public function __construct($query)
{
include_once 'database.php';
include_once 'functions.php';
include_once '../includes/configure.php';
include_once '../includes/database_tables.php';
include_once '../includes/functions/database.php';
tep_db_connect() or die('Unable to connect to database');
$this->query = $query;
$this->object_list = executeSQLtoArray($this->query);
tep_db_close();
}
function checkRedundantVal($val2check)
{
$con = tep_db_connect();
if (!$con) {
die('Could not connect: ' . mysqli_error());
}
$result = tep_db_query("SELECT * FROM users WHERE username='******' LIMIT 1");
$ret = tep_db_fetch_array($result);
if (count($ret) > 0) {
return true;
} else {
return false;
}
}
<?php
/**
* Generate list of elements needed for amazon vendor xmas order
*
* @author IT TEAM BONOFACTUM
* @created Aug 21, 2013 4:33:03 PM
*/
global $db;
require_once '../confy.php';
require_once '../functions.php';
require_once '../functions-2.php';
require_once DIR_WS_FUNCTIONS . 'html_output.php';
tep_db_connect();
use_class('elements_attributes');
use_class('elements_order');
$class_ea = new elements_attributes();
$ecats = array();
$all_period = array();
function runElementQuery($outsourced_flag)
{
global $class_ea, $ecats, $all_period;
if (isset($_GET['shipwin_month'])) {
$month = str_pad(tep_db_prepare_input($_GET['shipwin_month']), 2, '0', STR_PAD_LEFT);
$year = date('Y');
$shipwin_start = $year . "-{$month}-01";
$eom_date = date('t', strtotime($shipwin_start));
$shipwin_end = date('Y') . "-{$month}-{$eom_date}";
$shipwin_filter = "AND joi.shipping_window_open BETWEEN '{$shipwin_start}' AND '{$shipwin_end}'";
} else {
$shipwin_filter = "";
<tr>
<th scope="col"><div style="text-align: center">Order No.</div></th>
<th scope="col"><div style="text-align: center">Return Code</div></th>
<th scope="col"><div style="text-align: center">Customer's Email Address</div></th>
<th scope="col"><div style="text-align: center">Parcel ID</div></th>
<th scope="col"><div style="text-align: center">Order Date</div></th>
<th scope="col"><div style="text-align: center">Parcel Creation Date</div></th>
<th scope="col"><div style="text-align: center">Dispatch Date</div></th>
<th scope="col"><div style="text-align: center">Destination City</div></th>
<th scope="col"><div style="text-align: center">Destination Terminal</div></th>
</tr>
</thead>
<?php
$con = tep_db_connect();
if (!$con) {
die('Could not connect: ' . mysqli_error());
}
$all_parcels = tep_db_query("SELECT * FROM {$table_prefix}{$parcel_table} WHERE perm_token='{$api_key}' AND status='DISPATCHED' ORDER BY dispatch_date DESC LIMIT {$start_from}, " . $ppresults);
while ($row = tep_db_fetch_array($all_parcels)) {
if (strpos($row['d_city'], ",") != false) {
$location = $row['d_city'];
$location_array = explode(',', $location);
$location_d = $location_array[1];
}
if (strpos($row['d_city'], ",") == false) {
$location_d = $row['d_city'];
}
echo "<tr><td><div style='text-align: center'><a href='parcel_details.php?order_num=" . $row['id'] . "&id=true' target='_blank'>" . $row['order_num'] . "</a></div></td>";
echo "<td><div style='text-align: center'><a href='return_info.php?return_code=" . $row['rl_code'] . "' target='_blank'>" . $row['rl_code'] . "</a></div></td>";
$request_type = getenv('HTTPS') == 'on' ? 'SSL' : 'NONSSL';
// set php_self in the local scope
$PHP_SELF = strlen(ini_get('cgi.fix_pathinfo')) > 0 && (bool) ini_get('cgi.fix_pathinfo') == false || !isset($HTTP_SERVER_VARS['SCRIPT_NAME']) ? basename($HTTP_SERVER_VARS['PHP_SELF']) : basename($HTTP_SERVER_VARS['SCRIPT_NAME']);
if ($request_type == 'NONSSL') {
define('DIR_WS_CATALOG', DIR_WS_HTTP_CATALOG);
} else {
define('DIR_WS_CATALOG', DIR_WS_HTTPS_CATALOG);
}
// include the list of project filenames
