function affiliate_insert($sql_data_array, $affiliate_parent = 0)
{
    // LOCK TABLES
    //   olc_db_query("LOCK TABLES " . TABLE_AFFILIATE . " WRITE");
    if ($affiliate_parent > 0) {
        $affiliate_root_query = olc_db_query("select affiliate_root, affiliate_rgt, affiliate_lft�from  " . TABLE_AFFILIATE . " where affiliate_id = '" . $affiliate_parent . "' ");
        // Check if we have a parent affiliate
        if ($affiliate_root_array = olc_db_fetch_array($affiliate_root_query)) {
            olc_db_query(SQL_UPDATE . TABLE_AFFILIATE . " SET affiliate_lft = affiliate_lft + 2 WHERE affiliate_root  =  '" . $affiliate_root_array['affiliate_root'] . "' and  affiliate_lft > " . $affiliate_root_array['affiliate_rgt'] . "  AND affiliate_rgt >= " . $affiliate_root_array['affiliate_rgt'] . BLANK);
            olc_db_query(SQL_UPDATE . TABLE_AFFILIATE . " SET affiliate_rgt = affiliate_rgt + 2 WHERE affiliate_root  =  '" . $affiliate_root_array['affiliate_root'] . "' and  affiliate_rgt >= " . $affiliate_root_array['affiliate_rgt'] . "  ");
            $sql_data_array['affiliate_root'] = $affiliate_root_array['affiliate_root'];
            $sql_data_array['affiliate_lft'] = $affiliate_root_array['affiliate_rgt'];
            $sql_data_array['affiliate_rgt'] = $affiliate_root_array['affiliate_rgt'] + 1;
            olc_db_perform(TABLE_AFFILIATE, $sql_data_array);
            $affiliate_id = olc_db_insert_id();
        }
        // no parent -> new root
    } else {
        $sql_data_array['affiliate_lft'] = '1';
        $sql_data_array['affiliate_rgt'] = '2';
        olc_db_perform(TABLE_AFFILIATE, $sql_data_array);
        $affiliate_id = olc_db_insert_id();
        olc_db_query(SQL_UPDATE . TABLE_AFFILIATE . " set affiliate_root = '" . $affiliate_id . "' where affiliate_id = '" . $affiliate_id . "' ");
    }
    // UNLOCK TABLES
    olc_db_query("UNLOCK TABLES");
    return $affiliate_id;
}
 function insert($paypal_id = '')
 {
     global $debug;
     $key_vars = array('txn_type', 'reason_code', 'payment_type', 'payment_status', 'pending_reason', 'invoice', 'mc_currency', 'first_name', 'last_name', 'payer_business_name', 'address_name', 'address_street', 'address_city', 'address_state', 'address_zip', 'address_country', 'address_status', 'payer_email', 'payer_id', 'payer_status', 'business', 'receiver_email', 'receiver_id', 'txn_id', 'parent_txn_id', 'mc_gross', 'mc_fee', 'payment_gross', 'payment_fee', 'settle_amount', 'settle_currency', 'exchange_rate', 'for_auction', 'auction_buyer_id', 'auction_multi_item', 'quantity', 'tax', 'notify_version', 'verify_sign', 'memo');
     $sql_data_array = $this->setSQLDataElements($key_vars);
     $sql_data_array['num_cart_items'] = $this->txnType('cart') ? $this->key['num_cart_items'] : '1';
     $sql_data_array['payment_date'] = $this->datetime_to_sql_format($this->key['payment_date']);
     $sql_data_array['payment_time_zone'] = $this->paymentTimeZone($this->key['payment_date']);
     $sql_data_array['auction_closing_date'] = $this->datetime_to_sql_format($this->key['auction_closing_date']);
     $sql_data_array['date_added'] = 'now()';
     olc_db_perform(TABLE_PAYPAL, $sql_data_array);
     $this->ipnID = olc_db_insert_id();
     $this->updatePaymentStatusHistory(!empty($paypal_id) ? $paypal_id : $this->ipnID);
     if ($this->isAuction()) {
         $this->processAuction($this->ipnID);
     }
     if ($debug->enabled) {
         $debug->add(IPN_TXN_INSERT, sprintf(IPN_TXN_INSERT_MSG, $this->ipnID));
     }
     return $this->ipnID;
 }
 function import()
 {
     $this->time_start = time();
     $lines = 1;
     $lines_ok = 0;
     // sonstige variablen
     $newsletter = 0;
     $set_suburb = ACCOUNT_SUBURB == TRUE_STRING_S;
     $set_state = ACCOUNT_STATE == TRUE_STRING_S;
     $email_adresses = array();
     $error = EMPTY_STRING;
     define('INSERT_INTO_CUSTOMERS_INFO_SQL', INSERT_INTO . TABLE_CUSTOMERS_INFO . " (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values ('");
     define('SELECT_COUNTRY_SQL', SELECT_ALL . "`countries` WHERE `countries_iso_code_2` = '");
     $check_email_sql = SELECT_COUNT . "as total from " . TABLE_CUSTOMERS . " where customers_email_address = '";
     $update_table_customers = SQL_UPDATE . TABLE_CUSTOMERS . " set customers_default_address_id = '";
     $fh = fopen($this->filename, "r");
     if ($fh) {
         $zeile = fgets($fh);
         while (!feof($fh)) {
             // zeile einlesen & werte zuweisen
             $zeile = trim(fgets($fh));
             if ($zeile) {
                 $dataArray = explode(SEMI_COLON, $zeile);
                 for ($j = 0, $m = sizeof($this->dataArray); $j < $m; $j++) {
                     $data = $this->dataArray[$j];
                     if (substr($data, -1) == CSV_TEXTSIGN) {
                         $dataArray[$j] = substr($data, 1, strlen($data) - 2);
                     }
                 }
                 list($cid, $gruppe, $anrede, $email_address, $company, $lkz, $lastname, $city, $postcode, $password, $street_address, $fax, $telephone, $firstname, $d_company, $d_lkz, $d_lastname, $d_city, $d_postcode, $d_street_address, $d_fax, $d_telephone, $d_firstname) = $dataArray;
                 $lines++;
                 if (!$password) {
                     // neues zufallspasswort erstelllen.
                     $password = getpass(10);
                 }
                 // vorhandene Daten aufbereiten.
                 $gruppe = trim($gruppe);
                 switch ($gruppe) {
                     case "Registriert":
                         $customers_status = DEFAULT_CUSTOMERS_STATUS_ID_CUSTOMER;
                         break;
                     case "Merchant":
                         $customers_status = DEFAULT_CUSTOMERS_STATUS_ID_DEALER;
                         break;
                     default:
                         $customers_status = DEFAULT_CUSTOMERS_STATUS_ID_GUEST;
                 }
                 $anrede = trim($anrede);
                 switch ($anrede) {
                     case "Herr":
                         $gender = "m";
                         break;
                     case "Frau":
                         $gender = "f";
                         break;
                     default:
                         $gender = "m";
                 }
                 $country = set_country_info($lkz);
                 $geburtsdatum = trim($geburtsdatum);
                 if ($geburtsdatum != EMPTY_STRING && $geburtsdatum != ".000000000") {
                     list($jahr, $monat, $tag) = sscanf($geburtsdatum, "%4d%2d%2d.%d");
                     $dob = sprintf("%02d.%02d.%4d", $tag, $monat, $jahr);
                 } else {
                     $dob = EMPTY_STRING;
                 }
                 // daten in db eintragen
                 $vatID = new vat_validation($vat, EMPTY_STRING, EMPTY_STRING, $country);
                 $customers_status = $vatID->vat_info['status'];
                 $customers_vat_id_status = $vatID->vat_info['vat_id_status'];
                 if ($vatID->vat_info['error']) {
                     $error .= ENTRY_VAT_ERROR;
                 }
                 $email_address = trim($email_address);
                 $check_email_query = olc_db_query($check_email_sql . olc_db_input($email_address) . "' and account_type = '0'");
                 $check_email = olc_db_fetch_array($check_email_query);
                 $s = QUOTE . $email_address . QUOTE . ' -- ';
                 if ($check_email['total'] > 0) {
                     $error .= $s . ENTRY_EMAIL_ADDRESS_ERROR_EXISTS . LPAREN . EMAIL_ALREADY_USED . $email_adresses[$email_address] . RPAREN;
                 } elseif (strlen($email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) {
                     $error .= $s . ENTRY_EMAIL_ADDRESS_ERROR;
                 } elseif (olc_validate_email($email_address) == false) {
                     $error .= $s . ENTRY_EMAIL_ADDRESS_CHECK_ERROR;
                     /*
                     $fp3 = fopen("kunden_import_mail-check-fail.csv", "a");
                     fputs($fp3, $zeile);
                     fclose ($fp3);
                     */
                 }
                 if ($email_adresses[$email_address]) {
                     $email_adresses[$email_address] .= COMMA_BLANK;
                 }
                 $email_adresses[$email_address] .= $lines;
                 if ($dob != EMPTY_STRING) {
                     $date_raw = olc_date_raw($dob);
                     if (checkdate(substr($date_raw, 4, 2), substr($date_raw, 6, 2), substr($date_raw, 0, 4)) == false) {
                         $error .= QUOTE . $dob . QUOTE . ' -- ' . ENTRY_DATE_OF_BIRTH_ERROR;
                     }
                 }
                 if ($error) {
                     $this->errorLog[] = sprintf(TEXT_ERROR, $error, $lines);
                     $error = EMPTY_STRING;
                 } else {
                     $lines_ok++;
                     $cid = trim($cid);
                     $firstname = trim($firstname);
                     $lastname = trim($lastname);
                     $telephone = trim($telephone);
                     $fax = trim($fax);
                     $street_address = trim($street_address);
                     $company = trim($company);
                     $postcode = trim($postcode);
                     $city = trim($city);
                     $sql_data_array = array('customers_cid' => $cid, 'customers_vat_id' => $vat, 'customers_vat_id_status' => $customers_vat_id_status, 'customers_status' => $customers_status, 'customers_firstname' => $firstname, 'customers_lastname' => $lastname, 'customers_email_address' => $email_address, 'customers_telephone' => $telephone, 'customers_fax' => $fax, 'customers_newsletter' => $newsletter, 'customers_password' => olc_encrypt_password($password), 'customers_gender' => $gender, 'customers_dob' => $date_raw, 'customers_date_added' => 'now()', 'customers_last_modified' => 'now()');
                     olc_db_perform(TABLE_CUSTOMERS, $sql_data_array);
                     $user_id = olc_db_insert_id();
                     $sql_data_array = array('customers_id' => $user_id, 'entry_firstname' => $firstname, 'entry_lastname' => $lastname, 'entry_street_address' => $street_address, 'entry_postcode' => $postcode, 'entry_city' => $city, 'entry_country_id' => $country, 'entry_gender' => $gender, 'entry_company' => $company, 'address_date_added' => 'now()', 'address_last_modified' => 'now()');
                     olc_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array);
                     $address_id = olc_db_insert_id();
                     olc_db_query($update_table_customers . $address_id . "' where customers_id = '" . (int) $user_id . APOS);
                     olc_db_query(INSERT_INTO_CUSTOMERS_INFO_SQL . (int) $user_id . "', '0', now())");
                     if ($d_lkz) {
                         //Separate delivery-adress.
