/** * get page_id and layout_id to be able to delete propper rows from database * @param string $key_param * @param string $key_value * @return array */ private function _get_layout_ids($key_param, $key_value) { $result = $this->db->query("SELECT p.page_id, pl.layout_id FROM " . $this->db->table("pages") . " p\n\t\t\tINNER JOIN " . $this->db->table("pages_layouts") . " pl ON p.page_id = pl.page_id\n\t\t\tWHERE p.key_param = '" . $this->db->escape($key_param) . "'\n\t\t\tAND p.key_value = '" . (int) $key_value . "'"); if ($result->num_rows) { return $result->row; } return array(); }
/** * @param string $message_id * @param string $language_code * @return string */ public function markViewedANT($message_id, $language_code) { if (!has_value($message_id) || !has_value($language_code)) { return null; } $sql = "UPDATE " . $this->db->table("ant_messages") . " \n\t\t\t\tSET viewed = viewed+1 , viewed_date = NOW() \n\t\t\t\tWHERE id = '" . $this->db->escape($message_id) . "'\n\t\t\t\t\tAND language_code = '" . $this->db->escape($language_code) . "'"; $this->db->query($sql); return $message_id; }
/** * get page_id and layout_id to be able to delete propper rows from database * @param string $key_param * @param string $key_value * @return array */ private function _get_layout_ids($key_param, $key_value) { $result = $this->db->query('SELECT p.page_id, pl.layout_id FROM ' . DB_PREFIX . 'pages p INNER JOIN ' . DB_PREFIX . 'pages_layouts pl ON p.page_id = pl.page_id WHERE p.key_param = "' . $this->db->escape($key_param) . '" AND p.key_value = "' . (int) $key_value . '"'); if ($result->num_rows) { return $result->row; } return array(); }
public function RunSQL($data) { $db = new ADB($data['db_driver'], $data['db_host'], $data['db_user'], $data['db_password'], $data['db_name']); $file = DIR_APP_SECTION . 'abantecart_database.sql'; if ($sql = file($file)) { $query = ''; foreach ($sql as $line) { $tsl = trim($line); if ($sql != '' && substr($tsl, 0, 2) != "--" && substr($tsl, 0, 1) != '#') { $query .= $line; if (preg_match('/;\\s*$/', $line)) { $query = str_replace("DROP TABLE IF EXISTS `ac_", "DROP TABLE IF EXISTS `" . $data['db_prefix'], $query); $query = str_replace("CREATE TABLE `ac_", "CREATE TABLE `" . $data['db_prefix'], $query); $query = str_replace("INSERT INTO `ac_", "INSERT INTO `" . $data['db_prefix'], $query); $query = str_replace("ON `ac_", "ON `" . $data['db_prefix'], $query); $db->query($query); //no silence mode! if error - will throw to exception $query = ''; } } } $db->query("SET CHARACTER SET utf8;"); $db->query("SET @@session.sql_mode = 'MYSQL40';"); $db->query("INSERT INTO `" . $data['db_prefix'] . "users`\n\t\t\t\tSET user_id = '1',\n\t\t\t\t\tuser_group_id = '1',\n\t\t\t\t\temail = '" . $db->escape($data['email']) . "',\n\t\t\t\t username = '******'username']) . "',\n\t\t\t\t password = '******'password'])) . "',\n\t\t\t\t status = '1',\n\t\t\t\t date_added = NOW();"); $db->query("UPDATE `" . $data['db_prefix'] . "settings` SET value = '" . $db->escape($data['email']) . "' WHERE `key` = 'store_main_email'; "); $db->query("UPDATE `" . $data['db_prefix'] . "settings` SET value = '" . $db->escape(HTTP_ABANTECART) . "' WHERE `key` = 'config_url'; "); $db->query("INSERT INTO `" . $data['db_prefix'] . "settings` SET `group` = 'config', `key` = 'install_date', value = NOW(); "); $db->query("UPDATE `" . $data['db_prefix'] . "products` SET `viewed` = '0';"); //process triggers //$this->create_triggers($db, $data['db_name']); //run descructor and close db-connection unset($db); } //clear cache dir in case of reinstall $cache = new ACache(); $cache->remove('*'); }
/** * @param array $data */ protected function _write_missing_definition($data) { $update_data = array(); if ($this->is_admin) { $this->loader->model('localisation/language_definitions'); $model = $this->registry->get('model_localisation_language_definitions'); $model->addLanguageDefinition($data); } else { foreach ($data as $key => $val) { $update_data[$this->db->escape($key)] = $this->db->escape($val); } if (!$this->_is_definition_in_db($update_data)) { $sql = "INSERT INTO " . DB_PREFIX . "language_definitions\n (`" . implode("`, `", array_keys($update_data)) . "`)\n VALUES ('" . implode("', '", $update_data) . "') "; $this->db->query($sql); $this->cache->remove('localization'); $this->cache->remove('storefront_menu'); } } if ($this->registry->get('config')->get('warn_lang_text_missing')) { $this->registry->get('messages')->saveNotice('Missing language definition "' . $data['language_key'] . '" was loaded for "' . $this->available_languages[$this->code]['name'] . '" language', 'Missing language definition with key "' . $data['language_key'] . '" for block "' . $data['block'] . '" was automatically added. Please check this at #admin#rt=localisation/language_definitions to see or change value.'); } }
