function query($order_id)
{
$order_id = oos_db_prepare_input($order_id);
$nLanguageID = isset($_SESSION['language_id']) ? $_SESSION['language_id'] + 0 : 1;
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$orderstable = $oostable['orders'];
$sql = "SELECT customers_id, customers_name, customers_number, customers_company, customers_street_address,\n customers_suburb, customers_city, customers_postcode, customers_state,\n customers_country, customers_telephone, customers_email_address,\n customers_address_format_id, delivery_name, delivery_company,\n delivery_street_address, delivery_suburb, delivery_city, delivery_postcode,\n delivery_state, delivery_country, delivery_address_format_id, billing_name,\n billing_company, billing_street_address, billing_suburb, billing_city,\n billing_postcode, billing_state, billing_country, billing_address_format_id,\n payment_method, cc_type, cc_owner, cc_number, cc_expires, cc_cvv, cc_start, cc_issue,\n currency, currency_value, date_purchased, campaigns, orders_status, last_modified\n FROM {$orderstable}\n WHERE orders_id = '" . intval($order_id) . "'";
$order = $dbconn->GetRow($sql);
$orders_totaltable = $oostable['orders_total'];
$sql = "SELECT title, text\n FROM {$orders_totaltable}\n WHERE orders_id = '" . intval($order_id) . "'\n ORDER BY sort_order";
$this->totals = $dbconn->GetAll($sql);
$orders_totaltable = $oostable['orders_total'];
$sql = "SELECT text\n FROM {$orders_totaltable}\n WHERE orders_id = '" . intval($order_id) . "'\n AND class = 'ot_total'";
$order_total_text = $dbconn->GetOne($sql);
$orders_totaltable = $oostable['orders_total'];
$sql = "SELECT title\n FROM {$orders_totaltable}\n WHERE orders_id = '" . intval($order_id) . "'\n AND class = 'ot_shipping'";
$shipping_method_title = $dbconn->GetOne($sql);
$orders_statustable = $oostable['orders_status'];
$sql = "SELECT orders_status_name\n FROM {$orders_statustable}\n WHERE orders_status_id = '" . $order['orders_status'] . "'\n AND orders_languages_id = '" . intval($nLanguageID) . "'";
$orders_status_name = $dbconn->GetOne($sql);
$campaignstable = $oostable['campaigns'];
$sql = "SELECT campaigns_name\n FROM {$campaignstable}\n WHERE campaigns_id = '" . $order['campaigns'] . "'\n AND campaigns_languages_id = '" . intval($nLanguageID) . "'";
$campaigns_name = $dbconn->GetOne($sql);
$this->info = array('currency' => $order['currency'], 'currency_value' => $order['currency_value'], 'payment_method' => $order['payment_method'], 'cc_type' => $order['cc_type'], 'cc_owner' => $order['cc_owner'], 'cc_number' => $order['cc_number'], 'cc_expires' => $order['cc_expires'], 'cc_start' => $order['cc_start'], 'cc_issue' => $order['cc_issue'], 'cc_cvv' => $order['cc_cvv'], 'date_purchased' => $order['date_purchased'], 'campaigns' => $campaigns_name, 'orders_status' => $orders_status_name, 'last_modified' => $order['last_modified'], 'total' => strip_tags($order_total_text), 'shipping_method' => substr($shipping_method_title, -1) == ':' ? substr(strip_tags($shipping_method_title), 0, -1) : strip_tags($shipping_method_title));
$this->customer = array('id' => $order['customers_id'], 'name' => $order['customers_name'], 'number' => $order['customers_number'], 'company' => $order['customers_company'], 'street_address' => $order['customers_street_address'], 'suburb' => $order['customers_suburb'], 'city' => $order['customers_city'], 'postcode' => $order['customers_postcode'], 'state' => $order['customers_state'], 'country' => $order['customers_country'], 'format_id' => $order['customers_address_format_id'], 'telephone' => $order['customers_telephone'], 'email_address' => $order['customers_email_address']);
$this->delivery = array('name' => $order['delivery_name'], 'company' => $order['delivery_company'], 'street_address' => $order['delivery_street_address'], 'suburb' => $order['delivery_suburb'], 'city' => $order['delivery_city'], 'postcode' => $order['delivery_postcode'], 'state' => $order['delivery_state'], 'country' => $order['delivery_country'], 'format_id' => $order['delivery_address_format_id']);
if (empty($this->delivery['name']) && empty($this->delivery['street_address'])) {
$this->delivery = false;
}
$this->billing = array('name' => $order['billing_name'], 'company' => $order['billing_company'], 'street_address' => $order['billing_street_address'], 'suburb' => $order['billing_suburb'], 'city' => $order['billing_city'], 'postcode' => $order['billing_postcode'], 'state' => $order['billing_state'], 'country' => $order['billing_country'], 'format_id' => $order['billing_address_format_id']);
$index = 0;
$orders_productstable = $oostable['orders_products'];
$sql = "SELECT orders_products_id, products_id, products_name, products_model,\n products_ean, products_serial_number, products_price, products_tax,\n products_quantity, final_price\n FROM {$orders_productstable}\n WHERE orders_id = '" . intval($order_id) . "'";
$orders_products_result = $dbconn->Execute($sql);
while ($orders_products = $orders_products_result->fields) {
$this->products[$index] = array('qty' => $orders_products['products_quantity'], 'id' => $orders_products['products_id'], 'name' => $orders_products['products_name'], 'model' => $orders_products['products_model'], 'ean' => $orders_products['products_ean'], 'serial_number' => $orders_products['products_serial_number'], 'tax' => $orders_products['products_tax'], 'price' => $orders_products['products_price'], 'final_price' => $orders_products['final_price']);
$subindex = 0;
$orders_products_attributestable = $oostable['orders_products_attributes'];
$sql = "SELECT products_options, products_options_values, options_values_price, price_prefix\n FROM {$orders_products_attributestable}\n WHERE orders_id = '" . intval($order_id) . "'\n AND orders_products_id = '" . $orders_products['orders_products_id'] . "'";
$attributes_result = $dbconn->Execute($sql);
if ($attributes_result->RecordCount()) {
while ($attributes = $attributes_result->fields) {
$this->products[$index]['attributes'][$subindex] = array('option' => $attributes['products_options'], 'value' => $attributes['products_options_values'], 'prefix' => $attributes['price_prefix'], 'price' => $attributes['options_values_price']);
$subindex++;
// Move that ADOdb pointer!
$attributes_result->MoveNext();
}
}
$this->info['tax_groups']["{$this->products[$index]['tax']}"] = '1';
$index++;
// Move that ADOdb pointer!
