示例#1
0
 function put_logo_image($action = '')
 {
     $newname = DIR_FS_CATALOG . 'images/' . $this->store_id . '_images';
     if (!is_dir($newname)) {
         mkdir($newname);
     }
     $allowed_files_types = array('gif', 'jpg', 'png');
     if (is_dir($newname)) {
         $store_logo_image = new upload($this->store_logo);
         $store_logo_image->set_destination($newname);
         $store_logo_image->set_extensions($allowed_files_types);
         $parsed = $store_logo_image->parse();
         if (!$parsed && $action == '') {
             if (copy(DIR_FS_CATALOG . 'images/store_images/default/default_store_logo.gif', $newname . '/default_store_logo.gif')) {
                 smn_db_query("update " . TABLE_STORE_MAIN . " set store_image = 'default_store_logo.gif' where store_id = '" . (int) $this->store_id . "'");
             }
         } else {
             if ($store_logo_image->file['size'] > MAX_IMAGE_FILE_SIZE && $parsed) {
                 if (copy(DIR_FS_CATALOG . 'images/store_images/default/default_store_logo.gif', $newname . '/default_store_logo.gif')) {
                     smn_db_query("update " . TABLE_STORE_MAIN . " set store_image = 'default_store_logo.gif' where store_id = '" . (int) $this->store_id . "'");
                 }
                 return sprintf(ERROR_IMAGE_FILE_SIZE_EXCEED, MAX_IMAGE_FILE_SIZE);
             } elseif ($parsed) {
                 $ext = substr($store_logo_image->filename, -4);
                 $store_logo_image->set_filename('logo' . $ext);
                 $saved = $store_logo_image->save();
                 if ($saved) {
                     smn_db_query("update " . TABLE_STORE_MAIN . " set store_image = '" . $store_logo_image->filename . "' where store_id = '" . (int) $this->store_id . "'");
                 } elseif ($action == '') {
                     $this->store_logo_image_name = '';
                     if (copy(DIR_FS_CATALOG . 'images/store_images/default/default_store_logo.gif', $newname . '/default_store_logo.gif')) {
                         smn_db_query("update " . TABLE_STORE_MAIN . " set store_image = 'default_store_logo.gif' where store_id = '" . (int) $this->store_id . "'");
                     }
                 }
             }
         }
     } else {
         return ERROR_CATALOG_IMAGE_DIRECTORY_DOES_NOT_EXIST;
     }
     return '';
 }
示例#2
0
  osCommerce, Open Source E-Commerce Solutions
  http://www.oscommerce.com

  Copyright (c) 2010 osCommerce

  Released under the GNU General Public License
*/
require 'includes/application_top.php';
$action = isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : '';
if (tep_not_null($action)) {
    switch ($action) {
        case 'save':
            $error = false;
            $store_logo = new upload('store_logo');
            $store_logo->set_extensions('png');
            $store_logo->set_destination(DIR_FS_CATALOG_IMAGES);
            if ($store_logo->parse()) {
                $store_logo->set_filename('store_logo.png');
                if ($store_logo->save()) {
                    $messageStack->add_session(SUCCESS_LOGO_UPDATED, 'success');
                } else {
                    $error = true;
                }
            } else {
                $error = true;
            }
            if ($error == false) {
                tep_redirect(tep_href_link(FILENAME_STORE_LOGO));
            }
            break;
 $attributes_price_letters = zen_db_prepare_input($_POST['attributes_price_letters']);
 $attributes_price_letters_free = zen_db_prepare_input($_POST['attributes_price_letters_free']);
 $attributes_required = zen_db_prepare_input($_POST['attributes_required']);
 $attribute_id = zen_db_prepare_input($_POST['attribute_id']);
 // edit
 // attributes images
 // when set to none remove from database
 if (isset($_POST['attributes_image']) && zen_not_null($_POST['attributes_image']) && $_POST['attributes_image'] != 'none') {
     $attributes_image = zen_db_prepare_input($_POST['attributes_image']);
     $attributes_image_none = false;
 } else {
     $attributes_image = '';
     $attributes_image_none = true;
 }
 $attributes_image = new upload('attributes_image');
 $attributes_image->set_extensions(array('jpg', 'jpeg', 'gif', 'png', 'webp', 'flv', 'webm', 'ogg'));
 $attributes_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']);
 if ($attributes_image->parse() && $attributes_image->save($_POST['overwrite'])) {
     $attributes_image_name = $attributes_image->filename != 'none' ? $_POST['img_dir'] . $attributes_image->filename : '';
 } else {
     $attributes_image_name = (isset($_POST['attributes_previous_image']) and $_POST['attributes_image'] != 'none') ? $_POST['attributes_previous_image'] : '';
 }
 if ($_POST['image_delete'] == 1) {
     $attributes_image_name = '';
 }
 // turned off until working
 $db->Execute("update " . TABLE_PRODUCTS_ATTRIBUTES . "\r\n                        set attributes_image = '" . zen_db_input($attributes_image_name) . "'\r\n                        where products_attributes_id = '" . (int) $attribute_id . "'");
 $db->Execute("update " . TABLE_PRODUCTS_ATTRIBUTES . "\r\n                          set products_id = '" . (int) $products_id . "',\r\n                              options_id = '" . (int) $options_id . "',\r\n                              options_values_id = '" . (int) $values_id . "',\r\n                              options_values_price = '" . zen_db_input($value_price) . "',\r\n                              price_prefix = '" . zen_db_input($price_prefix) . "',\r\n                              products_options_sort_order = '" . zen_db_input($products_options_sort_order) . "',\r\n                              product_attribute_is_free = '" . zen_db_input($product_attribute_is_free) . "',\r\n                              products_attributes_weight = '" . zen_db_input($products_attributes_weight) . "',\r\n                              products_attributes_weight_prefix = '" . zen_db_input($products_attributes_weight_prefix) . "',\r\n                              attributes_display_only = '" . zen_db_input($attributes_display_only) . "',\r\n                              attributes_default = '" . zen_db_input($attributes_default) . "',\r\n                              attributes_discounted = '" . zen_db_input($attributes_discounted) . "',\r\n                              attributes_price_base_included = '" . zen_db_input($attributes_price_base_included) . "',\r\n                              attributes_price_onetime = '" . zen_db_input($attributes_price_onetime) . "',\r\n                              attributes_price_factor = '" . zen_db_input($attributes_price_factor) . "',\r\n                              attributes_price_factor_offset = '" . zen_db_input($attributes_price_factor_offset) . "',\r\n                              attributes_price_factor_onetime = '" . zen_db_input($attributes_price_factor_onetime) . "',\r\n                              attributes_price_factor_onetime_offset = '" . zen_db_input($attributes_price_factor_onetime_offset) . "',\r\n                              attributes_qty_prices = '" . zen_db_input($attributes_qty_prices) . "',\r\n                              attributes_qty_prices_onetime = '" . zen_db_input($attributes_qty_prices_onetime) . "',\r\n                              attributes_price_words = '" . zen_db_input($attributes_price_words) . "',\r\n                              attributes_price_words_free = '" . zen_db_input($attributes_price_words_free) . "',\r\n                              attributes_price_letters = '" . zen_db_input($attributes_price_letters) . "',\r\n                              attributes_price_letters_free = '" . zen_db_input($attributes_price_letters_free) . "',\r\n                              attributes_required = '" . zen_db_input($attributes_required) . "'\r\n                          where products_attributes_id = '" . (int) $attribute_id . "'");
 if (DOWNLOAD_ENABLED == 'true') {
     $products_attributes_filename = zen_db_prepare_input($_POST['products_attributes_filename']);
     $products_attributes_maxdays = zen_db_prepare_input($_POST['products_attributes_maxdays']);
示例#4
0
             $export_info = $dbio->dbioExport('file');
             if ($export_info['status'] === false) {
                 $messageStack->add($export_info['message']);
             } else {
                 $messageStack->add_session(sprintf(DBIO_MGR_EXPORT_SUCCESSFUL, $_POST['handler'], $export_info['export_filename'], $export_info['stats']['record_count']), 'success');
