function create_plugin_instance()
 {
     // Get database information
     $dbconn =& oosDBGetConn();
     $oostable =& oosDBGetTables();
     if (isset($_SESSION['customer_id'])) {
         $wo_customer_id = $_SESSION['customer_id'];
         $wo_full_name = addslashes($_SESSION['customer_first_name'] . ' ' . $_SESSION['customer_lastname']);
     } else {
         $wo_customer_id = '';
         $wo_full_name = 'Guest';
     }
     $wo_session_id = oos_session_id();
     $wo_ip_address = $_SESSION['session_ip_address'];
     $wo_last_page_url = addslashes(oos_server_get_var('REQUEST_URI'));
     $current_time = time();
     $xx_mins_ago = $current_time - 900;
     // remove entries that have expired
     $whos_onlinetable = $oostable['whos_online'];
     $dbconn->Execute("DELETE FROM {$whos_onlinetable}\n                        WHERE time_last_click < '" . oos_db_input($xx_mins_ago) . "'");
     $whos_onlinetable = $oostable['whos_online'];
     $query = "SELECT COUNT(*) AS total\n                FROM {$whos_onlinetable}\n                WHERE session_id = '" . oos_db_input($wo_session_id) . "'";
     $stored_customer = $dbconn->Execute($query);
     if ($stored_customer->fields['total'] > 0) {
         $whos_onlinetable = $oostable['whos_online'];
         $query = "UPDATE {$whos_onlinetable}" . " SET customer_id = ?, full_name = ?, ip_address = ?, time_last_click = ?, last_page_url = ?" . " WHERE session_id = ?";
         $result =& $dbconn->Execute($query, array((string) $wo_customer_id, (string) $wo_full_name, (string) $wo_ip_address, (string) $current_time, (string) $wo_last_page_url, (string) $wo_session_id));
     } else {
         $whos_onlinetable = $oostable['whos_online'];
         $dbconn->Execute("INSERT INTO " . $whos_onlinetable . "\n                     (customer_id,\n                      full_name,\n                      session_id,\n                      ip_address,\n                      time_entry,\n                      time_last_click,\n                      last_page_url) VALUES ('" . oos_db_input($wo_customer_id) . "',\n                                             '" . oos_db_input($wo_full_name) . "',\n                                             '" . oos_db_input($wo_session_id) . "',\n                                             '" . oos_db_input($wo_ip_address) . "',\n                                             '" . oos_db_input($current_time) . "',\n                                             '" . oos_db_input($current_time) . "',\n                                             '" . oos_db_input($wo_last_page_url) . "')");
     }
     return true;
 }
 /**
  * Constructor
  */
 function Template()
 {
     $this->Smarty();
     $this->left_delimiter = '{';
     $this->right_delimiter = '}';
     $dir = OOS_TEMP_PATH;
     if (substr($dir, -1) != "/") {
         $dir = $dir . "/";
     }
     $this->template_dir = $dir . 'shop/templates/';
     $this->compile_dir = $dir . 'shop/templates_c/';
     $this->config_dir = $dir . 'shop/configs/';
     $this->cache_dir = $dir . 'shop/cache/';
     $this->plugins_dir = array('plugins', BP . DS . 'lib/smarty-plugins/gettext', BP . DS . 'lib/smarty-plugins/myoos');
     $this->use_sub_dirs = true;
     $thstamp = mktime(0, 0, 0, date("m"), date("d") + 80, date("Y"));
     $oos_date = date("D,d M Y", $thstamp);
     $this->assign(array('oos_revision_date' => $oos_date, 'oos_date_long' => strftime(DATE_FORMAT_LONG), 'oos_session_name' => oos_session_name(), 'oos_session_id' => oos_session_id()));
 }
/**
  * Mail function (uses phpMailer)
 */
function oos_mail($to_name, $to_email_address, $email_subject, $email_text, $from_email_name, $from_email_address, $add_attachment = false)
{

    global $oEvent;

    if (!$oEvent->installed_plugin('mail')) return false;

    if (preg_match('~[\r\n]~', $to_name)) return false;
    if (preg_match('~[\r\n]~', $to_email_address)) return false;
    if (preg_match('~[\r\n]~', $email_subject)) return false;
    if (preg_match('~[\r\n]~', $from_email_name)) return false;
    if (preg_match('~[\r\n]~', $from_email_address)) return false;

    $sLang = (isset($_SESSION['iso_639_1']) ? $_SESSION['iso_639_1'] : 'en');

    // require  the mail classes
    MyOOS_CoreApi::requireOnce('lib/phpmailer/class.phpmailer.php');

    // Instantiate a new mail object
    $mail = new PHPMailer;
    $mail->ClearAllRecipients();
    $mail->ClearAddresses();
    $mail->ClearAttachments();

    $mail->PluginDir = OOS_ABSOLUTE_PATH . 'includes/lib/phpmailer/';
    $mail->SetLanguage( $sLang, OOS_ABSOLUTE_PATH . 'includes/lib/phpmailer/language/' );

    $mail->CharSet = CHARSET;
    $mail->IsMail();

    $mail->From = $from_email_address ? $from_email_address : STORE_OWNER_EMAIL_ADDRESS;
    $mail->FromName = $from_email_name ? $from_email_name : STORE_OWNER;
    $mail->Mailer = EMAIL_TRANSPORT;

    // Add smtp values if needed
    if ( EMAIL_TRANSPORT == 'smtp' ) {
        $mail->IsSMTP(); // set mailer to use SMTP
        $mail->SMTPAuth = OOS_SMTPAUTH; // turn on SMTP authentication
        $mail->Username = OOS_SMTPUSER; // SMTP username
        $mail->Password = OOS_SMTPPASS; // SMTP password
        $mail->Host     = OOS_SMTPHOST; // specify main and backup server
    } else
        // Set sendmail path
        if ( EMAIL_TRANSPORT == 'sendmail' ) {
            if (!oos_empty(OOS_SENDMAIL)) {
               $mail->Sendmail = OOS_SENDMAIL;
               $mail->IsSendmail();
             }
    }


