/**
* Constructor
*/
function Template()
{
$this->Smarty();
$this->left_delimiter = '{';
$this->right_delimiter = '}';
$dir = OOS_TEMP_PATH;
if (substr($dir, -1) != "/") {
$dir = $dir . "/";
}
$this->template_dir = $dir . 'shop/templates/';
$this->compile_dir = $dir . 'shop/templates_c/';
$this->config_dir = $dir . 'shop/configs/';
$this->cache_dir = $dir . 'shop/cache/';
$this->plugins_dir = array('plugins', BP . DS . 'lib/smarty-plugins/gettext', BP . DS . 'lib/smarty-plugins/myoos');
$this->use_sub_dirs = true;
$thstamp = mktime(0, 0, 0, date("m"), date("d") + 80, date("Y"));
$oos_date = date("D,d M Y", $thstamp);
$this->assign(array('oos_revision_date' => $oos_date, 'oos_date_long' => strftime(DATE_FORMAT_LONG), 'oos_session_name' => oos_session_name(), 'oos_session_id' => oos_session_id()));
}
/**
* Hide form elements
*/
function oos_hide_session_id()
{
if (defined('SID') && oos_is_not_null(SID)) {
return oos_draw_hidden_field(oos_session_name(), oos_session_id());
}
}
defined('OOS_VALID_MOD') or die('Direct Access to this location is not allowed.');
if (!defined('SHOP_ROOT')) {
define('SHOP_ROOT', dirname(__FILE__) . '/../../../');
}
require SHOP_ROOT . 'includes/config.php';
require SHOP_ROOT . OOS_INCLUDES . 'oos_tables.php';
require SHOP_ROOT . OOS_FUNCTIONS . 'function_kernel.php';
// define how the session functions will be used
require SHOP_ROOT . OOS_FUNCTIONS . 'function_session.php';
// set the session ID if it exists
if (isset($_POST[oos_session_name()])) {
oos_session_id($_POST[oos_session_name()]);
} elseif (isset($_GET[oos_session_name()])) {
oos_session_id($_GET[oos_session_name()]);
}
oos_session_name('eSConnectorAdm');
oos_session_start();
if (!isset($_SESSION)) {
$_SESSION = array();
}
// require the database functions
$adodb_logsqltable = $oostable['adodb_logsql'];
if (!defined('ADODB_LOGSQL_TABLE')) {
define('ADODB_LOGSQL_TABLE', $adodb_logsqltable);
}
require SHOP_ROOT . OOS_ADODB . 'adodb-errorhandler.inc.php';
require SHOP_ROOT . OOS_ADODB . 'adodb.inc.php';
require SHOP_ROOT . OOS_FUNCTIONS . 'function_db.php';
// make a connection to the database... now
if (!oosDBInit()) {
die('Unable to connect to database server!');
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) or die( 'Direct Access to this location is not allowed.' );
if (isset($oCurrencies) && is_object($oCurrencies)) {
reset($oCurrencies->currencies);
$aCurrencies = array();
foreach ($oCurrencies->currencies as $sKey => $value) {
$aCurrencies[] = array('id' => $sKey, 'text' => $value['title']);
}
$hidden_get_variables = '';
foreach ($_GET as $sKey => $value) {
if ( is_string($value) && ($sKey != 'currency') && ($sKey != oos_session_name()) && ($sKey != 'x') && ($sKey != 'y') ) {
$hidden_get_variables .= oos_draw_hidden_field($sKey, $value);
}
}
$oos_pull_down_menu = oos_draw_pull_down_menu('currency', $aCurrencies, $_SESSION['currency'], 'onchange="this.form.submit();" style="width: 100%"') . $hidden_get_variables . oos_hide_session_id();
$oSmarty->assign(
array(
'oos_pull_down_menu' => $oos_pull_down_menu,
'block_heading_currencies' => $block_heading
)
);
}
/**
* Return all GET variables, except those passed as a parameter
*
*/
function oos_get_all_as_hidden_field($aExclude = '')
{
if (!is_array($aExclude)) {
$aExclude = array();
}
$sField = '';
if (is_array($_GET) && count($_GET) > 0) {
reset($_GET);
while (list($sKey, $sValue) = each($_GET)) {
if (!empty($sValue)) {
if ($sKey != oos_session_name() && $sKey != 'error' && $sKey != 'p' && $sKey != 'rewrite' && $sKey != 'c' && $sKey != 'm' && $sKey != 'mp' && $sKey != 'file' && $sKey != 'index.php' && $sKey != 'history_back' && !in_array($sKey, $aExclude) && $sKey != 'x' && $sKey != 'y') {
$sField = '<input type="hidden" name="' . oos_output_string($sKey) . '"';
$sField .= ' value="' . oos_output_string($sValue) . '" />';
}
}
}
}
return $sField;
}
function create_plugin_instance() {
global $request_type, $spider_flag, $spider_kill_sid;
$user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
$spider_flag = false;
$spider_kill_sid = '0';
// set the top level domains
$http_domain = oos_server_get_top_level_domain(OOS_HTTP_SERVER);
$https_domain = oos_server_get_top_level_domain(OOS_HTTPS_SERVER);
$current_domain = (($request_type == 'NONSSL') ? $http_domain : $https_domain);
// set the session cookie parameters
if (function_exists('session_set_cookie_params')) {
session_set_cookie_params(0, '/', (!empty($current_domain) ? '.' . $current_domain : ''));
} elseif (function_exists('ini_set')) {
