/**
* Updates a Vendor Category
*
* @param array $d
* @return boolean
*/
function update(&$d)
{
$db = new ps_DB();
if (!$this->validate_update($d)) {
return False;
}
$fields = array('vendor_category_name' => $d["vendor_category_name"], 'vendor_category_desc' => $d["vendor_category_desc"]);
$db->buildQuery('UPDATE', '#__{vm}_vendor_category', $fields, ' WHERE vendor_category_id=' . (int) $d["vendor_category_id"]);
$res = $db->query();
if ($res !== false) {
$GLOBALS['vmLogger']->info('The Vendor Category has been updated.');
return true;
}
$GLOBALS['vmLogger']->err('Failed to update the Vendor Category.');
return false;
}
/**
* updates Parameter information
* @author Zdenek Dvorak
* @param array $d
* @return boolean
*/
function update_parameter(&$d)
{
$db = new ps_DB();
if ($this->validate_update_parameter($d)) {
if ($d["parameter_old_type"] == "B") {
// delete record and call add_parameter()
$q = "DELETE FROM #__{vm}_product_type_parameter WHERE product_type_id='" . $d["product_type_id"] . "' ";
$q .= "AND parameter_name='" . $db->getEscaped(vmGet($d, 'parameter_name')) . "'";
$db->setQuery($q);
$db->query();
return $this->add_parameter($d);
}
// added for custom parameter modification
// strips the trailing semi-colon from an values
if (';' == substr($d["parameter_values"], strlen($d["parameter_values"]) - 1, 1)) {
$d["parameter_values"] = substr($d["parameter_values"], 0, strlen($d["parameter_values"]) - 1);
}
if (empty($d["parameter_multiselect"])) {
$d["parameter_multiselect"] = "N";
}
// delete "\n" from field parameter_description
$d["parameter_description"] = str_replace("\r\n", "", $d["parameter_description"]);
$d["parameter_description"] = str_replace("\n", "", $d["parameter_description"]);
$fields = array('parameter_name' => vmGet($d, 'parameter_name'), 'parameter_label' => vmGet($d, 'parameter_label'), 'parameter_description' => vmGet($d, 'parameter_description'), 'parameter_list_order' => vmRequest::getInt('list_order'), 'parameter_type' => vmGet($d, 'parameter_type'), 'parameter_values' => vmGet($d, 'parameter_values'), 'parameter_multiselect' => vmGet($d, 'parameter_multiselect'), 'parameter_default' => vmGet($d, 'parameter_default'), 'parameter_unit' => vmGet($d, 'parameter_unit'));
$db->buildQuery('UPDATE', '#__{vm}_product_type_parameter', $fields, "WHERE `product_type_id`='" . $d["product_type_id"] . "' AND `parameter_name`='" . $db->getEscaped(vmGet($d, 'parameter_old_name')) . "'");
$db->query();
/* Re-Order the Parameter table IF the list_order has been changed */
if (intval($d['list_order']) != intval($d['currentpos'])) {
$dbu = new ps_DB();
/* Moved UP in the list order */
if (intval($d['list_order']) < intval($d['currentpos'])) {
$q = "SELECT product_type_id,parameter_name FROM #__{vm}_product_type_parameter WHERE ";
$q .= "product_type_id=' " . $d["product_type_id"];
$q .= "' AND parameter_name <> '" . $db->getEscaped(vmGet($d, 'parameter_name'));
$q .= "' AND parameter_list_order >= '" . intval($d["list_order"]) . "'";
$db->query($q);
while ($db->next_record()) {
$dbu->query("UPDATE #__{vm}_product_type_parameter SET parameter_list_order=parameter_list_order+1 WHERE product_type_id='" . $db->f("product_type_id") . "' AND parameter_name='" . $db->f("parameter_name") . "'");
}
} else {
$q = "SELECT product_type_id,parameter_name FROM #__{vm}_product_type_parameter WHERE ";
$q .= "product_type_id='" . $d["product_type_id"];
$q .= "' AND parameter_name <> '" . $db->getEscaped(vmGet($d, 'parameter_name'));
$q .= "' AND parameter_list_order > '" . intval($d["currentpos"]);
$q .= "' AND parameter_list_order <= '" . intval($d["list_order"]) . "'";
$db->query($q);
while ($db->next_record()) {
$dbu->query("UPDATE #__{vm}_product_type_parameter SET parameter_list_order=parameter_list_order-1 WHERE product_type_id='" . $db->f("product_type_id") . "' AND parameter_name='" . $db->f("parameter_name") . "'");
}
}
}
/* END Re-Ordering */
if ($d["parameter_type"] != "B") {
// != Break Line
// Delete old index
$q = "ALTER TABLE `#__{vm}_product_type_";
$q .= $d["product_type_id"] . "` DROP INDEX `idx_product_type_" . $d["product_type_id"] . "_";
$q .= $db->getEscaped(vmGet($d, 'parameter_old_name')) . "`;";
$db->setQuery($q);
$db->query();
// Update column in table product_type_<id>
$q = "ALTER TABLE `#__{vm}_product_type_";
$q .= $d["product_type_id"] . "` CHANGE `";
$q .= $db->getEscaped(vmGet($d, 'parameter_old_name')) . "` `";
$q .= $db->getEscaped(vmGet($d, 'parameter_name')) . "` ";
switch ($d["parameter_type"]) {
case "I":
$q .= "int(11) ";
break;
// Integer
// Integer
case "T":
$q .= "text ";
break;
// Text
// Text
case "S":
$q .= "varchar(255) ";
break;
// Short Text
// Short Text
case "F":
$q .= "float ";
break;
// Float
// Float
case "C":
$q .= "char(1) ";
break;
// Char
// Char
case "D":
$q .= "datetime ";
break;
// Date & Time
// Date & Time
case "A":
$q .= "date ";
break;
// Date
// Date
case "V":
$q .= "varchar(255) ";
break;
// Multiple Value
// Multiple Value
case "M":
$q .= "time ";
break;
// Time
// Time
default:
$q .= "varchar(255) ";
// Default type Short Text
}
if ($d["parameter_default"] != "" && $d["parameter_type"] != "T") {
$q .= "DEFAULT '" . $db->getEscaped(vmGet($d, 'parameter_default')) . "' NOT NULL;";
}
$db->setQuery($q);
$db->query();
// Make index for this column
if ($d["parameter_type"] == "T") {
$q = "ALTER TABLE `#__{vm}_product_type_";
$q .= $d["product_type_id"] . "` ADD FULLTEXT `idx_product_type_" . $d["product_type_id"] . "_";
$q .= $d["parameter_name"] . "` (`" . $db->getEscaped(vmGet($d, 'parameter_name')) . "`);";
$db->setQuery($q);
$db->query();
} else {
$q = "ALTER TABLE `#__{vm}_product_type_";
$q .= $d["product_type_id"] . "` ADD KEY `idx_product_type_" . $d["product_type_id"] . "_";
$q .= $db->getEscaped(vmGet($d, 'parameter_name')) . "` (`" . $db->getEscaped(vmGet($d, 'parameter_name')) . "`);";
$db->setQuery($q);
$db->query();
}
}
return True;
} else {
return False;
}
}
/**
* Updates a Vendor (and the Store) Record
*
* @param array $d
* @return boolean
*/
function update(&$d)
{
global $vendor_currency, $VM_LANG;
$db = new ps_DB();
$timestamp = time();
if (!$this->validate_update($d)) {
return False;
}
if (!vmImageTools::process_images($d)) {
return false;
}
foreach ($d as $key => $value) {
if (!is_array($value)) {
$d[$key] = addslashes($value);
}
}
$d['display_style'][1] = ps_vendor::checkCurrencySymbol($d['display_style'][1]);
$d['display_style'] = implode("|", $d['display_style']);
if (empty($d['vendor_accepted_currencies'])) {
$d['vendor_accepted_currencies'] = array($vendor_currency);
}
$fields = array('vendor_name' => $d["vendor_name"], 'contact_last_name' => $d["contact_last_name"], 'contact_first_name' => $d["contact_first_name"], 'contact_middle_name' => $d["contact_middle_name"], 'contact_title' => $d["contact_title"], 'contact_phone_1' => $d["contact_phone_1"], 'contact_phone_2' => $d["contact_phone_2"], 'contact_fax' => $d["contact_fax"], 'contact_email' => $d["contact_email"], 'vendor_phone' => $d["vendor_phone"], 'vendor_address_1' => $d["vendor_address_1"], 'vendor_address_2' => $d["vendor_address_2"], 'vendor_city' => $d["vendor_city"], 'vendor_state' => $d["vendor_state"], 'vendor_country' => $d["vendor_country"], 'vendor_zip' => $d["vendor_zip"], 'vendor_store_name' => $d["vendor_store_name"], 'vendor_store_desc' => $d["vendor_store_desc"], 'vendor_thumb_image' => $d["vendor_thumb_image"], 'vendor_full_image' => $d["vendor_full_image"], 'vendor_currency' => $d["vendor_currency"], 'vendor_url' => $d["vendor_url"], 'mdate' => $timestamp, 'vendor_terms_of_service' => $d["vendor_terms_of_service"], 'vendor_min_pov' => $d["vendor_min_pov"], 'vendor_currency_display_style' => $d["display_style"], 'vendor_freeshipping' => $d['vendor_freeshipping'], 'vendor_accepted_currencies' => implode(',', $d['vendor_accepted_currencies']), 'vendor_address_format' => $d['vendor_address_format'], 'vendor_date_format' => $d['vendor_date_format']);
