public function import($type) { $data = array(); switch ($type) { case 'news': // check interval for update if (defined('CHECK_NEWS_TIME')) { $lup = CHECK_NEWS_TIME > 1440 || CHECK_NEWS_TIME < 1 ? 3600 : CHECK_NEWS_TIME * 60; } else { $lup = 3600; // 1 hour } $last_check = \query\main::get_option('check_news'); if ($last_check + $lup > time()) { return false; } $data['last_check'] = $last_check; actions::set_option(array('check_news' => time())); break; default: return false; break; } try { $answer = $this->connect($type, $data); $this->parse_answer($type, $answer); return true; } catch (Exception $e) { return $e->getMessage(); } }
function meta_description() { if ($GLOBALS['exists'] > 0 && !empty($GLOBALS['item']->meta_description)) { $repl = array('%YEAR%' => date('Y'), '%MONTH%' => date('F')); return str_replace(array_keys($repl), array_values($repl), $GLOBALS['item']->meta_description); } else { return meta_default('', \query\main::get_option('meta_description')); } }
private function admin_panel_language() { $language = \query\main::get_option('adminpanel_lang'); $languages = \site\language::languages(); if (file_exists($languages[$language]['location'])) { return array('name' => $languages[$language]['name'], 'location' => $languages[$language]['location']); } return array('name' => $languages[$language]['name'], 'location' => $languages[$language]['location']); }
public static function have_reward() { if (file_exists(DIR . DIRECTORY_SEPARATOR . THEMES_LOC . DIRECTORY_SEPARATOR . \query\main::get_option('theme') . DIRECTORY_SEPARATOR . 'functions.php')) { @(require_once DIR . DIRECTORY_SEPARATOR . THEMES_LOC . DIRECTORY_SEPARATOR . \query\main::get_option('theme') . DIRECTORY_SEPARATOR . 'functions.php'); if (function_exists('theme_has_rewards') && theme_has_rewards()) { return true; } } return false; }
function __construct() { $client = \query\main::get_option('paypal_ID'); $secret = \query\main::get_option('paypal_secret'); $config = array('mode' => 'live'); if (strtolower(\query\main::get_option('paypal_mode')) == 'sandbox') { $config['mode'] = 'sandbox'; } $this->apiContext = new \PayPal\Rest\ApiContext(new \PayPal\Auth\OAuthTokenCredential($client, $secret)); $this->apiContext->setConfig($config); }
public static function send($to, $subject, $params = array(), $vars = array()) { global $LANG; if (empty($params['template'])) { if (empty($params['message'])) { return false; } else { $text = $params['message']; } } else { if (!file_exists((isset($params['path']) ? $params['path'] : '') . TMAIL_LOCATION . '/' . $params['template'] . '.html')) { return false; } $text = file_get_contents((isset($params['path']) ? $params['path'] : '') . TMAIL_LOCATION . '/' . $params['template'] . '.html'); extract($vars); eval("\$text = \"{$text}\";"); } include (isset($params['path']) ? $params['path'] : '') . LBDIR . '/PHPMailer/class.phpmailer.php'; $mail = new \PHPMailer(); $mail->CharSet = 'UTF-8'; $mail->AddReplyTo(isset($params['reply_to']) ? $params['reply_to'] : \query\main::get_option('email_answer_to'), isset($params['reply_name']) ? $params['reply_name'] : ''); $mail->From = isset($params['from_name']) ? $params['from_name'] : \query\main::get_option('email_answer_to'); $mail->FromName = isset($params['from_email']) ? $params['from_email'] : \query\main::get_option('email_from_name'); $mail->AddAddress($to); $mail->Subject = $subject; $mail->MsgHTML($text); $mail->IsHTML(true); switch (\query\main::get_option('mail_method')) { case 'SMTP': $mail->IsSMTP(); // tell the class to use SMTP $mail->SMTPAuth = \query\main::get_option('smtp_auth'); $mail->Port = \query\main::get_option('smtp_port'); $mail->Host = \query\main::get_option('smtp_host'); $mail->Username = \query\main::get_option('smtp_user'); $mail->Password = \query\main::get_option('smtp_password'); break; case 'sendmail': $mail->isSendmail(); $mail->Sendmail = \query\main::get_option('sendmail_path'); break; default: $mail->isMail(); break; } if ($mail->Send()) { return true; } else { return false; } }
function meta_description() { if ($GLOBALS['exists'] > 0) { if (!empty($GLOBALS['item']->meta_description)) { $repl = array('%YEAR%' => date('Y'), '%MONTH%' => date('F')); return str_replace(array_keys($repl), array_values($repl), $GLOBALS['item']->meta_description); } else { $desc = \query\main::get_option('meta_store_desc'); $repl = array('%NAME%' => $GLOBALS['item']->name, '%COUPONS%' => $GLOBALS['item']->coupons, '%REVIEWS%' => $GLOBALS['item']->reviews, '%YEAR%' => date('Y'), '%MONTH%' => date('F')); return str_replace(array_keys($repl), array_values($repl), htmlspecialchars($desc)); } } else { return meta_default('', \query\main::get_option('meta_description')); } }
function meta_description() { if ($GLOBALS['exists'] > 0) { if (!empty($GLOBALS['item']->meta_description)) { $repl = array('%YEAR%' => date('Y'), '%MONTH%' => date('F')); return str_replace(array_keys($repl), array_values($repl), $GLOBALS['item']->meta_description); } else { $desc = \query\main::get_option('meta_coupon_desc'); $repl = array('%NAME%' => $GLOBALS['item']->title, '%STORE_NAME%' => $GLOBALS['item']->store_name, '%EXPIRATION%' => date('Y/m/d', strtotime($GLOBALS['item']->expiration_date)), '%YEAR%' => date('Y'), '%MONTH%' => date('F')); return str_replace(array_keys($repl), array_values($repl), htmlspecialchars($desc)); } } else { return meta_default('', \query\main::get_option('meta_description')); } }
