/**
* Order step
*/
function _order_step_start($FORCE_DISPLAY_FORM = false)
{
module('shop')->_basket_save();
$basket_contents = module('shop')->_basket_api()->get_all();
$products_ids = [];
foreach ((array) $basket_contents as $_item_id => $_info) {
if ($_info["product_id"]) {
$products_ids[$_info["product_id"]] = $_info["product_id"];
}
}
if (!empty($products_ids)) {
$products_infos = db()->query_fetch_all("SELECT * FROM " . db('shop_products') . " WHERE id IN(" . implode(",", $products_ids) . ") AND active='1'");
$products_atts = module('shop')->_products_get_attributes($products_ids);
$group_prices = module('shop')->_get_group_prices($products_ids);
}
$total_price = 0;
foreach ((array) $products_infos as $_info) {
$_product_id = $_info["id"];
$_info["_group_price"] = $group_prices[$_product_id][module('shop')->USER_GROUP];
$quantity = $basket_contents[$_info["id"]]["quantity"];
$price = module('shop')->_product_get_price($_info);
$dynamic_atts = [];
foreach ((array) $products_atts[$_product_id] as $_attr_id => $_attr_info) {
if ($basket_contents[$_product_id]["atts"][$_attr_info["name"]] == $_attr_info["value"]) {
$dynamic_atts[$_attr_id] = "- " . $_attr_info["name"] . " " . $_attr_info["value"];
$price += $_attr_info["price"];
}
}
$URL_PRODUCT_ID = module('shop')->_product_id_url($_info);
$products[$_info["id"]] = ["name" => _prepare_html($_info["name"]), "price" => module('shop')->_format_price($price), "currency" => _prepare_html(module('shop')->CURRENCY), "quantity" => intval($quantity), "details_link" => process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "dynamic_atts" => !empty($dynamic_atts) ? implode("\n<br />", $dynamic_atts) : "", "cat_name" => _prepare_html(module('shop')->_shop_cats[$_info["cat_id"]]), "cat_url" => process_url("./?object=shop&action=products_show&id=" . module('shop')->_shop_cats_all[$_info["cat_id"]]['url'])];
$total_price += $price * $quantity;
}
$replace = ["products" => $products, "total_price" => module('shop')->_format_price($total_price), "currency" => _prepare_html(module('shop')->CURRENCY), "back_link" => "./?object=shop&action=basket", "next_link" => "./?object=shop&action=order&id=delivery", "cats_block" => module('shop')->_categories_show()];
return tpl()->parse("shop/order_start", $replace);
}
function _get_select_attributes($atts = [])
{
if (empty($atts)) {
return [];
}
// Group by attribute name
$_atts_by_name = [];
foreach ((array) $atts as $_info) {
$_atts_products_ids[$_info["name"]] = $_info["product_id"];
$_price_text = " (" . ($_info["price"] < 0 ? "-" : "+") . module("shop")->_format_price(abs($_info["price"])) . ")";
$_atts_by_name[$_info["name"]][$_info["value"]] = $_info["value"] . ($_info["price"] ? $_price_text : "");
}
$result = [];
foreach ((array) $_atts_by_name as $_name => $_info) {
$_product_id = $_atts_products_ids[$_name];
$_box = "";
$_box_name = "atts[" . intval($_product_id) . "][" . $_name . "]";
if (count($_info) > 1) {
$_box = common()->select_box($_box_name, $_info, $selected, false, 2, "", false);
} else {
$_box = current($_info) . "\n<input type=\"hidden\" name=\"" . $_box_name . "\" value=\"" . _prepare_html(current($_info)) . "\" />";
}
$result[$_name] = ["name" => _prepare_html($_name), "box" => $_box];
}
return $result;
}
public function test_prepare_html()
{
$this->assertEquals('test', _prepare_html('test'));
$this->assertEquals('test' . PHP_EOL . 'test', _prepare_html('test' . PHP_EOL . 'test'));
$this->assertEquals('{', _prepare_html('{'));
$this->assertEquals('}', _prepare_html('}'));
$this->assertEquals('\', _prepare_html("\\\\"));
$this->assertEquals('(', _prepare_html('('));
$this->assertEquals(')', _prepare_html(')'));
$this->assertEquals('?', _prepare_html('?'));
$this->assertEquals(''', _prepare_html('\''));
$this->assertEquals('"', _prepare_html('"'));
$this->assertEquals('<', _prepare_html('<'));
$this->assertEquals('>', _prepare_html('>'));
$this->assertEquals('<script>', _prepare_html('<script>'));
$this->assertEquals('<script type="text/javascript">$(function(alert('Hello')))</script>', _prepare_html('<script type="text/javascript">$(function(alert(\'Hello\')))</script>'));
$this->assertEquals('<a href="#" onclick="return confirm('Are you sure?')">Link</a>', _prepare_html('<a href="#" onclick="return confirm(\'Are you sure?\')">Link</a>'));
$this->assertEquals('<a href="#" onclick="return confirm('{i18n_text}')">Link</a>', _prepare_html('<a href="#" onclick="return confirm(\'{i18n_text}\')">Link</a>'));
$this->assertEquals([], _prepare_html([]));
$this->assertEquals(['test'], _prepare_html(['test']));
$this->assertEquals(['k1' => '<', 'k2' => '>'], _prepare_html(['k1' => '<', 'k2' => '>']));
$this->assertEquals(['k1' => [['<']], 'k2' => '>'], _prepare_html(['k1' => [['<']], 'k2' => '>']));
$this->assertEquals('>', _prepare_html('>'));
$this->assertEquals(''', _prepare_html('''));
$this->assertEquals('\', _prepare_html("\\", $strip_slashes = false));
$this->assertEquals('&#039;', _prepare_html(''', 1, $smart = false));
}
function show()
{
if ($_GET['id']) {
return _class('docs')->_show_for($this);
}
$docs = _class('docs');
asset('font-awesome4');
foreach ($this->_get_assets() as $a) {
$name = $a['name'];
$sub = [];
$sub[] = $docs->_github_link($a['path']);
$content = $a['content'];
$info = is_array($content) ? $content['info'] : [];
if ($info['name']) {
$sub[] = '<b>' . t('name') . '</b>: ' . $info['name'];
}
if ($info['desc']) {
$sub[] = '<b>' . t('desc') . '</b>: ' . $info['desc'];
}
if ($info['url']) {
$sub[] = '<b>' . t('url') . '</b>: <a href="' . _prepare_html($info['url']) . '">' . _prepare_html($info['url']) . '</a>';
}
if ($info['git']) {
$sub[] = '<b>' . t('git') . '</b>: <a href="' . $info['git'] . '">' . $info['git'] . '</a>';
}
$data[$name] = ['name' => $name, 'link' => url('/@object/@action/#' . $name), 'sub' => $sub, 'id' => $name];
}
return html()->li($data);
}
/**
* Order step
*/
function _order_step_delivery($FORCE_DISPLAY_FORM = false)
{
// Validate previous form
if (main()->is_post() && !$FORCE_DISPLAY_FORM) {
module('shop')->_order_validate_delivery();
// Display next form if we have no errors
if (!common()->_error_exists()) {
return module('shop')->_order_step_select_payment(true);
}
}
if (main()->USER_ID) {
$order_info = module('shop')->_user_info;
}
// Fill fields
foreach ((array) module('shop')->_b_fields as $_field) {
$replace[$_field] = _prepare_html(isset($_POST[$_field]) ? $_POST[$_field] : module('shop')->_user_info[substr($_field, 2)]);
}
// Fill shipping from billing
foreach ((array) module('shop')->_s_fields as $_field) {
if (module('shop')->_user_info["shipping_same"] && !isset($_POST[$_field])) {
$s_field = "b_" . substr($_field, 2);
$replace[$_field] = _prepare_html(isset($_POST[$s_field]) ? $_POST[$s_field] : module('shop')->_user_info[$s_field]);
} else {
$replace[$_field] = _prepare_html(isset($_POST[$_field]) ? $_POST[$_field] : module('shop')->_user_info[$_field]);
}
}
$force_ship_type = module('shop')->FORCE_GROUP_SHIP[module('shop')->USER_GROUP];
$SELF_METHOD_ID = substr(__FUNCTION__, strlen("_order_step_"));
$replace = my_array_merge((array) $replace, ["form_action" => "./?object=shop&action=" . $_GET["action"] . "&id=" . $SELF_METHOD_ID, "error_message" => _e(), "ship_type_box" => module('shop')->_box("ship_type", $force_ship_type ? $force_ship_type : $_POST["ship_type"]), "back_link" => "./?object=shop&action=order", "cats_block" => module('shop')->_categories_show()]);
return tpl()->parse("shop/order_delivery", $replace);
}
function product_details()
{
if (!$_GET["id"]) {
return is_redirect("./?object=shop");
}
// Get products from database
if (is_numeric($_GET["id"])) {
$add_sql = "id= '" . intval($_GET["id"]);
} else {
$add_sql = "url='" . _es($_GET['id']);
}
$sql = "SELECT * FROM " . db('shop_products') . " WHERE active='1' AND " . $add_sql . "'";
$product_info = db()->query_fetch($sql);
// Required for comments
module("shop")->_comments_params["object_id"] = $product_info["id"];