                         $country = set_country_info($d_lkz);
                         $firstname = trim($d_firstname);
                         $lastname = trim($d_lastname);
                         $telephone = trim($d_telephone);
                         $fax = trim($d_fax);
                         $street_address = trim($d_street_address);
                         $company = trim($d_company);
                         $postcode = trim($d_postcode);
                         $city = trim($d_city);
                         $sql_data_array = array('customers_id' => $user_id, 'entry_firstname' => $firstname, 'entry_lastname' => $lastname, 'entry_street_address' => $street_address, 'entry_postcode' => $postcode, 'entry_city' => $city, 'entry_country_id' => $country, 'entry_gender' => $gender, 'entry_company' => $company, 'address_date_added' => 'now()', 'address_last_modified' => 'now()');
                         olc_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array);
                     }
                     // create smarty elements
                     if ($send_mail) {
                         $this->smarty->assign('GENDER', $gender);
                         $this->smarty->assign('FIRSTNAME', $firstname);
                         $this->smarty->assign('LASTNAME', $lastname);
                         $this->smarty->assign('EMAIL', $email_address);
                         $this->smarty->assign('PASSWORT', $password);
                         $this->smarty->caching = false;
                         $txt_mail_customer = $this->smarty->fetch($this->email_template);
                         // mail versenden
                         olc_php_mail(STORE_OWNER_EMAIL_ADDRESS, STORE_OWNER, $email_address, $firstname . BLANK . $lastname, EMPTY_STRING, STORE_OWNER_EMAIL_ADDRESS, STORE_OWNER, EMPTY_STRING, EMPTY_STRING, TEXT_MAIL_SUBJECT, EMPTY_STRING, $txt_mail_customer);
                     }
                 }
                 flush();
             }
         }
         fclose($fh);
     } else {
         $file_error = TEXT_FILE_ERROR_OPEN;
     }
     if ($file_error) {
         $this->errorLog[] = sprintf(TEXT_ERROR_FILE, $file_error);
     }
     $this->result = array(array('prod_new' => $lines_ok . " von " . ($lines - 1)), $this->errorLog, $this->calcElapsedTime($this->time_start));
     return $this->result;
 }
function addNewUser($buyer_values, &$customer_id)
{
    $names = explode(BLANK, $buyer_values['buyer_name']);
    $lastname = EMPTY_STRING;
    for ($i = 1, $n = count($names); $i <= $n; $i++) {
        $lastname .= $names[$i];
        if ($i < $n) {
            $lastname .= BLANK;
        }
    }
    $sql_data_array = array('customers_firstname' => $names[0], 'customers_lastname' => $lastname, 'customers_email_address' => $buyer_values['buyer_email'], 'customers_telephone' => EMPTY_STRING, 'customers_fax' => EMPTY_STRING, 'customers_newsletter' => EMPTY_STRING, 'customers_password' => olc_encrypt_password($buyer_values['buyer_id']), 'customers_gender' => EMPTY_STRING, 'customers_dob' => date("Y-m-d"));
    olc_db_perform(TABLE_CUSTOMERS, $sql_data_array);
    $customer_id = olc_db_insert_id();
    $buyer_countrycode = $buyer_values['buyer_countrycode'];
    if ($buyer_countrycode) {
        $sqlstring = SELECT_ALL . TABLE_COUNTRIES . " WHERE `countries_iso_code_2` = '" . $buyer_countrycode . APOS;
        $mycountry = olc_db_fetch_array(olc_db_query($sqlstring));
        //echo $mycountry['countries_id']."<hr/>";
    }
    $sql_data_array = array('customers_id' => $customer_id, 'entry_firstname' => $names[0], 'entry_lastname' => $lastname, 'entry_street_address' => $buyer_values['buyer_street'], 'entry_postcode' => $buyer_values['buyer_zip'], 'entry_city' => $buyer_values['buyer_city'], 'entry_country_id' => $mycountry['countries_id'], 'entry_gender' => EMPTY_STRING, 'entry_company' => EMPTY_STRING, 'entry_suburb' => EMPTY_STRING, 'entry_zone_id' => EMPTY_STRING, 'entry_state' => $buyer_values['buyer_land']);
    olc_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array);
    $address_id = olc_db_insert_id();
    //update customer table with address id
    olc_db_query(SQL_UPDATE . TABLE_CUSTOMERS . " set customers_default_address_id = '" . $address_id . "'\n\twhere customers_id = '" . $customer_id . APOS);
    //update customer_info table
    olc_db_query(INSERT_INTO . TABLE_CUSTOMERS_INFO . "\n\t(customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values\n\t('" . $customer_id . "', '0', now())");
    $_SESSION['customer_default_address_id'] = $address_id;
}
 function ec_step2()
 {
     global $paypal_ec_token, $customer_id, $customer_first_name, $language;
     global $customer_default_address_id, $sendto;
     //Visitor just came back from PayPal and so we collect all the info returned, create an account if necessary,
     //then log them in, and then send them to checkout_shipping.php.  What a long, strange trip it's been.
     $_SESSION[$his->ec_checkout_text] = true;
     if ($paypal_ec_token == EMPTY_STRING) {
         if (isset($_GET['token'])) {
             $paypal_ec_token = $_GET['token'];
         } else {
             $this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_INVALID_RESPONSE, true);
         }
     }
     //Make sure the token is in the correct format
     if (!ereg("([C-E]{2})-([A-Z0-9]{17})", $paypal_ec_token)) {
         $this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_INVALID_RESPONSE, true);
     }
     $caller = $this->paypal_init();
     $ecdt =& Services_PayPal::getType('GetExpressCheckoutDetailsRequestType');
     $ecdt->setToken($paypal_ec_token);
     $response = $caller->GetExpressCheckoutDetails($ecdt);
     $response_ack = $response->Ack;
     if (strlen(Services_PayPal::isError($response)) > 0 || $response_ack != 'Success' && $response_ack != 'SuccessWithWarning') {
         if ($this->enableDebugging) {
             /*
             olc_php_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $this->error_dump,
             "In Funktion: ec_step2()\n\n".var_dump($response), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
             */
             olc_php_mail(STORE_OWNER_EMAIL_ADDRESS, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, STORE_NAME, EMPTY_STRING, STORE_OWNER_EMAIL_ADDRESS, STORE_OWNER, EMPTY_STRING, EMPTY_STRING, $this->error_dump, EMPTY_STRING, str_replace(HASH, 'ec_step2', $this->in_function) . $this->prepare_var_dump($response), EMAIL_TYPE_TEXT);
         }
         $error = $this->prepare_error(MODULE_PAYMENT_PAYPAL_DP_GEN_ERROR, $response);
         $this->away_with_you($error, true);
     } else {
         //This is an array of all the info sent back by PayPal
         $details = $response->getGetExpressCheckoutDetailsResponseDetails();
         $payer_info = $details->getPayerInfo();
         if (MODULE_PAYMENT_PAYPAL_DP_REQ_VERIFIED == 'Yes' && strtolower($payer_info->PayerStatus) != 'verified') {
             $this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_TEXT_UNVERIFIED, true);
         }
         $paypal_ec_payer_id = $payer_info->getPayerID();
         $_SESSION[$this->paypal_ec_text . 'payer_id'];
         $_SESSION[$this->paypal_ec_text . 'payer_id'] = $paypal_ec_payer_id;
         $fullname = $payer_info->getPayerName();
         $address_info = $payer_info->getAddress();
         //Hoag: Begin telephone fix (1 of 3)
         $phone = $details->getContactPhone();
         //Hoag: End telephone fix (1 of 3)
         //I didn't include the international variables since PayPal only supports USD at this time
         $paypal_ec_payer_info = array('payer_id' => $payer_info->PayerID, 'payer_email' => $payer_info->Payer, 'payer_firstname' => $fullname->FirstName, 'payer_lastname' => $fullname->LastName, 'payer_business' => $payer_info->PayerBusiness, 'payer_status' => $payer_info->PayerStatus, 'ship_owner' => $address_info->AddressOwner, 'ship_name' => $address_info->Name, 'ship_street_1' => $address_info->Street1, 'ship_street_2' => $address_info->Street2, 'ship_city' => $address_info->CityName, 'ship_state' => $address_info->StateOrProvince, 'ship_postal_code' => $address_info->PostalCode, 'ship_country' => $address_info->Country, 'ship_country_name' => $address_info->CountryName, 'ship_phone' => $address_info->Phone, 'ship_phone' => $phone, 'ship_address_status' => $address_info->AddressStatus);
         //$_SESSION[$this->paypal_ec_text.'payer_info'] = $paypal_ec_payer_info;
         $_SESSION[$this->paypal_ec_text . 'payer_info'];
         //Get the customer's country id.