    $mail->AddAddress($to_email_address, $to_name);
    $mail->Subject = $email_subject;


    // Build the text version
    $text = strip_tags($email_text);
    if (EMAIL_USE_HTML == '1') {
        $mail->IsHTML(true);
        $mail->Body = $email_text;
        $mail->AltBody = $text;
    } else {
        $mail->Body = $text;
    }

    if ($add_attachment === true) {

        // Get database information
        $dbconn =& oosDBGetConn();
        $oostable =& oosDBGetTables();

        $files_uploadedtable = $oostable['files_uploaded'];
        $query = "SELECT files_uploaded_id, files_uploaded_name
                  FROM $files_uploadedtable
                  WHERE sesskey = '" . oos_session_id() . "'";
        $files_uploaded_result = $dbconn->Execute($query);

        if ($files_uploaded_result->RecordCount() > 0) {
            while ($files_uploaded = $files_uploaded_result->fields)
            {

                $sDir = OOS_UPLOADS;
                if (substr($sDir, -1) != '/') $sDir .= '/';
                $sFile = $sDir. $files_uploaded['files_uploaded_id'] . $files_uploaded['files_uploaded_name'];
                $mail->AddAttachment($sFile, $files_uploaded['files_uploaded_name']);

                // Move that ADOdb pointer!
               $files_uploaded_result->MoveNext();
            }
        }
    }


    // Send message
    $mail->Send();
}
 /**
  * Hide form elements
  */
  function oos_hide_session_id() {
    if (defined('SID') && !oos_empty(SID)) return oos_draw_hidden_field(oos_session_name(), oos_session_id());
  }
    function create_plugin_instance() {
      global $request_type, $spider_flag, $spider_kill_sid;

      $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
      $spider_flag = false;
      $spider_kill_sid = '0';

      // set the top level domains
      $http_domain = oos_server_get_top_level_domain(OOS_HTTP_SERVER);
      $https_domain = oos_server_get_top_level_domain(OOS_HTTPS_SERVER);
      $current_domain = (($request_type == 'NONSSL') ? $http_domain : $https_domain);

      // set the session cookie parameters
      if (function_exists('session_set_cookie_params')) {
        session_set_cookie_params(0, '/', (!empty($current_domain) ? '.' . $current_domain : ''));
      } elseif (function_exists('ini_set')) {
        ini_set('session.cookie_lifetime', '0');
        ini_set('session.cookie_path', '/');
        ini_set('session.cookie_domain', (!empty($current_domain) ? '.' . $current_domain : ''));
      }

      // set the session ID if it exists
      if (isset($_POST[oos_session_name()]) && (ctype_alnum($_POST[oos_session_name()]))) {
        oos_session_id($_POST[oos_session_name()]);
      } elseif (isset($_GET[oos_session_name()]) && (ctype_alnum($_GET[oos_session_name()]))) {
        oos_session_id($_GET[oos_session_name()]);
      }

      if (empty($user_agent) === false) {
        $spider_agent = @parse_ini_file('includes/ini/spiders.ini');

        foreach ($spider_agent as $spider) {
           if (empty($spider) === false) {
             if (strpos($user_agent, trim($spider)) !== false) {
                $spider_kill_sid = '1';
                $spider_flag = true;
                break;
             }
           }
         }
      }

      if ($spider_flag === false) {
          if (!defined('MYOOS_SESSION_NAME'))
          {
              define('MYOOS_SESSION_NAME', 'MYOOS_SESSID');
          }

          @ini_set('session.name', MYOOS_SESSION_NAME);
          if(ini_get('session.save_handler') == 'user')
          {
              @ini_set('session.save_handler', 'files');
              @ini_set('session.save_path', '');
          }
          if(ini_get('session.save_handler') == 'files')
          {
              $sessionPath = ini_get('session.save_path');
              if (preg_match('/^[0-9]+;(.*)/', $sessionPath, $matches))
              {
                  $sessionPath = $matches[1];
              }
              if (ini_get('safe_mode') || ini_get('open_basedir') || empty($sessionPath) || !@is_writable($sessionPath))
              {
                  $sessionPath = MYOOS_USER_PATH . '/tmp/sessions';
                  @ini_set('session.save_path', $sessionPath);
                  if (!is_dir($sessionPath))
                  {
                      @mkdir($sessionPath, 0755, true);
                      if (!is_dir($sessionPath))
                      {
                          die("Error: Unable to mkdir $sessionPath");
                      }
                  }
                  elseif (!@is_writable($sessionPath))
                  {
                      die("Error: $sessionPath is not writable");
                  }
              }
          }
          // lets start our session
          oos_session_start();
      }

      if (!isset($_SESSION)) {
        $_SESSION = array();
      }

      // create the shopping cart
      if (!isset($_SESSION['cart'])) {
        $_SESSION['cart'] = new shoppingCart;
      }

      // navigation history
      if (!isset($_SESSION['navigation'])) {
        $_SESSION['navigation'] = new oosNavigationHistory;
      }

      $aPages = oos_get_pages();

      // verify the browser user agent
      $http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';

      if (!isset($_SESSION['session_user_agent'])) {
        $_SESSION['session_user_agent'] = $http_user_agent;
      }

      if ($_SESSION['session_user_agent'] != $http_user_agent) {
        unset($_SESSION['customer_id']);
        unset($_SESSION['session_user_agent']);
        $_SESSION['cart']->reset();
        $_SESSION['member']->default_member();

