The following upgrade guide is based on the osCommerce 2.2 Release Candidate 1 release. If you have not yet updated to this release please review its upgrade guide in the extras directory (upgrade-22rc1.html) before applying these changes.
The following changes should be performed in order to upgrade an existing osCommerce Online Merchant v2.2 RC1 store to v2.2 RC2.
Legend: [SQL] Database Changes; [A] Administration Tool; [C] Catalog
| alter table banners add index idx_banners_group (banners_group); alter table banners_history add index idx_banners_history_banners_id (banners_id); alter table currencies add index idx_currencies_code (code); alter table customers add index idx_customers_email_address (customers_email_address); alter table customers_basket add index idx_customers_basket_customers_id (customers_id); alter table customers_basket_attributes add index idx_customers_basket_att_customers_id (customers_id); alter table orders add index idx_orders_customers_id (customers_id); alter table orders_products add index idx_orders_products_orders_id (orders_id); alter table orders_products add index idx_orders_products_products_id (products_id); alter table orders_status_history add index idx_orders_status_history_orders_id (orders_id); alter table orders_products_attributes add index idx_orders_products_att_orders_id (orders_id); alter table orders_products_download add index idx_orders_products_download_orders_id (orders_id); alter table products add index idx_products_model (products_model); alter table products_attributes add index idx_products_attributes_products_id (products_id); alter table reviews add index idx_reviews_products_id (products_id); alter table reviews add index idx_reviews_customers_id (customers_id); alter table specials add index idx_specials_products_id (products_id); alter table zones add index idx_zones_to_geo_zones_country_id (zone_country_id); alter table orders_status add public_flag int DEFAULT '1'; alter table orders_status add downloads_flag int DEFAULT '0'; alter table orders modify payment_method varchar(255) NOT NULL; alter table whos_online modify last_page_url text NOT NULL; |
Affected Files
catalog/admin/includes/general.js
| 31 | 31 | function rowOutEffect(object) { | |
| 32 | 32 | if (object.className == 'dataTableRowOver') object.className = 'dataTableRow'; | |
| 33 | 33 | } | |
| 34 | + | ||
| 35 | + | function toggleDivBlock(id) { | |
| 36 | + | if (document.getElementById) { | |
| 37 | + | itm = document.getElementById(id); | |
| 38 | + | } else if (document.all){ | |
| 39 | + | itm = document.all[id]; | |
| 40 | + | } else if (document.layers){ | |
| 41 | + | itm = document.layers[id]; | |
| 42 | + | } | |
| 43 | + | ||
| 44 | + | if (itm) { | |
| 45 | + | if (itm.style.display != "none") { | |
| 46 | + | itm.style.display = "none"; | |
| 47 | + | } else { | |
| 48 | + | itm.style.display = "block"; | |
| 49 | + | } | |
| 50 | + | } | |
| 51 | + | } |
Affected Files
catalog/download.php
| 90 | 90 | umask(0000); | |
| 91 | 91 | mkdir(DIR_FS_DOWNLOAD_PUBLIC . $tempdir, 0777); | |
| 92 | 92 | symlink(DIR_FS_DOWNLOAD . $downloads['orders_products_filename'], DIR_FS_DOWNLOAD_PUBLIC . $tempdir . '/' . $downloads['orders_products_filename']); | |
| 93 | - | tep_redirect(DIR_WS_DOWNLOAD_PUBLIC . $tempdir . '/' . $downloads['orders_products_filename']); | |
| 94 | - | } else { | |
| 95 | - | // This will work on all systems, but will need considerable resources | |
| 96 | - | // We could also loop with fread($fp, 4096) to save memory | |
| 97 | - | readfile(DIR_FS_DOWNLOAD . $downloads['orders_products_filename']); | |
| 93 | + | if (file_exists(DIR_FS_DOWNLOAD_PUBLIC . $tempdir . '/' . $downloads['orders_products_filename'])) { | |
| 94 | + | tep_redirect(tep_href_link(DIR_WS_DOWNLOAD_PUBLIC . $tempdir . '/' . $downloads['orders_products_filename'])); | |
| 95 | + | } | |
| 98 | 96 | } | |
| 97 | + | ||
| 98 | + | // Fallback to readfile() delivery method. This will work on all systems, but will need considerable resources | |
| 99 | + | readfile(DIR_FS_DOWNLOAD . $downloads['orders_products_filename']); | |
| 99 | 100 | ?> |
Affected Files
catalog/includes/classes/currencies.php
| 40 | 40 | if ($calculate_currency_value == true) { | |
| 41 | 41 | $rate = (tep_not_null($currency_value)) ? $currency_value : $this->currencies[$currency_type]['value']; | |
| 42 | 42 | $format_string = $this->currencies[$currency_type]['symbol_left'] . number_format(tep_round($number * $rate, $this->currencies[$currency_type]['decimal_places']), $this->currencies[$currency_type]['decimal_places'], $this->currencies[$currency_type]['decimal_point'], $this->currencies[$currency_type]['thousands_point']) . $this->currencies[$currency_type]['symbol_right']; | |
| 43 | - | // if the selected currency is in the european euro-conversion and the default currency is euro, | |
| 44 | - | // the currency will displayed in the national currency and euro currency | |
| 45 | - | if ( (DEFAULT_CURRENCY == 'EUR') && ($currency_type == 'DEM' || $currency_type == 'BEF' || $currency_type == 'LUF' || $currency_type == 'ESP' || $currency_type == 'FRF' || $currency_type == 'IEP' || $currency_type == 'ITL' || $currency_type == 'NLG' || $currency_type == 'ATS' || $currency_type == 'PTE' || $currency_type == 'FIM' || $currency_type == 'GRD') ) { | |
| 46 | - | $format_string .= ' <small>[' . $this->format($number, true, 'EUR') . ']</small>'; | |
| 47 | - | } | |
| 48 | 43 | } else { | |
| 49 | 44 | $format_string = $this->currencies[$currency_type]['symbol_left'] . number_format(tep_round($number, $this->currencies[$currency_type]['decimal_places']), $this->currencies[$currency_type]['decimal_places'], $this->currencies[$currency_type]['decimal_point'], $this->currencies[$currency_type]['thousands_point']) . $this->currencies[$currency_type]['symbol_right']; | |
| 50 | 45 | } |
Affected Files
catalog/includes/classes/navigation_history.php
| 127 | 127 | function filter_parameters($parameters) { | |
| 128 | 128 | $clean = array(); | |
| 129 | 129 | ||
| 130 | - | reset($parameters); | |
| 131 | - | while (list($key, $value) = each($parameters)) { | |
| 132 | - | if (strpos($key, '_nh-dns') < 1) { | |
| 133 | - | $clean[$key] = $value; | |
| 130 | + | if (is_array($parameters)) { | |
| 131 | + | reset($parameters); | |
| 132 | + | while (list($key, $value) = each($parameters)) { | |
| 133 | + | if (strpos($key, '_nh-dns') < 1) { | |
| 134 | + | $clean[$key] = $value; | |
| 135 | + | } | |
| 134 | 136 | } | |
| 135 | 137 | } | |
| 136 | 138 |
Affected Files
catalog/includes/classes/order_total.php
| 38 | 38 | while (list(, $value) = each($this->modules)) { | |
| 39 | 39 | $class = substr($value, 0, strrpos($value, '.')); | |
| 40 | 40 | if ($GLOBALS[$class]->enabled) { | |
| 41 | + | $GLOBALS[$class]->output = array(); | |
| 41 | 42 | $GLOBALS[$class]->process(); | |
| 42 | 43 | ||
| 43 | 44 | for ($i=0, $n=sizeof($GLOBALS[$class]->output); $i<$n; $i++) { |
Affected Files
catalog/checkout_payment.php
catalog/checkout_process.php
catalog/checkout_shipping.php
catalog/shopping_cart.php
catalog/includes/header.php
catalog/includes/classes/order.php
catalog/includes/classes/payment.php
catalog/includes/functions/general.php
catalog/includes/modules/payment/cc.php
catalog/includes/languages/english/shopping_cart.php
catalog/includes/languages/espanol/shopping_cart.php
catalog/includes/languages/german/shopping_cart.php
| 52 | 52 | $billto = $customer_default_address_id; | |
| 53 | 53 | } else { | |
| 54 | 54 | // verify the selected billing address | |
| 55 | - | $check_address_query = tep_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int)$customer_id . "' and address_book_id = '" . (int)$billto . "'"); | |
| 56 | - | $check_address = tep_db_fetch_array($check_address_query); | |
| 55 | + | if ( (is_array($billto) && empty($billto)) || is_numeric($billto) ) { | |
| 56 | + | $check_address_query = tep_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int)$customer_id . "' and address_book_id = '" . (int)$billto . "'"); | |
| 57 | + | $check_address = tep_db_fetch_array($check_address_query); | |
| 57 | 58 | ||
| 58 | - | if ($check_address['total'] != '1') { | |
| 59 | - | $billto = $customer_default_address_id; | |
| 60 | - | if (tep_session_is_registered('payment')) tep_session_unregister('payment'); | |
| 59 | + | if ($check_address['total'] != '1') { | |
| 60 | + | $billto = $customer_default_address_id; | |
| 61 | + | if (tep_session_is_registered('payment')) tep_session_unregister('payment'); | |
| 62 | + | } | |
| 61 | 63 | } | |
| 62 | 64 | } | |
| 63 | 65 |
| 17 | 17 | $navigation->set_snapshot(array('mode' => 'SSL', 'page' => FILENAME_CHECKOUT_PAYMENT)); | |
| 18 | 18 | tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL')); | |
| 19 | 19 | } | |
| 20 | - | ||
| 21 | - | if (!tep_session_is_registered('sendto')) { | |
| 22 | - | tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL')); | |
| 20 | + | ||
| 21 | + | // if there is nothing in the customers cart, redirect them to the shopping cart page | |
| 22 | + | if ($cart->count_contents() < 1) { | |
| 23 | + | tep_redirect(tep_href_link(FILENAME_SHOPPING_CART)); | |
| 23 | 24 | } | |
| 24 | 25 | ||
| 26 | + | // if no shipping method has been selected, redirect the customer to the shipping method selection page | |
| 27 | + | if (!tep_session_is_registered('shipping') || !tep_session_is_registered('sendto')) { | |
| 28 | + | tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING, '', 'SSL')); | |
| 29 | + | } | |
| 30 | + | ||
| 25 | 31 | if ( (tep_not_null(MODULE_PAYMENT_INSTALLED)) && (!tep_session_is_registered('payment')) ) { | |
| 26 | 32 | tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL')); | |
| 27 | 33 | } | |
… |
… |
||
| 46 | 52 | require(DIR_WS_CLASSES . 'order.php'); | |
| 47 | 53 | $order = new order; | |
| 48 | 54 | ||
| 55 | + | // Stock Check | |
| 56 | + | $any_out_of_stock = false; | |
| 57 | + | if (STOCK_CHECK == 'true') { | |
| 58 | + | for ($i=0, $n=sizeof($order->products); $i<$n; $i++) { | |
| 59 | + | if (tep_check_stock($order->products[$i]['id'], $order->products[$i]['qty'])) { | |
| 60 | + | $any_out_of_stock = true; | |
| 61 | + | } | |
| 62 | + | } | |
| 63 | + | // Out of Stock | |
| 64 | + | if ( (STOCK_ALLOW_CHECKOUT != 'true') && ($any_out_of_stock == true) ) { | |
| 65 | + | tep_redirect(tep_href_link(FILENAME_SHOPPING_CART)); | |
| 66 | + | } | |
| 67 | + | } | |
| 68 | + | ||
| 69 | + | $payment_modules->update_status(); | |
| 70 | + | ||
| 71 | + | if ( ( is_array($payment_modules->modules) && (sizeof($payment_modules->modules) > 1) && !is_object($$payment) ) || (is_object($$payment) && ($$payment->enabled == false)) ) { | |
| 72 | + | tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(ERROR_NO_PAYMENT_MODULE_SELECTED), 'SSL')); | |
| 73 | + | } | |
| 74 | + | ||
| 49 | 75 | require(DIR_WS_CLASSES . 'order_total.php'); | |
| 50 | 76 | $order_total_modules = new order_total; | |
| 51 | 77 | ||
… |
… |
||
| 66 | 92 | 'customers_telephone' => $order->customer['telephone'], | |
| 67 | 93 | 'customers_email_address' => $order->customer['email_address'], | |
| 68 | 94 | 'customers_address_format_id' => $order->customer['format_id'], | |
| 69 | - | 'delivery_name' => $order->delivery['firstname'] . ' ' . $order->delivery['lastname'], | |
| 95 | + | 'delivery_name' => trim($order->delivery['firstname'] . ' ' . $order->delivery['lastname']), | |
| 70 | 96 | 'delivery_company' => $order->delivery['company'], | |
| 71 | 97 | 'delivery_street_address' => $order->delivery['street_address'], | |
| 72 | 98 | 'delivery_suburb' => $order->delivery['suburb'], |
| 30 | 30 | $sendto = $customer_default_address_id; | |
| 31 | 31 | } else { | |
| 32 | 32 | // verify the selected shipping address | |
| 33 | - | $check_address_query = tep_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int)$customer_id . "' and address_book_id = '" . (int)$sendto . "'"); | |
| 34 | - | $check_address = tep_db_fetch_array($check_address_query); | |
| 33 | + | if ( (is_array($sendto) && empty($sendto)) || is_numeric($sendto) ) { | |
| 34 | + | $check_address_query = tep_db_query("select count(*) as total from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int)$customer_id . "' and address_book_id = '" . (int)$sendto . "'"); | |
| 35 | + | $check_address = tep_db_fetch_array($check_address_query); | |
| 35 | 36 | ||
| 36 | - | if ($check_address['total'] != '1') { | |
| 37 | - | $sendto = $customer_default_address_id; | |
| 38 | - | if (tep_session_is_registered('shipping')) tep_session_unregister('shipping'); | |
| 37 | + | if ($check_address['total'] != '1') { | |
| 38 | + | $sendto = $customer_default_address_id; | |
| 39 | + | if (tep_session_is_registered('shipping')) tep_session_unregister('shipping'); | |
| 40 | + | } | |
| 39 | 41 | } | |
| 40 | 42 | } | |
| 41 | 43 |
| 12 | 12 | ||
| 13 | 13 | require("includes/application_top.php"); | |
| 14 | 14 | ||
| 15 | + | if ($cart->count_contents() > 0) { | |
| 16 | + | include(DIR_WS_CLASSES . 'payment.php'); | |
| 17 | + | $payment_modules = new payment; | |
| 18 | + | } | |
| 19 | + | ||
| 15 | 20 | require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_SHOPPING_CART); | |
| 16 | 21 | ||
| 17 | 22 | $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_SHOPPING_CART)); | |
… |
… |
||
| 202 | 207 | </table></td> | |
| 203 | 208 | </tr> | |
| 204 | 209 | <?php | |
| 210 | + | $initialize_checkout_methods = $payment_modules->checkout_initialization_method(); | |
| 211 | + | ||
| 212 | + | if (!empty($initialize_checkout_methods)) { | |
| 213 | + | ?> | |
| 214 | + | <tr> | |
| 215 | + | <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> | |
| 216 | + | </tr> | |
| 217 | + | <tr> | |
| 218 | + | <td align="right" class="main" style="padding-right: 50px;"><?php echo TEXT_ALTERNATIVE_CHECKOUT_METHODS; ?></td> | |
| 219 | + | </tr> | |
| 220 | + | <?php | |
| 221 | + | reset($initialize_checkout_methods); | |
| 222 | + | while (list(, $value) = each($initialize_checkout_methods)) { | |
| 223 | + | ?> | |
| 224 | + | <tr> | |
| 225 | + | <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> | |
| 226 | + | </tr> | |
| 227 | + | <tr> | |
| 228 | + | <td align="right" class="main"><?php echo $value; ?></td> | |
| 229 | + | </tr> | |
| 230 | + | <?php | |
| 231 | + | } | |
| 232 | + | } | |
| 205 | 233 | } else { | |
| 206 | 234 | ?> | |
| 207 | 235 | <tr> |
| 69 | 69 | ?> | |
| 70 | 70 | <table border="0" width="100%" cellspacing="0" cellpadding="2"> | |
| 71 | 71 | <tr class="headerError"> | |
| 72 | - | <td class="headerError"><?php echo htmlspecialchars(urldecode($HTTP_GET_VARS['error_message'])); ?></td> | |
| 72 | + | <td class="headerError"><?php echo htmlspecialchars(stripslashes(urldecode($HTTP_GET_VARS['error_message']))); ?></td> | |
| 73 | 73 | </tr> | |
| 74 | 74 | </table> | |
| 75 | 75 | <?php | |
… |
… |
||
| 79 | 79 | ?> | |
| 80 | 80 | <table border="0" width="100%" cellspacing="0" cellpadding="2"> | |
| 81 | 81 | <tr class="headerInfo"> | |
| 82 | - | <td class="headerInfo"><?php echo htmlspecialchars($HTTP_GET_VARS['info_message']); ?></td> | |
| 82 | + | <td class="headerInfo"><?php echo htmlspecialchars(stripslashes(urldecode($HTTP_GET_VARS['info_message']))); ?></td> | |
| 83 | 83 | </tr> | |
| 84 | 84 | </table> | |
| 85 | 85 | <?php |
| 76 | 76 | 'telephone' => $order['customers_telephone'], | |
| 77 | 77 | 'email_address' => $order['customers_email_address']); | |
| 78 | 78 | ||
