/** * Play back the full stack of template variables to assign them into the template */ protected function play_var_stack() { if (!$this->added_template_vars) { $this->add_template_vars(); } $this->template_engine->clear(); $stack = call_user_func_array('array_merge', $this->var_stack); foreach ($stack as $key => $value) { $this->template_engine->assign($key, $value); } }
// falls Admin-Rechte $isAdmin = 1; } else { $isAdmin = 0; } if ($user != null && $user->checkPermissions(0, 0, 0, 1)) { // falls Orderer-Rechte $isOrderer = 1; } else { $isOrderer = 0; } $LOG = new Log(); $tpl = new TemplateEngine("template/viewProduct.html", "template/frame.html", $lang["orderer_viewProduct"]); $LOG->write('3', 'orderer/viewProduct.php'); $pID = $_GET['pID']; $tpl->assign('ID', $pID); //Produktdaten $product_query = DB_query("SELECT\n\t\t\t\t*\n\t\t\t\tFROM products\n\t\t\t\tWHERE products_id = " . $pID . "\n\t\t\t\tORDER BY sort_order, name\n\t\t\t\t"); $product = DB_fetchArray($product_query); $tpl->assign('name', $product['name']); $tpl->assign('description', $product['description']); //$tpl->assign('sort_order',$product['sort_order']); $tpl->assign('active', $product['active']); // zur Unterscheidung, ob anzeigbar, weiterhin mitliefern $tpl->assign('deleted', $product['deleted']); $tpl->assign('image_small', $product['image_small']); $tpl->assign('image_big', $product['image_big']); $tpl->assign('stock', $product['stock']); $tpl->assign('price', $product['price']); $tpl->assign('user_name', $user->getName()); $tpl->assign('user_lastname', $user->getLastname());
/** * A utility method to load a controller. This method loads the controller * and fetches the contents of the controller into the Controller::$contents * variable if the get_contents parameter is set to true on call. If a controller * doesn't exist in the module path, a ModelController is loaded to help * manipulate the contents of the model. If no model exists in that location, * it is asumed to be a package and a package controller is loaded. * * @param $path The path for the model to be loaded. * @param $get_contents A flag which determines whether the contents of the * controller should be displayed. * @return Controller */ public static function load($path, $get_contents = true) { global $redirectedPackage; global $packageSchema; $controller_path = ""; $controller_name = ""; $redirected = false; $redirect_path = ""; $package_name = ""; $package_main = ""; //Go through the whole path and build the folder location of the system for ($i = 0; $i < count($path); $i++) { $p = $path[$i]; $baseClassName = $package_name . Application::camelize("{$controller_path}/{$p}", "/"); if (file_exists(SOFTWARE_HOME . "app/modules/{$controller_path}/{$p}/{$baseClassName}Controller.php")) { $controller_class_name = $baseClassName . "Controller"; $controller_name = $p; $controller_path .= "/{$p}"; $controller_type = Controller::TYPE_MODULE; add_include_path("app/modules/{$controller_path}/"); break; } else { if (file_exists(SOFTWARE_HOME . "app/modules/{$controller_path}/{$p}/{$p}.php")) { $controller_name = $p; $controller_path .= "/{$p}"; $controller_type = Controller::TYPE_MODULE; break; } else { if (file_exists(SOFTWARE_HOME . "app/modules/{$controller_path}/{$p}/{$baseClassName}Model.php")) { $controller_name = $p; $controller_path .= "/{$p}"; $controller_type = Controller::TYPE_MODEL; break; } else { if (file_exists(SOFTWARE_HOME . "app/modules/{$controller_path}/{$p}/model.xml")) { $controller_name = $p; $controller_path .