$is_htmlfiltered = COM_applyFilter($_POST['is_htmlfiltered'], true);
$function_used = COM_applyFilter($_POST['use_function'], true);
$col_width = COM_applyFilter($_POST['col_width']);
$col_padding = COM_applyFilter($_POST['col_padding']);
$label_padding = COM_applyFilter($_POST['label_padding']);
$field_values = $_POST['field_values'];
if (!get_magic_quotes_gpc()) {
$validation = addslashes($_POST['validation']);
$label = addslashes($label);
$field_attributes = addslashes($_POST['field_attributes']);
$javascript = addslashes($_POST['javascript']);
$field_help = addslashes($_POST['field_help']);
} else {
$validation = $_POST['validation'];
$field_attributes = $_POST['field_attributes'];
$javascript = $_POST['javascript'];
$field_help = $_POST['field_help'];
}
if ($mode == 'add') {
$fieldorder = COM_applyFilter($fieldorder, true);
$is_vertical = COM_applyFilter($is_vertical, true);
$is_reverseorder = COM_applyFilter($is_reverseorder, true);
$fields = 'formid,type,field_name,fieldorder,label,style,is_vertical,is_reverseorder,is_newline,';
$fields .= 'is_mandatory,is_searchfield,is_resultsfield,is_htmlfiltered,is_internaluse,hidelabel,';
$fields .= 'field_attributes,field_help,field_values,value_by_function,validation,javascript';
$values = "'{$formid}','{$type}','{$fieldname}','{$fieldorder}',";
$values .= "'{$label}','{$style}','{$is_vertical}','{$is_reverseorder}','{$is_newline}',";
$values .= "'{$is_mandatory}','{$is_searchfield}','{$is_resultsfield}','{$is_htmlfiltered}',";
$values .= "'{$is_internaluse}','{$hidelabel}','{$field_attributes}','{$field_help}','{$field_values}','{$function_used}',";
$values .= "'{$validation}','{$javascript}'";
DB_query("INSERT INTO {$_TABLES['nxform_fields']}( {$fields} ) VALUES ( {$values} )");
$fieldid = DB_insertID();
$date = time();
DB_query("UPDATE {$_TABLES['nxform_definitions']} SET date='{$date}' WHERE id='{$formid}'");
$GLOBALS['statusmsg'] = 'Record Added';
// Set the template field id now - incremental id per form
$query = DB_query("SELECT max(tfid) FROM {$_TABLES['nxform_fields']} WHERE formid='{$formid}'");
list($maxtfid) = DB_fetchArray($query);
$tfid = $maxtfid + 1;
DB_query("UPDATE {$_TABLES['nxform_fields']} SET tfid='{$tfid}' WHERE id='{$fieldid}'");
if ($fieldname == '') {
// BL Note: Use tfid to set fieldname
$fieldname = "{$CONF_FE['fieldtypes'][$type][0]}{$formid}_{$fieldid}";
DB_query("UPDATE {$_TABLES['nxform_fields']} SET field_name='{$fieldname}' WHERE id='{$fieldid}'");
}
if ($fieldorder == '') {
$query = DB_query("SELECT max(fieldorder) FROM {$_TABLES['nxform_fields']} WHERE formid='{$formid}'");
list($maxorder) = DB_fetchArray($query);
$order = $maxorder + 10;
DB_query("UPDATE {$_TABLES['nxform_fields']} SET fieldorder='{$order}' WHERE id='{$fieldid}'");
}
} elseif (DB_count($_TABLES['nxform_fields'], "id", $fieldid) == 1) {
// Set the template field id if it was not set (earlier bug) - incremental id per form
if (DB_getItem($_TABLES['nxform_fields'], 'tfid', "id='{$fieldid}'") == 0) {
$query = DB_query("SELECT max(tfid) FROM {$_TABLES['nxform_fields']} WHERE formid='{$formid}'");
list($maxtfid) = DB_fetchArray($query);
$tfid = $maxtfid + 1;
DB_query("UPDATE {$_TABLES['nxform_fields']} SET tfid='{$tfid}' WHERE id='{$fieldid}'");
}
if ($fieldname == '') {
// BL Note: Use tfid to set fieldname
$fieldname = "{$CONF_FE['fieldtypes'][$type][0]}{$formid}_{$fieldid}";
} else {
// Check and see if fieldtype has changed
if (DB_getItem($_TABLES['nxform_fields'], 'type', "id='{$fieldid}'") != $type) {
$fieldname = "{$CONF_FE['fieldtypes'][$type][0]}{$formid}_{$fieldid}";
}
}
$data = "type='{$type}',field_name='{$fieldname}',fieldorder='{$fieldorder}',";
$data .= "label='{$label}',style='{$style}',is_vertical='{$is_vertical}',";
$data .= "field_attributes='{$field_attributes}', field_help='{$field_help}',";
$data .= "field_values='{$field_values}', value_by_function='{$function_used}',";
$data .= "validation='{$validation}',javascript='{$javascript}',is_internaluse='{$is_internaluse}',";
$data .= "is_vertical='{$is_vertical}',is_reverseorder='{$is_reverseorder}',";
$data .= "is_newline='{$is_newline}',is_mandatory='{$is_mandatory}',";
$data .= "is_searchfield='{$is_searchfield}',is_resultsfield='{$is_resultsfield}',";
$data .= "hidelabel='{$hidelabel}'";
//echo "UPDATE {$_TABLES['nxform_fields']} SET $data WHERE id='$fieldid'";
DB_query("UPDATE {$_TABLES['nxform_fields']} SET {$data} WHERE id='{$fieldid}'");
$date = time();
DB_query("UPDATE {$_TABLES['nxform_definitions']} SET date='{$date}' WHERE id='{$formid}'");
$GLOBALS['statusmsg'] = 'Record Updated';
} else {
COM_errorLog("Form Editor Plugin: Admin Error updating Field Record: {$id} for Form:{$formid}");
$GLOBALS['statusmsg'] = 'Error adding or updating Record';
}
if (is_numeric($col_width)) {
DB_query("UPDATE {$_TABLES['nxform_fields']} SET col_width = '{$col_width}' WHERE id='{$fieldid}'");
} else {
DB_query("UPDATE {$_TABLES['nxform_fields']} SET col_width = NULL WHERE id='{$fieldid}'");
}
if (is_numeric($col_padding)) {
DB_query("UPDATE {$_TABLES['nxform_fields']} SET col_padding = '{$col_padding}' WHERE id='{$fieldid}'");
} else {
DB_query("UPDATE {$_TABLES['nxform_fields']} SET col_padding = NULL WHERE id='{$fieldid}'");
}
if (is_numeric($label_padding)) {
DB_query("UPDATE {$_TABLES['nxform_fields']} SET label_padding = '{$label_padding}' WHERE id='{$fieldid}'");
} else {
DB_query("UPDATE {$_TABLES['nxform_fields']} SET label_padding = NULL WHERE id='{$fieldid}'");
}
/* Now check and verify that only a max of XX fields have option for report enabled */
$q = DB_query("SELECT id FROM {$_TABLES['nxform_fields']} WHERE formid='{$formid}' AND is_resultsfield='1' ORDER BY fieldorder");
$i = 1;
while (list($id) = DB_fetchArray($q)) {
if ($i > $CONF_FE['result_summary_fields']) {
DB_query("UPDATE {$_TABLES['nxform_fields']} SET is_resultsfield='0' WHERE id='{$fieldid}'");
}
$i++;
}
// while
}
} else {
$AddNewFile = true;
}
}
}
if ($AddNewFile) {
if ($directUploadAccess) {
$status = 1;
} else {
$status = 0;
}
$fields = 'cid,title,url,homepage,version,size,platform,logourl,submitter,status,date,hits,rating,votes,comments';
$sql = "INSERT INTO {$_TABLES['filemgmt_filedetail']} ({$fields}) VALUES ";
$sql .= "({$cid},'{$title}','{$url}','{$homepage}','{$version}','{$size}','{$tmpfilename}','{$logourl}',{$submitter},{$status},'{$date}',0,0,0,{$comments})";
DB_query($sql) or $eh->show("0013");
$newid = DB_insertID();
DB_query("INSERT INTO {$_TABLES['filemgmt_filedesc']} (lid, description) VALUES ({$newid}, '{$description}')") or $eh->show("0013");
if ($directUploadAccess) {
CACHE_remove_instance('whatsnew');
redirect_header("index.php", 2, _MD_FILEAPPROVED);
} else {
redirect_header("index.php", 2, _MD_RECEIVED . "<br>" . _MD_WHENAPPROVED . "");
}
exit;
} else {
redirect_header("index.php", 2, _MD_ERRUPLOAD . "");
exit;
}
} else {
$T = new Template($_CONF['path'] . 'plugins/filemgmt/templates');
$T->set_file('page', 'upload.thtml');
$seventh = DB_insertID();
$sql = "INSERT INTO {$_TABLES['nf_templatedata']} ( `nf_templateID`, `logicalID`, `nf_stepType`, `nf_handlerId`, `firstTask`, `taskname`, `assignedByVariable`, `argumentVariable`, `argumentProcess`, `operator`, `ifValue`, `regenerate`, `regenAllLiveTasks`, `function`, `formid`, `optionalParm`, `reminderInterval`, `numReminders`, `escalateVariableID`, `last_updated`, `prenotify_message`, `postnotify_message`, `reminder_message`) VALUES ( {$insertID}, 8, 6, 0, 0, 'Test Fail', 0, 0, 0, 0, 0, 0, 0, 'nf_testsuite_noop', 0, 'Batch Function (Task #8): Test Failed', 0, 0, 0, '2006-09-22 14:00:33', '', '', '')";
$res = DB_query($sql);
$eighth = DB_insertID();
$sql = "INSERT INTO {$_TABLES['nf_templatedata']} ( `nf_templateID`, `logicalID`, `nf_stepType`, `nf_handlerId`, `firstTask`, `taskname`, `assignedByVariable`, `argumentVariable`, `argumentProcess`, `operator`, `ifValue`, `regenerate`, `regenAllLiveTasks`, `function`, `formid`, `optionalParm`, `reminderInterval`, `numReminders`, `escalateVariableID`, `last_updated`, `prenotify_message`, `postnotify_message`, `reminder_message`) VALUES ( {$insertID}, 13, 7, 0, 0, 'Abort Task', 1, 0, 0, 0, 0, 0, 0, 'nf_testsuite_abort', 0, 'Interactive Function (Task #13): Abort Task', 0, 0, 0, '2006-09-22 15:54:46', '', '', '')";
$res = DB_query($sql);
$thirteenth = DB_insertID();
$sql = "INSERT INTO {$_TABLES['nf_templatedata']} ( `nf_templateID`, `logicalID`, `nf_stepType`, `nf_handlerId`, `firstTask`, `taskname`, `assignedByVariable`, `argumentVariable`, `argumentProcess`, `operator`, `ifValue`, `regenerate`, `regenAllLiveTasks`, `function`, `formid`, `optionalParm`, `reminderInterval`, `numReminders`, `escalateVariableID`, `last_updated`, `prenotify_message`, `postnotify_message`, `reminder_message`) VALUES ( {$insertID}, 14, 5, 0, 0, 'If Aborted', 0, '0', '4', '0', '', 0, 0, '', 0, '', 0, 0, 0, '2006-09-22 13:54:54', '', '', '')";
$res = DB_query($sql);
$fourteenth = DB_insertID();
$sql = "INSERT INTO {$_TABLES['nf_templatedata']} ( `nf_templateID`, `logicalID`, `nf_stepType`, `nf_handlerId`, `firstTask`, `taskname`, `assignedByVariable`, `argumentVariable`, `argumentProcess`, `operator`, `ifValue`, `regenerate`, `regenAllLiveTasks`, `function`, `formid`, `optionalParm`, `reminderInterval`, `numReminders`, `escalateVariableID`, `last_updated`, `prenotify_message`, `postnotify_message`, `reminder_message`) VALUES ( {$insertID}, 15, 6, 0, 0, 'Test Pass', 0, 0, 0, 0, 0, 0, 0, 'nf_testsuite_noop', 0, 'Batch Function (Task #15): Test Passed', 0, 0, 0, '2006-09-22 13:59:17', '', '', '')";
$res = DB_query($sql);
$fifteenth = DB_insertID();
$sql = "INSERT INTO {$_TABLES['nf_templatedata']} ( `nf_templateID`, `logicalID`, `nf_stepType`, `nf_handlerId`, `firstTask`, `taskname`, `assignedByVariable`, `argumentVariable`, `argumentProcess`, `operator`, `ifValue`, `regenerate`, `regenAllLiveTasks`, `function`, `formid`, `optionalParm`, `reminderInterval`, `numReminders`, `escalateVariableID`, `last_updated`, `prenotify_message`, `postnotify_message`, `reminder_message`) VALUES ( {$insertID}, 16, 6, 0, 0, 'Test Fail', 0, 0, 0, 0, 0, 0, 0, 'nf_testsuite_noop', 0, 'Batch Function (Task #16): Test Failed', 0, 0, 0, '2006-09-22 13:59:02', '', '', '')";
$res = DB_query($sql);
$sixteenth = DB_insertID();
$sql = "INSERT INTO {$_TABLES['nf_templatedatanextstep']} (`nf_templateDataFrom`, `nf_templateDataTo`, `nf_templateDataToFalse`) values ({$first},{$second},NULL)";
$res = DB_query($sql);
$sql = "INSERT INTO {$_TABLES['nf_templatedatanextstep']} (`nf_templateDataFrom`, `nf_templateDataTo`, `nf_templateDataToFalse`) values ({$second},{$third},{$fourth})";
$res = DB_query($sql);