ini_set('session.cookie_lifetime', '0');
ini_set('session.cookie_path', '/');
ini_set('session.cookie_domain', (!empty($current_domain) ? '.' . $current_domain : ''));
}
// set the session ID if it exists
if (isset($_POST[oos_session_name()]) && (ctype_alnum($_POST[oos_session_name()]))) {
oos_session_id($_POST[oos_session_name()]);
} elseif (isset($_GET[oos_session_name()]) && (ctype_alnum($_GET[oos_session_name()]))) {
oos_session_id($_GET[oos_session_name()]);
}
if (empty($user_agent) === false) {
$spider_agent = @parse_ini_file('includes/ini/spiders.ini');
foreach ($spider_agent as $spider) {
if (empty($spider) === false) {
if (strpos($user_agent, trim($spider)) !== false) {
$spider_kill_sid = '1';
$spider_flag = true;
break;
}
}
}
}
if ($spider_flag === false) {
// lets start our session
oos_session_start();
}
if (!isset($_SESSION)) {
$_SESSION = array();
}
// create the shopping cart
if (!isset($_SESSION['cart'])) {
$_SESSION['cart'] = new shoppingCart;
}
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new oosNavigationHistory;
}
if (!isset($_SESSION['error_cart_msg'])) {
$_SESSION['error_cart_msg'] = '';
}
$aPages = oos_get_pages();
// verify the browser user agent
$http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
if (!isset($_SESSION['session_user_agent'])) {
$_SESSION['session_user_agent'] = $http_user_agent;
}
if ($_SESSION['session_user_agent'] != $http_user_agent) {
unset($_SESSION['customer_id']);
unset($_SESSION['session_user_agent']);
$_SESSION['cart']->reset();
$_SESSION['member']->default_member();
MyOOS_CoreApi::redirect(oos_href_link($aPages['login'], '', 'SSL'));
}
// verify the IP address
if (!isset($_SESSION['session_ip_address'])) {
$_SESSION['session_ip_address'] = MyOOS_Utilities::getRemoteHostAddress();
}
if ($_SESSION['session_ip_address'] != MyOOS_Utilities::getRemoteHostAddress()) {
unset($_SESSION['customer_id']);
unset($_SESSION['session_ip_address']);
$_SESSION['cart']->reset();
$_SESSION['member']->default_member();
MyOOS_CoreApi::redirect(oos_href_link($aPages['login'], '', 'SSL'));
}
return true;
}
/**
* Hide form elements
*/
function oos_hide_session_id() {
if (defined('SID') && !oos_empty(SID)) return oos_draw_hidden_field(oos_session_name(), oos_session_id());
}
function before_process()
{
$aFilename = oos_get_filename();
$aModules = oos_get_modules();
if ($_POST['valid'] == '1') {
if ($remote_host = oos_server_get_var('REMOTE_HOST')) {
if ($remote_host != 'secpay.com') {
$remote_host = @gethostbyaddr($remote_host);
}
if ($remote_host != 'secpay.com') {
MyOOS_CoreApi::redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], oos_session_name() . '=' . $_POST[oos_session_name()] . '&payment_error=' . $this->code, 'SSL', false, false));
}
} else {
MyOOS_CoreApi::redirect(oos_href_link($aModules['checkout'], $aFilename['checkout_payment'], oos_session_name() . '=' . $_POST[oos_session_name()] . '&payment_error=' . $this->code, 'SSL', false, false));
}
}
}
// Load server utilities
require '../includes/functions/function_server.php';
if (isset($_POST)) {
foreach ($_POST as $key => $value) {
${$key} = oos_prepare_input($value);
}
}
// define how the session functions will be used
require '../includes/functions/function_session.php';
// set the session ID if it exists
if (isset($_POST[oos_session_name()])) {
oos_session_id($_POST[oos_session_name()]);
} elseif (isset($_GET[oos_session_name()])) {
oos_session_id($_GET[oos_session_name()]);
}
oos_session_name('OOSADMINSID');
oos_session_start();
if (!isset($_SESSION)) {
$_SESSION = array();
}
// require the database functions
if (!defined('ADODB_LOGSQL_TABLE')) {
define('ADODB_LOGSQL_TABLE', $oostable['adodb_logsql']);
}
require '../includes/lib/adodb/toexport.inc.php';
require '../includes/lib/adodb/adodb-errorhandler.inc.php';
require '../includes/lib/adodb/adodb.inc.php';
require '../includes/lib/adodb/tohtml.inc.php';
require '../includes/functions/function_db.php';
// make a connection to the database... now
if (!oosDBInit()) {
/**
* Smarty {html_href_link} function plugin
*
* Type: function
* Name: html_href_link
* @Version: $Revision: 1.8 $ - changed by $Author: r23 $ on $Date: 2008/07/08 13:19:51 $
* -------------------------------------------------------------
*/
function smarty_function_html_href_link($params, &$smarty)
{
global $oEvent, $spider_flag;
MyOOS_CoreApi::requireOnce('lib/smarty/libs/plugins/shared.escape_special_chars.php');
$page = '';
$parameters = '';
$connection = 'NONSSL';
$add_session_id = '1';