if (!empty($d["vendor_category_id"])) {
$fields['vendor_category_id'] = $d["vendor_category_id"];
}
if (!empty($d["vendor_image_path"])) {
$fields['vendor_image_path'] = $d["vendor_image_path"];
}
$db->buildQuery('UPDATE', '#__{vm}_vendor', $fields, 'WHERE vendor_id = ' . $d["vendor_id"]);
$db->query();
if ($d['vendor_id'] == 1) {
$GLOBALS['vmLogger']->info($VM_LANG->_('VM_STORE_UPDATED'));
} else {
$GLOBALS['vmLogger']->info($VM_LANG->_('VM_VENDOR_UPDATED'));
}
return True;
}
/**
* update export module
* @param array
* @return bool
* @author Manfred Dennerlein
*/
function update(&$d)
{
global $vmLogger, $VM_LANG;
$db = new ps_DB();
$ps_vendor_id = $_SESSION['ps_vendor_id'];
$timestamp = time();
if (!$this->validate_update($d)) {
return False;
}
if (!empty($d['export_class'])) {
$export_class = basename($d['export_class']);
if (include_once CLASSPATH . 'export/' . $export_class . '.php') {
$_EXPORT = new $export_class();
}
} else {
include_once CLASSPATH . 'export/ps_xmlexport.php';
$_EXPORT = new ps_xmlexport();
}
if ($_EXPORT->configfile_writeable()) {
$_EXPORT->write_configuration($d);
$vmLogger->info($VM_LANG->_('VM_CONFIGURATION_CHANGE_SUCCESS', false));
} else {
$vmLogger->err(sprintf($VM_LANG->_('VM_CONFIGURATION_CHANGE_FAILURE', false), CLASSPATH . "export/" . $_EXPORT->classname . ".cfg.php"));
return false;
}
$fields = array('export_enabled' => $d['export_enabled'], 'export_config' => $d['export_config']);
if (!$d['iscore']) {
$fields['export_name'] = $d['export_name'];
$fields['export_desc'] = $d['export_desc'];
$fields['export_class'] = $d['export_class'];
}
$db->buildQuery('INSERT', '#__{vm}_export', $fields, 'WHERE export_id=' . (int) $d['export_id'] . " AND vendor_id='{$ps_vendor_id}'");
return $db->query() !== false;
}
/**
* Updates an Order Status
*
* @param array $d
* @return boolean
*/
function update(&$d)
{
global $VM_LANG;
$db = new ps_DB();
$ps_vendor_id = $_SESSION["ps_vendor_id"];
if (!$this->validate_update($d)) {
return False;
}
$fields = array('order_status_code' => vmGet($d, 'order_status_code'), 'order_status_name' => vmGet($d, 'order_status_name'), 'order_status_description' => vmGet($d, 'order_status_description'), 'list_order' => vmRequest::getInt('list_order'));
$db->buildQuery('UPDATE', $this->_table_name, $fields, "WHERE order_status_id=" . (int) $d["order_status_id"] . " AND vendor_id={$ps_vendor_id}");
if ($db->query() !== false) {
$GLOBALS['vmLogger']->info($VM_LANG->_('VM_ORDERSTATUS_UPDATED'));
return true;
}
return false;
}
/**
* Updates a given Credit Card Record
*
* @param array $d
* @return boolean
*/
function update(&$d)
{
global $VM_LANG;
$db = new ps_DB();
$timestamp = time();
if (!$this->validate_update($d)) {
$d["error"] = $this->error;
return False;
}
$fields = array('vendor_id' => $_SESSION["ps_vendor_id"], 'creditcard_name' => vmGet($d, 'creditcard_name'), 'creditcard_code' => vmGet($d, 'creditcard_code'));
$db->buildQuery('UPDATE', '#__{vm}_creditcard', $fields, 'WHERE creditcard_id=' . (int) $d["creditcard_id"]);
if ($db->query()) {
$GLOBALS['vmLogger']->info($VM_LANG->_('VM_CREDITCARD_UPDATED'));
$_REQUEST['creditcard_id'] = $db->last_insert_id();
return true;
}
return false;
}
/**
* Updates an attribute record
*
* @param array $d
* @return boolean True when successful, false when not
*/
function update(&$d)
{
global $VM_LANG;
if (!$this->validate($d)) {
return false;
}
$db = new ps_DB();
$fields = array('attribute_name' => $d["attribute_name"], 'attribute_list' => $d["attribute_list"]);
$db->buildQuery('UPDATE', '#__{vm}_product_attribute_sku', $fields, "WHERE product_id='" . (int) $d["product_id"] . "' AND attribute_name='" . $db->getEscaped($d["old_attribute_name"]) . "'");
if ($db->query() === false) {
$GLOBALS['vmLogger']->err($VM_LANG->_('VM_PRODUCT_ATTRIBUTE_ERR_UPDATING'));
return false;
}
if ($d["old_attribute_name"] != $d["attribute_name"]) {
$ps_product = new ps_product();
$child_pid = $ps_product->get_child_product_ids($d["product_id"]);
for ($i = 0; $i < count($child_pid); $i++) {
$fields = array('attribute_name' => $d["attribute_name"]);
$db->buildQuery('UPDATE', '#__{vm}_product_attribute', $fields, "WHERE product_id='" . $child_pid[$i] . "' AND attribute_name='" . $db->getEscaped($d["old_attribute_name"]) . "' ");
$db->query();
}
}
$GLOBALS['vmLogger']->info($VM_LANG->_('VM_PRODUCT_ATTRIBUTE_UPDATED'));
return true;
}
/**
* updates discount information
*
* @param array $d
* @return boolean
*/
function update(&$d)
{
global $VM_LANG;
$db = new ps_DB();
if (!empty($d["start_date"])) {
$day = substr($d["start_date"], 8, 2);
$month = substr($d["start_date"], 5, 2);
$year = substr($d["start_date"], 0, 4);
$d["start_date"] = mktime(0, 0, 0, $month, $day, $year);
} else {
$d["start_date"] = "";
}
if (!empty($d["end_date"])) {
$day = substr($d["end_date"], 8, 2);
$month = substr($d["end_date"], 5, 2);
$year = substr($d["end_date"], 0, 4);
$d["end_date"] = mktime(0, 0, 0, $month, $day, $year);
} else {
$d["end_date"] = "";
}
if (!$this->validate_update($d)) {
return False;
}
$fields = array('amount' => (double) vmGet($d, 'amount'), 'is_percent' => (int) vmGet($d, 'is_percent'), 'start_date' => $d["start_date"], 'end_date' => $d["end_date"]);
$db->buildQuery('UPDATE', '#__{vm}_product_discount', $fields, 'WHERE discount_id=' . (int) $d["discount_id"]);
$db->query();
$GLOBALS['vmLogger']->info($VM_LANG->_('VM_PRODUCT_DISCOUNT_UPDATED'));
return True;
}
/**
* Sorts ALL categories in the store alphabetically
* This is VERY recursive...
* @author soeren
*
* @param int $category_id
* @param int $level
*/
function sort_alphabetically($category_id = 0, $level = 0)
{
static $ibg = 0;
$ps_vendor_id = $_SESSION["ps_vendor_id"];
$db = new ps_DB();
$level++;
$q = "SELECT `c`.`category_id`, `cx`.`category_child_id`, `cx`.`category_parent_id` as cpid \n\t\t\t\tFROM `#__{vm}_category` as `c`,`#__{vm}_category_xref` as `cx` ";
$q .= "WHERE `c`.`category_id`=`cx`.`category_child_id` AND `cx`.`category_parent_id`={$category_id} ";
$q .= "AND `c`.`vendor_id`={$ps_vendor_id} ";
$q .= "ORDER BY `category_name` ASC ";
$db->query($q);
$i = 1;
while ($db->next_record()) {
// Update the categories in this level
$fields = array('category_list' => $i);
$dbu = new ps_DB();
$dbu->buildQuery('UPDATE', '#__{vm}_category_xref', $fields, 'WHERE `category_child_id`=' . $db->f('category_child_id'));
$dbu->query();
$fields = array('list_order' => $i);
$dbu->buildQuery('UPDATE', '#__{vm}_category', $fields, 'WHERE `category_id`=' . $db->f('category_child_id'));
$dbu->query();
// Traverse the tree down
$this->sort_alphabetically($db->f('category_child_id'), $level);
$i++;
}
}
/**
* updates manufacturer information
*
* @param array $d
* @return boolean
*/
function update(&$d)
{
global $VM_LANG;
$db = new ps_DB();
if (!$this->validate_update($d)) {
return False;
}
$fields = array('mf_name' => vmGet($d, 'mf_name'), 'mf_email' => vmGet($d, 'mf_email'), 'mf_desc' => vmGet($d, 'mf_desc', '', VMREQUEST_ALLOWHTML), 'mf_category_id' => vmRequest::getInt('mf_category_id'), 'mf_url' => vmGet($d, 'mf_url'));
$db->buildQuery('UPDATE', '#__{vm}_manufacturer', $fields, 'WHERE manufacturer_id=' . (int) $d["manufacturer_id"]);
if ($db->query()) {
$GLOBALS['vmLogger']->info($VM_LANG->_('VM_MANUF_UPDATED'));
return true;
}
return false;
}
/**
* Inserts or Updates the user information
*
* @param array $user_info
* @param int $user_id
*/
function setUserInfo($user_info, $user_id = 0)
{
$db = new ps_DB();
if (empty($user_id)) {
// INSERT NEW USER
$db->buildQuery('INSERT', '#__{vm}_user_info', $user_info);
// Run the query now!