require DIR_WS_INCLUDES . 'filenames.php';
// include the list of project database tables
require DIR_WS_INCLUDES . 'database_tables.php';
// include the database functions
require DIR_WS_FUNCTIONS . 'database.php';
// make a connection to the database... now
tep_db_connect() or die('Unable to connect to database server!');
// set the application parameters
$configuration_query = tep_db_query('select configuration_key as cfgKey, configuration_value as cfgValue from ' . TABLE_CONFIGURATION);
while ($configuration = tep_db_fetch_array($configuration_query)) {
define($configuration['cfgKey'], $configuration['cfgValue']);
}
// if gzip_compression is enabled, start to buffer the output
if (GZIP_COMPRESSION == 'true' && ($ext_zlib_loaded = extension_loaded('zlib')) && PHP_VERSION >= '4') {
if (($ini_zlib_output_compression = (int) ini_get('zlib.output_compression')) < 1) {
if (PHP_VERSION >= '4.0.4') {
ob_start('ob_gzhandler');
} else {
include DIR_WS_FUNCTIONS . 'gzip_compression.php';
ob_start();
ob_implicit_flush();
}
/**
* Returns the ID of the last inserted element in a table
* We don't use this WSR because the way the ID is retrieved is not efficient
* and we manage to retrieve directly the after the insertion of the element
* @see createPerson.php
* @see createProduct.php
*/
include_once 'database.php';
include_once 'functions.php';
include_once '../includes/configure.php';
include_once '../includes/database_tables.php';
include_once '../includes/functions/database.php';
if (!postNotEmpty('type')) {
die('Type not given');
}
tep_db_connect() or die('Unable to connect to database');
$type = $_POST['type'];
$query = "";
switch ($type) {
case 'Person':
$query = 'select max(customers_id) as id from ' . TABLE_CUSTOMERS;
break;
case 'Product':
$query = 'select max(products_id) as id from ' . TABLE_PRODUCTS;
break;
default:
die('Unknown type');
}
$xml = executeSQL($query);
header('Content-type: text/xml');
echo $xml;
function update_parcel_status($parcels)
{
require 'config.php';
if (count($parcels) > 0) {
tep_db_connect();
} else {
return;
}
$the_date = date('Y-m-d H:i:s');
foreach ($parcels as $parcel) {
tep_db_query("UPDATE {$table_prefix}{$return_table} SET label_printed=1, dispatch_date='{$the_date}' WHERE code='{$parcel}'");
}
}
define('STORE_CITY', $query['STORE_CITY']);
define('STORE_PROVINCE', $query['STORE_PROVINCE']);
define('STORE_COUNTRY_ID', $query['STORE_COUNTRY_ID']);
define('STORE_TELEPHONE', $query['STORE_PHONE']);
define('STORE_FAX', $query['STORE_FAX']);
define('STORE_WEBSITE', $query['STORE_WEBSITE']);
define('STORE_IMAGE', $query['STORE_IMAGE']);
define('STORE_BTW', $query['STORE_BTW']);
define('STORE_RPR', $query['STORE_RPR']);
define('STORE_PART_OFF', $query['STORE_PART_OFF']);
define('STORE_LAT', $query['STORE_LAT']);
define('STORE_LNG', $query['STORE_LNG']);
}
//#################Local store settings###################//
//Connect to local DB
tep_db_connect(DB_SERVER_LOCAL, DB_SERVER_USERNAME_LOCAL, DB_SERVER_PASSWORD_LOCAL, DB_DATABASE_LOCAL, 'db_link_local');
//Get all available categories
/* $categories_query = tep_db_query("SELECT DISTINCT categories_id FROM ".TABLE_CATEGORIES_TO_MANUFACTURERS, 'db_link_local');
$c_filter = Array();
while ($category = tep_db_fetch_array($categories_query))
{
$c_filter[] = $category['categories_id'];
}
$c_filter_list = join(',', $c_filter);
//Get all available manufacturers
$manu_query = tep_db_query("SELECT DISTINCT manufacturers_id FROM ".TABLE_CATEGORIES_TO_MANUFACTURERS, 'db_link_local');
$m_filter = Array();
while ($manu = tep_db_fetch_array($manu_query))
$m_filter[] = $manu['manufacturers_id'];
$m_filter_list = join(',', $m_filter);
/**
* Checks if the relation of a person to an organisation is valid
*/
function isValidRelation($person_id)
