function SortBlocks()
{
$data = ScanPostVariableWithId(array("sort"));
foreach ($data as $key => $val) {
if (isset($val["sort"])) {
db_query("UPDATE " . BLOCKS_TABLE . " SET sort=" . (int) $val["sort"] . " WHERE bid=" . (int) $key);
}
}
}
function _copyDataFromPostToPage(&$smarty)
{
$smarty->hassign("login", $_POST["login"]);
$smarty->hassign("cust_password1", $_POST["cust_password1"]);
$smarty->hassign("cust_password2", $_POST["cust_password2"]);
$smarty->hassign("first_name", $_POST["first_name"]);
$smarty->hassign("last_name", $_POST["last_name"]);
$smarty->hassign("email", $_POST["email"]);
$smarty->assign("subscribed4news", isset($_POST["subscribed4news"]) ? 1 : 0);
$additional_field_values = array();
$data = ScanPostVariableWithId(array("additional_field"));
foreach ($data as $key => $val) {
$item = array("reg_field_ID" => $key, "reg_field_name" => "", "reg_field_value" => $val["additional_field"]);
$additional_field_values[] = $item;
}
$smarty->hassign("additional_field_values", $additional_field_values);
}
function _copyDataFromPostToPage(&$smarty)
{
$smarty->hassign("login", trim($_POST["login"]));
$smarty->hassign("cust_password1", trim($_POST["cust_password1"]));
$smarty->hassign("cust_password2", trim($_POST["cust_password2"]));
$smarty->hassign("first_name", trim($_POST["first_name"]));
$smarty->hassign("affiliationLogin", trim($_POST["affiliationLogin"]));
$smarty->hassign("last_name", trim($_POST["last_name"]));
$smarty->hassign("email", trim($_POST["email"]));
$smarty->assign("subscribed4news", isset($_POST["subscribed4news"]) ? 1 : 0);
$zones = znGetZonesById((int) $_POST["countryID"]);
$smarty->hassign("zones", $zones);
$additional_field_values = array();
$data = ScanPostVariableWithId(array("additional_field"));
foreach ($data as $key => $val) {
$item = array("reg_field_ID" => $key, "reg_field_name" => "", "reg_field_value" => $val["additional_field"]);
$additional_field_values[] = $item;
}
$smarty->hassign("additional_field_values", $additional_field_values);
$smarty->assign("countryID", (int) $_POST["countryID"]);
if (isset($_POST["state"])) {
$smarty->hassign("state", trim($_POST["state"]));
}
if (isset($_POST["zoneID"])) {
$smarty->assign("zoneID", (int) $_POST["zoneID"]);
}
$smarty->hassign("city", trim($_POST["city"]));
$smarty->hassign("address", trim($_POST["address"]));
if (isset($_POST["order"]) || isset($_GET["order"])) {
if (isset($_POST["billing_address_check"])) {
$smarty->assign("billing_address_check", "1");
}
$smarty->hassign("receiver_first_name", trim($_POST["receiver_first_name"]));
$smarty->hassign("receiver_last_name", trim($_POST["receiver_last_name"]));
if (!isset($_POST["billing_address_check"])) {
$smarty->hassign("payer_first_name", trim($_POST["payer_first_name"]));
$smarty->hassign("payer_last_name", trim($_POST["payer_last_name"]));
$smarty->assign("billingCountryID", (int) $_POST["billingCountryID"]);
if (isset($_POST["billingState"])) {
$smarty->hassign("billingState", trim($_POST["billingState"]));
}
if (isset($_POST["billingZoneId"])) {
$smarty->assign("billingZoneId", (int) $_POST["billingZoneId"]);
}
$smarty->hassign("billingCity", trim($_POST["billingCity"]));
$smarty->hassign("billingAddress", trim($_POST["billingAddress"]));
$billingZones = znGetZonesById((int) $_POST["billingCountryID"]);
