$reviews = xos_db_fetch_array($reviews_query);
$products_query = xos_db_query("select products_image from " . TABLE_PRODUCTS . " where products_id = '" . (int) $reviews['products_id'] . "'");
$products = xos_db_fetch_array($products_query);
$products_name_query = xos_db_query("select products_name from " . TABLE_PRODUCTS_DESCRIPTION . " where products_id = '" . (int) $reviews['products_id'] . "' and language_id = '" . (int) $_SESSION['used_lng_id'] . "'");
$products_name = xos_db_fetch_array($products_name_query);
$rInfo_array = array_merge((array) $reviews, (array) $products, (array) $products_name);
$rInfo = new objectInfo($rInfo_array);
$product_image = xos_get_product_images($rInfo->products_image);
$reviews_rating = '';
for ($i = 1; $i <= 5; $i++) {
$reviews_rating .= xos_draw_radio_field('reviews_rating', $i, '', $rInfo->reviews_rating);
}
if ($product_image['name']) {
$smarty->assign('products_image', xos_image(DIR_WS_CATALOG_IMAGES . 'products/medium/' . $product_image['name'], $rInfo->products_name, '', '', 'style="margin: 5px;"'));
}
$smarty->assign(array('edit' => true, 'form_begin_review' => xos_draw_form('review', FILENAME_REVIEWS, 'page=' . $_GET['page'] . '&rID=' . $_GET['rID'] . '&action=preview'), 'products_name' => $rInfo->products_name, 'customers_name' => $rInfo->customers_name, 'date_added' => xos_date_short($rInfo->date_added), 'textarea_reviews_text' => xos_draw_textarea_field('reviews_text', '60', '15', $rInfo->reviews_text), 'hidden_reviews_id' => xos_draw_hidden_field('reviews_id', $rInfo->reviews_id), 'hidden_products_id' => xos_draw_hidden_field('products_id', $rInfo->products_id), 'hidden_customers_name' => xos_draw_hidden_field('customers_name', $rInfo->customers_name), 'hidden_products_name' => xos_draw_hidden_field('products_name', $rInfo->products_name), 'hidden_products_image' => xos_draw_hidden_field('products_image', $rInfo->products_image), 'hidden_date_added' => xos_draw_hidden_field('date_added', $rInfo->date_added), 'link_filename_reviews_cancel' => xos_href_link(FILENAME_REVIEWS, 'page=' . $_GET['page'] . '&rID=' . $_GET['rID']), 'reviews_rating' => $reviews_rating, 'form_end' => '</form>'));
} elseif ($action == 'preview') {
if (xos_not_null($_POST)) {
$rInfo = new objectInfo($_POST);
} else {
$rID = xos_db_prepare_input($_GET['rID']);
$reviews_query = xos_db_query("select r.reviews_id, r.products_id, r.customers_name, r.date_added, r.last_modified, r.reviews_read, rd.reviews_text, r.reviews_rating from " . TABLE_REVIEWS . " r, " . TABLE_REVIEWS_DESCRIPTION . " rd where r.reviews_id = '" . (int) $rID . "' and r.reviews_id = rd.reviews_id");
$reviews = xos_db_fetch_array($reviews_query);
$products_query = xos_db_query("select products_image from " . TABLE_PRODUCTS . " where products_id = '" . (int) $reviews['products_id'] . "'");
$products = xos_db_fetch_array($products_query);
$products_name_query = xos_db_query("select products_name from " . TABLE_PRODUCTS_DESCRIPTION . " where products_id = '" . (int) $reviews['products_id'] . "' and language_id = '" . (int) $_SESSION['used_lng_id'] . "'");
$products_name = xos_db_fetch_array($products_name_query);
$rInfo_array = array_merge((array) $reviews, (array) $products, (array) $products_name);
$rInfo = new objectInfo($rInfo_array);
}
$product_image = xos_get_product_images($rInfo->products_image);
if (NEWSLETTER_ENABLED == 'true' && substr($directory_array[$i], 0, strrpos($directory_array[$i], '.')) == 'newsletter') {
$modules_array[] = array('id' => substr($directory_array[$i], 0, strrpos($directory_array[$i], '.')), 'text' => substr($directory_array[$i], 0, strrpos($directory_array[$i], '.')));
}
if (PRODUCT_NOTIFICATION_ENABLED == 'true' && substr($directory_array[$i], 0, strrpos($directory_array[$i], '.')) == 'product_notification') {
$modules_array[] = array('id' => substr($directory_array[$i], 0, strrpos($directory_array[$i], '.')), 'text' => substr($directory_array[$i], 0, strrpos($directory_array[$i], '.')));
}
}
if ($form_action == 'update') {
$smarty->assign(array('update' => true, 'hidden_newsletter_id' => xos_draw_hidden_field('newsletter_id', $nID)));
}
if (WYSIWYG_FOR_NEWSLETTER == 'true' && EMAIL_USE_HTML == 'true') {
$smarty->assign(array('wysiwyg' => true, 'link_filename_popup_file_manager_link_selection' => str_replace('&', '&', xos_href_link(FILENAME_POPUP_FILE_MANAGER, 'action=no_link_entrence&goto=' . DIR_FS_DOCUMENT_ROOT . 'contents')), 'link_filename_popup_file_manager_image' => str_replace('&', '&', xos_href_link(FILENAME_POPUP_FILE_MANAGER, 'action=no_link_entrence&goto=' . DIR_FS_DOCUMENT_ROOT . 'contents/image')), 'link_filename_popup_file_manager_flash' => str_replace('&', '&', xos_href_link(FILENAME_POPUP_FILE_MANAGER, 'action=no_link_entrence&goto=' . DIR_FS_DOCUMENT_ROOT . 'contents/flash')), 'newsletter_config' => (ENABLE_SSL == 'true' ? $_SESSION['disable_ssl'] ? HTTP_SERVER : HTTPS_SERVER : HTTP_SERVER) . DIR_WS_ADMIN_IMAGES . ADMIN_TPL . '/ckconfig/newsletter_config.js', 'newsletter_template_file' => (ENABLE_SSL == 'true' ? $_SESSION['disable_ssl'] ? HTTP_SERVER : HTTPS_SERVER : HTTP_SERVER) . DIR_WS_ADMIN . 'includes/ckconfig/templates/' . $_SESSION['language'] . '/newsletter_template.js', 'newsletter_base_href' => ENABLE_SSL == 'true' ? $_SESSION['disable_ssl'] ? HTTP_SERVER : HTTPS_SERVER : HTTP_SERVER, 'newsletter_template_lang' => $_SESSION['language'] . '_default', 'lang_code' => xos_get_languages_code(), 'textarea_content_text_htlm' => xos_draw_textarea_field('content_text_htlm', '130', '25', $nInfo->content_text_htlm)));
} elseif (EMAIL_USE_HTML == 'true') {
$smarty->assign(array('use_html' => true, 'textarea_content_text_htlm' => xos_draw_textarea_field('content_text_htlm', '130', '25', $nInfo->content_text_htlm)));
}
$smarty->assign('textarea_content_text_plain', xos_draw_textarea_field('content_text_plain', '130', '25', $nInfo->content_text_plain));
$languages = xos_get_languages();
if (sizeof($languages) > 1) {
$languages_id_selected = '';
$lang_array = array(array('id' => '0', 'text' => TEXT_ALL_LANGUAGES));
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
$lang_array[] = array('id' => $languages[$i]['id'], 'text' => $languages[$i]['name']);
}
$smarty->assign(array('languages' => true, 'pull_down_languages' => xos_draw_pull_down_menu('language_id', $lang_array, $nInfo->language_id)));
} else {
$smarty->assign('hidden_field_language_id', xos_draw_hidden_field('language_id', $languages[0]['id']));
}
$smarty->assign(array('action' => 'new', 'form_begin_new' => xos_draw_form('newsletter', FILENAME_NEWSLETTERS, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . 'action=' . $form_action, 'post', 'onsubmit="return confirm(\'' . ($form_action == 'insert' ? JS_CONFIRM_INSERT : JS_CONFIRM_UPDATE) . '\')" enctype="multipart/form-data"'), 'pull_down_module' => xos_draw_pull_down_menu('module', $modules_array, $nInfo->module), 'input_title' => xos_draw_input_field('title', $nInfo->title, '', true), 'link_filename_newsletters_cancel' => xos_href_link(FILENAME_NEWSLETTERS, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . (isset($_GET['nID']) ? 'nID=' . $_GET['nID'] : ''))));
} elseif ($action == 'preview') {
$nID = xos_db_prepare_input($_GET['nID']);
$newsletter_query = xos_db_query("select title, content_text_plain, content_text_htlm, module from " . TABLE_NEWSLETTERS . " where newsletters_id = '" . (int) $nID . "'");
} else {
}
$languages_query = xos_db_query("select name from " . TABLE_LANGUAGES . " where use_in_id > '1' and languages_id = '" . $order->info['language_id'] . "'");
if (!xos_db_num_rows($languages_query)) {
$lang_query = xos_db_query("select name from " . TABLE_LANGUAGES . " where code = '" . xos_db_input(DEFAULT_LANGUAGE) . "'");
$languages = xos_db_fetch_array($lang_query);
} else {
$languages = xos_db_fetch_array($languages_query);
}
if (SEND_EMAILS == 'true') {
