function writeLog($log, $errorMessage = null)
{
$conn = sqlConnectDefault();
if (is_null($conn)) {
1;
// make error somewhere
return;
}
if ($log['type'] == "0") {
$insQ = new insertSQL($conn);
$insQ->tableName = "visit_logs";
$insQ->cols = array("date", "url", "catid", "prodid", "ip", "userid");
$insQ->insertData = array(time(), $log['page'], $log['catid'], $log['prodid'], ip2long($_SERVER['REMOTE_ADDR']), $log['user']);
if ($errorMessage) {
$insQ->cols[] = "error";
$insQ->cols[] = "message";
$insQ->insertData[] = "1";
$insQ->insertData[] = $errorMessage;
}
if (!$insQ->executeQuery()) {
1;
}
// make error somewhere
return;
}
}
// $statusMessage = makeStatusMessage(12,"error", "Already logged in.");
// mysqli_close($conn);
// return;
// }
$user = $conn->real_escape_string($_POST["email"]);
$pass = $conn->real_escape_string($_POST["pass"]);
$pass = md5($pass);
$selQ = new selectSQL($conn);
$selQ->select = array("id");
$selQ->tableNames = array("users");
$selQ->where = "user='******'";
if (!$selQ->executeQuery()) {
$statusMessage = $selQ->status;
mysqli_close($conn);
return;
}
if ($selQ->getNumberOfResults() > 0) {
$statusMessage = makeStatusMessage(13, "error");
mysqli_close($conn);
return;
}
$insSQL = new insertSQL($conn);
$insSQL->insertData = array($user, $pass, "0");
$insSQL->cols = array("user", "password", "access");
$insSQL->tableName = "users";
if (!$insSQL->executeQuery()) {
$statusMessage = $insSQL->status;
mysqli_close($conn);
return;
}
include_once 'signin.php';
$statusMessage = makeStatusMessage(26, "succes");
} else {
if (isset($_POST['discountid'])) {
$delQ = new deleteSQL($conn);
$delQ->tableName = "discounts";
$updQ = new updateSQL($conn);
$updQ->update = "userid='" . $conn->real_escape_string($_POST['userid']) . "',categoryid='" . $conn->real_escape_string($_POST['catid']) . "',productid='" . $conn->real_escape_string($_POST['prodid']) . "',flat='" . $conn->real_escape_string($_POST['flat']) . "',percent='" . $conn->real_escape_string($_POST['percent']) . "',minprice='" . $conn->real_escape_string($_POST['minprice']) . "'";
$updQ->where = "id = " . $conn->real_escape_string($_POST['discountid']);
if ($updQ->executeQuery()) {
$statusMessage = makeStatusMessage(46, "success");
} else {
$statusMessage = $updQ->status;
}
} else {
if (isset($_POST['userid'])) {
$insQ = new insertSQL($conn);
$insQ->tableName = "discounts";
$insQ->insertData = array($conn->real_escape_string($_POST['userid']));
$insQ->cols = array("userid");
if (!empty($_POST['catid'])) {
$insQ->insertData[] = $conn->real_escape_string($_POST['catid']);
$insQ->cols[] = "categoryid";
}
if (!empty($_POST['flat'])) {
$insQ->insertData[] = $conn->real_escape_string($_POST['flat']);
$insQ->cols[] = "flat";
}
if (!empty($_POST['percent'])) {
$insQ->insertData[] = $conn->real_escape_string($_POST['percent']);
$insQ->cols[] = "percent";
}
$selQ->joinTypes = array("RIGHT OUTER JOIN");
$selQ->joins = array("u.id = i.userid");
$selQ->where = "u.id='" . $id . "'";
if (!$selQ->executeQuery()) {
$statusMessage = $selQ->status;
mysqli_close($conn);
return;
}
if ($selQ->getNumberOfResults() > 1) {
$statusMessage = $selQ->status;
mysql_close($conn);
return;
}
$row = $selQ->result->fetch_assoc();
if (is_null($row['iid'])) {
$insQ = new insertSQL($conn);
$insQ->insertData = array();
$insQ->cols = array("fname", "lname", "firm", "address", "city", "country", "email", "phone");
