}
}
$downloadVariableString = "mediaID={$downloadMediaID}&profileID={$downloadProfileID}&downloadType=order&downloadTypeID={$downloadTypeID}&invoiceItemID={$downloadInvoiceItemID}&memberID={$downloadMemberID}&deliveryMethod={$deliveryMethod}";
if ($externalLink == 1) {
$downloadVariableString .= "&externalLink=" . k_encrypt($filecheck['path']);
}
// Add the external link
//echo $downloadVariableString; exit;
$digitalInvoiceItems[$itemKey]['downloadKey'] = k_encrypt($downloadVariableString);
//k_encrypt
} else {
$downloadableStatus = 0;
}
}
//$downloadableStatus = 4; // Testing
$digitalInvoiceItems[$itemKey]['useMediaID'] = $config['EncryptIDs'] ? k_encrypt($itemValue['asset_id']) : $itemValue['asset_id'];
// Add useMediaID
$digitalInvoiceItems[$itemKey]['lineItemPriceTotal'] = $invoiceTotals->currency_display($digitalInvoiceItems[$itemKey]['price_total'], 1);
$digitalInvoiceItems[$itemKey]['downloadableStatus'] = $downloadableStatus;
}
}
if ($physicalInvoiceItems) {
foreach ($physicalInvoiceItems as $itemKey => $itemValue) {
$physicalInvoiceItems[$itemKey]['lineItemPriceTotal'] = $invoiceTotals->currency_display($physicalInvoiceItems[$itemKey]['price_total'], 1);
$shippingStatus = $itemValue['shipping_status'] == 0 ? $invoiceInfo['ship_status'] : $itemValue['shipping_status'];
if ($itemValue['item_type'] == 'subscription' or $itemValue['item_type'] == 'credits') {
$physicalInvoiceItems[$itemKey]['shippingStatusLang'] = $orderInfo['order_status'] == 1 ? 'active' : 'pending';
} else {
$physicalInvoiceItems[$itemKey]['shippingStatusLang'] = shippingStatusNumToText($shippingStatus);
}
}
// Just to be safe make sure a memberID exists before continuing
//echo "cookie: " . $_COOKIE['member']['umem_id'];
//echo $_SESSION['member']['umem_id'];
$guestLightbox = $_SESSION['loggedIn'] ? 0 : 1;
// Determine the guest lightbox status
//echo $guestLightbox;
$lightboxResult = mysqli_query($db, "\r\n\t\t\tSELECT *\r\n\t\t\tFROM {$dbinfo[pre]}lightboxes\r\n\t\t\tWHERE umember_id = '{$umemberID}'\r\n\t\t\tAND deleted = 0 \r\n\t\t\tAND guest = '{$guestLightbox}' \r\n\t\t\tORDER BY created DESC\r\n\t\t\t");
if ($returnRows = mysqli_num_rows($lightboxResult)) {
while ($lightbox = mysqli_fetch_array($lightboxResult)) {
$itemCount = mysqli_result_patch(mysqli_query($db, "SELECT COUNT(item_id) FROM {$dbinfo[pre]}lightbox_items WHERE lb_id = '{$lightbox[lightbox_id]}'"));
$lightboxArray[$lightbox['lightbox_id']] = $lightbox;
$lightboxArray[$lightbox['lightbox_id']]['items'] = $itemCount;
$lightboxArray[$lightbox['lightbox_id']]['create_date_display'] = $customDate->showdate($lightbox['created'], 0);
if ($config['EncryptIDs']) {
// Encrypt IDs
$lightboxArray[$lightbox['lightbox_id']]['linkto'] = "gallery.php?mode=lightbox&id=" . k_encrypt($lightbox['ulightbox_id']) . "&page=1";
} else {
$lightboxArray[$lightbox['lightbox_id']]['linkto'] = "gallery.php?mode=lightbox&id=" . $lightbox['ulightbox_id'] . "&page=1";
}
}
/* Testing
foreach($lightboxArray as $lb)
{
print_r($lb);
echo "<br><br>";
}
*/
$smarty->assign('lightboxArray', $lightboxArray);
$smarty->assign('lightboxRows', $returnRows);
}
$smarty->assign('notice', $notice);
if ($membershipDB['trail_status']) {
$trialMembership = $membershipDB['ms_id'];
// Set a trial membership id