                 $_SESSION['dbio_vars'] = $_POST;
                 $_SESSION['dbio_last_export'] = $export_info;
                 zen_redirect(zen_href_link(FILENAME_DBIO_MANAGER, zen_get_all_get_params(array('action'))));
             }
         }
     } elseif (isset($_POST['upload_button'])) {
         if (!zen_not_null($_FILES['upload_filename']['name'])) {
             $messageStack->add(ERROR_NO_FILE_TO_UPLOAD);
         } else {
             $upload = new upload('upload_filename');
             $upload->set_extensions(explode(',', DBIO_SUPPORTED_FILE_EXTENSIONS));
             $upload->set_destination(DIR_FS_DBIO);
             if ($upload->parse()) {
                 $upload->save();
             }
             zen_redirect(zen_href_link(FILENAME_DBIO_MANAGER, zen_get_all_get_params(array('action'))));
         }
     } else {
         zen_redirect(zen_href_link(FILENAME_DBIO_MANAGER, zen_get_all_get_params(array('action'))));
     }
     break;
 case 'file':
     if (!(isset($_POST['file_action']) && isset($_POST['filename_hash']) && isset($dbio_files[$_POST['filename_hash']]) || isset($_POST['delete_button']) && isset($_POST['delete_hash']))) {
         $messageStack->add_session(DBIO_FORM_SUBMISSION_ERROR);
     } elseif (isset($_POST['delete_button'])) {
         if (is_array($_POST['delete_hash'])) {
示例#5
0
 public static function save($id = null, $data)
 {
     global $lC_Database, $lC_Language, $lC_Image, $lC_CategoryTree;
     $error = false;
     $lC_Database->startTransaction();
     if (is_numeric($id)) {
         $Qproduct = $lC_Database->query('update :table_products set parent_id = :parent_id, products_quantity = :products_quantity, products_cost = :products_cost, products_price = :products_price, products_msrp = :products_msrp, products_model = :products_model, products_sku = :products_sku, products_weight = :products_weight, products_weight_class = :products_weight_class, products_status = :products_status, groups_pricing_enable = :groups_pricing_enable, qpb_pricing_enable = :qpb_pricing_enable, specials_pricing_enable = :specials_pricing_enable, products_tax_class_id = :products_tax_class_id, products_last_modified = now(), products_sort_order = :products_sort_order where products_id = :products_id');
         $Qproduct->bindInt(':products_id', $id);
     } else {
         $Qproduct = $lC_Database->query('insert into :table_products (parent_id, products_quantity, products_cost, products_price, products_msrp, products_model, products_sku, products_weight, products_weight_class, products_status, products_tax_class_id, products_ordered, products_date_added, groups_pricing_enable, qpb_pricing_enable, specials_pricing_enable, products_sort_order) values (:parent_id, :products_quantity, :products_cost, :products_price, :products_msrp, :products_model, :products_sku, :products_weight, :products_weight_class, :products_status, :products_tax_class_id, :products_ordered, :products_date_added, :groups_pricing_enable, :qpb_pricing_enable, :specials_pricing_enable, :products_sort_order)');
         $Qproduct->bindRaw(':products_date_added', 'now()');
         $Qproduct->bindInt(':products_ordered', $data['products_ordered']);
     }
     // set parent status
     if (isset($_POST['products_status']) && $_POST['products_status'] == 'active') {
         $data['status'] = 1;
     }
     if (isset($_POST['products_status']) && $_POST['products_status'] == 'inactive') {
         $data['status'] = -1;
     }
     if (isset($_POST['products_status']) && $_POST['products_status'] == 'recurring') {
         $data['status'] = 0;
     }
     $Qproduct->bindTable(':table_products', TABLE_PRODUCTS);
     $Qproduct->bindInt(':parent_id', $data['parent_id']);
     $Qproduct->bindInt(':products_quantity', $data['quantity']);
     $Qproduct->bindFloat(':products_cost', $data['cost']);
     $Qproduct->bindFloat(':products_price', $data['price']);
     $Qproduct->bindFloat(':products_msrp', $data['msrp']);
     $Qproduct->bindValue(':products_model', $data['model']);
     $Qproduct->bindValue(':products_sku', $data['sku']);
     $Qproduct->bindFloat(':products_weight', $data['weight']);
     $Qproduct->bindInt(':products_weight_class', $data['weight_class']);
     $Qproduct->bindInt(':products_tax_class_id', $data['tax_class_id']);
     $Qproduct->bindInt(':products_status', $data['status']);
     $Qproduct->bindInt(':groups_pricing_enable', $data['groups_pricing_switch']);
     $Qproduct->bindInt(':qpb_pricing_enable', $data['qpb_pricing_switch']);
     $Qproduct->bindInt(':specials_pricing_enable', $data['specials_pricing_switch']);
     $Qproduct->bindInt(':products_sort_order', $data['products_sort_order']);
     $Qproduct->setLogging($_SESSION['module'], $id);
     $Qproduct->execute();
     if (is_numeric($id)) {
         $products_id = $id;
     } else {
         $products_id = $lC_Database->nextID();
     }
     // products to categories
     if ($lC_Database->isError()) {
         $error = true;
     } else {
         $Qcategories = $lC_Database->query('delete from :table_products_to_categories where products_id = :products_id');
         $Qcategories->bindTable(':table_products_to_categories', TABLE_PRODUCTS_TO_CATEGORIES);
         $Qcategories->bindInt(':products_id', $products_id);
         $Qcategories->setLogging($_SESSION['module'], $products_id);
         $Qcategories->execute();
         if ($lC_Database->isError()) {
             $error = true;
         } else {
             if (isset($data['categories']) && !empty($data['categories'])) {
                 foreach ($data['categories'] as $category_id) {
                     $Qp2c = $lC_Database->query('insert into :table_products_to_categories (products_id, categories_id) values (:products_id, :categories_id)');
                     $Qp2c->bindTable(':table_products_to_categories', TABLE_PRODUCTS_TO_CATEGORIES);
                     $Qp2c->bindInt(':products_id', $products_id);
                     $Qp2c->bindInt(':categories_id', $category_id);
                     $Qp2c->setLogging($_SESSION['module'], $products_id);
                     $Qp2c->execute();
                     if ($lC_Database->isError()) {
                         $error = true;
                         break;
                     }
                 }
             }
         }
     }
     // product images
     if ($error === false) {
         $images = array();
         $products_image = new upload('products_image');
         $products_image->set_extensions(array('gif', 'jpg', 'jpeg', 'png'));
         if ($products_image->exists()) {
             $products_image->set_destination(realpath('../images/products/originals'));
             if ($products_image->parse() && $products_image->save()) {
                 $images[] = $products_image->filename;
             }
         }
         if (isset($data['localimages'])) {
             foreach ($data['localimages'] as $image) {
                 $image = basename($image);
                 if (@file_exists('../images/products/_upload/' . $image)) {
                     copy('../images/products/_upload/' . $image, '../images/products/originals/' . $image);
                     @unlink('../images/products/_upload/' . $image);
                     $images[] = $image;
                 }
             }
         }
         $default_flag = 1;
         foreach ($images as $image) {
             $Qimage = $lC_Database->query('insert into :table_products_images (products_id, image, default_flag, sort_order, date_added) values (:products_id, :image, :default_flag, :sort_order, :date_added)');
             $Qimage->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES);
             $Qimage->bindInt(':products_id', $products_id);
             $Qimage->bindValue(':image', $image);
             $Qimage->bindInt(':default_flag', $default_flag);
             $Qimage->bindInt(':sort_order', 0);
             $Qimage->bindRaw(':date_added', 'now()');
             $Qimage->setLogging($_SESSION['module'], $products_id);
             $Qimage->execute();
             if ($lC_Database->isError()) {
                 $error = true;
             } else {
                 foreach ($lC_Image->getGroups() as $group) {
                     if ($group['id'] != '1') {
                         $lC_Image->resize($image, $group['id']);
                     }
                 }
             }
             $default_flag = 0;
         }
     }
     // product description
