public static function arraySimpleXml($name, $data, $type = 'simple')
{
$xml = '<' . $name . ' ';
foreach ($data as $key => $value) {
if (!empty($value)) {
$value = fn_html_escape($value);
$xml .= $key . '="' . $value . '" ';
}
}
if ($type == 'open') {
$xml .= '>';
} else {
$xml .= '/>';
}
return $xml;
}
function fn_google_sitemap_print_item_info($links, $lmod, $frequency, $priority)
{
$item = '';
foreach ($links as $link) {
$link = fn_html_escape($link);
$item .= <<<ITEM
<url>
<loc>{$link}</loc>
<lastmod>{$lmod}</lastmod>
<changefreq>{$frequency}</changefreq>
<priority>{$priority}</priority>
</url>
ITEM;
}
return $item;
}
if (!empty($product['product_type']) && $product['product_type'] == 18) {
$settings_shipping_spsr['insurance_type'] = 'INS';
}
}
}
}
if ($settings_shipping_spsr['insurance_type'] == 'INS') {
$total_invoices_cost_ins += $invoice['cost'];
}
if ($settings_shipping_spsr['insurance_type'] == 'VAL') {
$total_invoices_cost_val += $invoice['cost'];
}
if (!empty($spsr_invoice['delivery_date'])) {
$spsr_invoice['delivery_date'] = date('Y-m-d', fn_parse_date($spsr_invoice['delivery_date'])) . 'T00:00:00.000';
}
$invoice_for_xml = array('Action' => "N", 'ShipRefNum' => $invoice['ship_ref_num'], 'PickUpType' => $spsr_invoice['pick_up_type'], 'ProductCode' => $spsr_invoice['invoice_product_code'], 'FullDescription' => fn_html_escape($invoice_full_desc), 'PiecesCount' => count($packages), 'DeliveryDate' => $spsr_invoice['delivery_date'], 'DeliveryTime' => $spsr_invoice['delivery_time'], 'InsuranceType' => $additional_params['insurance_type'], 'InsuranceSum' => $invoice['cost']);
if ($settings_shipping_spsr['cod'] == 1) {
$invoice_for_xml['CODGoodsSum'] = $invoice['cost'] + $invoice['invoice_shipping_cost'];
$invoice_for_xml['CODDeliverySum'] = $invoice['invoice_shipping_cost'];
$total_invoices_cost_cod += $invoice_for_xml['CODGoodsSum'];
}
$invoice_xml = RusSpsr::invoiceXml($invoice_for_xml, $pieces_xml, $shipper_xml, $receiver_xml, $additional_services_xml, $sms_xml);
$save_data['invoices'][$shipment_id] = $invoice;
$save_data['invoices'][$shipment_id]['shipper'] = $shipper_for_xml;
$save_data['invoices'][$shipment_id]['receiver_xml'] = $receiver_for_xml;
$save_data['invoices'][$shipment_id]['invoice_for_xml'] = $invoice_for_xml;
$invoices_xml = array_merge($invoices_xml, $invoice_xml);
} else {
unset($invoices[$invoice_key]);
}
}
public function destruct($content = '')
{
static $called = false;
if ($called == false && $this->_internal_request) {
$called = true;
$text = $this->_request_type != self::REQUEST_COMET ? ob_get_clean() : '';
if (empty($text) && !empty($content)) {
$text = $content;
}
if (!empty($this->result_ids)) {
$result_ids = array();
// get the matching ids
foreach ($this->result_ids as $r_id) {
if (strpos($r_id, '*')) {
$clear_id = str_replace('*', '\\w+?', $r_id);
preg_match_all('/<[^>]*?id=(?:\'|")(' . $clear_id . '\\w*?)(?:\'|")[^>]*?>/isS', $text, $ids);
if (!empty($ids[1])) {
foreach ($ids[1] as $r_id2) {
$result_ids[] = $r_id2;
}
}
} else {
$result_ids[] = $r_id;
}
}
foreach ($result_ids as $r_id) {
if (strpos($text, ' id="' . $r_id . '">') !== false) {
$start = strpos($text, ' id="' . $r_id . '">') + strlen(' id="' . $r_id . '">');
$end = strpos($text, '<!--' . $r_id . '--></');
$this->assignHtml($r_id, substr($text, $start, $end - $start));
// Assume that all data should be put to div with this ID
} elseif ($this->_skip_result_ids_check == true) {
