function create_plugin_instance() { // Get database information $dbconn =& oosDBGetConn(); $oostable =& oosDBGetTables(); if (isset($_SESSION['customer_id'])) { $wo_customer_id = $_SESSION['customer_id']; $wo_full_name = addslashes($_SESSION['customer_first_name'] . ' ' . $_SESSION['customer_lastname']); } else { $wo_customer_id = ''; $wo_full_name = 'Guest'; } $wo_session_id = oos_session_id(); $wo_ip_address = $_SESSION['session_ip_address']; $wo_last_page_url = addslashes(oos_server_get_var('REQUEST_URI')); $current_time = time(); $xx_mins_ago = $current_time - 900; // remove entries that have expired $whos_onlinetable = $oostable['whos_online']; $dbconn->Execute("DELETE FROM {$whos_onlinetable}\n WHERE time_last_click < '" . oos_db_input($xx_mins_ago) . "'"); $whos_onlinetable = $oostable['whos_online']; $query = "SELECT COUNT(*) AS total\n FROM {$whos_onlinetable}\n WHERE session_id = '" . oos_db_input($wo_session_id) . "'"; $stored_customer = $dbconn->Execute($query); if ($stored_customer->fields['total'] > 0) { $whos_onlinetable = $oostable['whos_online']; $query = "UPDATE {$whos_onlinetable}" . " SET customer_id = ?, full_name = ?, ip_address = ?, time_last_click = ?, last_page_url = ?" . " WHERE session_id = ?"; $result =& $dbconn->Execute($query, array((string) $wo_customer_id, (string) $wo_full_name, (string) $wo_ip_address, (string) $current_time, (string) $wo_last_page_url, (string) $wo_session_id)); } else { $whos_onlinetable = $oostable['whos_online']; $dbconn->Execute("INSERT INTO " . $whos_onlinetable . "\n (customer_id,\n full_name,\n session_id,\n ip_address,\n time_entry,\n time_last_click,\n last_page_url) VALUES ('" . oos_db_input($wo_customer_id) . "',\n '" . oos_db_input($wo_full_name) . "',\n '" . oos_db_input($wo_session_id) . "',\n '" . oos_db_input($wo_ip_address) . "',\n '" . oos_db_input($current_time) . "',\n '" . oos_db_input($current_time) . "',\n '" . oos_db_input($wo_last_page_url) . "')"); } return true; }
/** * Constructor */ function Template() { $this->Smarty(); $this->left_delimiter = '{'; $this->right_delimiter = '}'; $dir = OOS_TEMP_PATH; if (substr($dir, -1) != "/") { $dir = $dir . "/"; } $this->template_dir = $dir . 'shop/templates/'; $this->compile_dir = $dir . 'shop/templates_c/'; $this->config_dir = $dir . 'shop/configs/'; $this->cache_dir = $dir . 'shop/cache/'; $this->plugins_dir = array('plugins', BP . DS . 'lib/smarty-plugins/gettext', BP . DS . 'lib/smarty-plugins/myoos'); $this->use_sub_dirs = true; $thstamp = mktime(0, 0, 0, date("m"), date("d") + 80, date("Y")); $oos_date = date("D,d M Y", $thstamp); $this->assign(array('oos_revision_date' => $oos_date, 'oos_date_long' => strftime(DATE_FORMAT_LONG), 'oos_session_name' => oos_session_name(), 'oos_session_id' => oos_session_id())); }
/** * Mail function (uses phpMailer) */ function oos_mail($to_name, $to_email_address, $email_subject, $email_text, $from_email_name, $from_email_address, $add_attachment = false) { global $oEvent; if (!$oEvent->installed_plugin('mail')) return false; if (preg_match('~[\r\n]~', $to_name)) return false; if (preg_match('~[\r\n]~', $to_email_address)) return false; if (preg_match('~[\r\n]~', $email_subject)) return false; if (preg_match('~[\r\n]~', $from_email_name)) return false; if (preg_match('~[\r\n]~', $from_email_address)) return false; $sLang = (isset($_SESSION['iso_639_1']) ? $_SESSION['iso_639_1'] : 'en'); // require the mail classes MyOOS_CoreApi::requireOnce('lib/phpmailer/class.phpmailer.php'); // Instantiate a new mail object $mail = new PHPMailer; $mail->ClearAllRecipients(); $mail->ClearAddresses(); $mail->ClearAttachments(); $mail->PluginDir = OOS_ABSOLUTE_PATH . 'includes/lib/phpmailer/'; $mail->SetLanguage( $sLang, OOS_ABSOLUTE_PATH . 'includes/lib/phpmailer/language/' ); $mail->CharSet = CHARSET; $mail->IsMail(); $mail->From = $from_email_address ? $from_email_address : STORE_OWNER_EMAIL_ADDRESS; $mail->FromName = $from_email_name ? $from_email_name : STORE_OWNER; $mail->Mailer = EMAIL_TRANSPORT; // Add smtp values if needed if ( EMAIL_TRANSPORT == 'smtp' ) { $mail->IsSMTP(); // set mailer to use SMTP $mail->SMTPAuth = OOS_SMTPAUTH; // turn on SMTP authentication $mail->Username = OOS_SMTPUSER; // SMTP username $mail->Password = OOS_SMTPPASS; // SMTP password $mail->Host = OOS_SMTPHOST; // specify main and backup server } else // Set sendmail path if ( EMAIL_TRANSPORT == 'sendmail' ) { if (!oos_empty(OOS_SENDMAIL)) { $mail->Sendmail = OOS_SENDMAIL; $mail->IsSendmail(); } } $mail->AddAddress($to_email_address, $to_name); $mail->Subject = $email_subject; // Build the text version $text = strip_tags($email_text); if (EMAIL_USE_HTML == '1') { $mail->IsHTML(true); $mail->Body = $email_text; $mail->AltBody = $text; } else { $mail->Body = $text; } if ($add_attachment === true) { // Get database information $dbconn =& oosDBGetConn(); $oostable =& oosDBGetTables(); $files_uploadedtable = $oostable['files_uploaded']; $query = "SELECT files_uploaded_id, files_uploaded_name FROM $files_uploadedtable WHERE sesskey = '" . oos_session_id() . "'"; $files_uploaded_result = $dbconn->Execute($query); if ($files_uploaded_result->RecordCount() > 0) { while ($files_uploaded = $files_uploaded_result->fields) { $sDir = OOS_UPLOADS; if (substr($sDir, -1) != '/') $sDir .= '/'; $sFile = $sDir. $files_uploaded['files_uploaded_id'] . $files_uploaded['files_uploaded_name']; $mail->AddAttachment($sFile, $files_uploaded['files_uploaded_name']); // Move that ADOdb pointer! $files_uploaded_result->MoveNext(); } } } // Send message $mail->Send(); }
/** * Hide form elements */ function oos_hide_session_id() { if (defined('SID') && !oos_empty(SID)) return oos_draw_hidden_field(oos_session_name(), oos_session_id()); }
function create_plugin_instance() { global $request_type, $spider_flag, $spider_kill_sid; $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']); $spider_flag = false; $spider_kill_sid = '0'; // set the top level domains $http_domain = oos_server_get_top_level_domain(OOS_HTTP_SERVER); $https_domain = oos_server_get_top_level_domain(OOS_HTTPS_SERVER); $current_domain = (($request_type == 'NONSSL') ? $http_domain : $https_domain); // set the session cookie parameters if (function_exists('session_set_cookie_params')) { session_set_cookie_params(0, '/', (!empty($current_domain) ? '.' . $current_domain : '')); } elseif (function_exists('ini_set')) { ini_set('session.cookie_lifetime', '0'); ini_set('session.cookie_path', '/'); ini_set('session.cookie_domain', (!empty($current_domain) ? '.' . $current_domain : '')); } // set the session ID if it exists if (isset($_POST[oos_session_name()]) && (ctype_alnum($_POST[oos_session_name()]))) { oos_session_id($_POST[oos_session_name()]); } elseif (isset($_GET[oos_session_name()]) && (ctype_alnum($_GET[oos_session_name()]))) { oos_session_id($_GET[oos_session_name()]); } if (empty($user_agent) === false) { $spider_agent = @parse_ini_file('includes/ini/spiders.ini'); foreach ($spider_agent as $spider) { if (empty($spider) === false) { if (strpos($user_agent, trim($spider)) !== false) { $spider_kill_sid = '1'; $spider_flag = true; break; } } } } if ($spider_flag === false) { if (!defined('MYOOS_SESSION_NAME')) { define('MYOOS_SESSION_NAME', 'MYOOS_SESSID'); } @ini_set('session.name', MYOOS_SESSION_NAME); if(ini_get('session.save_handler') == 'user') { @ini_set('session.save_handler', 'files'); @ini_set('session.save_path', ''); } if(ini_get('session.save_handler') == 'files') { $sessionPath = ini_get('session.save_path'); if (preg_match('/^[0-9]+;(.*)/', $sessionPath, $matches)) { $sessionPath = $matches[1]; } if (ini_get('safe_mode') || ini_get('open_basedir') || empty($sessionPath) || !@is_writable($sessionPath)) { $sessionPath = MYOOS_USER_PATH . '/tmp/sessions'; @ini_set('session.save_path', $sessionPath); if (!is_dir($sessionPath)) { @mkdir($sessionPath, 0755, true); if (!is_dir($sessionPath)) { die("Error: Unable to mkdir $sessionPath"); } } elseif (!@is_writable($sessionPath)) { die("Error: $sessionPath is not writable"); } } } // lets start our session oos_session_start(); } if (!isset($_SESSION)) { $_SESSION = array(); } // create the shopping cart if (!isset($_SESSION['cart'])) { $_SESSION['cart'] = new shoppingCart; } // navigation history if (!isset($_SESSION['navigation'])) { $_SESSION['navigation'] = new oosNavigationHistory; } $aPages = oos_get_pages(); // verify the browser user agent $http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; if (!isset($_SESSION['session_user_agent'])) { $_SESSION['session_user_agent'] = $http_user_agent; } if ($_SESSION['session_user_agent'] != $http_user_agent) { unset($_SESSION['customer_id']); unset($_SESSION['session_user_agent']); $_SESSION['cart']->reset(); $_SESSION['member']->default_member(); MyOOS_CoreApi::redirect(oos_href_link($aPages['login'], '', 'SSL')); } // verify the IP address if (!isset($_SESSION['session_ip_address'])) { $_SESSION['session_ip_address'] = MyOOS_Utilities::getRemoteHostAddress(); } if ($_SESSION['session_ip_address'] != MyOOS_Utilities::getRemoteHostAddress()) { unset($_SESSION['customer_id']); unset($_SESSION['session_ip_address']); $_SESSION['cart']->reset(); $_SESSION['member']->default_member(); MyOOS_CoreApi::redirect(oos_href_link($aPages['login'], '', 'SSL')); } return true; }