$db->query();
} else {
// UPDATE EXISTING USER
$db->buildQuery('UPDATE', '#__{vm}_user_info', $user_info, 'WHERE `user_id`=' . $user_id);
// Run the query now!
$db->query();
}
}
/**
* Updates a product price
*
* @param array $d
* @return boolean
*/
function update(&$d)
{
global $vmLogger, $VM_LANG;
if (!$this->validate($d)) {
return false;
}
if ($d["product_price"] === '') {
return $this->delete($d);
}
$timestamp = time();
$db = new ps_DB();
if (empty($d["product_price_vdate"])) {
$d["product_price_vdate"] = '';
}
if (empty($d["product_price_edate"])) {
$d["product_price_edate"] = '';
}
$fields = array('shopper_group_id' => vmRequest::getInt('shopper_group_id'), 'product_price' => vmRequest::getFloat('product_price'), 'product_currency' => vmGet($d, 'product_currency'), 'product_price_vdate' => vmGet($d, 'product_price_vdate'), 'product_price_edate' => vmGet($d, 'product_price_edate'), 'mdate' => $timestamp, 'price_quantity_start' => vmRequest::getInt('price_quantity_start'), 'price_quantity_end' => vmRequest::getInt('price_quantity_end'));
$db = new ps_DB();
$db->buildQuery('UPDATE', '#__{vm}_product_price', $fields, 'WHERE product_price_id=' . (int) $d["product_price_id"]);
if ($db->query() !== false) {
$vmLogger->info($VM_LANG->_('VM_PRODUCT_PRICE_UPDATED', false));
return true;
}
$vmLogger->err($VM_LANG->_('VM_PRODUCT_PRICE_UPDATING_FAILED', false));
return false;
}
function changeOrdering($table, $name, $k, $entity_name, $where = '', $table2_name = '')
{
global $db, $vmLogger;
if (strtolower(@$_REQUEST['task']) == 'saveorder') {
$i = 0;
foreach ($_REQUEST[$k] as $item) {
$sql = "UPDATE `{$table}` SET `{$name}` =" . intval($_REQUEST['order'][$i]) . " WHERE `{$k}`=" . intval($item);
$sql .= $where ? "\n\tAND {$where}" : '';
$db->query($sql);
$i++;
}
$this->fixOrdering($table, $name, $k, $where);
} elseif (strtolower(@$_REQUEST['task']) == 'sort_alphabetically') {
$select_where = $where;
$q = 'SELECT `' . $name . '`, `' . $table . '`.`' . $k . '`, `' . $entity_name . '` FROM `' . $table . '`';
if ($table2_name != '') {
$q .= $table2_name != '' ? ',`' . $table2_name . '`' : '';
$select_where = $where . "\n AND `{$table}`.`{$k}`=`{$table2_name}`.`{$k}`";
}
$q .= ' WHERE ' . $select_where . ' ORDER BY `' . $entity_name . '`';
$db->query($q);
$i = 1;
$dbu = new ps_DB();
while ($db->next_record()) {
$fields = array($name => $i);
$where_query = "WHERE `{$k}`=" . intval($db->f($k));
$where_query .= $where ? "\n\tAND {$where}" : '';
$dbu->buildQuery('UPDATE', $table, $fields, $where_query);
//echo $dbu->_sql;
$dbu->query();
$i++;
}
} else {
$item = intval($_REQUEST[$k][0]);
$db->query("SELECT `{$name}` FROM `{$table}` WHERE `{$k}`={$item}");
$db->next_record();
$this->{$name} = $db->f($name);
$this->{$k} = $item;
$sql = "SELECT {$k}, {$name} FROM `{$table}`";
if ($_REQUEST['task'] == 'orderup') {
$sql .= "\n WHERE `{$name}` < " . intval($this->{$name});
$sql .= $where ? "\n\tAND {$where}" : '';
$sql .= "\n ORDER BY `{$name}` DESC";
$sql .= "\n LIMIT 1";
} elseif ($_REQUEST['task'] == 'orderdown') {
$sql .= "\n WHERE `{$name}` > " . intval($this->{$name});
$sql .= $where ? "\n\tAND {$where}" : '';
$sql .= "\n ORDER BY `{$name}`";
$sql .= "\n LIMIT 1";
} else {
$sql .= "\nWHERE `{$name}` = " . intval($this->{$name});
$sql .= $where ? "\n AND {$where}" : '';
$sql .= "\n ORDER BY `{$name}`";
$sql .= "\n LIMIT 1";
}
$db->query($sql);
//echo 'A: ' . $db->_database->_sql;
if ($db->next_record()) {
$field_value = $db->f($name);
$field_key_value = $db->f($k);
$query = "UPDATE `{$table}`" . "\n SET `{$name}` = '" . $field_value . "'" . "\n WHERE `{$k}` = '" . $this->{$k} . "'";
$db->setQuery($query);
if (!$db->query()) {
$err = $db->getErrorMsg();
//die( $err );
}
//echo 'B: ' . $db->getQuery();
$query = "UPDATE `{$table}`" . "\n SET `{$name}` = '" . $this->{$name} . "'" . "\n WHERE `{$k}` = '" . $field_key_value . "'";
$db->setQuery($query);
//echo 'C: ' . $db->getQuery();
if (!$db->query()) {
$err = $db->getErrorMsg();
//die( $err );
}
$this->{$name} = $field_value;
} else {
$query = "UPDATE `{$table}`" . "\n SET `{$name}` = '" . $this->{$name} . "'" . "\n WHERE `{$k}`= '" . $this->{$k} . "'";
$db->setQuery($query);
//echo 'D: ' . $db->getQuery();
if (!$db->query()) {
$err = $db->getErrorMsg();
//die( $err );
}
}
}
return true;
}
function update_permissions(&$d)
{
$db = new ps_DB();
$i = 0;
foreach ($d['module_perms'] as $module) {
$modules = implode(',', array_keys($module));
$module_id = (int) $d['module_id'][$i];
$db->buildQuery('UPDATE', '#__{vm}_module', array('module_perms' => $modules), 'WHERE module_id=' . $module_id);
$db->query();
$i++;
}
return true;
}
function saveField(&$d)
{
global $my, $mosConfig_live_site, $VM_LANG;
$db = new ps_DB();
if ($d['type'] == 'webaddress') {
$d['rows'] = $d['webaddresstypes'];
if (!($d['rows'] == 0 || $d['rows'] == 2)) {
$d['rows'] = 0;
}
}
$d['name'] = str_replace(" ", "", strtolower($d['name']));
if (!$this->validateOnSave($d)) {
return false;
}
// Prevent unpublishing and renaming of IMPORTANT Fields like "email", "username", "password",...