$this->assignHtml($r_id, $text);
}
}
if ($this->full_render && preg_match('/<title>(.*?)<\\/title>/s', $text, $m)) {
$this->assign('title', html_entity_decode($m[1], ENT_QUOTES));
}
// Fix for payment processor form, should be removed after payments refactoring
if (Embedded::isEnabled() && empty($this->_result['html']) && $this->_skip_result_ids_check == false && !empty($text)) {
foreach ($this->result_ids as $r_id) {
$text .= '<script type="text/javascript">if (document.process) { document.process.target="_parent"; document.process.submit(); }</script>';
$this->assignHtml($r_id, $text);
break;
}
}
$text = '';
}
if (empty($this->_result['non_ajax_notifications'])) {
$this->assign('notifications', fn_get_notifications());
}
if (Embedded::isEnabled()) {
$this->assign('session_data', array('name' => Session::getName(), 'id' => Session::getId()));
}
if (!empty($this->anchor)) {
$this->assign('anchor', $this->anchor);
}
// we call session saving directly
session_write_close();
// Prepare response
$response = $this->_result;
if (fn_string_not_empty($text)) {
$response['text'] = trim($text);
}
$response = json_encode($response, JSON_UNESCAPED_UNICODE);
if (!headers_sent()) {
header(' ', true, 200);
// force 200 header, because we still need to return content
if (Embedded::isEnabled() || $this->_request_type == self::REQUEST_JSONP_POST) {
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
// for IE cors
}
}
if ($this->_request_type == self::REQUEST_XML) {
// Return json object
header('Content-type: ' . $this->_content_type . '; charset=' . CHARSET);
} elseif ($this->_request_type == self::REQUEST_JSONP) {
// Return jsonp object
header('Content-type: ' . $this->_content_type . '; charset=' . CHARSET);
$response = $this->callback . '(' . $response . ');';
} elseif ($this->_request_type == self::REQUEST_JSONP_POST) {
// Return jsonp object
header("X-Frame-Options: ", true);
$response = '<script type="text/javascript" src="' . Registry::get('config.current_location') . '/js/lib/jquery/jquery.min.js' . '"></script>
<script type="text/javascript" src="' . Registry::get('config.current_location') . '/js/lib/postmessage/jquery.ba-postmessage.js' . '"></script>
<script type="text/javascript">
var Tygh = {};
Tygh.$ = jQuery.noConflict(true);
</script>
<script type="text/javascript">Tygh.$.postMessage(
"' . fn_js_escape($response) . '",\'' . Embedded::getUrl() . '\');</script>';
} else {
// Return html textarea object
$response = '<textarea>' . fn_html_escape($response) . '</textarea>';
}
fn_echo($response);
}
}
protected function body($file)
{
$offered = array();
if ($this->options['disable_cat_d'] == "Y") {
$visible_categories = $this->getVisibleCategories();
}
$fields = array('p.product_id', 'p.product_code', 'd.lang_code', 'pc.category_id', 'cd.category', 'pp.price', 'p.list_price', 'p.status', 'p.amount', 'p.weight', 'p.shipping_freight', 'p.free_shipping', 'd.product', 'd.full_description', 'p.company_id', 'p.tracking', 'p.list_price', 'p.yml_brand', 'p.yml_origin_country', 'p.yml_store', 'p.yml_pickup', 'p.yml_delivery', 'p.yml_adult', 'p.yml_cost', 'p.yml_export_yes', 'p.yml_bid', 'p.yml_cbid', 'p.yml_model', 'p.yml_sales_notes', 'p.yml_type_prefix', 'p.yml_market_category', 'p.yml_manufacturer_warranty', 'p.yml_seller_warranty');
$fields[] = "(\n SELECT GROUP_CONCAT(IF(pc2.link_type = 'M', CONCAT(pc2.category_id, 'M'), pc2.category_id))\n FROM ?:products_categories as pc2\n WHERE product_id = p.product_id\n ) as category_ids";