        MyOOS_CoreApi::redirect(oos_href_link($aPages['login'], '', 'SSL'));
      }

      // verify the IP address
      if (!isset($_SESSION['session_ip_address'])) {
        $_SESSION['session_ip_address'] = MyOOS_Utilities::getRemoteHostAddress();
      }

      if ($_SESSION['session_ip_address'] != MyOOS_Utilities::getRemoteHostAddress()) {
        unset($_SESSION['customer_id']);
        unset($_SESSION['session_ip_address']);
        $_SESSION['cart']->reset();
        $_SESSION['member']->default_member();

        MyOOS_CoreApi::redirect(oos_href_link($aPages['login'], '', 'SSL'));
      }

      return true;
    }
    function create_plugin_instance() {
      global $request_type, $spider_flag, $spider_kill_sid;

      $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
      $spider_flag = false;
      $spider_kill_sid = '0';

      // set the top level domains
      $http_domain = oos_server_get_top_level_domain(OOS_HTTP_SERVER);
      $https_domain = oos_server_get_top_level_domain(OOS_HTTPS_SERVER);
      $current_domain = (($request_type == 'NONSSL') ? $http_domain : $https_domain);

      // set the session cookie parameters
      if (function_exists('session_set_cookie_params')) {
        session_set_cookie_params(0, '/', (!empty($current_domain) ? '.' . $current_domain : ''));
      } elseif (function_exists('ini_set')) {
        ini_set('session.cookie_lifetime', '0');
        ini_set('session.cookie_path', '/');
        ini_set('session.cookie_domain', (!empty($current_domain) ? '.' . $current_domain : ''));
      }

      // set the session ID if it exists
      if (isset($_POST[oos_session_name()]) && (ctype_alnum($_POST[oos_session_name()]))) {
        oos_session_id($_POST[oos_session_name()]);
      } elseif (isset($_GET[oos_session_name()]) && (ctype_alnum($_GET[oos_session_name()]))) {
        oos_session_id($_GET[oos_session_name()]);
      }

      if (empty($user_agent) === false) {
        $spider_agent = @parse_ini_file('includes/ini/spiders.ini');

        foreach ($spider_agent as $spider) {
           if (empty($spider) === false) {
             if (strpos($user_agent, trim($spider)) !== false) {
                $spider_kill_sid = '1';
                $spider_flag = true;
                break;
             }
           }
         }
      }

      if ($spider_flag === false) {

        // lets start our session
        oos_session_start();
      }

      if (!isset($_SESSION)) {
        $_SESSION = array();
      }

      // create the shopping cart
      if (!isset($_SESSION['cart'])) {
        $_SESSION['cart'] = new shoppingCart;
      }

      // navigation history
      if (!isset($_SESSION['navigation'])) {
        $_SESSION['navigation'] = new oosNavigationHistory;
      }

      if (!isset($_SESSION['error_cart_msg'])) {
        $_SESSION['error_cart_msg'] = '';
      }

      $aPages = oos_get_pages();

      // verify the browser user agent
      $http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';

      if (!isset($_SESSION['session_user_agent'])) {
        $_SESSION['session_user_agent'] = $http_user_agent;
      }

      if ($_SESSION['session_user_agent'] != $http_user_agent) {
        unset($_SESSION['customer_id']);
        unset($_SESSION['session_user_agent']);
        $_SESSION['cart']->reset();
        $_SESSION['member']->default_member();

        MyOOS_CoreApi::redirect(oos_href_link($aPages['login'], '', 'SSL'));
      }

      // verify the IP address
      if (!isset($_SESSION['session_ip_address'])) {
        $_SESSION['session_ip_address'] = MyOOS_Utilities::getRemoteHostAddress();
      }

      if ($_SESSION['session_ip_address'] != MyOOS_Utilities::getRemoteHostAddress()) {
        unset($_SESSION['customer_id']);
        unset($_SESSION['session_ip_address']);
        $_SESSION['cart']->reset();
        $_SESSION['member']->default_member();

        MyOOS_CoreApi::redirect(oos_href_link($aPages['login'], '', 'SSL'));
      }

      return true;
    }
/**
 * Smarty {css_button} function plugin
 *
 * Type:     function
 * Name:     css_button
 * @Version:  $Revision: 1.2 $ - changed by $Author: r23 $ on $Date: 2008/01/09 22:03:20 $
 */

function smarty_function_css_button($params, &$smarty)
{
    global $oEvent, $spider_kill_sid;

    MyOOS_CoreApi::requireOnce('lib/smarty/libs/plugins/shared.escape_special_chars.php');

    $modul = '';
    $file = '';
    $parameters = '';
    $connection = 'NONSSL';
    $add_session_id = '1';
    $search_engine_safe = '1';

    $title = '';
    $color = 'btnR blue';


    foreach($params as $_key => $_val) {
      switch($_key) {
        case 'modul':
          if(!is_array($_val)) {
            $$_key = smarty_function_escape_special_chars($_val);
          } else {
            $smarty->trigger_error("css_button: Unable to determine the page link!", E_USER_NOTICE);
          }
          break;

        case 'file':
          if(!is_array($_val)) {
            $$_key = smarty_function_escape_special_chars($_val);
          } else {
            $smarty->trigger_error("css_button: Unable to determine the page link!", E_USER_NOTICE);
          }
          break;

        case 'oos_get':
        case 'addentry_id':
        case 'connection':
        case 'add_session_id':
        case 'search_engine_safe':
        case 'title':
            $$_key = (string)$_val;
            break;

        case 'color':
            $$_key = (string)$_val;
            break;

        case 'anchor':
            $anchor = smarty_function_escape_special_chars($_val);
            break;

        default:
          if(!is_array($_val)) {
            $parameters .= $_key.'='.smarty_function_escape_special_chars($_val).'&amp;';
          } else {
            $smarty->trigger_error("css_button: parameters '$_key' cannot be an array", E_USER_NOTICE);
          }
          break;
       }
    }


    if (empty($modul)) {
      $smarty->trigger_error("css_button: Unable to determine the page link!", E_USER_NOTICE);
    }

    if (empty($file)) {
      $smarty->trigger_error("css_button: Unable to determine the page link!", E_USER_NOTICE);
    }

    if (isset($addentry_id)) {
      $addentry_id = $addentry_id + 2;
      $parameters .= 'entry_id='.$addentry_id.'&amp;';
    }
    if (isset($oos_get)) {
      $parameters .= $oos_get;
    }