private function checkserver() { if (empty($this->server)) { $this->server = \query\main::get_option('feedserver'); } $server = \site\feed::server($this->server); if (!$server) { throw new Exception($this->lang('feed_e_invalid')); } if (!file_exists(DIR . '/' . $server['config'])) { throw new Exception($this->lang['feed_e_configmiss']); } @(include DIR . '/' . $server['config']); if (!isset($server['COUPON_URL']) || !isset($server['COUPONS_URL']) || !isset($server['STORE_URL']) || !isset($server['STORES_URL']) || !isset($server['CATEGORIES_URL'])) { throw new Exception($this->lang['feed_e_serverr']); } return $server; }
} $db->set_charset(DB_CHARSET); /** */ spl_autoload_register(function ($cn) { $type = strstr($cn, '\\', true); if ($type == 'plugin') { $cn = str_replace('\\', '/', $cn); include DIR . '/' . UPDIR . '/' . substr($cn, strpos($cn, '/') + 1) . '.php'; } else { include DIR . '/' . IDIR . '/' . str_replace('\\', '/', $cn) . '.php'; } }); /** */ if (!empty($_GET)) { if (defined('SEO_LINKS') && SEO_LINKS) { $sp = array('pages' => array('p' => current($_GET)), 'tpage' => array('tpage' => current($_GET)), 'ajax' => array('ajax' => current($_GET)), 'cron' => array('cron' => current($_GET)), \query\main::get_option('seo_link_coupon') => array('id' => current($_GET)), \query\main::get_option('seo_link_product') => array('product' => current($_GET)), \query\main::get_option('seo_link_category') => array('cat' => current($_GET)), \query\main::get_option('seo_link_search') => array('s' => isset($_GET['s']) ? $_GET['s'] : ''), \query\main::get_option('seo_link_store') => array('store' => current($_GET)), \query\main::get_option('seo_link_stores') => array('stores' => current($_GET)), \query\main::get_option('seo_link_reviews') => array('reviews' => current($_GET)), \query\main::get_option('seo_link_user') => array('user' => current($_GET)), \query\main::get_option('seo_link_plugin') => array('plugin' => current($_GET))); if (in_array(key($_GET), array_keys($sp))) { $k = key($sp[key($_GET)]); $v = $sp[key($_GET)][$k]; } } else { $k = key($_GET); $v = current($_GET); } if (!empty($k)) { switch ($k) { case 'p': $GET['loc'] = 'page'; $GET['id'] = $v; break; case 'id':
$categories['max'] = 100; // max should be defined if (isset($_GET['cat'])) { $categories['categories'] = $_GET['cat']; } else { if (isset($_GET['store'])) { $categories['store'] = $_GET['store']; } } echo '<?xml version="1.0" encoding="UTF-8" ?> <rss version="2.0"> <channel> <title>' . \query\main::get_option('sitename') . ' Coupons</title> <link>' . $GLOBALS['siteURL'] . '</link> <description>List of coupons</description> <language>en-us</language>'; foreach (\query\main::while_items($categories) as $item) { echo ' <item> <title>' . $item->title . '</title> <link>' . $item->link . '</link> <description><![CDATA[' . $item->description . ']]></description> <pubDate>' . date('r', strtotime($item->date)) . '</pubDate> <guid>' . $item->link . '</guid> </item> '; } echo '</channel>
echo ' <div class="title"> <h2>Sendy settings</h2> <span>Modify Sendy settings</span> </div> '; echo '<form action="#" method="POST"> <div class="form-table"> <div class="row"><span>api_key: <span class="info"><span>sendy_api_key</span></span></span><div><input type="text" name="sendy_api_key" value="' . htmlspecialchars(\query\main::get_option('sendy_api_key')) . '" style="background: #F8E0E0;" required /></div></div> <div class="row"><span>sendy_url: <span class="info"><span>sendy_url</span></span></span><div><input type="text" name="sendy_url" value="' . htmlspecialchars(\query\main::get_option('sendy_url')) . '" style="background: #F8E0E0;" required /></div></div> <div class="row"><span>list_id: <span class="info"><span>sendy_list_id</span></span></span><div><input type="text" name="sendy_list_id" value="' . htmlspecialchars(\query\main::get_option('sendy_list_id')) . '" style="background: #F8E0E0;" required /></div></div> <div class="row"><span>brand_id: <span class="info"><span>sendy_brand_id</span></span></span><div><input type="text" name="sendy_brand_id" value="' . htmlspecialchars(\query\main::get_option('sendy_brand_id')) . '" style="background: #F8E0E0;" required /></div></div> <div class="row"><span>from_name: <span class="info"><span>sendy_from_name</span></span></span><div><input type="text" name="sendy_from_name" value="' . htmlspecialchars(\query\main::get_option('sendy_from_name')) . '" style="background: #F8E0E0;" required /></div></div> <div class="row"><span>from_email: <span class="info"><span>sendy_from_email</span></span></span><div><input type="text" name="sendy_from_email" value="' . htmlspecialchars(\query\main::get_option('sendy_from_email')) . '" style="background: #F8E0E0;" required /></div></div> <div class="row"><span>reply_to: <span class="info"><span>sendy_reply_to</span></span></span><div><input type="text" name="sendy_reply_to" value="' . htmlspecialchars(\query\main::get_option('sendy_reply_to')) . '" style="background: #F8E0E0;" required /></div></div> <div class="row"><span>query_string: <span class="info"><span>sendy_query_string</span></span></span><div><input type="text" name="sendy_query_string" value="' . htmlspecialchars(\query\main::get_option('sendy_query_string')) . '" style="background: #F8E0E0;" /></div></div> <div class="row"><span>template_root: <span class="info"><span>sendy_template_root</span></span></span><div><input type="text" name="sendy_template_root" value="' . htmlspecialchars(\query\main::get_option('sendy_template_root')) . '" style="background: #F8E0E0;" /></div></div> </div>'; echo '<input type="hidden" name="csrf" value="' . $csrf . '" /> <button class="btn">Save</button> </form> '; break; }