$fieldObj = $this->get($d['fieldid']);
if ($fieldObj !== false) {
if (in_array($fieldObj->f('name'), $this->getSkipFields())) {
$d['name'] = $fieldObj->f('name');
$d['required'] = $fieldObj->f('required');
$d['published'] = $fieldObj->f('published');
}
}
$fields = array('name' => vmGet($d, 'name'), 'title' => vmGet($d, 'title'), 'description' => vmGet($d, 'description'), 'type' => vmGet($d, 'type'), 'maxlength' => vmGet($d, 'maxlength'), 'size' => vmGet($d, 'size'), 'required' => vmGet($d, 'required'), 'ordering' => vmGet($d, 'ordering'), 'cols' => vmGet($d, 'cols'), 'rows' => vmGet($d, 'rows'), 'value' => vmGet($d, 'value'), 'default' => vmGet($d, 'default'), 'published' => vmGet($d, 'published'), 'registration' => vmGet($d, 'registration'), 'shipping' => vmGet($d, 'shipping'), 'account' => vmGet($d, 'account'), 'readonly' => vmGet($d, 'readonly'), 'calculated' => vmGet($d, 'calculated'), 'params' => vmGet($d, 'params'), 'vendor_id' => vmGet($_SESSION, 'ps_vendor_id', 1));
if (!empty($d['fieldid'])) {
// existing record
$db->buildQuery('UPDATE', '#__{vm}_userfield', $fields, 'WHERE `fieldid` =' . intval($d['fieldid']));
$db->query();
if ($d['type'] != 'delimiter') {
$this->changeColumn($d['name'], $d['cType'], 'update');
}
} else {
// add a new record
$sql = "SELECT MAX(ordering) as max FROM #__{vm}_userfield";
$db->query($sql);
$db->next_record();
$d['ordering'] = $db->f('max') + 1;
$db->buildQuery('INSERT', '#__{vm}_userfield', $fields);
$db->query();
$_REQUEST['fieldid'] = $db->last_insert_id();
if ($d['type'] != 'delimiter') {
$this->changeColumn($d['name'], $d['cType'], 'add');
}
}
$fieldNames = vmGet($d, 'vNames', array());
$fieldValues = vmGet($d, 'vValues', array());
$j = 1;
if (!empty($d['fieldid'])) {
$db->query("DELETE FROM #__{vm}_userfield_values" . " WHERE fieldid=" . (int) $d['fieldid'] . ' LIMIT 1');
} else {
$db->query("SELECT MAX(fieldid) as max FROM `#__{vm}_userfield`");
$maxID = $db->loadResult();
$d['fieldid'] = $maxID;
}
$n = count($fieldNames);
for ($i = 0; $i < $n; $i++) {
if (trim($fieldNames[$i]) != null || trim($fieldNames[$i]) != '') {
$fields = array('fieldid' => (int) $d['fieldid'], 'fieldtitle' => htmlspecialchars($fieldNames[$i]), 'fieldvalue' => htmlspecialchars($fieldValues[$i]), 'ordering' => $j);
$db->buildQuery('INSERT', '#__{vm}_userfield_values', $fields);
$db->query();
$j++;
}
}
$GLOBALS['vmLogger']->info($VM_LANG->_('VM_USERFIELD_SAVED'));
return true;
}
/**
* Function to update a Shopper Entry
* (uses who have perms='shopper')
*/
function update(&$d)
{
global $my, $perm, $sess, $vmLogger, $page;
$auth = $_SESSION['auth'];
$db = new ps_DB();
if (@$d["user_id"] != $my->id && @$d["user_id"] != $auth['user_id'] && $auth["perms"] != "admin") {
$vmLogger->crit("Tricky tricky, but we know about this one.");
return False;
}
require_once CLASSPATH . 'ps_user.php';
if (!empty($d['username'])) {
$_POST['username'] = $d['username'];
} else {
$_POST['username'] = $my->username;
}
$_POST['name'] = $d['first_name'] . " " . $d['last_name'];
$_POST['id'] = $auth["user_id"];
$_POST['gid'] = $my->gid;
$d['error'] = "";
if (VM_REGISTRATION_TYPE != 'NO_REGISTRATION') {
ps_user::saveUser($d);
}
if (!empty($d['error'])) {
return false;
}
if (!$this->validate_update($d)) {
return false;
}
$user_id = $auth["user_id"];
/* Update Bill To */
// Get all fields which where shown to the user
$userFields = ps_userfield::getUserFields('account', false, '', true);
$skip_fields = ps_userfield::getSkipFields();
$fields = array('mdate' => time());
foreach ($userFields as $userField) {
if (!in_array($userField->name, $skip_fields)) {
$fields[$userField->name] = ps_userfield::prepareFieldDataSave($userField->type, $userField->name, vmGet($d, $userField->name, strtoupper($userField->name)));
}
}
$fields['user_email'] = $fields['email'];
unset($fields['email']);
$db->buildQuery('UPDATE', '#__{vm}_user_info', $fields, " WHERE user_id=" . $user_id . " AND address_type='BT'");
// Run the query!
$db->query();
// UPDATE #__{vm}_shopper group relationship
$q = "SELECT shopper_group_id FROM #__{vm}_shopper_vendor_xref ";
$q .= "WHERE user_id = '" . $user_id . "'";
$db->query($q);
if (!$db->num_rows()) {
//add
$shopper_db = new ps_DB();
// get the default shopper group
$q = "SELECT shopper_group_id from #__{vm}_shopper_group WHERE ";
$q .= "`default`='1'";
$shopper_db->query($q);
if (!$shopper_db->num_rows()) {
// when there is no "default", take the first in the table
$q = "SELECT shopper_group_id from #__{vm}_shopper_group";
$shopper_db->query($q);
}
$shopper_db->next_record();
$my_shopper_group_id = $shopper_db->f("shopper_group_id");
if (empty($d['customer_number'])) {
$d['customer_number'] = "";
}
$q = "INSERT INTO #__{vm}_shopper_vendor_xref ";
$q .= "(user_id,vendor_id,shopper_group_id) ";
$q .= "VALUES ('";
$q .= $_SESSION['auth']['user_id'] . "','";
$q .= $_SESSION['ps_vendor_id'] . "','";
$q .= $my_shopper_group_id . "')";
$db->query($q);
}
$q = "SELECT user_id FROM #__{vm}_auth_user_vendor ";
$q .= "WHERE user_id = '" . $_SESSION['auth']['user_id'] . "'";
$db->query($q);
if (!$db->num_rows()) {
// Insert vendor relationship
$q = "INSERT INTO #__{vm}_auth_user_vendor (user_id,vendor_id)";
$q .= " VALUES ";
$q .= "('" . $_SESSION['auth']['user_id'] . "','";
$q .= $_SESSION['ps_vendor_id'] . "') ";
$db->query($q);
}
return True;
}
/**
* Checks to see if the incoming address from paypal express checkout is already added
* If the address is not added, then it adds the address to the ship to of the user's account
* @param &$auth
* @return false on failure
*/
function checkAddress(&$auth)
{
global $vmLogger, $VM_LANG;
/* Select all the ship to information for this user id and
* order by modification date; most recently changed to oldest
*/
if ($auth['user_id']) {
$db = new ps_DB();
$q = "SELECT * from #__{vm}_user_info WHERE ";
$q .= "user_id=" . (int) $auth['user_id'] . ' ';
$q .= "AND address_type='BT'";
$db->query($q);
$db->next_record();
// check if an alternative shipping address was returned from PayPal
if ($_SESSION['ppex_userdata']['address_1'] != $db->f("address_1") || $_SESSION['ppex_userdata']['city'] != $db->f("city")) {
$q = "SELECT * FROM #__{vm}_user_info i ";
$q .= "INNER JOIN #__{vm}_country c ON (i.country=c.country_3_code) ";
$q .= "LEFT JOIN #__{vm}_state s ON (i.state=s.state_2_code AND s.country_id=c.country_id) ";
$q .= "WHERE user_id =" . (int) $auth['user_id'] . ' ';
$q .= "AND address_type = 'ST' ";
$q .= "ORDER by address_type_name, mdate DESC";
$db->query($q);
$add_address = true;
if ($db->num_rows() > 0) {
while ($db->next_record()) {
if ($_SESSION['ppex_userdata']['address_1'] == $db->f("address_1") && $_SESSION['ppex_userdata']['city'] == $db->f("city")) {
$add_address = false;
break;
}
}
}
// Add the new shipping address if not yet available
if ($add_address) {
$fields = array('address_type' => 'ST', 'address_type_name' => $_SESSION['ppex_userdata']['address_1'] . ', ' . $_SESSION['ppex_userdata']['city'], 'company' => $_SESSION['ppex_userdata']['company'], 'address_1' => $_SESSION['ppex_userdata']['address_1'], 'address_2' => vmget($_SESSION['ppex_userdata'], 'address_2'), 'city' => $_SESSION['ppex_userdata']['city'], 'zip' => $_SESSION['ppex_userdata']['zip'], 'country' => $_SESSION['ppex_userdata']['country'], 'state' => $_SESSION['ppex_userdata']['state']);
if (!empty($_SESSION['ppex_userdata']['shiptoname'])) {
$fields['first_name'] = $_SESSION['ppex_userdata']['shiptoname'];
$fields['last_name'] = '';
} else {
$fields['first_name'] = $_SESSION['ppex_userdata']['first_name'];
$fields['last_name'] = $_SESSION['ppex_userdata']['last_name'];
}
$fields['user_id'] = $_SESSION['auth']['user_id'];
$fields['user_info_id'] = md5(uniqid($_SESSION['ppex_userdata']['payer_id']));
$fields['address_type'] = 'ST';
$timestamp = time();
$fields['cdate'] = $timestamp;
$fields['mdate'] = $timestamp;
$db->buildQuery('INSERT', '#__{vm}_user_info', $fields);
if ($db->query() === false) {
$vmLogger->err($VM_LANG->_('VM_USERADDRESS_ADD_FAILED'));
return false;
}
$vmLogger->info($VM_LANG->_('VM_USERADDRESS_ADDED'));
}
}
}
}
/**
* This function inserts the DOWNLOAD IDs for all files associated with this product
