?>
</td>
                <td class="dataTableHeadingContent" align="right"><?php 
echo TABLE_HEADING_ACTION;
?>
&nbsp;</td>
              </tr>
<?php 
$blacklist_query_raw = "select blacklist_id, blacklist_card_number, date_added, last_modified from " . TABLE_BLACKLIST . " order by blacklist_id";
$blacklist_split = new splitPageResults($_GET['page'], MAX_DISPLAY_SEARCH_RESULTS, $blacklist_query_raw, $blacklist_query_numrows);
$blacklist_query = olc_db_query($blacklist_query_raw);
while ($blacklist = olc_db_fetch_array($blacklist_query)) {
    if ((!$_GET['bID'] || @$_GET['bID'] == $blacklist['blacklist_id']) && !$bInfo && substr($_GET['action'], 0, 3) != 'new') {
        $blacklist_numbers_query = olc_db_query("select count(*) as blacklist_count from " . TABLE_BLACKLIST . " where blacklist_id = '" . $blacklist['blacklist_id'] . APOS);
        $blacklist_numbers = olc_db_fetch_array($blacklist_numbers_query);
        $bInfo_array = olc_array_merge($blacklist, $blacklist_numbers);
        $bInfo = new objectInfo($bInfo_array);
    }
    if (is_object($bInfo) && $blacklist['blacklist_id'] == $bInfo->blacklist_id) {
        echo '              <tr class="dataTableRowSelected" onmouseover="this.style.cursor=\'hand\'" onclick="javascript:' . olc_onclick_link(FILENAME_BLACKLIST, 'page=' . $_GET['page'] . '&bID=' . $blacklist['blacklist_id'] . '&action=edit') . '">' . NEW_LINE;
    } else {
        echo '              <tr class="dataTableRow" onmouseover="this.className=\'dataTableRowOver\';this.style.cursor=\'hand\'" onmouseout="this.className=\'dataTableRow\'" onclick="javascript:' . olc_onclick_link(FILENAME_BLACKLIST, 'page=' . $_GET['page'] . '&bID=' . $blacklist['blacklist_id']) . '">' . NEW_LINE;
    }
    ?>
                <td class="dataTableContent"><?php 
    echo $blacklist['blacklist_card_number'];
    ?>
</td>
                <td class="dataTableContent" align="right"><?php 
    if (is_object($bInfo) && $blacklist['blacklist_id'] == $bInfo->blacklist_id) {
        echo olc_image(DIR_WS_IMAGES . 'icon_arrow_right.gif');
         $customers_status_payment_unallowed = $_POST['customers_status_payment_unallowed'];
         $customers_status_shipping_unallowed = $_POST['customers_status_shipping_unallowed'];
         $customers_fsk18 = $_POST['customers_fsk18'];
         $customers_fsk18_display = $_POST['customers_fsk18_display'];
         $language_id = $languages[$i]['id'];
         $sql_data_array = array('customers_status_name' => olc_db_prepare_input($customers_status_name_array[$language_id]), 'customers_status_public' => olc_db_prepare_input($customers_status_public), 'customers_status_show_price' => olc_db_prepare_input($customers_status_show_price), 'customers_status_show_price_tax' => olc_db_prepare_input($customers_status_show_price_tax), 'customers_status_discount' => olc_db_prepare_input($customers_status_discount), 'customers_status_ot_discount_flag' => olc_db_prepare_input($customers_status_ot_discount_flag), 'customers_status_ot_discount' => olc_db_prepare_input($customers_status_ot_discount), 'customers_status_graduated_prices' => olc_db_prepare_input($customers_status_graduated_prices), 'customers_status_add_tax_ot' => olc_db_prepare_input($customers_status_add_tax_ot), 'customers_status_payment_unallowed' => olc_db_prepare_input($customers_status_payment_unallowed), 'customers_status_shipping_unallowed' => olc_db_prepare_input($customers_status_shipping_unallowed), 'customers_fsk18' => olc_db_prepare_input($customers_fsk18), 'customers_fsk18_display' => olc_db_prepare_input($customers_fsk18_display), 'customers_status_discount_attributes' => olc_db_prepare_input($customers_status_discount_attributes));
         if ($_GET['action'] == 'insert') {
             if (!olc_not_null($customers_status_id)) {
                 $next_id_query = olc_db_query("select max(customers_status_id) as customers_status_id from " . TABLE_CUSTOMERS_STATUS);
                 $next_id = olc_db_fetch_array($next_id_query);
                 $customers_status_id = $next_id['customers_status_id'] + 1;
                 // We want to create a personal offer table corresponding to each customers_status
                 olc_db_query("create table " . TABLE_PERSONAL_OFFERS_BY_CUSTOMERS_STATUS . $customers_status_id . " (price_id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, products_id int NOT NULL, quantity int,\n            \tpersonal_offer decimal(15,4))");
             }
             $insert_sql_data = array('customers_status_id' => olc_db_prepare_input($customers_status_id), 'language_id' => olc_db_prepare_input($language_id));
             $sql_data_array = olc_array_merge($sql_data_array, $insert_sql_data);
             olc_db_perform(TABLE_CUSTOMERS_STATUS, $sql_data_array);
         } elseif ($_GET['action'] == 'save') {
             olc_db_perform(TABLE_CUSTOMERS_STATUS, $sql_data_array, 'update', "customers_status_id = '" . olc_db_input($customers_status_id) . "' and language_id = '" . $language_id . APOS);
         }
     }
     if ($customers_status_image = new upload('customers_status_image', DIR_WS_ICONS)) {
         olc_db_query(SQL_UPDATE . TABLE_CUSTOMERS_STATUS . " set customers_status_image = '" . $customers_status_image->filename . "' where customers_status_id = '" . olc_db_input($customers_status_id) . APOS);
     }
     if ($_POST['default'] == 'on') {
         olc_db_query(SQL_UPDATE . TABLE_CONFIGURATION . " set configuration_value = '" . olc_db_input($customers_status_id) . "' where configuration_key = 'DEFAULT_CUSTOMERS_STATUS_ID'");
     }
     olc_redirect(olc_href_link(FILENAME_CUSTOMERS_STATUS, 'page=' . $_GET['page'] . '&cID=' . $customers_status_id));
     break;
 case 'deleteconfirm':
     $cID = olc_db_prepare_input($_GET['cID']);
<?php 