$orders_products_result->MoveNext();
}
}
$newsfeed_title_array = $_POST['newsfeed_title'];
$newsfeed_description_array = $_POST['newsfeed_description'];
$lang_id = $languages[$i]['id'];
$sql_data_array = array('newsfeed_name' => oos_db_prepare_input($newsfeed_name_array[$lang_id]), 'newsfeed_title' => oos_db_prepare_input($newsfeed_title_array[$lang_id]), 'newsfeed_description' => oos_db_prepare_input($newsfeed_description_array[$lang_id]));
if ($action == 'insert') {
$insert_sql_data = array('newsfeed_id' => $newsfeed_id, 'newsfeed_languages_id' => $lang_id);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
oos_db_perform($oostable['newsfeed_info'], $sql_data_array);
} elseif ($action == 'save') {
oos_db_perform($oostable['newsfeed_info'], $sql_data_array, 'update', "newsfeed_id = '" . oos_db_input($newsfeed_id) . "' and newsfeed_languages_id = '" . intval($lang_id) . "'");
}
}
oos_redirect_admin(oos_href_link_admin($aFilename['rss_conf'], 'page=' . $_GET['page'] . '&nID=' . $newsfeed_id));
break;
case 'deleteconfirm':
$newsfeed_id = oos_db_prepare_input($_GET['nID']);
if (isset($_POST['delete_image']) && $_POST['delete_image'] == 'on') {
$newsfeedtable = $oostable['newsfeed'];
$newsfeed_result = $dbconn->Execute("SELECT newsfeed_image FROM {$newsfeedtable} WHERE newsfeed_id = '" . oos_db_input($newsfeed_id) . "'");
$newsfeed = $newsfeed_result->fields;
$image_location = OOS_ABSOLUTE_PATH . OOS_IMAGES . $newsfeed['newsfeed_image'];
if (file_exists($image_location)) {
@unlink($image_location);
}
}
$newsfeedtable = $oostable['newsfeed'];
$dbconn->Execute("DELETE FROM {$newsfeedtable} WHERE newsfeed_id = '" . oos_db_input($newsfeed_id) . "'");
$newsfeed_infotable = $oostable['newsfeed_info'];
$dbconn->Execute("DELETE FROM {$newsfeed_infotable} WHERE newsfeed_id = '" . oos_db_input($newsfeed_id) . "'");
oos_redirect_admin(oos_href_link_admin($aFilename['rss_conf'], 'page=' . $_GET['page']));
break;
for ($i = 0, $n = count($languages); $i < $n; $i++) {
$manufacturers_url_array = oos_db_prepare_input($_POST['manufacturers_url']);
$lang_id = $languages[$i]['id'];
$sql_data_array = array('manufacturers_url' => oos_db_prepare_input($manufacturers_url_array[$lang_id]));
if ($action == 'insert') {
$insert_sql_data = array('manufacturers_id' => $manufacturers_id, 'manufacturers_languages_id' => $lang_id);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
oos_db_perform($oostable['manufacturers_info'], $sql_data_array);
} elseif ($action == 'save') {
oos_db_perform($oostable['manufacturers_info'], $sql_data_array, 'update', "manufacturers_id = '" . oos_db_input($manufacturers_id) . "' and manufacturers_languages_id = '" . intval($lang_id) . "'");
}
}
oos_redirect_admin(oos_href_link_admin($aFilename['manufacturers'], 'page=' . $_GET['page'] . '&mID=' . $manufacturers_id));
break;
case 'deleteconfirm':
$manufacturers_id = oos_db_prepare_input($_GET['mID']);
if (isset($_POST['delete_image']) && $_POST['delete_image'] == 'on') {
$manufacturerstable = $oostable['manufacturers'];
$manufacturer_result = $dbconn->Execute("SELECT manufacturers_image FROM {$manufacturerstable} WHERE manufacturers_id = '" . oos_db_input($manufacturers_id) . "'");
$manufacturer = $manufacturer_result->fields;
$image_location = OOS_ABSOLUTE_PATH . OOS_IMAGES . $manufacturer['manufacturers_image'];
if (file_exists($image_location)) {
@unlink($image_location);
}
}
$manufacturerstable = $oostable['manufacturers'];
$dbconn->Execute("DELETE FROM {$manufacturerstable} WHERE manufacturers_id = '" . oos_db_input($manufacturers_id) . "'");
$manufacturers_infotable = $oostable['manufacturers_info'];
$dbconn->Execute("DELETE FROM {$manufacturers_infotable} WHERE manufacturers_id = '" . oos_db_input($manufacturers_id) . "'");
if (isset($_POST['delete_products']) && $_POST['delete_products'] == 'on') {
$productstable = $oostable['products'];
$quote_function = 'quote_' . CURRENCY_SERVER_PRIMARY . '_currency';
$rate = $quote_function($currency['code']);
if (empty($rate) && oos_is_not_null(CURRENCY_SERVER_BACKUP)) {
$quote_function = 'quote_' . CURRENCY_SERVER_BACKUP . '_currency';
$rate = $quote_function($currency['code']);
}
if (oos_is_not_null($rate)) {
$dbconn->Execute("UPDATE " . $oostable['currencies'] . " SET value = '" . $rate . "', last_updated = '" . date("Y-m-d H:i:s", time()) . "' WHERE currencies_id = '" . $currency['currencies_id'] . "'");
}
// Move that ADOdb pointer!
$currency_result->MoveNext();
}
oos_redirect_admin(oos_href_link_admin($aFilename['currencies'], 'page=' . $_GET['page'] . '&cID=' . $_GET['cID']));
break;
case 'delete':
$currencies_id = oos_db_prepare_input($_GET['cID']);
$currency_result = $dbconn->Execute("SELECT code FROM " . $oostable['currencies'] . " WHERE currencies_id = '" . oos_db_input($currencies_id) . "'");
$currency = $currency_result->fields;
$remove_currency = true;
if ($currency['code'] == DEFAULT_CURRENCY) {
$remove_currency = false;
$messageStack->add(ERROR_REMOVE_DEFAULT_CURRENCY, 'error');
}
break;
}
}
require 'includes/oos_header.php';
?>
<!-- body //-->
<table border="0" width="100%" cellspacing="2" cellpadding="2">
<tr>
$newsletter = $newsletter_result->fields;
$nInfo = new objectInfo($newsletter);
include 'includes/languages/' . $_SESSION['language'] . '/modules/newsletters/' . $nInfo->module . substr($_SERVER['PHP_SELF'], strrpos($_SERVER['PHP_SELF'], '.'));
include 'includes/modules/newsletters/' . $nInfo->module . substr($_SERVER['PHP_SELF'], strrpos($_SERVER['PHP_SELF'], '.'));
$module_name = $nInfo->module;
$module = new $module_name($nInfo->title, $nInfo->content);
?>
<tr>
<td><?php
echo $module->confirm();
?>
</td>
</tr>
<?php
} elseif ($action == 'confirm_send') {
$nID = oos_db_prepare_input($_GET['nID']);
$newsletterstable = $oostable['newsletters'];
$newsletter_result = $dbconn->Execute("SELECT newsletters_id, title, content, module FROM {$newsletterstable} WHERE newsletters_id = '" . oos_db_input($nID) . "'");
$newsletter = $newsletter_result->fields;
$nInfo = new objectInfo($newsletter);
include 'includes/languages/' . $_SESSION['language'] . '/modules/newsletters/' . $nInfo->module . substr($_SERVER['PHP_SELF'], strrpos($_SERVER['PHP_SELF'], '.'));
include 'includes/modules/newsletters/' . $nInfo->module . substr($_SERVER['PHP_SELF'], strrpos($_SERVER['PHP_SELF'], '.'));
$module_name = $nInfo->module;
$module = new $module_name($nInfo->title, $nInfo->content);
?>
<tr>
<td><table border="0" cellspacing="0" cellpadding="2">
<tr>
<td class="main" valign="middle"><?php
echo oos_image(OOS_IMAGES . 'ani_send_email.gif', IMAGE_ANI_SEND_EMAIL);
?>
$ticket_prioritys[] = array('id' => $ticket_priority['ticket_priority_id'], 'text' => $ticket_priority['ticket_priority_name']);