$sql = "INSERT INTO {$_TABLES['nf_templatedatanextstep']} (`nf_templateDataFrom`, `nf_templateDataTo`, `nf_templateDataToFalse`) values ({$third},{$fifth},NULL)";
$res = DB_query($sql);
$sql = "INSERT INTO {$_TABLES['nf_templatedatanextstep']} (`nf_templateDataFrom`, `nf_templateDataTo`, `nf_templateDataToFalse`) values ({$fourth},{$fifth},NULL)";
$res = DB_query($sql);
$sql = "INSERT INTO {$_TABLES['nf_templatedatanextstep']} (`nf_templateDataFrom`, `nf_templateDataTo`, `nf_templateDataToFalse`) values ({$fifth},{$sixth},NULL)";
$res = DB_query($sql);
$sql = "INSERT INTO {$_TABLES['nf_templatedatanextstep']} (`nf_templateDataFrom`, `nf_templateDataTo`, `nf_templateDataToFalse`) values ({$sixth},{$seventh},{$eighth})";
$res = DB_query($sql);
$sql = "INSERT INTO {$_TABLES['nf_templatedatanextstep']} (`nf_templateDataFrom`, `nf_templateDataTo`, `nf_templateDataToFalse`) values ({$seventh},{$thirteenth},NULL)";
$res = DB_query($sql);
$sql = "INSERT INTO {$_TABLES['nf_templatedatanextstep']} (`nf_templateDataFrom`, `nf_templateDataTo`, `nf_templateDataToFalse`) values ({$eighth},{$thirteenth},NULL)";
function gf_check4files($id, $tempfile = false)
{
global $_FILES, $_CONF, $_TABLES, $_USER, $CONF_FORUM, $LANG_GF00;
global $_FM_TABLES, $CONF_FORUM, $filemgmt_FileStore;
$filelinks = '';
$uploadfile = $_FILES['file_forum'];
$cid = COM_applyFilter($_POST['filemgmtcat'], true);
$use_filestore = false;
if ($uploadfile['name'] != '') {
if ($_POST['chk_usefilemgmt'] == 1 and $cid > 0) {
$filename = $uploadfile['name'];
$pos = strrpos($uploadfile['name'], '.') + 1;
$ext = strtolower(substr($uploadfile['name'], $pos));
$use_filestore = true;
} else {
$uploadfilename = ppRandomFilename();
$pos = strrpos($uploadfile['name'], '.') + 1;
$ext = strtolower(substr($uploadfile['name'], $pos));
$filename = "{$uploadfilename}.{$ext}";
//COM_errorlog("Forum file upload: Original file: {$uploadfile['name']} and new filename: $filename");
}
if ($use_filestore) {
if ($CONF_FORUM['FM_PLUGIN'] == 'filemgmt') {
$filestore_path = $filemgmt_FileStore;
} elseif ($CONF_FORUM['FM_PLUGIN'] == 'nexfile') {
$filestore_path = $_CONF['path_html'] . 'nexfile/data/' . $cid . '/';
} else {
$filestore_path = $CONF_FORUM['uploadpath'];
}
} else {
$filestore_path = $CONF_FORUM['uploadpath'];
}
if (gf_uploadfile($filename, $uploadfile, $CONF_FORUM['allowablefiletypes'], $filestore_path)) {
if (array_key_exists($uploadfile['type'], $CONF_FORUM['inlineimageypes']) and function_exists(MG_resizeImage)) {
if ($_POST['chk_usefilemgmt'] == 1) {
$srcImage = "{$filemgmt_FileStore}{$filename}";
$destImage = "{$CONF_FORUM['uploadpath']}/tn/{$filename}";
} else {
$srcImage = "{$CONF_FORUM['uploadpath']}/{$filename}";
$destImage = "{$CONF_FORUM['uploadpath']}/tn/{$uploadfilename}.{$ext}";
}
$ret = MG_resizeImage($srcImage, $destImage, $CONF_FORUM['inlineimage_height'], $CONF_FORUM['inlineimage_width']);
}
// Store both the created filename and the real file source filename
$realfilename = $filename;
$filename = "{$filename}:{$uploadfile['name']}";
if ($tempfile) {
$temp = 1;
} else {
$temp = 0;
}
if ($use_filestore) {
// Check and see if nexfile or the filemgmt plugin is being used
if ($CONF_FORUM['FM_PLUGIN'] == 'nexfile') {
DB_query("INSERT INTO {$_TABLES['fm_files']} (cid,fname,title,version,ftype,size,submitter,status,date)\r\n VALUES ('{$cid}','{$realfilename}','{$realfilename}','1','file','{$uploadfile['size']}','{$_USER['uid']}','1',UNIX_TIMESTAMP())");
$fid = DB_insertId();
DB_query("INSERT INTO {$_TABLES['fm_detail']} (fid,description,platform,hits,rating,votes,comments)\r\n VALUES ('{$fid}','','','0','0','0','0')");
DB_query("INSERT INTO {$_TABLES['fm_versions']} (fid,fname,ftype,version,size,notes,date,uid,status)\r\n VALUES ('{$fid}','{$realfilename}','file','1','{$uploadfile['size']}','',UNIX_TIMESTAMP(),'{$_USER['uid']}','1')");
DB_query("INSERT INTO {$_TABLES['gf_attachments']} (topic_id,repository_id,filename,tempfile)\r\n VALUES ('{$id}',{$fid},'{$filename}',{$temp})");
} elseif ($CONF_FORUM['FM_PLUGIN'] == 'filemgmt') {
$sql = "INSERT INTO {$_FM_TABLES['filemgmt_filedetail']} (cid, title, url, size, submitter, status,date ) ";
$sql .= "VALUES ('{$cid}', '{$realfilename}', '{$realfilename}', '{$uploadfile['size']}', '{$_USER['uid']}', 1, UNIX_TIMESTAMP())";
DB_query($sql);
$newid = DB_insertID();
DB_query("INSERT INTO {$_TABLES['gf_attachments']} (topic_id,repository_id,filename,tempfile)\r\n VALUES ('{$id}',{$newid},'{$filename}',{$temp})");
$description = ppPrepareForDB($_POST['filemgmt_desc']);
DB_query("INSERT INTO {$_FM_TABLES['filemgmt_filedesc']} (lid, description) VALUES ({$newid}, '{$description}')");
}
} else {
DB_query("INSERT INTO {$_TABLES['gf_attachments']} (topic_id,filename,tempfile)\r\n VALUES ('{$id}','{$filename}',{$temp})");
}
} else {
COM_errorlog("upload error:" . $GLOBALS['gf_errmsg']);
$errmsg = $GLOBALS['gf_errmsg'];
}
}
if (!$tempfile and $_POST['uniqueid'] > 0 and DB_COUNT($_TABLES['gf_topic'], 'id', $id)) {
DB_query("UPDATE {$_TABLES['gf_attachments']} SET topic_id={$id}, tempfile=0 WHERE topic_id={$_POST['uniqueid']}");
}
return $filelinks;
}
function migrateComments($forum, $sid, $parent)
{
global $verbose, $_TABLES, $_CONF, $migratedcomments;
$sql = "SELECT sid,date,uid,title,comment " . "FROM {$_TABLES['comments']} WHERE sid = '{$sid}' ORDER BY date ASC";
$result = DB_query($sql);
$num_comments = DB_numRows($result);
if ($verbose) {
echo "Found {$num_comments} Comments to migrate for this topic";
}
$i = 0;
while (list($sid, $commentdate, $uid, $subject, $comment) = DB_fetchArray($result)) {
$sqlid = DB_query("SELECT id FROM {$_TABLES['forum_topic']} ORDER BY id DESC LIMIT 1");
list($lastid) = DB_fetchArray($sqlid);
$comment = prepareStringForDB($comment);
$subject = prepareStringForDB($subject);
$postmode = "HTML";
$name = DB_getItem($_TABLES['users'], 'username', "uid={$uid}");
$email = DB_getItem($_TABLES['users'], 'email', "uid={$uid}");
$website = DB_getItem($_TABLES['users'], 'homepage', "uid={$uid}");
$datetime = explode(" ", $commentdate);
$date = explode("-", $datetime[0]);
$time = explode(":", $datetime[1]);
$year = $date[0] > 1969 ? $date[0] : "2001";
$month = $date[1];
$day = $date[2];
$hour = $time[0];
$min = $time[1];
$timestamp = mktime($hour, $min, 0, $month, $day, $year);
$lastupdated = $timestamp;
$migratedcomments++;
DB_query("INSERT INTO {$_TABLES['forum_topic']} " . "(forum,name,date,lastupdated, email, website, subject, " . "comment, postmode, ip, mood, uid, pid, sticky, locked) " . "VALUES ('{$forum}','{$name}','{$timestamp}','{$lastupdated}','{$email}'," . "'{$website}','{$subject}','{$comment}','{$postmode}','',''," . "'{$uid}','{$parent}','0','0')");
PLG_itemSaved(DB_insertID(), 'forum');
$i++;
}
DB_query("UPDATE {$_TABLES['forum_topic']} SET replies = {$num_comments} WHERE id={$parent}");
return $num_comments;
}
function private_nfNextStep($queueID, $processID)
{
global $_TABLES;
$queueID = NXCOM_filterInt($queueID);
$processID = NXCOM_filterInt($processID);
if ($this->_debug) {
COM_errorLog("_nfNextStep: Queueid: {$queueID}, Processid: {$processID}");
}
// using the queueid and the processid, we are able to create or generate the
// next step or the regenerated next step in a new process
$thisDate = date('Y-m-d H:i:s');
$sql = "SELECT c.nf_templateDataTo FROM {$_TABLES['nf_queue']} a, {$_TABLES['nf_templatedatanextstep']} c ";
$sql .= "WHERE a.nf_templateDataid=c.nf_templateDataFrom AND a.nf_processID='{$processID}' AND a.id='{$queueID}'";
$nextTaskResult = DB_query($sql);
$nextTaskRows = DB_numRows($nextTaskResult);
if ($nextTaskRows == 0) {
// echo "no rows! qid:" . $queueID . " procid:" . $processID . "<HR>";
// if there are no rows for this specific QueueID and nothing for this processID, there's no next task
$this->archive_task($queueID);
$sql = "UPDATE {$_TABLES['nf_process']} set complete=1, completedDate='{$thisDate}' where id={$processID}";
$updateQuery = DB_query($sql);
} else {
// we've got tasks
for ($nextStepCntr = 0; $nextStepCntr < $nextTaskRows; $nextStepCntr++) {
$C = DB_fetchArray($nextTaskResult);
if ($this->_debug) {
COM_errorLog("Got tasks qid: {$queueID}. procid: {$processID} and Next taskid: {$C[0]}");
}
// if statement to check if the next template id is null
// this is a catch all scenario to ensure that if we're on the last task and it points to null, that we end it properly
if ($C[0] == null or $C[0] == '') {
// echo "thinks the process is done.. qid:" . $queueID . " procid:" . $processID . "<HR>";
// Process is done, set the process status to complete and archive queue item
$this->archive_task($queueID);
$sql = "UPDATE {$_TABLES['nf_process']} set complete=1, completedDate='{$thisDate}' where id={$processID}";
$updateQuery = DB_query($sql);
} else {
if ($this->_debug) {
COM_errorLog("Next step qid:{$queueID}, procid:{$processID}");
}
// we have a next step, thus we can archive the queue item and also insert a
// new queue item with the next step populated as the next templatestepid
$sql = "SELECT * FROM {$_TABLES['nf_queue']} a ";
$sql .= "WHERE a.nf_processid='{$processID}' ";
$sql .= "AND a.nf_templateDataid='{$C[0]}'";
$updateQuery = DB_query($sql);
$updateQueryRows = DB_numRows($updateQuery);
$retrieveQueryArray = DB_fetchArray($updateQuery);
if ($updateQueryRows == 0) {
// no next item in the queue.. just create it
$sql = "INSERT INTO {$_TABLES['nf_queue']} (nf_processID, nf_templateDataID, status, createdDate) ";
$sql .= " values ('{$processID}','{$C[0]}',0,'{$thisDate}')";
$updateQuery = DB_query($sql);
$newTaskid = DB_insertID();
if ($this->_debug) {
$logmsg = "Nexflow: New queue id (3) : {$newTaskid} - Template Taskid: {$C[0]} - ";
$logmsg .= "Assigned to " . COM_getDisplayName(nf_getTaskOwner($C[0], $processID));
nf_notificationLog($logmsg);
}
$newTaskAssignedUsers = $this->private_getAssignedUID($newTaskid);
if (is_array($newTaskAssignedUsers) and count($newTaskAssignedUsers) > 0) {
$this->assign_task($newTaskid, $newTaskAssignedUsers);
}
// Determine if task has a reminder set and if so then update the nextReminderTime field in the new queue record
$reminderInterval = DB_getItem($_TABLES['nf_templatedata'], 'reminderInterval', "id='{$C[0]}'");
if ($reminderInterval > 0) {
DB_query("UPDATE {$_TABLES['nf_queue']} SET nextReminderTime=DATE_ADD( NOW(), INTERVAL {$reminderInterval} DAY) where id='{$newTaskid}'");
}
DB_query("INSERT INTO {$_TABLES['nf_queuefrom']} (queueID,fromQueueID) values ('{$newTaskid}','{$queueID}')");
$this->archive_task($queueID);
// Check if notification has been defined for new task assignment
$this->private_sendTaskAssignmentNotifications();
} else {
// we have a situation here where the next item already exists.