module("shop")->_comments_params["objects_ids"] = $product_info["id"];
$N = module("shop")->_get_num_comments();
$N = $N[$product_info["id"]];
if ($N == "") {
$N = 0;
}
$dirs = sprintf("%06s", $product_info["id"]);
$dir2 = substr($dirs, -3, 3);
$dir1 = substr($dirs, -6, 3);
$mpath = $dir1 . "/" . $dir2 . "/";
$group_prices = module("shop")->_get_group_prices($product_info["id"]);
$product_info["_group_price"] = $group_prices[module("shop")->USER_GROUP];
module("shop")->_product_info = $product_info;
$atts = module("shop")->_products_get_attributes($product_info["id"]);
$thumb_path = $product_info["url"] . "_" . $product_info["id"] . "_" . $product_info["image"] . module("shop")->THUMB_SUFFIX . ".jpg";
$img_path = $product_info["url"] . "_" . $product_info["id"] . "_" . $product_info["image"] . module("shop")->FULL_IMG_SUFFIX . ".jpg";
if ($product_info["image"] == 0) {
$image = "";
} else {
$image_files = _class('dir')->scan_dir(module("shop")->products_img_dir . $mpath, true, "/" . $product_info["url"] . "_" . $product_info["id"] . ".+?_small\\.jpg" . "/");
$reg = "/" . $product_info["url"] . "_" . $product_info["id"] . "_(?P<content>[\\d]+)_small\\.jpg/";
foreach ((array) $image_files as $filepath) {
preg_match($reg, $filepath, $rezult);
$i = $rezult["content"];
if ($i != $product_info["image"]) {
$thumb_temp = module("shop")->products_img_webdir . $mpath . $product_info["url"] . "_" . $product_info["id"] . "_" . $i . module("shop")->THUMB_SUFFIX . ".jpg";
$img_temp = module("shop")->products_img_webdir . $mpath . $product_info["url"] . "_" . $product_info["id"] . "_" . $i . module("shop")->FULL_IMG_SUFFIX . ".jpg";
$replace2 = ["thumb_path" => $thumb_temp, "img_path" => $img_temp, "name" => $product_info["url"]];
$image .= tpl()->parse("shop/image_items", $replace2);
}
}
}
$URL_PRODUCT_ID = module("shop")->_product_id_url($product_info);
$sql_man = "SELECT * FROM " . db('shop_manufacturers') . " WHERE id = " . $product_info["manufacturer_id"];
$manufacturer = db()->query_fetch($sql_man);
if (module("shop")->SHOW_products_similar_by_price == true) {
$products_similar_by_price = module("shop")->products_similar_by_price($product_info["price"], $product_info["id"]);
}
if (module("shop")->products_similar_by_basket == true) {
$products_similar_by_basket = module("shop")->products_similar_by_basket($product_info["id"]);
}
$replace = ["name" => _prepare_html($product_info["name"]), "model" => _prepare_html($product_info["model"]), "desc" => $product_info["description"], "manufacturer" => _prepare_html(module("shop")->_manufacturer[$product_info["manufacturer_id"]]["name"]), "url_manufacturer" => process_url("./?object=shop&action=products_show&id=" . module("shop")->_manufacturer[$product_info["manufacturer_id"]]["url"]), "date" => _format_date($product_info["add_date"], "long"), "price" => module("shop")->_format_price(module("shop")->_product_get_price($product_info)), "currency" => _prepare_html(module("shop")->CURRENCY), "thumb_path" => file_exists(module("shop")->products_img_dir . $mpath . $img_path) ? module("shop")->products_img_webdir . $mpath . $img_path : "", "img_path" => file_exists(module("shop")->products_img_dir . $mpath . $img_path) ? module("shop")->products_img_webdir . $mpath . $img_path : "", "image" => $image, "basket_add_url" => $product_info["external_url"] ? $product_info["external_url"] : process_url("./?object=shop&action=basket_add&id=" . $URL_PRODUCT_ID), "external_url" => intval((bool) $product_info["external_url"]), "back_url" => process_url("./?object=shop"), "show_basket_url" => process_url("./?object=shop&action=basket"), "dynamic_atts" => module("shop")->_get_select_attributes($atts), "cats_block" => module("shop")->_categories_show(), "cat_name" => _prepare_html(module("shop")->_shop_cats[$product_info["cat_id"]]), "cat_url" => process_url("./?object=shop&action=product_details&id=" . module("shop")->_shop_cats_all[$product_info["cat_id"]]['url']), 'comments' => module("shop")->_view_comments(), "N" => $N, "products_similar_by_price" => $products_similar_by_price, "products_similar_by_basket" => $products_similar_by_basket, "product_related" => module("shop")->products_related($product_info["id"])];
db()->query("UPDATE " . db('shop_products') . " SET viewed = viewed+1 , last_viewed_date = " . time() . " WHERE " . $add_sql . "'");
return tpl()->parse("shop/details", $replace);
}
function products_similar_by_price($price, $id)
{
$price_min = floor($price - $price * 10 / 100);
$price_max = ceil($price + $price * 10 / 100);
$sql1 = "SELECT category_id FROM " . db('shop_product_to_category') . " WHERE product_id = " . $id . "";
$cat_id = db()->query($sql1);
while ($A = db()->fetch_assoc($cat_id)) {
$cats_id .= $A["category_id"] . ",";
}
$cats_id = rtrim($cats_id, ",");
$sql2 = "SELECT product_id FROM " . db('shop_product_to_category') . " WHERE category_id IN ( " . $cats_id . ")";
$prod = db()->query($sql2);
while ($A = db()->fetch_assoc($prod)) {
$prods .= $A["product_id"] . ",";
}
$prods = rtrim($prods, ",");
$sql = "SELECT * FROM " . db('shop_products') . " WHERE price > " . $price_min . " AND price < " . $price_max . " AND id != " . $id . " AND id IN(" . $prods . ")";
$product = db()->query_fetch_all($sql);
foreach ((array) $product as $k => $product_info) {
$thumb_path = $product_info["url"] . "_" . $product_info["id"] . "_1" . module("shop")->THUMB_SUFFIX . ".jpg";
$URL_PRODUCT_ID = module("shop")->_product_id_url($product_info);
$items[$product_info["id"]] = ["name" => _prepare_html($product_info["name"]), "price" => module("shop")->_format_price(module("shop")->_product_get_price($product_info)), "currency" => _prepare_html(module("shop")->CURRENCY), "image" => file_exists(module("shop")->products_img_dir . $thumb_path) ? module("shop")->products_img_webdir . $thumb_path : "", "link" => $product_info["external_url"] ? $product_info["external_url"] : process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "special" => ""];
}
$replace = ["items" => $items, "title" => "Similar price"];
return tpl()->parse("shop/products_similar_by_price", $replace);
}
/**
* basket_main
*/
function basket_main()
{
$products_ids = [];
$basket_contents = module('shop')->_basket_api()->get_all();
foreach ((array) $basket_contents as $_item_id => $_info) {
if ($_info["product_id"]) {
$products_ids[$_info["product_id"]] = $_info["product_id"];
}
}
if (!empty($products_ids)) {
$products_infos = db()->query_fetch_all("SELECT * FROM " . db('shop_products') . " WHERE active='1' AND id IN(" . implode(",", $products_ids) . ")");
$products_atts = module('shop')->_products_get_attributes($products_ids);
$group_prices = module('shop')->_get_group_prices($products_ids);
}
$total_price = 0;
foreach ((array) $products_infos as $_info) {
$_product_id = $_info["id"];
$_info["_group_price"] = $group_prices[$_product_id][module('shop')->USER_GROUP];
$quantity2 = $basket_contents[$_info["id"]]["quantity"];
$price = module('shop')->_product_get_price($_info);
$dynamic_atts = [];
foreach ((array) $products_atts[$_product_id] as $_attr_id => $_attr_info) {
if ($basket_contents[$_product_id]["atts"][$_attr_info["name"]] == $_attr_info["value"]) {
$dynamic_atts[$_attr_id] = "- " . $_attr_info["name"] . " " . $_attr_info["value"];
$price += $_attr_info["price"];
}
}
$total_price += $price * $quantity2;
$quantity += intval($quantity2);
}
$replace = ["total_price" => module('shop')->_format_price($total_price), "currency" => _prepare_html(module('shop')->CURRENCY), "quantity" => $quantity, "order_link" => "./?object=shop&action=basket", "basket_link" => "./?object=shop&action=basket"];
return tpl()->parse("shop/basket_main", $replace);
}
function products_similar_by_basket($id)
{
$sql_order_id = "SELECT order_id FROM " . db('shop_order_items') . " WHERE product_id = " . $id;
$orders = db()->query($sql_order_id);
while ($A = db()->fetch_assoc($orders)) {
$order_id .= $A["order_id"] . ",";
}
$order_id = rtrim($order_id, ",");
if (!empty($order_id)) {