function create_plugin_instance() { global $request_type, $spider_flag, $spider_kill_sid; $user_agent = strtolower($_SERVER['HTTP_USER_AGENT']); $spider_flag = false; $spider_kill_sid = '0'; // set the top level domains $http_domain = oos_server_get_top_level_domain(OOS_HTTP_SERVER); $https_domain = oos_server_get_top_level_domain(OOS_HTTPS_SERVER); $current_domain = (($request_type == 'NONSSL') ? $http_domain : $https_domain); // set the session cookie parameters if (function_exists('session_set_cookie_params')) { session_set_cookie_params(0, '/', (!empty($current_domain) ? '.' . $current_domain : '')); } elseif (function_exists('ini_set')) { ini_set('session.cookie_lifetime', '0'); ini_set('session.cookie_path', '/'); ini_set('session.cookie_domain', (!empty($current_domain) ? '.' . $current_domain : '')); } // set the session ID if it exists if (isset($_POST[oos_session_name()]) && (ctype_alnum($_POST[oos_session_name()]))) { oos_session_id($_POST[oos_session_name()]); } elseif (isset($_GET[oos_session_name()]) && (ctype_alnum($_GET[oos_session_name()]))) { oos_session_id($_GET[oos_session_name()]); } if (empty($user_agent) === false) { $spider_agent = @parse_ini_file('includes/ini/spiders.ini'); foreach ($spider_agent as $spider) { if (empty($spider) === false) { if (strpos($user_agent, trim($spider)) !== false) { $spider_kill_sid = '1'; $spider_flag = true; break; } } } } if ($spider_flag === false) { // lets start our session oos_session_start(); } if (!isset($_SESSION)) { $_SESSION = array(); } // create the shopping cart if (!isset($_SESSION['cart'])) { $_SESSION['cart'] = new shoppingCart; } // navigation history if (!isset($_SESSION['navigation'])) { $_SESSION['navigation'] = new oosNavigationHistory; } if (!isset($_SESSION['error_cart_msg'])) { $_SESSION['error_cart_msg'] = ''; } $aPages = oos_get_pages(); // verify the browser user agent $http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; if (!isset($_SESSION['session_user_agent'])) { $_SESSION['session_user_agent'] = $http_user_agent; } if ($_SESSION['session_user_agent'] != $http_user_agent) { unset($_SESSION['customer_id']); unset($_SESSION['session_user_agent']); $_SESSION['cart']->reset(); $_SESSION['member']->default_member(); MyOOS_CoreApi::redirect(oos_href_link($aPages['login'], '', 'SSL')); } // verify the IP address if (!isset($_SESSION['session_ip_address'])) { $_SESSION['session_ip_address'] = MyOOS_Utilities::getRemoteHostAddress(); } if ($_SESSION['session_ip_address'] != MyOOS_Utilities::getRemoteHostAddress()) { unset($_SESSION['customer_id']); unset($_SESSION['session_ip_address']); $_SESSION['cart']->reset(); $_SESSION['member']->default_member(); MyOOS_CoreApi::redirect(oos_href_link($aPages['login'], '', 'SSL')); } return true; }
/** * Smarty {css_button} function plugin * * Type: function * Name: css_button * @Version: $Revision: 1.2 $ - changed by $Author: r23 $ on $Date: 2008/01/09 22:03:20 $ */ function smarty_function_css_button($params, &$smarty) { global $oEvent, $spider_kill_sid; MyOOS_CoreApi::requireOnce('lib/smarty/libs/plugins/shared.escape_special_chars.php'); $modul = ''; $file = ''; $parameters = ''; $connection = 'NONSSL'; $add_session_id = '1'; $search_engine_safe = '1'; $title = ''; $color = 'btnR blue'; foreach($params as $_key => $_val) { switch($_key) { case 'modul': if(!is_array($_val)) { $$_key = smarty_function_escape_special_chars($_val); } else { $smarty->trigger_error("css_button: Unable to determine the page link!", E_USER_NOTICE); } break; case 'file': if(!is_array($_val)) { $$_key = smarty_function_escape_special_chars($_val); } else { $smarty->trigger_error("css_button: Unable to determine the page link!", E_USER_NOTICE); } break; case 'oos_get': case 'addentry_id': case 'connection': case 'add_session_id': case 'search_engine_safe': case 'title': $$_key = (string)$_val; break; case 'color': $$_key = (string)$_val; break; case 'anchor': $anchor = smarty_function_escape_special_chars($_val); break; default: if(!is_array($_val)) { $parameters .= $_key.'='.smarty_function_escape_special_chars($_val).'