$smarty->assign(array('send_emails' => true, 'checkbox_notify' => xos_draw_checkbox_field('notify', '', true), 'checkbox_notify_comments' => xos_draw_checkbox_field('notify_comments', '', true)));
}
if (sizeof($order->info['tax_groups']) > 1) {
$smarty->assign('tax_groups', true);
}
$smarty->assign(array('order_id' => $oID, 'order_language_name' => $languages['name'], 'date_purchased' => xos_datetime_short($order->info['date_purchased']), 'customer_address' => xos_address_format($order->customer['format_id'], $order->customer, 1, '', '<br />'), 'delivery_address' => xos_address_format($order->delivery['format_id'], $order->delivery, 1, '', '<br />'), 'billing_address' => xos_address_format($order->billing['format_id'], $order->billing, 1, '', '<br />'), 'c_id' => $order->customer['c_id'], 'telephone_number' => $order->customer['telephone'], 'email_address' => $order->customer['email_address'], 'payment_method' => $order->info['payment_method'], 'order_products' => $order_products_array, 'order_totals' => $order_totals_array, 'form_begin_status' => xos_draw_form('new_status', FILENAME_ORDERS, xos_get_all_get_params(array('action')) . 'action=update_order'), 'textarea_comments' => xos_draw_textarea_field('comments', '60', '5'), 'pull_down_status' => xos_draw_pull_down_menu('status', $orders_statuses, $order->info['orders_status']), 'form_end' => '</form>', 'link_filename_orders_invoice' => xos_href_link(FILENAME_ORDERS_INVOICE, 'oID=' . $_GET['oID']), 'link_filename_orders_packingslip' => xos_href_link(FILENAME_ORDERS_PACKINGSLIP, 'oID=' . $_GET['oID']), 'link_filename_orders' => xos_href_link(FILENAME_ORDERS, xos_get_all_get_params(array('action'))), 'edit' => true));
} else {
$orders_statuses = array();
$orders_status_query = xos_db_query("select orders_status_id, orders_status_name from " . TABLE_ORDERS_STATUS . " where language_id = '" . (int) $_SESSION['used_lng_id'] . "'");
while ($orders_status = xos_db_fetch_array($orders_status_query)) {
$orders_statuses[] = array('id' => $orders_status['orders_status_id'], 'text' => $orders_status['orders_status_name']);
}
$status = $_GET['status'];
if (isset($_GET['cID'])) {
$cID = xos_db_prepare_input($_GET['cID']);
$orders_query_raw = "select o.orders_id, o.customers_name, o.customers_id, o.payment_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, s.orders_status_code, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where o.customers_id = '" . (int) $cID . "' and o.orders_status = s.orders_status_id and s.language_id = '" . (int) $_SESSION['used_lng_id'] . "' and ot.class = 'ot_total' group by o.orders_id order by o.orders_id DESC";
} elseif (isset($_GET['status']) && is_numeric($_GET['status']) && $_GET['status'] > 0) {
$status = xos_db_prepare_input($_GET['status']);
$orders_query_raw = "select o.orders_id, o.customers_name, o.payment_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, s.orders_status_code, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where o.orders_status = s.orders_status_id and s.language_id = '" . (int) $_SESSION['used_lng_id'] . "' and s.orders_status_id = '" . (int) $status . "' and ot.class = 'ot_total' group by o.orders_id order by o.orders_id DESC";
} else {
$orders_query_raw = "select o.orders_id, o.customers_name, o.payment_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, s.orders_status_code, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where o.orders_status = s.orders_status_id and s.language_id = '" . (int) $_SESSION['used_lng_id'] . "' and ot.class = 'ot_total' group by o.orders_id order by o.orders_id DESC";
$amount = $_POST['amount'];
$message = $_POST['message'];
$customers = array();
$customers[] = array('id' => '', 'text' => TEXT_SELECT_CUSTOMER);
$customers[] = array('id' => '***', 'text' => TEXT_ALL_CUSTOMERS);
$customers[] = array('id' => '**D', 'text' => TEXT_NEWSLETTER_CUSTOMERS);
$mail_query = xos_db_query("select customers_email_address, customers_firstname, customers_lastname from " . TABLE_CUSTOMERS . " order by customers_lastname");
while ($customers_values = xos_db_fetch_array($mail_query)) {
$customers[] = array('id' => $customers_values['customers_email_address'], 'text' => $customers_values['customers_lastname'] . ', ' . $customers_values['customers_firstname'] . ' (' . $customers_values['customers_email_address'] . ')');
}
$languages = xos_get_languages();
if (sizeof($languages) > 1) {
$language_dir_selected = '';
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
if ($languages[$i]['id'] == $_SESSION['used_lng_id']) {
$language_dir_selected = $languages[$i]['directory'];
}
$lang_array[] = array('id' => $languages[$i]['directory'], 'text' => $languages[$i]['name']);
}
$smarty->assign(array('languages' => true, 'pull_down_languages' => xos_draw_pull_down_menu('language_dir', $lang_array, $language_dir ? $language_dir : $language_dir_selected)));
} else {
$smarty->assign('hidden_field_language_dir', xos_draw_hidden_field('language_dir', $languages[0]['directory']));
}
$smarty->assign(array('form_begin_action_preview' => xos_draw_form('mail', FILENAME_GV_MAIL, 'action=preview', 'post', 'onsubmit="return check_email_to();"'), 'pull_down_customers_email_address' => xos_draw_pull_down_menu('customers_email_address', $customers, isset($_GET['customer']) ? $_GET['customer'] : ''), 'input_email_to' => xos_draw_input_field('email_to', '', 'onkeyup="updateLanguage()"') . ($entry_email_to_error == true ? ' ' . ENTRY_EMAIL_ADDRESS_ERROR : ($entry_email_to_check_error ? ' ' . ENTRY_EMAIL_ADDRESS_CHECK_ERROR : ' ' . TEXT_SINGLE_EMAIL)), 'input_from' => xos_draw_input_field('from', EMAIL_FROM), 'input_subject' => xos_draw_input_field('subject'), 'input_amount' => xos_draw_input_field('amount'), 'textarea_message' => xos_draw_textarea_field('message', '60', '15'), 'form_end' => '</form>'));
}
$smarty->configLoad('languages/' . $_SESSION['language'] . '.conf', 'gv_mail');
$output_gv_mail = $smarty->fetch(ADMIN_TPL . '/gv_mail.tpl');
$smarty->assign('central_contents', $output_gv_mail);
$smarty->display(ADMIN_TPL . '/frame.tpl');
require DIR_WS_INCLUDES . 'application_bottom.php';
}
$existing_customers_array[] = array("id" => $existing_customers['customers_group_id'], "text" => ' ' . $existing_customers['customers_group_name'] . ' ');
++$index;
}
}
if ($processed == true) {
$customer_group_name_query = xos_db_query("select customers_group_name as name from " . TABLE_CUSTOMERS_GROUPS . " where customers_group_id = '" . $cInfo->customers_group_id . "'");
$customer_group_name = xos_db_fetch_array($customer_group_name_query);
$smarty->assign('customers_group_id_in_out_values', $customer_group_name['name'] . xos_draw_hidden_field('customers_group_id'));
} else {
$smarty->assign('customers_group_id_in_out_values', xos_draw_pull_down_menu('customers_group_id', $existing_customers_array, $cInfo->customers_group_id));
}
if ($processed == true) {
$smarty->assign(array('several_lng_in_admin' => false, 'comments_in_out_values' => nl2br($cInfo->customers_comments) . xos_draw_hidden_field('customers_comments')));
} else {
$lng_query = xos_db_query("select languages_id from " . TABLE_LANGUAGES . " where use_in_id <> '2'");
$smarty->assign(array('several_lng_in_admin' => xos_db_num_rows($lng_query) > 1 ? true : false, 'comments_in_out_values' => xos_draw_textarea_field('customers_comments', '80', '10', $cInfo->customers_comments)));
}
$smarty->assign(array('edit_or_update' => true, 'form_begin_customers' => xos_draw_form('customers', FILENAME_CUSTOMERS, xos_get_all_get_params(array('action')) . 'action=update', 'post', 'onsubmit="return check_form();"'), 'hidden_default_address_id' => xos_draw_hidden_field('default_address_id', $cInfo->customers_default_address_id), 'link_filename_customers' => xos_href_link(FILENAME_CUSTOMERS, xos_get_all_get_params(array('action'))), 'form_end' => '</form>'));
} else {