/** * function build search SQL condition by given condition array * @param array $condition array("column_name"=>string, "operator"=>string,"value"=>string ) * @throws AException * @return string */ private function _buildSQLSearch($condition = array()) { $condition['operator'] = strtoupper($condition['operator']); //check column name $column_id = (int) $this->_getColumnIdByName($condition['column_name']); switch ($this->columnset[$column_id]['dataset_column_type']) { case 'integer': $condition['value'] = (int) $condition['value']; break; case 'float': $condition['value'] = (double) $condition['value']; break; case 'varchar': case 'text': $condition['value'] = !in_array($condition['operator'], array('=', 'LIKE')) ? false : $this->db->escape($condition['value']); $condition['value'] = $condition['operator'] == 'LIKE' ? "%" . $condition['value'] . "%" : $condition['value']; break; case 'boolean': $condition['value'] = !in_array($condition['operator'], array('=', '<>')) ? false : ($condition['value'] ? '1' : '0'); break; case 'timestamp': $date = date_parse($condition['value']); if ($date['errors']) { $condition['value'] = false; } break; default: $condition['value'] = $condition['column_name'] = false; } // if column type is not string and compare is "LIKE" - error if ($condition['operator'] == 'LIKE' && !in_array($this->columnset[$column_id]['dataset_column_type'], array('varchar', 'text'))) { } $operators = array("=", ">", "<", "<>", "LIKE"); if (!$condition['column_name'] || !$column_id || $condition['value'] === false || !in_array($condition['operator'], $operators)) { throw new AException(AC_ERR_LOAD, 'Error: Could not use ' . $condition['operator'] . ' as compare operator in search or check column type!'); } $this->search_condition = " ( dv.dataset_column_id = '" . $column_id . "' AND dv.value_" . $this->columnset[$column_id]['dataset_column_type'] . " " . $condition['operator'] . " '" . $condition['value'] . "') "; return true; }
/** * @param string $type * @param array $tr_details - amount, order_id, transaction_type, description, comments, creator * @return bool */ private function _record_transaction($type, $tr_details) { if (!$this->isLogged()) { return false; } if (!has_value($tr_details['transaction_type']) || !has_value($tr_details['created_by'])) { return false; } if ($type == 'debit') { $amount = 'debit = ' . (double) $tr_details['amount']; } else { if ($type == 'credit') { $amount = 'credit = ' . (double) $tr_details['amount']; } else { return false; } } $this->db->query("INSERT INTO " . $this->db->table("customer_transactions") . "\n \t SET customer_id \t\t= '" . (int) $this->getId() . "',\n \t \torder_id \t\t\t= '" . (int) $tr_details['order_id'] . "',\n \t transaction_type \t= '" . $this->db->escape($tr_details['transaction_type']) . "',\n \t description \t\t= '" . $this->db->escape($tr_details['description']) . "',\n \t comment \t\t\t= '" . $this->db->escape($tr_details['comment']) . "',\n\t\t\t\t\t\t\t" . $amount . ",\n\t\t\t\t\t\t\tsection\t\t\t\t= '" . ((int) $tr_details['section'] ? (int) $tr_details['section'] : 0) . "',\n \t created_by \t\t\t= '" . (int) $tr_details['created_by'] . "',\n \t date_added = NOW()"); $this->cache->delete('balance.' . (int) $this->getId()); if ($this->db->getLastId()) { return true; } return false; }
/** * @param array $data */ public function saveANTMessage($data = array()) { if (!$data || !$data['message_id']) { return; } // need to find message with same id and language. If language not set - find for all // if lanuguage_code is empty it mean that banner shows for all insterface languages $sql = "SELECT *\n\t\t FROM " . DB_PREFIX . "ant_messages\n\t\t WHERE id = '" . $this->db->escape($data['message_id']) . "'\n\t\t " . ($data['language_code'] ? "AND language_code = '" . $this->db->escape($data['language_code']) . "'" : "") . "\n\t\t ORDER BY viewed_date ASC"; $result = $this->db->query($sql); $exists = array(); $viewed = 0; if ($result->num_rows) { foreach ($result->rows as $row) { $exists[] = "'" . $row['id'] . "'"; $viewed += $row['viewed']; $last_view = $row['viewed_date']; } $this->db->query("DELETE FROM " . DB_PREFIX . "ant_messages WHERE id IN (" . implode(",", $exists) . ")"); } $data['end_date'] = !$data['end_date'] || $data['end_date'] == '0000-00-00 00:00:00' ? '2030-01-01' : $data['end_date']; $data['priority'] = !(int) $data['priority'] ? 1 : (int) $data['priority']; $sql = "INSERT INTO " . DB_PREFIX . "ant_messages (`id`,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t`priority`,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t`start_date`,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t`end_date`,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t`viewed_date`,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t`viewed`,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t`title`,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t`description`,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t`html`,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t`url`,\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t`language_code`)\n\t\t\t\tVALUES ('" . $this->db->escape($data['message_id']) . "',\n\t\t\t\t\t\t'" . $this->db->escape($data['priority']) . "',\n\t\t\t\t\t\t'" . $this->db->escape($data['start_date']) . "',\n\t\t\t\t\t\t'" . $this->db->escape($data['end_date']) . "',\n\t\t\t\t\t\t'" . $last_view . "',\n\t\t\t\t\t\t'" . $viewed . "',\n\t\t\t\t\t\t'" . $this->db->escape($data['title']) . "',\n\t\t\t\t\t\t'" . $this->db->escape($data['description']) . "',\n\t\t\t\t\t\t'" . $this->db->escape($data['html']) . "',\n\t\t\t\t\t\t'" . $this->db->escape($data['url']) . "',\n\t\t\t\t\t\t'" . $this->db->escape($data['language_code']) . "')"; $this->db->query($sql); }