$search_engine_safe = '1';
foreach ($params as $_key => $_val) {
switch ($_key) {
case 'page':
if (!is_array($_val)) {
${$_key} = smarty_function_escape_special_chars($_val);
} else {
$smarty->trigger_error("html_href_link: Unable to determine the page link!", E_USER_NOTICE);
}
break;
case 'oos_get':
case 'addentry_id':
case 'connection':
case 'add_session_id':
case 'search_engine_safe':
${$_key} = (string) $_val;
break;
case 'anchor':
$anchor = smarty_function_escape_special_chars($_val);
break;
default:
if (!is_array($_val)) {
$parameters .= $_key . '=' . smarty_function_escape_special_chars($_val) . '&';
} else {
$smarty->trigger_error("html_href_link: parameters '{$_key}' cannot be an array", E_USER_NOTICE);
}
break;
}
}
if (empty($page)) {
$smarty->trigger_error("html_href_link: Unable to determine the page link!", E_USER_NOTICE);
}
if (isset($addentry_id)) {
$addentry_id = $addentry_id + 2;
$parameters .= 'entry_id=' . $addentry_id . '&';
}
if (isset($oos_get)) {
$parameters .= $oos_get;
}
$page = trim($page);
if ($connection == 'NONSSL') {
$link = OOS_HTTP_SERVER . OOS_SHOP;
} elseif ($connection == 'SSL') {
if (ENABLE_SSL == '1') {
$link = OOS_HTTPS_SERVER . OOS_SHOP;
} else {
$link = OOS_HTTP_SERVER . OOS_SHOP;
}
} else {
$smarty->trigger_error("html_href_link: Unable to determine the page link!", E_USER_NOTICE);
}
if (isset($parameters)) {
$link .= 'index.php?page=' . $page . '&' . oos_output_string($parameters);
} else {
$link .= 'index.php?page=' . $page;
}
$separator = '&';
while (substr($link, -5) == '&' || substr($link, -1) == '?') {
if (substr($link, -1) == '?') {
$link = substr($link, 0, -1);
} else {
$link = substr($link, 0, -5);
}
}
if (isset($anchor)) {
$link .= '#' . $anchor;
}
// Add the session ID when moving from HTTP and HTTPS servers or when SID is defined
if (ENABLE_SSL == '1' && $connection == 'SSL' && $add_session_id == '1') {
$_sid = oos_session_name() . '=' . oos_session_id();
} elseif ($add_session_id == '1' && oos_is_not_null(SID)) {
$_sid = SID;
}
if ($spider_flag === false) {
$_sid = NULL;
}
if ($search_engine_safe == '1' && $oEvent->installed_plugin('sefu')) {
$link = str_replace(array('?', '&', '='), '/', $link);
$separator = '?';
$pos = strpos($link, 'action');
if ($pos === false) {
$url_rewrite = new url_rewrite();
$link = $url_rewrite->transform_uri($link);
}
}
if (isset($_sid)) {
$link .= $separator . oos_output_string($_sid);
}
return $link;
}
function process_button() {
global $oOrder;
$sequence = rand(1, 1000);
$aPages = oos_get_pages();
$process_button_string = oos_draw_hidden_field('x_Login', MODULE_PAYMENT_AUTHORIZENET_LOGIN) .
oos_draw_hidden_field('x_Card_Num', $this->cc_card_number) .
oos_draw_hidden_field('x_Exp_Date', $this->cc_expiry_month . substr($this->cc_expiry_year, -2)) .
oos_draw_hidden_field('x_Amount', number_format($oOrder->info['total'], 2)) .
oos_draw_hidden_field('x_Relay_URL', oos_href_link($aPages['checkout_process'], '', 'SSL', false)) .
oos_draw_hidden_field('x_Method', ((MODULE_PAYMENT_AUTHORIZENET_METHOD == 'Credit Card') ? 'CC' : 'ECHECK')) .
oos_draw_hidden_field('x_Version', '3.0') .
oos_draw_hidden_field('x_Cust_ID', $_SESSION['customer_id']) .
oos_draw_hidden_field('x_Email_Customer', ((MODULE_PAYMENT_AUTHORIZENET_EMAIL_CUSTOMER == '1') ? 'TRUE': 'FALSE')) .
oos_draw_hidden_field('x_first_name', $oOrder->customer['firstname']) .
oos_draw_hidden_field('x_last_name', $oOrder->customer['lastname']) .
oos_draw_hidden_field('x_address', $oOrder->customer['street_address']) .
oos_draw_hidden_field('x_city', $oOrder->customer['city']) .
oos_draw_hidden_field('x_state', $oOrder->customer['state']) .
oos_draw_hidden_field('x_zip', $oOrder->customer['postcode']) .
oos_draw_hidden_field('x_country', $oOrder->customer['country']['title']) .
oos_draw_hidden_field('x_phone', $oOrder->customer['telephone']) .
oos_draw_hidden_field('x_email', $oOrder->customer['email_address']) .
oos_draw_hidden_field('x_ship_to_first_name', $oOrder->delivery['firstname']) .
oos_draw_hidden_field('x_ship_to_last_name', $oOrder->delivery['lastname']) .
oos_draw_hidden_field('x_ship_to_address', $oOrder->delivery['street_address']) .
oos_draw_hidden_field('x_ship_to_city', $oOrder->delivery['city']) .
oos_draw_hidden_field('x_ship_to_state', $oOrder->delivery['state']) .
oos_draw_hidden_field('x_ship_to_zip', $oOrder->delivery['postcode']) .
oos_draw_hidden_field('x_ship_to_country', $oOrder->delivery['country']['title']) .
oos_draw_hidden_field('x_Customer_IP', $_SERVER['REMOTE_ADDR']) .