// need to determine if the next item has a regeneration flag.
// if there is a regeneration flag, then create a new process starting with that regeneration flagged item
$regenResult = DB_query("SELECT * FROM {$_TABLES['nf_templatedata']} a where a.id='{$C[0]}'");
$regenCount = DB_numRows($regenResult);
$regenArray = DB_fetchArray($regenResult);
$toRegenerate = $regenArray['regenerate'];
$template = $regenArray['nf_templateID'];
if ($toRegenerate) {
// regenerate the same process starting at the next step
// set the current process' complete status to 2.. 0 is active, 1 is done, 2 is has children
$this->newprocess($template, $C[0], $processID);
$this->archive_task($queueID);
} else {
//no regeneration we're done
$toQueueID = $retrieveQueryArray['id'];
$sql = "INSERT INTO {$_TABLES['nf_queuefrom']} (queueID,fromQueueID) values ('{$toQueueID}','{$queueID}')";
$updateQuery = DB_query($sql);
$this->archive_task($queueID);
$sql = "SELECT * FROM {$_TABLES['nf_queue']} a WHERE a.nf_processid='{$processID}' AND a.nf_templateDataid='{$C[0]}'";
$updateQuery = DB_query($sql);
$updateQueryRows = DB_numRows($updateQuery);
if ($updateQueryRows == 0) {
$sql = "UPDATE {$_TABLES['nf_process']} SET complete=1, completedDate='{$thisDate}' WHERE id='{$processID}'";
$updateQuery = DB_query($sql);
}
}
}
//end else
}
//end else for the next step routine
}
//end for $nextstep
}
//end else portion for nextStepTest=0
}
/**
* Upgrade to version 1.3.0
* Many changes in this version, so a function was created to
* hold them all.
*
* @return boolean True on success, False on failure
*/
function evlist_upgrade_1_3_0()
{
global $_CONF, $_EV_CONF, $_TABLES, $_DB_dbms, $c, $CONF_EVLIST_DEFAULT;
USES_evlist_class_event();
$c->add('default_view', $CONF_EVLIST_DEFAULT['default_view'], 'select', 0, 1, 14, 90, true, 'evlist');
$c->add('max_upcoming_days', $CONF_EVLIST_DEFAULT['max_upcoming_days'], 'text', 0, 1, 0, 100, true, 'evlist');
// Combine users allowed to add events into one variable
$can_add = 0;
if ($EV_CONF['allow_anon_add'] > 0) {
$can_add += EV_ANON_CAN_ADD;
}
if ($EV_CONF['allow_user_add'] > 0) {
$can_add += EV_USER_CAN_ADD;
}
$c->add('can_add', $can_add, 'select', 0, 1, 15, 20, true, 'evlist');
$c->del('allow_user_add', 'evlist');
$c->del('allow_anon_add', 'evlist');
// Add new options for plugin integration
$c->add('use_locator', $CONF_EVLIST_DEFAULT['use_locator'], 'select', 0, 1, 0, 110, true, 'evlist');
$c->add('use_weather', $CONF_EVLIST_DEFAULT['use_weather'], 'select', 0, 1, 0, 120, true, 'evlist');
// Date & Time formats moved from the DB to simple $_CONF variables
$format = DB_getItem($_TABLES['evlist_dateformat'], 'format', "id='{$_EV_CONF['date_format']}'");
if (empty($format)) {
$format = '%a %b %d, %Y';
}
$c->set_default('date_format', $format, 'evlist');
$c->set('date_format', $format, 'evlist');
$format = DB_getItem($_TABLES['evlist_timeformat'], 'format', "id='{$_EV_CONF['date_format']}'");
if (empty($format)) {
$format = '%I:%M %p';
}
$c->set_default('time_format', $format, 'evlist');
$c->set('time_format', $format, 'evlist');
DB_query("DROP TABLE {$_TABLES['evlist_dateformat']}");
DB_query("DROP TABLE {$_TABLES['evlist_timeformat']}");
// Change feature name
DB_query("UPDATE {$_TABLES['features']}\n SET ft_name='evlist.admin' WHERE ft_name='evlist.edit'");
// Add new "submit" feature & map to Root group
DB_query("INSERT INTO {$_TABLES['features']} (ft_name, ft_descr)\n VALUES ('evlist.submit', \n 'Allowed to bypass the evList submission queue')", 1);
if (!DB_error()) {
$ft_id = (int) DB_insertId();
if ($ft_id > 0) {
DB_query("INSERT INTO {$_TABLES['access']} (acc_ft_id, acc_grp_id)\n VALUES('{$ft_id}', '1')");
}
}
EVLIST_do_upgrade_sql('1.3.0');
// Add the new fields to the event & submission tables
/*$new_sql = "ADD det_id int(10) NOT NULL,
ADD show_upcoming tinyint(1) unsigned NOT NULL DEFAULT '1',
ADD cal_id int(10) unsigned NOT NULL DEFAULT '1',
ADD options varchar(255)";
DB_query("ALTER TABLE {$_TABLES['evlist_events']} $new_sql");
DB_query("ALTER TABLE {$_TABLES['evlist_submissions']} $new_sql");*/
// Create the new tables
/*DB_query($_SQL['evlist_repeat']);
DB_query($_SQL['evlist_calendars']);
DB_query($_SQL['evlist_detail']);
DB_query($DEFVALUES['evlist_calendars']);*/
// Now split out the detail and create the repeats
$result = DB_query("SELECT * FROM {$_TABLES['evlist_events']}");
$error = 0;
while ($A = DB_fetchArray($result, false)) {
$A = array_map('DB_escapeString', $A);
$sql = "INSERT INTO {$_TABLES['evlist_detail']} (\n ev_id, title, summary, full_description, url, location,\n street, city, province, country, postal, contact,\n email, phone\n ) VALUES (\n '{$A['id']}', '{$A['title']}', '{$A['summary']}', \n '{$A['full_description']}', '{$A['url']}',\n '{$A['location']}', '{$A['street']}',\n '{$A['city']}', '{$A['province']}',\n '{$A['country']}', '{$A['postal']}',\n '{$A['contact']}', '{$A['email']}','{$A['phone']}'\n )";
DB_query($sql, 1);
if (DB_error()) {
$error = 1;
break;
} else {
$DB_det_id = DB_insertID();
}
$rec_data = array();
if ($A['recurring'] == 1) {
$rec_data['type'] = $A['rec_option'];
switch ($A['rec_option']) {
case EV_RECUR_DAILY:
case EV_RECUR_MONTHLY:
case EV_RECUR_YEARLY:
list($stop, $skip) = explode(';', $A['rec_data']);
if (!empty($skip)) {
$rec_data['skip'] = (int) $skip;
}
break;
case EV_RECUR_WEEKLY:
list($listdays, $stop) = explode(';', $A['rec_data']);
$rec_data['listdays'] = explode(',', $listdays);
break;
case EV_RECUR_DOM:
list($interval, $weekday, $stop) = explode(';', $A['rec_data']);
$rec_data['weekday'] = $weekday;
$rec_data['interval'] = $interval;
break;
case EV_RECUR_DATES:
$rec_data['custom'] = explode(',', $A['rec_data']);
$stop = 'XX';
// unused flag
break;
}
// switch recurring type
// Check the stop date for validity and format it properly
if ($stop != 'XX') {
if (strtotime($stop) > strtotime('2037-01-01') || $stop < '1970-01-01') {
$stop = '2037-12-31';
}
list($y, $m, $d) = explode('-', $stop);
$rec_data['stop'] = sprintf('%d-%02d-%02d', $y, $m, $d);
}
} else {
// not a recurring event
$rec_data['type'] = 0;
}
$DB_rec_data = DB_escapeString(serialize($rec_data));
$sql = "UPDATE {$_TABLES['evlist_events']} SET\n rec_data = '{$DB_rec_data}',\n det_id = '{$DB_det_id}'\n WHERE id='{$A['id']}'";
DB_query($sql, 1);
if (DB_error()) {
$error = 1;
break;
}
// Now that the updated info is saved to the event record,
// use the evEvent class to create the repeats
$Ev = new evEvent($A['id']);
$Ev->UpdateRepeats();
}
// for each event record
if ($error == 0) {
// Now drop the no-longer-used fields
$alter_sql = "DROP title, DROP summary, DROP full_description,\n DROP date_start2, DROP date_end2,\n DROP url, DROP location, DROP street, DROP city,\n DROP province, DROP country, DROP postal, DROP contact,\n DROP email, DROP phone";
DB_query("ALTER TABLE {$_TABLES['evlist_events']} {$alter_sql}");
DB_query("ALTER TABLE {$_TABLES['evlist_submissions']} {$alter_sql}");
DB_query("ALTER TABLE {$_TABLES['evlist_remlookup']}\n DROP id,\n ADD rp_id int(10) unsigned NOT NULL default 0 AFTER eid,\n DROP date_start,\n DROP timestamp");
// Add new options. Set values to emulate current behavior.
$options = array('contactlink' => 1);
$opt_str = DB_escapeString(serialize($options));
DB_query("UPDATE {$_TABLES['evlist_events']} SET options='{$opt_str}'");
DB_query("UPDATE {$_TABLES['evlist_submissions']} SET options='{$opt_str}'");
}
CTL_clearCache();
// Clear cache to activate new configuration items.