| 79 | - | $this->delivery = array('name' => $order['delivery_name'], | |
| 79 | + | $this->delivery = array('name' => trim($order['delivery_name']), | |
| 80 | 80 | 'company' => $order['delivery_company'], | |
| 81 | 81 | 'street_address' => $order['delivery_street_address'], | |
| 82 | 82 | 'suburb' => $order['delivery_suburb'], | |
… |
… |
||
| 131 | 131 | } | |
| 132 | 132 | ||
| 133 | 133 | function cart() { | |
| 134 | - | global $HTTP_POST_VARS, $customer_id, $sendto, $billto, $cart, $languages_id, $currency, $currencies, $shipping, $payment, $comments; | |
| 134 | + | global $HTTP_POST_VARS, $customer_id, $sendto, $billto, $cart, $languages_id, $currency, $currencies, $shipping, $payment, $comments, $customer_default_address_id; | |
| 135 | 135 | ||
| 136 | 136 | $this->content_type = $cart->get_content_type(); | |
| 137 | 137 | ||
| 138 | + | if ( ($this->content_type != 'virtual') && ($sendto == false) ) { | |
| 139 | + | $sendto = $customer_default_address_id; | |
| 140 | + | } | |
| 141 | + | ||
| 138 | 142 | $customer_address_query = tep_db_query("select c.customers_firstname, c.customers_lastname, c.customers_telephone, c.customers_email_address, ab.entry_company, ab.entry_street_address, ab.entry_suburb, ab.entry_postcode, ab.entry_city, ab.entry_zone_id, z.zone_name, co.countries_id, co.countries_name, co.countries_iso_code_2, co.countries_iso_code_3, co.address_format_id, ab.entry_state from " . TABLE_CUSTOMERS . " c, " . TABLE_ADDRESS_BOOK . " ab left join " . TABLE_ZONES . " z on (ab.entry_zone_id = z.zone_id) left join " . TABLE_COUNTRIES . " co on (ab.entry_country_id = co.countries_id) where c.customers_id = '" . (int)$customer_id . "' and ab.customers_id = '" . (int)$customer_id . "' and c.customers_default_address_id = ab.address_book_id"); | |
| 139 | 143 | $customer_address = tep_db_fetch_array($customer_address_query); | |
| 140 | 144 | ||
| 141 | - | $shipping_address_query = tep_db_query("select ab.entry_firstname, ab.entry_lastname, ab.entry_company, ab.entry_street_address, ab.entry_suburb, ab.entry_postcode, ab.entry_city, ab.entry_zone_id, z.zone_name, ab.entry_country_id, c.countries_id, c.countries_name, c.countries_iso_code_2, c.countries_iso_code_3, c.address_format_id, ab.entry_state from " . TABLE_ADDRESS_BOOK . " ab left join " . TABLE_ZONES . " z on (ab.entry_zone_id = z.zone_id) left join " . TABLE_COUNTRIES . " c on (ab.entry_country_id = c.countries_id) where ab.customers_id = '" . (int)$customer_id . "' and ab.address_book_id = '" . (int)$sendto . "'"); | |
| 142 | - | $shipping_address = tep_db_fetch_array($shipping_address_query); | |
| 143 | - | ||
| 144 | - | $billing_address_query = tep_db_query("select ab.entry_firstname, ab.entry_lastname, ab.entry_company, ab.entry_street_address, ab.entry_suburb, ab.entry_postcode, ab.entry_city, ab.entry_zone_id, z.zone_name, ab.entry_country_id, c.countries_id, c.countries_name, c.countries_iso_code_2, c.countries_iso_code_3, c.address_format_id, ab.entry_state from " . TABLE_ADDRESS_BOOK . " ab left join " . TABLE_ZONES . " z on (ab.entry_zone_id = z.zone_id) left join " . TABLE_COUNTRIES . " c on (ab.entry_country_id = c.countries_id) where ab.customers_id = '" . (int)$customer_id . "' and ab.address_book_id = '" . (int)$billto . "'"); | |
| 145 | - | $billing_address = tep_db_fetch_array($billing_address_query); | |
| 145 | + | if (is_array($sendto) && !empty($sendto)) { | |
| 146 | + | $shipping_address = array('entry_firstname' => $sendto['firstname'], | |
| 147 | + | 'entry_lastname' => $sendto['lastname'], | |
| 148 | + | 'entry_company' => $sendto['company'], | |
| 149 | + | 'entry_street_address' => $sendto['street_address'], | |
| 150 | + | 'entry_suburb' => $sendto['suburb'], | |
| 151 | + | 'entry_postcode' => $sendto['postcode'], | |
| 152 | + | 'entry_city' => $sendto['city'], | |
| 153 | + | 'entry_zone_id' => $sendto['zone_id'], | |
| 154 | + | 'zone_name' => $sendto['zone_name'], | |
| 155 | + | 'entry_country_id' => $sendto['country_id'], | |
| 156 | + | 'countries_id' => $sendto['country_id'], | |
| 157 | + | 'countries_name' => $sendto['country_name'], | |
| 158 | + | 'countries_iso_code_2' => $sendto['country_iso_code_2'], | |
| 159 | + | 'countries_iso_code_3' => $sendto['country_iso_code_3'], | |
| 160 | + | 'address_format_id' => $sendto['address_format_id'], | |
| 161 | + | 'entry_state' => $sendto['zone_name']); | |
| 162 | + | } elseif (is_numeric($sendto)) { | |
| 163 | + | $shipping_address_query = tep_db_query("select ab.entry_firstname, ab.entry_lastname, ab.entry_company, ab.entry_street_address, ab.entry_suburb, ab.entry_postcode, ab.entry_city, ab.entry_zone_id, z.zone_name, ab.entry_country_id, c.countries_id, c.countries_name, c.countries_iso_code_2, c.countries_iso_code_3, c.address_format_id, ab.entry_state from " . TABLE_ADDRESS_BOOK . " ab left join " . TABLE_ZONES . " z on (ab.entry_zone_id = z.zone_id) left join " . TABLE_COUNTRIES . " c on (ab.entry_country_id = c.countries_id) where ab.customers_id = '" . (int)$customer_id . "' and ab.address_book_id = '" . (int)$sendto . "'"); | |
| 164 | + | $shipping_address = tep_db_fetch_array($shipping_address_query); | |
| 165 | + | } else { | |
| 166 | + | $shipping_address = array('entry_firstname' => null, | |
| 167 | + | 'entry_lastname' => null, | |
| 168 | + | 'entry_company' => null, | |
| 169 | + | 'entry_street_address' => null, | |
| 170 | + | 'entry_suburb' => null, | |
| 171 | + | 'entry_postcode' => null, | |
| 172 | + | 'entry_city' => null, | |
| 173 | + | 'entry_zone_id' => null, | |
| 174 | + | 'zone_name' => null, | |
| 175 | + | 'entry_country_id' => null, | |
| 176 | + | 'countries_id' => null, | |
| 177 | + | 'countries_name' => null, | |
| 178 | + | 'countries_iso_code_2' => null, | |
| 179 | + | 'countries_iso_code_3' => null, | |
| 180 | + | 'address_format_id' => 0, | |
| 181 | + | 'entry_state' => null); | |
| 182 | + | } | |
| 146 | 183 | ||
| 147 | - | $tax_address_query = tep_db_query("select ab.entry_country_id, ab.entry_zone_id from " . TABLE_ADDRESS_BOOK . " ab left join " . TABLE_ZONES . " z on (ab.entry_zone_id = z.zone_id) where ab.customers_id = '" . (int)$customer_id . "' and ab.address_book_id = '" . (int)($this->content_type == 'virtual' ? $billto : $sendto) . "'"); | |
| 148 | - | $tax_address = tep_db_fetch_array($tax_address_query); | |
| 184 | + | if (is_array($billto) && !empty($billto)) { | |
| 185 | + | $billing_address = array('entry_firstname' => $billto['firstname'], | |
| 186 | + | 'entry_lastname' => $billto['lastname'], | |
| 187 | + | 'entry_company' => $billto['company'], | |
| 188 | + | 'entry_street_address' => $billto['street_address'], | |
| 189 | + | 'entry_suburb' => $billto['suburb'], | |
| 190 | + | 'entry_postcode' => $billto['postcode'], | |
| 191 | + | 'entry_city' => $billto['city'], | |
| 192 | + | 'entry_zone_id' => $billto['zone_id'], | |
| 193 | + | 'zone_name' => $billto['zone_name'], | |
| 194 | + | 'entry_country_id' => $billto['country_id'], | |
| 195 | + | 'countries_id' => $billto['country_id'], | |
| 196 | + | 'countries_name' => $billto['country_name'], | |
| 197 | + | 'countries_iso_code_2' => $billto['country_iso_code_2'], | |
| 198 | + | 'countries_iso_code_3' => $billto['country_iso_code_3'], | |
| 199 | + | 'address_format_id' => $billto['address_format_id'], | |
| 200 | + | 'entry_state' => $billto['zone_name']); | |
| 201 | + | } else { | |
| 202 | + | $billing_address_query = tep_db_query("select ab.entry_firstname, ab.entry_lastname, ab.entry_company, ab.entry_street_address, ab.entry_suburb, ab.entry_postcode, ab.entry_city, ab.entry_zone_id, z.zone_name, ab.entry_country_id, c.countries_id, c.countries_name, c.countries_iso_code_2, c.countries_iso_code_3, c.address_format_id, ab.entry_state from " . TABLE_ADDRESS_BOOK . " ab left join " . TABLE_ZONES . " z on (ab.entry_zone_id = z.zone_id) left join " . TABLE_COUNTRIES . " c on (ab.entry_country_id = c.countries_id) where ab.customers_id = '" . (int)$customer_id . "' and ab.address_book_id = '" . (int)$billto . "'"); | |
| 203 | + | $billing_address = tep_db_fetch_array($billing_address_query); | |
| 204 | + | } | |
| 149 | 205 | ||
| 206 | + | if ($this->content_type == 'virtual') { | |
| 207 | + | $tax_address = array('entry_country_id' => $billing_address['entry_country_id'], | |
| 208 | + | 'entry_zone_id' => $billing_address['entry_zone_id']); | |
| 209 | + | } else { | |
| 210 | + | $tax_address = array('entry_country_id' => $shipping_address['entry_country_id'], | |
| 211 | + | 'entry_zone_id' => $shipping_address['entry_zone_id']); | |
| 212 | + | } | |
| 213 | + | ||
| 150 | 214 | $this->info = array('order_status' => DEFAULT_ORDERS_STATUS_ID, | |
| 151 | 215 | 'currency' => $currency, | |
| 152 | 216 | 'currency_value' => $currencies->currencies[$currency]['value'], | |
| 153 | 217 | 'payment_method' => $payment, | |
| 154 | - | 'cc_type' => (isset($HTTP_POST_VARS['cc_type']) ? $HTTP_POST_VARS['cc_type'] : ''), | |
| 155 | - | 'cc_owner' => (isset($HTTP_POST_VARS['cc_owner']) ? $HTTP_POST_VARS['cc_owner'] : ''), | |
| 156 | - | 'cc_number' => (isset($HTTP_POST_VARS['cc_number_nh-dns']) ? $HTTP_POST_VARS['cc_number_nh-dns'] : ''), | |
| 157 | - | 'cc_expires' => (isset($HTTP_POST_VARS['cc_expires']) ? $HTTP_POST_VARS['cc_expires'] : ''), | |
| 218 | + | 'cc_type' => '', | |
| 219 | + | 'cc_owner' => '', | |
| 220 | + | 'cc_number' => '', | |
| 221 | + | 'cc_expires' => '', | |
| 158 | 222 | 'shipping_method' => $shipping['title'], | |
| 159 | 223 | 'shipping_cost' => $shipping['cost'], | |
| 160 | 224 | 'subtotal' => 0, |
| 122 | 122 | return $js; | |
| 123 | 123 | } | |
| 124 | 124 | ||
| 125 | + | function checkout_initialization_method() { | |
| 126 | + | $initialize_array = array(); | |
| 127 | + | ||
| 128 | + | if (is_array($this->modules)) { | |
| 129 | + | reset($this->modules); | |
| 130 | + | while (list(, $value) = each($this->modules)) { | |
| 131 | + | $class = substr($value, 0, strrpos($value, '.')); | |
| 132 | + | if ($GLOBALS[$class]->enabled && method_exists($GLOBALS[$class], 'checkout_initialization_method')) { | |
| 133 | + | $initialize_array[] = $GLOBALS[$class]->checkout_initialization_method(); | |
| 134 | + | } | |
| 135 | + | } | |
| 136 | + | } | |
| 137 | + | ||
| 138 | + | return $initialize_array; | |
| 139 | + | } | |
| 140 | + | ||
| 125 | 141 | function selection() { | |
| 126 | 142 | $selection_array = array(); | |
| 127 | 143 |
| 492 | 492 | // Return a formatted address | |
| 493 | 493 | // TABLES: customers, address_book | |
| 494 | 494 | function tep_address_label($customers_id, $address_id = 1, $html = false, $boln = '', $eoln = "\n") { | |
| 495 | + | if (is_array($address_id) && !empty($address_id)) { | |
| 496 | + | return tep_address_format($address_id['address_format_id'], $address_id, $html, $boln, $eoln); | |
| 497 | + | } | |
| 498 | + | ||
| 495 | 499 | $address_query = tep_db_query("select entry_firstname as firstname, entry_lastname as lastname, entry_company as company, entry_street_address as street_address, entry_suburb as suburb, entry_city as city, entry_postcode as postcode, entry_state as state, entry_zone_id as zone_id, entry_country_id as country_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int)$customers_id . "' and address_book_id = '" . (int)$address_id . "'"); | |
| 496 | 500 | $address = tep_db_fetch_array($address_query); | |
| 497 | 501 |
| 122 | 122 | tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false)); | |
| 123 | 123 | } | |
| 124 | 124 | ||
| 125 | + | $order->info['cc_owner'] = $HTTP_POST_VARS['cc_owner']; | |
| 125 | 126 | $order->info['cc_type'] = $cc_validation->cc_type; | |
| 127 | + | $order->info['cc_number'] = $HTTP_POST_VARS['cc_number_nh-dns']; | |
| 126 | 128 | $order->info['cc_expires'] = $HTTP_POST_VARS['cc_expires_month'] . $HTTP_POST_VARS['cc_expires_year']; | |
| 127 | 129 | ||
| 128 | 130 | if ( (defined('MODULE_PAYMENT_CC_EMAIL')) && (tep_validate_email(MODULE_PAYMENT_CC_EMAIL)) ) { |
| 23 | 23 | ||
| 24 | 24 | define('OUT_OF_STOCK_CANT_CHECKOUT', 'Products marked with ' . STOCK_MARK_PRODUCT_OUT_OF_STOCK . ' dont exist in desired quantity in our stock.<br>Please alter the quantity of products marked with (' . STOCK_MARK_PRODUCT_OUT_OF_STOCK . '), Thank you'); | |
| 25 | 25 | define('OUT_OF_STOCK_CAN_CHECKOUT', 'Products marked with ' . STOCK_MARK_PRODUCT_OUT_OF_STOCK . ' dont exist in desired quantity in our stock.<br>You can buy them anyway and check the quantity we have in stock for immediate deliver in the checkout process.'); | |
| 26 | + | ||
| 27 | + | define('TEXT_ALTERNATIVE_CHECKOUT_METHODS', '- OR -'); | |
| 26 | 28 | ?> |
| 23 | 23 | ||
| 24 | 24 | define('OUT_OF_STOCK_CANT_CHECKOUT', 'Los productos marcados con ' . STOCK_MARK_PRODUCT_OUT_OF_STOCK . ' no estan disponibles en la cantidad que requiere.<br>Modifique la cantidad de productos marcados con ' . STOCK_MARK_PRODUCT_OUT_OF_STOCK . ', Gracias'); | |
| 25 | 25 | define('OUT_OF_STOCK_CAN_CHECKOUT', 'Los productos marcados con ' . STOCK_MARK_PRODUCT_OUT_OF_STOCK . ' no estan disponibles en cantidad que requiere.<br>De todas formas, puede comprar los que hay disponibles y el resto se lo enviamos mas tarde o esperar a que la cantidad requerida este disponible.'); | |
| 26 | + | ||
| 27 | + | define('TEXT_ALTERNATIVE_CHECKOUT_METHODS', '- O -'); | |
| 26 | 28 | ?> |
| 23 | 23 | ||
| 24 | 24 | define('OUT_OF_STOCK_CANT_CHECKOUT', 'Die mit ' . STOCK_MARK_PRODUCT_OUT_OF_STOCK . ' markierten Produkte, sind leider nicht in der von Ihnen gewünschten Menge auf Lager.<br>Bitte reduzieren Sie Ihre Bestellmenge für die gekennzeichneten Produkte, vielen Dank'); | |
| 25 | 25 | define('OUT_OF_STOCK_CAN_CHECKOUT', 'Die mit ' . STOCK_MARK_PRODUCT_OUT_OF_STOCK . ' markierten Produkte, sind leider nicht in der von Ihnen gewünschten Menge auf Lager.<br>Die bestellte Menge wird kurzfristig von uns geliefert, wenn Sie es wünschen nehmen wir auch eine Teillieferung vor.'); | |
| 26 | + | ||
| 27 | + | define('TEXT_ALTERNATIVE_CHECKOUT_METHODS', '- ODER -'); | |
| 26 | 28 | ?> |
Affected Files
catalog/account_notifications.php
catalog/checkout_success.php
| 38 | 38 | tep_db_query("update " . TABLE_CUSTOMERS_INFO . " set global_product_notifications = '" . (int)$product_global . "' where customers_info_id = '" . (int)$customer_id . "'"); | |
| 39 | 39 | } elseif (sizeof($products) > 0) { | |
| 40 | 40 | $products_parsed = array(); | |
| 41 | - | for ($i=0, $n=sizeof($products); $i<$n; $i++) { | |
| 42 | - | if (is_numeric($products[$i])) { | |
| 43 | - | $products_parsed[] = $products[$i]; | |
| 41 | + | reset($products); | |
| 42 | + | while (list(, $value) = each($products)) { | |
| 43 | + | if (is_numeric($value)) { | |
| 44 | + | $products_parsed[] = $value; | |
| 44 | 45 | } | |
| 45 | 46 | } | |
| 46 | 47 |
| 18 | 18 | } | |
| 19 | 19 | ||
| 20 | 20 | if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'update')) { | |
| 21 | - | $notify_string = 'action=notify&'; | |
| 22 | - | $notify = $HTTP_POST_VARS['notify']; | |
| 23 | - | if (!is_array($notify)) $notify = array($notify); | |
| 24 | - | for ($i=0, $n=sizeof($notify); $i<$n; $i++) { | |
| 25 | - | $notify_string .= 'notify[]=' . $notify[$i] . '&'; | |
| 21 | + | $notify_string = ''; | |
| 22 | + | ||
| 23 | + | if (isset($HTTP_POST_VARS['notify']) && !empty($HTTP_POST_VARS['notify'])) { | |
| 24 | + | $notify = $HTTP_POST_VARS['notify']; | |
| 25 | + | ||
| 26 | + | if (!is_array($notify)) { | |
| 27 | + | $notify = array($notify); | |
