function smn_update_whos_online()
{
global $customer_id;
if (smn_session_is_registered('customer_id')) {
$wo_customer_id = $customer_id;
$customer_query = smn_db_query("select customers_firstname, customers_lastname from " . TABLE_CUSTOMERS . " where customers_id = '" . (int) $customer_id . "'");
$customer = smn_db_fetch_array($customer_query);
$wo_full_name = $customer['customers_firstname'] . ' ' . $customer['customers_lastname'];
} else {
$wwo_full_name = 'Guest';
}
$wo_session_id = smn_session_id();
$wo_ip_address = getenv('REMOTE_ADDR');
$wo_last_page_url = getenv('REQUEST_URI');
$current_time = time();
$xx_mins_ago = $current_time - 900;
// remove entries that have expired
smn_db_query("delete from " . TABLE_WHOS_ONLINE . " where time_last_click < '" . $xx_mins_ago . "'");
$stored_customer_query = smn_db_query("select count(*) as count from " . TABLE_WHOS_ONLINE . " where session_id = '" . smn_db_input($wo_session_id) . "'");
$stored_customer = smn_db_fetch_array($stored_customer_query);
if ($stored_customer['count'] > 0) {
smn_db_query("update " . TABLE_WHOS_ONLINE . " set customer_id = '" . (int) $wo_customer_id . "', full_name = '" . smn_db_input($wo_full_name) . "', ip_address = '" . smn_db_input($wo_ip_address) . "', time_last_click = '" . smn_db_input($current_time) . "', last_page_url = '" . smn_db_input($wo_last_page_url) . "' where session_id = '" . smn_db_input($wo_session_id) . "'");
} else {
smn_db_query("insert into " . TABLE_WHOS_ONLINE . " (customer_id, full_name, session_id, ip_address, time_entry, time_last_click, last_page_url) values ('" . (int) $wo_customer_id . "', '" . smn_db_input($wo_full_name) . "', '" . smn_db_input($wo_session_id) . "', '" . smn_db_input($wo_ip_address) . "', '" . smn_db_input($current_time) . "', '" . smn_db_input($current_time) . "', '" . smn_db_input($wo_last_page_url) . "')");
}
}
function smn_get_languages_directory($code)
{
global $languages_id;
$language_query = smn_db_query("select languages_id, directory from " . TABLE_LANGUAGES . " where code = '" . smn_db_input($code) . "'");
if (smn_db_num_rows($language_query)) {
$language = smn_db_fetch_array($language_query);
$languages_id = $language['languages_id'];
return $language['directory'];
} else {
return false;
}
}
function send($newsletter_id)
{
$mail_query = smn_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_newsletter = '1'");
$mimemessage = new email(array('X-Mailer: oscMall bulk mailer'));
$mimemessage->add_html($this->content);
$mimemessage->build_message();
while ($mail = smn_db_fetch_array($mail_query)) {
$mimemessage->send($mail['customers_firstname'] . ' ' . $mail['customers_lastname'], $mail['customers_email_address'], '', EMAIL_FROM, $this->title);
}
$newsletter_id = smn_db_prepare_input($newsletter_id);
smn_db_query("update " . TABLE_NEWSLETTERS . " set date_sent = now(), status = '1' where newsletters_id = '" . smn_db_input($newsletter_id) . "'");
}
function splitPageResults($query, $max_rows, $count_key = '*', $page_holder = 'page')
{
global $_GET, $_POST;
$this->sql_query = $query;
$this->page_name = $page_holder;
if (isset($_GET[$page_holder])) {
$page = $_GET[$page_holder];
} elseif (isset($_POST[$page_holder])) {
$page = $_POST[$page_holder];
} else {
$page = '';
}
if (empty($page) || !is_numeric($page)) {
$page = 1;
}
$this->current_page_number = $page;
$this->number_of_rows_per_page = $max_rows;
$pos_to = strlen($this->sql_query);
$pos_from = strpos($this->sql_query, ' from', 0);
$pos_group_by = strpos($this->sql_query, ' group by', $pos_from);
if ($pos_group_by < $pos_to && $pos_group_by != false) {
$pos_to = $pos_group_by;
}
$pos_having = strpos($this->sql_query, ' having', $pos_from);
if ($pos_having < $pos_to && $pos_having != false) {
$pos_to = $pos_having;
}
$pos_order_by = strpos($this->sql_query, ' order by', $pos_from);
if ($pos_order_by < $pos_to && $pos_order_by != false) {
$pos_to = $pos_order_by;
}
if (strpos($this->sql_query, 'distinct') || strpos($this->sql_query, 'group by')) {
$count_string = 'distinct ' . smn_db_input($count_key);
} else {
$count_string = smn_db_input($count_key);
}
$count_query = smn_db_query("select count(" . $count_string . ") as total " . substr($this->sql_query, $pos_from, $pos_to - $pos_from));
$count = smn_db_fetch_array($count_query);
$this->number_of_rows = $count['total'];
$this->number_of_pages = ceil($this->number_of_rows / $this->number_of_rows_per_page);
if ($this->current_page_number > $this->number_of_pages) {
$this->current_page_number = $this->number_of_pages;
}
$offset = max($this->number_of_rows_per_page * ($this->current_page_number - 1), 0);
// systemsmanager begin - Dec 1, 2005 security patch
// $this->sql_query .= " limit " . $offset . ", " . $this->number_of_rows_per_page;
$this->sql_query .= " limit " . max($offset, 0) . ", " . $this->number_of_rows_per_page;
// systemsmanager end
}
$banner_query = smn_db_query("select banners_url from " . TABLE_BANNERS . " where banners_id = '" . (int) $_GET['goto'] . "'");
if (smn_db_num_rows($banner_query)) {
$banner = smn_db_fetch_array($banner_query);
smn_update_banner_click_count($_GET['goto']);
smn_redirect($banner['banners_url']);
}
break;
case 'url':
// systemsmanager begin - Dec 1, 2005 security patch
/*
if (isset($_GET['goto']) && smn_not_null($_GET['goto'])) {
smn_redirect('http://' . $_GET['goto']);
}
*/
if (isset($_GET['goto']) && smn_not_null($_GET['goto'])) {
$check_query = smn_db_query("select products_url from " . TABLE_PRODUCTS_DESCRIPTION . " where products_url = '" . smn_db_input($_GET['goto']) . "' limit 1");
if (smn_db_num_rows($check_query)) {
smn_redirect('http://' . $_GET['goto']);
}
}
// systemsmanager end
break;
case 'manufacturer':
if (isset($_GET['manufacturers_id']) && smn_not_null($_GET['manufacturers_id'])) {
$manufacturer_query = smn_db_query("select manufacturers_url from " . TABLE_MANUFACTURERS_INFO . " where manufacturers_id = '" . (int) $_GET['manufacturers_id'] . "' and languages_id = '" . (int) $languages_id . "'");
if (smn_db_num_rows($manufacturer_query)) {
// url exists in selected language
$manufacturer = smn_db_fetch_array($manufacturer_query);
if (smn_not_null($manufacturer['manufacturers_url'])) {
smn_db_query("update " . TABLE_MANUFACTURERS_INFO . " set url_clicked = url_clicked+1, date_last_click = now() where manufacturers_id = '" . (int) $_GET['manufacturers_id'] . "' and languages_id = '" . (int) $languages_id . "'");
smn_redirect($manufacturer['manufacturers_url']);