&'; } else { $smarty->trigger_error("css_button: parameters '$_key' cannot be an array", E_USER_NOTICE); } break; } } if (empty($modul)) { $smarty->trigger_error("css_button: Unable to determine the page link!", E_USER_NOTICE); } if (empty($file)) { $smarty->trigger_error("css_button: Unable to determine the page link!", E_USER_NOTICE); } if (isset($addentry_id)) { $addentry_id = $addentry_id + 2; $parameters .= 'entry_id='.$addentry_id.'&'; } if (isset($oos_get)) { $parameters .= $oos_get; } $file = trim($file); if ($connection == 'NONSSL') { $link = OOS_HTTP_SERVER . OOS_SHOP; } elseif ($connection == 'SSL') { if (ENABLE_SSL == '1') { $link = OOS_HTTPS_SERVER . OOS_SHOP; } else { $link = OOS_HTTP_SERVER . OOS_SHOP; } } else { $smarty->trigger_error("css_button: Unable to determine the page link!", E_USER_NOTICE); } if (isset($parameters)) { $link .= 'index.php?mp=' . $modul . '&file=' . $file . '&' . oos_output_string($parameters); } else { $link .= 'index.php?mp=' . $modul . '&file=' . $file; } $separator = '&'; while ( (substr($link, -5) == '&') || (substr($link, -1) == '?') ) { if (substr($link, -1) == '?') { $link = substr($link, 0, -1); } else { $link = substr($link, 0, -5); } } if (isset($anchor)) { $link .= '#' . $anchor; } // Add the session ID when moving from HTTP and HTTPS servers or when SID is defined if ( (ENABLE_SSL == '1' ) && ($connection == 'SSL') && ($add_session_id == '1') ) { $_sid = oos_session_name() . '=' . oos_session_id(); } elseif ( ($add_session_id == '1') && (!oos_empty(SID)) ) { $_sid = SID; } if ( $spider_kill_sid == '1') $_sid = NULL; /* if ( ($search_engine_safe == '1') && $oEvent->installed_plugin('sefu') ) { $link = str_replace(array('?', '&', '='), '/', $link); $separator = '?'; $pos = strpos ($link, 'action'); if ($pos === false) { $url_rewrite = new url_rewrite; $link = $url_rewrite->transform_uri($link); } } */ if (isset($_sid)) { $link .= $separator . oos_output_string($_sid); } $title = decode($title); return '<a href="' . $link . '" title="' . $title . '" class="' . $color . '">' . $title . '</a>'; }
function process_button() { global $oOrder, $oCurrencies; $worldpay_cardId = oos_session_name() . '=' . oos_session_id(); $aPages = oos_get_pages(); $callback_url = oos_href_link($aPages['checkout_process'], '', 'SSL', true); $worldpay_callback = explode('http://', $callback_url); // Get database information $dbconn =& oosDBGetConn(); $oostable =& oosDBGetTables(); $sLanguage = oos_var_prep_for_os($_SESSION['language']); $languagestable = $oostable['languages']; $query = "SELECT iso_639_1 FROM $languagestable WHERE iso_639_2 = '" . oos_db_input($sLanguage) . "'"; $language_code = $dbconn->GetOne($query); $address = htmlspecialchars($oOrder->customer['street_address'] . "\n" . $oOrder->customer['suburb'] . "\n" . $oOrder->customer['city'] . "\n" . $oOrder->customer['state'], ENT_QUOTES); $process_button_string = oos_draw_hidden_field('instId', MODULE_PAYMENT_WORLDPAY_ID) . oos_draw_hidden_field('currency', $_SESSION['currency']) . oos_draw_hidden_field('desc', 'Purchase from '.STORE_NAME) . oos_draw_hidden_field('cartId', $worldpay_cardId) . oos_draw_hidden_field('amount', number_format($oOrder->info['total'] * $oCurrencies->get_value($_SESSION['currency']), $oCurrencies->get_decimal_places($_SESSION['currency']), '.', '')) ; if (MODULE_PAYMENT_WORLDPAY_USEPREAUTH == '1') { $process_button_string .= oos_draw_hidden_field('authMode', MODULE_PAYMENT_WORLDPAY_PREAUTH); } $process_button_string .= oos_draw_hidden_field('testMode', MODULE_PAYMENT_WORLDPAY_MODE) . oos_draw_hidden_field('name', $oOrder->customer['firstname'] . ' ' . $oOrder->customer['lastname']) . oos_draw_hidden_field('address', $address) . oos_draw_hidden_field('postcode', $oOrder->customer['postcode']) . oos_draw_hidden_field('country', $oOrder->customer['country']['iso_code_2']) . oos_draw_hidden_field('tel', $oOrder->customer['telephone']) . oos_draw_hidden_field('myvar', 'Y') . oos_draw_hidden_field('fax', $oOrder->customer['fax']) . oos_draw_hidden_field('email', $oOrder->customer['email_address']) . oos_draw_hidden_field('lang', $language_code) . oos_draw_hidden_field('MC_callback', $worldpay_callback[1]) . oos_draw_hidden_field('MC_oscsid', $oscSid); if (MODULE_PAYMENT_WORLDPAY_USEMD5 == '1') { $md5_signature_fields = 'amount:language:email'; $md5_signature = MODULE_PAYMENT_WORLDPAY_MD5KEY . ':' . (number_format($oOrder->info['total'] * $oCurrencies->get_value($_SESSION['currency']), $oCurrencies->get_decimal_places($_SESSION['currency']), '.', '')) . ':' . $language_code . ':' . $oOrder->customer['email_address']; $md5_signature_md5 = md5($md5_signature); $process_button_string .= oos_draw_hidden_field('signatureFields', $md5_signature_fields ) . oos_draw_hidden_field('signature',$md5_signature_md5); } return $process_button_string ; }
