[ Index ] |
PHP Cross Reference of phpwcms V1.5.0 _r431 (28.01.12) |
[Summary view] [Print] [Text view]
1 <?php 2 /************************************************************************************* 3 Copyright notice 4 5 (c) 2002-2012 Oliver Georgi <oliver@phpwcms.de> // All rights reserved. 6 7 This script is part of PHPWCMS. The PHPWCMS web content management system is 8 free software; you can redistribute it and/or modify it under the terms of 9 the GNU General Public License as published by the Free Software Foundation; 10 either version 2 of the License, or (at your option) any later version. 11 12 The GNU General Public License can be found at http://www.gnu.org/copyleft/gpl.html 13 A copy is found in the textfile GPL.txt and important notices to the license 14 from the author is found in LICENSE.txt distributed with these scripts. 15 16 This script is distributed in the hope that it will be useful, but WITHOUT ANY 17 WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A 18 PARTICULAR PURPOSE. See the GNU General Public License for more details. 19 20 This copyright notice MUST APPEAR in all copies of the script! 21 *************************************************************************************/ 22 23 // ---------------------------------------------------------------- 24 // obligate check for phpwcms constants 25 if (!defined('PHPWCMS_ROOT')) { 26 die("You Cannot Access This Script Directly, Have a Nice Day."); 27 } 28 // ---------------------------------------------------------------- 29 30 31 if($action == 'edit') { 32 33 34 $plugin['data']['shopprod_id'] = intval($_GET['edit']); 35 36 if(isset($_POST['shopprod_id'])) { 37 38 // check if form should be closed only -> and back to listing mode 39 if( isset($_POST['close']) ) { 40 headerRedirect( shop_url('controller=prod', '') ); 41 } 42 43 $plugin['data']['shopprod_changedate'] = time(); 44 45 $plugin['data']['shopprod_name1'] = clean_slweg($_POST['shopprod_name1']); 46 $plugin['data']['shopprod_name2'] = clean_slweg($_POST['shopprod_name2']); 47 48 $plugin['data']['shopprod_ordernumber'] = clean_slweg($_POST['shopprod_ordernumber']); 49 $plugin['data']['shopprod_model'] = clean_slweg($_POST['shopprod_model']); 50 51 $plugin['data']['shopprod_price'] = clean_slweg($_POST['shopprod_price']); 52 $plugin['data']['shopprod_vat'] = abs(floatval($_POST['shopprod_vat'])); 53 $plugin['data']['shopprod_weight'] = clean_slweg($_POST['shopprod_weight']); 54 55 $plugin['data']['shopprod_size'] = clean_slweg($_POST['shopprod_size']); 56 $plugin['data']['shopprod_color'] = clean_slweg($_POST['shopprod_color']); 57 58 $plugin['data']['shopprod_size'] = explode(LF, $plugin['data']['shopprod_size']); 59 natsort($plugin['data']['shopprod_size']); 60 $plugin['data']['shopprod_size'] = implode(LF, $plugin['data']['shopprod_size']); 61 62 $plugin['data']['shopprod_color'] = explode(LF, $plugin['data']['shopprod_color']); 63 natsort($plugin['data']['shopprod_color']); 64 $plugin['data']['shopprod_color'] = implode(LF, $plugin['data']['shopprod_color']); 65 66 67 $plugin['data']['shopprod_netgross'] = empty($_POST['shopprod_netgross']) ? 