if (!smn_validate_password($password, $check_customer['customers_password'])) {
$error = true;
} else {
if (SESSION_RECREATE == 'True') {
smn_session_recreate();
}
$check_country_query = smn_db_query("select entry_country_id, entry_zone_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int) $check_customer['customers_id'] . "' and address_book_id = '" . (int) $check_customer['customers_default_address_id'] . "'");
$check_country = smn_db_fetch_array($check_country_query);
$check_customer_store_query = smn_db_query("select store_id from " . TABLE_ADMIN . " where customer_id = '" . smn_db_input($check_customer['customers_id']) . "'");
if (smn_db_num_rows($check_customer_store_query)) {
$check_customer_store = smn_db_fetch_array($check_customer_store_query);
$customer_store_id = $check_customer_store['store_id'];
smn_session_register('customer_store_id');
}
/*Code to register session for affiliate by Cimi*/
$check_sales_agent_query = smn_db_query("select a.affiliate_id from " . TABLE_CUSTOMERS . " c, " . TABLE_AFFILIATE . " a where c.customers_id = '" . smn_db_input($check_customer['customers_id']) . "' and a.affiliate_customer_id = c.customers_id");
if (smn_db_num_rows($check_sales_agent_query)) {
$check_sales_agent = smn_db_fetch_array($check_sales_agent_query);
$affiliate_id = $check_sales_agent['affiliate_id'];
smn_session_register('affiliate_id');
$affiliate_email = $check_customer['customers_email_address'];
$affiliate_name = $check_customer['customer_first_name'];
smn_session_register('affiliate_email');
smn_session_register('affiliate_name');
}
/*End of code*/
$customer_id = $check_customer['customers_id'];
$customer_default_address_id = $check_customer['customers_default_address_id'];
$customer_first_name = $check_customer['customers_firstname'];
$customer_country_id = $check_country['entry_country_id'];
$customer_zone_id = $check_country['entry_zone_id'];
if (smn_not_null($action)) {
switch ($action) {
case 'insert':
$tax_zone_id = smn_db_prepare_input($_POST['tax_zone_id']);
$tax_class_id = smn_db_prepare_input($_POST['tax_class_id']);
$tax_rate = smn_db_prepare_input($_POST['tax_rate']);
$tax_description = smn_db_prepare_input($_POST['tax_description']);
$tax_priority = smn_db_prepare_input($_POST['tax_priority']);
smn_db_query("insert into " . TABLE_TAX_RATES . " (store_id, tax_zone_id, tax_class_id, tax_rate, tax_description, tax_priority, date_added) values ('" . (int) $store_id . "', '" . (int) $tax_zone_id . "', '" . (int) $tax_class_id . "', '" . smn_db_input($tax_rate) . "', '" . smn_db_input($tax_description) . "', '" . smn_db_input($tax_priority) . "', now())");
smn_redirect(smn_href_link(FILENAME_TAX_RATES));
break;
case 'save':
$tax_rates_id = smn_db_prepare_input($_GET['tID']);
$tax_zone_id = smn_db_prepare_input($_POST['tax_zone_id']);
$tax_class_id = smn_db_prepare_input($_POST['tax_class_id']);
$tax_rate = smn_db_prepare_input($_POST['tax_rate']);
$tax_description = smn_db_prepare_input($_POST['tax_description']);
$tax_priority = smn_db_prepare_input($_POST['tax_priority']);
smn_db_query("update " . TABLE_TAX_RATES . " set tax_rates_id = '" . (int) $tax_rates_id . "', tax_zone_id = '" . (int) $tax_zone_id . "', tax_class_id = '" . (int) $tax_class_id . "', tax_rate = '" . smn_db_input($tax_rate) . "', tax_description = '" . smn_db_input($tax_description) . "', tax_priority = '" . smn_db_input($tax_priority) . "', last_modified = now() where tax_rates_id = '" . (int) $tax_rates_id . "' and store_id = '" . $store_id . "'");
smn_redirect(smn_href_link(FILENAME_TAX_RATES, 'page=' . $_GET['page'] . '&tID=' . $tax_rates_id));
break;
case 'deleteconfirm':
$tax_rates_id = smn_db_prepare_input($_GET['tID']);
smn_db_query("delete from " . TABLE_TAX_RATES . " where tax_rates_id = '" . (int) $tax_rates_id . "' and store_id = '" . $store_id . "'");
smn_redirect(smn_href_link(FILENAME_TAX_RATES, 'page=' . $_GET['page']));
break;
}
}
$content_page = basename($_SERVER['PHP_SELF']);
require 'templates/default/layout.php';
require DIR_WS_INCLUDES . 'application_bottom.php';
require 'includes/application_top.php';
$action = isset($_GET['action']) ? $_GET['action'] : '';
if (smn_not_null($action)) {
switch ($action) {
case 'insert':
$countries_name = smn_db_prepare_input($_POST['countries_name']);
$countries_iso_code_2 = smn_db_prepare_input($_POST['countries_iso_code_2']);
$countries_iso_code_3 = smn_db_prepare_input($_POST['countries_iso_code_3']);
$address_format_id = smn_db_prepare_input($_POST['address_format_id']);
smn_db_query("insert into " . TABLE_COUNTRIES . " (countries_name, countries_iso_code_2, countries_iso_code_3, address_format_id) values ('" . smn_db_input($countries_name) . "', '" . smn_db_input($countries_iso_code_2) . "', '" . smn_db_input($countries_iso_code_3) . "', '" . (int) $address_format_id . "')");
smn_redirect(smn_href_link(FILENAME_COUNTRIES));
break;
case 'save':
$countries_id = smn_db_prepare_input($_GET['cID']);
$countries_name = smn_db_prepare_input($_POST['countries_name']);
$countries_iso_code_2 = smn_db_prepare_input($_POST['countries_iso_code_2']);
$countries_iso_code_3 = smn_db_prepare_input($_POST['countries_iso_code_3']);
$address_format_id = smn_db_prepare_input($_POST['address_format_id']);
smn_db_query("update " . TABLE_COUNTRIES . " set countries_name = '" . smn_db_input($countries_name) . "', countries_iso_code_2 = '" . smn_db_input($countries_iso_code_2) . "', countries_iso_code_3 = '" . smn_db_input($countries_iso_code_3) . "', address_format_id = '" . (int) $address_format_id . "' where countries_id = '" . (int) $countries_id . "'");
smn_redirect(smn_href_link(FILENAME_COUNTRIES, 'page=' . $_GET['page'] . '&cID=' . $countries_id));
break;
case 'deleteconfirm':
$countries_id = smn_db_prepare_input($_GET['cID']);
smn_db_query("delete from " . TABLE_COUNTRIES . " where countries_id = '" . (int) $countries_id . "'");
smn_redirect(smn_href_link(FILENAME_COUNTRIES, 'page=' . $_GET['page']));
break;
}
}
$content_page = basename($_SERVER['PHP_SELF']);
require 'templates/default/layout.php';
require DIR_WS_INCLUDES . 'application_bottom.php';
This source file is subject to version 2.0 of the GPL license,
that is bundled with this package in the file LICENSE. If you
did not receive a copy of the oscMall System license and are unable
to obtain it through the world-wide-web, please send a note to
license@systemsmanager.net so we can mail you a copy immediately.