$smarty->assign("billingZones", $billingZones);
} else {
$smarty->hassign("payer_first_name", trim($_POST["receiver_first_name"]));
$smarty->hassign("payer_last_name", trim($_POST["receiver_last_name"]));
$smarty->assign("billingCountryID", (int) $_POST["countryID"]);
if (isset($_POST["state"])) {
$smarty->hassign("billingState", trim($_POST["state"]));
}
if (isset($_POST["zoneId"])) {
$smarty->assign("billingZoneId", (int) $_POST["zoneId"]);
}
$smarty->hassign("billingCity", trim($_POST["city"]));
$smarty->hassign("billingAddress", trim($_POST["address"]));
$smarty->assign("billingZones", $zones);
}
}
}
cnDeleteCountry($_GET["delete"]);
Redirect(_getUrlToDelete());
}
if (isset($_POST["save_countries"])) {
if (CONF_BACKEND_SAFEMODE) {
Redirect(_getUrlToSubmit() . "&safemode=yes");
}
// add new manufacturer
$name = $_POST["new_country_name"];
$iso2 = $_POST["new_country_iso2"];
$iso3 = $_POST["new_country_iso3"];
if ($name != "") {
cnAddCountry($name, $iso2, $iso3);
}
// update manufacturers
$data = ScanPostVariableWithId(array("country_name", "country_iso2", "country_iso3"));
// update existing pictures
foreach ($data as $key => $val) {
cnUpdateCountry($key, $data[$key]["country_name"], $data[$key]["country_iso2"], $data[$key]["country_iso3"]);
}
Redirect(_getUrlToSubmit());
}
$callBackParam = array();
$countries = array();
$count = 0;
$navigatorHtml = GetNavigatorHtml(ADMIN_FILE . "?dpt=conf&sub=countries", 20, 'cnGetCountries', $callBackParam, $countries, $offset, $count);
if (isset($_POST["save_countries"])) {
Redirect(_getUrlToSubmit());
}
$smarty->hassign("urlToDelete", _getUrlToDelete());
$smarty->hassign("urlToSubmit", _getUrlToSubmit());
if (CONF_BACKEND_SAFEMODE) {
Redirect(ADMIN_FILE . "?dpt=custord&sub=order_statuses&safemode=yes");
}
if (!ostDeleteOrderStatus($_GET["delete"])) {
$smarty->assign("prompt", ADMIN_COULDNT_DELETE_ORDER_STATUS);
}
}
if (isset($_POST["save"])) {
if (CONF_BACKEND_SAFEMODE) {
Redirect(ADMIN_FILE . "?dpt=custord&sub=order_statuses&safemode=yes");
}
if (trim($_POST["new_status_name"]) != "") {
$sort_order = (int) $_POST["new_sort_order"];
ostAddOrderStatus(trim($_POST["new_status_name"]), $sort_order);
}
$updateData = ScanPostVariableWithId(array("status_name", "sort_order"));
foreach ($updateData as $key => $value) {
ostUpdateOrderStatus($key, $value["status_name"], $value["sort_order"]);
}
Redirect(ADMIN_FILE . "?dpt=custord&sub=order_statuses&save_successful=yes");
}
if (isset($_GET["save_successful"])) {
//show successful save confirmation message
$smarty->assign("configuration_saved", 1);
}
$order_statues = ostGetOrderStatues(false, 'html');
$smarty->assign("order_statues", $order_statues);
//set sub-department template
$smarty->assign("admin_sub_dpt", "custord_order_statuses.tpl");
}
}
if (isset($_GET["save_successful"])) {
//show successful save confirmation message
$smarty->assign("configuration_saved", 1);
}
if (isset($_GET["delete"])) {
if (CONF_BACKEND_SAFEMODE) {
Redirect(ADMIN_FILE . "?dpt=conf&sub=shipping&safemode=yes");
}
shDeleteShippingMethod($_GET["delete"]);
Redirect(ADMIN_FILE . "?dpt=conf&sub=shipping");
}
if (isset($_POST["save_shipping"])) {
if (CONF_BACKEND_SAFEMODE) {
Redirect(ADMIN_FILE . "?dpt=conf&sub=shipping&safemode=yes");