switch ($_GET['listing']) {
case "id-asc":
$order = "c.customers_id";
break;
case "cg_name":
$order = "cg.customers_group_name, c.customers_lastname";
break;
case "cg_name-desc":
$order = "cg.customers_group_name DESC, c.customers_lastname";
break;
case "firstname":
$order = "c.customers_firstname";
$account_query = xos_db_query("select customers_firstname, customers_lastname, customers_email_address from " . TABLE_CUSTOMERS . " where customers_id = '" . (int) $_SESSION['customer_id'] . "'");
$account = xos_db_fetch_array($account_query);
$from_name = $account['customers_firstname'] . ' ' . $account['customers_lastname'];
$from_email_address = $account['customers_email_address'];
}
$site_trail->add(NAVBAR_TITLE, xos_href_link(FILENAME_TELL_A_FRIEND, 'p=' . (int) $_GET['p']));
require DIR_WS_INCLUDES . 'html_header.php';
require DIR_WS_INCLUDES . 'boxes.php';
require DIR_WS_INCLUDES . 'header.php';
require DIR_WS_INCLUDES . 'footer.php';
if ($messageStack->size('friend') > 0) {
$smarty->assign('message_stack', $messageStack->output('friend'));
$smarty->assign('message_stack_error', $messageStack->output('friend', 'error'));
$smarty->assign('message_stack_warning', $messageStack->output('friend', 'warning'));
$smarty->assign('message_stack_success', $messageStack->output('friend', 'success'));
}
$back = sizeof($_SESSION['navigation']->path) - 2;
if (!empty($_SESSION['navigation']->path[$back])) {
$get_params_array = $_SESSION['navigation']->path[$back]['get'];
$get_params_array['rmp'] = '0';
$back_link = xos_href_link($_SESSION['navigation']->path[$back]['page'], xos_array_to_query_string($get_params_array, array('action', xos_session_name())), $_SESSION['navigation']->path[$back]['mode']);
} else {
$back_link = 'javascript:history.go(-1)';
}
$smarty->assign(array('form_begin' => xos_draw_form('email_friend', xos_href_link(FILENAME_TELL_A_FRIEND, 'action=process&p=' . (int) $_GET['p'], 'SSL'), 'post', '', true) . xos_draw_hidden_field('process_id', str_encrypt($captcha_text)), 'isset_customer_id' => isset($_SESSION['customer_id']) ? true : false, 'products_name' => $product_info['products_name'], 'input_field_from_name' => xos_draw_input_field('from_name', '', ALLOW_GUEST_TO_TELL_A_FRIEND == 'false' ? 'class="form-control" id="tell_a_friend_from_name" readonly="readonly"' : 'class="form-control" id="tell_a_friend_from_name"'), 'input_field_from_email_address' => xos_draw_input_field('from_email_address', '', ALLOW_GUEST_TO_TELL_A_FRIEND == 'false' ? 'class="form-control" id="tell_a_friend_from_email_address" readonly="readonly"' : 'class="form-control" id="tell_a_friend_from_email_address"'), 'input_field_to_name' => xos_draw_input_field('to_name', '', 'class="form-control" id="tell_a_friend_to_name"'), 'input_field_to_email_address' => xos_draw_input_field('to_email_address', $to_email_address ? '' : $_GET['to_email_address'], 'class="form-control" id="tell_a_friend_to_email_address"'), 'input_security_code' => xos_draw_input_field('security_code', '', 'class="form-control" id="tell_a_friend_security_code" maxlength="8" autocomplete="off"', 'text', false), 'captcha_img' => '<img src="' . $src_captcha_base64 . '" alt="captcha" title=" captcha " />', 'textarea_field_message' => xos_draw_textarea_field('message', '40', '8', '', 'class="form-control" id="tell_a_friend_message"'), 'link_back' => $back_link, 'form_end' => '</form>'));
$smarty->configLoad('languages/' . $_SESSION['language'] . '.conf', 'tell_a_friend');
$output_tell_a_friend = $smarty->fetch(SELECTED_TPL . '/tell_a_friend.tpl');
$smarty->assign('central_contents', $output_tell_a_friend);
$smarty->display(SELECTED_TPL . '/frame.tpl');
require DIR_WS_INCLUDES . 'application_bottom.php';
}
}
$product_images[] = array('img_no' => $img_no, 'selection_delete_image' => xos_draw_selection_field('delete_product_image_' . $i, 'checkbox', 'true'), 'radio_large_image_default_size' => xos_draw_radio_field('large_image_size_' . $i, 'default', true), 'radio_large_image_uploaded_size' => xos_draw_radio_field('large_image_size_' . $i, 'uploaded', false), 'radio_large_image_input_size' => xos_draw_radio_field('large_image_size_' . $i, 'input', false), 'input_large_image_max_width' => xos_draw_input_field('large_image_max_width_' . $i, '', 'style="background: #fffffe;" size ="2"'), 'input_large_image_max_height' => xos_draw_input_field('large_image_max_height_' . $i, '', 'style="background: #fffffe;" size ="2"'), 'small_product_image_max_height' => SMALL_PRODUCT_IMAGE_MAX_HEIGHT, 'image' => xos_image(DIR_WS_CATALOG_IMAGES . 'products/small/' . $products_image[$i]['name'], $pInfo->products_name), 'file_image' => xos_draw_file_field('products_image_' . $i), 'image_name' => $products_image[$i]['name'], 'large_img_width' => $large_img_size[0], 'large_img_height' => $large_img_size[1], 'large_img_base' => $products_image[$i]['large_image_max_width'] == 'default' ? 'default_size' : ($products_image[$i]['large_image_max_width'] == '0' ? 'origin_size' : ((int) $products_image[$i]['large_image_max_width'] > 0 ? 'self_selected_size' : '')), 'hidden_current_image' => xos_draw_hidden_field('current_product_image_' . $i, $products_image[$i]['name']));
if (empty($products_image[$i]['name'])) {
$more_images = true;
}
}
$product_values = array();
if (WYSIWYG_FOR_PRODUCT == 'true') {
$smarty->assign(array('wysiwyg' => true, 'link_filename_popup_file_manager_link_selection' => str_replace('&', '&', xos_href_link(FILENAME_POPUP_FILE_MANAGER, 'action=link_entrence&goto=' . DIR_FS_DOCUMENT_ROOT . 'contents')), 'link_filename_popup_file_manager_image' => str_replace('&', '&', xos_href_link(FILENAME_POPUP_FILE_MANAGER, 'action=no_link_entrence&goto=' . DIR_FS_DOCUMENT_ROOT . 'contents/image')), 'link_filename_popup_file_manager_flash' => str_replace('&', '&', xos_href_link(FILENAME_POPUP_FILE_MANAGER, 'action=no_link_entrence&goto=' . DIR_FS_DOCUMENT_ROOT . 'contents/flash')), 'product_config' => (ENABLE_SSL == 'true' ? $_SESSION['disable_ssl'] ? HTTP_SERVER : HTTPS_SERVER : HTTP_SERVER) . DIR_WS_ADMIN_IMAGES . ADMIN_TPL . '/ckconfig/product_config.js', 'product_base_href' => ENABLE_SSL == 'true' ? $_SESSION['disable_ssl'] ? HTTP_SERVER : HTTPS_SERVER : HTTP_SERVER, 'lang_code' => xos_get_languages_code()));
}
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
sizeof($languages) > 1 ? $sort_order = 'products_id' : ($sort_order = 'products_p_unit');
$products_p_units_array = array(array('id' => '', 'text' => TEXT_NONE));
$products_p_units_query = xos_db_query("select distinct products_p_unit from " . TABLE_PRODUCTS_DESCRIPTION . " where language_id = '" . $languages[$i]['id'] . "' order by '" . $sort_order . "'");
while ($products_p_units = xos_db_fetch_array($products_p_units_query)) {
if (!empty($products_p_units['products_p_unit'])) {
$products_p_units_array[] = array('id' => $products_p_units['products_p_unit'], 'text' => $products_p_units['products_p_unit']);
}
}