    $reviews_query_raw = "select reviews_id, products_id, date_added, last_modified, reviews_rating from " . TABLE_REVIEWS . " order by date_added DESC";
    $reviews_split = new splitPageResults($_GET['page'], MAX_DISPLAY_SEARCH_RESULTS, $reviews_query_raw, $reviews_query_numrows);
    $reviews_query = olc_db_query($reviews_query_raw);
    while ($reviews = olc_db_fetch_array($reviews_query)) {
        if ((!$_GET['rID'] || $_GET['rID'] == $reviews['reviews_id']) && !$rInfo) {
            $reviews_text_query = olc_db_query("select r.reviews_read, r.customers_name, length(rd.reviews_text) as reviews_text_size from " . TABLE_REVIEWS . " r, " . TABLE_REVIEWS_DESCRIPTION . " rd where r.reviews_id = '" . $reviews['reviews_id'] . "' and r.reviews_id = rd.reviews_id");
            $reviews_text = olc_db_fetch_array($reviews_text_query);
            $products_image_query = olc_db_query("select products_image from " . TABLE_PRODUCTS . " where products_id = '" . $reviews['products_id'] . APOS);
            $products_image = olc_db_fetch_array($products_image_query);
            $products_name_query = olc_db_query("select products_name from " . TABLE_PRODUCTS_DESCRIPTION . " where products_id = '" . $reviews['products_id'] . "' and language_id = '" . SESSION_LANGUAGE_ID . APOS);
            $products_name = olc_db_fetch_array($products_name_query);
            $reviews_average_query = olc_db_query("select (avg(reviews_rating) / 5 * 100) as average_rating from " . TABLE_REVIEWS . " where products_id = '" . $reviews['products_id'] . APOS);
            $reviews_average = olc_db_fetch_array($reviews_average_query);
            $review_info = olc_array_merge($reviews_text, $reviews_average, $products_name);
            $rInfo_array = olc_array_merge($reviews, $review_info, $products_image);
            $rInfo = new objectInfo($rInfo_array);
        }
        if (is_object($rInfo) && $reviews['reviews_id'] == $rInfo->reviews_id) {
            echo '              <tr class="dataTableRowSelected" onmouseover="this.style.cursor=\'hand\'" onclick="javascript:' . olc_onclick_link(FILENAME_REVIEWS, 'page=' . $_GET['page'] . '&rID=' . $rInfo->reviews_id . '&action=preview') . '">' . NEW_LINE;
        } else {
            echo '              <tr class="dataTableRow" onmouseover="this.className=\'dataTableRowOver\';this.style.cursor=\'hand\'" onmouseout="this.className=\'dataTableRow\'" onclick="javascript:' . olc_onclick_link(FILENAME_REVIEWS, 'page=' . $_GET['page'] . '&rID=' . $reviews['reviews_id']) . '">' . NEW_LINE;
        }
        ?>
                <td class="dataTableContent"><?php 
        echo HTML_A_START . olc_href_link(FILENAME_REVIEWS, 'page=' . $_GET['page'] . '&rID=' . $reviews['reviews_id'] . '&action=preview') . '">' . olc_image(DIR_WS_ICONS . 'preview.gif', ICON_PREVIEW) . '</a>&nbsp;' . olc_get_products_name($reviews['products_id']);
        ?>
</td>
                <td class="dataTableContent" align="right"><?php 
        echo olc_image(DIR_WS_CATALOG_IMAGES . 'stars_' . $reviews['reviews_rating'] . '.gif');
        ?>
    ?>
</td>
	<td class="dataTableHeadingContent" align="right"><?php 
    echo TABLE_HEADING_ACTION;
    ?>
&nbsp;</td>
	</tr>
	<?php 
    $banners_query_raw = "select banners_id, banners_title, banners_image, banners_group, status, expires_date, expires_impressions, date_status_change, date_scheduled, date_added from " . TABLE_BANNERS . " order by banners_title, banners_group";
    $banners_split = new splitPageResults($page, MAX_DISPLAY_SEARCH_RESULTS, $banners_query_raw, $banners_query_numrows);
    $banners_query = olc_db_query($banners_query_raw);
    while ($banners = olc_db_fetch_array($banners_query)) {
        $info_query = olc_db_query("select sum(banners_shown) as banners_shown, sum(banners_clicked) as banners_clicked from " . TABLE_BANNERS_HISTORY . " where banners_id = '" . $banners['banners_id'] . APOS);
        $info = olc_db_fetch_array($info_query);
        if ((!$bID || $bID == $banners['banners_id']) && !$bInfo && substr($action, 0, 3) != 'new') {
            $bInfo_array = olc_array_merge($banners, $info);
            $bInfo = new objectInfo($bInfo_array);
        }
        $banners_shown = $info['banners_shown'] != EMPTY_STRING ? $info['banners_shown'] : '0';
        $banners_clicked = $info['banners_clicked'] != EMPTY_STRING ? $info['banners_clicked'] : '0';
        if (is_object($bInfo) && $banners['banners_id'] == $bInfo->banners_id) {
            echo '              <tr class="dataTableRowSelected" onmouseover="this.style.cursor=\'hand\'" onclick="javascript:' . olc_onclick_link(FILENAME_BANNER_STATISTICS, $page_parameter . '&bID=' . $bInfo->banners_id) . '">' . NEW_LINE;
        } else {
            echo '              <tr class="dataTableRow" onmouseover="this.className=\'dataTableRowOver\';this.style.cursor=\'hand\'" onmouseout="this.className=\'dataTableRow\'" onclick="javascript:' . olc_onclick_link(FILENAME_BANNER_MANAGER, $page_parameter . '&bID=' . $banners['banners_id']) . '">' . NEW_LINE;
        }
        ?>
		<td class="dataTableContent"><?php 
        echo '<a href="javascript:popupImageWindow(\'' . FILENAME_POPUP_IMAGE . '?banner=' . $banners['banners_id'] . '\')">' . olc_image(DIR_WS_IMAGES . 'icon_popup.gif', 'View Banner') . '</a>&nbsp;' . $banners['banners_title'];
        ?>
</td>
		<td class="dataTableContent" align="right"><?php 
                <td class="dataTableHeadingContent" align="right"><?php 
echo TABLE_HEADING_ACTION;
?>
&nbsp;</td>
              </tr>
<?php 
$manufacturers_query_raw = "select manufacturers_id, manufacturers_name, manufacturers_image, date_added, last_modified from " . TABLE_MANUFACTURERS . " order by manufacturers_name";