$joins = array(db_quote("LEFT JOIN ?:product_descriptions as d ON d.product_id = p.product_id AND d.lang_code = ?s", $this->lang_code), db_quote("LEFT JOIN ?:product_prices as pp" . " ON pp.product_id = p.product_id AND pp.lower_limit = 1 AND pp.usergroup_id = 0"), db_quote("LEFT JOIN ?:products_categories as pc ON pc.product_id = p.product_id AND pc.link_type = ?s", 'M'), db_quote("LEFT JOIN ?:category_descriptions as cd ON cd.category_id = pc.category_id AND cd.lang_code = ?s", $this->lang_code));
$condition = '';
if ($this->company_id > 0) {
$condition .= db_quote(' AND company_id = ?i', $this->company_id);
}
$product_ids = db_get_fields("SELECT product_id FROM ?:products WHERE yml_export_yes = ?s AND status = ?s " . $condition, 'Y', 'A');
$offset = 0;
while ($ids = array_slice($product_ids, $offset, self::ITERATION_ITEMS)) {
$offset += self::ITERATION_ITEMS;
$products = db_get_array('SELECT ' . implode(', ', $fields) . ' FROM ?:products as p' . ' ' . implode(' ', $joins) . ' WHERE p.product_id IN(?n)', $ids);
$products_images_main = fn_get_image_pairs($ids, 'product', 'M', false, true, $this->lang_code);
$products_images_additional = fn_get_image_pairs($ids, 'product', 'A', false, true, $this->lang_code);
$params = array('get_options' => false, 'get_taxed_prices' => false, 'detailed_params' => false);
fn_gather_additional_products_data($products, $params);
foreach ($products as $k => &$product) {
$is_broken = false;
$price = !floatval($product['price']) ? fn_parse_price($product['price']) : intval($product['price']);
if ($this->options['export_null_price'] == 'N' && empty($price)) {
$is_broken = true;
}
if (in_array($product['category_id'], $this->disabled_category_ids)) {
$is_broken = true;
}
if ($this->options['disable_cat_d'] == 'Y' && !in_array($product['category_id'], $visible_categories)) {
$is_broken = true;
}
$product['product'] = $this->escape($product['product']);
$product['full_description'] = $this->escape($product['full_description']);
$product['product_features'] = $this->getProductFeatures($product);
$product['brand'] = $this->getBrand($product);
if ($this->options['export_type'] == 'vendor_model') {
if (empty($product['brand']) || empty($product['yml_model'])) {
$is_broken = true;
}
}
if ($product['tracking'] == 'O') {
$product['amount'] = db_get_field("SELECT SUM(amount) FROM ?:product_options_inventory WHERE product_id = ?i", $product['product_id']);
}
if ($this->options['export_stock'] == 'Y' && $product['amount'] <= 0) {
$is_broken = true;
}
if ($is_broken) {
unset($products[$k]);
continue;
}
$product['product_url'] = fn_html_escape(fn_url('products.view?product_id=' . $product['product_id']));
// Images
$images = array_merge($products_images_main[$product['product_id']], $products_images_additional[$product['product_id']]);
$product['images'] = array_slice($images, 0, self::IMAGES_LIMIT);
list($key, $value) = $this->offer($product);
$offered[$key] = $value;
}
if (!empty($offered)) {
fwrite($file, fn_yandex_market_array_to_yml($offered));
unset($offered);
}
}
}
function fn_array_to_xml($data)
{
if (!is_array($data)) {
return fn_html_escape($data);
}
$return = '';
foreach ($data as $key => $value) {
$attr = '';
if (is_array($value) && is_numeric(key($value))) {
foreach ($value as $k => $v) {
$arr = array($key => $v);
$return .= fn_array_to_xml($arr);
unset($value[$k]);
}
unset($data[$key]);
