PHP vam_db_input примеры использования

Пример #1

Файл: order.php Проект: nomadcomanche/zdorov_shop

 function query($order_id)
 {
     $order_query = vam_db_query("select customers_name,\n                                   customers_cid,\n                                   customers_id,\n                                   customers_vat_id,\n                                   customers_company,\n                                   customers_street_address,\n                                   customers_suburb,\n                                   customers_city,\n                                   customers_postcode,\n                                   customers_state,\n                                   customers_country,\n                                   customers_telephone,\n                                   customers_email_address,\n                                   customers_address_format_id,\n                                   delivery_name,\n                                   delivery_company,\n                                   delivery_street_address,\n                                   delivery_suburb,\n                                   delivery_city,\n                                   delivery_postcode,\n                                   delivery_state,\n                                   delivery_country,\n                                   delivery_address_format_id,\n                                   billing_name,\n                                   billing_company,\n                                   billing_street_address,\n                                   billing_suburb,\n                                   billing_city,\n                                   billing_postcode,\n                                   billing_state,\n                                   billing_country,\n                                   billing_address_format_id,\n                                   payment_method,\n                                   payment_class,\n\t\t\t\t                  shipping_class,\n\t\t\t\t                  cc_type,\n                                   cc_owner,\n                                   cc_number,\n                                   cc_expires,\n                                   cc_cvv,\n                                   comments,\n                                   currency,\n                                   currency_value,\n                                   date_purchased,\n                                   orders_status,\n                                   last_modified,\n                                   orig_reference, \n                                   login_reference,\n                                   customers_status,\n                                   customers_status_name,\n                                   customers_status_image,\n                                   customers_ip,\n                                   language,\n                                   customers_status_discount\n                                   from " . TABLE_ORDERS . " where\n                                   orders_id = '" . vam_db_input($order_id) . "'");
     $order = vam_db_fetch_array($order_query);
     $totals_query = vam_db_query("select title, text from " . TABLE_ORDERS_TOTAL . " where orders_id = '" . vam_db_input($order_id) . "' order by sort_order");
     while ($totals = vam_db_fetch_array($totals_query)) {
         $this->totals[] = array('title' => $totals['title'], 'text' => $totals['text']);
     }
     $this->info = array('currency' => $order['currency'], 'currency_value' => $order['currency_value'], 'payment_method' => $order['payment_method'], 'payment_class' => $order['payment_class'], 'shipping_class' => $order['shipping_class'], 'status' => $order['customers_status'], 'status_name' => $order['customers_status_name'], 'status_image' => $order['customers_status_image'], 'status_discount' => $order['customers_status_discount'], 'cc_type' => $order['cc_type'], 'cc_owner' => $order['cc_owner'], 'cc_number' => $order['cc_number'], 'cc_expires' => $order['cc_expires'], 'cc_cvv' => $order['cc_cvv'], 'comments' => $order['comments'], 'language' => $order['language'], 'date_purchased' => $order['date_purchased'], 'orders_status' => $order['orders_status'], 'last_modified' => $order['last_modified']);
     $this->customer = array('name' => $order['customers_name'], 'company' => $order['customers_company'], 'csID' => $order['customers_cid'], 'vat_id' => $order['customers_vat_id'], 'shop_id' => $order['shop_id'], 'ID' => $order['customers_id'], 'cIP' => $order['customers_ip'], 'street_address' => $order['customers_street_address'], 'suburb' => $order['customers_suburb'], 'city' => $order['customers_city'], 'postcode' => $order['customers_postcode'], 'state' => $order['customers_state'], 'country' => $order['customers_country'], 'format_id' => $order['customers_address_format_id'], 'telephone' => $order['customers_telephone'], 'email_address' => $order['customers_email_address'], 'orig_reference' => $order['orig_reference'], 'login_reference' => $order['login_reference']);
     $this->delivery = array('name' => $order['delivery_name'], 'company' => $order['delivery_company'], 'street_address' => $order['delivery_street_address'], 'suburb' => $order['delivery_suburb'], 'city' => $order['delivery_city'], 'postcode' => $order['delivery_postcode'], 'state' => $order['delivery_state'], 'country' => $order['delivery_country'], 'format_id' => $order['delivery_address_format_id']);
     $this->billing = array('name' => $order['billing_name'], 'company' => $order['billing_company'], 'street_address' => $order['billing_street_address'], 'suburb' => $order['billing_suburb'], 'city' => $order['billing_city'], 'postcode' => $order['billing_postcode'], 'state' => $order['billing_state'], 'country' => $order['billing_country'], 'format_id' => $order['billing_address_format_id']);
     $index = 0;
     $orders_products_query = vam_db_query("select\n                                                 orders_products_id,products_id, products_name, products_model, products_price, products_tax, products_quantity, final_price,allow_tax, products_discount_made\n                                             from\n                                                 " . TABLE_ORDERS_PRODUCTS . "\n                                             where\n                                                 orders_id ='" . vam_db_input($order_id) . "'");
     while ($orders_products = vam_db_fetch_array($orders_products_query)) {
         $this->products[$index] = array('qty' => $orders_products['products_quantity'], 'name' => $orders_products['products_name'], 'id' => $orders_products['products_id'], 'opid' => $orders_products['orders_products_id'], 'model' => $orders_products['products_model'], 'tax' => $orders_products['products_tax'], 'price' => $orders_products['products_price'], 'discount' => $orders_products['products_discount_made'], 'final_price' => $orders_products['final_price'], 'allow_tax' => $orders_products['allow_tax']);
         $subindex = 0;
         $attributes_query = vam_db_query("select products_options, products_options_values, options_values_price, price_prefix from " . TABLE_ORDERS_PRODUCTS_ATTRIBUTES . " where orders_id = '" . vam_db_input($order_id) . "' and orders_products_id = '" . $orders_products['orders_products_id'] . "'");
         if (vam_db_num_rows($attributes_query)) {
             while ($attributes = vam_db_fetch_array($attributes_query)) {
                 $this->products[$index]['attributes'][$subindex] = array('option' => $attributes['products_options'], 'value' => $attributes['products_options_values'], 'prefix' => $attributes['price_prefix'], 'price' => $attributes['options_values_price']);
                 $subindex++;
             }
         }
         $index++;
     }
 }

Пример #2

Файл: vam_get_categories.inc.php Проект: nomadcomanche/zdorov_shop

function vam_get_categories($categories_array = '', $parent_id = '0', $indent = '')
{
    $parent_id = vam_db_prepare_input($parent_id);
    if (!is_array($categories_array)) {
        $categories_array = array();
    }
    $categories_query = "select\n                                      c.categories_id,\n                                      cd.categories_name\n                                      from " . TABLE_CATEGORIES . " c,\n                                       " . TABLE_CATEGORIES_DESCRIPTION . " cd\n                                       where parent_id = '" . vam_db_input($parent_id) . "'\n                                       and c.categories_id = cd.categories_id\n                                       and c.categories_status != 0\n                                       and cd.language_id = '" . $_SESSION['languages_id'] . "'\n                                       order by sort_order, cd.categories_name";
    $categories_query = vamDBquery($categories_query);
    while ($categories = vam_db_fetch_array($categories_query, true)) {
        $categories_array[] = array('id' => $categories['categories_id'], 'text' => $indent . $categories['categories_name']);
        if ($categories['categories_id'] != $parent_id) {
            $categories_array = vam_get_categories($categories_array, $categories['categories_id'], $indent . '  ');
        }
    }
    return $categories_array;
}

Пример #3

Файл: vam_db_perform.inc.php Проект: nomadcomanche/zdorov_shop

function vam_db_perform($table, $data, $action = 'insert', $parameters = '', $link = 'db_link')
{
    reset($data);
    if ($action == 'insert') {
        $query = 'insert into ' . $table . ' (';
        while (list($columns, ) = each($data)) {
            $query .= $columns . ', ';
        }
        $query = substr($query, 0, -2) . ') values (';
        reset($data);
        while (list(, $value) = each($data)) {
            $value = is_Float($value) & PHP4_3_10 ? sprintf("%.F", $value) : (string) $value;
            switch ($value) {
                case 'now()':
                    $query .= 'now(), ';
                    break;
                case 'null':
                    $query .= 'null, ';
                    break;
                default:
                    $query .= '\'' . vam_db_input($value) . '\', ';
                    break;
            }
        }
        $query = substr($query, 0, -2) . ')';
    } elseif ($action == 'update') {
        $query = 'update ' . $table . ' set ';
        while (list($columns, $value) = each($data)) {
            $value = is_Float($value) & PHP4_3_10 ? sprintf("%.F", $value) : (string) $value;
            switch ($value) {
                case 'now()':
                    $query .= $columns . ' = now(), ';
                    break;
                case 'null':
                    $query .= $columns .= ' = null, ';
                    break;
                default:
                    $query .= $columns . ' = \'' . vam_db_input($value) . '\', ';
                    break;
            }
        }
        $query = substr($query, 0, -2) . ' where ' . $parameters;
    }
    return vam_db_query($query, $link);
}

Пример #4

Файл: vam_address_summary.inc.php Проект: nomadcomanche/zdorov_shop

function vam_address_summary($customers_id, $address_id)
{
    $customers_id = vam_db_prepare_input($customers_id);
    $address_id = vam_db_prepare_input($address_id);
    $address_query = vam_db_query("select ab.entry_street_address, ab.entry_suburb, ab.entry_postcode, ab.entry_city, ab.entry_state, ab.entry_country_id, ab.entry_zone_id, c.countries_name, c.address_format_id from " . TABLE_ADDRESS_BOOK . " ab, " . TABLE_COUNTRIES . " c where ab.address_book_id = '" . vam_db_input($address_id) . "' and ab.customers_id = '" . vam_db_input($customers_id) . "' and ab.entry_country_id = c.countries_id");
    $address = vam_db_fetch_array($address_query);
    $street_address = $address['entry_street_address'];
    $suburb = $address['entry_suburb'];
    $postcode = $address['entry_postcode'];
    $city = $address['entry_city'];
    $state = vam_get_zone_name($address['entry_country_id'], $address['entry_zone_id'], $address['entry_state']);
    $country = $address['countries_name'];
    $address_format_query = vam_db_query("select address_summary from " . TABLE_ADDRESS_FORMAT . " where address_format_id = '" . $address['address_format_id'] . "'");
    $address_format = vam_db_fetch_array($address_format_query);
    //    eval("\$address = \"{$address_format['address_summary']}\";");
    $address_summary = $address_format['address_summary'];
    eval("\$address = \"{$address_summary}\";");
    return $address;
}