    $file = trim($file);

    if ($connection == 'NONSSL') {
      $link = OOS_HTTP_SERVER . OOS_SHOP;
    } elseif ($connection == 'SSL') {
      if (ENABLE_SSL == '1') {
        $link = OOS_HTTPS_SERVER . OOS_SHOP;
      } else {
        $link = OOS_HTTP_SERVER . OOS_SHOP;
      }
    } else {
      $smarty->trigger_error("css_button: Unable to determine the page link!", E_USER_NOTICE);
    }

    if (isset($parameters)) {
      $link .= 'index.php?mp=' . $modul . '&amp;file=' . $file . '&amp;' . oos_output_string($parameters);
    } else {
      $link .= 'index.php?mp=' . $modul . '&amp;file=' . $file;
    }

    $separator = '&amp;';

    while ( (substr($link, -5) == '&amp;') || (substr($link, -1) == '?') ) {
      if (substr($link, -1) == '?') {
        $link = substr($link, 0, -1);
      } else {
        $link = substr($link, 0, -5);
      }
    }

    if (isset($anchor)) {
      $link .= '#' . $anchor;
    }


// Add the session ID when moving from HTTP and HTTPS servers or when SID is defined
    if ( (ENABLE_SSL == '1' ) && ($connection == 'SSL') && ($add_session_id == '1') ) {
      $_sid = oos_session_name() . '=' . oos_session_id();
    } elseif ( ($add_session_id == '1') && (!oos_empty(SID)) ) {
      $_sid = SID;
    }

    if ( $spider_kill_sid == '1') $_sid = NULL;

/*
    if ( ($search_engine_safe == '1') &&  $oEvent->installed_plugin('sefu') ) {
      $link = str_replace(array('?', '&amp;', '='), '/', $link);

      $separator = '?';

      $pos = strpos ($link, 'action');
      if ($pos === false) {
        $url_rewrite = new url_rewrite;
        $link = $url_rewrite->transform_uri($link);
      }
    }
*/


    if (isset($_sid)) {
      $link .= $separator . oos_output_string($_sid);
    }


    $title = decode($title);

    return '<a href="' . $link . '" title="' . $title . '" class="' . $color . '">' . $title . '</a>';


  }
示例#8
0
    function process_button() {
      global $oOrder, $oCurrencies;

      $worldpay_cardId = oos_session_name() . '=' . oos_session_id();

      $aPages = oos_get_pages();

      $callback_url = oos_href_link($aPages['checkout_process'], '', 'SSL', true);
      $worldpay_callback = explode('http://', $callback_url);

      // Get database information
      $dbconn =& oosDBGetConn();
      $oostable =& oosDBGetTables();

      $sLanguage = oos_var_prep_for_os($_SESSION['language']);

      $languagestable = $oostable['languages'];
      $query = "SELECT iso_639_1
                FROM $languagestable
                WHERE iso_639_2 = '" .  oos_db_input($sLanguage) . "'";
      $language_code = $dbconn->GetOne($query);

      $address = htmlspecialchars($oOrder->customer['street_address'] . "\n" . $oOrder->customer['suburb'] . "\n" . $oOrder->customer['city'] . "\n" . $oOrder->customer['state'], ENT_QUOTES);


      $process_button_string = oos_draw_hidden_field('instId', MODULE_PAYMENT_WORLDPAY_ID) .
                               oos_draw_hidden_field('currency', $_SESSION['currency']) .
                               oos_draw_hidden_field('desc', 'Purchase from '.STORE_NAME) .
                               oos_draw_hidden_field('cartId', $worldpay_cardId) .
                               oos_draw_hidden_field('amount', number_format($oOrder->info['total'] * $oCurrencies->get_value($_SESSION['currency']), $oCurrencies->get_decimal_places($_SESSION['currency']), '.', '')) ;

      if (MODULE_PAYMENT_WORLDPAY_USEPREAUTH == '1') {
        $process_button_string .= oos_draw_hidden_field('authMode', MODULE_PAYMENT_WORLDPAY_PREAUTH);
      }

      $process_button_string .= oos_draw_hidden_field('testMode', MODULE_PAYMENT_WORLDPAY_MODE) .
                                oos_draw_hidden_field('name', $oOrder->customer['firstname'] . ' ' . $oOrder->customer['lastname']) .
                                oos_draw_hidden_field('address', $address) .
                                oos_draw_hidden_field('postcode', $oOrder->customer['postcode']) .
                                oos_draw_hidden_field('country', $oOrder->customer['country']['iso_code_2']) .
                                oos_draw_hidden_field('tel', $oOrder->customer['telephone']) .
                                oos_draw_hidden_field('myvar', 'Y') .
                                oos_draw_hidden_field('fax', $oOrder->customer['fax']) .
                                oos_draw_hidden_field('email', $oOrder->customer['email_address']) .
                                oos_draw_hidden_field('lang', $language_code) .
                                oos_draw_hidden_field('MC_callback', $worldpay_callback[1]) .
                                oos_draw_hidden_field('MC_oscsid', $oscSid);

      if (MODULE_PAYMENT_WORLDPAY_USEMD5 == '1') {
        $md5_signature_fields = 'amount:language:email';
        $md5_signature = MODULE_PAYMENT_WORLDPAY_MD5KEY . ':' . (number_format($oOrder->info['total'] * $oCurrencies->get_value($_SESSION['currency']), $oCurrencies->get_decimal_places($_SESSION['currency']), '.', '')) . ':' . $language_code . ':' . $oOrder->customer['email_address'];
        $md5_signature_md5 = md5($md5_signature);