*/
require 'includes/application_top.php';
if (isset($_GET['ID'])) {
$GLOBALS['store_id'] = '';
smn_redirect(smn_href_link(FILENAME_LOGIN, '', 'NONSSL'));
}
if (isset($_GET['action']) && $_GET['action'] == 'process') {
$email_address = smn_db_prepare_input($_POST['email_address']);
$password = smn_db_prepare_input($_POST['password']);
// Check if email exists
$check_admin_query = smn_db_query("select store_id, admin_id as login_id, admin_groups_id as login_groups_id, admin_firstname as login_firstname, admin_email_address as login_email_address, admin_password as login_password, admin_modified as login_modified, admin_logdate as login_logdate, admin_lognum as login_lognum from " . TABLE_ADMIN . " where admin_email_address = '" . smn_db_input($email_address) . "'");
if (!smn_db_num_rows($check_admin_query)) {
$login = '******';
} else {
$check_admin = smn_db_fetch_array($check_admin_query);
// Check that password is good
if (!smn_validate_password($password, $check_admin['login_password'])) {
$login = '******';
} else {
if (smn_session_is_registered('password_forgotten')) {
smn_session_unregister('password_forgotten');
}
$login_id = $check_admin['login_id'];
$store_id = $check_admin['store_id'];
$login_groups_id = $check_admin['login_groups_id'];
$login_firstname = $check_admin['login_firstname'];
if (ACCOUNT_DOB == 'true') $sql_data_array['affiliate_dob'] = smn_date_raw($affiliate_dob);
if (ACCOUNT_GENDER == 'true') $sql_data_array['affiliate_gender'] = $affiliate_gender;
if (ACCOUNT_COMPANY == 'true') {
$sql_data_array['affiliate_company'] = $affiliate_company;
$sql_data_array['affiliate_company_taxid'] = $affiliate_company_taxid;
}
if (ACCOUNT_SUBURB == 'true') $sql_data_array['affiliate_suburb'] = $affiliate_suburb;
if (ACCOUNT_STATE == 'true') {
$sql_data_array['affiliate_state'] = $affiliate_state;
$sql_data_array['affiliate_zone_id'] = $affiliate_zone_id;
}
$sql_data_array['affiliate_date_account_last_modified'] = 'now()';*/
$sql_data_array = array('affiliate_payment_check' => $affiliate_payment_check, 'affiliate_payment_paypal' => $affiliate_payment_paypal, 'affiliate_payment_bank_name' => $affiliate_payment_bank_name, 'affiliate_payment_bank_branch_number' => $affiliate_payment_bank_branch_number, 'affiliate_payment_bank_swift_code' => $affiliate_payment_bank_swift_code, 'affiliate_payment_bank_account_name' => $affiliate_payment_bank_account_name, 'affiliate_payment_bank_account_number' => $affiliate_payment_bank_account_number, 'affiliate_homepage' => $affiliate_homepage, 'affiliate_commission_percent' => $affiliate_commission_percent, 'affiliate_agb' => '1');
if (ACCOUNT_COMPANY == 'true') {
$sql_data_array['affiliate_company_taxid'] = $affiliate_company_taxid;
}
smn_db_perform(TABLE_AFFILIATE, $sql_data_array, 'update', "affiliate_id = '" . smn_db_input($affiliate_id) . "'");
smn_redirect(smn_href_link(FILENAME_AFFILIATE, smn_get_all_get_params(array('acID', 'action')) . 'acID=' . $affiliate_id));
break;
case 'deleteconfirm':
$affiliate_id = smn_db_prepare_input($_GET['acID']);
affiliate_delete(smn_db_input($affiliate_id));
smn_redirect(smn_href_link(FILENAME_AFFILIATE, smn_get_all_get_params(array('acID', 'action'))));
break;
}
}
$content_page = basename($_SERVER['PHP_SELF']);
require 'templates/default/layout.php';
require DIR_WS_INCLUDES . 'application_bottom.php';
</td>
<td class="dataTableHeadingContent" align="center"><?php
echo COUPON_STATUS;
?>
</td>
<td class="dataTableHeadingContent" align="right"><?php
echo TABLE_HEADING_ACTION;
?>
</td>
</tr>
<?php
if ($_GET['page'] > 1) {
$rows = $_GET['page'] * 20 - 20;
}
if ($status != '*') {
$cc_query_raw = "select * from " . TABLE_COUPONS . " where coupon_active='" . smn_db_input($status) . "' and coupon_type != 'G'";
} else {
$cc_query_raw = "select * from " . TABLE_COUPONS . " where coupon_type != 'G'";
}
$cc_split = new splitPageResults($_GET['page'], MAX_DISPLAY_SEARCH_RESULTS, $cc_query_raw, $cc_query_numrows);
$cc_query = smn_db_query($cc_query_raw);
while ($cc_list = smn_db_fetch_array($cc_query)) {
$rows++;
if (strlen($rows) < 2) {
$rows = '0' . $rows;
}
if ((!$_GET['cid'] || @$_GET['cid'] == $cc_list['coupon_id']) && !$cInfo) {
$cInfo = new objectInfo($cc_list);
}
if (is_object($cInfo) && $cc_list['coupon_id'] == $cInfo->coupon_id) {
echo ' <tr class="dataTableRowSelected" onmouseover="this.style.cursor=\'hand\'" onclick="document.location.href=\'' . smn_href_link('coupon_admin.php', smn_get_all_get_params(array('cid', 'action')) . 'cid=' . $cInfo->coupon_id . '&action=edit') . '\'">' . "\n";
<td><table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr>
<td class="pageHeading"><?php
echo HEADING_TITLE;
?>
</td>
</tr>
</table></td>
</tr>
<?php
if ($_GET['action'] == 'new') {
$form_action = 'insert';
if ($_GET['abID']) {
$abID = smn_db_prepare_input($_GET['abID']);
$form_action = 'update';
$affiliate_banner_query = smn_db_query("select * from " . TABLE_AFFILIATE_BANNERS . " where affiliate_banners_id = '" . smn_db_input($abID) . "'");
$affiliate_banner = smn_db_fetch_array($affiliate_banner_query);
$abInfo = new objectInfo($affiliate_banner);
} elseif ($_POST) {
$abInfo = new objectInfo($_POST);
} else {
$abInfo = new objectInfo(array());
}
$groups_array = array();
$groups_query = smn_db_query("select distinct affiliate_banners_group from " . TABLE_AFFILIATE_BANNERS . " order by affiliate_banners_group");
while ($groups = smn_db_fetch_array($groups_query)) {
$groups_array[] = array('id' => $groups['affiliate_banners_group'], 'text' => $groups['affiliate_banners_group']);
}
?>
<tr>
<td><?php
}
if (strlen($city) < ENTRY_CITY_MIN_LENGTH) {