Пример #5

Файл: split_page_results.php Проект: nomadcomanche/zdorov_shop

 function splitPageResults($query, $page, $max_rows, $count_key = '*')
 {
     $this->sql_query = $query;
     if (empty($page) || is_numeric($page) == false) {
         $page = 1;
     }
     $this->current_page_number = $page;
     $this->number_of_rows_per_page = $max_rows;
     $pos_to = strlen($this->sql_query);
     $pos_from = strpos($this->sql_query, ' FROM', 0);
     $pos_group_by = strpos($this->sql_query, ' GROUP BY', $pos_from);
     if ($pos_group_by < $pos_to && $pos_group_by != false) {
         $pos_to = $pos_group_by;
     }
     $pos_having = strpos($this->sql_query, ' HAVING', $pos_from);
     if ($pos_having < $pos_to && $pos_having != false) {
         $pos_to = $pos_having;
     }
     $pos_order_by = strpos($this->sql_query, ' ORDER BY', $pos_from);
     if ($pos_order_by < $pos_to && $pos_order_by != false) {
         $pos_to = $pos_order_by;
     }
     if (strpos($this->sql_query, 'DISTINCT') || strpos($this->sql_query, 'GROUP BY')) {
         $count_string = 'DISTINCT ' . vam_db_input($count_key);
         //$count_string = vam_db_input($count_key);
     } else {
         $count_string = vam_db_input($count_key);
     }
     $count_query = vamDBquery($query);
     $count = vam_db_num_rows($count_query, true);
     $this->number_of_rows = $count;
     $this->number_of_pages = ceil($this->number_of_rows / $this->number_of_rows_per_page);
     if ($this->current_page_number > $this->number_of_pages) {
         $this->current_page_number = $this->number_of_pages;
     }
     $offset = $this->number_of_rows_per_page * ($this->current_page_number - 1);
     $this->sql_query .= " LIMIT " . max($offset, 0) . ", " . $this->number_of_rows_per_page;
 }

Пример #6

Файл: order.php Проект: nomadcomanche/zdorov_shop

 function query($order_id)
 {
     $order_id = vam_db_prepare_input($order_id);
     $order_query = vam_db_query("SELECT\n                                   *\n                                   FROM " . TABLE_ORDERS . " WHERE\n                                   orders_id = '" . vam_db_input($order_id) . "'");
     $order = vam_db_fetch_array($order_query);
     $totals_query = vam_db_query("SELECT * FROM " . TABLE_ORDERS_TOTAL . " where orders_id = '" . vam_db_input($order_id) . "' order by sort_order");
     while ($totals = vam_db_fetch_array($totals_query)) {
         $this->totals[] = array('title' => $totals['title'], 'text' => $totals['text'], 'value' => $totals['value']);
     }
     $order_total_query = vam_db_query("select text,value from " . TABLE_ORDERS_TOTAL . " where orders_id = '" . $order_id . "' and class = 'ot_total'");
     $order_total = vam_db_fetch_array($order_total_query);
     $shipping_method_query = vam_db_query("select title from " . TABLE_ORDERS_TOTAL . " where orders_id = '" . $order_id . "' and class = 'ot_shipping'");
     $shipping_method = vam_db_fetch_array($shipping_method_query);
     $order_status_query = vam_db_query("select orders_status_name from " . TABLE_ORDERS_STATUS . " where orders_status_id = '" . $order['orders_status'] . "' and language_id = '" . $_SESSION['languages_id'] . "'");
     $order_status = vam_db_fetch_array($order_status_query);
     $this->info = array('currency' => $order['currency'], 'currency_value' => $order['currency_value'], 'payment_method' => $order['payment_method'], 'cc_type' => $order['cc_type'], 'cc_owner' => $order['cc_owner'], 'cc_number' => $order['cc_number'], 'cc_expires' => $order['cc_expires'], 'cc_start' => $order['cc_start'], 'cc_issue' => $order['cc_issue'], 'cc_cvv' => $order['cc_cvv'], 'date_purchased' => $order['date_purchased'], 'orders_status' => $order_status['orders_status_name'], 'last_modified' => $order['last_modified'], 'total' => strip_tags($order_total['text']), 'total_value' => $order_total['value'], 'shipping_method' => substr($shipping_method['title'], -1) == ':' ? substr(strip_tags($shipping_method['title']), 0, -1) : strip_tags($shipping_method['title']), 'comments' => $order['comments']);
     $this->customer = array('id' => $order['customers_id'], 'name' => $order['customers_name'], 'firstname' => $order['customers_firstname'], 'secondname' => $order['customers_secondname'], 'lastname' => $order['customers_lastname'], 'csID' => $order['customers_cid'], 'company' => $order['customers_company'], 'street_address' => $order['customers_street_address'], 'suburb' => $order['customers_suburb'], 'city' => $order['customers_city'], 'postcode' => $order['customers_postcode'], 'state' => $order['customers_state'], 'country' => $order['customers_country'], 'format_id' => $order['customers_address_format_id'], 'telephone' => $order['customers_telephone'], 'email_address' => $order['customers_email_address']);
     $this->delivery = array('name' => $order['delivery_name'], 'firstname' => $order['delivery_firstname'], 'secondname' => $order['delivery_secondname'], 'lastname' => $order['delivery_lastname'], 'company' => $order['delivery_company'], 'street_address' => $order['delivery_street_address'], 'suburb' => $order['delivery_suburb'], 'city' => $order['delivery_city'], 'postcode' => $order['delivery_postcode'], 'state' => $order['delivery_state'], 'country' => $order['delivery_country'], 'format_id' => $order['delivery_address_format_id']);
     if (empty($this->delivery['name']) && empty($this->delivery['street_address'])) {
         $this->delivery = false;
     }
     $this->billing = array('name' => $order['billing_name'], 'firstname' => $order['billing_firstname'], 'secondname' => $order['billing_secondname'], 'lastname' => $order['billing_lastname'], 'company' => $order['billing_company'], 'street_address' => $order['billing_street_address'], 'suburb' => $order['billing_suburb'], 'city' => $order['billing_city'], 'postcode' => $order['billing_postcode'], 'state' => $order['billing_state'], 'country' => $order['billing_country'], 'format_id' => $order['billing_address_format_id']);
     $index = 0;
     $orders_products_query = vam_db_query("SELECT * FROM " . TABLE_ORDERS_PRODUCTS . "   WHERE orders_id = '" . vam_db_input($order_id) . "'");
     while ($orders_products = vam_db_fetch_array($orders_products_query)) {
         $this->products[$index] = array('qty' => $orders_products['products_quantity'], 'id' => $orders_products['products_id'], 'name' => $orders_products['products_name'], 'model' => $orders_products['products_model'], 'tax' => $orders_products['products_tax'], 'price' => $orders_products['products_price'], 'shipping_time' => $orders_products['products_shipping_time'], 'final_price' => $orders_products['final_price']);
         $subindex = 0;
         $attributes_query = vam_db_query("SELECT * FROM " . TABLE_ORDERS_PRODUCTS_ATTRIBUTES . " where orders_id = '" . vam_db_input($order_id) . "' and orders_products_id = '" . $orders_products['orders_products_id'] . "'");
         if (vam_db_num_rows($attributes_query)) {
             while ($attributes = vam_db_fetch_array($attributes_query)) {
                 $this->products[$index]['attributes'][$subindex] = array('option' => $attributes['products_options'], 'value' => $attributes['products_options_values'], 'prefix' => $attributes['price_prefix'], 'price' => $attributes['options_values_price']);
                 $subindex++;
             }
         }
         $this->info['tax_groups']["{$this->products[$index]['tax']}"] = '1';
         $index++;
     }
 }

Пример #7

Файл: address_book_details.php Проект: nomadcomanche/zdorov_shop

        $zone_id = 0;
        $check_query = vam_db_query("select count(*) as total from " . TABLE_ZONES . " where zone_country_id = '" . (int) $entry['entry_country_id'] . "'");
        $check = vam_db_fetch_array($check_query);
        $entry_state_has_zones = $check['total'] > 0;
        if ($entry_state_has_zones == true) {
            $zones_array = array();
            $zones_query = vam_db_query("select zone_name from " . TABLE_ZONES . " where zone_country_id = '" . (int) $entry['entry_country_id'] . "' order by zone_name");
            while ($zones_values = vam_db_fetch_array($zones_query)) {
                $zones_array[] = array('id' => $zones_values['zone_name'], 'text' => $zones_values['zone_name']);
            }
            $zone = vam_db_query("select distinct zone_id, zone_name from " . TABLE_ZONES . " where zone_country_id = '" . (int) $entry['entry_country_id'] . "' and zone_code = '" . vam_db_input($state) . "'");
            if (vam_db_num_rows($zone) > 0) {
                $zone_id = $zone['zone_id'];
                $zone_name = $zone['zone_name'];
            } else {
                $zone = vam_db_query("select distinct zone_id, zone_name from " . TABLE_ZONES . " where zone_country_id = '" . (int) $entry['entry_country_id'] . "' and zone_code = '" . vam_db_input($state) . "'");
                if (vam_db_num_rows($zone) > 0) {
                    $zone_id = $zone['zone_id'];
                    $zone_name = $zone['zone_name'];
                }
            }
        }
    }
    if ($entry_state_has_zones == true) {
        $state_input = vam_draw_pull_down_menuNote(array('name' => 'state', 'text' => '&nbsp;' . (vam_not_null(ENTRY_STATE_TEXT) ? '<span class="Requirement">' . ENTRY_STATE_TEXT . '</span>' : '')), $zones_array, vam_get_zone_name($entry['entry_country_id'], $entry['entry_zone_id'], $entry['entry_state']), ' id="state"');
    } else {
        $state_input = vam_draw_input_fieldNote(array('name' => 'state', 'text' => '&nbsp;' . (vam_not_null(ENTRY_STATE_TEXT) ? '<span class="Requirement">' . ENTRY_STATE_TEXT . '</span>' : '')), vam_get_zone_name(STORE_COUNTRY, STORE_ZONE), ' id="state"');
    }
    $module->assign('INPUT_STATE', $state_input);
} else {
    $module->assign('state', '0');