return $error;
}
function paypal_upgrade()
{
global $_CONF, $_TABLES, $_USER, $_DB_dbms, $LANG_PAYPAL_1, $_PAY_CONF;
$currentVersion = DB_getItem($_TABLES['plugins'], 'pi_version', "pi_name = 'paypal'");
$code_version = plugin_chkVersion_paypal();
if ($currentVersion == $code_version) {
// nothing to do
return true;
}
require_once $_CONF['path'] . 'plugins/paypal/autoinstall.php';
require_once $_CONF['path'] . 'plugins/paypal/install_defaults.php';
require_once $_CONF['path_system'] . 'classes/config.class.php';
if (!plugin_compatible_with_this_version_paypal('paypal')) {
return 3002;
}
// other update code goes here
switch ($currentVersion) {
case '0.1rc1':
case '0.1':
case '0.1.1':
case '0.2':
DB_query("UPDATE {$_TABLES['plugins']} SET pi_homepage='http://geeklog.fr' WHERE pi_name='paypal", 1);
case '1.0':
$c = config::get_instance();
//This is main subgroup #0
$c->add('sg_main', NULL, 'subgroup', 0, 0, NULL, 0, true, 'paypal');
//Main settings
$c->add('fs_main', NULL, 'fieldset', 0, 0, NULL, 0, true, 'paypal');
$c->add('paypal_folder', $_PAY_DEFAULT['paypal_folder'], 'text', 0, 0, 0, 1, true, 'paypal');
$c->add('menulabel', $_PAY_DEFAULT['menulabel'], 'text', 0, 0, 0, 2, true, 'paypal');
$c->add('paypal_login_required', $_PAY_DEFAULT['paypal_login_required'], 'select', 0, 0, 3, 12, true, 'paypal');
$c->add('hide_paypal_menu', $_PAY_DEFAULT['hide_paypal_menu'], 'select', 0, 0, 3, 13, true, 'paypal');
$c->add('paypalURL', $_PAY_DEFAULT['paypalURL'], 'text', 0, 0, 0, 23, true, 'paypal');
$c->add('receiverEmailAddr', $_PAY_DEFAULT['receiverEmailAddr'], 'text', 0, 0, 0, 24, true, 'paypal');
$c->add('currency', $_PAY_DEFAULT['currency'], 'select', 0, 0, 20, 33, true, 'paypal');
$c->add('anonymous_buy', $_PAY_DEFAULT['anonymous_buy'], 'select', 0, 0, 3, 35, true, 'paypal');
$c->add('purchase_email_user', $_PAY_DEFAULT['purchase_email_user'], 'select', 0, 0, 3, 47, true, 'paypal');
$c->add('purchase_email_user_attach', $_PAY_DEFAULT['purchase_email_user_attach'], 'select', 0, 0, 3, 49, true, 'paypal');
$c->add('purchase_email_anon', $_PAY_DEFAULT['purchase_email_anon'], 'select', 0, 0, 3, 51, true, 'paypal');
$c->add('purchase_email_anon_attach', $_PAY_DEFAULT['purchase_email_anon_attach'], 'select', 0, 0, 3, 53, true, 'paypal');
$c->add('maxPerPage', $_PAY_DEFAULT['maxPerPage'], 'text', 0, 0, 0, 63, true, 'paypal');
$c->add('categoryColumns', $_PAY_DEFAULT['categoryColumns'], 'text', 0, 0, 0, 65, true, 'paypal');
//images
$c->add('fs_images', NULL, 'fieldset', 0, 1, NULL, 0, true, 'paypal');
$c->add('max_images_per_products', $_PAY_DEFAULT['max_images_per_products'], 'text', 0, 1, 0, 1, true, 'paypal');
$c->add('max_image_width', $_PAY_DEFAULT['max_image_width'], 'text', 0, 1, 0, 2, true, 'paypal');
$c->add('max_image_height', $_PAY_DEFAULT['max_image_height'], 'text', 0, 1, 0, 3, true, 'paypal');
$c->add('max_image_size', $_PAY_DEFAULT['max_image_size'], 'text', 0, 1, 0, 4, true, 'paypal');
$c->add('max_thumbnail_size', $_PAY_DEFAULT['max_thumbnail_size'], 'text', 0, 1, 0, 5, true, 'paypal');
//This is display subgroup #1
$c->add('sg_display', NULL, 'subgroup', 1, 0, NULL, 0, true, 'paypal');
// Display settings
$c->add('fs_display', NULL, 'fieldset', 1, 8, NULL, 0, true, 'paypal');
$c->add('paypal_main_header', NULL, 'text', 1, 8, 0, 2, true, 'paypal');
$c->add('paypal_main_footer', NULL, 'text', 1, 8, 0, 4, true, 'paypal');
DB_query("CREATE TABLE {$_TABLES['paypal_downloads']} (\n id int auto_increment,\n product_id int NOT NULL,\n file varchar(255),\n PRIMARY KEY (id)\n\t ) ENGINE=MyISAM\n\t ", 1);
DB_query("CREATE TABLE {$_TABLES['paypal_images']} (\n pi_pid varchar(40) NOT NULL,\n pi_img_num tinyint(2) unsigned NOT NULL,\n pi_filename varchar(128) NOT NULL,\n PRIMARY KEY (pi_pid,pi_img_num)\n\t ) ENGINE=MyISAM\n\t ", 1);
DB_query("ALTER TABLE {$_TABLES['paypal_products']}\n DROP small_pic, \n DROP picture, \n\t\t ADD logged tinyint(1) default '0'\n\t\t ", 1);
DB_query("INSERT INTO {$_TABLES['blocks']} (is_enabled, name, type, title, tid, blockorder, content, onleft, phpblockfn, owner_id, group_id, perm_owner, perm_group) VALUES (1,'cart_block','phpblock','Cart','all',1,'',0,'phpblock_paypal_cart',{$_USER['uid']},4,3,3)", 1);
case '1.1':
case '1.1.1':
DB_query("ALTER TABLE {$_TABLES['paypal_products']}\n\t\t ADD hits mediumint(8) unsigned NOT NULL default '0', \n\t\t ADD hidden tinyint(1) default '0'\n\t\t ", 1);
case '1.1.2':
$c = config::get_instance();
$c->add('thumb_width', $_PAY_DEFAULT['thumb_width'], 'text', 0, 1, 0, 10, true, 'paypal');
$c->add('thumb_height', $_PAY_DEFAULT['thumb_height'], 'text', 0, 1, 0, 11, true, 'paypal');
$c->add('products_col', $_PAY_DEFAULT['products_col'], 'select', 1, 8, 21, 10, true, 'paypal');
DB_query("ALTER TABLE {$_TABLES['paypal_products']}\n\t\t ADD active tinyint(1) default '1'\n\t\t ", 1);
case '1.1.3':
DB_query("ALTER TABLE {$_TABLES['paypal_downloads']}\n\t\t ADD dl_date datetime,\n\t\t ADD user_id int NOT NULL\n\t\t ", 1);
case '1.1.4':
DB_query("CREATE TABLE {$_TABLES['paypal_subscriptions']} (\n id int(11) auto_increment,\n product_id int NOT NULL,\n user_id int NOT NULL,\n txn_id varchar(255),\n purchase_date datetime,\n expiration datetime,\n price decimal(12,2) unsigned,\n status varchar(12),\n add_to_group int(5) default NULL,\n notification tinyint(1) unsigned NOT NULL default '0',\n PRIMARY KEY (id)\n\t ) ENGINE=MyISAM\n\t ");
DB_query("ALTER TABLE {$_TABLES['paypal_products']}\n\t\t ADD type varchar(15) default 'product' AFTER id,\n\t\t\tADD item_id varchar(40) NOT NULL AFTER type,\n\t\t\tADD show_in_blocks tinyint(1) unsigned default '1',\n\t\t\tADD duration int(5) default NULL,\n ADD duration_type varchar(10) NOT NULL default 'month',\n ADD add_to_group int(5) default NULL\n\t\t ");
DB_query("INSERT INTO {$_TABLES['blocks']} (is_enabled, name, type, title, tid, blockorder, content, onleft, phpblockfn, owner_id, group_id, perm_owner, perm_group) VALUES (1,'paypal_randomBlock','phpblock','Random product','all',1,'',0,'phpblock_paypal_randomBlock',{$_USER['uid']},#group#,3,3)");
$c->add('sg_myshop', NULL, 'subgroup', 2, 0, NULL, 0, true, 'paypal');
$c->add('fs_shopdetails', NULL, 'fieldset', 2, 20, NULL, 0, true, 'paypal');
$c->add('shop_name', NULL, 'text', 2, 20, 0, 2, true, 'paypal');
$c->add('shop_street1', NULL, 'text', 2, 20, 0, 4, true, 'paypal');
$c->add('shop_street2', NULL, 'text', 2, 20, 0, 5, true, 'paypal');
$c->add('shop_postal', NULL, 'text', 2, 20, 0, 6, true, 'paypal');
$c->add('shop_city', NULL, 'text', 2, 20, 0, 8, true, 'paypal');
$c->add('shop_country', NULL, 'text', 2, 20, 0, 9, true, 'paypal');
$c->add('shop_siret', NULL, 'text', 2, 20, 0, 10, true, 'paypal');
$c->add('shop_phone1', NULL, 'text', 2, 20, 0, 12, true, 'paypal');
$c->add('shop_phone2', NULL, 'text', 2, 20, 0, 14, true, 'paypal');
$c->add('shop_fax', NULL, 'text', 2, 20, 0, 16, true, 'paypal');
DB_query("CREATE TABLE {$_TABLES['paypal_users']} (\n user_id mediumint(8) unsigned NOT NULL,\n user_name VARCHAR(80) default NULL,\n\t user_contact VARCHAR(80) default NULL,\n\t user_proid VARCHAR(20) default NULL,\n\t user_street1 VARCHAR(50) default NULL,\n\t user_street2 VARCHAR(50) default NULL,\n user_postal VARCHAR(20) default NULL,\n user_city VARCHAR(30) default NULL,\n\t user_country VARCHAR(30) default NULL,\n\t user_phone1 varchar(20) default NULL,\n\t user_phone2 varchar(20) default NULL,\n\t user_fax varchar(20) default NULL,\n status tinyint(1) DEFAULT '0',\n PRIMARY KEY (user_id)\n ) ENGINE=MyISAM\n ");
$c->add('fs_checkoutpage', NULL, 'fieldset', 1, 10, NULL, 0, true, 'paypal');
$c->add('image_url', NULL, 'text', 1, 10, 0, 2, true, 'paypal');
$c->add('cpp_header_image', NULL, 'text', 1, 10, 0, 4, true, 'paypal');
$c->add('cpp_headerback_color', NULL, 'text', 1, 10, 0, 6, true, 'paypal');
$c->add('cpp_headerborder_color', NULL, 'text', 1, 10, 0, 8, true, 'paypal');
$c->add('cpp_payflow_color', NULL, 'text', 1, 10, 0, 10, true, 'paypal');
$c->add('cs', 0, 'select', 1, 10, 22, 12, true, 'paypal');
DB_query("ALTER TABLE {$_TABLES['paypal_products']}\n ADD owner_id mediumint(8) unsigned NOT NULL default '2',\n ADD group_id mediumint(8) unsigned NOT NULL default '1',\n ADD perm_owner tinyint(1) unsigned NOT NULL default '3',\n ADD perm_group tinyint(1) unsigned NOT NULL default '2',\n ADD perm_members tinyint(1) unsigned NOT NULL default '2',\n ADD perm_anon tinyint(1) unsigned NOT NULL default '2'\n ");
$c->add('fs_permissions', NULL, 'fieldset', 0, 2, NULL, 0, true, 'paypal');
$c->add('default_permissions', $_PAY_DEFAULT['default_permissions'], '@select', 0, 2, 12, 10, true, 'paypal');
$c->add('site_name', $_PAY_DEFAULT['site_name'], 'text', 0, 0, 0, 7, true, 'paypal');
$c->add('order', $_PAY_DEFAULT['order'], 'select', 1, 8, 23, 15, true, 'paypal');
$c->add('view_membership', $_PAY_DEFAULT['view_membership'], 'select', 1, 8, 3, 20, true, 'paypal');
$c->add('view_review', $_PAY_DEFAULT['view_review'], 'select', 1, 8, 3, 25, true, 'paypal');
$c->add('display_2nd_buttons', $_PAY_DEFAULT['display_2nd_buttons'], 'select', 1, 8, 3, 35, true, 'paypal');
case '1.2.1':
$c = config::get_instance();
$c->add('display_blocks', '3', 'select', 1, 8, 24, 45, true, 'paypal');
$c->add('display_item_id', '0', 'select', 1, 8, 3, 55, true, 'paypal');
$c->add('display_complete_memberships', '0', 'select', 1, 8, 3, 22, true, 'paypal');
$c->add('enable_pay_by_ckeck', 0, 'select', 0, 0, 3, 70, true, 'paypal');
$c->add('enable_buy_now', 1, 'select', 0, 0, 3, 80, true, 'paypal');
$c->del('site_name', 'paypal');
$_PAY_CONF_OLD = $c->get_config('paypal');
//move images settings
$c->del('fs_images', 'paypal');
$c->del('max_images_per_products', 'paypal');
$c->del('max_image_width', 'paypal');
$c->del('max_image_height', 'paypal');
$c->del('max_image_size', 'paypal');
$c->del('max_thumbnail_size', 'paypal');
$c->del('thumb_width', 'paypal');
$c->del('thumb_height', 'paypal');
$c->del('maxPerPage', 'paypal');
$c->del('categoryColumns', 'paypal');
$c->add('fs_images', NULL, 'fieldset', 1, 9, NULL, 0, true, 'paypal');
$c->add('max_images_per_products', $_PAY_CONF_OLD['max_images_per_products'], 'text', 1, 9, 0, 1, true, 'paypal');
$c->add('max_image_width', $_PAY_CONF_OLD['max_image_width'], 'text', 1, 9, 0, 2, true, 'paypal');
$c->add('max_image_height', $_PAY_CONF_OLD['max_image_height'], 'text', 1, 9, 0, 3, true, 'paypal');
$c->add('max_image_size', $_PAY_CONF_OLD['max_image_size'], 'text', 1, 9, 0, 4, true, 'paypal');
$c->add('max_thumbnail_size', $_PAY_CONF_OLD['max_thumbnail_size'], 'text', 1, 9, 0, 5, true, 'paypal');