$manufacturers_split = new splitPageResults($page, MAX_DISPLAY_SEARCH_RESULTS, $manufacturers_query_raw, $manufacturers_query_numrows);
$manufacturers_query = olc_db_query($manufacturers_query_raw);
$not_is_new = substr($action, 0, 3) != 'new';
while ($manufacturers = olc_db_fetch_array($manufacturers_query)) {
    $manufacturers_id = $manufacturers['manufacturers_id'];
    if ((!$mID || $mID == $manufacturers_id) && !$mInfo && $not_is_new) {
        $manufacturer_products_query = olc_db_query("select count(*) as products_count from " . TABLE_PRODUCTS . " where manufacturers_id = '" . $manufacturers_id . APOS);
        $manufacturer_products = olc_db_fetch_array($manufacturer_products_query);
        $mInfo_array = olc_array_merge($manufacturers, $manufacturer_products);
        $mInfo = new objectInfo($mInfo_array);
    }
    if (is_object($mInfo) && $manufacturers_id == $mInfo->manufacturers_id) {
        echo '              <tr class="dataTableRowSelected" onmouseover="this.style.cursor=\'hand\'" onclick="javascript:' . olc_onclick_link(FILENAME_MANUFACTURERS, $page_parameter . '&mID=' . $manufacturers_id . '&action=edit') . '">' . NEW_LINE;
    } else {
        echo '              <tr class="dataTableRow" onmouseover="this.className=\'dataTableRowOver\';this.style.cursor=\'hand\'" onmouseout="this.className=\'dataTableRow\'" onclick="javascript:' . olc_onclick_link(FILENAME_MANUFACTURERS, $page_parameter . '&mID=' . $manufacturers_id) . '">' . NEW_LINE;
    }
    ?>
                <td class="dataTableContent"><?php 
    echo $manufacturers['manufacturers_name'];
    ?>
</td>
                <td class="dataTableContent" align="right"><?php 
    if (is_object($mInfo) && $manufacturers_id == $mInfo->manufacturers_id) {
        echo olc_image(DIR_WS_IMAGES . 'icon_arrow_right.gif');
}
if ($_GET['action'] == "product_option_delete") {
    olc_db_query(DELETE_FROM . TABLE_ORDERS_PRODUCTS_ATTRIBUTES . " where orders_id = '" . olc_db_input($_POST['oID']) . "' and orders_products_attributes_id = '" . olc_db_input($_POST['opAID']) . APOS);
    $products_query = olc_db_query("select products_id, products_price, products_tax_class_id from " . TABLE_PRODUCTS . " where products_id = '" . $_POST['pID'] . APOS);
    $products = olc_db_fetch_array($products_query);
    $products_a_query = olc_db_query("select options_values_price, price_prefix from " . TABLE_ORDERS_PRODUCTS_ATTRIBUTES . " where orders_id = '" . $_POST['oID'] . "' and orders_products_id = '" . $_POST['opID'] . APOS);
    while ($products_a = olc_db_fetch_array($products_a_query)) {
        $total_price += $products_a['price_prefix'] . $products_a['options_values_price'];
    }
    $sa_price = olc_oe_get_products_attribute_price($total_price, $products['products_tax_class_id'], $price_special = '0', 1, $_POST['prefix'], $calculate_currencies = TRUE_STRING_S, $customers_status);
    $sp_price = olc_oe_products_price($_POST['pID'], $price_special = '0', 1, $customers_status);
    $inp_price = $sa_price + $sp_price;
    $final_price = $inp_price * $_POST['qTY'];
    $sql_data_array = array('products_price' => olc_db_prepare_input($inp_price));
    $update_sql_data = array('final_price' => olc_db_prepare_input($final_price));
    $sql_data_array = olc_array_merge($sql_data_array, $update_sql_data);
    olc_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array, 'update', 'orders_products_id = \'' . olc_db_input($_POST['opID']) . '\'');
    olc_redirect(olc_href_link(FILENAME_ORDERS_EDIT, 'edit_action=products&cID=' . $_POST['cID'] . '&oID=' . $_POST['oID']));
}
if ($_GET['action'] == "shipping_del") {
    olc_db_query(DELETE_FROM . TABLE_ORDERS_TOTAL . " where orders_total_id = '" . olc_db_input($_POST['otID']) . APOS);
    olc_redirect(olc_href_link(FILENAME_ORDERS_EDIT, 'edit_action=shipping&cID=' . $_POST['cID'] . '&oID=' . $_POST['oID']));
}
if ($_GET['action'] == "cod_del") {
    olc_db_query(DELETE_FROM . TABLE_ORDERS_TOTAL . " where orders_total_id = '" . olc_db_input($_POST['otID']) . APOS);
    olc_redirect(olc_href_link(FILENAME_ORDERS_EDIT, 'edit_action=shipping&cID=' . $_POST['cID'] . '&oID=' . $_POST['oID']));
}
// Löschfunktionen Ende
require DIR_WS_INCLUDES . 'header.php';
?>
<table border="0" width="100%" cellspacing="2" cellpadding="2">
     //  echo $status;
     $search = " where c.customers_status = '" . $status . APOS;
 }
 $customers_query_raw = SELECT . "c.account_type,c.customers_id, c.customers_lastname, c.customers_firstname, c.customers_email_address, a.entry_country_id, c.customers_status, c.member_flag from " . TABLE_CUSTOMERS . " c left join " . TABLE_ADDRESS_BOOK . " a on c.customers_id = a.customers_id and c.customers_default_address_id = a.address_book_id " . $search . " order by c.customers_lastname, c.customers_firstname";
 $customers_split = new splitPageResults($_GET['page'], MAX_DISPLAY_SEARCH_RESULTS, $customers_query_raw, $customers_query_numrows);
 $customers_query = olc_db_query($customers_query_raw);
 while ($customers = olc_db_fetch_array($customers_query)) {
     $info_query = olc_db_query(SELECT . "customers_info_date_account_created as date_account_created, customers_info_date_account_last_modified as date_account_last_modified, customers_info_date_of_last_logon as date_last_logon, customers_info_number_of_logons as number_of_logons from " . TABLE_CUSTOMERS_INFO . " where customers_info_id = '" . $customers['customers_id'] . APOS);
     $info = olc_db_fetch_array($info_query);
     if ((!$cId || @$cId == $customers['customers_id']) && !$cInfo) {
         $country_query = olc_db_query(SELECT . "countries_name from " . TABLE_COUNTRIES . " where countries_id = '" . $customers['entry_country_id'] . APOS);
         $country = olc_db_fetch_array($country_query);