Пример #8

Файл: geo_zones.php Проект: nomadcomanche/zdorov_shop

        $geo_zone_description = vam_db_prepare_input($_POST['geo_zone_description']);
        vam_db_query("insert into " . TABLE_GEO_ZONES . " (geo_zone_name, geo_zone_description, date_added) values ('" . vam_db_input($geo_zone_name) . "', '" . vam_db_input($geo_zone_description) . "', now())");
        $new_zone_id = vam_db_insert_id();
        vam_redirect(vam_href_link(FILENAME_GEO_ZONES, 'zpage=' . $_GET['zpage'] . '&zID=' . $new_zone_id));
        break;
    case 'save_zone':
        $zID = vam_db_prepare_input($_GET['zID']);
        $geo_zone_name = vam_db_prepare_input($_POST['geo_zone_name']);
        $geo_zone_description = vam_db_prepare_input($_POST['geo_zone_description']);
        vam_db_query("update " . TABLE_GEO_ZONES . " set geo_zone_name = '" . vam_db_input($geo_zone_name) . "', geo_zone_description = '" . vam_db_input($geo_zone_description) . "', last_modified = now() where geo_zone_id = '" . vam_db_input($zID) . "'");
        vam_redirect(vam_href_link(FILENAME_GEO_ZONES, 'zpage=' . $_GET['zpage'] . '&zID=' . $_GET['zID']));
        break;
    case 'deleteconfirm_zone':
        $zID = vam_db_prepare_input($_GET['zID']);
        vam_db_query("delete from " . TABLE_GEO_ZONES . " where geo_zone_id = '" . vam_db_input($zID) . "'");
        vam_db_query("delete from " . TABLE_ZONES_TO_GEO_ZONES . " where geo_zone_id = '" . vam_db_input($zID) . "'");
        vam_redirect(vam_href_link(FILENAME_GEO_ZONES, 'zpage=' . $_GET['zpage']));
        break;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html <?php 
echo HTML_PARAMS;
?>
>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php 
echo $_SESSION['language_charset'];
?>
"> 
<title><?php 

Пример #9

Файл: shopping_cart.php Проект: nomadcomanche/zdorov_shop

 function add_cart($products_id, $qty = '1', $attributes = '', $notify = true)
 {
     global $new_products_id_in_cart;
     $products_id = vam_get_uprid($products_id, $attributes);
     if ($notify == true) {
         $_SESSION['new_products_id_in_cart'] = $products_id;
     }
     if ($this->in_cart($products_id)) {
         $this->update_quantity($products_id, $qty, $attributes);
     } else {
         $this->contents[] = array($products_id);
         $this->contents[$products_id] = array('qty' => $qty);
         // insert into database
         if (isset($_SESSION['customer_id'])) {
             vam_db_query("insert into " . TABLE_CUSTOMERS_BASKET . " (customers_id, products_id, customers_basket_quantity, customers_basket_date_added) values ('" . $_SESSION['customer_id'] . "', '" . $products_id . "', '" . $qty . "', '" . date('Ymd') . "')");
         }
         if (is_array($attributes)) {
             reset($attributes);
             while (list($option, $value) = each($attributes)) {
                 $attr_value = NULL;
                 $blank_value = FALSE;
                 if (strstr($option, 'txt_')) {
                     if (trim($value) == NULL) {
                         $blank_value = TRUE;
                     } else {
                         $option_1 = substr($option, strlen('txt_'));
                         $option_2 = preg_split('/_/', $option_1);
                         $option = $option_2[0];
                         $attr_value = htmlspecialchars(stripslashes($value), ENT_QUOTES);
                         $value = $option_2[1];
                         $this->contents[$products_id]['attributes_values'][$option] = $attr_value;
                     }
                 }
                 if (!$blank_value) {
                     $this->contents[$products_id]['attributes'][$option] = $value;
                     // insert into database
                     if (isset($_SESSION['customer_id'])) {
                         vam_db_query("insert into " . TABLE_CUSTOMERS_BASKET_ATTRIBUTES . " (customers_id, products_id, products_options_id, products_options_value_id, products_options_value_text) values ('" . $_SESSION['customer_id'] . "', '" . $products_id . "', '" . $option . "', '" . $value . "', '" . vam_db_input($attr_value) . "')");
                     }
                 }
             }
         }
     }
     $this->cleanup();
     // assign a temporary unique ID to the order contents to prevent hack attempts during the checkout procedure
     $this->cartID = $this->generate_cart_id();
 }

Пример #10

Файл: affiliate_contact.php Проект: nomadcomanche/zdorov_shop

    switch ($_POST['affiliate_email_address']) {
        case '***':
            $mail_query = vam_db_query("select affiliate_firstname, affiliate_lastname, affiliate_email_address from " . TABLE_AFFILIATE . " ");
            $mail_sent_to = TEXT_ALL_AFFILIATES;
            break;
            //      case '**D':
            //        $mail_query = vam_db_query("select affiliate_firstname, affiliate_lastname, affiliate_email_address from " . TABLE_AFFILIATE . " where affiliate_newsletter = '1'");
            //        $mail_sent_to = TEXT_NEWSLETTER_AFFILIATE;
            //        break;
        //      case '**D':
        //        $mail_query = vam_db_query("select affiliate_firstname, affiliate_lastname, affiliate_email_address from " . TABLE_AFFILIATE . " where affiliate_newsletter = '1'");
        //        $mail_sent_to = TEXT_NEWSLETTER_AFFILIATE;
        //        break;
        default:
            $affiliate_email_address = vam_db_prepare_input($_POST['affiliate_email_address']);
            $mail_query = vam_db_query("select affiliate_firstname, affiliate_lastname, affiliate_email_address from " . TABLE_AFFILIATE . " where affiliate_email_address = '" . vam_db_input($affiliate_email_address) . "'");
            $mail_sent_to = $_POST['affiliate_email_address'];
            break;
    }
    $from = vam_db_prepare_input($_POST['from']);
    $subject = vam_db_prepare_input($_POST['subject']);
    $message = vam_db_prepare_input($_POST['message']);
    while ($mail = vam_db_fetch_array($mail_query)) {
        vam_php_mail(EMAIL_SUPPORT_ADDRESS, EMAIL_SUPPORT_NAME, $mail['affiliate_email_address'], $mail['affiliate_firstname'] . ' ' . $mail['affiliate_lastname'], '', EMAIL_SUPPORT_REPLY_ADDRESS, EMAIL_SUPPORT_REPLY_ADDRESS_NAME, '', '', $subject, $message, $message);
    }
    vam_redirect(vam_href_link(FILENAME_AFFILIATE_CONTACT, 'mail_sent_to=' . urlencode($mail_sent_to)));
}
if ($_GET['action'] == 'preview' && !$_POST['affiliate_email_address']) {
    $messageStack->add(ERROR_NO_AFFILIATE_SELECTED, 'error');
}
if (vam_not_null($_GET['mail_sent_to'])) {

Пример #11

Файл: shipping_status.php Проект: nomadcomanche/zdorov_shop

        if ($shipping_status_image =& vam_try_upload('shipping_status_image', DIR_WS_ICONS)) {
            vam_db_query("update " . TABLE_SHIPPING_STATUS . " set shipping_status_image = '" . $shipping_status_image->filename . "' where shipping_status_id = '" . vam_db_input($shipping_status_id) . "'");
        }
        if ($_POST['default'] == 'on') {
            vam_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . vam_db_input($shipping_status_id) . "' where configuration_key = 'DEFAULT_SHIPPING_STATUS_ID'");
        }
        vam_redirect(vam_href_link(FILENAME_SHIPPING_STATUS, 'page=' . $_GET['page'] . '&oID=' . $shipping_status_id));
        break;
    case 'deleteconfirm':
        $oID = vam_db_prepare_input($_GET['oID']);
        $shipping_status_query = vam_db_query("select configuration_value from " . TABLE_CONFIGURATION . " where configuration_key = 'DEFAULT_SHIPPING_STATUS_ID'");
        $shipping_status = vam_db_fetch_array($shipping_status_query);
        if ($shipping_status['configuration_value'] == $oID) {
            vam_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '' where configuration_key = 'DEFAULT_SHIPPING_STATUS_ID'");
        }
        vam_db_query("delete from " . TABLE_SHIPPING_STATUS . " where shipping_status_id = '" . vam_db_input($oID) . "'");
        vam_redirect(vam_href_link(FILENAME_SHIPPING_STATUS, 'page=' . $_GET['page']));
        break;
    case 'delete':
        $oID = vam_db_prepare_input($_GET['oID']);
        $remove_status = true;
        if ($oID == DEFAULT_SHIPPING_STATUS_ID) {
            $remove_status = false;
            $messageStack->add(ERROR_REMOVE_DEFAULT_SHIPPING_STATUS, 'error');
        } else {
        }
        break;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html <?php 

