function cw_clean_url_adjust($string)
{
if (!is_string($string)) {
return NULL;
}
$string = trim($string);
if (zerolen($string)) {
return '';
}
//$string = str_replace("'",'',$string);
$string = preg_replace('/\\&(?!#[0-9]+;)(?!#x[0-9a-f]+;)/', '-and-', preg_replace('/\\&/', '-and-', $string));
return preg_replace('/-$/', '', preg_replace('/[-]+/', '-', preg_replace('/[^a-zA-Z0-9._-]/', '-', $string)));
}
}
}
}
db_free_result($result);
break;
}
if (!zerolen($image_path) && !is_url($image_path)) {
if (!file_exists($image_path) || !is_readable($image_path)) {
$image_path = "";
} elseif ($config['setup_images'][$type]['md5_check'] == 'Y') {
$image_md5 = md5_file($image_path);
}
}
if (!zerolen($image_path) && $config['setup_images'][$type]['md5_check'] == 'Y' && $image_md5 !== $md5) {
$image_path = "";
}
}
if (zerolen($image_path)) {
# when image is not available, use the "default image"
$type = $orig_type;
$image_path = cw_get_default_image($type);
$tmp = cw_get_image_size($image_path);
$image_size = $tmp[0];
$image_type = empty($tmp[3]) ? "image/gif" : $tmp[3];
}
header("Content-Type: " . $image_type);
if ($image_size > 0) {
header("Content-Length: " . $image_size);
}
cw_readfile($image_path, true);
exit;
if (!zerolen($fileurl)) {
if (strpos($fileurl, "/") === 0) {
$fileurl = $http_location . $fileurl;
} elseif (!is_url($fileurl)) {
$fileurl = "http://" . $fileurl;
}
$tmp['file_path'] = $fileurl;
$tmp['is_copied'] = false;
$tmp['source'] = 'U';
$data[] = $tmp;
}
}
}
if (is_array($data)) {
foreach ($data as $k => $val) {
if (isset($val['file_path']) && !cw_is_allowed_file($val['file_path']) || !isset($val['file_path']) || zerolen($val['file_path'])) {
if ($val['is_copied']) {
@unlink($val['file_path']);
}
unset($data[$k]);
continue;
}
list($val['file_size'], $val['image_x'], $val['image_y'], $val['image_type']) = cw_get_image_size($val['file_path']);
if ($val['file_size'] == 0) {
if ($data['is_copied']) {
unlink($val['file_path']);
}
unset($data[$k]);
continue;
}
if (!isset($val['filename'])) {
function smarty_modifier_escape($string, $esc_type = 'html', $char_set = 'ISO-8859-1')
{
if (zerolen($string)) {
return $string;
}
switch ($esc_type) {
case 'html':
if (phpversion() >= '4.1.0') {
return htmlspecialchars($string, ENT_QUOTES, $char_set);
} else {
return htmlspecialchars($string, ENT_QUOTES);
}
case 'htmlall':
if (phpversion() >= '4.1.0') {
return htmlentities($string, ENT_QUOTES, $char_set);
} else {
return htmlentities($string, ENT_QUOTES);
}
case 'url':
return rawurlencode($string);
case 'urlpathinfo':
return str_replace('%2F', '/', rawurlencode($string));
case 'quotes':
return preg_replace("/(?<!\\\\)'/Ss", "\\'", $string);
case 'hex':
$s = '%';
case 'hexentity':
if (!$s) {
$s = '&#x';
}
case 'decentity':
if (!$s) {
$s = '&#';
}
$f = $esc_type == 'decentity' ? "ord" : "bin2hex";
$l = strlen($string);
$return = '';
for ($x = 0; $x < $l; $x++) {
$return .= $s . $f(substr($string, $x, 1)) . ';';
}
return $return;
case 'javascript':
return strtr($string, array('\\' => '\\\\', "'" => "\\'", '"' => '\\"', "\r" => '\\r', "\n" => '\\n', '</' => '<\\/'));
case 'json':
// kornev, we don't need "'"=>"\\'", for json - it will work fine when we are quote it this way "test ' test"
return strtr($string, array('\\' => '\\\\', '"' => '\\"', "\r" => '', "\n" => '', '</' => '<\\/', "\t" => ' '));
case 'clear':
return strtr($string, array("'" => "", '"' => '', "\r" => '', "\n" => ''));