$c->add('thumb_width', $_PAY_CONF_OLD['thumb_width'], 'text', 1, 9, 0, 10, true, 'paypal');
$c->add('thumb_height', $_PAY_CONF_OLD['thumb_height'], 'text', 1, 9, 0, 11, true, 'paypal');
$c->add('maxPerPage', $_PAY_CONF_OLD['maxPerPage'], 'text', 1, 9, 0, 20, true, 'paypal');
$c->add('categoryColumns', $_PAY_CONF_OLD['categoryColumns'], 'text', 1, 9, 0, 22, true, 'paypal');
case '1.3':
$c = config::get_instance();
$c->add('enable_pay_by_paypal', 1, 'select', 0, 0, 3, 65, true, 'paypal');
case '1.3.1':
DB_query("CREATE TABLE {$_TABLES['paypal_categories']} (\n\t\t\tcat_id smallint(5) unsigned NOT NULL auto_increment,\n\t\t\tparent_id smallint(5) unsigned default '0',\n\t\t\tcat_name varchar(255) default '',\n\t\t\tdescription text default '',\n\t\t\timage varchar(255) default '',\n\t\t\tenabled tinyint(1) unsigned default '1',\n\t\t\tgroup_id mediumint(8) unsigned NOT NULL default '1',\n\t\t\towner_id mediumint(8) unsigned NOT NULL default '1',\n\t\t\tperm_owner tinyint(1) unsigned NOT NULL default '3',\n\t\t\tperm_group tinyint(1) unsigned NOT NULL default '3',\n\t\t\tperm_members tinyint(1) unsigned NOT NULL default '2',\n\t\t\tperm_anon tinyint(1) unsigned NOT NULL default '2',\n\t\t\tPRIMARY KEY (cat_id)\n\t\t\t) ENGINE=MyISAM\n\t\t\t");
DB_query("ALTER TABLE {$_TABLES['paypal_products']} \n ADD cat_id int(11) unsigned NOT NULL default '0' AFTER name\n ");
// Migrate existing categories to the new category table - Lee Garner glfusion.org
$res = DB_query("SELECT DISTINCT category\n\t\t\t\t\tFROM {$_TABLES['paypal_products']}\n\t\t\t\t\tWHERE category <> '' and category IS NOT NULL");
if (DB_error()) {
COM_errorLog("Could not retrieve old categories");
return 1;
}
$admin_group = addslashes(DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Paypal Admin'"));
if (DB_numRows($res) > 0) {
while ($A = DB_fetchArray($res, false)) {
$category = addslashes($A['category']);
DB_query("INSERT INTO {$_TABLES['paypal_categories']}\n\t\t\t\t\t\t\t(cat_name, group_id, owner_id)\n\t\t\t\t\t\tVALUES ('{$category}','{$admin_group}',{$_USER['uid']})");
if (DB_error()) {
COM_errorLog("Could not add new category {$A['category']}");
return 1;
}
$cats[$A['category']] = DB_insertID();
}
// Now populate the cross-reference table
$res = DB_query("SELECT id, category\n\t\t\t\t\t\tFROM {$_TABLES['paypal_products']}");
if (DB_error()) {
COM_errorLog("Error retrieving category data from products");
return 1;
}
if (DB_numRows($res) > 0) {
while ($A = DB_fetchArray($res, false)) {
DB_query("UPDATE {$_TABLES['paypal_products']}\n\t\t\t\t\t\t\tSET cat_id = '{$cats[$A['category']]}'\n\t\t\t\t\t\t\tWHERE id = '{$A['id']}'");
if (DB_error()) {
COM_errorLog("Error updating prodXcat table");
return 1;
}
}
}
DB_query("ALTER TABLE {$_TABLES['paypal_products']}\n\t\t\t\t\t\tDROP category");
}
case '1.3.2':
$c = config::get_instance();
$c->add('categoryHeading', $LANG_PAYPAL_1['category_heading'], 'text', 1, 9, 0, 21, true, 'paypal');
$c->add('displayCatImage', 1, 'select', 1, 9, 3, 30, true, 'paypal');
$c->add('catImageWidth', '100', 'text', 1, 9, 0, 40, true, 'paypal');
$c->add('seo_shop_title', NULL, 'text', 2, 20, 0, 100, true, 'paypal');
$c->add('displayCatDescription', 1, 'select', 1, 9, 3, 50, true, 'paypal');
case '1.3.3':
DB_query("ALTER TABLE {$_TABLES['paypal_products']} \n ADD created datetime DEFAULT NULL AFTER description,\n\t\t\tADD customisable tinyint(1) AFTER price,\n\t\t\tADD discount_a decimal(12,2) unsigned AFTER price,\n\t\t\tADD discount_p tinyint(2) AFTER price,\n\t\t\tADD price_ref decimal(12,2) unsigned AFTER price,\n\t\t\tADD prov_id mediumint(8) default NULL AFTER show_in_blocks\n ");
$created = date("YmdHis");
DB_query("UPDATE {$_TABLES['paypal_products']}\n\t\t\tSET created='{$created}' \n\t\t\tWHERE 1=1\n\t\t\t");
DB_query("ALTER TABLE {$_TABLES['paypal_purchases']} \n ADD product_name varchar(255) AFTER product_id\n ");
DB_query("CREATE TABLE {$_TABLES['paypal_attributes']} (\n\t\t\tat_id int(11) NOT NULL auto_increment,\n\t\t\tat_type int(11) NOT NULL default '0',\n\t\t\tat_name varchar(255),\n\t\t\tat_code varchar(30),\n\t\t\tat_enabled tinyint(1) default '1',\n\t\t\tat_price decimal(12,2) default '0',\n\t\t\tat_image varchar(255) default NULL,\n\t\t\tPRIMARY KEY (at_id)\n\t\t\t) ENGINE=MyISAM\n\t\t\t");
DB_query("CREATE TABLE {$_TABLES['paypal_attribute_type']} (\n\t\t\tat_tid int(11) NOT NULL auto_increment,\n\t\t\tat_tname varchar(255),\n\t\t\tat_torder tinyint(3) default NULL,\n\t\t\tPRIMARY KEY (at_tid)\n\t\t\t) ENGINE=MyISAM\n\t\t\t");
DB_query("CREATE TABLE {$_TABLES['paypal_product_attribute']} (\n\t\t\tpa_id int(11) NOT NULL auto_increment,\n\t\t\tpa_pid int(11),\n\t\t\tpa_aid int(11),\n\t\t\tPRIMARY KEY (pa_id)\n\t\t\t) ENGINE=MyISAM\n\t\t\t");
DB_query("CREATE TABLE {$_TABLES['paypal_stock']} (\n\t\t\tst_id varchar(255) NOT NULL,\n\t\t\tst_pid int(11) NOT NULL,\n\t\t\tst_qty int(6) default '0',\n\t\t\tqmax int(6) default NULL,\n\t\t\tqmin int(6) default NULL,\n\t\t\tPRIMARY KEY (st_id)\n\t\t\t) ENGINE=MyISAM\n\t\t\t");
DB_query("CREATE TABLE {$_TABLES['paypal_delivery']} (\n\t\t\tdid int(11) NOT NULL auto_increment,\n\t\t\tdeli_date datetime DEFAULT NULL,\n\t\t\tuser_id mediumint(8),\n\t\t\tprovider_id mediumint(8),\n\t\t\tPRIMARY KEY (did)\n\t\t\t) ENGINE=MyISAM\n\t\t\t");
DB_query("CREATE TABLE {$_TABLES['paypal_stock_movements']} (\n\t\t\tmid int(11) NOT NULL auto_increment,\n\t\t\tmove_date datetime DEFAULT NULL,\n\t\t\tstock_id varchar(255) NOT NULL,\n\t\t\tdeli_id mediumint(8) NOT NULL,\n\t\t\tPRIMARY KEY (mid)\n\t\t\t) ENGINE=MyISAM\n\t\t\t");
DB_query("CREATE TABLE {$_TABLES['paypal_providers']} (\n\t\t\tprov_id mediumint(8) NOT NULL auto_increment,\n\t\t\tprov_name VARCHAR(80) NOT NULL,\n\t\t\tPRIMARY KEY (prov_id)\n\t\t\t) ENGINE=MyISAM\n\t\t\t");
case '1.3.4':
DB_query("ALTER TABLE {$_TABLES['paypal_attributes']} \n ADD at_order tinyint(3) default '1'\n\t\t\t");
case '1.3.5':
$c = config::get_instance();
$c->add('attribute_thumbnail_size', $_PAY_DEFAULT['attribute_thumbnail_size'], 'text', 1, 9, 0, 7, true, 'paypal');
case '1.3.6':
DB_query("ALTER TABLE {$_TABLES['paypal_stock_movements']} \n ADD move_qty int(6) DEFAULT '0'\n\t\t\t");
case '1.3.7':
// Set default item_id
$res = DB_query("SELECT id, item_id\n\t\t\t\t\tFROM {$_TABLES['paypal_products']}");
if (DB_error()) {
COM_errorLog("Error retrieving item_id data from products");
return 1;
}
if (DB_numRows($res) > 0) {
while ($A = DB_fetchArray($res, false)) {
if ($A['item_id'] == '') {
DB_query("UPDATE {$_TABLES['paypal_products']}\n\t\t\t\t\t\t\tSET item_id = '{$A['id']}'\n\t\t\t\t\t\t\tWHERE id = '{$A['id']}'");
if (DB_error()) {
COM_errorLog("Error updating default item_id");
return 1;
}
}
}
}
case '1.3.12':
DB_query("ALTER TABLE {$_TABLES['paypal_stock_movements']} \n ADD move_cpid varchar(30) NOT NULL AFTER move_qty\n\t\t\t");
DB_query("ALTER TABLE {$_TABLES['paypal_stock']} \n ADD st_cpid varchar(30) NOT NULL AFTER st_pid\n\t\t\t");
case '1.3.13':
// Set stock
set_time_limit(120);
$sql = "SELECT * FROM {$_TABLES['paypal_purchases']} " . "WHERE status='complete'";
$res = DB_query($sql);
$nrows = DB_numRows($res);
COM_errorLog('Initial stock movement: *** Number of movements= ' . $nrows);
for ($i = 0; $i < $nrows; $i++) {
$A = DB_fetchArray($res);
$sql_ipn = "SELECT * FROM {$_TABLES['paypal_ipnlog']} WHERE txn_id = '{$A['txn_id']}'";
$res_ipn = DB_query($sql_ipn);
$B = DB_fetchArray($res_ipn);
COM_errorLog('Initial stock movement: txn_id=' . $A['txn_id']);
// Allow all serialized data to be available to the template
$ipn = '';
if ($B['ipn_data'] != '') {
$out = preg_replace('!s:(\\d+):"(.*?)";!se', "'s:'.strlen('\$2').':\"\$2\";'", $B['ipn_data']);
$ipn = unserialize($out);
if ($ipn['quantity1'] != '') {
//multi products
$i2 = 1;
for (;;) {
if ($ipn['quantity' . $i2] == '') {
break;
}
// stock movement
$stock_id = PAYPAL_getStockId($ipn['item_number' . $i2]);
$qty = $ipn['quantity' . $i2];
PAYPAL_stockMovement($stock_id, $ipn['item_number' . $i2], -$qty);
COM_errorLog('Initial stock movement: -- stock_id=' . $stock_id . ' | qty= ' . -$qty);
$i2++;
}
} else {
// stock movement
$stock_id = PAYPAL_getStockId($ipn['item_number']);
$qty = $ipn['quantity1'];
PAYPAL_stockMovement($stock_id, $ipn['item_number'], -$qty);
COM_errorLog('Initial stock movement: -- stock_id= ' . $stock_id . ' | qty= ' . -$qty);
}
}
}
case '1.3.14':
DB_query("ALTER TABLE {$_TABLES['paypal_products']} \n CHANGE download product_type TINYINT(1) NOT NULL default '0' AFTER customisable,\n\t\t\tADD shipping_type TINYINT(1) NOT NULL default '0' AFTER physical,\n\t\t\tADD taxable tinyint(1) AFTER physical,\n\t\t\tADD weight FLOAT(6,3) DEFAULT '0.000' AFTER physical\n ");
DB_query("ALTER TABLE {$_TABLES['paypal_products']} \n\t\t\tDROP physical\n ");
case '1.3.15':
DB_query("CREATE TABLE {$_TABLES['paypal_shipper_service']} (\n\t\t\t\tshipper_service_id int(11) NOT NULL auto_increment,\n\t\t\t\tshipper_service_name varchar(100) NOT NULL,\n\t\t\t\tshipper_service_service varchar(255) NOT NULL,\n\t\t\t\tshipper_service_description text,\n\t\t\t\tPRIMARY KEY (shipper_service_id) \n\t\t\t) ENGINE=MyISAM\n\t\t\t");
DB_query("CREATE TABLE {$_TABLES['paypal_shipping_to']} (\n\t\t\t\tshipping_to_id int(11) NOT NULL auto_increment,\n\t\t\t\tshipping_to_name varchar(255) NOT NULL,\n\t\t\t\tPRIMARY KEY (shipping_to_id) \n\t\t\t) ENGINE=MyISAM\n\t\t\t");
DB_query("CREATE TABLE {$_TABLES['paypal_shipping_cost']} (\n\t\t\t\tshipping_id int(11) NOT NULL auto_increment,\n\t\t\t\tshipping_shipper_id int(11) NOT NULL,\n\t\t\t\tshipping_min FLOAT(6,2) NOT NULL DEFAULT '0.00',\n\t\t\t\tshipping_max FLOAT(6,2) NOT NULL DEFAULT '0.00',\n\t\t\t\tshipping_destination_id int(11) NOT NULL,\n\t\t\t\tshipping_amt FLOAT (6,2) NOT NULL DEFAULT '0.00',\n\t\t\t\tPRIMARY KEY (shipping_id) \n\t\t\t) ENGINE=MyISAM\n\t\t\t");
case '1.3.16':
$c = config::get_instance();
$c->del('enable_buy_now', 'paypal');
case '1.3.17':
DB_query("ALTER TABLE {$_TABLES['paypal_shipping_to']} \n\t\t\tADD shipping_to_order tinyint(3) default '1'\n\t\t\t");
case '1.3.18':
DB_query("ALTER TABLE {$_TABLES['paypal_shipping_cost']} \n\t\t\t MODIFY shipping_min FLOAT(6,3) NOT NULL DEFAULT '0.000',\n\t\t\t MODIFY shipping_max FLOAT(6,3) NOT NULL DEFAULT '0.000'\n\t\t\t");
case '1.3.19':
DB_query("ALTER TABLE {$_TABLES['paypal_attributes']} \n\t\t\t MODIFY at_order smallint(5) unsigned NOT NULL default '1'\n\t\t\t");
DB_query("ALTER TABLE {$_TABLES['paypal_attribute_type']}\n\t\t\t MODIFY at_torder smallint(5) unsigned NOT NULL default '1'\n\t\t\t");