| 28 | + | } | |
| 29 | + | ||
| 30 | + | for ($i=0, $n=sizeof($notify); $i<$n; $i++) { | |
| 31 | + | if (is_numeric($notify[$i])) { | |
| 32 | + | $notify_string .= 'notify[]=' . $notify[$i] . '&'; | |
| 33 | + | } | |
| 34 | + | } | |
| 35 | + | ||
| 36 | + | if (!empty($notify_string)) { | |
| 37 | + | $notify_string = 'action=notify&' . substr($notify_string, 0, -1); | |
| 38 | + | } | |
| 26 | 39 | } | |
| 27 | - | if (strlen($notify_string) > 0) $notify_string = substr($notify_string, 0, -1); | |
| 28 | 40 | ||
| 29 | 41 | tep_redirect(tep_href_link(FILENAME_DEFAULT, $notify_string)); | |
| 30 | 42 | } |
Affected Files
catalog/admin/includes/functions/sessions.php
catalog/includes/functions/sessions.php
| 10 | 10 | Released under the GNU General Public License | |
| 11 | 11 | */ | |
| 12 | 12 | ||
| 13 | + | if ( (PHP_VERSION >= 4.3) && ((bool)ini_get('register_globals') == false) ) { | |
| 14 | + | @ini_set('session.bug_compat_42', 1); | |
| 15 | + | @ini_set('session.bug_compat_warn', 0); | |
| 16 | + | } | |
| 17 | + | ||
| 13 | 18 | if (STORE_SESSIONS == 'mysql') { | |
| 14 | 19 | if (!$SESS_LIFE = get_cfg_var('session.gc_maxlifetime')) { | |
| 15 | 20 | $SESS_LIFE = 1440; | |
… |
… |
||
| 106 | 111 | } else { | |
| 107 | 112 | $_SESSION[$variable] = null; | |
| 108 | 113 | } | |
| 109 | - | $GLOBALS[$variable] =& $_SESSION[$variable]; | |
| 110 | 114 | } | |
| 111 | 115 | ||
| 112 | 116 | return false; | |
… |
… |
||
| 116 | 120 | if (PHP_VERSION < 4.3) { | |
| 117 | 121 | return session_is_registered($variable); | |
| 118 | 122 | } else { | |
| 119 | - | return isset($_SESSION[$variable]); | |
| 123 | + | return isset($_SESSION) && array_key_exists($variable, $_SESSION); | |
| 120 | 124 | } | |
| 121 | 125 | } | |
| 122 | 126 |
| 10 | 10 | Released under the GNU General Public License | |
| 11 | 11 | */ | |
| 12 | 12 | ||
| 13 | + | if ( (PHP_VERSION >= 4.3) && ((bool)ini_get('register_globals') == false) ) { | |
| 14 | + | @ini_set('session.bug_compat_42', 1); | |
| 15 | + | @ini_set('session.bug_compat_warn', 0); | |
| 16 | + | } | |
| 17 | + | ||
| 13 | 18 | if (STORE_SESSIONS == 'mysql') { | |
| 14 | 19 | if (!$SESS_LIFE = get_cfg_var('session.gc_maxlifetime')) { | |
| 15 | 20 | $SESS_LIFE = 1440; | |
… |
… |
||
| 104 | 109 | if (PHP_VERSION < 4.3) { | |
| 105 | 110 | return session_register($variable); | |
| 106 | 111 | } else { | |
| 107 | - | $_SESSION[$variable] = (isset($GLOBALS[$variable])) ? $GLOBALS[$variable] : null; | |
| 108 | - | ||
| 109 | - | $GLOBALS[$variable] =& $_SESSION[$variable]; | |
| 112 | + | if (isset($GLOBALS[$variable])) { | |
| 113 | + | $_SESSION[$variable] =& $GLOBALS[$variable]; | |
| 114 | + | } else { | |
| 115 | + | $_SESSION[$variable] = null; | |
| 116 | + | } | |
| 110 | 117 | } | |
| 111 | 118 | } | |
| 112 | 119 | ||
… |
… |
||
| 117 | 124 | if (PHP_VERSION < 4.3) { | |
| 118 | 125 | return session_is_registered($variable); | |
| 119 | 126 | } else { | |
| 120 | - | return isset($_SESSION[$variable]); | |
| 127 | + | return isset($_SESSION) && array_key_exists($variable, $_SESSION); | |
| 121 | 128 | } | |
| 122 | 129 | } | |
| 123 | 130 |
Affected Files
catalog/admin/orders_status.php
catalog/admin/includes/languages/english/orders_status.php
catalog/admin/includes/languages/espanol/orders_status.php
catalog/admin/includes/languages/german/orders_status.php
catalog/account.php
catalog/account_history.php
catalog/account_history_info.php
catalog/download.php
catalog/includes/functions/general.php
catalog/includes/modules/downloads.php
| 25 | 25 | $orders_status_name_array = $HTTP_POST_VARS['orders_status_name']; | |
| 26 | 26 | $language_id = $languages[$i]['id']; | |
| 27 | 27 | ||
| 28 | - | $sql_data_array = array('orders_status_name' => tep_db_prepare_input($orders_status_name_array[$language_id])); | |
| 28 | + | $sql_data_array = array('orders_status_name' => tep_db_prepare_input($orders_status_name_array[$language_id]), | |
| 29 | + | 'public_flag' => ((isset($HTTP_POST_VARS['public_flag']) && ($HTTP_POST_VARS['public_flag'] == '1')) ? '1' : '0'), | |
| 30 | + | 'downloads_flag' => ((isset($HTTP_POST_VARS['downloads_flag']) && ($HTTP_POST_VARS['downloads_flag'] == '1')) ? '1' : '0')); | |
| 29 | 31 | ||
| 30 | 32 | if ($action == 'insert') { | |
| 31 | 33 | if (empty($orders_status_id)) { | |
… |
… |
||
| 127 | 129 | <td valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2"> | |
| 128 | 130 | <tr class="dataTableHeadingRow"> | |
| 129 | 131 | <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_ORDERS_STATUS; ?></td> | |
| 132 | + | <td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_PUBLIC_STATUS; ?></td> | |
| 133 | + | <td class="dataTableHeadingContent" align="center"><?php echo TABLE_HEADING_DOWNLOADS_STATUS; ?></td> | |
| 130 | 134 | <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_ACTION; ?> </td> | |
| 131 | 135 | </tr> | |
| 132 | 136 | <?php | |
| 133 | - | $orders_status_query_raw = "select orders_status_id, orders_status_name from " . TABLE_ORDERS_STATUS . " where language_id = '" . (int)$languages_id . "' order by orders_status_id"; | |
| 137 | + | $orders_status_query_raw = "select * from " . TABLE_ORDERS_STATUS . " where language_id = '" . (int)$languages_id . "' order by orders_status_id"; | |
| 134 | 138 | $orders_status_split = new splitPageResults($HTTP_GET_VARS['page'], MAX_DISPLAY_SEARCH_RESULTS, $orders_status_query_raw, $orders_status_query_numrows); | |
| 135 | 139 | $orders_status_query = tep_db_query($orders_status_query_raw); | |
| 136 | 140 | while ($orders_status = tep_db_fetch_array($orders_status_query)) { | |
… |
… |
||
| 150 | 154 | echo ' <td class="dataTableContent">' . $orders_status['orders_status_name'] . '</td>' . "\n"; | |
| 151 | 155 | } | |
| 152 | 156 | ?> | |
| 157 | + | <td class="dataTableContent" align="center"><?php echo tep_image(DIR_WS_IMAGES . 'icons/' . (($orders_status['public_flag'] == '1') ? 'tick.gif' : 'cross.gif')); ?></td> | |
| 158 | + | <td class="dataTableContent" align="center"><?php echo tep_image(DIR_WS_IMAGES . 'icons/' . (($orders_status['downloads_flag'] == '1') ? 'tick.gif' : 'cross.gif')); ?></td> | |
| 153 | 159 | <td class="dataTableContent" align="right"><?php if (isset($oInfo) && is_object($oInfo) && ($orders_status['orders_status_id'] == $oInfo->orders_status_id)) { echo tep_image(DIR_WS_IMAGES . 'icon_arrow_right.gif', ''); } else { echo '<a href="' . tep_href_link(FILENAME_ORDERS_STATUS, 'page=' . $HTTP_GET_VARS['page'] . '&oID=' . $orders_status['orders_status_id']) . '">' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . '</a>'; } ?> </td> | |
| 154 | 160 | </tr> | |
| 155 | 161 | <?php | |
| 156 | 162 | } | |
| 157 | 163 | ?> | |
| 158 | 164 | <tr> | |
| 159 | - | <td colspan="2"><table border="0" width="100%" cellspacing="0" cellpadding="2"> | |
| 165 | + | <td colspan="4"><table border="0" width="100%" cellspacing="0" cellpadding="2"> | |
| 160 | 166 | <tr> | |
| 161 | 167 | <td class="smallText" valign="top"><?php echo $orders_status_split->display_count($orders_status_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, $HTTP_GET_VARS['page'], TEXT_DISPLAY_NUMBER_OF_ORDERS_STATUS); ?></td> | |
| 162 | 168 | <td class="smallText" align="right"><?php echo $orders_status_split->display_links($orders_status_query_numrows, MAX_DISPLAY_SEARCH_RESULTS, MAX_DISPLAY_PAGE_LINKS, $HTTP_GET_VARS['page']); ?></td> | |
… |
… |
||
| 191 | 197 | } | |
| 192 | 198 | ||
| 193 | 199 | $contents[] = array('text' => '<br>' . TEXT_INFO_ORDERS_STATUS_NAME . $orders_status_inputs_string); | |
| 200 | + | $contents[] = array('text' => '<br>' . tep_draw_checkbox_field('public_flag', '1') . ' ' . TEXT_SET_PUBLIC_STATUS); | |
| 201 | + | $contents[] = array('text' => tep_draw_checkbox_field('downloads_flag', '1') . ' ' . TEXT_SET_DOWNLOADS_STATUS); | |
| 194 | 202 | $contents[] = array('text' => '<br>' . tep_draw_checkbox_field('default') . ' ' . TEXT_SET_DEFAULT); | |
| 195 | 203 | $contents[] = array('align' => 'center', 'text' => '<br>' . tep_image_submit('button_insert.gif', IMAGE_INSERT) . ' <a href="' . tep_href_link(FILENAME_ORDERS_STATUS, 'page=' . $HTTP_GET_VARS['page']) . '">' . tep_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>'); | |
| 196 | 204 | break; | |
… |
… |
||
| 207 | 215 | } | |
| 208 | 216 | ||
| 209 | 217 | $contents[] = array('text' => '<br>' . TEXT_INFO_ORDERS_STATUS_NAME . $orders_status_inputs_string); | |
| 218 | + | $contents[] = array('text' => '<br>' . tep_draw_checkbox_field('public_flag', '1', $oInfo->public_flag) . ' ' . TEXT_SET_PUBLIC_STATUS); | |
| 219 | + | $contents[] = array('text' => tep_draw_checkbox_field('downloads_flag', '1', $oInfo->downloads_flag) . ' ' . TEXT_SET_DOWNLOADS_STATUS); | |
| 210 | 220 | if (DEFAULT_ORDERS_STATUS_ID != $oInfo->orders_status_id) $contents[] = array('text' => '<br>' . tep_draw_checkbox_field('default') . ' ' . TEXT_SET_DEFAULT); | |
| 211 | 221 | $contents[] = array('align' => 'center', 'text' => '<br>' . tep_image_submit('button_update.gif', IMAGE_UPDATE) . ' <a href="' . tep_href_link(FILENAME_ORDERS_STATUS, 'page=' . $HTTP_GET_VARS['page'] . '&oID=' . $oInfo->orders_status_id) . '">' . tep_image_button('button_cancel.gif', IMAGE_CANCEL) . '</a>'); | |
| 212 | 222 | break; |
| 13 | 13 | define('HEADING_TITLE', 'Orders Status'); | |
| 14 | 14 | ||
| 15 | 15 | define('TABLE_HEADING_ORDERS_STATUS', 'Orders Status'); | |
| 16 | + | define('TABLE_HEADING_PUBLIC_STATUS', 'Public Status'); | |
| 17 | + | define('TABLE_HEADING_DOWNLOADS_STATUS', 'Downloads Status'); | |
| 16 | 18 | define('TABLE_HEADING_ACTION', 'Action'); | |
| 17 | 19 | ||
| 18 | 20 | define('TEXT_INFO_EDIT_INTRO', 'Please make any necessary changes'); | |
… |
… |
||
| 23 | 25 | define('TEXT_INFO_HEADING_EDIT_ORDERS_STATUS', 'Edit Orders Status'); | |
| 24 | 26 | define('TEXT_INFO_HEADING_DELETE_ORDERS_STATUS', 'Delete Orders Status'); | |
| 25 | 27 | ||
| 28 | + | define('TEXT_SET_PUBLIC_STATUS', 'Show the order to the customer at this order status level'); | |
| 29 | + | define('TEXT_SET_DOWNLOADS_STATUS', 'Allow downloads of virtual products at this order status level'); | |
| 30 | + | ||
| 26 | 31 | define('ERROR_REMOVE_DEFAULT_ORDER_STATUS', 'Error: The default order status can not be removed. Please set another order status as default, and try again.'); | |
| 27 | 32 | define('ERROR_STATUS_USED_IN_ORDERS', 'Error: This order status is currently used in orders.'); | |
| 28 | 33 | define('ERROR_STATUS_USED_IN_HISTORY', 'Error: This order status is currently used in the order status history.'); |
| 13 | 13 | define('HEADING_TITLE', 'Estado Pedidos'); | |
| 14 | 14 | ||
| 15 | 15 | define('TABLE_HEADING_ORDERS_STATUS', 'Estado Pedidos'); | |
| 16 | + | define('TABLE_HEADING_PUBLIC_STATUS', 'Public Status'); | |
| 17 | + | define('TABLE_HEADING_DOWNLOADS_STATUS', 'Downloads Status'); | |
| 16 | 18 | define('TABLE_HEADING_ACTION', 'Acción'); | |
| 17 | 19 | ||
| 18 | 20 | define('TEXT_INFO_EDIT_INTRO', 'Haga los cambios necesarios'); | |
… |
… |
||
| 23 | 25 | define('TEXT_INFO_HEADING_EDIT_ORDERS_STATUS', 'Editar Estado Pedido'); | |
| 24 | 26 | define('TEXT_INFO_HEADING_DELETE_ORDERS_STATUS', 'Eliminar Estado Pedido'); | |
| 25 | 27 | ||
| 28 | + | define('TEXT_SET_PUBLIC_STATUS', 'Show the order to the customer at this order status level'); | |
| 29 | + | define('TEXT_SET_DOWNLOADS_STATUS', 'Allow downloads of virtual products at this order status level'); | |
| 30 | + | ||
| 26 | 31 | define('ERROR_REMOVE_DEFAULT_ORDER_STATUS', 'Error: El estado de pedido por defecto no se puede eliminar. Establezca otro estado de pedido predeterminado y pruebe de nuevo.'); | |
| 27 | 32 | define('ERROR_STATUS_USED_IN_ORDERS', 'Error: Este estado de pedido esta siendo usado actualmente.'); | |
| 28 | 33 | define('ERROR_STATUS_USED_IN_HISTORY', 'Error: Este estado de pedido se esta usando en algun histórico de algun pedido.'); |
| 13 | 13 | define('HEADING_TITLE', 'Bestellstatus'); | |
| 14 | 14 | ||
| 15 | 15 | define('TABLE_HEADING_ORDERS_STATUS', 'Bestellstatus'); | |
| 16 | + | define('TABLE_HEADING_PUBLIC_STATUS', 'sichtbar für Kunde'); | |
| 17 | + | define('TABLE_HEADING_DOWNLOADS_STATUS', 'Downloads freigegeben'); | |
| 16 | 18 | define('TABLE_HEADING_ACTION', 'Aktion'); | |
| 17 | 19 | ||
| 18 | 20 | define('TEXT_INFO_EDIT_INTRO', 'Bitte führen Sie alle notwendigen Änderungen durch'); | |
… |
… |
||
| 23 | 25 | define('TEXT_INFO_HEADING_EDIT_ORDERS_STATUS', 'Bestellstatus bearbeiten'); | |
| 24 | 26 | define('TEXT_INFO_HEADING_DELETE_ORDERS_STATUS', 'Bestellstatus löschen'); | |
| 25 | 27 | ||
| 28 | + | define('TEXT_SET_PUBLIC_STATUS', 'Bestellung wird dem Kunden bei diesem Bestellstatus angezeigt'); | |
| 29 | + | define('TEXT_SET_DOWNLOADS_STATUS', 'Virtuelle Produkte können bei diesem Status heruntergeladen werden'); | |
| 30 | + | ||
| 26 | 31 | define('ERROR_REMOVE_DEFAULT_ORDER_STATUS', 'Fehler: Der Standard-Bestellstatus kann nicht gelöscht werden. Bitte definieren Sie einen neuen Standard-Bestellstatus und wiederholen Sie den Vorgang.'); | |
| 27 | 32 | define('ERROR_STATUS_USED_IN_ORDERS', 'Fehler: Dieser Bestellstatus wird zur Zeit noch bei den Bestellungen verwendet.'); | |
| 28 | 33 | define('ERROR_STATUS_USED_IN_HISTORY', 'Fehler: Dieser Bestellstatus wird zur Zeit noch in der Bestellhistorie verwendet.'); |
| 94 | 94 | <td class="main" align="center" valign="top" width="130"><?php echo '<b>' . OVERVIEW_PREVIOUS_ORDERS . '</b><br>' . tep_image(DIR_WS_IMAGES . 'arrow_south_east.gif'); ?></td> | |
| 95 | 95 | <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> | |
| 96 | 96 | <?php | |
| 97 | - | $orders_query = tep_db_query("select o.orders_id, o.date_purchased, o.delivery_name, o.delivery_country, o.billing_name, o.billing_country, ot.text as order_total, s.orders_status_name from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_TOTAL . " ot, " . TABLE_ORDERS_STATUS . " s where o.customers_id = '" . (int)$customer_id . "' and o.orders_id = ot.orders_id and ot.class = 'ot_total' and o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' order by orders_id desc limit 3"); | |
| 97 | + | $orders_query = tep_db_query("select o.orders_id, o.date_purchased, o.delivery_name, o.delivery_country, o.billing_name, o.billing_country, ot.text as order_total, s.orders_status_name from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_TOTAL . " ot, " . TABLE_ORDERS_STATUS . " s where o.customers_id = '" . (int)$customer_id . "' and o.orders_id = ot.orders_id and ot.class = 'ot_total' and o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and s.public_flag = '1' order by orders_id desc limit 3"); | |
| 98 | 98 | while ($orders = tep_db_fetch_array($orders_query)) { | |
| 99 | 99 | if (tep_not_null($orders['delivery_name'])) { | |
| 100 | 100 | $order_name = $orders['delivery_name']; |
| 62 | 62 | $orders_total = tep_count_customer_orders(); | |
| 63 | 63 | ||
| 64 | 64 | if ($orders_total > 0) { | |
| 65 | - | $history_query_raw = "select o.orders_id, o.date_purchased, o.delivery_name, o.billing_name, ot.text as order_total, s.orders_status_name from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_TOTAL . " ot, " . TABLE_ORDERS_STATUS . " s where o.customers_id = '" . (int)$customer_id . "' and o.orders_id = ot.orders_id and ot.class = 'ot_total' and o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' order by orders_id DESC"; | |