case 'mail':
return strtr($string, array('@', '.'), array(' [AT] ', ' [DOT] '));
case 'nonstd':
$return = '';
$l = strlen($string);
for ($i = 0; $i < $l; $i++) {
$symbol = substr($string, $i, 1);
$ord = ord($symbol);
$return .= $ord >= 126 ? '&#' . $ord . ';' : $symbol;
}
return $return;
case 'tooltip':
return strip_tags($string);
}
return $string;
}
function cw_image_delete_all($type = '', $where = '')
{
global $available_images, $tables, $app_dir;
if (!isset($available_images[$type])) {
return false;
}
if (!empty($where)) {
$where = " where " . $where;
}
$_table = $tables[$type];
if (cw_query_first_cell("select count(*) from " . $_table . $where) == 0) {
return false;
}
$res = db_query("SELECT image_id, image_path, filename FROM " . $_table . $where);
if ($res) {
cw_load('image');
$img_dir = cw_image_dir($type) . "/";
while ($v = db_fetch_array($res)) {
if (!zerolen($v['image_path']) && is_url($v['image_path'])) {
continue;
}
$image_path = $v['image_path'];
if (zerolen($image_path)) {
$image_path = cw_relative_path($img_dir . $v['filename']);
}
$is_found = false;
# check other types
foreach ($available_images as $k => $i) {
$is_found = cw_query_first_cell("select count(*) from " . $tables[$k] . " where image_path='" . addslashes($image_path) . "'" . ($k == $type ? " AND image_id != '{$v['image_id']}'" : "")) > 0;
if ($is_found) {
break;
}
}
if (!$is_found && file_exists($image_path)) {
@unlink($image_path);
if ($type == 'products_images_thumb') {
cw_rm_dir($img_dir . '/' . $v['image_id']);
}
}
}
db_free_result($res);
}
db_query("delete from " . $_table . $where);
return true;
}
}
if ($for_replace) {
$xcart_web_dir = preg_replace("/" . preg_quote($for_replace, "/") . "\$/", "", $xcart_web_dir);
}
}
$_tmp = @parse_url($https_location);
$xcart_https_host = $_tmp["host"];
unset($_tmp);
$_tmp = @parse_url($http_location);
$xcart_http_host = $_tmp["host"];
unset($_tmp);
#
# Create URL
#
$request_uri_info = @parse_url($REQUEST_URI);
$php_url = array("url" => "http" . ($HTTPS ? "s://" . $xcart_https_host : "://" . $xcart_http_host) . (!zerolen($request_uri_info['path']) ? $request_uri_info['path'] : $PHP_SELF), "query_string" => $QUERY_STRING);
#
# Check internal temporary directories
#
$var_dirs_rules = array("cache" => array(".htaccess" => "<Files \"*.js\">\nAllow from all\n</Files>\n"));
foreach ($var_dirs as $k => $v) {
if (!file_exists($v) || !is_dir($v)) {
@unlink($v);
func_mkdir($v);
}
if (!is_writable($v) || !is_dir($v)) {
$dir_info = $display_critical_errors ? $v : "";
func_show_error_page("Cannot write data to the temporary directory {$dir_info}", "Please check if it exists, and has writable permissions.");
}
if (!empty($var_dirs_rules[$k]) && is_array($var_dirs_rules[$k])) {
foreach ($var_dirs_rules[$k] as $f => $c) {
function cw_shipper_USPS($weight, $customer_id, $address, $debug, $cart)
{
global $config, $tables, $current_language;
$USPS_username = $config['Shipping']['USPS_username'];
$USPS_password = $config['Shipping']['USPS_password'];
$USPS_servername = $config['Shipping']['USPS_servername'];
$use_usps_https = false;
if (empty($USPS_username) || empty($USPS_servername)) {
return;
}
$USPS_FOUND = false;
if (is_array($allowed_shipping_methods)) {
foreach ($allowed_shipping_methods as $key => $value) {
if ($value['code'] == "USPS") {
$USPS_FOUND = true;
break;
}
}
}
if (!$USPS_FOUND) {
return;
}
cw_load('http', 'xml');
$pounds = 0;
$ounces = ceil(round(cw_weight_in_grams($weight) / 28.35, 3));