* so the customer can later download the purchased files
* @static
* @since 1.1.0
* @param int $product_id
* @param int $order_id
* @param int $user_id
*/
function insert_downloads_for_product(&$d)
{
$db = new ps_DB();
$dbd = new ps_DB();
if (empty($d['product_id']) || empty($d['order_id'])) {
return false;
}
$dl = "SELECT attribute_name,attribute_value ";
$dl .= "FROM #__{vm}_product_attribute WHERE product_id='" . $d['product_id'] . "'";
$dl .= " AND attribute_name='download'";
$db->query($dl);
$dlnum = 0;
while ($db->next_record()) {
$str = (int) $d['order_id'];
$str .= $d['product_id'];
$str .= uniqid('download_');
$str .= $dlnum++;
$str .= time();
$download_id = md5($str);
$fields = array('product_id' => $d['product_id'], 'user_id' => (int) $d['user_id'], 'order_id' => (int) $d['order_id'], 'end_date' => '0', 'download_max' => DOWNLOAD_MAX, 'download_id' => $download_id, 'file_name' => $db->f("attribute_value"));
$dbd->buildQuery('INSERT', '#__{vm}_product_download', $fields);
$dbd->query();
}
}
function update(&$d)
{
global $VM_LANG, $vmLogger, $perm, $my, $mosConfig_offset;
$db = new ps_DB();
$d["comment"] = trim($d["comment"]);
if (strlen($d["comment"]) < VM_REVIEWS_MINIMUM_COMMENT_LENGTH) {
$vmLogger->err(sprintf($VM_LANG->_('PHPSHOP_REVIEW_ERR_COMMENT1', false), VM_REVIEWS_MINIMUM_COMMENT_LENGTH));
return false;
}
if (strlen($d["comment"]) > VM_REVIEWS_MAXIMUM_COMMENT_LENGTH) {
$vmLogger->err(sprintf($VM_LANG->_('PHPSHOP_REVIEW_ERR_COMMENT2', false), VM_REVIEWS_MAXIMUM_COMMENT_LENGTH));
return false;
}
$time = time() + $mosConfig_offset * 60 * 60;
$db->query("SELECT user_rating FROM #__{vm}_product_reviews WHERE product_id='" . $d['product_id'] . "' AND userid=" . vmRequest::getInt('userid'));
$db->next_record();
$previous_vote = $db->f("user_rating");
$fields = array('product_id' => $d['product_id'], 'userid' => vmRequest::getInt('userid'), 'comment' => vmGet($d, 'comment'), 'user_rating' => vmRequest::getInt('user_rating'), 'time' => $time);
$db->buildQuery('REPLACE', '#__{vm}_product_reviews', $fields);
$db->query();
$this->process_vote($d, $previous_vote);
$vmLogger->info($VM_LANG->_('PHPSHOP_REVIEW_MODIFIED', false));
return true;
}
/**
* Updates a Currency Record
*
* @param array $d
* @return boolean
*/
function update(&$d)
{
global $VM_LANG;
$db = new ps_DB();
if (!$this->validate_update($d)) {
return False;
}
$fields = array('currency_name' => vmGet($d, 'currency_name'), 'currency_code' => vmGet($d, 'currency_code'));
$db->buildQuery('UPDATE', '#__{vm}_currency', $fields, 'WHERE currency_id=' . (int) $d["currency_id"]);
if ($db->query()) {
$GLOBALS['vmLogger']->info($VM_LANG->_('VM_CURRENCY_UPDATED'));
return true;
}
return false;
}
/**
* Updates a state entry
*
* @param array $d
* @return boolean
*/
function updateState(&$d)
{
$db = new ps_DB();
if (empty($d['state_id']) || empty($d['country_id'])) {
$GLOBALS['vmLogger']->err('Please select a state or country for update!');
return False;
}
$fields = array('state_name' => vmGet($d, 'state_name'), 'country_id' => vmRequest::getInt('country_id'), 'state_2_code' => vmGet($d, 'state_2_code'), 'state_3_code' => vmGet($d, 'state_3_code'));
$db->buildQuery('UPDATE', '#__{vm}_state', $fields, 'WHERE state_id=' . (int) $d["state_id"]);
if ($db->query()) {
$GLOBALS['vmLogger']->info('The state has been updated.');
return True;
}
return false;
}
/**
* updates Product Type information
* @author Zdenek Dvorak
* @param array $d
* @return boolean
*/
function update(&$d)
{
$db = new ps_DB();
if ($this->validate_update($d)) {
if (empty($d["product_type_publish"])) {
$d["product_type_publish"] = "N";
}
$fields = array('product_type_name' => vmGet($d, 'product_type_name'), 'product_type_description' => vmGet($d, 'product_type_description'), 'product_type_publish' => vmGet($d, 'product_type_publish'), 'product_type_browsepage' => vmGet($d, 'product_type_browsepage'), 'product_type_flypage' => vmGet($d, 'product_type_flypage'), 'product_type_list_order' => vmRequest::getInt('list_order'));
$db->buildQuery('UPDATE', '#__{vm}_product_type', $fields, 'WHERE product_type_id=' . (int) $d["product_type_id"]);
$db->query();
// Re-Order the Product Type table IF the list_order has been changed
if (intval($d['list_order']) != intval($d['currentpos'])) {
$dbu = new ps_DB();
/* Moved UP in the list order */
if (intval($d['list_order']) < intval($d['currentpos'])) {
$q = "SELECT product_type_id FROM #__{vm}_product_type WHERE ";
$q .= "product_type_id <> '" . $d["product_type_id"] . "' ";
$q .= "AND product_type_list_order >= '" . intval($d["list_order"]) . "'";
$db->query($q);
while ($db->next_record()) {
$dbu->query("UPDATE #__{vm}_product_type SET product_type_list_order=product_type_list_order+1 WHERE product_type_id='" . $db->f("product_type_id") . "'");
}
} else {
$q = "SELECT product_type_id FROM #__{vm}_product_type WHERE ";
$q .= "product_type_id <> '" . $d["product_type_id"] . "' ";
$q .= "AND product_type_list_order > '" . intval($d["currentpos"]) . "'";
$q .= "AND product_type_list_order <= '" . intval($d["list_order"]) . "'";
$db->query($q);
while ($db->next_record()) {
$dbu->query("UPDATE #__{vm}_product_type SET product_type_list_order=product_type_list_order-1 WHERE product_type_id='" . $db->f("product_type_id") . "'");
}
}
}
// END Re-Ordering
return True;
} else {
return False;
}
}
/**
* Updates an existing Shopper Group
*
* @param array $d
* @return boolean
*/
function update($d)
{
global $perm, $VM_LANG;
if ($perm->check("admin")) {
$vendor_id = $d["vendor_id"];
} else {
$vendor_id = $_SESSION["ps_vendor_id"];
}
$db = new ps_DB();
$default = @$d["default"] == "1" ? "1" : "0";
if (!$this->validate_update($d)) {
return false;
}
$fields = array('vendor_id' => $vendor_id, 'shopper_group_name' => $d["shopper_group_name"], 'shopper_group_desc' => $d["shopper_group_desc"], 'shopper_group_discount' => $d["shopper_group_discount"], 'show_price_including_tax' => $d["show_price_including_tax"], 'default' => $default);
$db->buildQuery('UPDATE', '#__{vm}_shopper_group', $fields, 'WHERE shopper_group_id=' . (int) $d["shopper_group_id"]);
if ($db->query()) {
$GLOBALS['vmLogger']->info($VM_LANG->_('SHOPPER_GROUP_UPDATED'));
if ($default == "1") {
$q = "UPDATE #__{vm}_shopper_group ";
$q .= "SET `default`=0 ";
$q .= "WHERE shopper_group_id !=" . $d["shopper_group_id"];
$q .= " AND vendor_id ={$vendor_id}";
$db->query($q);
$db->next_record();
}
return true;
}
$GLOBALS['vmLogger']->err($VM_LANG->_('SHOPPER_GROUP_UPDATE_FAILED'));
return false;
}
/**
* updates manufacturer information
*
* @param array $d
* @return boolean
*/
function update(&$d)
{
global $VM_LANG;
$db = new ps_DB();
$GLOBALS['vmInputFilter']->safeSQL($d);
if (!$this->validate_update($d)) {
return False;
}
$fields = array('mf_category_name' => vmGet($d, 'mf_category_name'), 'mf_category_desc' => vmGet($d, 'mf_category_desc'));
$db->buildQuery('UPDATE', '#__{vm}_manufacturer_category', $fields, "WHERE mf_category_id=" . (int) $d["mf_category_id"]);
if ($db->query() !== false) {
$_REQUEST['mf_category_id'] = $db->last_insert_id();
$GLOBALS['vmLogger']->info($VM_LANG->_('VM_MANUF_CAT_UPDATED'));
return True;
}
return false;
}
/**
* Function to update product $d['product_id'] in the product table
*
* @param array $d The input vars
* @return boolean True, when the product was updated, false when not
*/
function update(&$d)
{
global $vmLogger, $perm, $VM_LANG;
require_once CLASSPATH . 'ps_product_attribute.php';
if (!$this->validate($d)) {
return false;
}
if (!vmImageTools::process_images($d)) {
return false;
}
$timestamp = time();
$db = new ps_DB();
$ps_vendor_id = $_SESSION["ps_vendor_id"];
if ($perm->check('admin')) {
$vendor_id = $d['vendor_id'];
} else {
$vendor_id = $ps_vendor_id;
}
$old_vendor_id = $this->get_field($d['product_id'], 'vendor_id');
// Insert into DB
