| [ Index ] |
PHP Cross Reference of phpwcms V1.4.3 _r380 (23.11.09) |
[Summary view] [Print] [Text view]
1 <?php 2 /************************************************************************************* 3 Copyright notice 4 5 (c) 2002-2009 Oliver Georgi (oliver@phpwcms.de) // All rights reserved. 6 7 This script is part of PHPWCMS. The PHPWCMS web content management system is 8 free software; you can redistribute it and/or modify it under the terms of 9 the GNU General Public License as published by the Free Software Foundation; 10 either version 2 of the License, or (at your option) any later version. 11 12 The GNU General Public License can be found at http://www.gnu.org/copyleft/gpl.html 13 A copy is found in the textfile GPL.txt and important notices to the license 14 from the author is found in LICENSE.txt distributed with these scripts. 15 16 This script is distributed in the hope that it will be useful, but WITHOUT ANY 17 WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A 18 PARTICULAR PURPOSE. See the GNU General Public License for more details. 19 20 This copyright notice MUST APPEAR in all copies of the script! 21 *************************************************************************************/ 22 23 // ---------------------------------------------------------------- 24 // obligate check for phpwcms constants 25 if (!defined('PHPWCMS_ROOT')) { 26 die("You Cannot Access This Script Directly, Have a Nice Day."); 27 } 28 // ---------------------------------------------------------------- 29 30 31 if($action == 'edit') { 32 33 34 $plugin['data']['shopprod_id'] = intval($_GET['edit']); 35 36 if(isset($_POST['shopprod_id']) ) { 37 38 // check if form should be closed only -> and back to listing mode 39 if( isset($_POST['close']) ) { 40 headerRedirect( shop_url('controller=prod', '') ); 41 } 42 43 $plugin['data']['shopprod_changedate'] = time(); 44 45 $plugin['data']['shopprod_name1'] = clean_slweg($_POST['shopprod_name1']); 46 $plugin['data']['shopprod_name2'] = clean_slweg($_POST['shopprod_name2']); 47 48 $plugin['data']['shopprod_ordernumber'] = clean_slweg($_POST['shopprod_ordernumber']); 49 $plugin['data']['shopprod_model'] = clean_slweg($_POST['shopprod_model']); 50 51 $plugin['data']['shopprod_price'] = clean_slweg($_POST['shopprod_price']); 52 $plugin['data']['shopprod_vat'] = abs(floatval($_POST['shopprod_vat'])); 53 $plugin['data']['shopprod_weight'] = clean_slweg($_POST['shopprod_weight']); 54 55 $plugin['data']['shopprod_size'] = clean_slweg($_POST['shopprod_size']); 56 $plugin['data']['shopprod_color'] = clean_slweg($_POST['shopprod_color']); 57 58 $plugin['data']['shopprod_size'] = explode(LF, $plugin['data']['shopprod_size']); 59 natsort($plugin['data']['shopprod_size']); 60 $plugin['data']['shopprod_size'] = implode(LF, $plugin['data']['shopprod_size']); 61 62 $plugin['data']['shopprod_color'] = explode(LF, $plugin['data']['shopprod_color']); 63 natsort($plugin['data']['shopprod_color']); 64 $plugin['data']['shopprod_color'] = implode(LF, $plugin['data']['shopprod_color']); 65 66 67 $plugin['data']['shopprod_netgross'] = empty($_POST['shopprod_netgross']) ? 