     if ($error === false) {
         if (isset($data['categories']) && !empty($data['categories'])) {
             $cPath = $lC_CategoryTree->getcPath($data['categories'][0]);
         } else {
             $cPath = $category_id != '' ? $lC_CategoryTree->getcPath($category_id) : 0;
         }
         foreach ($lC_Language->getAll() as $l) {
             // this code will be revisited
             // if (self::validatePermalink($data['products_keyword'][$l['id']], $id, 2, $l['id']) != 1) {
             //   $data['products_keyword'][$l['id']] = $data['products_keyword'][$l['id']] . '-link';
             // }
             // check to see if the DB entry exists for the selected language
             $Qchk1 = $lC_Database->query('select products_description from :table_products_description where products_id = :products_id and language_id = :language_id limit 1');
             $Qchk1->bindTable(':table_products_description', TABLE_PRODUCTS_DESCRIPTION);
             $Qchk1->bindInt(':products_id', $products_id);
             $Qchk1->bindInt(':language_id', $l['id']);
             $Qchk1->execute();
             if (is_numeric($id) && $Qchk1->numberOfRows() == 1) {
                 $Qpd = $lC_Database->query('update :table_products_description set products_name = :products_name, products_blurb = :products_blurb, products_description = :products_description, products_keyword = :products_keyword, products_tags = :products_tags, products_url = :products_url where products_id = :products_id and language_id = :language_id');
             } else {
                 $Qpd = $lC_Database->query('insert into :table_products_description (products_id, language_id, products_name, products_blurb, products_description, products_keyword, products_tags, products_url) values (:products_id, :language_id, :products_name, :products_blurb, :products_description, :products_keyword, :products_tags, :products_url)');
             }
             $Qchk1->freeResult();
             $Qpd->bindTable(':table_products_description', TABLE_PRODUCTS_DESCRIPTION);
             $Qpd->bindInt(':products_id', $products_id);
             $Qpd->bindInt(':language_id', $l['id']);
             $Qpd->bindValue(':products_name', $data['products_name'][$l['id']]);
             $Qpd->bindValue(':products_blurb', $data['products_blurb'][$l['id']]);
             $Qpd->bindValue(':products_description', $data['products_description'][$l['id']]);
             $Qpd->bindValue(':products_keyword', $data['products_keyword'][$l['id']]);
             $Qpd->bindValue(':products_tags', $data['products_tags'][$l['id']]);
             $Qpd->bindValue(':products_url', $data['products_url'][$l['id']]);
             $Qpd->setLogging($_SESSION['module'], $products_id);
             $Qpd->execute();
             if ($lC_Database->isError()) {
                 $error = true;
                 break;
             }
             // check to see if the DB entry exists for the selected language
             $Qchk2 = $lC_Database->query('select products_description from :table_permalinks where item_id = :item_id and language_id = :language_id limit 1');
             $Qchk2->bindTable(':table_permalinks', TABLE_PERMALINKS);
             $Qchk2->bindInt(':item_id', $products_id);
             $Qchk2->bindInt(':language_id', $l['id']);
             $Qchk2->execute();
             // added for permalink
             if (is_numeric($id) && $Qchk2->numberOfRows() == 1) {
                 $Qpl = $lC_Database->query('update :table_permalinks set permalink = :permalink, query = :query where item_id = :item_id and type = :type and language_id = :language_id');
             } else {
                 $Qpl = $lC_Database->query('insert into :table_permalinks (item_id, language_id, type, query, permalink) values (:item_id, :language_id, :type, :query, :permalink)');
             }
             $Qchk2->freeResult();
             $Qpl->bindTable(':table_permalinks', TABLE_PERMALINKS);
             $Qpl->bindInt(':item_id', $products_id);
             $Qpl->bindInt(':language_id', $l['id']);
             $Qpl->bindInt(':type', 2);
             $Qpl->bindValue(':query', 'cPath=' . $cPath);
             $Qpl->bindValue(':permalink', $data['products_keyword'][$l['id']]);
             $Qpl->setLogging($_SESSION['module'], $products_id);
             $Qpl->execute();
             if ($lC_Database->isError()) {
                 $error = true;
                 break;
             }
         }
     }
     // product attributes
     if ($error === false) {
         if (isset($data['attributes']) && !empty($data['attributes'])) {
             foreach ($data['attributes'] as $attributes_id => $value) {
                 if (is_array($value)) {
                 } elseif (!empty($value) && $value != 'NULL') {
                     $Qcheck = $lC_Database->query('select id from :table_product_attributes where products_id = :products_id and id = :id limit 1');
                     $Qcheck->bindTable(':table_product_attributes', TABLE_PRODUCT_ATTRIBUTES);
                     $Qcheck->bindInt(':products_id', $products_id);
                     $Qcheck->bindInt(':id', $attributes_id);
                     $Qcheck->execute();
                     if ($Qcheck->numberOfRows() === 1) {
                         $Qattribute = $lC_Database->query('update :table_product_attributes set value = :value, value2 = :value2 where products_id = :products_id and id = :id');
                     } else {
                         $Qattribute = $lC_Database->query('insert into :table_product_attributes (id, products_id, languages_id, value, value2) values (:id, :products_id, :languages_id, :value, :value2)');
                         $Qattribute->bindInt(':languages_id', $lC_Language->getID());
                     }
                     // support for 2nd value such as end date
                     $value2 = isset($data['attributes2'][$attributes_id]) && $data['attributes2'][$attributes_id] != null ? $data['attributes2'][$attributes_id] : '';
                     $Qattribute->bindTable(':table_product_attributes', TABLE_PRODUCT_ATTRIBUTES);
                     $Qattribute->bindValue(':value', $value);
                     $Qattribute->bindValue(':value2', $value2);
                     $Qattribute->bindInt(':products_id', $products_id);
                     $Qattribute->bindInt(':id', $attributes_id);
                     $Qattribute->execute();
                     if ($lC_Database->isError()) {
                         $error = true;
                         break;
                     }
                 }
             }
         }
     }
     // simple options
     if ($error === false) {
         // delete the simple options
         $Qdel = $lC_Database->query('delete from :table_products_simple_options where products_id = :products_id');
         $Qdel->bindTable(':table_products_simple_options', TABLE_PRODUCTS_SIMPLE_OPTIONS);
         $Qdel->bindInt(':products_id', $products_id);
         $Qdel->setLogging($_SESSION['module'], $products_id);
         $Qdel->execute();
         // delete the simple options values
         $Qdel = $lC_Database->query('delete from :table_products_simple_options_values where products_id = :products_id');
         $Qdel->bindTable(':table_products_simple_options_values', TABLE_PRODUCTS_SIMPLE_OPTIONS_VALUES);
         $Qdel->bindInt(':products_id', $products_id);
         $Qdel->setLogging($_SESSION['module'], $products_id);
         $Qdel->execute();
         // if values are set, save them
         if (isset($data['simple_options_group_name']) && !empty($data['simple_options_group_name'])) {
             foreach ($data['simple_options_group_name'] as $group_id => $value) {
                 // add the new option
                 $Qoptions = $lC_Database->query('insert into :table_products_simple_options (options_id, products_id, sort_order, status) values (:options_id, :products_id, :sort_order, :status)');
                 $Qoptions->bindTable(':table_products_simple_options', TABLE_PRODUCTS_SIMPLE_OPTIONS);
                 $Qoptions->bindInt(':options_id', $group_id);
                 $Qoptions->bindInt(':products_id', $products_id);
                 $Qoptions->bindInt(':sort_order', $data['simple_options_group_sort_order'][$group_id]);
                 $Qoptions->bindInt(':status', $data['simple_options_group_status'][$group_id]);
                 $Qoptions->setLogging($_SESSION['module'], $products_id);
                 $Qoptions->execute();