function transform_uri($param) { unset($path); unset($url); $uri = explode("index.php/", $param); $path = $uri[1]; $base = $uri[0]; $url_array = explode('/', $path); $aPages = oos_get_pages(); if (in_array('categories', $url_array) || in_array($aPages['product_info'], $url_array) && in_array($aModules['products'], $url_array)) { $_filter = array('page', $aPages['shop'], oos_session_name(), oos_session_id()); $dbconn =& oosDBGetConn(); $oostable =& oosDBGetTables(); $nLanguageID = isset($_SESSION['language_id']) ? $_SESSION['language_id'] + 0 : 1; $path = ''; $extention = '.html'; $nArrayCountUrl = count($url_array); for ($i = 0; $i < $nArrayCountUrl; $i++) { switch ($url_array[$i]) { case 'categories': unset($category); $category = ''; $i++; if (eregi('[_0-9]', $url_array[$i])) { if ($category_array = explode('_', $url_array[$i])) { foreach ($category_array as $value) { $categoriestable = $oostable['categories']; $categories_descriptiontable = $oostable['categories_description']; $category_result = $dbconn->Execute("SELECT c.categories_id, cd.categories_name FROM {$categoriestable} c, {$categories_descriptiontable} cd WHERE c.categories_id = '" . intval($value) . "' AND c.categories_id = cd.categories_id AND cd.categories_languages_id = '" . intval($nLanguageID) . "'"); $category .= oos_make_filename($category_result->fields['categories_name']) . '/'; } $category = substr($category, 0, -1); $category .= '-c-' . $url_array[$i] . '/'; } else { $category .= 'categories/' . $url_array[$i] . '/'; } } $path .= $category; break; case 'products_id': unset($product); $i++; if ($url_array[$i]) { $products_descriptiontable = $oostable['products_description']; $product_result = $dbconn->Execute("SELECT products_name FROM {$products_descriptiontable} WHERE products_id = '" . intval($url_array[$i]) . "' AND products_languages_id = '" . intval($nLanguageID) . "'"); $product = oos_make_filename($product_result->fields['products_name']); $path .= $product . '-p-' . $url_array[$i] . '/'; } break; case 'manufacturers_id': unset($manufacturer); $i++; if ($url_array[$i]) { $manufacturerstable = $oostable['manufacturers']; $manufacturer_result = $dbconn->Execute("SELECT manufacturers_name FROM {$manufacturerstable} WHERE manufacturers_id = '" . intval($url_array[$i]) . "'"); $manufacturer = oos_make_filename($manufacturer_result->fields['manufacturers_name']); $path .= $manufacturer . '-m-' . $url_array[$i] . '/'; } break; default: if (!in_array($url_array[$i], $_filter)) { $path .= $url_array[$i] . '/'; } break; } } $pos = strpos($path, "-p-"); if ($pos === false) { // $remove = array('-c-'); } else { $remove = array('-m-', '-c-'); } $path = str_replace($remove, '', $path); if (strpos($path, '//') !== false) { $path = str_replace('//', '/', $path); } if (substr($path, -1) == '/') { $path = substr($path, 0, -1); } $url = $base . $path . $extention; } else { $url = $param; } return $url; }
*/ /** ensure this file is being included by a parent file */ defined('OOS_VALID_MOD') or die('Direct Access to this location is not allowed.'); if (!defined('SHOP_ROOT')) { define('SHOP_ROOT', dirname(__FILE__) . '/../../../'); } require SHOP_ROOT . 'includes/config.php'; require SHOP_ROOT . OOS_INCLUDES . 'oos_tables.php'; require SHOP_ROOT . OOS_FUNCTIONS . 'function_kernel.php'; // define how the session functions will be used require SHOP_ROOT . OOS_FUNCTIONS . 'function_session.php'; // set the session ID if it exists if (isset($_POST[oos_session_name()])) { oos_session_id($_POST[oos_session_name()]); } elseif (isset($_GET[oos_session_name()])) { oos_session_id($_GET[oos_session_name()]); } oos_session_name('eSConnectorAdm'); oos_session_start(); if (!isset($_SESSION)) { $_SESSION = array(); } // require the database functions $adodb_logsqltable = $oostable['adodb_logsql']; if (!defined('ADODB_LOGSQL_TABLE')) { define('ADODB_LOGSQL_TABLE', $adodb_logsqltable); } require SHOP_ROOT . OOS_ADODB . 'adodb-errorhandler.inc.php'; require SHOP_ROOT . OOS_ADODB . 'adodb.inc.php'; require SHOP_ROOT . OOS_FUNCTIONS . 'function_db.php'; // make a connection to the database... now