DB_query("ALTER TABLE {$_TABLES['paypal_shipping_to']}\n\t\t\t MODIFY shipping_to_order smallint(5) unsigned NOT NULL default '1'\n\t\t\t");
case '1.3.20':
DB_query("ALTER TABLE {$_TABLES['paypal_shipper_service']}\n\t\t ADD shipper_service_exclude_cat smallint(5) unsigned NOT NULL default '0'\n\t\t\t");
case '1.3.21':
case '1.4.0':
case '1.4.1':
case '1.4.2':
DB_query("ALTER TABLE {$_TABLES['paypal_products']}\n DROP taxable \n\t\t ", 1);
case '1.4.3':
case '1.4.4':
case '1.5.0':
DB_query("ALTER TABLE {$_TABLES['paypal_products']}\n\t\t ADD billingamt decimal(12,2) unsigned AFTER duration_type\n\t\t\t");
case '1.5.1':
DB_query("CREATE TABLE {$_TABLES['paypal_recurrent']} (\n rid int auto_increment,\n profileid varchar(30) NOT NULL,\n recdate datetime NOT NULL,\n status varchar(20),\n PRIMARY KEY (rid) \n ) ENGINE=MyISAM\n ");
case '1.5.2':
DB_query("ALTER TABLE {$_TABLES['paypal_recurrent']}\n\t\t ADD user_id mediumint(8) unsigned NOT NULL\n\t\t\t");
DB_query("ALTER TABLE {$_TABLES['paypal_recurrent']}\n\t\t ADD product_id mediumint(8) unsigned NOT NULL\n\t\t\t");
DB_query("ALTER TABLE {$_TABLES['paypal_recurrent']}\n\t\t ADD group_id mediumint(8) unsigned NOT NULL\n\t\t\t");
$c = config::get_instance();
$c->add('API_UserName', 0, 'text', 0, 0, 0, 100, true, 'paypal');
$c->add('API_Password', 0, 'text', 0, 0, 0, 110, true, 'paypal');
$c->add('API_Signature', 0, 'text', 0, 0, 0, 120, true, 'paypal');
case '1.6.0':
case '1.6.1':
case '1.6.2':
default:
// update plugin version number
$inst_parms = plugin_autoinstall_paypal('paypal');
$pi_gl_version = $inst_parms['info']['pi_gl_version'];
DB_query("UPDATE {$_TABLES['plugins']} SET pi_version = '{$code_version}', pi_gl_version = '{$pi_gl_version}' WHERE pi_name = 'paypal'");
COM_errorLog("Updated paypal plugin from v{$currentVersion} to v{$code_version}", 1);
//move public_html/paypal to custom folder if needed
if ($_PAY_CONF['paypal_folder'] != 'paypal' && $_PAY_CONF['paypal_folder'] != '') {
if (rename($_CONF['path_html'] . $_PAY_CONF['paypal_folder'], $_CONF['path_html'] . $_PAY_CONF['paypal_folder'] . '_old')) {
COM_errorLog("PAYPAL - Renamed {$_PAY_CONF['paypal_folder']} folder.");
} else {
COM_errorLog("PAYPAL - Can't rename {$_PAY_CONF['paypal_folder']} folder.");
}
sleep(5);
if (rename($_CONF['path_html'] . 'paypal', $_CONF['path_html'] . $_PAY_CONF['paypal_folder'])) {
COM_errorLog("PAYPAL - Moved paypal files to {$_PAY_CONF['paypal_folder']} folder.");
} else {
COM_errorLog("PAYPAL - Can't move paypal files to {$_PAY_CONF['paypal_folder']} folder.");
}
PAYPAL_delTree($_CONF['path_html'] . $_PAY_CONF['paypal_folder'] . '_old');
}
/* This code is for statistics ONLY */
$message = 'Completed paypal plugin upgrade: ' . date('m d Y', time()) . " AT " . date('H:i', time()) . "\n";
$message .= 'Site: ' . $_CONF['site_url'] . ' and Sitename: ' . $_CONF['site_name'] . "\n";
if (function_exists('PAYPALPRO_notifyExpiration')) {
$message .= 'Proversion' . "\n";
}
COM_mail("*****@*****.**", "Updated paypal plugin from v{$currentVersion} to v{$code_version}", $message);
}
return true;
}
/**
* Save the current values to the database.
*
* @param array $A Array of data ($_POST)
* @param string $type Type of address (billing or shipping)
* @return array Array of DB record ID, -1 for failure and message
*/
public function SaveAddress($A, $type = '')
{
global $_TABLES, $_USER;
// Don't save invalid addresses, or anonymous
if ($_USER['uid'] < 2 || !is_array($A)) {
return array(-1, '');
}
if ($type != '') {
if ($type != 'billto') {
$type = 'shipto';
}
$type .= '_';
}
$id = isset($A['addr_id']) && !empty($A['addr_id']) ? (int) $A['addr_id'] : 0;
$msg = self::isValidAddress($A, $type);
if (!empty($msg)) {
return array(-1, $msg);
}
if ($id > 0) {
$sql1 = "UPDATE {$_TABLES['paypal.address']} SET ";
$sql2 = " WHERE id='{$id}'";
} else {
$sql1 = "INSERT INTO {$_TABLES['paypal.address']} SET ";
$sql2 = '';
}
$is_default = isset($A['is_default']) ? 1 : 0;
$sql = "uid = '" . $this->uid . "',\n name = '" . DB_escapeString($A['name']) . "',\n company = '" . DB_escapeString($A['company']) . "',\n address1 = '" . DB_escapeString($A['address1']) . "',\n address2 = '" . DB_escapeString($A['address2']) . "',\n city = '" . DB_escapeString($A['city']) . "',\n state = '" . DB_escapeString($A['state']) . "',\n country = '" . DB_escapeString($A['country']) . "',\n zip = '" . DB_escapeString($A['zip']) . "',\n {$type}def = '{$is_default}'";
$sql = $sql1 . $sql . $sql2;
//echo $sql;die;
DB_query($sql);
if ($id == 0) {
$id = DB_insertID();
}
// If this is the new default address, turn off the other default
if ($is_default) {
DB_query("UPDATE {$_TABLES['paypal.address']}\n SET {$type}def = 0\n WHERE id <> {$id} AND {$type}def = 1");
}
return array($id, '');
}
/**
* Perform the upgrade starting at the current version.
*
* @since version 0.4.0
* @return integer Error code, 0 for success
*/
function PAYPAL_do_upgrade()
{
global $_TABLES, $_CONF, $_PP_CONF, $_PP_DEFAULTS, $PP_UPGRADE, $_PLUGIN_INFO;
if (isset($_PLUGIN_INFO[$_PP_CONF['pi_name']])) {
$current_ver = $_PLUGIN_INFO[$_PP_CONF['pi_name']];
} else {
return false;
}
// Get the config instance, several upgrades might need it
$c = config::get_instance();
if (!COM_checkVersion($current_ver, '0.2')) {
// upgrade to 0.2.2
$current_ver = '0.2.2';
if (!PAYPAL_do_upgrade_sql($current_ver)) {
return false;
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.4.0')) {
// upgrade to 0.4.0
$current_ver = '0.4.0';
if (!PAYPAL_do_upgrade_sql($current_ver)) {
return false;
}
if (!plugin_initconfig_paypal()) {
return false;
}
// Migrate existing categories to the new category table
$r = DB_query("SELECT DISTINCT category\n FROM {$_TABLES['paypal.products']}\n WHERE category <> '' and category IS NOT NULL");
if (DB_error()) {
COM_errorLog("Could not retrieve old categories", 1);
return false;
}
if (DB_numRows($r) > 0) {
while ($A = DB_fetchArray($r, false)) {
DB_query("INSERT INTO {$_TABLES['paypal.categories']}\n (cat_name)\n VALUES ('{$A['category']}')");
if (DB_error()) {
COM_errorLog("Could not add new category {$A['category']}", 1);
return false;
}
$cats[$A['category']] = DB_insertID();
}
// Now populate the cross-reference table
$r = DB_query("SELECT id, category\n FROM {$_TABLES['paypal.products']}");
if (DB_error()) {
COM_errorLog("Error retrieving category data from products", 1);
return false;
}
if (DB_numRows($r) > 0) {
while ($A = DB_fetchArray($r, false)) {
DB_query("UPDATE {$_TABLES['paypal.products']}\n SET cat_id = '{$cats[$A['category']]}'\n WHERE id = '{$A['id']}'");
if (DB_error()) {
COM_errorLog("Error updating prodXcat table", 1);
return false;
}
}
}
DB_query("ALTER TABLE {$_TABLES['paypal.products']}\n DROP category");
}
// Add buttons to the product records or they won't be shown.
// Old paypal version always has buy_now and add_cart buttons.
$buttons = serialize(array('buy_now' => '', 'add_cart' => ''));
DB_query("UPDATE {$_TABLES['paypal.products']} \n SET buttons='{$buttons}',\n dt_add = UNIX_TIMESTAMP()");
// Finally, rename any existing config.php file since we now use
// the online configuration.
$pi_path = $_CONF['path'] . '/plugins/' . $_PP_CONF['pi_name'];
if (is_file($pi_path . '/config.php')) {
COM_errorLog("Renaming old config.php file to {$pi_path}/config.old.php", 1);
if (!rename($pi_path . '/config.php', $pi_path . '/config.old.php')) {
COM_errorLog("Failed to rename old config.php file. Manual intervention needed", 1);
}
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.4.1')) {
// upgrade to 0.4.1
$current_ver = '0.4.1';
if (!PAYPAL_do_upgrade_sql($current_ver)) {
return false;
}
if ($c->group_exists($_PP_CONF['pi_name'])) {
$c->add('blk_random_limit', $_PP_DEFAULTS['blk_random_limit'], 'text', 0, 30, 2, 40, true, $_PP_CONF['pi_name']);
$c->add('blk_featured_limit', $_PP_DEFAULTS['blk_featured_limit'], 'text', 0, 30, 2, 50, true, $_PP_CONF['pi_name']);
$c->add('blk_popular_limit', $_PP_DEFAULTS['blk_popular_limit'], 'text', 0, 30, 2, 60, true, $_PP_CONF['pi_name']);
$c->add('fs_debug', NULL, 'fieldset', 0, 50, NULL, 0, true, $_PP_CONF['pi_name']);
$c->add('debug', $_PP_DEFAULTS['debug'], 'select', 0, 50, 2, 10, true, $_PP_CONF['pi_name']);
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.4.2')) {
// upgrade to 0.4.2
$current_ver = '0.4.2';
if (!PAYPAL_do_upgrade_sql($current_ver)) {
return false;
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.4.3')) {
// upgrade to 0.4.3
// this adds a field that was possibly missing in the initial
// installation, but could have been added in the 0.4.1 update. So,
// an error is to be expected and ignored
$current_ver = '0.4.3';
if (!PAYPAL_do_upgrade_sql($current_ver, true)) {
return false;
}
if ($c->group_exists($_PP_CONF['pi_name'])) {
$c->add('def_expiration', $_PP_DEFAULTS['def_expiration'], 'text', 0, 30, 0, 40, true, $_PP_CONF['pi_name']);
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.4.4')) {
$current_ver = '0.4.4';
// Remove individual block selections and combine into one
$displayblocks = 0;
if ($_PP_CONF['leftblocks'] == 1) {
$displayblocks += 1;
}
if ($_PP_CONF['rightblocks'] == 1) {
$displayblocks += 2;
}
$c->del('leftblocks', 'paypal');
$c->del('rightblocks', 'paypal');
$c->add('displayblocks', $displayblocks, 'select', 0, 0, 13, 210, true, $_PP_CONF['pi_name']);
$c->add('debug_ipn', $_PP_DEFAULTS['debug_ipn'], 'select', 0, 50, 2, 20, true, $_PP_CONF['pi_name']);
if (!PAYPAL_do_upgrade_sql($current_ver)) {
return false;
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.4.5')) {
$current_ver = '0.4.5';
// Add notification email override
$c->add('admin_email_addr', $_PP_DEFAULTS['admin_email_addr'], 'text', 0, 0, 0, 40, true, $_PP_CONF['pi_name']);
if (!PAYPAL_do_upgrade_sql($current_ver)) {
return false;
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.4.5')) {
$current_ver = '0.4.5';
// Move the buy_now buttons into a separate table
$sql = "SELECT id, buttons FROM {$_TABLES['paypal.products']}";
$res = DB_query($sql, 1);
while ($A = DB_fetchArray($res, false)) {
$id = $A['id'];
$btns = @unserialize($A['buttons']);
if ($btns && isset($btns['buy_now'])) {
$button = DB_escapeString($btns['buy_now']);
} else {
$button = '';
}
DB_query("INSERT INTO {$_TABLES['paypal.buttons']} VALUES\n ('{$id}', 'paypal', '{$button}')", 1);
}
if (!PAYPAL_do_upgrade_sql($current_ver)) {
return false;
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.5.0')) {
$current_ver = '0.5.0';
// Perform the main database upgrades
// The first few lines get the schema updated for elements that
// may have been missed (0.4.4 wasn't updated properly).
// Errors need to be ignored for these.