        $process_button_string .= oos_draw_hidden_field('signatureFields', $md5_signature_fields ) .
                                  oos_draw_hidden_field('signature',$md5_signature_md5);
      }
      return $process_button_string ;
    }
 function transform_uri($param)
 {
     unset($path);
     unset($url);
     $uri = explode("index.php/", $param);
     $path = $uri[1];
     $base = $uri[0];
     $url_array = explode('/', $path);
     $aPages = oos_get_pages();
     if (in_array('categories', $url_array) || in_array($aPages['product_info'], $url_array) && in_array($aModules['products'], $url_array)) {
         $_filter = array('page', $aPages['shop'], oos_session_name(), oos_session_id());
         $dbconn =& oosDBGetConn();
         $oostable =& oosDBGetTables();
         $nLanguageID = isset($_SESSION['language_id']) ? $_SESSION['language_id'] + 0 : 1;
         $path = '';
         $extention = '.html';
         $nArrayCountUrl = count($url_array);
         for ($i = 0; $i < $nArrayCountUrl; $i++) {
             switch ($url_array[$i]) {
                 case 'categories':
                     unset($category);
                     $category = '';
                     $i++;
                     if (eregi('[_0-9]', $url_array[$i])) {
                         if ($category_array = explode('_', $url_array[$i])) {
                             foreach ($category_array as $value) {
                                 $categoriestable = $oostable['categories'];
                                 $categories_descriptiontable = $oostable['categories_description'];
                                 $category_result = $dbconn->Execute("SELECT c.categories_id, cd.categories_name FROM  {$categoriestable} c, {$categories_descriptiontable} cd WHERE c.categories_id = '" . intval($value) . "' AND c.categories_id = cd.categories_id AND cd.categories_languages_id = '" . intval($nLanguageID) . "'");
                                 $category .= oos_make_filename($category_result->fields['categories_name']) . '/';
                             }
                             $category = substr($category, 0, -1);
                             $category .= '-c-' . $url_array[$i] . '/';
                         } else {
                             $category .= 'categories/' . $url_array[$i] . '/';
                         }
                     }
                     $path .= $category;
                     break;
                 case 'products_id':
                     unset($product);
                     $i++;
                     if ($url_array[$i]) {
                         $products_descriptiontable = $oostable['products_description'];
                         $product_result = $dbconn->Execute("SELECT products_name FROM {$products_descriptiontable} WHERE products_id = '" . intval($url_array[$i]) . "' AND products_languages_id = '" . intval($nLanguageID) . "'");
                         $product = oos_make_filename($product_result->fields['products_name']);
                         $path .= $product . '-p-' . $url_array[$i] . '/';
                     }
                     break;
                 case 'manufacturers_id':
                     unset($manufacturer);
                     $i++;
                     if ($url_array[$i]) {
                         $manufacturerstable = $oostable['manufacturers'];
                         $manufacturer_result = $dbconn->Execute("SELECT manufacturers_name FROM {$manufacturerstable} WHERE manufacturers_id = '" . intval($url_array[$i]) . "'");
                         $manufacturer = oos_make_filename($manufacturer_result->fields['manufacturers_name']);
                         $path .= $manufacturer . '-m-' . $url_array[$i] . '/';
                     }
                     break;
                 default:
                     if (!in_array($url_array[$i], $_filter)) {
                         $path .= $url_array[$i] . '/';
                     }
                     break;
             }
         }
         $pos = strpos($path, "-p-");
         if ($pos === false) {
             // $remove = array('-c-');
         } else {
             $remove = array('-m-', '-c-');
         }
         $path = str_replace($remove, '', $path);
         if (strpos($path, '//') !== false) {
             $path = str_replace('//', '/', $path);
         }
         if (substr($path, -1) == '/') {
             $path = substr($path, 0, -1);
         }
         $url = $base . $path . $extention;
     } else {
         $url = $param;
     }
     return $url;
 }
示例#10
0
*/
/** ensure this file is being included by a parent file */
defined('OOS_VALID_MOD') or die('Direct Access to this location is not allowed.');
if (!defined('SHOP_ROOT')) {
    define('SHOP_ROOT', dirname(__FILE__) . '/../../../');
}
require SHOP_ROOT . 'includes/config.php';
require SHOP_ROOT . OOS_INCLUDES . 'oos_tables.php';
require SHOP_ROOT . OOS_FUNCTIONS . 'function_kernel.php';
// define how the session functions will be used
require SHOP_ROOT . OOS_FUNCTIONS . 'function_session.php';
// set the session ID if it exists
if (isset($_POST[oos_session_name()])) {
    oos_session_id($_POST[oos_session_name()]);
} elseif (isset($_GET[oos_session_name()])) {
    oos_session_id($_GET[oos_session_name()]);
}
oos_session_name('eSConnectorAdm');
oos_session_start();
if (!isset($_SESSION)) {
    $_SESSION = array();
}
// require  the database functions
$adodb_logsqltable = $oostable['adodb_logsql'];
if (!defined('ADODB_LOGSQL_TABLE')) {
    define('ADODB_LOGSQL_TABLE', $adodb_logsqltable);
}