$error = true;
$messageStack->add('addressbook', ENTRY_CITY_ERROR);
}
if (!is_numeric($country)) {
$error = true;
$messageStack->add('addressbook', ENTRY_COUNTRY_ERROR);
}
if (ACCOUNT_STATE == 'true') {
$zone_id = 0;
$check_query = smn_db_query("select count(*) as total from " . TABLE_ZONES . " where zone_country_id = '" . (int) $country . "'");
$check = smn_db_fetch_array($check_query);
$entry_state_has_zones = $check['total'] > 0;
if ($entry_state_has_zones == true) {
$zone_query = smn_db_query("select distinct zone_id from " . TABLE_ZONES . " where zone_country_id = '" . (int) $country . "' and (upper(zone_name) = upper('" . smn_db_input($state) . "') or upper(zone_code) = upper('" . smn_db_input($state) . "'))");
if (smn_db_num_rows($zone_query) == 1) {
$zone = smn_db_fetch_array($zone_query);
$zone_id = $zone['zone_id'];
} else {
$error = true;
$messageStack->add('addressbook', ENTRY_STATE_ERROR_SELECT);
}
} else {
if (strlen($state) < ENTRY_STATE_MIN_LENGTH) {
$error = true;
$messageStack->add('addressbook', ENTRY_STATE_ERROR);
}
}
}
if ($error == false) {
$entry_telephone_error = false;
}
$passlen = strlen($a_password);
if ($passlen < ENTRY_PASSWORD_MIN_LENGTH) {
$error = true;
$entry_password_error = true;
} else {
$entry_password_error = false;
}
if ($a_password != $a_confirmation) {
$error = true;
$entry_password_error = true;
}
/* Changed the query to check the uniqueness of customer email By Cimi on June 13,2007*/
/*$check_email = smn_db_query("select affiliate_email_address from " . TABLE_AFFILIATE . " where affiliate_email_address = '" . smn_db_input($a_email_address) . "'");*/
$check_email = smn_db_query("select customers_email_address from " . TABLE_CUSTOMERS . " where customers_email_address = '" . smn_db_input($a_email_address) . "'");
if (smn_db_num_rows($check_email)) {
$error = true;
$entry_email_address_exists = true;
} else {
$entry_email_address_exists = false;
}
// Check Suburb
$entry_suburb_error = false;
// Check Fax
$entry_fax_error = false;
if (!affiliate_check_url($a_homepage)) {
$error = true;
$entry_homepage_error = true;
} else {
$entry_homepage_error = false;
license@systemsmanager.net so we can mail you a copy immediately.
*/
require 'includes/application_top.php';
$action = isset($_GET['action']) ? $_GET['action'] : '';
if (smn_not_null($action)) {
switch ($action) {
case 'insert':
$zone_country_id = smn_db_prepare_input($_POST['zone_country_id']);
$zone_code = smn_db_prepare_input($_POST['zone_code']);
$zone_name = smn_db_prepare_input($_POST['zone_name']);
smn_db_query("insert into " . TABLE_ZONES . " (zone_country_id, zone_code, zone_name) values ('" . (int) $zone_country_id . "', '" . smn_db_input($zone_code) . "', '" . smn_db_input($zone_name) . "')");
smn_redirect(smn_href_link(FILENAME_ZONES));
break;
case 'save':
$zone_id = smn_db_prepare_input($_GET['cID']);
$zone_country_id = smn_db_prepare_input($_POST['zone_country_id']);
$zone_code = smn_db_prepare_input($_POST['zone_code']);
$zone_name = smn_db_prepare_input($_POST['zone_name']);
smn_db_query("update " . TABLE_ZONES . " set zone_country_id = '" . (int) $zone_country_id . "', zone_code = '" . smn_db_input($zone_code) . "', zone_name = '" . smn_db_input($zone_name) . "' where zone_id = '" . (int) $zone_id . "'");
smn_redirect(smn_href_link(FILENAME_ZONES, 'page=' . $_GET['page'] . '&cID=' . $zone_id));
break;
case 'deleteconfirm':
$zone_id = smn_db_prepare_input($_GET['cID']);
smn_db_query("delete from " . TABLE_ZONES . " where zone_id = '" . (int) $zone_id . "'");
smn_redirect(smn_href_link(FILENAME_ZONES, 'page=' . $_GET['page']));
break;
}
}
$content_page = basename($_SERVER['PHP_SELF']);
require 'templates/default/layout.php';
require DIR_WS_INCLUDES . 'application_bottom.php';
</td>
<td class="dataTableContent" align="center"> </td>
<td class="dataTableContent" align="right"><?php
if (isset($cInfo) && is_object($cInfo) && $categories['categories_id'] == $cInfo->categories_id) {
echo smn_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', '');
} else {
echo '<a href="' . smn_href_link(FILENAME_CATEGORIES, 'cPath=' . $cPath . '&cID=' . $categories['categories_id']) . '">' . smn_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . '</a>';
}
?>
</td>
</tr>
<?php
}
$products_count = 0;
if (isset($_POST['search'])) {
$products_query = smn_db_query("select p.products_id, pd.products_name, p.products_quantity, p.products_image, p.products_price, p.products_date_added, p.products_last_modified, p.products_date_available, p.products_status, p2c.categories_id from " . TABLE_PRODUCTS . " p, " . TABLE_PRODUCTS_DESCRIPTION . " pd, " . TABLE_PRODUCTS_TO_CATEGORIES . " p2c where p2c.store_id = '" . $store_id . "' and p.store_id = '" . $store_id . "' and p.products_id = pd.products_id and pd.language_id = '" . (int) $languages_id . "' and p.products_id = p2c.products_id and pd.products_name like '%" . smn_db_input($search) . "%' order by pd.products_name");
} else {
$products_query = smn_db_query("select p.products_id, pd.products_name, p.products_quantity, p.products_image, p.products_price, p.products_date_added, p.products_last_modified, p.products_date_available, p.products_status from " . TABLE_PRODUCTS . " p, " . TABLE_PRODUCTS_DESCRIPTION . " pd, " . TABLE_PRODUCTS_TO_CATEGORIES . " p2c where p2c.store_id = '" . $store_id . "' and p.store_id = '" . $store_id . "' and p.products_id = pd.products_id and pd.language_id = '" . (int) $languages_id . "' and p.products_id = p2c.products_id and p2c.categories_id = '" . (int) $current_category_id . "' order by pd.products_name");
}