continue;
}
if (strpos($key, '@') !== false) {
$data = explode('@', $key);
$key = $data[0];
unset($data[0]);
if (count($data) > 0) {
foreach ($data as $prop) {
if (strpos($prop, '=') !== false) {
$prop = explode('=', $prop);
$attr .= ' ' . $prop[0] . '="' . $prop[1] . '"';
} else {
$attr .= ' ' . $prop . '=""';
}
}
}
}
$return .= '<' . $key . $attr . '>' . fn_array_to_xml($value) . '</' . $key . '>';
}
return $return;
}
function fn_compact_value($value, $max_width)
{
$escaped = false;
$length = strlen($value);
$new_value = $value = fn_html_escape($value, true);
if (strlen($new_value) != $length) {
$escaped = true;
}
if ($length > $max_width) {
$len_to_strip = $length - $max_width;
$center_pos = $length / 2;
$new_value = substr($value, 0, $center_pos - $len_to_strip / 2) . '...' . substr($value, $center_pos + $len_to_strip / 2);
}
return $escaped == true ? fn_html_escape($new_value) : $new_value;
}
public static function piecesXml($pieces)
{
$xml = array();
if (!empty($pieces)) {
$invoice_full_desc = '';
$xml[] = ' <Pieces>';
foreach ($pieces as $piece_key => $piece) {
$piece_for_xml = array('PieceID' => $piece['barcode'], 'Description' => $piece['data']['description'], 'ClientBarcode' => $piece['data']['barcode'], 'Weight' => $piece['data']['weight'], 'Length' => $piece['data']['length'], 'Width' => $piece['data']['width'], 'Depth' => $piece['data']['height']);
$xml[] = ' ' . self::arraySimpleXml('Piece', $piece_for_xml, 'open');
foreach ($piece['data']['products'] as $subpice) {
if ($subpice['product'] != 'Доставка') {
$subpice_for_xml = array('Description' => fn_html_escape($subpice['product']), 'Cost' => $subpice['price'], 'ProductCode' => $subpice['product_code'], 'Quantity' => $subpice['amount']);
$xml[] = ' ' . self::arraySimpleXml('SubPiece', $subpice_for_xml);
$invoice_full_desc .= $subpice['product_code'] . ' ' . $subpice['product'] . '; ';
}
}
$xml[] = ' </Piece>';
}
$xml[] = ' </Pieces>';
}
return array($xml, $invoice_full_desc);
}
/**
* Destructor: cache output and display valid javascript code
*/
function __destruct()
{
static $called = false;
if ($called == false && !defined('AJAX_REDIRECT')) {
$called = true;
$text = ob_get_clean();
if (!empty($this->result_ids)) {
foreach ($this->result_ids as $r_id) {
if (strpos($text, ' id="' . $r_id . '">') !== false) {
$start = strpos($text, ' id="' . $r_id . '">') + strlen(' id="' . $r_id . '">');
$end = strpos($text, '<!--' . $r_id . '--></');
$this->assign_html($r_id, substr($text, $start, $end - $start));
}
}
$text = '';
}
$this->assign('notifications', fn_get_notifications());
// we call session saving directly
session_write_close();
if ($this->request_type == self::REQUEST_XML) {
header('Content-type: ' . $this->content_type);
// Return json object
echo '{text: ' . $this->php2js(trim($text)) . ', data : ' . $this->php2js($this->_result) . '}';
} else {
// Return html textarea object
echo '<textarea>' . fn_html_escape('{text: ' . $this->php2js(trim($text)) . ', data : ' . $this->php2js($this->_result) . '}') . '</textarea>';
}
}
}
/**
* Add/remove html special chars
*
* @param mixed $data data to filter
* @param bool $revert if true, decode special chars
* @return mixed filtered variable
*/
function fn_html_escape($data, $revert = false)
{
if (is_array($data)) {
foreach ($data as $k => $sub) {
if (is_string($k)) {
$_k = $revert == false ? htmlspecialchars($k, ENT_QUOTES, 'UTF-8') : htmlspecialchars_decode($k, ENT_QUOTES);