$ticket_priority_array[$ticket_priority['ticket_priority_id']] = $ticket_priority['ticket_priority_name'];
$ticket_priority_result->MoveNext();
}
$ticket_statuses = array();
$ticket_status_array = array();
$ticket_statustable = $oostable['ticket_status'];
$sql = "SELECT ticket_status_id, ticket_status_name\n FROM {$ticket_statustable}\n WHERE ticket_languages_id = '" . intval($nLanguageID) . "'";
$ticket_status_result = $dbconn->Execute($sql);
while ($ticket_status = $ticket_status_result->fields) {
$ticket_statuses[] = array('id' => $ticket_status['ticket_status_id'], 'text' => $ticket_status['ticket_status_name']);
$ticket_status_array[$ticket_status['ticket_status_id']] = $ticket_status['ticket_status_name'];
$ticket_status_result->MoveNext();
}
if (isset($_GET['tlid'])) {
$tlid = oos_db_prepare_input($_GET['tlid']);
}
if (isset($_POST['tlid'])) {
$tlid = oos_prepare_input($_POST['tlid']);
}
if (strlen($tlid) < 10) {
unset($tlid);
}
// Form was submitted
$bError = false;
if (isset($_POST['action']) && $_POST['action'] == 'send' && (isset($_SESSION['formid']) && $_SESSION['formid'] == $_POST['formid']) && isset($tlid)) {
$status = oos_prepare_input($_POST['status']);
$department = oos_prepare_input($_POST['department']);
$priority = oos_prepare_input($_POST['priority']);
$enquiry = oos_prepare_input($_POST['enquiry']);
// Check Message length
}
$insert_sql_data = array('products_status_id' => $products_status_id, 'products_status_languages_id' => $lang_id);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
oos_db_perform($oostable['products_status'], $sql_data_array);
} elseif ($action == 'save') {
oos_db_perform($oostable['products_status'], $sql_data_array, 'update', "products_status_id = '" . oos_db_input($products_status_id) . "' and products_status_languages_id = '" . intval($lang_id) . "'");
}
}
if (isset($_POST['default']) && $_POST['default'] == 'on') {
$configurationtable = $oostable['configuration'];
$dbconn->Execute("UPDATE {$configurationtable} SET configuration_value = '" . oos_db_input($products_status_id) . "' WHERE configuration_key = 'DEFAULT_PRODUTS_STATUS_ID'");
}
oos_redirect_admin_admin(oos_href_link_admin($aFilename['products_status'], 'page=' . $_GET['page'] . '&psID=' . $products_status_id));
break;
case 'deleteconfirm':
$psID = oos_db_prepare_input($_GET['psID']);
/*
$products_status_result = $dbconn->Execute("SELECT configuration_value FROM " . $oostable['configuration'] . " WHERE configuration_key = 'DEFAULT_PRODUTS_STATUS_ID'");
$products_status = $products_status_result->fields;
if ($products_status['configuration_value'] == $psID) {
$dbconn->Execute("UPDATE " . $oostable['configuration'] . " SET configuration_value = '' WHERE configuration_key = 'DEFAULT_PRODUTS_STATUS_ID'");
}
*/
$products_statustable = $oostable['products_status'];
$dbconn->Execute("DELETE FROM {$products_statustable} WHERE products_status_id = '" . oos_db_input($psID) . "'");
oos_redirect_admin_admin(oos_href_link_admin($aFilename['products_status'], 'page=' . $_GET['page']));
break;
}
}
require 'includes/oos_header.php';
?>
function oos_get_categories($aCategories = '', $parent_id = '0', $indent = '')
{
$parent_id = oos_db_prepare_input($parent_id);
$nGroupID = intval($_SESSION['member']->group['id']);
if (!is_array($aCategories)) $aCategories = array();
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$nLanguageID = isset($_SESSION['language_id']) ? $_SESSION['language_id']+0 : 1;
$categoriestable = $oostable['categories'];
$categories_descriptiontable = $oostable['categories_description'];
$query = "SELECT c.categories_id, c.categories_status, cd.categories_name
FROM $categoriestable c,
$categories_descriptiontable cd
WHERE ( c.access = '0' OR c.access = '" . intval($nGroupID) . "' )
AND c.categories_status = '1'
AND c.parent_id = '" . oos_db_input($parent_id) . "'
AND c.categories_id = cd.categories_id
AND cd.categories_languages_id = '" . intval($nLanguageID) . "'
ORDER BY sort_order, cd.categories_name";
$result =& $dbconn->Execute($query);
while ($categories = $result->fields)
{
$aCategories[] = array('id' => $categories['categories_id'],
'text' => $indent . $categories['categories_name']);
if ($categories['categories_id'] != $parent_id) {
$aCategories = oos_get_categories($aCategories, $categories['categories_id'], $indent . ' ');
}
// Move that ADOdb pointer!
$result->MoveNext();
}
// Close result set
$result->Close();
return $aCategories;
}
$admin_email_address = oos_db_prepare_input($_POST['admin_email_address']);
$stored_email[] = 'NONE';
$admintable = $oostable['admin'];
$check_email_query = "SELECT admin_email_address FROM " . $admintable . " WHERE admin_id <> " . $admin_id . "";
$check_email_result =& $dbconn->Execute($check_email_query);
while ($check_email = $check_email_result->fields) {
$stored_email[] = $check_email['admin_email_address'];
// Move that ADOdb pointer!
$check_email_result->MoveNext();
}
// Close result set
$check_email_result->Close();
if (in_array($_POST['admin_email_address'], $stored_email)) {
oos_redirect_admin(oos_href_link_admin($aFilename['admin_account'], 'action=edit_process&error=email'));
} else {
$sql_data_array = array('admin_firstname' => oos_db_prepare_input($_POST['admin_firstname']), 'admin_lastname' => oos_db_prepare_input($_POST['admin_lastname']), 'admin_email_address' => oos_db_prepare_input($_POST['admin_email_address']), 'admin_password' => oos_encrypt_password(oos_db_prepare_input($_POST['admin_password'])), 'admin_modified' => '" . date("Y-m-d H:i:s", time()) . "');
oos_db_perform($oostable['admin'], $sql_data_array, 'update', 'admin_id = \'' . $admin_id . '\'');
//oos_mail($_POST['admin_firstname'] . ' ' . $_POST['admin_lastname'], $_POST['admin_email_address'], ADMIN_EMAIL_SUBJECT, sprintf(ADMIN_EMAIL_TEXT, $_POST['admin_firstname'], OOS_HTTP_SERVER . OOS_SHOP . 'admin/', $_POST['admin_email_address'], $hiddenPassword, STORE_OWNER), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
oos_redirect_admin(oos_href_link_admin($aFilename['admin_account'], 'page=' . $_GET['page'] . '&mID=' . $admin_id));
}
break;
}
}
require 'includes/oos_header.php';
require 'includes/account_check.js.php';
?>
<!-- body //-->
<table border="0" width="100%" cellspacing="2" cellpadding="2">
<tr>
<td width="<?php
echo BOX_WIDTH;
$sql_data_array_url = array('information_url' => oos_db_prepare_input($information_url_array[$lang_id]));
$sql_data_array_head = array('information_heading_title' => oos_db_prepare_input($information_heading_title_array[$lang_id]));
$sql_data_array_desc = array('information_description' => oos_db_prepare_input($information_description_array[$lang_id]));
$sql_data_array = array_merge($sql_data_array, $sql_data_array_url, $sql_data_array_desc, $sql_data_array_head);
if ($action == 'insert') {