0 : 1; //0 = net, 1 = gross 68 69 $plugin['data']['shopprod_description0'] = slweg($_POST['shopprod_description0']); 70 $plugin['data']['shopprod_description1'] = slweg($_POST['shopprod_description1']); 71 $plugin['data']['shopprod_description2'] = clean_slweg($_POST['shopprod_description2']); 72 $plugin['data']['shopprod_description3'] = clean_slweg($_POST['shopprod_description3']); 73 74 $plugin['data']['shopprod_url'] = clean_slweg($_POST['shopprod_url']); 75 76 $plugin['data']['shopprod_status'] = empty($_POST['shopprod_status']) ? 0 : 1; 77 $plugin['data']['shopprod_listall'] = empty($_POST['shopprod_listall']) ? 0 : 1; 78 79 $plugin['data']['shopprod_category'] = isset($_POST['shopprod_category']) && is_array($_POST['shopprod_category']) ? $_POST['shopprod_category'] : array(); 80 81 if(!$plugin['data']['shopprod_name1']) { 82 $plugin['error']['shopprod_name1'] = 'No name'; 83 } 84 if(!$plugin['data']['shopprod_ordernumber']) { 85 $plugin['error']['shopprod_ordernumber'] = 'No order number'; 86 } else { 87 $sql = 'SELECT COUNT(shopprod_id) FROM '.DB_PREPEND.'phpwcms_shop_products WHERE '; 88 if($plugin['data']['shopprod_id']) $sql .= 'shopprod_id != '.$plugin['data']['shopprod_id'].' AND '; 89 $sql .= "shopprod_ordernumber LIKE '" . aporeplace($plugin['data']['shopprod_ordernumber']) . "'"; 90 if(_dbCount($sql)) $plugin['error']['shopprod_ordernumber'] = 'Unique order number necessary'; 91 } 92 93 $plugin['data']['shopprod_price'] = str_replace($BLM['thousands_sep'], '', $plugin['data']['shopprod_price']); 94 $plugin['data']['shopprod_price'] = str_replace($BLM['dec_point'], '.', $plugin['data']['shopprod_price']); 95 $plugin['data']['shopprod_price'] = floatval($plugin['data']['shopprod_price']); 96 if(abs($plugin['data']['shopprod_price']) > 10000000000) { 97 $plugin['error']['shopprod_price'] = 'Check price'; 98 } 99 100 $plugin['data']['shopprod_weight'] = str_replace($BLM['thousands_sep'], '', $plugin['data']['shopprod_weight']); 101 $plugin['data']['shopprod_weight'] = str_replace($BLM['dec_point'], '.', $plugin['data']['shopprod_weight']); 102 $plugin['data']['shopprod_weight'] = floatval($plugin['data']['shopprod_weight']); 103 104 $plugin['data']['shopprod_tag'] = strtolower( preg_replace('/[^0-9a-z, \-_]/i', '', remove_accents($_POST['shopprod_tag']) ) ); 105 $plugin['data']['shopprod_tag'] = implode(', ', convertStringToArray($plugin['data']['shopprod_tag'])); 106 107 108 $plugin['data']['shopprod_caption'] = clean_slweg($_POST["shopprod_caption"], 0 , false); 109 $plugin['data']['shopprod_caption'] = explode(LF, $plugin['data']['shopprod_caption']); 110 111 $plugin['data']['shopprod_images'] = isset($_POST['shopprod_images']) && is_array($_POST['shopprod_images']) ? $_POST['shopprod_images'] : array(); 112 113 114 if(is_array($plugin['data']['shopprod_images']) && count($plugin['data']['shopprod_images'])) { 115 116 117 $plugin['data']['shopprod_images'] = array_map('intval', $plugin['data']['shopprod_images']); 118 $plugin['data']['shopprod_images'] = array_diff($plugin['data']['shopprod_images'], array(0,'',NULL,false)); 119 120 if(count($plugin['data']['shopprod_images'])) { 121 122 $img_all = _dbQuery('SELECT * FROM '.DB_PREPEND.'phpwcms_file WHERE f_id IN ('.implode(',', $plugin['data']['shopprod_images']).')'); 123 124 // take all values from db 125 $temp_img_row = array(); 126 foreach($img_all as $value) { 127 $temp_img_row[ $value['f_id'] ] = $value; 128 } 129 130 $img_all = array(); 131 132 // now run though image result - but keep sorting 133 foreach($plugin['data']['shopprod_images'] as $key => $value) { 134 if(isset($temp_img_row[$value])) { 135 136 $img_all[$key]['f_id'] = $temp_img_row[$value]['f_id']; 137 $img_all[$key]['f_name'] = $temp_img_row[$value]['f_name']; 138 $img_all[$key]['f_hash'] = $temp_img_row[$value]['f_hash']; 139 $img_all[$key]['f_ext'] = $temp_img_row[$value]['f_ext']; 140 $img_all[$key]['caption'] = isset($plugin['data']['shopprod_caption'][$key]) ? trim($plugin['data']['shopprod_caption'][$key]) : ''; 141 142 } 143 } 144 145 $plugin['data']['shopprod_caption'] = array(); 146 $plugin['data']['shopprod_images'] = $img_all; 147 unset($img_all); 148 149 } 150 } 151 152 153 154 if(empty($plugin['error'] )) { 155 156 // Update 157 if( $plugin['data']['shopprod_id'] ) { 158 159 $sql = 'UPDATE '.DB_PREPEND.'phpwcms_shop_products SET '; 160 161 $sql .= "shopprod_changedate = '".aporeplace( date('Y-m-d H:i:s', $plugin['data']['shopprod_changedate']) )."', "; 162 $sql .= "shopprod_status = ".$plugin['data']['shopprod_status'].", "; 163 164 $sql .= "shopprod_ordernumber = '".aporeplace($plugin['data']['shopprod_ordernumber'])."', "; 165 $sql .= "shopprod_model = '".aporeplace($plugin['data']['shopprod_model'])."', "; 166 167 $sql .= "shopprod_tag = '".aporeplace($plugin['data']['shopprod_tag'])."', "; 168 169 $sql .= "shopprod_vat = '".aporeplace($plugin['data']['shopprod_vat'])."', "; 170 $sql .= "shopprod_netgross = '".aporeplace($plugin['data']['shopprod_netgross'])."', "; 171 $sql .= "shopprod_price = '".aporeplace($plugin['data']['shopprod_price'])."', "; 172 173 $sql .= "shopprod_name1 = '".aporeplace($plugin['data']['shopprod_name1'])."', "; 174 $sql .= "shopprod_name2 = '".aporeplace($plugin['data']['shopprod_name2'])."', "; 175 176 $sql .= "shopprod_description0 = '".aporeplace($plugin['data']['shopprod_description0'])."', "; 177 $sql .= "shopprod_description1 = '".aporeplace($plugin['data']['shopprod_description1'])."', "; 178 $sql .= "shopprod_description2 = '".aporeplace($plugin['data']['shopprod_description2'])."', "; 179 $sql .= "shopprod_description3 = '".aporeplace($plugin['data']['shopprod_description3'])."', "; 180 181 $sql .= "shopprod_var = '".aporeplace( serialize( array( 182 'images' => $plugin['data']['shopprod_images'], 183 'url' => $plugin['data']['shopprod_url'] 184 ) ) )."', "; 185 186 $sql .= "shopprod_category = '".aporeplace( implode(',', $plugin['data']['shopprod_category']) )."', "; 187 188 $sql .= "shopprod_weight = '".aporeplace($plugin['data']['shopprod_weight'])."', "; 189 $sql .= "shopprod_size = '".aporeplace($plugin['data']['shopprod_size'])."', "; 190 $sql .= "shopprod_color = '".aporeplace($plugin['data']['shopprod_color'])."', "; 191 $sql .= "shopprod_listall = '".aporeplace($plugin['data']['shopprod_listall'])."' "; 192 193 $sql .= "WHERE shopprod_id = " . $plugin['data']['shopprod_id']; 194 195 _dbQuery($sql, 'UPDATE'); 196 197 // INSERT 198 } else { 199 200 $sql = 'INSERT INTO '.DB_PREPEND.'phpwcms_shop_products ('; 201 $sql .