if ($k != $_k) {
unset($data[$k]);
}
} else {
$_k = $k;
}
if (is_array($sub) === true) {
$data[$_k] = fn_html_escape($sub, $revert);
} elseif (is_string($sub)) {
$data[$_k] = $revert == false ? htmlspecialchars($sub, ENT_QUOTES, 'UTF-8') : htmlspecialchars_decode($sub, ENT_QUOTES);
}
}
} else {
$data = $revert == false ? htmlspecialchars($data, ENT_QUOTES, 'UTF-8') : htmlspecialchars_decode($data, ENT_QUOTES);
}
return $data;
}
function fn_mailru_array_to_yml($data, $level = 0)
{
if (!is_array($data)) {
return fn_html_escape($data);
}
$return = '';
foreach ($data as $key => $value) {
$attr = '';
if (is_array($value) && is_numeric(key($value))) {
foreach ($value as $k => $v) {
$arr = array($key => $v);
$return .= fn_array_to_xml($arr);
unset($value[$k]);
}
unset($data[$key]);
continue;
}
if (strpos($key, '@') !== false) {
$data = explode('@', $key);
$key = $data[0];
unset($data[0]);
if (count($data) > 0) {
foreach ($data as $prop) {
if (strpos($prop, '=') !== false) {
$prop = explode('=', $prop);
$attr .= ' ' . $prop[0] . '="' . $prop[1] . '"';
} else {
$attr .= ' ' . $prop . '=""';
}
}
}
}
$tab = str_repeat(" ", $level);
if (empty($value)) {
if ($key == 'local_delivery_cost') {
$return .= $tab . "<" . $key . $attr . ">" . fn_mailru_array_to_yml($value, $level + 1) . '</' . $key . ">\n";
} else {
$return .= $tab . "<" . $key . $attr . "/>\n";
}
} elseif (is_array($value)) {
$return .= $tab . "<" . $key . $attr . ">\n" . fn_mailru_array_to_yml($value, $level + 1) . '</' . $key . ">\n";
} else {
$return .= $tab . "<" . $key . $attr . '>' . fn_mailru_array_to_yml($value, $level + 1) . '</' . $key . ">\n";
}
}
return $return;
}
function get_var($var, $default = NULL)
{
if (!isset($this->_tpl_vars[$var])) {
$this->_tpl_vars[$var] = $default === NULL ? array() : $default;
}
return fn_html_escape($this->_tpl_vars[$var], true);
}
/**
* Smarty escape modifier plugin
*
* Type: modifier<br>
* Name: escape<br>
* Purpose: Escape the string according to escapement type
* @link http://smarty.php.net/manual/en/language.modifier.escape.php
* escape (Smarty online manual)
* @author Monte Ohrt <monte at ohrt dot com>
* @param string
* @param html|htmlall|url|quotes|hex|hexentity|javascript
* @return string
*/
function smarty_modifier_escape($string, $esc_type = 'html', $char_set = 'ISO-8859-1')
{
if (is_array($string)) {
foreach ($string as $k => $sub) {
$string[$k] = smarty_modifier_escape($sub, $esc_type, $char_set);
}
} else {
if (strpos($string, 'class="cm-translate') !== false) {
return $string;
}
$string = fn_html_escape($string, true);
switch ($esc_type) {
case 'html':
return fn_html_escape($string);
case 'htmlall':
return htmlentities($string, ENT_QUOTES, $char_set);
case 'url':
return rawurlencode($string);
case 'urlpathinfo':
return str_replace('%2F', '/', rawurlencode($string));
case 'quotes':
// escape unescaped single quotes
return preg_replace("%(?<!\\\\)'%", "\\'", $string);
case 'hex':
// escape every character into hex
$return = '';
for ($x = 0; $x < strlen($string); $x++) {
$return .= '%' . bin2hex($string[$x]);
}
return $return;
case 'hexentity':
$return = '';
for ($x = 0; $x < strlen($string); $x++) {
$return .= '&#x' . bin2hex($string[$x]) . ';';
}
return $return;
case 'decentity':
$return = '';
for ($x = 0; $x < strlen($string); $x++) {
$return .= '&#' . ord($string[$x]) . ';';
}
return $return;
case 'javascript':
// escape quotes and backslashes, newlines, etc.