$fields = array('vendor_id' => $vendor_id, 'product_sku' => vmGet($d, 'product_sku'), 'product_name' => vmGet($d, 'product_name'), 'product_desc' => vmRequest::getVar('product_desc', '', 'default', '', VMREQUEST_ALLOWHTML), 'product_s_desc' => vmRequest::getVar('product_s_desc', '', 'default', '', VMREQUEST_ALLOWHTML), 'product_thumb_image' => vmGet($d, 'product_thumb_image'), 'product_full_image' => vmGet($d, 'product_full_image'), 'product_publish' => $d['product_publish'], 'product_weight' => vmRequest::getFloat('product_weight'), 'product_weight_uom' => vmGet($d, 'product_weight_uom'), 'product_length' => vmRequest::getFloat('product_length'), 'product_width' => vmRequest::getFloat('product_width'), 'product_height' => vmRequest::getFloat('product_height'), 'product_lwh_uom' => vmGet($d, 'product_lwh_uom'), 'product_unit' => vmGet($d, 'product_unit'), 'product_packaging' => $d["product_box"] << 16 | $d["product_packaging"] & 0xffff, 'product_url' => vmGet($d, 'product_url'), 'product_in_stock' => vmRequest::getInt('product_in_stock'), 'attribute' => ps_product_attribute::formatAttributeX(), 'custom_attribute' => vmGet($d, 'product_custom_attribute'), 'product_available_date' => $d['product_available_date_timestamp'], 'product_availability' => vmGet($d, 'product_availability'), 'product_special' => $d['product_special'], 'child_options' => $d['child_options'], 'quantity_options' => $d['quantity_options'], 'product_discount_id' => vmRequest::getInt('product_discount_id'), 'mdate' => $timestamp, 'product_tax_id' => vmRequest::getInt('product_tax_id'), 'child_option_ids' => vmGet($d, 'included_product_id'), 'product_order_levels' => $d['order_levels']);
$db->buildQuery('UPDATE', '#__{vm}_product', $fields, 'WHERE product_id=' . (int) $d["product_id"] . ' AND vendor_id=' . (int) $old_vendor_id);
$db->query();
/* notify the shoppers that the product is here */
/* see zw_waiting_list */
if ($d["product_in_stock"] > "0" && @$d['notify_users'] == '1' && $d['product_in_stock_old'] == '0') {
require_once CLASSPATH . 'zw_waiting_list.php';
$zw_waiting_list = new zw_waiting_list();
$zw_waiting_list->notify_list($d["product_id"]);
}
// Check if the Manufacturer XRef is missing
if ($this->get_manufacturer_id($d['product_id'])) {
$q = "UPDATE #__{vm}_product_mf_xref SET ";
$q .= 'manufacturer_id=' . vmRequest::getInt('manufacturer_id') . ' ';
$q .= 'WHERE product_id = ' . $d['product_id'];
} else {
$q = "INSERT INTO #__{vm}_product_mf_xref (product_id,manufacturer_id) VALUES ('" . $d['product_id'] . "','" . vmRequest::getInt('manufacturer_id') . "')";
}
$db->query($q);
/* If is Item, update attributes */
if (!empty($d["product_parent_id"])) {
$q = "SELECT attribute_name FROM #__{vm}_product_attribute_sku ";
$q .= 'WHERE product_id=' . (int) $d["product_parent_id"] . ' ';
$q .= "ORDER BY attribute_list,attribute_name";
$db->query($q);
$db2 = new ps_DB();
$i = 0;
while ($db->next_record()) {
$i++;
$q2 = "UPDATE #__{vm}_product_attribute SET ";
$q2 .= "attribute_value='" . vmGet($d, 'attribute_' . $i) . "' ";
$q2 .= "WHERE product_id = '" . $d["product_id"] . "' ";
$q2 .= "AND attribute_name = '" . $db->f("attribute_name", false) . "' ";
$db2->setQuery($q2);
$db2->query();
}
/* If it is a Product, update Category */
} else {
// Handle category selection: product_category_xref
$q = "SELECT `category_id` FROM `#__{vm}_product_category_xref` ";
$q .= "WHERE `product_id` = '" . $d["product_id"] . "' ";
$db->setQuery($q);
$db->query();
$old_categories = array();
while ($db->next_record()) {
$old_categories[$db->f('category_id')] = $db->f('category_id');
}
// NOW Insert new categories
$new_categories = array();
if (empty($d['product_categories']) || !is_array(@$d['product_categories'])) {
$d['product_categories'] = explode('|', $d['category_ids']);
}
foreach ($d["product_categories"] as $category_id) {
if (!in_array($category_id, $old_categories)) {
$db->query('SELECT MAX(`product_list`) as list_order FROM `#__{vm}_product_category_xref` WHERE `category_id`=' . (int) $category_id);
$db->next_record();
$q = "INSERT INTO #__{vm}_product_category_xref ";
$q .= "(category_id,product_id,product_list) ";
$q .= "VALUES ('" . (int) $category_id . "','" . $d["product_id"] . "', " . intval($db->f('max') + 1) . ")";
$db->setQuery($q);
$db->query();
$new_categories[$category_id] = $category_id;
} else {
unset($old_categories[$category_id]);
}
}
// The rest of the old categories can be deleted
foreach ($old_categories as $category_id) {
$q = "DELETE FROM `#__{vm}_product_category_xref` ";
$q .= "WHERE `product_id` = '" . $d["product_id"] . "' ";
$q .= "AND `category_id` = '" . $category_id . "' ";
$db->query($q);
}
}
if (!empty($d["related_products"])) {
/* Insert Pipe separated Related Product IDs */
$related_products = vmGet($d, "related_products");
$q = "REPLACE INTO #__{vm}_product_relations (product_id, related_products)";
$q .= " VALUES( '" . $d["product_id"] . "', '{$related_products}') ";
$db->query($q);
} else {
$q = "DELETE FROM #__{vm}_product_relations WHERE product_id='" . $d["product_id"] . "'";
$db->query($q);
}
// UPDATE THE PRICE, IF EMPTY ADD 0
if (empty($d['product_currency'])) {
$d['product_currency'] = $_SESSION['vendor_currency'];
}
// look if we have a price for this product
$q = "SELECT product_price_id, price_quantity_start, price_quantity_end FROM #__{vm}_product_price ";
$q .= "WHERE shopper_group_id=" . vmRequest::getInt('shopper_group_id');
$q .= ' AND product_id = ' . $d["product_id"];
$db->query($q);
if ($db->next_record()) {
$d["product_price_id"] = $db->f("product_price_id");
require_once CLASSPATH . 'ps_product_price.php';
$my_price = new ps_product_price();
if (@$d['product_price'] != '') {
// update prices
$d["price_quantity_start"] = $db->f("price_quantity_start");
$d["price_quantity_end"] = $db->f("price_quantity_end");
$my_price->update($d);
} else {
// delete the price
$my_price->delete($d);
}
} else {
if ($d['product_price'] != '') {
// add the price
$d["price_quantity_start"] = 0;
$d["price_quantity_end"] = "";
require_once CLASSPATH . 'ps_product_price.php';
$my_price = new ps_product_price();
$my_price->add($d);
}
}
// Product Type Parameters!
$this->handleParameters($d);
$vmLogger->info($VM_LANG->_('VM_PRODUCT_UPDATED', false));
return true;
}
/**
* Updates a Payment Entry
*
* @param array $d
* @return boolean
*/
function update(&$d)
{
global $VM_LANG;
global $vmLogger, $VM_LANG;
$ps_vendor_id = $_SESSION["ps_vendor_id"];
$db = new ps_DB();
if (!$this->validate_update($d)) {
return False;
}
if (!empty($d["payment_class"])) {
$payment_class = basename($d["payment_class"]);
@(include CLASSPATH . "payment/" . $payment_class . ".php");
if (class_exists($payment_class)) {
$_PAYMENT = new $payment_class();
} else {
$GLOBALS['vmLogger']->err($VM_LANG->_('VM_PAYMENTMETHOD_CLASS_NOT_EXIST'));
return false;
}
} else {
include CLASSPATH . "payment/ps_payment.php";
$_PAYMENT = new ps_payment();
}
if ($_PAYMENT->configfile_writeable() || $_PAYMENT->classname == 'ps_payment') {
$_PAYMENT->write_configuration($d);
$vmLogger->info($VM_LANG->_('VM_CONFIGURATION_CHANGE_SUCCESS', false));
} else {
$vmLogger->err(sprintf($VM_LANG->_('VM_CONFIGURATION_CHANGE_FAILURE', false), CLASSPATH . "payment/" . $_PAYMENT->classname . ".cfg.php"));
return false;
}
$fields = array('payment_method_name' => vmGet($d, 'payment_method_name'), 'payment_class' => vmGet($d, 'payment_class'), 'shopper_group_id' => vmRequest::getInt('shopper_group_id'), 'payment_method_discount' => vmRequest::getFloat('payment_method_discount'), 'payment_method_discount_is_percent' => vmGet($d, 'payment_method_discount_is_percent'), 'payment_method_discount_max_amount' => (double) str_replace(',', '.', $d["payment_method_discount_max_amount"]), 'payment_method_discount_min_amount' => (double) str_replace(',', '.', $d["payment_method_discount_min_amount"]), 'payment_method_code' => vmGet($d, 'payment_method_code'), 'enable_processor' => vmGet($d, 'enable_processor'), 'list_order' => vmRequest::getInt('list_order'), 'is_creditcard' => vmGet($d, 'is_creditcard'), 'payment_enabled' => vmGet($d, 'payment_enabled'), 'accepted_creditcards' => vmGet($d, 'accepted_creditcards'), 'payment_extrainfo' => vmGet($_POST, 'payment_extrainfo', null, VMREQUEST_ALLOWRAW));
$db->buildQuery('UPDATE', '#__{vm}_payment_method', $fields, 'WHERE payment_method_id=' . (int) $d["payment_method_id"] . ' AND vendor_id=' . $ps_vendor_id);
$db->query();
return True;
}
/**
* This is the main function which stores the order information in the database
*
* @author Ashish Solanki!