= "/{$p}"; $controller_type = Controller::TYPE_MODEL; break; } else { if (file_exists(SOFTWARE_HOME . "app/modules/{$controller_path}/{$p}/report.xml")) { $controller_name = $p; $controller_path .= "/{$p}"; $controller_type = Controller::TYPE_REPORT; break; } else { if (file_exists(SOFTWARE_HOME . "app/modules/{$controller_path}/{$p}/package_redirect.php")) { include SOFTWARE_HOME . "app/modules/{$controller_path}/{$p}/package_redirect.php"; $redirected = true; $previousControllerPath = $controller_path . "/{$p}"; $controller_path = ""; $redirectedPackage = $package_path; $packageSchema = $package_schema; } else { if ($redirected === true && file_exists(SOFTWARE_HOME . "{$redirect_path}/{$controller_path}/{$p}/report.xml")) { $controller_name = $p; $controller_path .= "/{$p}"; $controller_type = Controller::TYPE_REPORT; break; } else { if ($redirected === true && file_exists(SOFTWARE_HOME . "{$redirect_path}/{$controller_path}/{$p}/{$baseClassName}Controller.php")) { $controller_class_name = $baseClassName . "Controller"; $controller_name = $p; $controller_path .= "/{$p}"; $controller_type = Controller::TYPE_MODULE; $package_main .= $p; add_include_path("{$redirect_path}/{$controller_path}/"); break; } else { $controller_path .= "/{$p}"; if ($redirected) { $package_main .= "{$p}."; } } } } } } } } } } // Check the type of controller and load it. switch ($controller_type) { case Controller::TYPE_MODULE: // Load a module controller which would be a subclass of this // class if ($controller_class_name == "") { require_once SOFTWARE_HOME . "app/modules{$controller_path}/{$controller_name}.php"; $controller = new $controller_name(); } else { $controller_name = $controller_class_name; $controller = new $controller_class_name(); $controller->redirected = $redirected; $controller->redirectPath = $redirect_path; $controller->redirectedPackage = $package_path; $controller->mainRedirectedPackage = $package_main; $controller->redirectedPackageName = $package_name; } break; case Controller::TYPE_MODEL: // Load the ModelController wrapper around an existing model class. $model = substr(str_replace("/", ".", $controller_path), 1); $controller_name = "ModelController"; $controller = new ModelController($model, $package_path); break; case Controller::TYPE_REPORT: $controller = new XmlDefinedReportController($redirect_path . $controller_path . "/report.xml", $redirected); $controller_name = "XmlDefinedReportController"; break; default: // Load a package controller for this folder if (is_dir("app/modules{$controller_path}")) { $controller = new PackageController($path); $controller_name = "PackageController"; $get_contents = true; $force_output = true; } else { if ($redirected === true && is_dir(SOFTWARE_HOME . "{$redirect_path}/{$controller_path}")) { $controller = new PackageController($path); $controller_name = "PackageController"; $get_contents = true; $force_output = true; } else { $controller = new ErrorController(); $controller_name = "ErrorController"; } } } // If the get contents flag has been set return all the contents of this // controller. $controller->path = $previousControllerPath . $controller_path; if ($get_contents) { if ($i == count($path) - 1 || $force_output) { $ret = $controller->getContents(); } else { if (method_exists($controller, $path[$i + 1])) { $controller_class = new ReflectionClass($controller_name); $method = $controller_class->GetMethod($path[$i + 1]); $ret = $method->invoke($controller, array_slice($path, $i + 2)); } else { $ret = "<h2>Error</h2> Method does not exist. [" . $path[$i + 1] . "]"; } } if (is_array($ret)) { $t = new TemplateEngine(); $t->assign('controller_path', $controller_path); $t->assign($ret["data"]); $controller->content = $t->fetch(isset($ret["template"]) ? $ret["template"] : $path[$i + 1] . ".tpl"); } else { if (is_string($ret)) { $controller->content = $ret; } } } return $controller; }