foreach ($insQ->cols as $c) {
if (isset($_POST[$c]) && !empty($_POST[$c])) {
$insQ->insertData[] = $conn->real_escape_string($_POST[$c]);
} else {
$insQ->insertData[] = "";
}
}
$insQ->cols[] = "userid";
$insQ->insertData[] = $id;
$insQ->tableName = "user_info";
if ($insQ->executeQuery()) {
$statusMessage = makeStatusMessage(10, "success");
} else {
$selQ->where = "userid = '" . $userid . "'";
if (!$selQ->executeQuery()) {
$statusMessage = $selQ->status;
mysqli_close($conn);
return;
}
if ($selQ->getNumberOfResults() > 0) {
$disQ = new updateSQL($conn);
$disQ->tableName = "delivery_discounts";
$disQ->where = "userid = '" . $userid . "'";
$disQ->update = "type = '" . $type . "'";
if (isset($min)) {
$disQ->update = " AND minprice = '" . $min . "'";
}
} else {
$disQ = new insertSQL($conn);
$disQ->tableName = "delivery_discounts";
$disQ->cols = array("type", "userid");
$disQ->insertData = array($type, $userid);
if (isset($mmin)) {
$disQ->cols[] = "minprice";
$disQ->insertData[] = $min;
}
}
if (!$disQ->executeQuery()) {
$statusMessage = $disQ->status;
mysqli_close($conn);
return;
}
$statusMessage = makeStatusMessage(14, "success");
}
function insCat($conn)
{
require_once 'languageConfig.php';
$insQ = new insertSQL($conn);
$insQ->insertData = array();
$insQ->cols = array();
foreach ($langArr as $l) {
if (isset($_POST['names'][$l])) {
$insQ->insertData[] = $conn->real_escape_string($_POST['names'][$l]);
$insQ->cols[] = "name" . $l;
}
if (isset($_POST['desc'][$l])) {
$insQ->insertData[] = $conn->real_escape_string($_POST['desc'][$l]);
$insQ->cols[] = "desc" . $l;
}
}
if (isset($_POST['imgUrl'])) {
$insQ->insertData[] = $conn->real_escape_string($_POST['imgUrl']);
$insQ->cols[] = "imgurl";
}
if (isset($_POST['parentid'])) {
$insQ->insertData[] = $conn->real_escape_string($_POST['parentid']);
$insQ->cols[] = "parentid";
}
$insQ->tableName = "categories";
if (!$insQ->executeQuery()) {
$statusMessage = $insQ->status;
} else {
$selQid = new selectSQL($conn);
$selQid->where = "";
foreach ($langArr as $l) {
if (isset($_POST['names'][$l])) {
$selQid->where = "name" . $l . " = '" . $conn->real_escape_string($_POST['names'][$l]) . "' OR ";
}
}
$selQid->where = substr($selQid->where, 0, -4);
$selQid->order = "id DESC";
$selQid->tableNames = array("categories");
$selQid->select = array("id");
if (!$selQid->executeQuery()) {
$statusMessage = $selQid->status;
} else {
$row = $selQid->result->fetch_assoc();
$catid = $row['id'];
$selQ = new selectSQL($conn);
$selQ->select = array("name", "langDependant");
$selQ->tableNames = array("properties");
$tmp = array();
foreach ($_POST['fid'] as $f) {
$tmp[] = $conn->real_escape_string($f);
}
$selQ->where = "id IN (" . arrToQueryString($tmp, null) . ")";
if (!$selQ->executeQuery() or $selQ->getNumberOfResults() == 0) {
$statusMessage = makeStatusMessage(53, "error");
} else {
$propsDef = array();
$propsLang = array();
while ($row = $selQ->result->fetch_assoc()) {
if ($row['langDependant']) {
$propsLang[] = $row['name'];
} else {
$propsDef[] = $row['name'];
}
}
$ctQ = new createTableSQL($conn);
$ctQ->cols = array();
$ctQ->cols[] = "infoid";
$ctQ->colTypes = array();
$ctQ->colTypes[] = "int(11) NOT NULL";
$ctQ->name = "products_" . $catid;
if (count($propsDef)) {
foreach ($propsDef as $pr) {
$ctQ->cols[] = $pr;
$ctQ->colTypes[] = "varchar(40) COLLATE utf8_unicode_ci DEFAULT NULL";
}
if (!$ctQ->executeQuery()) {
$statusMessage = $ctQ->status;
