$quantity = COM_applyFilter($_POST['quantity']); $title = COM_applyFilter($_POST['title']); $comment = COM_applyFilter($_POST['comment']); $rating = COM_applyFilter($_POST['rating']); $title = COM_applyFilter($_POST['title']); $comment_id = COM_applyFilter($_POST['comment_id']); $add_search = COM_applyFilter($_POST['add_search']); $edit_comment = COM_applyFilter($_GET['edit_comment']); $url = "products_full.php?id={$id}&catagory_search={$catagory_search}&name_search={$name_search}&sort={$sort}"; $comment = new rating($url, $id); $display = COM_siteHeader(); if (isset($_POST['add_to_cart'])) { require_once $_CONF['path'] . "/plugins/ecommerce/shopping_cart.class.php"; $c = new shopping_cart($_SESSION['cart']); if (isset($_POST['price'])) { $_SESSION['cart'] = $c->add_to_cart($id, "1", $price); } else { $_SESSION['cart'] = $c->add_to_cart($id, $quantity); } } // Add review for the current product if (isset($_POST['add_review'])) { $comment->add_review($title, $comment, $rating); } //Delete Comment if (isset($_GET['delete_comment'])) { $comment->delete_review($_GET['delete_comment']); } //Save edited comment if (isset($_POST['save_review'])) { $comment->save_edited_review($comment_id, $rating, $comment, $title);
$T->set_var('search_trail', $s->get_search_trail()); $T->set_var('catagory_options', $s->get_catagory_option()); $T->set_var('catagory_search', $s->get_catagory()); $T->set_var('name_search', $s->get_name()); $T->set_var('sort_none', $s->get_sort() == "" ? true : false); $T->set_var('sort_price', $s->get_sort() == "price" ? true : false); $T->set_var('msg_22', $LANG_ECOM[22]); $T->set_var('msg_14', $LANG_ECOM[14]); $T->set_var('msg_102', $LANG_ECOM[102]); $T->set_var('msg_143', $LANG_ECOM[143]); //Add item to chart if (isset($_GET['add_id'])) { $add_id = COM_applyFilter($_GET['add_id']); require_once $_CONF['path'] . "/plugins/ecommerce/shopping_cart.class.php"; $c = new shopping_cart($_SESSION['cart']); $_SESSION['cart'] = $c->add_to_cart($add_id, "1"); } //Build the Where clause can only search by catagory and name as of now. if ($s->get_catagory() != "" && $_GET['name_search'] != "") { $where_clause = "ecom_item_name LIKE '%" . $name_search . "%' AND " . get_catagory_list($s->get_catagory()); } else { if ($s->get_catagory() != "") { $where_clause = get_catagory_list($s->get_catagory()); } else { if ($_GET['name_search'] != "") { $where_clause = "ecom_item_name LIKE '%" . $name_search . "%'"; } else { $where_clause = "1=1"; } } }