$insert_sql_data = array('information_id' => $information_id, 'information_languages_id' => $lang_id);
$sql_data_array = array_merge($sql_data_array, $insert_sql_data);
oos_db_perform($oostable['information_description'], $sql_data_array);
} elseif ($action == 'save') {
oos_db_perform($oostable['information_description'], $sql_data_array, 'update', "information_id = '" . oos_db_input($information_id) . "' AND information_languages_id = '" . intval($lang_id) . "'");
}
}
oos_redirect_admin(oos_href_link_admin($aFilename['information'], 'page=' . $_GET['page'] . '&mID=' . $information_id));
break;
case 'deleteconfirm':
$information_id = oos_db_prepare_input($_GET['mID']);
if ($information_id > 5) {
if (isset($_POST['delete_image']) && $_POST['delete_image'] == 'on') {
$informationtable = $oostable['information'];
$informations_result = $dbconn->Execute("SELECT information_image FROM {$informationtable} WHERE information_id = '" . oos_db_input($information_id) . "'");
$informations = $informations_result->fields;
$image_location = OOS_ABSOLUTE_PATH . OOS_IMAGES . $informations['information_image'];
if (file_exists($image_location)) {
@unlink($image_location);
}
}
$informationtable = $oostable['information'];
$dbconn->Execute("DELETE FROM {$informationtable} WHERE information_id = '" . oos_db_input($information_id) . "'");
$information_descriptiontable = $oostable['information_description'];
$dbconn->Execute("DELETE FROM {$information_descriptiontable} WHERE information_id = '" . oos_db_input($information_id) . "'");
}
$form_action = $_GET['cID'] ? 'update_category' : 'insert_category';
echo oos_draw_form($form_action, $aFilename['categories'], 'categories=' . $categories . '&cID=' . $_GET['cID'] . '&action=' . $form_action, 'post', 'enctype="multipart/form-data"');
$languages = oos_get_languages();
for ($i = 0; $i < count($languages); $i++) {
if (isset($_GET['read']) && $_GET['read'] == 'only') {
$cInfo->categories_name = oos_get_category_name($cInfo->categories_id, $languages[$i]['id']);
$cInfo->categories_heading_title = oos_get_category_heading_title($cInfo->categories_id, $languages[$i]['id']);
$cInfo->categories_description = oos_get_category_description($cInfo->categories_id, $languages[$i]['id']);
$cInfo->categories_description_meta = oos_get_category_description_meta($cInfo->categories_id, $languages[$i]['id']);
$cInfo->categories_keywords_meta = oos_get_category_keywords_meta($cInfo->categories_id, $languages[$i]['id']);
} else {
$cInfo->categories_name = oos_db_prepare_input($categories_name[$languages[$i]['id']]);
$cInfo->categories_heading_title = oos_db_prepare_input($categories_heading_title[$languages[$i]['id']]);
$cInfo->categories_description = oos_db_prepare_input($categories_description[$languages[$i]['id']]);
$cInfo->categories_description_meta = oos_db_prepare_input($categories_description_meta[$languages[$i]['id']]);
$cInfo->categories_keywords_meta = oos_db_prepare_input($categories_keywords_meta[$languages[$i]['id']]);
}
?>
<tr>
<td><table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr>
<td class="pageHeading"><?php
echo oos_image(OOS_SHOP_IMAGES . 'flags/' . $languages[$i]['iso_639_2'] . '.gif', $languages[$i]['name']) . ' ' . $cInfo->categories_heading_title;
?>
</td>
</tr>
</table></td>
</tr>
<tr>
<td><?php
echo oos_draw_separator('trans.gif', '1', '10');
define('OOS_VALID_MOD', 'yes');
require 'includes/oos_main.php';
if (!isset($_SESSION['login_id'])) {
oos_redirect_admin(oos_href_link_admin($aFilename['login'], '', 'SSL'));
}
if ( !current_user_can('popup_image') )
oos_redirect_admin(oos_href_link_admin($aFilename['forbiden']));
reset($_GET);
while (list($key, ) = each($_GET)) {
switch ($key) {
case 'banner':
$banners_id = oos_db_prepare_input($_GET['banner']);
$bannerstable = $oostable['banners'];
$banner_result = $dbconn->Execute("SELECT banners_title, banners_image, banners_html_text FROM $bannerstable WHERE banners_id = '" . oos_db_input($banners_id) . "'");
$banner = $banner_result->fields;
$page_title = $banner['banners_title'];
if ($banner['banners_html_text']) {
$image_source = $banner['banners_html_text'];
} elseif ($banner['banners_image']) {
$image_source = oos_image(OOS_HTTP_SERVER . '/' . OOS_IMAGES . $banner['banners_image'], $page_title);
}
break;
}
}
case 'insert':
$tax_classtable = $oostable['tax_class'];
$dbconn->Execute("INSERT INTO $tax_classtable (tax_class_title, tax_class_description, date_added) VALUES ('" . oos_db_input($tax_class_title) . "', '" . oos_db_input($tax_class_description) . "', '" . date("Y-m-d H:i:s", time()) . "')");
oos_redirect_admin(oos_href_link_admin($aFilename['tax_classes']));
break;
case 'save':
$tax_class_id = oos_db_prepare_input($_GET['tID']);
$tax_classtable = $oostable['tax_class'];
$dbconn->Execute("UPDATE $tax_classtable SET tax_class_id = '" . oos_db_input($tax_class_id) . "', tax_class_title = '" . oos_db_input($tax_class_title) . "', tax_class_description = '" . oos_db_input($tax_class_description) . "', last_modified = '" . date("Y-m-d H:i:s", time()) . "' WHERE tax_class_id = '" . oos_db_input($tax_class_id) . "'");
oos_redirect_admin(oos_href_link_admin($aFilename['tax_classes'], 'page=' . $_GET['page'] . '&tID=' . $tax_class_id));
break;
case 'deleteconfirm':
$tax_class_id = oos_db_prepare_input($_GET['tID']);
$tax_classtable = $oostable['tax_class'];
$dbconn->Execute("DELETE FROM $tax_classtable WHERE tax_class_id = '" . oos_db_input($tax_class_id) . "'");
oos_redirect_admin(oos_href_link_admin($aFilename['tax_classes'], 'page=' . $_GET['page']));
break;
}
}
require 'includes/oos_header.php';
?>
<!-- body //-->
<table border="0" width="100%" cellspacing="2" cellpadding="2">
<tr>
<td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="1" cellpadding="1" class="columnLeft">
<?php require 'includes/oos_blocks.php'; ?>
</table></td>
case 'group_new':
$admin_groups_name = ucwords(strtolower(oos_db_prepare_input($_POST['admin_groups_name'])));
$name_replace = preg_replace("/ /", "%", $admin_groups_name);
if ($admin_groups_name == '' || NULL || strlen($admin_groups_name) <= 5) {
oos_redirect_admin(oos_href_link_admin($aFilename['admin_members'], 'gID=' . $_GET[gID] . '&gName=false&action=new_group'));
} else {
$check_groups_name_query = "SELECT admin_groups_name as group_name_new FROM " . $oostable['admin_groups'] . " WHERE admin_groups_name like '%" . $name_replace . "%'";
$check_groups_name_result =& $dbconn->Execute($check_groups_name_query);
$check_duplicate = $check_groups_name_result->RecordCount();
if ($check_duplicate > 0) {
oos_redirect_admin(oos_href_link_admin($aFilename['admin_members'], 'gID=' . $_GET['gID'] . '&gName=used&action=new_group'));
} else {
$sql_data_array = array('admin_groups_name' => $admin_groups_name);