$sign = $_POST['sign']; $forward = $_POST['camefrom']; $login = loginUser($sign, $password); if ($login && $forward != '') { redirectURI('/admin/' . $forward); } elseif ($login && $forward == '') { redirectURI('/admin/index.php'); } elseif (!$login && $forward != '') { redirectURI('/admin/login.php', 'error=failed&camefrom=' . $forward); } else { redirectURI('/admin/login.php', 'error=failed'); } } } elseif (isset($_GET['action'])) { if ($_GET['action'] == 'logout') { logoutUser(); redirectURI('/admin/index.php'); } } else { if (isset($_GET['camefrom'])) { $tpl->assign('cf', $_GET['camefrom']); } else { $tpl->assign('cf', ''); } if (isset($_GET['error'])) { $tpl->assign('error', $_GET['error']); } else { $tpl->assign('error', ''); } $tpl->display(); }
$basketPID[] = $line['products_id']; $basketProducts[] = $line['name']; $basketSinglePrices[] = $line['price']; $basketSumPrices[] = $line['price'] * $line['count']; $basketSumAll += $line['price'] * $line['count']; } for ($i = 0; $i < count($basketBID); $i++) { // Um zu gewährleisten, dass nur das in der Kasse Angezeigte bestellt wird, und keine Änderungen während des Ansehens in der Kasse berücksichtigt werden $PIDlist .= $basketPID[$i] . ";"; // Liste der ProduktIDs zusammen stellen, die beim Bestellen übergeben wird. $countList .= $basketCount[$i] . ";"; // Liste der Produkt-Anzahlen zusammen stellen, die beim Bestellen übergeben wird. $BIDlist .= $basketBID[$i] . ";"; // Liste der BasketIDs zusammen stellen, die beim Bestellen übergeben wird. } $tpl->assign('basket_array_bid', $basketBID); $tpl->assign('basket_array_count', $basketCount); $tpl->assign('basket_array_pid', $basketPID); $tpl->assign('basket_array_product', $basketProducts); $tpl->assign('basket_array_single_prices', $basketSinglePrices); $tpl->assign('basket_array_sum_prices', $basketSumPrices); $tpl->assign('basket_array_sum_all', $basketSumAll); $tpl->assign('bids', $BIDlist); //CSV $tpl->assign('pids', $PIDlist); //CSV $tpl->assign('counts', $countList); //CSV if ($fehler_kapazitaetKurzVorSpeicherung == 0) { // Wenn nicht bereits obige Fehlerbehandlung greift. // Product.stock checken (über alle potentiellen Bestellungen)
/** * Renders a given smarty template and returns the output as a string. * The template passed to this function could either be a string or a file. * The type of template is specified through the $proto parameter. If a * protocol is not specified the render function reads in a file. * * @param string $template Template string or path to template * @param array $data The data to render the template with. * @param string $proto The type of template. 'file' for files and 'string' for strings. * * @return string */ public static function render($template, $data, $proto = 'file') { $t = new TemplateEngine(); $t->assign($data); return @$t->fetch("{$proto}:" . ($proto === 'file' ? getcwd() . "/" : '') . "{$template}"); }