                 if ($lC_Database->isError()) {
                     $error = true;
                     break;
                 }
                 // add the new option values
                 if (is_array($data['simple_options_entry_price_modifier'])) {
                     foreach ($data['simple_options_entry_price_modifier'] as $customers_group_id => $options) {
                         foreach ($options as $options_id => $option_value) {
                             if ($options_id == $group_id) {
                                 foreach ($option_value as $values_id => $price_modifier) {
                                     // Added for simple options values sort order
                                     // based for now on variants values sort order globally across all products
                                     $Qsortorder = $lC_Database->query('select sort_order FROM :table_products_variants_values where id = :id');
                                     $Qsortorder->bindTable(':table_products_variants_values', TABLE_PRODUCTS_VARIANTS_VALUES);
                                     $Qsortorder->bindInt(':id', $values_id);
                                     $Qsortorder->execute();
                                     $Qoptval = $lC_Database->query('insert into :table_products_simple_options_values (products_id, values_id, options_id, customers_group_id, price_modifier, sort_order) values (:products_id, :values_id, :options_id, :customers_group_id, :price_modifier, :sort_order)');
                                     $Qoptval->bindTable(':table_products_simple_options_values', TABLE_PRODUCTS_SIMPLE_OPTIONS_VALUES);
                                     $Qoptval->bindInt(':products_id', $products_id);
                                     $Qoptval->bindInt(':values_id', $values_id);
                                     $Qoptval->bindInt(':options_id', $options_id);
                                     $Qoptval->bindInt(':customers_group_id', $customers_group_id);
                                     $Qoptval->bindInt(':sort_order', $Qsortorder->valueInt('sort_order'));
                                     $Qoptval->bindFloat(':price_modifier', (double) $price_modifier);
                                     $Qoptval->setLogging($_SESSION['module'], $products_id);
                                     $Qoptval->execute();
                                     if ($lC_Database->isError()) {
                                         $error = true;
                                         break 4;
                                     }
                                 }
                             }
                         }
                     }
                 }
             }
         }
     }
     // specials pricing
     if ($error === false) {
         if ($data['specials_pricing_switch'] == 1) {
             $specials_id = self::hasSpecial($products_id);
             $specials_data = array('specials_id' => (int) $specials_id, 'products_id' => (int) $products_id, 'specials_price' => $data['products_special_price1'], 'specials_start_date' => $data['products_special_start_date1'], 'specials_expires_date' => $data['products_special_expires_date1'], 'specials_status' => $data['products_special_pricing_enable1'] != '' ? 1 : 0);
             lC_Specials_Admin::save((int) $specials_id, $specials_data);
         }
     }
     if ($error === false) {
         $lC_Database->commitTransaction();
         lC_Cache::clear('categories');
         lC_Cache::clear('category_tree');
         lC_Cache::clear('also_purchased');
         return $products_id;
         // Return the products id for use with the save_close buttons
     }
     $lC_Database->rollbackTransaction();
     return false;
 }
示例#6
0
<?php

/**
 * @package admin
 * @copyright Copyright 2003-2006 Zen Cart Development Team
 * @copyright Portions Copyright 2003 osCommerce
 * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
 * @version $Id: new_product_preview.php 3009 2006-02-11 15:41:10Z wilt $
 */
if (!defined('IS_ADMIN_FLAG')) {
    die('Illegal Access');
}
// upload image, if submitted
if (!isset($_GET['read']) || $_GET['read'] == 'only') {
    $products_image = new upload('products_image');
    $products_image->set_extensions(array('jpg', 'jpeg', 'gif', 'png', 'webp', 'flv', 'webm', 'ogg'));
    $products_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']);
    if ($products_image->parse() && $products_image->save($_POST['overwrite'])) {
        $products_image_name = $_POST['img_dir'] . $products_image->filename;
    } else {
        $products_image_name = isset($_POST['products_previous_image']) ? $_POST['products_previous_image'] : '';
    }
}
// hook to allow interception of product-image uploading by admin-side observer class
$zco_notifier->notify('NOTIFY_ADMIN_PRODUCT_IMAGE_UPLOADED', $products_image, $products_image_name);
示例#7
0
        zen_mail($mail->fields['customers_firstname'] . ' ' . $mail->fields['customers_lastname'], $mail->fields['customers_email_address'], $subject, $message, STORE_NAME, $from, $html_msg, 'direct_email', array('file' => $attachment_file, 'name' => basename($attachment_file), 'mime_type' => $attachment_filetype));
        $recip_count++;
        $mail->MoveNext();
    }
    if ($recip_count > 0) {
        $messageStack->add_session(sprintf(NOTICE_EMAIL_SENT_TO, $mail_sent_to . ' (' . $recip_count . ')'), 'success');
    } else {
        $messageStack->add_session(sprintf(NOTICE_EMAIL_FAILED_SEND, $mail_sent_to . ' (' . $recip_count . ')'), 'error');
    }
    zen_redirect(zen_href_link(FILENAME_MAIL, 'mail_sent_to=' . urlencode($mail_sent_to) . '&recip_count=' . $recip_count));
}
if (EMAIL_ATTACHMENTS_ENABLED && $action == 'preview') {
    // PROCESS UPLOAD ATTACHMENTS
    if (isset($_FILES['upload_file']) && zen_not_null($_FILES['upload_file']) && $_POST['upload_file'] != 'none') {
        if ($attachments_obj = new upload('upload_file')) {
            $attachments_obj->set_extensions(array('jpg', 'jpeg', 'gif', 'png', 'zip', 'gzip', 'pdf', 'mp3', 'wma', 'wmv', 'wav', 'epub', 'ogg', 'webm', 'm4v', 'm4a'));
            $attachments_obj->set_destination(DIR_WS_ADMIN_ATTACHMENTS . $_POST['attach_dir']);
            if ($attachments_obj->parse() && $attachments_obj->save()) {
                $attachment_file = $_POST['attach_dir'] . $attachments_obj->filename;
                $attachment_fname = $attachments_obj->filename;
                $attachment_filetype = $_FILES['upload_file']['type'];
            }
        }
    }
    //DEBUG:
    //$messageStack->add('EOF-attachments_list='.$attachment_file.'->'.$attachment_filetype, 'caution');
}
//end attachments upload
// error detection
if ($action == 'preview') {
    if (!isset($_POST['customers_email_address'])) {
    }
    if (empty($cfgValue) && !is_numeric($cfgValue)) {
        $cfgValue = '&nbsp;';
    }
    return $cfgValue;
}
if (smn_not_null($action)) {
    switch ($action) {
        case 'save':
            $cID = smn_db_prepare_input($_GET['cID']);
            if ($_GET['store_logo'] == 'true') {
                // copy image
                $allowed_files_types = array('gif', 'jpg', 'jpeg', 'png');
                $store_logo_image = new upload('configuration_value');
                $store_logo_image->set_destination(DIR_FS_CATALOG_IMAGES);
                $store_logo_image->set_extensions($allowed_files_types);
                $parsed = $store_logo_image->parse();
                $ext = substr($store_logo_image->filename, -4);
                $store_logo_image->set_filename('logo' . $ext);
                $saved = $store_logo_image->save();
                if ($parsed && $saved) {
                    $store_logo_image_name = $store_logo_image->filename;
                    smn_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . $store_logo_image_name . "', last_modified = now() where configuration_id = '" . (int) $cID . "'");
                }
            } elseif ($_GET['store_type'] == 'true') {
                $group_count_query = smn_db_query("select count(*) as total from " . TABLE_STORE_TYPES);
                $group_count = smn_db_fetch_array($group_count_query);
                $count = (int) $group_count['total'] + 1 - 1;
                $sql_data_array = array('store_types_name' => smn_db_prepare_input($_POST['configuration_value']));
                smn_db_perform(TABLE_STORE_TYPES, $sql_data_array, 'insert');