0 : 1; //0 = net, 1 = gross 68 69 $plugin['data']['shopprod_description0'] = slweg($_POST['shopprod_description0']); 70 $plugin['data']['shopprod_description1'] = slweg($_POST['shopprod_description1']); 71 $plugin['data']['shopprod_description2'] = clean_slweg($_POST['shopprod_description2']); 72 $plugin['data']['shopprod_description3'] = clean_slweg($_POST['shopprod_description3']); 73 74 $plugin['data']['shopprod_url'] = clean_slweg($_POST['shopprod_url']); 75 76 // Shop product language 77 $plugin['data']['shopprod_lang'] = empty($_POST['shopprod_lang']) ? '' : strtolower(clean_slweg($_POST['shopprod_lang'])); 78 79 $plugin['data']['shopprod_status'] = empty($_POST['shopprod_status']) ? 0 : 1; 80 $plugin['data']['shopprod_listall'] = empty($_POST['shopprod_listall']) ? 0 : 1; 81 82 $plugin['data']['shopprod_category'] = isset($_POST['shopprod_category']) && is_array($_POST['shopprod_category']) ? $_POST['shopprod_category'] : array(); 83 84 if(!$plugin['data']['shopprod_name1']) { 85 $plugin['error']['shopprod_name1'] = 'No name'; 86 } 87 if(!$plugin['data']['shopprod_ordernumber']) { 88 $plugin['error']['shopprod_ordernumber'] = 'No order number'; 89 } else { 90 $sql = 'SELECT COUNT(shopprod_id) FROM '.DB_PREPEND.'phpwcms_shop_products WHERE '; 91 if($plugin['data']['shopprod_id']) $sql .= 'shopprod_id != '.$plugin['data']['shopprod_id'].' AND '; 92 $sql .= "shopprod_ordernumber LIKE '" . aporeplace($plugin['data']['shopprod_ordernumber']) . "'"; 93 //if($plugin['data']['shopprod_lang']) { 94 $sql .= " AND shopprod_lang='" . aporeplace($plugin['data']['shopprod_lang']) . "'"; 95 //} 96 if(_dbCount($sql)) $plugin['error']['shopprod_ordernumber'] = 'Unique order number necessary'; 97 } 98 99 $plugin['data']['shopprod_price'] = str_replace($BLM['thousands_sep'], '', $plugin['data']['shopprod_price']); 100 $plugin['data']['shopprod_price'] = str_replace($BLM['dec_point'], '.', $plugin['data']['shopprod_price']); 101 $plugin['data']['shopprod_price'] = floatval($plugin['data']['shopprod_price']); 102 if(abs($plugin['data']['shopprod_price']) > 10000000000) { 103 $plugin['error']['shopprod_price'] = 'Check price'; 104 } 105 106 $plugin['data']['shopprod_weight'] = str_replace($BLM['thousands_sep'], '', $plugin['data']['shopprod_weight']); 107 $plugin['data']['shopprod_weight'] = str_replace($BLM['dec_point'], '.', $plugin['data']['shopprod_weight']); 108 $plugin['data']['shopprod_weight'] = floatval($plugin['data']['shopprod_weight']); 109 110 $plugin['data']['shopprod_tag'] = strtolower( preg_replace('/[^0-9a-z, \-_]/i', '', phpwcms_remove_accents($_POST['shopprod_tag']) ) ); 111 $plugin['data']['shopprod_tag'] = implode(', ', convertStringToArray($plugin['data']['shopprod_tag'])); 112 113 114 // Images 115 $plugin['data']['shopprod_caption'] = clean_slweg($_POST["shopprod_caption"], 0 , false); 116 $plugin['data']['shopprod_caption'] = explode(LF, $plugin['data']['shopprod_caption']); 117 118 $plugin['data']['shopprod_images'] = isset($_POST['shopprod_images']) && is_array($_POST['shopprod_images']) ? $_POST['shopprod_images'] : array(); 119 120 if(is_array($plugin['data']['shopprod_images']) && count($plugin['data']['shopprod_images'])) { 121 122 $plugin['data']['shopprod_images'] = array_map('intval', $plugin['data']['shopprod_images']); 