include DIR . '/' . IDIR . '/' . str_replace('\\', '/', $cn) . '.php'; } }); /** */ $load = new \main\load(); $LANG = $load->get_ap_language(); include 'includes/functions.php'; if ($GLOBALS['me'] && $GLOBALS['me']->is_subadmin) { include 'includes/template.php'; include 'etc/connector.php'; include 'includes/admin.php'; include 'includes/query.php'; include 'includes/widgets.php'; include 'includes/importer.php'; // this it's not mandatory, but good to clear informations in real time actions::cleardata(true, \query\main::get_option('delete_old_coupons')); if (isset($_GET['ajax']) && file_exists('ajax/' . $_GET['ajax'])) { include 'ajax/' . $_GET['ajax']; die; } else { if (isset($_GET['download']) && file_exists('etc/download/' . $_GET['download'])) { include 'etc/download/' . $_GET['download']; die; } } include 'html/header.php'; include 'html/nav.php'; include 'html/logged.php'; new importer(); if (!isset($_GET['action'])) { $_GET['action'] = '';
public static function while_rewards_reqs($category = array()) { global $db; $categories = \site\utils::validate_user_data($category); $where = $orderby = $limit = array(); if (isset($categories['max'])) { if (!empty($categories['max'])) { $limit[] = $categories['max']; } } else { $page = !empty($_GET['page']) ? (int) $_GET['page'] : 1; $per_page = isset($categories['per_page']) ? (int) $categories['per_page'] : \query\main::get_option('items_per_page'); $offset = isset($page) && $page > 1 ? ($page - 1) * $per_page : 0; $limit[] = $offset; $limit[] = $per_page; } /* WHERE / ORDER BY */ if (!empty($categories['user'])) { $where[] = 'user = "******"'; } if (!empty($categories['reward'])) { $where[] = 'reward = "' . (int) $categories['reward'] . '"'; } if (!empty($categories['search'])) { $search = implode('.*', explode(' ', trim($categories['search']))); $where[] = 'fields REGEXP "' . \site\utils::dbp($search) . '"'; } if (isset($categories['show'])) { $show = strtolower($categories['show']); switch ($show) { case 'valid': $where[] = 'claimed = 1'; break; case 'notvalid': $where[] = 'claimed = 0'; break; } } if (isset($categories['orderby'])) { $order = array_map('trim', explode(',', strtolower($categories['orderby']))); foreach ($order as $v) { switch ($v) { case 'rand': $orderby[] = 'RAND()'; break; case 'date': $orderby[] = 'date'; break; case 'date desc': $orderby[] = 'date DESC'; break; case 'points': $orderby[] = 'points'; break; case 'points desc': $orderby[] = 'points DESC'; break; } } } /* */ $stmt = $db->stmt_init(); $stmt->prepare("SELECT id, name, user, points, reward, (SELECT COUNT(*) FROM " . DB_TABLE_PREFIX . "rewards WHERE id = r.reward), fields, claimed, date FROM " . DB_TABLE_PREFIX . "rewards_reqs r" . (empty($where) ? '' : ' WHERE ' . implode(' AND ', $where)) . (empty($orderby) ? '' : ' ORDER BY ' . implode(', ', array_filter($orderby))) . (empty($limit) ? '' : ' LIMIT ' . implode(',', $limit))); $stmt->execute(); $stmt->bind_result($id, $name, $user, $points, $reward, $reward_exists, $fields, $claimed, $date); $data = array(); while ($stmt->fetch()) { $data[] = (object) array('ID' => $id, 'name' => htmlspecialchars($name), 'user' => $user, 'points' => $points, 'reward' => $reward, 'reward_exists' => $reward_exists > 0 ? 1 : 0, 'fields' => @unserialize($fields), 'claimed' => $claimed, 'date' => $date); } $stmt->close(); return $data; }
include ADMINDIR . '/includes/feed.php'; include ADMINDIR . '/includes/admin.php'; include ADMINDIR . '/includes/query.php'; try { $feed = new feed(\query\main::get_option('feedserver_ID'), \query\main::get_option('feedserver_secret')); $ids = array(); foreach (\query\main::while_stores(array('max' => 0, 'show' => 'feed')) as $store) { $ids[] = $store->feedID; } $csuc = $cusuc = $cerr = $cuerr = 0; if (!empty($ids)) { $last_check = \query\main::get_option('lfeed_check'); /* UPDATE COUPONS */ if ((int) \query\main::get_option('feed_moddt') !== 0) { try { $coupons = $feed->coupons($options = array('store' => implode(',', array_values($ids)), 'update' => \site\utils::timeconvert(date('Y-m-d, H:i:s', $last_check), $feed->timezone))); if (!empty($coupons['Count'])) { for ($cp = 1; $cp <= ceil($coupons['Count'] / 10); $cp++) { if ($cp != 1) { $coupons = $feed->coupons(array_merge(array('page' => $cp), $options)); } foreach ($coupons['List'] as $coupon) { if (($couponi = admin_query::coupon_imported($coupon->ID)) && actions::edit_item2($couponi->ID, array('name' => $coupon->Title, 'link' => $coupon->URL, 'code' => $coupon->Code, 'description' => $coupon->Description, 'tags' => $coupon->Tags, 'start' => $coupon->Start_Date, 'end' => $coupon->End_Date))) { $cusuc++; } else { $cuerr++; } } usleep(500000);