| 65 | + | $history_query_raw = "select o.orders_id, o.date_purchased, o.delivery_name, o.billing_name, ot.text as order_total, s.orders_status_name from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_TOTAL . " ot, " . TABLE_ORDERS_STATUS . " s where o.customers_id = '" . (int)$customer_id . "' and o.orders_id = ot.orders_id and ot.class = 'ot_total' and o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and s.public_flag = '1' order by orders_id DESC"; | |
| 66 | 66 | $history_split = new splitPageResults($history_query_raw, MAX_DISPLAY_ORDER_HISTORY); | |
| 67 | 67 | $history_query = tep_db_query($history_split->sql_query); | |
| 68 | 68 |
| 21 | 21 | tep_redirect(tep_href_link(FILENAME_ACCOUNT_HISTORY, '', 'SSL')); | |
| 22 | 22 | } | |
| 23 | 23 | ||
| 24 | - | $customer_info_query = tep_db_query("select customers_id from " . TABLE_ORDERS . " where orders_id = '". (int)$HTTP_GET_VARS['order_id'] . "'"); | |
| 24 | + | $customer_info_query = tep_db_query("select o.customers_id from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_STATUS . " s where o.orders_id = '". (int)$HTTP_GET_VARS['order_id'] . "' and o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and s.public_flag = '1'"); | |
| 25 | 25 | $customer_info = tep_db_fetch_array($customer_info_query); | |
| 26 | 26 | if ($customer_info['customers_id'] != $customer_id) { | |
| 27 | 27 | tep_redirect(tep_href_link(FILENAME_ACCOUNT_HISTORY, '', 'SSL')); | |
… |
… |
||
| 210 | 210 | <tr class="infoBoxContents"> | |
| 211 | 211 | <td valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2"> | |
| 212 | 212 | <?php | |
| 213 | - | $statuses_query = tep_db_query("select os.orders_status_name, osh.date_added, osh.comments from " . TABLE_ORDERS_STATUS . " os, " . TABLE_ORDERS_STATUS_HISTORY . " osh where osh.orders_id = '" . (int)$HTTP_GET_VARS['order_id'] . "' and osh.orders_status_id = os.orders_status_id and os.language_id = '" . (int)$languages_id . "' order by osh.date_added"); | |
| 213 | + | $statuses_query = tep_db_query("select os.orders_status_name, osh.date_added, osh.comments from " . TABLE_ORDERS_STATUS . " os, " . TABLE_ORDERS_STATUS_HISTORY . " osh where osh.orders_id = '" . (int)$HTTP_GET_VARS['order_id'] . "' and osh.orders_status_id = os.orders_status_id and os.language_id = '" . (int)$languages_id . "' and os.public_flag = '1' order by osh.date_added"); | |
| 214 | 214 | while ($statuses = tep_db_fetch_array($statuses_query)) { | |
| 215 | 215 | echo ' <tr>' . "\n" . | |
| 216 | 216 | ' <td class="main" valign="top" width="70">' . tep_date_short($statuses['date_added']) . '</td>' . "\n" . |
| 20 | 20 | } | |
| 21 | 21 | ||
| 22 | 22 | // Check that order_id, customer_id and filename match | |
| 23 | - | $downloads_query = tep_db_query("select date_format(o.date_purchased, '%Y-%m-%d') as date_purchased_day, opd.download_maxdays, opd.download_count, opd.download_maxdays, opd.orders_products_filename from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_PRODUCTS . " op, " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " opd where o.customers_id = '" . $customer_id . "' and o.orders_id = '" . (int)$HTTP_GET_VARS['order'] . "' and o.orders_id = op.orders_id and op.orders_products_id = opd.orders_products_id and opd.orders_products_download_id = '" . (int)$HTTP_GET_VARS['id'] . "' and opd.orders_products_filename != ''"); | |
| 23 | + | $downloads_query = tep_db_query("select date_format(o.date_purchased, '%Y-%m-%d') as date_purchased_day, opd.download_maxdays, opd.download_count, opd.download_maxdays, opd.orders_products_filename from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_PRODUCTS . " op, " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " opd, " . TABLE_ORDERS_STATUS . " os where o.customers_id = '" . $customer_id . "' and o.orders_id = '" . (int)$HTTP_GET_VARS['order'] . "' and o.orders_id = op.orders_id and op.orders_products_id = opd.orders_products_id and opd.orders_products_download_id = '" . (int)$HTTP_GET_VARS['id'] . "' and opd.orders_products_filename != '' and o.orders_status = os.orders_status_id and os.downloads_flag = '1' and os.language_id = '" . (int)$languages_id . "'"); | |
| 24 | 24 | if (!tep_db_num_rows($downloads_query)) die; | |
| 25 | 25 | $downloads = tep_db_fetch_array($downloads_query); | |
| 26 | 26 | // MySQL 3.22 does not have INTERVAL |
| 1252 | 1252 | } | |
| 1253 | 1253 | ||
| 1254 | 1254 | function tep_count_customer_orders($id = '', $check_session = true) { | |
| 1255 | - | global $customer_id; | |
| 1255 | + | global $customer_id, $languages_id; | |
| 1256 | 1256 | ||
| 1257 | 1257 | if (is_numeric($id) == false) { | |
| 1258 | 1258 | if (tep_session_is_registered('customer_id')) { | |
… |
… |
||
| 1268 | 1268 | } | |
| 1269 | 1269 | } | |
| 1270 | 1270 | ||
| 1271 | - | $orders_check_query = tep_db_query("select count(*) as total from " . TABLE_ORDERS . " where customers_id = '" . (int)$id . "'"); | |
| 1271 | + | $orders_check_query = tep_db_query("select count(*) as total from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_STATUS . " s where o.customers_id = '" . (int)$id . "' and o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and s.public_flag = '1'"); | |
| 1272 | 1272 | $orders_check = tep_db_fetch_array($orders_check_query); | |
| 1273 | 1273 | ||
| 1274 | 1274 | return $orders_check['total']; |
| 22 | 22 | } | |
| 23 | 23 | ||
| 24 | 24 | // Now get all downloadable products in that order | |
| 25 | - | $downloads_query = tep_db_query("select date_format(o.date_purchased, '%Y-%m-%d') as date_purchased_day, opd.download_maxdays, op.products_name, opd.orders_products_download_id, opd.orders_products_filename, opd.download_count, opd.download_maxdays from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_PRODUCTS . " op, " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " opd where o.customers_id = '" . (int)$customer_id . "' and o.orders_id = '" . (int)$last_order . "' and o.orders_id = op.orders_id and op.orders_products_id = opd.orders_products_id and opd.orders_products_filename != ''"); | |
| 25 | + | $downloads_query = tep_db_query("select date_format(o.date_purchased, '%Y-%m-%d') as date_purchased_day, opd.download_maxdays, op.products_name, opd.orders_products_download_id, opd.orders_products_filename, opd.download_count, opd.download_maxdays from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_PRODUCTS . " op, " . TABLE_ORDERS_PRODUCTS_DOWNLOAD . " opd, " . TABLE_ORDERS_STATUS . " os where o.customers_id = '" . (int)$customer_id . "' and o.orders_id = '" . (int)$last_order . "' and o.orders_id = op.orders_id and op.orders_products_id = opd.orders_products_id and opd.orders_products_filename != '' and o.orders_status = os.orders_status_id and os.downloads_flag = '1' and os.language_id = '" . (int)$languages_id . "'"); | |
| 26 | 26 | if (tep_db_num_rows($downloads_query) > 0) { | |
| 27 | 27 | ?> | |
| 28 | 28 | <tr> |
Affected Files
catalog/includes/modules/order_total/ot_shipping.php
| 39 | 39 | } | |
| 40 | 40 | ||
| 41 | 41 | if ( ($pass == true) && ( ($order->info['total'] - $order->info['shipping_cost']) >= MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING_OVER) ) { | |
| 42 | - | $order->info['shipping_method'] = $this->title; | |
| 42 | + | $order->info['shipping_method'] = FREE_SHIPPING_TITLE; | |
| 43 | 43 | $order->info['total'] -= $order->info['shipping_cost']; | |
| 44 | 44 | $order->info['shipping_cost'] = 0; | |
| 45 | 45 | } |
Affected Files
catalog/includes/languages/english.php
catalog/includes/languages/espanol.php
catalog/includes/languages/german.php
| 310 | 310 | define('WARNING_SESSION_AUTO_START', 'Warning: session.auto_start is enabled - please disable this php feature in php.ini and restart the web server.'); | |
| 311 | 311 | define('WARNING_DOWNLOAD_DIRECTORY_NON_EXISTENT', 'Warning: The downloadable products directory does not exist: ' . DIR_FS_DOWNLOAD . '. Downloadable products will not work until this directory is valid.'); | |
| 312 | 312 | ||
| 313 | - | define('TEXT_CCVAL_ERROR_INVALID_DATE', 'The expiry date entered for the credit card is invalid.<br>Please check the date and try again.'); | |
| 314 | - | define('TEXT_CCVAL_ERROR_INVALID_NUMBER', 'The credit card number entered is invalid.<br>Please check the number and try again.'); | |
| 315 | - | define('TEXT_CCVAL_ERROR_UNKNOWN_CARD', 'The first four digits of the number entered are: %s<br>If that number is correct, we do not accept that type of credit card.<br>If it is wrong, please try again.'); | |
| 313 | + | define('TEXT_CCVAL_ERROR_INVALID_DATE', 'The expiry date entered for the credit card is invalid. Please check the date and try again.'); | |
| 314 | + | define('TEXT_CCVAL_ERROR_INVALID_NUMBER', 'The credit card number entered is invalid. Please check the number and try again.'); | |
| 315 | + | define('TEXT_CCVAL_ERROR_UNKNOWN_CARD', 'The first four digits of the number entered are: %s. If that number is correct, we do not accept that type of credit card. If it is wrong, please try again.'); | |
| 316 | 316 | ||
| 317 | 317 | define('FOOTER_TEXT_BODY', 'Copyright © ' . date('Y') . ' <a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . STORE_NAME . '</a><br>Powered by <a href="http://www.oscommerce.com" target="_blank">osCommerce</a>'); | |
| 318 | 318 | ?> |
| 310 | 310 | define('WARNING_SESSION_AUTO_START', 'Advertencia: session.auto_start esta activado - desactive esta caracteristica en el fichero php.ini and reinicie el servidor web.'); | |
| 311 | 311 | define('WARNING_DOWNLOAD_DIRECTORY_NON_EXISTENT', 'Advertencia: El directorio para productos descargables no existe: ' . DIR_FS_DOWNLOAD . '. Los productos descargables no funcionarán hasta que no se corriga este error.'); | |
| 312 | 312 | ||
| 313 | - | define('TEXT_CCVAL_ERROR_INVALID_DATE', 'La fecha de caducidad de la tarjeta de crédito es incorrecta.<br>Compruebe la fecha e inténtelo de nuevo.'); | |
| 314 | - | define('TEXT_CCVAL_ERROR_INVALID_NUMBER', 'El número de la tarjeta de crédito es incorrecto.<br>Compruebe el numero e inténtelo de nuevo.'); | |
| 315 | - | define('TEXT_CCVAL_ERROR_UNKNOWN_CARD', 'Los primeros cuatro digitos de su tarjeta son: %s<br>Si este número es correcto, no aceptamos este tipo de tarjetas.<br>Si es incorrecto, inténtelo de nuevo.'); | |
| 313 | + | define('TEXT_CCVAL_ERROR_INVALID_DATE', 'La fecha de caducidad de la tarjeta de crédito es incorrecta. Compruebe la fecha e inténtelo de nuevo.'); | |
| 314 | + | define('TEXT_CCVAL_ERROR_INVALID_NUMBER', 'El número de la tarjeta de crédito es incorrecto. Compruebe el numero e inténtelo de nuevo.'); | |
| 315 | + | define('TEXT_CCVAL_ERROR_UNKNOWN_CARD', 'Los primeros cuatro digitos de su tarjeta son: %s. Si este número es correcto, no aceptamos este tipo de tarjetas. Si es incorrecto, inténtelo de nuevo.'); | |
| 316 | 316 | ||
| 317 | 317 | define('FOOTER_TEXT_BODY', 'Copyright © ' . date('Y') . ' <a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . STORE_NAME . '</a><br>Powered by <a href="http://www.oscommerce.com" target="_blank">osCommerce</a>'); | |
| 318 | 318 | ?> |
| 310 | 310 | define('WARNING_SESSION_AUTO_START', 'Warnung: session.auto_start ist enabled - Bitte disablen Sie dieses PHP Feature in der php.ini und starten Sie den WEB-Server neu!'); | |
| 311 | 311 | define('WARNING_DOWNLOAD_DIRECTORY_NON_EXISTENT', 'Warnung: Das Verzeichnis für den Artikel Download existiert nicht: ' . DIR_FS_DOWNLOAD . '. Diese Funktion wird nicht funktionieren bis das Verzeichnis erstellt wurde!'); | |
| 312 | 312 | ||
| 313 | - | define('TEXT_CCVAL_ERROR_INVALID_DATE', 'Das "Gültig bis" Datum ist ungültig.<br>Bitte korrigieren Sie Ihre Angaben.'); | |
| 314 | - | define('TEXT_CCVAL_ERROR_INVALID_NUMBER', 'Die "KreditkarteNummer", die Sie angegeben haben, ist ungültig.<br>Bitte korrigieren Sie Ihre Angaben.'); | |
| 315 | - | define('TEXT_CCVAL_ERROR_UNKNOWN_CARD', 'Die ersten 4 Ziffern Ihrer Kreditkarte sind: %s<br>Wenn diese Angaben stimmen, wird dieser Kartentyp leider nicht akzeptiert.<br>Bitte korrigieren Sie Ihre Angaben gegebenfalls.'); | |
| 313 | + | define('TEXT_CCVAL_ERROR_INVALID_DATE', 'Das "Gültig bis" Datum ist ungültig. Bitte korrigieren Sie Ihre Angaben.'); | |
| 314 | + | define('TEXT_CCVAL_ERROR_INVALID_NUMBER', 'Die "KreditkarteNummer", die Sie angegeben haben, ist ungültig. Bitte korrigieren Sie Ihre Angaben.'); | |
| 315 | + | define('TEXT_CCVAL_ERROR_UNKNOWN_CARD', 'Die ersten 4 Ziffern Ihrer Kreditkarte sind: %s. Wenn diese Angaben stimmen, wird dieser Kartentyp leider nicht akzeptiert. Bitte korrigieren Sie Ihre Angaben gegebenfalls.'); | |
| 316 | 316 | ||
| 317 | 317 | define('FOOTER_TEXT_BODY', 'Copyright © ' . date('Y') . ' <a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . STORE_NAME . '</a><br>Powered by <a href="http://www.oscommerce.com" target="_blank">osCommerce</a>'); | |
| 318 | 318 | ?> |
Affected Files
catalog/admin/file_manager.php
catalog/admin/includes/languages/english/file_manager.php
catalog/admin/includes/languages/espanol/file_manager.php
catalog/admin/includes/languages/german/file_manager.php
| 43 | 43 | if (!$tep_remove_error) tep_redirect(tep_href_link(FILENAME_FILE_MANAGER)); | |
| 44 | 44 | break; | |
| 45 | 45 | case 'insert': | |
| 46 | - | if (mkdir($current_path . '/' . $HTTP_POST_VARS['folder_name'], 0777)) { | |
| 46 | + | if (isset($HTTP_POST_VARS['folder_name']) && tep_not_null(basename($HTTP_POST_VARS['folder_name'])) && mkdir($current_path . '/' . basename($HTTP_POST_VARS['folder_name']), 0777)) { | |
| 47 | 47 | tep_redirect(tep_href_link(FILENAME_FILE_MANAGER, 'info=' . urlencode($HTTP_POST_VARS['folder_name']))); | |
| 48 | 48 | } | |
| 49 | 49 | break; | |
| 50 | 50 | case 'save': | |
| 51 | - | if ($fp = fopen($current_path . '/' . $HTTP_POST_VARS['filename'], 'w+')) { | |
| 52 | - | fputs($fp, stripslashes($HTTP_POST_VARS['file_contents'])); | |
| 53 | - | fclose($fp); | |
| 54 | - | tep_redirect(tep_href_link(FILENAME_FILE_MANAGER, 'info=' . urlencode($HTTP_POST_VARS['filename']))); | |
| 51 | + | if (isset($HTTP_POST_VARS['filename']) && tep_not_null(basename($HTTP_POST_VARS['filename']))) { | |
| 52 | + | if (is_writeable($current_path) && ($fp = fopen($current_path . '/' . basename($HTTP_POST_VARS['filename']), 'w+'))) { | |
| 53 | + | fputs($fp, stripslashes($HTTP_POST_VARS['file_contents'])); | |
| 54 | + | fclose($fp); | |
| 55 | + | tep_redirect(tep_href_link(FILENAME_FILE_MANAGER, 'info=' . urlencode(basename($HTTP_POST_VARS['filename'])))); | |
| 56 | + | } | |
| 57 | + | } else { | |
| 58 | + | $action = 'new_file'; | |
| 59 | + | $directory_writeable = true; | |
| 60 | + | $messageStack->add(ERROR_FILENAME_EMPTY, 'error'); | |
| 55 | 61 | } | |
| 56 | 62 | break; | |
| 57 | 63 | case 'processuploads': |
| 35 | 35 | define('ERROR_DIRECTORY_NOT_REMOVEABLE', 'Error: I can not remove this directory. Please set the right user permissions on: %s'); | |
| 36 | 36 | define('ERROR_FILE_NOT_REMOVEABLE', 'Error: I can not remove this file. Please set the right user permissions on: %s'); | |
| 37 | 37 | define('ERROR_DIRECTORY_DOES_NOT_EXIST', 'Error: Directory does not exist: %s'); | |
| 38 | + | define('ERROR_FILENAME_EMPTY', 'Error: Please enter a filename to store the contents in.'); | |
| 38 | 39 | ?> |
| 35 | 35 | define('ERROR_DIRECTORY_NOT_REMOVEABLE', 'Error: No puedo eliminar el directorio. Asigne los permisos adecuados a: %s'); | |
| 36 | 36 | define('ERROR_FILE_NOT_REMOVEABLE', 'Error: No puedo eliminar este fichero. Asigne los permisos adecuados a: %s'); | |
| 37 | 37 | define('ERROR_DIRECTORY_DOES_NOT_EXIST', 'Error: No existe el directorio: %s'); | |