         $reviews_query = olc_db_query(SELECT . "count(*) as number_of_reviews from " . TABLE_REVIEWS . " where customers_id = '" . $customers['customers_id'] . APOS);
         $reviews = olc_db_fetch_array($reviews_query);
         $customer_info = olc_array_merge($country, $info, $reviews);
         $cInfo_array = olc_array_merge($customers, $customer_info);
         $cInfo = new objectInfo($cInfo_array);
     }
     $tr_classname = 'dataTableRow';
     $td_classname = 'dataTableContent';
     if (is_object($cInfo) && $customers['customers_id'] == $cInfo->customers_id) {
         $params = $cInfo->customers_id . '&action=edit';
         $tr_classname .= 'Selected';
         $td_classname .= 'Selected';
         $linktext = olc_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', EMPTY_STRING);
     } else {
         $params = $customers['customers_id'];
         $linktext = HTML_A_START . olc_href_link(FILENAME_CUSTOMERS, olc_get_all_get_params(array('cID')) . 'cID=' . $customers['customers_id']) . '">' . olc_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . HTML_A_END;
     }
     $display_text = '<tr class="' . $tr_classname . '" onmouseover="this.style.cursor=\'hand\'" onclick="javascript:' . olc_onclick_link(FILENAME_CUSTOMERS, olc_get_all_get_params(array('cID', 'action')) . 'cID=' . $params) . '">' . NEW_LINE;
     $COL_START = '<td class="' . $td_classname . '">';
}
$products_query = "select\n   p.products_tax_class_id,\n   p.products_id,\n   p.products_sort,\n   pd.products_name,\n   p.products_quantity,\n   p.products_image,\n   p.products_price,\n   p.products_discount_allowed,\n   p.products_date_added,\n   p.products_last_modified,\n   p.products_date_available,\n   p.products_status,\n   p2c.categories_id\n   from " . TABLE_PRODUCTS . " p, " . TABLE_PRODUCTS_DESCRIPTION . " pd, " . TABLE_PRODUCTS_TO_CATEGORIES . " p2c\n   where\n   p.products_id = pd.products_id and\n   pd.language_id = " . SESSION_LANGUAGE_ID . " and\n   p.products_id = p2c.products_id\n\t and " . $products_query . "\n   order by pd.products_name";
//order by p.products_sort";
$products_query = olc_db_query($products_query);
while ($products = olc_db_fetch_array($products_query)) {
    $products_count++;
    $rows++;
    // Get categories_id for product if search
    if ($search) {
        $cPath = $products['categories_id'];
    }
    if ((!$pID && !$cID || @$pID == $products['products_id']) && !$pInfo && !$cInfo && $not_is_new) {
        // find out the rating average from customer reviews
        $reviews_query = olc_db_query("select (avg(reviews_rating) / 5 * 100) as average_rating from " . TABLE_REVIEWS . " where products_id = " . $products['products_id']);
        $reviews = olc_db_fetch_array($reviews_query);
        $pInfo_array = olc_array_merge($products, $reviews);
        $pInfo = new objectInfo($pInfo_array);
    }
    $is_selected = is_object($pInfo) && $products['products_id'] == $pInfo->products_id;
    $params = 'cPath=' . $cPath . '&pID=' . $products['products_id'];
    if ($is_selected) {
        $selected = 'Selected';
        //echo '              <tr class="dataTableRowSelected" onmouseover="this.style.cursor=\'hand\'" >' . NEW_LINE;
        echo '
              <tr class="dataTableRowSelected" onmouseover="this.style.cursor=\'hand\'" onclick="javascript:' . olc_onclick_link(FILENAME_CATEGORIES, $params . '&action=new_product') . '">' . NEW_LINE;
    } else {
        $selected = EMPTY_STRING;
        echo '
              <tr class="dataTableRow"
              	onmouseover="this.className=\'dataTableRowOver\';this.style.cursor=\'hand\'"
								onmouseout="this.className=\'dataTableRow\'" >' . NEW_LINE;
    echo olc_draw_form('orders', FILENAME_ORDERS, EMPTY_STRING, 'get');
    ?>
	                <?php 
    echo HEADING_TITLE_SEARCH . BLANK . olc_draw_input_field('oID', EMPTY_STRING, 'size="12"') . olc_draw_hidden_field('action', 'edit') . olc_draw_hidden_field(olc_session_name(), olc_session_id());
    ?>
	              </form>
							</td>
					  </tr>
					  <tr>
					    <td class="main" valign="top">OLC Bestellungen</td>
					    <td class="main" valign="top" align="right">
					    	<?php 
    echo olc_draw_form('status', FILENAME_ORDERS, EMPTY_STRING, 'get');
    ?>
							    <?php 
    echo HEADING_TITLE_STATUS . BLANK . olc_draw_pull_down_menu('status', olc_array_merge(array(array('id' => EMPTY_STRING, 'text' => TEXT_ALL_ORDERS)), $orders_statuses), EMPTY_STRING, 'onchange="this.form.submit();"') . olc_draw_hidden_field(olc_session_name(), olc_session_id());
    ?>
					      </form>
					     </td>
					  </tr>
					</table>
        </td>
      </tr>
      <tr>
        <td>
	        <table border="0" width="100%" cellspacing="0" cellpadding="0">
	          <tr>
	            <td valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
	              <tr class="dataTableHeadingRow">
	                <td class="dataTableHeadingContent"><?php 
    echo TABLE_HEADING_CUSTOMERS;
    ?>
</td>
                <td class="dataTableHeadingContent" align="right"><?php 
    echo TABLE_HEADING_ACTION;
    ?>
&nbsp;</td>
              </tr>
<?php 
    $specials_query_raw = "select p.products_id, pd.products_name, p.products_price, s.specials_id, s.specials_new_products_price, s.specials_date_added, s.specials_last_modified, s.expires_date, s.date_status_change, s.status from " . TABLE_PRODUCTS . " p, " . TABLE_SPECIALS . " s, " . TABLE_PRODUCTS_DESCRIPTION . " pd where p.products_id = pd.products_id and pd.language_id = '" . SESSION_LANGUAGE_ID . "' and p.products_id = s.products_id order by pd.products_name";
    $specials_split = new splitPageResults($page, MAX_DISPLAY_SEARCH_RESULTS, $specials_query_raw, $specials_query_numrows);
    $specials_query = olc_db_query($specials_query_raw);
    while ($specials = olc_db_fetch_array($specials_query)) {