require SHOP_ROOT . OOS_ADODB . 'adodb-errorhandler.inc.php';
require SHOP_ROOT . OOS_ADODB . 'adodb.inc.php';
require SHOP_ROOT . OOS_FUNCTIONS . 'function_db.php';
// make a connection to the database... now
 function display_links($query_numrows, $max_rows_per_page, $max_page_links, $current_page_number, $parameters = '', $page_name = 'page')
 {
     if (!empty($parameters) && substr($parameters, -1) != '&') {
         $parameters .= '&';
     }
     // calculate number of pages needing links
     $num_pages = intval($query_numrows / $max_rows_per_page);
     // $num_pages now contains int of pages needed unless there is a remainder from division
     if ($query_numrows % $max_rows_per_page) {
         $num_pages++;
     }
     // has remainder so add one page
     $pages_array = array();
     for ($i = 1; $i <= $num_pages; $i++) {
         $pages_array[] = array('id' => $i, 'text' => $i);
     }
     if ($num_pages > 1) {
         $display_links = oos_draw_form('pages', basename($_SERVER['PHP_SELF']), '', 'get');
         if ($current_page_number > 1) {
             $display_links .= '<a href="' . oos_href_link_admin(basename($_SERVER['PHP_SELF']), $parameters . $page_name . '=' . ($current_page_number - 1), 'NONSSL') . '" class="splitPageLink">' . PREVNEXT_BUTTON_PREV . '</a>&nbsp;&nbsp;';
         } else {
             $display_links .= PREVNEXT_BUTTON_PREV . '&nbsp;&nbsp;';
         }
         $display_links .= sprintf(TEXT_RESULT_PAGE, oos_draw_pull_down_menu($page_name, $pages_array, '', 'onChange="this.form.submit();"'), $num_pages);
         if ($current_page_number < $num_pages && $num_pages != 1) {
             $display_links .= '&nbsp;&nbsp;<a href="' . oos_href_link_admin(basename($_SERVER['PHP_SELF']), $parameters . $page_name . '=' . ($current_page_number + 1), 'NONSSL') . '" class="splitPageLink">' . PREVNEXT_BUTTON_NEXT . '</a>';
         } else {
             $display_links .= '&nbsp;&nbsp;' . PREVNEXT_BUTTON_NEXT;
         }
         if ($parameters != '') {
             if (substr($parameters, -1) == '&') {
                 $parameters = substr($parameters, 0, -1);
             }
             $pairs = explode('&', $parameters);
             while (list(, $pair) = each($pairs)) {
                 list($key, $value) = explode('=', $pair);
                 $display_links .= oos_draw_hidden_field(rawurldecode($key), rawurldecode($value));
             }
         }
         if (SID) {
             $display_links .= oos_draw_hidden_field(oos_session_name(), oos_session_id());
         }
         $display_links .= '</form>';
     } else {
         $display_links = sprintf(TEXT_RESULT_PAGE, $num_pages, $num_pages);
     }
     return $display_links;
 }
示例#12
0
 function process_button()
 {
     global $oOrder, $oCurrencies;
     switch (MODULE_PAYMENT_SECPAY_CURRENCY) {
         case 'Default Currency':
             $sec_currency = DEFAULT_CURRENCY;
             break;
         case 'Any Currency':
         default:
             $sec_currency = $_SESSION['currency'];
             break;
     }
     switch (MODULE_PAYMENT_SECPAY_TEST_STATUS) {
         case 'Always Fail':
             $test_status = '0';
             break;
         case 'Production':
             $test_status = 'live';
             break;
         case 'Always Successful':
         default:
             $test_status = '1';
             break;
     }
     $aFilename = oos_get_filename();
     $aModules = oos_get_modules();
     $process_button_string = oos_draw_hidden_field('merchant', MODULE_PAYMENT_SECPAY_MERCHANT_ID) . oos_draw_hidden_field('trans_id', STORE_NAME . date('Ymdhis')) . oos_draw_hidden_field('amount', number_format($oOrder->info['total'] * $oCurrencies->get_value($sec_currency), $oCurrencies->currencies[$sec_currency]['decimal_places'], '.', '')) . oos_draw_hidden_field('bill_name', $oOrder->billing['firstname'] . ' ' . $oOrder->billing['lastname']) . oos_draw_hidden_field('bill_addr_1', $oOrder->billing['street_address']) . oos_draw_hidden_field('bill_addr_2', $oOrder->billing['suburb']) . oos_draw_hidden_field('bill_city', $oOrder->billing['city']) . oos_draw_hidden_field('bill_state', $oOrder->billing['state']) . oos_draw_hidden_field('bill_post_code', $oOrder->billing['postcode']) . oos_draw_hidden_field('bill_country', $oOrder->billing['country']['title']) . oos_draw_hidden_field('bill_tel', $oOrder->customer['telephone']) . oos_draw_hidden_field('bill_email', $oOrder->customer['email_address']) . oos_draw_hidden_field('ship_name', $oOrder->delivery['firstname'] . ' ' . $oOrder->delivery['lastname']) . oos_draw_hidden_field('ship_addr_1', $oOrder->delivery['street_address']) . oos_draw_hidden_field('ship_addr_2', $oOrder->delivery['suburb']) . oos_draw_hidden_field('ship_city', $oOrder->delivery['city']) . oos_draw_hidden_field('ship_state', $oOrder->delivery['state']) . oos_draw_hidden_field('ship_post_code', $oOrder->delivery['postcode']) . oos_draw_hidden_field('ship_country', $oOrder->delivery['country']['title']) . oos_draw_hidden_field('currency', $sec_currency) . oos_draw_hidden_field('callback', oos_href_link($aModules['checkout'], $aFilename['checkout_process'], '', 'SSL', false) . ';' . oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], 'payment_error=' . $this->code, 'SSL', false)) . oos_draw_hidden_field(oos_session_name(), oos_session_id()) . oos_draw_hidden_field('options', 'test_status=' . $test_status . ',dups=false,cb_post=true,cb_flds=' . oos_session_name());
     return $process_button_string;
 }
示例#13
0
    function process_button() {
      global $oOrder;