Пример #12

Файл: gv_mail.php Проект: nomadcomanche/zdorov_shop

require_once DIR_FS_INC . 'vam_php_mail.inc.php';
// initiate template engine for mail
$vamTemplate = new vamTemplate();
if ($_GET['action'] == 'send_email_to_user' && ($_POST['customers_email_address'] || $_POST['email_to']) && !$_POST['back_x']) {
    switch ($_POST['customers_email_address']) {
        case '***':
            $mail_query = vam_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS);
            $mail_sent_to = TEXT_ALL_CUSTOMERS;
            break;
        case '**D':
            $mail_query = vam_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_newsletter = '1'");
            $mail_sent_to = TEXT_NEWSLETTER_CUSTOMERS;
            break;
        default:
            $customers_email_address = vam_db_prepare_input($_POST['customers_email_address']);
            $mail_query = vam_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_email_address = '" . vam_db_input($customers_email_address) . "'");
            $mail_sent_to = $_POST['customers_email_address'];
            if ($_POST['email_to']) {
                $mail_sent_to = $_POST['email_to'];
            }
            break;
    }
    $from = vam_db_prepare_input($_POST['from']);
    $subject = vam_db_prepare_input($_POST['subject']);
    while ($mail = vam_db_fetch_array($mail_query)) {
        $id1 = create_coupon_code($mail['customers_email_address']);
        // assign language to template for caching
        $vamTemplate->assign('language', $_SESSION['language']);
        $vamTemplate->caching = false;
        $vamTemplate->assign('tpl_path', 'templates/' . CURRENT_TEMPLATE . '/');
        $vamTemplate->assign('logo_path', HTTP_SERVER . DIR_WS_CATALOG . 'templates/' . CURRENT_TEMPLATE . '/img/');

Пример #13

Файл: orders.php Проект: nomadcomanche/zdorov_shop

    }
    ?>
                <td class="dataTableHeadingContent" align="right"><?php 
    echo TABLE_HEADING_ACTION;
    ?>
&nbsp;</td>
              </tr>
<?php 
    if ($_GET['cID']) {
        $cID = vam_db_prepare_input($_GET['cID']);
        $orders_query_raw = "select o.orders_id, o.afterbuy_success, o.afterbuy_id, o.customers_name, o.customers_id, o.payment_method, o.shipping_method, o.shipping_class, o.date_purchased, o.last_modified, o.currency, o.currency_value, o.orders_status, s.orders_status_name, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where o.customers_id = '" . vam_db_input($cID) . "' and (o.orders_status = s.orders_status_id and s.language_id = '" . $_SESSION['languages_id'] . "' and ot.class = 'ot_total') or (o.orders_status = '0' and ot.class = 'ot_total' and  s.orders_status_id = '1' and s.language_id = '" . $_SESSION['languages_id'] . "') order by orders_id DESC";
    } elseif ($_GET['status'] == '0') {
        $orders_query_raw = "select o.orders_id, o.afterbuy_success, o.afterbuy_id, o.customers_name, o.payment_method, o.shipping_method, o.shipping_class, o.date_purchased, o.last_modified, o.currency, o.currency_value, o.orders_status, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id) where o.orders_status = '0' and ot.class = 'ot_total' order by o.orders_id DESC";
    } elseif ($_GET['status']) {
        $status = vam_db_prepare_input($_GET['status']);
        $orders_query_raw = "select o.orders_id, o.afterbuy_success, o.afterbuy_id, o.customers_name, o.payment_method, o.shipping_method, o.shipping_class, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where o.orders_status = s.orders_status_id and s.language_id = '" . $_SESSION['languages_id'] . "' and s.orders_status_id = '" . vam_db_input($status) . "' and ot.class = 'ot_total' order by o.orders_id DESC";
    } else {
        $orders_query_raw = "select o.orders_id, o.orders_status, o.afterbuy_success, o.afterbuy_id, o.customers_name, o.payment_method, o.shipping_method, o.shipping_class, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where (o.orders_status = s.orders_status_id and s.language_id = '" . $_SESSION['languages_id'] . "' and ot.class = 'ot_total') or (o.orders_status = '0' and ot.class = 'ot_total' and  s.orders_status_id = '1' and s.language_id = '" . $_SESSION['languages_id'] . "') order by o.orders_id DESC";
    }
    $orders_split = new splitPageResults($_GET['page'], MAX_DISPLAY_ADMIN_PAGE, $orders_query_raw, $orders_query_numrows);
    $orders_query = vam_db_query($orders_query_raw);
    while ($orders = vam_db_fetch_array($orders_query)) {
        if ((!$_GET['oID'] || $_GET['oID'] == $orders['orders_id']) && !$oInfo) {
            $oInfo = new objectInfo($orders);
        }
        if (is_object($oInfo) && $orders['orders_id'] == $oInfo->orders_id) {
            echo '<tr class="dataTableRowSelected" onmouseover="this.style.cursor=\'hand\'">' . "\n";
        } else {
            echo '<tr class="dataTableRow" onmouseover="this.className=\'dataTableRowOver\';this.style.cursor=\'hand\'" onmouseout="this.className=\'dataTableRow\'">' . "\n";
        }
        ?>

Пример #14

Файл: checkout_payment_address.php Проект: nomadcomanche/zdorov_shop

 }
 if (ACCOUNT_CITY == 'true') {
     if (strlen($city) < ENTRY_CITY_MIN_LENGTH) {
         $error = true;
         $messageStack->add('checkout_address', ENTRY_CITY_ERROR);
     }
 }
 if (ACCOUNT_STATE == 'true') {
     $zone_id = 0;
     $check_query = vam_db_query("select count(*) as total from " . TABLE_ZONES . " where zone_country_id = '" . (int) $country . "'");
     $check = vam_db_fetch_array($check_query);
     $entry_state_has_zones = $check['total'] > 0;
     if ($entry_state_has_zones == true) {
         $zone_query = vam_db_query("select distinct zone_id from " . TABLE_ZONES . " where zone_country_id = '" . (int) $country . "' and (zone_name like '" . vam_db_input($state) . "%' or zone_code like '%" . vam_db_input($state) . "%')");
         if (vam_db_num_rows($zone_query) > 1) {
             $zone_query = vam_db_query("select distinct zone_id from " . TABLE_ZONES . " where zone_country_id = '" . (int) $country . "' and zone_name = '" . vam_db_input($state) . "'");
         }
         if (vam_db_num_rows($zone_query) >= 1) {
             $zone = vam_db_fetch_array($zone_query);
             $zone_id = $zone['zone_id'];
         } else {
             $error = true;
             $messageStack->add('create_account', ENTRY_STATE_ERROR_SELECT);
         }
     } else {
         if (strlen($state) < ENTRY_STATE_MIN_LENGTH) {
             $error = true;
             $messageStack->add('checkout_address', ENTRY_STATE_ERROR);
         }
     }
 }

Пример #15

Файл: edit_orders.php Проект: nomadcomanche/zdorov_shop

         $vamTemplate->assign('tpl_path', 'templates/' . CURRENT_TEMPLATE . '/');
         $vamTemplate->assign('logo_path', HTTP_SERVER . DIR_WS_CATALOG . 'templates/' . CURRENT_TEMPLATE . '/img/');
         $vamTemplate->assign('NAME', $check_status['customers_name']);
         $vamTemplate->assign('ORDER_NR', $_GET['oID']);
         $vamTemplate->assign('ORDER_LINK', vam_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, 'order_id=' . $oID, 'SSL'));
         $vamTemplate->assign('ORDER_DATE', vam_date_long($check_status['date_purchased']));
         $vamTemplate->assign('NOTIFY_COMMENTS', ' ' . $notify_comments);
         $vamTemplate->assign('ORDER_STATUS', $orders_status_array[$_GET['status']]);
         $html_mail = $vamTemplate->fetch(CURRENT_TEMPLATE . '/admin/mail/' . $_SESSION['language'] . '/change_order_mail.html');
         $txt_mail = $vamTemplate->fetch(CURRENT_TEMPLATE . '/admin/mail/' . $_SESSION['language'] . '/change_order_mail.txt');
         // create subject
         $billing_subject = str_replace('{$nr}', $oID, EMAIL_BILLING_SUBJECT);
         vam_php_mail(EMAIL_BILLING_ADDRESS, EMAIL_BILLING_NAME, $check_status['customers_email_address'], $check_status['customers_name'], '', EMAIL_BILLING_REPLY_ADDRESS, EMAIL_BILLING_REPLY_ADDRESS_NAME, '', '', $billing_subject, $html_mail, $txt_mail);
         $customer_notified = '1';
     }
     vam_db_query("INSERT into " . TABLE_ORDERS_STATUS_HISTORY . " \n\t\t\t(orders_id, orders_status_id, date_added, customer_notified, comments) \n\t\t\tvalues ('" . vam_db_input($_GET['oID']) . "', \n\t\t\t\t'" . vam_db_input($_POST['status']) . "', \n\t\t\t\tnow(), \n\t\t\t\t" . vam_db_input($customer_notified) . ", \n\t\t\t\t'" . vam_db_input(vam_db_prepare_input($_POST['comments'])) . "')");
 }
 // Update Products
 if (is_array($_POST['update_products'])) {
     foreach ($_POST['update_products'] as $orders_products_id => $products_details) {
         //  Update Inventory Quantity
         $order_query = vam_db_query("\n\t\t\tSELECT products_id, products_quantity \n\t\t\tFROM " . TABLE_ORDERS_PRODUCTS . " \n\t\t\tWHERE orders_id = '" . (int) $oID . "'\n\t\t\tAND orders_products_id = '" . (int) $orders_products_id . "'");
         $order_products = vam_db_fetch_array($order_query);
         // First we do a stock check
         if ($products_details['qty'] != $order_products['products_quantity']) {
             $quantity_difference = $products_details['qty'] - $order['products_quantity'];
             if (STOCK_LIMITED == 'true') {
                 vam_db_query("UPDATE " . TABLE_PRODUCTS . " SET \n\t\t\t\t\tproducts_quantity = products_quantity - " . $quantity_difference . ",\n\t\t\t\t\tproducts_ordered = products_ordered + " . $quantity_difference . " \n\t\t\t\t\tWHERE products_id = '" . (int) $order_products['products_id'] . "'");
             } else {
                 vam_db_query("UPDATE " . TABLE_PRODUCTS . " SET\n\t\t\t\t\tproducts_ordered = products_ordered + " . $quantity_difference . "\n\t\t\t\t\tWHERE products_id = '" . (int) $order_products['products_id'] . "'");
             }