$sql_product_id = "SELECT product_id FROM " . db('shop_order_items') . " WHERE order_id IN ( " . $order_id . ") AND product_id != " . $id;
$products = db()->query($sql_product_id);
while ($A = db()->fetch_assoc($products)) {
$product_id .= $A["product_id"] . ",";
}
$product_id = rtrim($product_id, ",");
}
if (!empty($product_id)) {
$sql = "SELECT * FROM " . db('shop_products') . " WHERE id in ( " . $product_id . ")";
$product = db()->query_fetch_all($sql);
foreach ((array) $product as $k => $product_info) {
$thumb_path = $product_info["url"] . "_" . $product_info["id"] . "_1" . module("shop")->THUMB_SUFFIX . ".jpg";
$URL_PRODUCT_ID = module("shop")->_product_id_url($product_info);
$items[$product_info["id"]] = ["name" => _prepare_html($product_info["name"]), "price" => module("shop")->_format_price(module("shop")->_product_get_price($product_info)), "currency" => _prepare_html(module("shop")->CURRENCY), "image" => file_exists(module("shop")->products_img_dir . $thumb_path) ? module("shop")->products_img_webdir . $thumb_path : "", "link" => $product_info["external_url"] ? $product_info["external_url"] : process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "special" => ""];
}
}
$replace = ["items" => $items, "title" => "Those who purchased this product also buy"];
return tpl()->parse("shop/products_similar_by_price", $replace);
}
function _nav_item($name = '', $nav_link = '', $nav_icon = '')
{
if ($this->AUTO_TRANSLATE) {
$name = t($name);
}
$replace = ['name' => _prepare_html($name), 'link' => $nav_link, 'icon' => $nav_icon, 'as_link' => !empty($nav_link) ? 1 : 0, 'is_logged_in' => intval((bool) $_SESSION['user_id'])];
return tpl()->parse('site_nav_bar/item', $replace);
}
/**
* Order step
*/
function _order_step_finish($FORCE_DISPLAY_FORM = false)
{
module('shop')->_basket_api()->clean();
if (isset($_GET["page"])) {
$_GET["id"] = intval($_GET["page"]);
unset($_GET["page"]);
}
$_GET["id"] = intval($_GET["id"]);
if ($_GET["id"]) {
$order_info = db()->query_fetch("SELECT * FROM " . db('shop_orders') . " WHERE id=" . intval($_GET["id"]) . " AND user_id=" . intval(main()->USER_ID));
}
if (empty($order_info)) {
return _e("No such order");
}
$products_ids = [];
$Q = db()->query("SELECT * FROM " . db('shop_order_items') . " WHERE `order_id`=" . intval($order_info["id"]));
while ($_info = db()->fetch_assoc($Q)) {
if ($_info["product_id"]) {
$products_ids[$_info["product_id"]] = $_info["product_id"];
}
$order_items[$_info["product_id"]] = $_info;
}
if (!empty($products_ids)) {
$products_infos = db()->query_fetch_all("SELECT * FROM " . db('shop_products') . " WHERE id IN(" . implode(",", $products_ids) . ") AND active='1'");
$products_atts = module('shop')->_products_get_attributes($products_ids);
}
foreach ((array) $order_items as $_info) {
$_product_id = $_info["product_id"];
$_product = $products_infos[$_product_id];
$price = $_info["sum"];
$dynamic_atts = [];
if (strlen($_info["attributes"]) > 3) {
foreach ((array) unserialize($_info["attributes"]) as $_attr_id) {
$_attr_info = $products_atts[$_info["product_id"]][$_attr_id];
$dynamic_atts[$_attr_id] = "- " . $_attr_info["name"] . " " . $_attr_info["value"];
$price += $_attr_info["price"];
}
}
$URL_PRODUCT_ID = module('shop')->_product_id_url($_product);
$products[$_info["product_id"]] = ["name" => _prepare_html($_product["name"]), "price" => module('shop')->_format_price($price), "sum" => module('shop')->_format_price($_info["sum"]), "currency" => _prepare_html(module('shop')->CURRENCY), "quantity" => intval($_info["quantity"]), "details_link" => process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "dynamic_atts" => !empty($dynamic_atts) ? implode("\n<br />", $dynamic_atts) : "", "cat_name" => _prepare_html(module('shop')->_shop_cats[$_product["cat_id"]]), "cat_url" => process_url("./?object=shop&action=products_show&id=" . module('shop')->_shop_cats_all[$_product["cat_id"]]['url'])];
$total_price += $price * $quantity;
}
$total_price = $order_info["total_sum"];
if (main()->USER_ID) {
$order_info = my_array_merge(module('shop')->_user_info, $order_info);
} else {
$order_info["email"] = $order_info["email"];
$order_info["phone"] = $order_info["phone"];
}
$order_info = my_array_merge(module('shop')->COMPANY_INFO, $order_info);
$replace2 = my_array_merge($order_info, ["id" => $_GET["id"], "products" => $products, "ship_cost" => module('shop')->_format_price(0), "total_cost" => module('shop')->_format_price($total_price), "password" => ""]);
// Prepare email template
$message = tpl()->parse("shop/invoice_email", $replace2);
common()->quick_send_mail($order_info["email"], "invoice #" . $_GET["id"], $message);
$replace = my_array_merge($replace2, ["error_message" => _e(), "products" => $products, "ship_price" => module('shop')->_format_price(module('shop')->_ship_types_names[$order_info["ship_type"]]), "total_price" => module('shop')->_format_price($total_price), "order_no" => str_pad($order_info["id"], 8, "0", STR_PAD_LEFT), "hash" => _prepare_html($order_info["hash"]), "back_link" => "./?object=shop&action=show", "cats_block" => module('shop')->_categories_show()]);
return tpl()->parse("shop/order_finish", $replace);
}
function _show_header()
{
$pheader = t("Shop");
$subheader = _ucwords(str_replace("_", " ", $_GET["action"]));
$cases = ["show" => "Products", "add" => "Add product"];
if (isset($cases[$_GET["action"]])) {
$subheader = $cases[$_GET["action"]];
}
return ["header" => $pheader, "subheader" => $subheader ? _prepare_html($subheader) : ""];
}
function _nav_item($name = '', $nav_link = '', $nav_icon = '')
{
if ($this->AUTO_TRANSLATE) {
$name = t($name);
}
$replace = ['name' => _prepare_html($name), 'link' => $nav_link, 'icon' => $nav_icon, 'as_link' => !empty($nav_link) ? 1 : 0, 'is_logged_in' => intval((bool) (isset($_SESSION['user_id']) ? $_SESSION['user_id'] : 0))];
if ($this->_nav_item_as_array) {
return $replace;
}
return tpl()->parse(__CLASS__ . '/item', $replace);
}
function show()
{
$docs = _class('docs');
$dir = $docs->demo_dir;
$dir_len = strlen($dir);
$ext = '.php';
$ext_len = strlen($ext);
$names = $this->_get_demos($dir);
ksort($names);
$name = preg_replace('~[^a-z0-9/_-]+~ims', '', $_GET['id']);
if (strlen($name)) {
$f = $dir . $name . '.php';
if (!file_exists($f)) {
return _404('Not found');
}
$body = (include $f);
if (is_callable($body)) {
$self_source = _class('core_api')->get_function_source($body);
$body = $body();
} else {
$self_source = ['name' => $name, 'file' => $f, 'line_start' => 1, 'source' => $body];
}
$prev = '';
$next = '';
$i = 0;
foreach ((array) $names as $_name) {
if ($name !== $_name) {
$prev = $_name;
} elseif ($name === $_name) {
$next = current(array_slice($names, $i + 1, 1));
break;
}
$i++;
}
$name_html = preg_replace('~[^0-9a-z_-]~ims', '', $name);
$header = '<div id="head_' . $name_html . '" class="panel">
<div class="panel-heading">
<h1 class="panel-title">
<a href="' . url('/@object/@action/' . urlencode($name)) . '">' . $name . '</a>
<div class="pull-right">' . _class('core_api')->_github_link_btn($self_source) . '<button class="btn btn-primary btn-xs" data-toggle="collapse" data-target="#func_self_source_' . $name_html . '"><i class="fa fa-file-text-o"></i> source</button> ' . ($prev ? '<a href="' . url('/@object/@action/' . urlencode($prev)) . '" class="btn btn-primary btn-xs"><</a> ' : '') . ($next ? '<a href="' . url('/@object/@action/' . urlencode($next)) . '" class="btn btn-primary btn-xs">></a> ' : '') . '</div>
</h1>
</div>
<div id="func_self_source_' . $name_html . '" class="panel-body collapse out"><pre class="prettyprint lang-php"><code>' . _prepare_html($self_source['source']) . '</code></pre></div> ' . ($target_source['source'] ? '<div id="func_target_source_' . $name_html . '" class="panel-body collapse out"><pre class="prettyprint lang-php"><code>' . _prepare_html($target_source['source']) . '</code></pre></div> ' : '') . '</div>';
return implode(PHP_EOL, [$header, '<section class="page-contents">' . tpl()->parse_string($body, $replace, 'demo_' . $name) . '</section>']);