if ($ounces < 1) {
$ounces = 1;
}
$mailtype = $params['param00'];
$package_size = $params['param01'];
$machinable = $params['param02'];
$container_express = $params['param03'];
$container_priority = $params['param04'];
if (!empty($container_express) && $container_express != 'None') {
$container_express = "<Container>" . $container_express . "</Container>";
} else {
$container_express = "";
}
if (!empty($container_priority) && $container_priority != 'None') {
$container_priority = "<Container>" . $container_priority . "</Container>";
} else {
$container_priority = "";
}
if ($address['country'] == 'PR' || $address['country'] == 'GU' || $address['country'] == 'VI') {
$address['country'] = 'US';
}
$dst_country = USPS_get_country($address['country']);
if (empty($dst_country)) {
$dst_country = cw_query_first_cell("SELECT value FROM {$tables['languages']} WHERE name = 'country_" . $address['country'] . "' AND code = '{$current_language}'");
}
$USPS_file = $USPS_servername == "testing.shippingapis.com" ? "/ShippingAPITest.dll" : "/ShippingAPI.dll";
$hash = array();
if ($address['country'] != $config['Company']['country']) {
# International shipping
$query = <<<EOT
<IntlRateRequest USERID="{$USPS_username}" PASSWORD="******">
<Package ID="0">
<Pounds>{$pounds}</Pounds>
<Ounces>{$ounces}</Ounces>
<MailType>{$mailtype}</MailType>
<Country>{$dst_country}</Country>
</Package>
</IntlRateRequest>
EOT;
$md5_request = md5($query);
if (cw_is_shipping_result_in_cache($md5_request) && $debug != "Y") {
$rates = cw_get_shipping_result_from_cache($md5_request);
return;
}
if ($use_usps_https) {
$post = array("API=IntlRate", "XML=" . urlencode($query));
list($header, $result) = cw_https_request("GET", "https://" . $USPS_servername . ":443" . $USPS_file . "?API=IntlRate&XML=" . urlencode($query));
} else {
list($header, $result) = cw_http_get_request($USPS_servername, $USPS_file, "API=IntlRate&XML=" . urlencode($query));
}
$xml = cw_xml_parse($result, $err);
# Get <Error> elemenet
$err = cw_array_path($xml, "IntlRateResponse/Package/Error");
if (empty($err)) {
# Get <Service> elements
$packages = cw_array_path($xml, "IntlRateResponse/Package/Service");
if (!empty($packages) && is_array($packages)) {
foreach ($packages as $p) {
# Get shipping method name
$sname = cw_array_path($p, "SvcDescription/0/#");
# Get rate
$rate = cw_array_path($p, "Postage/0/#");
# Get comment
#$comment = cw_array_path($p, "SvcCommitments/0/#");
if (empty($sname) || zerolen($rate)) {
continue;
}
# Define shipping method
$is_found = false;
foreach ($allowed_shipping_methods as $sm) {
if ($sm['code'] == "USPS" && $sm['destination'] == "I" && preg_match("/^" . preg_quote($sm['shipping'], "/") . "/S", "USPS " . $sname)) {
if (!in_array($sm['subcode'], $hash)) {
$rates[] = array("methodid" => $sm['subcode'], "rate" => $rate, "warning" => "");
$hash[] = $sm['subcode'];
}
$is_found = true;
break;
}
}
if (!$is_found) {
# Add new shipping method
cw_add_new_smethod("USPS " . $sname, "USPS", array("destination" => "I"));
}
}
if ($debug != "Y") {
cw_save_shipping_result_to_cache($md5_request, $rates);
}
}
}
} else {
# Domestic shipping
$ZO = $config['Company']['zipcode'];
$ZD = $address['zipcode'];
$query = <<<EOT
<RateV2Request USERID="{$USPS_username}">
\t<Package ID="0">
\t\t<Service>EXPRESS</Service>
\t\t<ZipOrigination>{$ZO}</ZipOrigination>
\t\t<ZipDestination>{$ZD}</ZipDestination>
\t\t<Pounds>{$pounds}</Pounds>