}
$values = ScanPostVariableWithId(array("Enabled", "name", "description", "email_comments_text", "module", "sort_order"));
foreach ($values as $key => $value) {
shUpdateShippingMethod($key, $value["name"], $value["description"], isset($value["Enabled"]) ? 1 : 0, (int) $value["sort_order"], $value["module"], $value["email_comments_text"]);
}
if (trim($_POST["new_name"]) != "") {
shAddShippingMethod($_POST["new_name"], $_POST["new_description"], isset($_POST["new_Enabled"]) ? 1 : 0, (int) $_POST["new_sort_order"], $_POST["new_module"], $_POST["new_email_comments_text"]);
}
Redirect(ADMIN_FILE . "?dpt=conf&sub=shipping&save_successful=yes");
}
/**
* get all installed module objects
*/
$smarty->assign("shipping_types", shGetAllShippingMethods());
$smarty->assign("shipping_modules", modGetAllInstalledModuleObjs(SHIPPING_RATE_MODULE));
//set sub-department template
$smarty->assign("admin_sub_dpt", "conf_shipping.tpl");
$smarty->assign("customer_groups", $customer_groups);
$smarty->assign("reg_fields_values", $reg_fields_values);
$smarty->assign("customerInfo", $customerInfo);
}
if ($_GET["customer_details"] == "address_book") {
$log1 = regGetLoginById($_GET["customerID"]);
$addresses = regGetAllAddressesByLogin($log1);
for ($i = 0; $i < count($addresses); $i++) {
$addresses[$i]["addressStr"] = regGetAddressStr($addresses[$i]["addressID"]);
}
$defaultAddressID = regGetDefaultAddressIDByLogin($log1);
$smarty->assign("addresses", $addresses);
$smarty->assign("defaultAddressID", $defaultAddressID);
}
if ($_GET["customer_details"] == "order_history") {
$data = ScanPostVariableWithId(array("set_order_status"));
foreach ($data as $orderID => $value) {
ostSetOrderStatusToOrder($orderID, $_POST["order_status_in_table_" . $orderID]);
}
$orders = array();
$callBackParam = array();
$callBackParam["customerID"] = $_GET["customerID"];
if (isset($_GET["sort"])) {
$callBackParam["sort"] = $_GET["sort"];
}
if (isset($_GET["direction"])) {
$callBackParam["direction"] = $_GET["direction"];
}
$count = 0;
$navigatorHtml = GetNavigatorHtml(_getUrlToNavigate_ORDER_HISTORY(), 20, 'ordGetOrders', $callBackParam, $orders, $offset, $count);
$smarty->hassign("urlToSubmit", _getUrlToSubmit_ORDER_HISTORY());
//this action is forbidden when SAFE MODE is ON
Redirect(_getUrlToSubmit() . '&safemode = yes');
}
if (DeleteAllProductsOfThisCategory((int) $_GET['categoryID'])) {
Redirect(ADMIN_FILE . '?dpt = catalog&sub = products_categories&categoryID = ' . $_GET['categoryID']);
} else {
Redirect(ADMIN_FILE . '?dpt = catalog&sub = products_categories&categoryID = ' . $_GET['categoryID'] . '&couldntToDeleteThisProducts = 1');
}
} else {
if (isset($_POST['products_update'])) {
if (CONF_BACKEND_SAFEMODE) {
//this action is forbidden when SAFE MODE is ON
Redirect(_getUrlToSubmit() . '&safemode = yes');
}
//save changes in current category
$data = ScanPostVariableWithId(array('price', 'enable', 'left', 'sort_order', 'opt_margin'));
foreach ($data as $k => $v) {
unset($set);
$price = number_format($v['price'], 2, '.', '');
if ($price >= 0) {
$set .= ',Price = "' . $price . '"';
}
if (isset($v['enable'])) {
$set .= ',enabled = ' . (int) $v["enable"];
}
if (isset($v['left'])) {
$set .= ',in_stock = ' . (int) $v['left'];
}
if (isset($v['sort_order'])) {