$this->InsertFP(MODULE_PAYMENT_AUTHORIZENET_LOGIN, MODULE_PAYMENT_AUTHORIZENET_TXNKEY, number_format($oOrder->info['total'], 2), $sequence);
if (MODULE_PAYMENT_AUTHORIZENET_TESTMODE == 'Test') $process_button_string .= oos_draw_hidden_field('x_Test_Request', 'TRUE');
$process_button_string .= oos_draw_hidden_field(oos_session_name(), oos_session_id());
return $process_button_string;
}
function process_button()
{
global $oOrder, $oCurrencies;
if (MODULE_PAYMENT_YELLOWPAY_CURRENCY == 'Selected Currency') {
$my_currency = $_SESSION['currency'];
} else {
$my_currency = substr(MODULE_PAYMENT_YELLOWPAY_CURRENCY, 5);
}
if (!in_array($my_currency, array('CHF', 'EUR', 'USD'))) {
$my_currency = 'CHF';
}
switch ($_SESSION['language']) {
case 'deu':
$usedlanguage = 2055;
break;
case 'eng':
$usedlanguage = 2057;
break;
case 'ita':
$usedlanguage = 2064;
break;
default:
$usedlanguage = MODULE_PAYMENT_YELLOWPAY_LANGUAGE;
break;
}
$sidretour = oos_session_name() . '=' . oos_session_id();
$usedtotal = number_format($oOrder->info['total'] * $oCurrencies->get_value($my_currency), $oCurrencies->get_decimal_places($my_currency));
$txtHash_tosecure = MODULE_PAYMENT_YELLOWPAY_SHOP_ID . $my_currency . $usedtotal . MODULE_PAYMENT_HASH_SEED;
$txtHash = md5($txtHash_tosecure);
$txtOrderIDShop = $_SESSION['customer_id'] . date("Y-m-d H:i:s");
$process_button_string = oos_draw_hidden_field('txtShopID', MODULE_PAYMENT_YELLOWPAY_ID) . oos_draw_hidden_field('txtShopPara', $sidretour) . oos_draw_hidden_field('txtOrderTotal', $usedtotal) . oos_draw_hidden_field('txtLangVersion', $usedlanguage) . oos_draw_hidden_field('txtArtCurrency', $my_currency) . oos_draw_hidden_field('txtHash', $txtHash) . oos_draw_hidden_field('txtOrderIDShop', $txtOrderIDShop) . oos_draw_hidden_field('txtBLastName', $oOrder->billing['lastname']) . oos_draw_hidden_field('txtBFirstName', $oOrder->billing['firstname']) . oos_draw_hidden_field('txtBAddr1', $oOrder->billing['street_address']) . oos_draw_hidden_field('txtBZipCode', $oOrder->billing['postcode']) . oos_draw_hidden_field('txtBCity', oos_replace_chars($oOrder->billing['city'])) . oos_draw_hidden_field('txtBZipCode', $oOrder->billing['postcode']) . oos_draw_hidden_field('txtBTel', $oOrder->customer['customers_telephone']) . oos_draw_hidden_field('txtBEmail', $oOrder->customer['email_address']) . oos_draw_hidden_field('txtHistoryBack', '0');
return $process_button_string;
}
function transform_uri($param)
{
unset($path);
unset($url);
$uri = explode("index.php/", $param);
$path = $uri[1];
$base = $uri[0];
$url_array = explode('/', $path);
$aPages = oos_get_pages();
if (in_array('categories', $url_array) || in_array($aPages['product_info'], $url_array) && in_array($aModules['products'], $url_array)) {
$_filter = array('page', $aPages['shop'], oos_session_name(), oos_session_id());
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$nLanguageID = isset($_SESSION['language_id']) ? $_SESSION['language_id'] + 0 : 1;
$path = '';
$extention = '.html';
$nArrayCountUrl = count($url_array);
for ($i = 0; $i < $nArrayCountUrl; $i++) {
switch ($url_array[$i]) {
case 'categories':
unset($category);
$category = '';
$i++;
if (eregi('[_0-9]', $url_array[$i])) {
if ($category_array = explode('_', $url_array[$i])) {
foreach ($category_array as $value) {
$categoriestable = $oostable['categories'];
$categories_descriptiontable = $oostable['categories_description'];
$category_result = $dbconn->Execute("SELECT c.categories_id, cd.categories_name FROM {$categoriestable} c, {$categories_descriptiontable} cd WHERE c.categories_id = '" . intval($value) . "' AND c.categories_id = cd.categories_id AND cd.categories_languages_id = '" . intval($nLanguageID) . "'");
$category .= oos_make_filename($category_result->fields['categories_name']) . '/';
}
$category = substr($category, 0, -1);
$category .= '-c-' . $url_array[$i] . '/';
} else {
$category .= 'categories/' . $url_array[$i] . '/';
}
}
$path .= $category;
break;
case 'products_id':
unset($product);
$i++;
if ($url_array[$i]) {
$products_descriptiontable = $oostable['products_description'];
$product_result = $dbconn->Execute("SELECT products_name FROM {$products_descriptiontable} WHERE products_id = '" . intval($url_array[$i]) . "' AND products_languages_id = '" . intval($nLanguageID) . "'");
$product = oos_make_filename($product_result->fields['products_name']);
$path .= $product . '-p-' . $url_array[$i] . '/';
}
break;
case 'manufacturers_id':
unset($manufacturer);
$i++;
if ($url_array[$i]) {
$manufacturerstable = $oostable['manufacturers'];