                smn_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . $count . "', last_modified = now() where configuration_id = '" . (int) $cID . "'");
示例#9
0
 // validate form
 $value = isset($_POST['value']) ? tep_db_prepare_input($_POST['value']) : '';
 $order = isset($_POST['sort_order']) ? tep_db_prepare_input($_POST['sort_order']) : 0;
 $depends_on = isset($_POST['depends_on']) ? tep_db_prepare_input($_POST['depends_on']) : 0;
 $excludes = isset($_POST['excludes']) ? $_POST['excludes'] : array();
 if (!tep_not_null($value)) {
     $error = true;
     $messages[] = ERROR_VALUE;
     $action = 'edit';
 }
 $check = tep_db_query("select value_image from " . TABLE_EPF_VALUES . " where value_id = " . (int) $vid);
 $current = tep_db_fetch_array($check);
 $data_array = array('sort_order' => (int) $order, 'value_depends_on' => (int) $depends_on, 'epf_value' => $value);
 $value_image = new upload('values_image');
 $webimgetypes = array('jpg', 'jpeg', 'gif', 'png');
 $value_image->set_extensions($webimgtypes);
 $value_image->set_output_messages('session');
 $value_image->set_destination(DIR_FS_CATALOG_IMAGES . 'epf/');
 if ($value_image->parse()) {
     $check_query = tep_db_query('select value_id from ' . TABLE_EPF_VALUES . ' where value_image = "' . tep_db_input($value_image->filename) . '"');
     $num_found = tep_db_num_rows($check_query);
     $check = tep_db_fetch_array($check_query);
     if ($num_found > 0 && $check['value_id'] != $vid) {
         $error = true;
         $messages[] = ERROR_FILENAME_USED;
         $action = 'edit';
     } elseif ($value_image->save()) {
         $data_array['value_image'] = $value_image->filename;
         if ($current['value_image'] != '' && $value_image->filename != $current['value_image']) {
             // image file name has changed, remove old file
             if (file_exists(DIR_FS_CATALOG_IMAGES . 'epf/' . $current['value_image'])) {
示例#10
0
     $sql_data_array = array('categories_name' => zen_db_prepare_input($categories_name_array[$language_id]), 'categories_description' => $categories_description_array[$language_id] == '<p />' ? '' : zen_db_prepare_input($categories_description_array[$language_id]));
     if ($action == 'insert_category') {
         $insert_sql_data = array('categories_id' => (int) $categories_id, 'language_id' => (int) $languages[$i]['id']);
         $sql_data_array = array_merge($sql_data_array, $insert_sql_data);
         zen_db_perform(TABLE_CATEGORIES_DESCRIPTION, $sql_data_array);
     } elseif ($action == 'update_category') {
         zen_db_perform(TABLE_CATEGORIES_DESCRIPTION, $sql_data_array, 'update', "categories_id = '" . (int) $categories_id . "' and language_id = '" . (int) $languages[$i]['id'] . "'");
     }
 }
 if ($_POST['categories_image_manual'] != '') {
     // add image manually
     $categories_image_name = zen_db_input($_POST['img_dir'] . $_POST['categories_image_manual']);
     $db->Execute("update " . TABLE_CATEGORIES . "\n                      set categories_image = '" . $categories_image_name . "'\n                      where categories_id = '" . (int) $categories_id . "'");
 } else {
     if ($categories_image = new upload('categories_image')) {
         $categories_image->set_extensions(array('jpg', 'jpeg', 'gif', 'png', 'webp', 'flv', 'webm', 'ogg'));
         $categories_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']);
         if ($categories_image->parse() && $categories_image->save()) {
             $categories_image_name = zen_db_input($_POST['img_dir'] . $categories_image->filename);
         }
         if ($categories_image->filename != 'none' && $categories_image->filename != '' && $_POST['image_delete'] != 1) {
             // save filename when not set to none and not blank
             $db->Execute("update " . TABLE_CATEGORIES . "\n                          set categories_image = '" . $categories_image_name . "'\n                          where categories_id = '" . (int) $categories_id . "'");
         } else {
             // remove filename when set to none and not blank
             if ($categories_image->filename != '' || $_POST['image_delete'] == 1) {
                 $db->Execute("update " . TABLE_CATEGORIES . "\n                            set categories_image = ''\n                            where categories_id = '" . (int) $categories_id . "'");
             }
         }
     }
 }
示例#11
0
     $insert_sql_data = array('date_added' => 'now()');
     $sql_data_array = array_merge($sql_data_array, $insert_sql_data);
     zen_db_perform(TABLE_MANUFACTURERS, $sql_data_array);
     $manufacturers_id = zen_db_insert_id();
 } elseif ($action == 'save') {
     $update_sql_data = array('last_modified' => 'now()');
     $sql_data_array = array_merge($sql_data_array, $update_sql_data);
     zen_db_perform(TABLE_MANUFACTURERS, $sql_data_array, 'update', "manufacturers_id = '" . (int) $manufacturers_id . "'");
 }
 if ($_POST['manufacturers_image_manual'] != '') {
     // add image manually
     $manufacturers_image_name = zen_db_input($_POST['img_dir'] . $_POST['manufacturers_image_manual']);
     $db->Execute("update " . TABLE_MANUFACTURERS . "\r\n                      set manufacturers_image = '" . $manufacturers_image_name . "'\r\n                      where manufacturers_id = '" . (int) $manufacturers_id . "'");
 } else {
     $manufacturers_image = new upload('manufacturers_image');
     $manufacturers_image->set_extensions(array('jpg', 'jpeg', 'gif', 'png', 'webp', 'flv', 'webm', 'ogg'));
     $manufacturers_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']);
     if ($manufacturers_image->parse() && $manufacturers_image->save()) {
         // remove image from database if none
         if ($manufacturers_image->filename != 'none') {
             $db->Execute("update " . TABLE_MANUFACTURERS . "\r\n                          set manufacturers_image = '" . zen_db_input($_POST['img_dir'] . $manufacturers_image->filename) . "'\r\n                          where manufacturers_id = '" . (int) $manufacturers_id . "'");
         } else {
             $db->Execute("update " . TABLE_MANUFACTURERS . "\r\n                          set manufacturers_image = ''\r\n                          where manufacturers_id = '" . (int) $manufacturers_id . "'");
         }
     }
 }
 $languages = zen_get_languages();
 for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
     $manufacturers_url_array = $_POST['manufacturers_url'];
     $language_id = $languages[$i]['id'];
     $sql_data_array = array('manufacturers_url' => zen_db_prepare_input($manufacturers_url_array[$language_id]));
示例#12
0
     $insert_sql_data = array('date_added' => 'now()');
     $sql_data_array = array_merge($sql_data_array, $insert_sql_data);
     zen_db_perform(TABLE_RECORD_COMPANY, $sql_data_array);
     $record_company_id = zen_db_insert_id();
 } elseif ($action == 'save') {
     $update_sql_data = array('last_modified' => 'now()');
     $sql_data_array = array_merge($sql_data_array, $update_sql_data);
     zen_db_perform(TABLE_RECORD_COMPANY, $sql_data_array, 'update', "record_company_id = '" . (int) $record_company_id . "'");
 }
 if ($_POST['record_company_image_manual'] != '') {
     // add image manually
     $artists_image_name = zen_db_input($_POST['img_dir'] . $_POST['record_company_image_manual']);
     $db->Execute("update " . TABLE_RECORD_COMPANY . "\r\n                      set record_company_image = '" . $artists_image_name . "'\r\n                      where record_company_id = '" . (int) $record_company_id . "'");
 } else {
     $record_company_image = new upload('record_company_image');
     $record_company_image->set_extensions(array('jpg', 'jpeg', 'gif', 'png', 'webp', 'flv', 'webm', 'ogg'));
     $record_company_image->set_destination(DIR_FS_CATALOG_IMAGES . $_POST['img_dir']);
     if ($record_company_image->parse() && $record_company_image->save()) {
         // remove image from database if none
         if ($record_company_image->filename != 'none') {
             // remove image from database if none
             $db->Execute("update " . TABLE_RECORD_COMPANY . "\r\n                          set record_company_image = '" . zen_db_input($_POST['img_dir'] . $record_company_image->filename) . "'\r\n                          where record_company_id = '" . (int) $record_company_id . "'");
         } else {
             $db->Execute("update " . TABLE_RECORD_COMPANY . "\r\n                          set record_company_image = ''\r\n                          where record_company_id = '" . (int) $record_company_id . "'");