= 'shopprod_createdate, shopprod_changedate, shopprod_status, shopprod_ordernumber, shopprod_model, '; 202 $sql .= 'shopprod_name1, shopprod_name2, shopprod_tag, shopprod_vat, shopprod_netgross, shopprod_price, '; 203 $sql .= 'shopprod_maxrebate, shopprod_description0, shopprod_description1, shopprod_description2, '; 204 $sql .= 'shopprod_description3, shopprod_var, shopprod_category, shopprod_weight, shopprod_size, shopprod_color, '; 205 $sql .= 'shopprod_listall) VALUES ('; 206 $sql .= "'".aporeplace( date('Y-m-d H:i:s', $plugin['data']['shopprod_changedate']) )."', "; 207 $sql .= "'".aporeplace( date('Y-m-d H:i:s', $plugin['data']['shopprod_changedate']) )."', "; 208 $sql .= $plugin['data']['shopprod_status'].", "; 209 210 $sql .= "'".aporeplace($plugin['data']['shopprod_ordernumber'])."', "; 211 $sql .= "'".aporeplace($plugin['data']['shopprod_model'])."', "; 212 $sql .= "'".aporeplace($plugin['data']['shopprod_name1'])."', "; 213 $sql .= "'".aporeplace($plugin['data']['shopprod_name2'])."', "; 214 $sql .= "'".aporeplace($plugin['data']['shopprod_tag'])."', "; 215 $sql .= "'".aporeplace($plugin['data']['shopprod_vat'])."', "; 216 $sql .= "'".aporeplace($plugin['data']['shopprod_netgross'])."', "; 217 $sql .= "'".aporeplace($plugin['data']['shopprod_price'])."', "; 218 $sql .= "'".aporeplace('0')."', "; 219 $sql .= "'".aporeplace($plugin['data']['shopprod_description0'])."', "; 220 $sql .= "'".aporeplace($plugin['data']['shopprod_description1'])."', "; 221 $sql .= "'".aporeplace($plugin['data']['shopprod_description2'])."', "; 222 $sql .= "'".aporeplace($plugin['data']['shopprod_description3'])."', "; 223 224 $sql .= "'".aporeplace( serialize( array( 225 'images' => $plugin['data']['shopprod_images'], 226 'url' => $plugin['data']['shopprod_url'] 227 ) ) )."', "; //VAR 228 229 $sql .= "'".aporeplace( implode(',', $plugin['data']['shopprod_category']) ) ."', "; 230 231 $sql .= "'".aporeplace($plugin['data']['shopprod_weight'])."', "; 232 $sql .= "'".aporeplace($plugin['data']['shopprod_size'])."', "; 233 $sql .= "'".aporeplace($plugin['data']['shopprod_color'])."', "; 234 $sql .= "'".aporeplace($plugin['data']['shopprod_listall'])."' "; 235 236 $sql .= ')'; 237 238 $result = _dbQuery($sql, 'INSERT'); 239 240 if( !empty($result['INSERT_ID']) ) { 241 $plugin['data']['shopprod_id'] = $result['INSERT_ID']; 242 } 243 244 } 245 246 // save and back to listing mode 247 if( isset($_POST['save']) ) { 248 headerRedirect( shop_url('controller=prod', '') ); 249 } else { 250 headerRedirect( shop_url( array('controller=prod', 'edit='.$plugin['data']['shopprod_id']), '') ); 251 } 252 253 } 254 255 256 } elseif( $plugin['data']['shopprod_id'] == 0 ) { 257 258 $plugin['data']['shopprod_id'] = 0; 259 $plugin['data']['shopprod_changedate'] = time(); 260 $plugin['data']['shopprod_name1'] = ''; 261 $plugin['data']['shopprod_name2'] = ''; 262 $plugin['data']['shopprod_ordernumber'] = ''; 263 $plugin['data']['shopprod_model'] = ''; 264 $plugin['data']['shopprod_description0'] = ''; 265 $plugin['data']['shopprod_description1'] = ''; 266 $plugin['data']['shopprod_description2'] = ''; 267 $plugin['data']['shopprod_description3'] = ''; 268 $plugin['data']['shopprod_status'] = 1; 269 $plugin['data']['shopprod_price'] = 0; 270 $plugin['data']['shopprod_netgross'] = 