        if ((!$sID || $sID == $specials['specials_id']) && !$sInfo) {
            $products_query = olc_db_query("select products_image from " . TABLE_PRODUCTS . " where products_id = '" . $specials['products_id'] . APOS);
            $products = olc_db_fetch_array($products_query);
            $sInfo_array = olc_array_merge($specials, $products);
            $sInfo = new objectInfo($sInfo_array);
        }
        if (is_object($sInfo) && $specials['specials_id'] == $sInfo->specials_id) {
            echo '                  <tr class="dataTableRowSelected" onmouseover="this.style.cursor=\'hand\'" onclick="javascript:' . olc_onclick_link(FILENAME_SPECIALS, 'page=' . $page . '&sID=' . $sInfo->specials_id . '&action=edit') . '">' . NEW_LINE;
        } else {
            echo '                  <tr class="dataTableRow" onmouseover="this.className=\'dataTableRowOver\';this.style.cursor=\'hand\'" onmouseout="this.className=\'dataTableRow\'" onclick="javascript:' . olc_onclick_link(FILENAME_SPECIALS, 'page=' . $page . '&sID=' . $specials['specials_id']) . '">' . NEW_LINE;
        }
        ?>
                <td  class="dataTableContent"><?php 
        echo $specials['products_name'];
        ?>
</td>
                <td  class="dataTableContent" align="right"><span class="oldPrice">
                <?php 
        echo olc_format_price($specials[$products_price_text], 1, 1);
 function insert_product($products_data, $dest_category_id, $action = 'insert')
 {
     $products_id = olc_db_prepare_input($products_data['products_id']);
     $products_date_available = olc_db_prepare_input($products_data['products_date_available']);
     $products_date_available = date('Y-m-d') < $products_date_available ? $products_date_available : 'null';
     if ($products_data['products_startpage'] == 1) {
         $this->link_product($products_data['products_id'], 0);
         $products_status = 1;
     } else {
         $products_status = olc_db_prepare_input($products_data['products_status']);
     }
     if ($products_data['products_startpage'] == 0) {
         $products_status = olc_db_prepare_input($products_data['products_status']);
     }
     if (PRICE_IS_BRUTTO == TRUE_STRING_S && $products_data['products_price']) {
         $products_data['products_price'] = round($products_data['products_price'] / (olc_get_tax_rate($products_data['products_tax_class_id']) + 100) * 100, PRICE_PRECISION);
     }
     //
     $customers_statuses_array = olc_get_customers_statuses();
     $permission = array();
     for ($i = 0; $n = sizeof($customers_statuses_array), $i < $n; $i++) {
         if (isset($customers_statuses_array[$i]['id'])) {
             $permission[$customers_statuses_array[$i]['id']] = 0;
         }
     }
     if (isset($products_data['groups'])) {
         foreach ($products_data['groups'] as $dummy => $b) {
             $permission[$b] = 1;
         }
     }
     // build array
     if ($permission['all'] == 1) {
         $permission = array();
         end($customers_statuses_array);
         for ($i = 0; $n = key($customers_statuses_array), $i < $n + 1; $i++) {
             if (isset($customers_statuses_array[$i]['id'])) {
                 $permission[$customers_statuses_array[$i]['id']] = 1;
             }
         }
     }
     $permission_array = array();
     // set pointer to last key
     end($customers_statuses_array);
     for ($i = 0; $n = key($customers_statuses_array), $i < $n + 1; $i++) {
         if (isset($customers_statuses_array[$i]['id'])) {
             $permission_array = array_merge($permission_array, array('group_permission_' . $customers_statuses_array[$i]['id'] => $permission[$customers_statuses_array[$i]['id']]));
         }
     }
     //
     $sql_data_array = array('products_quantity' => olc_db_prepare_input($products_data['products_quantity']), 'products_model' => olc_db_prepare_input($products_data['products_model']), 'products_ean' => olc_db_prepare_input($products_data['products_ean']), 'products_price' => olc_db_prepare_input($products_data['products_price']), 'products_sort' => olc_db_prepare_input($products_data['products_sort']), 'products_shippingtime' => olc_db_prepare_input($products_data['shipping_status']), 'products_discount_allowed' => olc_db_prepare_input($products_data['products_discount_allowed']), 'products_date_available' => $products_date_available, 'products_weight' => olc_db_prepare_input($products_data['products_weight']), 'products_status' => $products_status, 'products_startpage' => olc_db_prepare_input($products_data['products_startpage']), 'products_startpage_sort' => olc_db_prepare_input($products_data['products_startpage_sort']), 'products_tax_class_id' => olc_db_prepare_input($products_data['products_tax_class_id']), 'product_template' => olc_db_prepare_input($products_data['info_template']), 'options_template' => olc_db_prepare_input($products_data['options_template']), 'manufacturers_id' => olc_db_prepare_input($products_data['manufacturers_id']), 'products_fsk18' => olc_db_prepare_input($products_data['fsk18']), 'products_vpe_value' => olc_db_prepare_input($products_data['products_vpe_value']), 'products_vpe_status' => olc_db_prepare_input($products_data['products_vpe_status']), 'products_vpe' => olc_db_prepare_input($products_data['products_vpe']), 'products_promotion_status' => olc_db_prepare_input($products_data['products_promotion_status']), 'products_promotion_product_title' => olc_db_prepare_input($products_data['products_promotion_product_title']), 'products_promotion_product_desc' => olc_db_prepare_input($products_data['products_promotion_product_desc']));
     $sql_data_array = array_merge($sql_data_array, $permission_array);
     //get the next ai-value from table products if no products_id is set
