aschwarz/Leitgedanken
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

PDF rausgenommen

Browse Source
This commit is contained in:
aschwarz
2023-01-23 11:03:31 +01:00
parent 82d562a322
commit a6523903eb
28078 changed files with 4247552 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
msd2/myoos/includes/.htaccess Normal file
View File

@ -0,0 +1,11 @@
<Files ~ "\.php$">
# Deny all requests from Apache 2.4+.
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
# Deny all requests from Apache 2.0-2.2.
<IfModule !mod_authz_core.c>
Deny from all
</IfModule>
</Files>

97
msd2/myoos/includes/blocks.php Normal file
View File

@ -0,0 +1,97 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
$aContentBlock = array();
$blocktable = $oostable['block'];
$block_infotable = $oostable['block_info'];
$block_to_page_typetable = $oostable['block_to_page_type'];
$block_sql = "SELECT b.block_id, b.block_side, b.block_status, b.block_file, b.block_type,
b.block_sort_order, b.block_login_flag, b.block_cache, bi.block_name
FROM $blocktable b,
$block_to_page_typetable b2p,
$block_infotable bi
WHERE b.block_status = '1'
AND b.block_id = b2p.block_id
AND bi.block_id = b2p.block_id
AND bi.block_languages_id = '" . intval($nLanguageID) . "'
AND b2p.page_type_id = '" . intval($nPageType) . "'";
if (isset($_SESSION['customer_id'])) {
$block_sql .= " AND ( b.block_login_flag = '0' OR b.block_login_flag = '1')";
} else {
$block_sql .= " AND b.block_login_flag = '0'";
}
$block_sql .= " ORDER BY b.block_side, b.block_sort_order ASC";
$block_result = $dbconn->GetAll($block_sql);
foreach ($block_result as $block) {
$block_heading = $block['block_name'];
$block_file = trim($block['block_file']);
$block_side = $block['block_side'];
if (empty($block_file)) {
continue;
}
if (!empty($block_side)) {
$block_tpl = $sTheme . '/blocks/' . $block_file . '.html';
}
if ( (!empty($block['block_cache'])) && (!empty($block_side)) ) {
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
$bid = trim('oos_' . $block['block_cache'] . '_cache_id');
if (!$smarty->isCached($block_tpl, ${$bid})) {
include_once MYOOS_INCLUDE_PATH . '/includes/blocks/block_' . $block_file . '.php';
}
$block_content = $smarty->fetch($block_tpl, ${$bid});
} else {
include_once MYOOS_INCLUDE_PATH . '/includes/blocks/block_' . $block_file . '.php';
if (!empty($block_side)) {
$block_content = $smarty->fetch($block_tpl);
}
}
if (!empty($block_content)) {
$aContentBlock[] = array(
'side' => $block_side,
'block_content' => $block_content
);
}
}
$n = count($aContentBlock);
for ($i = 0, $n; $i < $n; $i++) {
switch ($aContentBlock[$i]['side']) {
case 'sidebar':
$smarty->append('sidebar', array('content' => $aContentBlock[$i]['block_content']));
break;
default:
break;
}
}
$smarty->setCaching(false);

69
msd2/myoos/includes/blocks/block_best_sellers.php Normal file
View File

@ -0,0 +1,69 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: best_sellers.php,v 1.20 2003/02/10 22:30:57 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (!is_numeric(MAX_DISPLAY_BESTSELLERS)) return FALSE;
$best_sellers_block = FALSE;
if (isset($nCurrentCategoryID) && ($nCurrentCategoryID > 0)) {
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$products_to_categoriestable = $oostable['products_to_categories'];
$categoriestable = $oostable['categories'];
$query = "SELECT DISTINCT p.products_id, p.products_image, pd.products_name, pd.products_short_description
FROM $productstable p,
$products_descriptiontable pd,
$products_to_categoriestable p2c,
$categoriestable c
WHERE p.products_setting = '2'
AND p.products_ordered > 0
AND p.products_id = pd.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'
AND p.products_id = p2c.products_id
AND p2c.categories_id = c.categories_id
AND '" . intval($nCurrentCategoryID) . "' IN (c.categories_id, c.parent_id)
ORDER BY p.products_ordered DESC, pd.products_name";
} else {
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$query = "SELECT DISTINCT p.products_id, p.products_image, pd.products_name,
pd.products_short_description
FROM $productstable p,
$products_descriptiontable pd
WHERE p.products_setting = '2'
AND p.products_ordered > 0
AND p.products_id = pd.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'
ORDER BY p.products_ordered DESC, pd.products_name";
}
$best_sellers_result = $dbconn->SelectLimit($query, MAX_DISPLAY_BESTSELLERS);
if ($best_sellers_result->RecordCount() >= MIN_DISPLAY_BESTSELLERS) {
$best_sellers_block = TRUE;
$smarty->assign('best_sellers_list', $best_sellers_result->GetArray());
$smarty->assign('block_heading_best_sellers', $block_heading);
}
$smarty->assign('best_sellers_block', $best_sellers_block);

289
msd2/myoos/includes/blocks/block_categories.php Normal file
View File

@ -0,0 +1,289 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: categories.php,v 1.23 2002/11/12 14:09:30 dgw_
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
/**
* Return the number of products in a category
*
* @param $category_id
* @param $include_inactive
* @return string
*/
function oos_count_products_in_category($category_id, $include_inactive = FALSE) {
$products_count = 0;
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$productstable = $oostable['products'];
$products_to_categoriestable = $oostable['products_to_categories'];
if ($include_inactive == TRUE) {
$products = $dbconn->Execute("SELECT COUNT(*) AS total FROM $productstable p, $products_to_categoriestable p2c WHERE p.products_id = p2c.products_id AND p2c.categories_id = '" . intval($category_id) . "'");
} else {
$products = $dbconn->Execute("SELECT COUNT(*) AS total FROM $productstable p, $products_to_categoriestable p2c WHERE p.products_id = p2c.products_id AND p.products_setting = '2' AND p2c.categories_id = '" . intval($category_id) . "'");
}
$products_count += $products->fields['total'];
$categoriestable = $oostable['categories'];
$child_categories_result = $dbconn->Execute("SELECT categories_id FROM $categoriestable WHERE parent_id = '" . intval($category_id) . "'");
if ($child_categories_result->RecordCount()) {
while ($child_categories = $child_categories_result->fields) {
$products_count += oos_count_products_in_category($child_categories['categories_id'], $include_inactive);
// Move that ADOdb pointer!
$child_categories_result->MoveNext();
}
}
return $products_count;
}
/**
* Return true if the category has subcategories
*
* @param $category_id
* @return boolean
*/
function oos_has_category_subcategories($category_id) {
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$categoriestable = $oostable['categories'];
$query = "SELECT COUNT(*) AS total
FROM $categoriestable
WHERE parent_id = '" . intval($category_id) . "'";
$child_category = $dbconn->Execute($query);
if ($child_category->fields['total'] > 0) {
return TRUE;
} else {
return FALSE;
}
}
/**
* Return Show Category
*
* @param $nCounter
* @return string
*/
function oos_show_category($nCounter) {
global $nPrevID, $aFoo, $aCategories, $sCategory_new, $id, $parent_child, $nCurrentCategoryID;
$aCategory = array('counter' => $nCounter);
if ( (isset($id)) && (in_array($nCounter, $id)) ) {
$aCategory['isSelected'] = 1;
} else {
$aCategory['isSelected'] = 0;
}
if ($nCounter == $nCurrentCategoryID) {
$aCategory['isActive'] = 1;
} else {
$aCategory['isActive'] = 0;
}
if ( (isset($parent_child)) && (is_array($parent_child)) ) {
foreach ($parent_child as $index_of => $sub_parent_child) {
if ($nCounter == $sub_parent_child['parent_id']) {
$aCategory['isHasSubCategories'] = 1;
break;
} else {
$aCategory['isHasSubCategories'] = 0;
}
}
}
if (SHOW_COUNTS == 'true') {
$products_in_category = oos_count_products_in_category($nCounter);
$aCategory['countProductsInCategory'] = $products_in_category;
}
if ( (isset($aFoo)) && (is_array($aFoo)) ) {
if (!isset($nPrevID)) {
$nPrevID = $nCounter;
}
if ($aFoo[$nPrevID]['level'] < $aFoo[$nCounter]['level']) {
$aCategory['isGroupStart'] = 1;
$nPrevID = $nCounter;
} else {
$aCategory['isGroupStart'] = 0;
}
if ($aFoo[$nCounter]['next_id']) {
$nNextID = $aFoo[$nCounter]['next_id'];
if ($aFoo[$nCounter]['level'] < $aFoo[$nNextID]['level']) {
$aCategory['isHasSubElements'] = 1;
} else {
$aCategory['isHasSubElements'] = 0;
}
if ($aFoo[$nNextID]['level'] < $aFoo[$nCounter]['level'] ) {
$nElem = $aFoo[$nCounter]['level'] - $aFoo[$nNextID]['level'] ;
$aCategory['nElements'] = $nElem;
} else {
$aCategory['nElements'] = 0;
}
}
if ($aFoo[$nNextID]['level'] < $aFoo[$nCounter]['level'] ) {
$aCategory['isGroupEnd'] = 1;
} else {
$aCategory['isGroupEnd'] = 0;
}
$aCategory = array_merge($aCategory, $aFoo[$nCounter]);
}
$aCategories[] = $aCategory;
if ($aFoo[$nCounter]['next_id']) {
oos_show_category($aFoo[$nCounter]['next_id']);
}
}
$categoriestable = $oostable['categories'];
$categories_descriptiontable = $oostable['categories_description'];
$query = "SELECT c.categories_id, cd.categories_name, c.parent_id, c.categories_status
FROM $categoriestable c,
$categories_descriptiontable cd
WHERE c.categories_status = '2'
AND c.parent_id = '0'
AND c.categories_id = cd.categories_id
AND cd.categories_languages_id = '" . intval($nLanguageID) . "'
ORDER BY c.sort_order, cd.categories_name";
$categories_result = $dbconn->Execute($query);
while ($categories = $categories_result->fields) {
$list_of_categories_ids[] = intval($categories['categories_id']);
$aFoo[$categories['categories_id']] = array('name' => $categories['categories_name'],
'parent' => $categories['parent_id'],
'level' => 0,
'path' => $categories['categories_id'],
'next_id' => FALSE);
if (isset($prev_id)) {
$aFoo[$prev_id]['next_id'] = $categories['categories_id'];
}
$prev_id = $categories['categories_id'];
if (!isset($first_element)) {
$first_element = $categories['categories_id'];
}
// Move that ADOdb pointer!
$categories_result->MoveNext();
}
if (!empty($sCategory)) {
$new_path = '';
$id = explode('_', $sCategory);
reset($id);
foreach($id as $key => $value) {
unset($prev_id);
unset($first_id);
$categoriestable = $oostable['categories'];
$categories_descriptiontable = $oostable['categories_description'];
$query = "SELECT c.categories_id, cd.categories_name, c.parent_id, c.categories_status
FROM $categoriestable c,
$categories_descriptiontable cd
WHERE c.categories_status = '2'
AND c.parent_id = '" . intval($value) . "'
AND c.categories_id = cd.categories_id
AND cd.categories_languages_id = '" . intval($nLanguageID) . "'
ORDER BY c.sort_order, cd.categories_name";
$categories_result = $dbconn->Execute($query);
$category_check = $categories_result->RecordCount();
if ($category_check > 0) {
$new_path .= $value;
while ($row = $categories_result->fields) {
$list_of_categories_ids[] = intval($row['categories_id']);
$aFoo[$row['categories_id']] = array('name' => $row['categories_name'],
'parent' => $row['parent_id'],
'level' => $key+1,
'path' => $new_path . '_' . $row['categories_id'],
'next_id' => false);
if (isset($prev_id)) {
$aFoo[$prev_id]['next_id'] = $row['categories_id'];
}
$prev_id = $row['categories_id'];
if (!isset($first_id)) {
$first_id = $row['categories_id'];
}
$last_id = $row['categories_id'];
// Move that ADOdb pointer!
$categories_result->MoveNext();
}
$aFoo[$last_id]['next_id'] = $aFoo[$value]['next_id'];
$aFoo[$value]['next_id'] = $first_id;
$new_path .= '_';
} else {
break;
}
}
}
if (sizeof($list_of_categories_ids) > 0 ) {
$select_list_of_cat_ids = implode(",", $list_of_categories_ids);
$categoriestable = $oostable['categories'];
$query = "SELECT categories_id, parent_id
FROM $categoriestable
WHERE parent_id in (" . $select_list_of_cat_ids . ")";
$parent_child_result = $dbconn->Execute($query);
while ($_parent_child = $parent_child_result->fields) {
$parent_child[] = $_parent_child;
// Move that ADOdb pointer!
$parent_child_result->MoveNext();
}
}
if (isset($first_element)) {
oos_show_category($first_element);
}
$smarty->assign(
array(
'block_heading_categories' => $block_heading,
'categories' => $aCategories
)
);

53
msd2/myoos/includes/blocks/block_currencies.php Normal file
View File

@ -0,0 +1,53 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: currencies.php,v 1.16 2003/02/12 20:27:31 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
$currency_block = FALSE;
if (isset($oCurrencies) && is_object($oCurrencies)) {
reset($oCurrencies->currencies);
$aCurrencies = array();
foreach($oCurrencies->currencies as $sKey => $value) {
$aCurrencies[] = array('id' => $sKey, 'text' => $value['title']);
}
if (count($aCurrencies) >= 2) {
$currency_block = TRUE;
$currency_get_parameters = oos_get_all_get_parameters(array('language', 'currency'));
$currency_all_get_parameters = oos_remove_trailing($currency_get_parameters);
$smarty->assign('currencies_contents', $aCurrencies);
$smarty->assign('currency_get_parameters', $currency_all_get_parameters);
} else {
$blockstable = $oostable['block'];
$dbconn->Execute("UPDATE " . $blockstable . "
SET block_status = 0
WHERE block_file = 'currencies'");
}
}
$smarty->assign('currency_block', $currency_block);

38
msd2/myoos/includes/blocks/block_information.php Normal file
View File

@ -0,0 +1,38 @@
<?php
/* ----------------------------------------------------------------------
$Id: block_information.php 412 2013-06-13 18:12:58Z r23 $
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: information.php,v 1.1.2.1 2003/04/18 17:42:37 wilt
orig: information.php,v 1.6 2003/02/10 22:31:00 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
$informationtable = $oostable['information'];
$information_descriptiontable = $oostable['information_description'];
$sql = "SELECT id.information_id, id.information_name, i.sort_order
FROM $informationtable i,
$information_descriptiontable id
WHERE id.information_id = i.information_id AND
i.status = '1' AND
id.information_languages_id = '" . intval($nLanguageID) . "'
ORDER BY i.sort_order DESC";
$smarty->assign('information', $dbconn->GetAll($sql));
$smarty->assign('block_heading_information', $block_heading);

54
msd2/myoos/includes/blocks/block_languages.php Normal file
View File

@ -0,0 +1,54 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: languages.php,v 1.14 2003/02/12 20:27:31 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
$languages_block = FALSE;
$languagestable = $oostable['languages'];
$query = "SELECT name, iso_639_2, iso_639_1
FROM $languagestable
WHERE status = '1'
ORDER BY sort_order";
if (USE_CACHE == 'true') {
$languages_result = $dbconn->CacheExecute(3600, $query);
} else {
$languages_result = $dbconn->Execute($query);
}
if ($languages_result->RecordCount() >= 2) {
$languages_block = TRUE;
$lang_get_parameters = oos_get_all_get_parameters(array('language', 'currency'));
$lang_all_get_parameters = oos_remove_trailing($lang_get_parameters);
$smarty->assign('languages_contents', $languages_result->GetArray());
$smarty->assign('lang_get_parameters', $lang_all_get_parameters);
} else {
$blockstable = $oostable['block'];
$dbconn->Execute("UPDATE " . $blockstable . "
SET block_status = 0
WHERE block_file = 'languages'");
}
$smarty->assign('languages_block', $languages_block);

97
msd2/myoos/includes/blocks/block_manufacturers.php Normal file
View File

@ -0,0 +1,97 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: manufacturers.php,v 1.18 2003/02/10 22:31:01 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (!$oEvent->installed_plugin('manufacturers')) return FALSE;
$manufacturers_block = FALSE;
$display_a_list = FALSE;
$manufacturerstable = $oostable['manufacturers'];
$query = "SELECT manufacturers_id, manufacturers_name
FROM $manufacturerstable
ORDER BY manufacturers_name";
$manufacturers_result = $dbconn->Execute($query);
$nManufacturersRecordCount = $manufacturers_result->RecordCount();
if ($nManufacturersRecordCount < 1) {
$manufacturers_block = FALSE;
} elseif ($nManufacturersRecordCount <= 9) {
// Display a list
$display_a_list = TRUE;
$manufacturers_block = TRUE;
$manufacturers_list = array();
while ($manufacturers = $manufacturers_result->fields) {
$manufacturers_name = ((strlen($manufacturers['manufacturers_name']) > MAX_DISPLAY_MANUFACTURER_NAME_LEN) ? substr($manufacturers['manufacturers_name'], 0, MAX_DISPLAY_MANUFACTURER_NAME_LEN) . '..' : $manufacturers['manufacturers_name']);
if (isset($_GET['manufacturers_id']) && ($_GET['manufacturers_id'] == $manufacturers['manufacturers_id'])) $manufacturers_name = '<strong>' . $manufacturers_name .'</strong>';
$manufacturer_info = array('id' => $manufacturers['manufacturers_id'], 'name' => $manufacturers_name);
$manufacturers_list[] = $manufacturer_info;
// Move that ADOdb pointer!
$manufacturers_result->MoveNext();
}
$smarty->assign('manufacturers_list', $manufacturers_list);
} else {
// Display a drop-down
$manufacturers_block = TRUE;
$manufacturers_names = array();
$manufacturers_values = array();
if (MAX_MANUFACTURERS_LIST < 2) {
$manufacturers_values[] = '';
$manufacturers_names[] = $aLang['pull_down_default'];
}
while ($manufacturers = $manufacturers_result->fields) {
$manufacturers_name = ((strlen($manufacturers['manufacturers_name']) > MAX_DISPLAY_MANUFACTURER_NAME_LEN) ? substr($manufacturers['manufacturers_name'], 0, MAX_DISPLAY_MANUFACTURER_NAME_LEN) . '..' : $manufacturers['manufacturers_name']);
$manufacturers_values[] = $manufacturers['manufacturers_id'];
$manufacturers_names[] = $manufacturers_name;
// Move that ADOdb pointer!
$manufacturers_result->MoveNext();
}
$smarty->assign(
array(
'manufacturers_values' => $manufacturers_values,
'manufacturers_names' => $manufacturers_names
)
);
if (isset($_GET['manufacturers_id'])) {
$smarty->assign('select_manufacturers', intval($_GET['manufacturers_id']));
}
}
$smarty->assign(
array(
'block_heading_manufacturers' => $block_heading,
'manufacturers_block' => $manufacturers_block,
'display_a_list' => $display_a_list
)
);

39
msd2/myoos/includes/blocks/block_products_history.php Normal file
View File

@ -0,0 +1,39 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
$products_history_block = FALSE;
if (isset($_SESSION)) {
if ($_SESSION['products_history']->count_history() > 0) {
$products_history_block = TRUE;
$product_ids = $_SESSION['products_history']->get_product_id_list();
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$products_sql = "SELECT p.products_id, p.products_image, pd.products_name, pd.products_short_description
FROM $productstable p,
$products_descriptiontable pd
WHERE p.products_id IN (" . $product_ids . ")
AND p.products_id = pd.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'
ORDER BY products_name";
$smarty->assign('customer_products_history', $dbconn->GetAll($products_sql));
$smarty->assign('block_heading_products_history', $block_heading);
}
}
$smarty->assign('products_history_block', $products_history_block);

60
msd2/myoos/includes/blocks/block_reviews.php Normal file
View File

@ -0,0 +1,60 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: reviews.php,v 1.36 2003/02/12 20:27:32 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (!$oEvent->installed_plugin('reviews')) return FALSE;
if ($sContent != $aContents['product_reviews_write']) {
$reviewstable = $oostable['reviews'];
$productstable = $oostable['products'];
$reviews_descriptiontable = $oostable['reviews_description'];
$products_descriptiontable = $oostable['products_description'];
$random_select = "SELECT r.reviews_id, r.reviews_rating,
substring(rd.reviews_text, 1, 60) AS reviews_text,
p.products_id, p.products_image, pd.products_name
FROM $reviewstable r,
$reviews_descriptiontable rd,
$productstable p,
$products_descriptiontable pd
WHERE p.products_setting = '2'
AND p.products_id = r.products_id
AND r.reviews_id = rd.reviews_id
AND rd.reviews_languages_id = '" . intval($nLanguageID) . "'
AND p.products_id = pd.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'";
if (isset($_GET['products_id'])) {
if (!isset($nProductsID)) $nProductsID = oos_get_product_id($_GET['products_id']);
$random_select .= " AND p.products_id = '" . intval($nProductsID) . "'";
}
$random_select .= " ORDER BY r.reviews_id DESC";
$random_product = oos_random_select($random_select, MAX_RANDOM_SELECT_REVIEWS);
$smarty->assign(
array(
'block_heading_reviews' => $block_heading,
'random_product' => $random_product
)
);
}

79
msd2/myoos/includes/blocks/block_specials.php Normal file
View File

@ -0,0 +1,79 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: specials.php,v 1.30 2003/02/10 22:31:07 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (!$oEvent->installed_plugin('spezials')) return FALSE;
if (!is_numeric(MAX_DISPLAY_NEW_SPEZILAS)) return FALSE;
$specials_block = FALSE;
if ($sContent != $aContents['specials']) {
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$specialstable = $oostable['specials'];
$query = "SELECT p.products_id, pd.products_name, p.products_price, p.products_base_price,
p.products_base_unit, p.products_tax_class_id, p.products_units_id,
p.products_quantity_order_min, p.products_quantity_order_max,
p.products_product_quantity, p.products_image, s.specials_new_products_price
FROM $productstable p,
$products_descriptiontable pd,
$specialstable s
WHERE p.products_setting = '2'
AND p.products_id = s.products_id
AND pd.products_id = s.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'
AND s.status = '1'
ORDER BY s.specials_date_added DESC";
if ($specials_random_product = oos_random_select($query, MAX_RANDOM_SELECT_SPECIALS)) {
$specials_block = TRUE;
$specials_random_product_price = NULL;
$specials_random_product_special_price = NULL;
$specials_random_base_product_price = NULL;
$specials_random_base_product_special_price = NULL;
if ($aUser['show_price'] == 1 ) {
$specials_random_product_price = $oCurrencies->display_price($specials_random_product['products_price'], oos_get_tax_rate($specials_random_product['products_tax_class_id']));
$specials_random_product_special_price = $oCurrencies->display_price($specials_random_product['specials_new_products_price'], oos_get_tax_rate($specials_random_product['products_tax_class_id']));
if ($specials_random_product['products_base_price'] != 1) {
$specials_random_base_product_special_price = $oCurrencies->display_price($specials_random_product['specials_new_products_price'] * $specials_random_product['products_base_price'], oos_get_tax_rate($specials_random_product['products_tax_class_id']));
}
}
$smarty->assign(
array(
'specials_random_product' => $specials_random_product,
'specials_random_product_price' => $specials_random_product_price,
'specials_random_product_special_price' => $specials_random_product_special_price,
'specials_random_base_product_price' => $specials_random_base_product_price,
'specials_random_base_product_special_price' => $specials_random_base_product_special_price
)
);
$smarty->assign(array('block_heading_specials' => $block_heading));
}
}
$smarty->assign('specials_block', $specials_block);

74
msd2/myoos/includes/blocks/block_whats_new.php Normal file
View File

@ -0,0 +1,74 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: whats_new.php,v 1.2 2003/01/09 09:40:07 elarifr
orig: whats_new.php,v 1.31 2003/02/10 22:31:09 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
$whats_new_block = FALSE;
$productstable = $oostable['products'];
$query = "SELECT products_id, products_image, products_tax_class_id, products_units_id, products_price,
products_base_price, products_base_unit, products_product_quantity
FROM $productstable
WHERE products_setting = '2'
ORDER BY products_date_added DESC";
if ($random_product = oos_random_select($query, MAX_RANDOM_SELECT_NEW)) {
$whats_new_block = TRUE;
$random_product['products_name'] = oos_get_products_name($random_product['products_id']);
$whats_new_product_price = NULL;
$whats_new_product_special_price = NULL;
$whats_new_product_discount_price = NULL;
$whats_new_base_product_price = NULL;
$whats_new_special_price = NULL;
$base_product_price = $random_product['products_price'];
if ($aUser['show_price'] == 1 ) {
$whats_new_special_price = oos_get_products_special_price($random_product['products_id']);
$whats_new_product_price = $oCurrencies->display_price($random_product['products_price'], oos_get_tax_rate($random_product['products_tax_class_id']));
if (oos_is_not_null($whats_new_special_price)) {
$base_product_price = $whats_new_special_price;
$whats_new_product_special_price = $oCurrencies->display_price($whats_new_special_price, oos_get_tax_rate($random_product['products_tax_class_id']));
}
if ($random_product['products_base_price'] != 1) {
$whats_new_base_product_price = $oCurrencies->display_price($base_product_price * $random_product['products_base_price'], oos_get_tax_rate($random_product['products_tax_class_id']));
}
}
$smarty->assign(
array(
'whats_new_product_special_price' => $whats_new_product_special_price,
'whats_new_product_discount_price' => $whats_new_product_discount_price,
'whats_new_base_product_price' => $whats_new_base_product_price,
'whats_new_special_price' => $whats_new_special_price,
'whats_new_product_price' => $whats_new_product_price,
'random_product' => $random_product,
'block_heading_whats_new' => $block_heading
)
);
}
$smarty->assign('whats_new_block', $whats_new_block);

511
msd2/myoos/includes/cart_actions.php Normal file
View File

@ -0,0 +1,511 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: application_top.php,v 1.264 2003/02/17 16:37:52 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (isset($_GET['action'])) {
$action = oos_var_prep_for_os($_GET['action']);
} elseif (isset($_POST['action'])) {
$action = oos_var_prep_for_os($_POST['action']);
}
if (DISPLAY_CART == 'true') {
$goto_file = $aContents['shopping_cart'];
$parameters = array('action', 'category', 'products_id', 'pid');
} else {
$goto_file = $sContent;
if ($action == 'buy_now') {
$parameters = array('action', 'pid', 'products_id', 'cart_quantity');
} elseif ($action == 'buy_slave') {
$parameters = array('action', 'pid', 'slave_id', 'cart_quantity');
} else {
$parameters = array('action', 'pid', 'cart_quantity');
}
}
switch ($action) {
case 'update_product' :
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// create the shopping cart
if (!isset($_SESSION['cart'])) {
$_SESSION['cart'] = new shoppingCart();
}
// customer wants to update the product quantity in their shopping cart
for ($i=0; $i<count($_POST['products_id']);$i++) {
if (in_array($_POST['products_id'][$i], (is_array($_POST['cart_delete']) ? $_POST['cart_delete'] : array())) or $_POST['cart_quantity'][$i] == 0) {
$_SESSION['cart']->remove($_POST['products_id'][$i]);
} else {
$products_order_min = oos_get_products_quantity_order_min($_POST['products_id'][$i]);
$products_order_units = oos_get_products_quantity_order_units($_POST['products_id'][$i]);
if ( ($_POST['cart_quantity'][$i] >= $products_order_min) ) {
if ($_POST['cart_quantity'][$i]%$products_order_units == 0) {
$attributes = ($_POST['id'][$_POST['products_id'][$i]]) ? $_POST['id'][$_POST['products_id'][$i]] : '';
$_SESSION['cart']->add_cart($_POST['products_id'][$i], $_POST['cart_quantity'][$i], $attributes, false, $_POST['to_wl_id'][$i]);
} else {
$_SESSION['error_cart_msg'] = oos_get_products_name($_POST['products_id'][$i]) . ' - ' . $aLang['error_products_units_invalid'] . ' ' . $_POST['cart_quantity'][$i] . ' - ' . $aLang['products_order_qty_unit_text_cart'] . ' ' . $products_order_units;
}
} else {
$_SESSION['error_cart_msg'] = $aLang['error_products_quantity_order_min_text'] . ' ' . oos_get_products_name($_POST['products_id'][$i]) . ' - ' . $aLang['error_products_quantity_invalid'] . ' ' . $_POST['cart_quantity'][$i] . ' - ' . $aLang['products_order_qty_min_text_cart'] . ' ' . $products_order_min;
}
}
}
oos_redirect(oos_href_link($goto_file, oos_get_all_get_parameters($parameters)));
break;
case 'add_product' :
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// create the shopping cart
if (!isset($_SESSION['cart'])) {
$_SESSION['cart'] = new shoppingCart();
}
// customer adds a product from the products page
if (isset($_POST['products_id']) && is_numeric($_POST['products_id'])) {
$real_ids = $_POST['id'];
// File_upload
if (isset($_POST['number_of_uploads']) && is_numeric($_POST['number_of_uploads']) && ($_POST['number_of_uploads'] > 0)) {
require_once 'includes/classes/class_upload.php';
for ($i = 1; $i <= $_POST['number_of_uploads']; $i++) {
if (oos_is_not_null($_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]]) and ($_FILES['id']['tmp_name'][TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] != 'none')) {
$products_options_file = new upload('id');
$products_options_file->set_destination(OOS_UPLOADS);
$files_uploadedtable = $oostable['files_uploaded'];
if ($products_options_file->parse(TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i])) {
if (isset($_SESSION['customer_id'])) {
$dbconn->Execute("INSERT INTO " . $files_uploadedtable . " (sesskey, customers_id, files_uploaded_name) VALUES ('" . $session->getId() . "', '" . intval($_SESSION['customer_id']) . "', '" . oos_db_input($products_options_file->filename) . "')");
} else {
$dbconn->Execute("INSERT INTO " . $files_uploadedtable . " (sesskey, files_uploaded_name) VALUES ('" . $session->getId() . "', '" . oos_db_input($products_options_file->filename) . "')");
}
$insert_id = $dbconn->Insert_ID();
$real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $insert_id . ". " . $products_options_file->filename;
$products_options_file->set_filename("$insert_id" . $products_options_file->filename);
if (!($products_options_file->save())) {
break 2;
}
} else {
break 2;
}
} else { // No file uploaded -- use previous value
$real_ids[TEXT_PREFIX . $_POST[UPLOAD_PREFIX . $i]] = $_POST[TEXT_PREFIX . UPLOAD_PREFIX . $i];
}
}
}
if (isset($_POST['cart_quantity']) && is_numeric($_POST['cart_quantity'])) {
$cart_quantity = oos_prepare_input($_POST['cart_quantity']);
$cart_qty = $_SESSION['cart']->get_quantity(oos_get_uprid($_POST['products_id'], $real_ids));
$news_qty = $cart_qty + $cart_quantity;
$products_order_min = oos_get_products_quantity_order_min($_POST['products_id']);
$products_order_units = oos_get_products_quantity_order_units($_POST['products_id']);
if ( ($cart_quantity >= $products_order_min) or ($cart_qty >= $products_order_min) ) {
if ( ($cart_quantity%$products_order_units == 0) and ($news_qty >= $products_order_min) ) {
$_SESSION['cart']->add_cart($_POST['products_id'], $news_qty, $real_ids);
} else {
$_SESSION['error_cart_msg'] = $aLang['error_products_quantity_order_min_text'] . $aLang['error_products_units_invalid'] . $cart_quantity . ' - ' . $aLang['products_order_qty_unit_text_info'] . ' ' . $products_order_units;
}
} else {
$_SESSION['error_cart_msg'] = $aLang['error_products_quantity_order_min_text'] . $aLang['error_products_quantity_invalid'] . $cart_quantity . ' - ' . $aLang['products_order_qty_min_text_info'] . ' ' . $products_order_min;
}
if ($_SESSION['error_cart_msg'] == '') {
oos_redirect(oos_href_link($goto_file, oos_get_all_post_parameters($parameters)));
} else {
oos_redirect(oos_href_link($aContents['product_info'], 'products_id=' . $_POST['products_id']));
}
}
}
break;
case 'buy_now' :
if (isset($_GET['products_id'])) {
if (oos_has_product_attributes($_GET['products_id'])) {
oos_redirect(oos_href_link($aContents['product_info'], 'products_id=' . $_GET['products_id']));
} else {
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// create the shopping cart
if (!isset($_SESSION['cart'])) {
$_SESSION['cart'] = new shoppingCart();
}
if (isset($_GET['cart_quantity']) && is_numeric($_GET['cart_quantity'])) {
$cart_quantity = oos_prepare_input($_GET['cart_quantity']);
} else {
$cart_quantity = 1;
}
$cart_qty = $_SESSION['cart']->get_quantity($_GET['products_id']);
$news_qty = $cart_qty + $cart_quantity;
$products_order_min = oos_get_products_quantity_order_min($_GET['products_id']);
$products_order_units = oos_get_products_quantity_order_units($_GET['products_id']);
if ( ($cart_quantity >= $products_order_min) or ($cart_qty >= $products_order_min) ) {
if ( ($cart_quantity%$products_order_units == 0) and ($news_qty >= $products_order_min) ) {
$_SESSION['cart']->add_cart($_GET['products_id'], $news_qty);
} else {
$_SESSION['error_cart_msg'] = $aLang['error_products_quantity_order_min_text'] . $aLang['error_products_units_invalid'] . $cart_quantity . ' - ' . $aLang['products_order_qty_unit_text_info'] . ' ' . $products_order_units;
}
} else {
$_SESSION['error_cart_msg'] = $aLang['error_products_quantity_order_min_text'] . $aLang['error_products_quantity_invalid'] . $cart_quantity . ' - ' . $aLang['products_order_qty_min_text_info'] . ' ' . $products_order_min;
}
}
if ($_SESSION['error_cart_msg'] == '') {
oos_redirect(oos_href_link($goto_file, oos_get_all_get_parameters($parameters)));
} else {
oos_redirect(oos_href_link($aContents['product_info'], 'products_id=' . $_GET['products_id']));
}
} elseif (isset($_POST['products_id']) && is_numeric($_POST['products_id'])) {
if (oos_has_product_attributes($_POST['products_id'])) {
oos_redirect(oos_href_link($aContents['product_info'], 'products_id=' . $_POST['products_id']));
} else {
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// create the shopping cart
if (!isset($_SESSION['cart'])) {
$_SESSION['cart'] = new shoppingCart();
}
if (isset($_POST['cart_quantity']) && is_numeric($_POST['cart_quantity'])) {
$cart_quantity = oos_prepare_input($_POST['cart_quantity']);
$cart_qty = $_SESSION['cart']->get_quantity($_POST['products_id']);
$news_qty = $cart_qty + $cart_quantity;
$products_order_min = oos_get_products_quantity_order_min($_POST['products_id']);
$products_order_units = oos_get_products_quantity_order_units($_POST['products_id']);
if ( ($cart_quantity >= $products_order_min) or ($cart_qty >= $products_order_min) ) {
if ( ($cart_quantity%$products_order_units == 0) and ($news_qty >= $products_order_min) ) {
$_SESSION['cart']->add_cart($_POST['products_id'], $news_qty);
} else {
$_SESSION['error_cart_msg'] = $aLang['error_products_quantity_order_min_text'] . $aLang['error_products_units_invalid'] . $cart_quantity . ' - ' . $aLang['products_order_qty_unit_text_info'] . ' ' . $products_order_units;
}
} else {
$_SESSION['error_cart_msg'] = $aLang['error_products_quantity_order_min_text'] . $aLang['error_products_quantity_invalid'] . $cart_quantity . ' - ' . $aLang['products_order_qty_min_text_info'] . ' ' . $products_order_min;
}
}
if ($_SESSION['error_cart_msg'] == '') {
oos_redirect(oos_href_link($goto_file, oos_get_all_post_parameters($parameters)));
} else {
oos_redirect(oos_href_link($aContents['product_info'], 'products_id=' . $_POST['products_id']));
}
}
}
break;
case 'buy_slave' :
if (isset($_GET['slave_id'])) {
if (oos_has_product_attributes($_GET['slave_id'])) {
oos_redirect(oos_href_link($aContents['product_info'], 'products_id=' . $_GET['slave_id']));
} else {
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// create the shopping cart
if (!isset($_SESSION['cart'])) {
$_SESSION['cart'] = new shoppingCart();
}
$cart_quantity = 1;
$cart_qty = $_SESSION['cart']->get_quantity($_GET['slave_id']);
$news_qty = $cart_qty + $cart_quantity;
$products_order_min = oos_get_products_quantity_order_min($_GET['slave_id']);
$products_order_units = oos_get_products_quantity_order_units($_GET['slave_id']);
if ( ($cart_quantity >= $products_order_min) or ($cart_qty >= $products_order_min) ) {
if ( ($cart_quantity%$products_order_units == 0) and ($news_qty >= $products_order_min) ) {
$_SESSION['cart']->add_cart($_GET['slave_id'], $news_qty);
} else {
$_SESSION['error_cart_msg'] = $aLang['error_products_quantity_order_min_text'] . $aLang['error_products_units_invalid'] . $cart_quantity . ' - ' . $aLang['products_order_qty_unit_text_info'] . ' ' . $products_order_units;
}
} else {
$_SESSION['error_cart_msg'] = $aLang['error_products_quantity_order_min_text'] . $aLang['error_products_quantity_invalid'] . $cart_quantity . ' - ' . $aLang['products_order_qty_min_text_info'] . ' ' . $products_order_min;
}
}
if ($_SESSION['error_cart_msg'] == '') {
oos_redirect(oos_href_link($goto_file, oos_get_all_get_parameters($parameters)));
} else {
oos_redirect(oos_href_link($aContents['product_info'], 'products_id=' . $_GET['slave_id']));
}
} elseif (isset($_POST['slave_id']) && is_numeric($_POST['slave_id'])) {
if (oos_has_product_attributes($_POST['slave_id'])) {
oos_redirect(oos_href_link($aContents['product_info'], 'products_id=' . $_POST['slave_id']));
} else {
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// create the shopping cart
if (!isset($_SESSION['cart'])) {
$_SESSION['cart'] = new shoppingCart();
}
if (isset($_POST['cart_quantity']) && is_numeric($_POST['cart_quantity'])) {
$cart_quantity = oos_prepare_input($_POST['cart_quantity']);
$cart_qty = $_SESSION['cart']->get_quantity($_POST['slave_id']);
$news_qty = $cart_qty + $cart_quantity;
$products_order_min = oos_get_products_quantity_order_min($_POST['slave_id']);
$products_order_units = oos_get_products_quantity_order_units($_POST['slave_id']);
if ( ($cart_quantity >= $products_order_min) or ($cart_qty >= $products_order_min) ) {
if ( ($cart_quantity%$products_order_units == 0) and ($news_qty >= $products_order_min) ) {
$_SESSION['cart']->add_cart($_POST['slave_id'], $news_qty);
} else {
$_SESSION['error_cart_msg'] = $aLang['error_products_quantity_order_min_text'] . $aLang['error_products_units_invalid'] . $cart_quantity . ' - ' . $aLang['products_order_qty_unit_text_info'] . ' ' . $products_order_units;
}
} else {
$_SESSION['error_cart_msg'] = $aLang['error_products_quantity_order_min_text'] . $aLang['error_products_quantity_invalid'] . $cart_quantity . ' - ' . $aLang['products_order_qty_min_text_info'] . ' ' . $products_order_min;
}
}
}
if ($_SESSION['error_cart_msg'] == '') {
oos_redirect(oos_href_link($goto_file, oos_get_all_post_parameters($parameters)));
} else {
oos_redirect(oos_href_link($aContents['product_info'], 'products_id=' . $_POST['slave_id']));
}
}
break;
case 'add_a_quickie' :
if (isset($_POST['cart_quantity']) && is_numeric($_POST['cart_quantity'])) {
$cart_quantity = oos_prepare_input($_POST['cart_quantity']);
if (isset($_POST['quickie'])) {
$productstable = $oostable['products'];
$quickie_result = $dbconn->Execute("SELECT products_id FROM $productstable WHERE (products_model = '" . oos_db_input($quickie) . "' OR products_ean = '" . oos_db_input($quickie) . "')");
if (!$quickie_result->RecordCount()) {
$productstable = $oostable['products'];
$quickie_result = $dbconn->Execute("SELECT products_id FROM $productstable WHERE (products_model LIKE '%" . oos_db_input($quickie) . "%' OR products_ean LIKE '%" . oos_db_input($quickie) . "%')");
}
if ($quickie_result->RecordCount() != 1) {
oos_redirect(oos_href_link($aContents['advanced_search_result'], 'keywords=' . rawurlencode($quickie)));
}
$products_quickie = $quickie_result->fields;
if (oos_has_product_attributes($products_quickie['products_id'])) {
oos_redirect(oos_href_link($aContents['product_info'], 'products_id=' . $products_quickie['products_id']));
} else {
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// create the shopping cart
if (!isset($_SESSION['cart'])) {
$_SESSION['cart'] = new shoppingCart();
}
$cart_qty = $_SESSION['cart']->get_quantity($products_quickie['products_id']);
$news_qty = $cart_qty + $cart_quantity;
$products_order_min = oos_get_products_quantity_order_min($products_quickie['products_id']);
$products_order_units = oos_get_products_quantity_order_units($products_quickie['products_id']);
if ( ($cart_quantity >= $products_order_min) or ($cart_qty >= $products_order_min) ) {
if ( ($cart_quantity%$products_order_units == 0) and ($news_qty >= $products_order_min) ) {
$_SESSION['cart']->add_cart($products_quickie['products_id'], $news_qty);
} else {
$_SESSION['error_cart_msg'] = $aLang['error_products_quantity_order_min_text'] . $aLang['error_products_units_invalid'] . $cart_quantity . ' - ' . $aLang['products_order_qty_unit_text_info'] . ' ' . $products_order_units;
}
} else {
$_SESSION['error_cart_msg'] = $aLang['error_products_quantity_order_min_text'] . $aLang['error_products_quantity_invalid'] . $cart_quantity . ' - ' . $aLang['products_order_qty_min_text_info'] . ' ' . $products_order_min;
}
if ($_SESSION['error_cart_msg'] == '') {
oos_redirect(oos_href_link($goto_file, oos_get_all_get_parameters($parameters)));
} else {
oos_redirect(oos_href_link($aContents['product_info'], 'products_id=' . $products_quickie['products_id']));
}
}
}
}
break;
case 'notify' :
if (isset($_SESSION['customer_id'])) {
if (isset($_GET['products_id'])) {
$notify = oos_var_prep_for_os($_GET['products_id']);
} elseif (isset($_GET['notify'])) {
$notify = oos_var_prep_for_os($_GET['notify']);
} elseif (isset($_POST['notify'])) {
$notify = oos_var_prep_for_os($_POST['notify']);
} else {
oos_redirect(oos_href_link($sContent, oos_get_all_get_parameters(array('action', 'notify'))));
}
$products_notificationstable = $oostable['products_notifications'];
if (!is_array($notify)) $notify = array($notify);
for ($i=0, $n=count($notify); $i<$n; $i++) {
$check_sql = "SELECT COUNT(*) AS total
FROM $products_notificationstable
WHERE products_id = '" . intval($notify[$i]) . "'
AND customers_id = '" . intval($_SESSION['customer_id']) . "'";
$check = $dbconn->Execute($check_sql);
if ($check->fields['total'] < 1) {
$today = date("Y-m-d H:i:s");
$sql = "INSERT INTO $products_notificationstable
(products_id, customers_id,
date_added) VALUES (" . $dbconn->qstr($notify[$i]) . ','
. $dbconn->qstr($_SESSION['customer_id']) . ','
. $dbconn->DBTimeStamp($today) . ")";
$dbconn->Execute($sql);
}
}
oos_redirect(oos_href_link($sContent, oos_get_all_get_parameters(array('action'))));
} else {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
break;
case 'notify_remove' :
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
$products_notificationstable = $oostable['products_notifications'];
if (isset($_SESSION['customer_id']) && isset($_GET['products_id'])) {
if (!isset($nProductsID)) $nProductsID = oos_get_product_id($_GET['products_id']);
$check_sql = "SELECT COUNT(*) AS total
FROM $products_notificationstable
WHERE products_id = '" . intval($nProductsID) . "'
AND customers_id = '" . intval($_SESSION['customer_id']) . "'";
$check = $dbconn->Execute($check_sql);
if ($check->fields['total'] > 0) {
$dbconn->Execute("DELETE FROM $products_notificationstable WHERE products_id = '" . intval($nProductsID) . "' AND customers_id = '" . intval($_SESSION['customer_id']) . "'");
}
oos_redirect(oos_href_link($sContent, oos_get_all_get_parameters(array('action'))));
} else {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
break;
case 'remove_wishlist' :
if (isset($_SESSION['customer_id']) && isset($_GET['pid'])) {
$customers_wishlisttable = $oostable['customers_wishlist'];
$dbconn->Execute("DELETE FROM $customers_wishlisttable WHERE customers_id = '" . intval($_SESSION['customer_id']) . "' AND products_id = '" . oos_db_input($_GET['pid']) . "'");
$customers_wishlist_attributestable = $oostable['customers_wishlist_attributes'];
$dbconn->Execute("DELETE FROM $customers_wishlist_attributestable WHERE customers_id = '" . intval($_SESSION['customer_id']) . "' AND products_id = '" . oos_db_input($_GET['pid']) . "'");
}
break;
case 'add_wishlist' :
if (isset($_GET['products_id']) && is_numeric($_GET['products_id'])) {
$wishlist_products_id = oos_prepare_input($_GET['products_id']);
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$aPage = array();
$aPage['content'] = $sContent;
$aPage['get'] = 'products_id=' . rawurlencode($wishlist_products_id) . '&amp;action=add_wishlist';
$_SESSION['navigation']->set_snapshot($aPage);
oos_redirect(oos_href_link($aContents['login']));
}
if (oos_has_product_attributes($_GET['products_id'])) {
oos_redirect(oos_href_link($aContents['product_info'], 'products_id=' . $wishlist_products_id));
}
$customers_wishlisttable = $oostable['customers_wishlist'];
$dbconn->Execute("DELETE FROM $customers_wishlisttable WHERE customers_id = '" . intval($_SESSION['customer_id']) . "' AND products_id = '" . oos_db_input($wishlist_products_id) . "'");
$dbconn->Execute("INSERT INTO $customers_wishlisttable
(customers_id, customers_wishlist_link_id, products_id,
customers_wishlist_date_added) VALUES (" . $dbconn->qstr($_SESSION['customer_id']) . ','
. $dbconn->qstr($_SESSION['customer_wishlist_link_id']) . ','
. $dbconn->qstr($wishlist_products_id) . ','
. $dbconn->qstr(date('Ymd')) . ")");
oos_redirect(oos_href_link($aContents['account_wishlist']));
}
break;
case 'wishlist_add_product' :
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// create the shopping cart
if (!isset($_SESSION['cart'])) {
$_SESSION['cart'] = new shoppingCart();
}
if (isset($_POST['products_id']) && is_numeric($_POST['cart_quantity'])) {
$cart_quantity = oos_prepare_input($_POST['cart_quantity']);
$cart_qty = $_SESSION['cart']->get_quantity(oos_get_uprid($_POST['products_id'], $_POST['id']));
$news_qty = $cart_qty + $cart_quantity;
$products_order_min = oos_get_products_quantity_order_min($_POST['products_id']);
$products_order_units = oos_get_products_quantity_order_units($_POST['products_id']);
if ( ($cart_quantity >= $products_order_min) or ($cart_qty >= $products_order_min) ) {
if ( ($cart_quantity%$products_order_units == 0) and ($news_qty >= $products_order_min) ) {
$_SESSION['cart']->add_cart($_POST['products_id'], intval($news_qty), $_POST['id'], true, $_POST['to_wl_id']);
} else {
$_SESSION['error_cart_msg'] = $aLang['error_products_quantity_order_min_text'] . $aLang['error_products_units_invalid'] . $cart_quantity . ' - ' . $aLang['products_order_qty_unit_text_info'] . ' ' . $products_order_units;
}
} else {
$_SESSION['error_cart_msg'] = $aLang['error_products_quantity_order_min_text'] . $aLang['error_products_quantity_invalid'] . $cart_quantity . ' - ' . $aLang['products_order_qty_min_text_info'] . ' ' . $products_order_min;
}
if ($_SESSION['error_cart_msg'] == '') {
oos_redirect(oos_href_link($goto_file, oos_get_all_get_parameters($parameters)));
} else {
oos_redirect(oos_href_link($aContents['product_info'], 'products_id=' . $_POST['products_id']));
}
}
break;
}