function display_links($query_numrows, $max_rows_per_page, $max_page_links, $current_page_number, $parameters = '', $page_name = 'page') { if (!empty($parameters) && substr($parameters, -1) != '&') { $parameters .= '&'; } // calculate number of pages needing links $num_pages = intval($query_numrows / $max_rows_per_page); // $num_pages now contains int of pages needed unless there is a remainder from division if ($query_numrows % $max_rows_per_page) { $num_pages++; } // has remainder so add one page $pages_array = array(); for ($i = 1; $i <= $num_pages; $i++) { $pages_array[] = array('id' => $i, 'text' => $i); } if ($num_pages > 1) { $display_links = oos_draw_form('pages', basename($_SERVER['PHP_SELF']), '', 'get'); if ($current_page_number > 1) { $display_links .= '<a href="' . oos_href_link_admin(basename($_SERVER['PHP_SELF']), $parameters . $page_name . '=' . ($current_page_number - 1), 'NONSSL') . '" class="splitPageLink">' . PREVNEXT_BUTTON_PREV . '</a> '; } else { $display_links .= PREVNEXT_BUTTON_PREV . ' '; } $display_links .= sprintf(TEXT_RESULT_PAGE, oos_draw_pull_down_menu($page_name, $pages_array, '', 'onChange="this.form.submit();"'), $num_pages); if ($current_page_number < $num_pages && $num_pages != 1) { $display_links .= ' <a href="' . oos_href_link_admin(basename($_SERVER['PHP_SELF']), $parameters . $page_name . '=' . ($current_page_number + 1), 'NONSSL') . '" class="splitPageLink">' . PREVNEXT_BUTTON_NEXT . '</a>'; } else { $display_links .= ' ' . PREVNEXT_BUTTON_NEXT; } if ($parameters != '') { if (substr($parameters, -1) == '&') { $parameters = substr($parameters, 0, -1); } $pairs = explode('&', $parameters); while (list(, $pair) = each($pairs)) { list($key, $value) = explode('=', $pair); $display_links .= oos_draw_hidden_field(rawurldecode($key), rawurldecode($value)); } } if (SID) { $display_links .= oos_draw_hidden_field(oos_session_name(), oos_session_id()); } $display_links .= '</form>'; } else { $display_links = sprintf(TEXT_RESULT_PAGE, $num_pages, $num_pages); } return $display_links; }
function process_button() { global $oOrder, $oCurrencies; switch (MODULE_PAYMENT_SECPAY_CURRENCY) { case 'Default Currency': $sec_currency = DEFAULT_CURRENCY; break; case 'Any Currency': default: $sec_currency = $_SESSION['currency']; break; } switch (MODULE_PAYMENT_SECPAY_TEST_STATUS) { case 'Always Fail': $test_status = '0'; break; case 'Production': $test_status = 'live'; break; case 'Always Successful': default: $test_status = '1'; break; } $aFilename = oos_get_filename(); $aModules = oos_get_modules(); $process_button_string = oos_draw_hidden_field('merchant', MODULE_PAYMENT_SECPAY_MERCHANT_ID) . oos_draw_hidden_field('trans_id', STORE_NAME . date('Ymdhis')) . oos_draw_hidden_field('amount', number_format($oOrder->info['total'] * $oCurrencies->get_value($sec_currency), $oCurrencies->currencies[$sec_currency]['decimal_places'], '.', '')) . oos_draw_hidden_field('bill_name', $oOrder->billing['firstname'] . ' ' . $oOrder->billing['lastname']) . oos_draw_hidden_field('bill_addr_1', $oOrder->billing['street_address']) . oos_draw_hidden_field('bill_addr_2', $oOrder->billing['suburb']) . oos_draw_hidden_field('bill_city', $oOrder->billing['city']) . oos_draw_hidden_field('bill_state', $oOrder->billing['state']) . oos_draw_hidden_field('bill_post_code', $oOrder->billing['postcode']) . oos_draw_hidden_field('bill_country', $oOrder->billing['country']['title']) . oos_draw_hidden_field('bill_tel', $oOrder->customer['telephone']) . oos_draw_hidden_field('bill_email', $oOrder->customer['email_address']) . oos_draw_hidden_field('ship_name', $oOrder->delivery['firstname'] . ' ' . $oOrder->delivery['lastname']) . oos_draw_hidden_field('ship_addr_1', $oOrder->delivery['street_address']) . oos_draw_hidden_field('ship_addr_2', $oOrder->delivery['suburb']) . oos_draw_hidden_field('ship_city', $oOrder->delivery['city']) . oos_draw_hidden_field('ship_state', $oOrder->delivery['state']) . oos_draw_hidden_field('ship_post_code', $oOrder->delivery['postcode']) . oos_draw_hidden_field('ship_country', $oOrder->delivery['country']['title']) . oos_draw_hidden_field('currency', $sec_currency) . oos_draw_hidden_field('callback', oos_href_link($aModules['checkout'], $aFilename['checkout_process'], '', 'SSL', false) . ';' . oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], 'payment_error=' . $this->code, 'SSL', false)) . oos_draw_hidden_field(oos_session_name(), oos_session_id()) . oos_draw_hidden_field('options', 'test_status=' . $test_status . ',dups=false,cb_post=true,cb_flds=' . oos_session_name()); return $process_button_string; }