}
$url = rtrim(url('/@object/@action/')) . '/';
$data = [];
foreach ((array) $names as $name) {
$data[$name] = ['name' => $name, 'link' => $url . urlencode($name)];
}
ksort($data);
return html()->li($data);
}
function _products_last_viewed()
{
$sql_prod_id = "SELECT * FROM " . db('shop_products') . " ORDER BY last_viewed_date DESC LIMIT 5";
$item_prod_id = db()->query_fetch_all($sql_prod_id);
$items = [];
foreach ((array) $item_prod_id as $k => $product_info) {
$thumb_path = $product_info["url"] . "_" . $product_info["id"] . "_1" . module("shop")->THUMB_SUFFIX . ".jpg";
$URL_PRODUCT_ID = module("shop")->_product_id_url($product_info);
$items[$product_info["id"]] = ["name" => _prepare_html($product_info["name"]), "price" => module("shop")->_format_price(module("shop")->_product_get_price($product_info)), "currency" => _prepare_html(module("shop")->CURRENCY), "image" => file_exists(module("shop")->products_img_dir . $thumb_path) ? module("shop")->products_img_webdir . $thumb_path : "", "link" => $product_info["external_url"] ? $product_info["external_url"] : process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "special" => ""];
}
return tpl()->parse("shop/last_viewed", ["items" => $items]);
}
function _categories_show()
{
$shop_cats = [];
foreach ((array) module("shop")->_shop_cats_for_select as $_cat_id => $_cat_name) {
if (!$_cat_name) {
continue;
}
$shop_cats[_prepare_html($_cat_name)] = process_url("./?object=shop&action=show&id=" . module("shop")->_shop_cats_all[$_cat_id]['url']);
}
if (empty($shop_cats)) {
$shop_cats = "";
}
return tpl()->parse("shop/cats_block", ["shop_cats" => $shop_cats]);
}
/**
*/
function show()
{
$r = [];
foreach ((array) conf() as $k => $v) {
if (is_array($v)) {
foreach ((array) $v as $k2 => $v2) {
$r[$k . '__' . $k2] = $v2;
}
} else {
$r[$k] = $v;
}
}
return '<pre>' . _prepare_html(print_r($r, 1)) . '</pre>';
}
/**
*/
function listing()
{
if ($_GET['ad']) {
$sql = 'SELECT * FROM ' . db('advertising') . ' WHERE ad="' . _es($_GET['ad']) . '"';
} else {
$sql = 'SELECT * FROM ' . db('advertising');
}
return table2($sql)->text('id')->text('ad')->func('html', function ($field, $params) {
return _prepare_html($field);
}, ['desc' => 'Content'])->date('date_end')->text('customer')->func('edit_user_id', function ($field, $params) {
$author = db()->query_fetch('SELECT first_name, last_name FROM ' . db('sys_admin') . ' WHERE id =' . $field);
return $author['first_name'] . ' ' . $author['last_name'];
}, ['desc' => 'Editor'])->btn_active()->btn_edit()->btn_delete()->footer_link('Exit visual debug mode', './?object=manage_advertising&action=exit_advertising')->footer_link('Add new', './?object=' . $_GET['object'] . '&action=edit')->footer_link('Show all', './?object=' . $_GET['object'] . '&action=listing');
}
function _show_shop_best_sales()
{
$sql_prod_id = "SELECT product_id, COUNT(quantity) FROM " . db('shop_order_items') . " GROUP BY product_id ORDER BY COUNT(quantity) DESC LIMIT 0,5";
$item_prod_id = db()->query_fetch_all($sql_prod_id);
$items = [];
foreach ((array) $item_prod_id as $k => $v) {
$sql = "SELECT * FROM " . db('shop_products') . " WHERE active='1' AND id = " . $v["product_id"];
$product_info = db()->query_fetch($sql);
$thumb_path = $product_info["url"] . "_" . $product_info["id"] . "_1" . module("shop")->THUMB_SUFFIX . ".jpg";
$URL_PRODUCT_ID = module("shop")->_product_id_url($product_info);
$items[$product_info["id"]] = ["name" => _prepare_html($product_info["name"]), "price" => module("shop")->_format_price(module("shop")->_product_get_price($product_info)), "currency" => _prepare_html(module("shop")->CURRENCY), "image" => file_exists(module("shop")->products_img_dir . $thumb_path) ? module("shop")->products_img_webdir . $thumb_path : "", "link" => $product_info["external_url"] ? $product_info["external_url"] : process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "special" => ""];
}
return tpl()->parse("shop/best_sales", ["items" => $items]);
}
function _hidden_field($name = "", $value = "")
{
if (is_array($name)) {
$result = "";
$func_name = __FUNCTION__;
foreach ((array) $name as $k => $v) {
$result .= module("shop")->{$func_name}($k, $v);
}
return $result;
}
if (empty($name)) {
return "";
}
return "<input type=\"hidden\" name=\"" . _prepare_html($name) . "\" value=\"" . _prepare_html($value) . "\" />\n";
}
/**
* Edit user var
*/
function user_var_edit()
{
$_GET['id'] = intval($_GET['id']);
$A = db()->query_fetch('SELECT * FROM ' . db('locale_user_tr') . ' WHERE id=' . intval($_GET['id']));
if (!$A) {
return _e('No id');
}
if (main()->is_post()) {
db()->UPDATE('locale_user_tr', ['name' => _es($_POST['name']), 'translation' => _es($_POST['translation']), 'last_update' => time()], 'id=' . intval($_GET['id']));
return js_redirect('./?object=' . $_GET['object'] . '&action=user_vars');
}
$DATA = my_array_merge($A, $_POST);
$replace = ['form_action' => './?object=' . $_GET['object'] . '&action=' . $_GET['action'] . ($_GET['id'] ? '&id=' . $_GET['id'] : ''), 'back_url' => process_url('./?object=' . $_GET['object'] . '&action=user_vars'), 'error' => _e(), 'for_edit' => 1, 'id' => _prepare_html($DATA['id']), 'user_id' => _prepare_html($DATA['user_id']), 'name' => _prepare_html($DATA['name']), 'translation' => _prepare_html($DATA['translation']), 'locale' => _prepare_html($DATA['locale']), 'site_id' => _prepare_html($DATA['site_id'])];
return tpl()->parse($_GET['object'] . '/user_vars_edit', $replace);
}
/**
*/
function show_old()
{
// Path to project.conf.php
$proj_conf_path = INCLUDE_PATH . "project_conf.php";
if ($this->SHOW_CUR_SETTINGS && $_SESSION["admin_group"] == 1) {
// Current settings
$replace2 = ["rewrite_mode" => (int) conf("rewrite_mode"), "output_caching" => (int) conf("output_caching"), "language" => _prepare_html(strtoupper(conf("language"))), "charset" => _prepare_html(strtoupper(conf("charset"))), "admin_email" => _prepare_html(conf("admin_email")), "mail_debug" => (int) conf("mail_debug"), "site_enabled" => (int) conf("site_enabled"), "settings_link" => $this->_url_allowed("./?object=settings")];
$cur_settings = tpl()->parse($_GET["object"] . "/cur_settings", $replace2);
} else {
$this->DISPLAY_STATS = false;
}
if ($this->SHOW_GENERAL_INFO && $_SESSION["admin_group"] == 1) {
$replace3 = ["php_ver" => phpversion(), "mysql_serv_ver" => db()->get_server_version(), "mysql_host_info" => db()->get_host_info(), "db_name" => DB_NAME, "db_size" => $admin_statistics_array["db_size"], "project_dir_size" => $admin_statistics_array["project_dir_size"]];
$general_info = tpl()->parse($_GET["object"] . "/general_info", $replace3);
}
if ($this->DISPLAY_STATS) {
$admin_statistics_array = cache_get($this->CACHE_NAME, $this->ADMIN_HOME_CACHE_TIME);
}
if ($this->DISPLAY_STATS && empty($admin_statistics_array)) {
// General info
$db_size = 0;
$Q = db()->query("SHOW TABLE STATUS FROM " . DB_NAME . "");
while ($A = db()->fetch_assoc($Q)) {
$db_size += $A["Data_length"];
}
$admin_statistics_array["db_size"] = common()->format_file_size($db_size);
$admin_statistics_array["project_dir_size"] = common()->format_file_size(_class("dir")->dirsize(INCLUDE_PATH));
// Statistics
$A = db()->query_fetch_all("SELECT * FROM " . db('user_groups') . " WHERE active='1'");
$sql_parts[] = "SELECT 'total_users' AS '0', COUNT(id) AS '1' FROM " . db('user') . " WHERE active='1'";
foreach ((array) $A as $V1) {
$sql_parts[] = "SELECT 'total_" . strtolower($V1["name"]) . "' AS '0', COUNT(id) AS '1' FROM " . db('user') . " WHERE `group`='" . $V1["id"] . "' AND active='1'";
}
$sql_parts2 = ["SELECT 'forum_topics' AS '0', COUNT(id) AS '1' FROM " . db('forum_topics') . " WHERE 1=1", "SELECT 'forum_posts' AS '0', COUNT(id) AS '1' FROM " . db('forum_posts') . " WHERE 1=1", "SELECT 'gallery_photos' AS '0', COUNT(id) AS '1' FROM " . db('gallery_photos') . " WHERE 1=1", "SELECT 'blog_posts' AS '0', COUNT(id) AS '1' FROM " . db('blog_posts') . " WHERE 1=1", "SELECT 'articles' AS '0', COUNT(id) AS '1' FROM " . db('articles_texts') . " WHERE 1=1"];