\t\t<Ounces>{$ounces}</Ounces>
\t\t{$container_express}
\t\t<Size>{$package_size}</Size>
\t</Package>
\t<Package ID="1">
\t\t<Service>FIRST CLASS</Service>
\t\t<ZipOrigination>{$ZO}</ZipOrigination>
\t\t<ZipDestination>{$ZD}</ZipDestination>
\t\t<Pounds>{$pounds}</Pounds>
\t\t<Ounces>{$ounces}</Ounces>
\t\t<Container>None</Container>
\t\t<Size>{$package_size}</Size>
\t</Package>
\t<Package ID="2">
\t\t<Service>PRIORITY</Service>
\t\t<ZipOrigination>{$ZO}</ZipOrigination>
\t\t<ZipDestination>{$ZD}</ZipDestination>
\t\t<Pounds>{$pounds}</Pounds>
\t\t<Ounces>{$ounces}</Ounces>
\t\t{$container_priority}
\t\t<Size>{$package_size}</Size>
\t</Package>
\t<Package ID="3">
\t\t<Service>PARCEL</Service>
\t\t<ZipOrigination>{$ZO}</ZipOrigination>
\t\t<ZipDestination>{$ZD}</ZipDestination>
\t\t<Pounds>{$pounds}</Pounds>
\t\t<Ounces>{$ounces}</Ounces>
\t\t<Container>None</Container>
\t\t<Size>{$package_size}</Size>
\t\t<Machinable>{$machinable}</Machinable>
\t</Package>
\t<Package ID="4">
\t\t<Service>BPM</Service>
\t\t<ZipOrigination>{$ZO}</ZipOrigination>
\t\t<ZipDestination>{$ZD}</ZipDestination>
\t\t<Pounds>{$pounds}</Pounds>
\t\t<Ounces>{$ounces}</Ounces>
\t\t<Container>None</Container>
\t\t<Size>{$package_size}</Size>
\t</Package>
\t<Package ID="5">
\t\t<Service>LIBRARY</Service>
\t\t<ZipOrigination>{$ZO}</ZipOrigination>
\t\t<ZipDestination>{$ZD}</ZipDestination>
\t\t<Pounds>{$pounds}</Pounds>
\t\t<Ounces>{$ounces}</Ounces>
\t\t<Container>None</Container>
\t\t<Size>{$package_size}</Size>
\t</Package>
\t<Package ID="6">
\t\t<Service>MEDIA</Service>
\t\t<ZipOrigination>{$ZO}</ZipOrigination>
\t\t<ZipDestination>{$ZD}</ZipDestination>
\t\t<Pounds>{$pounds}</Pounds>
\t\t<Ounces>{$ounces}</Ounces>
\t\t<Container>None</Container>
\t\t<Size>{$package_size}</Size>
\t</Package>
</RateV2Request>
EOT;
$md5_request = md5($query);
if (cw_is_shipping_result_in_cache($md5_request) && $debug != "Y") {
$rates = cw_get_shipping_result_from_cache($md5_request);
return;
}
if ($use_usps_https) {
$post = array("API=RateV2", "XML=" . urlencode($query));
list($header, $result) = cw_https_request("GET", "https://" . $USPS_servername . ":443" . $USPS_file . "?API=RateV2&XML=" . urlencode($query));
} else {
list($header, $result) = cw_http_get_request($USPS_servername, $USPS_file, "API=RateV2&XML=" . urlencode($query));
}
$xml = cw_xml_parse($result, $err);
# Get <Package> elements
$packages = cw_array_path($xml, "RateV2Response/Package");
if (is_array($packages)) {
foreach ($packages as $p) {
# Get <Error> element
$err = cw_array_path($p, "Error");
if (!empty($err)) {
continue;
}
# Get shipping method name
$sname = cw_array_path($p, "Postage/MailService/0/#");
# Get rate
$rate = cw_array_path($p, "Postage/Rate/0/#");
if (empty($sname) || zerolen($rate)) {
continue;
}
# Define shipping method
$is_found = false;
foreach ($allowed_shipping_methods as $sm) {
if ($sm['code'] == "USPS" && $sm['destination'] == "L" && preg_match("/^" . preg_quote($sm['shipping'], "/") . "/S", "USPS " . $sname)) {
if (!in_array($sm['subcode'], $hash)) {
$rates[] = array("methodid" => $sm['subcode'], "rate" => $rate, "warning" => "");
$hash[] = $sm['subcode'];
}
$is_found = true;
break;
}
}
if (!$is_found) {
# Add new shipping method
cw_add_new_smethod("USPS " . $sname, "USPS", array("destination" => "L"));
}
}
if ($debug != "Y") {
cw_save_shipping_result_to_cache($md5_request, $rates);
}
}
// if (is_array($packages))
}
}