function process_button() { global $oOrder; $sequence = rand(1, 1000); $aPages = oos_get_pages(); $process_button_string = oos_draw_hidden_field('x_Login', MODULE_PAYMENT_AUTHORIZENET_LOGIN) . oos_draw_hidden_field('x_Card_Num', $this->cc_card_number) . oos_draw_hidden_field('x_Exp_Date', $this->cc_expiry_month . substr($this->cc_expiry_year, -2)) . oos_draw_hidden_field('x_Amount', number_format($oOrder->info['total'], 2)) . oos_draw_hidden_field('x_Relay_URL', oos_href_link($aPages['checkout_process'], '', 'SSL', false)) . oos_draw_hidden_field('x_Method', ((MODULE_PAYMENT_AUTHORIZENET_METHOD == 'Credit Card') ? 'CC' : 'ECHECK')) . oos_draw_hidden_field('x_Version', '3.0') . oos_draw_hidden_field('x_Cust_ID', $_SESSION['customer_id']) . oos_draw_hidden_field('x_Email_Customer', ((MODULE_PAYMENT_AUTHORIZENET_EMAIL_CUSTOMER == '1') ? 'TRUE': 'FALSE')) . oos_draw_hidden_field('x_first_name', $oOrder->customer['firstname']) . oos_draw_hidden_field('x_last_name', $oOrder->customer['lastname']) . oos_draw_hidden_field('x_address', $oOrder->customer['street_address']) . oos_draw_hidden_field('x_city', $oOrder->customer['city']) . oos_draw_hidden_field('x_state', $oOrder->customer['state']) . oos_draw_hidden_field('x_zip', $oOrder->customer['postcode']) . oos_draw_hidden_field('x_country', $oOrder->customer['country']['title']) . oos_draw_hidden_field('x_phone', $oOrder->customer['telephone']) . oos_draw_hidden_field('x_email', $oOrder->customer['email_address']) . oos_draw_hidden_field('x_ship_to_first_name', $oOrder->delivery['firstname']) . oos_draw_hidden_field('x_ship_to_last_name', $oOrder->delivery['lastname']) . oos_draw_hidden_field('x_ship_to_address', $oOrder->delivery['street_address']) . oos_draw_hidden_field('x_ship_to_city', $oOrder->delivery['city']) . oos_draw_hidden_field('x_ship_to_state', $oOrder->delivery['state']) . oos_draw_hidden_field('x_ship_to_zip', $oOrder->delivery['postcode']) . oos_draw_hidden_field('x_ship_to_country', $oOrder->delivery['country']['title']) . oos_draw_hidden_field('x_Customer_IP', $_SERVER['REMOTE_ADDR']) . $this->InsertFP(MODULE_PAYMENT_AUTHORIZENET_LOGIN, MODULE_PAYMENT_AUTHORIZENET_TXNKEY, number_format($oOrder->info['total'], 2), $sequence); if (MODULE_PAYMENT_AUTHORIZENET_TESTMODE == 'Test') $process_button_string .= oos_draw_hidden_field('x_Test_Request', 'TRUE'); $process_button_string .= oos_draw_hidden_field(oos_session_name(), oos_session_id()); return $process_button_string; }
/** * Smarty {html_href_link} function plugin * * Type: function * Name: html_href_link * @Version: $Revision: 1.8 $ - changed by $Author: r23 $ on $Date: 2008/07/08 13:19:51 $ * ------------------------------------------------------------- */ function smarty_function_html_href_link($params, &$smarty) { global $oEvent, $spider_flag; MyOOS_CoreApi::requireOnce('lib/smarty/libs/plugins/shared.escape_special_chars.php'); $page = ''; $parameters = ''; $connection = 'NONSSL'; $add_session_id = '1'; $search_engine_safe = '1'; foreach ($params as $_key => $_val) { switch ($_key) { case 'page': if (!is_array($_val)) { ${$_key} = smarty_function_escape_special_chars($_val); } else { $smarty->trigger_error("html_href_link: Unable to determine the page link!", E_USER_NOTICE); } break; case 'oos_get': case 'addentry_id': case 'connection': case 'add_session_id': case 'search_engine_safe': ${$_key} = (string) $_val; break; case 'anchor': $anchor = smarty_function_escape_special_chars($_val); break; default: if (!is_array($_val)) { $parameters .= $_key . '=' . smarty_function_escape_special_chars($_val) . '&'; } else { $smarty->trigger_error("html_href_link: parameters '{$_key}' cannot be an array", E_USER_NOTICE); } break; } } if (empty($page)) { $smarty->trigger_error("html_href_link: Unable to determine the page link!", E_USER_NOTICE); } if (isset($addentry_id)) { $addentry_id = $addentry_id + 2; $parameters .= 'entry_id=' . $addentry_id . '&'; } if (isset($oos_get)) { $parameters .= $oos_get; } $page = trim($page); if ($connection == 'NONSSL') { $link = OOS_HTTP_SERVER . OOS_SHOP; } elseif ($connection == 'SSL') { if (ENABLE_SSL == '1') { $link = OOS_HTTPS_SERVER . OOS_SHOP; } else { $link = OOS_HTTP_SERVER . OOS_SHOP; } } else { $smarty->trigger_error("html_href_link: Unable to determine the page link!", E_USER_NOTICE); } if (isset($parameters)) { $link .= 'index.php?page=' . $page . '&' . oos_output_string($parameters); } else { $link .= 'index.php?page=' . $page; } $separator = '&'; while (substr($link, -5) == '&' || substr($link, -1) == '?') { if (substr($link, -1) == '?') { $link = substr($link, 0, -1); } else { $link = substr($link, 0, -5); } } if (isset($anchor)) { $link .= '#' . $anchor; } // Add the session ID when moving from HTTP and HTTPS servers or when SID is defined if (ENABLE_SSL == '1' && $connection == 'SSL' && $add_session_id == '1') { $_sid = oos_session_name() . '=' . oos_session_id(); } elseif ($add_session_id == '1' && oos_is_not_null(SID)) { $_sid = SID; } if ($spider_flag === false) { $_sid = NULL; } if ($search_engine_safe == '1' && $oEvent->installed_plugin('sefu')) { $link = str_replace(array('?', '&', '='), '/', $link); $separator = '?'; $pos = strpos($link, 'action'); if ($pos === false) { $url_rewrite = new url_rewrite(); $link = $url_rewrite->transform_uri($link); } } if (isset($_sid)) { $link .= $separator . oos_output_string($_sid); } return $link; }