echo '<option value="' . $k . '"' . (isset($_GET['view']) && urldecode($_GET['view']) == $k || !isset($_GET['view']) && $k == 'notjoined' ? ' selected' : '') . '>' . $v . '</option>'; } echo '</select>Type: <select name="type">'; $types = \plugin\Popshop\inc\actions::listDealTypes(NULL); foreach ($types as $k => $v) { echo '<option value="' . $k . '"' . (isset($_GET['type']) && urldecode($_GET['type']) == $k ? ' selected' : '') . '>' . $v . '</option>'; } echo '</select> <button class="btn" onclick="goFilter();">View</button> </div>'; /* view after relationship */ $view = isset($_GET['view']) && array_key_exists($_GET['view'], $views) ? $_GET['view'] : 'notjoined'; $merchantid = isset($_GET['merchant']) ? intval($_GET['merchant']) : 0; /* view after type */ $type = isset($_GET['type']) && array_key_exists($_GET['type'], $types) ? $_GET['type'] : ''; /* pagination */ $per_page = \query\main::get_option('cj_ipp'); $page = isset($_GET['page']) && $_GET['page'] > 0 ? $_GET['page'] : 0; /* */ $lookup = array('status' => $view, '$merchant' => $merchantid, 'deal_type' => $type, 'page' => $page, 'per_page' => $per_page); $links = \plugin\Popshop\inc\actions::listDeals($lookup); if ($page > 0 || count($links) > 0) { echo '<form action="?plugin=Popshop/main.php&action=coupons" method="POST"> <ul class="elements-list"> <li class="head"><input type="checkbox" checkall /> Name</li> <div class="bulk_options"> <button class="btn">Import all</button>
$store_link = $seo_link ? \site\utils::make_seo_link($seo_link_store, $s_name, $s_id) : $GLOBALS['siteURL'] . '?store=' . $s_id; $c_expiration = str_replace(' 00:00:00', '', $c_expiration); array_push($ret, array('title' => $c_title, 'image' => $s_image, 'name' => $s_name, 'expiration' => 'Expires on ' . $c_expiration, 'link' => $coupon_link, 's_link' => $store_link)); } if (count($ret) > 0) { echo json_encode($ret); } } } else { if (isset($_GET['action']) && $_GET['action'] == 'get_sale') { if (isset($_GET['csrf']) && $_GET['csrf'] == $_SESSION['slider_csrf']) { $id = $_GET['id']; $seo_link = defined('SEO_LINKS') && SEO_LINKS ? true : false; $seo_link_coupon = \query\main::get_option('seo_link_coupon'); $seo_link_product = \query\main::get_option('seo_link_product'); $seo_link_store = \query\main::get_option('seo_link_store'); $stmt = $db->stmt_init(); $search_products = "SELECT p.id, p.title, p.link, p.description, p.tags, p.image, p.currency, p.price, p.old_price, s.name, s.link, s.id, p.expiration FROM " . DB_TABLE_PREFIX . "products p LEFT JOIN " . DB_TABLE_PREFIX . "stores s ON (s.id = p.store) WHERE p.visible > 0 AND s.visible > 0 AND p.id in (" . $id . ")"; $stmt->prepare($search_products); $stmt->execute(); $stmt->bind_result($p_id, $p_title, $p_link, $p_description, $p_tags, $p_image, $p_currency, $p_price, $p_old_price, $s_name, $s_link, $s_id, $p_expiration); $ret = array(); while ($stmt->fetch()) { $product_link = $seo_link ? \site\utils::make_seo_link($seo_link_product, $p_title, $p_id) : $GLOBALS['siteURL'] . '?product=' . $p_id; $store_link = $seo_link ? \site\utils::make_seo_link($seo_link_store, $s_name, $s_id) : $GLOBALS['siteURL'] . '?store=' . $s_id; $p_expiration = str_replace(' 00:00:00', '', $p_expiration); array_push($ret, array('title' => $p_title, 'image' => $p_image, 'name' => $s_name, 'expiration' => 'Expires on ' . $p_expiration, 'link' => $product_link, 's_link' => $store_link, 'price' => $p_currency . $p_price, 'old_price' => $p_currency . $p_old_price)); } if (count($ret) > 0) { echo json_encode($ret); }
public static function while_plugins($category = array()) { global $db; $categories = \site\utils::validate_user_data($category); $where = $orderby = $limit = array(); if (isset($categories['max'])) { if (!empty($categories['max'])) { $limit[] = $categories['max']; } } else { $page = !empty($_GET['page']) ? (int) $_GET['page'] : 1; $per_page = isset($categories['per_page']) ? (int) $categories['per_page'] : \query\main::get_option('items_per_page'); $offset = isset($page) && $page > 1 ? ($page - 1) * $per_page : 0; $limit[] = $offset; $limit[] = $per_page; } /* WHERE / ORDER BY */ if (!empty($categories['search'])) { $search = implode('.*', explode(' ', trim($categories['search']))); $where[] = 'CONCAT(name, description) REGEXP "' . \site\utils::dbp($search) . '"'; } if (isset($categories['show'])) { $show = array_map('trim', explode(',', strtolower($categories['show']))); foreach ($show as $v) { switch ($v) { case 'languages': $where[] = 'scope = "language"'; break; case 'payment_gateways': $where[] = 'scope = "pay_gateway"'; break; case 'feed_servers': $where[] = 'scope = "feed_server"'; break; case 'applications': $where[] = 'scope = ""'; break; } } } if (isset($categories['orderby'])) { $order = array_map('trim', explode(',', strtolower($categories['orderby']))); foreach ($order as $v) { switch ($v) { case 'name': $orderby[] = 'name'; break; case 'name desc': $orderby[] = 'name DESC'; break; case 'date': $orderby[] = 'date'; break; case 'date desc': $orderby[] = 'date DESC'; break; } } } /* */ $stmt = $db->stmt_init(); $stmt->prepare("SELECT id, user, name, image, scope, main, options, menu, menu_ready, menu_icon, extend_vars, description, version, update_checker, uninstall, visible, date FROM " . DB_TABLE_PREFIX . "plugins" . (empty($where) ? '' : ' WHERE ' . implode(' AND ', $where)) . (empty($orderby) ? '' : ' ORDER BY ' . implode(', ', array_filter($orderby))) . (empty($limit) ? '' : ' LIMIT ' . implode(',', $limit))); $stmt->execute(); $stmt->bind_result($id, $user, $name, $image, $scope, $main_file, $options_file, $menu, $menu_ready, $menu_icon, $vars, $description, $version, $update_checker, $uninstall, $visible, $date); $data = array(); while ($info = $stmt->fetch()) { $data[] = (object) array('ID' => $id, 'user' => $user, 'name' => htmlspecialchars($name), 'image' => htmlspecialchars($image), 'scope' => htmlspecialchars($scope), 'main_file' => htmlspecialchars($main_file), 'options_file' => htmlspecialchars($options_file), 'menu' => $menu, 'menu_ready' => $menu_ready, 'menu_icon' => $menu_icon, 'vars' => @unserialize($vars), 'description' => htmlspecialchars($description), 'update_checker' => htmlspecialchars($update_checker), 'version' => $version, 'uninstall_preview' => @unserialize($uninstall), 'visible' => $visible, 'date' => $date); } $stmt->close(); return $data; }
function write_review_form($id = 0) { global $GET, $LANG; if (isset($GET['id'])) { $id = $GET['id']; } if ($GLOBALS['me'] && !empty($id)) { if (!(bool) \query\main::get_option('allow_reviews')) { return '<div class="info_form">' . $LANG['review_not_allowed'] . '</div>'; } $form = '<div class="write_review_form other_form">'; if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['write_review_form']) && \site\utils::check_csrf($_POST['write_review_form']['csrf'], 'write_review_form_csrf')) { $pd = \site\utils::validate_user_data($_POST['write_review_form']); try { \user\main::write_review($id, $GLOBALS['me']->ID, $pd); $form .= '<div class="success">' . $LANG['review_sent'] . '</div>'; } catch (Exception $e) { $form .= '<div class="error">' . $e->getMessage() . '</div>'; } } $csrf = $_SESSION['write_review_form_csrf'] = \site\utils::str_random(12); $form .= '<form method="POST" action="#"> <div class="form_field"><label for="write_review_form[stars]">' . $LANG['form_stars'] . ':</label> <div><select name="write_review_form[stars]" id="write_review_form[stars]"> <option value="5">5</option> <option value="4">4</option> <option value="3">3</option> <option value="2">2</option> <option value="1">1</option> </select></div></div> <div class="form_field"><label for="write_review_form[text]">' . $LANG['form_text'] . ':</label> <div><textarea name="write_review_form[text]" id="write_review_form[text]" required></textarea></div></div> <input type="hidden" name="write_review_form[csrf]" value="' . $csrf . '" /> <button>' . $LANG['post_review'] . '</button> </form> </div>'; return $form; } else { return '<div class="info_form">' . $LANG['unavailable_form'] . '</div>'; } }
} catch (Exception $e) { echo '<div class="a-alert">' . $e->getMessage() . '</div>'; } } catch (Exception $e) { echo '<div class="a-error">' . $e->getMessage() . '</div>'; } break; /** LIST OF FEED STORES */ /** LIST OF FEED STORES */ default: if (!ab_to(array('feed' => 'view'))) { die; } include 'includes/feed.php'; try { $feed = new feed(\query\main::get_option('feedserver_ID'), \query\main::get_option('feedserver_secret')); try { $stores = $feed->stores(array('orderby' => isset($_GET['orderby']) ? $_GET['orderby'] : 'date desc', 'page' => isset($_GET['page']) ? $_GET['page'] : 1, 'per_page' => 10, 'category' => isset($_GET['category']) ? $_GET['category'] : '', 'search' => isset($_GET['search']) ? $_GET['search'] : '')); echo '<div class="title"> <h2>' . $LANG['stores_title'] . '</h2>'; if (!empty($LANG['feed_stores_subtitle'])) { echo '<span>' . $LANG['feed_stores_subtitle'] . '</span>'; } echo '</div>'; if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['csrf']) && check_csrf($_POST['csrf'], 'pages_csrf')) { if (isset($_POST['delete'])) { if (isset($_POST['id'])) { if (actions::delete_page(array_keys($_POST['id']))) { echo '<div class="a-success">' . $LANG['msg_deleted'] . '</div>'; } else {
$fav_anchor = $_GET['fav_anchor']; $favitem = $_GET['favdeal']; $favsale = $_GET['favsale']; $root = $_GET['root']; $template = $_GET['template']; $template_nofav = file_get_contents($root . $nofav); $template_fav = file_get_contents($root . $fav); $template_favitem = file_get_contents($root . $favitem); $template_favsale = file_get_contents($root . $favsale); $now = date("Y-m-d H:i:s"); $seo_link = defined('SEO_LINKS') && SEO_LINKS ? true : false; $seo_link_coupon = \query\main::get_option('seo_link_coupon'); $seo_link_product = \query\main::get_option('seo_link_product'); $seo_link_store = \query\main::get_option('seo_link_store'); $sendy_url = \query\main::get_option('sendy_url') . 'subscribe'; $sendy_list_id = \query\main::get_option('sendy_list_id'); $userdata = array(); $coupondata = array(); //list subscribers $stmt = $db->stmt_init(); $search = "SELECT id,name,email FROM users WHERE " . DB_TABLE_PREFIX . "subscriber>0 and valid>0 and email<>''"; $stmt->prepare($search); $stmt->execute(); $stmt->bind_result($id, $name, $email); while ($stmt->fetch()) { array_push($userdata, array('id' => $id, 'name' => $name, 'email' => $email)); } foreach ($userdata as $user) { //list stores $search_store = "SELECT store FROM " . DB_TABLE_PREFIX . "favorite WHERE user=" . $user['id']; $stmt->prepare($search_store);