$trialEndDate = date("Y-m-d H:i:s", strtotime(gmt_date() . " +{$membershipDB[trial_length_num]} {$membershipDB[trial_length_period]}"));
// Figure trial end date
}
} else {
$paidMembership = true;
// This is a paid membership - mark it as so
$membershipID = 1;
$_SESSION['jumpToOnLogin'] = "******";
}
}
$umem_id = create_unique2();
// Create unique ID
$passwordEnc = k_encrypt($password);
// Encrypt the password
$signupDate = gmt_date();
$ipsignup = $_SERVER['REMOTE_ADDR'];
$accountStatus = $config['settings']['email_conf'] ? 2 : 1;
// If email confirmation is needed set the account status to 2 (pending)
//CLEAN BEFORE INPUT
$f_name = strip_tags($f_name);
$l_name = strip_tags($l_name);
$email = strip_tags($email);
$phone = strip_tags($phone);
$comp_name = strip_tags($comp_name);
$website = strip_tags($website);
$address = strip_tags($address);
$address_2 = strip_tags($address_2);
$city = strip_tags($city);
$filecheck['status'] = 0;
}
//$filecheck['status'] = (checkExternalFile($download['externalLink']) > 400) ? 0 : 1; // Old
}
//echo $filecheck['status']; exit;
//print_k($download); exit;
/*
* If the download type is order then check to make sure that the
* customer has access to download the file by doing these checks.
*/
if ($download['downloadType'] == 'order') {
$maxDownloadAttempts = ($config['settings']['dl_attempts'] == 0 or $download['collectionDownload'] == 1) ? 9999 : $config['settings']['dl_attempts'];
// Find the max download attempts - if unlimited use 999
//echo $maxDownloadAttempts; exit;
// Check authorization
if ($_SESSION['downloadAuthorization'] != k_encrypt($download['downloadTypeID'])) {
echo "You are not authorized to download this file";
exit;
} else {
try {
$invoice = new invoiceTools();
$digitalItem = $invoice->getSingleInvoiceItem($download['invoiceItemID']);
// Check expiration
if ($nowGMT > $digitalItem['expires'] and $digitalItem['expires'] != '0000-00-00 00:00:00') {
echo "This download has expired";
exit;
}
// Check download count
if ($digitalItem['downloads'] >= $maxDownloadAttempts) {
echo "You have reached the maximum number of downloads for this file.";
exit;
// Assign meta title
$smarty->assign('metaKeywords', $media['details']['keywords'] ? $keywordsFlat : $config['settings']['site_keywords']);
// Assign meta keywords
$smarty->assign('metaDescription', $media['details']['description']['value'] ? strip_tags($media['details']['description']['value']) : strip_tags($config['settings']['site_description']));
// Assign meta description
//echo $media['title']; exit; // testing
//print_r($media); exit;
if ($prevButtonID) {
if ($config['EncryptIDs']) {
$prevButtonID = k_encrypt($prevButtonID);
}
$smarty->assign('prevButtonID', $prevButtonID);
}
if ($nextButtonID) {
if ($config['EncryptIDs']) {
$nextButtonID = k_encrypt($nextButtonID);
}
$smarty->assign('nextButtonID', $nextButtonID);
}
$smarty->assign('crumbs', $_SESSION['crumbsSession']);
//print_k($media); exit;
$smarty->assign('media', $media);
$smarty->assign('useGalleryID', $useGalleryID);
// Gallery ID
$smarty->assign('galleryMode', $_SESSION['currentMode']);
// Gallery Mode
$smarty->assign('useMediaID', $useMediaID);
// Gallery ID
} else {
$smarty->assign('noAccess', 1);
}
//print_r($mediaPagingArray); exit; // Testing
$mediaPagingArray['pageNumbers'] = range(0, $mediaPagingArray['totalPages']);