function process_button() { global $oOrder, $oCurrencies; if (MODULE_PAYMENT_YELLOWPAY_CURRENCY == 'Selected Currency') { $my_currency = $_SESSION['currency']; } else { $my_currency = substr(MODULE_PAYMENT_YELLOWPAY_CURRENCY, 5); } if (!in_array($my_currency, array('CHF', 'EUR', 'USD'))) { $my_currency = 'CHF'; } switch ($_SESSION['language']) { case 'deu': $usedlanguage = 2055; break; case 'eng': $usedlanguage = 2057; break; case 'ita': $usedlanguage = 2064; break; default: $usedlanguage = MODULE_PAYMENT_YELLOWPAY_LANGUAGE; break; } $sidretour = oos_session_name() . '=' . oos_session_id(); $usedtotal = number_format($oOrder->info['total'] * $oCurrencies->get_value($my_currency), $oCurrencies->get_decimal_places($my_currency)); $txtHash_tosecure = MODULE_PAYMENT_YELLOWPAY_SHOP_ID . $my_currency . $usedtotal . MODULE_PAYMENT_HASH_SEED; $txtHash = md5($txtHash_tosecure); $txtOrderIDShop = $_SESSION['customer_id'] . date("Y-m-d H:i:s"); $process_button_string = oos_draw_hidden_field('txtShopID', MODULE_PAYMENT_YELLOWPAY_ID) . oos_draw_hidden_field('txtShopPara', $sidretour) . oos_draw_hidden_field('txtOrderTotal', $usedtotal) . oos_draw_hidden_field('txtLangVersion', $usedlanguage) . oos_draw_hidden_field('txtArtCurrency', $my_currency) . oos_draw_hidden_field('txtHash', $txtHash) . oos_draw_hidden_field('txtOrderIDShop', $txtOrderIDShop) . oos_draw_hidden_field('txtBLastName', $oOrder->billing['lastname']) . oos_draw_hidden_field('txtBFirstName', $oOrder->billing['firstname']) . oos_draw_hidden_field('txtBAddr1', $oOrder->billing['street_address']) . oos_draw_hidden_field('txtBZipCode', $oOrder->billing['postcode']) . oos_draw_hidden_field('txtBCity', oos_replace_chars($oOrder->billing['city'])) . oos_draw_hidden_field('txtBZipCode', $oOrder->billing['postcode']) . oos_draw_hidden_field('txtBTel', $oOrder->customer['customers_telephone']) . oos_draw_hidden_field('txtBEmail', $oOrder->customer['email_address']) . oos_draw_hidden_field('txtHistoryBack', '0'); return $process_button_string; }
$_SESSION['cart']->remove($_POST['edit_product']); } $real_ids = $_POST['id']; // File_upload if (isset($_POST['number_of_uploads']) && is_numeric($_POST['number_of_uploads']) && $_POST['number_of_uploads'] > 0) { require_once 'includes/classes/class_upload.php'; for ($i = 1; $i <= $_POST['number_of_uploads']; $i++) { if (oos_is_not_null($_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]]) and $_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] != 'none') { $products_options_file = new upload('id'); $products_options_file->set_destination(OOS_UPLOADS); $files_uploadedtable = $oostable['files_uploaded']; if ($products_options_file->parse(TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i])) { if (isset($_SESSION['customer_id'])) { $dbconn->Execute("INSERT INTO " . $files_uploadedtable . " (sesskey, customers_id, files_uploaded_name) VALUES ('" . oos_session_id() . "', '" . intval($_SESSION['customer_id']) . "', '" . oos_db_input($products_options_file->filename) . "')"); } else { $dbconn->Execute("INSERT INTO " . $files_uploadedtable . " (sesskey, files_uploaded_name) VALUES ('" . oos_session_id() . "', '" . oos_db_input($products_options_file->filename) . "')"); } $insert_id = $dbconn->Insert_ID(); $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $insert_id . ". " . $products_options_file->filename; $products_options_file->set_filename("{$insert_id}" . $products_options_file->filename); if (!$products_options_file->save()) { break 2; } } else { break 2; } } else { // No file uploaded -- use previous value $real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $_POST[TEXT_PREFIX . UPLOAD_PREFIX . $i]; } }
/** * Hide form elements */ function oos_hide_session_id() { if (defined('SID') && oos_is_not_null(SID)) { return oos_draw_hidden_field(oos_session_name(), oos_session_id()); } }