$manufacturer_result = $dbconn->Execute("SELECT manufacturers_name FROM {$manufacturerstable} WHERE manufacturers_id = '" . intval($url_array[$i]) . "'");
$manufacturer = oos_make_filename($manufacturer_result->fields['manufacturers_name']);
$path .= $manufacturer . '-m-' . $url_array[$i] . '/';
}
break;
default:
if (!in_array($url_array[$i], $_filter)) {
$path .= $url_array[$i] . '/';
}
break;
}
}
$pos = strpos($path, "-p-");
if ($pos === false) {
// $remove = array('-c-');
} else {
$remove = array('-m-', '-c-');
}
$path = str_replace($remove, '', $path);
if (strpos($path, '//') !== false) {
$path = str_replace('//', '/', $path);
}
if (substr($path, -1) == '/') {
$path = substr($path, 0, -1);
}
$url = $base . $path . $extention;
} else {
$url = $param;
}
return $url;
}
if ((!isset($_GET['info']) || (isset($_GET['info']) && ($_GET['info'] == $whos_online['session_id']))) && !isset($info)) {
$info = $whos_online['session_id'];
}
if ($whos_online['session_id'] == $info) {
echo ' <tr class="dataTableRowSelected">' . "\n";
} else {
echo ' <tr class="dataTableRow" onmouseover="this.className=\'dataTableRowOver\';this.style.cursor=\'hand\'" onmouseout="this.className=\'dataTableRow\'" onclick="document.location.href=\'' . oos_href_link_admin($aFilename['whos_online'], oos_get_all_get_params(array('info', 'action')) . 'info=' . $whos_online['session_id'], 'NONSSL') . '\'">' . "\n";
}
?>
<td class="dataTableContent"><?php echo gmdate('H:i:s', $time_online); ?></td>
<td class="dataTableContent" align="center"><?php echo $whos_online['customer_id']; ?></td>
<td class="dataTableContent"><?php echo $whos_online['full_name']; ?></td>
<td class="dataTableContent" align="center"><?php echo $whos_online['ip_address']; ?></td>
<td class="dataTableContent"><?php echo date('H:i:s', $whos_online['time_entry']); ?></td>
<td class="dataTableContent" align="center"><?php echo date('H:i:s', $whos_online['time_last_click']); ?></td>
<td class="dataTableContent"><?php if (preg_match('/^(.*)' . oos_session_name() . '=[a-f,0-9]+[&]*(.*)/', $whos_online['last_page_url'], $array)) { echo $array[1] . $array[2]; } else { echo $whos_online['last_page_url']; } ?> </td>
</tr>
<?php
// Move that ADOdb pointer!
$whos_online_result->MoveNext();
}
// Close result set
$whos_online_result->Close();
?>
<tr>
<td class="smallText" colspan="7"><?php echo sprintf(TEXT_NUMBER_OF_CUSTOMERS, $whos_online_result->RecordCount()); ?></td>
</tr>
</table></td>
<?php
$heading = array();
function process_button() {
global $oOrder, $oCurrencies;
$worldpay_cardId = oos_session_name() . '=' . oos_session_id();
$aPages = oos_get_pages();
$callback_url = oos_href_link($aPages['checkout_process'], '', 'SSL', true);
$worldpay_callback = explode('http://', $callback_url);
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$sLanguage = oos_var_prep_for_os($_SESSION['language']);
$languagestable = $oostable['languages'];
$query = "SELECT iso_639_1
FROM $languagestable
WHERE iso_639_2 = '" . oos_db_input($sLanguage) . "'";
$language_code = $dbconn->GetOne($query);
$address = htmlspecialchars($oOrder->customer['street_address'] . "\n" . $oOrder->customer['suburb'] . "\n" . $oOrder->customer['city'] . "\n" . $oOrder->customer['state'], ENT_QUOTES);
$process_button_string = oos_draw_hidden_field('instId', MODULE_PAYMENT_WORLDPAY_ID) .
oos_draw_hidden_field('currency', $_SESSION['currency']) .
oos_draw_hidden_field('desc', 'Purchase from '.STORE_NAME) .
oos_draw_hidden_field('cartId', $worldpay_cardId) .
oos_draw_hidden_field('amount', number_format($oOrder->info['total'] * $oCurrencies->get_value($_SESSION['currency']), $oCurrencies->get_decimal_places($_SESSION['currency']), '.', '')) ;
if (MODULE_PAYMENT_WORLDPAY_USEPREAUTH == '1') {
$process_button_string .= oos_draw_hidden_field('authMode', MODULE_PAYMENT_WORLDPAY_PREAUTH);
}
$process_button_string .= oos_draw_hidden_field('testMode', MODULE_PAYMENT_WORLDPAY_MODE) .
oos_draw_hidden_field('name', $oOrder->customer['firstname'] . ' ' . $oOrder->customer['lastname']) .
oos_draw_hidden_field('address', $address) .
oos_draw_hidden_field('postcode', $oOrder->customer['postcode']) .
oos_draw_hidden_field('country', $oOrder->customer['country']['iso_code_2']) .
oos_draw_hidden_field('tel', $oOrder->customer['telephone']) .
oos_draw_hidden_field('myvar', 'Y') .
oos_draw_hidden_field('fax', $oOrder->customer['fax']) .
oos_draw_hidden_field('email', $oOrder->customer['email_address']) .
oos_draw_hidden_field('lang', $language_code) .
oos_draw_hidden_field('MC_callback', $worldpay_callback[1]) .