while ($products = smn_db_fetch_array($products_query)) {
$products_count++;
$rows++;
// Get categories_id for product if search
if (isset($_POST['search'])) {
$cPath = $products['categories_id'];
}
if ((!isset($_GET['pID']) && !isset($_GET['cID']) || isset($_GET['pID']) && $_GET['pID'] == $products['products_id']) && !isset($pInfo) && !isset($cInfo) && substr($action, 0, 3) != 'new') {
// find out the rating average from customer reviews
$reviews_query = smn_db_query("select (avg(reviews_rating) / 5 * 100) as average_rating from " . TABLE_REVIEWS . " where products_id = '" . (int) $products['products_id'] . "'");
$reviews = smn_db_fetch_array($reviews_query);
$pInfo_array = array_merge($products, $reviews);
$error = true;
$messageStack->add('account_edit', ENTRY_LAST_NAME_ERROR);
}
if (strlen($_POST['email_address']) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) {
$error = true;
$messageStack->add('account_edit', ENTRY_EMAIL_ADDRESS_ERROR);
}
if (strlen($_POST['city']) < ENTRY_CITY_MIN_LENGTH) {
$error = true;
$messageStack->add('account_edit', ENTRY_CITY_ERROR);
}
if (!smn_validate_email($_POST['email_address'])) {
$error = true;
$messageStack->add('account_edit', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
}
$check_email_query = smn_db_query("select count(*) as total from " . TABLE_CUSTOMERS . " where customers_email_address = '" . smn_db_input($_POST['email_address']) . "' and customers_id != '" . (int) $customer_id . "'");
$check_email = smn_db_fetch_array($check_email_query);
if ($check_email['total'] > 0) {
$error = true;
$messageStack->add('account_edit', ENTRY_EMAIL_ADDRESS_ERROR_EXISTS);
}
if (strlen($_POST['telephone']) < ENTRY_TELEPHONE_MIN_LENGTH) {
$error = true;
$messageStack->add('account_edit', ENTRY_TELEPHONE_NUMBER_ERROR);
}
if ($error == false) {
$profile_edit->set_firstname($_POST['firstname']);
$profile_edit->set_lastname($_POST['lastname']);
$profile_edit->set_email_address($_POST['email_address']);
$profile_edit->set_telephone($_POST['telephone']);
$profile_edit->set_fax($_POST['fax']);
</tr>
</table></td>
</tr>
<tr>
<td><?php echo smn_draw_separator('pixel_trans.gif', '1', '10'); ?></td>
</tr>
<tr>
<td class="main"><table border="1" cellspacing="0" cellpadding="5">
<tr>
<td class="smallText" align="center"><b><?php echo TABLE_HEADING_DATE_ADDED; ?></b></td>
<td class="smallText" align="center"><b><?php echo TABLE_HEADING_CUSTOMER_NOTIFIED; ?></b></td>
<td class="smallText" align="center"><b><?php echo TABLE_HEADING_STATUS; ?></b></td>
<td class="smallText" align="center"><b><?php echo TABLE_HEADING_COMMENTS; ?></b></td>
</tr>
<?php
$orders_history_query = smn_db_query("select orders_status_id, date_added, customer_notified, comments from " . TABLE_ORDERS_STATUS_HISTORY . " where orders_id = '" . smn_db_input($oID) . "' order by date_added");
if (smn_db_num_rows($orders_history_query)) {
while ($orders_history = smn_db_fetch_array($orders_history_query)) {
echo ' <tr>' . "\n" .
' <td class="smallText" align="center">' . $orders_history['date_added'] . '</td>' . "\n" .
' <td class="smallText" align="center">';
if ($orders_history['customer_notified'] == '1') {
echo smn_image(DIR_WS_ICONS . 'tick.gif', ICON_TICK) . "</td>\n";
} else {
echo smn_image(DIR_WS_ICONS . 'cross.gif', ICON_CROSS) . "</td>\n";
}
echo ' <td class="smallText">' . $orders_status_array[$orders_history['orders_status_id']] . '</td>' . "\n" .
' <td class="smallText">' . nl2br(smn_db_output($orders_history['comments'])) . ' </td>' . "\n" .
' </tr>' . "\n";
}
} else {
}';
exit;
}
smn_redirect(smn_href_link(FILENAME_LOGIN, '', 'NONSSL'));
}
}
define('AFFILIATE_NOTIFY_AFTER_BILLING', 'true');
// Nofify affiliate if he got a new invoice
define('AFFILIATE_DELETE_ORDERS', 'false');
// Delete affiliate_sales if an order is deleted (Warning: Only not yet billed sales are deleted)
define('AFFILIATE_TAX_ID', '1');
// Tax Rates used for billing the affiliates
// you get this from the URl (tID) when you select you Tax Rate at the admin: tax_rates.php?tID=1
// If set, the following actions take place each time you call the admin/affiliate_summary
define('AFFILIATE_DELETE_CLICKTHROUGHS', 'false');
// (days / false) To keep the clickthrough report small you can set the days after which they are deleted (when calling affiliate_summary in the admin)
define('AFFILIATE_DELETE_AFFILIATE_BANNER_HISTORY', 'false');
// (days / false) To keep thethe table AFFILIATE_BANNER_HISTORY small you can set the days after which they are deleted (when calling affiliate_summary in the admin)
// If an order is deleted delete the sale too (optional)
if ($_GET['action'] == 'deleteconfirm' && basename($HTTP_SERVER_VARS['SCRIPT_FILENAME']) == FILENAME_ORDERS && AFFILIATE_DELETE_ORDERS == 'true') {
$affiliate_oID = smn_db_prepare_input($_GET['oID']);
smn_db_query("delete from " . TABLE_AFFILIATE_SALES . " where affiliate_orders_id = '" . smn_db_input($affiliate_oID) . "' and affiliate_billing_status != 1");
}
define('SECURITY_CODE_LENGTH', '6');
require '../includes/classes/jQuery.php';
$jQuery = new jQuery();
$jQuery->loadAllExtensions();
$jQuery->loadAllPlugins();
//
// This define('JQUERY_MENU', 'jd_menu'); ( which will be moved into the database ) has 2 values currently: jd_menu or ??// accordion
define('JQUERY_MENU', 'jd_menu');
This source file is subject to version 2.0 of the GPL license,
that is bundled with this package in the file LICENSE. If you
did not receive a copy of the oscMall System license and are unable
to obtain it through the world-wide-web, please send a note to
license@systemsmanager.net so we can mail you a copy immediately.