oos_db_perform($oostable['admin_groups'], $sql_data_array);
$admin_groups_id = $dbconn->Insert_ID();
$set_groups_id = oos_db_prepare_input($_POST['set_groups_id']);
$add_group_id = $set_groups_id . ',\'' . $admin_groups_id . '\'';
$query = "alter table " . $oostable['admin_files'] . " change admin_groups_id admin_groups_id set( " . $add_group_id . ") NOT NULL DEFAULT '1' ";
$dbconn->Execute($query);
oos_redirect_admin(oos_href_link_admin($aFilename['admin_members'], 'gID=' . $admin_groups_id));
}
}
break;
}
}
require 'includes/oos_header.php';
require 'includes/account_check.js.php';
?>
<!-- body //-->
<table border="0" width="100%" cellspacing="2" cellpadding="2">
<tr>
echo TABLE_HEADING_PUBLISHED;
?>
</td>
<td class="dataTableHeadingContent" align="left"><?php
echo TABLE_HEADING_ARTICLES;
?>
</td>
<td class="dataTableHeadingContent" align="right"><?php
echo TABLE_HEADING_ACTION;
?>
</td>
</tr>
<?php
$search = '';
if (isset($_GET['categories'])) {
$categories = oos_db_prepare_input($_GET['categories']);
$search = "WHERE newsfeed_categories_id = '" . $categories . "'";
}
$newsfeed_manager_result_raw = "SELECT\n newsfeed_manager_id, newsfeed_categories_id, newsfeed_manager_name,\n newsfeed_manager_link, newsfeed_manager_languages_id, newsfeed_manager_numarticles,\n newsfeed_manager_refresh, newsfeed_manager_status, newsfeed_manager_date_added,\n newsfeed_manager_last_modified, newsfeed_manager_sort_order\n FROM\n " . $oostable['newsfeed_manager'] . "\n " . $search . "\n ORDER BY\n newsfeed_manager_name";
$newsfeed_manager_split = new splitPageResults($_GET['page'], MAX_DISPLAY_SEARCH_RESULTS, $newsfeed_manager_result_raw, $newsfeed_manager_result_numrows);
$newsfeed_manager_result = $dbconn->Execute($newsfeed_manager_result_raw);
while ($newsfeed_manager = $newsfeed_manager_result->fields) {
if ((!isset($_GET['nmID']) || isset($_GET['nmID']) && $_GET['nmID'] == $newsfeed_manager['newsfeed_manager_id']) && !isset($nmInfo) && substr($action, 0, 3) != 'new') {
$nmInfo = new objectInfo($newsfeed_manager);
}
if (isset($nmInfo) && is_object($nmInfo) && $newsfeed_manager['newsfeed_manager_id'] == $nmInfo->newsfeed_manager_id) {
echo ' <tr class="dataTableRowSelected" onmouseover="this.style.cursor=\'hand\'" onclick="document.location.href=\'' . oos_href_link_admin($aFilename['newsfeed_manager'], oos_get_all_get_params(array('nmID', 'action')) . 'nmID=' . $nmInfo->newsfeed_manager_id . '&action=edit') . '\'">' . "\n";
} else {
echo ' <tr class="dataTableRow" onmouseover="this.className=\'dataTableRowOver\';this.style.cursor=\'hand\'" onmouseout="this.className=\'dataTableRow\'" onclick="document.location.href=\'' . oos_href_link_admin($aFilename['newsfeed_manager'], oos_get_all_get_params(array('nmID')) . 'nmID=' . $newsfeed_manager['newsfeed_manager_id']) . '\'">' . "\n";
}
?>
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
All contributions are gladly accepted though Paypal.
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined('OOS_VALID_MOD') or die('Direct Access to this location is not allowed.');
if (!isset($_POST['action']) || $_POST['action'] != 'process' || isset($_SESSION['formid']) && $_SESSION['formid'] != $_POST['formid']) {
MyOOS_CoreApi::redirect(oos_href_link($aModules['main'], $aFilename['main']));
}
require 'includes/languages/' . $sLanguage . '/admin_create_account_process.php';
require 'includes/functions/function_validate_vatid.php';
if (ACCOUNT_GENDER == '1') {
$gender = oos_prepare_input($_POST['gender']);
}
$firstname = oos_db_prepare_input($_POST['firstname']);
$lastname = oos_db_prepare_input($_POST['lastname']);
if (ACCOUNT_DOB == '1') {
$dob = oos_prepare_input($_POST['dob']);
}
if (ACCOUNT_NUMBER == '1') {
$number = oos_prepare_input($_POST['number']);
}
$email_address = oos_prepare_input($_POST['email_address']);
if (ACCOUNT_COMPANY == '1') {
$company = oos_prepare_input($_POST['company']);
}
if (ACCOUNT_OWNER == '1') {
$owner = oos_prepare_input($_POST['owner']);
}
if (ACCOUNT_VAT_ID == '1') {
$vat_id = oos_prepare_input($_POST['vat_id']);
$dbconn->Execute("INSERT INTO {$featuredtable} (products_id, featured_date_added, expires_date, status) VALUES ('" . $_POST['products_id'] . "', '" . date("Y-m-d H:i:s", time()) . "', '" . $expires_date . "', '1')");
oos_redirect_admin(oos_href_link_admin($aFilename['featured'], 'page=' . $_GET['page']));
break;
case 'update':
$expires_date = '';
if ($_POST['day'] && $_POST['month'] && $_POST['year']) {
$expires_date = $_POST['year'];
$expires_date .= strlen($_POST['month']) == 1 ? '0' . $_POST['month'] : $_POST['month'];
$expires_date .= strlen($_POST['day']) == 1 ? '0' . $_POST['day'] : $_POST['day'];
}
$featuredtable = $oostable['featured'];
$dbconn->Execute("UPDATE {$featuredtable} SET featured_last_modified = '" . date("Y-m-d H:i:s", time()) . "', expires_date = '" . $expires_date . "' WHERE featured_id = '" . $_POST['featured_id'] . "'");
oos_redirect_admin(oos_href_link_admin($aFilename['featured'], 'page=' . $_GET['page'] . '&fID=' . $featured_id));
break;
case 'deleteconfirm':
$featured_id = oos_db_prepare_input($_GET['fID']);
$featuredtable = $oostable['featured'];
$dbconn->Execute("DELETE FROM {$featuredtable} WHERE featured_id = '" . oos_db_input($featured_id) . "'");
oos_redirect_admin(oos_href_link_admin($aFilename['featured'], 'page=' . $_GET['page']));
break;
}
}
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php
echo HTML_PARAMS;
?>
>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php
echo CHARSET;
function oos_db_prepare_input($data)
{
if (is_string($data)) {
return trim(stripslashes($data));
} elseif (is_array($data)) {
foreach ($data as $key => $value) {
$data[$key] = oos_db_prepare_input($value);
}
return $data;
} else {
return $data;
}
}
$form_action = $_GET['pID'] ? 'update_product' : 'insert_product';
echo oos_draw_form($form_action, $aFilename['products'], 'categories=' . $categories . '&pID=' . $_GET['pID'] . '&action=' . $form_action, 'post', 'enctype="multipart/form-data"');
$languages = oos_get_languages();
for ($i = 0, $n = count($languages); $i < $n; $i++) {
if (isset($_GET['read']) && $_GET['read'] == 'only') {
$pInfo->products_name = oos_get_products_name($pInfo->products_id, $languages[$i]['id']);
$pInfo->products_description = oos_get_products_description($pInfo->products_id, $languages[$i]['id']);
$pInfo->products_description_meta = oos_get_products_description_meta($pInfo->products_id, $languages[$i]['id']);
$pInfo->products_keywords_meta = oos_get_products_keywords_meta($pInfo->products_id, $languages[$i]['id']);
$pInfo->products_url = oos_get_products_url($pInfo->products_id, $languages[$i]['id']);
} else {
$pInfo->products_name = oos_db_prepare_input($products_name[$languages[$i]['id']]);