mysqli_close($conn);
return;
}
}
if (count($propsLang)) {
foreach ($langArr as $l) {
unset($ctQ->cols);
$ctQ->cols[] = "infoid";
unset($ctQ->colTypes);
$ctQ->colTypes[] = "int(11) NOT NULL";
$ctQ->name = "products_" . $catid . "_" . $l;
foreach ($propsLang as $pr) {
$ctQ->cols[] = $pr . $l;
$ctQ->colTypes[] = "varchar(40) COLLATE utf8_unicode_ci DEFAULT NULL";
}
if (!$ctQ->executeQuery()) {
$GLOBALS['statusMessage'] = $ctQ->status;
mysqli_close($conn);
return;
}
}
}
$insQ = new insertSQL($conn);
$insQ->cols = array("catid", "propid");
$insQ->tableName = "props_to_prods";
foreach ($_POST['fid'] as $f) {
$insQ->insertData = array($catid, $conn->real_escape_string($f));
if (!$insQ->executeQuery()) {
$resultAddProps = true;
}
}
if (isset($resultAddProps)) {
$statusMessage = makeStatusMessage(103, "error");
} else {
$statusMessage = makeStatusMessage(11, "success");
}
}
}
}
$GLOBALS['statusMessage'] = $statusMessage;
}
function insProd($conn)
{
$catid = $conn->real_escape_string($_POST['catid']);
require_once 'languageConfig.php';
$arr = getPropsForCat($conn, $catid, null, $langArr);
if (!$arr) {
return;
}
$propNamesDef = $arr['propNamesDef'];
$propNamesDefld = $arr['propNamesDefld'];
$propNames = $arr['propNames'];
$propNamesld = $arr['propNamesld'];
$insQdef = new insertSQL($conn);
$insQdef->tableName = "products";
$insQdef->cols = array();
$insQdef->insertData = array();
foreach ($propNamesDef as $p) {
if (isset($_POST[$p])) {
$insQdef->cols[] = $p;
$insQdef->insertData[] = $conn->real_escape_string($_POST[$p]);
}
}
foreach ($propNamesDefld as $p) {
foreach ($langArr as $l) {
if (isset($_POST[$p][$l])) {
$insQdef->cols[] = $p . $l;
$insQdef->insertData[] = $conn->real_escape_string($_POST[$p][$l]);
}
}
}
if (!$insQdef->executeQuery()) {
$GLOBALS['statusMessage'] = $insQdef->status;
return;
}
$selQProp = new selectSQL($conn);
$selQProp->tableNames = array("products");
$selQProp->select = array("id");
$selQProp->order = "id DESC";
if (!$selQProp->executeQuery()) {
$GLOBALS['statusMessage'] = $selQProp->status;
return;
}
$tmp = $selQProp->result->fetch_assoc();
$infoID = $tmp['id'];
if (count($propNames)) {
$insQ = new insertSQL($conn);
$insQ->tableName = "products_" . $catid;
$insQ->cols = array();
$insQ->cols[] = "infoid";
$insQ->insertData = array();
$insQ->insertData[] = $infoID;
foreach ($propNames as $pn) {
$tmpArr = explode(" as ", $pn);
}
//0 is what to insert, 1 is what to listen for
$tmpArr[1] = str_replace(" ", "_", trim($tmpArr[1], "`"));
if (isset($_POST[$tmpArr[1]])) {
$insQ->cols[] = $tmpArr[0];
$insQ->insertData[] = $conn->real_escape_string($_POST[$tmpArr[1]]);
}
if (!$insQ->executeQuery()) {
$GLOBALS['statusMessage'] = $insQ->status;
return;
}
}
if (count($propNamesld)) {
foreach ($langArr as $l) {
$insQld = new insertSQL($conn);
$insQld->tableName = "products_" . $catid . "_" . $l;
$insQld->cols = array("infoid");
$insQld->insertData = array($infoID);
foreach ($propNamesld as $p) {
$tmpArr = explode(" as ", $p);
}
//0 is what to insert, 1 is what to listen for
$tmpArr[1] = str_replace(" ", "_", trim($tmpArr[1], "`"));
if (isset($_POST[$tmpArr[1]][$l])) {
$insQld->cols[] = $tmpArr[0] . $l;
$insQld->insertData[] = $conn->real_escape_string($_POST[$tmpArr[1]][$l]);
}
if (!$insQld->executeQuery()) {
$GLOBALS['statusMessage'] = $insQld->status;
return;
}
}
}
$GLOBALS['statusMessage'] = makeStatusMessage(12, "success");
}