echo '<div class="title"> <h2>MyPluginDemo settings</h2> <span>Modify MyPluginDemo settings</span> </div>'; if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['csrf']) && check_csrf($_POST['csrf'], 'slider_csrf')) { if (isset($_POST['mpd_param1']) && isset($_POST['mpd_param2'])) { if (actions::set_option(array('mpd_param1' => $_POST['mpd_param1'], 'mpd_param2' => $_POST['mpd_param2']))) { echo '<div class="a-success">Saved!</div>'; } else { echo '<div class="a-error">Error!</div>'; } } } $csrf = $_SESSION['slider_csrf'] = \site\utils::str_random(10); echo '<form action="#" method="POST"> <div class="form-table"> <div class="row"><span>Demo Param1: <span class="info"><span>info text here</span></span></span><div><input type="text" name="mpd_param1" value="' . htmlspecialchars(\query\main::get_option('mpd_param1')) . '" style="background: #F8E0E0;" required /></div></div> <div class="row"><span>Demo Param2: <span class="info"><span>info text here</span></span></span><div><input type="text" name="mpd_param2" value="' . htmlspecialchars(\query\main::get_option('mpd_param2')) . '" style="background: #F8E0E0;" required /></div></div> </div>'; echo '<input type="hidden" name="csrf" value="' . $csrf . '" /> <button class="btn">Save</button> </form>'; break; }
<div class="row"><span>' . $LANG['settings_form_emailfn'] . ' <span class="info"><span>' . $LANG['settings_form_iemailfn'] . '</span></span>:</span><div><input type="text" name="email_from_name" value="' . htmlspecialchars(\query\main::get_option('email_from_name')) . '" /></div></div> <div class="row"><span>' . $LANG['settings_form_emailas'] . ' <span class="info"><span>' . $LANG['settings_form_iemailas'] . '</span></span>:</span><div><input type="email" name="email_answer_to" value="' . htmlspecialchars(\query\main::get_option('email_answer_to')) . '" /></div></div> <div class="row"><span>' . $LANG['settings_form_emailcntct'] . ' <span class="info"><span>' . $LANG['settings_form_iemailcntct'] . '</span></span>:</span><div><input type="email" name="email_contact" value="' . htmlspecialchars(\query\main::get_option('email_contact')) . '" /></div></div> <div class="row"><span>' . $LANG['settings_form_mailmeth'] . ':</span><div><select name="mail_meth">'; foreach (array('PHP Mail', 'sendmail', 'SMTP') as $meth) { echo '<option value="' . $meth . '"' . (\query\main::get_option('mail_method') == $meth ? ' selected' : '') . '>' . $meth . '</option>'; } echo '</select></div></div> <div' . (\query\main::get_option('mail_method') != 'SMTP' ? ' style="display: none;"' : '') . '> <div class="row"><span>' . $LANG['settings_from_smtpauth'] . ':</span><div><input type="checkbox" name="smtp_auth"' . (\query\main::get_option('smtp_auth') ? ' checked' : '') . ' /></div></div> <div class="row"><span>' . $LANG['settings_from_smtphost'] . ':</span><div><input type="text" name="smtp_host" value="' . htmlspecialchars(\query\main::get_option('smtp_host')) . '" /></div></div> <div class="row"><span>' . $LANG['settings_from_smtpport'] . ':</span><div><input type="text" name="smtp_port" value="' . htmlspecialchars(\query\main::get_option('smtp_port')) . '" /></div></div> <div class="row"><span>' . $LANG['settings_from_smtpuser'] . ':</span><div><input type="text" name="smtp_user" value="' . htmlspecialchars(\query\main::get_option('smtp_user')) . '" /></div></div> <div class="row"><span>' . $LANG['settings_from_smtppass'] . ':</span><div><input type="text" name="smtp_pass" value="' . htmlspecialchars(\query\main::get_option('smtp_password')) . '" /></div></div> </div> <div' . (\query\main::get_option('mail_method') != 'sendmail' ? ' style="display: none;"' : '') . '> <div class="row"><span>' . $LANG['settings_from_snmapath'] . ':</span><div><input type="text" name="sendmail_path" value="' . htmlspecialchars(\query\main::get_option('sendmail_path')) . '" /></div></div> </div> <div class="row"><span>' . $LANG['settings_form_mailsign'] . ':</span><div><textarea name="mailsign">' . \query\main::get_option('mail_signature') . '</textarea></div></div> <input type="hidden" name="csrf" value="' . $csrf . '" /> <button class="btn">' . $LANG['settings_save_button'] . '</button> </form> </div>'; break; }
public static function while_invoices($category = array()) { global $db; $categories = \site\utils::validate_user_data($category); $where = $orderby = $limit = array(); if (isset($categories['max'])) { if (!empty($categories['max'])) { $limit[] = $categories['max']; } } else { $page = !empty($_GET['page']) ? (int) $_GET['page'] : 1; $per_page = isset($categories['per_page']) ? (int) $categories['per_page'] : \query\main::get_option('items_per_page'); $offset = isset($page) && $page > 1 ? ($page - 1) * $per_page : 0; $limit[] = $offset; $limit[] = $per_page; } /* WHERE / ORDER BY */ if (!empty($categories['search'])) { $search = implode('.