redirectURI("/admin/login.php", "camefrom=users.php"); } $LOG = new Log(); $tpl = new TemplateEngine("template/editUser.html", "template/frame.html", $lang["admin_users"]); if (isset($_POST['action'])) { $LOG->write('3', 'admin/editUser.php: action set'); if ($_POST['action'] == 'add') { $LOG->write('3', 'admin/editUser.php: action=add'); if ($_POST['password'] == $_POST['repeatPassword']) { addUser(); $LOG->write('2', 'Nutzer ' . mysql_insert_id() . ' hinzugefügt'); redirectURI('/admin/users.php'); } else { // falsche Passwortwiederholung $passwordError = "1"; $tpl->assign('action', 'add'); $tpl->assign('uID', ''); $tpl->assign('password_error', $passwordError); $tpl->assign('name', $_POST['name']); $tpl->assign('lastname', $_POST['lastname']); $tpl->assign('email', $_POST['email']); $tpl->assign('bill_name', $_POST['bill_name']); $tpl->assign('bill_street', $_POST['bill_street']); $tpl->assign('bill_postcode', $_POST['bill_postcode']); $tpl->assign('bill_city', $_POST['bill_city']); $tpl->assign('bill_state', $_POST['bill_state']); $tpl->assign('ship_name', $_POST['ship_name']); $tpl->assign('ship_street', $_POST['ship_street']); $tpl->assign('ship_postcode', $_POST['ship_postcode']); $tpl->assign('ship_city', $_POST['ship_city']); $tpl->assign('ship_state', $_POST['ship_state']);
$isAdmin = 1; } else { $isAdmin = 0; if ($user != null && $user->checkPermissions(0, 0, 0, 1, 1)) { // wenn ORDERER redirectURI("/orderer/index.php"); } if ($user == null || !$user->checkPermissions(1)) { redirectURI("/viewer/index.php"); } } $LOG = new Log(); $tpl = new TemplateEngine("template/viewProduct.html", "template/frame.html", $lang["user_viewProduct"]); $LOG->write('3', 'user/viewProduct.php'); $pID = $_GET['pID']; $tpl->assign('ID', $pID); // In den Warenkorb: if (isset($_POST['action'])) { $action = $_POST['action']; if ($action == "into_basket") { $pid = $_POST['pid']; $uid = $user->getID(); $date = actualDate(); // Product.stock zu der PID der aktuellen Aktion checken $fehlerArray = array(); // für Fehlermeldung, wenn Produktkapazität überschritten $countTry = $_POST['count']; // angeforderte Menge, die in den Warenkorb hinzugefügt werden soll $count = 0; $stock = 0; $name = null;
} else { $isAdmin = 0; if ($user != null && $user->checkPermissions(0, 0, 0, 1, 1)) { // wenn ORDERER redirectURI("/orderer/index.php"); } if ($user == null || !$user->checkPermissions(1)) { redirectURI("/user/login.php", "camefrom=index.php"); } } $LOG = new Log(); $tpl = new TemplateEngine("template/editUser.html", "template/frame.html", $lang["user_users"]); // Warenkorb des Users erstellen $userid = $_SESSION['user']; $basket = restoreUserBasket($userid); $tpl->assign('basket_array_bid', $basket["basket_array_bid"]); $tpl->assign('basket_array_count', $basket["basket_array_count"]); $tpl->assign('basket_array_pid', $basket["basket_array_pid"]); $tpl->assign('basket_array_product', $basket["basket_array_product"]); if (isset($_POST['action'])) { $LOG->write('3', 'user/editUser.php: action set'); // Eigene Einstellungen editieren (mit Passwort) if ($_POST['action'] == 'editSelf') { $LOG->write('3', 'user/editUser.php: action=editSelf'); if ($_POST['password'] == $_POST['repeatPassword']) { editSelfUser(); $LOG->write('2', 'Nutzer ' . $_GET['catID'] . ' bearbeitet'); redirectURI('/user/categories.php'); } else { // falsche Passwortwiederholung $passwordError = "1";