$set .= ',sort_order = ' . (int) $v["sort_order"];
}
if (isset($_GET["search"]) || $changeStatusIsPressed) {
$url .= "&search=1";
}
return $url;
}
if (isset($_POST["status_cpast"])) {
$dataup = ScanPostVariableWithId(array("ordsel"));
foreach ($dataup as $key => $val) {
ostSetOrderStatusToOrder((int) $key, $_POST["status_cpast"], '', '');
}
$smarty->assign("status_cpast_ok", 1);
} else {
$smarty->assign("status_cpast_ok", 0);
}
if (isset($_POST["orders_delete"])) {
$dataup2 = ScanPostVariableWithId(array("ordsel"));
foreach ($dataup2 as $key => $val) {
ordDeleteOrder((int) $key);
}
$smarty->assign("orders_delete_ok", 1);
} else {
$smarty->assign("orders_delete_ok", 0);
}
$data = ScanGetVariableWithId(array("set_order_status"));
$changeStatusIsPressed = count($data) != 0;
if (isset($_GET["search"]) || $changeStatusIsPressed) {
_copyDataFromGetToPage($smarty, $order_statuses);
$callBackParam = array();
_setCallBackParamsToSearchOrders($callBackParam);
$orders = array();
$count = 0;
if (isset($_POST["save"])) {
if (CONF_BACKEND_SAFEMODE) {
Redirect(ADMIN_FILE . "?do=configurator&safemode=yes&productID=" . $productID . "&optionID=" . $optionID);
}
$variantID_default = "null";
foreach ($_POST as $key => $value) {
if (strstr($key, "default_radiobutton_")) {
$key = str_replace("default_radiobutton_", "", $key);
$variantID_default = (int) $key;
}
}
$option_show_times = (int) $_POST["option_show_times"];
if ($option_show_times <= 0) {
$option_show_times = 1;
}
$data = ScanPostVariableWithId(array("switchOn", "price_surplus"));
UpdateConfiguriableProductOption($optionID, $productID, $option_show_times, $variantID_default, $data);
}
if (isset($_POST["save"]) || isset($_POST["close"])) {
if (isset($_POST["save"])) {
// save values on opener window
echo "<script type='text/javascript'>";
echo "window.opener.document.getElementById('spwc').value='1';";
echo "window.opener.document.getElementById('option_radio_type_" . $optionID . "_3').click();";
echo "window.opener.document.getElementById('save_spwc').value='1';";
echo "window.opener.document.getElementById('MainForm').submit();";
echo "</script>";
}
echo "<script type='text/javascript'>";
echo "window.close();";
echo "</script>";
}
// update existing values
$updateOptions = ScanPostVariableWithId(array("sort_order", "option_value"));
optUpdateOptionValues($updateOptions);
// add new value
if (isset($_POST["add_value"]) && trim($_POST["add_value"]) != "") {
optAddOptionValue($_POST["optionID"], $_POST["add_value"], (int) $_POST["add_sort"]);
}
Redirect(ADMIN_FILE . "?dpt=catalog&sub=extra&optionID=" . $_POST["optionID"]);
}
if (isset($_POST["save_options"])) {
if (CONF_BACKEND_SAFEMODE) {
Redirect(ADMIN_FILE . "?dpt=catalog&sub=extra&safemode=yes");
}
//save existing
$updateOptions = ScanPostVariableWithId(array("extra_option", "extra_sort"));
//now update database
optUpdateOptions($updateOptions);
//add a new option
if (isset($_POST["add_option"])) {
optAddOption($_POST["add_option"], $_POST["add_sort"]);
}
Redirect(ADMIN_FILE . "?dpt=catalog&sub=extra&save_successful=yes");
}
// delete value
if (isset($_GET["kill_value"])) {
if (CONF_BACKEND_SAFEMODE) {
Redirect(ADMIN_FILE . "?dpt=catalog&sub=extra&optionID=" . $_GET["optionID"] . "&safemode=yes");
}
$variantid = (int) $_GET["kill_value"];