*', explode(' ', trim($categories['search']))); $where[] = 'CONCAT(t.gateway, t.transaction_id, t.details) REGEXP "' . \site\utils::dbp($search) . '"'; } if (isset($categories['show'])) { switch ($categories['show']) { case 'paid': $where[] = 'paid > 0'; break; case 'unpaid': $where[] = 'paid = 0'; break; case 'delivered': $where[] = 'delivered > 0'; break; case 'undelivered': $where[] = 'delivered = 0'; break; case 'undeliveredpayments': $where[] = 'paid > 0 AND delivered = 0'; } } if (!empty($categories['date'])) { $date = array_map('trim', explode(',', $categories['date'])); $where[] = 't.date >= FROM_UNIXTIME(' . \site\utils::dbp($date[0]) . ')'; if (isset($date[1])) { $where[] = 't.date <= FROM_UNIXTIME(' . \site\utils::dbp($date[1]) . ')'; } } if (isset($categories['orderby'])) { $order = array_map('trim', explode(',', strtolower($categories['orderby']))); foreach ($order as $v) { switch ($v) { case 'rand': $orderby[] = 'RAND()'; break; case 'date': $orderby[] = 't.date'; break; case 'date desc': $orderby[] = 't.date DESC'; break; case 'price': $orderby[] = 't.price'; break; case 'price desc': $orderby[] = 't.price DESC'; break; } } } /* */ $stmt = $db->stmt_init(); $stmt->prepare("SELECT t.id, t.user, u.name, u.avatar, t.gateway, t.price, t.transaction_id, t.state, t.details, t.lastupdate, t.paid, t.delivered, t.date FROM " . DB_TABLE_PREFIX . "p_transactions t LEFT JOIN " . DB_TABLE_PREFIX . "users u ON (u.id = t.user)" . (empty($where) ? '' : ' WHERE ' . implode(' AND ', $where)) . (empty($orderby) ? '' : ' ORDER BY ' . implode(', ', array_filter($orderby))) . (empty($limit) ? '' : ' LIMIT ' . implode(',', $limit))); $stmt->execute(); $stmt->bind_result($id, $user, $user_name, $user_avatar, $gateway, $price, $transaction_id, $state, $details, $last_update, $paid, $delivered, $date); $data = array(); while ($stmt->fetch()) { $data[] = (object) array('ID' => $id, 'user' => $user, 'user_name' => $user_name, 'user_avatar' => $user_avatar, 'gateway' => htmlspecialchars($gateway), 'price' => $price, 'price_format' => sprintf(PRICE_FORMAT, \site\utils::money_format($price)), 'transaction_id' => htmlspecialchars($transaction_id), 'state' => htmlspecialchars($state), 'details' => htmlspecialchars($details), 'last_update' => $last_update, 'paid' => $paid, 'delivered' => $delivered, 'date' => $date); } $stmt->close(); return $data; }
function submit_store_form($auto_select = array('store' => '')) { global $LANG; if ($GLOBALS['me']) { if (!(bool) \query\main::get_option('allow_stores')) { return '<div class="info_form">' . $LANG['submit_store_not_allowed'] . '</div>'; } $form = '<div class="submit_store_form other_form">'; if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['submit_store_form']) && \site\utils::check_csrf($_POST['submit_store_form']['csrf'], 'submit_store_csrf')) { $pd = \site\utils::validate_user_data($_POST['submit_store_form']); try { \user\main::submit_store($GLOBALS['me']->ID, $pd); $form .= '<div class="success">' . $LANG['submit_store_success'] . '</div>'; unset($pd); } catch (Exception $e) { $form .= '<div class="error">' . $e->getMessage() . '</div>'; } } $csrf = $_SESSION['submit_store_csrf'] = \site\utils::str_random(12); $form .= '<form method="POST" action="#" enctype="multipart/form-data"> <div class="form_field"><label for="submit_store_form[category]">' . $LANG['form_category'] . '</label> <div><select name="submit_store_form[category]" id="submit_store_form[category]">'; foreach (\query\main::group_categories(array('max' => 0)) as $cat) { $wcat = '<optgroup label="' . $cat['infos']->name . '">'; $wcat .= '<option value="' . $cat['infos']->ID . '"' . (isset($pd['category']) && $pd['category'] == $cat['infos']->ID ? ' selected' : '') . '>' . $cat['infos']->name . '</option>'; if (isset($cat['subcats'])) { foreach ($cat['subcats'] as $subcat) { $wcat .= '<option value="' . $subcat->ID . '"' . (isset($pd['category']) && $pd['category'] == $cat['infos']->ID ? ' selected' : '') . '>' . $subcat->name . '</option>'; } } $wcat .= '</optgroup>'; $form .= $wcat; } $form .= '</select></div> </div> <div class="form_field"><label for="submit_store_form[name]">' . $LANG['form_name'] . ':</label> <div><input type="text" name="submit_store_form[name]" id="submit_store_form[name]" value="' . (isset($pd['name']) ? $pd['name'] : '') . '" placeholder="' . $LANG['submit_store_name_ph'] . '" required /></div></div> <div class="form_field"><label for="submit_store_form[url]">' . $LANG['form_store_url'] . ':</label> <div><input type="text" name="submit_store_form[url]" id="submit_store_form[url]" value="' . (isset($pd['url']) ? $pd['url'] : '') . '" placeholder="http://" required /></div></div> <div class="form_field"><label for="submit_store_form[description]">' . $LANG['form_description'] . ':</label> <div><textarea name="submit_store_form[description]" id="submit_store_form[description]" style="height:100px;">' . (isset($pd['description']) ? $pd['description'] : '') . '</textarea></div></div> <div class="form_field"><label for="submit_store_form[tags]">' . $LANG['form_tags'] . ':</label> <div><input type="text" name="submit_store_form[tags]" id="submit_store_form[tags]" value="' . (isset($pd['tags']) ? $pd['tags'] : '') . '" /></div></div> <div class="form_field"><label for="submit_store_form_logo">' . $LANG['form_logo'] . ':</label> <div><input type="file" name="submit_store_form_logo" id="submit_store_form_logo" /> <span>Note:* max width: 600px, max height: 400px.</span></div></div> <input type="hidden" name="submit_store_form[csrf]" value="' . $csrf . '" /> <button>' . $LANG['submit_store_button'] . '</button> </form> </div>'; return $form; } else { return '<div class="info_form">' . $LANG['unavailable_form'] . '</div>'; } }
