function SortBlocks() { $data = ScanPostVariableWithId(array("sort")); foreach ($data as $key => $val) { if (isset($val["sort"])) { db_query("UPDATE " . BLOCKS_TABLE . " SET sort=" . (int) $val["sort"] . " WHERE bid=" . (int) $key); } } }
function _copyDataFromPostToPage(&$smarty) { $smarty->hassign("login", $_POST["login"]); $smarty->hassign("cust_password1", $_POST["cust_password1"]); $smarty->hassign("cust_password2", $_POST["cust_password2"]); $smarty->hassign("first_name", $_POST["first_name"]); $smarty->hassign("last_name", $_POST["last_name"]); $smarty->hassign("email", $_POST["email"]); $smarty->assign("subscribed4news", isset($_POST["subscribed4news"]) ? 1 : 0); $additional_field_values = array(); $data = ScanPostVariableWithId(array("additional_field")); foreach ($data as $key => $val) { $item = array("reg_field_ID" => $key, "reg_field_name" => "", "reg_field_value" => $val["additional_field"]); $additional_field_values[] = $item; } $smarty->hassign("additional_field_values", $additional_field_values); }
function _copyDataFromPostToPage(&$smarty) { $smarty->hassign("login", trim($_POST["login"])); $smarty->hassign("cust_password1", trim($_POST["cust_password1"])); $smarty->hassign("cust_password2", trim($_POST["cust_password2"])); $smarty->hassign("first_name", trim($_POST["first_name"])); $smarty->hassign("affiliationLogin", trim($_POST["affiliationLogin"])); $smarty->hassign("last_name", trim($_POST["last_name"])); $smarty->hassign("email", trim($_POST["email"])); $smarty->assign("subscribed4news", isset($_POST["subscribed4news"]) ? 1 : 0); $zones = znGetZonesById((int) $_POST["countryID"]); $smarty->hassign("zones", $zones); $additional_field_values = array(); $data = ScanPostVariableWithId(array("additional_field")); foreach ($data as $key => $val) { $item = array("reg_field_ID" => $key, "reg_field_name" => "", "reg_field_value" => $val["additional_field"]); $additional_field_values[] = $item; } $smarty->hassign("additional_field_values", $additional_field_values); $smarty->assign("countryID", (int) $_POST["countryID"]); if (isset($_POST["state"])) { $smarty->hassign("state", trim($_POST["state"])); } if (isset($_POST["zoneID"])) { $smarty->assign("zoneID", (int) $_POST["zoneID"]); } $smarty->hassign("city", trim($_POST["city"])); $smarty->hassign("address", trim($_POST["address"])); if (isset($_POST["order"]) || isset($_GET["order"])) { if (isset($_POST["billing_address_check"])) { $smarty->assign("billing_address_check", "1"); } $smarty->hassign("receiver_first_name", trim($_POST["receiver_first_name"])); $smarty->hassign("receiver_last_name", trim($_POST["receiver_last_name"])); if (!isset($_POST["billing_address_check"])) { $smarty->hassign("payer_first_name", trim($_POST["payer_first_name"])); $smarty->hassign("payer_last_name", trim($_POST["payer_last_name"])); $smarty->assign("billingCountryID", (int) $_POST["billingCountryID"]); if (isset($_POST["billingState"])) { $smarty->hassign("billingState", trim($_POST["billingState"])); } if (isset($_POST["billingZoneId"])) { $smarty->assign("billingZoneId", (int) $_POST["billingZoneId"]); } $smarty->hassign("billingCity", trim($_POST["billingCity"])); $smarty->hassign("billingAddress", trim($_POST["billingAddress"])); $billingZones = znGetZonesById((int) $_POST["billingCountryID"]); $smarty->assign("billingZones", $billingZones); } else { $smarty->hassign("payer_first_name", trim($_POST["receiver_first_name"])); $smarty->hassign("payer_last_name", trim($_POST["receiver_last_name"])); $smarty->assign("billingCountryID", (int) $_POST["countryID"]); if (isset($_POST["state"])) { $smarty->hassign("billingState", trim($_POST["state"])); } if (isset($_POST["zoneId"])) { $smarty->assign("billingZoneId", (int) $_POST["zoneId"]); } $smarty->hassign("billingCity", trim($_POST["city"])); $smarty->hassign("billingAddress", trim($_POST["address"])); $smarty->assign("billingZones", $zones); } } }
cnDeleteCountry($_GET["delete"]); Redirect(_getUrlToDelete()); } if (isset($_POST["save_countries"])) { if (CONF_BACKEND_SAFEMODE) { Redirect(_getUrlToSubmit() . "&safemode=yes"); } // add new manufacturer $name = $_POST["new_country_name"]; $iso2 = $_POST["new_country_iso2"]; $iso3 = $_POST["new_country_iso3"]; if ($name != "") { cnAddCountry($name, $iso2, $iso3); } // update manufacturers $data = ScanPostVariableWithId(array("country_name", "country_iso2", "country_iso3")); // update existing pictures foreach ($data as $key => $val) { cnUpdateCountry($key, $data[$key]["country_name"], $data[$key]["country_iso2"], $data[$key]["country_iso3"]); } Redirect(_getUrlToSubmit()); } $callBackParam = array(); $countries = array(); $count = 0; $navigatorHtml = GetNavigatorHtml(ADMIN_FILE . "?dpt=conf&sub=countries", 20, 'cnGetCountries', $callBackParam, $countries, $offset, $count); if (isset($_POST["save_countries"])) { Redirect(_getUrlToSubmit()); } $smarty->hassign("urlToDelete", _getUrlToDelete()); $smarty->hassign("urlToSubmit", _getUrlToSubmit());
if (CONF_BACKEND_SAFEMODE) { Redirect(ADMIN_FILE . "?dpt=custord&sub=order_statuses&safemode=yes"); } if (!ostDeleteOrderStatus($_GET["delete"])) { $smarty->assign("prompt", ADMIN_COULDNT_DELETE_ORDER_STATUS); } } if (isset($_POST["save"])) { if (CONF_BACKEND_SAFEMODE) { Redirect(ADMIN_FILE . "?dpt=custord&sub=order_statuses&safemode=yes"); } if (trim($_POST["new_status_name"]) != "") { $sort_order = (int) $_POST["new_sort_order"]; ostAddOrderStatus(trim($_POST["new_status_name"]), $sort_order); } $updateData = ScanPostVariableWithId(array("status_name", "sort_order")); foreach ($updateData as $key => $value) { ostUpdateOrderStatus($key, $value["status_name"], $value["sort_order"]); } Redirect(ADMIN_FILE . "?dpt=custord&sub=order_statuses&save_successful=yes"); } if (isset($_GET["save_successful"])) { //show successful save confirmation message $smarty->assign("configuration_saved", 1); } $order_statues = ostGetOrderStatues(false, 'html'); $smarty->assign("order_statues", $order_statues); //set sub-department template $smarty->assign("admin_sub_dpt", "custord_order_statuses.tpl"); } }