DB_query("ALTER TABLE {$_TABLES['paypal.products']}\n ADD options text after show_popular", 1);
DB_query("ALTER TABLE {$_TABLES['paypal.purchases']}\n ADD token varchar(40) after price", 1);
if (!PAYPAL_do_upgrade_sql($current_ver)) {
return false;
}
// Move the global PayPal-specific configurations into the config table
$receiver_email = DB_escapeString($_PP_CONF['receiver_email'][0]);
$gwconfig = array('bus_prod_email' => $receiver_email, 'bus_test_email' => $receiver_email, 'micro_prod_email' => $receiver_email, 'micro_test_email' => $receiver_email, 'micro_threshold' => 10, 'prod_url' => 'https://www.paypal.com', 'sandbox_url' => 'https://www.sandbox.paypal.com', 'test_mode' => (int) $_PP_CONF['testing'], 'prv_key' => DB_escapeString($_PP_CONF['prv_key']), 'pub_key' => DB_escapeString($_PP_CONF['pub_key']), 'pp_cert' => DB_escapeString($_PP_CONF['pp_cert']), 'pp_cert_id' => DB_escapeString($_PP_CONF['pp_cert_id']), 'micro_cert_id' => DB_escapeString($_PP_CONF['pp_cert_id']), 'encrypt' => (int) $_PP_CONF['encrypt_buttons']);
$db_config = DB_escapeString(@serialize($gwconfig));
$services = array('buy_now' => 1, 'pay_now' => 1, 'checkout' => 1, 'donation' => 1, 'subscribe' => 1, 'external' => 1);
$db_services = DB_escapeString(@serialize($services));
$sql = "INSERT INTO {$_TABLES['paypal.gateways']}\n (id, orderby, enabled, description, config, services)\n VALUES\n ('paypal', 10, 1, 'Paypal Website Payments Standard',\n '{$db_config}', '{$db_services}'),\n ('amazon', 20, 0, 'Amazon SimplePay', '', '{$db_services}')";
//echo $sql;die;
// ... and remove Paypal-specific configs from the main config system
$c->del('receiver_email', 'paypal');
$c->del('testing', 'paypal');
$c->del('paypal_url', 'paypal');
$c->del('prod_url', 'paypal');
$c->del('use_css_menus', 'paypal');
// Just not used any more
$c->del('encrypt_buttons', 'paypal');
$c->del('prv_key', 'paypal');
$c->del('pub_key', 'paypal');
$c->del('pp_cert', 'paypal');
$c->del('pp_cert_id', 'paypal');
// Add new plugin config items
$c->add('fs_addresses', NULL, 'fieldset', 0, 60, NULL, 0, true, $_PP_CONF['pi_name']);
$c->add('get_street', $_PP_DEFAULTS['get_street'], 'select', 0, 60, 14, 10, true, $_PP_CONF['pi_name']);
$c->add('get_city', $_PP_DEFAULTS['get_city'], 'select', 0, 60, 14, 20, true, $_PP_CONF['pi_name']);
$c->add('get_state', $_PP_DEFAULTS['get_state'], 'select', 0, 60, 14, 30, true, $_PP_CONF['pi_name']);
$c->add('get_country', $_PP_DEFAULTS['get_country'], 'select', 0, 60, 14, 40, true, $_PP_CONF['pi_name']);
$c->add('get_postal', $_PP_DEFAULTS['get_postal'], 'select', 0, 60, 14, 50, true, $_PP_CONF['pi_name']);
$c->add('weight_unit', $_PP_DEFAULTS['weight_unit'], 'select', 0, 0, 15, 230, true, $_PP_CONF['pi_name']);
$c->add('ena_cart', $PP_DEFAULTS['ena_cart'], 'select', 0, 0, 2, 220, true, $_PP_CONF['pi_name']);
DB_query("UPDATE {$_TABLES['conf_values']}\n SET sort_order=80\n WHERE name='tmpdir'\n AND group_name='paypal'");
DB_query($sql, 1);
if (DB_error()) {
COM_errorLog("Error Executing SQL: {$sql}", 1);
}
// Convert saved buttons in the product records to simple text strings
// indicating the type of button to use. Don't save the button in the
// new cache table; that will be done when the button is needed.
DB_query("UPDATE {$_TABLES['paypal.products']} SET buttons='buy_now'");
// Create order records and associate with the existing purchase table.
// We create our own sid to try and use the original purchase date.
// Since this function runs so fast, there could still be duplicate
// sid's so we check for an existing sid before trying to use it.
// If that happens, the order_id will just be a current sid.
$sql = "SELECT * FROM {$_TABLES['paypal.purchases']}";
$res = DB_query($sql);
if ($res && DB_numRows($res) > 0) {
USES_paypal_class_order();
while ($A = DB_fetchArray($res, false)) {
$dt_tm = explode(' ', $A['purchase_date']);
list($y, $m, $d) = explode('-', $dt_tm[0]);
list($h, $i, $s) = explode(':', $dt_tm[1]);
$sid = $y . $m . $d . $h . $i . $s;
$order_id = $sid . mt_rand(0, 999);
while (DB_count($_TABLES['paypal.orders'], 'order_id', $order_id) > 0) {
$order_id = COM_makeSid();
}
// Discovered that the "price" field isn't filled in for the
// purchase table. Read the IPN data and use mc_gross.
$IPN = DB_getItem($_TABLES['paypal.ipnlog'], 'ipn_data', "txn_id = '" . DB_escapeString($A['txn_id']) . "'");
$price = 0;
if (!empty($IPN)) {
$data = @unserialize($IPN);
if ($data && isset($data['mc_gross'])) {
$price = (double) $data['mc_gross'];
if (isset($data['tax'])) {
$tax = (double) $data['tax'];
$price -= $tax;
} else {
$tax = 0;
}
if (isset($data['shipping'])) {
$shipping = (double) $data['shipping'];
$price -= $shipping;
} else {
$shipping = 0;
}
if (isset($data['handling'])) {
$handling = (double) $data['handling'];
$price -= $handling;
} else {
$handling = 0;
}
}
}
$ord = new ppOrder($order_id);
$ord->uid = $A['user_id'];
$ord->order_date = DB_escapeString($A['purchase_date']);
$ord->status = PP_STATUS_PAID;
$ord->pmt_method = 'paypal';
$ord->pmt_txn_id = $A['txn_id'];
$ord->tax = $tax;
$ord->shipping = $shipping;
$ord->handling = $handling;
$order_id = $ord->Save();
// Also, split out the item number from any attributes.
// Starting with 0.5.0 we store the actual item number
// and options separately.
// * PAYPAL_explode_opts() not available in this version *
list($item_num, $options) = explode('|', $A['product_id']);
if (!$options) {
$options = '';
}
DB_query("UPDATE {$_TABLES['paypal.purchases']} SET\n order_id = '" . DB_escapeString($order_id) . "',\n price = '{$price}',\n product_id = '" . DB_escapeString($item_num) . "',\n options = '" . DB_escapeString($options) . "'\n WHERE txn_id = '{$A['txn_id']}'");
}
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.5.2')) {
$current_ver = '0.5.2';
$error = PAYPAL_do_upgrade_sql($current_ver);
if ($error) {
return $error;
}
$c->add('centerblock', $_PP_DEFAULTS['centerblock'], 'select', 0, 0, 2, 215, true, $_PP_CONF['pi_name']);
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.5.4')) {
$current_ver = '0.5.4';
// Addes the currency table and formatting functions
if (!PAYPAL_do_upgrade_sql($current_ver)) {
return false;
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.5.6')) {
$current_ver = '0.5.6';
// SQL updates in 0.5.4 weren't included in new installation, so check
// if they're done and add them to the upgrade process if not.
$res = DB_query("SHOW TABLES LIKE '{$_TABLES['paypal.currency']}'", 1);
if (!$res || DB_numRows($res) < 1) {
// Add the table
$PP_UPGRADE['0.5.6'][] = $PP_UPGRADE['0.5.4'][0];
// Populate with data
$PP_UPGRADE['0.5.6'][] = $PP_UPGRADE['0.5.4'][1];
}
$res = DB_query("SHOW COLUMNS FROM {$_TABLES['paypal.products']}\n LIKE 'sale_price'", 1);
if (!$res || DB_numRows($res) < 1) {
// Add the field to the products table
$PP_UPGRADE['0.5.6'][] = $PP_UPGRADE['0.5.4'][2];
}
if (!PAYPAL_do_upgrade_sql('0.5.6')) {
return false;
}
// Add new product defaults for onhand tracking
$c->add('def_track_onhand', $_PP_DEFAULTS['def_track_onhand'], 'select', 0, 30, 2, 50, true, $_PP_CONF['pi_name']);
$c->add('def_oversell', $_PP_DEFAULTS['def_oversell'], 'select', 0, 30, 16, 60, true, $_PP_CONF['pi_name']);
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.5.7')) {
$current_ver = '0.5.7';
$gid = (int) DB_getItem($_TABLES['groups'], 'grp_id', "grp_name='{$_PP_CONF['pi_name']} Admin'");
if ($gid < 1) {
$gid = 1;
}
// default to Root if paypal group not found
DB_query("INSERT INTO {$_TABLES['vars']}\n SET name='paypal_gid', value={$gid}");
$c->add('product_tpl_ver', $_PP_DEFAULTS['product_tpl_ver'], 'select', 0, 30, 2, 70, true, $_PP_CONF['pi_name']);
$c->add('list_tpl_ver', $_PP_DEFAULTS['list_tpl_ver'], 'select', 0, 30, 0, 80, true, $_PP_CONF['pi_name']);
$c->add('cache_max_age', $_PP_DEFAULTS['cache_max_age'], 'text', 0, 40, 2, 40, true, $_PP_CONF['pi_name']);
// Create cache directory
if (!is_dir($_PP_DEFAULTS['tmpdir'] . 'cache')) {
@mkdir($_PP_DEFAULTS['tmpdir'] . 'cache', '0755', true);
}
if (!PAYPAL_do_upgrade_sql($current_ver)) {
return false;
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.5.8')) {
$current_ver = '0.5.8';
// Add terms and conditions link
$c->add('tc_link', $_PP_DEFAULTS['tc_link'], 'text', 0, 40, 2, 50, true, $_PP_CONF['pi_name']);
// Upgrade sql changes from owner/group/member/anon perms to group id
// First update the group_id based on the perms.