$redirect = urlencode(Application::getLink("/{$_GET["q"]}")); foreach ($_GET as $key => $value) { if ($key == "q") { continue; } $redirect .= urlencode("{$key}={$value}"); } header("Location: " . Application::getLink("/{$authPackage}/login") . "?redirect={$redirect}"); } else { if ($_SESSION["logged_in"] === true) { // Force a password reset if user is logging in for the first time if ($_SESSION["user_mode"] == 2 && $_GET["q"] != "{$authPackage}/login/change_password") { header("Location: " . Application::getLink("/{$authPackage}/login/change_password")); } Application::addJavaScript(Application::getLink(Application::getWyfHome("js/wyf.js"))); $t->assign('username', $_SESSION["user_name"]); $t->assign('firstname', $_SESSION['user_firstname']); $t->assign('lastname', $_SESSION['user_lastname']); if (isset($_GET["notification"])) { $t->assign('notification', "<div id='notification'>" . $_GET["notification"] . "</div>"); } // Load the side menus if (defined('MENU_FILE')) { $menuFile = MENU_FILE; } else { $menuFile = SOFTWARE_HOME . "app/cache/menus/side_menu_{$_SESSION["role_id"]}.html"; } if (file_exists($menuFile)) { $t->assign('side_menu', file_get_contents($menuFile)); } $top_menu_items = explode("/", $_GET["q"]);
if ($user != null && $user->checkPermissions(0, 0, 0, 1, 1)) { // wenn ORDERER redirectURI("/orderer/index.php"); } if ($user == null || !$user->checkPermissions(1)) { redirectURI("/viewer/index.php"); } } $LOG = new Log(); $tpl = new TemplateEngine("template/categories.html", "template/frame.html", $lang["user_categories"]); if (isset($_GET['catID'])) { $requestedCategory = $_GET['catID']; } else { $requestedCategory = 0; } $tpl->assign('catID', $requestedCategory); // Aus Warenkorb löschen: if (isset($_GET['action'])) { if ($_GET['action'] == "removeFromBasket") { $bid = $_GET['bID']; // BasketID $remove_query = DB_query("\t\n\t\t\tDELETE\n\t\t\tFROM basket\n \tWHERE basket_id={$bid}\n\t\t"); } } //Kategorie finden if ($requestedCategory != 0) { $query = DB_query("SELECT\n\t\t\t\t*\n\t\t\t\tFROM categories\n\t\t\t\tWHERE categories_id = " . $requestedCategory); $category = DB_fetchArray($query); $tpl->assign('parent', $category['parent']); } else { $category = null;
redirectURI("/user/login.php", "camefrom=index.php"); } $user = restoreUser(); if ($user != null && $user->checkPermissions(1, 1)) { // falls Admin-Rechte $isAdmin = 1; } else { $isAdmin = 0; } $LOG = new Log(); $tpl = new TemplateEngine("template/viewUser.html", "template/frame.html", $lang["orderer_users"]); // Nutzerdaten einsehen if (isset($_GET['uID'])) { $LOG->write('3', 'orderer/viewUser.php'); $uID = $_GET['uID']; $tpl->assign('uID', $uID); //Alle Daten zum Benutzer $users_query = DB_query("SELECT\n\t\t\t\tname,\n\t\t\t\tlastname,\n\t\t\t\temail,\n\t\t\t\tbill_name,\n\t\t\t\tbill_street,\n\t\t\t\tbill_postcode,\n\t\t\t\tbill_city,\n\t\t\t\tbill_state,\n\t\t\t\tship_name,\n\t\t\t\tship_street,\n\t\t\t\tship_postcode,\n\t\t\t\tship_city,\n\t\t\t\tship_state,\n\t\t\t\tbank_name,\n\t\t\t\tbank_iban,\n\t\t\t\tbank_number,\n\t\t\t\tbank_account\n\t\t\t\tFROM users\n\t\t\t\tWHERE users_id = " . $uID); $userdata = DB_fetchArray($users_query); $tpl->assign('name', $userdata['name']); $tpl->assign('lastname', $userdata['lastname']); $tpl->assign('email', $userdata['email']); $tpl->assign('bill_name', $userdata['bill_name']); $tpl->assign('bill_street', $userdata['bill_street']); $tpl->assign('bill_postcode', $userdata['bill_postcode']); $tpl->assign('bill_city', $userdata['bill_city']); $tpl->assign('bill_state', $userdata['bill_state']); $tpl->assign('ship_name', $userdata['ship_name']); $tpl->assign('ship_street', $userdata['ship_street']); $tpl->assign('ship_postcode', $userdata['ship_postcode']); $tpl->assign('ship_city', $userdata['ship_city']);