| 38 | + | define('ERROR_FILENAME_EMPTY', 'Error: Please enter a filename to store the contents in.'); | |
| 38 | 39 | ?> |
| 35 | 35 | define('ERROR_DIRECTORY_NOT_REMOVEABLE', 'Fehler: Das Verzeichnis kann nicht gelöscht werden. Bitte korrigieren Sie die Zugriffsrechte für: %s !'); | |
| 36 | 36 | define('ERROR_FILE_NOT_REMOVEABLE', 'Fehler: Die Datei kann nicht gelöscht werden. Bitte korrigieren Sie die Zugriffsrechte für: %s !'); | |
| 37 | 37 | define('ERROR_DIRECTORY_DOES_NOT_EXIST', 'Fehler: Das Verzeichnis %s existiert nicht!'); | |
| 38 | + | define('ERROR_FILENAME_EMPTY', 'Fehler: Bitte geben Sie einen Dateinamen an.'); | |
| 38 | 39 | ?> |
Affected Files
catalog/admin/includes/classes/table_block.php
| 41 | 41 | ||
| 42 | 42 | if (isset($contents[$i][0]) && is_array($contents[$i][0])) { | |
| 43 | 43 | for ($x=0, $y=sizeof($contents[$i]); $x<$y; $x++) { | |
| 44 | - | if (isset($contents[$i][$x]['text']) && tep_not_null(isset($contents[$i][$x]['text']))) { | |
| 44 | + | if (isset($contents[$i][$x]['text']) && tep_not_null($contents[$i][$x]['text'])) { | |
| 45 | 45 | $tableBox_string .= ' <td'; | |
| 46 | 46 | if (isset($contents[$i][$x]['align']) && tep_not_null($contents[$i][$x]['align'])) $tableBox_string .= ' align="' . $contents[$i][$x]['align'] . '"'; | |
| 47 | - | if (isset($contents[$i][$x]['params']) && tep_not_null(isset($contents[$i][$x]['params']))) { | |
| 47 | + | if (isset($contents[$i][$x]['params']) && tep_not_null($contents[$i][$x]['params'])) { | |
| 48 | 48 | $tableBox_string .= ' ' . $contents[$i][$x]['params']; | |
| 49 | 49 | } elseif (tep_not_null($this->table_data_parameters)) { | |
| 50 | 50 | $tableBox_string .= ' ' . $this->table_data_parameters; |
Affected Files
catalog/admin/backup.php
catalog/admin/categories.php
catalog/admin/languages.php
catalog/admin/products_attributes.php
| 260 | 260 | tep_db_query("delete from " . TABLE_SESSIONS); | |
| 261 | 261 | ||
| 262 | 262 | tep_db_query("delete from " . TABLE_CONFIGURATION . " where configuration_key = 'DB_LAST_RESTORE'"); | |
| 263 | - | tep_db_query("insert into " . TABLE_CONFIGURATION . " values ('', 'Last Database Restore', 'DB_LAST_RESTORE', '" . $read_from . "', 'Last database restore file', '6', '', '', now(), '', '')"); | |
| 263 | + | tep_db_query("insert into " . TABLE_CONFIGURATION . " values (null, 'Last Database Restore', 'DB_LAST_RESTORE', '" . $read_from . "', 'Last database restore file', '6', '0', null, now(), '', '')"); | |
| 264 | 264 | ||
| 265 | 265 | if (isset($remove_raw) && ($remove_raw == true)) { | |
| 266 | 266 | unlink($restore_from); |
| 38 | 38 | if (isset($HTTP_POST_VARS['categories_id'])) $categories_id = tep_db_prepare_input($HTTP_POST_VARS['categories_id']); | |
| 39 | 39 | $sort_order = tep_db_prepare_input($HTTP_POST_VARS['sort_order']); | |
| 40 | 40 | ||
| 41 | - | $sql_data_array = array('sort_order' => $sort_order); | |
| 41 | + | $sql_data_array = array('sort_order' => (int)$sort_order); | |
| 42 | 42 | ||
| 43 | 43 | if ($action == 'insert_category') { | |
| 44 | 44 | $insert_sql_data = array('parent_id' => $current_category_id, | |
… |
… |
||
| 215 | 215 | ||
| 216 | 216 | $products_date_available = (date('Y-m-d') < $products_date_available) ? $products_date_available : 'null'; | |
| 217 | 217 | ||
| 218 | - | $sql_data_array = array('products_quantity' => tep_db_prepare_input($HTTP_POST_VARS['products_quantity']), | |
| 218 | + | $sql_data_array = array('products_quantity' => (int)tep_db_prepare_input($HTTP_POST_VARS['products_quantity']), | |
| 219 | 219 | 'products_model' => tep_db_prepare_input($HTTP_POST_VARS['products_model']), | |
| 220 | 220 | 'products_price' => tep_db_prepare_input($HTTP_POST_VARS['products_price']), | |
| 221 | 221 | 'products_date_available' => $products_date_available, | |
| 222 | - | 'products_weight' => tep_db_prepare_input($HTTP_POST_VARS['products_weight']), | |
| 222 | + | 'products_weight' => (float)tep_db_prepare_input($HTTP_POST_VARS['products_weight']), | |
| 223 | 223 | 'products_status' => tep_db_prepare_input($HTTP_POST_VARS['products_status']), | |
| 224 | 224 | 'products_tax_class_id' => tep_db_prepare_input($HTTP_POST_VARS['products_tax_class_id']), | |
| 225 | - | 'manufacturers_id' => tep_db_prepare_input($HTTP_POST_VARS['manufacturers_id'])); | |
| 225 | + | 'manufacturers_id' => (int)tep_db_prepare_input($HTTP_POST_VARS['manufacturers_id'])); | |
| 226 | 226 | ||
| 227 | 227 | if (isset($HTTP_POST_VARS['products_image']) && tep_not_null($HTTP_POST_VARS['products_image']) && ($HTTP_POST_VARS['products_image'] != 'none')) { | |
| 228 | 228 | $sql_data_array['products_image'] = tep_db_prepare_input($HTTP_POST_VARS['products_image']); |
| 18 | 18 | switch ($action) { | |
| 19 | 19 | case 'insert': | |
| 20 | 20 | $name = tep_db_prepare_input($HTTP_POST_VARS['name']); | |
| 21 | - | $code = tep_db_prepare_input($HTTP_POST_VARS['code']); | |
| 21 | + | $code = tep_db_prepare_input(substr($HTTP_POST_VARS['code'], 0, 2)); | |
| 22 | 22 | $image = tep_db_prepare_input($HTTP_POST_VARS['image']); | |
| 23 | 23 | $directory = tep_db_prepare_input($HTTP_POST_VARS['directory']); | |
| 24 | - | $sort_order = tep_db_prepare_input($HTTP_POST_VARS['sort_order']); | |
| 24 | + | $sort_order = (int)tep_db_prepare_input($HTTP_POST_VARS['sort_order']); | |
| 25 | 25 | ||
| 26 | 26 | tep_db_query("insert into " . TABLE_LANGUAGES . " (name, code, image, directory, sort_order) values ('" . tep_db_input($name) . "', '" . tep_db_input($code) . "', '" . tep_db_input($image) . "', '" . tep_db_input($directory) . "', '" . tep_db_input($sort_order) . "')"); | |
| 27 | 27 | $insert_id = tep_db_insert_id(); | |
… |
… |
||
| 71 | 71 | case 'save': | |
| 72 | 72 | $lID = tep_db_prepare_input($HTTP_GET_VARS['lID']); | |
| 73 | 73 | $name = tep_db_prepare_input($HTTP_POST_VARS['name']); | |
| 74 | - | $code = tep_db_prepare_input($HTTP_POST_VARS['code']); | |
| 74 | + | $code = tep_db_prepare_input(substr($HTTP_POST_VARS['code'], 0, 2)); | |
| 75 | 75 | $image = tep_db_prepare_input($HTTP_POST_VARS['image']); | |
| 76 | 76 | $directory = tep_db_prepare_input($HTTP_POST_VARS['directory']); | |
| 77 | - | $sort_order = tep_db_prepare_input($HTTP_POST_VARS['sort_order']); | |
| 77 | + | $sort_order = (int)tep_db_prepare_input($HTTP_POST_VARS['sort_order']); | |
| 78 | 78 | ||
| 79 | 79 | tep_db_query("update " . TABLE_LANGUAGES . " set name = '" . tep_db_input($name) . "', code = '" . tep_db_input($code) . "', image = '" . tep_db_input($image) . "', directory = '" . tep_db_input($directory) . "', sort_order = '" . tep_db_input($sort_order) . "' where languages_id = '" . (int)$lID . "'"); | |
| 80 | 80 |
| 58 | 58 | $value_price = tep_db_prepare_input($HTTP_POST_VARS['value_price']); | |
| 59 | 59 | $price_prefix = tep_db_prepare_input($HTTP_POST_VARS['price_prefix']); | |
| 60 | 60 | ||
| 61 | - | tep_db_query("insert into " . TABLE_PRODUCTS_ATTRIBUTES . " values ('', '" . (int)$products_id . "', '" . (int)$options_id . "', '" . (int)$values_id . "', '" . tep_db_input($value_price) . "', '" . tep_db_input($price_prefix) . "')"); | |
| 61 | + | tep_db_query("insert into " . TABLE_PRODUCTS_ATTRIBUTES . " values (null, '" . (int)$products_id . "', '" . (int)$options_id . "', '" . (int)$values_id . "', '" . tep_db_input($value_price) . "', '" . tep_db_input($price_prefix) . "')"); | |
| 62 | 62 | ||
| 63 | 63 | if (DOWNLOAD_ENABLED == 'true') { | |
| 64 | 64 | $products_attributes_id = tep_db_insert_id(); |
Affected Files
catalog/admin/includes/functions/compatibility.php
| 186 | 186 | $arg_separator = ini_get('arg_separator.output'); | |
| 187 | 187 | ||
| 188 | 188 | if ( empty($arg_separator) ) { | |
| 189 | - | $separator = '&'; | |
| 189 | + | $arg_separator = '&'; | |
| 190 | 190 | } | |
| 191 | 191 | } | |
| 192 | 192 | ||
… |
… |
||
| 217 | 217 | return null; | |
| 218 | 218 | } | |
| 219 | 219 | ||
| 220 | - | return implode($separator, $tmp); | |
| 220 | + | return implode($arg_separator, $tmp); | |
| 221 | 221 | } | |
| 222 | 222 | ||
| 223 | 223 | // Helper function |
Affected Files
catalog/admin/newsletters.php
| 38 | 38 | $newsletter_error = true; | |
| 39 | 39 | } | |
| 40 | 40 | ||
| 41 | - | if (empty($module)) { | |
| 41 | + | if (empty($newsletter_module)) { | |
| 42 | 42 | $messageStack->add(ERROR_NEWSLETTER_MODULE, 'error'); | |
| 43 | 43 | $newsletter_error = true; | |
| 44 | 44 | } |
Affected Files
catalog/admin/includes/functions/sessions.php
catalog/includes/functions/sessions.php
| 36 | 36 | return $value['value']; | |
| 37 | 37 | } | |
| 38 | 38 | ||
| 39 | - | return false; | |
| 39 | + | return ''; | |
| 40 | 40 | } | |
| 41 | 41 | ||
| 42 | 42 | function _sess_write($key, $val) { |
| 36 | 36 | return $value['value']; | |
| 37 | 37 | } | |
| 38 | 38 | ||
| 39 | - | return false; | |
| 39 | + | return ''; | |
| 40 | 40 | } | |
| 41 | 41 | ||
| 42 | 42 | function _sess_write($key, $val) { |
Affected Files
catalog/admin/categories.php
| 971 | 971 | default: | |
| 972 | 972 | if ($rows > 0) { | |
| 973 | 973 | if (isset($cInfo) && is_object($cInfo)) { // category info box contents | |
| 974 | + | $category_path_string = ''; | |
| 975 | + | $category_path = tep_generate_category_path($cInfo->categories_id); | |
| 976 | + | for ($i=(sizeof($category_path[0])-1); $i>0; $i--) { | |
| 977 | + | $category_path_string .= $category_path[0][$i]['id'] . '_'; | |
| 978 | + | } | |
| 979 | + | $category_path_string = substr($category_path_string, 0, -1); | |
| 980 | + | ||
| 974 | 981 | $heading[] = array('text' => '<b>' . $cInfo->categories_name . '</b>'); | |
| 975 | 982 | ||
| 976 | - | $contents[] = array('align' => 'center', 'text' => '<a href="' . tep_href_link(FILENAME_CATEGORIES, 'cPath=' . $cPath . '&cID=' . $cInfo->categories_id . '&action=edit_category') . '">' . tep_image_button('button_edit.gif', IMAGE_EDIT) . '</a> <a href="' . tep_href_link(FILENAME_CATEGORIES, 'cPath=' . $cPath . '&cID=' . $cInfo->categories_id . '&action=delete_category') . '">' . tep_image_button('button_delete.gif', IMAGE_DELETE) . '</a> <a href="' . tep_href_link(FILENAME_CATEGORIES, 'cPath=' . $cPath . '&cID=' . $cInfo->categories_id . '&action=move_category') . '">' . tep_image_button('button_move.gif', IMAGE_MOVE) . '</a>'); | |
| 983 | + | $contents[] = array('align' => 'center', 'text' => '<a href="' . tep_href_link(FILENAME_CATEGORIES, 'cPath=' . $category_path_string . '&cID=' . $cInfo->categories_id . '&action=edit_category') . '">' . tep_image_button('button_edit.gif', IMAGE_EDIT) . '</a> <a href="' . tep_href_link(FILENAME_CATEGORIES, 'cPath=' . $category_path_string . '&cID=' . $cInfo->categories_id . '&action=delete_category') . '">' . tep_image_button('button_delete.gif', IMAGE_DELETE) . '</a> <a href="' . tep_href_link(FILENAME_CATEGORIES, 'cPath=' . $category_path_string . '&cID=' . $cInfo->categories_id . '&action=move_category') . '">' . tep_image_button('button_move.gif', IMAGE_MOVE) . '</a>'); | |
| 977 | 984 | $contents[] = array('text' => '<br>' . TEXT_DATE_ADDED . ' ' . tep_date_short($cInfo->date_added)); | |
| 978 | 985 | if (tep_not_null($cInfo->last_modified)) $contents[] = array('text' => TEXT_LAST_MODIFIED . ' ' . tep_date_short($cInfo->last_modified)); | |
| 979 | 986 | $contents[] = array('text' => '<br>' . tep_info_image($cInfo->categories_image, $cInfo->categories_name, HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT) . '<br>' . $cInfo->categories_image); |
Affected Files
catalog/address_book_process.php
| 142 | 142 | } | |
| 143 | 143 | ||
| 144 | 144 | if ($HTTP_POST_VARS['action'] == 'update') { | |
| 145 | - | tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array, 'update', "address_book_id = '" . (int)$HTTP_GET_VARS['edit'] . "' and customers_id ='" . (int)$customer_id . "'"); | |
| 145 | + | $check_query = tep_db_query("select address_book_id from " . TABLE_ADDRESS_BOOK . " where address_book_id = '" . (int)$HTTP_GET_VARS['edit'] . "' and customers_id = '" . (int)$customer_id . "' limit 1"); | |
| 146 | + | if (tep_db_num_rows($check_query) == 1) { | |
| 147 | + | tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array, 'update', "address_book_id = '" . (int)$HTTP_GET_VARS['edit'] . "' and customers_id ='" . (int)$customer_id . "'"); | |
| 146 | 148 | ||
| 147 | 149 | // reregister session variables | |
| 148 | - | if ( (isset($HTTP_POST_VARS['primary']) && ($HTTP_POST_VARS['primary'] == 'on')) || ($HTTP_GET_VARS['edit'] == $customer_default_address_id) ) { | |
| 149 | - | $customer_first_name = $firstname; | |
| 150 | - | $customer_country_id = $country; | |
| 151 | - | $customer_zone_id = (($zone_id > 0) ? (int)$zone_id : '0'); | |
| 152 | - | $customer_default_address_id = (int)$HTTP_GET_VARS['edit']; | |
| 150 | + | if ( (isset($HTTP_POST_VARS['primary']) && ($HTTP_POST_VARS['primary'] == 'on')) || ($HTTP_GET_VARS['edit'] == $customer_default_address_id) ) { | |
| 151 | + | $customer_first_name = $firstname; | |
| 152 | + | $customer_country_id = $country; | |
| 153 | + | $customer_zone_id = (($zone_id > 0) ? (int)$zone_id : '0'); | |
| 154 | + | $customer_default_address_id = (int)$HTTP_GET_VARS['edit']; | |
| 153 | 155 | ||
| 154 | - | $sql_data_array = array('customers_firstname' => $firstname, | |
| 155 | - | 'customers_lastname' => $lastname, | |
| 156 | - | 'customers_default_address_id' => (int)$HTTP_GET_VARS['edit']); | |
| 156 | + | $sql_data_array = array('customers_firstname' => $firstname, | |
| 157 | + | 'customers_lastname' => $lastname, | |
| 158 | + | 'customers_default_address_id' => (int)$HTTP_GET_VARS['edit']); | |
| 157 | 159 | ||
| 158 | - | if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $gender; | |
| 160 | + | if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $gender; | |
| 159 | 161 | ||
| 160 | - | tep_db_perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id = '" . (int)$customer_id . "'"); | |
| 162 | + | tep_db_perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id = '" . (int)$customer_id . "'"); | |
| 163 | + | } | |
| 164 | + | ||
| 165 | + | $messageStack->add_session('addressbook', SUCCESS_ADDRESS_BOOK_ENTRY_UPDATED, 'success'); | |
| 161 | 166 | } | |
| 162 | 167 | } else { | |
| 163 | - | $sql_data_array['customers_id'] = (int)$customer_id; | |
| 164 | - | tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array); | |
| 168 | + | if (tep_count_customer_address_book_entries() < MAX_ADDRESS_BOOK_ENTRIES) { | |
| 169 | + | $sql_data_array['customers_id'] = (int)$customer_id; | |
| 170 | + | tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array); | |
| 165 | 171 | ||
| 166 | - | $new_address_book_id = tep_db_insert_id(); | |
| 172 | + | $new_address_book_id = tep_db_insert_id(); | |
| 167 | 173 | ||
| 168 | 174 | // reregister session variables | |
| 169 | - | if (isset($HTTP_POST_VARS['primary']) && ($HTTP_POST_VARS['primary'] == 'on')) { | |
| 170 | - | $customer_first_name = $firstname; | |
| 171 | - | $customer_country_id = $country; | |
| 172 | - | $customer_zone_id = (($zone_id > 0) ? (int)$zone_id : '0'); | |
| 173 | - | if (isset($HTTP_POST_VARS['primary']) && ($HTTP_POST_VARS['primary'] == 'on')) $customer_default_address_id = $new_address_book_id; | |
| 175 | + | if (isset($HTTP_POST_VARS['primary']) && ($HTTP_POST_VARS['primary'] == 'on')) { | |
| 176 | + | $customer_first_name = $firstname; | |
| 177 | + | $customer_country_id = $country; | |
| 178 | + | $customer_zone_id = (($zone_id > 0) ? (int)$zone_id : '0'); | |