93
msd2/myoos/includes/classes/class_breadcrumb.php Normal file
View File

@ -0,0 +1,93 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: breadcrumb.php,v 1.3 2003/02/11 00:04:50 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
class breadcrumb {
/**
* @var array Array of individual (linked) html strings created from crumbs
*/
private $links = array();
/**
* Create the breadcrumb
*/
public function __construct() {
$this->reset();
}
/**
* reset
*/
private function reset() {
$this->links = array();
}
/**
* Add Link
*/
public function add($title, $url = '', $icon = '') {
$this->links[] = array('title' => $title, 'url' => $url, 'icon' => $icon );
}
/**
* Create a breadcrumb element string
*
* @return string
*/
public function trail() {
$link_output = '';
$n = sizeof($this->links);
for ($i=0, $n; $i<$n; $i++) {
$link_output .= '<li typeof="v:Breadcrumb">';
if ( isset( $this->links[$i]['url'] ) && ( is_string( $this->links[$i]['url'] ) && $this->links[$i]['url'] !== '' ) ) {
$link_output .= '<a title="' . $this->links[$i]['title'] . '" href="' . $this->links[$i]['url'] . '" rel="v:url" property="v:title">';
} else {
$link_output .= '<span property="v:title">';
}
if (isset($this->links[$i]['icon']) && !empty($this->links[$i]['icon'])) {
$link_output .= '<i class="fa fa-' . $this->links[$i]['icon'] . '" aria-hidden="true"></i>';
}
$link_output .= $this->links[$i]['title'];
if (isset($this->links[$i]['url']) && ( is_string( $this->links[$i]['url'] ) && $this->links[$i]['url'] !== '' ) ) {
$link_output .= '</a>';
} else {
$link_output .= '</span>';
}
$link_output .= '</li>';
}
return $link_output;
}
}

353
msd2/myoos/includes/classes/class_category_tree.php Normal file
View File

@ -0,0 +1,353 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: category_tree.php,v 1.2, 2004/10/26 20:07:09 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2001 - 2004 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
class oosCategoryTree {
var $root_category_id = 0,
$max_level = 0,
$data = array(),
$root_start_string = '',
$root_end_string = '',
$parent_start_string = '',
$parent_end_string = '',
$parent_group_start_string = '<ul>',
$parent_group_end_string = '</ul>',
$child_start_string = '<li>',
$child_end_string = '</li>',
$breadcrumb_separator = '_',
$breadcrumb_usage = TRUE,
$spacer_string = '',
$spacer_multiplier = 1,
$follow_cpath = FALSE,
$cpath_array = array(),
$cpath_start_string = '',
$cpath_end_string = '',
$show_category_product_count = FALSE,
$category_product_count_start_string = '&nbsp;(',
$category_product_count_end_string = ')';
public function __construct() {
if (SHOW_COUNTS == 'true') {
$this->show_category_product_count = TRUE;
}
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$nLanguageID = isset($_SESSION['language_id']) ? intval( $_SESSION['language_id'] ) : DEFAULT_LANGUAGE_ID;
$categoriestable = $oostable['categories'];
$categories_descriptionstable = $oostable['categories_description'];
$sql = "SELECT c.categories_id, cd.categories_name, c.parent_id, c.categories_status
FROM $categoriestable c,
$categories_descriptionstable cd
WHERE c.categories_status = '2'
AND c.categories_id = cd.categories_id
AND cd.categories_languages_id = '" . intval($nLanguageID) . "'
ORDER BY c.parent_id, c.sort_order, cd.categories_name";
if (USE_CACHE == 'true') {
$categories_result = $dbconn->CacheExecute(3600, $sql);
} else {
$categories_result = $dbconn->Execute($sql);
}
$this->data = array();
while ($categories = $categories_result->fields) {
$this->data[$categories['parent_id']][$categories['categories_id']] = array('name' => $categories['categories_name'], 'count' => 0);
// Move that ADOdb pointer!
$categories_result->MoveNext();
}
if ($this->show_category_product_count === TRUE) {
$this->calculateCategoryProductCount();
}
}
public function setData(&$data_array) {
if (is_array($data_array)) {
$this->data = array();
for ($i=0, $n=count($data_array); $i<$n; $i++) {
$this->data[$data_array[$i]['parent_id']][$data_array[$i]['categories_id']] = array('name' => $data_array[$i]['categories_name'], 'count' => $data_array[$i]['categories_count']);
}
}
}
public function buildBranch($parent_id, $level = 0) {
$result = $this->parent_group_start_string;
$aContents = oos_get_content();
if (isset($this->data[$parent_id])) {
foreach ($this->data[$parent_id] as $category_id => $category) {
if ($this->breadcrumb_usage == TRUE) {
$category_link = $this->buildBreadcrumb($category_id);
} else {
$category_link = $category_id;
}
$sLink = '<a href="' . oos_href_link($aContents['shop'], 'category=' . $category_link) . '">';
$result .= $this->child_start_string;
if (isset($this->data[$category_id])) {
$result .= $this->parent_start_string;
}
if ($level == 0) {
$result .= $this->root_start_string;
}
$result .= str_repeat($this->spacer_string, $this->spacer_multiplier * $level);
$result .= $sLink;
if ($this->follow_cpath === TRUE) {
if (in_array($category_id, $this->cpath_array)) {
$result .= $this->cpath_start_string . $category['name'] . $this->cpath_end_string;
} else {
$result .= $category['name'];
}
} else {
$result .= $category['name'];
}
$result .= '</a>';
if ($this->show_category_product_count === TRUE) {
$result .= $this->category_product_count_start_string . $category['count'] . $this->category_product_count_end_string;
}
if ($level == 0) {
$result .= $this->root_end_string;
}
if (isset($this->data[$category_id])) {
$result .= $this->parent_end_string;
}
$result .= $this->child_end_string;
if (isset($this->data[$category_id]) && (($this->max_level == '0') || ($this->max_level > $level+1))) {
if ($this->follow_cpath === TRUE) {
if (in_array($category_id, $this->cpath_array)) {
$result .= $this->buildBranch($category_id, $level+1);
}
} else {
$result .= $this->buildBranch($category_id, $level+1);
}
}
}
}
$result .= $this->parent_group_end_string;
return $result;
}
public function buildBranchArray($parent_id, $level = 0, $result = '') {
if (empty($result)) {
$result = array();
}
if (isset($this->data[$parent_id])) {
foreach ($this->data[$parent_id] as $category_id => $category) {
if ($this->breadcrumb_usage == TRUE) {
$category_link = $this->buildBreadcrumb($category_id);
} else {
$category_link = $category_id;
}
$result[] = array('id' => $category_link,
'title' => str_repeat($this->spacer_string, $this->spacer_multiplier * $level) . $category['name']);
if (isset($this->data[$category_id]) && (($this->max_level == '0') || ($this->max_level > $level+1))) {
if ($this->follow_cpath === TRUE) {
if (in_array($category_id, $this->cpath_array)) {
$result = $this->buildBranchArray($category_id, $level+1, $result);
}
} else {
$result = $this->buildBranchArray($category_id, $level+1, $result);
}
}
}
}
return $result;
}
public function buildBreadcrumb($category_id, $level = 0) {
$breadcrumb = '';
foreach ($this->data as $parent => $categories) {
foreach ($categories as $id => $info) {
if ($id == $category_id) {
if ($level < 1) {
$breadcrumb = $id;
} else {
$breadcrumb = $id . $this->breadcrumb_separator . $breadcrumb;
}
if ($parent != $this->root_category_id) {
$breadcrumb = $this->buildBreadcrumb($parent, $level+1) . $breadcrumb;
}
}
}
}
return $breadcrumb;
}
public function buildTree() {
return $this->buildBranch($this->root_category_id);
}
public function getTree($parent_id = '') {
return $this->buildBranchArray((empty($parent_id) ? $this->root_category_id : $parent_id));
}
public function calculateCategoryProductCount() {
foreach ($this->data as $parent => $categories) {
foreach ($categories as $id => $info) {
$this->data[$parent][$id]['count'] = $this->countCategoryProducts($id);
$parent_category = $parent;
while ($parent_category != $this->root_category_id) {
foreach ($this->data as $parent_parent => $parent_categories) {
foreach ($parent_categories as $parent_category_id => $parent_category_info) {
if ($parent_category_id == $parent_category) {
$this->data[$parent_parent][$parent_category_id]['count'] += $this->data[$parent][$id]['count'];
$parent_category = $parent_parent;
break 2;
}
}
}
}
}
}
}
public function countCategoryProducts($category_id) {
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$productstable = $oostable['products'];
$products_to_categoriestable = $oostable['products_to_categories'];
$sql = "SELECT COUNT(*) AS total
FROM $productstable p,
$products_to_categoriestable p2c
WHERE p2c.categories_id = '" . intval($category_id) . "'
AND p2c.products_id = p.products_id
AND p.products_status >= 1";
$count_result = $dbconn->Execute($sql);
$count = $count_result->fields['total'];
return $count;
}
public function setRootCategoryID($root_category_id) {
$this->root_category_id = $root_category_id;
}
public function setMaximumLevel($max_level) {
$this->max_level = $max_level;
}
public function setRootString($root_start_string, $root_end_string) {
$this->root_start_string = $root_start_string;
$this->root_end_string = $root_end_string;
}
public function setParentString($parent_start_string, $parent_end_string) {
$this->parent_start_string = $parent_start_string;
$this->parent_end_string = $parent_end_string;
}
public function setParentGroupString($parent_group_start_string, $parent_group_end_string) {
$this->parent_group_start_string = $parent_group_start_string;
$this->parent_group_end_string = $parent_group_end_string;
}
public function setChildString($child_start_string, $child_end_string) {
$this->child_start_string = $child_start_string;
$this->child_end_string = $child_end_string;
}
public function setBreadcrumbSeparator($breadcrumb_separator) {
$this->breadcrumb_separator = $breadcrumb_separator;
}
public function setBreadcrumbUsage($breadcrumb_usage) {
if ($breadcrumb_usage === TRUE) {
$this->breadcrumb_usage = TRUE;
} else {
$this->breadcrumb_usage = FALSE;
}
}
public function setSpacerString($spacer_string, $spacer_multiplier = 2) {
$this->spacer_string = $spacer_string;
$this->spacer_multiplier = $spacer_multiplier;
}
public function setCategoryPath($cpath, $cpath_start_string = '', $cpath_end_string = '') {
$this->follow_cpath = TRUE;
$this->cpath_array = explode($this->breadcrumb_separator, $cpath);
$this->cpath_start_string = $cpath_start_string;
$this->cpath_end_string = $cpath_end_string;
}
public function setFollowCategoryPath($follow_cpath) {
if ($follow_cpath === TRUE) {
$this->follow_cpath = TRUE;
} else {
$this->follow_cpath = FALSE;
}
}
public function setCategoryPathString($cpath_start_string, $cpath_end_string) {
$this->cpath_start_string = $cpath_start_string;
$this->cpath_end_string = $cpath_end_string;
}
public function setShowCategoryProductCount($show_category_product_count) {
if ($show_category_product_count === TRUE) {
$this->show_category_product_count = TRUE;
} else {
$this->show_category_product_count = FALSE;
}
}
public function setCategoryProductCountString($category_product_count_start_string, $category_product_count_end_string) {
$this->category_product_count_start_string = $category_product_count_start_string;
$this->category_product_count_end_string = $category_product_count_end_string;
}
}

116
msd2/myoos/includes/classes/class_currencies.php Normal file
View File

@ -0,0 +1,116 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: currencies.php,v 1.14 2003/02/11 00:04:51 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
class currencies {
var $currencies;
public function __construct() {
$this->currencies = array();
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$currenciestable = $oostable['currencies'];
$sql = "SELECT code, title, symbol_left, symbol_right, decimal_point,
thousands_point, decimal_places, value
FROM " . $currenciestable;
if (USE_CACHE == 'true') {
$this->currencies = $dbconn->CacheGetAssoc(3600*24, $sql);
} else {
$this->currencies = $dbconn->GetAssoc($sql);
}
}
public function format($number, $calculate_currency_value = TRUE, $currency_type = '', $currency_value = NULL, $with_symbol = TRUE) {
if (empty($currency_type) || ($this->exists($currency_type) == FALSE)) {
$currency_type = (isset($_SESSION['currency']) ? $_SESSION['currency'] : DEFAULT_CURRENCY);
}
$rate = 1;
if ($calculate_currency_value == TRUE) {
$rate = (oos_is_not_null($currency_value)) ? $currency_value : $this->currencies[$currency_type]['value'];
}
if ($with_symbol == TRUE) {
$format_string = $this->currencies[$currency_type]['symbol_left'] . number_format(oos_round($number * $rate, $this->currencies[$currency_type]['decimal_places']), $this->currencies[$currency_type]['decimal_places'], $this->currencies[$currency_type]['decimal_point'], $this->currencies[$currency_type]['thousands_point']) . ' ' . $this->currencies[$currency_type]['symbol_right'];
} else {
$format_string = number_format(oos_round($number * $rate, $this->currencies[$currency_type]['decimal_places']), $this->currencies[$currency_type]['decimal_places'], '.', '');
}
return $format_string;
}
public function calculate_price($products_price, $products_tax, $quantity = 1) {
$currency_type = (isset($_SESSION['currency']) ? $_SESSION['currency'] : DEFAULT_CURRENCY);
return oos_round(oos_add_tax($products_price, $products_tax), $this->currencies[$currency_type]['decimal_places']) * $quantity;
}
public function exists($code) {
if (isset($this->currencies[$code])) {
return TRUE;
}
return FALSE;
}
public function get_value($code) {
return $this->currencies[$code]['value'];
}
public function get_decimal_places($code) {
return $this->currencies[$code]['decimal_places'];
}
public function get_currencies_info($code) {
return $this->currencies[$code];
}
public function display_price($products_price, $products_tax, $quantity = 1) {
global $oEvent, $aUser, $aLang;
if ($oEvent->installed_plugin('down_for_maintenance')) {
return $aLang['down_for_maintenance_no_prices_display'];
}
if ( LOGIN_FOR_PRICE == 'true' && ($aUser['show_price'] != 1) ) {
return $aLang['no_login_no_prices_display'];
}
return $this->format($this->calculate_price($products_price, $products_tax, $quantity));
}
public function schema_price($products_price, $products_tax, $quantity = 1, $with_symbol = TRUE) {
global $oEvent, $aUser;
if ($oEvent->installed_plugin('down_for_maintenance')) {
return '';
}
if ( LOGIN_FOR_PRICE == 'true' && ($aUser['show_price'] != 1) ) {
return '';
}
return $this->format($this->calculate_price($products_price, $products_tax, $quantity), TRUE, '', NULL, $with_symbol);
}
}

378
msd2/myoos/includes/classes/class_googlesitemap.php Normal file
View File

@ -0,0 +1,378 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2002 - 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
/**
* Google XML Sitemap Feed
*
* The Google sitemap service was announced on 2 June 2005 and represents
* a huge development in terms of crawler technology. This contribution is
* designed to create the sitemap XML feed per the specification delineated
* by Google.
*
* Optimized for use with MyOOS by r23 (info@r23.de)
*
* @package Google-XML-Sitemap-Feed
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @link http://www.google.com/webmasters/sitemaps/docs/en/about.html About Google Sitemap
* @copyright Copyright 2005, Bobby Easland
* @author Bobby Easland
*/
class GoogleSitemap {
/**
* $filename is the base name of the feeds (i.e. - 'sitemap')
*
* @var string
*/
var $filename;
/**
* $savepath is the path where the feeds will be saved - store root
*
* @var string
*/
var $savepath;
/**
* $base_url is the URL for the catalog
*
* @var string
*/
var $base_url;
/**
* $debug holds all the debug data
*
* @var array
*/
var $debug;
/**
* GoogleSitemap class constructor
*/
public function __construct() {
$this->filename = "sitemap";
$this->savepath = OOS_ABSOLUTE_PATH;
$this->base_url = OOS_HTTPS_SERVER . OOS_SHOP;
$this->debug = array();
}
/**
* function to save the sitemap data to file as either XML or XML.GZ format
*
* @param string $data XML data
* @param string $type Feed type (index, products, categories)
* @return boolean
*/
public function SaveFile($data, $type){
$filename = $this->savepath . $this->filename . $type;
$compress = defined('GOOGLE_SITEMAP_COMPRESS') ? GOOGLE_SITEMAP_COMPRESS : 'false';
if ($type == 'index') $compress = 'false';
switch($compress){
case 'true':
$filename .= '.xml.gz';
if ($gz = gzopen($filename,'wb9')){
gzwrite($gz, $data);
gzclose($gz);
$this->debug['SAVE_FILE_COMPRESS'][] = array('file' => $filename, 'status' => 'success', 'file_exists' => 'true');
return TRUE;
} else {
$file_check = file_exists($filename) ? 'true' : 'false';
$this->debug['SAVE_FILE_COMPRESS'][] = array('file' => $filename, 'status' => 'failure', 'file_exists' => $file_check);
return FALSE;
}
break;
default:
$filename .= '.xml';
if ($fp = fopen($filename, 'w+')){
fwrite($fp, $data);
fclose($fp);
$this->debug['SAVE_FILE_XML'][] = array('file' => $filename, 'status' => 'success', 'file_exists' => 'true');
return TRUE;
} else {
$file_check = file_exists($filename) ? 'true' : 'false';
$this->debug['SAVE_FILE_XML'][] = array('file' => $filename, 'status' => 'failure', 'file_exists' => $file_check);
return FALSE;
}
break;
}
}
/**
* public function to compress a normal file
*
* @param string $file
* @return boolean
*/
public function CompressFile($file){
$source = $this->savepath . $file . '.xml';
$filename = $this->savepath . $file . '.xml.gz';
$error_encountered = FALSE;
if ( $gz_out = gzopen($filename, 'wb9') ){
if ($fp_in = fopen($source,'rb')){
while (!feof($fp_in)) gzwrite($gz_out, fread($fp_in, 1024*512));
fclose($fp_in);
} else {
$error_encountered = TRUE;
}
gzclose($gz_out);
} else {
$error_encountered = TRUE;
}
if ($error_encountered){
return FALSE;
} else {
return TRUE;
}
}
/**
* public function to generate sitemap file from data
*
* @param array $data
* @param string $file
*/
public function GenerateSitemap($data, $file) {
$content = '<?xml version="1.0" encoding="UTF-8"?>' . "\n";
$content .= '<urlset xmlns="http://www.google.com/schemas/sitemap/0.84">' . "\n";
foreach ($data as $url){
$content .= "\t" . '<url>' . "\n";
$content .= "\t\t" . '<loc>'.$url['loc'].'</loc>' . "\n";
$content .= "\t\t" . '<lastmod>'.$url['lastmod'].'</lastmod>' . "\n";
$content .= "\t\t" . '<changefreq>'.$url['changefreq'].'</changefreq>' . "\n";
$content .= "\t\t" . '<priority>'.$url['priority'].'</priority>' . "\n";
$content .= "\t" . '</url>' . "\n";
}
$content .= '</urlset>';
return $this->SaveFile($content, $file);
}
/**
* public function to generate sitemap index file
*
* @return boolean
*/
public function GenerateSitemapIndex(){
$content = '<?xml version="1.0" encoding="UTF-8"?>' . "\n";
$content .= '<sitemapindex xmlns="http://www.google.com/schemas/sitemap/0.84">' . "\n";
$pattern = defined('GOOGLE_SITEMAP_COMPRESS')
? GOOGLE_SITEMAP_COMPRESS == 'true'
? "{sitemap*.xml.gz}"
: "{sitemap*.xml}"
: "{sitemap*.xml}";
foreach ( glob($this->savepath . $pattern, GLOB_BRACE) as $filename ) {
if ( preg_match('/index/', $filename) ) continue;
$content .= "\t" . '<sitemap>' . "\n";
$content .= "\t\t" . '<loc>'.$this->base_url . basename($filename).'</loc>' . "\n";
$content .= "\t\t" . '<lastmod>'.date ("Y-m-d", filemtime($filename)).'</lastmod>' . "\n";
$content .= "\t" . '</sitemap>' . "\n";
}
$content .= '</sitemapindex>';
return $this->SaveFile($content, 'index');
}
/**
* public function to generate product sitemap data
*
* @return boolean
*/
public function GenerateProductSitemap(){
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$aContents = oos_get_content();
$sql = "SELECT products_id as pid, products_date_added as date_added,
products_last_modified as last_mod, products_ordered
FROM " . $oostable['products'] . "
WHERE products_setting = '2'
ORDER BY products_ordered DESC";
if ( $products_query = $dbconn->Execute($sql) ){
$this->debug['QUERY']['PRODUCTS']['STATUS'] = 'success';
$this->debug['QUERY']['PRODUCTS']['NUM_ROWS'] = $products_query->RecordCount();
$container = array();
$number = 0;
$top = 0;
while ( $result = $products_query->fields ) {
$top = max($top, $result['products_ordered']);
$location = oos_href_link($aContents['product_info'], 'products_id=' . $result['pid'], false, true);
$lastmod = oos_is_not_null($result['last_mod']) ? $result['last_mod'] : $result['date_added'];
$changefreq = GOOGLE_SITEMAP_PROD_CHANGE_FREQ;
$ratio = $top > 0 ? $result['products_ordered']/$top : 0;
$priority = $ratio < .1 ? .1 : number_format($ratio, 1, '.', '');
$container[] = array('loc' => htmlspecialchars(utf8_encode($location)),
'lastmod' => date ("Y-m-d", strtotime($lastmod)),
'changefreq' => $changefreq,
'priority' => $priority);
if ( sizeof($container) >= 50000 ){
$type = $number == 0 ? 'products' : 'products' . $number;
$this->GenerateSitemap($container, $type);
$container = array();
$number++;
}
// Move that ADOdb pointer!
$products_query->MoveNext();
}
if ( sizeof($container) > 1 ) {
$type = $number == 0 ? 'products' : 'products' . $number;
return $this->GenerateSitemap($container, $type);
}
} else {
$this->debug['QUERY']['PRODUCTS']['STATUS'] = 'false';
$this->debug['QUERY']['PRODUCTS']['NUM_ROWS'] = '0';
}
}
/**
* Funciton to generate category sitemap data
*
* @return boolean
*/
public function GenerateCategorySitemap(){
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$aContents = oos_get_content();
$sql = "SELECT categories_id as cid, date_added, last_modified as last_mod
FROM " . $oostable['categories'] . "
WHERE categories_status = '2'
AND access = '0'
ORDER BY parent_id ASC, sort_order ASC, categories_id ASC";
if ( $categories_query = $dbconn->Execute($sql) ){
$this->debug['QUERY']['CATEOGRY']['STATUS'] = 'success';
$this->debug['QUERY']['CATEOGRY']['NUM_ROWS'] = $categories_query->RecordCount();
$container = array();
$number = 0;
while( $result = $categories_query->fields ) {
$location = oos_href_link($aContents['shop'], 'category=' . $this->GetFullcPath($result['cid']), false, true);
$lastmod = oos_is_not_null($result['last_mod']) ? $result['last_mod'] : $result['date_added'];
$changefreq = GOOGLE_SITEMAP_CAT_CHANGE_FREQ;
$priority = .5;
$container[] = array('loc' => htmlspecialchars(utf8_encode($location)),
'lastmod' => date ("Y-m-d", strtotime($lastmod)),
'changefreq' => $changefreq,
'priority' => $priority);
if ( sizeof($container) >= 50000 ){
$type = $number == 0 ? 'categories' : 'categories' . $number;
$this->GenerateSitemap($container, $type);
$container = array();
$number++;
}
// Move that ADOdb pointer!
$categories_query->MoveNext();
}
if ( sizeof($container) > 1 ) {
$type = $number == 0 ? 'categories' : 'categories' . $number;
return $this->GenerateSitemap($container, $type);
}
} else {
$this->debug['QUERY']['CATEOGRY']['STATUS'] = 'false';
$this->debug['QUERY']['CATEOGRY']['NUM_ROWS'] = '0';
}
}
/**
* public function to retrieve full cPath from category ID
*
* @param mixed $cID Could contain cPath or single category_id
* @return string Full cPath string
*/
public function GetFullcPath($cID){
if ( preg_match('/_/', $cID) ){
return $cID;
} else {
$c = array();
$this->GetParentCategories($c, $cID);
$c = array_reverse($c);
$c[] = $cID;
$cID = sizeof($c) > 1 ? implode('_', $c) : $cID;
return $cID;
}
}
/**
* Recursion public function to retrieve parent categories from category ID
*
* @param mixed $categories Passed by reference
* @param integer $categories_id
*/
public function GetParentCategories(&$categories, $categories_id) {
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$sql = "SELECT parent_id
FROM " . $oostable['categories'] . "
WHERE categories_id='" . intval($categories_id) . "'";
$parent_categories_query = $dbconn->Execute($sql);
while ($parent_categories = $parent_categories_query->fields) {
if ($parent_categories['parent_id'] == 0) return TRUE;
$categories[sizeof($categories)] = $parent_categories['parent_id'];
if ($parent_categories['parent_id'] != $categories_id) {
$this->GetParentCategories($categories, $parent_categories['parent_id']);
}
// Move that ADOdb pointer!
$parent_categories_query->MoveNext();
}
}
/**
* Utility public function to read and return the contents of a GZ formatted file
*
* @param string $file File to open
* @return string
*/
public function ReadGZ( $file ){
$file = $this->savepath . $file;
$lines = gzfile($file);
return implode('', $lines);
}
}

156
msd2/myoos/includes/classes/class_language.php Normal file
View File

@ -0,0 +1,156 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
browser language detection logic
Copyright phpMyAdmin (select_lang.lib.php3 v1.24 04/19/2002)
Copyright Stephane Garin <sgarin@sgarin.com> (detect_language.php v0.1 04/02/2002)
File: language.php,v 1.6 2003/06/28 16:53:09 dgw_
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
class language {
var $languages;
var $_languages = array();
public function __construct() {
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$languagestable = $oostable['languages'];
$languages_sql = "SELECT languages_id, name, iso_639_2, iso_639_1
FROM $languagestable
WHERE status = '1'
ORDER BY sort_order";
if (USE_CACHE == 'true') {
$languages_result = $dbconn->CacheExecute(3600*24, $languages_sql);
} else {
$languages_result = $dbconn->Execute($languages_sql);
}
while ($languages = $languages_result->fields) {
$this->_languages[$languages['iso_639_2']] = array('id' => $languages['languages_id'],
'name' => $languages['name'],
'iso_639_2' => $languages['iso_639_2'],
'iso_639_1' => $languages['iso_639_1']);
// Move that ADOdb pointer!
$languages_result->MoveNext();
}
}
function set_language($sLang = '') {
if ( (oos_is_not_null($sLang)) && ($this->exists($sLang) === TRUE)) {
$this->language = $this->get($sLang);
} else {
$this->language = $this->get(DEFAULT_LANGUAGE);
}
if (isset($_SESSION) && isset($_SESSION['customer_id'])) {
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$sLanguage = oos_var_prep_for_os($this->language['iso_639_2']);
$customerstable = $oostable['customers'];
$query = "UPDATE $customerstable SET customers_language =? WHERE customers_id =?";
$result = $dbconn->Execute($query, array($sLanguage, (int)$_SESSION['customer_id']));
}
}
function get_browser_language() {
$http_accept_language = explode(',', $_SERVER['HTTP_ACCEPT_LANGUAGE']);
$browser_languages = array(
'af' => 'af|afrikaans',
'ar' => 'ar([-_][[:alpha:]]{2})?|arabic',
'az' => 'az|azerbaijani',
'bg' => 'bg|bulgarian',
'br' => 'pt[-_]br|brazilian portuguese',
'bs' => 'bs|bosnian',
'ca' => 'ca|catalan',
'cs' => 'cs|czech',
'da' => 'da|danish',
'deu' => 'de([-_][[:alpha:]]{2})?|german',
'el' => 'el|greek',
'eng' => 'en([-_][[:alpha:]]{2})?|english',
'spa' => 'es([-_][[:alpha:]]{2})?|spanish',
'et' => 'et|estonian',
'fi' => 'fi|finnish',
'fra' => 'fr([-_][[:alpha:]]{2})?|french',
'gl' => 'gl|galician',
'hu' => 'hu|hungarian',
'ita' => 'it|italian',
'ka' => 'ka|georgian',
'lt' => 'lt|lithuanian',
'nl' => 'nl([-_][[:alpha:]]{2})?|dutch',
'no' => 'no|norwegian',
'pol' => 'pl|polish',
'pt' => 'pt([-_][[:alpha:]]{2})?|portuguese',
'ro' => 'ro|romanian',
'rus' => 'ru|russian',
'sk' => 'sk|slovak',
'sr' => 'sr|serbian',
'sv' => 'sv|swedish',
'tr' => 'tr|turkish',
'uk' => 'uk|ukrainian',
'zh' => 'zh|chinese simplified');
foreach ($http_accept_language as $browser_language) {
foreach ($browser_languages as $key => $value) {
if (preg_match('/^(' . $value . ')(;q=[0-9]\\.[0-9])?$/', $browser_language) && $this->exists($key)) {
$this->set_language($key);
return TRUE;
}
}
}
$this->set_language(DEFAULT_LANGUAGE);
}
function get($sLang) {
return $this->_languages[$sLang];
}
function getAll() {
return $this->_languages;
}
function exists($sLang) {
return array_key_exists($sLang, $this->_languages);
}
function getID() {
return $this->language['id'];
}
function getName() {
return $this->language['name'];
}
function getCode() {
return $this->language['iso_639_2'];
}
}

89
msd2/myoos/includes/classes/class_message_stack.php Normal file
View File

@ -0,0 +1,89 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: message_stack.php,v 1.5 2002/11/22 18:45:46 dgw_
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
----------------------------------------------------------------------
Example usage:
$oMessage = new messageStack();
$oMessage->add('Error: Error 1', 'error');
$oMessage->add('Error: Error 2', 'warning');
if ($oMessage->size > 0) echo $oMessage->output();
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
class messageStack {
public function __construct() {
$this->messages = array();
if (isset($_SESSION) && isset($_SESSION['messageToStack'])) {
$messageToStack = $_SESSION['messageToStack'];
for ($i=0, $n=count($messageToStack); $i<$n; $i++) {
$this->add($messageToStack[$i]['class'], $messageToStack[$i]['text'], $messageToStack[$i]['type']);
}
unset($_SESSION['messageToStack']);
}
}
// class methods
public function add($class, $message, $type = 'danger') {
$this->messages[] = array('class' => $class, 'type' => $type, 'text' => $message);
}
public function add_session($class, $message, $type = 'danger') {
$messageToStack = array();
if (isset($_SESSION['messageToStack']) && is_array($_SESSION['messageToStack'])) {
$messageToStack = $_SESSION['messageToStack'];
}
$messageToStack[] = array('class' => $class, 'text' => $message, 'type' => $type);
$_SESSION['messageToStack'] = $messageToStack;
$this->add($class, $message, $type);
}
public function reset() {
$this->messages = array();
}
public function output($class) {
$output = array();
for ($i=0, $n=count($this->messages); $i<$n; $i++) {
if ($this->messages[$i]['class'] == $class) {
$output[] = $this->messages[$i];
}
}
return $output;
}
public function size($class) {
$count = 0;
for ($i=0, $n=count($this->messages); $i<$n; $i++) {
if ($this->messages[$i]['class'] == $class) {
$count++;
}
}
return $count;
}
}

313
msd2/myoos/includes/classes/class_nav_menu.php Normal file
View File

@ -0,0 +1,313 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: category_tree.php,v 1.2, 2004/10/26 20:07:09 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2001 - 2004 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
class nav_menu {
var $root_category_id = 0,
$max_level = 0,
$count = 0,
$count_col = 0,
$submenu = 0,
$data = array(),
$root_start_string = '<li class="main-nav-item main-nav-expanded">',
$root_end_string = '</li>',
$parent_start_string = '<li>',
$parent_end_string = '</li>',
$parent_group_start_string = '<ul>',
$parent_group_end_string = '</ul>',
$child_start_string = '<li>',
$child_end_string = '</li>',
$breadcrumb_separator = '_',
$breadcrumb_usage = TRUE,
$spacer_string = '',
$spacer_multiplier = 1,
$follow_cpath = FALSE,
$cpath_array = array(),
$cpath_start_string = '',
$cpath_end_string = '',
$banner_image = '',
$banner_link = '',
$banner_name = '';
public function __construct() {
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$nLanguageID = isset($_SESSION['language_id']) ? intval( $_SESSION['language_id'] ) : DEFAULT_LANGUAGE_ID;
$categoriestable = $oostable['categories'];
$categories_descriptionstable = $oostable['categories_description'];
$sql = "SELECT c.categories_id, cd.categories_name, c.parent_id, c.categories_banner, c.color, c.menu_type, c.categories_status
FROM $categoriestable c,
$categories_descriptionstable cd
WHERE c.categories_status = '2'
AND c.categories_id = cd.categories_id
AND cd.categories_languages_id = '" . intval($nLanguageID) . "'
ORDER BY c.parent_id, c.sort_order, cd.categories_name";
if (USE_CACHE == 'true') {
$categories_result = $dbconn->CacheExecute(3600, $sql);
} else {
$categories_result = $dbconn->Execute($sql);
}
$this->data = array();
while ($categories = $categories_result->fields) {
$this->data[$categories['parent_id']][$categories['categories_id']] = array('name' => $categories['categories_name'],
'banner' => $categories['categories_banner'],
'color' => $categories['color'],
'menu_type' => $categories['menu_type'],
'count' => 0);
// Move that ADOdb pointer!
$categories_result->MoveNext();
}
}
public function buildBranch($parent_id, $level = 0, $submenu = 0) {
$aContents = oos_get_content();
if (isset($this->data[$parent_id])) {
foreach ($this->data[$parent_id] as $category_id => $category) {
$this->count++;
if ($this->breadcrumb_usage == TRUE) {
$category_link = $this->buildBreadcrumb($category_id);
} else {
$category_link = $category_id;
}
$sLink = '<a href="' . oos_href_link($aContents['shop'], 'category=' . $category_link) . '" title="' . $category['name'] . '">';
if ($category['banner'] != '') {
$this->banner_image = OOS_IMAGES . 'banners/large/' . $category['banner'];
$this->banner_link = oos_href_link($aContents['shop'], 'category=' . $category_link);
$this->banner_name = $category['name'];
}
switch ($level) {
case 0:
$result .= $this->root_start_string;
break;
case 1:
if ($submenu == 0) {
$submenu++;
$this->count = 0;
$this->submenu = 1;
$this->count_col++;
$result .= '<div class="main-nav-submenu">
<div class="row"><div class="col-md-3"><ul class="list-unstyled"><li>';
} else {
$this->count+2;
$result .= '<ul class="list-unstyled"><li>';
}
break;
case 2:
$result .= $this->parent_start_string . "\n";
break;
}
$result .= $sLink;
if ($level == 0) {
$result .= '<i class="fa fa-circle-o-notch ' . $category['color'] . '" aria-hidden="true"></i>';
}
switch ($category['menu_type'] ) {
case 'NEW':
$result .= '<span class="badge badge-danger float-right">NEW</span>';
break;
case 'PROMO':
$result .= '<span class="badge badge-success float-right">PROMO</span>';
break;
}
if ($this->follow_cpath === TRUE) {
if (in_array($category_id, $this->cpath_array)) {
$result .= $this->cpath_start_string . $category['name'] . $this->cpath_end_string;
} else {
$result .= $category['name'];
}
} else {
$result .= $category['name'];
}
$result .= '</a>';
if ($level == 1) {
$result .= '</li>';
}
if ($level == 2) {
if ($this->count > 8) {
$this->count = 0;
$this->count_col++;
$result .= '</li></ul></div><div class="col-md-3">' . "\n";
}
}
if (isset($this->data[$category_id]) && (($this->max_level == '0') || ($this->max_level > $level+1))) {
if ($this->follow_cpath === TRUE) {
if (in_array($category_id, $this->cpath_array)) {
$result .= $this->buildBranch($category_id, $level+1);
}
} else {
$result .= $this->buildBranch($category_id, $level+1, $submenu);
}
}
switch ($level) {
case 0:
if ($this->submenu > 0) {
if (($this->banner_image != '') && ($this->count_col <= 3)) {
if ($this->count_col == 1) {
$result .= '</div><div class="col-md-9 text-right hidden-sm-down">';
} elseif ($this->count_col == 2) {
$result .= '</div><div class="col-md-6 text-right hidden-sm-down">';
} elseif ($this->count_col == 1) {
$result .= '</div><div class="col-md-6 text-right hidden-sm-down">';
}
$result .= '<a class="mt-15 block" href="'. $this->banner_link . '">
<img class="img-fluid" src="' . $this->banner_image . '" alt="' . $this->banner_name .'">
</a>';
}
$result .= '</div></div></div>' . "\n";
}
$this->submenu = 0;
$result .= $this->root_end_string;
break;
case 1:
if ($this->count > 0) {
$result .= '</ul>';
}
break;
case 2:
if ($this->count > 0) {
$result .= $this->parent_end_string;
}
break;
}
}
}
return $result;
}
public function buildBreadcrumb($category_id, $level = 0) {
$breadcrumb = '';
foreach ($this->data as $parent => $categories) {
foreach ($categories as $id => $info) {
if ($id == $category_id) {
if ($level < 1) {
$breadcrumb = $id;
} else {
$breadcrumb = $id . $this->breadcrumb_separator . $breadcrumb;
}
if ($parent != $this->root_category_id) {
$breadcrumb = $this->buildBreadcrumb($parent, $level+1) . $breadcrumb;
}
}
}
}
return $breadcrumb;
}
public function build() {
return $this->buildBranch($this->root_category_id);
}
public function setRootCategoryID($root_category_id) {
$this->root_category_id = $root_category_id;
}
public function setMaximumLevel($max_level) {
$this->max_level = $max_level;
}
public function setRootString($root_start_string, $root_end_string) {
$this->root_start_string = $root_start_string;
$this->root_end_string = $root_end_string;
}
public function setBreadcrumbSeparator($breadcrumb_separator) {
$this->breadcrumb_separator = $breadcrumb_separator;
}
public function setBreadcrumbUsage($breadcrumb_usage) {
if ($breadcrumb_usage === TRUE) {
$this->breadcrumb_usage = TRUE;
} else {
$this->breadcrumb_usage = FALSE;
}
}
public function setCategoryPath($cpath, $cpath_start_string = '', $cpath_end_string = '') {
$this->follow_cpath = TRUE;
$this->cpath_array = explode($this->breadcrumb_separator, $cpath);
$this->cpath_start_string = $cpath_start_string;
$this->cpath_end_string = $cpath_end_string;
}
public function setFollowCategoryPath($follow_cpath) {
if ($follow_cpath === TRUE) {
$this->follow_cpath = TRUE;
} else {
$this->follow_cpath = FALSE;
}
}
public function setCategoryPathString($cpath_start_string, $cpath_end_string) {
$this->cpath_start_string = $cpath_start_string;
$this->cpath_end_string = $cpath_end_string;
}
public function setCategoryProductCountString($category_product_count_start_string, $category_product_count_end_string) {
$this->category_product_count_start_string = $category_product_count_start_string;
$this->category_product_count_end_string = $category_product_count_end_string;
}
}

88
msd2/myoos/includes/classes/class_navigation_history.php Normal file
View File