* @return boolean
*/
function updateRecords($order_number, $order_total, &$d)
{
require_once CLASSPATH . 'ps_checkout.php';
$ps_chkout = new ps_checkout();
global $order_tax_details, $afid, $VM_LANG, $auth, $my, $mosConfig_offset, $vmLogger, $vmInputFilter, $discount_factor;
$ps_vendor_id = $_SESSION["ps_vendor_id"];
$cart = $_SESSION['cart'];
require_once CLASSPATH . 'ps_payment_method.php';
$ps_payment_method = new ps_payment_method();
require_once CLASSPATH . 'ps_product.php';
$ps_product = new ps_product();
require_once CLASSPATH . 'ps_cart.php';
$ps_cart = new ps_cart();
$db = new ps_DB();
$totals = $ps_chkout->calc_order_totals($d);
extract($totals);
$timestamp = time();
//Custom
$vmLogger->debug('-- Checkout Debug--
Subtotal: ' . $order_subtotal . '
Taxable: ' . $order_taxable . '
Payment Discount: ' . $payment_discount . '
Coupon Discount: ' . $coupon_discount . '
Shipping: ' . $order_shipping . '
Shipping Tax : ' . $order_shipping_tax . '
Tax : ' . $order_tax . '
------------------------
Order Total: ' . $order_total . '
----------------------------');
// Check to see if Payment Class File exists
$payment_class = $ps_payment_method->get_field($d["payment_method_id"], "payment_class");
$d['new_order_status'] = 'P';
// This is meant to be updated by a payment modules' process_payment method
if (!class_exists($payment_class)) {
include CLASSPATH . "payment/{$payment_class}.php";
}
$_PAYMENT = new $payment_class();
// Remove the Coupon, because it is a Gift Coupon and now is used!!
if (@$_SESSION['coupon_type'] == "gift") {
$d['coupon_id'] = $_SESSION['coupon_id'];
include_once CLASSPATH . 'ps_coupon.php';
ps_coupon::remove_coupon_code($d);
}
// Get the IP Address
if (!empty($_SERVER['REMOTE_ADDR'])) {
$ip = $_SERVER['REMOTE_ADDR'];
} else {
$ip = 'unknown';
}
// Collect all fields and values to store them!
$fields = array('user_id' => $auth["user_id"], 'vendor_id' => $ps_vendor_id, 'order_number' => $order_number, 'user_info_id' => $d["ship_to_info_id"], 'ship_method_id' => @urldecode($d["shipping_rate_id"]), 'order_total' => $order_total, 'order_subtotal' => $order_subtotal, 'order_tax' => $order_tax, 'order_tax_details' => serialize($order_tax_details), 'order_shipping' => $order_shipping, 'order_shipping_tax' => $order_shipping_tax, 'order_discount' => $payment_discount, 'coupon_discount' => $coupon_discount, 'coupon_code' => @$_SESSION['coupon_code'], 'order_currency' => $GLOBALS['product_currency'], 'order_status' => 'P', 'cdate' => $timestamp, 'mdate' => $timestamp, 'customer_note' => htmlspecialchars(vmRequest::getString('customer_note', '', 'POST', 'none'), ENT_QUOTES), 'ip_address' => $ip);
// Insert the main order information
$db->buildQuery('INSERT', '#__{vm}_orders', $fields);
$result = $db->query();
$d["order_id"] = $order_id = $db->last_insert_id();
if ($result === false || empty($order_id)) {
$vmLogger->crit('Adding the Order into the Database failed! User ID: ' . $auth["user_id"]);
return false;
}
// Insert the initial Order History.
$mysqlDatetime = date("Y-m-d G:i:s", $timestamp);
$fields = array('order_id' => $order_id, 'order_status_code' => 'P', 'date_added' => $mysqlDatetime, 'customer_notified' => 1, 'comments' => '');
$db->buildQuery('INSERT', '#__{vm}_order_history', $fields);
$db->query();
/**
* Insert the Order payment info
*/
$payment_number = str_replace(array(' ', '|', '-'), '', @$_SESSION['ccdata']['order_payment_number']);
$d["order_payment_code"] = @$_SESSION['ccdata']['credit_card_code'];
// Payment number is encrypted using mySQL encryption functions.
$fields = array('order_id' => $order_id, 'payment_method_id' => $d["payment_method_id"], 'order_payment_log' => @$d["order_payment_log"], 'order_payment_trans_id' => $vmInputFilter->safeSQL(@$d["order_payment_trans_id"]));
if (!empty($payment_number) && VM_STORE_CREDITCARD_DATA == '1') {
// Store Credit Card Information only if the Store Owner has decided to do so
$fields['order_payment_code'] = $d["order_payment_code"];
$fields['order_payment_expire'] = @$_SESSION["ccdata"]["order_payment_expire"];
$fields['order_payment_name'] = @$_SESSION["ccdata"]["order_payment_name"];
$fields['order_payment_number'] = VM_ENCRYPT_FUNCTION . "( '{$payment_number}','" . ENCODE_KEY . "')";
$specialfield = array('order_payment_number');
} else {
$specialfield = array();
}
$db->buildQuery('INSERT', '#__{vm}_order_payment', $fields, '', $specialfield);
$db->query();
/**
* Insert the User Billto & Shipto Info
*/
// First: get all the fields from the user field list to copy them from user_info into the order_user_info
$fields = array();
require_once CLASSPATH . 'ps_userfield.php';
$userfields = ps_userfield::getUserFields('', false, '', true, true);
foreach ($userfields as $field) {
if ($field->name == 'email') {
$fields[] = 'user_email';
} else {
$fields[] = $field->name;
}
}
$fieldstr = implode(',', $fields);
// Save current Bill To Address
$q = "INSERT INTO `#__{vm}_order_user_info` \n\t\t\t(`order_info_id`,`order_id`,`user_id`,address_type, " . $fieldstr . ") ";
$q .= "SELECT NULL, '{$order_id}', '" . $auth['user_id'] . "', address_type, " . $fieldstr . " FROM #__{vm}_user_info WHERE user_id='" . $auth['user_id'] . "' AND address_type='BT'";
$db->query($q);
// Save current Ship to Address if applicable
$q = "INSERT INTO `#__{vm}_order_user_info` \n\t\t\t(`order_info_id`,`order_id`,`user_id`,address_type, " . $fieldstr . ") ";
$q .= "SELECT NULL, '{$order_id}', '" . $auth['user_id'] . "', address_type, " . $fieldstr . " FROM #__{vm}_user_info WHERE user_id='" . $auth['user_id'] . "' AND user_info_id='" . $d['ship_to_info_id'] . "' AND address_type='ST'";
$db->query($q);
/**
* Insert all Products from the Cart into order line items;
* one row per product in the cart
*/
$dboi = new ps_DB();
for ($i = 0; $i < $cart["idx"]; $i++) {
$r = "SELECT product_id,product_in_stock,product_sales,product_parent_id,product_sku,product_name ";
$r .= "FROM #__{vm}_product WHERE product_id='" . $cart[$i]["product_id"] . "'";
$dboi->query($r);
$dboi->next_record();
$product_price_arr = $ps_product->get_adjusted_attribute_price($cart[$i]["product_id"], $cart[$i]["description"]);
$product_price = $GLOBALS['CURRENCY']->convert($product_price_arr["product_price"], $product_price_arr["product_currency"]);
if (empty($_SESSION['product_sess'][$cart[$i]["product_id"]]['tax_rate'])) {
$my_taxrate = $ps_product->get_product_taxrate($cart[$i]["product_id"]);
} else {
$my_taxrate = $_SESSION['product_sess'][$cart[$i]["product_id"]]['tax_rate'];
}
// Attribute handling
$product_parent_id = $dboi->f('product_parent_id');
$description = '';
if ($product_parent_id > 0) {
$db_atts = $ps_product->attribute_sql($dboi->f('product_id'), $product_parent_id);
while ($db_atts->next_record()) {
$description .= $db_atts->f('attribute_name') . ': ' . $db_atts->f('attribute_value') . '; ';
}
}
$description .= $ps_product->getDescriptionWithTax($_SESSION['cart'][$i]["description"], $dboi->f('product_id'));
$product_final_price = round($product_price * ($my_taxrate + 1), 2);
$vendor_id = $ps_vendor_id;
$fields = array('order_id' => $order_id, 'user_info_id' => $d["ship_to_info_id"], 'vendor_id' => $vendor_id, 'product_id' => $cart[$i]["product_id"], 'order_item_sku' => $dboi->f("product_sku"), 'order_item_name' => $dboi->f("product_name"), 'product_quantity' => $cart[$i]["quantity"], 'product_item_price' => $product_price, 'product_final_price' => $product_final_price, 'order_item_currency' => $GLOBALS['product_currency'], 'order_status' => 'P', 'product_attribute' => $description, 'cdate' => $timestamp, 'mdate' => $timestamp);
$db->buildQuery('INSERT', '#__{vm}_order_item', $fields);
$db->query();
// Update Stock Level and Product Sales, decrease - no matter if in stock or not!