$pInfo->products_description = oos_db_prepare_input($_POST['products_description_' . $languages[$i]['id']]);
$pInfo->products_description_meta = oos_db_prepare_input($_POST['products_description_meta_' . $languages[$i]['id']]);
$pInfo->products_keywords_meta = oos_db_prepare_input($_POST['products_keywords_meta_' . $languages[$i]['id']]);
$pInfo->products_url = oos_db_prepare_input($products_url[$languages[$i]['id']]);
}
?>
<tr>
<td><table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr>
<td class="pageHeading"><?php
echo oos_image(OOS_SHOP_IMAGES . 'flags/' . $languages[$i]['iso_639_2'] . '.gif', $languages[$i]['name']) . ' ' . $pInfo->products_name;
?>
</td>
<?php
$oosPrice = $pInfo->products_price;
if (OOS_PRICE_IS_BRUTTO == '1' && ($_GET['read'] == 'only' || $action != 'new_product_preview')) {
$oosPriceNetto = round($oosPrice, TAX_DECIMAL_PLACES);
$tax_ratestable = $oostable['tax_rates'];
$tax_result = $dbconn->Execute("SELECT tax_rate FROM {$tax_ratestable} WHERE tax_class_id = '" . $pInfo->products_tax_class_id . "' ");
function send($newsletter_id)
{
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$send_mail = new PHPMailer();
$send_mail->PluginDir = OOS_ABSOLUTE_PATH . 'includes/lib/phpmailer/';
$sLang = isset($_SESSION['iso_639_1']) ? $_SESSION['iso_639_1'] : 'en';
$send_mail->SetLanguage($sLang, OOS_ABSOLUTE_PATH . 'includes/lib/phpmailer/language/');
$send_mail->CharSet = CHARSET;
$send_mail->IsMail();
$send_mail->From = STORE_OWNER_EMAIL_ADDRESS;
$send_mail->FromName = STORE_OWNER;
$send_mail->Mailer = EMAIL_TRANSPORT;
// Add smtp values if needed
if (EMAIL_TRANSPORT == 'smtp') {
$send_mail->IsSMTP();
// set mailer to use SMTP
$send_mail->SMTPAuth = OOS_SMTPAUTH;
// turn on SMTP authentication
$send_mail->Username = OOS_SMTPUSER;
// SMTP username
$send_mail->Password = OOS_SMTPPASS;
// SMTP password
$send_mail->Host = OOS_SMTPHOST;
// specify main and backup server
} else {
// Set sendmail path
if (EMAIL_TRANSPORT == 'sendmail') {
if (!oos_empty(OOS_SENDMAIL)) {
$send_mail->Sendmail = OOS_SENDMAIL;
$send_mail->IsSendmail();
}
}
}
$send_mail->Subject = $this->title;
$sql = "SELECT customers_firstname, customers_lastname, customers_email_address\n FROM " . $oostable['customers'] . "\n WHERE customers_newsletter = '1'";
$mail_result = $dbconn->Execute($sql);
while ($mail = $mail_result->fields) {
$send_mail->Body = $this->content;
$send_mail->AddAddress($mail['customers_email_address'], $mail['customers_firstname'] . ' ' . $mail['customers_lastname']);
$send_mail->Send();
// Clear all addresses and attachments for next loop
$send_mail->ClearAddresses();
$send_mail->ClearAttachments();
// Move that ADOdb pointer!
$mail_result->MoveNext();
}
$sql = "SELECT customers_firstname, customers_lastname, customers_email_address\n FROM " . $oostable['maillist'] . "\n WHERE customers_newsletter = '1'";
$mail_result2 = $dbconn->Execute($sql);
while ($mail = $mail_result2->fields) {
$send_mail->Body = $this->content;
$send_mail->AddAddress($mail['customers_email_address'], $mail['customers_firstname'] . ' ' . $mail['customers_lastname']);
$send_mail->Send();
// Clear all addresses and attachments for next loop
$send_mail->ClearAddresses();
$send_mail->ClearAttachments();
// Move that ADOdb pointer!
$mail_result2->MoveNext();
}
$newsletter_id = oos_db_prepare_input($newsletter_id);
$dbconn->Execute("UPDATE " . $oostable['newsletters'] . " SET date_sent = now(), status = '1' WHERE newsletters_id = '" . oos_db_input($newsletter_id) . "'");
}
oos_db_perform($oostable['block_info'], $sql_data_array);
} elseif ($action == 'save') {
oos_db_perform($oostable['block_info'], $sql_data_array, 'update', "block_id = '" . intval($block_content_id) . "' AND block_languages_id = '" . intval($lang_id) . "'");
}
}
if (isset($_REQUEST['page_type'])) {
reset($_REQUEST['page_type']);
foreach ($_REQUEST['page_type'] as $k => $id) {
$sql = "INSERT INTO " . $oostable['block_to_page_type'] . "\n (block_id,\n page_type_id)\n VALUES (" . $dbconn->qstr($block_content_id) . ',' . $dbconn->qstr($id) . ")";
$dbconn->Execute($sql);
}
}
oos_redirect_admin(oos_href_link_admin($aFilename['content_block'], 'page=' . $_GET['page'] . '&bID=' . $block_content_id));
break;
case 'deleteconfirm':
$block_content_id = oos_db_prepare_input($_GET['bID']);
$dbconn->Execute("DELETE FROM " . $oostable['block'] . " WHERE block_id = '" . intval($block_content_id) . "'");
$dbconn->Execute("DELETE FROM " . $oostable['block_info'] . " WHERE block_id = '" . intval($block_content_id) . "'");
$dbconn->Execute("DELETE FROM " . $oostable['block_to_page_type'] . " WHERE block_id = '" . intval($block_content_id) . "'");
oos_redirect_admin(oos_href_link_admin($aFilename['content_block'], 'page=' . $_GET['page']));
break;
}
}
$no_js_general = true;
require 'includes/oos_header.php';
?>
<!-- body //-->
<table border="0" width="100%" cellspacing="2" cellpadding="2">
<tr>
<td width="<?php
echo block_WIDTH;
$action = isset($_GET['action']) ? $_GET['action'] : '';
if (!empty($action)) {
switch ($action) {
case 'insert':
$tax_ratestable = $oostable['tax_rates'];
$dbconn->Execute("INSERT INTO {$tax_ratestable} (tax_zone_id, tax_class_id, tax_rate, tax_description, date_added) VALUES ('" . oos_db_input($tax_zone_id) . "', '" . oos_db_input($tax_class_id) . "', '" . oos_db_input($tax_rate) . "', '" . oos_db_input($tax_description) . "', now())");
oos_redirect_admin(oos_href_link_admin($aFilename['tax_rates']));
break;
case 'save':
$tax_rates_id = oos_db_prepare_input($_GET['tID']);
$tax_ratestable = $oostable['tax_rates'];
$dbconn->Execute("UPDATE {$tax_ratestable} SET tax_rates_id = '" . oos_db_input($tax_rates_id) . "', tax_zone_id = '" . oos_db_input($tax_zone_id) . "', tax_class_id = '" . oos_db_input($tax_class_id) . "', tax_rate = '" . oos_db_input($tax_rate) . "', tax_description = '" . oos_db_input($tax_description) . "', tax_priority = '" . oos_db_input($tax_priority) . "', last_modified = now() WHERE tax_rates_id = '" . oos_db_input($tax_rates_id) . "'");
oos_redirect_admin(oos_href_link_admin($aFilename['tax_rates'], 'page=' . $_GET['page'] . '&tID=' . $tax_rates_id));
break;
case 'deleteconfirm':
$tax_rates_id = oos_db_prepare_input($_GET['tID']);
$tax_ratestable = $oostable['tax_rates'];
$dbconn->Execute("DELETE FROM {$tax_ratestable} WHERE tax_rates_id = '" . oos_db_input($tax_rates_id) . "'");
oos_redirect_admin(oos_href_link_admin($aFilename['tax_rates'], 'page=' . $_GET['page']));
break;
}
}
require 'includes/oos_header.php';
?>
<!-- body //-->
<table border="0" width="100%" cellspacing="2" cellpadding="2">
<tr>
<td width="<?php
echo BOX_WIDTH;
?>
" valign="top"><table border="0" width="<?php
?>
<td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
<tr>
<td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr>