oos_draw_hidden_field('MC_oscsid', $oscSid);
if (MODULE_PAYMENT_WORLDPAY_USEMD5 == '1') {
$md5_signature_fields = 'amount:language:email';
$md5_signature = MODULE_PAYMENT_WORLDPAY_MD5KEY . ':' . (number_format($oOrder->info['total'] * $oCurrencies->get_value($_SESSION['currency']), $oCurrencies->get_decimal_places($_SESSION['currency']), '.', '')) . ':' . $language_code . ':' . $oOrder->customer['email_address'];
$md5_signature_md5 = md5($md5_signature);
$process_button_string .= oos_draw_hidden_field('signatureFields', $md5_signature_fields ) .
oos_draw_hidden_field('signature',$md5_signature_md5);
}
return $process_button_string ;
}
/**
* Return all GET variables, except those passed as a parameter
*
*/
function oos_get_all_as_hidden_field($aExclude = '')
{
if (!is_array($aExclude)) $aExclude = array();
$sField = '';
if (is_array($_GET) && (count($_GET) > 0)) {
foreach ($_GET as $sKey => $sValue) {
if (!empty($sValue)) {
if ( ($sKey != oos_session_name()) && ($sKey != 'error') && ($sKey != 'p') && ($sKey != 'rewrite') && ($sKey != 'c') && ($sKey != 'm') && ($sKey != 'mp') && ($sKey != 'file') && ($sKey != 'index.php') && ($sKey != 'history_back') && (!in_array($sKey, $aExclude)) && ($sKey != 'x') && ($sKey != 'y') ) {
$sField = '<input type="hidden" name="' . oos_output_string($sKey) . '"';
$sField .= ' value="' . oos_output_string($sValue) . '" />';
}
}
}
}
return $sField;
}
/**
* Smarty {css_button} function plugin
*
* Type: function
* Name: css_button
* @Version: $Revision: 1.2 $ - changed by $Author: r23 $ on $Date: 2008/01/09 22:03:20 $
*/
function smarty_function_css_button($params, &$smarty)
{
global $oEvent, $spider_kill_sid;
MyOOS_CoreApi::requireOnce('lib/smarty/libs/plugins/shared.escape_special_chars.php');
$modul = '';
$file = '';
$parameters = '';
$connection = 'NONSSL';
$add_session_id = '1';
$search_engine_safe = '1';
$title = '';
$color = 'btnR blue';
foreach($params as $_key => $_val) {
switch($_key) {
case 'modul':
if(!is_array($_val)) {
$$_key = smarty_function_escape_special_chars($_val);
} else {
$smarty->trigger_error("css_button: Unable to determine the page link!", E_USER_NOTICE);
}
break;
case 'file':
if(!is_array($_val)) {
$$_key = smarty_function_escape_special_chars($_val);
} else {
$smarty->trigger_error("css_button: Unable to determine the page link!", E_USER_NOTICE);
}
break;
case 'oos_get':
case 'addentry_id':
case 'connection':
case 'add_session_id':
case 'search_engine_safe':
case 'title':
$$_key = (string)$_val;
break;
case 'color':
$$_key = (string)$_val;
break;
case 'anchor':
$anchor = smarty_function_escape_special_chars($_val);
break;
default:
if(!is_array($_val)) {
$parameters .= $_key.'='.smarty_function_escape_special_chars($_val).'&';
} else {
$smarty->trigger_error("css_button: parameters '$_key' cannot be an array", E_USER_NOTICE);
}
break;
}
}
if (empty($modul)) {
$smarty->trigger_error("css_button: Unable to determine the page link!", E_USER_NOTICE);
}
if (empty($file)) {
$smarty->trigger_error("css_button: Unable to determine the page link!", E_USER_NOTICE);
}
if (isset($addentry_id)) {
$addentry_id = $addentry_id + 2;
$parameters .= 'entry_id='.$addentry_id.'&';
}
if (isset($oos_get)) {
$parameters .= $oos_get;
}
$file = trim($file);
if ($connection == 'NONSSL') {
$link = OOS_HTTP_SERVER . OOS_SHOP;
} elseif ($connection == 'SSL') {
if (ENABLE_SSL == '1') {
$link = OOS_HTTPS_SERVER . OOS_SHOP;
} else {
$link = OOS_HTTP_SERVER . OOS_SHOP;
}
} else {
$smarty->trigger_error("css_button: Unable to determine the page link!", E_USER_NOTICE);
}
if (isset($parameters)) {
$link .= 'index.php?mp=' . $modul . '&file=' . $file . '&' . oos_output_string($parameters);
} else {
$link .= 'index.php?mp=' . $modul . '&file=' . $file;
}
$separator = '&';
while ( (substr($link, -5) == '&') || (substr($link, -1) == '?') ) {
if (substr($link, -1) == '?') {
$link = substr($link, 0, -1);
} else {
$link = substr($link, 0, -5);
}
}
if (isset($anchor)) {
$link .= '#' . $anchor;
}
// Add the session ID when moving from HTTP and HTTPS servers or when SID is defined
if ( (ENABLE_SSL == '1' ) && ($connection == 'SSL') && ($add_session_id == '1') ) {
$_sid = oos_session_name() . '=' . oos_session_id();
} elseif ( ($add_session_id == '1') && (!oos_empty(SID)) ) {
$_sid = SID;
}
if ( $spider_kill_sid == '1') $_sid = NULL;
/*
if ( ($search_engine_safe == '1') && $oEvent->installed_plugin('sefu') ) {
$link = str_replace(array('?', '&', '='), '/', $link);
$separator = '?';
$pos = strpos ($link, 'action');
if ($pos === false) {
$url_rewrite = new url_rewrite;