123 $plugin['data']['shopprod_images'] = array_diff($plugin['data']['shopprod_images'], array(0,'',NULL,false)); 124 125 if(count($plugin['data']['shopprod_images'])) { 126 127 $img_all = _dbQuery('SELECT * FROM '.DB_PREPEND.'phpwcms_file WHERE f_id IN ('.implode(',', $plugin['data']['shopprod_images']).')'); 128 129 // take all values from db 130 $temp_img_row = array(); 131 foreach($img_all as $value) { 132 $temp_img_row[ $value['f_id'] ] = $value; 133 } 134 135 $img_all = array(); 136 137 // now run though image result - but keep sorting 138 foreach($plugin['data']['shopprod_images'] as $key => $value) { 139 if(isset($temp_img_row[$value])) { 140 141 $img_all[$key]['f_id'] = $temp_img_row[$value]['f_id']; 142 $img_all[$key]['f_name'] = $temp_img_row[$value]['f_name']; 143 $img_all[$key]['f_hash'] = $temp_img_row[$value]['f_hash']; 144 $img_all[$key]['f_ext'] = $temp_img_row[$value]['f_ext']; 145 $img_all[$key]['caption'] = isset($plugin['data']['shopprod_caption'][$key]) ? trim($plugin['data']['shopprod_caption'][$key]) : ''; 146 147 } 148 } 149 150 $plugin['data']['shopprod_caption'] = array(); 151 $plugin['data']['shopprod_images'] = $img_all; 152 unset($img_all); 153 154 } 155 } 156 157 // Attachments 158 $plugin['data']['shopprod_filecaption'] = clean_slweg($_POST["shopprod_filecaption"], 0 , false); 159 $plugin['data']['shopprod_filecaption'] = explode(LF, $plugin['data']['shopprod_filecaption']); 160 161 $plugin['data']['shopprod_files'] = isset($_POST['shopprod_files']) && is_array($_POST['shopprod_files']) ? $_POST['shopprod_files'] : array(); 162 163 if(is_array($plugin['data']['shopprod_files']) && count($plugin['data']['shopprod_files'])) { 164 165 $plugin['data']['shopprod_files'] = array_map('intval', $plugin['data']['shopprod_files']); 166 $plugin['data']['shopprod_files'] = array_diff($plugin['data']['shopprod_files'], array(0,'',NULL,false)); 167 168 if(count($plugin['data']['shopprod_files'])) { 169 170 $img_all = _dbQuery('SELECT * FROM '.DB_PREPEND.'phpwcms_file WHERE f_id IN ('.implode(',', $plugin['data']['shopprod_files']).')'); 171 172 // take all values from db 173 $temp_img_row = array(); 174 foreach($img_all as $value) { 175 $temp_img_row[ $value['f_id'] ] = $value; 176 } 177 178 $img_all = array(); 179 180 // now run though image result - but keep sorting 181 foreach($plugin['data']['shopprod_files'] as $key => $value) { 182 if(isset($temp_img_row[$value])) { 183 184 $img_all[$key]['f_id'] = $temp_img_row[$value]['f_id']; 185 $img_all[$key]['f_name'] = $temp_img_row[$value]['f_name']; 186 $img_all[$key]['f_hash'] = $temp_img_row[$value]['f_hash']; 187 $img_all[$key]['f_ext'] = $temp_img_row[$value]['f_ext']; 188 $img_all[$key]['caption'] = isset($plugin['data']['shopprod_filecaption'][$key]) ? trim($plugin['data']['shopprod_filecaption'][$key]) : ''; 189 190 } 191 } 192 193 $plugin['data']['shopprod_filecaption'] = array(); 194 $plugin['data']['shopprod_files'] = $img_all; 195 unset($img_all); 196 197 } 198 } 199 200 // Duplicate it? 201 $plugin['data']['shopprod_duplicate'] = empty($_POST['shopprod_duplicate']) ? 