redirectURI('/admin/addCategory.php', 'action=edit&catID=' . $_POST['catID'] . '&error=name_error'); } if (!checkInput($_POST['description'], 'string')) { redirectURI('/admin/addCategory.php', 'action=edit&catID=' . $_POST['catID'] . '&error=desc_error'); } if (!checkInput($sort_order, 'int')) { redirectURI('/admin/addCategory.php', 'action=edit&catID=' . $_POST['catID'] . '&error=sort_error'); } DB_query("UPDATE categories SET \n\t\t\t\t\tname='" . $_POST['name'] . "',\n\t\t\t\t\tactive=" . $active . ",\n\t\t\t\t\tdescription='" . $_POST['description'] . "',\n\t\t\t\t\tsort_order=" . $sort_order . "\n\t\t\t\t\tWHERE categories_id=" . $_POST['catID']); $LOG->write('2', 'Kategorie ' . $_GET['catID'] . ' bearbeitet'); redirectURI('/admin/categories.php', 'catID=' . $_POST['parent']); } } elseif ($_GET['action'] == 'edit') { $LOG->write('3', 'admin/addCategory.php: get-action=edit'); $catID = $_GET['catID']; $tpl->assign('catID', $catID); $tpl->assign('action', 'edit'); //Alte Daten zur Kategorie $category_query = DB_query("SELECT\n\t\t\t\t\t*\n\t\t\t\t\tFROM categories\n\t\t\t\t\tWHERE categories_id = " . $catID); $category = DB_fetchArray($category_query); $tpl->assign('name', $category['name']); $tpl->assign('description', $category['description']); $tpl->assign('sort_order', $category['sort_order']); $tpl->assign('active', $category['active']); $tpl->assign('parent', $category['parent']); $tpl->assign('error', $_GET['error']); $tpl->assign('user_name', $user->getName()); $tpl->assign('user_lastname', $user->getLastname()); $tpl->display(); } elseif ($_GET['action'] == 'delete') { $LOG->write('3', 'admin/addCategory.php: get-action=delete');
redirectURI("/user/login.php"); } if ($user != null && $user->checkPermissions(1, 1)) { // falls Admin-Rechte $isAdmin = 1; } else { $isAdmin = 0; } $LOG = new Log(); $tpl = new TemplateEngine("template/categories.html", "template/frame.html", $lang["orderer_categories"]); if (isset($_GET['catID'])) { $requestedCategory = $_GET['catID']; } else { $requestedCategory = 0; } $tpl->assign('catID', $requestedCategory); //Kategorie finden if ($requestedCategory != 0) { $query = DB_query("SELECT\n\t\t\t\t*\n\t\t\t\tFROM categories\n\t\t\t\tWHERE categories_id = " . $requestedCategory); $category = DB_fetchArray($query); $tpl->assign('parent', $category['parent']); } else { $category = null; $tpl->assign('parent', null); } //Kinder finden $children_query = DB_query("SELECT\n\t\t\t\t*\n\t\t\t\tFROM categories\n\t\t\t\tWHERE parent = " . $requestedCategory . "\n\t\t\t\tORDER BY sort_order, name"); $children = array(); while ($line = DB_fetchArray($children_query)) { $list = array("id" => $line['categories_id'], "name" => $line['name'], "active" => $line['active']); $LOG->write('3', "orderer/categories.php:39: " . $list['name']);
/** * A static function for invoking the smarty template engine given the * template and the data variables. * * @param string $template * @param string $data */ public static function render($template, $data) { $t = new TemplateEngine(); $t->assign($data); return $t->fetch("file:/" . getcwd() . "/{$template}"); }