<td class="pageHeading"><?php
echo HEADING_TITLE;
?>
</td>
<td class="main"><?php
echo oos_draw_form('status', $aFilename['coupon_admin'], '', 'get');
$status_array[] = array('id' => 'Y', 'text' => TEXT_COUPON_ACTIVE);
$status_array[] = array('id' => 'N', 'text' => TEXT_COUPON_INACTIVE);
$status_array[] = array('id' => '*', 'text' => TEXT_COUPON_ALL);
if (isset($_GET['status'])) {
$status = oos_db_prepare_input($_GET['status']);
} else {
$status = 'Y';
}
echo HEADING_TITLE_STATUS . ' ' . oos_draw_pull_down_menu('status', $status_array, $status, 'onChange="this.form.submit();"');
?>
</form>
</td>
</tr>
</table></td>
</tr>
<tr>
<td><table border="0" width="100%" cellspacing="0" cellpadding="0">
<tr>
<td valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
<tr class="dataTableHeadingRow">
$tax = $tax_result->fields;
$_POST['specials_price'] = ($_POST['specials_price']/($tax[tax_rate]+100)*100);
}
$expires_date = '';
if ($_POST['day'] && $_POST['month'] && $_POST['year']) {
$expires_date = $_POST['year'];
$expires_date .= (strlen($_POST['month']) == 1) ? '0' . $_POST['month'] : $_POST['month'];
$expires_date .= (strlen($_POST['day']) == 1) ? '0' . $_POST['day'] : $_POST['day'];
}
$dbconn->Execute("UPDATE " . $oostable['specials'] . " SET specials_new_products_price = '" . $_POST['specials_price'] . "', specials_last_modified = now(), expires_date = '" . $expires_date . "' WHERE specials_id = '" . $_POST['specials_id'] . "'");
oos_redirect_admin(oos_href_link_admin($aFilename['specials'], 'page=' . $_GET['page'] . '&sID=' . $specials_id));
break;
case 'deleteconfirm':
$specials_id = oos_db_prepare_input($_GET['sID']);
$specialstable = $oostable['specials'];
$dbconn->Execute("DELETE FROM $specialstable WHERE specials_id = '" . oos_db_input($specials_id) . "'");
oos_redirect_admin(oos_href_link_admin($aFilename['specials'], 'page=' . $_GET['page']));
break;
}
}
require 'includes/oos_header.php';
if ( ($action == 'new') || ($action == 'edit') ) {
?>
<link rel="stylesheet" type="text/css" href="includes/javascript/calendar.css">
<script language="JavaScript" src="includes/javascript/calendarcode.js"></script>
<?php
$send_mail->AddAddress($mail['customers_email_address'], $mail['customers_firstname'] . ' ' . $mail['customers_lastname']);
$send_mail->Send();
$send_mail->ClearAddresses();
$send_mail->ClearAttachments();
// Now create the coupon main and email entry
$couponstable = $oostable['coupons'];
$insert_result = $dbconn->Execute("INSERT INTO {$couponstable} (coupon_code, coupon_type, coupon_amount, date_created) VALUES ('" . $id1 . "', 'G', '" . $_POST['amount'] . "', '" . date("Y-m-d H:i:s", time()) . "')");
$insert_id = $dbconn->Insert_ID();
$coupon_email_tracktable = $oostable['coupon_email_track'];
$insert_result = $dbconn->Execute("INSERT INTO {$coupon_email_tracktable} (coupon_id, customer_id_sent, sent_firstname, emailed_to, date_sent) VALUES ('" . $insert_id . "', '0', 'Admin', '" . $mail['customers_email_address'] . "', '" . date("Y-m-d H:i:s", time()) . "' )");
// Move that ADOdb pointer!
$mail_result->MoveNext();
}
} elseif (isset($_POST['email_to']) && !$_POST['back_x']) {
$id1 = oos_create_coupon_code($_POST['email_to']);
$message = oos_db_prepare_input($_POST['message']);
$message .= "\n\n" . TEXT_GV_WORTH . $currencies->format($_POST['amount']) . "\n\n";
$message .= TEXT_TO_REDEEM;
$message .= TEXT_WHICH_IS . $id1 . TEXT_IN_CASE . "\n\n";
$message .= OOS_HTTP_SERVER . OOS_SHOP . 'index.php?page=' . $aCatalogPage['gv_redeem'] . '&gv_no=' . $id1 . "\n\n";
$message .= TEXT_OR_VISIT . OOS_HTTP_SERVER . OOS_SHOP . TEXT_ENTER_CODE;
//Let's build a message object using the email class
$send_mail = new PHPMailer();
$send_mail->PluginDir = OOS_ABSOLUTE_PATH . 'includes/lib/phpmailer/';
$sLang = isset($_SESSION['iso_639_1']) ? $_SESSION['iso_639_1'] : 'en';
$send_mail->SetLanguage($sLang, OOS_ABSOLUTE_PATH . 'includes/lib/phpmailer/language/');
$send_mail->CharSet = CHARSET;
$send_mail->IsMail();
$send_mail->From = $from_mail ? $from_mail : STORE_OWNER_EMAIL_ADDRESS;
$send_mail->FromName = $from_name ? $from_name : STORE_OWNER;
$send_mail->Mailer = EMAIL_TRANSPORT;
function send($newsletter_id)
{
$audience = array();
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
if ($_POST['global'] == 'true') {
$products_result = $dbconn->Execute("SELECT distinct pn.customers_id, c.customers_firstname, c.customers_lastname, c.customers_email_address FROM " . $oostable['customers'] . " c, " . $oostable['products_notifications'] . " pn WHERE c.customers_id = pn.customers_id");
while ($products = $products_result->fields) {
$audience[$products['customers_id']] = array('firstname' => $products['customers_firstname'], 'lastname' => $products['customers_lastname'], 'email_address' => $products['customers_email_address']);
// Move that ADOdb pointer!
$products_result->MoveNext();
}
$customers_result = $dbconn->Execute("SELECT c.customers_id, c.customers_firstname, c.customers_lastname, c.customers_email_address FROM " . $oostable['customers'] . " c, " . $oostable['customers_info'] . " ci WHERE c.customers_id = ci.customers_info_id AND ci.global_product_notifications = '1'");
while ($customers = $customers_result->fields) {
$audience[$customers['customers_id']] = array('firstname' => $customers['customers_firstname'], 'lastname' => $customers['customers_lastname'], 'email_address' => $customers['customers_email_address']);
// Move that ADOdb pointer!
$customers_result->MoveNext();
}
} else {
$chosen = $_POST['chosen'];
$ids = implode(',', $chosen);
$products_result = $dbconn->Execute("SELECT distinct pn.customers_id, c.customers_firstname, c.customers_lastname, c.customers_email_address FROM " . $oostable['customers'] . " c, " . $oostable['products_notifications'] . " pn WHERE c.customers_id = pn.customers_id AND pn.products_id in (" . $ids . ")");
while ($products = $products_result->fields) {
$audience[$products['customers_id']] = array('firstname' => $products['customers_firstname'], 'lastname' => $products['customers_lastname'], 'email_address' => $products['customers_email_address']);
// Move that ADOdb pointer!
$products_result->MoveNext();
}
$customers_result = $dbconn->Execute("SELECT c.customers_id, c.customers_firstname, c.customers_lastname, c.customers_email_address FROM " . $oostable['customers'] . " c, " . $oostable['customers_info'] . " ci WHERE c.customers_id = ci.customers_info_id AND ci.global_product_notifications = '1'");
while ($customers = $customers_result->fields) {
$audience[$customers['customers_id']] = array('firstname' => $customers['customers_firstname'], 'lastname' => $customers['customers_lastname'], 'email_address' => $customers['customers_email_address']);
// Move that ADOdb pointer!