if (isset($_GET["save_successful"])) { //show successful save confirmation message $smarty->assign("configuration_saved", 1); } if (isset($_GET["delete"])) { if (CONF_BACKEND_SAFEMODE) { Redirect(ADMIN_FILE . "?dpt=conf&sub=shipping&safemode=yes"); } shDeleteShippingMethod($_GET["delete"]); Redirect(ADMIN_FILE . "?dpt=conf&sub=shipping"); } if (isset($_POST["save_shipping"])) { if (CONF_BACKEND_SAFEMODE) { Redirect(ADMIN_FILE . "?dpt=conf&sub=shipping&safemode=yes"); } $values = ScanPostVariableWithId(array("Enabled", "name", "description", "email_comments_text", "module", "sort_order")); foreach ($values as $key => $value) { shUpdateShippingMethod($key, $value["name"], $value["description"], isset($value["Enabled"]) ? 1 : 0, (int) $value["sort_order"], $value["module"], $value["email_comments_text"]); } if (trim($_POST["new_name"]) != "") { shAddShippingMethod($_POST["new_name"], $_POST["new_description"], isset($_POST["new_Enabled"]) ? 1 : 0, (int) $_POST["new_sort_order"], $_POST["new_module"], $_POST["new_email_comments_text"]); } Redirect(ADMIN_FILE . "?dpt=conf&sub=shipping&save_successful=yes"); } /** * get all installed module objects */ $smarty->assign("shipping_types", shGetAllShippingMethods()); $smarty->assign("shipping_modules", modGetAllInstalledModuleObjs(SHIPPING_RATE_MODULE)); //set sub-department template $smarty->assign("admin_sub_dpt", "conf_shipping.tpl");
$smarty->assign("customer_groups", $customer_groups); $smarty->assign("reg_fields_values", $reg_fields_values); $smarty->assign("customerInfo", $customerInfo); } if ($_GET["customer_details"] == "address_book") { $log1 = regGetLoginById($_GET["customerID"]); $addresses = regGetAllAddressesByLogin($log1); for ($i = 0; $i < count($addresses); $i++) { $addresses[$i]["addressStr"] = regGetAddressStr($addresses[$i]["addressID"]); } $defaultAddressID = regGetDefaultAddressIDByLogin($log1); $smarty->assign("addresses", $addresses); $smarty->assign("defaultAddressID", $defaultAddressID); } if ($_GET["customer_details"] == "order_history") { $data = ScanPostVariableWithId(array("set_order_status")); foreach ($data as $orderID => $value) { ostSetOrderStatusToOrder($orderID, $_POST["order_status_in_table_" . $orderID]); } $orders = array(); $callBackParam = array(); $callBackParam["customerID"] = $_GET["customerID"]; if (isset($_GET["sort"])) { $callBackParam["sort"] = $_GET["sort"]; } if (isset($_GET["direction"])) { $callBackParam["direction"] = $_GET["direction"]; } $count = 0; $navigatorHtml = GetNavigatorHtml(_getUrlToNavigate_ORDER_HISTORY(), 20, 'ordGetOrders', $callBackParam, $orders, $offset, $count); $smarty->hassign("urlToSubmit", _getUrlToSubmit_ORDER_HISTORY());
//this action is forbidden when SAFE MODE is ON Redirect(_getUrlToSubmit() . '&safemode = yes'); } if (DeleteAllProductsOfThisCategory((int) $_GET['categoryID'])) { Redirect(ADMIN_FILE . '?dpt = catalog&sub = products_categories&categoryID = ' . $_GET['categoryID']); } else { Redirect(ADMIN_FILE . '?dpt = catalog&sub = products_categories&categoryID = ' . $_GET['categoryID'] . '&couldntToDeleteThisProducts = 1'); } } else { if (isset($_POST['products_update'])) { if (CONF_BACKEND_SAFEMODE) { //this action is forbidden when SAFE MODE is ON Redirect(_getUrlToSubmit() . '&safemode = yes'); } //save changes in current category $data = ScanPostVariableWithId(array('price', 'enable', 'left', 'sort_order', 'opt_margin')); foreach ($data as $k => $v) { unset($set); $price = number_format($v['price'], 2, '.', ''); if ($price >= 0) { $set .= ',Price = "' . $price . '"'; } if (isset($v['enable'])) { $set .= ',enabled = ' . (int) $v["enable"]; } if (isset($v['left'])) { $set .= ',in_stock = ' . (int) $v['left']; } if (isset($v['sort_order'])) { $set .= ',sort_order = ' . (int) $v["sort_order"]; }