*/
global $page_name;
// include the password crypto functions
require DIR_WS_FUNCTIONS . 'password_funcs.php';
if (isset($_GET['action']) && $_GET['action'] == 'process') {
$affiliate_username = smn_db_prepare_input($_POST['affiliate_username']);
$affiliate_password = smn_db_prepare_input($_POST['affiliate_password']);
// Check if username exists
/*Changed the query to take the sales agent details from customer table by Cimi*/
//$check_affiliate_query = smn_db_query("select affiliate_id, affiliate_firstname, affiliate_password, affiliate_email_address from " . TABLE_AFFILIATE . " where affiliate_email_address = '" . smn_db_input($affiliate_username) . "'");
$check_customer_query = smn_db_query("select a.affiliate_id,c.customers_id, c.customers_firstname, c.customers_password, c.customers_email_address, c.customers_default_address_id from " . TABLE_CUSTOMERS . " c," . TABLE_AFFILIATE . " a where c.customers_email_address = '" . smn_db_input($affiliate_username) . "' and c.customers_id=a.affiliate_customer_id");
if (!smn_db_num_rows($check_customer_query)) {
$_GET['login'] = '******';
} else {
$check_customer = smn_db_fetch_array($check_customer_query);
// Check that password is good
if (!smn_validate_password($affiliate_password, $check_customer['customers_password'])) {
$_GET['login'] = '******';
} else {
/*Changed the code to set the session of user and sales agent if the login is success by Cimi*/
/*$affiliate_id = $check_affiliate['affiliate_id'];
smn_session_register('affiliate_id');
$date_now = date('Ymd');
smn_db_query("update " . TABLE_AFFILIATE . " set affiliate_date_of_last_logon = now(), affiliate_number_of_logons = affiliate_number_of_logons + 1 where affiliate_id = '" . $affiliate_id . "'");*/
?>
<tr>
<td class="main"><?php
echo ENTRY_STATE;
?>
</td>
<td class="main">
<?php
$state = smn_get_zone_name($country, $zone_id, $state);
if ($is_read_only) {
echo smn_get_zone_name($account['entry_country_id'], $account['entry_zone_id'], $account['entry_state']);
} elseif ($error) {
if ($entry_state_error) {
if ($entry_state_has_zones) {
$zones_array = array();
$zones_query = smn_db_query("select zone_name from " . TABLE_ZONES . " where zone_country_id = '" . smn_db_input($country) . "' order by zone_name");
while ($zones_values = smn_db_fetch_array($zones_query)) {
$zones_array[] = array('id' => $zones_values['zone_name'], 'text' => $zones_values['zone_name']);
}
echo smn_draw_pull_down_menu('state', $zones_array) . ' ' . ENTRY_STATE_ERROR;
} else {
echo smn_draw_input_field('state') . ' ' . ENTRY_STATE_ERROR;
}
} else {
echo $state . smn_draw_hidden_field('zone_id') . smn_draw_hidden_field('state');
}
} else {
echo smn_draw_input_field('state', smn_get_zone_name($account['entry_country_id'], $account['entry_zone_id'], $account['entry_state'])) . ' ' . '<span class="inputRequirement">' . ENTRY_STATE_TEXT . '</span>';
}
?>
</td>
$messageStack->add('account_edit', ENTRY_POST_CODE_ERROR, '');
}
if (strlen($city) < ENTRY_CITY_MIN_LENGTH) {
$error = true;
$messageStack->add('account_edit', ENTRY_CITY_ERROR, '');
}
if (is_numeric($customer_country_id) == false) {
$error = true;
$messageStack->add('account_edit', ENTRY_COUNTRY_ERROR, '');
}
$customer_zone_id = 0;
$check_query = smn_db_query("select count(*) as total from " . TABLE_ZONES . " where zone_country_id = '" . (int) $customer_country_id . "'");
$check = smn_db_fetch_array($check_query);
$entry_state_has_zones = $check['total'] > 0;
if ($entry_state_has_zones == true) {
$zone_query = smn_db_query("select distinct zone_id from " . TABLE_ZONES . " where zone_country_id = '" . (int) $customer_country_id . "' and (zone_name = '" . smn_db_input($state) . "' or zone_code = '" . smn_db_input($state) . "')");
if (smn_db_num_rows($zone_query) == 1) {
$zone = smn_db_fetch_array($zone_query);
$customer_zone_id = $zone['zone_id'];
} else {
$error = true;
$entry_state_error = true;
$messageStack->add('account_edit', ENTRY_STATE_ERROR_SELECT, '');
}
} else {
if (strlen($state) < ENTRY_STATE_MIN_LENGTH) {
$error = true;
$messageStack->add('account_edit', ENTRY_STATE_ERROR, '');
}
}
$telephone = $_POST['telephone_0'] . '-' . $_POST['telephone_1'] . '-' . $_POST['telephone_2'];
smn_redirect(smn_href_link(FILENAME_AFFILIATE_BANNER_MANAGER, 'selected_box=affiliate&page=' . $_GET['page'] . '&abID=' . $affiliate_banners_id));
} else {
$_GET['action'] = 'new';
}
break;
case 'deleteconfirm':
$affiliate_banners_id = smn_db_prepare_input($_GET['abID']);
$delete_image = smn_db_prepare_input($_POST['delete_image']);
if ($delete_image == 'on') {
$affiliate_banner_query = smn_db_query("select affiliate_banners_image from " . TABLE_AFFILIATE_BANNERS . " where affiliate_banners_id = '" . smn_db_input($affiliate_banners_id) . "'");
$affiliate_banner = smn_db_fetch_array($affiliate_banner_query);
if (is_file(DIR_FS_CATALOG_IMAGES . $affiliate_banner['affiliate_banners_image'])) {
if (is_writeable(DIR_FS_CATALOG_IMAGES . $affiliate_banner['affiliate_banners_image'])) {
unlink(DIR_FS_CATALOG_IMAGES . $affiliate_banner['affiliate_banners_image']);
} else {
$messageStack->add_session(ERROR_IMAGE_IS_NOT_WRITEABLE, 'error');
}
} else {
$messageStack->add_session(ERROR_IMAGE_DOES_NOT_EXIST, 'error');
}
}
smn_db_query("delete from " . TABLE_AFFILIATE_BANNERS . " where affiliate_banners_id = '" . smn_db_input($affiliate_banners_id) . "'");
smn_db_query("delete from " . TABLE_AFFILIATE_BANNERS_HISTORY . " where affiliate_banners_id = '" . smn_db_input($affiliate_banners_id) . "'");
$messageStack->add_session(SUCCESS_BANNER_REMOVED, 'success');
smn_redirect(smn_href_link(FILENAME_AFFILIATE_BANNER_MANAGER, 'selected_box=affiliate&page=' . $_GET['page']));
break;
}
}
$content_page = basename($_SERVER['PHP_SELF']);
require 'templates/default/layout.php';
require DIR_WS_INCLUDES . 'application_bottom.php';
smn_redirect(smn_href_link(FILENAME_SPECIALS, 'page=' . $_GET['page']));
break;
case 'update':
$specials_id = smn_db_prepare_input($_POST['specials_id']);
$products_price = smn_db_prepare_input($_POST['products_price']);
$specials_price = smn_db_prepare_input($_POST['specials_price']);
$day = smn_db_prepare_input($_POST['day']);
$month = smn_db_prepare_input($_POST['month']);
$year = smn_db_prepare_input($_POST['year']);
if (substr($specials_price, -1) == '%') {
$specials_price = $products_price - $specials_price / 100 * $products_price;
}
$expires_date = '';
if (smn_not_null($day) && smn_not_null($month) && smn_not_null($year)) {