$sql_parts = array_merge($sql_parts, $sql_parts2);
$sql = "(\r\n" . implode("\r\n) UNION ALL (\r\n", $sql_parts) . "\r\n)";
$B = db()->query_fetch_all($sql);
foreach ((array) $B as $V) {
$admin_statistics_array[$V[0]] = $V[1];
}
cache_put($this->CACHE_NAME, $admin_statistics_array);
}
if ($this->DISPLAY_STATS) {
$statistics = tpl()->parse($_GET["object"] . "/statistics", $admin_statistics_array);
}
$replace = ["proj_conf_link" => file_exists($proj_conf_path) ? "./?object=file_manager&action=edit_item&f_=" . basename($proj_conf_path) . "&dir_name=" . urlencode(dirname($proj_conf_path)) : "", "current_date" => _format_date(time(), "long"), "my_id" => $_SESSION["admin_id"], "cur_settings" => $cur_settings, "general_info" => $general_info, "statistics" => $statistics, "cache_time" => ceil($this->ADMIN_HOME_CACHE_TIME / 60), "custom_content" => $this->_custom_content(), "custom_content" => $this->_custom_content(), "suggests" => $this->_show_suggesting_messages()];
return tpl()->parse($_GET["object"] . "/main", $replace);
}
/**
* Change current user language
*/
function change_lang()
{
if (!$this->_parent->ALLOW_LANG_CHANGE) {
return _e('Changing language not allowed!');
}
$new_lang = _prepare_html($_REQUEST['lang_id']);
if (!empty($new_lang) && conf('languages::' . $new_lang . '::active')) {
$_SESSION['user_lang'] = $new_lang;
$old_location = './?object=account';
if (!empty($_POST['back_url'])) {
$old_location = str_replace(WEB_PATH, './', $_POST['back_url']);
}
return js_redirect($old_location);
}
return js_redirect($_SERVER['HTTP_REFERER']);
}
/**
* view orders
*/
function _order_view()
{
if ($_POST["order_id"]) {
$_GET["id"] = intval($_POST["order_id"]);
} else {
$_GET["id"] = intval($_GET["id"]);
}
if ($_GET["id"]) {
$order_info = db()->query_fetch("SELECT * FROM " . db('shop_orders') . " WHERE id=" . intval($_GET["id"]));
}
if (empty($order_info)) {
return _e("No such order");
}
if (!empty($_POST["status"])) {
db()->UPDATE(db('shop_orders'), ["status" => _es($_POST["status"])], "id=" . intval($_GET["id"]));
return js_redirect("./?object=shop&action=orders");
}
$products_ids = [];
$Q = db()->query("SELECT * FROM " . db('shop_order_items') . " WHERE `order_id`=" . intval($order_info["id"]));
while ($_info = db()->fetch_assoc($Q)) {
if ($_info["product_id"]) {
$products_ids[$_info["product_id"]] = $_info["product_id"];
}
$order_items[$_info["product_id"]] = $_info;
}
if (!empty($products_ids)) {
$products_infos = db()->query_fetch_all("SELECT * FROM " . db('shop_products') . " WHERE id IN(" . implode(",", $products_ids) . ") AND active='1'");
$products_atts = module('shop')->_products_get_attributes($products_ids);
}
foreach ((array) $order_items as $_info) {
$_product = $products_infos[$_info["product_id"]];
$dynamic_atts = [];
if (strlen($_info["attributes"]) > 3) {
foreach ((array) unserialize($_info["attributes"]) as $_attr_id) {
$_attr_info = $products_atts[$_info["product_id"]][$_attr_id];
$dynamic_atts[$_attr_id] = "- " . $_attr_info["name"] . " " . $_attr_info["value"];
$price += $_attr_info["price"];
}
}
$products[$_info["product_id"]] = ["name" => _prepare_html($_product["name"]), "price" => module('shop')->_format_price($_info["sum"]), "currency" => _prepare_html(module('shop')->CURRENCY), "quantity" => intval($_info["quantity"]), "details_link" => process_url("./?object=shop&action=view&id=" . $_product["id"]), "dynamic_atts" => !empty($dynamic_atts) ? implode("\n<br />", $dynamic_atts) : ""];
$total_price += $_info["price"] * $quantity;
}
$total_price = $order_info["total_sum"];
$replace = my_array_merge($replace, _prepare_html($order_info));
$replace = my_array_merge($replace, ["form_action" => "./?object=shop&action=" . $_GET["action"] . "&id=" . $_GET["id"], "order_id" => $order_info["id"], "total_sum" => module('shop')->_format_price($order_info["total_sum"]), "user_link" => _profile_link($order_info["user_id"]), "user_name" => _display_name(user($order_info["user_id"])), "error_message" => _e(), "products" => (array) $products, "total_price" => module('shop')->_format_price($total_price), "ship_type" => module('shop')->_ship_type[$order_info["ship_type"]], "pay_type" => module('shop')->_pay_types[$order_info["pay_type"]], "date" => _format_date($order_info["date"], "long"), "status_box" => module('shop')->_statuses[$order_info["status"]], "back_url" => "./?object=shop&action=orders"]);
return tpl()->parse("shop/order_view", $replace);
}
/**
* Display basket contents (save changes also here)
*/
function basket($params = [])
{
$STPL_NAME = $params["STPL"] ? $params["STPL"] : "shop/basket";
$basket_contents = module('shop')->_basket_api()->get_all();
// Save basket contents
if (!empty($_POST["quantity"]) && !module('shop')->_basket_is_processed) {
module('shop')->_basket_save();
return js_redirect("./?object=shop&action=" . $_GET["action"]);
}
// Get products from db
$products_ids = [];
foreach ((array) $basket_contents as $_item_id => $_info) {
if ($_info["product_id"]) {
$products_ids[$_info["product_id"]] = $_info["product_id"];
}
}
if (!empty($products_ids)) {
$products_infos = db()->query_fetch_all("SELECT * FROM " . db('shop_products') . " WHERE active='1' AND id IN(" . implode(",", $products_ids) . ")");
$products_atts = module('shop')->_products_get_attributes($products_ids);
$group_prices = module('shop')->_get_group_prices($products_ids);
}
$total_price = 0;
foreach ((array) $products_infos as $_info) {
$_product_id = $_info["id"];
$_info["_group_price"] = $group_prices[$_product_id][module('shop')->USER_GROUP];
$quantity = $basket_contents[$_info["id"]]["quantity"];
$price = module('shop')->_product_get_price($_info);
$dynamic_atts = [];
foreach ((array) $products_atts[$_product_id] as $_attr_id => $_attr_info) {
if ($basket_contents[$_product_id]["atts"][$_attr_info["name"]] == $_attr_info["value"]) {
$dynamic_atts[$_attr_id] = "- " . $_attr_info["name"] . " " . $_attr_info["value"];
$price += $_attr_info["price"];
}
}
$URL_PRODUCT_ID = module('shop')->_product_id_url($_info);
$products[$_info["id"]] = ["name" => _prepare_html($_info["name"]), "price" => module('shop')->_format_price($price), "currency" => _prepare_html(module('shop')->CURRENCY), "quantity" => intval($quantity), "delete_link" => "./?object=shop&action=basket_clean&id=" . $URL_PRODUCT_ID, "details_link" => process_url("./?object=shop&action=product_details&id=" . $URL_PRODUCT_ID), "dynamic_atts" => !empty($dynamic_atts) ? implode("\n<br />", $dynamic_atts) : "", "cat_name" => _prepare_html(module('shop')->_shop_cats[$_info["cat_id"]]), "cat_url" => process_url("./?object=shop&action=products_show&id=" . module('shop')->_shop_cats_all[$_info["cat_id"]]['url'])];
$total_price += $price * $quantity;
}
return tpl()->parse($STPL_NAME, ["form_action" => "./?object=shop&action=" . $_GET["action"], "products" => $products, "total_price" => module('shop')->_format_price($total_price), "currency" => _prepare_html(module('shop')->CURRENCY), "clean_all_link" => "./?object=shop&action=basket_clean", "order_link" => "./?object=shop&action=order", "back_link" => js_redirect($_SERVER["HTTP_REFERER"], false), "cats_block" => module('shop')->_categories_show()]);
}
/**
* Email given text to a friend
*/
function go($text = "")
{
$cur_page_md5 = md5($_GET["object"] . "%%" . $_GET["action"] . "%%" . $_GET["id"]);
// Verify and send email
if (!empty($_POST["go"])) {
// Check if email is already registered for someone
if (!common()->email_verify($_POST["email"])) {
_re("Invalid e-mail, please check your spelling!");
}
if (empty($_POST["name"])) {
_re("Friend name required!");
}
if (empty($_POST["message"])) {
_re("Message text required!");
}
// Check for flood
if (!empty($_SESSION[$this->SESSION_TTL_NAME][$cur_page_md5]) && $_SESSION[$this->SESSION_TTL_NAME][$cur_page_md5] > time() - $this->TTL) {
_re("You are not allowed to send current page more than once in future " . ($_SESSION[$this->SESSION_TTL_NAME][$cur_page_md5] + $this->TTL - time()) . " seconds!");