@ -0,0 +1,88 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: navigation_history.php,v 1.5 2003/02/12 21:07:45 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
/**
* Class Navigation History
*/
class navigationHistory {
var $path;
var $snapshot;
/**
* Constructor of our Class
*/
public function __construct() {
$this->reset();
}
public function reset() {
$this->path = array();
$this->snapshot = array();
}
public function set_snapshot($page = '') {
global $sContent;
if (is_array($page)) {
$this->snapshot = array('content' => $page['content'],
'get' => $page['get']);
} else {
$get_all = '';
if (isset($_GET)) {
$get_all = oos_get_all_get_parameters();
$get_all = oos_remove_trailing($get_all);
}
$this->snapshot = array('content' => $sContent,
'get' => $get_all);
}
}
public function clear_snapshot() {
$this->snapshot = array();
}
public function set_path_as_snapshot($history = 0) {
$pos = (count($this->path)-1-$history);
$this->snapshot = array('content' => $this->path[$pos]['content'],
'get' => $this->path[$pos]['get']);
}
public function debug() {
for ($i=0, $n=count($this->path); $i<$n; $i++) {
echo $this->path[$i]['content'] . '&' . $this->path[$i]['get'] . '<br />';
echo '<br />';
}
echo '<br /><br />';
if (count($this->snapshot) > 0) {
echo $this->snapshot['content'] . '&' . $this->snapshot['get'] . '<br />';
}
}
}

422
msd2/myoos/includes/classes/class_order.php Normal file
View File

@ -0,0 +1,422 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: order.php,v 1.29 2003/02/11 21:13:39 dgw_
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
class order {
var $info;
var $totals;
var $products;
var $customer;
var $delivery;
var $content_type;
public function __construct( $order_id = '') {
$this->info = array();
$this->totals = array();
$this->products = array();
$this->customer = array();
$this->delivery = array();
if (oos_is_not_null($order_id)) {
$this->query($order_id);
} else {
$this->cart();
}
}
public function query($order_id) {
$order_id = oos_db_prepare_input($order_id);
$nLanguageID = isset($_SESSION['language_id']) ? intval( $_SESSION['language_id'] ) : DEFAULT_LANGUAGE_ID;
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$orderstable = $oostable['orders'];
$sql = "SELECT customers_id, customers_name, customers_company, customers_street_address,
customers_city, customers_postcode, customers_state,
customers_country, customers_telephone, customers_email_address,
customers_address_format_id, delivery_name, delivery_company,
delivery_street_address, delivery_city, delivery_postcode,
delivery_state, delivery_country, delivery_address_format_id, billing_name,
billing_company, billing_street_address, billing_city,
billing_postcode, billing_state, billing_country, billing_address_format_id,
payment_method, currency, currency_value,
date_purchased, orders_status, last_modified
FROM $orderstable
WHERE orders_id = '" . intval($order_id) . "'";
$order = $dbconn->GetRow($sql);
$orders_totaltable = $oostable['orders_total'];
$sql = "SELECT title, text
FROM $orders_totaltable
WHERE orders_id = '" . intval($order_id) . "'
ORDER BY sort_order";
$this->totals = $dbconn->GetAll($sql);
$orders_totaltable = $oostable['orders_total'];
$sql = "SELECT text
FROM $orders_totaltable
WHERE orders_id = '" . intval($order_id) . "'
AND class = 'ot_total'";
$order_total_text = $dbconn->GetOne($sql);
$orders_totaltable = $oostable['orders_total'];
$sql = "SELECT title
FROM $orders_totaltable
WHERE orders_id = '" . intval($order_id) . "'
AND class = 'ot_shipping'";
$shipping_method_title = $dbconn->GetOne($sql);
$orders_statustable = $oostable['orders_status'];
$sql = "SELECT orders_status_name
FROM $orders_statustable
WHERE orders_status_id = '" . $order['orders_status'] . "'
AND orders_languages_id = '" . intval($nLanguageID) . "'";
$orders_status_name = $dbconn->GetOne($sql);
$this->info = array('currency' => $order['currency'],
'currency_value' => $order['currency_value'],
'payment_method' => $order['payment_method'],
'cc_type' => $order['cc_type'],
'cc_owner' => $order['cc_owner'],
'cc_number' => $order['cc_number'],
'cc_expires' => $order['cc_expires'],
'date_purchased' => $order['date_purchased'],
'orders_status' => $orders_status_name,
'last_modified' => $order['last_modified'],
'total' => strip_tags($order_total_text),
'shipping_method' => ((substr($shipping_method_title, -1) == ':') ? substr(strip_tags($shipping_method_title), 0, -1) : strip_tags($shipping_method_title)));
$this->customer = array('id' => $order['customers_id'],
'name' => $order['customers_name'],
'company' => $order['customers_company'],
'street_address' => $order['customers_street_address'],
'city' => $order['customers_city'],
'postcode' => $order['customers_postcode'],
'state' => $order['customers_state'],
'country' => $order['customers_country'],
'format_id' => $order['customers_address_format_id'],
'telephone' => $order['customers_telephone'],
'email_address' => $order['customers_email_address']);
$this->delivery = array('name' => $order['delivery_name'],
'company' => $order['delivery_company'],
'street_address' => $order['delivery_street_address'],
'city' => $order['delivery_city'],
'postcode' => $order['delivery_postcode'],
'state' => $order['delivery_state'],
'country' => $order['delivery_country'],
'format_id' => $order['delivery_address_format_id']);
if (empty($this->delivery['name']) && empty($this->delivery['street_address'])) {
$this->delivery = FALSE;
}
$this->billing = array('name' => $order['billing_name'],
'company' => $order['billing_company'],
'street_address' => $order['billing_street_address'],
'city' => $order['billing_city'],
'postcode' => $order['billing_postcode'],
'state' => $order['billing_state'],
'country' => $order['billing_country'],
'format_id' => $order['billing_address_format_id']);
$index = 0;
$orders_productstable = $oostable['orders_products'];
$sql = "SELECT orders_products_id, products_id, products_name, products_model,
products_ean, products_serial_number, products_price, products_tax,
products_quantity, final_price
FROM $orders_productstable
WHERE orders_id = '" . intval($order_id) . "'";
$orders_products_result = $dbconn->Execute($sql);
while ($orders_products = $orders_products_result->fields) {
$this->products[$index] = array('qty' => $orders_products['products_quantity'],
'id' => $orders_products['products_id'],
'name' => $orders_products['products_name'],
'model' => $orders_products['products_model'],
'ean' => $orders_products['products_ean'],
'serial_number' => $orders_products['products_serial_number'],
'tax' => $orders_products['products_tax'],
'price' => $orders_products['products_price'],
'final_price' => $orders_products['final_price']);
$subindex = 0;
$orders_products_attributestable = $oostable['orders_products_attributes'];
$sql = "SELECT products_options, products_options_values, options_values_price, price_prefix
FROM $orders_products_attributestable
WHERE orders_id = '" . intval($order_id) . "'
AND orders_products_id = '" . $orders_products['orders_products_id'] . "'";
$attributes_result = $dbconn->Execute($sql);
if ($attributes_result->RecordCount()) {
while ($attributes = $attributes_result->fields) {
$this->products[$index]['attributes'][$subindex] = array('option' => $attributes['products_options'],
'value' => $attributes['products_options_values'],
'prefix' => $attributes['price_prefix'],
'price' => $attributes['options_values_price']);
$subindex++;
// Move that ADOdb pointer!
$attributes_result->MoveNext();
}
}
$this->info['tax_groups']["{$this->products[$index]['tax']}"] = '1';
$index++;
// Move that ADOdb pointer!
$orders_products_result->MoveNext();
}
}
public function cart() {
global $oCurrencies, $aUser;
$this->content_type = $_SESSION['cart']->get_content_type();
$nLanguageID = isset($_SESSION['language_id']) ? intval( $_SESSION['language_id'] ) : DEFAULT_LANGUAGE_ID;
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$customerstable = $oostable['customers'];
$address_booktable = $oostable['address_book'];
$zonestable = $oostable['zones'];
$countriestable = $oostable['countries'];
$sql = "SELECT c.customers_firstname, c.customers_lastname, c.customers_telephone, c.customers_email_address,
ab.entry_company, ab.entry_street_address, ab.entry_postcode, ab.entry_city,
ab.entry_zone_id, z.zone_name, co.countries_id, co.countries_name, co.countries_iso_code_2,
co.countries_iso_code_3, co.address_format_id, ab.entry_state
FROM $customerstable c,
$address_booktable ab LEFT JOIN
$zonestable z
ON (ab.entry_zone_id = z.zone_id) LEFT JOIN
$countriestable co
ON (ab.entry_country_id = co.countries_id)
WHERE c.customers_id = '" . intval($_SESSION['customer_id']) . "' AND
ab.customers_id = '" . intval($_SESSION['customer_id']) . "' AND
c.customers_default_address_id = ab.address_book_id";
$customer_address = $dbconn->GetRow($sql);
$address_booktable = $oostable['address_book'];
$zonestable = $oostable['zones'];
$countriestable = $oostable['countries'];
$sql = "SELECT ab.entry_firstname, ab.entry_lastname, ab.entry_company, ab.entry_street_address,
ab.entry_postcode, ab.entry_city, ab.entry_zone_id, z.zone_name,
ab.entry_country_id, c.countries_id, c.countries_name, c.countries_iso_code_2,
c.countries_iso_code_3, c.address_format_id, ab.entry_state
FROM $address_booktable ab LEFT JOIN
$zonestable z
ON (ab.entry_zone_id = z.zone_id) LEFT JOIN
$countriestable c ON
(ab.entry_country_id = c.countries_id)
WHERE ab.customers_id = '" . intval($_SESSION['customer_id']) . "' AND
ab.address_book_id = '" . intval($_SESSION['sendto']) . "'";
$shipping_address = $dbconn->GetRow($sql);
$address_booktable = $oostable['address_book'];
$zonestable = $oostable['zones'];
$countriestable = $oostable['countries'];
$sql = "SELECT ab.entry_firstname, ab.entry_lastname, ab.entry_company, ab.entry_street_address,
ab.entry_postcode, ab.entry_city, ab.entry_zone_id, z.zone_name,
ab.entry_country_id, c.countries_id, c.countries_name, c.countries_iso_code_2,
c.countries_iso_code_3, c.address_format_id, ab.entry_state
FROM $address_booktable ab LEFT JOIN
$zonestable z
ON (ab.entry_zone_id = z.zone_id) LEFT JOIN
$countriestable c ON
(ab.entry_country_id = c.countries_id)
WHERE ab.customers_id = '" . intval($_SESSION['customer_id']) . "' AND
ab.address_book_id = '" . intval($_SESSION['billto']) . "'";
$billing_address = $dbconn->GetRow($sql);
$class =& $_SESSION['payment'];
if ($this->content_type == 'virtual') {
$tax_address = array('entry_country_id' => $billing_address['entry_country_id'],
'entry_zone_id' => $billing_address['entry_zone_id']);
} else {
$tax_address = array('entry_country_id' => $shipping_address['entry_country_id'],
'entry_zone_id' => $shipping_address['entry_zone_id']);
}
$this->info = array('order_status' => DEFAULT_ORDERS_STATUS_ID,
'currency' => $_SESSION['currency'],
'currency_value' => $oCurrencies->currencies[$_SESSION['currency']]['value'],
'payment_method' => $GLOBALS[$class]->title,
'shipping_method' => $_SESSION['shipping']['title'],
'shipping_cost' => $_SESSION['shipping']['cost'],
'comments' => (isset($_SESSION['comments']) ? $_SESSION['comments'] : ''),
'shipping_class' => ( (strpos($shipping['id'],'_') > 0) ? substr( strrev( strchr(strrev($shipping['id']),'_') ),0,-1) : $shipping['id'] ),
'payment_class' => $_SESSION['payment'],
);
if (isset($GLOBALS['payment']) && is_object($GLOBALS['payment'])) {
$this->info['payment_method'] = $GLOBALS['payment']->title;
if ( isset($GLOBALS['payment']->order_status) && is_numeric($GLOBALS['payment']->order_status) && ($GLOBALS['payment']->order_status > 0) ) {
$this->info['order_status'] = $GLOBALS['payment']->order_status;
}
}
$this->customer = array('firstname' => $customer_address['customers_firstname'],
'lastname' => $customer_address['customers_lastname'],
'company' => $customer_address['entry_company'],
'street_address' => $customer_address['entry_street_address'],
'city' => $customer_address['entry_city'],
'postcode' => $customer_address['entry_postcode'],
'state' => ((oos_is_not_null($customer_address['entry_state'])) ? $customer_address['entry_state'] : $customer_address['zone_name']),
'zone_id' => $customer_address['entry_zone_id'],
'country' => array('id' => $customer_address['countries_id'], 'title' => $customer_address['countries_name'], 'iso_code_2' => $customer_address['countries_iso_code_2'], 'iso_code_3' => $customer_address['countries_iso_code_3']),
'format_id' => $customer_address['address_format_id'],
'telephone' => $customer_address['customers_telephone'],
'email_address' => $customer_address['customers_email_address']);
$this->delivery = array('firstname' => $shipping_address['entry_firstname'],
'lastname' => $shipping_address['entry_lastname'],
'company' => $shipping_address['entry_company'],
'street_address' => $shipping_address['entry_street_address'],
'city' => $shipping_address['entry_city'],
'postcode' => $shipping_address['entry_postcode'],
'state' => ((oos_is_not_null($shipping_address['entry_state'])) ? $shipping_address['entry_state'] : $shipping_address['zone_name']),
'zone_id' => $shipping_address['entry_zone_id'],
'country' => array('id' => $shipping_address['countries_id'], 'title' => $shipping_address['countries_name'], 'iso_code_2' => $shipping_address['countries_iso_code_2'], 'iso_code_3' => $shipping_address['countries_iso_code_3']),
'country_id' => $shipping_address['entry_country_id'],
'format_id' => $shipping_address['address_format_id']);
$this->billing = array('firstname' => $billing_address['entry_firstname'],
'lastname' => $billing_address['entry_lastname'],
'company' => $billing_address['entry_company'],
'street_address' => $billing_address['entry_street_address'],
'city' => $billing_address['entry_city'],
'postcode' => $billing_address['entry_postcode'],
'state' => ((oos_is_not_null($billing_address['entry_state'])) ? $billing_address['entry_state'] : $billing_address['zone_name']),
'country' => array('id' => $billing_address['countries_id'], 'title' => $billing_address['countries_name'], 'iso_code_2' => $billing_address['countries_iso_code_2'], 'iso_code_3' => $billing_address['countries_iso_code_3']),
'country_id' => $billing_address['entry_country_id'],
'format_id' => $billing_address['address_format_id']);
$index = 0;
$products = $_SESSION['cart']->get_products();
for ($i=0, $n=sizeof($products); $i<$n; $i++) {
$this->products[$index] = array('qty' => $products[$i]['quantity'],
'name' => $products[$i]['name'],
'essential_characteristics' => $products[$i]['essential_characteristics'],
'image' => $products[$i]['image'],
'model' => $products[$i]['model'],
'ean' => $products[$i]['ean'],
'tax' => oos_get_tax_rate($products[$i]['tax_class_id'], $tax_address['entry_country_id'], $$tax_address['entry_zone_id']),
'price' => $products[$i]['price'],
'final_price' => $products[$i]['price'] + $_SESSION['cart']->attributes_price($products[$i]['id']),
'weight' => $products[$i]['weight'],
'towlid' => $products[$i]['towlid'],
'id' => $products[$i]['id']);
if ($products[$i]['attributes']) {
$subindex = 0;
reset($products[$i]['attributes']);
foreach ($products[$i]['attributes'] as $option => $value) {
$products_optionstable = $oostable['products_options'];
$products_options_valuestable = $oostable['products_options_values'];
$products_attributestable = $oostable['products_attributes'];
// if (($option == 4) || ($option == 3)) {
if ($value == PRODUCTS_OPTIONS_VALUE_TEXT_ID) {
$sql = "SELECT popt.products_options_name, poval.products_options_values_name,
pa.options_values_price, pa.price_prefix
FROM $products_optionstable popt,
$products_options_valuestable poval,
$products_attributestable pa
WHERE
pa.products_id = '" . oos_db_input($products[$i]['id']) . "' AND
pa.options_id = '" . oos_db_input($option) . "' AND
pa.options_id = popt.products_options_id AND
popt.products_options_languages_id = '" . intval($nLanguageID) . "'";
} else {
$sql = "SELECT popt.products_options_name, poval.products_options_values_name,
pa.options_values_price, pa.price_prefix
FROM $products_optionstable popt,
$products_options_valuestable poval,
$products_attributestable pa
WHERE pa.products_id = '" . oos_db_input($products[$i]['id']) . "' AND
pa.options_id = '" . oos_db_input($option) . "' AND
pa.options_id = popt.products_options_id AND
pa.options_values_id = '" . oos_db_input($value) . "' AND
pa.options_values_id = poval.products_options_values_id AND
popt.products_options_languages_id = '" . intval($nLanguageID) . "' AND
poval.products_options_values_languages_id = '" . intval($nLanguageID) . "'";
}
$attributes = $dbconn->GetRow($sql);
if ($value == PRODUCTS_OPTIONS_VALUE_TEXT_ID){
$attr_value = $products[$i]['attributes_values'][$option];
} else {
$attr_value = $attributes['products_options_values_name'];
}
$this->products[$index]['attributes'][$subindex] = array('option' => $attributes['products_options_name'],
'value' => $attr_value,
'option_id' => $option,
'value_id' => $value,
'prefix' => $attributes['price_prefix'],
'price' => $attributes['options_values_price']);
$subindex++;
}
}
$nPrice = $oCurrencies->calculate_price($this->products[$index]['final_price'], $this->products[$index]['tax'], $this->products[$index]['qty']);
$this->info['subtotal'] += $nPrice;
$products_tax = $this->products[$index]['tax'];
if ($aUser['price_with_tax'] == 1) {
$this->info['tax'] += $nPrice - ($nPrice / (($products_tax < 10) ? "1.0" . str_replace('.', '', $products_tax) : "1." . str_replace('.', '', $products_tax)));
if (isset($this->info['tax_groups']["$products_tax"])) {
$this->info['tax_groups']["$products_tax"] += $nPrice - ($nPrice / (($products_tax < 10) ? "1.0" . str_replace('.', '', $products_tax) : "1." . str_replace('.', '', $products_tax)));
} else {
$this->info['tax_groups']["$products_tax"] = $nPrice - ($nPrice / (($products_tax < 10) ? "1.0" . str_replace('.', '', $products_tax) : "1." . str_replace('.', '', $products_tax)));
}
} else {
$this->info['tax'] += ($products_tax / 100) * $nPrice;
if (isset($this->info['tax_groups']["$products_tax"])) {
$this->info['tax_groups']["$products_tax"] += ($products_tax / 100) * $nPrice;
} else {
$this->info['tax_groups']["$products_tax"] = ($products_tax / 100) * $nPrice;
}
}
$index++;
}
if ($aUser['price_with_tax'] == 1) {
$this->info['total'] = $this->info['subtotal'] + $this->info['shipping_cost'];
} else {
$this->info['total'] = $this->info['subtotal'] + $this->info['tax'] + $this->info['shipping_cost'];
}
}
}

278
msd2/myoos/includes/classes/class_order_total.php Normal file
View File

@ -0,0 +1,278 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: order_total.php,v 1.3.2.7 2003/05/14 22:52:58 wilt
orig: order_total.php,v 1.4 2003/02/11 00:04:53 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
class order_total {
var $modules;
// class constructor
public function __construct() {
global $aLang;
if (defined('MODULE_ORDER_TOTAL_INSTALLED') && oos_is_not_null(MODULE_ORDER_TOTAL_INSTALLED)) {
$this->modules = explode(';', MODULE_ORDER_TOTAL_INSTALLED);
$sLanguage = isset($_SESSION['language']) ? $_SESSION['language'] : DEFAULT_LANGUAGE;
reset($this->modules);
foreach ($this->modules as $value) {
include_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/modules/order_total/' . $value;
include_once MYOOS_INCLUDE_PATH . '/includes/modules/order_total/' . $value;
$class = substr($value, 0, strrpos($value, '.'));
$GLOBALS[$class] = new $class;
}
}
}
public function process() {
$order_total_array = array();
if (is_array($this->modules)) {
reset($this->modules);
foreach ($this->modules as $value) {
$class = substr($value, 0, strrpos($value, '.'));
if ($GLOBALS[$class]->enabled) {
$GLOBALS[$class]->output = array();
$GLOBALS[$class]->process();
for ($i=0, $n=sizeof($GLOBALS[$class]->output); $i<$n; $i++) {
if (oos_is_not_null($GLOBALS[$class]->output[$i]['title']) && oos_is_not_null($GLOBALS[$class]->output[$i]['text'])) {
$order_total_array[] = array('code' => $GLOBALS[$class]->code,
'title' => $GLOBALS[$class]->output[$i]['title'],
'text' => $GLOBALS[$class]->output[$i]['text'],
'value' => $GLOBALS[$class]->output[$i]['value'],
'sort_order' => $GLOBALS[$class]->sort_order);
}
}
}
}
}
return $order_total_array;
}
public function output() {
$output_string = NULL;
if (is_array($this->modules)) {
reset($this->modules);
foreach ($this->modules as $value) {
$class = substr($value, 0, strrpos($value, '.'));
if ($GLOBALS[$class]->enabled) {
$size = count($GLOBALS[$class]->output);
for ($i=0; $i<$size; $i++) {
$output_string .= ' <tr>' . "\n" .
' <td align="right">' . $GLOBALS[$class]->output[$i]['title'] . '</td>' . "\n" .
' <td align="right">' . $GLOBALS[$class]->output[$i]['text'] . '</td>' . "\n" .
' </tr>';
}
}
}
}
return $output_string;
}
/**
* This public function is called in checkout payment after display of payment methods. It actually calls
* two credit class public functions.
*
* use_credit_amount() is normally a checkbox used to decide whether the credit amount should be applied to reduce
* the order total. Whether this is a Gift Voucher, or discount coupon or reward points etc.
*
* The second public function called is credit_selection(). This in the credit classes already made is usually a redeem box.
* for entering a Gift Voucher number. Note credit classes can decide whether this part is displayed depending on
* E.g. a setting in the admin section.
*/
public function credit_selection() {
global $aLang;
$selection_string = '';
$close_string = '';
$credit_class_string = '';
if ( (MODULE_ORDER_TOTAL_GV_STATUS == 'true') || (MODULE_ORDER_TOTAL_COUPON_STATUS == 'true') ) {
$header_string = '<tr>' . "\n";
$header_string .= ' <td><table border="0" width="100%" cellspacing="0" cellpadding="2">' . "\n";
$header_string .= ' <tr>' . "\n";
$header_string .= ' <td class="main"><strong>' . $aLang['table_heading_credit'] . '</strong></td>' . "\n";
$header_string .= ' </tr>' . "\n";
$header_string .= ' </table></td>' . "\n";
$header_string .= ' </tr>' . "\n";
$header_string .= '<tr>' . "\n";
$header_string .= ' <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">' . "\n";
$header_string .= ' <tr class="infoBoxContents"><td><table border="0" width="100%" cellspacing="0" cellpadding="2">' ."\n";
$header_string .= ' <tr><td width="10"></td>' . "\n";
$header_string .= ' <td colspan="2"><table border="0" width="100%" cellspacing="0" cellpadding="2">' . "\n";
$close_string = ' </table></td>';
$close_string .= '<td width="10"></td>';
$close_string .= '</tr></table></td></tr></table></td>';
$close_string .= '<tr><td width="100%"></td></tr>';
reset($this->modules);
$output_string = '';
foreach ($this->modules as $value) {
$class = substr($value, 0, strrpos($value, '.'));
if ($GLOBALS[$class]->enabled) {
if ($GLOBALS[$class]->credit_class) {
if ($selection_string =='') $selection_string = $GLOBALS[$class]->credit_selection();
$use_credit_string = $GLOBALS[$class]->use_credit_amount();
$output_string .= '<tr colspan="4"><td colspan="4" width="100%"></td></tr>';
$output_string .= ' <tr class="moduleRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" >' . "\n" .
' <td width="10"></td>';
if ( ($use_credit_string !='' ) && (MODULE_ORDER_TOTAL_GV_STATUS == 'true') ) {
$output_string .= ' ' . $use_credit_string;
} elseif ( (MODULE_ORDER_TOTAL_GV_STATUS == 'true') && (MODULE_ORDER_TOTAL_COUPON_STATUS == 'true') ) {
$output_string .= ' <td class="main"></td>';
} else {
$output_string .= ' <td class="main"><strong>' . $GLOBALS[$class]->header . '</strong></td>';
}
$output_string .= '<td width="10"></td>';
$output_string .= ' </tr>' . "\n";
}
}
}
if ($output_string != '') {
$output_string = $header_string . $output_string . $selection_string;
$output_string .= $close_string;
}
}
return $output_string;
}
/**
* update_credit_account is called in checkout process on a per product basis. It's purpose
* is to decide whether each product in the cart should add something to a credit account.
* e.g. for the Gift Voucher it checks whether the product is a Gift voucher and then adds the amount
* to the Gift Voucher account.
* Another use would be to check if the product would give reward points and add these to the points/reward account.
*/
public function update_credit_account($i) {
if (MODULE_ORDER_TOTAL_INSTALLED) {
reset($this->modules);
foreach ($this->modules as $value) {
$class = substr($value, 0, strrpos($value, '.'));
if ( ($GLOBALS[$class]->enabled && $GLOBALS[$class]->credit_class) ) {
$GLOBALS[$class]->update_credit_account($i);
}
}
}
}
/**
* This public function is called in checkout confirmation.
* It's main use is for credit classes that use the credit_selection() method. This is usually for
* entering redeem codes(Gift Vouchers/Discount Coupons). This public function is used to validate these codes.
* If they are valid then the necessary actions are taken, if not valid we are returned to checkout payment
* with an error
*/
public function collect_posts() {
if (MODULE_ORDER_TOTAL_INSTALLED) {
reset($this->modules);
foreach ($this->modules as $value) {
$class = substr($value, 0, strrpos($value, '.'));
if ( ($GLOBALS[$class]->enabled && $GLOBALS[$class]->credit_class) ) {
$post_var = 'c' . $GLOBALS[$class]->code;
if ($_POST[$post_var]) $_SESSION[$post_var] = oos_var_prep_for_os($_POST[$post_var]);
$GLOBALS[$class]->collect_posts();
}
}
}
}
/**
* pre_confirmation_check is called on checkout confirmation. It's public function is to decide whether the
* credits available are greater than the order total. If they are then a variable (credit_covers) is set to
* true. This is used to bypass the payment method. In other words if the Gift Voucher is more than the order
* total, we don't want to go to paypal etc.
*/
public function pre_confirmation_check() {
global $payment, $oOrder, $credit_covers;
$credit_covers = FALSE;
if (MODULE_ORDER_TOTAL_INSTALLED) {
$total_deductions = 0;
reset($this->modules);
$order_total = $oOrder->info['total'];
foreach ($this->modules as $value) {
$class = substr($value, 0, strrpos($value, '.'));
if ( ($GLOBALS[$class]->enabled && $GLOBALS[$class]->credit_class) ) {
$total_deductions += $GLOBALS[$class]->pre_confirmation_check($order_total);
}
}
if ($oOrder->info['total'] - $total_deductions <= 0 ) {
$credit_covers = TRUE;
}
}
return $credit_covers;
}
/**
* this public function is called in checkout process. it tests whether a decision was made at checkout payment to use
* the credit amount be applied aginst the order. If so some action is taken. E.g. for a Gift voucher the account
* is reduced the order total amount.
*/
public function apply_credit() {
if (MODULE_ORDER_TOTAL_INSTALLED) {
reset($this->modules);
foreach ($this->modules as $value) {
$class = substr($value, 0, strrpos($value, '.'));
if ( ($GLOBALS[$class]->enabled && $GLOBALS[$class]->credit_class) ) {
$GLOBALS[$class]->apply_credit();
}
}
}
}
/**
* Called in checkout process to clear session variables created by each credit class module.
*/
public function clear_posts() {
if (MODULE_ORDER_TOTAL_INSTALLED) {
reset($this->modules);
foreach ($this->modules as $value) {
$class = substr($value, 0, strrpos($value, '.'));
if ( ($GLOBALS[$class]->enabled && $GLOBALS[$class]->credit_class) ) {
$_SESSION[$post_var] = 'c' . $GLOBALS[$class]->code;
}
}
}
}
/**
* Called at various times. This public function calulates the total value of the order that the
* credit will be appled aginst. This varies depending on whether the credit class applies
* to shipping & tax
*/
public function get_order_total_main($class, $order_total) {
global $credit, $oOrder;
if ($GLOBALS[$class]->include_tax == 'false') $order_total=$order_total-$oOrder->info['tax'];
if ($GLOBALS[$class]->include_shipping == 'false') $order_total=$order_total-$oOrder->info['shipping_cost'];
return $order_total;
}
}

215
msd2/myoos/includes/classes/class_payment.php Normal file
View File

@ -0,0 +1,215 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: payment.php,v 1.3.2.1 2003/05/03 23:41:23 wilt
orig: payment.php,v 1.36 2003/02/11 00:04:53 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
class payment {
var $modules, $selected_module;
// class constructor
public function __construct($module = '') {
global $aUser, $aLang, $GLOBALS;
if (defined('MODULE_PAYMENT_INSTALLED') && oos_is_not_null($aUser['payment'])) {
$this->modules = explode(';', $aUser['payment']);
$include_modules = array();
if ( (oos_is_not_null($module)) ) {
$this->selected_module = $module;
$include_modules[] = array('class' => $module, 'file' => $module . '.php');
} else {
foreach ($this->modules as $value) {
$class = basename($value, '.php');
$include_modules[] = array('class' => $class, 'file' => $value);
}
}
$sLanguage = isset($_SESSION['language']) ? $_SESSION['language'] : DEFAULT_LANGUAGE;
for ($i=0, $n=sizeof($include_modules); $i<$n; $i++) {
include_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/modules/payment/' . $include_modules[$i]['file'];
include_once MYOOS_INCLUDE_PATH . '/includes/modules/payment/' . $include_modules[$i]['file'];
$GLOBALS[$include_modules[$i]['class']] = new $include_modules[$i]['class'];
}
// if there is only one payment method, select it as default because in
// checkout_confirmation.php the $payment variable is being assigned the
if ( (oos_count_payment_modules() == 1) && (!is_object($_SESSION['payment'])) ) {
$_SESSION['payment'] = $include_modules[0]['class'];
}
if ( (oos_is_not_null($module)) && (in_array($module, $this->modules)) && (isset($GLOBALS[$module]->form_action_url)) ) {
$this->form_action_url = $GLOBALS[$module]->form_action_url;
}
}
}
// class methods
/* The following method is needed in the checkout_confirmation.php page
due to a chicken and egg problem with the payment class and order class.
The payment modules needs the order destination data for the dynamic status
feature, and the order class needs the payment module title.
The following method is a work-around to implementing the method in all
payment modules available which would break the modules in the contributions
section. This should be looked into again post 2.2.
*/
public function update_status() {
if (is_array($this->modules)) {
if (is_object($GLOBALS[$this->selected_module])) {
if (function_exists('method_exists')) {
if (method_exists($GLOBALS[$this->selected_module], 'update_status')) {
$GLOBALS[$this->selected_module]->update_status();
}
}
}
}
}
public function javascript_validation() {
global $aLang;
$js = '';
if (is_array($this->modules)) {
$js = '<script language="javascript"><!-- ' . "\n" .
'public function check_form() {' . "\n" .
' var error = 0;' . "\n" .
' var error_message = "' . $aLang['js_error'] . '";' . "\n" .
' var payment_value = null;' . "\n" .
' if (document.checkout_payment.payment.length) {' . "\n" .
' for (var i=0; i<document.checkout_payment.payment.length; i++) {' . "\n" .
' if (document.checkout_payment.payment[i].checked) {' . "\n" .
' payment_value = document.checkout_payment.payment[i].value;' . "\n" .
' }' . "\n" .
' }' . "\n" .
' } else if (document.checkout_payment.payment.checked) {' . "\n" .
' payment_value = document.checkout_payment.payment.value;' . "\n" .
' } else if (document.checkout_payment.payment.value) {' . "\n" .
' payment_value = document.checkout_payment.payment.value;' . "\n" .
' }' . "\n\n";
reset($this->modules);
foreach ($this->modules as $value) {
$class = substr($value, 0, strrpos($value, '.'));
if ($GLOBALS[$class]->enabled) {
$js .= $GLOBALS[$class]->javascript_validation();
}
}
$js .= "\n" . ' if (payment_value == null && submitter != 1) {' . "\n" .
' error_message = error_message + "' . $aLang['js_error_no_payment_module_selected'] . '";' . "\n" .
' error = 1;' . "\n" .
' }' . "\n\n" .
' if (error == 1 && submitter != 1) {' . "\n" .
' alert(error_message);' . "\n" .
' return FALSE;' . "\n" .
' } else {' . "\n" .
' return TRUE;' . "\n" .
' }' . "\n" .
'}' . "\n" .
'//--></script>' . "\n";
}
return $js;
}
public function selection() {
global $aUser, $aLang;
$selection_array = array();
if (is_array($this->modules)) {
foreach ($this->modules as $value) {
$class = basename($value, '.php');
if ($GLOBALS[$class]->enabled) {
$selection = $GLOBALS[$class]->selection();
if (is_array($selection)) $selection_array[] = $selection;
}
}
}
return $selection_array;
}
public function pre_confirmation_check() {
global $credit_covers, $payment_modules;
if (is_array($this->modules)) {
if (is_object($GLOBALS[$this->selected_module]) && ($GLOBALS[$this->selected_module]->enabled) ) {
if ($credit_covers) {
$GLOBALS[$this->selected_module]->enabled = FALSE;
$GLOBALS[$this->selected_module] = NULL;
$payment_modules = '';
} else {
$GLOBALS[$this->selected_module]->pre_confirmation_check();
}
}
}
}
public function confirmation() {
if (is_array($this->modules)) {
if (is_object($GLOBALS[$this->selected_module]) && ($GLOBALS[$this->selected_module]->enabled) ) {
return $GLOBALS[$this->selected_module]->confirmation();
}
}
}
public function process_button() {
if (is_array($this->modules)) {
if (is_object($GLOBALS[$this->selected_module]) && ($GLOBALS[$this->selected_module]->enabled) ) {
return $GLOBALS[$this->selected_module]->process_button();
}
}
}
public function before_process() {
if (is_array($this->modules)) {
if (is_object($GLOBALS[$this->selected_module]) && ($GLOBALS[$this->selected_module]->enabled) ) {
return $GLOBALS[$this->selected_module]->before_process();
}
}
}
public function after_process() {
if (is_array($this->modules)) {
if (is_object($GLOBALS[$this->selected_module]) && ($GLOBALS[$this->selected_module]->enabled) ) {
return $GLOBALS[$this->selected_module]->after_process();
}
}
}
public function get_error() {
if (is_array($this->modules)) {
if (is_object($GLOBALS[$this->selected_module]) && ($GLOBALS[$this->selected_module]->enabled) ) {
return $GLOBALS[$this->selected_module]->get_error();
}
}
}
}

95
msd2/myoos/includes/classes/class_plugin_event.php Normal file
View File

@ -0,0 +1,95 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
class plugin_event {
var $aEventPlugins, $aPlugins;
public function __construct() {
$this->aEventPlugins = explode(';', MODULE_PLUGIN_EVENT_INSTALLED);
}
public function getInstance() {
$this->aPlugins = array();
foreach ($this->aEventPlugins as $event) {
$this->load_plugin($event);
}
}
public function load_plugin($sInstance, $sPluginPath = '') {
$sName = 'oos_event_' . $sInstance;
if (!class_exists($sName)) {
if (empty($sPluginPath)) {
if (empty($sPluginPath)) {
$sPluginPath = $sName;
}
}
$sPluginPath = oos_var_prep_for_os($sPluginPath);
$sName = oos_var_prep_for_os($sName);
if (file_exists('includes/plugins/' . $sPluginPath . '/' . $sName . '.php')) {
include_once 'includes/plugins/' . $sPluginPath . '/' . $sName . '.php';
}
if (isset($_SESSION['language']) && file_exists('includes/plugins/' . $sPluginPath . '/lang/' . oos_var_prep_for_os($_SESSION['language']) . '.php')) {
include_once 'includes/plugins/' . $sPluginPath . '/lang/' . oos_var_prep_for_os($_SESSION['language']) . '.php';
} elseif (file_exists('includes/plugins/' . $sPluginPath . '/lang/' . DEFAULT_LANGUAGE . '.php')) {
include_once 'includes/plugins/' . $sPluginPath . '/lang/' . DEFAULT_LANGUAGE . '.php';
}
if (!class_exists($sName)) {
return FALSE;
}
}
if (@call_user_func(array('oos_event_' . $sInstance, 'create_plugin_instance'))) {
$this->aPlugins[] = $sName;
}
return TRUE;
}
public function introspect() {
$this->aPlugins = array();
foreach ($this->aEventPlugins as $event) {
$this->get_intro($event);
}
}
public function get_intro($event) {
@call_user_func(array('oos_event_' . $event, 'intro'));
}
public function installed_plugin($event) {
return in_array($event, $this->aEventPlugins);
}
}

110
msd2/myoos/includes/classes/class_products_history.php Normal file
View File

@ -0,0 +1,110 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
/**
* Class Products History
*
*
* @link https://www.oos-shop.de Latest release of this class
* @package Products History
* @copyright Copyright (c) 2003 - 2004 r23.de. All rights reserved.
* @author r23 <info@r23.de>
* @version $Revision: 1.1 $ - changed by $Author: r23 $ on $Date: 2007/06/07 16:06:31 $
* @access public
*/
class oosProductsHistory {
/**
* @access private
* @var int
*/
var $products_history;
/**
* Constructor of our Class
*
* @access public
* @author r23 <info@r23.de>
*/
public function __construct() {
$this->reset();
}
/**
* @param $products_id
*/
public function add_current_products($products_id) {
if (!$this->in_history($products_id)) {
if ($this->count_history() >= MAX_DISPLAY_PRODUCTS_IN_PRODUCTS_HISTORY_BOX) {
$temp = array_shift($this->products_history);
}
array_push($this->products_history, $products_id);
}
}
/**
* @param $products_id
* @return boolean
*/
public function in_history($products_id) {
if (in_array ($products_id, $this->products_history)) {
return TRUE;
} else {
return FALSE;
}
}
/**
* get total number of products
*/
public function count_history() {
return count($this->products_history);
}
/**
* get Product's id
*/
public function get_product_id_list() {
$product_id_list = '';
if (is_array($this->products_history)) {
reset($this->products_history);
foreach ($this->products_history as $key => $products_id) {
$product_id_list .= ', ' . $products_id;
}
}
return substr($product_id_list, 2);
}
/**
*
*/
public function reset() {
$this->products_history = array();
}
}

135
msd2/myoos/includes/classes/class_shipping.php Normal file
View File

@ -0,0 +1,135 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: shipping.php,v 1.21 2003/02/11 00:04:53 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
class shipping {
var $modules;
// class constructor
public function __construct($module = '') {
global $aLang;
if (defined('MODULE_SHIPPING_INSTALLED') && oos_is_not_null(MODULE_SHIPPING_INSTALLED)) {
$this->modules = explode(';', MODULE_SHIPPING_INSTALLED);
$include_modules = array();
if ( (oos_is_not_null($module)) && (in_array(substr($module['id'], 0, strpos($module['id'], '_')) . '.' . substr($_SERVER['PHP_SELF'], (strrpos($_SERVER['PHP_SELF'], '.')+1)), $this->modules)) ) {
$include_modules[] = array('class' => substr($module['id'], 0, strpos($module['id'], '_')), 'file' => substr($module['id'], 0, strpos($module['id'], '_')) . '.' . substr($_SERVER['PHP_SELF'], (strrpos($_SERVER['PHP_SELF'], '.')+1)));
} else {
foreach ($this->modules as $value) {
$class = basename($value, '.php');
$include_modules[] = array('class' => $class, 'file' => $value);
}
}
$sLanguage = isset($_SESSION['language']) ? $_SESSION['language'] : DEFAULT_LANGUAGE;
for ($i=0, $n=count($include_modules); $i<$n; $i++) {
include_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/modules/shipping/' . $include_modules[$i]['file'];
include_once MYOOS_INCLUDE_PATH . '/includes/modules/shipping/' . $include_modules[$i]['file'];
$GLOBALS[$include_modules[$i]['class']] = new $include_modules[$i]['class'];
}
}
}
public function quote($method = '', $module = '') {
global $total_weight, $shipping_weight, $shipping_quoted, $shipping_num_boxes;
$quotes_array = array();
if (is_array($this->modules)) {
$shipping_quoted = '';
$shipping_num_boxes = 1;
$shipping_weight = $total_weight;
if ($total_weight > SHIPPING_MAX_WEIGHT) { // Split into many boxes
$shipping_num_boxes = ceil($total_weight/SHIPPING_MAX_WEIGHT);
$shipping_weight = $total_weight/$shipping_num_boxes;
}
if (SHIPPING_BOX_WEIGHT >= $shipping_weight*SHIPPING_BOX_PADDING/100) {
$shipping_weight = $shipping_weight+SHIPPING_BOX_WEIGHT;
} else {
$shipping_weight = $shipping_weight + ($shipping_weight*SHIPPING_BOX_PADDING/100);
}
$include_quotes = array();
foreach ($this->modules as $value) {
$class = basename($value, '.php');
if (oos_is_not_null($module)) {
if ( ($module == $class) && ($GLOBALS[$class]->enabled) ) {
$include_quotes[] = $class;
}
} elseif ($GLOBALS[$class]->enabled) {
$include_quotes[] = $class;
}
}
$size = count($include_quotes);
for ($i=0; $i<$size; $i++) {
$quotes = $GLOBALS[$include_quotes[$i]]->quote($method);
if (is_array($quotes)) $quotes_array[] = $quotes;
}
}
return $quotes_array;
}
public function cheapest() {
if (is_array($this->modules)) {
$rates = array();
foreach ($this->modules as $value) {
$class = basename($value, '.php');
if ($GLOBALS[$class]->enabled) {
$quotes = $GLOBALS[$class]->quotes;
$size = count($quotes['methods']);
for ($i=0; $i<$size; $i++) {
if ($quotes['methods'][$i]['cost']) {
$rates[] = array('id' => $quotes['id'] . '_' . $quotes['methods'][$i]['id'],
'title' => $quotes['module'] . ' (' . $quotes['methods'][$i]['title'] . ')',
'cost' => $quotes['methods'][$i]['cost']);
}
}
}
}
$cheapest = FALSE;
$size = count($rates);
for ($i=0; $i<$size; $i++) {
if (is_array($cheapest)) {
if ($rates[$i]['cost'] < $cheapest['cost']) {
$cheapest = $rates[$i];
}
} else {
$cheapest = $rates[$i];
}
}
return $cheapest;
}
}
}