if (isset($_GET["search"]) || $changeStatusIsPressed) { $url .= "&search=1"; } return $url; } if (isset($_POST["status_cpast"])) { $dataup = ScanPostVariableWithId(array("ordsel")); foreach ($dataup as $key => $val) { ostSetOrderStatusToOrder((int) $key, $_POST["status_cpast"], '', ''); } $smarty->assign("status_cpast_ok", 1); } else { $smarty->assign("status_cpast_ok", 0); } if (isset($_POST["orders_delete"])) { $dataup2 = ScanPostVariableWithId(array("ordsel")); foreach ($dataup2 as $key => $val) { ordDeleteOrder((int) $key); } $smarty->assign("orders_delete_ok", 1); } else { $smarty->assign("orders_delete_ok", 0); } $data = ScanGetVariableWithId(array("set_order_status")); $changeStatusIsPressed = count($data) != 0; if (isset($_GET["search"]) || $changeStatusIsPressed) { _copyDataFromGetToPage($smarty, $order_statuses); $callBackParam = array(); _setCallBackParamsToSearchOrders($callBackParam); $orders = array(); $count = 0;
if (isset($_POST["save"])) { if (CONF_BACKEND_SAFEMODE) { Redirect(ADMIN_FILE . "?do=configurator&safemode=yes&productID=" . $productID . "&optionID=" . $optionID); } $variantID_default = "null"; foreach ($_POST as $key => $value) { if (strstr($key, "default_radiobutton_")) { $key = str_replace("default_radiobutton_", "", $key); $variantID_default = (int) $key; } } $option_show_times = (int) $_POST["option_show_times"]; if ($option_show_times <= 0) { $option_show_times = 1; } $data = ScanPostVariableWithId(array("switchOn", "price_surplus")); UpdateConfiguriableProductOption($optionID, $productID, $option_show_times, $variantID_default, $data); } if (isset($_POST["save"]) || isset($_POST["close"])) { if (isset($_POST["save"])) { // save values on opener window echo "<script type='text/javascript'>"; echo "window.opener.document.getElementById('spwc').value='1';"; echo "window.opener.document.getElementById('option_radio_type_" . $optionID . "_3').click();"; echo "window.opener.document.getElementById('save_spwc').value='1';"; echo "window.opener.document.getElementById('MainForm').submit();"; echo "</script>"; } echo "<script type='text/javascript'>"; echo "window.close();"; echo "</script>";
} // update existing values $updateOptions = ScanPostVariableWithId(array("sort_order", "option_value")); optUpdateOptionValues($updateOptions); // add new value if (isset($_POST["add_value"]) && trim($_POST["add_value"]) != "") { optAddOptionValue($_POST["optionID"], $_POST["add_value"], (int) $_POST["add_sort"]); } Redirect(ADMIN_FILE . "?dpt=catalog&sub=extra&optionID=" . $_POST["optionID"]); } if (isset($_POST["save_options"])) { if (CONF_BACKEND_SAFEMODE) { Redirect(ADMIN_FILE . "?dpt=catalog&sub=extra&safemode=yes"); } //save existing $updateOptions = ScanPostVariableWithId(array("extra_option", "extra_sort")); //now update database optUpdateOptions($updateOptions); //add a new option if (isset($_POST["add_option"])) { optAddOption($_POST["add_option"], $_POST["add_sort"]); } Redirect(ADMIN_FILE . "?dpt=catalog&sub=extra&save_successful=yes"); } // delete value if (isset($_GET["kill_value"])) { if (CONF_BACKEND_SAFEMODE) { Redirect(ADMIN_FILE . "?dpt=catalog&sub=extra&optionID=" . $_GET["optionID"] . "&safemode=yes"); } $variantid = (int) $_GET["kill_value"]; db_query("delete from " . PRODUCTS_OPTIONS_VALUES_VARIANTS_TABLE . " where variantID=" . $variantid);