$expires_date = $year;
$expires_date .= strlen($month) == 1 ? '0' . $month : $month;
$expires_date .= strlen($day) == 1 ? '0' . $day : $day;
}
smn_db_query("update " . TABLE_SPECIALS . " set specials_new_products_price = '" . smn_db_input($specials_price) . "', specials_last_modified = now(), expires_date = '" . smn_db_input($expires_date) . "' where specials_id = '" . (int) $specials_id . "' and store_id = '" . $store_id . "'");
smn_redirect(smn_href_link(FILENAME_SPECIALS, 'page=' . $_GET['page'] . '&sID=' . $specials_id));
break;
case 'deleteconfirm':
$specials_id = smn_db_prepare_input($_GET['sID']);
smn_db_query("delete from " . TABLE_SPECIALS . " where specials_id = '" . (int) $specials_id . "' and store_id = '" . $store_id . "'");
smn_redirect(smn_href_link(FILENAME_SPECIALS, 'page=' . $_GET['page']));
break;
}
}
$content_page = basename($_SERVER['PHP_SELF']);
require 'templates/default/layout.php';
require DIR_WS_INCLUDES . 'application_bottom.php';
$email = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . EMAIL_TEXT_AFFILIATE_PAYMENT_NUMBER . ' ' . $pID . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . smn_catalog_href_link(FILENAME_CATALOG_AFFILIATE_PAYMENT_INFO, 'payment_id=' . $pID, 'NONSSL') . "\n" . EMAIL_TEXT_PAYMENT_BILLED . ' ' . smn_date_long($check_status['affiliate_payment_date']) . "\n\n" . sprintf(EMAIL_TEXT_STATUS_UPDATE, $payments_status_array[$status]);
smn_mail($check_status['affiliate_firstname'] . ' ' . $check_status['affiliate_lastname'], $check_status['affiliate_email_address'], EMAIL_TEXT_SUBJECT, nl2br($email), STORE_OWNER, AFFILIATE_EMAIL_ADDRESS);
$affiliate_notified = '1';
}
smn_db_query("insert into " . TABLE_AFFILIATE_PAYMENT_STATUS_HISTORY . " (affiliate_payment_id, affiliate_new_value, affiliate_old_value, affiliate_date_added, affiliate_notified) values ('" . smn_db_input($pID) . "', '" . smn_db_input($status) . "', '" . $check_status['affiliate_payment_status'] . "', now(), '" . $affiliate_notified . "')");
$order_updated = true;
}
if ($order_updated) {
$messageStack->add_session(SUCCESS_PAYMENT_UPDATED, 'success');
}
smn_redirect(smn_href_link(FILENAME_AFFILIATE_PAYMENT, smn_get_all_get_params(array('action')) . 'action=edit'));
break;
case 'deleteconfirm':
$pID = smn_db_prepare_input($_GET['pID']);
smn_db_query("delete from " . TABLE_AFFILIATE_PAYMENT . " where affiliate_payment_id = '" . smn_db_input($pID) . "'");
smn_db_query("delete from " . TABLE_AFFILIATE_PAYMENT_STATUS_HISTORY . " where affiliate_payment_id = '" . smn_db_input($pID) . "'");
smn_redirect(smn_href_link(FILENAME_AFFILIATE_PAYMENT, smn_get_all_get_params(array('pID', 'action'))));
break;
}
if ($_GET['action'] == 'edit' && smn_not_null($_GET['pID'])) {
$pID = smn_db_prepare_input($_GET['pID']);
$payments_query = smn_db_query("select p.*, a.affiliate_payment_check, a.affiliate_payment_paypal, a.affiliate_payment_bank_name, a.affiliate_payment_bank_branch_number, a.affiliate_payment_bank_swift_code, a.affiliate_payment_bank_account_name, a.affiliate_payment_bank_account_number from " . TABLE_AFFILIATE_PAYMENT . " p, " . TABLE_AFFILIATE . " a where affiliate_payment_id = '" . smn_db_input($pID) . "' and a.affiliate_id = p.affiliate_id");
$payments_exists = true;
if (!($payments = smn_db_fetch_array($payments_query))) {
$payments_exists = false;
$messageStack->add(sprintf(ERROR_PAYMENT_DOES_NOT_EXIST, $pID), 'error');
}
}
$content_page = basename($_SERVER['PHP_SELF']);
require 'templates/default/layout.php';
require DIR_WS_INCLUDES . 'application_bottom.php';
Portions Copyright (c) 2002 osCommerce
This source file is subject to version 2.0 of the GPL license,
that is bundled with this package in the file LICENSE. If you
did not receive a copy of the oscMall System license and are unable
to obtain it through the world-wide-web, please send a note to
license@systemsmanager.net so we can mail you a copy immediately.
*/
require 'includes/application_top.php';
reset($_GET);
while (list($key, ) = each($_GET)) {
switch ($key) {
case 'banner':
$banners_id = smn_db_prepare_input($_GET['banner']);
$banner_query = smn_db_query("select affiliate_banners_title, affiliate_banners_image, affiliate_banners_html_text from " . TABLE_AFFILIATE_BANNERS . " where affiliate_banners_id = '" . smn_db_input($banners_id) . "'");
$banner = smn_db_fetch_array($banner_query);
$page_title = $banner['affiliate_banners_title'];
if ($banner['affiliate_banners_html_text']) {
$image_source = $banner['affiliate_banners_html_text'];
} elseif ($banner['affiliate_banners_image']) {
$image_source = smn_image(HTTP_CATALOG_SERVER . DIR_WS_CATALOG_IMAGES . $banner['affiliate_banners_image'], $page_title);
}
break;
}
}
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php
echo HTML_PARAMS;
?>
*/
require 'includes/application_top.php';
$action = isset($_GET['action']) ? $_GET['action'] : '';
if ($action == 'send_email_to_user' && isset($_POST['customers_email_address']) && !isset($_POST['back_x'])) {
switch ($_POST['customers_email_address']) {
case '***':
$mail_query = smn_db_query("select distinct(customers.customers_email_address), customers_firstname, customers_lastname from " . TABLE_CUSTOMERS . ", " . TABLE_ORDERS . " where customers.customers_id = orders.customers_id and orders.store_id = " . $store_id . " group by customers.customers_id");
$mail_sent_to = TEXT_ALL_CUSTOMERS;
break;
case '**D':
$mail_query = smn_db_query("select distinct(customers.customers_email_address), customers_firstname, customers_lastname from " . TABLE_CUSTOMERS . ", " . TABLE_ORDERS . " where customers.customers_id = orders.customers_id and orders.store_id = " . $store_id . " and customers_newsletter = '1' group by customers.customers_id");
$mail_sent_to = TEXT_NEWSLETTER_CUSTOMERS;
break;
default:
$customers_email_address = smn_db_prepare_input($_POST['customers_email_address']);
$mail_query = smn_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_email_address = '" . smn_db_input($customers_email_address) . "'");
$mail_sent_to = $_POST['customers_email_address'];
break;
}
$from = smn_db_prepare_input($_POST['from']);
$subject = smn_db_prepare_input($_POST['subject']);
$message = smn_db_prepare_input($_POST['message']);
//Let's build a message object using the email class
$mimemessage = new email(array('X-Mailer: osCommerce'));
// add the message to the object
$mimemessage->add_text($message);
$mimemessage->build_message();
while ($mail = smn_db_fetch_array($mail_query)) {