      $sequence = rand(1, 1000);
      $aPages = oos_get_pages();

      $process_button_string = oos_draw_hidden_field('x_Login', MODULE_PAYMENT_AUTHORIZENET_LOGIN) .
                               oos_draw_hidden_field('x_Card_Num', $this->cc_card_number) .
                               oos_draw_hidden_field('x_Exp_Date', $this->cc_expiry_month . substr($this->cc_expiry_year, -2)) .
                               oos_draw_hidden_field('x_Amount', number_format($oOrder->info['total'], 2)) .
                               oos_draw_hidden_field('x_Relay_URL', oos_href_link($aPages['checkout_process'], '', 'SSL', false)) .
                               oos_draw_hidden_field('x_Method', ((MODULE_PAYMENT_AUTHORIZENET_METHOD == 'Credit Card') ? 'CC' : 'ECHECK')) .
                               oos_draw_hidden_field('x_Version', '3.0') .
                               oos_draw_hidden_field('x_Cust_ID', $_SESSION['customer_id']) .
                               oos_draw_hidden_field('x_Email_Customer', ((MODULE_PAYMENT_AUTHORIZENET_EMAIL_CUSTOMER == '1') ? 'TRUE': 'FALSE')) .
                               oos_draw_hidden_field('x_first_name', $oOrder->customer['firstname']) .
                               oos_draw_hidden_field('x_last_name', $oOrder->customer['lastname']) .
                               oos_draw_hidden_field('x_address', $oOrder->customer['street_address']) .
                               oos_draw_hidden_field('x_city', $oOrder->customer['city']) .
                               oos_draw_hidden_field('x_state', $oOrder->customer['state']) .
                               oos_draw_hidden_field('x_zip', $oOrder->customer['postcode']) .
                               oos_draw_hidden_field('x_country', $oOrder->customer['country']['title']) .
                               oos_draw_hidden_field('x_phone', $oOrder->customer['telephone']) .
                               oos_draw_hidden_field('x_email', $oOrder->customer['email_address']) .
                               oos_draw_hidden_field('x_ship_to_first_name', $oOrder->delivery['firstname']) .
                               oos_draw_hidden_field('x_ship_to_last_name', $oOrder->delivery['lastname']) .
                               oos_draw_hidden_field('x_ship_to_address', $oOrder->delivery['street_address']) .
                               oos_draw_hidden_field('x_ship_to_city', $oOrder->delivery['city']) .
                               oos_draw_hidden_field('x_ship_to_state', $oOrder->delivery['state']) .
                               oos_draw_hidden_field('x_ship_to_zip', $oOrder->delivery['postcode']) .
                               oos_draw_hidden_field('x_ship_to_country', $oOrder->delivery['country']['title']) .
                               oos_draw_hidden_field('x_Customer_IP', $_SERVER['REMOTE_ADDR']) .
                               $this->InsertFP(MODULE_PAYMENT_AUTHORIZENET_LOGIN, MODULE_PAYMENT_AUTHORIZENET_TXNKEY, number_format($oOrder->info['total'], 2), $sequence);
      if (MODULE_PAYMENT_AUTHORIZENET_TESTMODE == 'Test') $process_button_string .= oos_draw_hidden_field('x_Test_Request', 'TRUE');

      $process_button_string .= oos_draw_hidden_field(oos_session_name(), oos_session_id());