Пример #16

Файл: faq.php Проект: nomadcomanche/zdorov_shop

if ($_GET['action']) {
    switch ($_GET['action']) {
        case 'setflag':
            //set the status of a faq item.
            if ($_GET['flag'] == '0' || $_GET['flag'] == '1') {
                if ($_GET['faq_id']) {
                    vam_db_query("update " . TABLE_FAQ . " set status = '" . $_GET['flag'] . "' where faq_id = '" . $_GET['faq_id'] . "'");
                }
            }
            //      vam_redirect(vam_href_link(FILENAME_FAQ));
            break;
        case 'delete_faq_confirm':
            //user has confirmed deletion of faq.
            if ($_POST['faq_id']) {
                $faq_id = vam_db_prepare_input($_POST['faq_id']);
                vam_db_query("delete from " . TABLE_FAQ . " where faq_id = '" . vam_db_input($faq_id) . "'");
            }
            //     vam_redirect(vam_href_link(FILENAME_FAQ));
            break;
        case 'insert_faq':
            //insert a new faq.
            if ($_POST['question']) {
                if ($_POST['faq_page_url'] == '' && file_exists(DIR_FS_CATALOG . '.htaccess') && AUTOMATIC_SEO_URL == 'true') {
                    $alias = $_POST['question'];
                    $alias = make_alias($alias);
                    $faq_page_url = $alias;
                } else {
                    $faq_page_url = $_POST['faq_page_url'];
                }
                $sql_data_array = array('question' => vam_db_prepare_input($_POST['question']), 'faq_page_url' => vam_db_prepare_input($faq_page_url), 'answer' => vam_db_prepare_input($_POST['answer']), 'date_added' => 'now()', 'language' => vam_db_prepare_input($_POST['item_language']), 'status' => '1');
                vam_db_perform(TABLE_FAQ, $sql_data_array);

Пример #17

Файл: products_options.php Проект: nomadcomanche/zdorov_shop

             }
         }
     }
     if ($_POST['del_mo_pic'] != '') {
         foreach ($_POST['del_mo_pic'] as $dummy => $val) {
             @vam_del_image_options_file($val);
             vam_db_query("DELETE FROM " . TABLE_PRODUCTS_OPTIONS_IMAGES . "\n\t\t\t\t\t\t\t\t\t               WHERE products_options_values_id = '" . vam_db_input($_POST['value_id']) . "' AND image_name  = '" . $val . "'");
         }
     }
     //are we asked to delete some pics?
     if ($_POST['del_pic'] != '') {
         @vam_del_image_options_file($products_data['del_pic']);
         //			vam_db_query("UPDATE ".TABLE_PRODUCTS_OPTIONS_IMAGES."
         //								                 SET products_options_values_id = ''
         //									               WHERE products_options_values_id    = '".vam_db_input($_POST['del_pic'])."'");
         vam_db_query("DELETE FROM " . TABLE_PRODUCTS_OPTIONS_IMAGES . "\n\t\t\t\t\t\t\t\t\t               WHERE products_options_values_id = '" . vam_db_input($_POST['value_id']) . "' AND image_name  = '" . $val . "'");
     }
     vam_db_query("update " . TABLE_PRODUCTS_OPTIONS_VALUES_TO_PRODUCTS_OPTIONS . " set products_options_id = '" . $_POST['option_id'] . "' where products_options_values_id = '" . $_POST['value_id'] . "'");
     vam_redirect(vam_href_link(FILENAME_PRODUCTS_OPTIONS, $page_info));
     break;
 case 'update_product_attribute':
     vam_db_query("update " . TABLE_PRODUCTS_ATTRIBUTES . " set products_id = '" . $_POST['products_id'] . "', options_id = '" . $_POST['options_id'] . "', options_values_id = '" . $_POST['values_id'] . "', options_values_price = '" . $_POST['value_price'] . "', price_prefix = '" . $_POST['price_prefix'] . "' where products_attributes_id = '" . $_POST['attribute_id'] . "'");
     if (DOWNLOAD_ENABLED == 'true' && $_POST['products_attributes_filename'] != '') {
         vam_db_query("update " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " \n                        set products_attributes_filename='" . $_POST['products_attributes_filename'] . "',\n                            products_attributes_maxdays='" . $_POST['products_attributes_maxdays'] . "',\n                            products_attributes_maxcount='" . $_POST['products_attributes_maxcount'] . "'\n                        where products_attributes_id = '" . $_POST['attribute_id'] . "'");
     }
     vam_redirect(vam_href_link(FILENAME_PRODUCTS_OPTIONS, $page_info));
     break;
 case 'delete_option':
     $del_options = vam_db_query("select products_options_values_id from " . TABLE_PRODUCTS_OPTIONS_VALUES_TO_PRODUCTS_OPTIONS . " where products_options_id = '" . $_GET['option_id'] . "'");
     while ($del_options_values = vam_db_fetch_array($del_options)) {
         vam_db_query("delete from " . TABLE_PRODUCTS_OPTIONS_VALUES . " where products_options_values_id = '" . $_GET['option_id'] . "'");

Пример #18

Файл: articles.php Проект: nomadcomanche/zdorov_shop

function vam_remove_topic($topic_id)
{
    $topic_image_query = vam_db_query("select topics_image from " . TABLE_TOPICS . " where topics_id = '" . (int) $topic_id . "'");
    $topic_image = vam_db_fetch_array($topic_image_query);
    $duplicate_image_query = vam_db_query("select count(*) as total from " . TABLE_TOPICS . " where topics_image = '" . vam_db_input($topic_image['topics_image']) . "'");
    $duplicate_image = vam_db_fetch_array($duplicate_image_query);
    if ($duplicate_image['total'] < 2) {
        if (file_exists(DIR_FS_CATALOG_IMAGES . $topic_image['topics_image'])) {
            @unlink(DIR_FS_CATALOG_IMAGES . $topic_image['topics_image']);
        }
    }
    vam_db_query("delete from " . TABLE_TOPICS . " where topics_id = '" . (int) $topic_id . "'");
    vam_db_query("delete from " . TABLE_TOPICS_DESCRIPTION . " where topics_id = '" . (int) $topic_id . "'");
    vam_db_query("delete from " . TABLE_ARTICLES_TO_TOPICS . " where topics_id = '" . (int) $topic_id . "'");
    if (USE_CACHE == 'true') {
        vam_reset_cache_block('topics');
        vam_reset_cache_block('also_purchased');
    }
}

Пример #19

Файл: sales_report.php Проект: nomadcomanche/zdorov_shop

 function getNext()
 {
     switch ($this->mode) {
         // yearly
         case '1':
             $sd = $this->actDate;
             $ed = mktime(0, 0, 0, date("m", $sd), date("d", $sd), date("Y", $sd) + 1);
             break;
             // monthly
         // monthly
         case '2':
             $sd = $this->actDate;
             $ed = mktime(0, 0, 0, date("m", $sd) + 1, 1, date("Y", $sd));
             break;
             // weekly
         // weekly
         case '3':
             $sd = $this->actDate;
             $ed = mktime(0, 0, 0, date("m", $sd), date("d", $sd) + 7, date("Y", $sd));
             break;
             // daily
         // daily
         case '4':
             $sd = $this->actDate;
             $ed = mktime(0, 0, 0, date("m", $sd), date("d", $sd) + 1, date("Y", $sd));
             break;
     }
     if ($ed > $this->endDate) {
         $ed = $this->endDate;
     }
     $filterString = "";
     if ($this->statusFilter > 0) {
         $filterString .= " AND o.orders_status = " . $this->statusFilter . " ";
     }
     if (!is_numeric($this->paymentFilter)) {
         $filterString .= " AND o.payment_method ='" . vam_db_prepare_input($this->paymentFilter) . "' ";
     }
     $rqOrders = vam_db_query($this->queryOrderCnt . " WHERE o.date_purchased >= '" . vam_db_input(date("Y-m-d\\TH:i:s", $sd)) . "' AND o.date_purchased < '" . vam_db_input(date("Y-m-d\\TH:i:s", $ed)) . "'" . $filterString);
     $order = vam_db_fetch_array($rqOrders);
     $rqShipping = vam_db_query($this->queryShipping . " AND o.date_purchased >= '" . vam_db_input(date("Y-m-d\\TH:i:s", $sd)) . "' AND o.date_purchased < '" . vam_db_input(date("Y-m-d\\TH:i:s", $ed)) . "'" . $filterString);
     $shipping = vam_db_fetch_array($rqShipping);
     $rqItems = vam_db_query($this->queryItemCnt . " AND o.date_purchased >= '" . vam_db_input(date("Y-m-d\\TH:i:s", $sd)) . "' AND o.date_purchased < '" . vam_db_input(date("Y-m-d\\TH:i:s", $ed)) . "'" . $filterString . " group by pid " . $this->sortString);
     // set the return values
     $this->actDate = $ed;
     $this->showDate = $sd;
     $this->showDateEnd = $ed - 60 * 60 * 24;
     // execute the query
     $cnt = 0;
     $itemTot = 0;
     $sumTot = 0;
     while ($resp[$cnt] = vam_db_fetch_array($rqItems)) {
         // to avoid rounding differences round for every quantum
         // multiply with the number of items afterwords.
         $price = $resp[$cnt]['psum'] / $resp[$cnt]['pquant'];
         // products_attributes
         // are there any attributes for this order_id ?
         $rqAttr = vam_db_query($this->queryAttr . " AND o.date_purchased >= '" . vam_db_input(date("Y-m-d\\TH:i:s", $sd)) . "' AND o.date_purchased < '" . vam_db_input(date("Y-m-d\\TH:i:s", $ed)) . "' AND op.products_id = " . $resp[$cnt]['pid'] . $filterString . " group by products_options_values order by orders_products_id");
         $i = 0;
         while ($attr[$i] = vam_db_fetch_array($rqAttr)) {
             $i++;
         }
         // values per date
         if ($i > 0) {
             $price2 = 0;
             $price3 = 0;
             $option = array();
             $k = -1;
             $ord_pro_id_old = 0;
             for ($j = 0; $j < $i; $j++) {
                 if ($attr[$j]['price_prefix'] == "-") {
                     $price2 += -1 * $attr[$j]['options_values_price'];
                     $price3 = -1 * $attr[$j]['options_values_price'];
                     $prefix = "-";
                 } else {
                     $price2 += $attr[$j]['options_values_price'];
                     $price3 = $attr[$j]['options_values_price'];
                     $prefix = "+";
                 }
                 $ord_pro_id = $attr[$j]['orders_products_id'];
                 if ($ord_pro_id != $ord_pro_id_old) {
                     $k++;
                     $l = 0;
                     // set values
                     $option[$k]['quant'] = $attr[$j]['attr_cnt'];
                     $option[$k]['options'][0] = $attr[$j]['products_options'];
                     $option[$k]['options_values'][0] = $attr[$j]['products_options_values'];
                     if ($price3 != 0) {
                         //$option[$k]['price'][0] = vam_add_tax($price3, $resp[$cnt]['ptax']);
                         $option[$k]['price'][0] = $price3;
                     } else {
                         $option[$k]['price'][0] = 0;
                     }
                 } else {
                     $l++;
                     // update values
                     $option[$k]['options'][$l] = $attr[$j]['products_options'];
                     $option[$k]['options_values'][$l] = $attr[$j]['products_options_values'];
                     if ($price3 != 0) {
                         //$option[$k]['price'][$l] = vam_add_tax($price3, $resp[$cnt]['ptax']);
                         $option[$k]['price'][$l] = $price3;
                     } else {
                         $option[$k]['price'][$l] = 0;
                     }
                 }
                 $ord_pro_id_old = $ord_pro_id;
             }
             // set attr value
             $resp[$cnt]['attr'] = $option;
         } else {
             $resp[$cnt]['attr'] = "";
         }
         //$resp[$cnt]['price'] = vam_add_tax($price, $resp[$cnt]['ptax']);
         //$resp[$cnt]['psum'] = $resp[$cnt]['pquant'] * vam_add_tax($price, $resp[$cnt]['ptax']);
         $resp[$cnt]['price'] = $price;
         $resp[$cnt]['psum'] = $resp[$cnt]['pquant'] * $price;
         $resp[$cnt]['order'] = $order['order_cnt'];
         $resp[$cnt]['shipping'] = $shipping['shipping'];
         // values per date and item
         $sumTot += $resp[$cnt]['psum'];
         $itemTot += $resp[$cnt]['pquant'];
         // add totsum and totitem until current row
         $resp[$cnt]['totsum'] = $sumTot;
         $resp[$cnt]['totitem'] = $itemTot;
         $cnt++;
     }
     return $resp;
 }