         $country_query = olc_db_query("SELECT countries_id, address_format_id FROM " . TABLE_COUNTRIES . " WHERE countries_name = '" . $paypal_ec_payer_info['ship_country_name'] . "' LIMIT 1");
         if (olc_db_num_rows($country_query) > 0) {
             $country = olc_db_fetch_array($country_query);
             $country_id = $country['countries_id'];
             $address_format_id = $country['address_format_id'];
         } else {
             $country_id = EMPTY_STRING;
             $address_format_id = '2';
             //2 is the American format
         }
         $states_query = olc_db_query("SELECT zone_id FROM " . TABLE_ZONES . " WHERE zone_code = '" . $paypal_ec_payer_info['ship_state'] . "' AND zone_country_id = '" . $country_id . "' LIMIT 1");
         if (olc_db_num_rows($states_query) > 0) {
             $states = olc_db_fetch_array($states_query);
             $state_id = $states['zone_id'];
         } else {
             $state_id = EMPTY_STRING;
         }
         $order->customer['name'] = trim($paypal_ec_payer_info['payer_firstname'] . BLANK . $paypal_ec_payer_info['payer_lastname']);
         $order->customer['company'] = $paypal_ec_payer_info['payer_business'];
         $order->customer['street_address'] = $paypal_ec_payer_info['ship_street_1'];
         $order->customer['suburb'] = $paypal_ec_payer_info['ship_street_2'];
         $order->customer['city'] = $paypal_ec_payer_info['ship_city'];
         $order->customer['postcode'] = $paypal_ec_payer_info['ship_postal_code'];
         $order->customer['state'] = $paypal_ec_payer_info['ship_state'];
         $order->customer['country'] = $paypal_ec_payer_info['ship_country_name'];
         $order->customer['format_id'] = $address_format_id;
         $order->customer['email_address'] = $paypal_ec_payer_info['payer_email'];
         //Hoag: Begin telephone fix (3 of 3)
         $order->customer['telephone'] = $paypal_ec_payer_info['ship_phone'];
         //Hoag: End telephone fix (3 of 3)
         //For some reason, $order->billing gets erased between here and checkout_confirmation.php
         $order->billing['name'] = trim($paypal_ec_payer_info['payer_firstname'] . BLANK . $paypal_ec_payer_info['payer_lastname']);
         $order->billing['company'] = $paypal_ec_payer_info['payer_business'];
         $order->billing['street_address'] = $paypal_ec_payer_info['ship_street_1'];
         $order->billing['suburb'] = $paypal_ec_payer_info['ship_street_2'];
         $order->billing['city'] = $paypal_ec_payer_info['ship_city'];
         $order->billing['postcode'] = $paypal_ec_payer_info['ship_postal_code'];
         $order->billing['state'] = $paypal_ec_payer_info['ship_state'];
         $order->billing['country'] = $paypal_ec_payer_info['ship_country_name'];
         $order->billing['format_id'] = $address_format_id;
         /*Disabled for now
         		//If they selected an address on PayPal's site with a different zipcode than was previously selected
         		//send them back to the shipping page
         		if ($order->delivery['postcode'] == $paypal_ec_payer_info['ship_postal_code']) {
         		$goto_shipping = false;
         		} else {
         		$goto_shipping = true;
         		}
         		*/
         $order->delivery['name'] = trim($paypal_ec_payer_info['payer_firstname'] . BLANK . $paypal_ec_payer_info['payer_lastname']);
         $order->delivery['company'] = $paypal_ec_payer_info['payer_business'];
         $order->delivery['street_address'] = $paypal_ec_payer_info['ship_street_1'];
         $order->delivery['suburb'] = $paypal_ec_payer_info['ship_street_2'];
         $order->delivery['city'] = $paypal_ec_payer_info['ship_city'];
         $order->delivery['postcode'] = $paypal_ec_payer_info['ship_postal_code'];
         $order->delivery['state'] = $paypal_ec_payer_info['ship_state'];
         $order->delivery['country'] = $paypal_ec_payer_info['ship_country_name'];
         $order->delivery['format_id'] = $address_format_id;
         if (!$_SESSION[$this->paypal_ec_text . 'temp']) {
             $_SESSION[$this->paypal_ec_text . 'temp'];
         }
         if ($_SESSION['customer_first_name'] && $_SESSION['customer_id']) {
             //They're logged in, so forward them straight to checkout_shipping.php
             $order->customer['id'] = $customer_id;
             if (!$_SESSION['sendto']) {
                 $_SESSION['sendto'] = $customer_default_address_id;
             }
             $_SESSION[$this->paypal_ec_text . 'temp'] = false;
             $this->away_with_you();
             /*disabled for now
             		//0.6.2b modification.  If they already have a shipping amount calculated for this zip code, send them on instead of backwards
             		if ($goto_shipping) {
             		$this->away_with_you();
             		} else {
             		$this->away_with_you(EMPTY_STRING, false, FILENAME_CHECKOUT_CONFIRMATION);
             		}
             		*/
         } else {
             //They're not logged in.  Create an account if necessary, and then log them in.
             //First, see if they're an existing customer
             //If Paypal didn't send an email address, something went wrong
             if (trim($paypal_ec_payer_info['payer_email']) == EMPTY_STRING) {
                 $this->away_with_you(MODULE_PAYMENT_PAYPAL_DP_INVALID_RESPONSE, true);
             }
             $check_customer_query = olc_db_query("select customers_id, customers_firstname, customers_lastname,\n\t\t\t\tcustomers_paypal_payerid, customers_paypal_ec from " . TABLE_CUSTOMERS . " where customers_email_address = '" . olc_db_input($paypal_ec_payer_info['payer_email']) . APOS);
             $check_customer = olc_db_fetch_array($check_customer_query);
             if (olc_db_num_rows($check_customer_query) > 0) {
                 $check_customer = olc_db_fetch_array($check_customer_query);
                 $acct_exists = true;
                 if ($check_customer['customers_paypal_ec'] == '1') {
                     //Delete the existing temporary account
                     $this->ec_delete_user($check_customer['customers_id']);
                     $acct_exists = false;
                 }
             }
             //Create an account
             if (!$acct_exists) {
                 //Generate a random 8-char password
                 $salt = "46z3haZzegmn676PA3rUw2vrkhcLEn2p1c6gf7vp2ny4u3qqfqBh5j6kDhuLmyv9xf";
                 srand((double) microtime() * 1000000);
                 $password = EMPTY_STRING;
                 for ($x = 0; $x < 7; $x++) {
                     $num = rand() % 33;
                     $tmp = substr($salt, $num, 1);
                     $password = $password . $tmp;
                 }
                 $sql_data_array = array('customers_firstname' => $paypal_ec_payer_info['payer_firstname'], 'customers_lastname' => $paypal_ec_payer_info['payer_lastname'], 'customers_email_address' => $paypal_ec_payer_info['payer_email'], 'customers_telephone' => $paypal_ec_payer_info['ship_phone'], 'customers_fax' => EMPTY_STRING, 'customers_newsletter' => '0', 'customers_password' => olc_encrypt_password($password), 'customers_paypal_payerid' => $paypal_ec_payer_id);
                 olc_db_perform(TABLE_CUSTOMERS, $sql_data_array);
                 $customer_id = olc_db_insert_id();
                 $sql_data_array = array('customers_id' => $customer_id, 'entry_firstname' => $paypal_ec_payer_info['payer_firstname'], 'entry_lastname' => $paypal_ec_payer_info['payer_lastname'], 'entry_street_address' => $paypal_ec_payer_info['ship_street_1'], 'entry_suburb' => $paypal_ec_payer_info['ship_street_2'], 'entry_city' => $paypal_ec_payer_info['ship_city'], 'entry_zone_id' => $state_id, 'entry_postcode' => $paypal_ec_payer_info['ship_postal_code'], 'entry_country_id' => $country_id);
                 olc_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array);
                 $address_id = olc_db_insert_id();
                 olc_db_query(SQL_UPDATE . TABLE_CUSTOMERS . " set customers_default_address_id = '" . (int) $address_id . "' where customers_id = '" . (int) $customer_id . APOS);
                 olc_db_query(INSERT_INTO . TABLE_CUSTOMERS_INFO . " (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values ('" . (int) $customer_id . "', '0', now())");
                 if (MODULE_PAYMENT_PAYPAL_DP_NEW_ACCT_NOTIFY == 'Yes') {
                     require DIR_WS_LANGUAGES . SESSION_LANGUAGE . SLASH . FILENAME_CREATE_ACCOUNT;
                     $email_text = sprintf(EMAIL_GREET_NONE, $paypal_ec_payer_info['payer_firstname']) . EMAIL_WELCOME . EMAIL_TEXT;
                     $email_text .= EMAIL_EC_ACCOUNT_INFORMATION . "Username: "******"\nPassword: "******"\n\n";
                     $email_text .= EMAIL_CONTACT;
                     /*
                     
                     olc_php_mail($paypal_ec_payer_info['payer_firstname']." " .
                     $paypal_ec_payer_info['payer_lastname'],
                     $paypal_ec_payer_info['payer_email'], EMAIL_SUBJECT, $email_text, STORE_OWNER,
                     STORE_OWNER_EMAIL_ADDRESS);
                     */
                     olc_php_mail(STORE_OWNER_EMAIL_ADDRESS, STORE_OWNER, $paypal_ec_payer_info['payer_email'], trim($paypal_ec_payer_info['payer_firstname'] . BLANK . $paypal_ec_payer_info['payer_lastname']), EMPTY_STRING, STORE_OWNER_EMAIL_ADDRESS, STORE_OWNER, EMPTY_STRING, EMPTY_STRING, EMAIL_SUBJECT, EMPTY_STRING, $email_text, EMAIL_TYPE_TEXT);
                     $_SESSION[$this->paypal_ec_text . 'temp'] = false;
                 } else {
                     //Make it a temporary account that'll be deleted once they've checked out
                     olc_db_query(SQL_UPDATE . TABLE_CUSTOMERS . " SET customers_paypal_ec = '1' WHERE customers_id = '" . (int) $customer_id . APOS);
                     $_SESSION[$this->paypal_ec_text . 'temp'] = true;
                 }
             } else {
                 $_SESSION[$this->paypal_ec_text . 'temp'] = false;
             }
             $sendto = $address_id;
             if (!$_SESSION['sendto']) {
                 $_SESSION['sendto'];
             }
             $this->user_login($_SESSION[$this->paypal_ec_text . 'payer_info']['payer_email']);
         }
     }
 }
 function duplicate_product($src_products_id, $dest_categories_id)
 {
     $product_query = xtDBquery("SELECT *\n\t\t\t\t    \t                                 FROM " . TABLE_PRODUCTS . "\n\t\t\t\t    \t                                WHERE products_id = '" . olc_db_input($src_products_id) . "'");
     $product = olc_db_fetch_array($product_query);