unset($mediaPagingArray['pageNumbers'][0]);
// Remove the 0 element from the beginning of the array
$smarty->assign('mediaPaging', $mediaPagingArray);
}
$galleryPagingArray = $galleryPages->getPagingArray();
$galleryPagingArray['pageNumbers'] = range(0, $galleryPagingArray['totalPages']);
unset($galleryPagingArray['pageNumbers'][0]);
// Remove the 0 element from the beginning of the array
$smarty->assign('galleryPaging', $galleryPagingArray);
if ($_SESSION['currentMode'] == 'lightbox' or $mode == 'lightbox') {
$smarty->assign('id', $_SESSION['id']);
} else {
if ($config['EncryptIDs']) {
$smarty->assign('id', k_encrypt($_SESSION['id']));
} else {
$smarty->assign('id', $_SESSION['id']);
}
// Pass a gallery id or a contributor id
}
$smarty->assign('startrec', $mediaStartRecord);
$smarty->assign('galleryID', $galleryID);
// Gallery ID
$smarty->assign('galleryMode', $_SESSION['currentMode']);
// Gallery Mode
$smarty->assign('selectedGallerySortBy', $_SESSION['sessGallerySortBy']);
// Selected sort by
$smarty->assign('selectedGallerySortType', $_SESSION['sessGallerySortType']);
// Selected sort type
$smarty->assign('gallerySortByOptions', $gallerySortByOptions);
if ($returnRows = mysqli_num_rows($productResult)) {
$product = mysqli_fetch_assoc($productResult);
if ($product['active'] == 1 and $product['deleted'] == 0 and ($product['quantity'] == '' or $product['quantity'] > 0)) {
/*
* Get discounts
*/
$discountsResult = mysqli_query($db, "\r\n\t\t\t\t\tSELECT *\r\n\t\t\t\t\tFROM {$dbinfo[pre]}discount_ranges \r\n\t\t\t\t\tWHERE item_type = 'products' \r\n\t\t\t\t\tAND start_discount_number > 0\r\n\t\t\t\t\tAND item_id = '{$id}' \r\n\t\t\t\t\tORDER BY start_discount_number\r\n\t\t\t\t\t");
if ($discountReturnRows = mysqli_num_rows($discountsResult)) {
while ($discount = mysqli_fetch_array($discountsResult)) {
$discountsArray[$discount['dr_id']] = $discount;
}
$smarty->assign('discountRows', $discountReturnRows);
$smarty->assign('discountsArray', $discountsArray);
}
if ($edit) {
$smarty->assign('edit', k_encrypt($edit));
$invoiceOptionsResult = mysqli_query($db, "\r\n\t\t\t\t\t\tSELECT *\r\n\t\t\t\t\t\tFROM {$dbinfo[pre]}invoice_options \r\n\t\t\t\t\t\tWHERE invoice_item_id IN ({$edit})\r\n\t\t\t\t\t\t");
if ($invoiceOptionsRows = mysqli_num_rows($invoiceOptionsResult)) {
while ($invoiceOption = mysqli_fetch_array($invoiceOptionsResult)) {
$optionSelections[$invoiceOption['option_gid'] . '-' . $invoiceOption['option_id']] = true;
}
}
}
if ($mediaID) {
// select the media details
$sql = "SELECT * FROM {$dbinfo[pre]}media WHERE media_id = '{$mediaID}'";
$mediaInfo = new mediaList($sql);
$media = $mediaInfo->getSingleMediaDetails('preview');
$mediaPrice = getMediaPrice($media);
// Get the media price based on the license
$mediaCredits = getMediaCredits($media);
$record = 1;
while ($rmOption = mysqli_fetch_assoc($rmOptionsResult)) {
$rmOptionName = $rmOption['op_name_' . $selectedLanguage] ? $rmOption['op_name_' . $selectedLanguage] : $rmOption['op_name'];
// Choose the correct language
$rmOptionName = str_replace("'", '\'', $rmOptionName);
$rmOptionName = str_replace('"', '\\"', $rmOptionName);
echo "{ \r\n\t\t\t\t\t\t\t\t\"name\" : \"{$rmOptionName}\",\r\n\t\t\t\t\t\t\t\t\"id\" : \"{$rmOption[op_id]}\" ,\r\n\t\t\t\t\t\t\t\t\"price\" : {$rmOption[price]},\r\n\t\t\t\t\t\t\t\t\"credits\" : {$rmOption[credits]}, \r\n\t\t\t\t\t\t\t\t\"priceMod\" : \"{$rmOption[price_mod]}\" \r\n\t\t\t\t\t\t\t}";