836
msd2/myoos/includes/classes/class_shopping_cart.php Normal file
View File

@ -0,0 +1,836 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: shopping_cart.php,v 1.2 2003/01/09 09:40:08 elarifr
shopping_cart.php,v 1.3.2.6 2003/05/12 23:11:20 wilt
orig: shopping_cart.php,v 1.32 2003/02/11 00:04:53 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
class shoppingCart {
var $contents;
var $total;
var $weight;
var $cartID;
var $content_type;
public function __construct() {
$this->reset();
}
public function restore_contents() {
if (!isset($_SESSION['customer_id'])) return FALSE;
// insert current cart contents in database
if (is_array($this->contents)) {
reset($this->contents);
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
foreach ( array_keys($this->contents) as $products_id ) {
$qty = $this->contents[$products_id]['qty'];
$towlid = $this->contents[$products_id]['towlid'];
if ($_SESSION['customer_wishlist_link_id'] == $towlid) {
$towlid = '';
$customers_wishlisttable = $oostable['customers_wishlist'];
$dbconn->Execute("DELETE FROM $customers_wishlisttable WHERE customers_id= '" . intval($_SESSION['customer_id']) . "' AND products_id = '" . oos_db_input($products_id) . "'");
$customers_wishlist_attributestable = $oostable['customers_wishlist_attributes'];
$dbconn->Execute("DELETE FROM $customers_wishlist_attributestable WHERE customers_id= '" . intval($_SESSION['customer_id']) . "' AND products_id = '" . oos_db_input($products_id) . "'");
}
$customers_baskettable = $oostable['customers_basket'];
$product_sql = "SELECT products_id
FROM $customers_baskettable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
AND products_id = '" . intval($products_id) . "'";
$product_result = $dbconn->Execute($product_sql);
if (!$product_result->RecordCount()) {
$customers_baskettable = $oostable['customers_basket'];
$dbconn->Execute("INSERT INTO $customers_baskettable
(customers_id,
to_wishlist_id,
products_id,
customers_basket_quantity,
customers_basket_date_added) VALUES ('" . intval($_SESSION['customer_id']) . "',
'" . oos_db_input($towlid) . "',
'" . oos_db_input($products_id) . "',
'" . oos_db_input($qty) . "',
'" . oos_db_input(date('Ymd')) . "')");
if (isset($this->contents[$products_id]['attributes'])) {
reset($this->contents[$products_id]['attributes']);
foreach ($this->contents[$products_id]['attributes'] as $option => $value) {
$attr_value = $this->contents[$products_id]['attributes_values'][$option];
$customers_basket_attributestable = $oostable['customers_basket_attributes'];
$dbconn->Execute("INSERT INTO $customers_basket_attributestable
(customers_id,
products_id,
products_options_id,
products_options_value_id,
products_options_value_text) VALUES ('" . intval($_SESSION['customer_id']) . "',
'" . oos_db_input($products_id) . "',
'" . oos_db_input($option) . "',
'" . oos_db_input($value) . "',
'" . oos_db_input($attr_value) . "')");
}
}
} else {
$customers_baskettable = $oostable['customers_basket'];
$dbconn->Execute("UPDATE $customers_baskettable
SET customers_basket_quantity = '" . intval($qty) . "'
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "' AND
products_id = '" . oos_db_input($products_id) . "'");
}
}
if (isset($_SESSION['gv_id'])) {
$remote = oos_server_get_remote();
$coupon_redeem_tracktable = $oostable['coupon_redeem_track'];
$gv_result = $dbconn->Execute("INSERT INTO $coupon_redeem_tracktable
(coupon_id,
customer_id,
redeem_date,
redeem_ip) VALUES ('" . oos_db_input($_SESSION['gv_id']) . "',
'" . intval($_SESSION['customer_id']) . "',
now(),
'" . oos_db_input($remote) . "')");
$couponstable = $oostable['coupons'];
$gv_update = $dbconn->Execute("UPDATE $couponstable
SET coupon_active = 'N'
WHERE coupon_id = '" . oos_db_input($_SESSION['gv_id']) . "'");
oos_gv_account_update($_SESSION['customer_id'], $_SESSION['gv_id']);
unset($_SESSION['gv_id']);
}
}
// reset per-session cart contents, but not the database contents
$this->reset(false);
$customers_baskettable = $oostable['customers_basket'];
$sql = "SELECT products_id, to_wishlist_id, customers_basket_quantity
FROM $customers_baskettable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'";
$products_result = $dbconn->Execute($sql);
while ($products = $products_result->fields) {
$this->contents[$products['products_id']] = array('qty' => $products['customers_basket_quantity'],
'towlid' => $products['to_wishlist_id']);
// attributes
$customers_basket_attributestable = $oostable['customers_basket_attributes'];
$sql = "SELECT products_options_id, products_options_value_id, products_options_value_text
FROM $customers_basket_attributestable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
AND products_id = '" . $products['products_id'] . "'";
$attributes_result = $dbconn->Execute($sql);
while ($attributes = $attributes_result->fields) {
$this->contents[$products['products_id']]['attributes'][$attributes['products_options_id']] = $attributes['products_options_value_id'];
if ($attributes['products_options_value_id'] == PRODUCTS_OPTIONS_VALUE_TEXT_ID) {
$this->contents[$products['products_id']]['attributes_values'][$attributes['products_options_id']] = $attributes['products_options_value_text'];
}
// Move that ADOdb pointer!
$attributes_result->MoveNext();
}
// Move that ADOdb pointer!
$products_result->MoveNext();
}
$this->cleanup();
}
public function reset($reset_database = FALSE) {
$this->contents = array();
$this->total = 0;
$this->weight = 0;
$this->content_type = FALSE;
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
if (isset($_SESSION['customer_id']) && ($reset_database == TRUE)) {
$customers_baskettable = $oostable['customers_basket'];
$dbconn->Execute("DELETE FROM $customers_baskettable WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'");
$customers_basket_attributestable = $oostable['customers_basket_attributes'];
$dbconn->Execute("DELETE FROM $customers_basket_attributestable WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'");
}
unset($this->cartID);
if (isset($_SESSION['cartID'])) unset($_SESSION['cartID']);
}
public function add_cart($products_id, $nQuantity = '1', $attributes = '', $notify = TRUE, $towlid = '') {
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$sProductsId = oos_get_uprid($products_id, $attributes);
$nProductsID = oos_get_product_id($sProductsId);
if (is_numeric($nProductsID) && is_numeric($nQuantity)) {
$productstable = $oostable['products'];
$check_product_sql = "SELECT products_status
FROM $productstable
WHERE products_id = '" . intval($nProductsID) . "'";
$products_status = $dbconn->GetOne($check_product_sql);
if ($products_setting = '2') {
$nQuantity = intval($nQuantity);
if ($notify == TRUE) {
$_SESSION['new_products_id_in_cart'] = $sProductsId;
}
if (isset($_SESSION['customer_wishlist_link_id']) && ($_SESSION['customer_wishlist_link_id'] == $towlid)) {
$towlid = '';
$customers_wishlisttable = $oostable['customers_wishlist'];
$dbconn->Execute("DELETE FROM $customers_wishlisttable WHERE customers_id = '" . intval($_SESSION['customer_id']) . "' AND products_id = '" . oos_db_input($sProductsId) . "'");
$customers_wishlist_attributestable = $oostable['customers_wishlist_attributes'];
$dbconn->Execute("DELETE FROM $customers_wishlist_attributestable WHERE customers_id = '" . intval($_SESSION['customer_id']) . "' AND products_id = '" . oos_db_input($sProductsId) . "'");
}
if ($this->in_cart($sProductsId)) {
$this->update_quantity($sProductsId, $nQuantity, $attributes, $towlid);
} else {
$this->contents[] = array($sProductsId);
$this->contents[$sProductsId] = array('qty' => $nQuantity,
'towlid' => $towlid);
// insert into database
if (isset($_SESSION['customer_id'])) {
$customers_baskettable = $oostable['customers_basket'];
$dbconn->Execute("INSERT INTO $customers_baskettable
(customers_id,
to_wishlist_id,
products_id,
customers_basket_quantity,
customers_basket_date_added) VALUES (" . $dbconn->qstr($_SESSION['customer_id']) . ','
. $dbconn->qstr($towlid) . ','
. $dbconn->qstr($sProductsId) . ','
. $dbconn->qstr($nQuantity) . ','
. $dbconn->qstr(date('Ymd')) . ")");
}
if (is_array($attributes)) {
reset($attributes);
foreach ($attributes as $option => $value) {
$attr_value = NULL;
$blank_value = FALSE;
if (strstr($option, TEXT_PREFIX)) {
if (trim($value) == NULL) {
$blank_value = TRUE;
} else {
$option = substr($option, strlen(TEXT_PREFIX));
$attr_value = htmlspecialchars(stripslashes($value), ENT_QUOTES);
$value = PRODUCTS_OPTIONS_VALUE_TEXT_ID;
$this->contents[$sProductsId]['attributes_values'][$option] = $attr_value;
}
}
if (!$blank_value) {
$this->contents[$sProductsId]['attributes'][$option] = $value;
// insert into database
if (isset($_SESSION['customer_id'])) {
$customers_basket_attributestable = $oostable['customers_basket_attributes'];
$dbconn->Execute("INSERT INTO $customers_basket_attributestable
(customers_id,
products_id,
products_options_id,
products_options_value_id,
products_options_value_text) VALUES (" . $dbconn->qstr($_SESSION['customer_id']) . ','
. $dbconn->qstr($sProductsId) . ','
. $dbconn->qstr($option) . ','
. $dbconn->qstr($value) . ','
. $dbconn->qstr($attr_value) . ")");
}
}
}
}
}
$this->cleanup();
// assign a temporary unique ID to the order contents to prevent hack attempts during the checkout procedure
$this->cartID = $this->generate_cart_id();
}
}
}
public function update_quantity($products_id, $nQuantity = '', $attributes = '', $towlid = '') {
$sProductsId = oos_get_uprid($products_id, $attributes);
$nProductsID = oos_get_product_id($sProductsId);
if (is_numeric($nProductsID) && isset($this->contents[$sProductsId]) && is_numeric($nQuantity)) {
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$nQuantity = intval($nQuantity);
$this->contents[$sProductsId] = array('qty' => $nQuantity,
'towlid' => $towlid);
if (isset($_SESSION['customer_id'])) {
$customers_baskettable = $oostable['customers_basket'];
$dbconn->Execute("UPDATE $customers_baskettable
SET customers_basket_quantity = '" . oos_db_input($nQuantity) . "'
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "' AND
products_id = '" . oos_db_input($sProductsId) . "'");
}
if (is_array($attributes)) {
reset($attributes);
foreach ($attributes as $option => $value) {
$attr_value = NULL;
$blank_value = FALSE;
if (strstr($option, TEXT_PREFIX)) {
if (trim($value) == NULL) {
$blank_value = TRUE;
} else {
$option = substr($option, strlen(TEXT_PREFIX));
// $attr_value = htmlspecialchars(stripslashes($value), ENT_QUOTES);
$attr_value = stripslashes($value);
$value = PRODUCTS_OPTIONS_VALUE_TEXT_ID;
$this->contents[$sProductsId]['attributes_values'][$option] = $attr_value;
}
}
if (!$blank_value) {
$this->contents[$sProductsId]['attributes'][$option] = $value;
// update database
if (isset($_SESSION['customer_id'])) {
$customers_basket_attributestable = $oostable['customers_basket_attributes'];
$dbconn->Execute("UPDATE $customers_basket_attributestable
SET products_options_value_id = '" . oos_db_input($value) . "',
products_options_value_text = '" . oos_db_input($attr_value) . "'
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
AND products_id = '" . oos_db_input($sProductsId) . "'
AND products_options_id = '" . oos_db_input($option) . "'");
}
}
}
}
}
}
public function cleanup() {
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$check_quantity = 1;
reset($this->contents);
foreach ( array_keys($this->contents) as $key ) {
if ($this->contents[$key]['qty'] < $check_quantity) {
unset($this->contents[$key]);
// remove from database
if (isset($_SESSION['customer_id'])) {
$customers_baskettable = $oostable['customers_basket'];
$dbconn->Execute("DELETE FROM $customers_baskettable WHERE customers_id = '" . intval($_SESSION['customer_id']) . "' AND products_id = '" . oos_db_input($key) . "'");
$customers_basket_attributestable = $oostable['customers_basket_attributes'];
$dbconn->Execute("DELETE FROM $customers_basket_attributestable WHERE customers_id = '" . intval($_SESSION['customer_id']) . "' AND products_id = '" . oos_db_input($key) . "'");
}
}
}
}
public function count_contents() { // get total number of items in cart
$total_items = 0;
if (is_array($this->contents)) {
reset($this->contents);
foreach ( array_keys($this->contents) as $products_id ) {
$total_items += $this->get_quantity($products_id);
}
}
return $total_items;
}
public function get_quantity($products_id) {
if (isset($this->contents[$products_id])) {
$nQuantity = $this->contents[$products_id]['qty'];
$nQuantity = intval($nQuantity);
return $nQuantity;
} else {
return 0;
}
}
public function in_cart($products_id) {
if (isset($this->contents[$products_id])) {
return TRUE;
} else {
return FALSE;
}
}
public function remove($products_id) {
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
unset($this->contents[$products_id]);
// remove from database
if (isset($_SESSION['customer_id'])) {
$customers_baskettable = $oostable['customers_basket'];
$dbconn->Execute("DELETE FROM $customers_baskettable WHERE customers_id = '" . intval($_SESSION['customer_id']) . "' AND products_id = '" . oos_db_input($products_id) . "'");
$customers_basket_attributestable = $oostable['customers_basket_attributes'];
$dbconn->Execute("DELETE FROM $customers_basket_attributestable WHERE customers_id = '" . intval($_SESSION['customer_id']) . "' AND products_id = '" . oos_db_input($products_id) . "'");
}
// assign a temporary unique ID to the order contents to prevent hack attempts during the checkout procedure
$this->cartID = $this->generate_cart_id();
}
public function remove_all() {
$this->reset();
}
public function get_product_id_list() {
$product_id_list = '';
if (is_array($this->contents)) {
reset($this->contents);
foreach ( array_keys($this->contents) as $products_id ) {
$product_id_list .= ', ' . $products_id;
}
}
return substr($product_id_list, 2);
}
public function get_numeric_product_id_list() {
$product_id_list = '';
if (is_array($this->contents)) {
reset($this->contents);
foreach ( array_keys($this->contents) as $products_id ) {
$product_id_list .= ', ' . oos_get_product_id($products_id);
}
}
return substr($product_id_list, 2);
}
public function calculate() {
global $aUser, $oCurrencies;
$this->total_virtual = 0; // Gift Voucher System
$this->weight_virtual = 0;
$this->total = 0;
$this->weight = 0;
if (!is_array($this->contents)) return 0;
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
reset($this->contents);
foreach ( array_keys($this->contents) as $products_id ) {
$nQuantity = $this->contents[$products_id]['qty'];
// products price
$productstable = $oostable['products'];
$product_sql = "SELECT products_id, products_model, products_price, products_tax_class_id, products_weight
FROM $productstable
WHERE products_id='" . oos_get_product_id($products_id) . "'";
$product_result = $dbconn->Execute($product_sql);
if ($product = $product_result->fields) {
$no_count = 1;
if (preg_match('/^GIFT/', $product['products_model'])) {
$no_count = 0;
}
$prid = $product['products_id'];
$products_tax = oos_get_tax_rate($product['products_tax_class_id']);
if ($aUser['qty_discounts'] == 1) {
$products_price = $this->products_price_actual($prid, $product['products_price'], $nQuantity);
} else {
$products_price = $product['products_price'];
}
$products_weight = $product['products_weight'];
$bSpezialPrice = FALSE;
$specialstable = $oostable['specials'];
$sql = "SELECT specials_new_products_price
FROM $specialstable
WHERE products_id = '" . intval($prid) . "'
AND status = '1'";
$specials_result = $dbconn->Execute($sql);
if ($specials_result->RecordCount()) {
$specials = $specials_result->fields;
$products_price = $specials['specials_new_products_price'];
$bSpezialPrice = TRUE;
}
$this->total_virtual += oos_add_tax($products_price, $products_tax) * $nQuantity * $no_count;
$this->weight_virtual += ($nQuantity * $products_weight) * $no_count;
$this->total += $oCurrencies->calculate_price($products_price, $products_tax, $nQuantity);
$this->weight += ($nQuantity * $products_weight);
}
// attributes price
if (isset($this->contents[$products_id]['attributes'])) {
reset($this->contents[$products_id]['attributes']);
foreach ($this->contents[$products_id]['attributes'] as $option => $value) {
$products_attributestable = $oostable['products_attributes'];
$sql = "SELECT options_values_price, price_prefix
FROM $products_attributestable
WHERE products_id = '" . intval($prid) . "'
AND options_id = '" . intval($option) . "'
AND options_values_id = '" . intval($value) . "'";
$attribute_price = $dbconn->GetRow($sql);
$sAttributesPrice = $attribute_price['options_values_price'];
if ($bSpezialPrice === FALSE) {
$sAttributesPrice = $sAttributesPrice*(100-$max_product_discount)/100;
}
if ($attribute_price['price_prefix'] == '+') {
$this->total += $oCurrencies->calculate_price($sAttributesPrice, $products_tax, $nQuantity);
} else {
$this->total -= $oCurrencies->calculate_price($sAttributesPrice, $products_tax, $nQuantity);
}
}
}
}
}
public function products_price_actual($product_id, $actual_price, $products_qty) {
$new_price = $actual_price;
if ($new_special_price = oos_get_products_special_price($product_id)) {
$new_price = $new_special_price;
}
if ($new_discounts_price = oos_get_products_price_quantity_discount($product_id, $products_qty, $new_price)){
$new_price = $new_discounts_price;
}
return $new_price;
}
public function attributes_price($products_id) {
$attributes_price = 0;
if (isset($this->contents[$products_id]['attributes'])) {
reset($this->contents[$products_id]['attributes']);
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
foreach ($this->contents[$products_id]['attributes'] as $option => $value) {
$products_attributestable = $oostable['products_attributes'];
$attribute_price_sql = "SELECT options_values_price, price_prefix
FROM $products_attributestable
WHERE products_id = '" . intval($products_id) . "'
AND options_id = '" . intval($option) . "'
AND options_values_id = '" . intval($value) . "'";
$attribute_price = $dbconn->GetRow($attribute_price_sql);
if ($attribute_price['price_prefix'] == '+') {
$attributes_price += $attribute_price['options_values_price'];
} else {
$attributes_price -= $attribute_price['options_values_price'];
}
}
}
return $attributes_price;
}
public function get_products() {
global $aUser;
if (!is_array($this->contents)) return FALSE;
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$nLanguageID = isset($_SESSION['language_id']) ? intval( $_SESSION['language_id'] ) : DEFAULT_LANGUAGE_ID;
$aProducts = array();
reset($this->contents);
foreach ( array_keys($this->contents) as $products_id ) {
$nQuantity = $this->contents[$products_id]['qty'];
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$sql = "SELECT p.products_id, pd.products_name, pd.products_essential_characteristics, p.products_image, p.products_model,
p.products_ean, p.products_price, p.products_weight, p.products_tax_class_id, p.products_quantity
FROM $productstable p,
$products_descriptiontable pd
WHERE p.products_id = '" . oos_get_product_id($products_id) . "' AND
pd.products_id = p.products_id AND
pd.products_languages_id = '" . intval($nLanguageID) . "'";
$products_result = $dbconn->Execute($sql);
if ($products = $products_result->fields) {
$prid = $products['products_id'];
if ($aUser['qty_discounts'] == 1) {
$products_price = $this->products_price_actual($prid, $products['products_price'], $nQuantity);
} else {
$products_price = $products['products_price'];
}
$bSpezialPrice = FALSE;
$specialstable = $oostable['specials'];
$sql = "SELECT specials_new_products_price
FROM $specialstable
WHERE products_id = '" . intval($prid) . "' AND
status = '1'";
$specials_result = $dbconn->Execute($sql);
if ($specials_result->RecordCount()) {
$bSpezialPrice = TRUE;
$specials = $specials_result->fields;
$products_price = $specials['specials_new_products_price'];
}
$attributes_price = $this->attributes_price($products_id);
$aProducts[] = array('id' => $products_id,
'name' => $products['products_name'],
'essential_characteristics' => $products['products_essential_characteristics'],
'model' => $products['products_model'],
'image' => $products['products_image'],
'ean' => $products['products_ean'],
'price' => $products_price,
'spezial' => $bSpezialPrice,
'quantity' => $this->contents[$products_id]['qty'],
'stock' => $products['products_quantity'],
'weight' => $products['products_weight'],
'final_price' => ($products_price + $attributes_price),
'tax_class_id' => $products['products_tax_class_id'],
'attributes' => (isset($this->contents[$products_id]['attributes']) ? $this->contents[$products_id]['attributes'] : ''),
'attributes_values' => (isset($this->contents[$products_id]['attributes_values']) ? $this->contents[$products_id]['attributes_values'] : ''),
'towlid' => $this->contents[$products_id]['towlid']);
}
}
return $aProducts;
}
public function show_total() {
$this->calculate();
return $this->total;
}
public function show_weight() {
$this->calculate();
return $this->weight;
}
public function show_total_virtual() {
$this->calculate();
return $this->total_virtual;
}
public function show_weight_virtual() {
$this->calculate();
return $this->weight_virtual;
}
public function generate_cart_id($length = 5) {
return oos_create_random_value($length, 'digits');
}
public function get_content_type() {
$this->content_type = FALSE;
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
if ( (DOWNLOAD_ENABLED == 'true') && ($this->count_contents() > 0) || ($this->show_weight() == 0 )&& ($this->count_contents() > 0) ) {
reset($this->contents);
foreach ( array_keys($this->contents) as $products_id ) {
if (isset($this->contents[$products_id]['attributes'])) {
reset($this->contents[$products_id]['attributes']);
foreach ($this->contents[$products_id]['attributes'] as $value) {
$products_attributestable = $oostable['products_attributes'];
$products_attributes_downloadtable = $oostable['products_attributes_download'];
$sql = "SELECT COUNT(*) AS total
FROM $products_attributestable pa,
$products_attributes_downloadtable pad
WHERE pa.products_id = '" . intval($products_id) . "'
AND pa.options_values_id = '" . intval($value) . "'
AND pa.products_attributes_id = pad.products_attributes_id";
$virtual_check = $dbconn->GetRow($sql);
if ($virtual_check['total'] > 0) {
switch ($this->content_type) {
case 'physical':
$this->content_type = 'mixed';
return $this->content_type;
break;
default:
$this->content_type = 'virtual';
break;
}
} else {
switch ($this->content_type) {
case 'virtual':
$this->content_type = 'mixed';
return $this->content_type;
break;
default:
$this->content_type = 'physical';
break;
}
}
}
} elseif ($this->show_weight() == 0) {
reset($this->contents);
foreach ( array_keys($this->contents) as $products_id ) {
$productstable = $oostable['products'];
$sql = "SELECT products_weight
FROM $productstable
WHERE products_id = '" . intval($products_id) . "'";
$virtual_check_result = $dbconn->Execute($sql);
$virtual_check = $virtual_check_result->fields;
if ($virtual_check['products_weight'] == 0) {
switch ($this->content_type) {
case 'physical':
$this->content_type = 'mixed';
return $this->content_type;
break;
default:
$this->content_type = 'virtual_weight';
break;
}
} else {
switch ($this->content_type) {
case 'virtual':
$this->content_type = 'mixed';
return $this->content_type;
break;
default:
$this->content_type = 'physical';
break;
}
}
}
} else {
switch ($this->content_type) {
case 'virtual':
$this->content_type = 'mixed';
return $this->content_type;
break;
default:
$this->content_type = 'physical';
break;
}
}
}
} else {
$this->content_type = 'physical';
}
return $this->content_type;
}
public function unserialize($broken) {
for(reset($broken);$kv=each($broken);) {
$key=$kv['key'];
if (gettype($this->$key)!="user public function")
$this->$key=$kv['value'];
}
}
/**
* ICWILSON CREDIT CLASS Gift Voucher Addittion Start
* amend count_contents to show nil contents for shipping
* as we don't want to quote for 'virtual' item
* GLOBAL CONSTANTS if NO_COUNT_ZERO_WEIGHT is true then we don't count any product with a weight
* which is less than or equal to MINIMUM_WEIGHT
* otherwise we just don't count gift certificates
*/
public function count_contents_virtual() { // get total number of items in cart disregard gift vouchers
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$total_items = 0;
if (is_array($this->contents)) {
reset($this->contents);
foreach ( array_keys($this->contents) as $products_id ) {
$no_count = FALSE;
$productstable = $oostable['products'];
$sql = "SELECT products_model
FROM $productstable
WHERE products_id = '" . intval($products_id) . "'";
$gv_result = $dbconn->GetRow($sql);
if (preg_match('/^GIFT/', $gv_result['products_model'])) {
$no_count = TRUE;
}
if (NO_COUNT_ZERO_WEIGHT == 1) {
$productstable = $oostable['products'];
$sql = "SELECT products_weight
FROM $productstable
WHERE products_id = '" . oos_get_product_id($products_id) . "'";
$gv_result = $dbconn->GetRow($sql);
if ($gv_result['products_weight']<=MINIMUM_WEIGHT) {
$no_count = TRUE;
}
}
if (!$no_count) $total_items += $this->get_quantity($products_id);
}
}
return $total_items;
}
}

173
msd2/myoos/includes/classes/class_split_page_results.php Normal file
View File

@ -0,0 +1,173 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: split_page_results.php,v 1.11 2003/02/13 04:23:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
/**
* Page Navigation
*
* @package kernel
* @version $Revision: 1.2 $ - changed by $Author: r23 $ on $Date: 2007/12/11 08:12:54 $
*/
class splitPageResults {
var $sql_query;
var $number_of_rows;
var $current_page_number;
var $number_of_pages;
var $number_of_rows_per_page;
var $page_name;
/**
* Constructor
*/
public function __construct($query, $max_rows, $count_key = '*', $page_holder = 'page') {
$max_rows = ($max_rows == '' || $max_rows == 0) ? 20 : $max_rows;
$this->sql_query = preg_replace("/\n\r|\r\n|\n|\r/", " ", $query);
$this->page_name = $page_holder;
if (isset($_GET[$page_holder])) {
$page = $_GET[$page_holder];
} elseif (isset($_POST[$page_holder])) {
$page = $_POST[$page_holder];
} else {
$page = 1;
}
if (empty($page) || !is_numeric($page) || $page < 0) $page = 1;
$this->current_page_number = $page;
$this->number_of_rows_per_page = $max_rows;
$pos_to = strlen($this->sql_query);
$pos_from = strpos($this->sql_query, 'FROM', 0);
$pos_group_by = strpos($this->sql_query, ' GROUP BY', $pos_from);
if (($pos_group_by < $pos_to) && ($pos_group_by != false)) $pos_to = $pos_group_by;
$pos_having = strpos($this->sql_query, ' HAVING', $pos_from);
if (($pos_having < $pos_to) && ($pos_having != false)) $pos_to = $pos_having;
$pos_order_by = strpos($this->sql_query, ' ORDER BY', $pos_from);
if (($pos_order_by < $pos_to) && ($pos_order_by != false)) $pos_to = $pos_order_by;
$dbconn =& oosDBGetConn();
$sql = "SELECT COUNT(" . oos_db_input($count_key) . ") AS total " . substr($this->sql_query, $pos_from, ($pos_to - $pos_from));
$count = $dbconn->Execute($sql);
$this->number_of_rows = $count->fields['total'];
if ($this->number_of_rows_per_page > 0) {
$this->number_of_pages = ceil($this->number_of_rows / $this->number_of_rows_per_page);
} else {
$this->number_of_pages = 0;
}
if ($this->current_page_number > $this->number_of_pages) {
$this->current_page_number = $this->number_of_pages;
}
$offset = ($this->number_of_rows_per_page * ($this->current_page_number - 1));
if ($offset <= 0) { $offset = 0; }
if ($this->current_page_number <=0) {$this->current_page_number = 1;}
# $this->sql_query .= " LIMIT " . ($offset > 0 ? $offset . ", " : '') . $this->number_of_rows_per_page;
$this->sql_query .= " LIMIT " . max($offset, 0) . ", " . $this->number_of_rows_per_page;
}
/**
* display split-page-number-links
*
* @param $this->number_of_rows
* @param $this->number_of_rows_per_page
* @param $max_page_links
* @param $current_page_number
* @param $parameters
* @return string
*/
public function display_links($max_page_links, $parameters = '') {
global $aLang, $sContent;
$display_link = '';
if ( oos_is_not_null($parameters) && (substr($parameters, -5) != '&amp;') ) $parameters .= '&amp;';
// previous button - not displayed on first page
if ($this->current_page_number > 1) {
$display_link .= '<li class="page-item"><a class="page-link" href="' . oos_href_link($sContent, $parameters . $this->page_name . '=' . ($this->current_page_number - 1)) . '" aria-label="' . $aLang['prevnext_button_prev'] . '"><span aria-hidden="true">&laquo;</span><span class="sr-only">' . $aLang['prevnext_button_prev'] . '</span></a></li>';
}
// check if num_pages > $max_page_links
$cur_window_num = intval($this->current_page_number / $max_page_links);
if ($this->current_page_number % $max_page_links) $cur_window_num++;
$max_window_num = intval($this->number_of_pages / $max_page_links);
if ($this->number_of_pages % $max_page_links) $max_window_num++;
// previous window of pages
if ($cur_window_num > 1) $display_link .= '<li class="page-item"><a class="page-link"' . oos_href_link($sContent, $parameters . $this->page_name . '=' . (($cur_window_num - 1) * $max_page_links)) . '">...</a></li>';
// page nn button
for ($jump_to_page = 1 + (($cur_window_num - 1) * $max_page_links); ($jump_to_page <= ($cur_window_num * $max_page_links)) && ($jump_to_page <= $this->number_of_pages); $jump_to_page++) {
if ($jump_to_page == $this->current_page_number) {
// $display_link .= '<li class="page-item active"><a class="page-link" href="' . oos_href_link($sContent, $parameters . $this->page_name . '=' . $jump_to_page) . '">' . $jump_to_page . '<span class="sr-only"></span></a></li>';
$display_link .= '<li class="page-item active"><span class="page-link">' . $jump_to_page . '<span class="sr-only">(current)</span></span></li>';
} else {
$display_link .= '<li class="page-item"><a class="page-link" href="' . oos_href_link($sContent, $parameters . $this->page_name . '=' . $jump_to_page) . '">' . $jump_to_page . '</a></li>';
}
}
// next window of pages
if ($cur_window_num < $max_window_num) $display_link .= '<li class="page-item"><a class="page-link" href="' . oos_href_link($sContent, $parameters . $this->page_name . '=' . (($cur_window_num) * $max_page_links + 1)) . '">...</a></li>';
// next button
if (($this->current_page_number < $this->number_of_pages) && ($this->number_of_pages != 1)) $display_link .= '<li class="page-item"><a class="page-link" href="' . oos_href_link($sContent, $parameters . $this->page_name . '=' . ($this->current_page_number + 1)) . '"><span aria-hidden="true">&raquo;</span><span class="sr-only">' . $aLang['prevnext_button_next'] . '</span></a></li>';
return $display_link;
}
/**
* display number of total products found
*
* @return string
*/
public function display_count($text_output) {
$to_num = ($this->number_of_rows_per_page * $this->current_page_number);
if ($to_num > $this->number_of_rows) $to_num = $this->number_of_rows;
$from_num = ($this->number_of_rows_per_page * ($this->current_page_number - 1));
if ($to_num == 0) {
$from_num = 0;
} else {
$from_num++;
}
return sprintf($text_output, $from_num, $to_num, $this->number_of_rows);
}
}

65
msd2/myoos/includes/classes/class_template.php Normal file
View File

@ -0,0 +1,65 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
/**
* @see libs/Smarty/Smarty.class.php
* @link http://smarty.net
*/
/**
* Smarty class
*
* @package myOOS
* @subpackage myOOS_Smarty
* @see Smarty, libs/Smarty/Smarty.class.php
* @link http://smarty.net/manual/en/
*/
class myOOS_Smarty extends Smarty {
function trigger_error($error_msg, $error_type = E_USER_WARNING) {
throw new SmartyException($error_msg);
}
public function __construct() {
// Class Constructor.
// These automatically get set with each new instance.
parent::__construct();
$this->left_delimiter = '{';
$this->right_delimiter = '}';
$dir = OOS_TEMP_PATH;
if (substr($dir, -1) != "/") {
$dir = $dir."/";
}
$this->setTemplateDir(MYOOS_INCLUDE_PATH . '/templates/')
->setCompileDir( $dir . 'shop/templates_c/')
->setCacheDir($dir . 'shop/cache/');
// set multiple directories where plugins are stored
$this->setPluginsDir(array(
MYOOS_INCLUDE_PATH . '/vendor/smarty/smarty/libs/plugins',
MYOOS_INCLUDE_PATH . '/includes/lib/smarty-plugins'
));
$this->use_sub_dirs = FALSE;
}
}

196
msd2/myoos/includes/classes/class_upload.php Normal file
View File

@ -0,0 +1,196 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: upload.php,v 1.2 2003/06/20 00:18:30 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
class upload {
var $file;
var $filename;
var $destination;
var $permissions;
var $extensions;
var $tmp_filename;
var $message_location;
public function __construct($file = '', $destination = '', $permissions = '644', $extensions = array('jpg', 'jpeg', 'gif', 'png', 'eps', 'cdr', 'ai', 'pdf', 'tif', 'tiff', 'bmp')) {
$this->set_file($file);
$this->set_destination($destination);
$this->set_permissions($permissions);
$this->set_extensions($extensions);
$this->set_output_messages('direct');
if (oos_is_not_null($this->file) && oos_is_not_null($this->destination)) {
$this->set_output_messages('session');
if ( ($this->parse() == TRUE) && ($this->save() == TRUE) ) {
return TRUE;
} else {
return FALSE;
}
}
}
public function parse() {
global $oMessage, $aLang;
$file = array();
if (isset($_FILES[$this->file])) {
$file = array('name' => $_FILES[$this->file]['name'],
'type' => $_FILES[$this->file]['type'],
'size' => $_FILES[$this->file]['size'],
'tmp_name' => $_FILES[$this->file]['tmp_name']);
}
if ( isset($file['tmp_name']) && oos_is_not_null($file['tmp_name']) && ($file['tmp_name'] != 'none') && is_uploaded_file($file['tmp_name']) ) {
if (oos_is_not_null($file['size']) and ($file['size'] > 2048000)) {
if ($this->message_location == 'direct') {
$oMessage->add('upload', $aLang['error_file_too_big'], 'error');
} else {
$oMessage->add_session('upload', $aLang['error_file_too_big'], 'error');
}
return FALSE;
}
if (sizeof($this->extensions) > 0) {
if (!in_array(strtolower(substr($file['name'], strrpos($file['name'], '.')+1)), $this->extensions)) {
if ($this->message_location == 'direct') {
$oMessage->add('upload', $aLang['error_filetype_not_allowed'], 'error');
} else {
$oMessage->add_session('upload', $aLang['error_filetype_not_allowed'], 'error');
}
return FALSE;
}
}
$this->set_file($file);
$this->set_filename($file['name']);
$this->set_tmp_filename($file['tmp_name']);
return $this->check_destination();
} else {
if ($this->message_location == 'direct') {
$oMessage->add('upload', $aLang['warning_no_file_uploaded'], 'warning');
} else {
$oMessage->add_session('upload', $aLang['warning_no_file_uploaded'], 'warning');
}
return FALSE;
}
}
public function save() {
global $oMessage, $aLang;
if (substr($this->destination, -1) != '/') $this->destination .= '/';
if (move_uploaded_file($this->file['tmp_name'], $this->destination . $this->filename)) {
chmod($this->destination . $this->filename, $this->permissions);
$oMessage->add_session('upload', $aLang['success_file_saved_successfully'], 'success');
return TRUE;
} else {
if ($this->message_location == 'direct') {
$oMessage->add('upload', $aLang['error_file_not_saved'], 'error');
} else {
$oMessage->add_session('upload', $aLang['error_file_not_saved'], 'error');
}
return FALSE;
}
}
public function set_file($file) {
$this->file = $file;
}
public function set_destination($destination) {
$this->destination = $destination;
}
public function set_permissions($permissions) {
$this->permissions = octdec($permissions);
}
public function set_filename($filename) {
$this->filename = $filename;
}
public function set_tmp_filename($filename) {
$this->tmp_filename = $filename;
}
public function set_extensions($extensions) {
if (oos_is_not_null($extensions)) {
if (is_array($extensions)) {
$this->extensions = $extensions;
} else {
$this->extensions = array($extensions);
}
} else {
$this->extensions = array();
}
}
public function check_destination() {
global $oMessage, $aLang;
if (!is_writeable($this->destination)) {
if (is_dir($this->destination)) {
if ($this->message_location == 'direct') {
$oMessage->add('upload', $aLang['error_destination_not_writeable'], 'error');
} else {
$oMessage->add_session('upload', $aLang['error_destination_not_writeable'], 'error');
}
} else {
if ($this->message_location == 'direct') {
$oMessage->add('upload', $aLang['error_destination_does_not_exist'], 'error');
} else {
$oMessage->add_session('upload', $aLang['error_destination_does_not_exist'], 'error');
}
}
return FALSE;
} else {
return TRUE;
}
}
public function set_output_messages($location) {
switch ($location) {
case 'session':
$this->message_location = 'session';
break;
case 'direct':
default:
$this->message_location = 'direct';
break;
}
}
}

125
msd2/myoos/includes/classes/class_url_rewrite.php Normal file
View File

@ -0,0 +1,125 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
class url_rewrite{
function transform_uri($param) {
global $session;
unset($path);
unset($url);
$uri = explode("index.php/", $param);
$path = $uri[1];
$base = $uri[0];
$url_array = explode('/', $path);
$aContents = oos_get_content();
if ( (in_array('category', $url_array)) || (in_array($aContents['product_info'], $url_array) && in_array($url_array)) ) {
$_filter = array('content', $aContents['shop'], $session->getName(), $session->getId());
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$nLanguageID = isset($_SESSION['language_id']) ? intval( $_SESSION['language_id'] ) : DEFAULT_LANGUAGE_ID;
$path = '';
$extention = '.html';
for ($i=0; $i < count($url_array); $i++){
switch ($url_array[$i]) {
case 'category':
unset($category);
$category = '';
$i++;
if(preg_match('/[_0-9]/', $url_array[$i])){
if($category_array = explode('_', $url_array[$i])){
foreach($category_array as $value){
$categoriestable = $oostable['categories'];
$categories_descriptiontable = $oostable['categories_description'];
$category_result = $dbconn->Execute("SELECT c.categories_id, cd.categories_name FROM $categoriestable c, $categories_descriptiontable cd WHERE c.categories_id = '" . intval($value) . "' AND c.categories_id = cd.categories_id AND cd.categories_languages_id = '" . intval($nLanguageID) . "'");
$category .= oos_make_filename($category_result->fields['categories_name']) . '/';
}
$category = substr($category, 0, -1);
$category .= '-c-' . $url_array[$i]. '/';
} else {
$category .= 'category/' . $url_array[$i] . '/';
}
}
$path .= $category;
break;
case 'products_id':
unset($product);
$i++;
if ($url_array[$i]) {
$products_descriptiontable = $oostable['products_description'];
$product_result = $dbconn->Execute("SELECT products_name FROM $products_descriptiontable WHERE products_id = '" . intval($url_array[$i]) . "' AND products_languages_id = '" . intval($nLanguageID) . "'");
$product = oos_make_filename($product_result->fields['products_name']);
$path .= $product . '-p-' . $url_array[$i] . '/';
}
break;
case 'manufacturers_id':
unset($manufacturer);
$i++;
if ($url_array[$i]) {
$manufacturerstable = $oostable['manufacturers'];
$manufacturer_result = $dbconn->Execute("SELECT manufacturers_name FROM $manufacturerstable WHERE manufacturers_id = '" . intval($url_array[$i]) . "'");
$manufacturer = oos_make_filename($manufacturer_result->fields['manufacturers_name']);
$path .= $manufacturer . '-m-' . $url_array[$i] . '/';
}
break;
default:
if (!in_array($url_array[$i], $_filter)) {
$path .= $url_array[$i] . '/';
}
break;
}
}
$pos = strpos ($path, "-p-");
if ($pos === FALSE) {
// $remove = array('-c-');
} else {
$remove = array('-m-', '-c-');
}
$path = str_replace($remove, '-', $path);
if (strpos($path, '//') !== FALSE) $path = str_replace('//', '/', $path);
if (substr($path, -1) == '/') $path = substr($path, 0, -1);
$url = $base . $path . $extention;
} else {
$url = $param;
}
return $url;
}
}

114
msd2/myoos/includes/classes/class_user.php Normal file
View File

@ -0,0 +1,114 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
Customers_status v3.x / Catalog part
Copyright elari@free.fr
Contribution based on:
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2002 - 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
class oosUser {
var $group;
var $groupID;
public function __construct() {
$this->reset();
}
public function anonymous() {
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$nLanguageID = isset($_SESSION['language_id']) ? intval( $_SESSION['language_id'] ) : DEFAULT_LANGUAGE_ID;
$customers_statustable = $oostable['customers_status'];
$sql = "SELECT customers_status_id, customers_status_name, customers_status_public,
customers_status_show_price, customers_status_show_price_tax,
customers_status_ot_discount_flag, customers_status_ot_discount,
customers_status_ot_minimum, customers_status_qty_discounts, customers_status_payment
FROM $customers_statustable
WHERE customers_status_id = '" . DEFAULT_CUSTOMERS_STATUS_ID . "' AND
customers_status_languages_id = '" . intval($nLanguageID) . "'";
$customer_status = $dbconn->GetRow($sql);
$this->group = array('id' => $customer_status['customers_status_id'],
'text' => $customer_status['customers_status_name'],
'public' => $customer_status['customers_status_public'],
'show_price' => $customer_status['customers_status_show_price'],
'price_with_tax' => $customer_status['customers_status_show_price_tax'],
'ot_discount_flag' => $customer_status['customers_status_ot_discount_flag'],
'ot_discount' => $customer_status['customers_status_ot_discount'],
'ot_minimum' => $customer_status['customers_status_ot_minimum'],
'qty_discounts' => $customer_status['customers_status_qty_discounts'],
'payment' => $customer_status['customers_status_payment']);
}
public function restore_group() {
if (!isset($_SESSION['customer_id'])) return FALSE;
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$nLanguageID = isset( $_SESSION['language_id']) ? intval( $_SESSION['language_id'] ) : 1;
$customerstable = $oostable['customers'];
$customers_statustable = $oostable['customers_status'];
$sql = "SELECT c.customers_status, cs.customers_status_id, cs.customers_status_name, cs.customers_status_public,
cs.customers_status_show_price, cs.customers_status_show_price_tax,
cs.customers_status_ot_discount_flag, cs.customers_status_ot_minimum,
cs.customers_status_ot_discount, cs.customers_status_qty_discounts, cs.customers_status_payment
FROM $customerstable AS c LEFT JOIN
$customers_statustable AS cs
ON customers_status = customers_status_id
WHERE c.customers_id='" . intval($_SESSION['customer_id']) . "' AND
cs.customers_status_languages_id = '" . intval($nLanguageID) . "'";
$customer_status = $dbconn->GetRow($sql);
$this->group = array('id' => $customer_status['customers_status_id'],
'text' => $customer_status['customers_status_name'],
'public' => $customer_status['customers_status_public'],
'show_price' => $customer_status['customers_status_show_price'],
'price_with_tax' => $customer_status['customers_status_show_price_tax'],
'ot_discount_flag' => $customer_status['customers_status_ot_discount_flag'],
'ot_discount' => $customer_status['customers_status_ot_discount'],
'ot_minimum' => $customer_status['customers_status_ot_minimum'],
'qty_discounts' => $customer_status['customers_status_qty_discounts'],
'payment' => $customer_status['customers_status_payment']);
$this->groupID = $this->generate_group_id();
}
public function reset() {
$this->group = array();
unset($this->groupID);
if (isset($_SESSION['groupID'])) unset($_SESSION['groupID']);
}
public function generate_group_id($length = 24) {
return oos_create_random_value($length, 'digits');
}
}

64
msd2/myoos/includes/configure.php Normal file
View File

@ -0,0 +1,64 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: configure.php,v 1.77.2.1 2002/04/14 15:58:15 proca
----------------------------------------------------------------------
POST-NUKE Content Management System
Copyright (C) 2001 by the Post-Nuke Development Team.
http://www.postnuke.com/
File: configure.php,v 1.13 2003/02/10 22:30:51 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
define('OOS_HTTPS_SERVER', ''); // No trailing slash
define('OOS_SHOP', '');
define('OOS_ADMIN', 'admin/');
define('OOS_IMAGES', 'images/');
define('OOS_SHOP_IMAGES', '../' . OOS_IMAGES);
define('OOS_ICONS', OOS_IMAGES . 'icons/');
define('OOS_MEDIA', 'media/');
define('OOS_DOWNLOAD', OOS_SHOP . 'pub/');
define('OOS_ABSOLUTE_PATH', '');
define('OOS_DOWNLOAD_PATH', OOS_ABSOLUTE_PATH . 'download/');
define('OOS_DOWNLOAD_PATH_PUBLIC', OOS_ABSOLUTE_PATH . 'pub/');
define('OOS_FEEDS_EXPORT_PATH', OOS_ABSOLUTE_PATH . 'feed/');
define('OOS_EXPORT_PATH', OOS_ABSOLUTE_PATH . OOS_ADMIN . 'export/');
define('OOS_UPLOADS', OOS_ABSOLUTE_PATH . OOS_IMAGES . 'uploads/');
define('OOS_TEMP_PATH', OOS_ABSOLUTE_PATH . 'temp/');
define('ADODB_ERROR_LOG_DEST', OOS_TEMP_PATH . 'logs/adodb_error.log');
define('ADODB_ERROR_LOG_TYPE', 3);
define('ADODB_ASSOC_CASE', 0); // assoc lowercase for ADODB_FETCH_ASSOC
define('OOS_DB_TYPE', '');
define('OOS_DB_SERVER', '');
define('OOS_DB_USERNAME', '');
define('OOS_DB_PASSWORD', '');
define('OOS_DB_DATABASE', '');
define('OOS_DB_PREFIX', '');
define('OOS_ENCODED', '');
define('OOS_SYSTEM', '');