     if ($dest_categories_id == 0) {
         $startpage = 1;
         $products_status = 1;
     } else {
         $startpage = 0;
         $products_status = $product['products_status'];
     }
     $sql_data_array = array('products_quantity' => $product['products_quantity'], 'products_model' => $product['products_model'], 'products_ean' => $product['products_ean'], 'products_shippingtime' => $product['products_shippingtime'], 'products_sort' => $product['products_sort'], 'products_startpage' => $startpage, 'products_sort' => $product['products_sort'], 'products_price' => $product['products_price'], 'products_discount_allowed' => $product['products_discount_allowed'], 'products_date_added' => 'now()', 'products_date_available' => $product['products_date_available'], 'products_weight' => $product['products_weight'], 'products_status' => $products_status, 'products_tax_class_id' => $product['products_tax_class_id'], 'manufacturers_id' => $product['manufacturers_id'], 'product_template' => $product['product_template'], 'options_template' => $product['options_template'], 'products_fsk18' => $product['products_fsk18']);
     $customers_statuses_array = olc_get_customers_statuses();
     for ($i = 0; $n = sizeof($customers_statuses_array), $i < $n; $i++) {
         if (isset($customers_statuses_array[$i]['id'])) {
             $sql_data_array = array_merge($sql_data_array, array('group_permission_' . $customers_statuses_array[$i]['id'] => $product['group_permission_' . $customers_statuses_array[$i]['id']]));
         }
     }
     olc_db_perform(TABLE_PRODUCTS, $sql_data_array);
     //get duplicate id
     $dup_products_id = olc_db_insert_id();
     //duplicate image if there is one
     if ($product['products_image'] != '') {
         //build new image_name for duplicate
         $pname_arr = explode('.', $product['products_image']);
         $nsuffix = array_pop($pname_arr);
         $dup_products_image_name = $dup_products_id . '_0' . '.' . $nsuffix;
         //write to DB
         xtDBquery("SQL_UPDATE " . TABLE_PRODUCTS . " SET products_image = '" . $dup_products_image_name . "' WHERE products_id = '" . $dup_products_id . "'");
         @copy(DIR_FS_CATALOG_ORIGINAL_IMAGES . '/' . $product['products_image'], DIR_FS_CATALOG_ORIGINAL_IMAGES . '/' . $dup_products_image_name);
         @copy(DIR_FS_CATALOG_INFO_IMAGES . '/' . $product['products_image'], DIR_FS_CATALOG_INFO_IMAGES . '/' . $dup_products_image_name);
         @copy(DIR_FS_CATALOG_THUMBNAIL_IMAGES . '/' . $product['products_image'], DIR_FS_CATALOG_THUMBNAIL_IMAGES . '/' . $dup_products_image_name);
         @copy(DIR_FS_CATALOG_POPUP_IMAGES . '/' . $product['products_image'], DIR_FS_CATALOG_POPUP_IMAGES . '/' . $dup_products_image_name);
     } else {
         unset($dup_products_image_name);
     }
     $description_query = olc_db_query("SELECT *\n\t\t\t\t    \t                                     FROM " . TABLE_PRODUCTS_DESCRIPTION . "\n\t\t\t\t    \t                                    WHERE products_id = '" . olc_db_input($src_products_id) . "'");
     $old_products_id = olc_db_input($src_products_id);
     while ($description = olc_db_fetch_array($description_query)) {
         olc_db_query("INSERT INTO " . TABLE_PRODUCTS_DESCRIPTION . "\n\t\t\t\t\t\t    \t\t                 SET products_id                = '" . $dup_products_id . "',                                      \n\t\t\t\t\t\t    \t\t                     language_id                = '" . $description['language_id'] . "',                           \n\t\t\t\t\t\t    \t\t                     products_name              = '" . addslashes($description['products_name']) . "',             \n\t\t\t\t\t\t    \t\t                     products_description       = '" . addslashes($description['products_description']) . "',      \n\t\t\t\t\t\t    \t\t                     products_keywords          = '" . addslashes($description['products_keywords']) . "',\n\t\t\t\t\t\t    \t\t                     products_short_description = '" . addslashes($description['products_short_description']) . "',\n\t\t\t\t\t\t    \t\t                     products_meta_title        = '" . addslashes($description['products_meta_title']) . "',       \n\t\t\t\t\t\t    \t\t                     products_meta_description  = '" . addslashes($description['products_meta_description']) . "', \n\t\t\t\t\t\t    \t\t                     products_meta_keywords     = '" . addslashes($description['products_meta_keywords']) . "',    \n\t\t\t\t\t\t    \t\t                     products_url               = '" . $description['products_url'] . "',                          \n\t\t\t\t\t\t    \t\t                     products_viewed            = '0'");
     }
     olc_db_query("INSERT INTO " . TABLE_PRODUCTS_TO_CATEGORIES . "\n\t\t\t\t    \t                 SET products_id   = '" . $dup_products_id . "',\n\t\t\t\t    \t                     categories_id = '" . olc_db_input($dest_categories_id) . "'");
     //mo_images by Novalis@eXanto.de
     $mo_images = olc_get_products_mo_images($src_products_id);
     if (is_array($mo_images)) {
         foreach ($mo_images as $dummy => $mo_img) {
             //build new image_name for duplicate
             $pname_arr = explode('.', $mo_img['image_name']);
             $nsuffix = array_pop($pname_arr);
             $dup_products_image_name = $dup_products_id . '_' . $mo_img['image_nr'] . '.' . $nsuffix;
             //copy org images to duplicate
             @copy(DIR_FS_CATALOG_ORIGINAL_IMAGES . '/' . $mo_img['image_name'], DIR_FS_CATALOG_ORIGINAL_IMAGES . '/' . $dup_products_image_name);
             @copy(DIR_FS_CATALOG_INFO_IMAGES . '/' . $mo_img['image_name'], DIR_FS_CATALOG_INFO_IMAGES . '/' . $dup_products_image_name);
             @copy(DIR_FS_CATALOG_THUMBNAIL_IMAGES . '/' . $mo_img['image_name'], DIR_FS_CATALOG_THUMBNAIL_IMAGES . '/' . $dup_products_image_name);
             @copy(DIR_FS_CATALOG_POPUP_IMAGES . '/' . $mo_img['image_name'], DIR_FS_CATALOG_POPUP_IMAGES . '/' . $dup_products_image_name);
             olc_db_query("INSERT INTO " . TABLE_PRODUCTS_IMAGES . "\n\t\t\t\t\t\t\t\t    \t\t\t                 SET products_id = '" . $dup_products_id . "',\n\t\t\t\t\t\t\t\t    \t\t\t                     image_nr    = '" . $mo_img['image_nr'] . "',\n\t\t\t\t\t\t\t\t    \t\t\t                     image_name  = '" . $dup_products_image_name . "'");
         }
     }
     //mo_images EOF
     $products_id = $dup_products_id;
     $i = 0;
     $group_query = olc_db_query("SELECT customers_status_id\n\t\t\t\t    \t                               FROM " . TABLE_CUSTOMERS_STATUS . "\n\t\t\t\t    \t                              WHERE language_id = '" . (int) $_SESSION['languages_id'] . "'\n\t\t\t\t    \t                                AND customers_status_id != '0'");
     while ($group_values = olc_db_fetch_array($group_query)) {
         // load data into array
         $i++;
         $group_data[$i] = array('STATUS_ID' => $group_values['customers_status_id']);
     }
     for ($col = 0, $n = sizeof($group_data); $col < $n + 1; $col++) {
         if ($group_data[$col]['STATUS_ID'] != '') {
             $copy_query = olc_db_query("SELECT quantity,\n\t\t\t\t\t\t\t\t    \t\t\t                                   personal_offer\n\t\t\t\t\t\t\t\t    \t\t\t                              FROM personal_offers_by_customers_status_" . $group_data[$col]['STATUS_ID'] . "\n\t\t\t\t\t\t\t\t    \t\t\t                             WHERE products_id = '" . $old_products_id . "'");
             while ($copy_data = olc_db_fetch_array($copy_query)) {
                 olc_db_query("INSERT INTO personal_offers_by_customers_status_" . $group_data[$col]['STATUS_ID'] . "\n\t\t\t\t\t\t\t\t\t\t    \t\t\t\t                 SET price_id       = '',\n\t\t\t\t\t\t\t\t\t\t    \t\t\t\t                     products_id    = '" . $products_id . "',\n\t\t\t\t\t\t\t\t\t\t    \t\t\t\t                     quantity       = '" . $copy_data['quantity'] . "',\n\t\t\t\t\t\t\t\t\t\t    \t\t\t\t                     personal_offer = '" . $copy_data['personal_offer'] . "'");
             }
         }
     }
 }
    Released under the GNU General Public License
------------------------------------------------------------------------------*/
require 'includes/application_top.php';
//require(DIR_FS_CATALOG . DIR_WS_LANGUAGES . SESSION_LANGUAGE . '/admin/blacklist.php');
switch ($_GET['action']) {
    case 'insert':
    case 'save':
        $blacklist_id = olc_db_prepare_input($_GET['bID']);
        $blacklist_card_number = olc_db_prepare_input($_POST['blacklist_card_number']);
        $sql_data_array = array('blacklist_card_number' => $blacklist_card_number);
        if ($_GET['action'] == 'insert') {
            $insert_sql_data = array('date_added' => 'now()');
            $sql_data_array = olc_array_merge($sql_data_array, $insert_sql_data);
            olc_db_perform(TABLE_BLACKLIST, $sql_data_array);
            $blacklist_id = olc_db_insert_id();
        } elseif ($_GET['action'] == 'save') {
            $update_sql_data = array('last_modified' => 'now()');
            $sql_data_array = olc_array_merge($sql_data_array, $update_sql_data);
            olc_db_perform(TABLE_BLACKLIST, $sql_data_array, 'update', "blacklist_id = '" . olc_db_input($blacklist_id) . APOS);
        }
        /*      $manufacturers_image = olc_get_uploaded_file('manufacturers_image');
              $image_directory = olc_get_local_path(DIR_FS_CATALOG_IMAGES);
        
              if (is_uploaded_file($manufacturers_image['tmp_name'])) {
                if (!is_writeable($image_directory)) {
                  if (is_dir($image_directory)) {
                    $messageStack->add_session(sprintf(ERROR_DIRECTORY_NOT_WRITEABLE, $image_directory), 'error');
                  } else {
                    $messageStack->add_session(sprintf(ERROR_DIRECTORY_DOES_NOT_EXIST, $image_directory), 'error');
                  }
 // build the message content
 $name = trim($customers_firstname . BLANK . $customers_lastname);
 // load data into array
 $module_content = array();
 $module_content = array('MAIL_NAME' => $name, 'MAIL_REPLY_ADDRESS' => EMAIL_SUPPORT_REPLY_ADDRESS, 'MAIL_GENDER' => $customers_gender);
 // assign data to smarty
 $smarty->assign('content', $module_content);
 $txt_mail = CURRENT_TEMPLATE_MAIL . 'create_account_mail.';
 $html_mail = $smarty->fetch($txt_mail . 'html');
 $txt_mail = $smarty->fetch($txt_mail . 'txt');
 // GV Code Start
 // ICW - CREDIT CLASS CODE BLOCK ADDED  ******************************************************* BEGIN
 if (NEW_SIGNUP_GIFT_VOUCHER_AMOUNT > 0) {