db_query("delete from " . PRODUCTS_OPTIONS_VALUES_VARIANTS_TABLE . " where variantID=" . $variantid);
echo ADMIN_PRODUCT_TITLE;
?>
</title>
<?php
// add new product and open configurator
// it works when user click "setting..." and new product is added
if (isset($_POST["AddProductAndOpenConfigurator"])) {
if ($_POST["AddProductAndOpenConfigurator"] == 1) {
if (CONF_BACKEND_SAFEMODE) {
//this action is forbidden when SAFE MODE is ON
Redirect(ADMIN_FILE . "?safemode=yes&productID=" . $_GET["productID"] . "&eaction=prod");
}
$productID = AddProduct($_POST["categoryID"], $_POST["name"], $_POST["price"], $_POST["description"], $_POST["in_stock"], $_POST["brief_description"], $_POST["list_price"], $_POST["product_code"], $_POST["sort_order"], isset($_POST["ProductIsProgram"]), "eproduct_filename", $_POST["eproduct_available_days"], $_POST["eproduct_download_times"], $_POST["weight"], $_POST["meta_description"], $_POST["meta_keywords"], isset($_POST["free_shipping"]), $_POST["min_order_amount"], $_POST["shipping_freight"], $_POST["tax_class"], $_POST["currencyID"], $_POST["opt_margin"], $_POST["sef"], $_POST["title"]);
$_GET["productID"] = $productID;
$updatedValues = ScanPostVariableWithId(array("option_value", "option_radio_type"));
configUpdateOptionValue($productID, $updatedValues);
OpenConfigurator($_POST["optionID"], $productID);
}
}
// show product
if ($_GET["productID"] != 0) {
$product = GetProduct($_GET["productID"]);
$product["description"] = html_spchars($product["description"]);
$product["brief_description"] = html_spchars($product["brief_description"]);
$product["sef"] = html_spchars($product["sef"]);
if (!$product["title"]) {
$product["title"] = "";
}
$title = ADMIN_PRODUCT_EDITN;
} else {
znDeleteZone($_GET["delete"]);
Redirect(ADMIN_FILE . "?dpt=conf&sub=zones&countryID=" . $_GET["countryID"]);
}
if (isset($_POST["save_zones"])) {
if (CONF_BACKEND_SAFEMODE) {
Redirect(ADMIN_FILE . "?dpt=conf&sub=zones&countryID=" . $_GET["countryID"] . "&safemode=yes");
}
// add new zone
$name = $_POST["new_zone_name"];
$code = $_POST["new_zone_code"];
$countryID = $_GET["countryID"];
if ($name != "") {
znAddZone($name, $code, $countryID);
}
// update zones list
$data = ScanPostVariableWithId(array("zone_name", "zone_code"));
foreach ($data as $key => $val) {
znUpdateZone($key, $data[$key]["zone_name"], $data[$key]["zone_code"], $countryID);
}
Redirect(ADMIN_FILE . "?dpt=conf&sub=zones&countryID=" . $_GET["countryID"]);
}
//if country is not selected, select the first country from the database
if (!isset($_GET["countryID"])) {
$q = db_query("select countryID from " . COUNTRIES_TABLE);
$row = db_fetch_row($q);
Redirect(ADMIN_FILE . "?dpt=conf&sub=zones&countryID=" . $row[0]);
}
$callBackParam = null;
$count_row = 0;
$navigatorParams = null;
$countries = cnGetCountries($callBackParam, $count_row, $navigatorParams);
$smarty->assign("configuration_saved", 1);
}
if (isset($_GET["delete"])) {
if (CONF_BACKEND_SAFEMODE) {
Redirect(ADMIN_FILE . "?dpt=conf&sub=currencies&safemode=yes");
}
// delete currency
currDeleteCurrency($_GET["delete"]);
Redirect(ADMIN_FILE . "?dpt=conf&sub=currencies");
}
if (isset($_POST["save_currencies"])) {
if (CONF_BACKEND_SAFEMODE) {
Redirect(ADMIN_FILE . "?dpt=conf&sub=currencies&safemode=yes");
}
// scan data