92
msd2/myoos/includes/content/account.php Normal file
View File

@ -0,0 +1,92 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: account.php,v 1.58 2003/02/13 01:58:22 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/user_account.php';
$customerstable = $oostable['customers'];
$address_bookstable = $oostable['address_book'];
$sql = "SELECT c.customers_gender, c.customers_firstname, c.customers_lastname,
c.customers_dob, c.customers_email_address, c.customers_telephone,
a.entry_company, a.entry_owner, a.entry_vat_id, a.entry_vat_id_status,
a.entry_street_address, a.entry_postcode, a.entry_city,
a.entry_zone_id, a.entry_state, a.entry_country_id
FROM $customerstable c,
$address_bookstable a
WHERE c.customers_id = '" . intval($_SESSION['customer_id']) . "'
AND a.customers_id = c.customers_id
AND a.address_book_id = '" . intval($_SESSION['customer_default_address_id']) . "'";
$account = $dbconn->GetRow($sql);
if ($account['customers_gender'] == 'm') {
$gender = $aLang['male'];
} elseif ($account['customers_gender'] == 'f') {
$gender = $aLang['female'];
}
$sCountryName = oos_get_country_name($account['entry_country_id']);
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['account']));
$aTemplate['page'] = $sTheme . '/page/user_account.html';
$nPageType = OOS_PAGE_TYPE_ACCOUNT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'account_active' => 1,
'robots' => 'noindex,follow,noodp,noydir',
'account' => $account,
'gender' => $gender,
'oos_get_country_name' => $sCountryName,
'newsletter' => $newsletter
)
);
// display the template
$smarty->display($aTemplate['page']);

104
msd2/myoos/includes/content/account_address_book.php Normal file
View File

@ -0,0 +1,104 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: address_book.php,v 1.55 2003/02/13 01:58:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/account_address_book.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_address.php';
$address_booktable = $oostable['address_book'];
$sql = "SELECT address_book_id, entry_company, entry_firstname, entry_lastname,
entry_street_address, entry_postcode, entry_city, entry_state,
entry_country_id, entry_zone_id
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
ORDER BY entry_firstname, entry_lastname";
$address_book_result = $dbconn->Execute($sql);
$aAddressBook = array();
while ($address_book = $address_book_result->fields) {
$state = $address_book['entry_state'];
$country_id = $address_book['entry_country_id'];
$zone_id = $address_book['entry_zone_id'];
$country = oos_get_country_name($country_id);
if (ACCOUNT_STATE == 'true') {
$state = oos_get_zone_code($country_id, $zone_id, $state);
}
$aAddressBook[] = array('address_book_id' => $address_book['address_book_id'],
'company' => $address_book['entry_company'],
'firstname' => $address_book['entry_firstname'],
'lastname' => $address_book['entry_lastname'],
'street_address' => $address_book['entry_street_address'],
'postcode' => $address_book['entry_postcode'],
'city' => $address_book['entry_city'],
'country' => $country,
'state' => $state);
$address_book_result->MoveNext();
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['account']));
$oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['account_address_book']));
$aTemplate['page'] = $sTheme . '/page/address_book.html';
$nPageType = OOS_PAGE_TYPE_ACCOUNT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
if ($oMessage->size('addressbook') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('addressbook') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'account_active' => 1,
'address_book' => $aAddressBook
)
);
// display the template
$smarty->display($aTemplate['page']);

430
msd2/myoos/includes/content/account_address_book_process.php Normal file
View File

@ -0,0 +1,430 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: address_book_process.php,v 1.73 2003/02/13 01:58:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_address.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/account_address_book_process.php';
if ( isset($_POST['action']) && ($_POST['action'] == 'deleteconfirm') && isset($_POST['entry_id']) && is_numeric($_POST['entry_id']) &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
$entry_id = oos_db_prepare_input($_POST['entry_id']);
if ($entry_id == $_SESSION['customer_default_address_id']) {
$oMessage->add_session('addressbook', $aLang['warning_primary_address_deletion'], 'warning');
} else {
$address_booktable = $oostable['address_book'];
$query = "DELETE FROM $address_booktable
WHERE address_book_id = '" . intval($entry_id) . "'
AND customers_id = '" . intval($_SESSION['customer_id']) . "'";
$dbconn->Execute($query);
$oMessage->add_session('addressbook', $aLang['success_address_book_entry_deleted'], 'success');
}
oos_redirect(oos_href_link($aContents['account_address_book']));
}
// Post-entry error checking when updating or adding an entry
$bProcess = FALSE;
if ( isset($_POST['action']) && ($_POST['action'] == 'process') || ($_POST['action'] == 'update') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
$bProcess = TRUE;
if ( isset($_POST['entry_id']) && is_numeric($_POST['entry_id']) ) {
$entry_id = oos_db_prepare_input($_POST['entry_id']);
}
if (ACCOUNT_GENDER == 'true') {
if (isset($_POST['gender'])) {
$gender = oos_db_prepare_input($_POST['gender']);
} else {
$gender = FALSE;
}
}
$firstname = oos_db_prepare_input($_POST['firstname']);
$lastname = oos_db_prepare_input($_POST['lastname']);
if (ACCOUNT_COMPANY == 'true') $company = oos_db_prepare_input($_POST['company']);
if (ACCOUNT_OWNER == 'true') $owner = oos_db_prepare_input($_POST['owner']);
if (ACCOUNT_VAT_ID == 'true') $vat_id = oos_db_prepare_input($_POST['vat_id']);
$street_address = oos_db_prepare_input($_POST['street_address']);
$postcode = oos_db_prepare_input($_POST['postcode']);
$city = oos_db_prepare_input($_POST['city']);
if (ACCOUNT_STATE == 'true') {
$state = oos_db_prepare_input($_POST['state']);
if (isset($_POST['zone_id'])) {
$zone_id = oos_db_prepare_input($_POST['zone_id']);
} else {
$zone_id = FALSE;
}
}
$country = oos_db_prepare_input($_POST['country']);
$bError = FALSE; // reset error flag
if (ACCOUNT_GENDER == 'true') {
if ( ($gender != 'm') && ($gender != 'f') ) {
$bError = TRUE;
$oMessage->add_session('addressbook', $aLang['entry_gender_error']);
}
}
if (strlen($firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add_session('addressbook', $aLang['entry_first_name_error'] );
}
if (strlen($lastname) < ENTRY_LAST_NAME_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add_session('addressbook', $aLang['entry_last_name_error'] );
}
if (ACCOUNT_COMPANY_VAT_ID_CHECK == 'true'){
if (!empty($vat_id) && (!oos_validate_is_vatid($vat_id))) {
$bError = TRUE;
$oMessage->add_session('addressbook', $aLang['entry_vat_id_error']);
} else {
$vatid_check_error = FALSE;
}
}
if (strlen($street_address) < ENTRY_STREET_ADDRESS_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add_session('addressbook', $aLang['entry_street_address_error']);
}
if (strlen($postcode) < ENTRY_POSTCODE_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add_session('addressbook', $aLang['entry_post_code_error']);
}
if (strlen($city) < ENTRY_CITY_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add_session('addressbook', $aLang['entry_city_error']);
}
if (is_numeric($country) == FALSE) {
$bError = TRUE;
$oMessage->add_session('addressbook', $aLang['entry_country_error']);
}
if (ACCOUNT_STATE == 'true') {
$zone_id = 0;
$zonestable = $oostable['zones'];
$country_check_sql = "SELECT COUNT(*) AS total
FROM $zonestable
WHERE zone_country_id = '" . intval($country) . "'";
$country_check = $dbconn->Execute($country_check_sql);
$entry_state_has_zones = ($country_check->fields['total'] > 0);
if ($entry_state_has_zones == TRUE) {
$zonestable = $oostable['zones'];
$zone_query = "SELECT DISTINCT zone_id
FROM $zonestable
WHERE zone_country_id = '" . intval($country) . "'
AND (zone_name = '" . oos_db_input($state) . "'
OR zone_code = '" . oos_db_input($state) . "')";
$zone_result = $dbconn->Execute($zone_query);
if ($zone_result->RecordCount() == 1) {
$zone = $zone_result->fields;
$zone_id = $zone['zone_id'];
} else {
$bError = TRUE;
$oMessage->add_session('addressbook', $aLang['entry_state_error_select']);
}
} else {
if (strlen($state) < ENTRY_STATE_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add_session('addressbook', $aLang['entry_state_error']);
}
}
}
if ($bError == FALSE) {
$sql_data_array = array('entry_firstname' => $firstname,
'entry_lastname' => $lastname,
'entry_street_address' => $street_address,
'entry_postcode' => $postcode,
'entry_city' => $city,
'entry_country_id' => $country);
if (ACCOUNT_GENDER == 'true') $sql_data_array['entry_gender'] = $gender;
if (ACCOUNT_COMPANY == 'true') $sql_data_array['entry_company'] = $company;
if (ACCOUNT_OWNER == 'true') $sql_data_array['entry_owner'] = $owner;
if (ACCOUNT_STATE == 'true') {
if ($zone_id > 0) {
$sql_data_array['entry_zone_id'] = $zone_id;
$sql_data_array['entry_state'] = '';
} else {
$sql_data_array['entry_zone_id'] = '0';
$sql_data_array['entry_state'] = $state;
}
}
if ((ACCOUNT_COMPANY_VAT_ID_CHECK == 'true') && ($vatid_check_error == FALSE)) {
$sql_data_array['entry_vat_id_status'] = '1';
} else {
$sql_data_array['entry_vat_id_status'] = '0';
}
if ($_POST['action'] == 'update') {
$address_booktable = $oostable['address_book'];
$check_query = "SELECT address_book_id FROM $address_booktable WHERE address_book_id = '" . intval($entry_id) . "'' AND customers_id = '" . intval($_SESSION['customer_id']) . "'";
$check_result = $dbconn->Execute($check_query);
if ($check_result->RecordCount()) {
oos_db_perform($oostable['address_book'], $sql_data_array, 'UPDATE', "address_book_id = '" . intval($entry_id) . "' AND customers_id ='" . intval($_SESSION['customer_id']) . "'");
if ( (isset($_POST['primary']) && ($_POST['primary'] == 'on')) || ($entry_id == $_SESSION['customer_default_address_id']) ) {
if (ACCOUNT_GENDER == 'true') $_SESSION['customer_gender'] = $gender;
$_SESSION['customer_first_name'] = $firstname;
$_SESSION['customer_lastname'] = $lastname;
$_SESSION['customer_country_id'] = $country;
$_SESSION['customer_zone_id'] = (($zone_id > 0) ? (int)$zone_id : '0');
$_SESSION['customer_default_address_id'] = intval($entry_id);
if ((ACCOUNT_COMPANY_VAT_ID_CHECK == 'true') && ($vatid_check_error == FALSE)) {
$_SESSION['customers_vat_id_status'] = '1';
} else {
$_SESSION['customers_vat_id_status'] = '0';
}
$sql_data_array = array('customers_firstname' => $firstname,
'customers_lastname' => $lastname,
'customers_default_address_id' => intval($entry_id));
if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $gender;
oos_db_perform($oostable['customers'], $sql_data_array, 'UPDATE', "customers_id = '" . intval($_SESSION['customer_id']) . "'");
$update_info_sql = "UPDATE " . $oostable['customers_info'] . "
SET customers_info_date_account_last_modified = now()
WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'";
$dbconn->Execute($update_info_sql);
}
}
} else {
$sql_data_array['customers_id'] = intval($_SESSION['customer_id']);
oos_db_perform($oostable['address_book'], $sql_data_array);
$new_address_book_id = $dbconn->Insert_ID();
if (isset($_POST['primary']) && ($_POST['primary'] == 'on')) {
if (ACCOUNT_GENDER == 'true') $_SESSION['customer_gender'] = $gender;
$_SESSION['customer_first_name'] = $firstname;
$_SESSION['customer_lastname'] = $lastname;
$_SESSION['customer_country_id'] = $country;
$_SESSION['customer_zone_id'] = (($zone_id > 0) ? (int)$zone_id : '0');
$_SESSION['customer_default_address_id'] = $new_address_book_id;
if ((ACCOUNT_COMPANY_VAT_ID_CHECK == 'true') && ($vatid_check_error == FALSE)) {
$_SESSION['customers_vat_id_status'] = '1';
} else {
$_SESSION['customers_vat_id_status'] = '0';
}
$sql_data_array = array('customers_firstname' => $firstname,
'customers_lastname' => $lastname);
if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $gender;
$sql_data_array['customers_default_address_id'] = $new_address_book_id;
oos_db_perform($oostable['customers'], $sql_data_array, 'UPDATE', "customers_id = '" . intval($_SESSION['customer_id']) . "'");
$update_info_sql = "UPDATE " . $oostable['customers_info'] . "
SET customers_info_date_account_last_modified = now()
WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'";
$dbconn->Execute($update_info_sql);
}
$oMessage->add_session('addressbook', $aLang['success_address_book_entry_updated'], 'success');
oos_redirect(oos_href_link($aContents['account_address_book']));
}
}
}
if (isset($_GET['edit']) && is_numeric($_GET['edit'])) {
$address_booktable = $oostable['address_book'];
$address_sql = "SELECT entry_gender, entry_company, entry_owner, entry_vat_id, entry_vat_id_status,
entry_firstname, entry_lastname, entry_street_address, entry_postcode, entry_city,
entry_state, entry_zone_id, entry_country_id
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
AND address_book_id = '" . intval($_GET['edit']) . "'";
$entry_result = $dbconn->Execute($address_sql);
if (!$entry_result->RecordCount()) {
$oMessage->add_session('addressbook', $aLang['error_nonexisting_address_book_entry']);
oos_redirect(oos_href_link($aContents['account_address_book']));
}
$entry = $entry_result->fields;
} elseif (isset($_GET['delete']) && is_numeric($_GET['delete'])) {
$entry_id = oos_db_prepare_input($_GET['delete']);
if ($delete == $_SESSION['customer_default_address_id']) {
$oMessage->add_session('addressbook', $aLang['warning_primary_address_deletion'], 'warning');
oos_redirect(oos_href_link($aContents['account_address_book']));
} else {
$address_booktable = $oostable['address_book'];
$check_query = "SELECT count(*) as total FROM $address_booktable WHERE address_book_id = '" . intval($entry_id) . "' AND customers_id = '" . intval($_SESSION['customer_id']) . "'";
$check_result = $dbconn->Execute($check_query);
if ($check_result->fields['total'] < 1) {
$oMessage->add_session('addressbook', $aLang['error_nonexisting_address_book_entry']);
oos_redirect(oos_href_link($aContents['account_address_book']));
}
}
} else {
$entry = array('entry_country_id' => STORE_COUNTRY);
}
if (!isset($_GET['delete']) && !isset($_GET['edit'])) {
if (oos_count_customer_address_book_entries() >= MAX_ADDRESS_BOOK_ENTRIES) {
$oMessage->add_session('addressbook', $aLang['error_address_book_full']);
oos_redirect(oos_href_link($aContents['account_address_book']));
}
}
if ( isset($_GET['entry_id']) && is_numeric($_GET['entry_id']) ) {
$entry_id = oos_db_prepare_input($_GET['entry_id']);
}
$back_link = oos_href_link($aContents['account_address_book']);
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['account']));
$oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['account_address_book']));
if (isset ($_GET['edit']) && is_numeric($_GET['edit'])) {
$oBreadcrumb->add($aLang['navbar_title_modify_entry'], oos_href_link($aContents['account_address_book_process'], 'edit=' . intval($_GET['edit'])));
} elseif (isset ($_GET['delete']) && is_numeric($_GET['delete'])) {
$oBreadcrumb->add($aLang['navbar_title_delete_entry'], oos_href_link($aContents['account_address_book_process'], 'delete=' . intval($_GET['delete'])));
} else {
$oBreadcrumb->add($aLang['navbar_title_add_entry'], oos_href_link($aContents['account_address_book_process']));
}
$aTemplate['page'] = $sTheme . '/page/address_book_process.html';
$nPageType = OOS_PAGE_TYPE_ACCOUNT;
$sPagetitle = $aLang['navbar_title_1'] . ' ' . $aLang['navbar_title_2'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'back_link' => $back_link,
'entry_id' => $entry_id,
'process' => $process
)
);
if (isset($_GET['action']) && $_GET['action'] == 'edit') {
$smarty->assign(
array(
'heading_title' => $aLang['heading_title_modify_entry']
)
);
} else {
$smarty->assign(
array(
'heading_title' => $aLang['heading_title_add_entry']
)
);
}
$smarty->assign(
array(
'robots' => 'noindex,nofollow,noodp,noydir',
'account_active' => 1,
'gender' => $gender,
'firstname' => $firstname,
'lastname' => $lastname,
'company' => $company,
'street_address' => $street_address,
'postcode' => $postcode,
'city' => $city,
'country' => $country
)
);
if ($state_has_zones == 'true') {
$aZonesNames = array();
$aZonesValues = array();
$zonestable = $oostable['zones'];
$zones_query = "SELECT zone_name FROM $zonestable
WHERE zone_country_id = '" . oos_db_input($country) . "'
ORDER BY zone_name";
$zones_result = $dbconn->Execute($zones_query);
while ($zones = $zones_result->fields) {
$aZonesNames[] = $zones['zone_name'];
$aZonesValues[] = $zones['zone_name'];
$zones_result->MoveNext();
}
$smarty->assign('zones_names', $aZonesNames);
$smarty->assign('zones_values', $aZonesValues);
} else {
$state = oos_get_zone_name($country, $zone_id, $state);
$smarty->assign('state', $state);
$smarty->assign('zone_id', $zone_id);
}
$country_name = oos_get_country_name($country);
$smarty->assign('country_name', $country_name);
$smarty->assign('entry', $entry);
// display the template
$smarty->display($aTemplate['page']);

272
msd2/myoos/includes/content/account_edit.php Normal file
View File

@ -0,0 +1,272 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: account_edit.php,v 1.62 2003/02/13 01:58:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
// require the password crypto functions
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_password.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_validate_vatid.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/account_edit.php';
if ( isset($_POST['action']) && ($_POST['action'] == 'process') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
if (ACCOUNT_GENDER == 'true') {
if (isset($_POST['gender'])) {
$gender = oos_db_prepare_input($_POST['gender']);
} else {
$gender = FALSE;
}
}
$firstname = oos_db_prepare_input($_POST['firstname']);
$lastname = oos_db_prepare_input($_POST['lastname']);
if (ACCOUNT_DOB == 'true') $dob = oos_db_prepare_input($_POST['dob']);
$email_address = oos_db_prepare_input($_POST['email_address']);
if (ACCOUNT_TELEPHONE == 'true') $telephone = oos_db_prepare_input($_POST['telephone']);
$password = oos_db_prepare_input($_POST['password']);
$confirmation = oos_db_prepare_input($_POST['confirmation']);
if (isset($_POST['newsletter'])) {
$newsletter = oos_db_prepare_input($_POST['newsletter']);
}
$bError = FALSE; // reset error flag
if (ACCOUNT_GENDER == 'true') {
if ( ($gender != 'm') && ($gender != 'f') ) {
$bError = TRUE;
$oMessage->add('account_edit', $aLang['entry_gender_error']);
}
}
if (strlen($firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('account_edit', $aLang['entry_first_name_error'] );
}
if (strlen($lastname) < ENTRY_LAST_NAME_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('account_edit', $aLang['entry_last_name_error'] );
}
if (ACCOUNT_DOB == 'true') {
if ((strlen($dob) < ENTRY_DOB_MIN_LENGTH) || (!empty($dob) &&
(!is_numeric(oos_date_raw($dob)) ||
!checkdate(substr(oos_date_raw($dob), 4, 2), substr(oos_date_raw($dob), 6, 2), substr(oos_date_raw($dob), 0, 4))))) {
$bError = TRUE;
$oMessage->add('account_edit', $aLang['entry_date_of_birth_error'] );
}
}
if (strlen($email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('account_edit', $aLang['entry_email_address_error']);
} elseif (oos_validate_is_email($email_address) == FALSE) {
$bError = TRUE;
$oMessage->add('account_edit', $aLang['entry_email_address_check_error']);
} else {
$customerstable = $oostable['customers'];
$check_email_sql = "SELECT customers_email_address
FROM $customerstable
WHERE customers_email_address = '" . oos_db_input($email_address) . "'
AND customers_id != '" . intval($_SESSION['customer_id']) . "'";
$check_email = $dbconn->Execute($check_email_sql);
if ($check_email->RecordCount()) {
$bError = TRUE;
$oMessage->add('account_edit', $aLang['entry_email_address_error_exists']);
}
}
if (strlen($password) < ENTRY_PASSWORD_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('account_edit', $aLang['entry_password_error']);
} elseif ($password != $confirmation) {
$bError = TRUE;
$oMessage->add('account_edit', $aLang['entry_password_error_not_matching']);
}
if ($bError == FALSE) {
$new_encrypted_password = oos_encrypt_password($password);
$sql_data_array = array('customers_firstname' => $firstname,
'customers_lastname' => $lastname,
'customers_email_address' => $email_address,
'customers_password' => $new_encrypted_password);
if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $gender;
if (ACCOUNT_DOB == 'true') $sql_data_array['customers_dob'] = oos_date_raw($dob);
if (ACCOUNT_TELEPHONE == 'true') $sql_data_array['customers_telephone'] = $telephone;
oos_db_perform($oostable['customers'], $sql_data_array, 'UPDATE', "customers_id = '" . intval($_SESSION['customer_id']) . "'");
$sql_data_array = array('entry_firstname' => $firstname,
'entry_lastname' => $lastname);
if (ACCOUNT_GENDER == 'true') $sql_data_array['entry_gender'] = $gender;
oos_db_perform($oostable['address_book'], $sql_data_array, 'UPDATE', "customers_id = '" . intval($_SESSION['customer_id']) . "' AND address_book_id = '" . intval($_SESSION['customer_default_address_id']) . "'");
$update_info_sql = "UPDATE " . $oostable['customers_info'] . "
SET customers_info_date_account_last_modified = now()
WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'";
$dbconn->Execute($update_info_sql);
if (SEND_CUSTOMER_EDIT_EMAILS == 'true') {
$email_owner = $aLang['owner_email_subject'] . "\n" .
$aLang['email_separator'] . "\n" .
$aLang['owner_email_date'] . ' ' . strftime(DATE_FORMAT_LONG) . "\n\n" .
$aLang['email_separator'] . "\n";
if (ACCOUNT_COMPANY == 'true') {
$email_owner .= $aLang['owner_email_company_info'] . "\n" .
$aLang['owner_email_company'] . ' ' . $company . "\n";
if (ACCOUNT_OWNER == 'true') {
$email_owner .= $aLang['owner_email_owner'] . ' ' . $owner . "\n";
}
if (ACCOUNT_VAT_ID == 'true') {
$email_owner .= $aLang['entry_vat_id'] . ' ' . $vat_id . "\n";
}
}
if (ACCOUNT_GENDER == 'true') {
if ($gender == 'm') {
$email_owner .= $aLang['entry_gender'] . ' ' . $aLang['male'] . "\n";
} else {
$email_owner .= $aLang['entry_gender'] . ' ' . $aLang['female'] . "\n";
}
}
$email_owner .= $aLang['owner_email_first_name'] . ' ' . $firstname . "\n" .
$aLang['owner_email_last_name'] . ' ' . $lastname . "\n\n" .
$aLang['owner_email_street'] . ' ' . $street_address . "\n" .
$aLang['owner_email_post_code'] . ' ' . $postcode . "\n" .
$aLang['owner_email_city'] . ' ' . $city . "\n" .
$aLang['email_separator'] . "\n\n" .
$aLang['owner_email_contact'] . "\n" .
$aLang['owner_email_telephone_number'] . ' ' . $telephone . "\n" .
$aLang['owner_email_address'] . ' ' . $email_address . "\n" .
$aLang['email_separator'] . "\n\n" .
$aLang['owner_email_options'] . "\n";
if ($newsletter == '1') {
$email_owner .= $aLang['owner_email_newsletter'] . $aLang['entry_newsletter_yes'] . "\n";
} else {
$email_owner .= $aLang['owner_email_newsletter'] . $aLang['entry_newsletter_no'] . "\n";
}
oos_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $aLang['owner_email_subject'], nl2br($email_owner), $name, $email_address);
}
if (NEWSLETTER == 'true') {
if ( isset($newsletter) && ($newsletter == 'yes') ) {
oos_newsletter_subscribe_mail($email_address);
}
}
oos_redirect(oos_href_link($aContents['account']));
}
}
$customerstable = $oostable['customers'];
$sql = "SELECT customers_gender, customers_firstname, customers_lastname, customers_dob, customers_email_address, customers_telephone
FROM $customerstable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'";
$account = $dbconn->GetRow($sql);
if (ACCOUNT_GENDER == 'true') {
if (isset($gender)) {
$male = ($gender == 'm') ? TRUE : FALSE;
} else {
$male = ($account['customers_gender'] == 'm') ? TRUE : FALSE;
}
$female = !$male;
}
$bNewsletter = FALSE;
if (NEWSLETTER == 'true') {
if (!isset($email_address)) {
$email_address = $account['customers_email_address'];
}
$newsletter_recipients = $oostable['newsletter_recipients'];
$sql = "SELECT recipients_id
FROM $newsletter_recipients
WHERE customers_email_address = '" . oos_db_input($email_address) . "'
AND status = '1'";
$check_recipients_result = $dbconn->Execute($sql);
if (!$check_recipients_result->RecordCount()) {
$bNewsletter = TRUE;
}
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['account']));
$oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['account_edit']));
$aTemplate['page'] = $sTheme . '/page/account_edit.html';
$nPageType = OOS_PAGE_TYPE_ACCOUNT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
if ($oMessage->size('account_edit') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('account_edit') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'account_active' => 1,
'account' => $account,
'female' => $female,
'male' => $male,
'bNewsletter' => $bNewsletter
)
);
// display the template
$smarty->display($aTemplate['page']);

113
msd2/myoos/includes/content/account_history.php Normal file
View File

@ -0,0 +1,113 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: account_history.php,v 1.58 2003/02/13 01:58:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
$nPage = isset($_GET['page']) ? intval( $_GET['page'] ) : 1;
// split-page-results
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_split_page_results.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/account_history.php';
$orderstable = $oostable['orders'];
$orders_totaltable = $oostable['orders_total'];
$orders_statustable = $oostable['orders_status'];
$history_result_raw = "SELECT o.orders_id, o.date_purchased, o.delivery_name, ot.text AS order_total,
s.orders_status_name
FROM $orderstable o LEFT JOIN
$orders_totaltable ot
ON (o.orders_id = ot.orders_id) LEFT JOIN
$orders_statustable s
ON (o.orders_status = s.orders_status_id
AND s.orders_languages_id = '" . intval($nLanguageID) . "')
WHERE o.customers_id = '" . intval($_SESSION['customer_id']) . "'
AND ot.class = 'ot_total'
ORDER BY orders_id DESC";
$history_split = new splitPageResults($history_result_raw, MAX_DISPLAY_ORDER_HISTORY);
$history_result = $dbconn->Execute($history_split->sql_query);
$aHistory = array();
if ($history_result->RecordCount()) {
while ($history = $history_result->fields) {
$orders_productstable = $oostable['orders_products'];
$sql = "SELECT COUNT(*) AS total
FROM $orders_productstable
WHERE orders_id = '" . intval($history['orders_id']) . "'";
$products = $dbconn->Execute($sql);
$aHistory[] = array('orders_id' => $history['orders_id'],
'orders_status_name' => $history['orders_status_name'],
'date_purchased' => $history['date_purchased'],
'delivery_name' => $history['delivery_name'],
'products_total' => $products->fields['total'],
'order_total' => strip_tags($history['order_total']));
// Move that ADOdb pointer!
$history_result->MoveNext();
}
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['account']));
$oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['account_history']));
$aTemplate['page'] = $sTheme . '/page/account_history.html';
$nPageType = OOS_PAGE_TYPE_ACCOUNT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'account_active' => 1,
'page_split' => $history_split->display_count($aLang['text_display_number_of_orders']),
'display_links' => $history_split->display_links(MAX_DISPLAY_PAGE_LINKS, oos_get_all_get_parameters(array('page', 'info'))),
'numrows' => $history_split->number_of_rows,
'numpages' => $history_split->number_of_pages,
'page' => $nPage,
'history' => $aHistory
)
);
// display the template
$smarty->display($aTemplate['page']);

110
msd2/myoos/includes/content/account_history_info.php Normal file
View File

@ -0,0 +1,110 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: account_history_info.php,v 1.94 2003/02/14 20:28:46 dgw_
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
if (!isset($_GET['order_id'])) {
oos_redirect(oos_href_link($aContents['account_history']));
}
$nPage = isset($_GET['page']) ? intval( $_GET['page'] ) : 1;
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/account_history_info.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_address.php';
$orderstable = $oostable['orders'];
$sql = "SELECT customers_id
FROM $orderstable
WHERE orders_id = '" . intval($_GET['order_id']) . "'";
$customer_number = $dbconn->GetOne($sql);
if ($customer_number != $_SESSION['customer_id']) {
oos_redirect(oos_href_link($aContents['account_history']));
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['account']));
$oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['account_history'], 'page=' . $nPage));
$oBreadcrumb->add($aLang['navbar_title_3'], oos_href_link($aContents['account_history_info'], 'order_id=' . intval($_GET['order_id'])));
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_order.php';
$oOrder = new order($_GET['order_id']);
$aTemplate['page'] = $sTheme . '/page/account_history_info.html';
if (DOWNLOAD_ENABLED == 'true') {
$aTemplate['download'] = $sTheme . '/page/download.html';
}
$nPageType = OOS_PAGE_TYPE_ACCOUNT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'account_active' => 1,
'page' => $nPage
)
);
$smarty->assign('order', $oOrder);
$smarty->assign('currencies', $oCurrencies);
$orders_statustable = $oostable['orders_status'];
$orders_status_historytable = $oostable['orders_status_history'];
$sql = "SELECT os.orders_status_name, osh.date_added, osh.comments
FROM $orders_statustable os,
$orders_status_historytable osh
WHERE osh.orders_id = '" . intval($_GET['order_id']) . "'
AND osh.orders_status_id = os.orders_status_id
AND os.orders_languages_id = '" . intval($nLanguageID) . "'
ORDER BY osh.date_added";
$smarty->assign('statuses_array', $dbconn->GetAll($sql));
if (DOWNLOAD_ENABLED == 'true') {
require_once MYOOS_INCLUDE_PATH . '/includes/modules/downloads.php';
$smarty->assign('download', $smarty->fetch($aTemplate['download']));
}
// display the template
$smarty->display($aTemplate['page']);

173
msd2/myoos/includes/content/account_order_history.php Normal file
View File

@ -0,0 +1,173 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: order_history.php,v 1.4 2003/02/10 22:31:02 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
$nPage = isset($_GET['page']) ? intval( $_GET['page'] ) : 1;
// split-page-results
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_split_page_results.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/account_order_history.php';
$aTemplate['page'] = $sTheme . '/page/account_order_history.html';
$aTemplate['pagination'] = $sTheme . '/system/_pagination.html';
$nPageType = OOS_PAGE_TYPE_CATALOG;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
$orderstable = $oostable['orders'];
$orders_productstable = $oostable['orders_products'];
$productstable = $oostable['products'];
$query = "SELECT DISTINCT op.products_id
FROM $orderstable o,
$orders_productstable op,
$productstable p
WHERE o.customers_id = '" . intval($_SESSION['customer_id']) . "'
AND o.orders_id = op.orders_id
AND op.products_id = p.products_id
AND p.products_setting = '2'
GROUP BY products_id
ORDER BY o.date_purchased DESC";
$orders_result = $dbconn->Execute($query);
if ($orders_result->RecordCount()) {
$product_ids = '';
while ($orders = $orders_result->fields) {
$product_ids .= $orders['products_id'] . ',';
// Move that ADOdb pointer!
$orders_result->MoveNext();
}
$product_ids = substr($product_ids, 0, -1);
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$manufacturerstable = $oostable['manufacturers'];
$historytable = $oostable['specials'];
$order_history_raw = "SELECT pd.products_name, p.products_id, p.products_quantity, p.products_image,
p.products_price, p.products_base_price, p.products_tax_class_id,
p.products_product_quantity, p.products_base_unit, p.products_quantity_order_min,
p.products_quantity_order_max, p.products_quantity_order_units, products_units_id,
IF(s.status, s.specials_new_products_price, NULL) AS specials_new_products_price,
IF(s.status, s.specials_new_products_price, p.products_price) AS final_price
FROM $products_descriptiontable pd,
$productstable p LEFT JOIN
$manufacturerstable m ON p.manufacturers_id = m.manufacturers_id LEFT JOIN
$historytable s ON p.products_id = s.products_id
WHERE p.products_setting = '2'
AND p.products_id = pd.products_id
AND pd.products_id IN ($product_ids)
AND pd.products_languages_id = '" . intval($nLanguageID) . "'";
$order_history_split = new splitPageResults($order_history_raw, MAX_DISPLAY_PRODUCTS_NEW);
$order_history_result = $dbconn->Execute($order_history_split->sql_query);
$aOrderHistory = array();
while ($order_history = $order_history_result->fields) {
$new_product_price = NULL;
$new_product_special_price = NULL;
$new_base_product_price = NULL;
$base_product_price = $order_history['products_price'];
$new_product_price = $oCurrencies->display_price($order_history['products_price'], oos_get_tax_rate($order_history['products_tax_class_id']));
if (isset($order_history['specials_new_products_price'])) {
$base_product_price = $order_history['specials_new_products_price'];
$new_product_special_price = $oCurrencies->display_price($base_product_price, oos_get_tax_rate($order_history['products_tax_class_id']));
}
if ($order_history['products_base_price'] != 1) {
$new_base_product_price = $oCurrencies->display_price($base_product_price * $order_history['products_base_price'], oos_get_tax_rate($order_history['products_tax_class_id']));
}
$order_min = number_format($order_history['products_quantity_order_min']);
$order_max = number_format($order_history['products_quantity_order_max']);
$aOrderHistory[] = array('id' => $order_history['products_id'],
'name' => $order_history['products_name'],
'image' => $order_history['products_image'],
'order_min' => $order_min,
'order_max' => $order_max,
'product_quantity' => $order_history['products_product_quantity'],
'new_product_price' => $new_product_price,
'new_product_special_price' => $new_product_special_price,
'new_base_product_price' => $new_base_product_price,
'products_base_price' => $order_history['products_base_price'],
'new_products_base_unit' => $order_history['products_base_unit'],
'products_units' => $order_history['products_units_id'],
'date_added' => $order_history['products_date_added'],
'manufacturer' => $order_history['manufacturers_name']);
$order_history_result->MoveNext();
}
// assign Smarty variables;
$smarty->assign(
array(
'page_split' => $order_history_split->display_count($aLang['text_display_number_of_products']),
'display_links' => $order_history_split->display_links(MAX_DISPLAY_PAGE_LINKS, oos_get_all_get_parameters(array('page', 'info'))),
'numrows' => $order_history_split->number_of_rows,
'numpages' => $order_history_split->number_of_pages,
'order_history' => $aOrderHistory
)
);
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['account_order_history']));
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'account_active' => 1,
'page' => $nPage
)
);
$smarty->assign('pagination', $smarty->fetch($aTemplate['pagination']));
// display the template
$smarty->display($aTemplate['page']);

189
msd2/myoos/includes/content/account_wishlist.php Normal file
View File

@ -0,0 +1,189 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: wishlist_help.php,v 1 2002/11/09 wib
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2002 - 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
$nPage = isset($_GET['page']) ? intval( $_GET['page'] ) : 1;
// split-page-results
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_split_page_results.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/account_wishlist.php';
$customers_wishlisttable = $oostable['customers_wishlist'];
$wishlist_result_raw = "SELECT products_id, customers_wishlist_date_added
FROM $customers_wishlisttable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
AND customers_wishlist_link_id = '" . oos_db_input($_SESSION['customer_wishlist_link_id']) . "'
ORDER BY customers_wishlist_date_added";
$wishlist_split = new splitPageResults($wishlist_result_raw, MAX_DISPLAY_WISHLIST_PRODUCTS);
$wishlist_result = $dbconn->Execute($wishlist_split->sql_query);
$aWishlist = array();
while ($wishlist = $wishlist_result->fields) {
$wl_products_id = oos_get_product_id($wishlist['products_id']);
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$sql = "SELECT p.products_id, pd.products_name, pd.products_description, p.products_model, p.products_replacement_product_id,
p.products_image, p.products_price, p.products_base_price, p.products_base_unit, p.products_product_quantity,
p.products_quantity_order_min, p.products_quantity_order_max,
p.products_tax_class_id, p.products_units_id
FROM $productstable p,
$products_descriptiontable pd
WHERE p.products_id = '" . intval($wl_products_id) . "'
AND pd.products_id = p.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'";
$wishlist_product = $dbconn->GetRow($sql);
$wishlist_product_price = NULL;
$wishlist_product_special_price = NULL;
$wishlist_base_product_price = NULL;
$wishlist_special_price = NULL;
$base_product_price = $wishlist_product['products_price'];
$wishlist_product_price = $oCurrencies->display_price($wishlist_product['products_price'], oos_get_tax_rate($wishlist_product['products_tax_class_id']));
if ($wishlist_special_price = oos_get_products_special_price($wl_products_id)) {
$base_product_price = $wishlist_special_price;
$wishlist_product_special_price = $oCurrencies->display_price($wishlist_special_price, oos_get_tax_rate($wishlist_product['products_tax_class_id']));
}
if ($wishlist_product['products_base_price'] != 1) {
$wishlist_base_product_price = $oCurrencies->display_price($base_product_price * $wishlist_product['products_base_price'], oos_get_tax_rate($wishlist_product['products_tax_class_id']));
}
$customers_wishlist_attributestable = $oostable['customers_wishlist_attributes'];
$sql = "SELECT products_options_id, products_options_value_id
FROM $customers_wishlist_attributestable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
AND customers_wishlist_link_id = '" . oos_db_input($_SESSION['customer_wishlist_link_id']) . "' AND
products_id = '" . oos_db_input($wishlist['products_id']) . "'";
$attributes_result = $dbconn->Execute($sql);
$attributes_print = '';
$attributes_hidden_field = '';
while ($attributes = $attributes_result->fields) {
$attributes_hidden_field .= oos_draw_hidden_field('id[' . $attributes['products_options_id'] . ']', $attributes['products_options_value_id']);
$attributes_print .= '<ul class="list-unstyled mb-0">';
$products_optionstable = $oostable['products_options'];
$products_options_valuestable = $oostable['products_options_values'];
$products_attributestable = $oostable['products_attributes'];
$sql = "SELECT popt.products_options_name,
poval.products_options_values_name,
pa.options_values_price, pa.price_prefix
FROM $products_optionstable popt,
$products_options_valuestable poval,
$products_attributestable pa
WHERE pa.products_id = '" . intval($wl_products_id) . "'
AND pa.options_id = '" . oos_db_input($attributes['products_options_id']) . "'
AND pa.options_id = popt.products_options_id
AND pa.options_values_id = '" . oos_db_input($attributes['products_options_value_id']) . "'
AND pa.options_values_id = poval.products_options_values_id
AND popt.products_options_languages_id = '" . intval($nLanguageID) . "'
AND poval.products_options_values_languages_id = '" . intval($nLanguageID) . "'";
$option_values = $dbconn->GetRow($sql);
$attributes_print .= '<li> - ' . $option_values['products_options_name'] . ' ' . $option_values['products_options_values_name'] . ' ';
if ($option_values['options_values_price'] != 0) {
$attributes_print .= $option_values['price_prefix'] . $oCurrencies->display_price($option_values['options_values_price'], oos_get_tax_rate($wishlist_product['products_tax_class_id'])) . '</li>';
} else {
$attributes_print .= '</li>';
}
$attributes_print .= '</ul>';
$attributes_result->MoveNext();
}
$order_min = number_format($wishlist_product['products_quantity_order_min']);
$order_max = number_format($wishlist_product['products_quantity_order_max']);
// with option $wishlist['products_id'] = 2{3}1
$aWishlist[] = array('products_id' => $wishlist['products_id'],
'wl_products_id' => $wl_products_id,
'products_image' => $wishlist_product['products_image'],
'products_name' => $wishlist_product['products_name'],
'order_min' => $order_min,
'order_max' => $order_max,
'product_quantity' => $wishlist_product['products_product_quantity'],
'product_units' => $wishlist_product['products_units_id'],
'product_price' => $wishlist_product_price,
'product_special_price' => $wishlist_product_special_price,
'base_product_price' => $wishlist_base_product_price,
'products_base_price' => $wishlist_product['products_base_price'],
'products_base_unit' => $wishlist_product['products_base_unit'],
'attributes_print' => $attributes_print);
$wishlist_result->MoveNext();
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['account_wishlist']));
$sCanonical = oos_href_link($aContents['specials'], 'page='. $nPage, FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/account_wishlist.html';
$aTemplate['pagination'] = $sTheme . '/system/_pagination.html';
$nPageType = OOS_PAGE_TYPE_CATALOG;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'canonical' => $sCanonical,
'account_active' => 1,
'page_split' => $wishlist_split->display_count($aLang['text_display_number_of_wishlist']),
'display_links' => $wishlist_split->display_links(MAX_DISPLAY_PAGE_LINKS, oos_get_all_get_parameters(array('page', 'info'))),
'numrows' => $wishlist_split->number_of_rows,
'numpages' => $wishlist_split->number_of_pages,
'page' => $nPage,
'wishlist' => $aWishlist,
'attributes_hidden' => $attributes_hidden_field,
'attributes_print' => $attributes_print
)
);
$smarty->assign('pagination', $smarty->fetch($aTemplate['pagination']));
// display the template
$smarty->display($aTemplate['page']);