$product_values[] = array('languages_image' => xos_image(DIR_WS_CATALOG_IMAGES . 'catalog/templates/' . DEFAULT_TPL . '/' . $languages[$i]['directory'] . '/' . $languages[$i]['image'], $languages[$i]['name']), 'input_name' => xos_draw_input_field('products_name[' . $languages[$i]['id'] . ']', isset($products_name[$languages[$i]['id']]) ? stripslashes($products_name[$languages[$i]['id']]) : xos_get_products_name($pInfo->products_id, $languages[$i]['id']), 'size="30"'), 'input_description_tab_label' => xos_draw_input_field('products_description_tab_label[' . $languages[$i]['id'] . ']', isset($products_description_tab_label[$languages[$i]['id']]) ? stripslashes($products_description_tab_label[$languages[$i]['id']]) : xos_get_products_description_tab_label($pInfo->products_id, $languages[$i]['id']), 'size="90"'), 'pull_down_input_p_unit' => xos_draw_pull_down_menu('products_p_unit[' . $languages[$i]['id'] . ']', $products_p_units_array, isset($products_p_unit[$languages[$i]['id']]) ? stripslashes($products_p_unit[$languages[$i]['id']]) : xos_get_products_p_unit($pInfo->products_id, $languages[$i]['id']), 'style="width: 17em"'), 'input_new_p_unit' => xos_draw_input_field('products_new_p_unit[' . $languages[$i]['id'] . ']'), 'info_name' => 'products_info[' . $languages[$i]['id'] . ']', 'description_name' => 'products_description[' . $languages[$i]['id'] . ']', 'product_info_template_file' => (ENABLE_SSL == 'true' ? $_SESSION['disable_ssl'] ? HTTP_SERVER : HTTPS_SERVER : HTTP_SERVER) . DIR_WS_ADMIN . 'includes/ckconfig/templates/' . $languages[$i]['directory'] . '/product_info_template.js', 'product_info_template_lang' => $languages[$i]['directory'] . '_default', 'product_description_template_file' => (ENABLE_SSL == 'true' ? $_SESSION['disable_ssl'] ? HTTP_SERVER : HTTPS_SERVER : HTTP_SERVER) . DIR_WS_ADMIN . 'includes/ckconfig/templates/' . $languages[$i]['directory'] . '/product_description_template.js', 'product_description_template_lang' => $languages[$i]['directory'] . '_default', 'textarea_info' => xos_draw_textarea_field('products_info[' . $languages[$i]['id'] . ']', '90', '4', isset($products_info[$languages[$i]['id']]) ? stripslashes($products_info[$languages[$i]['id']]) : xos_get_products_info($pInfo->products_id, $languages[$i]['id'])), 'textarea_description' => xos_draw_textarea_field('products_description[' . $languages[$i]['id'] . ']', '90', '15', isset($products_description[$languages[$i]['id']]) ? stripslashes($products_description[$languages[$i]['id']]) : xos_get_products_description($pInfo->products_id, $languages[$i]['id'])), 'input_url' => xos_draw_input_field('products_url[' . $languages[$i]['id'] . ']', isset($products_url[$languages[$i]['id']]) ? stripslashes($products_url[$languages[$i]['id']]) : xos_get_products_url($pInfo->products_id, $languages[$i]['id'])));
}
if (isset($_GET['pID'])) {
$smarty->assign('update', true);
}
if ($messageStack->size('price_error') > 0) {
$smarty->assign('message_price_error', $messageStack->output('price_error'));
}
$smarty->assign(array('javascript' => $javascript, 'form_begin' => xos_draw_form($form_action, FILENAME_CATEGORIES, 'cPath=' . $cPath . (isset($_GET['pID']) ? '&pID=' . $_GET['pID'] : '') . '&action=' . $form_action, 'post', 'onsubmit="return confirm(\'' . ($form_action == 'insert_product' ? JS_CONFIRM_INSERT : JS_CONFIRM_UPDATE) . '\')" enctype="multipart/form-data"'), 'text_new_product' => sprintf(TEXT_NEW_PRODUCT_3, $form_action == 'insert_product' ? TEXT_NEW_PRODUCT_1 : TEXT_NEW_PRODUCT_2, xos_output_generated_category_path($current_category_id)), 'radio_products_status_1' => xos_draw_radio_field('products_status', '1', $in_status), 'radio_products_status_0' => xos_draw_radio_field('products_status', '0', $out_status), 'pull_down_manufacturers' => xos_draw_pull_down_menu('manufacturers_id', $manufacturers_array, $pInfo->manufacturers_id), 'pull_down_delivery_times' => xos_draw_pull_down_menu('products_delivery_time_id', $delivery_times_array, $pInfo->products_delivery_time_id == '' ? DEFAULT_DELIVERY_TIMES_ID : $pInfo->products_delivery_time_id), 'pull_down_products_tax_class' => xos_draw_pull_down_menu('products_tax_class_id', $tax_class_array, $pInfo->products_tax_class_id), 'pull_down_tax_rates' => xos_draw_pull_down_menu('tax_rates_final_id', $tax_rates_final_array, '', 'onchange="updatePrices(false, true)"'), 'update_prices' => 'updatePrices(true, true)', 'update_checked_string' => $update_checked_string, 'customers_groups' => $customers_groups_array, 'attributes_values' => $attributes_values_array, 'input_products_date_available' => xos_draw_input_field('products_date_available', $pInfo->products_date_available, 'id="products_date_available" style="background: #ebebff; color : red;" size ="10"'), 'input_products_quantity' => STOCK_CHECK == 'true' ? $has_product_attributes ? '<span id="total_qty">' . $pInfo->products_quantity . '</span> <a href="" onclick="get_attributes_qty_list(\'' . xos_href_link(FILENAME_ATTRIBUTES_QTY_LIST, 'products_id=' . $pInfo->products_id) . '\'); return false">' . xos_image(DIR_WS_ADMIN_IMAGES . ADMIN_TPL . '/icon_arrow_down.gif', '', 24, 15) . '</a>' . xos_draw_hidden_field('products_quantity', $pInfo->products_quantity) : xos_draw_input_field('products_quantity', $pInfo->products_quantity, 'size ="8"') : $pInfo->products_quantity, 'input_products_sort_order' => xos_draw_input_field('products_sort_order', $pInfo->products_sort_order, 'size ="8"'), 'input_products_model' => xos_draw_input_field('products_model', $pInfo->products_model), 'hidden_image_array' => xos_draw_hidden_field('image_array', $pInfo->products_image), 'hidden_price_array' => xos_draw_hidden_field('price_array', $pInfo->products_price), 'hidden_attributes_price_array' => xos_draw_hidden_field('attributes_price_array', serialize($current_attributes_values_array)), 'has_attributes_quantities' => STOCK_CHECK == 'true' && $has_product_attributes ? true : false, 'product_images' => $product_images, 'more_images' => $more_images, 'product_values' => $product_values, 'input_products_weight' => xos_draw_input_field('products_weight', $pInfo->products_weight, 'size ="8"'), 'hidden_products_date_added' => xos_draw_hidden_field('products_date_added', xos_not_null($pInfo->products_date_added) ? $pInfo->products_date_added : date('Y-m-d')), 'link_filename_categories' => xos_href_link(FILENAME_CATEGORIES, 'cPath=' . $cPath . (isset($_GET['pID']) ? '&pID=' . $_GET['pID'] : '')), 'form_end' => '</form>'));
$smarty->configLoad('languages/' . $_SESSION['language'] . '.conf', 'categories');
$output_new_product = $smarty->fetch(ADMIN_TPL . '/includes/modules/new_product.tpl');
}
} elseif (xos_not_null($_POST['coupon_finishdate'])) {
$coupon_finishdate = preg_split("/[-]/", $_POST['coupon_finishdate']);
} elseif (!$oldaction == 'new') { // for action=voucheredit
$coupon_finishdate = preg_split("/[-]/", date('Y-m-d', strtotime($coupon['coupon_expire_date'])));
} else { // error is being displayed
$coupon_finishdate = preg_split("/[-]/", date('Y-m-d', mktime(0, 0, 0, $_POST['coupon_finishdate_month'],$_POST['coupon_finishdate_day'] ,$_POST['coupon_finishdate_year'] )));
}
'input_coupon_startdate' => xos_draw_date_selector('coupon_startdate', mktime(0,0,0, $coupon_startdate[1], $coupon_startdate[2], $coupon_startdate[0])),
'input_coupon_finishdate' => xos_draw_date_selector('coupon_finishdate', mktime(0,0,0, $coupon_finishdate[1], $coupon_finishdate[2], $coupon_finishdate[0])),
*/
$languages = xos_get_languages();
$coupon_content_array = array();
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
$language_id = $languages[$i]['id'];
$coupon_content_array[] = array('languages_image' => xos_image(DIR_WS_CATALOG_IMAGES . 'catalog/templates/' . DEFAULT_TPL . '/' . $languages[$i]['directory'] . '/' . $languages[$i]['image'], $languages[$i]['name']), 'input_coupon_name' => xos_draw_input_field('coupon_name[' . $languages[$i]['id'] . ']', $coupon_name[$language_id]), 'textarea_coupon_desc' => xos_draw_textarea_field('coupon_desc[' . $languages[$i]['id'] . ']', '24', '3', $coupon_desc[$language_id]));
}