     $coupon_code = create_coupon_code();
     $insert_query = olc_db_query(INSERT_INTO . TABLE_COUPONS . " (coupon_code, coupon_type, coupon_amount, date_created) values ('" . $coupon_code . "', 'G', '" . NEW_SIGNUP_GIFT_VOUCHER_AMOUNT . "', now())");
     $insert_id = olc_db_insert_id($insert_query);
     $insert_query = olc_db_query(INSERT_INTO . TABLE_COUPON_EMAIL_TRACK . " (coupon_id, customer_id_sent, sent_firstname, emailed_to, date_sent) values ('" . $insert_id . "', '0', 'Admin', '" . $customers_email_address . "', now() )");
     $html_mail .= '<br/><br/>' . sprintf(EMAIL_GV_INCENTIVE_HEADER, $currencies->format(NEW_SIGNUP_GIFT_VOUCHER_AMOUNT)) . "<br/><br/>" . sprintf(EMAIL_GV_REDEEM, $coupon_code) . "<br/><br/>" . EMAIL_GV_LINK . olc_href_link(FILENAME_GV_REDEEM, 'gv_no=' . $coupon_code, NONSSL, false) . "<br/><br/>";
     $txt_mail .= "\n\n" . sprintf(EMAIL_GV_INCENTIVE_HEADER, $currencies->format(NEW_SIGNUP_GIFT_VOUCHER_AMOUNT)) . "\n\n" . sprintf(EMAIL_GV_REDEEM, $coupon_code) . "\n\n" . EMAIL_GV_LINK . olc_href_link(FILENAME_GV_REDEEM, 'gv_no=' . $coupon_code, NONSSL, false) . "\n\n";
 }
 if (NEW_SIGNUP_DISCOUNT_COUPON != '') {
     $coupon_code = NEW_SIGNUP_DISCOUNT_COUPON;
     $coupon_query = olc_db_query("select * from " . TABLE_COUPONS . " where coupon_code = '" . $coupon_code . APOS);
     $coupon = olc_db_fetch_array($coupon_query);
     $coupon_id = $coupon['coupon_id'];
     $coupon_desc_query = olc_db_query("select * from " . TABLE_COUPONS_DESCRIPTION . " where coupon_id = '" . $coupon_id . "' and language_id = '" . (int) $_SESSION['languages_id'] . APOS);
     $coupon_desc = olc_db_fetch_array($coupon_desc_query);
     $insert_query = olc_db_query(INSERT_INTO . TABLE_COUPON_EMAIL_TRACK . " (coupon_id, customer_id_sent, sent_firstname, emailed_to, date_sent) values ('" . $coupon_id . "', '0', 'Admin', '" . $customers_email_address . "', now() )");
     $html_mail .= "<br/><br/>" . EMAIL_COUPON_INCENTIVE_HEADER . HTML_BR . sprintf("%s", $coupon_desc['coupon_description']) . "<br/><br/>" . sprintf(EMAIL_COUPON_REDEEM, $coupon['coupon_code']) . "<br/><br/>" . "<br/><br/>";
     $txt_mail .= "\n\n" . EMAIL_COUPON_INCENTIVE_HEADER . NEW_LINE . sprintf("%s", $coupon_desc['coupon_description']) . "\n\n" . sprintf(EMAIL_COUPON_REDEEM, $coupon['coupon_code']) . "\n\n" . "\n\n";
 }
$page_parameter = 'page=' . $page;
$mID = olc_db_prepare_input($_GET['mID']);
$action = $_GET['action'];
switch ($action) {
    case 'insert':
    case 'save':
        $manufacturers_id = $mID;
        $manufacturers_id_sql = "manufacturers_id = '" . olc_db_input($manufacturers_id) . APOS;
        $manufacturers_name = olc_db_prepare_input($_POST['manufacturers_name']);
        $sql_data_array = array('manufacturers_name' => $manufacturers_name);
        $is_insert = $action == 'insert';
        if ($is_insert) {
            $insert_sql_data = array('date_added' => 'now()');
            $sql_data_array = olc_array_merge($sql_data_array, $insert_sql_data);
            olc_db_perform(TABLE_MANUFACTURERS, $sql_data_array);
            $manufacturers_id = olc_db_insert_id();
        } else {
            //if ($action == 'save')
            $update_sql_data = array('last_modified' => 'now()');
            $sql_data_array = olc_array_merge($sql_data_array, $update_sql_data);
            olc_db_perform(TABLE_MANUFACTURERS, $sql_data_array, 'update', $manufacturers_id_sql);
        }
        $dir_manufacturers = DIR_FS_CATALOG_IMAGES . "/manufacturers";
        if ($manufacturers_image = new upload('manufacturers_image', $dir_manufacturers)) {
            if ($manufacturers_image->filename) {
                olc_db_query(SQL_UPDATE . TABLE_MANUFACTURERS . "\n\t\t\t\tset manufacturers_image ='manufacturers/" . $manufacturers_image->filename . "' where " . $manufacturers_id_sql);
            }
        }
        $languages = olc_get_languages();
        $manufacturers_url_array = $_POST['manufacturers_url'];
        for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
 $sql_data_array['entry_gender'] = $gender;
 $sql_data_array['entry_company'] = $company;
 if (ACCOUNT_SUBURB == 'true') {
     $sql_data_array['entry_suburb'] = $suburb;
 }
 if (ACCOUNT_STATE == 'true') {
     if ($zone_id > 0) {
         $sql_data_array['entry_zone_id'] = $zone_id;
         $sql_data_array['entry_state'] = '';
     } else {
         $sql_data_array['entry_zone_id'] = '0';
         $sql_data_array['entry_state'] = $state;
     }
 }
 olc_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array);
 $address_id = olc_db_insert_id();
 olc_db_query("update " . TABLE_CUSTOMERS . " set customers_default_address_id = '" . $address_id . "' where customers_id = '" . (int) $user_id . "'");
 olc_db_query("insert into " . TABLE_CUSTOMERS_INFO . " (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values ('" . (int) $user_id . "', '0', now())");
 // create smarty elements
 $smarty = new Smarty();
 $smarty->assign('GENDER', $gender);
 $smarty->assign('FIRSTNAME', $firstname);
 $smarty->assign('LASTNAME', $lastname);
 $smarty->assign('EMAIL', $email_address);
 $smarty->assign('PASSWORT', $password);
 $smarty->caching = false;
 $txt_mail_customer = $smarty->fetch(DIR_FS_CATALOG . 'kunden_import_mail.txt');
 $mail_subject = "Unser neuer Onlineshop";
 /*
 echo "<pre>\n";
 echo $txt_mail_customer;
 }
 if ($_POST['products_id']) {
     $affiliate_products_id = $_POST['products_id'];
 }
 if ($_GET[$affiliate . 'banner_id']) {
     $affiliate_banner_id = $_GET[$affiliate . 'banner_id'];
 }
 if ($_POST[$affiliate . 'banner_id']) {
     $affiliate_banner_id = $_POST[$affiliate . 'banner_id'];
 }
 if (!$link_to) {
     $link_to = "0";
 }
 $sql_data_array = array($affiliate . 'id' => $_SESSION[$affiliate . 'ref'], $affiliate . 'clientdate' => $affiliate_clientdate, $affiliate . 'clientbrowser' => $affiliate_clientbrowser, $affiliate . 'clientip' => $affiliate_clientip, $affiliate . 'clientreferer' => $affiliate_clientreferer, $affiliate . 'products_id' => $affiliate_products_id, $affiliate . 'banner_id' => $affiliate_banner_id);
 olc_db_perform(TABLE_AFFILIATE_CLICKTHROUGHS, $sql_data_array);
 $_SESSION[$affiliate . 'clickthroughs_id'] = olc_db_insert_id();
 // Banner has been clicked, update stats:
 if ($affiliate_banner_id && $_SESSION[$affiliate . 'ref']) {
     $today = date('Y-m-d');
     $sql = "select * from " . TABLE_AFFILIATE_BANNERS_HISTORY . " where affiliate_banners_id = '" . $affiliate_banner_id . "' and  affiliate_banners_affiliate_id = '" . $_SESSION[$affiliate . 'ref'] . "' and affiliate_banners_history_date = '" . $today . APOS;
     $banner_stats_query = olc_db_query($sql);
     // Banner has been shown today
     if (olc_db_fetch_array($banner_stats_query)) {
         olc_db_query(SQL_UPDATE . TABLE_AFFILIATE_BANNERS_HISTORY . " set affiliate_banners_clicks = affiliate_banners_clicks + 1 where affiliate_banners_id = '" . $affiliate_banner_id . "' and affiliate_banners_affiliate_id = '" . $_SESSION[$affiliate . 'ref'] . "' and affiliate_banners_history_date = '" . $today . APOS);
         // Initial entry if banner has not been shown
     } else {
         $sql_data_array = array($affiliate . 'banners_id' => $affiliate_banner_id, $affiliate . 'banners_products_id' => $affiliate_products_id, $affiliate . 'banners_affiliate_id' => $_SESSION[$affiliate . 'ref'], $affiliate . 'banners_clicks' => '1', $affiliate . 'banners_history_date' => $today);
         olc_db_perform(TABLE_AFFILIATE_BANNERS_HISTORY, $sql_data_array);
     }
 }
 // Set Cookie if the customer comes back and orders it counts
        $zone_id = olc_db_prepare_input($_POST['zone_id']);
        olc_db_query(SQL_UPDATE . TABLE_ZONES_TO_GEO_ZONES . " set geo_zone_id = '" . olc_db_input($zID) . "', zone_country_id = '" . olc_db_input($zone_country_id) . "', zone_id = " . (olc_db_input($zone_id) ? APOS . olc_db_input($zone_id) . APOS : 'null') . ", last_modified = now() where association_id = '" . olc_db_input($sID) . APOS);
        olc_redirect(olc_href_link(FILENAME_GEO_ZONES, 'zpage=' . $_GET['zpage'] . '&zID=' . $_GET['zID'] . '&action=list&spage=' . $_GET['spage'] . '&sID=' . $_GET['sID']));
        break;
    case 'deleteconfirm_sub':
        $sID = olc_db_prepare_input($_GET['sID']);
        olc_db_query(DELETE_FROM . TABLE_ZONES_TO_GEO_ZONES . " where association_id = '" . olc_db_input($sID) . APOS);
        olc_redirect(olc_href_link(FILENAME_GEO_ZONES, 'zpage=' . $_GET['zpage'] . '&zID=' . $_GET['zID'] . '&action=list&spage=' . $_GET['spage']));
        break;
}
switch ($_GET['action']) {
    case 'insert_zone':
        $geo_zone_name = olc_db_prepare_input($_POST['geo_zone_name']);
        $geo_zone_description = olc_db_prepare_input($_POST['geo_zone_description']);
        olc_db_query(INSERT_INTO . TABLE_GEO_ZONES . " (geo_zone_name, geo_zone_description, date_added) values ('" . olc_db_input($geo_zone_name) . "', '" . olc_db_input($geo_zone_description) . "', now())");
        $new_zone_id = olc_db_insert_id();
        olc_redirect(olc_href_link(FILENAME_GEO_ZONES, 'zpage=' . $_GET['zpage'] . '&zID=' . $new_zone_id));
        break;
    case 'save_zone':
        $zID = olc_db_prepare_input($_GET['zID']);
        $geo_zone_name = olc_db_prepare_input($_POST['geo_zone_name']);
        $geo_zone_description = olc_db_prepare_input($_POST['geo_zone_description']);
        olc_db_query(SQL_UPDATE . TABLE_GEO_ZONES . " set geo_zone_name = '" . olc_db_input($geo_zone_name) . "', geo_zone_description = '" . olc_db_input($geo_zone_description) . "', last_modified = now() where geo_zone_id = '" . olc_db_input($zID) . APOS);
        olc_redirect(olc_href_link(FILENAME_GEO_ZONES, 'zpage=' . $_GET['zpage'] . '&zID=' . $_GET['zID']));
        break;
    case 'deleteconfirm_zone':
        $zID = olc_db_prepare_input($_GET['zID']);
        olc_db_query(DELETE_FROM . TABLE_GEO_ZONES . " where geo_zone_id = '" . olc_db_input($zID) . APOS);
        olc_db_query(DELETE_FROM . TABLE_ZONES_TO_GEO_ZONES . " where geo_zone_id = '" . olc_db_input($zID) . APOS);
        olc_redirect(olc_href_link(FILENAME_GEO_ZONES, 'zpage=' . $_GET['zpage']));
        break;
function CustomersUpdate()
{
    global $_POST, $Lang_folder;
    $customers_id = -1;
    // include PW function
    require_once DIR_FS_INC . 'olc_encrypt_password.inc.php';
    if (isset($_POST['cID'])) {
        $customers_id = olc_db_prepare_input($_POST['cID']);
    }
    // security check, if user = admin, dont allow to perform changes
    if ($customers_id != -1) {
        $sec_query = olc_db_query("SELECT customers_status FROM " . TABLE_CUSTOMERS . " where customers_id='" . $customers_id . "'");