     if (!$products_id || $products_id == '') {
         $new_pid_query = olc_db_query("SHOW TABLE STATUS LIKE '" . TABLE_PRODUCTS . "'");
         $new_pid_query_values = olc_db_fetch_array($new_pid_query);
         $products_id = $new_pid_query_values['Auto_increment'];
     }
     //prepare products_image filename
     if ($products_image = olc_try_upload('products_image', DIR_FS_CATALOG_ORIGINAL_IMAGES, '777', '')) {
         $pname_arr = explode('.', $products_image->filename);
         $nsuffix = array_pop($pname_arr);
         $products_image_name = $products_id . '_0.' . $nsuffix;
         $dup_check_query = xtDBquery("SELECT COUNT(*) AS total\n\t\t\t\t\t\t\t\t                                FROM " . TABLE_PRODUCTS . "\n\t\t\t\t\t\t\t\t                               WHERE products_image = '" . $products_data['products_previous_image_0'] . "'");
         $dup_check = olc_db_fetch_array($dup_check_query);
         if ($dup_check['total'] < 2) {
             @olc_del_image_file($products_data['products_previous_image_0']);
         }
         //workaround if there are v2 images mixed with v3
         $dup_check_query = xtDBquery("SELECT COUNT(*) AS total\n\t\t\t\t\t\t\t\t                                FROM " . TABLE_PRODUCTS . "\n\t\t\t\t\t\t\t\t                               WHERE products_image = '" . $products_image->filename . "'");
         $dup_check = olc_db_fetch_array($dup_check_query);
         if ($dup_check['total'] == 0) {
             rename(DIR_FS_CATALOG_ORIGINAL_IMAGES . $products_image->filename, DIR_FS_CATALOG_ORIGINAL_IMAGES . $products_image_name);
         } else {
             copy(DIR_FS_CATALOG_ORIGINAL_IMAGES . $products_image->filename, DIR_FS_CATALOG_ORIGINAL_IMAGES . $products_image_name);
         }
         $sql_data_array['products_image'] = olc_db_prepare_input($products_image_name);
         require DIR_WS_INCLUDES . 'product_thumbnail_images.php';
         require DIR_WS_INCLUDES . 'product_info_images.php';
         require DIR_WS_INCLUDES . 'product_popup_images.php';
     } else {
         $products_image_name = $products_data['products_previous_image_0'];
     }
     //are we asked to delete some pics?
     if ($products_data['del_pic'] != '') {
         $dup_check_query = xtDBquery("SELECT COUNT(*) AS total\n\t\t\t\t\t\t\t\t                                FROM " . TABLE_PRODUCTS . "\n\t\t\t\t\t\t\t\t                               WHERE products_image = '" . $products_data['del_pic'] . "'");
         $dup_check = olc_db_fetch_array($dup_check_query);
         if ($dup_check['total'] < 2) {
             @olc_del_image_file($products_data['del_pic']);
         }
         olc_db_query("SQL_UPDATE " . TABLE_PRODUCTS . "\n\t\t\t\t\t\t\t\t                 SET products_image = ''\n\t\t\t\t\t\t\t\t               WHERE products_id    = '" . olc_db_input($products_id) . "'");
     }
     if ($products_data['del_mo_pic'] != '') {
         foreach ($products_data['del_mo_pic'] as $dummy => $val) {
             $dup_check_query = xtDBquery("SELECT COUNT(*) AS total\n\t\t\t\t\t\t\t\t\t\t\t                                FROM " . TABLE_PRODUCTS_IMAGES . "\n\t\t\t\t\t\t\t\t\t\t\t                               WHERE image_name = '" . $val . "'");
             $dup_check = olc_db_fetch_array($dup_check_query);
             if ($dup_check['total'] < 2) {
                 @olc_del_image_file($val);
             }
             olc_db_query("DELETE FROM " . TABLE_PRODUCTS_IMAGES . "\n\t\t\t\t\t\t\t\t\t\t\t               WHERE products_id = '" . olc_db_input($products_id) . "'\n\t\t\t\t\t\t\t\t\t\t\t                 AND image_name  = '" . $val . "'");
         }
     }
     //MO_PICS
     for ($img = 0; $img < MO_PICS; $img++) {
         if ($pIMG =& olc_try_upload('mo_pics_' . $img, DIR_FS_CATALOG_ORIGINAL_IMAGES, '777', '')) {
             $pname_arr = explode('.', $pIMG->filename);
             $nsuffix = array_pop($pname_arr);
             $products_image_name = $products_id . '_' . ($img + 1) . '.' . $nsuffix;
             $dup_check_query = xtDBquery("SELECT COUNT(*) AS total\n\t\t\t\t\t\t\t\t\t\t\t                                FROM " . TABLE_PRODUCTS_IMAGES . "\n\t\t\t\t\t\t\t\t\t\t\t                               WHERE image_name = '" . $products_data['products_previous_image_' . ($img + 1)] . "'");
             $dup_check = olc_db_fetch_array($dup_check_query);
             if ($dup_check['total'] < 2) {
                 @olc_del_image_file($products_data['products_previous_image_' . ($img + 1)]);
             }
             @olc_del_image_file($products_image_name);
             rename(DIR_FS_CATALOG_ORIGINAL_IMAGES . '/' . $pIMG->filename, DIR_FS_CATALOG_ORIGINAL_IMAGES . '/' . $products_image_name);
             //get data & write to table
             $mo_img = array('products_id' => olc_db_prepare_input($products_id), 'image_nr' => olc_db_prepare_input($img + 1), 'image_name' => olc_db_prepare_input($products_image_name));
             if ($action == 'insert') {
                 olc_db_perform(TABLE_PRODUCTS_IMAGES, $mo_img);
             } elseif ($action == 'update' && $products_data['products_previous_image_' . ($img + 1)]) {
                 if ($products_data['del_mo_pic']) {
                     foreach ($products_data['del_mo_pic'] as $dummy => $val) {
                         if ($val == $products_data['products_previous_image_' . ($img + 1)]) {
                             olc_db_perform(TABLE_PRODUCTS_IMAGES, $mo_img);
                         }
                         break;
                     }
                 }
                 olc_db_perform(TABLE_PRODUCTS_IMAGES, $mo_img, 'update', 'image_name = \'' . olc_db_input($products_data['products_previous_image_' . ($img + 1)]) . '\'');