Пример #20

Файл: gv_redeem.php Проект: nomadcomanche/zdorov_shop

require 'includes/application_top.php';
if (ACTIVATE_GIFT_SYSTEM != 'true') {
    vam_redirect(FILENAME_DEFAULT);
}
// is customer logged on ?
if (!isset($_SESSION['customer_id'])) {
    vam_redirect(FILENAME_SHOPPING_CART);
}
$vamTemplate = new vamTemplate();
// include boxes
require DIR_FS_CATALOG . 'templates/' . CURRENT_TEMPLATE . '/source/boxes.php';
require DIR_WS_INCLUDES . 'header.php';
// check for a voucher number in the url
if (isset($_GET['gv_no'])) {
    $error = true;
    $gv_query = vam_db_query("select c.coupon_id, c.coupon_amount from " . TABLE_COUPONS . " c, " . TABLE_COUPON_EMAIL_TRACK . " et where coupon_code = '" . vam_db_input($_GET['gv_no']) . "' and c.coupon_id = et.coupon_id");
    if (vam_db_num_rows($gv_query) > 0) {
        $coupon = vam_db_fetch_array($gv_query);
        $redeem_query = vam_db_query("select coupon_id from " . TABLE_COUPON_REDEEM_TRACK . " where coupon_id = '" . $coupon['coupon_id'] . "'");
        if (vam_db_num_rows($redeem_query) == 0) {
            // check for required session variables
            $_SESSION['gv_id'] = $coupon['coupon_id'];
            $error = false;
        } else {
            $error = true;
        }
    }
} else {
    vam_redirect(FILENAME_DEFAULT);
}
if (!$error && isset($_SESSION['customer_id'])) {

Пример #21

Файл: reviews.php Проект: nomadcomanche/zdorov_shop

<?php 
}
?>
<!-- body_text //-->
    <td class="boxCenter" valign="top">
    
    <h1 class="contentBoxHeading"><?php 
echo HEADING_TITLE;
?>
</h1>
    
    <table border="0" width="100%" cellspacing="0" cellpadding="2">
<?php 
if ($_GET['action'] == 'edit') {
    $rID = vam_db_prepare_input($_GET['rID']);
    $reviews_query = vam_db_query("select r.reviews_id, r.products_id, r.customers_name, r.date_added, r.last_modified, r.reviews_read, rd.reviews_text, r.reviews_rating, r.marked from " . TABLE_REVIEWS . " r, " . TABLE_REVIEWS_DESCRIPTION . " rd where r.reviews_id = '" . vam_db_input($rID) . "' and r.reviews_id = rd.reviews_id");
    $reviews = vam_db_fetch_array($reviews_query);
    $products_query = vam_db_query("select products_image from " . TABLE_PRODUCTS . " where products_id = '" . $reviews['products_id'] . "'");
    $products = vam_db_fetch_array($products_query);
    $products_name_query = vam_db_query("select products_name from " . TABLE_PRODUCTS_DESCRIPTION . " where products_id = '" . $reviews['products_id'] . "' and language_id = '" . $_SESSION['languages_id'] . "'");
    $products_name = vam_db_fetch_array($products_name_query);
    $rInfo_array = vam_array_merge($reviews, $products, $products_name);
    $rInfo = new objectInfo($rInfo_array);
    ?>
      <tr><?php 
    echo vam_draw_form('review', FILENAME_REVIEWS, 'page=' . $_GET['page'] . '&rID=' . $_GET['rID'] . '&action=preview');
    ?>
        <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
          <tr>
            <td class="main" valign="top"><b><?php 
    echo ENTRY_PRODUCT;

Пример #22

Файл: tracking.php Проект: nomadcomanche/zdorov_shop

    $_SESSION['tracking']['http_referer'] = $ref_url;
    $_SESSION['tracked'] = true;
    // set tracked so they are only logged once
}
if (!isset($_SESSION['tracking']['ip'])) {
    $_SESSION['tracking']['ip'] = $_SERVER['REMOTE_ADDR'];
}
if (!isset($_SESSION['tracking']['refID'])) {
    // check if referer exists
    if (isset($_GET['refID'])) {
        $campaign_check_query_raw = "SELECT *\n\t\t\t                            FROM " . TABLE_CAMPAIGNS . " \n\t\t\t                            WHERE campaigns_refID = '" . vam_db_input($_GET['refID']) . "'";
        $campaign_check_query = vam_db_query($campaign_check_query_raw);
        if (vam_db_num_rows($campaign_check_query) > 0) {
            $_SESSION['tracking']['refID'] = vam_db_input($_GET['refID']);
            // count hit (block IP for 1 hour)
            $insert_sql = array('user_ip' => $_SESSION['tracking']['ip'], 'campaign' => vam_db_input($_GET['refID']), 'time' => 'now()');
            //			$check_date = mktime(0, date("i")-1, 0, date("m"), date("d"), date("Y"));
            //			$ip_query = vam_db_query("SELECT * FROM ".TABLE_CAMPAIGNS_IP." WHERE campaign='".vam_db_input($_GET['refID'])."' and user_ip='".$_SESSION['tracking']['ip']."' and time > '".$check_date."'");
            //			if (!vam_db_num_rows($ip_query))
            vam_db_perform(TABLE_CAMPAIGNS_IP, $insert_sql);
        }
    }
}
if (!isset($_SESSION['tracking']['date'])) {
    $_SESSION['tracking']['date'] = date("Y-m-d H:i:s");
}
if (!isset($_SESSION['tracking']['browser'])) {
    $_SESSION['tracking']['browser'] = $_SERVER["HTTP_USER_AGENT"];
}
$i = count($_SESSION['tracking']['pageview_history']);
if ($i > 6) {