0 : 1; 202 203 if(empty($plugin['error'] )) { 204 205 // Update 206 if( $plugin['data']['shopprod_id'] && $plugin['data']['shopprod_duplicate'] == 0 ) { 207 208 $sql = 'UPDATE '.DB_PREPEND.'phpwcms_shop_products SET '; 209 210 $sql .= "shopprod_changedate = '".aporeplace( date('Y-m-d H:i:s', $plugin['data']['shopprod_changedate']) )."', "; 211 $sql .= "shopprod_status = ".$plugin['data']['shopprod_status'].", "; 212 213 $sql .= "shopprod_ordernumber = '".aporeplace($plugin['data']['shopprod_ordernumber'])."', "; 214 $sql .= "shopprod_model = '".aporeplace($plugin['data']['shopprod_model'])."', "; 215 216 $sql .= "shopprod_tag = '".aporeplace($plugin['data']['shopprod_tag'])."', "; 217 218 $sql .= "shopprod_vat = '".aporeplace($plugin['data']['shopprod_vat'])."', "; 219 $sql .= "shopprod_netgross = '".aporeplace($plugin['data']['shopprod_netgross'])."', "; 220 $sql .= "shopprod_price = '".aporeplace($plugin['data']['shopprod_price'])."', "; 221 222 $sql .= "shopprod_name1 = '".aporeplace($plugin['data']['shopprod_name1'])."', "; 223 $sql .= "shopprod_name2 = '".aporeplace($plugin['data']['shopprod_name2'])."', "; 224 225 $sql .= "shopprod_description0 = '".aporeplace($plugin['data']['shopprod_description0'])."', "; 226 $sql .= "shopprod_description1 = '".aporeplace($plugin['data']['shopprod_description1'])."', "; 227 $sql .= "shopprod_description2 = '".aporeplace($plugin['data']['shopprod_description2'])."', "; 228 $sql .= "shopprod_description3 = '".aporeplace($plugin['data']['shopprod_description3'])."', "; 229 230 $sql .= "shopprod_var = '".aporeplace( serialize( array( 231 'images' => $plugin['data']['shopprod_images'], 232 'url' => $plugin['data']['shopprod_url'], 233 'files' => $plugin['data']['shopprod_files'] 234 ) ) )."', "; 235 236 $sql .= "shopprod_category = '".aporeplace( implode(',', $plugin['data']['shopprod_category']) )."', "; 237 238 $sql .= "shopprod_weight = '".aporeplace($plugin['data']['shopprod_weight'])."', "; 239 $sql .= "shopprod_size = '".aporeplace($plugin['data']['shopprod_size'])."', "; 240 $sql .= "shopprod_color = '".aporeplace($plugin['data']['shopprod_color'])."', "; 241 $sql .= "shopprod_listall = '".aporeplace($plugin['data']['shopprod_listall'])."', "; 242 $sql .= "shopprod_lang = '".aporeplace($plugin['data']['shopprod_lang'])."' "; 243 244 $sql .= "WHERE shopprod_id = " . $plugin['data']['shopprod_id']; 245 246 _dbQuery($sql, 'UPDATE'); 247 248 // INSERT 249 } else { 250 251 $sql = 'INSERT INTO '.DB_PREPEND.'phpwcms_shop_products ('; 252 $sql .= 'shopprod_createdate, shopprod_changedate, shopprod_status, shopprod_ordernumber, shopprod_model, '; 253 $sql .= 'shopprod_name1, shopprod_name2, shopprod_tag, shopprod_vat, shopprod_netgross, shopprod_price, '; 254 $sql .= 'shopprod_maxrebate, shopprod_description0, shopprod_description1, shopprod_description2, '; 255 $sql .= 'shopprod_description3, shopprod_var, shopprod_category, shopprod_weight, shopprod_size, shopprod_color, '; 256 $sql .= 'shopprod_listall, shopprod_lang) VALUES ('; 257 $sql .= "'".aporeplace( date('Y-m-d H:i:s', $plugin['data']['shopprod_changedate']) )."', "; 258 $sql .= "'".aporeplace( date('Y-m-d H:i:s', $plugin['data']['shopprod_changedate']) )."', "; 259 $sql .= $plugin['data']['shopprod_status'].", "; 260 261 $sql .