243
msd2/myoos/includes/content/admin_login.php Normal file
View File

@ -0,0 +1,243 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: login_admin.php
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2002 - 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
----------------------------------------------------------------------
P&G Shipping Module Version 0.1 12/03/2002
osCommerce Shipping Management Module
Copyright (c) 2002 - Oliver Baelde
http://www.francecontacts.com
dev@francecontacts.com
- eCommerce Solutions development and integration -
osCommerce, Open Source E-Commerce Solutions
Copyright (c) 2002 osCommerce
http://www.oscommerce.com
IMPORTANT NOTE:
This script is not part of the official osCommerce distribution
but an add-on contributed to the osCommerce community. Please
read the README and INSTALL documents that are provided
with this file for further information and installation notes.
LICENSE:
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
All contributions are gladly accepted though Paypal.
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// check
$manual_infotable = $oostable['manual_info'];
$sql = "SELECT status FROM $manual_infotable WHERE man_info_id = '1'";
$login = $dbconn->GetRow($sql);
if ($login['status'] == '0') {
oos_redirect(oos_href_link($aContents['403']));
}
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_key_generate.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/admin_login.php';
if (isset($_SESSION['customer_id'])) {
unset($_SESSION['customer_id']);
unset($_SESSION['customer_wishlist_link_id']);
unset($_SESSION['customer_default_address_id']);
unset($_SESSION['customer_gender']);
unset($_SESSION['customer_first_name']);
unset($_SESSION['customer_lastname']);
unset($_SESSION['customer_country_id']);
unset($_SESSION['customer_zone_id']);
unset($_SESSION['comments']);
unset($_SESSION['customer_max_order']);
unset($_SESSION['gv_id']);
unset($_SESSION['cc_id']);
unset($_SESSION['man_key']);
$_SESSION['cart']->reset();
$_SESSION['user']->anonymous();
}
if ( isset($_POST['action']) && ($_POST['action'] == 'login_process') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
$email_address = oos_prepare_input($_POST['email_address']);
$keya = oos_prepare_input($_POST['keya']);
$keyb = oos_prepare_input($_POST['keyb']);
if ( empty( $email_address ) || !is_string( $email_address ) ) {
oos_redirect(oos_href_link($aContents['403']));
}
if ( empty( $keyb ) || !is_string( $keyb ) ) {
oos_redirect(oos_href_link($aContents['403']));
}
$manual_infotable = $oostable['manual_info'];
$sql = "SELECT man_name, defined
FROM $manual_infotable
WHERE man_key = '" . oos_db_input($keya) . "'
AND man_key2 = '" . oos_db_input($keyb) . "'
AND status = '1'";
$login_result = $dbconn->Execute($sql);
if (!$login_result->RecordCount()) {
$manual_infotable = $oostable['manual_info'];
$dbconn->Execute("UPDATE $manual_infotable
SET man_key = '',
man_key2 = ''
WHERE man_info_id = '1'");
oos_redirect(oos_href_link($aContents['403']));
}
// Check if email exists
$customerstable = $oostable['customers'];
$sql = "SELECT customers_id, customers_gender, customers_firstname, customers_lastname,
customers_password, customers_wishlist_link_id,
customers_email_address, customers_default_address_id, customers_max_order
FROM $customerstable
WHERE customers_login = '1'
AND customers_email_address = '" . oos_db_input($email_address) . "'";
$check_customer_result = $dbconn->Execute($sql);
if (!$check_customer_result->RecordCount()) {
$manual_infotable = $oostable['manual_info'];
$dbconn->Execute("UPDATE " . $oostable['manual_info'] . "
SET man_key2 = ''
WHERE where man_info_id = '1'");
oos_redirect(oos_href_link($aContents['403']));
} else {
$check_customer = $check_customer_result->fields;
$login_result_values = $login_result->fields;
// Check that status is 1 and
$address_booktable = $oostable['address_book'];
$sql = "SELECT entry_vat_id, entry_vat_id_status, entry_country_id, entry_zone_id
FROM $address_booktable
WHERE customers_id = '" . intval($check_customer['customers_id']) . "'
AND address_book_id = '" . intval($check_customer['customers_default_address_id']) . "'";
$check_country = $dbconn->GetRow($sql);
$_SESSION['customer_wishlist_link_id'] = $check_customer['customers_wishlist_link_id'];
$_SESSION['customer_id'] = $check_customer['customers_id'];
$_SESSION['customer_default_address_id'] = $check_customer['customers_default_address_id'];
if (ACCOUNT_GENDER == 'true') $_SESSION['customer_gender'] = $check_customer['customers_gender'];
$_SESSION['customer_first_name'] = $check_customer['customers_firstname'];
$_SESSION['customer_lastname'] = $check_customer['customers_lastname'];
$_SESSION['customer_max_order'] = $check_customer['customers_max_order'];
$_SESSION['customer_country_id'] = $check_country['entry_country_id'];
$_SESSION['customer_zone_id'] = $check_country['entry_zone_id'];
if (ACCOUNT_VAT_ID == 'true') $_SESSION['customers_vat_id_status'] = $check_customer['entry_vat_id_status'];
$_SESSION['man_key'] = $keya;
$_SESSION['user']->restore_group();
$aUser = $_SESSION['user']->group;
// restore cart contents
$_SESSION['cart']->restore_contents();
oos_redirect(oos_href_link($aContents['account']));
}
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['login']));
$sCanonical = oos_href_link($aContents['login'], '', FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/admin_login.html';
$nPageType = OOS_PAGE_TYPE_SERVICE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'canonical' => $sCanonical
)
);
if (isset($_GET['action']) && ($_GET['action'] == 'login_admin')) {
$email_address = oos_prepare_input($_POST['email_address']);
$verif_key = oos_prepare_input($_POST['verif_key']);
if ( empty( $email_address ) || !is_string( $email_address ) ) {
oos_redirect(oos_href_link($aContents['403']));
}
if ( empty( $verif_key ) || !is_string( $verif_key ) ) {
oos_redirect(oos_href_link($aContents['403']));
}
$passwordLength = 24 ;
$newkey2 = RandomPassword($passwordLength);
$manual_infotable = $oostable['manual_info'];
$dbconn->Execute("UPDATE $manual_infotable
SET man_key2 = '" . oos_db_input($newkey2) . "'
WHERE man_key = '" . oos_db_input($verif_key) . "'
AND man_info_id = '1'");
$manual_infotable = $oostable['manual_info'];
$login_query = "SELECT man_key2, man_key3, status FROM $manual_infotable WHERE man_key = '" . oos_db_input($verif_key) . "' AND status = '1'";
$login_result_values = $dbconn->Execute($login_query);
if (!$login_result_values->RecordCount()) {
oos_redirect(oos_href_link($aContents['403']));
}
$smarty->assign(
array('newkey2' => $newkey2,
'email_address' => $email_address,
'verif_key' => $verif_key,
'login_result_values' => $login_result_values
)
);
}
// display the template
$smarty->display($aTemplate['page']);

116
msd2/myoos/includes/content/advanced_search.php Normal file
View File

@ -0,0 +1,116 @@
<?php
/* ----------------------------------------------------------------------
OOS [OSIS Online Shop]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the OOS Development Team.
----------------------------------------------------------------------
Based on:
File: advanced_search.php,v 1.49 2003/02/13 04:23:22 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
function oos_get_manufacturers() {
if (!is_array($aManufacturers)) $aManufacturers = array();
$dbconn =& oosDBGetConn();
$oostable = oosDBGetTables();
$manufacturers_result = $dbconn->Execute("SELECT manufacturers_id, manufacturers_name FROM " . $oostable['manufacturers'] . " ORDER BY manufacturers_name");
while ($manufacturers = $manufacturers_result->fields) {
$aManufacturers[] = array('id' => $manufacturers['manufacturers_id'], 'text' => $manufacturers['manufacturers_name']);
$manufacturers_result->MoveNext();
}
return $aManufacturers;
}
require 'includes/languages/' . $sLanguage . '/search_advanced.php';
$error = '';
if (isset($_GET['errorno'])) {
if (($_GET['errorno'] & 1) == 1) {
$error .= str_replace('\n', '<br />', $aLang['js_at_least_one_input']);
}
if (($_GET['errorno'] & 10) == 10) {
$error .= str_replace('\n', '<br />', $aLang['js_invalid_from_date']);
}
if (($_GET['errorno'] & 100) == 100) {
$error .= str_replace('\n', '<br />', $aLang['js_invalid_to_date']);
}
if (($_GET['errorno'] & 1000) == 1000) {
$error .= str_replace('\n', '<br />', $aLang['js_to_date_less_than_from_date']);
}
if (($_GET['errorno'] & 10000) == 10000) {
$error .= str_replace('\n', '<br />', $aLang['js_price_from_must_be_num']);
}
if (($_GET['errorno'] & 100000) == 100000) {
$error .= str_replace('\n', '<br />', $aLang['js_price_to_must_be_num']);
}
if (($_GET['errorno'] & 1000000) == 1000000) {
$error .= str_replace('\n', '<br />', $aLang['js_price_to_less_than_price_from']);
}
if (($_GET['errorno'] & 10000000) == 10000000) {
$error .= str_replace('\n', '<br />', $aLang['js_invalid_keywords']);
}
}
$aCategoriesID = oos_get_categories(array(array('id' => '', 'text' => $aLang['text_all_categories'])));
$aManufacturersID = oos_get_manufacturers(array(array('id' => '', 'text' => $aLang['text_all_manufacturers'])));
/*
$options_box .= ' <tr>' . "\n" .
' <td class="fieldKey">' . $aLang['entry_date_from'] . '</td>' . "\n" .
' <td class="fieldValue">' . oos_draw_input_field('dfrom', DOB_FORMAT_STRING, 'onFocus="RemoveFormatString(this, \'' . DOB_FORMAT_STRING . '\')"') . '</td>' . "\n" .
' </tr>' . "\n" .
' <tr>' . "\n" .
' <td class="fieldKey">' . $aLang['entry_date_to'] . '</td>' . "\n" .
' <td class="fieldValue">' . oos_draw_input_field('dto', DOB_FORMAT_STRING, 'onFocus="RemoveFormatString(this, \'' . DOB_FORMAT_STRING . '\')"') . '</td>' . "\n" .
' </tr>' . "\n";
*/
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title']);
$sCanonical = oos_href_link($aContents['advanced_search'], '', FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/advanced_search.html';
$nPageType = OOS_PAGE_TYPE_CATALOG;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'canonical' => $sCanonical,
'error' => $error,
'categoriesID' => $aCategoriesID,
'manufacturersID' => $aManufacturersID
)
);
// display the template
$smarty->display($aTemplate['page']);

388
msd2/myoos/includes/content/advanced_search_result.php Normal file
View File

@ -0,0 +1,388 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: advanced_search_result.php,v 1.67 2003/02/13 04:23:22 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_search.php';
require 'includes/languages/' . $sLanguage . '/search_advanced_result.php';
$get_parameters = '';
$keywords = isset($_GET['keywords']) && !empty($_GET['keywords']) ? stripslashes(trim(urldecode($_GET['keywords']))) : FALSE;
$get_parameters .= '&keywords=' . $keywords;
$search_in_description = isset($_GET['search_in_description']) && is_numeric($_GET['search_in_description']) ? (int)$_GET['search_in_description'] : 0;
$get_parameters .= '&search_in_description=' . $search_in_description;
$categories_id = isset($_GET['categories_id']) && is_numeric($_GET['categories_id']) ? (int)$_GET['categories_id'] : FALSE;
$get_parameters .= '&categories_id=' . $categories_id;
$inc_subcat = isset($_GET['inc_subcat']) && is_numeric($_GET['inc_subcat']) ? (int)$_GET['inc_subcat'] : 0;
$get_parameters .= '&inc_subcat=' . $inc_subcat;
$manufacturers_id = isset($_GET['manufacturers_id']) && is_numeric($_GET['manufacturers_id']) ? (int)$_GET['manufacturers_id'] : FALSE;
$get_parameters .= '&manufacturers_id=' . $manufacturers_id;
$pfrom = isset($_GET['pfrom']) && !empty($_GET['pfrom']) ? stripslashes($_GET['pfrom']) : FALSE;
$get_parameters .= '&pfrom=' . $pfrom;
$pto = isset($_GET['pto']) && !empty($_GET['pto']) ? stripslashes($_GET['pto']) : FALSE;
$get_parameters .= '&pto=' . $pto;
$dfrom = isset($_GET['dfrom']) && !empty($_GET['dfrom']) ? stripslashes($_GET['dfrom']) : FALSE;
$get_parameters .= '&dfrom=' . $dfrom;
$dto = isset($_GET['dto']) && !empty($_GET['dto']) ? stripslashes($_GET['dto']) : FALSE;
$get_parameters .= '&dto=' . $dto;
$errorno = 0;
$dfrom_to_check = (($dfrom == DOB_FORMAT_STRING) ? '' : $dfrom);
$dto_to_check = (($dto == DOB_FORMAT_STRING) ? '' : $dto);
if (strlen($dfrom_to_check) > 0) {
if (!oos_checkdate($dfrom_to_check, DOB_FORMAT_STRING, $dfrom_array)) {
$errorno += 10;
}
}
if (strlen($dto_to_check) > 0) {
if (!oos_checkdate($dto_to_check, DOB_FORMAT_STRING, $dto_array)) {
$errorno += 100;
}
}
if (strlen($dfrom_to_check) > 0 && !(($errorno & 10) == 10) && strlen($dto_to_check) > 0 && !(($errorno & 100) == 100)) {
if (mktime(0, 0, 0, $dfrom_array[1], $dfrom_array[2], $dfrom_array[0]) > mktime(0, 0, 0, $dto_array[1], $dto_array[2], $dto_array[0])) {
$errorno += 1000;
}
}
if (strlen($pfrom) > 0) {
$pfrom_to_check = oos_var_prep_for_os($pfrom);
if (!settype($pfrom_to_check, "double")) {
$errorno += 10000;
}
}
if (strlen($pto) > 0) {
$pto_to_check = oos_var_prep_for_os($pto);
if (!settype($pto_to_check, "double")) {
$errorno += 100000;
}
}
if (strlen($pfrom) > 0 && !(($errorno & 10000) == 10000) && strlen($pto) > 0 && !(($errorno & 100000) == 100000)) {
if ($pfrom_to_check > $pto_to_check) {
$errorno += 1000000;
}
}
if (oos_is_not_null($keywords)) {
if (!oos_parse_search_string($keywords, $search_keywords)) {
$errorno += 10000000;
}
}
if ($errorno > 0) {
oos_redirect(oos_href_link($aContents['advanced_search'], 'errorno=' . $errorno . $get_parameters));
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title1'], oos_href_link($aContents['advanced_search']));
$oBreadcrumb->add($aLang['navbar_title2']);
// create column list
$define_list = array('PRODUCT_LIST_MODEL' => '1',
'PRODUCT_LIST_NAME' => '2',
'PRODUCT_LIST_MANUFACTURER' => '3',
'PRODUCT_LIST_UVP' => '4',
'PRODUCT_LIST_PRICE' => '5',
'PRODUCT_LIST_QUANTITY' => '6',
'PRODUCT_LIST_WEIGHT' => '7',
'PRODUCT_LIST_IMAGE' => '8',
'PRODUCT_LIST_BUY_NOW' => '9');
asort($define_list);
$column_list = array();
reset($define_list);
foreach($define_list as $column => $value) {
if ($value) $column_list[] = $column;
}
$select_column_list = '';
for ($col=0, $n=count($column_list); $col<$n; $col++) {
if ( ($column_list[$col] == 'PRODUCT_LIST_BUY_NOW')
|| ($column_list[$col] == 'PRODUCT_LIST_NAME')
|| ($column_list[$col] == 'PRODUCT_LIST_PRICE') ) {
continue;
}
if (oos_is_not_null($select_column_list)) {
$select_column_list .= ', ';
}
switch ($column_list[$col]) {
case 'PRODUCT_LIST_MODEL':
$select_column_list .= 'p.products_model';
break;
case 'PRODUCT_LIST_MANUFACTURER':
$select_column_list .= 'm.manufacturers_name';
break;
case 'PRODUCT_LIST_QUANTITY':
$select_column_list .= 'p.products_quantity';
break;
case 'PRODUCT_LIST_IMAGE':
$select_column_list .= 'p.products_image';
break;
case 'PRODUCT_LIST_WEIGHT':
$select_column_list .= 'p.products_weight';
break;
default:
$select_column_list .= "pd.products_name";
break;
}
}
if (oos_is_not_null($select_column_list)) {
$select_column_list .= ', ';
}
$select_str = "SELECT DISTINCT " . $select_column_list . " m.manufacturers_id, p.products_id, p.products_replacement_product_id, pd.products_name,
p.products_discount1, p.products_discount2, p.products_discount3, p.products_discount4,
p.products_discount1_qty, p.products_discount2_qty, p.products_discount3_qty,
p.products_discount4_qty, p.products_tax_class_id, p.products_units_id, p.products_quantity_order_min, p.products_quantity_order_max,
p.products_price, p.products_price_list, p.products_base_price, p.products_base_unit, p.products_product_quantity,
IF(s.status, s.specials_new_products_price, NULL) AS specials_new_products_price,
IF(s.status, s.specials_new_products_price, p.products_price) AS final_price ";
if ( ($aUser['price_with_tax'] == 1) && ( (isset($_GET['pfrom']) && oos_is_not_null($_GET['pfrom'])) || (isset($pto) && oos_is_not_null($pto))) ) {
$select_str .= ", SUM(tr.tax_rate) AS tax_rate ";
}
$from_str = "FROM " . $oostable['products'] . " p LEFT JOIN
" . $oostable['manufacturers'] . " m using(manufacturers_id) LEFT JOIN
" . $oostable['specials'] . " s ON p.products_id = s.products_id";
if ( ($aUser['price_with_tax'] == 1) && ( (isset($_GET['pfrom']) && oos_is_not_null($_GET['pfrom'])) || (isset($pto) && oos_is_not_null($pto))) ) {
$nCountry_id = STORE_COUNTRY;
$nZone_id = STORE_ZONE;
if (isset($_SESSION)) {
if (isset($_SESSION['customer_country_id'])) {
$nCountry_id = $_SESSION['customer_country_id'];
$nZone_id = $_SESSION['customer_zone_id'];
}
}
$from_str .= " LEFT JOIN
" . $oostable['tax_rates'] . " tr
ON p.products_tax_class_id = tr.tax_class_id LEFT JOIN
" . $oostable['zones_to_geo_zones'] . " gz
ON tr.tax_zone_id = gz.geo_zone_id AND
(gz.zone_country_id is null OR
gz.zone_country_id = '0' OR
gz.zone_country_id = '" . intval($nCountry_id) . "') AND
(gz.zone_id is null OR
gz.zone_id = '0' OR
gz.zone_id = '" . intval($nZone_id) . "')";
}
$from_str .= ", " . $oostable['products_description'] . " pd, " . $oostable['categories'] . " c, " . $oostable['products_to_categories'] . " p2c";
$where_str = " WHERE
p.products_setting = '2' AND
p.products_id = pd.products_id AND
pd.products_languages_id = '" . intval($nLanguageID) . "' AND
p.products_id = p2c.products_id AND
p2c.categories_id = c.categories_id ";
if (isset($categories_id) && is_numeric($categories_id)) {
if ($_GET['inc_subcat'] == '1') {
$subcategories_array = array();
oos_get_subcategories($subcategories_array, $categories_id);
$where_str .= " AND
p2c.products_id = p.products_id AND
p2c.products_id = pd.products_id AND
(p2c.categories_id = '" . intval($categories_id) . "'";
for ($i=0, $n=count($subcategories_array); $i<$n; $i++ ) {
$where_str .= " OR p2c.categories_id = '" . intval($subcategories_array[$i]) . "'";
}
$where_str .= ")";
} else {
$where_str .= " AND
p2c.products_id = p.products_id AND
p2c.products_id = pd.products_id AND
pd.products_languages_id = '" . intval($nLanguageID) . "' AND
p2c.categories_id = '" . intval($categories_id) . "'";
}
}
if (isset($manufacturers_id) && is_numeric($manufacturers_id)) {
$where_str .= " AND m.manufacturers_id = '" . intval($manufacturers_id) . "'";
}
if (isset($search_keywords) && (count($search_keywords) > 0)) {
$where_str .= " AND (";
for ($i=0, $n=count($search_keywords); $i<$n; $i++ ) {
switch ($search_keywords[$i]) {
case '(':
case ')':
case 'and':
case 'or':
$where_str .= " " . $search_keywords[$i] . " ";
break;
default:
$keyword = oos_db_prepare_input($search_keywords[$i]);
$where_str .= " (pd.products_name LIKE '%" . oos_db_input($keyword) . "%'
OR p.products_model LIKE '%" . oos_db_input($keyword) . "%'
OR p.products_ean LIKE '%" . oos_db_input($keyword) . "%'
OR m.manufacturers_name LIKE '%" . oos_db_input($keyword) . "%'";
if (isset($_GET['search_in_description']) && ($_GET['search_in_description'] == '1')) $where_str .= " OR pd.products_short_description LIKE '%" . oos_db_input($keyword) . "%'";
if (isset($_GET['search_in_description']) && ($_GET['search_in_description'] == '1')) $where_str .= " OR pd.products_description LIKE '%" . oos_db_input($keyword) . "%'";
$where_str .= ')';
break;
}
}
$where_str .= " )";
}
if (isset($dfrom) && oos_is_not_null($dfrom) && ($dfrom != DOB_FORMAT_STRING)) {
$where_str .= " AND p.products_date_added >= '" . oos_date_raw($dfrom_to_check) . "'";
}
if (isset($dto) && oos_is_not_null($dto) && ($dto != DOB_FORMAT_STRING)) {
$where_str .= " AND p.products_date_added <= '" . oos_date_raw($dto_to_check) . "'";
}
$rate = $oCurrencies->get_value($sCurrency);
if ($rate) {
$pfrom = oos_var_prep_for_os($_GET['pfrom'] / $rate);
$pto = oos_var_prep_for_os($_GET['pto'] / $rate);
}
if ($aUser['price_with_tax'] == 1) {
if ($pfrom) $where_str .= " AND (IF(s.status, s.specials_new_products_price, p.products_price) * if(gz.geo_zone_id is null, 1, 1 + (tr.tax_rate / 100) ) >= " . oos_db_input($pfrom) . ")";
if ($pto) $where_str .= " AND (IF(s.status, s.specials_new_products_price, p.products_price) * if(gz.geo_zone_id is null, 1, 1 + (tr.tax_rate / 100) ) <= " . oos_db_input($pto) . ")";
} else {
if ($pfrom) $where_str .= " AND (IF(s.status, s.specials_new_products_price, p.products_price) >= " . oos_db_input($pfrom) . ")";
if ($pto) $where_str .= " AND (IF(s.status, s.specials_new_products_price, p.products_price) <= " . oos_db_input($pto) . ")";
}
if ( ($aUser['price_with_tax'] == 1) && ((isset($_GET['pfrom']) && oos_is_not_null($_GET['pfrom'])) || (isset($_GET['pto']) && oos_is_not_null($_GET['pto']))) ) {
$where_str .= " GROUP BY p.products_id, tr.tax_priority";
}
if ( (!isset($_GET['sort'])) || (!preg_match('/[1-8][ad]/', $_GET['sort'])) || (substr($_GET['sort'], 0 , 1) > count($column_list)) ) {
for ($col=0, $n=count($column_list); $col<$n; $col++) {
if ($column_list[$col] == 'PRODUCT_LIST_NAME') {
$_GET['sort'] = $col+1 . 'a';
$order_str = ' ORDER BY pd.products_name';
break;
}
}
} else {
$sort_col = substr($_GET['sort'], 0 , 1);
$sort_order = substr($_GET['sort'], 1);
$order_str = ' ORDER BY ';
switch ($column_list[$sort_col-1]) {
case 'PRODUCT_LIST_MODEL':
$order_str .= "p.products_model " . ($sort_order == 'd' ? "desc" : "") . ", pd.products_name";
break;
case 'PRODUCT_LIST_NAME':
$order_str .= "pd.products_name " . ($sort_order == 'd' ? "desc" : "");
break;
case 'PRODUCT_LIST_MANUFACTURER':
$order_str .= "m.manufacturers_name " . ($sort_order == 'd' ? "desc" : "") . ", pd.products_name";
break;
case 'PRODUCT_LIST_QUANTITY':
$order_str .= "p.products_quantity " . ($sort_order == 'd' ? "desc" : "") . ", pd.products_name";
break;
case 'PRODUCT_LIST_IMAGE':
$order_str .= "pd.products_name";
break;
case 'PRODUCT_LIST_WEIGHT':
$order_str .= "p.products_weight " . ($sort_order == 'd' ? "desc" : "") . ", pd.products_name";
break;
case 'PRODUCT_LIST_PRICE':
$order_str .= "final_price " . ($sort_order == 'd' ? "desc" : "") . ", pd.products_name";
break;
default:
$order_str .= "pd.products_name";
break;
}
}
$listing_sql = $select_str . $from_str . $where_str . $order_str;
$aTemplate['page'] = $sTheme . '/page/advanced_search_result.html';
$aTemplate['pagination'] = $sTheme . '/system/_pagination.html';
$nPageType = OOS_PAGE_TYPE_CATALOG;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,follow,noodp,noydir',
'text_no_products' => sprintf($aLang['text_no_products'], $keywords)
)
);
require_once MYOOS_INCLUDE_PATH . '/includes/modules/product_listing.php';
$smarty->assign('oos_get_all_get_params', oos_get_all_get_parameters(array('sort', 'page')));
$smarty->assign('pagination', $smarty->fetch($aTemplate['pagination']));
// display the template
$smarty->display($aTemplate['page']);

189
msd2/myoos/includes/content/checkout_confirmation.php Normal file
View File

@ -0,0 +1,189 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: checkout_confirmation.php,v 1.6.2.1 2003/05/03 23:41:23 wilt
orig: checkout_confirmation.php,v 1.135 2003/02/14 20:28:46 dgw_
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/checkout_confirmation.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_address.php';
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// if the customer is not logged on, redirect them to the login page
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot(array('content' =>$aContents['checkout_payment']));
oos_redirect(oos_href_link($aContents['login']));
}
// if there is nothing in the customers cart, redirect them to the shopping cart page
if ($_SESSION['cart']->count_contents() < 1) {
oos_redirect(oos_href_link($aContents['shopping_cart']));
}
// avoid hack attempts during the checkout procedure by checking the internal cartID
if (isset($_SESSION['cart']->cartID) && isset($_SESSION['cartID'])) {
if ($_SESSION['cart']->cartID != $_SESSION['cartID']) {
oos_redirect(oos_href_link($aContents['checkout_shipping']));
}
}
if (isset($_POST['payment'])) $_SESSION['payment'] = oos_db_prepare_input($_POST['payment']);
if ( (isset($_POST['comments'])) && (empty($_POST['comments'])) ) {
$_SESSION['comments'] = '';
} elseif (oos_is_not_null($_POST['comments'])) {
$_SESSION['comments'] = oos_db_prepare_input($_POST['comments']);
}
// if no shipping method has been selected, redirect the customer to the shipping method selection page
if (!isset($_SESSION['shipping'])) {
oos_redirect(oos_href_link($aContents['checkout_shipping']));
}
// load the selected payment module
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_payment.php';
if (!isset($credit_covers)) $credit_covers = FALSE;
if ($credit_covers) {
unset($_SESSION['payment']);
$_SESSION['payment'] = '';
}
$payment_modules = new payment($_SESSION['payment']);
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_order_total.php';
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_order.php';
$oOrder = new order;
if ( (isset($_SESSION['shipping'])) && ($_SESSION['shipping']['id'] == 'free_free')) {
if ( ($oOrder->info['total'] - $oOrder->info['shipping_cost']) < MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING_OVER ) {
oos_redirect(oos_href_link($aContents['checkout_shipping']));
}
}
$payment_modules->update_status();
$order_total_modules = new order_total;
$order_total_modules->collect_posts();
if (isset($_SESSION['cot_gv'])) {
$credit_covers = $order_total_modules->pre_confirmation_check();
}
if ( ($_SESSION['payment'] == '' || !is_object(${$_SESSION['payment']}) ) && $credit_covers === FALSE) {
$oMessage->add_session('checkout_payment', $aLang['error_no_payment_module_selected'], 'error');
}
if (is_array($payment_modules->modules)) {
$payment_modules->pre_confirmation_check();
}
if ($oMessage->size('checkout_payment') > 0) {
oos_redirect(oos_href_link($aContents['checkout_payment']));
}
// load the selected shipping module
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_shipping.php';
$shipping_modules = new shipping($_SESSION['shipping']);
// Stock Check
$any_out_of_stock = FALSE;
if (STOCK_CHECK == 'true') {
for ($i=0, $n=count($oOrder->products); $i<$n; $i++) {
if (oos_check_stock($oOrder->products[$i]['id'], $oOrder->products[$i]['qty'])) {
$any_out_of_stock = TRUE;
}
}
// Out of Stock
if ( (STOCK_ALLOW_CHECKOUT != 'true') && ($any_out_of_stock == TRUE) ) {
oos_redirect(oos_href_link($aContents['shopping_cart']));
}
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['checkout_shipping']));
$oBreadcrumb->add($aLang['navbar_title_2']);
$aTemplate['page'] = $sTheme . '/page/checkout_confirmation.html';
$nPageType = OOS_PAGE_TYPE_CHECKOUT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'checkout_active' => 1
)
);
if (MODULE_ORDER_TOTAL_INSTALLED) {
$order_total_modules->process();
$order_total_output = $order_total_modules->output();
$smarty->assign('order_total_output', $order_total_output);
}
if (is_array($payment_modules->modules)) {
if ($confirmation == $payment_modules->confirmation()) {
$smarty->assign('confirmation', $confirmation);
}
}
if (is_array($payment_modules->modules)) {
$payment_modules_process_button = $payment_modules->process_button();
}
if (isset(${$_SESSION['payment']}->form_action_url)) {
$form_action_url = ${$_SESSION['payment']}->form_action_url;
} else {
$form_action_url = oos_href_link($aContents['checkout_process']);
}
$smarty->assign('form_action_url', $form_action_url);
$smarty->assign('payment_modules_process_button', $payment_modules_process_button);
$smarty->assign('order', $oOrder);
$smarty->assign('text_conditions', sprintf($aLang['text_conditions'], oos_href_link($aContents['information'], 'information_id=2'), oos_href_link($aContents['information'], 'information_id=3'), oos_href_link($aContents['information'], 'information_id=4') ));
// display the template
$smarty->display($aTemplate['page']);

147
msd2/myoos/includes/content/checkout_payment.php Normal file
View File

@ -0,0 +1,147 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: checkout_payment.php,v 1.6.2.1 2003/05/03 23:41:23 wilt
orig: checkout_payment.php,v 1.109 2003/02/14 20:28:47 dgw_
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/checkout_payment.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_address.php';
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// if the customer is not logged on, redirect them to the login page
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
if (oos_empty($aUser['payment'])) {
oos_redirect(oos_href_link($aContents['403']));
}
// if there is nothing in the customers cart, redirect them to the shopping cart page
if ($_SESSION['cart']->count_contents() < 1) {
oos_redirect(oos_href_link($aContents['shopping_cart']));
}
// if no shipping method has been selected, redirect the customer to the shipping method selection page
if (!isset($_SESSION['shipping'])) {
oos_redirect(oos_href_link($aContents['checkout_shipping']));
}
// avoid hack attempts during the checkout procedure by checking the internal cartID
if (isset($_SESSION['cart']->cartID) && isset($_SESSION['cartID'])) {
if ($_SESSION['cart']->cartID != $_SESSION['cartID']) {
oos_redirect(oos_href_link($aContents['checkout_shipping']));
}
}
// Stock Check
if ( (STOCK_CHECK == 'true') && (STOCK_ALLOW_CHECKOUT != 'true') ) {
$products = $_SESSION['cart']->get_products();
$any_out_of_stock = 0;
for ($i=0, $n=count($products); $i<$n; $i++) {
if (oos_check_stock($products[$i]['id'], $products[$i]['quantity'])) {
$any_out_of_stock = 1;
}
}
if ($any_out_of_stock == 1) {
oos_redirect(oos_href_link($aContents['shopping_cart']));
}
}
// if no billing destination address was selected, use the customers own address as default
if (!isset($_SESSION['billto'])) {
$_SESSION['billto'] = $_SESSION['customer_default_address_id'];
} else {
// verify the selected billing address
$address_booktable = $oostable['address_book'];
$sql = "SELECT COUNT(*) AS total
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
AND address_book_id = '" . intval($_SESSION['billto']) . "'";
$check_address_result = $dbconn->Execute($sql);
$check_address = $check_address_result->fields;
if ($check_address['total'] != '1') {
$_SESSION['billto'] = $_SESSION['customer_default_address_id'];
if (isset($_SESSION['payment'])) unset($_SESSION['payment']);
}
}
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_order.php';
$oOrder = new order;
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_order_total.php';
$order_total_modules = new order_total;
$total_weight = $_SESSION['cart']->show_weight();
$total_count = $_SESSION['cart']->count_contents();
$total_count = $_SESSION['cart']->count_contents_virtual();
// load all enabled payment modules
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_payment.php';
$payment_modules = new payment;
$selection = $payment_modules->selection();
$credit_selection = $order_total_modules->credit_selection();
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['checkout_shipping']));
$oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['checkout_payment']));
$aTemplate['page'] = $sTheme . '/page/checkout_payment.html';
$nPageType = OOS_PAGE_TYPE_CHECKOUT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'checkout_active' => 1
)
);
$smarty->assign(
array(
'selection' => $selection,
'credit_selection' => $credit_selection
)
);
// display the template
$smarty->display($aTemplate['page']);

373
msd2/myoos/includes/content/checkout_payment_address.php Normal file
View File

@ -0,0 +1,373 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: checkout_payment_address.php,v 1.7 2003/02/13 04:23:22 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/checkout_payment_address.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_address.php';
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// if the customer is not logged on, redirect them to the login page
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
// if there is nothing in the customers cart, redirect them to the shopping cart page
if ($_SESSION['cart']->count_contents() < 1) {
oos_redirect(oos_href_link($aContents['shopping_cart']));
}
$bError = FALSE; // reset error flag
$bProcess = FALSE;
if ( isset($_POST['action']) && ($_POST['action'] == 'submit') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
// Process a new billing address
if (oos_is_not_null($_POST['firstname']) && oos_is_not_null($_POST['lastname']) && oos_is_not_null($_POST['street_address'])) {
$bProcess = TRUE;
if (ACCOUNT_GENDER == 'true') {
if (isset($_POST['gender'])) {
$gender = oos_db_prepare_input($_POST['gender']);
} else {
$gender = FALSE;
}
}
$firstname = oos_db_prepare_input($_POST['firstname']);
$lastname = oos_db_prepare_input($_POST['lastname']);
if (ACCOUNT_COMPANY == 'true') $company = oos_db_prepare_input($_POST['company']);
if (ACCOUNT_OWNER == 'true') $owner = oos_db_prepare_input($_POST['owner']);
if (ACCOUNT_VAT_ID == 'true') $vat_id = oos_db_prepare_input($_POST['vat_id']);
$street_address = oos_db_prepare_input($_POST['street_address']);
$postcode = oos_db_prepare_input($_POST['postcode']);
$city = oos_db_prepare_input($_POST['city']);
if (ACCOUNT_STATE == 'true') {
$state = oos_db_prepare_input($_POST['state']);
if (isset($_POST['zone_id'])) {
$zone_id = oos_db_prepare_input($_POST['zone_id']);
} else {
$zone_id = FALSE;
}
}
$country = oos_db_prepare_input($_POST['country']);
if (ACCOUNT_GENDER == 'true') {
if ( ($gender != 'm') && ($gender != 'f') ) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_gender_error']);
}
}
if (strlen($firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_first_name_error'] );
}
if (strlen($lastname) < ENTRY_LAST_NAME_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_last_name_error'] );
}
if (ACCOUNT_COMPANY_VAT_ID_CHECK == 'true'){
if (!empty($vat_id) && (!oos_validate_is_vatid($vat_id))) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_vat_id_error']);
} else {
$vatid_check_error = FALSE;
}
}
if (strlen($street_address) < ENTRY_STREET_ADDRESS_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_street_address_error']);
}
if (strlen($postcode) < ENTRY_POSTCODE_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_post_code_error']);
}
if (strlen($city) < ENTRY_CITY_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_city_error']);
}
if (is_numeric($country) == FALSE) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_country_error']);
}
if (ACCOUNT_STATE == 'true') {
$zone_id = 0;
$zonestable = $oostable['zones'];
$country_check_sql = "SELECT COUNT(*) AS total
FROM $zonestable
WHERE zone_country_id = '" . intval($country) . "'";
$country_check = $dbconn->Execute($country_check_sql);
$entry_state_has_zones = ($country_check->fields['total'] > 0);
if ($entry_state_has_zones == TRUE) {
$zonestable = $oostable['zones'];
$zone_query = "SELECT DISTINCT zone_id
FROM $zonestable
WHERE zone_country_id = '" . intval($country) . "'
AND (zone_name = '" . oos_db_input($state) . "'
OR zone_code = '" . oos_db_input($state) . "')";
$zone_result = $dbconn->Execute($zone_query);
if ($zone_result->RecordCount() == 1) {
$zone = $zone_result->fields;
$zone_id = $zone['zone_id'];
} else {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_state_error_select']);
}
} else {
if (strlen($state) < ENTRY_STATE_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_state_error']);
}
}
}
if ($bError == FALSE) {
$address_booktable = $oostable['address_book'];
$sql = "SELECT max(address_book_id) AS address_book_id
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'";
$next_id_result = $dbconn->Execute($sql);
if ($next_id_result->RecordCount()) {
$next_id = $next_id_result->fields;
$entry_id = $next_id['address_book_id']+1;
} else {
$entry_id = 1;
}
$sql_data_array = array('customers_id' => intval($_SESSION['customer_id']),
'address_book_id' => $entry_id,
'entry_firstname' => $firstname,
'entry_lastname' => $lastname,
'entry_street_address' => $street_address,
'entry_postcode' => $postcode,
'entry_city' => $city,
'entry_country_id' => $country);
if (ACCOUNT_GENDER == 'true') $sql_data_array['entry_gender'] = $gender;
if (ACCOUNT_COMPANY == 'true') $sql_data_array['entry_company'] = $company;
if (ACCOUNT_OWNER == 'true') $sql_data_array['entry_owner'] = $owner;
if (ACCOUNT_VAT_ID == 'true') {
$sql_data_array['entry_vat_id'] = $vat_id;
if ((ACCOUNT_COMPANY_VAT_ID_CHECK == 'true') && ($vatid_check_error == FALSE) && ($country != STORE_COUNTRY)) {
$sql_data_array['entry_vat_id_status'] = 1;
} else {
$sql_data_array['entry_vat_id_status'] = 0;
}
}
if (ACCOUNT_STATE == 'true') {
if ($zone_id > 0) {
$sql_data_array['entry_zone_id'] = $zone_id;
$sql_data_array['entry_state'] = '';
} else {
$sql_data_array['entry_zone_id'] = '0';
$sql_data_array['entry_state'] = $state;
}
}
oos_db_perform($oostable['address_book'], $sql_data_array);
$_SESSION['billto'] = $entry_id;
if (isset($_SESSION['payment'])) unset($_SESSION['payment']);
oos_redirect(oos_href_link($aContents['checkout_payment']));
}
// Process the selected billing destination
} elseif (isset($_POST['address'])) {
$reset_payment = FALSE;
if (isset($_SESSION['billto'])) {
if ($_SESSION['billto'] != $_POST['address']) {
if (isset($_SESSION['payment'])) {
$reset_payment = TRUE;
}
}
}
$_SESSION['billto'] = intval($_POST['address']);
$address_booktable = $oostable['address_book'];
$sql = "SELECT COUNT(*) AS total
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
AND address_book_id = '" . intval($_SESSION['billto']) . "'";
$check_address_result = $dbconn->Execute($sql);
$check_address = $check_address_result->fields;
if ($check_address['total'] == '1') {
if ($reset_payment == TRUE) unset($_SESSION['payment']);
oos_redirect(oos_href_link($aContents['checkout_payment']));
} else {
unset($_SESSION['billto']);
}
// no addresses to select from - customer decided to keep the current assigned address
} else {
$_SESSION['billto'] = $_SESSION['customer_default_address_id'];
oos_redirect(oos_href_link($aContents['checkout_payment']));
}
}
// if no billing destination address was selected, use their own address as default
if (!isset($_SESSION['billto'])) {
$_SESSION['billto'] = $_SESSION['customer_default_address_id'];
}
if ($bProcess == FALSE) {
$address_booktable = $oostable['address_book'];
$sql = "SELECT COUNT(*) AS total
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
AND address_book_id != '" . intval($_SESSION['billto']) . "'";
$addresses_count_result = $dbconn->Execute($sql);
$addresses_count = $addresses_count_result->fields['total'];
if ($addresses_count > 0) {
$radio_buttons = 0;
$address_booktable = $oostable['address_book'];
$sql = "SELECT address_book_id, entry_firstname AS firstname, entry_lastname AS lastname,
entry_company AS company, entry_street_address AS street_address,
entry_city AS city, entry_postcode AS postcode,
entry_state AS state, entry_zone_id AS zone_id, entry_country_id AS country_id
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'";
$addresses_result = $dbconn->Execute($sql);
$addresses_array = array();
while ($addresses = $addresses_result->fields) {
$format_id = oos_get_address_format_id($address['country_id']);
$addresses_array[] = array('format_id' => $format_id,
'radio_buttons' => $radio_buttons,
'firstname' => $addresses['firstname'],
'lastname' => $addresses['lastname'],
'address_book_id' => $addresses['address_book_id'],
'address' => oos_address_format($format_id, $addresses, true, ' ', ', '));
$radio_buttons++;
$addresses_result->MoveNext();
}
}
}
if (!isset($bProcess)) $bProcess = FALSE;
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['checkout_payment']));
$oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['checkout_payment_address']));
$aTemplate['page'] = $sTheme . '/page/checkout_payment_address.html';
$nPageType = OOS_PAGE_TYPE_CHECKOUT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
if ($oMessage->size('checkout_address') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('checkout_address') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'checkout_active' => 1,
'process' => $bProcess,
'addresses_count' => $addresses_count,
'gender' => $gender,
'firstname' => $firstname,
'lastname' => $lastname,
'company' => $company,
'owner' => $owner,
'vat_id' => $vat_id,
'street_address' => $street_address,
'postcode' => $postcode,
'city' => $city,
'country' => $country,
'store_country' => STORE_COUNTRY,
'gender_error' => $gender_error,
'firstname_error' => $firstname_error,
'lastname_error' => $lastname_error,
'street_address_error' => $street_address_error,
'post_code_error' => $post_code_error,
'city_error' => $city_error,
'state_error' => $state_error,
'state_has_zones' => $entry_state_has_zones,
'country_error' => $country_error
)
);
if ($bProcess == FALSE) {
$smarty->assign('addresses_array', $addresses_array);
}
if ($entry_state_has_zones == TRUE) {
$zones_names = array();
$zones_values = array();
$zonestable = $oostable['zones'];
$zones_result = $dbconn->Execute("SELECT zone_name FROM $zonestable WHERE zone_country_id = '" . intval($country) . "' ORDER BY zone_name");
while ($zones = $zones_result->fields) {
$zones_names[] = $zones['zone_name'];
$zones_values[] = $zones['zone_name'];
$zones_result->MoveNext();
}
$smarty->assign('zones_names', $zones_names);
$smarty->assign('zones_values', $zones_values);
} else {
$state = oos_get_zone_name($country, $zone_id, $state);
$smarty->assign('state', $state);
$smarty->assign('zone_id', $zone_id);
}
$country_name = oos_get_country_name($country);
$smarty->assign('country_name', $country_name);
$state = oos_get_zone_name($country, $zone_id, $state);
$smarty->assign('state', $state);
// display the template
$smarty->display($aTemplate['page']);