Пример #23

Файл: general.php Проект: nomadcomanche/zdorov_shop

function vam_remove_product($product_id)
{
    // get content of product
    $product_content_query = vam_db_query("SELECT content_file FROM " . TABLE_PRODUCTS_CONTENT . " WHERE products_id = '" . vam_db_input($product_id) . "'");
    // check if used elsewhere, delete db-entry + file if not
    while ($product_content = vam_db_fetch_array($product_content_query)) {
        $duplicate_content_query = vam_db_query("SELECT count(*) AS total FROM " . TABLE_PRODUCTS_CONTENT . " WHERE content_file = '" . vam_db_input($product_content['content_file']) . "' AND products_id != '" . vam_db_input($product_id) . "'");
        $duplicate_content = vam_db_fetch_array($duplicate_content_query);
        if ($duplicate_content['total'] == 0) {
            @unlink(DIR_FS_DOCUMENT_ROOT . 'media/products/' . $product_content['content_file']);
        }
        //delete DB-Entry
        vam_db_query("DELETE FROM " . TABLE_PRODUCTS_CONTENT . " WHERE products_id = '" . vam_db_input($product_id) . "' AND (content_file = '" . $product_content['content_file'] . "' OR content_file = '')");
    }
    $product_image_query = vam_db_query("SELECT products_image FROM " . TABLE_PRODUCTS . " WHERE products_id = '" . vam_db_input($product_id) . "'");
    $product_image = vam_db_fetch_array($product_image_query);
    $duplicate_image_query = vam_db_query("SELECT count(*) AS total FROM " . TABLE_PRODUCTS . " WHERE products_image = '" . vam_db_input($product_image['products_image']) . "'");
    $duplicate_image = vam_db_fetch_array($duplicate_image_query);
    if ($duplicate_image['total'] < 2) {
        vam_del_image_file($product_image['products_image']);
    }
    //delete more images
    $mo_images_query = vam_db_query("SELECT image_name FROM " . TABLE_PRODUCTS_IMAGES . " WHERE products_id = '" . vam_db_input($product_id) . "'");
    while ($mo_images_values = vam_db_fetch_array($mo_images_query)) {
        $duplicate_more_image_query = vam_db_query("SELECT count(*) AS total FROM " . TABLE_PRODUCTS_IMAGES . " WHERE image_name = '" . $mo_images_values['image_name'] . "'");
        $duplicate_more_image = vam_db_fetch_array($duplicate_more_image_query);
        if ($duplicate_more_image['total'] < 2) {
            vam_del_image_file($mo_images_values['image_name']);
        }
    }
    vam_db_query("DELETE FROM " . TABLE_SPECIALS . " WHERE products_id = '" . vam_db_input($product_id) . "'");
    vam_db_query("DELETE FROM " . TABLE_PRODUCTS . " WHERE products_id = '" . vam_db_input($product_id) . "'");
    vam_db_query("DELETE FROM " . TABLE_PRODUCTS_IMAGES . " WHERE products_id = '" . vam_db_input($product_id) . "'");
    vam_db_query("DELETE FROM " . TABLE_PRODUCTS_TO_CATEGORIES . " WHERE products_id = '" . vam_db_input($product_id) . "'");
    vam_db_query("DELETE FROM " . TABLE_PRODUCTS_DESCRIPTION . " WHERE products_id = '" . vam_db_input($product_id) . "'");
    vam_db_query("DELETE FROM " . TABLE_PRODUCTS_ATTRIBUTES . " WHERE products_id = '" . vam_db_input($product_id) . "'");
    vam_db_query("DELETE FROM " . TABLE_CUSTOMERS_BASKET . " WHERE products_id = '" . vam_db_input($product_id) . "'");
    vam_db_query("DELETE FROM " . TABLE_CUSTOMERS_BASKET_ATTRIBUTES . " WHERE products_id = '" . vam_db_input($product_id) . "'");
    $customers_status_array = vam_get_customers_statuses();
    for ($i = 0, $n = sizeof($customers_status_array); $i < $n; $i++) {
        if (isset($customers_statuses_array[$i]['id'])) {
            vam_db_query("delete from " . TABLE_PERSONAL_OFFERS . $customers_statuses_array[$i]['id'] . " where products_id = '" . vam_db_input($product_id) . "'");
        }
    }
    $product_reviews_query = vam_db_query("select reviews_id from " . TABLE_REVIEWS . " where products_id = '" . vam_db_input($product_id) . "'");
    while ($product_reviews = vam_db_fetch_array($product_reviews_query)) {
        vam_db_query("delete from " . TABLE_REVIEWS_DESCRIPTION . " where reviews_id = '" . $product_reviews['reviews_id'] . "'");
    }
    vam_db_query("delete from " . TABLE_REVIEWS . " where products_id = '" . vam_db_input($product_id) . "'");
    if (USE_CACHE == 'true') {
        vam_reset_cache_block('categories');
        vam_reset_cache_block('also_purchased');
    }
}

Пример #24

Файл: popup_image.php Проект: nomadcomanche/zdorov_shop

   --------------------------------------------------------------
   based on: 
   (c) 2000-2001 The Exchange Project  (earlier name of osCommerce)
   (c) 2002-2003 osCommerce(popup_image.php,v 1.6 2002/05/20); www.oscommerce.com 
   (c) 2003	 nextcommerce (popup_image.php,v 1.7 2003/08/18); www.nextcommerce.org
   (c) 2004	 xt:Commerce (popup_image.php,v 1.7 2003/08/18); xt-commerce.com

   Released under the GNU General Public License 
   --------------------------------------------------------------*/
require 'includes/application_top.php';
reset($_GET);
while (list($key, ) = each($_GET)) {
    switch ($key) {
        case 'banner':
            $banners_id = vam_db_prepare_input($_GET['banner']);
            $banner_query = vam_db_query("select banners_title, banners_image, banners_html_text from " . TABLE_BANNERS . " where banners_id = '" . vam_db_input($banners_id) . "'");
            $banner = vam_db_fetch_array($banner_query);
            $page_title = $banner['banners_title'];
            if ($banner['banners_html_text']) {
                $image_source = $banner['banners_html_text'];
            } elseif ($banner['banners_image']) {
                $image_source = vam_image(HTTP_CATALOG_SERVER . DIR_WS_CATALOG_IMAGES . 'banner/' . $banner['banners_image'], $page_title);
            }
            break;
    }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html <?php 
echo HTML_PARAMS;
?>

Пример #25

Файл: validateSwedPayment.php Проект: nomadcomanche/zdorov_shop

                 $orders_statuses = array();
                 $orders_status_array = array();
                 $orders_status_query = vam_db_query("select orders_status_id, orders_status_name from " . TABLE_ORDERS_STATUS . " where language_id = '" . (int) $languages_id . "'");
                 while ($orders_status = vam_db_fetch_array($orders_status_query)) {
                     $orders_statuses[] = array('id' => $orders_status['orders_status_id'], 'text' => $orders_status['orders_status_name']);
                     $orders_status_array[$orders_status['orders_status_id']] = $orders_status['orders_status_name'];
                 }
                 $check_status_query = vam_db_query("select customers_name, customers_email_address, orders_status, date_purchased from " . TABLE_ORDERS . " where orders_id = '" . (int) $orderId . "'");
                 $check_status = vam_db_fetch_array($check_status_query);
                 $customer_notified = '0';
                 $notify_comments = '';
                 $notify_comments = sprintf(SWED_EMAIL_TEXT_COMMENTS_UPDATE, SWED_EMAIL_TEXT_PAYMENT_SUCCESS) . "\n\n";
                 $email = STORE_NAME . "\n" . SWED_EMAIL_SEPARATOR . "\n" . SWED_EMAIL_TEXT_ORDER_NUMBER . ' ' . $orderId . "\n" . SWED_EMAIL_TEXT_INVOICE_URL . ' ' . vam_href_link('account_history_info.php', 'order_id=' . $orderId, 'SSL') . "\n" . SWED_EMAIL_TEXT_DATE_ORDERED . ' ' . vam_date_long($check_status['date_purchased']) . "\n\n" . $notify_comments . sprintf(SWED_EMAIL_TEXT_STATUS_UPDATE, $orders_status_array[$result['status']]);
                 vam_mail($check_status['customers_name'], $check_status['customers_email_address'], SWED_EMAIL_TEXT_SUBJECT, $email, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
                 $customer_notified = '1';
                 vam_db_query("insert into " . TABLE_ORDERS_STATUS_HISTORY . " (orders_id, orders_status_id, date_added, customer_notified, comments) values ('" . (int) $orderId . "', '" . $result['status'] . "', now(), '" . 1 . "', '" . vam_db_input($notify_comments) . "')");
             }
         }
         //set the notification
     } else {
         //do nothing
         $cart->reset(true);
         // unregister session variables used during checkout
         vam_session_unregister('sendto');
         vam_session_unregister('billto');
         vam_session_unregister('shipping');
         vam_session_unregister('payment');
         vam_session_unregister('comments');
         vam_redirect(vam_href_link(FILENAME_CHECKOUT_SUCCESS, '', 'SSL'));
     }
 }

Пример #26

Файл: blacklist.php Проект: nomadcomanche/zdorov_shop

            $sql_data_array = vam_array_merge($sql_data_array, $insert_sql_data);
            vam_db_perform(TABLE_BLACKLIST, $sql_data_array);
            $blacklist_id = vam_db_insert_id();
        } elseif ($_GET['action'] == 'save') {
            $update_sql_data = array('last_modified' => 'now()');
            $sql_data_array = vam_array_merge($sql_data_array, $update_sql_data);
            vam_db_perform(TABLE_BLACKLIST, $sql_data_array, 'update', "blacklist_id = '" . vam_db_input($blacklist_id) . "'");
        }
        if (USE_CACHE == 'true') {
            vam_reset_cache_block('blacklist');
        }
        vam_redirect(vam_href_link(FILENAME_BLACKLIST, 'page=' . $_GET['page'] . '&bID=' . $blacklist_id));
        break;
    case 'deleteconfirm':
        $blacklist_id = vam_db_prepare_input($_GET['bID']);
        vam_db_query("delete from " . TABLE_BLACKLIST . " where blacklist_id = '" . vam_db_input($blacklist_id) . "'");
        if (USE_CACHE == 'true') {
            vam_reset_cache_block('manufacturers');
        }
        vam_redirect(vam_href_link(FILENAME_BLACKLIST, 'page=' . $_GET['page']));
        break;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html <?php 
echo HTML_PARAMS;
?>
>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php 
echo $_SESSION['language_charset'];