}
// Try to send email
if (!common()->_error_exists()) {
$subject = "Your friend " . $_POST["name"] . " sent to you from " . SITE_NAME;
$text_to_send = (!empty($_POST["comment"]) ? $_POST["comment"] . "<br />\r\n<br />\r\n" : "") . $_POST["message"];
$send_result = common()->quick_send_mail($_POST["email"], $subject, $text_to_send);
// Anti-flooder
$_SESSION[$this->SESSION_TTL_NAME][$cur_page_md5] = time();
$replace2 = ["result" => intval((bool) $send_result)];
return tpl()->parse("system/common/email_page_result", $replace2);
}
}
// Show form
if (empty($_POST["go"]) || common()->_error_exists()) {
$replace = ["error_message" => _e(), "form_action" => "./?object=" . $_GET["object"] . "&action=" . $_GET["action"] . "&id=" . $_GET["id"], "name" => _prepare_html(isset($_POST["name"]) ? $_POST["name"] : (!empty($this->_user_info["display_name"]) ? $this->_user_info["display_name"] : $this->_user_info["name"])), "email" => _prepare_html(isset($_POST["email"]) ? $_POST["email"] : $this->_user_info["email"]), "message" => _prepare_html(isset($_POST["message"]) ? $_POST["message"] : $text), "comment" => _prepare_html($_POST["comment"]), "page_preview" => isset($_POST["message"]) ? $_POST["message"] : $text];
return tpl()->parse("system/common/email_page_form", $replace);
}
}
/**
*/
function _data($id)
{
if (strpos($id, ':')) {
$id = array_map([$this, 'id'], explode(':', $id));
return ['type' => 'multiple', 'content' => 'Multiple selected: ' . implode(' ', $id)];
}
$dir = $this->_path($id);
if (is_dir($dir)) {
$form = form(true, ['action' => url('/@object/upload_file/' . urlencode($id)), 'autocomplete' => 'off', 'enctype' => 'multipart/form-data', 'class' => 'form-condensed form-no-labels ck_upload_form', 'target' => 'file_upload_process_container', 'no_label' => 1])->file('file', t('upload image'), ['accept' => 'image/*', 'style' => 'width:auto; background: inherit', 'class_add' => 'btn btn-primary'])->save(['value' => t('Upload'), 'class' => 'btn btn-primary']);
$images = [];
$files = [];
foreach (glob(rtrim($dir) . '/*') as $f) {
if (!is_file($f)) {
continue;
}
$ext = strtolower(pathinfo($f, PATHINFO_EXTENSION));
if (!in_array($ext, $this->ALLOWED_EXTS)) {
continue;
}
if (($fsize = filesize($f)) <= $this->MIN_FILE_SIZE) {
continue;
}
$sizes[$f] = $fsize;
$files[$f] = filemtime($f);
}
// Sort files by date DESC
arsort($files);
foreach ((array) $files as $f => $mtime) {
$ext = strtolower(pathinfo($f, PATHINFO_EXTENSION));
list($w, $h) = getimagesize($f);
$fsize = $sizes[$f];
$fsize = round($fsize / 1024, 0, 2) . 'Kb';
$uploads_path = str_replace('/', '|', ltrim(str_replace(PROJECT_PATH . ltrim($this->TOP_DIR, '/'), '', $f), '/'));
$images[] = '' . '<div class="ck_select_image">' . '<a href="#" class="img-select" title="' . _prepare_html(basename($f)) . '">' . '<img src="' . str_replace(PROJECT_PATH, MEDIA_PATH, $f) . '?m=' . intval($mtime) . '" data-uploads-path="' . _prepare_html($uploads_path) . '" />' . '</a>' . '<div class="img-details">' . $fsize . ' ' . $w . 'x' . $h . ' ' . strtoupper($ext) . '<br />' . date('Y-m-d H:i:s', $mtime) . '</div>' . '<div class="img-actions">' . ($this->ENABLED_IMG_DELETE ? a('#', 'Delete', 'fa fa-trash', '', 'btn-danger btn-delete') : '') . ($this->ENABLED_IMG_EDIT ? a('#', 'Edit', 'fa fa-edit', '', 'btn-warning btn-edit') : '') . '</div>' . '</div>';
}
return ['type' => 'folder', 'content' => '' . '<div>' . t('Current folder:') . ' ' . '<b>' . $this->TOP_DIR . $id . '</b><br />' . $form . '<br />' . implode(PHP_EOL, $images) . '</div>'];
} elseif (is_file($dir)) {
$ext = strtolower(pathinfo($dir, PATHINFO_EXTENSION));
$dat = ['type' => $ext, 'content' => ''];
switch ($ext) {
case 'jpg':
case 'jpeg':
case 'gif':
case 'png':
case 'bmp':
$dat['content'] = MEDIA_PATH . $this->TOP_DIR . $id;
$dat['info'] = round(filesize(PROJECT_PATH . $this->TOP_DIR . $id) / 1024, 0, 2) . 'Kb';
break;
default:
$dat['content'] = t('File is not an image: ' . $this->_id($dir));
break;
}
return $dat;
}
throw new Exception('Not a valid selection: ' . $dir);
}
/**
*/
function edit_item()
{
// TODO: save file revision to db on each save
if (!empty($_GET['id'])) {
$file_name = urldecode($_GET['id']);
$file_path = $file_name;
$dir_name = dirname($file_path);
} else {
foreach ((array) $_REQUEST as $k => $v) {
$tmp = substr($k, 0, 2);
if ($tmp == 'd_' || $tmp == 'f_') {
$name = $v;
break;
}
}
$dir_name = urldecode($_REQUEST['dir_name']);
$file_name = str_replace("\\", '/', $dir_name . '/' . $name);
$file_path = $file_name;
}
if (main()->is_post()) {
$file_name = urldecode($_GET['file_name']);
file_put_contents($file_name, $_POST['file_text_hidden']);
return js_redirect('/@object/show/' . urlencode($_GET['dir_name']));
}
$_tmp_array = [];
$tmp_path = '/';
foreach ((array) explode('/', dirname($file_name)) as $_folder) {
if ($_folder) {
$tmp_path .= $_folder . '/';
$_tmp_array[] = a('/@object/show/' . urlencode($tmp_path), $_folder);
}
}
if ($_tmp_array) {
$file_name = '/' . implode('/', $_tmp_array) . '/' . _prepare_html(basename($file_name), 0);
}
$file_text = _prepare_html(file_get_contents($file_path), 0);
$replace = ['form_action' => url('/@object/@action/' . urlencode($file_path)), 'back_link' => url('/@object/show/' . urlencode($_REQUEST['dir_name']))];
$div_id = 'editor_html';
$hidden_id = 'file_text_hidden';
$ace_mode = common()->get_file_ext($file_path);
$ace_mode == 'stpl' && ($ace_mode = 'html');
jquery('
var h = $(window).height() - $(".navbar").height() - $("h4").height() * 2 - $("[type=submit]").height() * 5
$("#' . $div_id . '").height(h);
');
return '<h4>Edit: ' . $file_name . '</h4>' . form($replace, ['data-onsubmit' => '$(this).find("#' . $hidden_id . '").val( $("#' . $div_id . '").data("ace_editor").session.getValue() );'])->container('<div id="' . $div_id . '" style="width: 100%; min-height: 500px;">' . $file_text . '</div>', '', ['id' => $div_id, 'wide' => 1, 'ace_editor' => ['mode' => $ace_mode, 'hScrollBarAlwaysVisible' => false, 'vScrollBarAlwaysVisible' => false]])->hidden($hidden_id)->save_and_back();
}
/**
* Edit file contents
*/
function edit_file()
{
$filename = $this->_prepare_path($this->_urldecode($this->GET_PATH));
if ($_POST["file_content"]) {
// Save file
$this->SSH_OBJ->write_string($this->_server_info, $_POST["file_content"], $filename);
return js_redirect("./?object=" . $_GET["object"] . "&action=show&id=" . ($this->SERVER_ID ? $this->SERVER_ID . "&page=" : "") . $this->_urlencode(dirname($filename)));
}
$file_content = $this->SSH_OBJ->read_file($this->_server_info, $filename);
$replace = ["filename" => $filename, "file_content" => _prepare_html($file_content, 0), "back_url" => "./?object=" . $_GET["object"] . "&action=show&id=" . ($this->SERVER_ID ? $this->SERVER_ID . "&page=" : "") . $this->_urlencode(dirname($filename)), "form_action" => "./?object=" . $_GET["object"] . "&action=edit_file&id=" . ($this->SERVER_ID ? $this->SERVER_ID . "&page=" : "") . $this->_urlencode($filename)];
return tpl()->parse($_GET["object"] . "/edit_form", $replace);
}
/**
*/
function view_order()
{
$_GET['id'] = intval($_GET['id']);
if ($_GET['id']) {
if ($this->SUPPLIER_ID) {
$sql = 'SELECT o.* FROM ' . db('shop_orders') . ' AS o
INNER JOIN ' . db('shop_order_items') . ' AS i ON i.order_id = o.id
INNER JOIN ' . db('shop_products') . ' AS p ON i.product_id = p.id
INNER JOIN ' . db('shop_admin_to_supplier') . ' AS m ON m.supplier_id = p.supplier_id
WHERE
o.id=' . intval($_GET['id']) . '
AND m.admin_id=' . intval(main()->ADMIN_ID) . '
GROUP BY o.id';
} else {
$sql = 'SELECT * FROM ' . db('shop_orders') . ' WHERE id=' . intval($_GET['id']);
}
$order_info = db()->query_fetch($sql);
}
if (empty($order_info)) {
return _e('No such order');
}
$recount_price = false;
$_class_price = _class('_shop_price', 'modules/shop/');
$_class_units = _class('_shop_product_units', 'modules/shop/');
$_class_basket = _class('shop_basket', 'modules/shop/');
if (main()->is_post()) {
module('manage_shop')->_product_check_first_revision('order', intval($_GET['id']));