if ($record < $rmOptionsRows) {
echo ",";
}
$record++;
}
echo " ]";
// ,\"state\" : \"closed\"
echo "}";
} else {
echo "{ \"rmGroup\" : 0 }\r\n\t\t\t\t";
}
break;
case 'getRMTotals':
$creditsEnc = k_encrypt($credits);
$priceEnc = k_encrypt($price);
//$displayPrice = $cleanCurrency->currency_display($price,1);
if ($_SESSION['tax']['tax_inc']) {
$tax = round($price * ($_SESSION['tax']['tax_a_digital'] / 100), 2) + round($price * ($_SESSION['tax']['tax_b_digital'] / 100), 2) + round($price * ($_SESSION['tax']['tax_c_digital'] / 100), 2);
$price += $tax;
}
$displayPrice = $cleanCurrency->currency_display(doExchangeRate($price, '', $config['settings']['cur_decimal_places']), 1);
echo "{\r\n\t\t\t\t\t\"price\" : {\"display\" : \"{$displayPrice}\", \"priceEnc\" : \"{$priceEnc}\"}, \r\n\t\t\t\t\t\"creditsEnc\" : \"{$creditsEnc}\", \r\n\t\t\t\t\t\"c\" : \"c\"\r\n\t\t\t\t}";
break;
}
mysqli_query($db, "UPDATE {$dbinfo[pre]}orders SET member_id = '0' WHERE uorder_id = '{$_SESSION[uniqueOrderID]}'");
// Set cart back to guest
memberSessionDestroy();
// Destroy the members session
unset($_SESSION['shippingAddressSession']);
// Unset any previous shipping address info
unset($_SESSION['billingAddressSession']);
// Unset any previous billing address info
$_SESSION['loggedIn'] = 0;
$logNotice = 'loggedOutMessage';
}
/*
* Check login details for login
*/
if ($_POST) {
$loginPassword = k_encrypt($memberPassword);
// Encrypt password
$loginResult = mysqli_query($db, "\r\n\t\t\tSELECT *\r\n\t\t\tFROM {$dbinfo[pre]}members\r\n\t\t\tWHERE email = '{$memberEmail}' \r\n\t\t\tAND password = '******'\r\n\t\t\tLIMIT 1\r\n\t\t");
// Pull basic login info from the db
$loginRows = mysqli_num_rows($loginResult);
// Rows from query
if ($loginRows) {
try {
$loginMember = mysqli_fetch_array($loginResult);
if ($loginMember['status'] == 1) {
$loggedOutUMEMID = $_SESSION['member']['umem_id'];
// Before overwriting this grab the umem_id from the session before the member logged in
unset($_SESSION['member']);
$memberSess = new memberTools($loginMember['mem_id']);
save_activity($loginMember['mem_id'], $mgrlang['pubLogin'], 0, "<strong>{$mgrlang[pubLoggedIn]} ({$_SERVER['REMOTE_ADDR']})</strong>");
// Make entry in the activity log db
$discountItems[$keyArray[0] . '-' . $keyArray[1]]['discount'] = $discountRange['discount_percent'];
}
}
while ($cartItem = mysqli_fetch_assoc($cartItemsResult)) {
if ($cartItem['item_type'] == 'package') {
$cartItem['package_media_remaining'] = $cartItem['package_media_needed'] - $cartItem['package_media_filled'];
if ($cartItem['package_media_remaining'] > 0) {
$packageMediaFilledPercentage = $cartItem['package_media_filled'] / $cartItem['package_media_needed'];
$cartItem['package_media_percentage'] = round(100 * $packageMediaFilledPercentage);
} else {
$packageMediaFilledPercentage = 0;
$cartItem['package_media_percentage'] = 100;
}
}
$cartItemsArray[$cartItem['oi_id']] = $cartItem;
$cartItemsArray[$cartItem['oi_id']]['encryptedID'] = k_encrypt($cartItem['oi_id']);
$physicalItemTypeArray = array('print', 'product', 'package');
// Item types that are physical product and may need to be treated differently - such as shipping added