             } elseif (!$products_data['products_previous_image_' . ($img + 1)]) {
                 olc_db_perform(TABLE_PRODUCTS_IMAGES, $mo_img);
             }
             //image processing
             require DIR_WS_INCLUDES . 'product_thumbnail_images.php';
             require DIR_WS_INCLUDES . 'product_info_images.php';
             require DIR_WS_INCLUDES . 'product_popup_images.php';
         }
     }
     if (isset($products_data['products_image']) && olc_not_null($products_data['products_image']) && $products_data['products_image'] != 'none') {
         $sql_data_array['products_image'] = olc_db_prepare_input($products_data['products_image']);
     }
     if ($action == 'insert') {
         $insert_sql_data = array('products_date_added' => 'now()');
         $sql_data_array = olc_array_merge($sql_data_array, $insert_sql_data);
         olc_db_perform(TABLE_PRODUCTS, $sql_data_array);
         $products_id = olc_db_insert_id();
         olc_db_query("INSERT INTO " . TABLE_PRODUCTS_TO_CATEGORIES . "\n\t\t\t\t\t\t\t\t              SET products_id   = '" . $products_id . "',\n\t\t\t\t\t\t\t\t              categories_id = '" . $dest_category_id . "'");
     } elseif ($action == 'update') {
         $update_sql_data = array('products_last_modified' => 'now()');
         $sql_data_array = olc_array_merge($sql_data_array, $update_sql_data);
         olc_db_perform(TABLE_PRODUCTS, $sql_data_array, 'update', 'products_id = \'' . olc_db_input($products_id) . '\'');
     }
     $languages = olc_get_languages();
     // Here we go, lets write Group prices into db
     // start
     $i = 0;
     $group_query = olc_db_query("SELECT customers_status_id\n\t\t\t\t\t                               FROM " . TABLE_CUSTOMERS_STATUS . "\n\t\t\t\t\t                              WHERE language_id = '" . (int) $_SESSION['languages_id'] . "'\n\t\t\t\t\t                                AND customers_status_id != '0'");
     while ($group_values = olc_db_fetch_array($group_query)) {
         // load data into array
         $i++;
         $group_data[$i] = array('STATUS_ID' => $group_values['customers_status_id']);
     }
     for ($col = 0, $n = sizeof($group_data); $col < $n + 1; $col++) {
         if ($group_data[$col]['STATUS_ID'] != '') {
             $personal_price = olc_db_prepare_input($products_data['products_price_' . $group_data[$col]['STATUS_ID']]);
             if ($personal_price == '' || $personal_price == '0.0000') {
                 $personal_price = '0.00';
             } else {
                 if (PRICE_IS_BRUTTO == TRUE_STRING_S) {
                     $personal_price = $personal_price / (olc_get_tax_rate($products_data['products_tax_class_id']) + 100) * 100;
                 }
                 $personal_price = olc_round($personal_price, PRICE_PRECISION);
             }
             if ($action == 'insert') {
                 olc_db_query("DELETE FROM personal_offers_by_customers_status_" . $group_data[$col]['STATUS_ID'] . " WHERE products_id = '" . $products_id . "'\n\t\t\t\t\t\t\t\t\t\t\t\t                 AND quantity    = '1'");
                 $insert_array = array();
                 $insert_array = array('personal_offer' => $personal_price, 'quantity' => '1', 'products_id' => $products_id);
                 olc_db_perform("personal_offers_by_customers_status_" . $group_data[$col]['STATUS_ID'], $insert_array);
             } else {
                 olc_db_query("SQL_UPDATE personal_offers_by_customers_status_" . $group_data[$col]['STATUS_ID'] . "\n\t\t\t\t\t\t\t\t\t\t\t\t                 SET personal_offer = '" . $personal_price . "'\n\t\t\t\t\t\t\t\t\t\t\t\t               WHERE products_id = '" . $products_id . "'\n\t\t\t\t\t\t\t\t\t\t\t\t                 AND quantity    = '1'");
             }
         }
     }
     // end
     // ok, lets check write new staffelpreis into db (if there is one)
     $i = 0;
     $group_query = olc_db_query("SELECT customers_status_id\n\t\t\t\t\t                               FROM " . TABLE_CUSTOMERS_STATUS . "\n\t\t\t\t\t                              WHERE language_id = '" . (int) $_SESSION['languages_id'] . "'\n\t\t\t\t\t                                AND customers_status_id != '0'");
     while ($group_values = olc_db_fetch_array($group_query)) {
         // load data into array
         $i++;
         $group_data[$i] = array('STATUS_ID' => $group_values['customers_status_id']);
     }
     for ($col = 0, $n = sizeof($group_data); $col < $n + 1; $col++) {
         if ($group_data[$col]['STATUS_ID'] != '') {
             $quantity = olc_db_prepare_input($products_data['products_quantity_staffel_' . $group_data[$col]['STATUS_ID']]);
             $staffelpreis = olc_db_prepare_input($products_data['products_price_staffel_' . $group_data[$col]['STATUS_ID']]);
             if (PRICE_IS_BRUTTO == TRUE_STRING_S) {
                 $staffelpreis = $staffelpreis / (olc_get_tax_rate($products_data['products_tax_class_id']) + 100) * 100;
             }
             $staffelpreis = olc_round($staffelpreis, PRICE_PRECISION);
             if ($staffelpreis != '' && $quantity != '') {
                 // ok, lets check entered data to get rid of user faults
                 if ($quantity <= 1) {
                     $quantity = 2;
                 }
                 $check_query = olc_db_query("SELECT quantity\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t                               FROM personal_offers_by_customers_status_" . $group_data[$col]['STATUS_ID'] . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t                              WHERE products_id = '" . $products_id . "'\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t                                AND quantity    = '" . $quantity . "'");
                 // dont insert if same qty!