return strtr($string, array('\\' => '\\\\', "'" => "\\'", '"' => '\\"', "\r" => '\\r', "\n" => '\\n', '</' => '<\\/'));
case 'mail':
// safe way to display e-mail address on a web page
return str_replace(array('@', '.'), array(' [AT] ', ' [DOT] '), $string);
case 'nonstd':
// escape non-standard chars, such as ms document quotes
$_res = '';
for ($_i = 0, $_len = strlen($string); $_i < $_len; $_i++) {
$_ord = ord(substr($string, $_i, 1));
// non-standard char, escape it
if ($_ord >= 126) {
$_res .= '&#' . $_ord . ';';
} else {
$_res .= substr($string, $_i, 1);
}
}
return $_res;
default:
return $string;
}
}
return $string;
}
/**
* Smarty plugin
* @package Smarty
* @subpackage plugins
*/
function smarty_modifier_unescape($data)
{
return fn_html_escape($data, true);
}
/**
* Add/remove html special chars
*
* @param mixed $data data to filter
* @param boolean $revert if true, decode special chars
* @return mixed filtered variable
*/
function fn_html_escape($data, $revert = false)
{
if (is_array($data)) {
foreach ($data as $k => $sub) {
if (is_array($sub) === true) {
$data[$k] = fn_html_escape($sub, $revert);
} else {
$data[$k] = $revert == false ? htmlspecialchars($sub, ENT_QUOTES, 'UTF-8') : htmlspecialchars_decode($sub, ENT_QUOTES);
}
}
} else {
$data = $revert == false ? htmlspecialchars($data, ENT_QUOTES, 'UTF-8') : htmlspecialchars_decode($data, ENT_QUOTES);
}
return $data;
}
function fn_statistics_track_robots($tpl_output, &$view)
{
if (strpos($tpl_output, '<title>') === false) {
return $tpl_output;
}
$sess_id = db_get_field('SELECT sess_id FROM ?:stat_sessions WHERE uniq_code = ?i AND timestamp > ?i', fn_crc32($_SERVER['HTTP_USER_AGENT']), TIME - 24 * 60 * 60);
if (empty($sess_id)) {
$ip = fn_get_ip(true);
$referer = !empty($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
$parse_url = parse_url($referer);
$stat_data = array('user_agent' => $_SERVER['HTTP_USER_AGENT'], 'host_ip' => $ip['host'], 'proxy_ip' => $ip['proxy'], 'client_language' => $_SERVER['HTTP_ACCEPT_LANGUAGE'], 'ip_id' => fn_stat_ip_exist($ip), 'client_type' => 'B', 'robot' => CRAWLER, 'referrer' => $referer, 'timestamp' => TIME, 'referrer_scheme' => empty($parse_url['scheme']) ? '' : $parse_url['scheme'], 'referrer_host' => empty($parse_url['host']) ? '' : $parse_url['host'], 'expiry' => 0, 'uniq_code' => fn_crc32($_SERVER['HTTP_USER_AGENT']));
$request_type = STAT_LAST_REQUEST;
$sess_id = db_query('INSERT INTO ?:stat_sessions ?e', $stat_data);
$last_url = '';
} else {
$last_url = db_get_field("SELECT url FROM ?:stat_requests WHERE sess_id = ?i AND (request_type & ?i) = ?i", $sess_id, STAT_LAST_REQUEST, STAT_LAST_REQUEST);
db_query("UPDATE ?:stat_requests SET request_type = request_type & " . STAT_ORDINARY_REQUEST . " WHERE sess_id = ?s", $sess_id);
$request_type = STAT_END_REQUEST;
}
// Add to stat requests
$this_url = fn_stat_prepare_url(REAL_URL);
if ($last_url != $this_url) {
$title = '';
if (preg_match_all('/\\<title\\>(.*?)\\<\\/title\\>/', $tpl_output, $m)) {
$title = fn_html_escape($m[1][0], true);
}
$ve = array('sess_id' => $sess_id, 'timestamp' => TIME, 'url' => $this_url, 'title' => $title, 'https' => defined('HTTPS') ? 'Y' : 'N', 'loadtime' => microtime(true) - MICROTIME, 'request_type' => $request_type);
db_query("INSERT INTO ?:stat_requests ?e", $ve);
}
return $tpl_output;
}