380
msd2/myoos/includes/content/checkout_process.php Normal file
View File

@ -0,0 +1,380 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: checkout_process.php,v 1.6.2.1 2003/05/03 23:41:23 wilt
orig: checkout_process.php,v 1.125 2003/02/16 13:21:43 thomasamoulton
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/checkout_process.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_address.php';
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// if the customer is not logged on, redirect them to the login page
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot(array('content' =>$aContents['checkout_payment']));
oos_redirect(oos_href_link($aContents['login']));
}
if (!isset($_SESSION['shipping']) || !isset($_SESSION['sendto'])) {
oos_redirect(oos_href_link($aContents['checkout_shipping']));
}
if ( (oos_is_not_null(MODULE_PAYMENT_INSTALLED)) && (!isset($_SESSION['payment'])) ) {
oos_redirect(oos_href_link($aContents['checkout_payment']));
}
// avoid hack attempts during the checkout procedure by checking the internal cartID
if (isset($_SESSION['cart']->cartID) && isset($_SESSION['cartID'])) {
if ($_SESSION['cart']->cartID != $_SESSION['cartID']) {
oos_redirect(oos_href_link($aContents['checkout_shipping']));
}
}
// load selected payment module
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_payment.php';
$payment_modules = new payment($_SESSION['payment']);
// load the selected shipping module
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_shipping.php';
$shipping_modules = new shipping($_SESSION['shipping']);
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_order.php';
$oOrder = new order;
if ( (isset($_SESSION['shipping'])) && ($_SESSION['shipping']['id'] == 'free_free')) {
if ( ($oOrder->info['total'] - $oOrder->info['shipping_cost']) < MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING_OVER ) {
oos_redirect(oos_href_link($aContents['checkout_shipping']));
}
}
// load the before_process function from the payment modules
$payment_modules->before_process();
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_order_total.php';
$order_total_modules = new order_total;
$order_totals = $order_total_modules->process();
$sql_data_array = array('customers_id' => $_SESSION['customer_id'],
'customers_name' => $oOrder->customer['firstname'] . ' ' . $oOrder->customer['lastname'],
'customers_company' => $oOrder->customer['company'],
'customers_street_address' => $oOrder->customer['street_address'],
'customers_city' => $oOrder->customer['city'],
'customers_postcode' => $oOrder->customer['postcode'],
'customers_state' => $oOrder->customer['state'],
'customers_country' => $oOrder->customer['country']['title'],
'customers_telephone' => $oOrder->customer['telephone'],
'customers_email_address' => $oOrder->customer['email_address'],
'customers_address_format_id' => $oOrder->customer['format_id'],
'delivery_name' => $oOrder->delivery['firstname'] . ' ' . $oOrder->delivery['lastname'],
'delivery_company' => $oOrder->delivery['company'],
'delivery_street_address' => $oOrder->delivery['street_address'],
'delivery_city' => $oOrder->delivery['city'],
'delivery_postcode' => $oOrder->delivery['postcode'],
'delivery_state' => $oOrder->delivery['state'],
'delivery_country' => $oOrder->delivery['country']['title'],
'delivery_address_format_id' => $oOrder->delivery['format_id'],
'billing_name' => $oOrder->billing['firstname'] . ' ' . $oOrder->billing['lastname'],
'billing_company' => $oOrder->billing['company'],
'billing_street_address' => $oOrder->billing['street_address'],
'billing_city' => $oOrder->billing['city'],
'billing_postcode' => $oOrder->billing['postcode'],
'billing_state' => $oOrder->billing['state'],
'billing_country' => $oOrder->billing['country']['title'],
'billing_address_format_id' => $oOrder->billing['format_id'],
'payment_method' => $oOrder->info['payment_method'],
'date_purchased' => 'now()',
'last_modified' => 'now()',
'orders_status' => $oOrder->info['order_status'],
'currency' => $oOrder->info['currency'],
'currency_value' => $oOrder->info['currency_value'],
'orders_language' => $_SESSION['language']);
oos_db_perform($oostable['orders'], $sql_data_array);
$insert_id = $dbconn->Insert_ID();
for ($i=0, $n=count($order_totals); $i<$n; $i++) {
$sql_data_array = array('orders_id' => $insert_id,
'title' => $order_totals[$i]['title'],
'text' => $order_totals[$i]['text'],
'value' => $order_totals[$i]['value'],
'class' => $order_totals[$i]['code'],
'sort_order' => $order_totals[$i]['sort_order']);
oos_db_perform($oostable['orders_total'], $sql_data_array);
}
$customer_notification = ($oEvent->installed_plugin('mail')) ? '1' : '0';
$sql_data_array = array('orders_id' => $insert_id,
'orders_status_id' => $oOrder->info['order_status'],
'date_added' => 'now()',
'customer_notified' => $customer_notification,
'comments' => $oOrder->info['comments']);
oos_db_perform($oostable['orders_status_history'], $sql_data_array);
// initialized for the email confirmation
$products_ordered = '';
$subtotal = 0;
$total_tax = 0;
for ($i=0, $n=count($oOrder->products); $i<$n; $i++) {
// Stock Update - Joao Correia
if (STOCK_LIMITED == 'true') {
if (DOWNLOAD_ENABLED == 'true') {
$productstable = $oostable['products'];
$products_attributestable = $oostable['products_attributes'];
$products_attributes_downloadtable = $oostable['products_attributes_download'];
$stock_result_raw = "SELECT products_quantity, pad.products_attributes_filename
FROM $productstable p LEFT JOIN
$products_attributestable pa ON p.products_id = pa.products_id LEFT JOIN
$products_attributes_downloadtable pad ON pa.products_attributes_id = pad.products_attributes_id
WHERE p.products_id = '" . intval(oos_get_product_id($oOrder->products[$i]['id'])) . "'";
// Will work with only one option for downloadable products
// otherwise, we have to build the query dynamically with a loop
$products_attributes = $oOrder->products[$i]['attributes'];
if (is_array($products_attributes)) {
$stock_result_raw .= " AND pa.options_id = '" . intval($products_attributes[0]['option_id']) . "' AND pa.options_values_id = '" . intval($products_attributes[0]['value_id']) . "'";
}
$stock_result = $dbconn->Execute($stock_result_raw);
} else {
$productstable = $oostable['products'];
$sql = "SELECT products_quantity
FROM $productstable
WHERE products_id = '" . intval(oos_get_product_id($oOrder->products[$i]['id'])) . "'";
$stock_result = $dbconn->Execute($sql);
}
if ($stock_result->RecordCount() > 0) {
$stock_values = $stock_result->fields;
// do not decrement quantities if products_attributes_filename exists
if ((DOWNLOAD_ENABLED != 'true') || (!$stock_values['products_attributes_filename'])) {
$stock_left = $stock_values['products_quantity'] - $oOrder->products[$i]['qty'];
} else {
$stock_left = $stock_values['products_quantity'];
}
$productstable = $oostable['products'];
$dbconn->Execute("UPDATE $productstable
SET products_quantity = '" . oos_db_input($stock_left) . "'
WHERE products_id = '" . intval(oos_get_product_id($oOrder->products[$i]['id'])) . "'");
if ($stock_left < 1) {
$productstable = $oostable['products'];
$dbconn->Execute("UPDATE $productstable
SET products_status = '0'
WHERE products_id = '" . intval(oos_get_product_id($oOrder->products[$i]['id'])) . "'");
}
}
}
// Update products_ordered (for bestsellers list)
$productstable = $oostable['products'];
$dbconn->Execute("UPDATE $productstable
SET products_ordered = products_ordered + " . sprintf('%d', intval($oOrder->products[$i]['qty'])) . "
WHERE products_id = '" . intval(oos_get_product_id($oOrder->products[$i]['id'])) . "'");
$sql_data_array = array('orders_id' => $insert_id,
'products_id' => oos_get_product_id($oOrder->products[$i]['id']),
'products_model' => $oOrder->products[$i]['model'],
'products_ean' => $oOrder->products[$i]['ean'],
'products_name' => $oOrder->products[$i]['name'],
'products_price' => $oOrder->products[$i]['price'],
'final_price' => $oOrder->products[$i]['final_price'],
'products_tax' => $oOrder->products[$i]['tax'],
'products_quantity' => $oOrder->products[$i]['qty']);
oos_db_perform($oostable['orders_products'], $sql_data_array);
$order_products_id = $dbconn->Insert_ID();
//ICW ADDED FOR CREDIT CLASS SYSTEM
$order_total_modules->update_credit_account($i);
//------insert customer choosen option to order--------
$attributes_exist = '0';
$products_ordered_attributes = '';
if (isset($oOrder->products[$i]['attributes'])) {
$attributes_exist = '1';
for ($j=0, $n2=count($oOrder->products[$i]['attributes']); $j<$n2; $j++) {
if (DOWNLOAD_ENABLED == 'true') {
$products_optionstable = $oostable['products_options'];
$products_options_valuestable = $oostable['products_options_values'];
$products_attributestable = $oostable['products_attributes'];
$products_attributes_downloadtable = $oostable['products_attributes_download'];
if ($oOrder->products[$i]['attributes'][$j]['value_id'] == PRODUCTS_OPTIONS_VALUE_TEXT_ID) {
$attributes_result = "SELECT popt.products_options_name, poval.products_options_values_name,
pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays,
pad.products_attributes_maxcount , pad.products_attributes_filename
FROM $products_optionstable popt,
$products_options_valuestable poval,
$products_attributestable pa LEFT JOIN
$products_attributes_downloadtable pad ON pa.products_attributes_id = pad.products_attributes_id
WHERE pa.products_id = '" . intval($oOrder->products[$i]['id']) . "'
AND pa.options_id = '" . intval($oOrder->products[$i]['attributes'][$j]['option_id']) . "'
AND pa.options_id = popt.products_options_id
AND popt.products_options_languages_id = '" . intval($nLanguageID) . "'";
} else {
$attributes_result = "SELECT popt.products_options_name, poval.products_options_values_name,
pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays,
pad.products_attributes_maxcount , pad.products_attributes_filename
FROM $products_optionstable popt,
$products_options_valuestable poval,
$products_attributestable pa LEFT JOIN
$products_attributes_downloadtable pad ON pa.products_attributes_id = pad.products_attributes_id
WHERE pa.products_id = '" . intval($oOrder->products[$i]['id']) . "'
AND pa.options_id = '" . intval($oOrder->products[$i]['attributes'][$j]['option_id']) . "'
AND pa.options_id = popt.products_options_id
AND pa.options_values_id = '" . intval($oOrder->products[$i]['attributes'][$j]['value_id']) . "'
AND pa.options_values_id = poval.products_options_values_id
AND popt.products_options_languages_id = '" . intval($nLanguageID) . "'
AND poval.products_options_values_languages_id = '" . intval($nLanguageID) . "'";
}
$attributes = $dbconn->Execute($attributes_result);
} else {
$products_optionstable = $oostable['products_options'];
$products_options_valuestable = $oostable['products_options_values'];
$products_attributestable = $oostable['products_attributes'];
if ($oOrder->products[$i]['attributes'][$j]['value_id'] == PRODUCTS_OPTIONS_VALUE_TEXT_ID) {
$sql = "SELECT popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix
FROM $products_optionstable popt,
$products_options_valuestable poval,
$products_attributestable pa
WHERE pa.products_id = '" . intval($oOrder->products[$i]['id']) . "'
AND pa.options_id = '" . intval($oOrder->products[$i]['attributes'][$j]['option_id']) . "'
AND pa.options_id = popt.products_options_id
AND popt.products_options_languages_id = '" . intval($nLanguageID) . "'";
} else {
$sql = "SELECT popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix
FROM $products_optionstable popt,
$products_options_valuestable poval,
$products_attributestable pa
WHERE pa.products_id = '" . intval($oOrder->products[$i]['id']) . "'
AND pa.options_id = '" . intval($oOrder->products[$i]['attributes'][$j]['option_id']) . "'
AND pa.options_id = popt.products_options_id
AND pa.options_values_id = '" . intval($oOrder->products[$i]['attributes'][$j]['value_id']) . "'
AND pa.options_values_id = poval.products_options_values_id
AND popt.products_options_languages_id = '" . intval($nLanguageID) . "'
AND poval.products_options_values_languages_id = '" . intval($nLanguageID) . "'";
}
$attributes = $dbconn->Execute($sql);
}
$attributes_values = $attributes->fields;
$sql_data_array = array('orders_id' => $insert_id,
'orders_products_id' => $order_products_id,
'products_options' => $attributes_values['products_options_name'],
'products_options_values' => $oOrder->products[$i]['attributes'][$j]['value'],
'options_values_price' => $attributes_values['options_values_price'],
'price_prefix' => $attributes_values['price_prefix']);
// insert
oos_db_perform($oostable['orders_products_attributes'], $sql_data_array);
if ((DOWNLOAD_ENABLED == 'true') && isset($attributes_values['products_attributes_filename']) && oos_is_not_null($attributes_values['products_attributes_filename'])) {
$sql_data_array = array('orders_id' => $insert_id,
'orders_products_id' => $order_products_id,
'orders_products_filename' => $attributes_values['products_attributes_filename'],
'download_maxdays' => $attributes_values['products_attributes_maxdays'],
'download_count' => $attributes_values['products_attributes_maxcount']);
// insert
oos_db_perform($oostable['orders_products_download'], $sql_data_array);
}
$products_ordered_attributes .= "\n\t" . $attributes_values['products_options_name'] . ' ' . oos_decode_special_chars($oOrder->products[$i]['attributes'][$j]['value']);
}
}
//------insert customer choosen option eof ----
$total_weight += ($oOrder->products[$i]['qty'] * $oOrder->products[$i]['weight']);
$total_tax += oos_calculate_tax($total_products_price, $products_tax) * $oOrder->products[$i]['qty'];
$total_cost += $total_products_price;
$products_ordered .= $oOrder->products[$i]['qty'] . ' x ' . $oOrder->products[$i]['name'] . ' (' . $oOrder->products[$i]['model'] . ') = ' . $oCurrencies->display_price($oOrder->products[$i]['final_price'], $oOrder->products[$i]['tax'], $oOrder->products[$i]['qty']) . $products_ordered_attributes . "\n";
}
$order_total_modules->apply_credit();
// lets start with the email confirmation
$email_order = STORE_NAME . "\n" .
$aLang['email_separator'] . "\n" .
$aLang['email_text_order_number'] . ' ' . $insert_id . "\n" .
$aLang['email_text_invoice_url'] . ' ' . oos_href_link($aContents['account_history_info'], 'order_id=' . $insert_id, FALSE) . "\n" .
$aLang['email_text_date_ordered'] . ' ' . strftime(DATE_FORMAT_LONG) . "\n\n";
if ($oOrder->info['comments']) {
$email_order .= oosDBOutput($oOrder->info['comments']) . "\n\n";
}
$email_order .= $aLang['email_text_products'] . "\n" .
$aLang['email_separator'] . "\n" .
$products_ordered .
$aLang['email_separator'] . "\n";
for ($i=0, $n=count($order_totals); $i<$n; $i++) {
$email_order .= strip_tags($order_totals[$i]['title']) . ' ' . strip_tags($order_totals[$i]['text']) . "\n";
}
if ($oOrder->content_type != 'virtual') {
$email_order .= "\n" . $aLang['email_text_delivery_address'] . "\n" .
$aLang['email_separator'] . "\n" .
oos_address_label($_SESSION['customer_id'], $_SESSION['sendto'], 0, '', "\n") . "\n";
}
$email_order .= "\n" . $aLang['email_text_billing_address'] . "\n" .
$aLang['email_separator'] . "\n" .
oos_address_label($_SESSION['customer_id'], $_SESSION['billto'], 0, '', "\n") . "\n\n";
if (is_object(${$_SESSION['payment']})) {
$email_order .= $aLang['email_text_payment_method'] . "\n" .
$aLang['email_separator'] . "\n";
$payment_class = ${$_SESSION['payment']};
$email_order .= $payment_class->title . "\n\n";
if ($payment_class->email_footer) {
$email_order .= $payment_class->email_footer . "\n\n";
}
}
if (!isset($_SESSION['man_key'])) {
oos_mail($oOrder->customer['firstname'] . ' ' . $oOrder->customer['lastname'], $oOrder->customer['email_address'], $aLang['email_text_subject'], nl2br($email_order), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
}
// send emails to other people
if ( (defined (SEND_EXTRA_ORDER_EMAILS_TO)) && (SEND_EXTRA_ORDER_EMAILS_TO != '')) {
oos_mail('', SEND_EXTRA_ORDER_EMAILS_TO, $aLang['email_text_subject'], nl2br($email_order), $oOrder->customer['firstname'] . ' ' . $oOrder->customer['lastname'], $oOrder->customer['email_address'], true);
}
// load the after_process function from the payment modules
$payment_modules->after_process();
$_SESSION['cart']->reset(true);
// unregister session variables used during checkout
unset($_SESSION['sendto']);
unset($_SESSION['billto']);
unset($_SESSION['shipping']);
unset($_SESSION['payment']);
unset($_SESSION['comments']);
$order_total_modules->clear_posts();
oos_redirect(oos_href_link($aContents['checkout_success']));

215
msd2/myoos/includes/content/checkout_shipping.php Normal file
View File

@ -0,0 +1,215 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: checkout_shipping.php,v 1.9 2003/02/22 17:34:00 wilt
orig: checkout_shipping.php,v 1.14 2003/02/14 20:28:47 dgw_
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// if the customer is not logged on, redirect them to the login page
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
// if there is nothing in the customers cart, redirect them to the shopping cart page
if ($_SESSION['cart']->count_contents() < 1) {
oos_redirect(oos_href_link($aContents['shopping_cart']));
}
// check for maximum order
if ($_SESSION['cart']->show_total() > $_SESSION['customer_max_order']) {
oos_redirect(oos_href_link($aContents['info_max_order']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/checkout_shipping.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_address.php';
if (isset($_SESSION['shipping'])) unset($_SESSION['shipping']);
// if no shipping destination address was selected, use the customers own address as default
if (!isset($_SESSION['sendto'])) {
$_SESSION['sendto'] = $_SESSION['customer_default_address_id'];
} else {
// verify the selected shipping address
$address_booktable = $oostable['address_book'];
$sql = "SELECT COUNT(*) AS total
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
AND address_book_id = '" . intval($_SESSION['sendto']) . "'";
$check_address_result = $dbconn->Execute($sql);
$check_address = $check_address_result->fields;
if ($check_address['total'] != '1') {
$_SESSION['sendto'] = $_SESSION['customer_default_address_id'];
}
}
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_order.php';
$oOrder = new order;
// register a random ID in the session to check throughout the checkout procedure
// against alterations in the shopping cart contents
$_SESSION['cartID'] = $_SESSION['cart']->cartID;
// if the order contains only virtual products, forward the customer to the billing page as
// a shipping address is not needed
if (($oOrder->content_type == 'virtual') || ($_SESSION['cart']->show_total() == 0) ) {
$_SESSION['shipping'] = FALSE;
$_SESSION['sendto'] = FALSE;
oos_redirect(oos_href_link($aContents['checkout_payment']));
}
$total_weight = $_SESSION['cart']->show_weight();
$total_count = $_SESSION['cart']->count_contents();
// load all enabled shipping modules
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_shipping.php';
$shipping_modules = new shipping;
if ( defined('MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING') && (MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING == 'true') ) {
switch (MODULE_ORDER_TOTAL_SHIPPING_DESTINATION) {
case 'national':
if ($oOrder->delivery['country_id'] == STORE_COUNTRY) $pass = TRUE; break;
case 'international':
if ($oOrder->delivery['country_id'] != STORE_COUNTRY) $pass = TRUE; break;
case 'both':
$pass = TRUE; break;
default:
$pass = FALSE; break;
}
$free_shipping = FALSE;
if ( ($pass == TRUE) && ($oOrder->info['subtotal'] >= MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING_OVER) ) {
$free_shipping = TRUE;
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/modules/order_total/ot_shipping.php';
}
} else {
$free_shipping = FALSE;
}
// process the selected shipping method
if ( isset($_POST['action']) && ($_POST['action'] == 'process') ) {
if ( (isset($_POST['comments'])) && (empty($_POST['comments'])) ) {
$_SESSION['comments'] = '';
} elseif (oos_is_not_null($_POST['comments'])) {
$_SESSION['comments'] = oos_db_prepare_input($_POST['comments']);
}
if ( (oos_count_shipping_modules() > 0) || ($free_shipping == TRUE) ) {
if ( (isset($_POST['shipping'])) && (strpos($_POST['shipping'], '_')) ) {
$_SESSION['shipping'] = $_POST['shipping'];
list($module, $method) = explode('_', $_SESSION['shipping']);
if ( is_object($$module) || ($_SESSION['shipping'] == 'free_free') ) {
if ($_SESSION['shipping'] == 'free_free') {
$quote[0]['methods'][0]['title'] = $aLang['free_shipping_title'];
$quote[0]['methods'][0]['cost'] = '0';
} else {
$quote = $shipping_modules->quote($method, $module);
}
if (isset($quote['error'])) {
unset($_SESSION['shipping']);
} else {
if ( (isset($quote[0]['methods'][0]['title'])) && (isset($quote[0]['methods'][0]['cost'])) ) {
$_SESSION['shipping'] = array('id' => $_SESSION['shipping'],
'title' => (($free_shipping == TRUE) ? $quote[0]['methods'][0]['title'] : $quote[0]['module'] . ' (' . $quote[0]['methods'][0]['title'] . ')'),
'cost' => $quote[0]['methods'][0]['cost']);
oos_redirect(oos_href_link($aContents['checkout_payment']));
}
}
} else {
unset($_SESSION['shipping']);
}
}
} else {
$_SESSION['shipping'] = FALSE;
oos_redirect(oos_href_link($aContents['checkout_payment']));
}
}
// get all available shipping quotes
$quotes = $shipping_modules->quote();
// if no shipping method has been selected, automatically select the cheapest method.
// if the modules status was changed when none were available, to save on implementing
// a javascript force-selection method, also automatically select the cheapest shipping
// method if more than one module is now enabled
if ((!isset($_SESSION['shipping']) || (!isset($_SESSION['shipping']['id']) || $_SESSION['shipping']['id'] == '') && oos_count_shipping_modules() >= 1)) $_SESSION['shipping'] = $shipping_modules->cheapest();
list ($sess_class, $sess_method) = preg_split('/_/', $_SESSION['shipping']['id']);
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['checkout_shipping']));
$oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['checkout_shipping']));
$aTemplate['page'] = $sTheme . '/page/checkout_shipping.html';
$nPageType = OOS_PAGE_TYPE_CHECKOUT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'checkout_active' => 1,
'sess_method' => $sess_method,
'counts_shipping_modules' => oos_count_shipping_modules(),
'quotes' => $quotes,
'free_shipping' => $free_shipping,
'oos_free_shipping_description' => sprintf($aLang['free_shipping_description'], $oCurrencies->format(MODULE_ORDER_TOTAL_SHIPPING_FREE_SHIPPING_OVER))
)
);
// display the template
$smarty->display($aTemplate['page']);

379
msd2/myoos/includes/content/checkout_shipping_address.php Normal file
View File

@ -0,0 +1,379 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: checkout_shipping_address.php,v 1.8 2003/02/13 04:23:22 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/checkout_shipping_address.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_address.php';
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// if the customer is not logged on, redirect them to the login page
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
// if there is nothing in the customers cart, redirect them to the shopping cart page
if ($_SESSION['cart']->count_contents() < 1) {
oos_redirect(oos_href_link($aContents['shopping_cart']));
}
// if the order contains only virtual products, forward the customer to the billing page as
// a shipping address is not needed
if ($oOrder->content_type == 'virtual') {
$_SESSION['shipping'] = FALSE;
$_SESSION['sendto'] = FALSE;
oos_redirect(oos_href_link($aContents['checkout_payment']));
}
$bError = FALSE; // reset error flag
$bProcess = FALSE;
if ( isset($_POST['action']) && ($_POST['action'] == 'submit') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
// Process a new shipping address
if (oos_is_not_null($_POST['firstname']) && oos_is_not_null($_POST['lastname']) && oos_is_not_null($_POST['street_address'])) {
$bProcess = TRUE;
if (ACCOUNT_GENDER == 'true') {
if (isset($_POST['gender'])) {
$gender = oos_db_prepare_input($_POST['gender']);
} else {
$gender = FALSE;
}
}
$firstname = oos_db_prepare_input($_POST['firstname']);
$lastname = oos_db_prepare_input($_POST['lastname']);
if (ACCOUNT_COMPANY == 'true') $company = oos_db_prepare_input($_POST['company']);
if (ACCOUNT_OWNER == 'true') $owner = oos_db_prepare_input($_POST['owner']);
if (ACCOUNT_VAT_ID == 'true') $vat_id = oos_db_prepare_input($_POST['vat_id']);
$street_address = oos_db_prepare_input($_POST['street_address']);
$postcode = oos_db_prepare_input($_POST['postcode']);
$city = oos_db_prepare_input($_POST['city']);
if (ACCOUNT_STATE == 'true') {
$state = oos_db_prepare_input($_POST['state']);
if (isset($_POST['zone_id'])) {
$zone_id = oos_db_prepare_input($_POST['zone_id']);
} else {
$zone_id = FALSE;
}
}
$country = oos_db_prepare_input($_POST['country']);
if (ACCOUNT_GENDER == 'true') {
if ( ($gender != 'm') && ($gender != 'f') ) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_gender_error']);
}
}
if (strlen($firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_first_name_error'] );
}
if (strlen($lastname) < ENTRY_LAST_NAME_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_last_name_error'] );
}
if (ACCOUNT_COMPANY_VAT_ID_CHECK == 'true'){
if (!empty($vat_id) && (!oos_validate_is_vatid($vat_id))) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_vat_id_error']);
} else {
$vatid_check_error = FALSE;
}
}
if (strlen($street_address) < ENTRY_STREET_ADDRESS_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_street_address_error']);
}
if (strlen($postcode) < ENTRY_POSTCODE_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_post_code_error']);
}
if (strlen($city) < ENTRY_CITY_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_city_error']);
}
if (is_numeric($country) == FALSE) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_country_error']);
}
if (ACCOUNT_STATE == 'true') {
$zone_id = 0;
$zonestable = $oostable['zones'];
$country_check_sql = "SELECT COUNT(*) AS total
FROM $zonestable
WHERE zone_country_id = '" . intval($country) . "'";
$country_check = $dbconn->Execute($country_check_sql);
$entry_state_has_zones = ($country_check->fields['total'] > 0);
if ($entry_state_has_zones == TRUE) {
$zonestable = $oostable['zones'];
$zone_query = "SELECT DISTINCT zone_id
FROM $zonestable
WHERE zone_country_id = '" . intval($country) . "'
AND (zone_name = '" . oos_db_input($state) . "'
OR zone_code = '" . oos_db_input($state) . "')";
$zone_result = $dbconn->Execute($zone_query);
if ($zone_result->RecordCount() == 1) {
$zone = $zone_result->fields;
$zone_id = $zone['zone_id'];
} else {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_state_error_select']);
}
} else {
if (strlen($state) < ENTRY_STATE_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('checkout_address', $aLang['entry_state_error']);
}
}
}
if ($bError == FALSE) {
$address_booktable = $oostable['address_book'];
$sql = "SELECT max(address_book_id) AS address_book_id
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'";
$next_id_result = $dbconn->Execute($sql);
if ($next_id_result->RecordCount()) {
$next_id = $next_id_result->fields;
$entry_id = $next_id['address_book_id']+1;
} else {
$entry_id = 1;
}
$sql_data_array = array('customers_id' => intval($_SESSION['customer_id']),
'address_book_id' => $entry_id,
'entry_firstname' => $firstname,
'entry_lastname' => $lastname,
'entry_street_address' => $street_address,
'entry_postcode' => $postcode,
'entry_city' => $city,
'entry_country_id' => $country);
if (ACCOUNT_GENDER == 'true') $sql_data_array['entry_gender'] = $gender;
if (ACCOUNT_COMPANY == 'true') $sql_data_array['entry_company'] = $company;
if (ACCOUNT_OWNER == 'true') $sql_data_array['entry_owner'] = $owner;
if (ACCOUNT_VAT_ID == 'true') {
$sql_data_array['entry_vat_id'] = $vat_id;
if ((ACCOUNT_COMPANY_VAT_ID_CHECK == 'true') && ($vatid_check_error == FALSE) && ($country != STORE_COUNTRY)) {
$sql_data_array['entry_vat_id_status'] = 1;
} else {
$sql_data_array['entry_vat_id_status'] = 0;
}
}
if (ACCOUNT_STATE == 'true') {
if ($zone_id > 0) {
$sql_data_array['entry_zone_id'] = $zone_id;
$sql_data_array['entry_state'] = '';
} else {
$sql_data_array['entry_zone_id'] = '0';
$sql_data_array['entry_state'] = $state;
}
}
oos_db_perform($oostable['address_book'], $sql_data_array);
$_SESSION['sendto'] = $entry_id;
if (isset($_SESSION['shipping'])) unset($_SESSION['shipping']);
oos_redirect(oos_href_link($aContents['checkout_shipping']));
}
// Process the selected shipping destination
} elseif (isset($_POST['address'])) {
$reset_shipping = FALSE;
if (isset($_SESSION['sendto'])) {
if ($_SESSION['sendto'] != $_POST['address']) {
if (isset($_SESSION['shipping'])) {
$reset_shipping = TRUE;
}
}
}
$_SESSION['sendto'] = intval($_POST['address']);
$address_booktable = $oostable['address_book'];
$sql = "SELECT COUNT(*) AS total
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
AND address_book_id = '" . intval($_SESSION['sendto']) . "'";
$check_address_result = $dbconn->Execute($sql);
$check_address = $check_address_result->fields;
if ($check_address['total'] == '1') {
if ($reset_shipping == TRUE) unset($_SESSION['shipping']);
oos_redirect(oos_href_link($aContents['checkout_shipping']));
} else {
unset($_SESSION['sendto']);
}
} else {
$_SESSION['sendto'] = $_SESSION['customer_default_address_id'];
oos_redirect(oos_href_link($aContents['checkout_shipping']));
}
}
// if no shipping destination address was selected, use their own address as default
if (!isset($_SESSION['sendto'])) {
$_SESSION['sendto'] = $_SESSION['customer_default_address_id'];
}
if ($bProcess == FALSE) {
$address_booktable = $oostable['address_book'];
$sql = "SELECT COUNT(*) AS total
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
AND address_book_id != '" . intval($_SESSION['sendto']) . "'";
$addresses_count_result = $dbconn->Execute($sql);
$addresses_count = $addresses_count_result->fields['total'];
if ($addresses_count > 0) {
$radio_buttons = 0;
$address_booktable = $oostable['address_book'];
$sql = "SELECT address_book_id, entry_firstname AS firstname, entry_lastname AS lastname,
entry_company AS company, entry_street_address AS street_address,
entry_city AS city, entry_postcode AS postcode,
entry_state AS state, entry_zone_id AS zone_id, entry_country_id AS country_id
FROM $address_booktable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'";
$addresses_result = $dbconn->Execute($sql);
$addresses_array = array();
while ($addresses = $addresses_result->fields) {
$format_id = oos_get_address_format_id($address['country_id']);
$addresses_array[] = array('format_id' => $format_id,
'radio_buttons' => $radio_buttons,
'firstname' => $addresses['firstname'],
'lastname' => $addresses['lastname'],
'address_book_id' => $addresses['address_book_id'],
'address' => oos_address_format($format_id, $addresses, true, ' ', ', '));
$radio_buttons++;
// Move that ADOdb pointer!
$addresses_result->MoveNext();
}
}
}
if (!isset($bProcess)) $bProcess = FALSE;
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['checkout_shipping']));
$oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['checkout_shipping_address']));
$aTemplate['page'] = $sTheme . '/page/checkout_shipping_address.html';
$nPageType = OOS_PAGE_TYPE_CHECKOUT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
if ($oMessage->size('checkout_address') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('checkout_address') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'checkout_active' => 1,
'process' => $bProcess,
'addresses_count' => $addresses_count,
'gender' => $gender,
'firstname' => $firstname,
'lastname' => $lastname,
'company' => $company,
'owner' => $owner,
'vat_id' => $vat_id,
'street_address' => $street_address,
'postcode' => $postcode,
'city' => $city,
'country' => $country,
'store_country' => STORE_COUNTRY,
'gender_error' => $gender_error,
'firstname_error' => $firstname_error,
'lastname_error' => $lastname_error,
'street_address_error' => $street_address_error,
'post_code_error' => $post_code_error,
'city_error' => $city_error,
'state_error' => $state_error,
'state_has_zones' => $entry_state_has_zones,
'country_error' => $country_error
)
);
if ($bProcess == FALSE) {
$smarty->assign('addresses_array', $addresses_array);
}
if ($entry_state_has_zones == TRUE) {
$zones_names = array();
$zones_values = array();
$zonestable = $oostable['zones'];
$zones_result = $dbconn->Execute("SELECT zone_name FROM $zonestable WHERE zone_country_id = '" . intval($country) . "' ORDER BY zone_name");
while ($zones = $zones_result->fields) {
$zones_names[] = $zones['zone_name'];
$zones_values[] = $zones['zone_name'];
$zones_result->MoveNext();
}
$smarty->assign('zones_names', $zones_names);
$smarty->assign('zones_values', $zones_values);
} else {
$state = oos_get_zone_name($country, $zone_id, $state);
$smarty->assign('state', $state);
$smarty->assign('zone_id', $zone_id);
}
$country_name = oos_get_country_name($country);
$smarty->assign('country_name', $country_name);
$state = oos_get_zone_name($country, $zone_id, $state);
$smarty->assign('state', $state);
// display the template
$smarty->display($aTemplate['page']);

152
msd2/myoos/includes/content/checkout_success.php Normal file
View File

@ -0,0 +1,152 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: checkout_success.php,v 1.6.2.1 2003/05/03 23:41:23 wilt
orig: checkout_success.php,v 1.48 2003/02/17 11:51:16 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// if the customer is not logged on, redirect them to the shopping cart page
if (!isset($_SESSION['customer_id'])) {
oos_redirect(oos_href_link($aContents['shopping_cart']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/checkout_success.php';
if ( isset($_POST['action']) && ($_POST['action'] == 'notify_process') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
if (isset($_POST['notify']) && !empty($_POST['notify'])) {
$notify = $_POST['notify'];
if (!is_array($notify)) {
$notify = array($notify);
}
$products_notificationstable = $oostable['products_notifications'];
for ($i=0, $n=count($notify); $i<$n; $i++) {
$sql = "SELECT COUNT(*) AS total
FROM $products_notificationstable
WHERE products_id = '" . intval($notify[$i]) . "'
AND customers_id = '" . intval($_SESSION['customer_id']) . "'";
$check = $dbconn->Execute($sql);
if ($check->fields['total'] < 1) {
$today = date("Y-m-d H:i:s");
$sql = "INSERT INTO $products_notificationstable
(products_id,
customers_id,
date_added) VALUES (" . $dbconn->qstr($notify[$i]) . ','
. $dbconn->qstr($_SESSION['customer_id']) . ','
. $dbconn->DBTimeStamp($today) . ")";
$result = $dbconn->Execute($sql);
}
}
}
oos_redirect(oos_href_link($aContents['home']));
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1']);
$oBreadcrumb->add($aLang['navbar_title_2']);
$customers_infotable = $oostable['customers_info'];
$sql = "SELECT global_product_notifications
FROM $customers_infotable
WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'";
$global_result = $dbconn->Execute($sql);
$global = $global_result->fields;
if ($global['global_product_notifications'] != '1') {
$orderstable = $oostable['orders'];
$sql = "SELECT orders_id
FROM $orderstable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'
ORDER BY date_purchased desc LIMIT 1";
$orders_result = $dbconn->Execute($sql);
$orders = $orders_result->fields;
$products_array = array();
$orders_productstable = $oostable['orders_products'];
$sql = "SELECT products_id, products_name
FROM $orders_productstable
WHERE orders_id = '" . intval($orders['orders_id']) . "'
ORDER BY products_name";
$products_result = $dbconn->Execute($sql);
while ($products = $products_result->fields) {
$products_array[] = array('id' => $products['products_id'],
'text' => $products['products_name']);
$products_result->MoveNext();
}
}
$aTemplate['page'] = $sTheme . '/page/checkout_success.html';
$nPageType = OOS_PAGE_TYPE_CHECKOUT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
//ICW ADDED FOR ORDER_TOTAL CREDIT SYSTEM - Start Addition
$coupon_gv_customertable = $oostable['coupon_gv_customer'];
$sql = "SELECT amount
FROM $coupon_gv_customertable
WHERE customer_id = '" . intval($_SESSION['customer_id']) . "'";
$gv_amount = $dbconn->GetOne($sql);
$smarty->assign('gv_amount', $gv_amount);
$products_notify = '';
if ($global['global_product_notifications'] != '1') {
$products_notify .= $aLang['text_notify_products'] . '<br /><p class="productsNotifications">';
$products_displayed = array();
for ($i=0, $n=count($products_array); $i<$n; $i++) {
if (!in_array($products_array[$i]['id'], $products_displayed)) {
$products_notify .= oos_draw_checkbox_field('notify[]', $products_array[$i]['id']) . ' ' . $products_array[$i]['text'] . '<br />';
$products_displayed[] = $products_array[$i]['id'];
}
}
$products_notify .= '</p>';
} else {
$products_notify .= $aLang['text_see_orders'] . '<br /><br />' . $aLang['text_contact_store_owner'];
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'checkout_active' => 1,
'products_notify' => $products_notify
)
);
// display the template
$smarty->display($aTemplate['page']);

88
msd2/myoos/includes/content/contact_us.php Normal file
View File

@ -0,0 +1,88 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: contact_us.php,v 1.39 2003/02/14 05:51:15 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/contact_us.php';
$bError = FALSE;
if ( isset($_POST['action']) && ($_POST['action'] == 'send') ) {
$email_address = oos_prepare_input($_POST['email']);
$name = oos_prepare_input($_POST['name']);
$phone = oos_prepare_input($_POST['phone']);
$subject = oos_prepare_input($_POST['subject']);
$enquiry = oos_prepare_input($_POST['enquiry']);
if (oos_validate_is_email(trim($email_address))) {
if ( empty( $subject )) {
$subject = $aLang['email_subject'];
}
$email_text = "\n";
$email_text .= $aLang['entry_name'] . ' ' . $name . "\n";
$email_text .= $aLang['entry_telephone_number'] . ' ' . $phone . "\n";
$email_text .= $aLang['entry_email'] . ' ' . $email_address . "\n";
$email_text .= "\n";
$email_text .= $aLang['entry_enquiry'] . ' ' . $enquiry . "\n";
oos_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $subject, $enquiry, $name, $email_address);
oos_redirect(oos_href_link($aContents['contact_us'], 'action=success'));
} else {
$oMessage->add('contact_us', $aLang['error_email_address']);
$bError = TRUE;
}
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['contact_us']));
$sCanonical = oos_href_link($aContents['contact_us'], '', FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/contact_us.html';
$nPageType = OOS_PAGE_TYPE_MAINPAGE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
if ($oMessage->size('contact_us') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('contact_us') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'canonical' => $sCanonical,
'error' => $bError
)
);
// display the template
$smarty->display($aTemplate['page']);