// wenn ORDERER redirectURI("/orderer/index.php"); } if ($user != null && $user->checkPermissions(0, 0, 1)) { // wenn USER redirectURI("/user/index.php"); } } $LOG = new Log(); $tpl = new TemplateEngine("template/categories.html", "template/frame.html", $lang["viewer_categories"]); if (isset($_GET['catID'])) { $requestedCategory = $_GET['catID']; } else { $requestedCategory = 0; } $tpl->assign('catID', $requestedCategory); //Kategorie finden if ($requestedCategory != 0) { $query = DB_query("SELECT\n\t\t\t\t*\n\t\t\t\tFROM categories\n\t\t\t\tWHERE categories_id = " . $requestedCategory); $category = DB_fetchArray($query); $tpl->assign('parent', $category['parent']); } else { $category = null; $tpl->assign('parent', null); } //Kinder finden $children_query = DB_query("SELECT\n\t\t\t\t*\n\t\t\t\tFROM categories\n\t\t\t\tWHERE parent = " . $requestedCategory . "\n\t\t\t\tORDER BY sort_order, name"); $children = array(); while ($line = DB_fetchArray($children_query)) { $list = array("id" => $line['categories_id'], "name" => $line['name'], "active" => $line['active']); $LOG->write('3', "viewer/categories.php:39: " . $list['name']);
$sortorder = $_POST['sort_order']; } DB_query("INSERT INTO products VALUES (\n\t\t\t\t\t0,\n\t\t\t\t\t'" . $_POST['name'] . "',\n\t\t\t\t\t" . $cat . ",\n\t\t\t\t\t0,\n\t\t\t\t\t" . $active . ",\n\t\t\t\t\t'" . $_POST['description'] . "',\n\t\t\t\t\t'" . $image_uri_1 . "',\n\t\t\t\t\t'" . $image_uri_2 . "',\n\t\t\t\t\t'" . $_POST['stock'] . "',\n\t\t\t\t\t'" . $_POST['price'] . "',\n\t\t\t\t\t'" . $createtime . "',\n\t\t\t\t\t" . $sortorder . ")\n\t\t\t\t\t"); $neueID = mysql_insert_id(); DB_query("UPDATE products SET\n\t\t\t\t\tdeleted=1\n\t\t\t\t\twhere products_id=" . $_POST['ID']); // noch in Warenkörben alte IDs zu neuen IDs ändern. DB_query("\n\t\t\tUPDATE basket\n\t\t\tSET products_id = " . $neueID . "\n\t\t\tWHERE products_id = " . $_POST['ID']); $LOG->write('2', 'Produkt ' . $_POST['ID'] . ' geändert, neue ID=' . $neueID); $parent = $cat; //redirectURI('/admin/categories.php'); redirectURI('/admin/categories.php', 'catID=' . $parent); } } elseif ($_GET['action'] == 'edit') { $LOG->write('3', 'admin/addProduct.php: get-action=edit'); $pID = $_GET['pID']; $tpl->assign('ID', $pID); $tpl->assign('action', 'edit'); //Alte Daten zur Kategorie $product_query = DB_query("SELECT\n\t\t\t\t\t*\n\t\t\t\t\tFROM products\n\t\t\t\t\tWHERE products_id = " . $pID); $product = DB_fetchArray($product_query); $tpl->assign('name', $product['name']); $tpl->assign('description', $product['description']); $tpl->assign('sort_order', $product['sort_order']); $tpl->assign('active', $product['active']); $tpl->assign('image_small', $product['image_small']); $tpl->assign('image_big', $product['image_big']); $tpl->assign('stock', $product['stock']); $tpl->assign('price', $product['price']); $tpl->assign('deleted', $product['deleted']); $tpl->assign('error', $_GET['error']); $tpl->assign('user_name', $user->getName());
<?php include '../includes/includes.inc'; include '../includes/startApplication.php'; //include('../includes/functions/verifyadmin.inc'); $user = restoreUser(); if ($user == null || !$user->checkPermissions(0, 0, 0, 1, 1)) { redirectURI("/admin/login.php", "camefrom=orders.php"); } $LOG = new Log(); $tpl = new TemplateEngine("template/orders.html", "template/frame.html", $lang["orderer_orders"]); //Alle Bestellungen finden $orders_query = DB_query("SELECT\n\t\t\t\t*, UNIX_TIMESTAMP(date) AS formated_date\n\t\t\t\tFROM orders\n\t\t\t\tORDER BY date\n\t\t\t"); $orders_list = array(); while ($orders = DB_fetchArray($orders_query)) { $user_query = DB_query("SELECT \n\t\t\t\t\tname,\n\t\t\t\t\tlastname\n\t\t\t\t\tFROM users\n\t\t\t\t\tWHERE users_id = " . $orders['users_id']); $users = DB_fetchArray($user_query); $orders_list[] = array("id" => $orders['orders_id'], "date" => $orders['formated_date'], "items_id" => $orders['order_items_id'], "users_id" => $orders['users_id'], "username" => $users['name'] . " " . $users['lastname'], "shipping_date" => $orders['shipping_date'], "shipped" => $orders['shipped']); } $tpl->assign('orders', $orders_list); $tpl->assign('user_name', $user->getName()); $tpl->assign('user_lastname', $user->getLastname()); $tpl->display();