$smarty->assign(array('new' => true, 'form_begin' => xos_draw_form('coupon', FILENAME_COUPON_ADMIN, 'action=update&oldaction=' . ($oldaction == 'voucheredit' ? $oldaction : $action) . '&cid=' . $_GET['cid'], 'post', 'enctype="multipart/form-data"'), 'radio_coupon_status_Y' => xos_draw_radio_field('coupon_status', 'Y', $in_status), 'radio_coupon_status_N' => xos_draw_radio_field('coupon_status', 'N', $out_status), 'input_coupon_amount' => xos_draw_input_field('coupon_amount', $coupon_amount), 'input_coupon_min_order' => xos_draw_input_field('coupon_min_order', $coupon_min_order), 'checkbox_coupon_free_ship' => xos_draw_checkbox_field('coupon_free_ship', $coupon_free_ship), 'input_coupon_code' => xos_draw_input_field('coupon_code', $coupon_code), 'input_coupon_uses_coupon' => xos_draw_input_field('coupon_uses_coupon', $coupon_uses_coupon), 'input_coupon_uses_user' => xos_draw_input_field('coupon_uses_user', $coupon_uses_user), 'input_coupon_products' => xos_draw_input_field('coupon_products', $coupon_products), 'input_coupon_categories' => xos_draw_input_field('coupon_categories', $coupon_categories), 'input_coupon_startdate' => xos_draw_input_field('coupon_startdate', xos_date_format(DATE_FORMAT_SHORT), 'id="coupon_startdate" style="background: #ffffcc;" size ="10"'), 'input_coupon_finishdate' => xos_draw_input_field('coupon_finishdate', xos_date_format(DATE_FORMAT_SHORT, mktime(0, 0, 0, date("m"), date("d"), date("Y") + 1)), 'id="coupon_finishdate" style="background: #ffffcc;" size ="10"'), 'link_filename_coupon_admin' => xos_href_link(FILENAME_COUPON_ADMIN), 'hidden_field_date_created' => xos_draw_hidden_field('date_created', $date_created), 'coupon_content' => $coupon_content_array, 'form_end' => '</form>'));
break;
default:
if ($_GET['status'] == 'Y' || $_GET['status'] == 'N') {
$cc_query_raw = "select coupon_active, coupon_id, coupon_code, coupon_amount, coupon_minimum_order, coupon_type, coupon_start_date,coupon_expire_date,uses_per_user,uses_per_coupon,restrict_to_products, restrict_to_categories, date_created,date_modified from " . TABLE_COUPONS . " where coupon_active='" . xos_db_input($_GET['status']) . "' and coupon_type != 'G'";
} else {
$cc_query_raw = "select coupon_active, coupon_id, coupon_code, coupon_amount, coupon_minimum_order, coupon_type, coupon_start_date,coupon_expire_date,uses_per_user,uses_per_coupon,restrict_to_products, restrict_to_categories, date_created,date_modified from " . TABLE_COUPONS . " where coupon_type != 'G'";
}
$cc_split = new splitPageResults($_GET['page'], MAX_DISPLAY_RESULTS, $cc_query_raw, $cc_query_numrows);
$cc_query = xos_db_query($cc_query_raw);
$cc_list_array = array();
while ($cc_list = xos_db_fetch_array($cc_query)) {
$redeem_query = xos_db_query("select redeem_date from " . TABLE_COUPON_REDEEM_TRACK . " where coupon_id = '" . $cc_list['coupon_id'] . "'");
if ($_GET['status'] == 'R' && xos_db_num_rows($redeem_query) == 0) {
} elseif ($_GET['subdir'] == 'payment') {
$file = DIR_FS_SMARTY . 'catalog/languages/' . $_GET['lngdir'] . '/modules/payment/' . $_GET['filename'];
} elseif ($_GET['subdir'] == 'shipping') {
$file = DIR_FS_SMARTY . 'catalog/languages/' . $_GET['lngdir'] . '/modules/shipping/' . $_GET['filename'];
} else {
$file = DIR_FS_SMARTY . 'catalog/languages/' . $_GET['lngdir'] . '/' . $_GET['filename'];
}
if (file_exists($file)) {
$smarty->assign('file_exists', true);
$file_array = file($file);
$contents = implode('', $file_array);
$file_writeable = true;
if (!is_writable($file)) {
$file_writeable = false;
}
$smarty->assign(array('form_begin_save' => xos_draw_form('define_lng', FILENAME_DEFINE_LANGUAGE, 'lngdir=' . $_GET['lngdir'] . '&filename=' . $_GET['filename'] . '&subdir=' . $_GET['subdir'] . '&action=save'), 'filename' => $_GET['filename'], 'textarea_file_contents' => xos_draw_textarea_field('file_contents', '110', '25', $contents, 'style="width: 99%; height: 500px;"' . ($file_writeable ? '' : ' readonly="readonly"'))));
if ($file_writeable == true) {
$smarty->assign('file_writeable', true);
} else {
$smarty->assign('file_not_writeable', sprintf(ERROR_FILE_NOT_WRITEABLE, $_GET['filename']));
}
}
$smarty->assign(array('file_edit' => true, 'link_filename_define_language' => xos_href_link(FILENAME_DEFINE_LANGUAGE, 'lngdir=' . $_GET['lngdir'])));
} else {
$filename = $_GET['lngdir'] . '.php';
$filename_conf = $_GET['lngdir'] . '.conf';
$filename_email_conf = $_GET['lngdir'] . '_email.conf';
if ($dir = @dir(DIR_FS_SMARTY . 'catalog/languages/' . $_GET['lngdir'])) {
$file_extension = substr(basename($_SERVER['PHP_SELF']), strrpos(basename($_SERVER['PHP_SELF']), '.'));
$files_array = array();
while ($file = $dir->read()) {
} else {
$cInfo = new objectInfo($parameters);
}
if (WYSIWYG_FOR_PAGES == 'true') {
$smarty->assign(array('wysiwyg' => true, 'link_filename_popup_file_manager_link_selection' => str_replace('&', '&', xos_href_link(FILENAME_POPUP_FILE_MANAGER, 'action=link_entrence&goto=' . DIR_FS_DOCUMENT_ROOT . 'contents')), 'link_filename_popup_file_manager_image' => str_replace('&', '&', xos_href_link(FILENAME_POPUP_FILE_MANAGER, 'action=no_link_entrence&goto=' . DIR_FS_DOCUMENT_ROOT . 'contents/image')), 'link_filename_popup_file_manager_flash' => str_replace('&', '&', xos_href_link(FILENAME_POPUP_FILE_MANAGER, 'action=no_link_entrence&goto=' . DIR_FS_DOCUMENT_ROOT . 'contents/flash')), 'page_config' => (ENABLE_SSL == 'true' ? $_SESSION['disable_ssl'] ? HTTP_SERVER : HTTPS_SERVER : HTTP_SERVER) . DIR_WS_ADMIN_IMAGES . ADMIN_TPL . '/ckconfig/page_config.js', 'page_base_href' => ENABLE_SSL == 'true' ? $_SESSION['disable_ssl'] ? HTTP_SERVER : HTTPS_SERVER : HTTP_SERVER, 'lang_code' => xos_get_languages_code()));
}
$languages = xos_get_languages();
$contents_data_array = array();
$php_code_included = false;
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
$page_data_query = xos_db_query("select categories_or_pages_name, categories_or_pages_heading_title, categories_or_pages_content, categories_or_pages_php_source from " . TABLE_CATEGORIES_OR_PAGES_DATA . " where categories_or_pages_id = '" . (int) $cInfo->categories_or_pages_id . "' and language_id = '" . (int) $languages[$i]['id'] . "'");
$page_data = xos_db_fetch_array($page_data_query);
if (!empty($cInfo->categories_or_pages_php_source[$languages[$i]['id']]) || !empty($page_data['categories_or_pages_php_source'])) {
$php_code_included = true;
}
$pages_data_array[] = array('languages_image' => xos_image(DIR_WS_CATALOG_IMAGES . 'catalog/templates/' . DEFAULT_TPL . '/' . $languages[$i]['directory'] . '/' . $languages[$i]['image'], $languages[$i]['name']), 'input_name' => xos_draw_input_field('categories_or_pages_name[' . $languages[$i]['id'] . ']', isset($cInfo->categories_or_pages_name[$languages[$i]['id']]) ? stripslashes(htmlspecialchars($cInfo->categories_or_pages_name[$languages[$i]['id']])) : htmlspecialchars($page_data['categories_or_pages_name']), 'maxlength="64" size="30"', true), 'input_heading_title' => xos_draw_input_field('categories_or_pages_heading_title[' . $languages[$i]['id'] . ']', isset($cInfo->categories_or_pages_heading_title[$languages[$i]['id']]) ? stripslashes($cInfo->categories_or_pages_heading_title[$languages[$i]['id']]) : $page_data['categories_or_pages_heading_title'], 'maxlength="255" size="80"'), 'page_description' => 'categories_or_pages_content[' . $languages[$i]['id'] . ']', 'page_template_file' => (ENABLE_SSL == 'true' ? $_SESSION['disable_ssl'] ? HTTP_SERVER : HTTPS_SERVER : HTTP_SERVER) . DIR_WS_ADMIN . 'includes/ckconfig/templates/' . $languages[$i]['directory'] . '/page_template.js', 'page_template_lang' => $languages[$i]['directory'] . '_default', 'page_textarea' => xos_draw_textarea_field('categories_or_pages_content[' . $languages[$i]['id'] . ']', '130', '25', isset($cInfo->categories_or_pages_content[$languages[$i]['id']]) ? stripslashes($cInfo->categories_or_pages_content[$languages[$i]['id']]) : $page_data['categories_or_pages_content']), 'page_textarea_php_source' => xos_draw_textarea_field('categories_or_pages_php_source[' . $languages[$i]['id'] . ']', '130', '25', isset($cInfo->categories_or_pages_php_source[$languages[$i]['id']]) ? stripslashes($cInfo->categories_or_pages_php_source[$languages[$i]['id']]) : $page_data['categories_or_pages_php_source'], 'class="textarea-php-code" readonly="readonly"'));
}