= "'".aporeplace($plugin['data']['shopprod_ordernumber'])."', "; 262 $sql .= "'".aporeplace($plugin['data']['shopprod_model'])."', "; 263 $sql .= "'".aporeplace($plugin['data']['shopprod_name1'])."', "; 264 $sql .= "'".aporeplace($plugin['data']['shopprod_name2'])."', "; 265 $sql .= "'".aporeplace($plugin['data']['shopprod_tag'])."', "; 266 $sql .= "'".aporeplace($plugin['data']['shopprod_vat'])."', "; 267 $sql .= "'".aporeplace($plugin['data']['shopprod_netgross'])."', "; 268 $sql .= "'".aporeplace($plugin['data']['shopprod_price'])."', "; 269 $sql .= "'".aporeplace('0')."', "; 270 $sql .= "'".aporeplace($plugin['data']['shopprod_description0'])."', "; 271 $sql .= "'".aporeplace($plugin['data']['shopprod_description1'])."', "; 272 $sql .= "'".aporeplace($plugin['data']['shopprod_description2'])."', "; 273 $sql .= "'".aporeplace($plugin['data']['shopprod_description3'])."', "; 274 275 $sql .= "'".aporeplace( serialize( array( 276 'images' => $plugin['data']['shopprod_images'], 277 'url' => $plugin['data']['shopprod_url'], 278 'files' => $plugin['data']['shopprod_files'] 279 ) ) )."', "; //VAR 280 281 $sql .= "'".aporeplace( implode(',', $plugin['data']['shopprod_category']) ) ."', "; 282 283 $sql .= "'".aporeplace($plugin['data']['shopprod_weight'])."', "; 284 $sql .= "'".aporeplace($plugin['data']['shopprod_size'])."', "; 285 $sql .= "'".aporeplace($plugin['data']['shopprod_color'])."', "; 286 $sql .= "'".aporeplace($plugin['data']['shopprod_listall'])."', "; 287 $sql .= "'".aporeplace($plugin['data']['shopprod_lang'])."' "; 288 289 $sql .= ')'; 290 291 $result = _dbQuery($sql, 'INSERT'); 292 293 if( !empty($result['INSERT_ID']) ) { 294 $plugin['data']['shopprod_id'] = $result['INSERT_ID']; 295 } 296 297 } 298 299 // save and back to listing mode 300 if( isset($_POST['save']) ) { 301 headerRedirect( shop_url('controller=prod', '') ); 302 } else { 303 headerRedirect( shop_url( array('controller=prod', 'edit='.$plugin['data']['shopprod_id']), '') ); 304 } 305 306 } 307 308 309 } elseif( $plugin['data']['shopprod_id'] == 0 ) { 310 311 $plugin['data']['shopprod_id'] = 0; 312 $plugin['data']['shopprod_changedate'] = time(); 313 $plugin['data']['shopprod_name1'] = ''; 314 $plugin['data']['shopprod_name2'] = ''; 315 $plugin['data']['shopprod_ordernumber'] = ''; 316 $plugin['data']['shopprod_model'] = ''; 317 $plugin['data']['shopprod_description0'] = ''; 318 $plugin['data']['shopprod_description1'] = ''; 319 $plugin['data']['shopprod_description2'] = ''; 320 $plugin['data']['shopprod_description3'] = ''; 321 $plugin['data']['shopprod_status'] = 1; 322 $plugin['data']['shopprod_price'] = 0; 323 $plugin['data']['shopprod_netgross'] = 0; 324 $plugin['data']['shopprod_vat'] = 0; 325 $plugin['data']['shopprod_tag'] = ''; 326 $plugin['data']['shopprod_category'] = array(); 327 $plugin['data']['shopprod_var'] = array(); 328 $plugin['data']['shopprod_images'] = array(); 329 $plugin['data']['shopprod_caption'] = array(); 330 $plugin['data']['shopprod_files'] = array(); 331 $plugin['data']['shopprod_filecaption'] = array(); 332 $plugin['data']['shopprod_weight'] = 0; 333 $plugin['data']['shopprod_size'] = ''; 334 $plugin['data']['shopprod_color'] = ''; 335 $plugin['data']['shopprod_url'] = ''; 336 $plugin['data']['shopprod_listall'] = 0; 337 $plugin['data']['shopprod_lang'] = ''; 338 339 } else { 340 341 $sql = 'SELECT * FROM '.DB_PREPEND.'phpwcms_shop_products WHERE '; 342 $sql .