$customers_result->MoveNext();
}
}
$send_mail = new PHPMailer();
$send_mail->PluginDir = OOS_ABSOLUTE_PATH . 'includes/lib/phpmailer/';
$sLang = isset($_SESSION['iso_639_1']) ? $_SESSION['iso_639_1'] : 'en';
$send_mail->SetLanguage($sLang, OOS_ABSOLUTE_PATH . 'includes/lib/phpmailer/language/');
$send_mail->CharSet = CHARSET;
$send_mail->IsMail();
$send_mail->From = STORE_OWNER_EMAIL_ADDRESS;
$send_mail->FromName = STORE_OWNER;
$send_mail->Mailer = EMAIL_TRANSPORT;
// Add smtp values if needed
if (EMAIL_TRANSPORT == 'smtp') {
$send_mail->IsSMTP();
// set mailer to use SMTP
$send_mail->SMTPAuth = OOS_SMTPAUTH;
// turn on SMTP authentication
$send_mail->Username = OOS_SMTPUSER;
// SMTP username
$send_mail->Password = OOS_SMTPPASS;
// SMTP password
$send_mail->Host = OOS_SMTPHOST;
// specify main and backup server
} else {
// Set sendmail path
if (EMAIL_TRANSPORT == 'sendmail') {
if (!oos_empty(OOS_SENDMAIL)) {
$send_mail->Sendmail = OOS_SENDMAIL;
$send_mail->IsSendmail();
}
}
}
$send_mail->Subject = $this->title;
reset($audience);
while (list($key, $value) = each($audience)) {
$send_mail->Body = $this->content;
$send_mail->AddAddress($value['email_address'], $value['firstname'] . ' ' . $value['lastname']);
$send_mail->Send();
// Clear all addresses and attachments for next loop
$send_mail->ClearAddresses();
$send_mail->ClearAttachments();
}
$newsletter_id = oos_db_prepare_input($newsletter_id);
$dbconn->Execute("UPDATE " . $oostable['newsletters'] . " SET date_sent = '" . date("Y-m-d H:i:s", time()) . "', status = '1' WHERE newsletters_id = '" . oos_db_input($newsletter_id) . "'");
}
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined('OOS_VALID_MOD') or die('Direct Access to this location is not allowed.');
require 'includes/languages/' . $sLanguage . '/user_create_account.php';
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aModules['user'], $aFilename['create_account']));
$snapshot = count($_SESSION['navigation']->snapshot);
if (isset($_GET['email_address'])) {
$email_address = oos_db_prepare_input($_GET['email_address']);
}
$account['entry_country_id'] = STORE_COUNTRY;
ob_start();
require 'js/form_check.js.php';
$javascript = ob_get_contents();
ob_end_clean();
$aOption['template_main'] = $sTheme . '/modules/user_create_account.html';
$aOption['page_heading'] = $sTheme . '/heading/page_heading.html';
$nPageType = OOS_PAGE_TYPE_ACCOUNT;
require 'includes/oos_system.php';
if (!isset($option)) {
require 'includes/info_message.php';
require 'includes/oos_blocks.php';
require 'includes/oos_counter.php';
}
$sInstance = oos_db_prepare_input($_GET['plugin']);
if (($key = array_search($sInstance, $installed)) !== false) {
include OOS_ABSOLUTE_PATH . 'includes/plugins/' . 'oos_event_' . $sInstance . '/oos_event_' . $sInstance . '.php';
$class = 'oos_event_' . $sInstance;
$oPlugin = new $class();
if ($oPlugin->uninstallable) {
$oPlugin->remove();
unset($installed[$key]);
$configurationtable = $oostable['configuration'];
$dbconn->Execute("UPDATE {$configurationtable} SET configuration_value = '" . implode(';', $installed) . "' WHERE configuration_key = 'MODULE_PLUGIN_EVENT_INSTALLED'");
}
}
oos_redirect_admin(oos_href_link_admin($aFilename['plugins'], 'plugin=' . $_GET['plugin']));
break;
case 'install':
$sInstance = oos_db_prepare_input($_GET['plugin']);
if (array_search($sInstance, $installed) === false) {
include OOS_ABSOLUTE_PATH . 'includes/plugins/' . 'oos_event_' . $sInstance . '/oos_event_' . $sInstance . '.php';
$class = 'oos_event_' . $sInstance;
$oPlugin = new $class();
$bInstall = $oPlugin->install();
if ($bInstall) {
if (isset($oPlugin->depends)) {
if (is_string($oPlugin->depends) && ($key = array_search($oPlugin->depends, $installed)) !== false) {
if (isset($installed[$key + 1])) {
array_splice($installed, $key + 1, 0, $sInstance);
} else {
$installed[] = $sInstance;
}
} elseif (is_array($oPlugin->depends)) {
foreach ($oPlugin->depends as $depends_module) {
// avoid hack attempts during the checkout procedure by checking the internal cartID
if (isset($_SESSION['cart']->cartID) && isset($_SESSION['cartID'])) {
if ($_SESSION['cart']->cartID != $_SESSION['cartID']) {
MyOOS_CoreApi::redirect(oos_href_link($aPages['checkout_shipping'], '', 'SSL'));
}
}
if ( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid']) ) {
if (isset($_POST['payment'])) $_SESSION['payment'] = oos_db_prepare_input($_POST['payment']);
if ( (isset($_POST['comments'])) && (empty($_POST['comments'])) ) {
$_SESSION['comments'] = '';
} elseif (isset($_POST['comments'])) {
$_SESSION['comments'] = oos_db_prepare_input($_POST['comments']);
}
if (isset($_POST['campaign_id']) && is_numeric($_POST['campaign_id'])) {
$_SESSION['campaigns_id'] = intval($_POST['campaign_id']);
}
// if no shipping method has been selected, redirect the customer to the shipping method selection page
if (!isset($_SESSION['shipping'])) {
MyOOS_CoreApi::redirect(oos_href_link($aPages['checkout_shipping'], '', 'SSL'));
}
// if conditions are not accepted, redirect the customer to the payment method selection page
if ( (DISPLAY_CONDITIONS_ON_CHECKOUT == '1') && (empty($_POST['gv_redeem_code'])) ) {
if ($_POST['conditions'] == false) {
case 'box_remove':
// NOTE: ALSO DELETE FILES STORED IN REMOVED BOX //
$admin_boxes_id = oos_db_prepare_input($_GET['cID']);
$admin_filestable = $oostable['admin_files'];
$query = "DELETE FROM " . $admin_filestable . " WHERE admin_files_id = '" . $admin_boxes_id . "' or admin_files_to_boxes = '" . $admin_boxes_id . "'";
$dbconn->Execute($query);
oos_redirect_admin(oos_href_link_admin($aFilename['admin_files']));
break;
case 'file_store':
$sql_data_array = array('admin_files_name' => oos_db_prepare_input($_POST['admin_files_name']), 'admin_files_to_boxes' => oos_db_prepare_input($_POST['admin_files_to_boxes']));
oos_db_perform($oostable['admin_files'], $sql_data_array);
$admin_files_id = $dbconn->Insert_ID();
oos_redirect_admin(oos_href_link_admin($aFilename['admin_files'], 'categories=' . $_GET['categories'] . '&fID=' . $admin_files_id));
break;
case 'file_remove':
$admin_files_id = oos_db_prepare_input($_POST['admin_files_id']);
$admin_filestable = $oostable['admin_files'];
$query = "DELETE FROM " . $admin_filestable . " WHERE admin_files_id = '" . $admin_files_id . "'";
$dbconn->Execute($query);
oos_redirect_admin(oos_href_link_admin($aFilename['admin_files'], 'categories=' . $_GET['categories']));
break;
}
}
require 'includes/oos_header.php';
?>
<!-- body //-->
<table border="0" width="100%" cellspacing="2" cellpadding="2">
<tr>
<td width="<?php
echo BOX_WIDTH;
?>