{
tep_db_connect() or die('Unable to connect to database');
$query = "select c.customers_id from " . TABLE_CUSTOMERS . " as c, " . TABLE_ADDRESS_BOOK . " as ab " . "where c.customers_id = {$person_id} and c.customers_default_address_id = ab.address_book_id " . "and not(ab.entry_country_id = 0) and not (ab.entry_company = '')";
$query = tep_db_query($query);
if (tep_db_num_rows($query)) {
return true;
}
return false;
}
function getListName($list_id)
{
tep_db_list_connect();
$listname_query = tep_db_list_query('SELECT name FROM ' . PHPLIST_TABLE_PREFIX . 'list WHERE id="' . $list_id . '"');
$listname = tep_db_fetch_array($listname_query);
tep_db_list_close();
tep_db_connect();
return $listname['name'];
}
<?php $server = $_POST['db_host']; $port = $_POST['db_port']; $username = $_POST['db_username']; $password = $_POST['db_password']; $database = $_POST['db_name']; tep_db_connect($server . (strlen($port) > 0 ? ':' . $port : ''), $username, $password); tep_db_select_db($database);
<td><?php
echo tep_draw_separator('pixel_trans.gif', '1', '25');
?>
</td>
</tr>
<?php
$sql = mysqli_query(tep_db_connect(), "SELECT * FROM edit_invoice where edit_invoice_id = '3' and language_id = '" . $languages_id . "'") or die(mysqli_error());
$row = mysqli_fetch_array($sql);
?>
<tr>
<td width="75%" valign="top"><?php
echo EORDER_TEXT_3;
?>
</td>
</tr>
<tr>
<td><?php
protected function init()
{
global $request_type, $cookie_domain, $cookie_path, $PHP_SELF, $login_request, $messageStack, $cfgModules;
Registry::set('Cache', new Cache());
$OSCOM_Db = Db::initialize();
Registry::set('Db', $OSCOM_Db);
// TODO legacy
tep_db_connect() or die('Unable to connect to database server!');
// set the application parameters
$Qcfg = $OSCOM_Db->get('configuration', ['configuration_key as k', 'configuration_value as v']);
//, null, null, null, 'configuration'); // TODO add cache when supported by admin
while ($Qcfg->fetch()) {
define($Qcfg->value('k'), $Qcfg->value('v'));
}
// Used in the "Backup Manager" to compress backups
define('LOCAL_EXE_GZIP', 'gzip');
define('LOCAL_EXE_GUNZIP', 'gunzip');
define('LOCAL_EXE_ZIP', 'zip');
define('LOCAL_EXE_UNZIP', 'unzip');
// Define how do we update currency exchange rates
// Possible values are 'oanda' 'xe' or ''
define('CURRENCY_SERVER_PRIMARY', 'oanda');
define('CURRENCY_SERVER_BACKUP', 'xe');
// set the type of request (secure or not)
if (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on' || isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == 443) {
$request_type = 'SSL';
$cookie_domain = HTTPS_COOKIE_DOMAIN;
$cookie_path = HTTPS_COOKIE_PATH;
} else {
$request_type = 'NONSSL';
$cookie_domain = HTTP_COOKIE_DOMAIN;
$cookie_path = HTTP_COOKIE_PATH;
}
// set php_self in the global scope
$req = parse_url($_SERVER['SCRIPT_NAME']);
$PHP_SELF = substr($req['path'], $request_type == 'SSL' ? strlen(DIR_WS_HTTPS_ADMIN) : strlen(DIR_WS_ADMIN));
// set the session name and save path
tep_session_name('oscomadminid');
tep_session_save_path(SESSION_WRITE_DIRECTORY);
// set the session cookie parameters
// set the session cookie parameters
session_set_cookie_params(0, $cookie_path, $cookie_domain);
if (function_exists('ini_set')) {
ini_set('session.use_only_cookies', SESSION_FORCE_COOKIE_USE == 'True' ? 1 : 0);
}
// lets start our session
tep_session_start();
// TODO remove when no more global sessions exist
foreach ($_SESSION as $k => $v) {
$GLOBALS[$k] =& $_SESSION[$k];
}
// set the language
if (!isset($_SESSION['language']) || isset($_GET['language'])) {
$lng = new \language();
if (isset($_GET['language']) && !empty($_GET['language'])) {
$lng->set_language($_GET['language']);
} else {
$lng->get_browser_language();
}
$_SESSION['language'] = $lng->language['directory'];