                 if (olc_db_num_rows($check_query) < 1) {
                     olc_db_query("INSERT INTO personal_offers_by_customers_status_" . $group_data[$col]['STATUS_ID'] . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t                 SET price_id       = '',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t                     products_id    = '" . $products_id . "',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t                     quantity       = '" . $quantity . "',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t                     personal_offer = '" . $staffelpreis . "'");
                 }
             }
         }
     }
     //foreach ($languages AS $lang) {
     $n = sizeof($languages);
     for ($i = 0; $i < $n; $i++) {
         $language_id = $languages[$i]['id'];
         //--- PRODUCT PROMOTION
         if ($_FILES['products_promotion_image' . $i]['name'] != '') {
             if ($image =& olc_try_upload('products_promotion_image' . $i, DIR_FS_CATALOG_IMAGES . 'products_promotion/')) {
                 $paname_arr = explode('.', $image->filename);
                 $pnsuffix = array_pop($paname_arr);
                 $products_promotion_imagename = $products_id . '_' . $i . '.' . $pnsuffix;
                 @unlink(DIR_FS_CATALOG_IMAGES . 'products_promotion/' . $products_promotion_imagename);
                 rename(DIR_FS_CATALOG_IMAGES . 'products_promotion/' . $image->filename, DIR_FS_CATALOG_IMAGES . 'products_promotion/' . $products_promotion_imagename);
             }
         } elseif ($products_data['del_products_promotion_image' . $i] == true) {
             // bild loeschen
             $products_promotion_imagename = '';
         } else {
             $products_promotion_imagename = $products_data['products_promotion_image' . $i];
         }
         //--- PRODUCT PROMOTION eof
         $sql_data_array = array('products_name' => olc_db_prepare_input($products_data['products_name'][$language_id]), 'products_description' => olc_db_prepare_input($products_data['products_description_' . $language_id]), 'products_short_description' => olc_db_prepare_input($products_data['products_short_description_' . $language_id]), 'products_keywords' => olc_db_prepare_input($products_data['products_keywords'][$language_id]), 'products_url' => olc_db_prepare_input($products_data['products_url'][$language_id]), 'products_meta_title' => olc_db_prepare_input($products_data['products_meta_title'][$language_id]), 'products_meta_description' => olc_db_prepare_input($products_data['products_meta_description'][$language_id]), 'products_meta_keywords' => olc_db_prepare_input($products_data['products_meta_keywords'][$language_id]), 'products_promotion_title' => olc_db_prepare_input($products_data['products_promotion_title'][$language_id]), 'products_promotion_image' => $products_promotion_imagename, 'products_promotion_desc' => olc_db_prepare_input($products_data['products_promotion_desc'][$language_id]));
         if ($action == 'insert') {
             $insert_sql_data = array('products_id' => $products_id, 'language_id' => $language_id);
             $sql_data_array = olc_array_merge($sql_data_array, $insert_sql_data);
             olc_db_perform(TABLE_PRODUCTS_DESCRIPTION, $sql_data_array);
         } elseif ($action == 'update') {
             olc_db_perform(TABLE_PRODUCTS_DESCRIPTION, $sql_data_array, 'update', 'products_id = \'' . olc_db_input($products_id) . '\' and language_id = \'' . $language_id . '\'');
         }
     }
 }
function olc_prepare_country_zones_pull_down($country_id = '')
{
    // preset the width of the drop-down for Netscape
    $pre = EMPTY_STRING;
    if (!olc_browser_detect('MSIE') && olc_browser_detect('Mozilla/4')) {
        for ($i = 0; $i < 45; $i++) {
            $pre .= HTML_NBSP;
        }
    }
    $zones = olc_get_country_zones($country_id);
    if (sizeof($zones) > 0) {
        $zones_select = array(array('id' => EMPTY_STRING, 'text' => PLEASE_SELECT));
        $zones = olc_array_merge($zones_select, $zones);
    } else {
        $zones = array(array('id' => EMPTY_STRING, 'text' => TYPE_BELOW));
        // create dummy options for Netscape to preset the height of the drop-down
        if (!olc_browser_detect('MSIE') && olc_browser_detect('Mozilla/4')) {
            for ($i = 0; $i < 9; $i++) {
                $zones[] = array('id' => EMPTY_STRING, 'text' => $pre);
            }
        }
    }
    return $zones;
}