</section> </body> </html>'; die; } else { if (isset($_GET['user']) && isset($_GET['token']) && \user\mail_sessions::check('confirmation', array('user' => (int) $_GET['user'], 'session' => $_GET['token']))) { $stmt = $db->stmt_init(); $stmt->prepare("UPDATE " . DB_TABLE_PREFIX . "users SET valid = 1 WHERE id = ?"); $stmt->bind_param("i", $_GET['user']); $stmt->execute(); @$stmt->close(); \user\mail_sessions::clear('confirmation', array('user' => (int) $_GET['user'])); // check if user has been refered $uinfo = \query\main::user_infos($_GET['user']); if (!empty($uinfo->refid)) { \user\update::add_points($uinfo->refid, \query\main::get_option('u_points_refer')); } echo '<!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"> <meta name="robots" content="noindex, nofollow"> <meta http-equiv="Refresh" content="5; url=index.php" /> <title>' . $LANG['uverify_metatitle'] . '</title> <link href="' . MISCDIR . '/verify.css" media="all" rel="stylesheet" />
echo '<option value="' . $cat->ID . '">' . $cat->name . '</option>'; } echo '</select> <button class="btn" name="change_cat">' . $LANG['move_all'] . '</button>'; } echo '</div>'; } foreach (\query\main::while_stores(array_merge(array('orderby' => isset($_GET['orderby']) ? urldecode($_GET['orderby']) : 'date desc'), $options)) as $item) { echo '<li> <input type="checkbox" name="id[' . $item->ID . ']" /> <div style="display: table;"> <img src="' . \query\main::store_avatar($item->image) . '" alt="" style="width: 80px;" /> <div class="info-div"><h2>' . (!$item->visible ? '<span class="msg-error">' . $LANG['notpublished'] . '</span> ' : '') . ($item->feedID !== 0 ? '<span class="msg-alert" title="' . $LANG['added_through_feed_msg'] . '">' . $LANG['added_through_feed'] . '</span> ' : '') . $item->name . ' <span class="fright date">' . date('Y.m.d, ' . (\query\main::get_option('hour_format') == 12 ? 'g:i A' : 'G:i'), strtotime($item->date)) . '</span></h2> ' . (empty($item->coupons) ? $LANG['no_coupons_store'] : '<a href="?route=coupons.php&store=' . $item->ID . '">' . sprintf($LANG['nr_coupons_store'], $item->coupons) . '</a>') . '</div> </div> <div style="clear:both;"></div> <div class="options">'; if ($ab_edt) { echo '<a href="?route=stores.php&action=edit&id=' . $item->ID . '">' . $LANG['edit'] . '</a>'; echo '<a href="' . \site\utils::update_uri('', array('type' => !$item->visible ? 'publish' : 'unpublish', 'id' => $item->ID, 'token' => $csrf)) . '">' . (!$item->visible ? $LANG['publish'] : $LANG['unpublish']) . '</a>'; } if ($ab_add) { echo '<a href="?route=coupons.php&action=add&store=' . $item->ID . '&category=' . $item->catID . '">' . $LANG['coupons_add_button'] . '</a>'; } if ($ab_del) {
} } include DIR . '/' . LBDIR . '/facebook-sdk-4.0/autoload.php'; use Facebook\FacebookSession; use Facebook\FacebookRedirectLoginHelper; use Facebook\FacebookRequest; use Facebook\FacebookResponse; use Facebook\FacebookSDKException; use Facebook\FacebookRequestException; use Facebook\FacebookAuthorizationException; use Facebook\GraphObject; use Facebook\GraphUser; use Facebook\Entities\AccessToken; use Facebook\HttpClients\FacebookCurlHttpClient; use Facebook\HttpClients\FacebookHttpable; FacebookSession::setDefaultApplication(\query\main::get_option('facebook_appID'), \query\main::get_option('facebook_secret')); $helper = new FacebookRedirectLoginHelper($GLOBALS['siteURL'] . '?plugin=' . $_GET['plugin']); try { $session = $helper->getSessionFromRedirect(); } catch (FacebookRequestException $ex) { echo $ex->getMessage(); } catch (Exception $ex) { echo $ex->getMessage(); } if (isset($session)) { $me = (new FacebookRequest($session, 'GET', '/me'))->execute()->getGraphObject(GraphUser::className())->asArray(); if (!isset($me['email']) || !filter_var($me['email'], FILTER_VALIDATE_EMAIL)) { echo 'Your facebook account it\'s not associated with a valid email address.'; die; } header('Location: ' . $GLOBALS['siteURL'] . 'setSession.php?session=' . \user\main::insert_user(array('username' => $me['name'], 'email' => $me['email']), true, true));
public static function timeconvert($string = null, $timezone = 'UTC', $format = 'U') { $date = new \DateTime($string, timezone_open(\query\main::get_option('timezone'))); $date->setTimeZone(new \DateTimeZone($timezone)); return $date->format($format); }
$categories['max'] = 100; // max should be defined if (isset($_GET['cat'])) { $categories['categories'] = $_GET['cat']; } else { if (isset($_GET['store'])) { $categories['store'] = $_GET['store']; } } echo '<?xml version="1.0" encoding="UTF-8" ?> <rss version="2.0"> <channel> <title>' . \query\main::get_option('sitename') . ' Products</title> <link>' . $GLOBALS['siteURL'] . '</link> <description>List of products</description> <language>en-us</language>'; foreach (\query\main::while_products($categories) as $item) { echo ' <item> <title>' . $item->title . '</title> <image> <link>' . $item->link . '</link> <title>' . $item->title . '</title> <url>' . \query\main::product_avatar($item->image) . '</url> </image> <link>' . $item->link . '</link> <description><![CDATA[' . $item->description . ']]></description> <pubDate>' . date('r', strtotime($item->date)) . '</pubDate>