$link = $url_rewrite->transform_uri($link);
}
}
*/
if (isset($_sid)) {
$link .= $separator . oos_output_string($_sid);
}
$title = decode($title);
return '<a href="' . $link . '" title="' . $title . '" class="' . $color . '">' . $title . '</a>';
}
function display_links($query_numrows, $max_rows_per_page, $max_page_links, $current_page_number, $parameters = '', $page_name = 'page')
{
if (!empty($parameters) && substr($parameters, -1) != '&') {
$parameters .= '&';
}
// calculate number of pages needing links
$num_pages = intval($query_numrows / $max_rows_per_page);
// $num_pages now contains int of pages needed unless there is a remainder from division
if ($query_numrows % $max_rows_per_page) {
$num_pages++;
}
// has remainder so add one page
$pages_array = array();
for ($i = 1; $i <= $num_pages; $i++) {
$pages_array[] = array('id' => $i, 'text' => $i);
}
if ($num_pages > 1) {
$display_links = oos_draw_form('pages', basename($_SERVER['PHP_SELF']), '', 'get');
if ($current_page_number > 1) {
$display_links .= '<a href="' . oos_href_link_admin(basename($_SERVER['PHP_SELF']), $parameters . $page_name . '=' . ($current_page_number - 1), 'NONSSL') . '" class="splitPageLink">' . PREVNEXT_BUTTON_PREV . '</a> ';
} else {
$display_links .= PREVNEXT_BUTTON_PREV . ' ';
}
$display_links .= sprintf(TEXT_RESULT_PAGE, oos_draw_pull_down_menu($page_name, $pages_array, '', 'onChange="this.form.submit();"'), $num_pages);
if ($current_page_number < $num_pages && $num_pages != 1) {
$display_links .= ' <a href="' . oos_href_link_admin(basename($_SERVER['PHP_SELF']), $parameters . $page_name . '=' . ($current_page_number + 1), 'NONSSL') . '" class="splitPageLink">' . PREVNEXT_BUTTON_NEXT . '</a>';
} else {
$display_links .= ' ' . PREVNEXT_BUTTON_NEXT;
}
if ($parameters != '') {
if (substr($parameters, -1) == '&') {
$parameters = substr($parameters, 0, -1);
}
$pairs = explode('&', $parameters);
while (list(, $pair) = each($pairs)) {
list($key, $value) = explode('=', $pair);
$display_links .= oos_draw_hidden_field(rawurldecode($key), rawurldecode($value));
}
}
if (SID) {
$display_links .= oos_draw_hidden_field(oos_session_name(), oos_session_id());
}
$display_links .= '</form>';
} else {
$display_links = sprintf(TEXT_RESULT_PAGE, $num_pages, $num_pages);
}
return $display_links;
}
function create_plugin_instance() {
global $request_type, $spider_flag, $spider_kill_sid;
$user_agent = strtolower($_SERVER['HTTP_USER_AGENT']);
$spider_flag = false;
$spider_kill_sid = '0';
// set the top level domains
$http_domain = oos_server_get_top_level_domain(OOS_HTTP_SERVER);
$https_domain = oos_server_get_top_level_domain(OOS_HTTPS_SERVER);
$current_domain = (($request_type == 'NONSSL') ? $http_domain : $https_domain);
// set the session cookie parameters
if (function_exists('session_set_cookie_params')) {
session_set_cookie_params(0, '/', (!empty($current_domain) ? '.' . $current_domain : ''));
} elseif (function_exists('ini_set')) {
ini_set('session.cookie_lifetime', '0');
ini_set('session.cookie_path', '/');
ini_set('session.cookie_domain', (!empty($current_domain) ? '.' . $current_domain : ''));
}
// set the session ID if it exists
if (isset($_POST[oos_session_name()]) && (ctype_alnum($_POST[oos_session_name()]))) {
oos_session_id($_POST[oos_session_name()]);
} elseif (isset($_GET[oos_session_name()]) && (ctype_alnum($_GET[oos_session_name()]))) {
oos_session_id($_GET[oos_session_name()]);
}
if (empty($user_agent) === false) {
$spider_agent = @parse_ini_file('includes/ini/spiders.ini');
foreach ($spider_agent as $spider) {
if (empty($spider) === false) {
if (strpos($user_agent, trim($spider)) !== false) {
$spider_kill_sid = '1';
$spider_flag = true;
break;
}
}
}
}
if ($spider_flag === false) {
if (!defined('MYOOS_SESSION_NAME'))
{
define('MYOOS_SESSION_NAME', 'MYOOS_SESSID');
}
@ini_set('session.name', MYOOS_SESSION_NAME);
if(ini_get('session.save_handler') == 'user')
{
@ini_set('session.save_handler', 'files');
@ini_set('session.save_path', '');
}
if(ini_get('session.save_handler') == 'files')
{
$sessionPath = ini_get('session.save_path');
if (preg_match('/^[0-9]+;(.*)/', $sessionPath, $matches))
{
$sessionPath = $matches[1];
}
if (ini_get('safe_mode') || ini_get('open_basedir') || empty($sessionPath) || !@is_writable($sessionPath))
{
$sessionPath = MYOOS_USER_PATH . '/tmp/sessions';
@ini_set('session.save_path', $sessionPath);
if (!is_dir($sessionPath))
{
@mkdir($sessionPath, 0755, true);
if (!is_dir($sessionPath))
{
die("Error: Unable to mkdir $sessionPath");
}
}
elseif (!@is_writable($sessionPath))
{