= "shopprod_id = " . $plugin['data']['shopprod_id'] . ' LIMIT 1'; 343 344 $plugin['data'] = _dbQuery($sql); 345 346 if( isset($plugin['data'][0]) ) { 347 $plugin['data'] = $plugin['data'][0]; 348 349 $plugin['data']['shopprod_changedate'] = strtotime($plugin['data']['shopprod_changedate']); 350 $plugin['data']['shopprod_category'] = convertStringToArray($plugin['data']['shopprod_category']); 351 352 $plugin['data']['shopprod_var'] = @unserialize($plugin['data']['shopprod_var']); 353 if(isset($plugin['data']['shopprod_var']['images']) && is_array($plugin['data']['shopprod_var']['images'])) { 354 $plugin['data']['shopprod_images'] = $plugin['data']['shopprod_var']['images']; 355 } else { 356 $plugin['data']['shopprod_images'] = array(); 357 } 358 if(isset($plugin['data']['shopprod_var']['files']) && is_array($plugin['data']['shopprod_var']['files'])) { 359 $plugin['data']['shopprod_files'] = $plugin['data']['shopprod_var']['files']; 360 } else { 361 $plugin['data']['shopprod_files'] = array(); 362 } 363 $plugin['data']['shopprod_caption'] = array(); 364 $plugin['data']['shopprod_filecaption'] = array(); 365 $plugin['data']['shopprod_url'] = isset($plugin['data']['shopprod_var']['url']) ? $plugin['data']['shopprod_var']['url'] : ''; 366 367 } else { 368 headerRedirect( shop_url('controller=prod', '') ); 369 } 370 371 } 372 373 $sql = 'SELECT C1.cat_id, C1.cat_name, C1.cat_pid, C1.cat_status, '; 374 $sql .= "IFNULL(CONCAT(C2.cat_name, '>', C1.cat_name), C1.cat_name) AS category "; 375 $sql .= 'FROM '.DB_PREPEND.'phpwcms_categories C1 '; 376 $sql .= 'LEFT JOIN '.DB_PREPEND.'phpwcms_categories C2 '; 377 $sql .= 'ON C1.cat_pid=C2.cat_id '; 378 $sql .= "WHERE C1.cat_type='module_shop' AND C1.cat_status!=9 "; 379 $sql .= 'ORDER BY category'; 380 $plugin['data']['categories'] = _dbQuery($sql); 381 382 } elseif($action == 'status') { 383 384 list($plugin['data']['shopprod_id'], $plugin['data']['shopprod_status']) = explode( '-', $_GET['status'] ); 385 386 $plugin['data']['shopprod_id'] = intval($plugin['data']['shopprod_id']); 387 $plugin['data']['shopprod_status'] = empty($plugin['data']['shopprod_status']) ? 1 : 0; 388 389 $sql = 'UPDATE '.DB_PREPEND.'phpwcms_shop_products SET '; 390 $sql .= "shopprod_status = ".$plugin['data']['shopprod_status']." "; 391 $sql .= "WHERE shopprod_id = " . $plugin['data']['shopprod_id']; 392 393 _dbQuery($sql, 'UPDATE'); 394 395 headerRedirect( shop_url('controller=prod', '') ); 396 397 } elseif($action == 'delete') { 398 399 $plugin['data']['shopprod_id'] = intval($_GET['delete']); 400 401 $sql = 'UPDATE '.DB_PREPEND.'phpwcms_shop_products SET '; 402 $sql .= "shopprod_status = 9 "; 403 $sql .= "WHERE shopprod_id = " . $plugin['data']['shopprod_id']; 404 405 _dbQuery($sql, 'UPDATE'); 406 407 headerRedirect( shop_url('controller=prod', '') ); 408 409 } 410 411 412 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated: Sun Jan 29 16:31:14 2012 | Cross-referenced by PHPXref 0.7.1 |