$order_id = (int) $_GET['id'];
foreach ($_POST as $k => $v) {
if ($k == 'status_item') {
foreach ($v as $k1 => $status) {
list($product_id, $param_id) = explode('_', $k1);
db()->UPDATE(db('shop_order_items'), ['status' => $status], ' order_id=' . $_GET['id'] . ' AND product_id=' . intval($product_id) . ' AND param_id=' . intval($param_id));
}
} elseif ($k == 'delete') {
foreach ($v as $k1 => $is_del) {
list($product_id, $param_id) = explode('_', $k1);
if ($is_del == 1) {
db()->query('DELETE FROM ' . db('shop_order_items') . ' WHERE order_id=' . $_GET['id'] . ' AND product_id=' . intval($product_id) . ' AND param_id=' . intval($param_id));
}
}
$recount_price = true;
} elseif ($k == 'qty') {
foreach ($v as $k1 => $qty) {
list($product_id, $param_id) = explode('_', $k1);
if (intval($qty) == 0) {
db()->query('DELETE FROM ' . db('shop_order_items') . ' WHERE order_id=' . $_GET['id'] . ' AND product_id=' . intval($product_id) . ' AND param_id=' . intval($param_id));
} else {
db()->UPDATE(db('shop_order_items'), ['quantity' => intval($qty)], ' order_id=' . $_GET['id'] . ' AND product_id=' . intval($product_id) . ' AND param_id=' . intval($param_id));
}
$recount_price = true;
}
} elseif ($k == 'unit') {
foreach ($v as $k1 => $unit) {
$unit = (int) $unit;
list($product_id, $param_id) = explode('_', $k1);
$product_id = (int) $product_id;
$param_id = (int) $param_id;
if ($unit > 0) {
$units = $_class_units->get_by_product_ids($product_id);
if (isset($units[$product_id][$unit])) {
db()->UPDATE(db('shop_order_items'), ['unit' => $unit], ' order_id=' . $order_id . ' AND product_id=' . $product_id . ' AND param_id=' . $param_id);
$products = db_get_all('SELECT * FROM ' . db('shop_products') . ' WHERE id = ' . $product_id);
$product = $products[$product_id];
list($price) = $_class_price->markup_down($product['price'], $product_id);
$item = ['price' => $price, 'unit' => $unit, 'units' => $units[$product_id]];
$price_one = $_class_basket->_get_price_one($item);
$item = ['order_id' => $order_id, 'product_id' => $product_id, 'param_id' => $param_id];
$item_price = $item + ['price' => $price_one];
$this->_item_update_price_unit($item_price);
$recount_price = true;
}
}
}
} elseif ($k == 'price_unit') {
foreach ($v as $k1 => $price) {
list($product_id, $param_id) = explode('_', $k1);
$this->_item_update_price_unit(['price' => $price, 'order_id' => $order_id, 'product_id' => (int) $product_id, 'param_id' => (int) $param_id]);
$recount_price = true;
}
}
}
$sql = [];
foreach (['address', 'phone', 'address', 'house', 'apartment', 'floor', 'porch', 'intercom', 'delivery_price', 'status', 'region', 'discount', 'discount_add', 'delivery_type', 'delivery_id', 'delivery_location'] as $f) {
if (isset($_POST[$f])) {
$sql[$f] = $_POST[$f];
if ($f == 'delivery_price' && $_POST['delivery_price'] != $order_info['delivery_price']) {
$sql['is_manual_delivery_price'] = 1;
$order_info['is_manual_delivery_price'] = 1;
$order_info['delivery_price'] = $sql['delivery_price'];
$recount_price = true;
}
if ($f == 'discount') {
$discount = $_class_price->_number_mysql($sql['discount']);
$order_info['discount'] = $discount;
$sql['discount'] = $discount;
$recount_price = true;
}
if ($f == 'discount_add') {
$discount = $_class_price->_number_mysql($sql['discount_add']);
$order_info['discount_add'] = $discount;
$sql['discount_add'] = $discount;
}
if ($f == 'delivery_id') {
$value = (int) $sql[$f];
$value = $value > 0 ? $value : $order_info[$f];
$sql[$f] = $value;
}
if ($f == 'delivery_type') {
$value = (int) $sql[$f];
$order_info['payment'] = $value;
$sql['payment'] = $value;
}
}
}
if (count($sql) > 0) {
db()->update_safe(db('shop_orders'), $sql, 'id=' . intval($_GET['id']));
}
if ($recount_price) {
list($order_info['total_sum'], $order_info['delivery_price']) = $this->_order_recount_price($order_info['id'], $order_info);
}
module('manage_shop')->_order_add_revision('edit', intval($_GET['id']));
return js_redirect('./?object=' . main()->_get('object') . '&action=view_order&id=' . $order_info['id']);
}
$products_ids = [];
$Q = db()->query('SELECT * FROM ' . db('shop_order_items') . ' WHERE `order_id`=' . intval($order_info['id']));
while ($_info = db()->fetch_assoc($Q)) {
if ($_info['product_id']) {
$products_ids[$_info['product_id']] = $_info['product_id'];
}
$order_items[$_info['product_id'] . "_" . $_info['param_id']] = $_info;
}
if (!empty($products_ids)) {
$products_infos = db()->query_fetch_all('SELECT * FROM ' . db('shop_products') . ' WHERE id IN(' . implode(',', $products_ids) . ')');
$products_atts = module('manage_shop')->_get_products_attributes($products_ids);
}
$price_total = 0;
foreach ((array) $order_items as $_info) {
$_product = $products_infos[$_info['product_id']];
$_units = [];
if (intval($_info['type']) == 1) {
$images[0]['thumb'] = _class('_shop_products', 'modules/shop/')->_product_set_image($_info["product_id"], $_product['cat_id'], 'thumb', false);
$link = './?object=' . main()->_get('object') . '&action=product_set_edit&id=' . $_info['product_id'];
} else {
$images = _class('_shop_products', 'modules/shop/')->_product_image($_info["product_id"], false, false);
$link = './?object=' . main()->_get('object') . '&action=product_edit&id=' . $_info['product_id'];
$_units = $_class_units->get_by_product_ids($_info['product_id']);
}
$image = $images[0]['thumb'] ?: _class('_shop_categories', 'modules/shop/')->get_icon_url($_product['cat_id'], 'item');
$dynamic_atts = [];
if (strlen($_info['attributes']) > 3) {
foreach ((array) unserialize($_info['attributes']) as $_attr_id) {
$_attr_info = $products_atts[$_info['product_id']][$_attr_id];
$dynamic_atts[$_attr_id] = '- ' . $_attr_info['name'] . ' ' . $_attr_info['value'];
$price += $_attr_info['price'];
}
}
$product_id = (int) $_info['product_id'];
$param_id = (int) $_info['param_id'];
$price_one = tofloat($_info['price']);
$quantity = (int) $_info['quantity'];
$price_item = $price_one * $quantity;
// product unit
$unit = (int) $_info['unit'];
$units = null;
$unit_name = 'шт.';
if ($_units[$product_id]) {
$units = $_units[$product_id];
$units[$unit] && ($unit_name = $units[$unit]['title']);
}
$products[$_info['product_id'] . '_' . $_info['param_id']] = ['product_id' => intval($_info['product_id']), 'param_id' => intval($_info['param_id']), 'param_name' => _class('_shop_product_params', 'modules/shop/')->_get_name_by_option_id($_info['param_id']), 'name' => _prepare_html($_product['name']), 'image' => $image, 'link' => $link, 'unit' => $unit, 'unit_name' => $unit_name, 'units' => $units, 'price_unit' => $price_one, 'price' => $price_item, 'currency' => _prepare_html(module('manage_shop')->CURRENCY), 'quantity' => intval($_info['quantity']), 'details_link' => process_url('./?object=' . main()->_get('object') . '&action=view&id=' . $_product['id']), 'dynamic_atts' => !empty($dynamic_atts) ? implode('<br />' . PHP_EOL, $dynamic_atts) : '', 'status' => module('manage_shop')->_box('status_item', $_info['status']), 'delete' => ''];
$price_total += $price_item;
}
// discount
$discount = $order_info['discount'];
$discount_add = $order_info['discount_add'];
$_discount = $discount;
$discount_price = $_class_price->apply_price($price_total, $_discount);
$discount_price -= $price_total;
$discount_price = $_class_price->_number_round($discount_price);
$_discount = $discount_add;
$discount_add_price = $_class_price->apply_price($price_total, $_discount);
$discount_add_price -= $price_total;
$total_price = tofloat($order_info['total_sum']);
$replace = my_array_merge($replace, _prepare_html($order_info));