die("Error: $sessionPath is not writable");
}
}
}
// lets start our session
oos_session_start();
}
if (!isset($_SESSION)) {
$_SESSION = array();
}
// create the shopping cart
if (!isset($_SESSION['cart'])) {
$_SESSION['cart'] = new shoppingCart;
}
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new oosNavigationHistory;
}
$aPages = oos_get_pages();
// verify the browser user agent
$http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
if (!isset($_SESSION['session_user_agent'])) {
$_SESSION['session_user_agent'] = $http_user_agent;
}
if ($_SESSION['session_user_agent'] != $http_user_agent) {
unset($_SESSION['customer_id']);
unset($_SESSION['session_user_agent']);
$_SESSION['cart']->reset();
$_SESSION['member']->default_member();
MyOOS_CoreApi::redirect(oos_href_link($aPages['login'], '', 'SSL'));
}
// verify the IP address
if (!isset($_SESSION['session_ip_address'])) {
$_SESSION['session_ip_address'] = MyOOS_Utilities::getRemoteHostAddress();
}
if ($_SESSION['session_ip_address'] != MyOOS_Utilities::getRemoteHostAddress()) {
unset($_SESSION['customer_id']);
unset($_SESSION['session_ip_address']);
$_SESSION['cart']->reset();
$_SESSION['member']->default_member();
MyOOS_CoreApi::redirect(oos_href_link($aPages['login'], '', 'SSL'));
}
return true;
}
/**
* Return all POST variables, except those passed as a parameter
*
* @param $aExclude
* @return string
*/
function oos_get_all_post_parameters($aExclude = '')
{
if (!is_array($aExclude)) {
$aExclude = array();
}
$aParameters = array('mp', 'file', 'x', 'y');
$sUrl = '';
if (is_array($_POST) && count($_POST) > 0) {
reset($_POST);
while (list($sKey, $sValue) = each($_POST)) {
if (!empty($sValue) && !is_array($sValue)) {
if ($sKey != oos_session_name() && !in_array($sKey, $aParameters) && !in_array($sKey, $aExclude)) {
$sUrl .= $sKey . '=' . rawurlencode($sValue) . '&';
}
}
}
}
return $sUrl;
}
/**
* Return all POST variables, except those passed as a parameter
*
* @param $aExclude
* @return string
*/
function oos_get_all_post_parameters($aExclude = '')
{
if (!is_array($aExclude)) $aExclude = array();
$aParameters = array('page', 'x', 'y');
$sUrl = '';
if (is_array($_POST) && (count($_POST) > 0)) {
foreach ($_POST as $sKey => $sValue) {
if ( !empty($sValue) && is_string($sValue) ) {
if ( ($sKey != oos_session_name()) && (!in_array($sKey, $aParameters)) && (!in_array($sKey, $aExclude)) ) {
$sUrl .= $sKey . '=' . rawurlencode($sValue) . '&';
}
}
}
}
return $sUrl;
}
Copyright (c) 2003 - 2009 by the OOS Development Team.
----------------------------------------------------------------------
Based on:
File: currencies.php,v 1.16 2003/02/12 20:27:31 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined('OOS_VALID_MOD') or die('Direct Access to this location is not allowed.');
if (isset($oCurrencies) && is_object($oCurrencies)) {
reset($oCurrencies->currencies);
$aCurrencies = array();
while (list($sKey, $value) = each($oCurrencies->currencies)) {
$aCurrencies[] = array('id' => $sKey, 'text' => $value['title']);
}
$hidden_get_variables = '';
reset($_GET);
while (list($sKey, $value) = each($_GET)) {
if ($sKey != 'currency' && $sKey != oos_session_name() && $sKey != 'x' && $sKey != 'y') {
$hidden_get_variables .= oos_draw_hidden_field($sKey, $value);
}
}
$oos_pull_down_menu = oos_draw_pull_down_menu('currency', $aCurrencies, $_SESSION['currency'], 'onchange="this.form.submit();" style="width: 100%"') . $hidden_get_variables . oos_hide_session_id();
$oSmarty->assign(array('oos_pull_down_menu' => $oos_pull_down_menu, 'block_heading_currencies' => $block_heading));
}
function oos_get_all_get_params($exclude_array = '') {
if ($exclude_array == '') $exclude_array = array();
$get_url = '';
reset($_GET);
while (list($key, $value) = each($_GET)) {
if (($key != oos_session_name()) && ($key != 'error') && (!oos_in_array($key, $exclude_array))) $get_url .= $key . '=' . $value . '&';
}
return $get_url;
}
?>
</td>
<td class="dataTableContent" align="center"><?php
echo $whos_online['ip_address'];
?>
</td>
<td class="dataTableContent"><?php
echo date('H:i:s', $whos_online['time_entry']);
?>
</td>
<td class="dataTableContent" align="center"><?php
echo date('H:i:s', $whos_online['time_last_click']);
?>
</td>
<td class="dataTableContent"><?php
if (eregi('^(.*)' . oos_session_name() . '=[a-f,0-9]+[&]*(.*)', $whos_online['last_page_url'], $array)) {
echo $array[1] . $array[2];
} else {
echo $whos_online['last_page_url'];
}
?>
</td>
</tr>
<?php
// Move that ADOdb pointer!
$whos_online_result->MoveNext();
}
// Close result set
$whos_online_result->Close();
?>
<tr>