$data = ScanPostVariableWithId(array("curr_name", "curr_value", "curr_where", "curr_code", "curr_sort", "curr_currencyIso3", "curr_roundval"));
// update existing currencies
foreach ($data as $key => $val) {
if ($val["curr_name"] == "" || $val["curr_currencyIso3"] == "" || $val["curr_code"] == "") {
continue;
}
$val["curr_value"] = (double) $val["curr_value"];
// fb($val["curr_value"]);
$val["curr_sort"] = (int) $val["curr_sort"];
$val["curr_where"] = (int) $val["curr_where"];
$val["curr_where"] = (int) $val["curr_where"];
$val["curr_roundval"] = (int) $val["curr_roundval"];
if ($val["curr_value"] < 0) {
continue;
}
currUpdateCurrency($key, $val["curr_name"], $val["curr_code"], $val["curr_currencyIso3"], $val["curr_value"], $val["curr_where"], $val["curr_sort"], $val["curr_roundval"]);
if (CONF_BACKEND_SAFEMODE) {
Redirect(ADMIN_FILE . "?dpt=custord&sub=discounts&safemode=yes");
}
$_POST["save"] = 1;
}
$control = settingCallHtmlFunction("CONF_DISCOUNT_TYPE");
if (isset($_POST["discount_type_save"])) {
Redirect(ADMIN_FILE . "?dpt=custord&sub=discounts");
}
$smarty->assign("control", $control);
if (isset($_POST["save_order_price_discounts"])) {
if (CONF_BACKEND_SAFEMODE) {
Redirect(ADMIN_FILE . "?dpt=custord&sub=discounts&safemode=yes");
}
$error = false;
$data = ScanPostVariableWithId(array("percent_discount", "price_range"));
foreach ($data as $discount_id => $val) {
if (!dscUpdateOrderPriceDiscount($discount_id, $val["price_range"], (double) $val["percent_discount"])) {
$error = true;
}
}
if (trim($_POST["new_price_range"]) != "") {
if (!dscAddOrderPriceDiscount((double) $_POST["new_price_range"], (double) $_POST["new_percent_discount"])) {
$error = true;
}
}
if ($error) {
Redirect(ADMIN_FILE . "?dpt=custord&sub=discounts&error=yes");
} else {
Redirect(ADMIN_FILE . "?dpt=custord&sub=discounts");
}
Redirect(ADMIN_FILE . "?dpt=custord&sub=reg_fields");
}
if (isset($_POST["save_fields"])) {
if (CONF_BACKEND_SAFEMODE) {
Redirect(ADMIN_FILE . "?dpt=custord&sub=reg_fields&safemode=yes");
}
// add new field
if (trim($_POST["new_reg_field_name"]) != "") {
$new_reg_field_required = 0;
if (isset($_POST["new_reg_field_required"])) {
$new_reg_field_required = 1;
}
AddRegField($_POST["new_reg_field_name"], $new_reg_field_required, $_POST["new_sort_order"]);
}
// update fields
$data = ScanPostVariableWithId(array("reg_field_name", "reg_field_required", "sort_order"));
foreach ($data as $key => $val) {
if (!isset($val["reg_field_required"])) {
$val["reg_field_required"] = 0;
}
UpdateRegField($key, $val["reg_field_name"], $val["reg_field_required"], $val["sort_order"]);
}
Redirect(ADMIN_FILE . "?dpt=custord&sub=reg_fields");
}
if (isset($_POST["save_address_form"])) {
if (CONF_BACKEND_SAFEMODE) {
Redirect(ADMIN_FILE . "?dpt=custord&sub=reg_fields&safemode=yes");
}
db_query("update " . SETTINGS_TABLE . " set settings_value = '" . (int) $_POST["addr_state"] . "' where settings_constant_name = 'CONF_ADDRESSFORM_STATE'");
db_query("update " . SETTINGS_TABLE . " set settings_value = '" . (int) $_POST["addr_city"] . "' where settings_constant_name = 'CONF_ADDRESSFORM_CITY'");
db_query("update " . SETTINGS_TABLE . " set settings_value = '" . (int) $_POST["addr_address"] . "' where settings_constant_name = 'CONF_ADDRESSFORM_ADDRESS'");