         }
     }
 }
 $languages = zen_get_languages();
 for ($i = 0, $n = sizeof($languages); $i < $n; $i++) {
     $record_company_url_array = $_POST['record_company_url'];
     $language_id = $languages[$i]['id'];
示例#13
0
         $delete_query = "delete from " . TABLE_MEDIA_CLIPS . " where clip_id  = '" . (int) $_POST['clip_id'] . "'";
         $db->Execute($delete_query);
         zen_redirect(zen_href_link(FILENAME_MEDIA_MANAGER, 'action=edit&page=' . $_GET['page'] . '&mID=' . $_POST['mID']));
     }
     break;
 case 'insert':
 case 'save':
     if (isset($_POST['add_clip'])) {
         $clip_name = $_FILES['clip_filename'];
         $clip_name = zen_db_prepare_input($clip_name['name']);
         if ($clip_name) {
             $media_type = zen_db_prepare_input($_POST['media_type']);
             $ext = $db->Execute("select type_ext from " . TABLE_MEDIA_TYPES . " where type_id = '" . (int) $_POST['media_type'] . "'");
             if (preg_match('/' . $ext->fields['type_ext'] . '/', $clip_name)) {
                 if ($media_upload = new upload('clip_filename')) {
                     $media_upload->set_extensions(array('mp3', 'mp4', 'swf', 'avi', 'mpg', 'wma', 'rm', 'ra', 'ram', 'wmv', 'epub', 'flv', 'ogg', 'm4v', 'm4a', 'webm'));
                     $media_upload->set_destination(DIR_FS_CATALOG_MEDIA . $_POST['media_dir']);
                     if ($media_upload->parse() && $media_upload->save()) {
                         $media_upload_filename = zen_db_prepare_input($_POST['media_dir'] . $media_upload->filename);
                     }
                     if ($media_upload->filename != 'none' && $media_upload->filename != '' && is_writable(DIR_FS_CATALOG_MEDIA . $_POST['media_dir'])) {
                         $db->Execute("insert into " . TABLE_MEDIA_CLIPS . "\r\n                                (media_id, clip_type, clip_filename, date_added) values (\r\n                                 '" . (int) $_GET['mID'] . "',\r\n                                 '" . zen_db_prepare_input($media_type) . "',\r\n                                 '" . $media_upload_filename . "', now())");
                     }
                 }
             }
         }
     }
     if (isset($_GET['mID'])) {
         $media_id = zen_db_prepare_input($_GET['mID']);
     }
     $media_name = zen_db_prepare_input($_POST['media_name']);
示例#14
0
 public static function save($id = null, $data)
 {
     global $osC_Database, $osC_Language, $osC_Image;
     $error = false;
     $osC_Database->startTransaction();
     if (is_numeric($id)) {
         $Qproduct = $osC_Database->query('update :table_products set products_quantity = :products_quantity, products_price = :products_price, products_model = :products_model, products_weight = :products_weight, products_weight_class = :products_weight_class, products_status = :products_status, products_tax_class_id = :products_tax_class_id, products_last_modified = now() where products_id = :products_id');
         $Qproduct->bindInt(':products_id', $id);
     } else {
         $Qproduct = $osC_Database->query('insert into :table_products (products_quantity, products_price, products_model, products_weight, products_weight_class, products_status, products_tax_class_id, products_date_added) values (:products_quantity, :products_price, :products_model, :products_weight, :products_weight_class, :products_status, :products_tax_class_id, :products_date_added)');
         $Qproduct->bindRaw(':products_date_added', 'now()');
     }
     $Qproduct->bindTable(':table_products', TABLE_PRODUCTS);
     $Qproduct->bindInt(':products_quantity', $data['quantity']);
     $Qproduct->bindFloat(':products_price', $data['price']);
     $Qproduct->bindValue(':products_model', $data['model']);
     $Qproduct->bindFloat(':products_weight', $data['weight']);
     $Qproduct->bindInt(':products_weight_class', $data['weight_class']);
     $Qproduct->bindInt(':products_status', $data['status']);
     $Qproduct->bindInt(':products_tax_class_id', $data['tax_class_id']);
     //      $Qproduct->setLogging($_SESSION['module'], $id);
     $Qproduct->execute();
     if ($osC_Database->isError()) {
         $error = true;
     } else {
         if (is_numeric($id)) {
             $products_id = $id;
         } else {
             $products_id = $osC_Database->nextID();
         }
         $Qcategories = $osC_Database->query('delete from :table_products_to_categories where products_id = :products_id');
         $Qcategories->bindTable(':table_products_to_categories', TABLE_PRODUCTS_TO_CATEGORIES);
         $Qcategories->bindInt(':products_id', $products_id);
         //        $Qcategories->setLogging($_SESSION['module'], $products_id);
         $Qcategories->execute();
         if ($osC_Database->isError()) {
             $error = true;
         } else {
             if (isset($data['categories']) && !empty($data['categories'])) {
                 foreach ($data['categories'] as $category_id) {
                     $Qp2c = $osC_Database->query('insert into :table_products_to_categories (products_id, categories_id) values (:products_id, :categories_id)');
                     $Qp2c->bindTable(':table_products_to_categories', TABLE_PRODUCTS_TO_CATEGORIES);
                     $Qp2c->bindInt(':products_id', $products_id);
                     $Qp2c->bindInt(':categories_id', $category_id);
                     //              $Qp2c->setLogging($_SESSION['module'], $products_id);
                     $Qp2c->execute();
                     if ($osC_Database->isError()) {
                         $error = true;
                         break;
                     }
                 }
             }
         }
     }
     if ($error === false) {
         $images = array();
         $products_image = new upload('products_image');
         $products_image->set_extensions(array('gif', 'jpg', 'jpeg', 'png'));
         if ($products_image->exists()) {
             $products_image->set_destination(realpath('../images/products/originals'));
             if ($products_image->parse() && $products_image->save()) {
                 $images[] = $products_image->filename;
             }
         }
         if (isset($data['localimages'])) {
             foreach ($data['localimages'] as $image) {
                 $image = basename($image);
                 if (file_exists('../images/products/_upload/' . $image)) {
                     copy('../images/products/_upload/' . $image, '../images/products/originals/' . $image);
                     @unlink('../images/products/_upload/' . $image);
                     $images[] = $image;
                 }
             }
         }
         $default_flag = 1;
         foreach ($images as $image) {
             $Qimage = $osC_Database->query('insert into :table_products_images (products_id, image, default_flag, sort_order, date_added) values (:products_id, :image, :default_flag, :sort_order, :date_added)');
             $Qimage->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES);
             $Qimage->bindInt(':products_id', $products_id);
             $Qimage->bindValue(':image', $image);
             $Qimage->bindInt(':default_flag', $default_flag);
             $Qimage->bindInt(':sort_order', 0);
             $Qimage->bindRaw(':date_added', 'now()');
             //          $Qimage->setLogging($_SESSION['module'], $products_id);
             $Qimage->execute();
             if ($osC_Database->isError()) {
                 $error = true;
             } else {
                 foreach ($osC_Image->getGroups() as $group) {
                     if ($group['id'] != '1') {
                         $osC_Image->resize($image, $group['id']);
                     }
                 }
             }
             $default_flag = 0;
         }
     }
     if ($error === false) {
         foreach ($osC_Language->getAll() as $l) {
             if (is_numeric($id)) {
                 $Qpd = $osC_Database->query('update :table_products_description set products_name = :products_name, products_description = :products_description, products_keyword = :products_keyword, products_tags = :products_tags, products_url = :products_url where products_id = :products_id and language_id = :language_id');
             } else {
                 $Qpd = $osC_Database->query('insert into :table_products_description (products_id, language_id, products_name, products_description, products_keyword, products_tags, products_url) values (:products_id, :language_id, :products_name, :products_description, :products_keyword, :products_tags, :products_url)');