        $sec_data = olc_db_fetch_array($sec_query);
        if ($sec_data['customers_status'] == 0) {
            print_xml_status(120, $_POST['action'], 'CAN NOT CHANGE ADMIN USER!', '', '', '');
            return;
        }
    }
    $sql_customers_data_array = array();
    if (isset($_POST['customers_cid'])) {
        $sql_customers_data_array['customers_cid'] = $_POST['customers_cid'];
    }
    if (isset($_POST['customers_firstname'])) {
        $sql_customers_data_array['customers_firstname'] = $_POST['customers_firstname'];
    }
    if (isset($_POST['customers_lastname'])) {
        $sql_customers_data_array['customers_lastname'] = $_POST['customers_lastname'];
    }
    if (isset($_POST['customers_dob'])) {
        $sql_customers_data_array['customers_dob'] = $_POST['customers_dob'];
    }
    if (isset($_POST['customers_email'])) {
        $sql_customers_data_array['customers_email_address'] = $_POST['customers_email'];
    }
    if (isset($_POST['customers_tele'])) {
        $sql_customers_data_array['customers_telephone'] = $_POST['customers_tele'];
    }
    if (isset($_POST['customers_fax'])) {
        $sql_customers_data_array['customers_fax'] = $_POST['customers_fax'];
    }
    if (isset($_POST['customers_gender'])) {
        $sql_customers_data_array['customers_gender'] = $_POST['customers_gender'];
    }
    if (isset($_POST['customers_password'])) {
        $sql_customers_data_array['customers_password'] = olc_encrypt_password($_POST['customers_password']);
    }
    $sql_address_data_array = array();
    if (isset($_POST['customers_firstname'])) {
        $sql_address_data_array['entry_firstname'] = $_POST['customers_firstname'];
    }
    if (isset($_POST['customers_lastname'])) {
        $sql_address_data_array['entry_lastname'] = $_POST['customers_lastname'];
    }
    if (isset($_POST['customers_company'])) {
        $sql_address_data_array['entry_company'] = $_POST['customers_company'];
    }
    if (isset($_POST['customers_street'])) {
        $sql_address_data_array['entry_street_address'] = $_POST['customers_street'];
    }
    if (isset($_POST['customers_city'])) {
        $sql_address_data_array['entry_city'] = $_POST['customers_city'];
    }
    if (isset($_POST['customers_postcode'])) {
        $sql_address_data_array['entry_postcode'] = $_POST['customers_postcode'];
    }
    if (isset($_POST['customers_gender'])) {
        $sql_address_data_array['entry_gender'] = $_POST['customers_gender'];
    }
    if (isset($_POST['customers_country_id'])) {
        $country_code = $_POST['customers_country_id'];
    }
    $country_query = "SELECT countries_id FROM " . TABLE_COUNTRIES . " WHERE countries_iso_code_2 = '" . $country_code . "' LIMIT 1";
    $country_result = olc_db_query($country_query);
    $row = olc_db_fetch_array($country_result);
    $sql_address_data_array['entry_country_id'] = $row['countries_id'];
    $count_query = olc_db_query("SELECT count(*) as count FROM " . TABLE_CUSTOMERS . " WHERE customers_id='" . (int) $customers_id . "' LIMIT 1");
    $check = olc_db_fetch_array($count_query);
    if ($check['count'] > 0) {
        $mode = 'SQL_UPDATE';
        $address_book_result = olc_db_query("SELECT customers_default_address_id FROM " . TABLE_CUSTOMERS . " WHERE customers_id = '" . (int) $customers_id . "' LIMIT 1");
        $customer = olc_db_fetch_array($address_book_result);
        olc_db_perform(TABLE_CUSTOMERS, $sql_customers_data_array, 'update', "customers_id = '" . olc_db_input($customers_id) . "' LIMIT 1");
        olc_db_perform(TABLE_ADDRESS_BOOK, $sql_address_data_array, 'update', "customers_id = '" . olc_db_input($customers_id) . "' AND address_book_id = '" . $customer['customers_default_address_id'] . "' LIMIT 1");
        olc_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_account_last_modified = now() where customers_info_id = '" . (int) $customers_id . "'  LIMIT 1");
    } else {
        $mode = 'APPEND';
        if (strlen($_POST['customers_password']) == 0) {
            // generate PW if empty
            $pw = olc_RandomString(8);
            $sql_customers_data_array['customers_password'] = olc_create_password($pw);
        }
        olc_db_perform(TABLE_CUSTOMERS, $sql_customers_data_array);
        $customers_id = olc_db_insert_id();
        $sql_address_data_array['customers_id'] = $customers_id;
        olc_db_perform(TABLE_ADDRESS_BOOK, $sql_address_data_array);
        $address_id = olc_db_insert_id();
        olc_db_query("update " . TABLE_CUSTOMERS . " set customers_default_address_id = '" . (int) $address_id . "' where customers_id = '" . (int) $customers_id . "'");
        olc_db_query("update " . TABLE_CUSTOMERS . " set customers_status = '" . STANDARD_GROUP . "' where customers_id = '" . (int) $customers_id . "'");
        olc_db_query("insert into " . TABLE_CUSTOMERS_INFO . " (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values ('" . (int) $customers_id . "', '0', now())");
    }
    if (SEND_ACCOUNT_MAIL == true && $mode == 'APPEND' && $sql_customers_data_array['customers_email_address'] != '') {
        // generate mail for customer if customer=new
        require_once DIR_WS_CLASSES . 'class.phpmailer.php';
        require_once DIR_FS_INC . 'olc_php_mail.inc.php';
        require_once DIR_FS_INC . 'olc_add_tax.inc.php';
        require_once DIR_FS_INC . 'olc_not_null.inc.php';
        require_once DIR_FS_INC . 'changedataout.inc.php';
        require_once DIR_FS_INC . 'olc_href_link.inc.php';
        require_once DIR_FS_INC . 'olc_date_long.inc.php';
        require_once DIR_FS_INC . 'olc_check_agent.inc.php';
        $smarty = new Smarty();
        //$smarty->assign('language', $check_status['language']);
        $smarty->assign('language', $Lang_folder);
        $smarty->caching = false;
        $smarty->template_dir = DIR_FS_CATALOG . 'templates';
        $smarty->compile_dir = DIR_FS_CATALOG . 'cache/templates_c';
        $smarty->config_dir = DIR_FS_CATALOG . 'lang';
        $smarty->assign('tpl_path', 'templates/' . CURRENT_TEMPLATE . '/');
        $smarty->assign('logo_path', HTTP_SERVER . DIR_WS_CATALOG . 'templates/' . CURRENT_TEMPLATE . '/images/');
        $smarty->assign('NAME', $sql_customers_data_array['customers_lastname'] . ' ' . $sql_customers_data_array['customers_firstname']);
        $smarty->assign('EMAIL', $sql_customers_data_array['customers_email_address']);
        $smarty->assign('PASSWORD', $pw);
        //$smarty->assign('language', $Lang_folder);
        $smarty->assign('content', $module_content);
        $smarty->caching = false;
        $html_mail = $smarty->fetch(CURRENT_TEMPLATE . '/admin/mail/' . $Lang_folder . '/create_account_mail.html');
        $txt_mail = $smarty->fetch(CURRENT_TEMPLATE . '/admin/mail/' . $Lang_folder . '/create_account_mail.txt');
        // send mail with html/txt template
        olc_php_mail(EMAIL_SUPPORT_ADDRESS, EMAIL_SUPPORT_NAME, $sql_customers_data_array['customers_email_address'], $sql_customers_data_array['customers_lastname'] . ' ' . $sql_customers_data_array['customers_firstname'], '', EMAIL_SUPPORT_REPLY_ADDRESS, EMAIL_SUPPORT_REPLY_ADDRESS_NAME, '', '', EMAIL_SUPPORT_SUBJECT, $html_mail, $txt_mail);
    }
    print_xml_status(0, $_POST['action'], 'OK', $mode, 'CUSTOMERS_ID', $customers_id);
}
 switch ($_GET['action']) {
     case 'insert':
     case 'save':
         $currency_id = olc_db_prepare_input($_GET['cID']);
         $title = olc_db_prepare_input($_POST['title']);
         $code = olc_db_prepare_input($_POST['code']);
         $symbol_left = olc_db_prepare_input($_POST['symbol_left']);
         $symbol_right = olc_db_prepare_input($_POST['symbol_right']);
         $decimal_point = olc_db_prepare_input($_POST['decimal_point']);
         $thousands_point = olc_db_prepare_input($_POST['thousands_point']);
         $decimal_places = olc_db_prepare_input($_POST['decimal_places']);
         $value = olc_db_prepare_input($_POST['value']);
         $sql_data_array = array('title' => $title, 'code' => $code, 'symbol_left' => $symbol_left, 'symbol_right' => $symbol_right, 'decimal_point' => $decimal_point, 'thousands_point' => $thousands_point, 'decimal_places' => $decimal_places, 'value' => $value);
         if ($_GET['action'] == 'insert') {
             olc_db_perform(TABLE_CURRENCIES, $sql_data_array);
             $currency_id = olc_db_insert_id();
         } elseif ($_GET['action'] == 'save') {
             olc_db_perform(TABLE_CURRENCIES, $sql_data_array, 'update', "currencies_id = '" . olc_db_input($currency_id) . APOS);
         }
         if ($_POST['default'] == 'on') {
             olc_db_query(SQL_UPDATE . TABLE_CONFIGURATION . " set configuration_value = '" . olc_db_input($code) . "' where configuration_key = 'DEFAULT_CURRENCY'");
         }
         olc_redirect(olc_href_link(FILENAME_CURRENCIES, 'page=' . $_GET['page'] . '&cID=' . $currency_id));
         break;
     case 'deleteconfirm':
         $currencies_id = olc_db_prepare_input($_GET['cID']);
         $currency_query = olc_db_query("select currencies_id from " . TABLE_CURRENCIES . " where code = '" . DEFAULT_CURRENCY . APOS);
         $currency = olc_db_fetch_array($currency_query);
         if ($currency['currencies_id'] == $currencies_id) {
             olc_db_query(SQL_UPDATE . TABLE_CONFIGURATION . " set configuration_value = '' where configuration_key = 'DEFAULT_CURRENCY'");
         }
            }
            if ($content_file_name == EMPTY_STRING) {
                $content_file_name = $filename;
            }
        } else {
            $content_file_name = $select_file;
        }
        // if
        // update data in table
        $sql_data_array = array('products_id' => $product, 'content_name' => $content_title, 'content_file' => $content_file_name, 'content_link' => $content_link, 'file_comment' => $file_comment, 'languages_id' => $content_language);
        if ($_GET['id'] == 'update_product') {
            olc_db_perform(TABLE_PRODUCTS_CONTENT, $sql_data_array, 'update', "content_id = '" . $coID . APOS);
            $content_id = olc_db_insert_id();
        } else {
            olc_db_perform(TABLE_PRODUCTS_CONTENT, $sql_data_array);
            $content_id = olc_db_insert_id();
        }
        // if get id
        // rename filename
        olc_redirect(olc_href_link(FILENAME_CONTENT_MANAGER, 'pID=' . $product));
    }
    // if error
}
require DIR_WS_INCLUDES . 'header.php';
?>
<table border="0" width="100%" cellspacing="2" cellpadding="2">
  <tr>
    <td class="columnLeft2" nowrap="nowrap" valign="top"><table border="0" cellspacing="1" cellpadding="1" nowrap="nowrap">