$smarty->assign(array('update' => isset($_GET['cpID']) ? true : false, 'php_code_included' => $php_code_included, 'form_begin' => isset($_GET['cpID']) ? xos_draw_form('update_page', FILENAME_PAGES, 'action=update_page&cPath=' . $cPath . '&cpID=' . $_GET['cpID'], 'post', 'onsubmit="return confirm(\'' . JS_CONFIRM_UPDATE . '\')" enctype="multipart/form-data"') . xos_draw_hidden_field('categories_or_pages_id', $cInfo->categories_or_pages_id) : xos_draw_form('insert_page', FILENAME_PAGES, 'action=insert_page&cPath=' . $cPath, 'post', 'onsubmit="return confirm(\'' . JS_CONFIRM_INSERT . '\')" enctype="multipart/form-data"'), 'hidden_fields' => xos_draw_hidden_field('page_name', $cInfo->page_name) . xos_draw_hidden_field('current_categories_or_pages_status', $cInfo->categories_or_pages_status), 'pages_data' => $pages_data_array, 'radio_page_not_in_menu_0' => xos_draw_radio_field('page_not_in_menu', '0', $cInfo->page_not_in_menu == 1 ? false : true), 'radio_page_not_in_menu_1' => xos_draw_radio_field('page_not_in_menu', '1', $cInfo->page_not_in_menu == 1 ? true : false), 'radio_status_0' => xos_draw_radio_field('categories_or_pages_status', '0', $cInfo->categories_or_pages_status == 1 ? false : true), 'radio_status_1' => xos_draw_radio_field('categories_or_pages_status', '1', $cInfo->categories_or_pages_status == 1 ? true : false), 'input_sort_order' => xos_draw_input_field('sort_order', $cInfo->sort_order, 'maxlength="5" size="3"'), 'pull_down_link_request_type' => xos_draw_pull_down_menu('link_request_type', array(array('id' => 'NONSSL', 'text' => 'NONSSL'), array('id' => 'SSL', 'text' => 'SSL')), $cInfo->link_request_type), 'text_new_page' => sprintf(TEXT_NEW_PAGE_3, !isset($_GET['cpID']) ? TEXT_NEW_PAGE_1 : TEXT_NEW_PAGE_2, xos_output_generated_page_path($current_page_id)), 'link_filename_pages' => xos_href_link(FILENAME_PAGES, 'cPath=' . $cPath . (isset($_GET['cpID']) ? '&cpID=' . (int) $_GET['cpID'] : '')), 'form_end' => '</form>'));
$smarty->configLoad('languages/' . $_SESSION['language'] . '.conf', 'pages');
$output_new_page = $smarty->fetch(ADMIN_TPL . '/includes/modules/new_page.tpl');
$smarty->assign('central_contents', $output_new_page);
} else {
$pages_count = 0;
$rows = 0;
$pages_query = xos_db_query("select c.categories_or_pages_id, cpd.categories_or_pages_name, c.parent_id, c.page_not_in_menu, c.sort_order, c.date_added, c.last_modified, c.categories_or_pages_status from " . TABLE_CATEGORIES_OR_PAGES . " c, " . TABLE_CATEGORIES_OR_PAGES_DATA . " cpd where c.parent_id = '" . (int) $current_page_id . "' and c.categories_or_pages_id = cpd.categories_or_pages_id and c.is_page != 'false' and cpd.language_id = '" . (int) $_SESSION['used_lng_id'] . "' order by c.sort_order, cpd.categories_or_pages_name");
$pages_array = array();
while ($pages = xos_db_fetch_array($pages_query)) {
$pages_count++;
$rows++;
$children_in_page = xos_children_in_page_count($pages['categories_or_pages_id']);
if ((!isset($_GET['cpID']) && !isset($_GET['pID']) || isset($_GET['cpID']) && $_GET['cpID'] == $pages['categories_or_pages_id']) && !isset($cInfo) && substr($action, 0, 3) != 'new') {
function xos_cfg_textarea($text, $key = '')
{
$name = $key ? 'configuration[' . $key . ']' : 'configuration_value';
return '<div class="form-group">' . xos_draw_textarea_field($name, '', 5, $text, 'class="form-control"') . '</div>';
}
} elseif (isset($selection[$i]['fields']) && is_array($selection[$i]['fields'])) {
$fields = true;
$selection_fields_array = array();
for ($j = 0, $n2 = sizeof($selection[$i]['fields']); $j < $n2; $j++) {
$selection_fields_array[] = array('title' => $selection[$i]['fields'][$j]['title'], 'field' => $selection[$i]['fields'][$j]['field']);
}
}
$payment_modules_array[] = array('radio_field' => $radio_field, 'actual_payment_method' => $actual_payment_method, 'loaded_modules' => $modules, 'module_error_text' => $module_error_text, 'module_error' => $module_error, 'fields' => $fields, 'selection_fields' => $selection_fields_array, 'radio_select' => $radio_buttons);
unset($selection_fields_array);
$radio_buttons++;
}
if (sizeof($selection) > 0) {
$smarty->assign('payment_modules', true);
}
if (sizeof($selection) > 1) {
$smarty->assign('several_payment_modules', true);
}
if (isset($_GET['payment_error']) && is_object(${$_GET['payment_error']}) && ($error = ${$_GET['payment_error']}->get_error())) {
$smarty->assign(array('payment_error' => true, 'payment_error_title' => xos_output_string($error['title']), 'payment_error_sting' => xos_output_string($error['error'])));
}
if (MUST_ACCEPT_CONDITIONS == 'true') {
$smarty->assign('checkbox_accept_conditions', xos_draw_checkbox_field('accept_conditions', '1', false, 'id="accept_conditions"'));
}
$popup_status_query = xos_db_query("select status from " . TABLE_CONTENTS . " where type = 'system_popup' and status = '1' and content_id = '8' LIMIT 1");
$smarty->assign(array('form_begin' => xos_draw_form('checkout_payment', xos_href_link(FILENAME_CHECKOUT_CONFIRMATION, '', 'SSL'), 'post', 'onsubmit="return check_form();"', true), 'form_end' => '</form>', 'link_filename_popup_content_8' => xos_db_num_rows($popup_status_query) ? xos_href_link(FILENAME_POPUP_CONTENT, 'co=8', $request_type) : '', 'link_filename_checkout_payment_address' => MAX_ADDRESS_BOOK_ENTRIES > 1 ? xos_href_link(FILENAME_CHECKOUT_PAYMENT_ADDRESS, '', 'SSL') : xos_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'), 'link_filename_checkout_shipping' => xos_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'), 'address_label' => xos_address_label($_SESSION['customer_id'], $_SESSION['billto'], true, ' ', '<br />'), 'payment_modules' => $payment_modules_array, 'textarea' => xos_draw_textarea_field('comments', '60', '5', $_SESSION['comments'], 'class="form-control" id="checkout_payment_comments"')));
$smarty->configLoad('languages/' . $_SESSION['language'] . '.conf', 'checkout_payment');
$output_checkout_payment = $smarty->fetch(SELECTED_TPL . '/checkout_payment.tpl');
$smarty->assign('central_contents', $output_checkout_payment);
$smarty->display(SELECTED_TPL . '/frame.tpl');
require DIR_WS_INCLUDES . 'application_bottom.php';
}
} else {
$smarty->assign('hidden_field_banners_id', xos_draw_hidden_field('banners_id', $bID));
}
if (WYSIWYG_FOR_BANNER_MANAGER == 'true') {
$smarty->assign(array('wysiwyg' => true, 'link_filename_popup_file_manager_link_selection' => str_replace('&', '&', xos_href_link(FILENAME_POPUP_FILE_MANAGER, 'action=link_entrence&goto=' . DIR_FS_DOCUMENT_ROOT . 'contents')), 'link_filename_popup_file_manager_image' => str_replace('&', '&', xos_href_link(FILENAME_POPUP_FILE_MANAGER, 'action=no_link_entrence&goto=' . DIR_FS_DOCUMENT_ROOT . 'contents/image')), 'link_filename_popup_file_manager_flash' => str_replace('&', '&', xos_href_link(FILENAME_POPUP_FILE_MANAGER, 'action=no_link_entrence&goto=' . DIR_FS_DOCUMENT_ROOT . 'contents/flash')), 'banner_manager_config' => (ENABLE_SSL == 'true' ? $_SESSION['disable_ssl'] ? HTTP_SERVER : HTTPS_SERVER : HTTP_SERVER) . DIR_WS_ADMIN_IMAGES . ADMIN_TPL . '/ckconfig/banner_manager_config.js', 'banner_manager_base_href' => ENABLE_SSL == 'true' ? $_SESSION['disable_ssl'] ? HTTP_SERVER : HTTPS_SERVER : HTTP_SERVER, 'lang_code' => xos_get_languages_code()));
}
$languages = xos_get_languages();
$banners_content_array = array();
$php_code_included = false;
for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
$banners_content_query = xos_db_query("select banners_title, banners_url, banners_image, banners_html_text, banners_php_source from " . TABLE_BANNERS_CONTENT . " where banners_id = '" . (int) $bInfo->banners_id . "' and language_id = '" . (int) $languages[$i]['id'] . "'");
$banners_content = xos_db_fetch_array($banners_content_query);
if (!empty($bInfo->banners_php_source[$languages[$i]['id']]) || !empty($banners_content['banners_php_source'])) {
$php_code_included = true;
}