             }
             $Qpd->bindTable(':table_products_description', TABLE_PRODUCTS_DESCRIPTION);
             $Qpd->bindInt(':products_id', $products_id);
             $Qpd->bindInt(':language_id', $l['id']);
             $Qpd->bindValue(':products_name', $data['products_name'][$l['id']]);
             $Qpd->bindValue(':products_description', $data['products_description'][$l['id']]);
             $Qpd->bindValue(':products_keyword', $data['products_keyword'][$l['id']]);
             $Qpd->bindValue(':products_tags', $data['products_tags'][$l['id']]);
             $Qpd->bindValue(':products_url', $data['products_url'][$l['id']]);
             //          $Qpd->setLogging($_SESSION['module'], $products_id);
             $Qpd->execute();
             if ($osC_Database->isError()) {
                 $error = true;
                 break;
             }
         }
     }
     if ($error === false) {
         if (isset($data['attributes']) && !empty($data['attributes'])) {
             foreach ($data['attributes'] as $attributes_id => $value) {
                 if (is_array($value)) {
                 } elseif (!empty($value)) {
                     $Qcheck = $osC_Database->query('select id from :table_product_attributes where products_id = :products_id and id = :id limit 1');
                     $Qcheck->bindTable(':table_product_attributes', TABLE_PRODUCT_ATTRIBUTES);
                     $Qcheck->bindInt(':products_id', $products_id);
                     $Qcheck->bindInt(':id', $attributes_id);
                     $Qcheck->execute();
                     if ($Qcheck->numberOfRows() === 1) {
                         $Qattribute = $osC_Database->query('update :table_product_attributes set value = :value where products_id = :products_id and id = :id');
                     } else {
                         $Qattribute = $osC_Database->query('insert into :table_product_attributes (id, products_id, languages_id, value) values (:id, :products_id, :languages_id, :value)');
                         $Qattribute->bindInt(':languages_id', 0);
                     }
                     $Qattribute->bindTable(':table_product_attributes', TABLE_PRODUCT_ATTRIBUTES);
                     $Qattribute->bindValue(':value', $value);
                     $Qattribute->bindInt(':products_id', $products_id);
                     $Qattribute->bindInt(':id', $attributes_id);
                     $Qattribute->execute();
                     if ($osC_Database->isError()) {
                         $error = true;
                         break;
                     }
                 }
             }
         }
     }
     if ($error === false) {
         $variants_array = array();
         $default_variant_combo = null;
         if (isset($data['variants_combo']) && !empty($data['variants_combo'])) {
             foreach ($data['variants_combo'] as $key => $combos) {
                 if (isset($data['variants_combo_db'][$key])) {
                     $Qsubproduct = $osC_Database->query('update :table_products set products_quantity = :products_quantity, products_price = :products_price, products_model = :products_model, products_weight = :products_weight, products_weight_class = :products_weight_class, products_status = :products_status, products_tax_class_id = :products_tax_class_id where products_id = :products_id');
                     $Qsubproduct->bindInt(':products_id', $data['variants_combo_db'][$key]);
                 } else {
                     $Qsubproduct = $osC_Database->query('insert into :table_products (parent_id, products_quantity, products_price, products_model, products_weight, products_weight_class, products_status, products_tax_class_id, products_date_added) values (:parent_id, :products_quantity, :products_price, :products_model, :products_weight, :products_weight_class, :products_status, :products_tax_class_id, :products_date_added)');
                     $Qsubproduct->bindInt(':parent_id', $products_id);
                     $Qsubproduct->bindRaw(':products_date_added', 'now()');
                 }
                 $Qsubproduct->bindTable(':table_products', TABLE_PRODUCTS);
                 $Qsubproduct->bindInt(':products_quantity', $data['variants_quantity'][$key]);
                 $Qsubproduct->bindFloat(':products_price', $data['variants_price'][$key]);
                 $Qsubproduct->bindValue(':products_model', $data['variants_model'][$key]);
                 $Qsubproduct->bindFloat(':products_weight', $data['variants_weight'][$key]);
                 $Qsubproduct->bindInt(':products_weight_class', $data['variants_weight_class'][$key]);
                 $Qsubproduct->bindInt(':products_status', $data['variants_status'][$key]);
                 $Qsubproduct->bindInt(':products_tax_class_id', $data['variants_tax_class_id'][$key]);
                 //            $Qsubproduct->setLogging($_SESSION['module'], $id);
                 $Qsubproduct->execute();
                 if (isset($data['variants_combo_db'][$key])) {
                     $subproduct_id = $data['variants_combo_db'][$key];
                 } else {
                     $subproduct_id = $osC_Database->nextID();
                 }
                 if ($data['variants_default_combo'] == $key) {
                     $default_variant_combo = $subproduct_id;
                 }
                 /*
                             if ( $osC_Database->isError() ) {
                               $error = true;
                               break;
                             }
                 */
                 $combos_array = explode(';', $combos);
                 foreach ($combos_array as $combo) {
                     list($vgroup, $vvalue) = explode('_', $combo);
                     $variants_array[$subproduct_id][] = $vvalue;
                     $check_combos_array[] = $vvalue;
                     $Qcheck = $osC_Database->query('select products_id from :table_products_variants where products_id = :products_id and products_variants_values_id = :products_variants_values_id');
                     $Qcheck->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
                     $Qcheck->bindInt(':products_id', $subproduct_id);
                     $Qcheck->bindInt(':products_variants_values_id', $vvalue);
                     $Qcheck->execute();
                     if ($Qcheck->numberOfRows() < 1) {
                         $Qvcombo = $osC_Database->query('insert into :table_products_variants (products_id, products_variants_values_id) values (:products_id, :products_variants_values_id)');
                         $Qvcombo->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
                         $Qvcombo->bindInt(':products_id', $subproduct_id);
                         $Qvcombo->bindInt(':products_variants_values_id', $vvalue);
                         //                $Qvcombo->setLogging($_SESSION['module'], $products_id);
                         $Qvcombo->execute();
                         if ($osC_Database->isError()) {
                             $error = true;
                             break 2;
                         }
                     }
                 }
             }
         }
         if ($error === false) {
             if (empty($variants_array)) {
                 $Qcheck = $osC_Database->query('select pv.* from :table_products p, :table_products_variants pv where p.parent_id = :parent_id and p.products_id = pv.products_id');
                 $Qcheck->bindTable(':table_products', TABLE_PRODUCTS);
                 $Qcheck->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
                 $Qcheck->bindInt(':parent_id', $products_id);
                 $Qcheck->execute();
                 while ($Qcheck->next()) {
                     $Qdel = $osC_Database->query('delete from :table_products_variants where products_id = :products_id');
                     $Qdel->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
                     $Qdel->bindInt(':products_id', $Qcheck->valueInt('products_id'));
                     $Qdel->execute();
                     $Qdel = $osC_Database->query('delete from :table_products where products_id = :products_id');
                     $Qdel->bindTable(':table_products', TABLE_PRODUCTS);
                     $Qdel->bindInt(':products_id', $Qcheck->valueInt('products_id'));
                     $Qdel->execute();