| 179 | + | if (isset($HTTP_POST_VARS['primary']) && ($HTTP_POST_VARS['primary'] == 'on')) $customer_default_address_id = $new_address_book_id; | |
| 174 | 180 | ||
| 175 | - | $sql_data_array = array('customers_firstname' => $firstname, | |
| 176 | - | 'customers_lastname' => $lastname); | |
| 181 | + | $sql_data_array = array('customers_firstname' => $firstname, | |
| 182 | + | 'customers_lastname' => $lastname); | |
| 177 | 183 | ||
| 178 | - | if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $gender; | |
| 179 | - | if (isset($HTTP_POST_VARS['primary']) && ($HTTP_POST_VARS['primary'] == 'on')) $sql_data_array['customers_default_address_id'] = $new_address_book_id; | |
| 184 | + | if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $gender; | |
| 185 | + | if (isset($HTTP_POST_VARS['primary']) && ($HTTP_POST_VARS['primary'] == 'on')) $sql_data_array['customers_default_address_id'] = $new_address_book_id; | |
| 180 | 186 | ||
| 181 | - | tep_db_perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id = '" . (int)$customer_id . "'"); | |
| 187 | + | tep_db_perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id = '" . (int)$customer_id . "'"); | |
| 188 | + | ||
| 189 | + | $messageStack->add_session('addressbook', SUCCESS_ADDRESS_BOOK_ENTRY_UPDATED, 'success'); | |
| 190 | + | } | |
| 182 | 191 | } | |
| 183 | 192 | } | |
| 184 | 193 | ||
| 185 | - | $messageStack->add_session('addressbook', SUCCESS_ADDRESS_BOOK_ENTRY_UPDATED, 'success'); | |
| 186 | - | ||
| 187 | 194 | tep_redirect(tep_href_link(FILENAME_ADDRESS_BOOK, '', 'SSL')); | |
| 188 | 195 | } | |
| 189 | 196 | } |
Affected Files
catalog/admin/products_attributes.php
| 15 | 15 | ||
| 16 | 16 | $action = (isset($HTTP_GET_VARS['action']) ? $HTTP_GET_VARS['action'] : ''); | |
| 17 | 17 | ||
| 18 | - | if (tep_not_null($action)) { | |
| 19 | - | $page_info = ''; | |
| 20 | - | if (isset($HTTP_GET_VARS['option_page'])) $page_info .= 'option_page=' . $HTTP_GET_VARS['option_page'] . '&'; | |
| 21 | - | if (isset($HTTP_GET_VARS['value_page'])) $page_info .= 'value_page=' . $HTTP_GET_VARS['value_page'] . '&'; | |
| 22 | - | if (isset($HTTP_GET_VARS['attribute_page'])) $page_info .= 'attribute_page=' . $HTTP_GET_VARS['attribute_page'] . '&'; | |
| 23 | - | if (tep_not_null($page_info)) { | |
| 24 | - | $page_info = substr($page_info, 0, -1); | |
| 25 | - | } | |
| 18 | + | $option_page = (isset($HTTP_GET_VARS['option_page']) && is_numeric($HTTP_GET_VARS['option_page'])) ? $HTTP_GET_VARS['option_page'] : 1; | |
| 19 | + | $value_page = (isset($HTTP_GET_VARS['value_page']) && is_numeric($HTTP_GET_VARS['value_page'])) ? $HTTP_GET_VARS['value_page'] : 1; | |
| 20 | + | $attribute_page = (isset($HTTP_GET_VARS['attribute_page']) && is_numeric($HTTP_GET_VARS['attribute_page'])) ? $HTTP_GET_VARS['attribute_page'] : 1; | |
| 26 | 21 | ||
| 22 | + | $page_info = 'option_page=' . $option_page . '&value_page=' . $value_page . '&attribute_page=' . $attribute_page; | |
| 23 | + | ||
| 24 | + | if (tep_not_null($action)) { | |
| 27 | 25 | switch ($action) { | |
| 28 | 26 | case 'add_product_options': | |
| 29 | 27 | $products_options_id = tep_db_prepare_input($HTTP_POST_VARS['products_options_id']); | |
… |
… |
||
| 58 | 56 | $value_price = tep_db_prepare_input($HTTP_POST_VARS['value_price']); | |
| 59 | 57 | $price_prefix = tep_db_prepare_input($HTTP_POST_VARS['price_prefix']); | |
| 60 | 58 | ||
| 61 | - | tep_db_query("insert into " . TABLE_PRODUCTS_ATTRIBUTES . " values (null, '" . (int)$products_id . "', '" . (int)$options_id . "', '" . (int)$values_id . "', '" . tep_db_input($value_price) . "', '" . tep_db_input($price_prefix) . "')"); | |
| 59 | + | tep_db_query("insert into " . TABLE_PRODUCTS_ATTRIBUTES . " values (null, '" . (int)$products_id . "', '" . (int)$options_id . "', '" . (int)$values_id . "', '" . (float)tep_db_input($value_price) . "', '" . tep_db_input($price_prefix) . "')"); | |
| 62 | 60 | ||
| 63 | 61 | if (DOWNLOAD_ENABLED == 'true') { | |
| 64 | 62 | $products_attributes_id = tep_db_insert_id(); | |
… |
… |
||
| 109 | 107 | $price_prefix = tep_db_prepare_input($HTTP_POST_VARS['price_prefix']); | |
| 110 | 108 | $attribute_id = tep_db_prepare_input($HTTP_POST_VARS['attribute_id']); | |
| 111 | 109 | ||
| 112 | - | tep_db_query("update " . TABLE_PRODUCTS_ATTRIBUTES . " set products_id = '" . (int)$products_id . "', options_id = '" . (int)$options_id . "', options_values_id = '" . (int)$values_id . "', options_values_price = '" . tep_db_input($value_price) . "', price_prefix = '" . tep_db_input($price_prefix) . "' where products_attributes_id = '" . (int)$attribute_id . "'"); | |
| 110 | + | tep_db_query("update " . TABLE_PRODUCTS_ATTRIBUTES . " set products_id = '" . (int)$products_id . "', options_id = '" . (int)$options_id . "', options_values_id = '" . (int)$values_id . "', options_values_price = '" . (float)tep_db_input($value_price) . "', price_prefix = '" . tep_db_input($price_prefix) . "' where products_attributes_id = '" . (int)$attribute_id . "'"); | |
| 113 | 111 | ||
| 114 | 112 | if (DOWNLOAD_ENABLED == 'true') { | |
| 115 | 113 | $products_attributes_filename = tep_db_prepare_input($HTTP_POST_VARS['products_attributes_filename']); | |
… |
… |
||
| 158 | 156 | <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>"> | |
| 159 | 157 | <title><?php echo TITLE; ?></title> | |
| 160 | 158 | <link rel="stylesheet" type="text/css" href="includes/stylesheet.css"> | |
| 161 | - | <script language="javascript"><!-- | |
| 162 | - | function go_option() { | |
| 163 | - | if (document.option_order_by.selected.options[document.option_order_by.selected.selectedIndex].value != "none") { | |
| 164 | - | location = "<?php echo tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'option_page=' . ($HTTP_GET_VARS['option_page'] ? $HTTP_GET_VARS['option_page'] : 1)); ?>&option_order_by="+document.option_order_by.selected.options[document.option_order_by.selected.selectedIndex].value; | |
| 165 | - | } | |
| 166 | - | } | |
| 167 | - | //--></script> | |
| 168 | 159 | </head> | |
| 169 | 160 | <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0" bgcolor="#FFFFFF"> | |
| 170 | 161 | <!-- header //--> | |
… |
… |
||
| 194 | 185 | ?> | |
| 195 | 186 | <tr> | |
| 196 | 187 | <td class="pageHeading"> <?php echo $options_values['products_options_name']; ?> </td> | |
| 197 | - | <td> <?php echo tep_image(DIR_WS_IMAGES . 'pixel_trans.gif', '', '1', '53'); ?> </td> | |
| 198 | 188 | </tr> | |
| 199 | 189 | <tr> | |
| 200 | 190 | <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> | |
… |
… |
||
| 233 | 223 | <td colspan="3" class="main"><br><?php echo TEXT_WARNING_OF_DELETE; ?></td> | |
| 234 | 224 | </tr> | |
| 235 | 225 | <tr> | |
| 236 | - | <td align="right" colspan="3" class="main"><br><?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, (isset($HTTP_GET_VARS['value_page']) ? 'value_page=' . $HTTP_GET_VARS['value_page'] . '&' : '') . (isset($HTTP_GET_VARS['attribute_page']) ? 'attribute_page=' . $HTTP_GET_VARS['attribute_page'] : ''), 'NONSSL') . '">'; ?><?php echo tep_image_button('button_cancel.gif', ' cancel '); ?></a> </td> | |
| 226 | + | <td align="right" colspan="3" class="main"><br><?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info, 'NONSSL') . '">'; ?><?php echo tep_image_button('button_cancel.gif', ' cancel '); ?></a> </td> | |
| 237 | 227 | </tr> | |
| 238 | 228 | <?php | |
| 239 | 229 | } else { | |
… |
… |
||
| 242 | 232 | <td class="main" colspan="3"><br><?php echo TEXT_OK_TO_DELETE; ?></td> | |
| 243 | 233 | </tr> | |
| 244 | 234 | <tr> | |
| 245 | - | <td class="main" align="right" colspan="3"><br><?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_option&option_id=' . $HTTP_GET_VARS['option_id'], 'NONSSL') . '">'; ?><?php echo tep_image_button('button_delete.gif', ' delete '); ?></a> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, (isset($HTTP_GET_VARS['order_by']) ? 'order_by=' . $HTTP_GET_VARS['order_by'] . '&' : '') . (isset($HTTP_GET_VARS['page']) ? 'page=' . $HTTP_GET_VARS['page'] : ''), 'NONSSL') . '">'; ?><?php echo tep_image_button('button_cancel.gif', ' cancel '); ?></a> </td> | |
| 235 | + | <td class="main" align="right" colspan="3"><br><?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_option&option_id=' . $HTTP_GET_VARS['option_id'] . '&' . $page_info, 'NONSSL') . '">'; ?><?php echo tep_image_button('button_delete.gif', ' delete '); ?></a> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info, 'NONSSL') . '">'; ?><?php echo tep_image_button('button_cancel.gif', ' cancel '); ?></a> </td> | |
| 246 | 236 | </tr> | |
| 247 | 237 | <?php | |
| 248 | 238 | } | |
… |
… |
||
| 251 | 241 | </tr> | |
| 252 | 242 | <?php | |
| 253 | 243 | } else { | |
| 254 | - | if (isset($HTTP_GET_VARS['option_order_by'])) { | |
| 255 | - | $option_order_by = $HTTP_GET_VARS['option_order_by']; | |
| 256 | - | } else { | |
| 257 | - | $option_order_by = 'products_options_id'; | |
| 258 | - | } | |
| 259 | 244 | ?> | |
| 260 | 245 | <tr> | |
| 261 | - | <td colspan="2" class="pageHeading"> <?php echo HEADING_TITLE_OPT; ?> </td> | |
| 262 | - | <td align="right"><br><form name="option_order_by" action="<?php echo FILENAME_PRODUCTS_ATTRIBUTES; ?>"><select name="selected" onChange="go_option()"><option value="products_options_id"<?php if ($option_order_by == 'products_options_id') { echo ' SELECTED'; } ?>><?php echo TEXT_OPTION_ID; ?></option><option value="products_options_name"<?php if ($option_order_by == 'products_options_name') { echo ' SELECTED'; } ?>><?php echo TEXT_OPTION_NAME; ?></option></select></form></td> | |
| 246 | + | <td colspan="3" class="pageHeading"> <?php echo HEADING_TITLE_OPT; ?> </td> | |
| 263 | 247 | </tr> | |
| 264 | 248 | <tr> | |
| 265 | - | <td colspan="3" class="smallText"> | |
| 249 | + | <td colspan="3" class="smallText" align="right"> | |
| 266 | 250 | <?php | |
| 267 | - | $per_page = MAX_ROW_LISTS_OPTIONS; | |
| 268 | - | $options = "select * from " . TABLE_PRODUCTS_OPTIONS . " where language_id = '" . (int)$languages_id . "' order by " . $option_order_by; | |
| 269 | - | if (!isset($option_page)) { | |
| 270 | - | $option_page = 1; | |
| 271 | - | } | |
| 272 | - | $prev_option_page = $option_page - 1; | |
| 273 | - | $next_option_page = $option_page + 1; | |
| 251 | + | $options = "select * from " . TABLE_PRODUCTS_OPTIONS . " where language_id = '" . (int)$languages_id . "' order by products_options_id"; | |
| 252 | + | $options_split = new splitPageResults($option_page, MAX_ROW_LISTS_OPTIONS, $options, $options_query_numrows); | |
| 274 | 253 | ||
| 275 | - | $option_query = tep_db_query($options); | |
| 276 | - | ||
| 277 | - | $option_page_start = ($per_page * $option_page) - $per_page; | |
| 278 | - | $num_rows = tep_db_num_rows($option_query); | |
| 279 | - | ||
| 280 | - | if ($num_rows <= $per_page) { | |
| 281 | - | $num_pages = 1; | |
| 282 | - | } else if (($num_rows % $per_page) == 0) { | |
| 283 | - | $num_pages = ($num_rows / $per_page); | |
| 284 | - | } else { | |
| 285 | - | $num_pages = ($num_rows / $per_page) + 1; | |
| 286 | - | } | |
| 287 | - | $num_pages = (int) $num_pages; | |
| 288 | - | ||
| 289 | - | $options = $options . " LIMIT $option_page_start, $per_page"; | |
| 290 | - | ||
| 291 | - | // Previous | |
| 292 | - | if ($prev_option_page) { | |
| 293 | - | echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'option_page=' . $prev_option_page) . '"> << </a> | '; | |
| 294 | - | } | |
| 295 | - | ||
| 296 | - | for ($i = 1; $i <= $num_pages; $i++) { | |
| 297 | - | if ($i != $option_page) { | |
| 298 | - | echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'option_page=' . $i) . '">' . $i . '</a> | '; | |
| 299 | - | } else { | |
| 300 | - | echo '<b><font color=red>' . $i . '</font></b> | '; | |
| 301 | - | } | |
| 302 | - | } | |
| 303 | - | ||
| 304 | - | // Next | |
| 305 | - | if ($option_page != $num_pages) { | |
| 306 | - | echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'option_page=' . $next_option_page) . '"> >> </a>'; | |
| 307 | - | } | |
| 254 | + | echo $options_split->display_links($options_query_numrows, MAX_ROW_LISTS_OPTIONS, MAX_DISPLAY_PAGE_LINKS, $option_page, 'value_page=' . $value_page . '&attribute_page=' . $attribute_page, 'option_page'); | |
| 308 | 255 | ?> | |
| 309 | 256 | </td> | |
| 310 | 257 | </tr> | |
… |
… |
||
| 329 | 276 | <tr class="<?php echo (floor($rows/2) == ($rows/2) ? 'attributes-even' : 'attributes-odd'); ?>"> | |
| 330 | 277 | <?php | |
| 331 | 278 | if (($action == 'update_option') && ($HTTP_GET_VARS['option_id'] == $options_values['products_options_id'])) { | |
| 332 | - | echo '<form name="option" action="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=update_option_name', 'NONSSL') . '" method="post">'; | |
| 279 | + | echo '<form name="option" action="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=update_option_name&' . $page_info, 'NONSSL') . '" method="post">'; | |
| 333 | 280 | $inputs = ''; | |
| 334 | 281 | for ($i = 0, $n = sizeof($languages); $i < $n; $i ++) { | |
| 335 | 282 | $option_name = tep_db_query("select products_options_name from " . TABLE_PRODUCTS_OPTIONS . " where products_options_id = '" . $options_values['products_options_id'] . "' and language_id = '" . $languages[$i]['id'] . "'"); | |
… |
… |
||
| 339 | 286 | ?> | |
| 340 | 287 | <td align="center" class="smallText"> <?php echo $options_values['products_options_id']; ?><input type="hidden" name="option_id" value="<?php echo $options_values['products_options_id']; ?>"> </td> | |
| 341 | 288 | <td class="smallText"><?php echo $inputs; ?></td> | |
| 342 | - | <td align="center" class="smallText"> <?php echo tep_image_submit('button_update.gif', IMAGE_UPDATE); ?> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, '', 'NONSSL') . '">'; ?><?php echo tep_image_button('button_cancel.gif', IMAGE_CANCEL); ?></a> </td> | |
| 289 | + | <td align="center" class="smallText"> <?php echo tep_image_submit('button_update.gif', IMAGE_UPDATE); ?> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info, 'NONSSL') . '">'; ?><?php echo tep_image_button('button_cancel.gif', IMAGE_CANCEL); ?></a> </td> | |
| 343 | 290 | <?php | |
| 344 | 291 | echo '</form>' . "\n"; | |
| 345 | 292 | } else { | |
| 346 | 293 | ?> | |
| 347 | 294 | <td align="center" class="smallText"> <?php echo $options_values["products_options_id"]; ?> </td> | |
| 348 | 295 | <td class="smallText"> <?php echo $options_values["products_options_name"]; ?> </td> | |
| 349 | - | <td align="center" class="smallText"> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=update_option&option_id=' . $options_values['products_options_id'] . '&option_order_by=' . $option_order_by . '&option_page=' . $option_page, 'NONSSL') . '">'; ?><?php echo tep_image_button('button_edit.gif', IMAGE_UPDATE); ?></a> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_product_option&option_id=' . $options_values['products_options_id'], 'NONSSL') , '">'; ?><?php echo tep_image_button('button_delete.gif', IMAGE_DELETE); ?></a> </td> | |
| 296 | + | <td align="center" class="smallText"> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=update_option&option_id=' . $options_values['products_options_id'] . '&' . $page_info, 'NONSSL') . '">'; ?><?php echo tep_image_button('button_edit.gif', IMAGE_UPDATE); ?></a> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_product_option&option_id=' . $options_values['products_options_id'] . '&' . $page_info, 'NONSSL') , '">'; ?><?php echo tep_image_button('button_delete.gif', IMAGE_DELETE); ?></a> </td> | |