$banners_content_array[] = array('languages_image' => xos_image(DIR_WS_CATALOG_IMAGES . 'catalog/templates/' . DEFAULT_TPL . '/' . $languages[$i]['directory'] . '/' . $languages[$i]['image'], $languages[$i]['name']), 'link_popup_image' => xos_href_link(FILENAME_POPUP_IMAGE, 'banner=' . $bInfo->banners_id . '&lang=' . $languages[$i]['id']), 'input_banners_title' => xos_draw_input_field('banners_title[' . $languages[$i]['id'] . ']', isset($bInfo->banners_title[$languages[$i]['id']]) ? stripslashes($bInfo->banners_title[$languages[$i]['id']]) : $banners_content['banners_title'], '', true), 'input_banners_url' => xos_draw_input_field('banners_url[' . $languages[$i]['id'] . ']', isset($bInfo->banners_url[$languages[$i]['id']]) ? stripslashes($bInfo->banners_url[$languages[$i]['id']]) : $banners_content['banners_url']), 'input_banners_image' => xos_draw_file_field('banners_image_' . $languages[$i]['id']), 'current_banners_image' => isset($bInfo->banners_image[$languages[$i]['id']]) ? stripslashes($bInfo->banners_image[$languages[$i]['id']]) : $banners_content['banners_image'], 'selection_field_delete_banners_image' => xos_draw_selection_field('delete_banners_image[' . $languages[$i]['id'] . ']', 'checkbox', 'true'), 'hidden_field_current_banners_image' => xos_draw_hidden_field('current_banners_image[' . $languages[$i]['id'] . ']', isset($bInfo->banners_image[$languages[$i]['id']]) ? stripslashes($bInfo->banners_image[$languages[$i]['id']]) : $banners_content['banners_image']), 'banners_html_text_name' => 'banners_html_text[' . $languages[$i]['id'] . ']', 'banner_manager_template_file' => (ENABLE_SSL == 'true' ? $_SESSION['disable_ssl'] ? HTTP_SERVER : HTTPS_SERVER : HTTP_SERVER) . DIR_WS_ADMIN . 'includes/ckconfig/templates/' . $languages[$i]['directory'] . '/banner_manager_template.js', 'banner_manager_template_lang' => $languages[$i]['directory'] . '_default', 'textarea_banners_html_text' => xos_draw_textarea_field('banners_html_text[' . $languages[$i]['id'] . ']', '110', '18', isset($bInfo->banners_html_text[$languages[$i]['id']]) ? stripslashes($bInfo->banners_html_text[$languages[$i]['id']]) : $banners_content['banners_html_text']), 'textarea_banners_php_source' => xos_draw_textarea_field('banners_php_source[' . $languages[$i]['id'] . ']', '110', '18', isset($bInfo->banners_php_source[$languages[$i]['id']]) ? stripslashes($bInfo->banners_php_source[$languages[$i]['id']]) : $banners_content['banners_php_source'], 'class="textarea-php-code" readonly="readonly"'));
}
$smarty->assign(array('new_banner' => true, 'form_begin' => xos_draw_form('new_banner', FILENAME_BANNER_MANAGER, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . 'action=' . $form_action, 'post', 'onsubmit="return confirm(\'' . ($form_action == 'insert' ? JS_CONFIRM_INSERT : JS_CONFIRM_UPDATE) . '\')" enctype="multipart/form-data"'), 'pull_down_banners_group' => xos_draw_pull_down_menu('banners_group', $groups_array, $bInfo->banners_group), 'input_new_banners_group' => xos_draw_input_field('new_banners_group', '', '', sizeof($groups_array) > 0 ? false : true), 'dir_fs_catalog_images_banners' => DIR_FS_CATALOG_IMAGES . 'banners/', 'hidden_field_current_date_scheduled' => xos_draw_hidden_field('current_date_scheduled', $bInfo->date_scheduled), 'input_date_scheduled' => xos_draw_input_field('date_scheduled', $bInfo->date_scheduled, 'id="date_scheduled" style="background: #ffffcc;" size ="10"'), 'input_expires_date' => xos_draw_input_field('expires_date', $bInfo->expires_date, 'id="expires_date" style="background: #ffffcc;" size ="10"'), 'input_expires_impressions' => xos_draw_input_field('expires_impressions', $bInfo->expires_impressions, 'maxlength="7" size="7"'), 'banners_content' => $banners_content_array, 'php_code_included' => $php_code_included, 'link_filename_banner_manager' => xos_href_link(FILENAME_BANNER_MANAGER, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . (isset($_GET['bID']) ? 'bID=' . $_GET['bID'] : '')), 'form_end' => '</form>'));
} else {
$banners_query_raw = "select b.banners_id, bc.banners_title, b.banners_group, b.status, b.expires_date, b.expires_impressions, b.date_status_change, b.date_scheduled, b.date_added from " . TABLE_BANNERS . " b, " . TABLE_BANNERS_CONTENT . " bc where b.banners_id = bc.banners_id and bc.language_id = '" . (int) $_SESSION['used_lng_id'] . "' order by banners_title, banners_group";
$banners_split = new splitPageResults($_GET['page'], MAX_DISPLAY_RESULTS, $banners_query_raw, $banners_query_numrows);
$banners_query = xos_db_query($banners_query_raw);
$banners_array = array();
while ($banners = xos_db_fetch_array($banners_query)) {
$info_query = xos_db_query("select sum(banners_shown) as banners_shown, sum(banners_clicked) as banners_clicked from " . TABLE_BANNERS_HISTORY . " where banners_id = '" . (int) $banners['banners_id'] . "'");
$info = xos_db_fetch_array($info_query);
if ((!isset($_GET['bID']) || isset($_GET['bID']) && $_GET['bID'] == $banners['banners_id']) && !isset($bInfo) && substr($action, 0, 3) != 'new') {
$bInfo_array = array_merge((array) $banners, (array) $info);
$bInfo = new objectInfo($bInfo_array);
}
$banners_shown = $info['banners_shown'] != '' ? $info['banners_shown'] : '0';
function xos_cfg_textarea($text, $key = '')
{
$name = $key ? 'configuration[' . $key . ']' : 'configuration_value';
return xos_draw_textarea_field($name, 35, 5, $text);
}
}
$popup_img = DIR_WS_IMAGES . 'products/large/' . $products_img_name['name'];
$pop_size = @GetImageSize("{$popup_img}");
if ($pop_size[0] > $pop_width) {
$pop_width = $pop_size[0];
}
if ($pop_size[1] > $pop_height) {
$pop_height = $pop_size[1];
}
}
if ($small_width_total > $pop_width) {
$pop_width = $small_width_total;
}
$product_image = array_shift($products_image_name);
$smarty->assign(array('box_width' => (int) ($pop_width + 50), 'box_height' => (int) ($pop_height + $small_height + 55), 'link_product_img' => xos_href_link(FILENAME_POPUP_IMAGE, 'pID=' . $product_info['products_id'] . '&img_name=' . rawurlencode($product_image['name']), $request_type), 'link_product_img_noscript' => xos_href_link(FILENAME_IMAGES_WINDOW, 'pID=' . $product_info['products_id'], 'NONSSL', true, false, false, false, false), 'product_img' => xos_image(DIR_WS_IMAGES . 'products/medium/' . rawurlencode($product_image['name']), addslashes($product_info['products_name']), '', '', 'style="margin: 5px;"')));
}
$back = sizeof($_SESSION['navigation']->path) - 2;
if (!empty($_SESSION['navigation']->path[$back])) {
$get_params_array = $_SESSION['navigation']->path[$back]['get'];
$get_params_array['rmp'] = '0';
$back_link = xos_href_link($_SESSION['navigation']->path[$back]['page'], xos_array_to_query_string($get_params_array, array('action', xos_session_name())), $_SESSION['navigation']->path[$back]['mode']);
} else {
$back_link = 'javascript:history.go(-1)';
}
$smarty->assign(array('form_begin' => xos_draw_form('product_reviews_write', xos_href_link(FILENAME_PRODUCT_REVIEWS_WRITE, xos_get_all_get_params(array('lnc', 'cur', 'tpl', 'action')) . 'action=process', 'SSL'), 'post', 'onsubmit="return checkForm();"', true), 'form_end' => '</form>', 'radio_fields' => xos_draw_radio_field('rating', '1') . ' ' . xos_draw_radio_field('rating', '2') . ' ' . xos_draw_radio_field('rating', '3') . ' ' . xos_draw_radio_field('rating', '4') . ' ' . xos_draw_radio_field('rating', '5'), 'textarea_field' => xos_draw_textarea_field('review', '60', '15'), 'customers_name' => xos_output_string_protected($customer['customers_firstname'] . ' ' . $customer['customers_lastname']), 'products_name' => $product_info['products_name'], 'products_p_unit' => $product_info['products_p_unit'], 'products_model' => $product_info['products_model'], 'products_price' => $product_price, 'products_price_special' => $product_price_special, 'products_price_breaks' => $price_breaks_array, 'products_tax_description' => xos_get_products_tax_description($product_info['products_tax_class_id'], $products_tax_rate), 'td_width_img' => MEDIUM_PRODUCT_IMAGE_MAX_WIDTH + 10, 'link_back' => $back_link, 'link_buy_now' => xos_href_link(basename($_SERVER['PHP_SELF']), xos_get_all_get_params(array('action')) . 'action=buy_now')));