<!-- left_navigation //-->
<?php 
require DIR_WS_INCLUDES . 'column_left.php';
 if ($process) {
     //	W. Kaiser - Common code for account data handling
     include DIR_FS_INC . 'olc_get_check_customer_data.inc.php';
     //	W. Kaiser - Common code for account handling
     if ($error) {
         if (IS_AJAX_PROCESSING) {
             //Add messagestackinfo
             if (is_object($messageStack)) {
                 $m = $messageStack->size(MESSAGE_STACK_NAME);
                 if ($m > 0) {
                     ajax_error($messageStack->output(MESSAGE_STACK_NAME));
                 }
             }
         }
     } else {
         $_SESSION[$checkout_id_text] = olc_db_insert_id();
         if ($IsCheckout_payment) {
             unset($_SESSION[$checkout_session_text]);
         }
         olc_redirect(olc_href_link($redirect_link, EMPTY_STRING, SSL));
     }
 } else {
     $address_id = $_POST['address'];
     if ($address_id) {
         $checkout_id = $_SESSION[$checkout_id_text];
         if ($checkout_id == $address_id) {
             $doit = true;
         } else {
             $checkout_id = $address_id;
             $check_address_query = olc_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . CUSTOMER_ID . "' and address_book_id = '" . $address_id . APOS);
             $check_address = olc_db_fetch_array($check_address_query);
     $messageStack->add(ERROR_BANNER_GROUP_REQUIRED, 'error');
     $banner_error = true;
 }
 if (empty($html_text)) {
     if (!($banners_image = new upload('banners_image', DIR_FS_CATALOG_IMAGES . 'banner/' . $banners_image_target))) {
         $banner_error = true;
     }
 }
 if (!$banner_error) {
     $db_image_location = olc_not_null($banners_image_local) ? $banners_image_local : $banners_image_target . $banners_image->filename;
     $sql_data_array = array('banners_title' => $banners_title, 'banners_url' => $banners_url, 'banners_image' => $db_image_location, 'banners_group' => $banners_group, 'banners_html_text' => $html_text);
     if ($action == 'insert') {
         $insert_sql_data = array('date_added' => 'now()', 'status' => '1');
         $sql_data_array = olc_array_merge($sql_data_array, $insert_sql_data);
         olc_db_perform(TABLE_BANNERS, $sql_data_array);
         $banners_id = olc_db_insert_id();
         $messageStack->add_session(SUCCESS_BANNER_INSERTED, 'success');
     } elseif ($action == 'update') {
         olc_db_perform(TABLE_BANNERS, $sql_data_array, 'update', 'banners_id = \'' . $banners_id . '\'');
         $messageStack->add_session(SUCCESS_BANNER_UPDATED, 'success');
     }
     $expires_date = olc_db_prepare_input($_POST['expires_date']);
     if ($expires_date) {
         list($day, $month, $year) = explode('.', $expires_date);
         $expires_date = $year . (strlen($month) == 1 ? '0' . $month : $month) . (strlen($day) == 1 ? '0' . $day : $day);
         $sql_update = " set expires_date = '" . $expires_date . "', expires_impressions = null";
     } else {
         $impressions = olc_db_prepare_input($_POST['impressions']);
         if ($impressions) {
             $sql_update = " set expires_impressions = '" . $impressions . "', expires_date = null";
         }
     $basket_query = olc_db_query($sql_delete . TABLE_CUSTOMERS_BASKET_SAVE . $where_bid);
     $basket_query = olc_db_query($sql_delete . TABLE_CUSTOMERS_BASKET_ATTRIBUTES_SAVE . $where_bid);
 }
 $cart_name = trim($_POST[NAVBAR_TITLE_SHOPPING_CART]);
 if (!$cart_name) {
     $cart_name = $cart_name0;
 }
 //Insert cart-control-data
 $sql_data_array = array();
 $sql_data_array['customers_id'] = CUSTOMER_ID;
 $sql_data_array['basket_name'] = $cart_name;
 $date = date('Ymd');
 $sql_data_array['basket_date_added'] = $date;
 $sql_data_array['basket_last_used'] = $date;
 olc_db_perform(TABLE_CUSTOMERS_BASKET_SAVE_BASKETS, $sql_data_array);
 $basket_id = olc_db_insert_id($basket_query);
 //Save cart products
 $sql_data_array = array();
 while ($products = olc_db_fetch_array($product_query)) {
     while (list($name, $value) = each($products)) {
         $sql_data_array[$name] = $value;
     }
     $sql_data_array['customers_basket_id'] = $basket_id;
     olc_db_perform(TABLE_CUSTOMERS_BASKET_SAVE, $sql_data_array);
 }
 //Save cart products attributes
 $product_query = olc_db_query($sql_select . TABLE_CUSTOMERS_BASKET_ATTRIBUTES . $where_cid);
 if (olc_db_num_rows($product_query) > 0) {
     $sql_data_array = array();
     while ($products = olc_db_fetch_array($product_query)) {
         while (list($name, $value) = each($products)) {
         $option_name = $_POST['option_name'];
         olc_db_query(INSERT_INTO . TABLE_PRODUCTS_OPTIONS . " (products_options_id, products_options_name, language_id) values ('" . $_POST['products_options_id'] . "', '" . $option_name[$languages[$i]['id']] . "', '" . $languages[$i]['id'] . "')");
     }
     olc_redirect(olc_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info));
     break;
 case 'add_product_option_values':
     for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
         $value_name = $_POST['value_name'];
         olc_db_query(INSERT_INTO . TABLE_PRODUCTS_OPTIONS_VALUES . " (products_options_values_id, language_id, products_options_values_name) values ('" . $_POST['value_id'] . "', '" . $languages[$i]['id'] . "', '" . $value_name[$languages[$i]['id']] . "')");
     }
     olc_db_query(INSERT_INTO . TABLE_PRODUCTS_OPTIONS_VALUES_TO_PRODUCTS_OPTIONS . " (products_options_id, products_options_values_id) values ('" . $_POST['option_id'] . "', '" . $_POST['value_id'] . "')");
     olc_redirect(olc_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info));
     break;
 case 'add_product_attributes':
     olc_db_query(INSERT_INTO . TABLE_PRODUCTS_ATTRIBUTES . " values ('', '" . $_POST['products_id'] . "', '" . $_POST['options_id'] . "', '" . $_POST['values_id'] . "', '" . $_POST['value_price'] . "', '" . $_POST['price_prefix'] . "')");
     $products_attributes_id = olc_db_insert_id();
     if (DOWNLOAD_ENABLED == TRUE_STRING_S && $_POST['products_attributes_filename'] != '') {
         olc_db_query(INSERT_INTO . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " values (" . $products_attributes_id . ", '" . $_POST['products_attributes_filename'] . "', '" . $_POST['products_attributes_maxdays'] . "', '" . $_POST['products_attributes_maxcount'] . "')");
     }
     olc_redirect(olc_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info));
     break;
 case 'update_option_name':
     for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
         $option_name = $_POST['option_name'];
         olc_db_query(SQL_UPDATE . TABLE_PRODUCTS_OPTIONS . " set products_options_name = '" . $option_name[$languages[$i]['id']] . "' where products_options_id = '" . $_POST['option_id'] . "' and language_id = '" . $languages[$i]['id'] . APOS);
     }
     olc_redirect(olc_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info));
     break;
 case 'update_value':
     $value_name = $_POST['value_name'];
     for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
             }
         }
     }
 }
 $auctionid = $current_product['auctionid'];
 if ($auctionid) {
     $sqlstring = SQL_UPDATE . TABLE_AUCTION_DETAILS . " SET order_number = '" . $insert_id . "'\n\t\tWHERE auction_id = '" . $auctionid . "'\tAND buyer_email = '" . $customer_email_address . APOS;
     olc_db_query($sqlstring);
     //set special if product is an auction
     $auctionid = " (EBAY-id: " . $auctionid . RPAREN;
 }
 // Update products_ordered (for bestsellers list)
 olc_db_query($update_table_products . "products_ordered = products_ordered + " . $current_product_qty . $current_product_id_where);
 $sql_data_array = array('orders_id' => $orders_id, 'products_id' => $current_product_id, 'products_model' => $current_product['model'], 'products_name' => $current_product['name'] . $auctionid, 'products_price' => $current_product['price'], 'final_price' => $current_product['final_price'], 'products_tax' => $current_product['tax'], 'products_discount_made' => $current_product_id['discount_allowed'], 'products_quantity' => $current_product_qty, 'allow_tax' => CUSTOMER_SHOW_PRICE_TAX);
 olc_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array);
 $order_products_id = olc_db_insert_id();
 //$order_total_modules->update_credit_account($i);// GV Code ICW ADDED FOR CREDIT CLASS SYSTEM
 if (is_callable(array($order_total_modules, 'update_credit_account'))) {
     global $orders_id;
     $order_total_modules->update_credit_account($i);
     //ICW ADDED FOR CREDIT CLASS SYSTEM
 }
 //------insert customer choosen option to order--------
 $attributes_exist = '0';
 $products_ordered_attributes = EMPTY_STRING;
 $current_product_attributes = $current_product['attributes'];
 if ($current_product_attributes) {
     $attributes_exist = '1';
     for ($j = 0, $n2 = sizeof($current_product_attributes); $j < $n2; $j++) {
         $current_product_attribute = $current_product_attributes[$j];
         $current_product_attribute_option_id = $current_product_attribute['option_id'];
         $rzp .= $customers_status[$i]['id'];
     }
 }
 if (olc_db_prepare_input($_POST['status_all']) == 'yes') {
     $rzp .= ',all';
 }
 $error = false;
 // reset error flag
 if ($error == false) {
     $sql_data_array = array('title' => $newsletter_title, 'status' => '0', 'bc' => $rzp, 'date' => 'now()', 'body' => $body);
     if ($id_post != EMPTY_STRING) {
         olc_db_perform(TABLE_MODULE_NEWSLETTER, $sql_data_array, 'update', "newsletter_id = '" . $id_post . APOS);
     } else {
         olc_db_perform(TABLE_MODULE_NEWSLETTER, $sql_data_array);
         // create temp table
         $id_post = olc_db_insert_id();
     }
     // create temp table
     $create_query = TABLE_MODULE_NEWSLETTER_TEMP . $id_post;
     $drop_query = "DROP TABLE IF EXISTS " . $create_query;
     $create_query = "CREATE TABLE " . $create_query;
     olc_db_query($drop_query);
     olc_db_query($create_query . "\n    (\n      id int(11) NOT NULL auto_increment,\n      customers_id int(11) NOT NULL default '0',\n      customers_status int(11) NOT NULL default '0',\n      customers_firstname varchar(64) NOT NULL default '',\n      customers_lastname varchar(64) NOT NULL default '',\n      customers_email_address text NOT NULL,\n      customers_email_type int(1) NOT NULL,\n      mail_key varchar(32) NOT NULL,\n      date datetime NOT NULL default '0000-00-00 00:00:00',\n      comment varchar(64) NOT NULL default '',\n      PRIMARY KEY (id)\n      )");
     // filling temp table with data!