$_SESSION['languages_id'] = $lng->language['id'];
}
// redirect to login page if administrator is not yet logged in
if (!isset($_SESSION['admin'])) {
$redirect = false;
$current_page = $PHP_SELF;
// if the first page request is to the login page, set the current page to the index page
// so the redirection on a successful login is not made to the login page again
if ($current_page == FILENAME_LOGIN && !isset($_SESSION['redirect_origin'])) {
$current_page = FILENAME_DEFAULT;
}
if ($current_page != FILENAME_LOGIN) {
if (!isset($_SESSION['redirect_origin'])) {
$_SESSION['redirect_origin'] = ['page' => $current_page, 'get' => []];
}
// try to automatically login with the HTTP Authentication values if it exists
if (!isset($_SESSION['auth_ignore'])) {
if (isset($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']) && !empty($_SERVER['PHP_AUTH_PW'])) {
$_SESSION['redirect_origin']['auth_user'] = $_SERVER['PHP_AUTH_USER'];
$_SESSION['redirect_origin']['auth_pw'] = $_SERVER['PHP_AUTH_PW'];
}
}
$redirect = true;
}
if (!isset($login_request) || isset($_GET['login_request']) || isset($_POST['login_request']) || isset($_COOKIE['login_request']) || isset($_SESSION['login_request']) || isset($_FILES['login_request']) || isset($_SERVER['login_request'])) {
$redirect = true;
}
if ($redirect == true) {
tep_redirect(tep_href_link(FILENAME_LOGIN, isset($_SESSION['redirect_origin']['auth_user']) ? 'action=process' : ''));
}
}
// include the language translations
$_system_locale_numeric = setlocale(LC_NUMERIC, 0);
require DIR_FS_ADMIN . 'includes/languages/' . $_SESSION['language'] . '.php';
setlocale(LC_NUMERIC, $_system_locale_numeric);
// Prevent LC_ALL from setting LC_NUMERIC to a locale with 1,0 float/decimal values instead of 1.0 (see bug #634)
$current_page = basename($PHP_SELF);
if (file_exists(DIR_FS_ADMIN . 'includes/languages/' . $_SESSION['language'] . '/' . $current_page)) {
include DIR_FS_ADMIN . 'includes/languages/' . $_SESSION['language'] . '/' . $current_page;
}
$messageStack = new \messageStack();
$cfgModules = new \cfg_modules();
Registry::set('Hooks', new Hooks());
}
<?php
/**
* Deletes the product matching the given ID
*/
include_once 'functions.php';
include_once '../includes/configure.php';
include_once '../includes/functions/database.php';
include_once '../includes/database_tables.php';
if (!postNotEmpty('id')) {
die('Product not given');
}
tep_db_connect() or die("Unable to connect to database server");
$query = 'delete from ' . TABLE_PRODUCTS . ' where products_id = ' . $_POST['product_id'];
tep_db_query($query);
$query = 'delete from ' . TABLE_PRODUCTS_DESCRIPTION . ' where products_id = ' . $_POST['product_id'];
tep_db_query($query);
tep_db_close();
function put_user_in_db_list($list_id)
{
global $all_lists;
$email_address = $_GET['email'];
//check for existing by email address
tep_db_list_connect();
$existing_email_query = tep_db_list_query("select id, email from " . PHPLIST_TABLE_PREFIX . "user_user where email = '" . $email_address . "'");
$history_systeminfo_text = "\nHTTP_USER_AGENT = " . $_SERVER["HTTP_USER_AGENT"] . "\nREMOTE_ADDR = " . $_SERVER["REMOTE_ADDR"] . "";
$history_detail_text = "";
$getListName_query = tep_db_list_query('SELECT name FROM ' . PHPLIST_TABLE_PREFIX . 'list WHERE id = "' . $list_id . '"');
$getListName = tep_db_fetch_array($getListName_query);
$listName = $getListName['name'];
$firstname = $_GET['name'];
if (isset($_GET['subscribe'])) {
//subscribe logic
if (tep_db_num_rows($existing_email_query) < 1) {
//no existing user by email address found (therefore a new user - no id or email found)
//generate unique id and add new user to database
$id = md5(uniqid(mt_rand(0, 1000) . $email_address));
//insert the new user into phplist