Пример #27

Файл: password_double_opt.php Проект: nomadcomanche/zdorov_shop

    case no_account:
        $vamTemplate->assign('text_heading', HEADING_PASSWORD_FORGOTTEN);
        $vamTemplate->assign('info_message', $info_message);
        $vamTemplate->assign('language', $_SESSION['language']);
        $vamTemplate->caching = 0;
        $main_content = $vamTemplate->fetch(CURRENT_TEMPLATE . '/module/password_messages.html');
        break;
    case double_opt:
        $vamTemplate->assign('CAPTCHA_IMG', '<img src="' . vam_href_link(FILENAME_DISPLAY_CAPTCHA) . '" alt="captcha" />');
        $vamTemplate->assign('CAPTCHA_INPUT', vam_draw_input_field('captcha', '', 'size="6"', 'text', false));
        $vamTemplate->assign('text_heading', HEADING_PASSWORD_FORGOTTEN);
        //    $vamTemplate->assign('info_message', $info_message);
        $vamTemplate->assign('message', TEXT_PASSWORD_FORGOTTEN);
        $vamTemplate->assign('SHOP_NAME', STORE_NAME);
        $vamTemplate->assign('FORM_ACTION', vam_draw_form('sign', vam_href_link(FILENAME_PASSWORD_DOUBLE_OPT, 'action=first_opt_in', 'NONSSL')));
        $vamTemplate->assign('INPUT_EMAIL', vam_draw_input_field('email', vam_db_input($_POST['email'])));
        $vamTemplate->assign('BUTTON_SEND', vam_image_submit('submit.png', IMAGE_BUTTON_LOGIN));
        $vamTemplate->assign('FORM_END', '</form>');
        $vamTemplate->assign('language', $_SESSION['language']);
        $vamTemplate->caching = 0;
        $main_content = $vamTemplate->fetch(CURRENT_TEMPLATE . '/module/password_double_opt_in.html');
        break;
}
$vamTemplate->assign('main_content', $main_content);
$vamTemplate->assign('language', $_SESSION['language']);
$vamTemplate->caching = 0;
if (!defined(RM)) {
    $vamTemplate->load_filter('output', 'note');
}
$template = file_exists('templates/' . CURRENT_TEMPLATE . '/' . FILENAME_PASSWORD_DOUBLE_OPT . '.html') ? CURRENT_TEMPLATE . '/' . FILENAME_PASSWORD_DOUBLE_OPT . '.html' : CURRENT_TEMPLATE . '/index.html';
$vamTemplate->display($template);

Пример #28

Файл: gv_send.php Проект: nomadcomanche/zdorov_shop

 $id1 = create_coupon_code($mail['customers_email_address']);
 $gv_query = vam_db_query("select amount from " . TABLE_COUPON_GV_CUSTOMER . " where customer_id='" . $_SESSION['customer_id'] . "'");
 $gv_result = vam_db_fetch_array($gv_query);
 $new_amount = $gv_result['amount'] - str_replace(",", ".", $vamPrice->CalculateCurrEx($_POST['amount'], DEFAULT_CURRENCY));
 $new_amount = str_replace(",", ".", $new_amount);
 if ($new_amount < 0) {
     $error = true;
     $error_amount = ERROR_ENTRY_AMOUNT_CHECK;
     $_GET['action'] = 'send';
 } else {
     $gv_query = vam_db_query("update " . TABLE_COUPON_GV_CUSTOMER . " set amount = '" . $new_amount . "' where customer_id = '" . $_SESSION['customer_id'] . "'");
     $gv_query = vam_db_query("select customers_firstname, customers_lastname from " . TABLE_CUSTOMERS . " where customers_id = '" . $_SESSION['customer_id'] . "'");
     $gv_customer = vam_db_fetch_array($gv_query);
     $gv_query = vam_db_query("insert into " . TABLE_COUPONS . " (coupon_type, coupon_code, date_created, coupon_amount) values ('G', '" . $id1 . "', NOW(), '" . str_replace(",", ".", vam_db_input($vamPrice->CalculateCurrEx($_POST['amount'], DEFAULT_CURRENCY))) . "')");
     $insert_id = vam_db_insert_id($gv_query);
     $gv_query = vam_db_query("insert into " . TABLE_COUPON_EMAIL_TRACK . " (coupon_id, customer_id_sent, sent_firstname, sent_lastname, emailed_to, date_sent) values ('" . $insert_id . "' ,'" . $_SESSION['customer_id'] . "', '" . addslashes($gv_customer['customers_firstname']) . "', '" . addslashes($gv_customer['customers_lastname']) . "', '" . vam_db_input($_POST['email']) . "', now())");
     $gv_email_subject = sprintf(EMAIL_GV_TEXT_SUBJECT, stripslashes($_POST['send_name']));
     $vamTemplate->assign('language', $_SESSION['language']);
     $vamTemplate->assign('tpl_path', 'templates/' . CURRENT_TEMPLATE . '/');
     $vamTemplate->assign('logo_path', HTTP_SERVER . DIR_WS_CATALOG . 'templates/' . CURRENT_TEMPLATE . '/img/');
     $vamTemplate->assign('GIFT_LINK', vam_href_link(FILENAME_GV_REDEEM, 'gv_no=' . $id1, 'NONSSL', false));
     $vamTemplate->assign('AMMOUNT', $vamPrice->Format(str_replace(",", ".", $_POST['amount']), true));
     $vamTemplate->assign('GIFT_CODE', $id1);
     $vamTemplate->assign('MESSAGE', $_POST['message']);
     $vamTemplate->assign('NAME', $_POST['to_name']);
     $vamTemplate->assign('FROM_NAME', $_POST['send_name']);
     // dont allow cache
     $vamTemplate->caching = false;
     $html_mail = $vamTemplate->fetch(CURRENT_TEMPLATE . '/mail/' . $_SESSION['language'] . '/send_gift_to_friend.html');
     $txt_mail = $vamTemplate->fetch(CURRENT_TEMPLATE . '/mail/' . $_SESSION['language'] . '/send_gift_to_friend.txt');
     // send mail

Пример #29

Файл: affiliate_payment.php Проект: nomadcomanche/zdorov_shop

    echo TABLE_HEADING_STATUS;
    ?>
</td>
                <td class="dataTableHeadingContent" align="right"><?php 
    echo TABLE_HEADING_ACTION;
    ?>
&nbsp;</td>
              </tr>
<?php 
    if ($_GET['sID']) {
        // Search only payment_id by now
        $sID = vam_db_prepare_input($_GET['sID']);
        $payments_query_raw = "select p.* , s.affiliate_payment_status_name from " . TABLE_AFFILIATE_PAYMENT . " p , " . TABLE_AFFILIATE_PAYMENT_STATUS . " s where p.affiliate_payment_id = '" . vam_db_input($sID) . "' and p.affiliate_payment_status = s.affiliate_payment_status_id and s.affiliate_language_id = '" . $_SESSION['languages_id'] . "' order by p.affiliate_payment_id DESC";
    } elseif (is_numeric($_GET['status'])) {
        $status = vam_db_prepare_input($_GET['status']);
        $payments_query_raw = "select p.* , s.affiliate_payment_status_name from " . TABLE_AFFILIATE_PAYMENT . " p , " . TABLE_AFFILIATE_PAYMENT_STATUS . " s where s.affiliate_payment_status_id = '" . vam_db_input($status) . "' and p.affiliate_payment_status = s.affiliate_payment_status_id and s.affiliate_language_id = '" . $_SESSION['languages_id'] . "' order by p.affiliate_payment_id DESC";
    } else {
        $payments_query_raw = "select p.* , s.affiliate_payment_status_name from " . TABLE_AFFILIATE_PAYMENT . " p , " . TABLE_AFFILIATE_PAYMENT_STATUS . " s where p.affiliate_payment_status = s.affiliate_payment_status_id and s.affiliate_language_id = '" . $_SESSION['languages_id'] . "' order by p.affiliate_payment_id DESC";
    }
    $payments_split = new splitPageResults($_GET['page'], MAX_DISPLAY_ADMIN_PAGE, $payments_query_raw, $payments_query_numrows);
    $payments_query = vam_db_query($payments_query_raw);
    while ($payments = vam_db_fetch_array($payments_query)) {
        if ((!$_GET['pID'] || $_GET['pID'] == $payments['affiliate_payment_id']) && !$pInfo) {
            $pInfo = new objectInfo($payments);
        }
        if (is_object($pInfo) && $payments['affiliate_payment_id'] == $pInfo->affiliate_payment_id) {
            echo '              <tr class="dataTableRowSelected" onmouseover="this.style.cursor=\'hand\'" onclick="document.location.href=\'' . vam_href_link(FILENAME_AFFILIATE_PAYMENT, vam_get_all_get_params(array('pID', 'action')) . 'pID=' . $pInfo->affiliate_payment_id . '&action=edit') . '\'">' . "\n";
        } else {
            echo '              <tr class="dataTableRow" onmouseover="this.className=\'dataTableRowOver\';this.style.cursor=\'hand\'" onmouseout="this.className=\'dataTableRow\'" onclick="document.location.href=\'' . vam_href_link(FILENAME_AFFILIATE_PAYMENT, vam_get_all_get_params(array('pID')) . 'pID=' . $payments['affiliate_payment_id']) . '\'">' . "\n";
        }
        ?>

Пример #30

Файл: campaigns.php Проект: nomadcomanche/zdorov_shop

 function getHits($date_start, $date_end = '', $type)
 {
     switch ($type) {
         case 1:
         case 2:
         case 3:
             $selection = " and time>'" . vam_db_input(date("Y-m-d", $date_start)) . "'" . " and time <'" . vam_db_input(date("Y-m-d", $date_end)) . "'";
             break;
         case 4:
             $end = mktime(0, 0, 0, date("m", $date_start), date("d", $date_start) + 1, date("Y", $date_start));
             $selection = " and time>'" . vam_db_input(date("Y-m-d", $date_start)) . "'" . " and time<'" . vam_db_input(date("Y-m-d", $end)) . "'";
             break;
     }
     // select leads
     $hits_query = "SELECT count(*) as hits FROM " . TABLE_CAMPAIGNS_IP . "  WHERE campaign='" . $this->campaign . "'" . $selection;
     $hits_query = vam_db_query($hits_query);
     $hits_data = vam_db_fetch_array($hits_query);
     $this->result[$this->counterCMP]['result'][$this->counter]['hits'] = $hits_data['hits'];
     $this->result[$this->counterCMP]['hits_s'] += $hits_data['hits'];
     if ($this->total['leads'] == 0) {
         $this->result[$this->counterCMP]['result'][$this->counter]['leads_p'] = 0;
     } else {
         $this->result[$this->counterCMP]['result'][$this->counter]['leads_p'] = $lead_data['leads'] / $this->total['leads'] * 100;
     }
 }