$smarty->configLoad('languages/' . $_SESSION['language'] . '.conf', 'product_reviews_write');
$output_product_reviews_write = $smarty->fetch(SELECTED_TPL . '/product_reviews_write.tpl');
$smarty->assign('central_contents', $output_product_reviews_write);
$smarty->display(SELECTED_TPL . '/frame.tpl');
require DIR_WS_INCLUDES . 'application_bottom.php';
}
for ($i = 0, $n = sizeof($quotes); $i < $n; $i++) {
if (!isset($quotes[$i]['error'])) {
$shipping_modules_methods_array = array();
for ($j = 0, $n2 = sizeof($quotes[$i]['methods']); $j < $n2; $j++) {
// set the radio button to be checked if it is the method chosen
$checked = $quotes[$i]['id'] . '_' . $quotes[$i]['methods'][$j]['id'] == $_SESSION['shipping']['id'] ? true : false;
$checked == true || $n == 1 && $n2 == 1 ? $actual_method = true : ($actual_method = false);
if ($n > 1 || $n2 > 1) {
$several_methods = true;
$cost = $currencies->format(xos_add_tax($currencies->currencies[$_SESSION['currency']]['value'] * $quotes[$i]['methods'][$j]['cost'], isset($quotes[$i]['tax']) ? $quotes[$i]['tax'] : 0));
} else {
$several_methods = false;
$cost = $currencies->format(xos_add_tax($currencies->currencies[$_SESSION['currency']]['value'] * $quotes[$i]['methods'][$j]['cost'], $quotes[$i]['tax']));
}
$shipping_modules_methods_array[] = array('radio_field' => xos_draw_radio_field('shipping', $quotes[$i]['id'] . '_' . $quotes[$i]['methods'][$j]['id'], $checked, 'id="shipping_' . $radio_buttons . '"'), 'several_methods' => $several_methods, 'hidden_field' => xos_draw_hidden_field('shipping', $quotes[$i]['id'] . '_' . $quotes[$i]['methods'][$j]['id'], 'id="shipping_' . $radio_buttons . '"'), 'cost' => $cost, 'actual_method' => $actual_method, 'title' => $quotes[$i]['methods'][$j]['title'], 'radio_select' => $radio_buttons);
$radio_buttons++;
}
}
$shipping_modules_array[] = array('name' => $quotes[$i]['module'], 'icon' => $quotes[$i]['icon'], 'error' => $quotes[$i]['error'], 'methods' => $shipping_modules_methods_array);
unset($shipping_modules_methods_array);
}
}
$smarty->assign(array('shipping_modules' => true, 'shipping_modules_array' => $shipping_modules_array));
}
$smarty->assign(array('form_begin' => xos_draw_form('checkout_address', xos_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'), 'post', '', true), 'hidden_field' => xos_draw_hidden_field('action', 'process'), 'form_end' => '</form>', 'link_filename_checkout_shipping_address' => MAX_ADDRESS_BOOK_ENTRIES > 1 ? xos_href_link(FILENAME_CHECKOUT_SHIPPING_ADDRESS, '', 'SSL') : xos_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL'), 'address_label' => xos_address_label($_SESSION['customer_id'], $_SESSION['sendto'], true, ' ', '<br />'), 'textarea' => xos_draw_textarea_field('comments', '60', '5', $_SESSION['comments'], 'class="form-control" id="checkout_shipping_comments"')));
$smarty->configLoad('languages/' . $_SESSION['language'] . '.conf', 'checkout_shipping');
$output_checkout_shipping = $smarty->fetch(SELECTED_TPL . '/checkout_shipping.tpl');
$smarty->assign('central_contents', $output_checkout_shipping);
$smarty->display(SELECTED_TPL . '/frame.tpl');
require DIR_WS_INCLUDES . 'application_bottom.php';
}
if (!isset($file_writeable)) {
$file_writeable = true;
}
$file_contents = '';
if ($action == 'new_file') {
$filename_input_field = xos_draw_input_field('filename');
} elseif ($action == 'edit') {
if ($file_array = file($_SESSION['current_path'] . '/' . $_GET['info'])) {
$file_contents = implode('', $file_array);
}
$filename_input_field = $_GET['info'] . xos_draw_hidden_field('filename', $_GET['info']);
}
if ($file_writeable == true) {
$smarty->assign('file_writeable', true);
}
$smarty->assign(array('new_edit_file' => true, 'form_begin_new_file' => xos_draw_form('new_file', FILENAME_FILE_MANAGER, 'action=save'), 'filename_or_input_filename' => $filename_input_field, 'textarea_file_contents' => xos_draw_textarea_field('file_contents', '110', '25', $file_contents, 'style="width: 99%; height: 500px;"' . ($file_writeable ? '' : 'readonly="readonly"')), 'link_filename_file_manager' => xos_href_link(FILENAME_FILE_MANAGER, isset($_GET['info']) ? 'info=' . urlencode($_GET['info']) : '')));
} elseif ($action == 'view') {
$ws_path = str_replace(DIR_FS_DOCUMENT_ROOT, DIR_WS_CATALOG, $_SESSION['current_path']);
$ws_path .= substr($ws_path, -1) != '/' ? '/' : '';
$smarty->assign(array('image_view' => true, 'filename' => $_GET['info'], 'image_data' => @getimagesize($_SESSION['current_path'] . '/' . $_GET['info']), 'image_src' => $ws_path . rawurlencode($_GET['info']), 'link_filename_file_manager' => xos_href_link(FILENAME_FILE_MANAGER, isset($_GET['info']) ? 'info=' . urlencode($_GET['info']) : '')));
} else {
$showuser = function_exists('posix_getpwuid') ? true : false;
$contents = array();
$dir = dir($_SESSION['current_path']);
while ($file = $dir->read()) {
if ($file != '.' && $file != 'CVS' && ($file != '..' || $_SESSION['current_path'] != $dir_fs_document_root)) {
$file_size = number_format(filesize($_SESSION['current_path'] . '/' . $file)) . ' bytes';
$permissions = xos_get_file_permissions(fileperms($_SESSION['current_path'] . '/' . $file));
$is_image = in_array(strtolower(substr($file, -4)), array('.gif', '.jpg', '.png', '.ico', '.svg')) || strtolower(substr($file, -5)) == '.jpeg' ? true : false;
if ($showuser) {
$user = @posix_getpwuid(fileowner($_SESSION['current_path'] . '/' . $file));
/* Re-Post all POST'ed variables */
reset($_POST);
$hidden_fields = '';
while (list($key, $value) = each($_POST)) {
if (!is_array($_POST[$key])) {
$hidden_fields .= xos_draw_hidden_field($key, htmlspecialchars(stripslashes($value)));
}
}
$hidden_fields .= xos_draw_hidden_field('back', 'false');
$smarty->assign(array('action_preview' => true, 'form_begin_action_send_email_to_user' => xos_draw_form('mail', FILENAME_MAIL, 'action=send_email_to_user'), 'to' => $mail_sent_to, 'from' => htmlspecialchars(stripslashes($_POST['from'])), 'subject' => htmlspecialchars(stripslashes($_POST['subject'])), 'message' => nl2br(htmlspecialchars(stripslashes($_POST['message']))), 'link_filename_mail' => xos_href_link(FILENAME_MAIL), 'form_end' => '</form>', 'hidden_fields' => $hidden_fields));
} else {
$customers_email_address = $_POST['customers_email_address'];
$from = $_POST['from'];
$subject = $_POST['subject'];
$message = $_POST['message'];
$customers = array();
$customers[] = array('id' => '', 'text' => TEXT_SELECT_CUSTOMER);
$customers[] = array('id' => '***', 'text' => TEXT_ALL_CUSTOMERS);
$customers[] = array('id' => '**D', 'text' => TEXT_NEWSLETTER_CUSTOMERS);
$mail_query = xos_db_query("select customers_email_address, customers_firstname, customers_lastname from " . TABLE_CUSTOMERS . " order by customers_lastname");
while ($customers_values = xos_db_fetch_array($mail_query)) {
$customers[] = array('id' => $customers_values['customers_email_address'], 'text' => $customers_values['customers_lastname'] . ', ' . $customers_values['customers_firstname'] . ' (' . $customers_values['customers_email_address'] . ')');
}
$smarty->assign(array('form_begin_action_preview' => xos_draw_form('mail', FILENAME_MAIL, 'action=preview'), 'pull_down_customers_email_address' => xos_draw_pull_down_menu('customers_email_address', $customers, isset($_GET['customer']) ? $_GET['customer'] : ''), 'input_from' => xos_draw_input_field('from', EMAIL_FROM), 'input_subject' => xos_draw_input_field('subject'), 'textarea_message' => xos_draw_textarea_field('message', '60', '15'), 'form_end' => '</form>'));
}
$smarty->configLoad('languages/' . $_SESSION['language'] . '.conf', 'mail');
$output_mail = $smarty->fetch(ADMIN_TPL . '/mail.tpl');
$smarty->assign('central_contents', $output_mail);
$smarty->display(ADMIN_TPL . '/frame.tpl');
require DIR_WS_INCLUDES . 'application_bottom.php';
}