$mimemessage->send($mail['customers_firstname'] . ' ' . $mail['customers_lastname'], $mail['customers_email_address'], '', $from, $subject);
}
smn_redirect(smn_href_link(FILENAME_MAIL, 'mail_sent_to=' . urlencode($mail_sent_to)));
break;
}
}
$action = isset($_GET['action']) ? $_GET['action'] : '';
if (smn_not_null($action)) {
switch ($action) {
case 'insert_zone':
$geo_zone_name = smn_db_prepare_input($_POST['geo_zone_name']);
$geo_zone_description = smn_db_prepare_input($_POST['geo_zone_description']);
smn_db_query("insert into " . TABLE_GEO_ZONES . " (store_id, geo_zone_name, geo_zone_description, date_added) values ('" . smn_db_input($store_id) . "', '" . smn_db_input($geo_zone_name) . "', '" . smn_db_input($geo_zone_description) . "', now())");
$new_zone_id = smn_db_insert_id();
smn_redirect(smn_href_link(FILENAME_GEO_ZONES, 'zpage=' . $_GET['zpage'] . '&zID=' . $new_zone_id));
break;
case 'save_zone':
$zID = smn_db_prepare_input($_GET['zID']);
$geo_zone_name = smn_db_prepare_input($_POST['geo_zone_name']);
$geo_zone_description = smn_db_prepare_input($_POST['geo_zone_description']);
smn_db_query("update " . TABLE_GEO_ZONES . " set geo_zone_name = '" . smn_db_input($geo_zone_name) . "', geo_zone_description = '" . smn_db_input($geo_zone_description) . "', last_modified = now() where geo_zone_id = '" . (int) $zID . "' and store_id = '" . $store_id . "'");
smn_redirect(smn_href_link(FILENAME_GEO_ZONES, 'zpage=' . $_GET['zpage'] . '&zID=' . $_GET['zID']));
break;
case 'deleteconfirm_zone':
$zID = smn_db_prepare_input($_GET['zID']);
smn_db_query("delete from " . TABLE_GEO_ZONES . " where geo_zone_id = '" . (int) $zID . "' and store_id = '" . $store_id . "'");
smn_db_query("delete from " . TABLE_ZONES_TO_GEO_ZONES . " where geo_zone_id = '" . (int) $zID . "' and store_id = '" . $store_id . "'");
smn_redirect(smn_href_link(FILENAME_GEO_ZONES, 'zpage=' . $_GET['zpage']));
break;
}
}
$content_page = basename($_SERVER['PHP_SELF']);
require 'templates/default/layout.php';
require DIR_WS_INCLUDES . 'application_bottom.php';
$check_query = smn_db_query("select count(*) as total from " . TABLE_PRODUCTS_TO_CATEGORIES . " where products_id = '" . (int)$products_id . "' and categories_id = '" . (int)$categories_id . "' and store_id = '" . $store_id . "'");
$check = smn_db_fetch_array($check_query);
if ($check['total'] < '1') {
smn_db_query("insert into " . TABLE_PRODUCTS_TO_CATEGORIES . " (store_id, products_id, categories_id) values ('" . (int)$store_id . "', '" . (int)$products_id . "', '" . (int)$categories_id . "')");
}
} else {
$messageStack->add_session(ERROR_CANNOT_LINK_TO_SAME_CATEGORY, 'error');
}
} elseif ($_POST['copy_as'] == 'duplicate') {
$product_query = smn_db_query("select store_id, products_quantity, products_model, products_image, products_price, products_date_available, products_weight, products_tax_class_id, manufacturers_id from " . TABLE_PRODUCTS . " where products_id = '" . (int)$products_id . "'");
$product = smn_db_fetch_array($product_query);
smn_db_query("insert into " . TABLE_PRODUCTS . " (store_id, products_quantity, products_model,products_image, products_price, products_date_added, products_date_available, products_weight, products_status, products_tax_class_id, manufacturers_id) values ('" . (int)$store_id . "', '" . smn_db_input($product['products_quantity']) . "', '" . smn_db_input($product['products_model']) . "', '" . smn_db_input($product['products_image']) . "', '" . smn_db_input($product['products_price']) . "', now(), '" . smn_db_input($product['products_date_available']) . "', '" . smn_db_input($product['products_weight']) . "', '0', '" . (int)$product['products_tax_class_id'] . "', '" . (int)$product['manufacturers_id'] . "')");
$dup_products_id = smn_db_insert_id();
$description_query = smn_db_query("select language_id, products_name, products_description, products_head_title_tag, products_head_desc_tag, products_head_keywords_tag, products_url from " . TABLE_PRODUCTS_DESCRIPTION . " where products_id = '" . (int)$products_id . "'");
while ($description = smn_db_fetch_array($description_query)) {
smn_db_query("insert into " . TABLE_PRODUCTS_DESCRIPTION . " (products_id, language_id, products_name, products_description, products_head_title_tag, products_head_desc_tag, products_head_keywords_tag, products_url, products_viewed) values ('" . (int)$dup_products_id . "', '" . (int)$description['language_id'] . "', '" . smn_db_input($description['products_name']) . "', '" . smn_db_input($description['products_description']) . "', '" . smn_db_input($description['products_head_title_tag']) . "', '" . smn_db_input($description['products_head_desc_tag']) . "', '" . smn_db_input($description['products_head_keywords_tag']) . "', '" . smn_db_input($description['products_url']) . "', '0')");
}
smn_db_query("insert into " . TABLE_PRODUCTS_TO_CATEGORIES . " (store_id, products_id, categories_id) values ('" . (int)$store_id . "', '" . (int)$dup_products_id . "', '" . (int)$categories_id . "')");
$products_id = $dup_products_id;
}
if (USE_CACHE == 'true') {
smn_reset_cache_block('categories');
smn_reset_cache_block('also_purchased');
}
}
smn_redirect(html_entity_decode(smn_href_link(FILENAME_STORE_PRODUCT_CATEGORIES, 'cPath=' . $categories_id . '&ID='.$store_id.'&pID=' . $products_id)));
break;
case 'new_product_preview':
if (! checkVoucherPermissions($store_id, $_POST['products_model'])) {
$messageStack->add(ERROR_VENDORS_CANT_ADD_VOUCHERS, 'error');
$allow_insert = 'false';
function smn_db_perform($table, $data, $action = 'insert', $parameters = '', $link = 'db_link')
{
reset($data);
if ($action == 'insert') {
$query = 'insert into ' . $table . ' (';
while (list($columns, ) = each($data)) {
$query .= $columns . ', ';
}
$query = substr($query, 0, -2) . ') values (';
reset($data);
while (list(, $value) = each($data)) {
switch ((string) $value) {
case 'now()':
$query .= 'now(), ';
break;
case 'null':
$query .= 'null, ';
break;
default:
$query .= '\'' . smn_db_input($value) . '\', ';
break;
}
}
$query = substr($query, 0, -2) . ')';
} elseif ($action == 'update') {
$query = 'update ' . $table . ' set ';
while (list($columns, $value) = each($data)) {
switch ((string) $value) {
case 'now()':
$query .= $columns . ' = now(), ';
break;
case 'null':
$query .= $columns .= ' = null, ';
break;
default:
$query .= $columns . ' = \'' . smn_db_input($value) . '\', ';
break;
}
}
$query = substr($query, 0, -2) . ' where ' . $parameters;
}
return smn_db_query($query, $link);
}