      return $process_button_string;
    }
/**
 * Smarty {html_href_link} function plugin
 *
 * Type:     function
 * Name:     html_href_link
 * @Version:  $Revision: 1.8 $ - changed by $Author: r23 $ on $Date: 2008/07/08 13:19:51 $
 * -------------------------------------------------------------
 */
function smarty_function_html_href_link($params, &$smarty)
{
    global $oEvent, $spider_flag;
    MyOOS_CoreApi::requireOnce('lib/smarty/libs/plugins/shared.escape_special_chars.php');
    $page = '';
    $parameters = '';
    $connection = 'NONSSL';
    $add_session_id = '1';
    $search_engine_safe = '1';
    foreach ($params as $_key => $_val) {
        switch ($_key) {
            case 'page':
                if (!is_array($_val)) {
                    ${$_key} = smarty_function_escape_special_chars($_val);
                } else {
                    $smarty->trigger_error("html_href_link: Unable to determine the page link!", E_USER_NOTICE);
                }
                break;
            case 'oos_get':
            case 'addentry_id':
            case 'connection':
            case 'add_session_id':
            case 'search_engine_safe':
                ${$_key} = (string) $_val;
                break;
            case 'anchor':
                $anchor = smarty_function_escape_special_chars($_val);
                break;
            default:
                if (!is_array($_val)) {
                    $parameters .= $_key . '=' . smarty_function_escape_special_chars($_val) . '&amp;';
                } else {
                    $smarty->trigger_error("html_href_link: parameters '{$_key}' cannot be an array", E_USER_NOTICE);
                }
                break;
        }
    }
    if (empty($page)) {
        $smarty->trigger_error("html_href_link: Unable to determine the page link!", E_USER_NOTICE);
    }
    if (isset($addentry_id)) {
        $addentry_id = $addentry_id + 2;
        $parameters .= 'entry_id=' . $addentry_id . '&amp;';
    }
    if (isset($oos_get)) {
        $parameters .= $oos_get;
    }
    $page = trim($page);
    if ($connection == 'NONSSL') {
        $link = OOS_HTTP_SERVER . OOS_SHOP;
    } elseif ($connection == 'SSL') {
        if (ENABLE_SSL == '1') {
            $link = OOS_HTTPS_SERVER . OOS_SHOP;
        } else {
            $link = OOS_HTTP_SERVER . OOS_SHOP;
        }
    } else {
        $smarty->trigger_error("html_href_link: Unable to determine the page link!", E_USER_NOTICE);
    }
    if (isset($parameters)) {
        $link .= 'index.php?page=' . $page . '&amp;' . oos_output_string($parameters);
    } else {
        $link .= 'index.php?page=' . $page;
    }
    $separator = '&amp;';
    while (substr($link, -5) == '&amp;' || substr($link, -1) == '?') {
        if (substr($link, -1) == '?') {
            $link = substr($link, 0, -1);
        } else {
            $link = substr($link, 0, -5);
        }
    }
    if (isset($anchor)) {
        $link .= '#' . $anchor;
    }
    // Add the session ID when moving from HTTP and HTTPS servers or when SID is defined
    if (ENABLE_SSL == '1' && $connection == 'SSL' && $add_session_id == '1') {
        $_sid = oos_session_name() . '=' . oos_session_id();
    } elseif ($add_session_id == '1' && oos_is_not_null(SID)) {
        $_sid = SID;
    }
    if ($spider_flag === false) {
        $_sid = NULL;
    }
    if ($search_engine_safe == '1' && $oEvent->installed_plugin('sefu')) {
        $link = str_replace(array('?', '&amp;', '='), '/', $link);
        $separator = '?';
        $pos = strpos($link, 'action');
        if ($pos === false) {
            $url_rewrite = new url_rewrite();
            $link = $url_rewrite->transform_uri($link);
        }
    }
    if (isset($_sid)) {
        $link .= $separator . oos_output_string($_sid);
    }
    return $link;
}
示例#15
0
 function process_button()
 {
     global $oOrder, $oCurrencies;
     if (MODULE_PAYMENT_YELLOWPAY_CURRENCY == 'Selected Currency') {
         $my_currency = $_SESSION['currency'];
     } else {
         $my_currency = substr(MODULE_PAYMENT_YELLOWPAY_CURRENCY, 5);
     }
     if (!in_array($my_currency, array('CHF', 'EUR', 'USD'))) {
         $my_currency = 'CHF';
     }
     switch ($_SESSION['language']) {
         case 'deu':
             $usedlanguage = 2055;
             break;
         case 'eng':
             $usedlanguage = 2057;
             break;
         case 'ita':
             $usedlanguage = 2064;
             break;
         default:
             $usedlanguage = MODULE_PAYMENT_YELLOWPAY_LANGUAGE;
             break;
     }
     $sidretour = oos_session_name() . '=' . oos_session_id();
     $usedtotal = number_format($oOrder->info['total'] * $oCurrencies->get_value($my_currency), $oCurrencies->get_decimal_places($my_currency));
     $txtHash_tosecure = MODULE_PAYMENT_YELLOWPAY_SHOP_ID . $my_currency . $usedtotal . MODULE_PAYMENT_HASH_SEED;
     $txtHash = md5($txtHash_tosecure);
     $txtOrderIDShop = $_SESSION['customer_id'] . date("Y-m-d H:i:s");
     $process_button_string = oos_draw_hidden_field('txtShopID', MODULE_PAYMENT_YELLOWPAY_ID) . oos_draw_hidden_field('txtShopPara', $sidretour) . oos_draw_hidden_field('txtOrderTotal', $usedtotal) . oos_draw_hidden_field('txtLangVersion', $usedlanguage) . oos_draw_hidden_field('txtArtCurrency', $my_currency) . oos_draw_hidden_field('txtHash', $txtHash) . oos_draw_hidden_field('txtOrderIDShop', $txtOrderIDShop) . oos_draw_hidden_field('txtBLastName', $oOrder->billing['lastname']) . oos_draw_hidden_field('txtBFirstName', $oOrder->billing['firstname']) . oos_draw_hidden_field('txtBAddr1', $oOrder->billing['street_address']) . oos_draw_hidden_field('txtBZipCode', $oOrder->billing['postcode']) . oos_draw_hidden_field('txtBCity', oos_replace_chars($oOrder->billing['city'])) . oos_draw_hidden_field('txtBZipCode', $oOrder->billing['postcode']) . oos_draw_hidden_field('txtBTel', $oOrder->customer['customers_telephone']) . oos_draw_hidden_field('txtBEmail', $oOrder->customer['email_address']) . oos_draw_hidden_field('txtHistoryBack', '0');
     return $process_button_string;
 }
     $_SESSION['cart']->remove($_POST['edit_product']);
 }
 $real_ids = $_POST['id'];
 // File_upload
 if (isset($_POST['number_of_uploads']) && is_numeric($_POST['number_of_uploads']) && $_POST['number_of_uploads'] > 0) {
     require_once 'includes/classes/class_upload.php';
     for ($i = 1; $i <= $_POST['number_of_uploads']; $i++) {
         if (oos_is_not_null($_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]]) and $_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] != 'none') {
             $products_options_file = new upload('id');
             $products_options_file->set_destination(OOS_UPLOADS);
             $files_uploadedtable = $oostable['files_uploaded'];
             if ($products_options_file->parse(TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i])) {
                 if (isset($_SESSION['customer_id'])) {
                     $dbconn->Execute("INSERT INTO " . $files_uploadedtable . " (sesskey, customers_id, files_uploaded_name) VALUES ('" . oos_session_id() . "', '" . intval($_SESSION['customer_id']) . "', '" . oos_db_input($products_options_file->filename) . "')");
                 } else {
                     $dbconn->Execute("INSERT INTO " . $files_uploadedtable . " (sesskey, files_uploaded_name) VALUES ('" . oos_session_id() . "', '" . oos_db_input($products_options_file->filename) . "')");
                 }
                 $insert_id = $dbconn->Insert_ID();
                 $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $insert_id . ". " . $products_options_file->filename;
                 $products_options_file->set_filename("{$insert_id}" . $products_options_file->filename);
                 if (!$products_options_file->save()) {
                     break 2;
                 }
             } else {
                 break 2;
             }
         } else {
             // No file uploaded -- use previous value
             $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $_POST[TEXT_PREFIX . UPLOAD_PREFIX . $i];
         }
     }
/**
 * Hide form elements
 */
function oos_hide_session_id()
{
    if (defined('SID') && oos_is_not_null(SID)) {
        return oos_draw_hidden_field(oos_session_name(), oos_session_id());
    }
}