echo ADMIN_PRODUCT_TITLE; ?> </title> <?php // add new product and open configurator // it works when user click "setting..." and new product is added if (isset($_POST["AddProductAndOpenConfigurator"])) { if ($_POST["AddProductAndOpenConfigurator"] == 1) { if (CONF_BACKEND_SAFEMODE) { //this action is forbidden when SAFE MODE is ON Redirect(ADMIN_FILE . "?safemode=yes&productID=" . $_GET["productID"] . "&eaction=prod"); } $productID = AddProduct($_POST["categoryID"], $_POST["name"], $_POST["price"], $_POST["description"], $_POST["in_stock"], $_POST["brief_description"], $_POST["list_price"], $_POST["product_code"], $_POST["sort_order"], isset($_POST["ProductIsProgram"]), "eproduct_filename", $_POST["eproduct_available_days"], $_POST["eproduct_download_times"], $_POST["weight"], $_POST["meta_description"], $_POST["meta_keywords"], isset($_POST["free_shipping"]), $_POST["min_order_amount"], $_POST["shipping_freight"], $_POST["tax_class"], $_POST["currencyID"], $_POST["opt_margin"], $_POST["sef"], $_POST["title"]); $_GET["productID"] = $productID; $updatedValues = ScanPostVariableWithId(array("option_value", "option_radio_type")); configUpdateOptionValue($productID, $updatedValues); OpenConfigurator($_POST["optionID"], $productID); } } // show product if ($_GET["productID"] != 0) { $product = GetProduct($_GET["productID"]); $product["description"] = html_spchars($product["description"]); $product["brief_description"] = html_spchars($product["brief_description"]); $product["sef"] = html_spchars($product["sef"]); if (!$product["title"]) { $product["title"] = ""; } $title = ADMIN_PRODUCT_EDITN; } else {
znDeleteZone($_GET["delete"]); Redirect(ADMIN_FILE . "?dpt=conf&sub=zones&countryID=" . $_GET["countryID"]); } if (isset($_POST["save_zones"])) { if (CONF_BACKEND_SAFEMODE) { Redirect(ADMIN_FILE . "?dpt=conf&sub=zones&countryID=" . $_GET["countryID"] . "&safemode=yes"); } // add new zone $name = $_POST["new_zone_name"]; $code = $_POST["new_zone_code"]; $countryID = $_GET["countryID"]; if ($name != "") { znAddZone($name, $code, $countryID); } // update zones list $data = ScanPostVariableWithId(array("zone_name", "zone_code")); foreach ($data as $key => $val) { znUpdateZone($key, $data[$key]["zone_name"], $data[$key]["zone_code"], $countryID); } Redirect(ADMIN_FILE . "?dpt=conf&sub=zones&countryID=" . $_GET["countryID"]); } //if country is not selected, select the first country from the database if (!isset($_GET["countryID"])) { $q = db_query("select countryID from " . COUNTRIES_TABLE); $row = db_fetch_row($q); Redirect(ADMIN_FILE . "?dpt=conf&sub=zones&countryID=" . $row[0]); } $callBackParam = null; $count_row = 0; $navigatorParams = null; $countries = cnGetCountries($callBackParam, $count_row, $navigatorParams);