0; 271 $plugin['data']['shopprod_vat'] = 0; 272 $plugin['data']['shopprod_tag'] = ''; 273 $plugin['data']['shopprod_category'] = array(); 274 $plugin['data']['shopprod_var'] = array(); 275 $plugin['data']['shopprod_images'] = array(); 276 $plugin['data']['shopprod_caption'] = array(); 277 $plugin['data']['shopprod_weight'] = 0; 278 $plugin['data']['shopprod_size'] = ''; 279 $plugin['data']['shopprod_color'] = ''; 280 $plugin['data']['shopprod_url'] = ''; 281 $plugin['data']['shopprod_listall'] = 0; 282 283 } else { 284 285 $sql = 'SELECT * FROM '.DB_PREPEND.'phpwcms_shop_products WHERE '; 286 $sql .= "shopprod_id = " . $plugin['data']['shopprod_id'] . ' LIMIT 1'; 287 288 $plugin['data'] = _dbQuery($sql); 289 290 if( isset($plugin['data'][0]) ) { 291 $plugin['data'] = $plugin['data'][0]; 292 293 $plugin['data']['shopprod_changedate'] = strtotime($plugin['data']['shopprod_changedate']); 294 $plugin['data']['shopprod_category'] = convertStringToArray($plugin['data']['shopprod_category']); 295 296 $plugin['data']['shopprod_var'] = @unserialize($plugin['data']['shopprod_var']); 297 if(isset($plugin['data']['shopprod_var']['images']) && is_array($plugin['data']['shopprod_var']['images'])) { 298 $plugin['data']['shopprod_images'] = $plugin['data']['shopprod_var']['images']; 299 } else { 300 $plugin['data']['shopprod_images'] = array(); 301 } 302 $plugin['data']['shopprod_caption'] = array(); 303 $plugin['data']['shopprod_url'] = isset($plugin['data']['shopprod_var']['url']) ? $plugin['data']['shopprod_var']['url'] : ''; 304 305 } else { 306 headerRedirect( shop_url('controller=prod', '') ); 307 } 308 309 } 310 311 $sql = 'SELECT C1.cat_id, C1.cat_name, C1.cat_pid, C1.cat_status, '; 312 $sql .= "IFNULL(CONCAT(C2.cat_name, '>', C1.cat_name), C1.cat_name) AS category "; 313 $sql .= 'FROM '.DB_PREPEND.'phpwcms_categories C1 '; 314 $sql .= 'LEFT JOIN '.DB_PREPEND.'phpwcms_categories C2 '; 315 $sql .= 'ON C1.cat_pid=C2.cat_id '; 316 $sql .= "WHERE C1.cat_type='module_shop' AND C1.cat_status!=9 "; 317 $sql .= 'ORDER BY category'; 318 $plugin['data']['categories'] = _dbQuery($sql); 319 320 } elseif($action == 'status') { 321 322 list($plugin['data']['shopprod_id'], $plugin['data']['shopprod_status']) = explode( '-', $_GET['status'] ); 323 324 $plugin['data']['shopprod_id'] = intval($plugin['data']['shopprod_id']); 325 $plugin['data']['shopprod_status'] = empty($plugin['data']['shopprod_status']) ? 1 : 0; 326 327 $sql = 'UPDATE '.DB_PREPEND.'phpwcms_shop_products SET '; 328 $sql .= "shopprod_status = ".$plugin['data']['shopprod_status']." "; 329 $sql .= "WHERE shopprod_id = " . $plugin['data']['shopprod_id']; 330 331 _dbQuery($sql, 'UPDATE'); 332 333 headerRedirect( shop_url('controller=prod', '') ); 334 335 } elseif($action == 'delete') { 336 337 $plugin['data']['shopprod_id'] = intval($_GET['delete']); 338 339 $sql = 'UPDATE '.DB_PREPEND.'phpwcms_shop_products SET '; 340 $sql .= "shopprod_status = 9 "; 341 $sql .= "WHERE shopprod_id = " . $plugin['data']['shopprod_id']; 342 343 _dbQuery($sql, 'UPDATE'); 344 345 headerRedirect( shop_url('controller=prod', '') ); 346 347 } 348 349 350 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Dec 30 05:55:15 2009 | Cross-referenced by PHPXref 0.7 |