//include('../includes/functions/verifyadmin.inc'); $user = restoreUser(); if ($user == null || !$user->checkPermissions(1, 1)) { redirectURI("/admin/login.php", "camefrom=editOrder.php"); } $LOG = new Log(); $tpl = new TemplateEngine("template/editOrder.html", "template/frame.html", $lang["admin_orders"]); $order_id = $_GET['id']; if (isset($_POST['ordershipped'])) { $shipping_date = actualDate(); DB_query("UPDATE orders SET\n\t\t\tshipping_date = '" . $shipping_date . "'\n\t\t\tWHERE orders_id = " . $order_id); } //Alle Details zu der Bestellung finden $order_query = DB_query("SELECT\n\t\t\t\t*, UNIX_TIMESTAMP(date) AS formated_date,\n\t\t\t\tUNIX_TIMESTAMP(shipping_date) AS formated_shipping_date\n\t\t\t\tFROM orders\n\t\t\t\tWHERE orders_id = " . $order_id); $order = DB_fetchArray($order_query); $tpl->assign('orderDate', $order['formated_date']); $tpl->assign('shippingDate', $order['formated_shipping_date']); $tpl->assign('orderid', $order_id); $tpl->assign('bill_name', $order['bill_name']); $tpl->assign('bill_street', $order['bill_street']); $tpl->assign('bill_postcode', $order['bill_postcode']); $tpl->assign('bill_city', $order['bill_city']); $tpl->assign('bill_state', $order['bill_state']); $tpl->assign('ship_name', $order['ship_name']); $tpl->assign('ship_street', $order['ship_street']); $tpl->assign('ship_postcode', $order['ship_postcode']); $tpl->assign('ship_city', $order['ship_city']); $tpl->assign('ship_state', $order['ship_state']); $tpl->assign('bank_name', $order['bank_name']); $tpl->assign('bank_iban', $order['bank_iban']); $tpl->assign('bank_number', $order['bank_number']);
$isAdmin = 1; } else { $isAdmin = 0; if ($user != null && $user->checkPermissions(0, 0, 0, 1, 1)) { // wenn ORDERER redirectURI("/orderer/index.php"); } if ($user != null && $user->checkPermissions(0, 0, 1)) { // wenn USER redirectURI("/user/index.php"); } } $LOG = new Log(); $tpl = new TemplateEngine("template/viewProduct.html", "template/frame.html", $lang["viewer_viewProduct"]); $LOG->write('3', 'viewer/viewProduct.php'); $pID = $_GET['pID']; $tpl->assign('ID', $pID); //Produktdaten $product_query = DB_query("SELECT\n\t\t\t\t*\n\t\t\t\tFROM products\n\t\t\t\tWHERE products_id = " . $pID . "\n\t\t\t\tAND deleted = 0\n\t\t\t\tORDER BY sort_order, name\n\t\t\t\t"); $product = DB_fetchArray($product_query); $tpl->assign('name', $product['name']); $tpl->assign('description', $product['description']); //$tpl->assign('sort_order',$product['sort_order']); $tpl->assign('active', $product['active']); // zur Unterscheidung, ob anzeigbar, weiterhin mitliefern $tpl->assign('image_small', $product['image_small']); $tpl->assign('image_big', $product['image_big']); $tpl->assign('stock', $product['stock']); $tpl->assign('price', $product['price']); $tpl->assign('is_admin', $isAdmin); $tpl->display();
/** * 模版传递变量信息 * * @param $var * @param null $value */ protected function assign($var, $value = null) { if (C('TEMPLATE_ENGINE_START')) { parent::assign($var, $value); } else { $this->vars[$var] = $value; } }