$replace = my_array_merge($replace, ['form_action' => './?object=' . main()->_get('object') . '&action=' . $_GET['action'] . '&id=' . $_GET['id'], 'order_id' => $order_info['id'], 'price_total_info' => module('manage_shop')->_format_price($price_total), 'discount' => $_class_price->_number_format($discount), 'discount_add' => $_class_price->_number_format($discount_add), 'discount_price_info' => $_class_price->_price_format($discount_price), 'discount_add_price_info' => $_class_price->_price_format($discount_add_price), 'delivery_info' => module('manage_shop')->_format_price($order_info['delivery_price']), 'total_sum' => module('manage_shop')->_format_price($total_price), 'user_link' => _profile_link($order_info['user_id']), 'user_name' => _display_name(user($order_info['user_id'])), 'error_message' => _e(), 'products' => (array) $products, 'total_price' => module('manage_shop')->_format_price($total_price), 'ship_type' => module('manage_shop')->_ship_types[$order_info['ship_type']], 'pay_type' => module('manage_shop')->_pay_types[$order_info['pay_type']], 'date' => $order_info['date'], 'status_box' => module('manage_shop')->_box('status', $order_info['status']), 'back_url' => './?object=' . main()->_get('object') . '&action=show_orders', 'print_url' => './?object=' . main()->_get('object') . '&action=show_print&id=' . $order_info['id'], 'payment' => common()->get_static_conf('payment_methods', $order_info['payment'])]);
$link_invoice = './?object=manage_shop&action=invoice&id=' . $replace['id'];
$link_invoice_add = $link_invoice . '&with_discount_add=y';
$link_pdf_invoice = $link_invoice . '&pdf=y';
$link_pdf_invoice_add = $link_invoice_add . '&pdf=y';
$region = _class('_shop_region', 'modules/shop/')->_get_list();
array_unshift($region, '- регион не выбран -');
$out = form2($replace, ['dd_mode' => 1, 'big_labels' => true])->info('id')->info('price_total_info', ['desc' => 'Сумма'])->row_start(['desc' => 'Скидка, %'])->number('discount', ['desc' => 'Скидка, %'])->info('discount_price_info')->link('Invoice', $link_invoice, ['title' => 'Накладная без учета добавочной скидки', 'icon' => 'fa fa-file-o', 'target' => '_blank'])->link('PDF', $link_pdf_invoice, ['title' => 'Накладная PDF без учета добавочной скидки', 'icon' => 'fa fa-file-text-o', 'target' => '_blank'])->row_end()->row_start(['desc' => 'Скидка добавочная, %'])->number('discount_add', ['desc' => 'Скидка добавочная, %'])->info('discount_add_price_info', ['desc' => ' '])->link(t('Invoice') . '+', $link_invoice_add, ['title' => 'Накладная с учетом добавочной скидки', 'icon' => 'fa fa-file-o', 'target' => '_blank'])->link(t('PDF') . '+', $link_pdf_invoice_add, ['title' => 'Накладная PDF с учетом добавочной скидки', 'icon' => 'fa fa-file-text-o', 'target' => '_blank'])->row_end()->info('delivery_info', ['desc' => 'Доставка'])->info('total_sum', '', ['desc' => 'Итоговая сумма', 'tip' => 'Итоговая сумма без учета добавочной скидки', 'no_escape' => 1])->info_date('date', ['format' => 'full'])->info('name')->email('email')->info('phone')->container('<a href="./?object=' . main()->_get('object') . '&action=send_sms&phone=' . urlencode($replace["phone"]) . '" class="btn">Send SMS</a><br /><br />')->select_box('region', $region, ['desc' => 'Регион доставки', 'class_add_wrapper' => 'region_type_wrap'])->select_box('delivery_type', _class('_shop_delivery', 'modules/shop/')->_get_types(), ['desc' => 'Тип доставки', 'class_add_wrapper' => 'delivery_type_wrap'])->select_box('delivery_id', _class('_shop_delivery', 'modules/shop/')->_get_locations_by_type($replace['delivery_type']), ['class' => 'delivery_id', 'class_add_wrapper' => 'delivery_id_wrap', 'desc' => 'Отделение'])->text('delivery_location', 'Отделение доставки', ['class' => 'delivery_location', 'class_add_wrapper' => 'delivery_location_wrap'])->text('address')->text('house')->text('apartment')->text('floor')->text('porch')->text('intercom')->info('comment')->text('delivery_time')->price('delivery_price')->user_info('user_id')->info('payment', 'Payment method')->info('transaction_id', 'Transaction id')->container(table2($products)->image('product_id', ['width' => '50px', 'no_link' => true, 'web_path' => '', 'img_path_check' => false, 'img_path_callback' => function ($_p1, $_p2, $row) {
return $row['image'];
}])->func('link', function ($f, $p, $row) {
$result = "<a class='btn' href='{$row[link]}'>{$row[product_id]}</a>";
return $result;
})->func('name', function ($f, $p, $row) {
$row['name'] = $row['name'] . ($row['param_name'] != '' ? "<br /><small>" . $row['param_name'] . "</small>" : '');
return $row['name'];
})->func('unit', function ($f, $p, $row) {
$values = [];
if (!empty($row['units'])) {
$values[0] = ' - ';
foreach ($row['units'] as $id => $item) {
$values[$id] = $item['title'];
}
}
$desc = 'Ед. измерения';
$width = '7em';
$result = sprintf('
<style>
.unit_current {
width: %s;
}
</style>
<div class="unit_current">
%s
<span class="btn btn-mini unit_change">
<i class="icon-edit fa fa-edit"></i>
</span>
</div>
', $width, $row['unit_name']) . _class('html')->select2_box(['desc' => $desc, 'name' => 'unit[' . $row['product_id'] . '_' . $row['param_id'] . ']', 'values' => $values, 'js_options' => ['width' => $width, 'containerCssClass' => 'select2_box']]);
return $result;
})->func('quantity', function ($f, $p, $row) {
$row['quantity'] = "<input type='text' name='qty[" . $row['product_id'] . "_" . $row['param_id'] . "]' value='" . intval($row['quantity']) . "' style='width:50px;'>";
return $row['quantity'];
})->func('price_unit', function ($f, $p, $row) {
$row['price_unit'] = "<input type='text' name='price_unit[" . $row['product_id'] . "_" . $row['param_id'] . "]' value='" . $row['price_unit'] . "' style='width:100px;'>";
return $row['price_unit'];
})->text('price')->func('status', function ($f, $p, $row) {
$row['status'] = str_replace("status_item", "status_item[" . $row['product_id'] . "_" . $row['param_id'] . "]", $row['status']);
return $row['status'];
})->func('delete', function ($f, $p, $row) {
$row['delete'] = "<input type='checkbox' name='delete[" . $row['product_id'] . "_" . $row['param_id'] . "]' value='1'>";
return $row['delete'];
}), ['wide' => 1])->container(tpl()->parse('manage_shop/product_search_order', ['order_id' => $_GET['id']]), 'Add product')->box('status_box', 'Status order', ['selected' => $order_info['status']])->save_and_back();
// misc handlers
css('
.select2_box {
display: none;
}
.unit_current {
position : relative;
}
.btn.unit_change {
display : none;
position : absolute;
right : 0;
}
');
jquery('
$(".delivery_id").on( "change", function( event ) {
var location = $(this).find( "option:selected" ).text();
$(".delivery_location").val( location );
});
var delivery_type__on_change = function( target ) {
var value = +$(target).find( "option:selected" ).val();
if( value == 1 ) {
$(".delivery_id_wrap").hide();
$(".delivery_location_wrap").hide();
} else if( value == 2 ) {
var count = +$(".delivery_id_wrap").find( "option" ).length;
if( count > 1 ) {
$(".delivery_id_wrap").show();
$(".delivery_location_wrap").show();
}
}
}
delivery_type__on_change( $(".delivery_type_wrap") );
$(".delivery_type_wrap").on( "change", function( event ) {
delivery_type__on_change( event.target );
});
$( ".unit_change" ).on( "click", function( event ) {
var $this = $( this );
var $select2 = $this.parent().next();
$select2.toggle()
}).each( function( i ) {
var $this = $( this );
if( $this.parent().next().length ) {
$this.show();
}
});
');
// get similar orders
$sql = "SELECT o.*, COUNT(*) AS num_items FROM `" . db('shop_orders') . "` AS `o`\n\t\t\t\tINNER JOIN " . db('shop_order_items') . " AS i ON i.order_id = o.id\n\t\t\t\tWHERE `o`.`id`!='" . $order_info['id'] . "'\n\t\t\t\t\tAND `o`.`phone`='" . $order_info['phone'] . "'\n\t\t\t\t\tAND `o`.`status`='" . $order_info['status'] . "'\n\t\t\t\tGROUP BY o.id ORDER BY o.id DESC";
$out .= "<br /><br /><h3>" . t('Similar orders') . "</h3>" . table($sql)->text('id')->date('date', ['format' => 'full', 'nowrap' => 1])->user('user_id')->text('name')->text('phone')->text('total_sum', ['nowrap' => 1])->text('num_items')->btn_edit('', './?object=' . main()->_get('object') . '&action=view_order&id=%d', ['no_ajax' => 1])->btn('Merge', './?object=' . main()->_get('object') . '&action=merge_order&id=' . $order_info['id'] . '&merge_id=%d', ['no_ajax' => 1]);
// $out .= tpl()->parse('manage_shop/product_search',array());
return $out;
}