Copyright © 2006 Kangaroo Partners
http://kangaroopartners.com
osc@kangaroopartners.com
*/
require_once 'attributeManager/classes/attributeManagerConfig.class.php';
require_once 'attributeManager/classes/amDB.class.php';
require_once 'attributeManager/classes/stopDirectAccess.class.php';
// Check the session var exists
if (is_array(${AM_SESSION_VAR_NAME}) && is_numeric($products_id)) {
foreach (${AM_SESSION_VAR_NAME} as $newAttribute) {
$newAttributeData = array('products_id' => $products_id, 'options_id' => amDB::input($newAttribute['options_id']), 'options_values_id' => amDB::input($newAttribute['options_values_id']), 'options_values_price' => amDB::input($newAttribute['options_values_price']), 'price_prefix' => amDB::input($newAttribute['price_prefix']));
// insert it into the database
amDB::perform(TABLE_PRODUCTS_ATTRIBUTES, $newAttributeData);
}
/**
* Delete the temporary session var
*/
amSessionUnregister(AM_SESSION_VAR_NAME);
/**
* remove the direct access authorization so that if the session is hijacked they wont be able
* access the attributeManagerFile directly without first going to the product addition page.
* If thats not secured then it doesn't really matter what this script does they have compleate access anyway im not at fault
*/
stopDirectAccess::deAuthorise(AM_SESSION_VALID_INCLUDE);
}