if (in_array($cartItem['item_type'], $physicalItemTypeArray)) {
if ($config['settings']['skip_shipping'] and $cartItem['paytype'] == 'cred') {
// The skip shipping when using credits setting is on
} else {
$cartTotals['shippingRequired'] = true;
// This is a physical item - shipping will be required
$cartItemsArray[$cartItem['oi_id']]['shippingRequired'] = true;
// Add it at the item level just in case it is needed in the future
}
}
$discountForThisItem = '';
switch ($cartItem['item_type']) {
case "print":
mysqli_query($db, "\r\n\t\t\t\t\t\t\tUPDATE {$dbinfo[pre]}media_samples SET \r\n\t\t\t\t\t\t\tsample_filename='{$sampleImageName}',\r\n\t\t\t\t\t\t\tsample_width='{$sampleSize[0]}',\r\n\t\t\t\t\t\t\tsample_height='{$sampleSize[1]}',\r\n\t\t\t\t\t\t\tsample_filesize='{$sampleFilesize}'\r\n\t\t\t\t\t\t\tWHERE media_id = '{$mediaID}'\r\n\t\t\t\t\t\t\t");
} else {
// No sample - upload and create
# INSERT SAMPLE INFO INTO THE DATABASE
$sql = "INSERT INTO {$dbinfo[pre]}media_samples (\r\n\t\t\t\t\t\t\t\tmedia_id,\r\n\t\t\t\t\t\t\t\tsample_filename,\r\n\t\t\t\t\t\t\t\tsample_width,\r\n\t\t\t\t\t\t\t\tsample_height,\r\n\t\t\t\t\t\t\t\tsample_filesize\r\n\t\t\t\t\t\t\t\t) VALUES (\r\n\t\t\t\t\t\t\t\t'{$mediaID}',\r\n\t\t\t\t\t\t\t\t'{$sampleImageName}',\r\n\t\t\t\t\t\t\t\t'{$sampleSize[0]}',\r\n\t\t\t\t\t\t\t\t'{$sampleSize[1]}',\r\n\t\t\t\t\t\t\t\t'{$sampleFilesize}'\r\n\t\t\t\t\t\t\t\t)";
$result = mysqli_query($db, $sql);
$thumbSaveID = mysqli_insert_id($db);
}
}
// Remove mgr caches
if ($cacheA = glob("./assets/cache/id{$mediaID}-*")) {
foreach ($cacheA as $filename) {
@unlink($filename);
}
}
$encCacheID = k_encrypt($mediaID);
if ($cacheB = glob("./assets/cache/id{$encCacheID}-*")) {
foreach ($cacheB as $filename) {
@unlink($filename);
}
}
break;
case "uploadVideoPreview":
/*
* Security check
*/
$checkToken = md5($config['settings']['serial_number'] . $_POST['securityTimestamp']);
if ($checkToken != $_POST['securityToken']) {
exit;
}
$approvalStatus = $_SESSION['member']['membershipDetails']['approval'] ? 1 : 0;
// Member ID
$downloadTypeID = k_encrypt($orderInfo['order_id']);
// Download Type ID / Order ID
} else {
$downloadProfileID = 0;
// Size ID
$downloadMediaID = $key;
// Media ID
$downloadInvoiceItemID = $downloadKey['invoiceItemID'];
// Invoice Item ID
$downloadMemberID = $orderInfo['member_id'];
// Member ID
$downloadTypeID = $orderInfo['order_id'];
// Download Type ID / Order ID
}
$mediaArray[$key]['downloadKey'] = k_encrypt("mediaID={$downloadMediaID}&profileID={$downloadProfileID}&downloadType=order&downloadTypeID={$downloadTypeID}&invoiceItemID={$downloadInvoiceItemID}&memberID={$downloadMemberID}&deliveryMethod=3&collectionDownload=1");
//k_encrypt
$mediaArray[$key]['downloadableStatus'] = $downloadableStatus;
}
$smarty->assign('thumbMediaDetails', $thumbMediaDetailsArray);
$smarty->assign('mediaRows', $returnRows);
$smarty->assign('mediaArray', $mediaArray);
}
//print_k($mediaArray);
$smarty->display('collection.download.list.tpl');
} else {
// No collection with this id
}
} else {
echo "No Order Found";
}
die("Need an unencrypted media ID");
}
$mediaResult = mysqli_query($db, "SELECT * FROM {$dbinfo[pre]}media WHERE media_id = '{$_GET[id]}'");
// Select the media info
$mediaRows = mysqli_num_rows($mediaResult);
if ($mediaRows) {
$media = mysqli_fetch_assoc($mediaResult);