tep_db_list_query("insert into " . PHPLIST_TABLE_PREFIX . "user_user (email, confirmed, subscribepage, entered, modified, disabled, uniqid, htmlemail) \n\t\t\tvalues ('" . $email_address . "', 1, " . PHPLIST_SPAGE . ", now(), now(), 0, '" . $id . "', " . PHPLIST_HTMLEMAIL . ")");
//get the new user's phplist id
$user_query = tep_db_list_query("select id from " . PHPLIST_TABLE_PREFIX . "user_user where email = '" . $email_address . "'");
$user = tep_db_fetch_array($user_query);
//subscribe the new user to the correct list
tep_db_list_query("insert into " . PHPLIST_TABLE_PREFIX . "listuser (userid, listid, entered) values (" . $user['id'] . ", " . $list_id . ", now())");
//generating history
$history_detail_text .= "\nSubscribepage = " . PHPLIST_SPAGE . "\n";
$history_detail_text .= "" . $attribute_name[name] . " = " . $firstname . "\n";
tep_db_list_query("insert into " . PHPLIST_TABLE_PREFIX . "user_user_history (userid, ip, date, summary, detail, systeminfo) values (" . $user['id'] . ", '" . $_SERVER["REMOTE_ADDR"] . "', '" . date('Y-m-d H:i:s') . "', 'Update through osC', '" . $history_detail_text . "', '" . $history_systeminfo_text . "')");
//create history post
$all_lists .= $listName . ', ';
$return = '1';
} else {
//subscribe the existing user if disabled
$existing_email = tep_db_fetch_array($existing_email_query);
//existing user by email found
tep_db_list_query("update " . PHPLIST_TABLE_PREFIX . "user_user set disabled = 0, confirmed = 1 where id = " . $existing_email['id'] . "");
//check to see if they already are subscribed to the correct list
$list_query = tep_db_list_query("select * from " . PHPLIST_TABLE_PREFIX . "listuser where userid = " . $existing_email['id'] . " and listid = " . $list_id . "");
if ($list = tep_db_num_rows($list_query) < 1) {
//no existing subscription to the newsletter found
//generating history, previous subscriptions
$history_detail_text .= "\n\nList subscriptions:\n";
//subscribe the new user to the correct list
tep_db_list_query("insert into " . PHPLIST_TABLE_PREFIX . "listuser (userid, listid, entered) values (" . $existing_email['id'] . ", " . $list_id . ", now())");
$all_lists .= $listName . ', ';
send_confirmation($HTTP_POST_VARS['name'], $_GET['email'], $listName);
$return = '1';
} else {
$all_lists .= $listName . ', ';
$return = '2';
}
tep_db_list_query("insert into " . PHPLIST_TABLE_PREFIX . "user_user_history (userid, ip, date, summary, detail, systeminfo) values (" . $existing_email['id'] . ", '" . $_SERVER["REMOTE_ADDR"] . "', '" . date('Y-m-d H:i:s') . "', 'Update through osC', '" . $history_detail_text . "', '" . $history_systeminfo_text . "')");
//create history post
}
tep_db_list_close();
tep_db_connect();
return $return;
} else {
if (isset($_GET['unsubscribe'])) {
//unsubscribe logic
if (tep_db_num_rows($existing_email_query) > 0) {
$history_detail_text = "\n";
$existing_email = tep_db_fetch_array($existing_email_query);
$testid = $existing_email['id'];
$delete_subscription_query = tep_db_list_query("delete from " . PHPLIST_TABLE_PREFIX . "listuser where listid = '" . $list_id . "' and userid = '" . $existing_email['id'] . "'");
mysql_query("delete from " . PHPLIST_TABLE_PREFIX . "listuser where listid = '" . $list_id . "' and userid = '" . $existing_email['id'] . "'") or die(mysql_error());
tep_db_list_query("insert into " . PHPLIST_TABLE_PREFIX . "user_user_history (userid, ip, date, summary, detail, systeminfo) values (" . $existing_email['id'] . ", '" . $_SERVER["REMOTE_ADDR"] . "', '" . date('Y-m-d H:i:s') . "', 'Update through osC', '" . $history_detail_text . "', '" . $history_systeminfo_text . "')");
//create history post
$all_lists .= $listName . ', ';
tep_db_list_close();
tep_db_connect();
return '3';
}
}
}
tep_db_list_close();
}