     $flag = '';
     if (!strpos($rzp, 'all')) {
         $flag = TRUE_STRING_S;
     }
     $rzp = str_replace(',all', EMPTY_STRING, $rzp);
     $groups = explode(COMMA, $rzp);
     $sql_data_array = EMPTY_STRING;
         $affiliate_billing_query = olc_db_query($sql);
         $affiliate_billing = olc_db_fetch_array($affiliate_billing_query);
         // Get affiliate Informations
         $sql = "\n        SELECT a.*, c.countries_id, c.countries_name, c.countries_iso_code_2, c.countries_iso_code_3, c.address_format_id\n          from " . TABLE_AFFILIATE . " a\n          left join " . TABLE_ZONES . " z on (a.affiliate_zone_id  = z.zone_id)\n          left join " . TABLE_COUNTRIES . " c on (a.affiliate_country_id = c.countries_id)\n          WHERE affiliate_id = '" . $affiliate_payment['affiliate_id'] . "'\n        ";
         $affiliate_query = olc_db_query($sql);
         $affiliate = olc_db_fetch_array($affiliate_query);
         // Get need tax informations for the affiliate
         $affiliate_tax_rate = olc_get_affiliate_tax_rate(AFFILIATE_TAX_ID, $affiliate['affiliate_country_id'], $affiliate['affiliate_zone_id']);
         $affiliate_tax = olc_round($affiliate_billing['affiliate_payment'] * $affiliate_tax_rate / 100, 2);
         // Netto-Provision
         $affiliate_payment_total = $affiliate_billing['affiliate_payment'] + $affiliate_tax;
         // Bill the order
         $affiliate['affiliate_state'] = olc_get_zone_code($affiliate['affiliate_country_id'], $affiliate['affiliate_zone_id'], $affiliate['affiliate_state']);
         $sql_data_array = array('affiliate_id' => $affiliate_payment['affiliate_id'], 'affiliate_payment' => $affiliate_billing['affiliate_payment'], 'affiliate_payment_tax' => $affiliate_tax, 'affiliate_payment_total' => $affiliate_payment_total, 'affiliate_payment_date' => 'now()', 'affiliate_payment_status' => '0', 'affiliate_firstname' => $affiliate['affiliate_firstname'], 'affiliate_lastname' => $affiliate['affiliate_lastname'], 'affiliate_street_address' => $affiliate['affiliate_street_address'], 'affiliate_suburb' => $affiliate['affiliate_suburb'], 'affiliate_city' => $affiliate['affiliate_city'], 'affiliate_country' => $affiliate['countries_name'], 'affiliate_postcode' => $affiliate['affiliate_postcode'], 'affiliate_company' => $affiliate['affiliate_company'], 'affiliate_state' => $affiliate['affiliate_state'], 'affiliate_address_format_id' => $affiliate['address_format_id']);
         olc_db_perform(TABLE_AFFILIATE_PAYMENT, $sql_data_array);
         $insert_id = olc_db_insert_id();
         // Set the Sales to Final State
         olc_db_query(SQL_UPDATE . TABLE_AFFILIATE_SALES . " set affiliate_payment_id = '" . $insert_id . "', affiliate_billing_status = 1, affiliate_payment_date = now() where affiliate_id = '" . $affiliate_payment['affiliate_id'] . "' and affiliate_billing_status = 99");
         // Notify Affiliate
         if (AFFILIATE_NOTIFY_AFTER_BILLING == TRUE_STRING_S) {
             $check_status_query = olc_db_query("select af.affiliate_email_address, ap.affiliate_lastname, ap.affiliate_firstname, ap.affiliate_payment_status, ap.affiliate_payment_date, ap.affiliate_payment_date from " . TABLE_AFFILIATE_PAYMENT . " ap, " . TABLE_AFFILIATE . " af where affiliate_payment_id  = '" . $insert_id . "' and af.affiliate_id = ap.affiliate_id ");
             $check_status = olc_db_fetch_array($check_status_query);
             $email = STORE_NAME . NEW_LINE . EMAIL_SEPARATOR . NEW_LINE . EMAIL_TEXT_AFFILIATE_PAYMENT_NUMBER . BLANK . $insert_id . NEW_LINE . EMAIL_TEXT_INVOICE_URL . BLANK . olc_catalog_href_link(FILENAME_CATALOG_AFFILIATE_PAYMENT_INFO, 'payment_id=' . $insert_id, SSL) . NEW_LINE . EMAIL_TEXT_PAYMENT_BILLED . BLANK . olc_date_long($check_status['affiliate_payment_date']) . "\n\n" . EMAIL_TEXT_NEW_PAYMENT;
             olc_mail($check_status['affiliate_firstname'] . BLANK . $check_status['affiliate_lastname'], $check_status['affiliate_email_address'], EMAIL_TEXT_SUBJECT, nl2br($email), STORE_OWNER, AFFILIATE_EMAIL_ADDRESS);
         }
     }
     $messageStack->add_session(SUCCESS_BILLING, 'success');
     olc_redirect(olc_href_link(FILENAME_AFFILIATE_PAYMENT, olc_get_all_get_params(array('action')) . 'action=edit'));
     break;
 case 'update_payment':
     $pID = olc_db_prepare_input($_GET['pID']);
         $messageStack->add(ERROR_IMAGE_DIRECTORY_NOT_WRITEABLE, 'error');
         $affiliate_banner_error = true;
         $_GET['action'] = 'new';
     } else {
         $image_location = DIR_FS_CATALOG_IMAGES . $_FILES['affiliate_banners_image']['name'];
         move_uploaded_file($_FILES['affiliate_banners_image']['tmp_name'], $image_location);
         $db_image_location = $_FILES['affiliate_banners_image']['name'];
         if (!$affiliate_products_id) {
             $affiliate_products_id = "0";
         }
         $sql_data_array = array('affiliate_banners_title' => $affiliate_banners_title, 'affiliate_products_id' => $affiliate_products_id, 'affiliate_banners_image' => $db_image_location, 'affiliate_banners_group' => $affiliate_banners_group);
         if ($_GET['action'] == 'insert') {
             $insert_sql_data = array('affiliate_date_added' => 'now()', 'affiliate_status' => '1');
             $sql_data_array = array_merge($sql_data_array, $insert_sql_data);
             olc_db_perform(TABLE_AFFILIATE_BANNERS, $sql_data_array);
             $affiliate_banners_id = olc_db_insert_id();
             // Banner id 1 is generic Product Banner
             if ($affiliate_banners_id == 1) {
                 olc_db_query(SQL_UPDATE . TABLE_AFFILIATE_BANNERS . " set affiliate_banners_id = affiliate_banners_id + 1");
             }
             $messageStack->add_session(SUCCESS_BANNER_INSERTED, 'success');
         } elseif ($_GET['action'] == 'update') {
             $insert_sql_data = array('affiliate_date_status_change' => 'now()');
             $sql_data_array = array_merge($sql_data_array, $insert_sql_data);
             olc_db_perform(TABLE_AFFILIATE_BANNERS, $sql_data_array, 'update', 'affiliate_banners_id = \'' . $affiliate_banners_id . '\'');
             $messageStack->add_session(SUCCESS_BANNER_UPDATED, 'success');
         }
         olc_redirect(olc_href_link(FILENAME_AFFILIATE_BANNER_MANAGER, 'page=' . $_GET['page'] . '&abID=' . $affiliate_banners_id));
     }
 }
 break;
     if ($_POST[$categories_id_text] != $current_category_id) {
         $check_query = olc_db_query(SELECT_COUNT . "as total from " . TABLE_PRODUCTS_TO_CATEGORIES . " where products_id = " . $products_id . " and categories_id = " . $categories_id);
         $check = olc_db_fetch_array($check_query);
         if ($check['total'] < 1) {
             olc_db_query(INSERT_INTO . TABLE_PRODUCTS_TO_CATEGORIES . " (\n\t\t\t\t\t\t\t\tproducts_id,\n\t\t\t\t\t\t\t\tcategories_id\n\t\t\t\t\t\t\t\t) values (" . olc_db_input($products_id) . COMMA . olc_db_input($categories_id) . RPAREN);
         }
     } else {
         $messageStack->add_session(ERROR_CANNOT_LINK_TO_SAME_CATEGORY, 'error');
     }
 } elseif ($_POST['copy_as'] == 'duplicate') {
     $where = SQL_WHERE . 'products_id=' . $products_id;
     $product_query = olc_db_query(SELECT_ALL . TABLE_PRODUCTS . $where);
     $product = olc_db_fetch_array($product_query);
     unset($product[$products_id_text]);
     olc_db_perform(TABLE_PRODUCTS, $product);
     $dup_products_id = olc_db_insert_id();
     $description_query = olc_db_query(SELECT_ALL . TABLE_PRODUCTS_DESCRIPTION . $where);
     while ($description = olc_db_fetch_array($description_query)) {
         $description[$products_id_text] = $dup_products_id;
         $description['products_viewed'] = 0;
         olc_db_perform(TABLE_PRODUCTS_DESCRIPTION, $description);
     }
     olc_db_query(INSERT_INTO . TABLE_PRODUCTS_TO_CATEGORIES . " (\n\t\t\t\t\t\tproducts_id,\n\t\t\t\t\t\tcategories_id\n\t\t\t\t\t\t) values (" . $dup_products_id . COMMA . $categories_id . RPAREN);
     //mo_images by Novalis@eXanto.de
     $mo_images = olc_get_products_mo_images($products_id);
     if (isset($mo_images)) {
         $insert = INSERT_INTO . TABLE_PRODUCTS_IMAGES . " (products_id, image_nr, image_name) values ('";
         foreach ($mo_images as $mo_img) {
             olc_db_query($insert . $dup_products_id . $comma_blank . $mo_img['image_nr'] . $comma_blank . $mo_img['image_name'] . "')");
         }
     }