| 350 | 297 | <?php | |
| 351 | 298 | } | |
| 352 | 299 | ?> | |
… |
… |
||
| 365 | 312 | ?> | |
| 366 | 313 | <tr class="<?php echo (floor($rows/2) == ($rows/2) ? 'attributes-even' : 'attributes-odd'); ?>"> | |
| 367 | 314 | <?php | |
| 368 | - | echo '<form name="options" action="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=add_product_options&option_page=' . $option_page, 'NONSSL') . '" method="post"><input type="hidden" name="products_options_id" value="' . $next_id . '">'; | |
| 315 | + | echo '<form name="options" action="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=add_product_options&' . $page_info, 'NONSSL') . '" method="post"><input type="hidden" name="products_options_id" value="' . $next_id . '">'; | |
| 369 | 316 | $inputs = ''; | |
| 370 | 317 | for ($i = 0, $n = sizeof($languages); $i < $n; $i ++) { | |
| 371 | 318 | $inputs .= $languages[$i]['code'] . ': <input type="text" name="option_name[' . $languages[$i]['id'] . ']" size="20"> <br>'; | |
… |
… |
||
| 396 | 343 | ?> | |
| 397 | 344 | <tr> | |
| 398 | 345 | <td colspan="3" class="pageHeading"> <?php echo $values_values['products_options_values_name']; ?> </td> | |
| 399 | - | <td> <?php echo tep_image(DIR_WS_IMAGES . 'pixel_trans.gif', '', '1', '53'); ?> </td> | |
| 400 | 346 | </tr> | |
| 401 | 347 | <tr> | |
| 402 | 348 | <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> | |
… |
… |
||
| 434 | 380 | <td class="main" colspan="3"><br><?php echo TEXT_WARNING_OF_DELETE; ?></td> | |
| 435 | 381 | </tr> | |
| 436 | 382 | <tr> | |
| 437 | - | <td class="main" align="right" colspan="3"><br><?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, (isset($HTTP_GET_VARS['value_page']) ? 'value_page=' . $HTTP_GET_VARS['value_page'] . '&' : '') . (isset($HTTP_GET_VARS['attribute_page']) ? 'attribute_page=' . $attribute_page : ''), 'NONSSL') . '">'; ?><?php echo tep_image_button('button_cancel.gif', ' cancel '); ?></a> </td> | |
| 383 | + | <td class="main" align="right" colspan="3"><br><?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info, 'NONSSL') . '">'; ?><?php echo tep_image_button('button_cancel.gif', ' cancel '); ?></a> </td> | |
| 438 | 384 | </tr> | |
| 439 | 385 | <?php | |
| 440 | 386 | } else { | |
… |
… |
||
| 443 | 389 | <td class="main" colspan="3"><br><?php echo TEXT_OK_TO_DELETE; ?></td> | |
| 444 | 390 | </tr> | |
| 445 | 391 | <tr> | |
| 446 | - | <td class="main" align="right" colspan="3"><br><?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_value&value_id=' . $HTTP_GET_VARS['value_id'], 'NONSSL') . '">'; ?><?php echo tep_image_button('button_delete.gif', ' delete '); ?></a> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, '&option_page=' . $option_page . (isset($HTTP_GET_VARS['value_page']) ? '&value_page=' . $value_page : '') . (isset($HTTP_GET_VARS['attribute_page']) ? '&attribute_page=' . $attribute_page : ''), 'NONSSL') . '">'; ?><?php echo tep_image_button('button_cancel.gif', ' cancel '); ?></a> </td> | |
| 392 | + | <td class="main" align="right" colspan="3"><br><?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_value&value_id=' . $HTTP_GET_VARS['value_id'] . '&' . $page_info, 'NONSSL') . '">'; ?><?php echo tep_image_button('button_delete.gif', ' delete '); ?></a> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info, 'NONSSL') . '">'; ?><?php echo tep_image_button('button_cancel.gif', ' cancel '); ?></a> </td> | |
| 447 | 393 | </tr> | |
| 448 | 394 | <?php | |
| 449 | 395 | } | |
… |
… |
||
| 454 | 400 | } else { | |
| 455 | 401 | ?> | |
| 456 | 402 | <tr> | |
| 457 | - | <td colspan="3" class="pageHeading"> <?php echo HEADING_TITLE_VAL; ?> </td> | |
| 458 | - | <td> <?php echo tep_image(DIR_WS_IMAGES . 'pixel_trans.gif', '', '1', '53'); ?> </td> | |
| 403 | + | <td colspan="4" class="pageHeading"> <?php echo HEADING_TITLE_VAL; ?> </td> | |
| 459 | 404 | </tr> | |
| 460 | 405 | <tr> | |
| 461 | - | <td colspan="4" class="smallText"> | |
| 406 | + | <td colspan="4" class="smallText" align="right"> | |
| 462 | 407 | <?php | |
| 463 | - | $per_page = MAX_ROW_LISTS_OPTIONS; | |
| 464 | 408 | $values = "select pov.products_options_values_id, pov.products_options_values_name, pov2po.products_options_id from " . TABLE_PRODUCTS_OPTIONS_VALUES . " pov left join " . TABLE_PRODUCTS_OPTIONS_VALUES_TO_PRODUCTS_OPTIONS . " pov2po on pov.products_options_values_id = pov2po.products_options_values_id where pov.language_id = '" . (int)$languages_id . "' order by pov.products_options_values_id"; | |
| 465 | - | if (!isset($value_page)) { | |
| 466 | - | $value_page = 1; | |
| 467 | - | } | |
| 468 | - | $prev_value_page = $value_page - 1; | |
| 469 | - | $next_value_page = $value_page + 1; | |
| 409 | + | $values_split = new splitPageResults($value_page, MAX_ROW_LISTS_OPTIONS, $values, $values_query_numrows); | |
| 470 | 410 | ||
| 471 | - | $value_query = tep_db_query($values); | |
| 472 | - | ||
| 473 | - | $value_page_start = ($per_page * $value_page) - $per_page; | |
| 474 | - | $num_rows = tep_db_num_rows($value_query); | |
| 475 | - | ||
| 476 | - | if ($num_rows <= $per_page) { | |
| 477 | - | $num_pages = 1; | |
| 478 | - | } else if (($num_rows % $per_page) == 0) { | |
| 479 | - | $num_pages = ($num_rows / $per_page); | |
| 480 | - | } else { | |
| 481 | - | $num_pages = ($num_rows / $per_page) + 1; | |
| 482 | - | } | |
| 483 | - | $num_pages = (int) $num_pages; | |
| 484 | - | ||
| 485 | - | $values = $values . " LIMIT $value_page_start, $per_page"; | |
| 486 | - | ||
| 487 | - | // Previous | |
| 488 | - | if ($prev_value_page) { | |
| 489 | - | echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'option_order_by=' . $option_order_by . '&value_page=' . $prev_value_page) . '"> << </a> | '; | |
| 490 | - | } | |
| 491 | - | ||
| 492 | - | for ($i = 1; $i <= $num_pages; $i++) { | |
| 493 | - | if ($i != $value_page) { | |
| 494 | - | echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, (isset($option_order_by) ? 'option_order_by=' . $option_order_by . '&' : '') . 'value_page=' . $i) . '">' . $i . '</a> | '; | |
| 495 | - | } else { | |
| 496 | - | echo '<b><font color=red>' . $i . '</font></b> | '; | |
| 497 | - | } | |
| 498 | - | } | |
| 499 | - | ||
| 500 | - | // Next | |
| 501 | - | if ($value_page != $num_pages) { | |
| 502 | - | echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, (isset($option_order_by) ? 'option_order_by=' . $option_order_by . '&' : '') . 'value_page=' . $next_value_page) . '"> >></a> '; | |
| 503 | - | } | |
| 411 | + | echo $values_split->display_links($values_query_numrows, MAX_ROW_LISTS_OPTIONS, MAX_DISPLAY_PAGE_LINKS, $value_page, 'option_page=' . $option_page . '&attribute_page=' . $attribute_page, 'value_page'); | |
| 504 | 412 | ?> | |
| 505 | 413 | </td> | |
| 506 | 414 | </tr> | |
… |
… |
||
| 528 | 436 | <tr class="<?php echo (floor($rows/2) == ($rows/2) ? 'attributes-even' : 'attributes-odd'); ?>"> | |
| 529 | 437 | <?php | |
| 530 | 438 | if (($action == 'update_option_value') && ($HTTP_GET_VARS['value_id'] == $values_values['products_options_values_id'])) { | |
| 531 | - | echo '<form name="values" action="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=update_value', 'NONSSL') . '" method="post">'; | |
| 439 | + | echo '<form name="values" action="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=update_value&' . $page_info, 'NONSSL') . '" method="post">'; | |
| 532 | 440 | $inputs = ''; | |
| 533 | 441 | for ($i = 0, $n = sizeof($languages); $i < $n; $i ++) { | |
| 534 | 442 | $value_name = tep_db_query("select products_options_values_name from " . TABLE_PRODUCTS_OPTIONS_VALUES . " where products_options_values_id = '" . (int)$values_values['products_options_values_id'] . "' and language_id = '" . (int)$languages[$i]['id'] . "'"); | |
… |
… |
||
| 550 | 458 | ?> | |
| 551 | 459 | </select> </td> | |
| 552 | 460 | <td class="smallText"><?php echo $inputs; ?></td> | |
| 553 | - | <td align="center" class="smallText"> <?php echo tep_image_submit('button_update.gif', IMAGE_UPDATE); ?> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, '', 'NONSSL') . '">'; ?><?php echo tep_image_button('button_cancel.gif', IMAGE_CANCEL); ?></a> </td> | |
| 461 | + | <td align="center" class="smallText"> <?php echo tep_image_submit('button_update.gif', IMAGE_UPDATE); ?> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info, 'NONSSL') . '">'; ?><?php echo tep_image_button('button_cancel.gif', IMAGE_CANCEL); ?></a> </td> | |
| 554 | 462 | <?php | |
| 555 | 463 | echo '</form>'; | |
| 556 | 464 | } else { | |
| 557 | 465 | ?> | |
| 558 | 466 | <td align="center" class="smallText"> <?php echo $values_values["products_options_values_id"]; ?> </td> | |
| 559 | 467 | <td align="center" class="smallText"> <?php echo $options_name; ?> </td> | |
| 560 | 468 | <td class="smallText"> <?php echo $values_name; ?> </td> | |
| 561 | - | <td align="center" class="smallText"> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=update_option_value&value_id=' . $values_values['products_options_values_id'] . (isset($HTTP_GET_VARS['value_page']) ? '&value_page=' . $HTTP_GET_VARS['value_page'] : ''), 'NONSSL') . '">'; ?><?php echo tep_image_button('button_edit.gif', IMAGE_UPDATE); ?></a> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_option_value&value_id=' . $values_values['products_options_values_id'], 'NONSSL') , '">'; ?><?php echo tep_image_button('button_delete.gif', IMAGE_DELETE); ?></a> </td> | |
| 469 | + | <td align="center" class="smallText"> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=update_option_value&value_id=' . $values_values['products_options_values_id'] . '&' . $page_info, 'NONSSL') . '">'; ?><?php echo tep_image_button('button_edit.gif', IMAGE_UPDATE); ?></a> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_option_value&value_id=' . $values_values['products_options_values_id'] . '&' . $page_info, 'NONSSL') , '">'; ?><?php echo tep_image_button('button_delete.gif', IMAGE_DELETE); ?></a> </td> | |
| 562 | 470 | <?php | |
| 563 | 471 | } | |
| 564 | 472 | $max_values_id_query = tep_db_query("select max(products_options_values_id) + 1 as next_id from " . TABLE_PRODUCTS_OPTIONS_VALUES); | |
… |
… |
||
| 575 | 483 | ?> | |
| 576 | 484 | <tr class="<?php echo (floor($rows/2) == ($rows/2) ? 'attributes-even' : 'attributes-odd'); ?>"> | |
| 577 | 485 | <?php | |
| 578 | - | echo '<form name="values" action="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=add_product_option_values&value_page=' . $value_page, 'NONSSL') . '" method="post">'; | |
| 486 | + | echo '<form name="values" action="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=add_product_option_values&' . $page_info, 'NONSSL') . '" method="post">'; | |
| 579 | 487 | ?> | |
| 580 | 488 | <td align="center" class="smallText"> <?php echo $next_id; ?> </td> | |
| 581 | 489 | <td align="center" class="smallText"> <select name="option_id"> | |
… |
… |
||
| 611 | 519 | </tr> | |
| 612 | 520 | <!-- products_attributes //--> | |
| 613 | 521 | <tr> | |
| 522 | + | <td class="smallText"> </td> | |
| 523 | + | </tr> | |
| 524 | + | <tr> | |
| 614 | 525 | <td width="100%"><table border="0" width="100%" cellspacing="0" cellpadding="0"> | |
| 615 | 526 | <tr> | |
| 616 | 527 | <td class="pageHeading"> <?php echo HEADING_TITLE_ATRIB; ?> </td> | |
| 617 | - | <td> <?php echo tep_image(DIR_WS_IMAGES . 'pixel_trans.gif', '', '1', '53'); ?> </td> | |
| 618 | 528 | </tr> | |
| 619 | 529 | </table></td> | |
| 620 | 530 | </tr> | |
… |
… |
||
| 625 | 535 | } else { | |
| 626 | 536 | $form_action = 'add_product_attributes'; | |
| 627 | 537 | } | |
| 628 | - | ||
| 629 | - | if (!isset($attribute_page)) { | |
| 630 | - | $attribute_page = 1; | |
| 631 | - | } | |
| 632 | - | $prev_attribute_page = $attribute_page - 1; | |
| 633 | - | $next_attribute_page = $attribute_page + 1; | |
| 634 | 538 | ?> | |
| 635 | - | <td><form name="attributes" action="<?php echo tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=' . $form_action . '&option_page=' . $option_page . '&value_page=' . $value_page . '&attribute_page=' . $attribute_page); ?>" method="post"><table border="0" width="100%" cellspacing="0" cellpadding="2"> | |
| 539 | + | <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> | |
| 636 | 540 | <tr> | |
| 637 | - | <td colspan="7" class="smallText"> | |
| 541 | + | <td class="smallText" align="right"> | |
| 638 | 542 | <?php | |
| 639 | - | $per_page = MAX_ROW_LISTS_OPTIONS; | |
| 640 | 543 | $attributes = "select pa.* from " . TABLE_PRODUCTS_ATTRIBUTES . " pa left join " . TABLE_PRODUCTS_DESCRIPTION . " pd on pa.products_id = pd.products_id and pd.language_id = '" . (int)$languages_id . "' order by pd.products_name"; | |
| 641 | - | $attribute_query = tep_db_query($attributes); | |
| 544 | + | $attributes_split = new splitPageResults($attribute_page, MAX_ROW_LISTS_OPTIONS, $attributes, $attributes_query_numrows); | |
| 642 | 545 | ||
| 643 | - | $attribute_page_start = ($per_page * $attribute_page) - $per_page; | |
| 644 | - | $num_rows = tep_db_num_rows($attribute_query); | |
| 645 | - | ||
| 646 | - | if ($num_rows <= $per_page) { | |
| 647 | - | $num_pages = 1; | |
| 648 | - | } else if (($num_rows % $per_page) == 0) { | |
| 649 | - | $num_pages = ($num_rows / $per_page); | |
| 650 | - | } else { | |
| 651 | - | $num_pages = ($num_rows / $per_page) + 1; | |
| 652 | - | } | |
| 653 | - | $num_pages = (int) $num_pages; | |
| 654 | - | ||
| 655 | - | $attributes = $attributes . " LIMIT $attribute_page_start, $per_page"; | |
| 656 | - | ||
| 657 | - | // Previous | |
| 658 | - | if ($prev_attribute_page) { | |
| 659 | - | echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'attribute_page=' . $prev_attribute_page) . '"> << </a> | '; | |
| 660 | - | } | |
| 661 | - | ||
| 662 | - | for ($i = 1; $i <= $num_pages; $i++) { | |
| 663 | - | if ($i != $attribute_page) { | |
| 664 | - | echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'attribute_page=' . $i) . '">' . $i . '</a> | '; | |
| 665 | - | } else { | |
| 666 | - | echo '<b><font color="red">' . $i . '</font></b> | '; | |
| 667 | - | } | |
| 668 | - | } | |
| 669 | - | ||
| 670 | - | // Next | |
| 671 | - | if ($attribute_page != $num_pages) { | |
| 672 | - | echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'attribute_page=' . $next_attribute_page) . '"> >> </a>'; | |
| 673 | - | } | |
| 546 | + | echo $attributes_split->display_links($attributes_query_numrows, MAX_ROW_LISTS_OPTIONS, MAX_DISPLAY_PAGE_LINKS, $attribute_page, 'option_page=' . $option_page . '&value_page=' . $value_page, 'attribute_page'); | |
| 674 | 547 | ?> | |
| 675 | 548 | </td> | |
| 676 | 549 | </tr> | |
| 550 | + | </table> | |
| 551 | + | <form name="attributes" action="<?php echo tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=' . $form_action . '&' . $page_info); ?>" method="post"><table border="0" width="100%" cellspacing="0" cellpadding="2"> | |
| 677 | 552 | <tr> | |
| 678 | 553 | <td colspan="7"><?php echo tep_black_line(); ?></td> | |
| 679 | 554 | </tr> | |
… |
… |
||
| 741 | 616 | </select> </td> | |
| 742 | 617 | <td align="right" class="smallText"> <input type="text" name="value_price" value="<?php echo $attributes_values['options_values_price']; ?>" size="6"> </td> | |
| 743 | 618 | <td align="center" class="smallText"> <input type="text" name="price_prefix" value="<?php echo $attributes_values['price_prefix']; ?>" size="2"> </td> | |