$sql = "SELECT cat_id,group_id,perm_group,perm_members,perm_anon\n FROM {$_TABLES['paypal.categories']}";
$res = DB_query($sql, 1);
while ($A = DB_fetchArray($res, false)) {
if ($A['perm_anon'] >= 2) {
$grp_id = 2;
} elseif ($A['perm_members'] >= 2) {
$grp_id = 13;
} else {
$grp_id = $A['group_id'];
}
if ($A['group_id'] != $grp_id) {
$grp_id = (int) $grp_id;
DB_query("UPDATE {$_TABLES['paypal.categories']}\n SET group_id = {$grp_id}\n WHERE cat_id = {$A['cat_id']}");
}
}
// Remove Amazon Simplepay gateway file to prevent re-enabling
@unlink(PAYPAL_PI_PATH . '/classes/gateways/amazon.class.php');
if (!PAYPAL_do_upgrade_sql($current_ver, true)) {
return false;
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
if (!COM_checkVersion($current_ver, '0.5.9')) {
$current_ver = '0.5.9';
// Add shop phone and email conf values, fix subgroup ID for shop info
$c->add('shop_phone', '', 'text', 10, 100, 0, 30, true, $_PP_CONF['pi_name']);
$c->add('shop_email', $_PP_DEFAULTS['shop_email'], 'text', 10, 100, 0, 40, true, $_PP_CONF['pi_name']);
// Create default path for downloads (even if not used)
@mkdir($_CONF['path'] . 'data/' . $_PP_CONF['pi_name'] . '/files', true);
// Remove stray .htaccess file that interferes with plugin removal
@unlink(PAYPAL_PI_PATH . '/files/.htaccess');
if (!PAYPAL_do_upgrade_sql('0.5.9')) {
return false;
}
if (!PAYPAL_do_set_version($current_ver)) {
return false;
}
}
CTL_clearCache($_PP_CONF['pi_name']);
COM_errorLog("Successfully updated the {$_PP_CONF['pi_display_name']} Plugin", 1);
return true;
}
function addDownload()
{
global $_CONF, $_USER, $_TABLES, $filemgmt_FileStoreURL, $filemgmt_FileSnapURL, $filemgmt_FileStore, $filemgmt_SnapStore;
global $myts, $eh, $_FMDOWNLOAD, $filemgmtFilePermissions;
if (defined('DEMO_MODE')) {
redirect_header($_CONF['site_url'] . "/index.php", 10, 'Uploads are disabled in demo mode');
exit;
}
$title = $myts->makeTboxData4Save($_POST['title']);
$homepage = $myts->makeTboxData4Save($_POST['homepage']);
$version = $myts->makeTboxData4Save($_POST['version']);
$description = $myts->makeTareaData4Save($_POST['description']);
$commentoption = $_POST['commentoption'];
$fileurl = COM_applyFilter($_POST['fileurl']);
$submitter = $_USER['uid'];
$errormsg = "";
// Check if Title blank
if ($title == "") {
$eh->show("1104");
}
// Check if Description blank
if ($description == "") {
$eh->show("1105");
}
// Check if a file was uploaded
if ($_FILES['newfile']['size'] == 0 && empty($fileurl)) {
$eh->show("1017");
}
if (!empty($_POST['cid'])) {
$cid = $_POST['cid'];
} else {
$cid = 0;
$eh->show("1110");
}
$filename = '';
//$myts->makeTboxData4Save($_FILES['newfile']['name']);
$url = '';
//$myts->makeTboxData4Save(rawurlencode($filename));
$snapfilename = '';
// = $myts->makeTboxData4Save($_FILES['newfileshot']['name']);
$logourl = '';
//$myts->makeTboxData4Save(rawurlencode($snapfilename));
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
$upload->setFieldName('newfile');
$upload->setPath($filemgmt_FileStore);
$upload->setAllowAnyMimeType(true);
// allow any file type
$upload->setMaxFileSize(100000000);
if ($upload->numFiles() > 0) {
$upload->uploadFiles();
if ($upload->areErrors()) {
$errmsg = "Upload Error: " . $upload->printErrors(false);
COM_errorLog($errmsg);
$eh->show("1106");
} else {
$size = $myts->makeTboxData4Save(intval($upload->_currentFile['size']));
$filename = $myts->makeTboxData4Save($upload->_currentFile['name']);
$url = $myts->makeTboxData4Save(rawurlencode($filename));
$pos = strrpos($filename, '.') + 1;
$fileExtension = strtolower(substr($filename, $pos));
if (array_key_exists($fileExtension, $_FMDOWNLOAD)) {
if ($_FMDOWNLOAD[$fileExtension] == 'reject') {
COM_errorLOG("AddNewFile - New Upload file is rejected by config rule:{$uploadfilename}");
$eh->show("1109");
} else {
$fileExtension = $_FMDOWNLOAD[$fileExtension];
$pos = strrpos($url, '.') + 1;
$url = strtolower(substr($url, 0, $pos)) . $fileExtension;
$pos2 = strrpos($filename, '.') + 1;
$filename = substr($filename, 0, $pos2) . $fileExtension;
}
}
$AddNewFile = true;
}
}
if ($upload->numFiles() == 0 && !$upload->areErrors() && !empty($fileurl)) {
$url = $fileurl;
$size = 0;
$AddNewFile = true;
}
$upload = new upload();
$upload->setFieldName('newfileshot');
$upload->setPath($filemgmt_SnapStore);
$upload->setAllowAnyMimeType(false);
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
$upload->setAutomaticResize(true);
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
$upload->setMaxDimensions(640, 480);
$upload->setAutomaticResize(true);
$upload->setMaxFileSize(100000000);
$upload->uploadFiles();
if ($upload->numFiles() > 0) {
if ($upload->areErrors()) {
$errmsg = "Upload Error: " . $upload->printErrors(false);
COM_errorLog($errmsg);
$eh->show("1106");
} else {
$snapfilename = $myts->makeTboxData4Save($upload->_currentFile['name']);
$logourl = $myts->makeTboxData4Save(rawurlencode($snapfilename));
$AddNewFile = true;
}
}
if ($AddNewFile) {
$chown = @chmod($filemgmt_FileStore . $filename, $filemgmtFilePermissions);
if (strlen($version) > 9) {
$version = substr($version, 0, 8);
}
$fields = 'cid, title, url, homepage, version, size, logourl, submitter, status, date, hits, rating, votes, comments';
$sql = "INSERT INTO {$_TABLES['filemgmt_filedetail']} ({$fields}) VALUES ";
$sql .= "('" . DB_escapeString($cid) . "','" . $title . "','" . $url . "','" . $homepage . "','" . $version . "','" . $size . "','" . $logourl . "','" . DB_escapeString($submitter) . "',1,UNIX_TIMESTAMP(),0,0,0,'" . DB_escapeString($commentoption) . "')";
DB_query($sql);
$newid = DB_insertID();
DB_query("INSERT INTO {$_TABLES['filemgmt_filedesc']} (lid, description) VALUES ({$newid}, '" . $description . "')");
PLG_itemSaved($newid, 'filemgmt');
CACHE_remove_instance('whatsnew');
if (isset($duplicatefile) && $duplicatefile) {
redirect_header("{$_CONF['site_admin_url']}/plugins/filemgmt/index.php", 2, _MD_NEWDLADDED_DUPFILE);
} elseif (isset($duplicatesnap) && $duplicatesnap) {
redirect_header("{$_CONF['site_admin_url']}/plugins/filemgmt/index.php", 2, _MD_NEWDLADDED_DUPSNAP);
} else {
redirect_header("{$_CONF['site_admin_url']}/plugins/filemgmt/index.php", 2, _MD_NEWDLADDED);
}
exit;
} else {
redirect_header("index.php", 2, _MD_ERRUPLOAD . "");
exit;
}
}
function nf_createNewTemplate($templateName)
{
global $_TABLES;
if ($templateName != null) {
$sql = "INSERT INTO {$_TABLES['nf_template']} (templateName) VALUES ('{$templateName}')";
$result = DB_Query($sql);
$templateID = DB_insertID();
//get the last ID from the insert. this is the new template ID
$sql = "INSERT INTO {$_TABLES['nf_templatedata']} (nf_templateID, taskname, offsetLeft, offsetTop, logicalID, nf_stepType, firstTask) VALUES ({$templateID}, 'Start', 50, 300, 1, 9, 1)";
$result = DB_Query($sql);
$sql = "INSERT INTO {$_TABLES['nf_templatedata']} (nf_templateID, taskname, offsetLeft, offsetTop, logicalID, nf_stepType) VALUES ({$templateID}, 'End', 350, 300, 2, 10)";
$result = DB_Query($sql);
// Create default template variable INITIATOR and TASKOWNER and PID
$sql = "INSERT INTO {$_TABLES['nf_templatevariables']} (nf_templateID,variableName) VALUES ({$templateID},'INITIATOR')";
$result = DB_Query($sql);
$sql = "INSERT INTO {$_TABLES['nf_templatevariables']} (nf_templateID,variableName) VALUES ({$templateID},'PID')";
$result = DB_Query($sql);
$sql = "INSERT INTO {$_TABLES['nf_templatevariables']} (nf_templateID,variableName) VALUES ({$templateID},'TASKOWNER')";
$result = DB_Query($sql);
}
}
public function update_tags($itemid, $tagwords = '')
{
if (!empty($tagwords)) {
$this->set_newtags($tagwords);
}
$perms = $this->get_itemperms($itemid);
if ($perms['perm_anon'] or $perms['perm_members'] or $perms['group_id'] >= 2) {
if (!empty($this->_newtags)) {
// If item record does not yet exist - create it.
if (!DB_count($this->_tagitems, array('type', 'itemid'), array($this->_type, $itemid))) {
DB_query("INSERT INTO {$this->_tagitems} (itemid,type) VALUES ('{$itemid}','{$this->_type}')");
}
// Need to build list of tagid's for these tag words and if tagword does not yet exist then add it
$tagwords = explode(',', $this->_newtags);
$tags = array();
foreach ($tagwords as $word) {
$word = addslashes(trim($word));
$id = DB_getItem($this->_tagwords, 'id', "tagword='{$word}'");
if (empty($id)) {
DB_query("INSERT INTO {$this->_tagwords} (tagword,metric,last_updated) VALUES ('{$word}',0,NOW())");
$id = DB_insertID();
}
$tags[] = $id;
}
// Retrieve the current assigned tags to compare against new tags
$currentTags = DB_getItem($this->_tagitems, 'tags', "type='{$this->_type}' AND itemid='{$itemid}'");
$currentTags = explode(',', $currentTags);
$unusedTags = array_diff($currentTags, $tags);
$newTags = array_diff($tags, $currentTags);
$this->update_accessmetrics($itemid, $unusedTags);
$this->add_accessmetrics($itemid, $newTags);
$tagids = implode(',', $tags);
if ($currentTags != $tags) {
DB_query("UPDATE {$this->_tagitems} SET tags = '{$tagids}' WHERE itemid = '{$itemid}'");
}
return true;
} else {
$this->clear_tags($itemid);
return true;
}
} else {
return false;
}
}
if (!SEC_hasRights('nexflow.edit')) {
print 'No access rights';
exit;
}
$rec = COM_applyFilter($_GET['rec'], true);
$op = COM_applyFilter($_GET['op']);
$handler = COM_applyFilter($_GET['handler']);
$description = COM_applyFilter($_GET['description']);
if (!get_magic_quotes_gpc()) {
$handler = addslashes($handler);
$description = addslashes($description);
}
// Main Control Section Begins
if ($op == 'add') {
DB_query("INSERT into {$_TABLES['nf_handlers']} (handler,description) values('{$handler}','{$description}')");
$handler_id = DB_insertID();
} elseif ($op == 'update') {
if ($rec != NULL) {
DB_query("UPDATE {$_TABLES['nf_handlers']} SET handler='{$handler}', description='{$description}' WHERE id='{$rec}'");
$handler_id = $rec;
} else {
$handler_id = NULL;
}
}
header("Cache-Control: no-store, no-cache, must-revalidate");
header("content-type: text/xml");
$XML = "<result>";
$XML .= "<record>{$rec}</record>";
$XML .= "<operation>{$op}</operation>";
$XML .= "<id>{$hander_id}</id>";
$XML .= "</result>";
function _ff_migratetopic($forum, $sid, $tid, $storydate, $uid, $subject, $introtext, $bodytext, $hits)
{
global $_TABLES;
$num_posts = 0;
$comment = $introtext . $bodytext;
$comment = prepareStringForDB($comment);
$subject = prepareStringForDB($subject);
$postmode = "html";
$name = DB_getITEM($_TABLES['users'], 'username', "uid=" . (int) $uid);
$email = DB_getITEM($_TABLES['users'], 'email', "uid=" . (int) $uid);
$website = DB_getITEM($_TABLES['users'], 'homepage', "uid=" . (int) $uid);
$datetime = explode(" ", $storydate);
$date = explode("-", $datetime[0]);
$time = explode(":", $datetime[1]);
$year = $date[0] > 1969 ? $date[0] : "2001";
$month = $date[1];
$day = $date[2];
$hour = $time[0];
$min = $time[1];
$timestamp = mktime($hour, $min, 0, $month, $day, $year);
DB_query("INSERT INTO {$_TABLES['ff_topic']} (forum,name,date,lastupdated, email, website, subject, comment, views, postmode, ip, mood, uid, pid, sticky, locked)\n VALUES (" . (int) $forum . ",'" . DB_escapeString($name) . "','{$timestamp}','{$timestamp}','" . DB_escapeString($email) . "','" . DB_escapeString($website) . "','{$subject}','{$comment}'," . (int) $hits . ",'" . DB_escapeString($postmode) . "','',''," . (int) $uid . ",'0','0','0')");
$parent = DB_insertID();
$comments = 0;
if (isset($_POST['seltopic']) && $_POST['seltopic'] != 'submissions') {
$comments = _ff_migrateComments($forum, $sid, $parent);
}
$num_posts = $num_posts + $comments;
return $num_posts;
}
if ($project_id < 1 or DB_count($_TABLES['nf_projects'], 'id', $project_id) == 0) {
$processid = intval($processid);
DB_query("INSERT INTO {$_TABLES['nf_projects']} (originator_uid,wf_process_id,wf_task_id,status)\r\n VALUES ('{$postUID}','{$processid}','{$taskid}','1') ");
$project_id = DB_insertID();
$nfclass->set_ProcessVariable('PID', $project_id);
$newproject = true;
if ($CONF_NF['debug']) {
COM_errorLog("form_post_handler: Create new project_id: {$project_id}");
}
DB_query("UPDATE {$_TABLES['nf_projecttaskhistory']} SET project_id='{$project_id}' WHERE task_id='{$taskid}'");
}
// Create new form tracking record for this project
/* Get formtype from posted form - should be a hidden field in form definition */
$formtype = DB_getItem($_TABLES['nxform_definitions'], 'shortname', "id='{$form_id}'");
DB_query("INSERT INTO {$_TABLES['nf_projectforms']} (project_id,form_id,formtype,results_id,created_by_taskid,created_by_uid)\r\n VALUES ('{$project_id}','{$form_id}','{$formtype}','{$result_id}','{$taskid}','{$postUID}') ");
$project_formid = DB_insertID();
if ($CONF_NF['debug']) {
COM_errorLog("nfform_post_handler: Create new nfproject_forms record: id: {$project_formid}");
}
// Create new form timestamp record - used to record stats
DB_query("INSERT INTO {$_TABLES['nf_projecttimestamps']} (project_id,project_formid,statusmsg,timestamp,uid)\r\n VALUES ('{$project_id}','{$project_formid}','{$statusmsg}',UNIX_TIMESTAMP(),'{$postUID}') ");
if ($mode == 'draft') {
// User is not ready to submit it for approval - so don't complete task yet
$form_return_url = sprintf($form_draftreturn_url, $form_id, $result_id);
$statusmsg = "{$form_name} Draft Updated";
$status = 0;
} else {
$statusmsg = "{$form_name} has been created";
$status = 1;
if ($processid > 0 and $taskid > 0) {
// Check if custom workflow handler function being requested - used for inline action forms