$smarty->assign("configuration_saved", 1); } if (isset($_GET["delete"])) { if (CONF_BACKEND_SAFEMODE) { Redirect(ADMIN_FILE . "?dpt=conf&sub=currencies&safemode=yes"); } // delete currency currDeleteCurrency($_GET["delete"]); Redirect(ADMIN_FILE . "?dpt=conf&sub=currencies"); } if (isset($_POST["save_currencies"])) { if (CONF_BACKEND_SAFEMODE) { Redirect(ADMIN_FILE . "?dpt=conf&sub=currencies&safemode=yes"); } // scan data $data = ScanPostVariableWithId(array("curr_name", "curr_value", "curr_where", "curr_code", "curr_sort", "curr_currencyIso3", "curr_roundval")); // update existing currencies foreach ($data as $key => $val) { if ($val["curr_name"] == "" || $val["curr_currencyIso3"] == "" || $val["curr_code"] == "") { continue; } $val["curr_value"] = (double) $val["curr_value"]; // fb($val["curr_value"]); $val["curr_sort"] = (int) $val["curr_sort"]; $val["curr_where"] = (int) $val["curr_where"]; $val["curr_where"] = (int) $val["curr_where"]; $val["curr_roundval"] = (int) $val["curr_roundval"]; if ($val["curr_value"] < 0) { continue; } currUpdateCurrency($key, $val["curr_name"], $val["curr_code"], $val["curr_currencyIso3"], $val["curr_value"], $val["curr_where"], $val["curr_sort"], $val["curr_roundval"]);
if (CONF_BACKEND_SAFEMODE) { Redirect(ADMIN_FILE . "?dpt=custord&sub=discounts&safemode=yes"); } $_POST["save"] = 1; } $control = settingCallHtmlFunction("CONF_DISCOUNT_TYPE"); if (isset($_POST["discount_type_save"])) { Redirect(ADMIN_FILE . "?dpt=custord&sub=discounts"); } $smarty->assign("control", $control); if (isset($_POST["save_order_price_discounts"])) { if (CONF_BACKEND_SAFEMODE) { Redirect(ADMIN_FILE . "?dpt=custord&sub=discounts&safemode=yes"); } $error = false; $data = ScanPostVariableWithId(array("percent_discount", "price_range")); foreach ($data as $discount_id => $val) { if (!dscUpdateOrderPriceDiscount($discount_id, $val["price_range"], (double) $val["percent_discount"])) { $error = true; } } if (trim($_POST["new_price_range"]) != "") { if (!dscAddOrderPriceDiscount((double) $_POST["new_price_range"], (double) $_POST["new_percent_discount"])) { $error = true; } } if ($error) { Redirect(ADMIN_FILE . "?dpt=custord&sub=discounts&error=yes"); } else { Redirect(ADMIN_FILE . "?dpt=custord&sub=discounts"); }
Redirect(ADMIN_FILE . "?dpt=custord&sub=reg_fields"); } if (isset($_POST["save_fields"])) { if (CONF_BACKEND_SAFEMODE) { Redirect(ADMIN_FILE . "?dpt=custord&sub=reg_fields&safemode=yes"); } // add new field if (trim($_POST["new_reg_field_name"]) != "") { $new_reg_field_required = 0; if (isset($_POST["new_reg_field_required"])) { $new_reg_field_required = 1; } AddRegField($_POST["new_reg_field_name"], $new_reg_field_required, $_POST["new_sort_order"]); } // update fields $data = ScanPostVariableWithId(array("reg_field_name", "reg_field_required", "sort_order")); foreach ($data as $key => $val) { if (!isset($val["reg_field_required"])) { $val["reg_field_required"] = 0; } UpdateRegField($key, $val["reg_field_name"], $val["reg_field_required"], $val["sort_order"]); } Redirect(ADMIN_FILE . "?dpt=custord&sub=reg_fields"); } if (isset($_POST["save_address_form"])) { if (CONF_BACKEND_SAFEMODE) { Redirect(ADMIN_FILE . "?dpt=custord&sub=reg_fields&safemode=yes"); } db_query("update " . SETTINGS_TABLE . " set settings_value = '" . (int) $_POST["addr_state"] . "' where settings_constant_name = 'CONF_ADDRESSFORM_STATE'"); db_query("update " . SETTINGS_TABLE . " set settings_value = '" . (int) $_POST["addr_city"] . "' where settings_constant_name = 'CONF_ADDRESSFORM_CITY'"); db_query("update " . SETTINGS_TABLE . " set settings_value = '" . (int) $_POST["addr_address"] . "' where settings_constant_name = 'CONF_ADDRESSFORM_ADDRESS'");