$q = "UPDATE #__{vm}_product ";
$q .= "SET product_in_stock = product_in_stock - " . (int) $cart[$i]["quantity"];
$q .= " WHERE product_id = '" . $cart[$i]["product_id"] . "'";
$db->query($q);
$q = "UPDATE #__{vm}_product ";
$q .= "SET product_sales= product_sales + " . (int) $cart[$i]["quantity"];
$q .= " WHERE product_id='" . $cart[$i]["product_id"] . "'";
$db->query($q);
// Update stock of parent product, if all child products are sold, thanks Ragnar Brynjulfsson
if ($dboi->f("product_parent_id") != 0) {
$q = "SELECT COUNT(product_id) ";
$q .= "FROM #__{vm}_product ";
$q .= "WHERE product_parent_id = " . $dboi->f("product_parent_id");
$q .= " AND product_in_stock > 0";
$db->query($q);
$db->next_record();
if (!$db->f("COUNT(product_id)")) {
$q = "UPDATE #__{vm}_product ";
$q .= "SET product_in_stock = 0 ";
$q .= "WHERE product_id = " . $dboi->f("product_parent_id") . " LIMIT 1";
$db->query($q);
}
}
}
######## BEGIN DOWNLOAD MOD ###############
if (ENABLE_DOWNLOADS == "1") {
require_once CLASSPATH . 'ps_order.php';
for ($i = 0; $i < $cart["idx"]; $i++) {
// only handle downloadable products here
if (ps_product::is_downloadable($cart[$i]["product_id"])) {
$params = array('product_id' => $cart[$i]["product_id"], 'order_id' => $order_id, 'user_id' => $auth["user_id"]);
ps_order::insert_downloads_for_product($params);
if (@VM_DOWNLOADABLE_PRODUCTS_KEEP_STOCKLEVEL == '1') {
// Update the product stock level back to where it was.
$q = "UPDATE #__{vm}_product ";
$q .= "SET product_in_stock = product_in_stock + " . (int) $cart[$i]["quantity"];
$q .= " WHERE product_id = '" . (int) $cart[$i]["product_id"] . "'";
$db->query($q);
}
}
}
}
################## END DOWNLOAD MOD ###########
// Export the order_id so the checkout complete page can get it
$d["order_id"] = $order_id;
/*
* Let the shipping module know which shipping method
* was selected. This way it can save any information
* it might need later to print a shipping label.
*/
if (is_callable(array($this->_SHIPPING, 'save_rate_info'))) {
$this->_SHIPPING->save_rate_info($d);
}
// Now as everything else has been done, we can update the Order Status
$update_order = false;
if ($order_total == 0.0) {
// code moved out of $_PAYMENT check as no payment will be needed when $order_total=0.0
// If the Order Total is zero, we can confirm the order to automatically enable the download
$d['order_status'] = ENABLE_DOWNLOAD_STATUS;
$update_order = true;
} elseif (isset($_PAYMENT)) {
if ($d['new_order_status'] != 'P') {
$d['order_status'] = $d['new_order_status'];
$update_order = true;
}
}
if ($update_order) {
require_once CLASSPATH . "ps_order.php";
$ps_order = new ps_order();
$ps_order->order_status_update($d);
}
// Send the e-mail confirmation messages
$ps_chkout->email_receipt($order_id);
// Reset the cart (=empty it)
$ps_cart->reset();
$_SESSION['savedcart']['idx'] = 0;
$ps_cart->saveCart();
// Unset the payment_method variables
$d["payment_method_id"] = "";
$d["order_payment_number"] = "";
$d["order_payment_expire"] = "";
$d["order_payment_name"] = "";
$d["credit_card_code"] = "";
// Clear the sensitive Session data
$_SESSION['ccdata']['order_payment_name'] = "";
$_SESSION['ccdata']['order_payment_number'] = "";
$_SESSION['ccdata']['order_payment_expire_month'] = "";
$_SESSION['ccdata']['order_payment_expire_year'] = "";
$_SESSION['ccdata']['credit_card_code'] = "";
$_SESSION['coupon_discount'] = "";
$_SESSION['coupon_id'] = "";
$_SESSION['coupon_redeemed'] = false;
$_POST["payment_method_id"] = "";
$_POST["order_payment_number"] = "";
$_POST["order_payment_expire"] = "";
$_POST["order_payment_name"] = "";
$_SESSION['order_id'] = $order_id;
}
/**
* Updates a Shipping Adress for the specified user info ID
*
* @param array $d
* @return boolean
*/
function update(&$d)
{
global $perm, $VM_LANG;
require_once CLASSPATH . 'ps_userfield.php';
$db = new ps_DB();
$timestamp = time();
if (!$this->validate_update($d)) {
return false;
}
// Get all fields which where shown to the user
$shippingFields = ps_userfield::getUserFields('shipping', false, '', true);
$skip_fields = ps_userfield::getSkipFields();
foreach ($shippingFields as $userField) {
if (!in_array($userField->name, $skip_fields)) {
$fields[$userField->name] = ps_userfield::prepareFieldDataSave($userField->type, $userField->name, vmGet($d, $userField->name, strtoupper($userField->name)));
}
}
// These are pre-defined fields.
$fields['user_id'] = !$perm->check("admin,storeadmin") ? $_SESSION['auth']['user_id'] : (int) $d["user_id"];
$fields['address_type'] = 'ST';
$fields['mdate'] = time();
$db->buildQuery('UPDATE', '#__{vm}_user_info', $fields, "WHERE user_info_id='" . $db->getEscaped($d["user_info_id"]) . "'" . (!$perm->check("admin,storeadmin") ? " AND user_id=" . $_SESSION['auth']['user_id'] : ''));
if ($db->query() === false) {
$GLOBALS['vmLogger']->err($VM_LANG->_('VM_USERADDRESS_UPDATED_FAILED'));
return false;
}
$GLOBALS['vmLogger']->info($VM_LANG->_('VM_USERADDRESS_UPDATED'));
vmRequest::setVar('ship_to_info_id', $d['user_info_id']);
return true;
}
/**
* updates function information
* @author pablo, soeren
*
* @param array $d
* @return boolean
*/
function update(&$d)
{
global $vmLogger, $VM_LANG;
$db = new ps_DB();
$timestamp = time();
if (!$this->validate_update($d)) {
return False;
}
$fields = array('group_name' => $d["group_name"], 'group_level' => (int) $d["group_level"]);
$db->buildQuery('UPDATE', $this->_table_name, $fields, 'WHERE ' . $this->_key . '=' . (int) $d[$this->_key]);
if ($db->query()) {
$vmLogger->info($VM_LANG->_('VM_USER_GROUP_UPDATED'));
}
return True;
}
/**
* Updates a tax record
* @author pablo
*
* @param arry $d The _REQUEST array
* @return boolean True on success, false on failure
*/
function update(&$d)
{
global $VM_LANG;
$db = new ps_DB();
$ps_vendor_id = $_SESSION["ps_vendor_id"];
$timestamp = time();
if (!$this->validate_update($d)) {
return False;
}
$fields = array('vendor_id' => $ps_vendor_id, 'tax_state' => vmget($d, 'tax_state'), 'tax_country' => vmget($d, 'tax_country'), 'tax_rate' => $d["tax_rate"], 'mdate' => $timestamp);
$db->buildQuery('UPDATE', $this->getTable(), $fields, 'WHERE tax_rate_id=' . $d["tax_rate_id"] . ' AND vendor_id=' . $ps_vendor_id);
if ($db->query() !== false) {
$GLOBALS['vmLogger']->info($VM_LANG->_('VM_TAX_UPDATED'));
return True;
}
$GLOBALS['vmLogger']->err($VM_LANG->_('VM_TAX_UPDATE_FAILED'));
return false;
}