                 }
             } else {
                 $Qcheck = $osC_Database->query('select pv.* from :table_products p, :table_products_variants pv where p.parent_id = :parent_id and p.products_id = pv.products_id and pv.products_id not in (":products_id")');
                 $Qcheck->bindTable(':table_products', TABLE_PRODUCTS);
                 $Qcheck->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
                 $Qcheck->bindInt(':parent_id', $products_id);
                 $Qcheck->bindRaw(':products_id', implode('", "', array_keys($variants_array)));
                 $Qcheck->execute();
                 while ($Qcheck->next()) {
                     $Qdel = $osC_Database->query('delete from :table_products_variants where products_id = :products_id and products_variants_values_id = :products_variants_values_id');
                     $Qdel->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
                     $Qdel->bindInt(':products_id', $Qcheck->valueInt('products_id'));
                     $Qdel->bindInt(':products_variants_values_id', $Qcheck->valueInt('products_variants_values_id'));
                     $Qdel->execute();
                     $Qdel = $osC_Database->query('delete from :table_products where products_id = :products_id');
                     $Qdel->bindTable(':table_products', TABLE_PRODUCTS);
                     $Qdel->bindInt(':products_id', $Qcheck->valueInt('products_id'));
                     $Qdel->execute();
                 }
                 foreach ($variants_array as $key => $values) {
                     $Qdel = $osC_Database->query('delete from :table_products_variants where products_id = :products_id and products_variants_values_id not in (":products_variants_values_id")');
                     $Qdel->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
                     $Qdel->bindInt(':products_id', $key);
                     $Qdel->bindRaw(':products_variants_values_id', implode('", "', $values));
                     $Qdel->execute();
                 }
             }
         }
         $Qupdate = $osC_Database->query('update :table_products set has_children = :has_children where products_id = :products_id');
         $Qupdate->bindTable(':table_products', TABLE_PRODUCTS);
         $Qupdate->bindInt(':has_children', empty($variants_array) ? 0 : 1);
         $Qupdate->bindInt(':products_id', $products_id);
         $Qupdate->execute();
     }
     if ($error === false) {
         $Qupdate = $osC_Database->query('update :table_products_variants set default_combo = :default_combo where products_id in (":products_id")');
         $Qupdate->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
         $Qupdate->bindInt(':default_combo', 0);
         $Qupdate->bindRaw(':products_id', implode('", "', array_keys($variants_array)));
         $Qupdate->execute();
         if (is_numeric($default_variant_combo)) {
             $Qupdate = $osC_Database->query('update :table_products_variants set default_combo = :default_combo where products_id = :products_id');
             $Qupdate->bindTable(':table_products_variants', TABLE_PRODUCTS_VARIANTS);
             $Qupdate->bindInt(':default_combo', 1);
             $Qupdate->bindInt(':products_id', $default_variant_combo);
             $Qupdate->execute();
         }
     }
     if ($error === false) {
         $osC_Database->commitTransaction();
         osC_Cache::clear('categories');
         osC_Cache::clear('category_tree');
         osC_Cache::clear('also_purchased');
         return true;
     }
     $osC_Database->rollbackTransaction();
     return false;
 }
示例#15
0
  osCommerce, Open Source E-Commerce Solutions
  http://www.oscommerce.com

  Copyright (c) 2014 osCommerce

  Released under the GNU General Public License
*/
require 'includes/application_top.php';
$action = isset($_GET['action']) ? $_GET['action'] : '';
if (tep_not_null($action)) {
    switch ($action) {
        case 'save':
            $error = false;
            $store_logo = new upload('store_logo');
            $store_logo->set_extensions(array('png', 'gif', 'jpg'));
            $store_logo->set_destination(DIR_FS_CATALOG_IMAGES);
            if ($store_logo->parse()) {
                if ($store_logo->save()) {
                    $messageStack->add_session(SUCCESS_LOGO_UPDATED, 'success');
                    tep_db_query("update configuration set configuration_value = '" . tep_db_input($store_logo->filename) . "', last_modified = now() where configuration_value = '" . STORE_LOGO . "'");
                } else {
                    $error = true;
                }
            } else {
                $error = true;
            }
            if ($error == false) {
                tep_redirect(tep_href_link(FILENAME_STORE_LOGO));
            }
            break;
            smn_reset_cache_block('categories');
            smn_reset_cache_block('also_purchased');
          }
        }
        smn_redirect(html_entity_decode(smn_href_link(FILENAME_STORE_PRODUCT_CATEGORIES, 'cPath=' . $categories_id . '&ID='.$store_id.'&pID=' . $products_id)));
        break;
      case 'new_product_preview':
          if (! checkVoucherPermissions($store_id, $_POST['products_model'])) {
            $messageStack->add(ERROR_VENDORS_CANT_ADD_VOUCHERS, 'error');
            $allow_insert = 'false';
          } else {
            // copy image only if modified
            $allowed_files_types = array('gif', 'jpg', 'jpeg', 'png');
            $products_image = new upload('products_image');
            $products_image->set_destination(DIR_FS_CATALOG_IMAGES);
            $products_image->set_extensions($allowed_files_types);  
            if ($products_image->parse() && $products_image->save()) {
              $products_image_name = $products_image->filename;
            } else {
              $products_image_name = (isset($_POST['products_previous_image']) ? $_POST['products_previous_image'] : '');
            }
          }
        break;
    }
  }
// check if the catalog image directory exists
  if (is_dir(DIR_FS_CATALOG_IMAGES)) {
    if (!is_writeable(DIR_FS_CATALOG_IMAGES)) $messageStack->add(ERROR_CATALOG_IMAGE_DIRECTORY_NOT_WRITEABLE, 'error');
  } else {
    $messageStack->add(ERROR_CATALOG_IMAGE_DIRECTORY_DOES_NOT_EXIST, 'error');
  }
示例#17
0
 public static function fileUpload()
 {
     global $osC_Database, $_module;
     $osC_Image = new osC_Image_Admin();
     if (is_numeric($_GET[$_module])) {
         $products_image = new upload('products_image');
         $products_image->set_extensions(array('gif', 'jpg', 'jpeg', 'png'));
         if ($products_image->exists()) {
             $products_image->set_destination(realpath('../images/products/originals'));
             if ($products_image->parse() && $products_image->save()) {
                 $default_flag = 1;
                 $Qcheck = $osC_Database->query('select id from :table_products_images where products_id = :products_id and default_flag = :default_flag limit 1');
                 $Qcheck->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES);
                 $Qcheck->bindInt(':products_id', $_GET[$_module]);
                 $Qcheck->bindInt(':default_flag', 1);
                 $Qcheck->execute();
                 if ($Qcheck->numberOfRows() === 1) {
                     $default_flag = 0;
                 }
                 $Qimage = $osC_Database->query('insert into :table_products_images (products_id, image, default_flag, sort_order, date_added) values (:products_id, :image, :default_flag, :sort_order, :date_added)');
                 $Qimage->bindTable(':table_products_images', TABLE_PRODUCTS_IMAGES);
                 $Qimage->bindInt(':products_id', $_GET[$_module]);
                 $Qimage->bindValue(':image', $products_image->filename);
                 $Qimage->bindInt(':default_flag', $default_flag);
                 $Qimage->bindInt(':sort_order', 0);
                 $Qimage->bindRaw(':date_added', 'now()');
                 $Qimage->setLogging($_SESSION['module'], $_GET[$_module]);
                 $Qimage->execute();
                 foreach ($osC_Image->getGroups() as $group) {
                     if ($group['id'] != '1') {
                         $osC_Image->resize($products_image->filename, $group['id']);
                     }
                 }
             }
         }
     }
     $result = array('result' => 1, 'rpcStatus' => RPC_STATUS_SUCCESS);
     echo json_encode($result);
 }