| 744 | - | <td align="center" class="smallText"> <?php echo tep_image_submit('button_update.gif', IMAGE_UPDATE); ?> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, '&attribute_page=' . $attribute_page, 'NONSSL') . '">'; ?><?php echo tep_image_button('button_cancel.gif', IMAGE_CANCEL); ?></a> </td> | |
| 619 | + | <td align="center" class="smallText"> <?php echo tep_image_submit('button_update.gif', IMAGE_UPDATE); ?> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info, 'NONSSL') . '">'; ?><?php echo tep_image_button('button_cancel.gif', IMAGE_CANCEL); ?></a> </td> | |
| 745 | 620 | <?php | |
| 746 | 621 | if (DOWNLOAD_ENABLED == 'true') { | |
| 747 | 622 | $download_query_raw ="select products_attributes_filename, products_attributes_maxdays, products_attributes_maxcount | |
… |
… |
||
| 784 | 659 | <td class="smallText"> <b><?php echo $values_name; ?></b> </td> | |
| 785 | 660 | <td align="right" class="smallText"> <b><?php echo $attributes_values["options_values_price"]; ?></b> </td> | |
| 786 | 661 | <td align="center" class="smallText"> <b><?php echo $attributes_values["price_prefix"]; ?></b> </td> | |
| 787 | - | <td align="center" class="smallText"> <b><?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_attribute&attribute_id=' . $HTTP_GET_VARS['attribute_id']) . '">'; ?><?php echo tep_image_button('button_confirm.gif', IMAGE_CONFIRM); ?></a> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, '&option_page=' . $option_page . '&value_page=' . $value_page . '&attribute_page=' . $attribute_page, 'NONSSL') . '">'; ?><?php echo tep_image_button('button_cancel.gif', IMAGE_CANCEL); ?></a> </b></td> | |
| 662 | + | <td align="center" class="smallText"> <b><?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_attribute&attribute_id=' . $HTTP_GET_VARS['attribute_id'] . '&' . $page_info) . '">'; ?><?php echo tep_image_button('button_confirm.gif', IMAGE_CONFIRM); ?></a> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info, 'NONSSL') . '">'; ?><?php echo tep_image_button('button_cancel.gif', IMAGE_CANCEL); ?></a> </b></td> | |
| 788 | 663 | <?php | |
| 789 | 664 | } else { | |
| 790 | 665 | ?> | |
… |
… |
||
| 794 | 669 | <td class="smallText"> <?php echo $values_name; ?> </td> | |
| 795 | 670 | <td align="right" class="smallText"> <?php echo $attributes_values["options_values_price"]; ?> </td> | |
| 796 | 671 | <td align="center" class="smallText"> <?php echo $attributes_values["price_prefix"]; ?> </td> | |
| 797 | - | <td align="center" class="smallText"> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=update_attribute&attribute_id=' . $attributes_values['products_attributes_id'] . '&attribute_page=' . $attribute_page, 'NONSSL') . '">'; ?><?php echo tep_image_button('button_edit.gif', IMAGE_UPDATE); ?></a> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_product_attribute&attribute_id=' . $attributes_values['products_attributes_id'] . '&attribute_page=' . $attribute_page, 'NONSSL') , '">'; ?><?php echo tep_image_button('button_delete.gif', IMAGE_DELETE); ?></a> </td> | |
| 672 | + | <td align="center" class="smallText"> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=update_attribute&attribute_id=' . $attributes_values['products_attributes_id'] . '&' . $page_info, 'NONSSL') . '">'; ?><?php echo tep_image_button('button_edit.gif', IMAGE_UPDATE); ?></a> <?php echo '<a href="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_product_attribute&attribute_id=' . $attributes_values['products_attributes_id'] . '&' . $page_info, 'NONSSL') , '">'; ?><?php echo tep_image_button('button_delete.gif', IMAGE_DELETE); ?></a> </td> | |
| 798 | 673 | <?php | |
| 799 | 674 | } | |
| 800 | 675 | $max_attributes_id_query = tep_db_query("select max(products_attributes_id) + 1 as next_id from " . TABLE_PRODUCTS_ATTRIBUTES); |
Added Files
catalog/admin/includes/.htaccess
| # $Id: .htaccess 1775 2008-01-09 19:26:55Z hpdl $ # # This is used with Apache WebServers # The following blocks direct HTTP requests in this directory recursively # # For this to work, you must include the parameter 'Limit' to the AllowOverride configuration # # Example: # #<Directory "/usr/local/apache/htdocs"> # AllowOverride Limit # # 'All' with also work. (This configuration is in your apache/conf/httpd.conf file) # # This does not affect PHP include/require functions # # Example: http://server/catalog/admin/includes/application_top.php will not work <Files *.php> Order Deny,Allow Deny from all </Files> |
Affected Files
catalog/admin/modules.php
catalog/admin/includes/languages/english/modules.php
catalog/admin/includes/languages/espanol/modules.php
catalog/admin/includes/languages/german/modules.php
| 143 | 143 | $module_info = array('code' => $module->code, | |
| 144 | 144 | 'title' => $module->title, | |
| 145 | 145 | 'description' => $module->description, | |
| 146 | - | 'status' => $module->check()); | |
| 146 | + | 'status' => $module->check(), | |
| 147 | + | 'signature' => (isset($module->signature) ? $module->signature : null)); | |
| 147 | 148 | ||
| 148 | 149 | $module_keys = $module->keys(); | |
| 149 | 150 | ||
… |
… |
||
| 251 | 252 | $keys = substr($keys, 0, strrpos($keys, '<br><br>')); | |
| 252 | 253 | ||
| 253 | 254 | $contents[] = array('align' => 'center', 'text' => '<a href="' . tep_href_link(FILENAME_MODULES, 'set=' . $set . '&module=' . $mInfo->code . '&action=remove') . '">' . tep_image_button('button_module_remove.gif', IMAGE_MODULE_REMOVE) . '</a> <a href="' . tep_href_link(FILENAME_MODULES, 'set=' . $set . (isset($HTTP_GET_VARS['module']) ? '&module=' . $HTTP_GET_VARS['module'] : '') . '&action=edit') . '">' . tep_image_button('button_edit.gif', IMAGE_EDIT) . '</a>'); | |
| 255 | + | ||
| 256 | + | if (isset($mInfo->signature) && (list($scode, $smodule, $sversion, $soscversion) = explode('|', $mInfo->signature))) { | |
| 257 | + | $contents[] = array('text' => '<br>' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ' <b>' . TEXT_INFO_VERSION . '</b> ' . $sversion . ' (<a href="http://sig.oscommerce.com/' . $mInfo->signature . '" target="_blank">' . TEXT_INFO_ONLINE_STATUS . '</a>)'); | |
| 258 | + | } | |
| 259 | + | ||
| 254 | 260 | $contents[] = array('text' => '<br>' . $mInfo->description); | |
| 255 | 261 | $contents[] = array('text' => '<br>' . $keys); | |
| 256 | 262 | } else { | |
| 257 | 263 | $contents[] = array('align' => 'center', 'text' => '<a href="' . tep_href_link(FILENAME_MODULES, 'set=' . $set . '&module=' . $mInfo->code . '&action=install') . '">' . tep_image_button('button_module_install.gif', IMAGE_MODULE_INSTALL) . '</a>'); | |
| 264 | + | ||
| 265 | + | if (isset($mInfo->signature) && (list($scode, $smodule, $sversion, $soscversion) = explode('|', $mInfo->signature))) { | |
| 266 | + | $contents[] = array('text' => '<br>' . tep_image(DIR_WS_IMAGES . 'icon_info.gif', IMAGE_ICON_INFO) . ' <b>' . TEXT_INFO_VERSION . '</b> ' . $sversion . ' (<a href="http://sig.oscommerce.com/' . $mInfo->signature . '" target="_blank">' . TEXT_INFO_ONLINE_STATUS . '</a>)'); | |
| 267 | + | } | |
| 268 | + | ||
| 258 | 269 | $contents[] = array('text' => '<br>' . $mInfo->description); | |
| 259 | 270 | } | |
| 260 | 271 | break; |
| 18 | 18 | define('TABLE_HEADING_SORT_ORDER', 'Sort Order'); | |
| 19 | 19 | define('TABLE_HEADING_ACTION', 'Action'); | |
| 20 | 20 | ||
| 21 | + | define('TEXT_INFO_VERSION', 'Version:'); | |
| 22 | + | define('TEXT_INFO_ONLINE_STATUS', 'online status'); | |
| 23 | + | ||
| 21 | 24 | define('TEXT_MODULE_DIRECTORY', 'Module Directory:'); | |
| 22 | 25 | ?> |
| 18 | 18 | define('TABLE_HEADING_SORT_ORDER', 'Orden'); | |
| 19 | 19 | define('TABLE_HEADING_ACTION', 'Acción'); | |
| 20 | 20 | ||
| 21 | + | define('TEXT_INFO_VERSION', 'Versión:'); | |
| 22 | + | define('TEXT_INFO_ONLINE_STATUS', 'online status'); | |
| 23 | + | ||
| 21 | 24 | define('TEXT_MODULE_DIRECTORY', 'Directorio de módulos:'); | |
| 22 | 25 | ?> |
| 18 | 18 | define('TABLE_HEADING_SORT_ORDER', 'Reihenfolge'); | |
| 19 | 19 | define('TABLE_HEADING_ACTION', 'Aktion'); | |
| 20 | 20 | ||
| 21 | + | define('TEXT_INFO_VERSION', 'Version:'); | |
| 22 | + | define('TEXT_INFO_ONLINE_STATUS', 'online status'); | |
| 23 | + | ||
| 21 | 24 | define('TEXT_MODULE_DIRECTORY', 'Modul Verzeichnis:'); | |
| 22 | 25 | ?> |
Affected Files
catalog/admin/backup.php
catalog/admin/includes/functions/compatibility.php
| 206 | 206 | ||
| 207 | 207 | if (isset($restore_query)) { | |
| 208 | 208 | $sql_array = array(); | |
| 209 | + | $drop_table_names = array(); | |
| 209 | 210 | $sql_length = strlen($restore_query); | |
| 210 | 211 | $pos = strpos($restore_query, ';'); | |
| 211 | 212 | for ($i=$pos; $i<$sql_length; $i++) { | |
… |
… |
||
| 239 | 240 | $next = 'insert'; | |
| 240 | 241 | } | |
| 241 | 242 | if ( (eregi('create', $next)) || (eregi('insert', $next)) || (eregi('drop t', $next)) ) { | |
| 243 | + | $query = substr($restore_query, 0, $i); | |
| 244 | + | ||
| 242 | 245 | $next = ''; | |
| 243 | - | $sql_array[] = substr($restore_query, 0, $i); | |
| 246 | + | $sql_array[] = $query; | |
| 244 | 247 | $restore_query = ltrim(substr($restore_query, $i+1)); | |
| 245 | 248 | $sql_length = strlen($restore_query); | |
| 246 | 249 | $i = strpos($restore_query, ';')-1; | |
| 250 | + | ||
| 251 | + | if (eregi('^create*', $query)) { | |
| 252 | + | $table_name = trim(substr($query, stripos($query, 'table ')+6)); | |
| 253 | + | $table_name = substr($table_name, 0, strpos($table_name, ' ')); | |
| 254 | + | ||
| 255 | + | $drop_table_names[] = $table_name; | |
| 256 | + | } | |
| 247 | 257 | } | |
| 248 | 258 | } | |
| 249 | 259 | } | |
| 250 | 260 | ||
| 251 | - | tep_db_query("drop table if exists address_book, address_format, administrators, banners, banners_history, categories, categories_description, configuration, configuration_group, counter, counter_history, countries, currencies, customers, customers_basket, customers_basket_attributes, customers_info, languages, manufacturers, manufacturers_info, orders, orders_products, orders_status, orders_status_history, orders_products_attributes, orders_products_download, products, products_attributes, products_attributes_download, prodcts_description, products_options, products_options_values, products_options_values_to_products_options, products_to_categories, reviews, reviews_description, sessions, specials, tax_class, tax_rates, geo_zones, whos_online, zones, zones_to_geo_zones"); | |
| 261 | + | tep_db_query('drop table if exists ' . implode(', ', $drop_table_names)); | |
| 252 | 262 | ||
| 253 | 263 | for ($i=0, $n=sizeof($sql_array); $i<$n; $i++) { | |
| 254 | 264 | tep_db_query($sql_array[$i]); | |
… |
… |
||
| 362 | 372 | $dir = dir(DIR_FS_BACKUP); | |
| 363 | 373 | $contents = array(); | |
| 364 | 374 | while ($file = $dir->read()) { | |
| 365 | - | if (!is_dir(DIR_FS_BACKUP . $file)) { | |
| 375 | + | if (!is_dir(DIR_FS_BACKUP . $file) && in_array(substr($file, -3), array('zip', 'sql', '.gz'))) { | |
| 366 | 376 | $contents[] = $file; | |
| 367 | 377 | } | |
| 368 | 378 | } |
| 237 | 237 | return implode($arg_separator, $tmp); | |
| 238 | 238 | } | |
| 239 | 239 | } | |
| 240 | + | ||
| 241 | + | /* | |
| 242 | + | * stripos() natively supported from PHP 5.0 | |
| 243 | + | * From Pear::PHP_Compat | |
| 244 | + | */ | |
| 245 | + | ||
| 246 | + | if (!function_exists('stripos')) { | |
| 247 | + | function stripos($haystack, $needle, $offset = null) { | |
| 248 | + | $fix = 0; | |
| 249 | + | ||
| 250 | + | if (!is_null($offset)) { | |
| 251 | + | if ($offset > 0) { | |
| 252 | + | $haystack = substr($haystack, $offset, strlen($haystack) - $offset); | |
| 253 | + | $fix = $offset; | |
| 254 | + | } | |
| 255 | + | } | |
| 256 | + | ||
| 257 | + | $segments = explode(strtolower($needle), strtolower($haystack), 2); | |
| 258 | + | ||
| 259 | + | // Check there was a match | |
| 260 | + | if (count($segments) == 1) { | |
| 261 | + | return false; | |
| 262 | + | } | |
| 263 | + | ||
| 264 | + | $position = strlen($segments[0]) + $fix; | |
| 265 | + | ||
| 266 | + | return $position; | |
| 267 | + | } | |
| 268 | + | } | |
| 240 | 269 | ?> |
Affected Files
catalog/includes/modules/new_products.php
| 18 | 18 | new contentBoxHeading($info_box_contents); | |
| 19 | 19 | ||
| 20 | 20 | if ( (!isset($new_products_category_id)) || ($new_products_category_id == '0') ) { | |
| 21 | - | $new_products_query = tep_db_query("select p.products_id, p.products_image, p.products_tax_class_id, if(s.status, s.specials_new_products_price, p.products_price) as products_price from " . TABLE_PRODUCTS . " p left join " . TABLE_SPECIALS . " s on p.products_id = s.products_id where products_status = '1' order by p.products_date_added desc limit " . MAX_DISPLAY_NEW_PRODUCTS); | |
| 21 | + | $new_products_query = tep_db_query("select p.products_id, p.products_image, p.products_tax_class_id, pd.products_name, if(s.status, s.specials_new_products_price, p.products_price) as products_price from " . TABLE_PRODUCTS . " p left join " . TABLE_SPECIALS . " s on p.products_id = s.products_id, " . TABLE_PRODUCTS_DESCRIPTION . " pd where p.products_status = '1' and p.products_id = pd.products_id and pd.language_id = '" . (int)$languages_id . "' order by p.products_date_added desc limit " . MAX_DISPLAY_NEW_PRODUCTS); | |
| 22 | 22 | } else { | |
| 23 | - | $new_products_query = tep_db_query("select distinct p.products_id, p.products_image, p.products_tax_class_id, if(s.status, s.specials_new_products_price, p.products_price) as products_price from " . TABLE_PRODUCTS . " p left join " . TABLE_SPECIALS . " s on p.products_id = s.products_id, " . TABLE_PRODUCTS_TO_CATEGORIES . " p2c, " . TABLE_CATEGORIES . " c where p.products_id = p2c.products_id and p2c.categories_id = c.categories_id and c.parent_id = '" . (int)$new_products_category_id . "' and p.products_status = '1' order by p.products_date_added desc limit " . MAX_DISPLAY_NEW_PRODUCTS); | |
| 23 | + | $new_products_query = tep_db_query("select distinct p.products_id, p.products_image, p.products_tax_class_id, pd.products_name, if(s.status, s.specials_new_products_price, p.products_price) as products_price from " . TABLE_PRODUCTS . " p left join " . TABLE_SPECIALS . " s on p.products_id = s.products_id, " . TABLE_PRODUCTS_DESCRIPTION . " pd, " . TABLE_PRODUCTS_TO_CATEGORIES . " p2c, " . TABLE_CATEGORIES . " c where p.products_id = p2c.products_id and p2c.categories_id = c.categories_id and c.parent_id = '" . (int)$new_products_category_id . "' and p.products_status = '1' and p.products_id = pd.products_id and pd.language_id = '" . (int)$languages_id . "' order by p.products_date_added desc limit " . MAX_DISPLAY_NEW_PRODUCTS); | |
| 24 | 24 | } | |
| 25 | 25 | ||
| 26 | 26 | $row = 0; | |
| 27 | 27 | $col = 0; | |
| 28 | 28 | $info_box_contents = array(); | |
| 29 | 29 | while ($new_products = tep_db_fetch_array($new_products_query)) { | |
| 30 | - | $new_products['products_name'] = tep_get_products_name($new_products['products_id']); | |
| 31 | 30 | $info_box_contents[$row][$col] = array('align' => 'center', | |
| 32 | 31 | 'params' => 'class="smallText" width="33%" valign="top"', | |
| 33 | 32 | 'text' => '<a href="' . tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $new_products['products_id']) . '">' . tep_image(DIR_WS_IMAGES . $new_products['products_image'], $new_products['products_name'], SMALL_IMAGE_WIDTH, SMALL_IMAGE_HEIGHT) . '</a><br><a href="' . tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $new_products['products_id']) . '">' . $new_products['products_name'] . '</a><br>' . $currencies->display_price($new_products['products_price'], tep_get_tax_rate($new_products['products_tax_class_id']))); |