$mediaInfo = new mediaTools($media['media_id']);
$folderInfo = $mediaInfo->getFolderInfoFromDB($media['folder_id']);
$folderName = $mediaInfo->getFolderName();
$thumbInfo = $mediaInfo->getThumbInfoFromDB($media['media_id']);
$path = BASE_PATH . "/assets/library/{$folderName}/thumbs/{$thumbInfo[thumb_filename]}";
// xxxxxx No encryption detection
$colors = $colorPalette->Get_Color($path, $config['cpResults'], $config['cpReduceBrightness'], $config['cpReduceGradients'], $config['cpDelta']);
$encMediaID = k_encrypt($media['media_id']);
$encFolderID = k_encrypt($media['folder_id']);
} else {
die("Media ID not found");
}
} catch (Exception $e) {
echo $e->getMessage();
}
/*
function colorPalette($imageFile, $numColors, $granularity = 5)
{
$granularity = max(1, abs((int)$granularity));
$colors = array();
$size = @getimagesize($imageFile);
if($size === false)
{
user_error("Unable to get image size data");
$subsArray[$subscription['msub_id']]['available'] = false;
}
$downloadsUsed = 0;
// Reset downloads used
if ($config['EncryptIDs']) {
// Decrypt IDs
$downloadSubID = k_encrypt($subscription['msub_id']);
} else {
$downloadSubID = $subscription['msub_id'];
}
$downloadVariableString = "mediaID={$downloadMediaID}&profileID={$downloadProfileID}&downloadType=sub&downloadTypeID={$downloadSubID}&deliveryMethod={$deliveryMethod}";
if ($externalLink == 1) {
$downloadVariableString .= "&externalLink=" . k_encrypt($filecheck['path']);
}
// Add the external link
$subsArray[$subscription['msub_id']]['downloadKey'] = k_encrypt($downloadVariableString);
// xxxxxxxx Get the correct subscription name based on the language file
$subsArray[$subscription['msub_id']]['expireDate'] = $customDate->showdate($subscription['expires'], 0);
$subsArray[$subscription['msub_id']]['downitems'] = $downitems;
// Find the items that this subscription has access to download
$subRows++;
}
}
}
$smarty->assign('subsAvailable', $subsAvailable);
$smarty->assign('subsArray', $subsArray);
$smarty->assign('subRows', $subRows);
// Find previous downloads of this file
$downloadsResult = mysqli_query($db, "\r\n\t\t\t\t\tSELECT * \r\n\t\t\t\t\tFROM {$dbinfo[pre]}downloads \r\n\t\t\t\t\tWHERE mem_id = '{$_SESSION[member][mem_id]}' \r\n\t\t\t\t\tAND asset_id = '{$mediaID}' \r\n\t\t\t\t\tAND dsp_id = '{$id}'\r\n\t\t\t\t\t");
if ($returnRows = mysqli_num_rows($downloadsResult)) {
while ($download = mysqli_fetch_array($downloadsResult)) {
$useID = $id;
// Original ID before any conversion
$id = $_REQUEST['id'];
try {
if ($config['EncryptIDs']) {
// Decrypt IDs
$id = k_decrypt($id);
}
idCheck($id);
// Make sure ID is numeric
$currentGallery = $_SESSION['galleriesData'][$id];
$crumbs = galleryCrumbs($id);
// Get the crumb trail
//print_r($crumbs);
if ($_POST) {
if (k_encrypt($galleryPassword) == $currentGallery['password']) {
$_SESSION['member']['memberPermGalleries'][] = $id;
// Add this ID to the permission string
header("location: gallery.php?mode=gallery&id={$useID}&page=1");
// Redirect back to the galleries page
exit;
} else {
$logNotice = 'galleryWrongPass';
// The session assign/login failed
}
}
$smarty->assign('crumbs', $crumbs);
// Assign crumbs to smarty
$smarty->assign('logNotice', $logNotice);
// Assign login notice message to smarty
$smarty->assign('currentGallery', $currentGallery);