495
msd2/myoos/includes/content/create_account.php Normal file
View File

@ -0,0 +1,495 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: create_account.php,v 1.59 2003/02/14 05:51:17 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// require the password crypto functions
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_password.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_validate_vatid.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/create_account.php';
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
if ( $_SESSION['login_count'] > 3) {
oos_redirect(oos_href_link($aContents['403']));
}
if ( isset($_POST['action']) && ($_POST['action'] == 'process') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
if (ACCOUNT_GENDER == 'true') {
if (isset($_POST['gender'])) {
$gender = oos_db_prepare_input($_POST['gender']);
} else {
$gender = FALSE;
}
}
$firstname = oos_db_prepare_input($_POST['firstname']);
$lastname = oos_db_prepare_input($_POST['lastname']);
if (ACCOUNT_DOB == 'true') $dob = oos_db_prepare_input($_POST['dob']);
$email_address = oos_db_prepare_input($_POST['email_address']);
if (ACCOUNT_COMPANY == 'true') $company = oos_db_prepare_input($_POST['company']);
if (ACCOUNT_OWNER == 'true') $owner = oos_db_prepare_input($_POST['owner']);
if (ACCOUNT_VAT_ID == 'true') $vat_id = oos_db_prepare_input($_POST['vat_id']);
$street_address = oos_db_prepare_input($_POST['street_address']);
$postcode = oos_db_prepare_input($_POST['postcode']);
$city = oos_db_prepare_input($_POST['city']);
if (ACCOUNT_STATE == 'true') {
$state = oos_db_prepare_input($_POST['state']);
if (isset($_POST['zone_id'])) {
$zone_id = oos_db_prepare_input($_POST['zone_id']);
} else {
$zone_id = FALSE;
}
}
$country = oos_db_prepare_input($_POST['country']);
if (ACCOUNT_TELEPHONE == 'true') $telephone = oos_db_prepare_input($_POST['telephone']);
$password = oos_db_prepare_input($_POST['password']);
$confirmation = oos_db_prepare_input($_POST['confirmation']);
if (isset($_POST['newsletter'])) {
$newsletter = oos_db_prepare_input($_POST['newsletter']);
}
if (isset($_POST['agree'])) {
$agree = oos_db_prepare_input($_POST['agree']);
}
$bError = FALSE; // reset error flag
if (ACCOUNT_GENDER == 'true') {
if ( ($gender != 'm') && ($gender != 'f') ) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_gender_error']);
}
}
if (strlen($firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_first_name_error'] );
}
if (strlen($lastname) < ENTRY_LAST_NAME_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_last_name_error'] );
}
if (ACCOUNT_DOB == 'true') {
if ((strlen($dob) < ENTRY_DOB_MIN_LENGTH) || (!empty($dob) &&
(!is_numeric(oos_date_raw($dob)) ||
!checkdate(substr(oos_date_raw($dob), 4, 2), substr(oos_date_raw($dob), 6, 2), substr(oos_date_raw($dob), 0, 4))))) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_date_of_birth_error'] );
}
}
if (strlen($email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_email_address_error']);
} elseif (oos_validate_is_email($email_address) == FALSE) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_email_address_check_error']);
} else {
$customerstable = $oostable['customers'];
$check_email_sql = "SELECT customers_email_address
FROM $customerstable
WHERE customers_email_address = '" . oos_db_input($email_address) . "'";
$check_email = $dbconn->Execute($check_email_sql);
if ($check_email->RecordCount()) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_email_address_error_exists']);
}
}
if (ACCOUNT_COMPANY_VAT_ID_CHECK == 'true'){
if (!empty($vat_id) && (!oos_validate_is_vatid($vat_id))) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_vat_id_error']);
} else {
$vatid_check_error = FALSE;
}
}
if (strlen($street_address) < ENTRY_STREET_ADDRESS_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_street_address_error']);
}
if (strlen($postcode) < ENTRY_POSTCODE_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_post_code_error']);
}
if (strlen($city) < ENTRY_CITY_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_city_error']);
}
if (is_numeric($country) == FALSE) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_country_error']);
}
if (ACCOUNT_STATE == 'true') {
$zone_id = 0;
$zonestable = $oostable['zones'];
$country_check_sql = "SELECT COUNT(*) AS total
FROM $zonestable
WHERE zone_country_id = '" . intval($country) . "'";
$country_check = $dbconn->Execute($country_check_sql);
$entry_state_has_zones = ($country_check->fields['total'] > 0);
if ($entry_state_has_zones == TRUE) {
$zonestable = $oostable['zones'];
$zone_query = "SELECT DISTINCT zone_id
FROM $zonestable
WHERE zone_country_id = '" . intval($country) . "'
AND (zone_name = '" . oos_db_input($state) . "'
OR zone_code = '" . oos_db_input($state) . "')";
$zone_result = $dbconn->Execute($zone_query);
if ($zone_result->RecordCount() == 1) {
$zone = $zone_result->fields;
$zone_id = $zone['zone_id'];
} else {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_state_error_select']);
}
} else {
if (strlen($state) < ENTRY_STATE_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_state_error']);
}
}
}
if (CUSTOMER_NOT_LOGIN == 'false') {
if (strlen($password) < ENTRY_PASSWORD_MIN_LENGTH) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_password_error']);
} elseif ($password != $confirmation) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_password_error_not_matching']);
}
}
if (empty($agree)) {
$bError = TRUE;
$oMessage->add('create_account', $aLang['entry_agree_error']);
}
if ($bError == FALSE) {
$customer_max_order = DEFAULT_MAX_ORDER;
$customers_status = DEFAULT_CUSTOMERS_STATUS_ID;
if (CUSTOMER_NOT_LOGIN == 'true') {
$customers_login = '0';
} else {
$customers_login = '1';
}
$time = mktime();
$wishlist_link_id = oos_create_wishlist_code();
$sql_data_array = array('customers_firstname' => $firstname,
'customers_lastname' => $lastname,
'customers_email_address' => $email_address,
'customers_status' => $customers_status,
'customers_login' => $customers_login,
'customers_language' => $sLanguage,
'customers_max_order' => $customer_max_order,
'customers_password' => oos_encrypt_password($password),
'customers_wishlist_link_id' => $wishlist_link_id,
'customers_default_address_id' => 1);
if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $gender;
if (ACCOUNT_DOB == 'true') $sql_data_array['customers_dob'] = oos_date_raw($dob);
if (ACCOUNT_TELEPHONE == 'true') $sql_data_array['customers_telephone'] = $telephone;
oos_db_perform($oostable['customers'], $sql_data_array);
$customer_id = $dbconn->Insert_ID();
$sql_data_array = array('customers_id' => $customer_id,
'entry_firstname' => $firstname,
'entry_lastname' => $lastname,
'entry_street_address' => $street_address,
'entry_postcode' => $postcode,
'entry_city' => $city,
'entry_country_id' => $country);
if (ACCOUNT_GENDER == 'true') $sql_data_array['entry_gender'] = $gender;
if (ACCOUNT_COMPANY == 'true') $sql_data_array['entry_company'] = $company;
if (ACCOUNT_OWNER == 'true') $sql_data_array['entry_owner'] = $owner;
if (ACCOUNT_VAT_ID == 'true') {
$sql_data_array['entry_vat_id'] = $vat_id;
if ((ACCOUNT_COMPANY_VAT_ID_CHECK == 'true') && ($vatid_check_error == FALSE) && ($country != STORE_COUNTRY)) {
$sql_data_array['entry_vat_id_status'] = 1;
} else {
$sql_data_array['entry_vat_id_status'] = 0;
}
}
if (ACCOUNT_STATE == 'true') {
if ($zone_id > 0) {
$sql_data_array['entry_zone_id'] = $zone_id;
$sql_data_array['entry_state'] = '';
} else {
$sql_data_array['entry_zone_id'] = '0';
$sql_data_array['entry_state'] = $state;
}
}
oos_db_perform($oostable['address_book'], $sql_data_array);
$address_id = $dbconn->Insert_ID();
$customers_table = $oostable['customers'];
$dbconn->Execute("UPDATE $customers_table SET customers_default_address_id = '" . intval($address_id) . "' WHERE customers_id = '" . intval($customer_id) . "'");
$customers_infotable = $oostable['customers_info'];
$dbconn->Execute("INSERT INTO $customers_infotable
(customers_info_id,
customers_info_number_of_logons,
customers_info_date_account_created) VALUES ('" . intval($customer_id) . "',
'0',
now())");
if (CUSTOMER_NOT_LOGIN != 'true') {
$_SESSION['customer_id'] = $customer_id;
if (ACCOUNT_GENDER == 'true') $_SESSION['customer_gender'] = $gender;
$_SESSION['customer_first_name'] = $firstname;
$_SESSION['customer_lastname'] = $lastname;
$_SESSION['customer_default_address_id'] = $address_id;
$_SESSION['customer_country_id'] = $country;
$_SESSION['customer_zone_id'] = $zone_id;
$_SESSION['customer_wishlist_link_id'] = $wishlist_link_id;
$_SESSION['customer_max_order'] = $customer_max_order;
if (ACCOUNT_VAT_ID == 'true') {
if ((ACCOUNT_COMPANY_VAT_ID_CHECK == 'true') && ($vatid_check_error == FALSE)) {
$_SESSION['customers_vat_id_status'] = 1;
} else {
$_SESSION['customers_vat_id_status'] = 0;
}
}
// restore cart contents
$_SESSION['cart']->restore_contents();
$_SESSION['user']->restore_group();
$aUser = $_SESSION['user']->group;
}
// build the message content
$name = $firstname . " " . $lastname;
if (ACCOUNT_GENDER == 'true') {
if ($gender == 'm') {
$email_text = $aLang['email_greet_mr'];
} else {
$email_text = $aLang['email_greet_ms'];
}
} else {
$email_text = $aLang['email_greet_none'];
}
$email_text .= $aLang['email_welcome'];
if (MODULE_ORDER_TOTAL_GV_STATUS == 'true') {
if (NEW_SIGNUP_GIFT_VOUCHER_AMOUNT > 0) {
$coupon_code = oos_create_coupon_code();
$couponstable = $oostable['coupons'];
$insert_result = $dbconn->Execute("INSERT INTO $couponstable
(coupon_code,
coupon_type,
coupon_amount,
date_created) VALUES ('" . oos_db_input($coupon_code) . "',
'G',
'" . NEW_SIGNUP_GIFT_VOUCHER_AMOUNT . "',
now())");
$insert_id = $dbconn->Insert_ID();
$coupon_email_tracktable = $oostable['coupon_email_track'];
$insert_result = $dbconn->Execute("INSERT INTO $coupon_email_tracktable
(coupon_id,
customer_id_sent,
sent_firstname,
emailed_to,
date_sent) VALUES ('" . oos_db_input($insert_id) ."',
'0',
'Admin',
'" . $email_address . "',
now() )");
$email_text .= sprintf($aLang['email_gv_incentive_header'], $oCurrencies->format(NEW_SIGNUP_GIFT_VOUCHER_AMOUNT)) . "\n\n" .
sprintf($aLang['email_gv_redeem'], $coupon_code) . "\n\n" .
$aLang['email_gv_link'] . oos_href_link($aContents['gv_redeem'], 'gv_no=' . $coupon_code, false, false) .
"\n\n";
}
if (NEW_SIGNUP_DISCOUNT_COUPON != '') {
$coupon_id = NEW_SIGNUP_DISCOUNT_COUPON;
$couponstable = $oostable['coupons'];
$sql = "SELECT *
FROM $couponstable
WHERE coupon_id = '" . oos_db_input($coupon_id) . "'";
$coupon_result = $dbconn->Execute($sql);
$coupons_descriptiontable = $oostable['coupons_description'];
$sql = "SELECT *
FROM " . $coupons_descriptiontable . "
WHERE coupon_id = '" . oos_db_input($coupon_id) . "'
AND coupon_languages_id = '" . intval($nLanguageID) . "'";
$coupon_desc_result = $dbconn->Execute($sql);
$coupon = $coupon_result->fields;
$coupon_desc = $coupon_desc_result->fields;
$coupon_email_tracktable = $oostable['coupon_email_track'];
$insert_result = $dbconn->Execute("INSERT INTO $coupon_email_tracktable
(coupon_id,
customer_id_sent,
sent_firstname,
emailed_to,
date_sent) VALUES ('" . oos_db_input($coupon_id) ."',
'0',
'Admin',
'" . oos_db_input($email_address) . "',
now() )");
$email_text .= $aLang['email_coupon_incentive_header'] . "\n\n" .
$coupon_desc['coupon_description'] .
sprintf($aLang['email_coupon_redeem'], $coupon['coupon_code']) . "\n\n" .
"\n\n";
}
}
$email_text .= $aLang['email_text'] . $aLang['email_contact'] . $aLang['email_warning'] . $aLang['email_disclaimer'];
oos_mail($name, $email_address, $aLang['email_subject'], nl2br($email_text), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, '3');
if (SEND_CUSTOMER_EDIT_EMAILS == 'true') {
$email_owner = $aLang['owner_email_subject'] . "\n" .
$aLang['email_separator'] . "\n" .
$aLang['owner_email_date'] . ' ' . strftime(DATE_FORMAT_LONG) . "\n\n" .
$aLang['email_separator'] . "\n";
if (ACCOUNT_COMPANY == 'true') {
$email_owner .= $aLang['owner_email_company_info'] . "\n" .
$aLang['owner_email_company'] . ' ' . $company . "\n";
if (ACCOUNT_OWNER == 'true') {
$email_owner .= $aLang['owner_email_owner'] . ' ' . $owner . "\n";
}
if (ACCOUNT_VAT_ID == 'true') {
$email_owner .= $aLang['entry_vat_id'] . ' ' . $vat_id . "\n";
}
}
if (ACCOUNT_GENDER == 'true') {
if ($gender == 'm') {
$email_owner .= $aLang['entry_gender'] . ' ' . $aLang['male'] . "\n";
} else {
$email_owner .= $aLang['entry_gender'] . ' ' . $aLang['female'] . "\n";
}
}
$email_owner .= $aLang['owner_email_first_name'] . ' ' . $firstname . "\n" .
$aLang['owner_email_last_name'] . ' ' . $lastname . "\n\n" .
$aLang['owner_email_street'] . ' ' . $street_address . "\n" .
$aLang['owner_email_post_code'] . ' ' . $postcode . "\n" .
$aLang['owner_email_city'] . ' ' . $city . "\n" .
$aLang['email_separator'] . "\n\n" .
$aLang['owner_email_contact'] . "\n" .
$aLang['owner_email_telephone_number'] . ' ' . $telephone . "\n" .
$aLang['owner_email_address'] . ' ' . $email_address . "\n" .
$aLang['email_separator'] . "\n\n" .
$aLang['owner_email_options'] . "\n";
oos_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $aLang['owner_email_subject'], nl2br($email_owner), $name, $email_address, '1');
}
if (NEWSLETTER == 'true') {
if ( isset($newsletter) && ($newsletter == 'yes') ) {
oos_newsletter_subscribe_mail($email_address);
}
}
if (count($_SESSION['navigation']->snapshot) > 0) {
$origin_href = oos_href_link($_SESSION['navigation']->snapshot['content'], $_SESSION['navigation']->snapshot['get']);
$_SESSION['navigation']->clear_snapshot();
oos_redirect($origin_href);
}
oos_redirect(oos_href_link($aContents['create_account_success']));
}
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['create_account']));
$sCanonical = oos_href_link($aContents['create_account'], '', FALSE, TRUE);
$snapshot = count($_SESSION['navigation']->snapshot);
if (isset($_GET['email_address'])) {
$email_address = oos_db_prepare_input($_GET['email_address']);
}
$account['entry_country_id'] = STORE_COUNTRY;
$aTemplate['page'] = $sTheme . '/page/create_account.html';
$nPageType = OOS_PAGE_TYPE_ACCOUNT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
if ($oMessage->size('create_account') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('create_account') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,follow,noodp,noydir',
'canonical' => $sCanonical
)
);
$smarty->assign('account', $account);
$smarty->assign('email_address', $email_address);
$smarty->assign('snapshot', $snapshot);
$smarty->assign('login_orgin_text', sprintf($aLang['text_origin_login'], oos_href_link($aContents['login'], '')));
$smarty->assign('login_agree', sprintf($aLang['agree'], oos_href_link($aContents['information'], 'information_id=2'), oos_href_link($aContents['information'], 'information_id=4')));
// display the template
$smarty->display($aTemplate['page']);

69
msd2/myoos/includes/content/create_account_success.php Normal file
View File

@ -0,0 +1,69 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: create_account_success.php,v 1.29 2003/02/13 02:27:56 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
oos_redirect(oos_href_link($aContents['login']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/create_account_success.php';
$oBreadcrumb->add($aLang['navbar_title_1']);
$oBreadcrumb->add($aLang['navbar_title_2']);
if (count($_SESSION['navigation']->snapshot) > 0) {
$origin_href = oos_href_link($_SESSION['navigation']->snapshot['content'], $_SESSION['navigation']->snapshot['get']);
$_SESSION['navigation']->clear_snapshot();
} else {
$origin_href = oos_href_link($aContents['home']);
}
$aTemplate['page'] = $sTheme . '/page/create_account_success.html';
$nPageType = OOS_PAGE_TYPE_ACCOUNT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
$smarty->assign('thank_you', sprintf($aLang['text_main'], oos_href_link($aContents['contact_us']), oos_href_link($aContents['contact_us'])));
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,follow,noodp,noydir',
'origin_href' => $origin_href
)
);
// display the template
$smarty->display($aTemplate['page']);

141
msd2/myoos/includes/content/download.php Normal file
View File

@ -0,0 +1,141 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: download.php,v 1.9 2003/02/13 03:01:48 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (!isset($_SESSION['customer_id'])) die;
// Check download.php was called with proper GET parameters
if ((isset($_GET['order']) && !is_numeric($_GET['order'])) || (isset($_GET['id']) && !is_numeric($_GET['id'])) ) {
die;
}
/**
* Returns a random name, 16 to 20 characters long
* There are more than 10^28 combinations
* The directory is "hidden", i.e. starts with '.'
*
* @return string
*/
function oos_random_name() {
$letters = 'abcdefghijklmnopqrstuvwxyz';
$dirname = '.';
$length = floor(oos_rand(16,20));
for ($i = 1; $i <= $length; $i++) {
$q = floor(oos_rand(1,26));
$dirname .= $letters[$q];
}
return $dirname;
}
/**
* Unlinks all subdirectories and files in $dir
* Works only on one subdir level, will not recurse
*/
function oos_unlink_temp_dir($dir) {
$h1 = opendir($dir);
while ($subdir = readdir($h1)) {
// Ignore non directories
if (!is_dir($dir . $subdir)) continue;
// Ignore . and .. and CVS
if ($subdir == '.' || $subdir == '..' || $subdir == 'CVS') continue;
// Loop and unlink files in subdirectory
$h2 = opendir($dir . $subdir);
while ($file = readdir($h2)) {
if ($file == '.' || $file == '..') continue;
@unlink($dir . $subdir . '/' . $file);
}
closedir($h2);
@rmdir($dir . $subdir);
}
closedir($h1);
}
// Check that order_id, customer_id and filename match
$sql = "SELECT date_format(o.date_purchased, '%Y-%m-%d') AS date_purchased_day,
opd.download_maxdays, opd.download_count, opd.download_maxdays,
opd.orders_products_filename
FROM " . $oostable['orders'] . " o,
" . $oostable['orders_products'] . " op,
" . $oostable['orders_products_download'] . " opd
WHERE o.customers_id = '" . intval($_SESSION['customer_id']) . "'
AND o.orders_id = '" . intval($_GET['order']) . "'
AND o.orders_id = op.orders_id
AND op.orders_products_id = opd.orders_products_id
AND opd.orders_products_download_id = '" . intval($_GET['id']) . "'
AND opd.orders_products_filename != ''";
$downloads_result = $dbconn->Execute($sql);
if (!$downloads_result->RecordCount()) die;
$downloads = $downloads_result->fields;
// MySQL 3.22 does not have INTERVAL
list($dt_year, $dt_month, $dt_day) = explode('-', $downloads['date_purchased_day']);
$download_timestamp = mktime(23, 59, 59, $dt_month, $dt_day + $downloads['download_maxdays'], $dt_year);
// Die if time expired (maxdays = 0 means no time limit)
if (($downloads['download_maxdays'] != 0) && ($download_timestamp <= time())) die;
// Die if remaining count is <=0
if ($downloads['download_count'] <= 0) die;
// Die if file is not there
if (!file_exists(OOS_DOWNLOAD_PATH . $downloads['orders_products_filename'])) die;
// Now decrement counter
$dbconn->Execute("UPDATE " . $oostable['orders_products_download'] . "
SET download_count = download_count-1
WHERE orders_products_download_id = '" . intval($_GET['id']) . "'");
// Now send the file with header() magic
header("Expires: Mon, 26 Nov 1962 00:00:00 GMT");
header("Last-Modified: " . gmdate("D,d M Y H:i:s") . " GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
header("Content-Type: Application/octet-stream");
header("Content-disposition: attachment; filename=" . $downloads['orders_products_filename']);
if (DOWNLOAD_BY_REDIRECT == 'true') {
// This will work only on Unix/Linux hosts
oos_unlink_temp_dir(OOS_DOWNLOAD_PATH_PUBLIC);
$tempdir = oos_random_name();
umask(0000);
mkdir(OOS_DOWNLOAD_PATH_PUBLIC . $tempdir, 0777);
symlink(OOS_DOWNLOAD_PATH . $downloads['orders_products_filename'], OOS_DOWNLOAD_PATH_PUBLIC . $tempdir . '/' . $downloads['orders_products_filename']);
oos_redirect(OOS_DOWNLOAD . $tempdir . '/' . $downloads['orders_products_filename']);
} else {
// This will work on all systems, but will need considerable resources
// We could also loop with fread($fp, 4096) to save memory
readfile(OOS_DOWNLOAD_PATH . $downloads['orders_products_filename']);
}

49
msd2/myoos/includes/content/error403.php Normal file
View File

@ -0,0 +1,49 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
http_response_code(403);
include_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/403.php';
$aTemplate['page'] = $sTheme . '/page/403.html';
$nPageType = OOS_PAGE_TYPE_SERVICE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title']);
$sCanonical = oos_href_link($aContents['403'], '', FALSE, TRUE);
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'canonical' => $sCanonical
)
);
// display the template
$smarty->display($aTemplate['page']);

51
msd2/myoos/includes/content/error404.php Normal file
View File

@ -0,0 +1,51 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
http_response_code(404);
include_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/404.php';
$aTemplate['page'] = $sTheme . '/page/404.html';
$nPageType = OOS_PAGE_TYPE_SERVICE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title']);
$sCanonical = oos_href_link($aContents['404'], '', FALSE, TRUE);
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'canonical' => $sCanonical
)
);
// display the template
$smarty->display($aTemplate['page']);

57
msd2/myoos/includes/content/gv_faq.php Normal file
View File

@ -0,0 +1,57 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: gv_faq.php,v 1.2 2003/02/17 23:53:04 wilt
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2002 - 2003 osCommerce
Gift Voucher System v1.0
Copyright (c) 2001, 2002 Ian C Wilson
http://www.phesis.org
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/gv_faq.php';
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title']);
$oBreadcrumb->add($information['navbar_title'], oos_href_link($aContents['gv_faq']));
$sCanonical = oos_href_link($aContents['gv_faq'], '', FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/info.html';
$nPageType = OOS_PAGE_TYPE_MAINPAGE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'canonical' => $sCanonical
)
);
// display the template
$smarty->display($aTemplate['page']);

132
msd2/myoos/includes/content/gv_redeem.php Normal file
View File

@ -0,0 +1,132 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: gv_redeem.php,v 1.3.2.1 2003/04/18 15:52:40 wilt
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2002 - 2003 osCommerce
Gift Voucher System v1.0
Copyright (c) 2001, 2002 Ian C Wilson
http://www.phesis.org
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/gv_redeem.php';
$bError = TRUE;
// check for a voucher number in the url
if ( (isset($_GET['gv_no']) && !empty($_GET['gv_no'])) ) {
$gv_no = oos_prepare_input($_GET['gv_no']);
if ( empty( $gv_no ) || !is_string( $gv_no ) ) {
oos_redirect(oos_href_link($aContents['403']));
}
$couponstable = $oostable['coupons'];
$coupon_email_tracktable = $oostable['coupon_email_track'];
$sql = "SELECT c.coupon_id, c.coupon_amount
FROM $couponstable c,
$coupon_email_tracktable et
WHERE coupon_code = '" . oos_db_input($gv_no) . "'
AND c.coupon_id = et.coupon_id";
$gv_result = $dbconn->Execute($sql);
if ($gv_result->RecordCount() >0) {
$coupon = $gv_result->fields;
$coupon_redeem_tracktable = $oostable['coupon_redeem_track'];
$sql = "SELECT coupon_id
FROM $coupon_redeem_tracktable
WHERE coupon_id = '" . oos_db_input($coupon['coupon_id']) . "'";
$redeem_result = $dbconn->Execute($sql);
if ($redeem_result->RecordCount() == 0 ) {
$bError = FALSE;
}
}
} else {
oos_redirect(oos_href_link($aContents['home']));
}
if ( (!$bError) && (isset($_SESSION['customer_id'])) ) {
// Update redeem status
$remote_addr = oos_server_get_remote();
$coupon_redeem_tracktable = $oostable['coupon_redeem_track'];
$gv_result = $dbconn->Execute("INSERT INTO $coupon_redeem_tracktable
(coupon_id,
customer_id,
redeem_date,
redeem_ip) VALUES ('" . $coupon['coupon_id'] . "',
'" . intval($_SESSION['customer_id']) . "',
now(),
'" . oos_db_input($remote_addr) . "')");
$couponstable = $oostable['coupons'];
$gv_update = $dbconn->Execute("UPDATE $couponstable
SET coupon_active = 'N'
WHERE coupon_id = '" . $coupon['coupon_id'] . "'");
oos_gv_account_update($_SESSION['customer_id'], $coupon['coupon_id']);
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title']);
// if we get here then either the url gv_no was not set or it was invalid
// so output a message.
$sTextGiftVoucher = sprintf($aLang['text_valid_gv'], $oCurrencies->format($coupon['coupon_amount']));
if ($bError) {
$sTextGiftVoucher = sprintf($aLang['text_invalid_gv'], oos_href_link($aContents['contact_us']));
}
$aTemplate['page'] = $sTheme . '/page/redeem.html';
$nPageType = OOS_PAGE_TYPE_MAINPAGE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
$smarty->assign('text_information', sprintf($aLang['text_information'], oos_href_link($aContents['gv_faq'])));
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'text_gift_voucher' => $sTextGiftVoucher
)
);
$smarty->display($aTemplate['page']);

96
msd2/myoos/includes/content/home.php Normal file
View File

@ -0,0 +1,96 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: default.php,v 1.2 2003/01/09 09:40:07 elarifr
orig: default.php,v 1.81 2003/02/13 04:23:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/home.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_default.php';
// default
$sCanonical = OOS_HTTPS_SERVER . OOS_SHOP;
$aTemplate['page'] = $sTheme . '/page/home.html';
if ($oEvent->installed_plugin('featured')) $aTemplate['featured'] = $sTheme . '/products/_featured.html';
if ($oEvent->installed_plugin('spezials')) $aTemplate['spezials'] = $sTheme . '/products/_spezials.html';
if ($oEvent->installed_plugin('manufacturers')) $aTemplate['mod_manufacturers'] = $sTheme . '/modules/manufacturers.html';
$aTemplate['new_products'] = $sTheme . '/products/_new_products.html';
$aTemplate['upcoming_products'] = $sTheme . '/page/products/upcoming_products.html';
$nPageType = OOS_PAGE_TYPE_MAINPAGE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'home_active' => 1,
'canonical' => $sCanonical
)
);
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
if ($oEvent->installed_plugin('featured')) {
if (!$smarty->isCached($aTemplate['featured'], $sModulesCacheID)) {
require_once MYOOS_INCLUDE_PATH . '/includes/modules/featured.php';
}
$smarty->assign('featured', $smarty->fetch($aTemplate['featured'], $sModulesCacheID));
}
if ($oEvent->installed_plugin('spezials')) {
if (!$smarty->isCached($aTemplate['spezials'], $sModulesCacheID)) {
require_once MYOOS_INCLUDE_PATH . '/includes/modules/spezials.php';
}
$smarty->assign('spezials', $smarty->fetch($aTemplate['spezials'], $sModulesCacheID));
}
if (!$smarty->isCached($aTemplate['new_products'], $sModulesCacheID)) {
require_once MYOOS_INCLUDE_PATH . '/includes/modules/new_products.php';
}
$smarty->assign('new_products', $smarty->fetch($aTemplate['new_products'], $sModulesCacheID));
if ($oEvent->installed_plugin('manufacturers')) {
if (!$smarty->isCached($aTemplate['mod_manufacturers'], $sModulesCacheID)) {
require_once MYOOS_INCLUDE_PATH . '/includes/modules/mod_manufacturers.php';
}
$smarty->assign('mod_manufacturers', $smarty->fetch($aTemplate['mod_manufacturers'], $sModulesCacheID));
}
if (!$smarty->isCached($aTemplate['upcoming_products'], $sModulesCacheID)) {
require_once MYOOS_INCLUDE_PATH . '/includes/modules/upcoming_products.php';
}
$smarty->assign('upcoming_products', $smarty->fetch($aTemplate['upcoming_products'], $sModulesCacheID));
// display the template
$smarty->display($aTemplate['page']);

56
msd2/myoos/includes/content/info_down_for_maintenance.php Normal file
View File

@ -0,0 +1,56 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
WebMakers.com Added: Down for Maintenance No Store
Written by Linda McGrath osCOMMERCE@WebMakers.com
http://www.thewebmakerscorner.com
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (!$oEvent->installed_plugin('down_for_maintenance')) {
oos_redirect(oos_href_link($aContents['home']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/info_down_for_maintenance.php';
$aTemplate['page'] = $sTheme . '/page/coming-soon.html';
$nPageType = OOS_PAGE_TYPE_MAINPAGE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['info_down_for_maintenance']));
$sCanonical = oos_href_link($aContents['info_down_for_maintenance'], '', FALSE, TRUE);
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'canonical' => $sCanonical
)
);
// display the template
$smarty->display($aTemplate['page']);

62
msd2/myoos/includes/content/info_max_order.php Normal file
View File

@ -0,0 +1,62 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: max_order.php v1.00 2003/04/27 JOHNSON
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2001 - 2003 osCommerce
Max Order - 2003/04/27 JOHNSON - Copyright (c) 2003 Matti Ressler - mattifinn@optusnet.com.au
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// if the customer is not logged on, redirect them to the home page
if (!isset($_SESSION['customer_id'])) {
oos_redirect(oos_href_link($aContents['home']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/info_max_order.php';
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title']);
$sCanonical = oos_href_link($aContents['info_max_order'], '', FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/info.html';
$nPageType = OOS_PAGE_TYPE_MAINPAGE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir',
'canonical' => $sCanonical
)
);
// display the template
$smarty->display($aTemplate['page']);

74
msd2/myoos/includes/content/information.php Normal file
View File

@ -0,0 +1,74 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: shipping.php,v 1.21 2003/02/13 04:23:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
$aTemplate['page'] = $sTheme . '/page/information.html';
$nPageType = OOS_PAGE_TYPE_MAINPAGE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
$nInformationsID = isset($_GET[information_id]) ? $_GET[information_id]+0 : 1;
$sGroup = trim($aUser['text']);
$nContentCacheID = $sTheme . '|info|' . $sGroup . '|information|' . $nInformationsID . '|' . $sLanguage;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
if (!$smarty->isCached($aTemplate['page'], $nContentCacheID)) {
$informationtable = $oostable['information'];
$information_descriptiontable = $oostable['information_description'];
$sql = "SELECT i.information_id, id.information_name,
id.information_description, id.information_heading_title
FROM $informationtable i,
$information_descriptiontable id
WHERE i.information_id = '" . intval($nInformationsID) . "'
AND id.information_id = i.information_id
AND id.information_languages_id = '" . intval($nLanguageID) . "'";
$information = $dbconn->GetRow($sql);
// links breadcrumb
$oBreadcrumb->add($information['information_heading_title'], oos_href_link($aContents['information'], 'information_id=' . intval($nInformationsID)));
$sCanonical = oos_href_link($aContents['information'], 'information_id=' . intval($nInformationsID), FALSE, TRUE);
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $information['information_heading_title'],
'canonical' => $sCanonical,
'informations' => $information,
'get_params' => 'information_id=' . intval($nInformationsID)
)
);
}
// display the template
$smarty->display($aTemplate['page']);

174
msd2/myoos/includes/content/login.php Normal file
View File

@ -0,0 +1,174 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: login.php,v 1.75 2003/02/13 03:01:49 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
Max Order - 2003/04/27 JOHNSON - Copyright (c) 2003 Matti Ressler - mattifinn@optusnet.com.au
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
$bError = FALSE;
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['user'])) {
$_SESSION['user'] = new oosUser();
$_SESSION['user']->anonymous();
}
// require the password crypto functions
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_password.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/user_login.php';
if ( isset($_POST['action']) && ($_POST['action'] == 'process') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
$email_address = oos_prepare_input($_POST['email_address']);
$password = oos_prepare_input($_POST['password']);
if ( empty( $email_address ) || !is_string( $email_address ) ) {
$_SESSION['error_message'] = $aLang['text_login_error'];
oos_redirect(oos_href_link($aContents['login']));
}
if ( empty( $password ) || !is_string( $password ) ) {
$_SESSION['error_message'] = $aLang['text_login_error'];
oos_redirect(oos_href_link($aContents['login']));
}
/* Check if it is ok to login */
if (!isset($_SESSION['password_forgotten_count'])) {
$_SESSION['login_count'] = 1;
} else {
$_SESSION['login_count'] ++;
}
if ( $_SESSION['login_count'] > 3) {
oos_redirect(oos_href_link($aContents['403']));
}
// Check if email exists
$customerstable = $oostable['customers'];
$sql = "SELECT customers_id, customers_gender, customers_firstname, customers_lastname,
customers_password, customers_wishlist_link_id, customers_language,
customers_email_address, customers_default_address_id, customers_max_order
FROM $customerstable
WHERE customers_login = '1'
AND customers_email_address = '" . oos_db_input($email_address) . "'";
$check_customer_result = $dbconn->Execute($sql);
if (!$check_customer_result->RecordCount()) {
$bError = TRUE;
} else {
$check_customer = $check_customer_result->fields;
// Check that password is good
if (!oos_validate_password($password, $check_customer['customers_password'])) {
$bError = TRUE;
} else {
$address_booktable = $oostable['address_book'];
$sql = "SELECT entry_vat_id, entry_vat_id_status, entry_country_id, entry_zone_id
FROM $address_booktable
WHERE customers_id = '" . intval($check_customer['customers_id']) . "'
AND address_book_id = '" . intval($check_customer['customers_default_address_id']) . "'";
$check_country = $dbconn->GetRow($sql);
if ($check_customer['customers_language'] == '') {
$customerstable = $oostable['customers'];
$dbconn->Execute("UPDATE $customerstable
SET customers_language = '" . oos_db_input($sLanguage) . "'
WHERE customers_id = '" . intval($check_customer['customers_id']) . "'");
}
$_SESSION['login_count'] = 1;
$_SESSION['customer_wishlist_link_id'] = $check_customer['customers_wishlist_link_id'];
$_SESSION['customer_id'] = $check_customer['customers_id'];
$_SESSION['customer_default_address_id'] = $check_customer['customers_default_address_id'];
if (ACCOUNT_GENDER == 'true') $_SESSION['customer_gender'] = $check_customer['customers_gender'];
$_SESSION['customer_first_name'] = $check_customer['customers_firstname'];
$_SESSION['customer_lastname'] = $check_customer['customers_lastname'];
$_SESSION['customer_max_order'] = $check_customer['customers_max_order'];
$_SESSION['customer_country_id'] = $check_country['entry_country_id'];
$_SESSION['customer_zone_id'] = $check_country['entry_zone_id'];
if (ACCOUNT_VAT_ID == 'true') $_SESSION['customers_vat_id_status'] = $check_country['entry_vat_id_status'];
$_SESSION['user']->restore_group();
$aUser = $_SESSION['user']->group;
$customers_infotable = $oostable['customers_info'];
$dbconn->Execute("UPDATE $customers_infotable
SET customers_info_date_of_last_logon = now(),
customers_info_number_of_logons = customers_info_number_of_logons+1
WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'");
// restore cart contents
$_SESSION['cart']->restore_contents();
if (count($_SESSION['navigation']->snapshot) > 0) {
$origin_href = oos_href_link($_SESSION['navigation']->snapshot['content'], $_SESSION['navigation']->snapshot['get']);
$_SESSION['navigation']->clear_snapshot();
oos_redirect($origin_href);
} else {
oos_redirect(oos_href_link($aContents['account']));
}
}
}
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['login']));
$sCanonical = oos_href_link($aContents['login'], '', FALSE, TRUE);
if (isset($bError) && ($bError == TRUE)) {
$sErrorMessage = $aLang['text_login_error'];
}
$aTemplate['page'] = $sTheme . '/page/user_login.html';
$nPageType = OOS_PAGE_TYPE_SERVICE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
if ($oMessage->size('login') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('login') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['navbar_title'],
'robots' => 'noindex,follow,noodp,noydir',
'login_active' => 1,
'canonical' => $sCanonical
)
);
// display the template
$smarty->display($aTemplate['page']);

84
msd2/myoos/includes/content/logoff.php Normal file
View File

@ -0,0 +1,84 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: logoff.php,v 1.1.2.2 2003/05/13 23:20:53 wilt Exp $
orig: logoff.php,v 1.12 2003/02/13 03:01:51 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
// if the customer is not logged on, redirect them to the login page
if (!isset($_SESSION['customer_id'])) {
oos_redirect(oos_href_link($aContents['home']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/user_logoff.php';
unset($_SESSION['customer_id']);
unset($_SESSION['customer_wishlist_link_id']);
unset($_SESSION['customer_default_address_id']);
unset($_SESSION['customer_gender']);
unset($_SESSION['customer_first_name']);
unset($_SESSION['customer_lastname']);
unset($_SESSION['customer_country_id']);
unset($_SESSION['customer_zone_id']);
unset($_SESSION['comments']);
unset($_SESSION['customer_max_order']);
unset($_SESSION['gv_id']);
unset($_SESSION['cc_id']);
unset($_SESSION['man_key']);
if (ACCOUNT_VAT_ID == 'true') {
$_SESSION['customers_vat_id_status'] = 0;
}
$_SESSION['cart']->reset();
$_SESSION['user']->anonymous();
$aUser = $oUser->group;
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title']);
$sCanonical = oos_href_link($aContents['logoff'], '', FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/user_logoff.html';
$nPageType = OOS_PAGE_TYPE_MAINPAGE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,follow,noodp,noydir',
'login_active' => 1,
'canonical' => $sCanonical
)
);
// display the template
$smarty->display($aTemplate['page']);

102
msd2/myoos/includes/content/newsletter.php Normal file
View File

@ -0,0 +1,102 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
Newsletter Module
P&G developmment
Contribution based on:
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2002 - 2003 osCommerce
Copyright (c) 2000,2001 The Exchange Project
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
if(!defined('OOS_VALID_MOD'))die('Direct Access to this location is not allowed.');
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/newsletter.php';
// require the password crypto functions
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_password.php';
if ( isset($_GET['subscribe']) && ($_GET['subscribe'] == 'confirm') ) {
$sU = oos_prepare_input($_GET['u']);
$sID = oos_prepare_input($_GET['id']);
$sE = oos_prepare_input($_GET['e']);
if ( empty( $sU ) || !is_string( $sU ) ) {
oos_redirect(oos_href_link($aContents['403']));
}
if ( empty( $sID ) || !is_string( $sID ) ) {
oos_redirect(oos_href_link($aContents['403']));
}
if ( empty( $sE ) || !is_string( $sE ) ) {
oos_redirect(oos_href_link($aContents['403']));
}
$sSha1 = sha1($sID);
if ( $sSha1 != $sU ) {
oos_redirect(oos_href_link($aContents['403']));
}
$pos = strpos ($sID, "f00d");
if ($pos === FALSE) {
oos_redirect(oos_href_link($aContents['403']));
} else {
$sID = substr($sID, 4, -4);
}
$newsletter_recipients = $oostable['newsletter_recipients'];
$sql = "UPDATE $newsletter_recipients
SET date_added = now(),
status = '1'
WHERE recipients_id = '" . intval($sID) . "'
AND mail_key = '" . oos_db_input($sE) . "'";
$dbconn->Execute($sql);
$newsletter_recipients_history = $oostable['newsletter_recipients_history'];
$dbconn->Execute("INSERT INTO $newsletter_recipients_history
(recipients_id,
new_value,
date_added) VALUES ('" . intval($sID) . "',
'1',
now())");
oos_redirect(oos_href_link($aContents['newsletter'], 'subscribe=success'));
}
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['newsletter']));
$sCanonical = oos_href_link($aContents['newsletter'], '', FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/newsletter.html';
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
$nPageType = OOS_PAGE_TYPE_SERVICE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['navbar_title'],
'canonical' => $sCanonical
)
);
// display the template
$smarty->display($aTemplate['page']);

147
msd2/myoos/includes/content/password_forgotten.php Normal file
View File

@ -0,0 +1,147 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: password_forgotten.php,v 1.48 2003/02/13 03:10:55 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// require the password crypto functions
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_password.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/user_password_forgotten.php';
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if ( isset($_POST['action']) && ($_POST['action'] == 'process') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
$email_address = oos_prepare_input($_POST['email_address']);
if ( empty( $email_address ) || !is_string( $email_address ) ) {
$_SESSION['error_message'] = $aLang['text_no_email_address_found'];
oos_redirect(oos_href_link($aContents['password_forgotten']));
}
if (!isset($_SESSION['password_forgotten_count'])) {
$_SESSION['password_forgotten_count'] = 1;
} else {
$_SESSION['password_forgotten_count'] ++;
}
if ( $_SESSION['password_forgotten_count'] > 3) {
oos_redirect(oos_href_link($aContents['403']));
}
$customerstable = $oostable['customers'];
$check_customer_sql = "SELECT customers_gender, customers_firstname, customers_lastname, customers_password, customers_id
FROM $customerstable
WHERE customers_email_address = '" . oos_db_input($email_address) . "'";
$check_customer_result = $dbconn->Execute($check_customer_sql);
if ($check_customer_result->RecordCount()) {
// Crypted password mods - create a new password, update the database and mail it to them
$newpass = oos_create_random_value(ENTRY_PASSWORD_MIN_LENGTH);
$crypted_password = oos_encrypt_password($newpass);
$customerstable = $oostable['customers'];
$dbconn->Execute("UPDATE $customerstable
SET customers_password = '" . oos_db_input($crypted_password) . "'
WHERE customers_id = '" . $check_customer['customers_id'] . "'");
$customers_name = $check_customer['customers_firstname'] . '. ' . $check_customer['customers_lastname'];
switch ($check_customer['customers_gender']) {
case 'm':
$sGreet = sprintf ($aLang['email_greet_mr'], $customers_name);
break;
case 'f':
$sGreet = sprintf ($aLang['email_greet_ms'], $customers_name);
break;
default:
$sGreet = $aLang['email_greet_none'];
}
//smarty
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_template.php';
$smarty = new myOOS_Smarty();
// dont allow cache
$smarty->caching = FALSE;
$smarty->assign(
array(
'shop_name' => STORE_NAME,
'shop_url' => OOS_HTTPS_SERVER . OOS_SHOP,
'shop_logo' => STORE_LOGO,
'services_url' => COMMUNITY,
'blog_url' => BLOG_URL,
'imprint_url' => oos_href_link($aContents['information'], 'information_id=1', FALSE, TRUE),
'login_url' => oos_href_link($aContents['login'], '', FALSE, TRUE),
'greet' => $sGreet,
'password' => $newpass
)
);
// create mails
$email_html = $smarty->fetch($sTheme . '/email/' . $sLanguage . '/password_forgotten.html');
$email_txt = $smarty->fetch($sTheme . '/email/' . $sLanguage . '/password_forgotten.tpl');
oos_mail($check_customer['customers_firstname'] . " " . $check_customer['customers_lastname'], $email_address, $aLang['email_password_reminder_subject'], $email_txt, $email_html, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
$_SESSION['password_forgotten_count'] = 1;
$_SESSION['success_message'] = $aLang['text_password_sent'];
oos_redirect(oos_href_link($aContents['login']));
} else {
$_SESSION['error_message'] = $aLang['text_no_email_address_found'];
oos_redirect(oos_href_link($aContents['password_forgotten']));
}
} else {
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['login']));
$oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['password_forgotten']));
$sCanonical = oos_href_link($aContents['password_forgotten'], '', FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/user_password_forgotten.html';
$nPageType = OOS_PAGE_TYPE_SERVICE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,follow,noodp,noydir',
'canonical' => $sCanonical
)
);
// display the template
$smarty->display($aTemplate['page']);
}

151
msd2/myoos/includes/content/popup_coupon_help.php Normal file
View File

@ -0,0 +1,151 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: popup_coupon_help.php,v 1.1.2.5 2003/05/02 01:43:29 wilt
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/gv_popup_coupon_help.php';
$text_coupon_help = $aLang['text_coupon_help_header'];
if (isset($_GET['cID'])) {
$cid = intval($_GET['cID']);
$couponstable = $oostable['coupons'];
$sql = "SELECT coupon_amount, coupon_type, coupon_amount, coupon_minimum_order,
coupon_start_date, coupon_expire_date
FROM $couponstable
WHERE coupon_id = '" . oos_db_input($cid) . "'";
$coupon_result = $dbconn->Execute($sql);
$coupon = $coupon_result->fields;
$coupons_descriptiontable = $oostable['coupons_description'];
$sql = "SELECT coupon_name, coupon_description
FROM " . $coupons_descriptiontable . "
WHERE coupon_id = '" . oos_db_input($cid) . "'
AND coupon_languages_id = '" . intval($nLanguageID) . "'";
$coupon_desc_result = $dbconn->Execute($sql);
$coupon_desc = $coupon_desc_result->fields;
$text_coupon_help .= sprintf($aLang['text_coupon_help_name'], $coupon_desc['coupon_name']);
if (oos_is_not_null($coupon_desc['coupon_description'])) $text_coupon_help .= sprintf($aLang['text_coupon_help_desc'], $coupon_desc['coupon_description']);
$coupon_amount = $coupon['coupon_amount'];
switch ($coupon['coupon_type']) {
case 'F':
$text_coupon_help .= sprintf($aLang['text_coupon_help_fixed'], $oCurrencies->format($coupon['coupon_amount']));
break;
case 'P':
$text_coupon_help .= sprintf($aLang['text_coupon_help_fixed'], number_format($coupon['coupon_amount'],2). '%');
break;
case 'S':
$text_coupon_help .= $aLang['text_coupon_help_freeship'];
break;
default:
}
if ($coupon['coupon_minimum_order'] > 0 ) $text_coupon_help .= sprintf($aLang['text_coupon_help_minorder'], $oCurrencies->format($coupon['coupon_minimum_order']));
$text_coupon_help .= sprintf($aLang['text_coupon_help_date'], oos_date_short($coupon['coupon_start_date']),oos_date_short($coupon['coupon_expire_date']));
$text_coupon_help .= '<strong>' . $aLang['text_coupon_help_restrict'] . '</strong>';
$text_coupon_help .= '<br /><br />' . $aLang['text_coupon_help_categories'];
$couponstable = $oostable['coupons'];
$sql = "SELECT restrict_to_categories
FROM $couponstable
WHERE coupon_id = '" . oos_db_input($cid) . "'";
$coupon_get = $dbconn->Execute($sql);
$get_result = $coupon_get->fields;
$cat_ids = explode("[,]", $get_result['restrict_to_categories']);
for ($i = 0; $i < count($cat_ids); $i++) {
$categoriestable = $oostable['categories'];
$categories_descriptiontable = $oostable['categories_description'];
$sql = "SELECT c.categories_id, c.categories_status, cd.categories_name
FROM $categoriestable c,
$categories_descriptiontable cd
WHERE c.categories_status = '2'
AND c.categories_id = cd.categories_id
AND cd.categories_languages_id = '" . intval($nLanguageID) . "'
AND cd.categories_id = '" . oos_db_input($cat_ids[$i]) . "'";
$result = $dbconn->Execute($sql);
if ($row = $result->fields) {
$cats .= '<br />' . $row["categories_name"];
}
}
if ($cats == '') $cats = '<br />NONE';
$text_coupon_help .= $cats;
$text_coupon_help .= '<br /><br />' . $aLang['text_coupon_help_products'];
$couponstable = $oostable['coupons'];
$sql = "SELECT restrict_to_products
FROM $couponstable
WHERE coupon_id='" . oos_db_input($cid) . "'";
$coupon_get = $dbconn->Execute($sql);
$get_result = $coupon_get->fields;
$pr_ids = explode("[,]", $get_result['restrict_to_products']);
for ($i = 0; $i < count($pr_ids); $i++) {
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$sql = "SELECT p.products_id, p.products_status, pd.products_name
FROM $productstable p,
$products_descriptiontable pd
WHERE p.products_setting = '2'
AND p.products_id = '" . oos_db_input($pr_ids[$i]) . "'
AND pd.products_id = p.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'";
$result = $dbconn->Execute($sql);
if ($row = $result->fields) {
$prods .= '<br />' . $row["products_name"];
}
}
if ($prods=='') $prods = '<br />NONE';
$text_coupon_help .= $prods;
} else {
$cid = 0;
}
$aTemplate['popup_help'] = $sTheme . '/system/popup_help.html';
//smarty
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_template.php';
$smarty = new myOOS_Smarty();
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
$cid += 0;
$help_cache_id = $sTheme . '|popup|coupon|' . $cid . '|' . $sLanguage;
if (!$smarty->isCached($aTemplate['popup_help'], $help_cache_id )) {
// assign Smarty variables;
$smarty->assign('oos_base', OOS_HTTPS_SERVER . OOS_SHOP);
$smarty->assign('lang', $aLang);
$smarty->assign('heading_titel', $aLang['heading_coupon_help']);
$smarty->assign('help_text', $text_coupon_help);
$smarty->assign('theme_image', 'themes/' . $sTheme . '/images');
$smarty->assign('theme_css', 'themes/' . $sTheme);
}
// display the template
$smarty->display($aTemplate['popup_help'], $help_cache_id);

298
msd2/myoos/includes/content/product_info.php Normal file
View File

@ -0,0 +1,298 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: product_info.php,v 1.92 2003/02/14 05:51:21 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being required by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (isset($_GET['products_id'])) {
if (!isset($nProductsID)) $nProductsID = oos_get_product_id($_GET['products_id']);
} else {
oos_redirect(oos_href_link($aContents['home']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/products_info.php';
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$product_info_sql = "SELECT p.products_id, pd.products_name, pd.products_title, pd.products_description, pd.products_short_description, pd.products_url,
pd.products_description_meta, p.products_model, p.products_replacement_product_id,
p.products_quantity, p.products_image, p.products_price, p.products_base_price,
p.products_product_quantity, p.products_base_unit, p.products_quantity_order_min,
p.products_quantity_order_max, p.products_quantity_order_units,
p.products_discount1, p.products_discount2, p.products_discount3, p.products_discount4,
p.products_discount1_qty, p.products_discount2_qty, p.products_discount3_qty,
p.products_discount4_qty, p.products_tax_class_id, p.products_units_id, p.products_date_added,
p.products_date_available, p.manufacturers_id, p.products_price_list, p.products_status
FROM $productstable p,
$products_descriptiontable pd
WHERE p.products_setting = '2'
AND p.products_id = '" . intval($nProductsID) . "'
AND pd.products_id = p.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'";
$product_info_result = $dbconn->Execute($product_info_sql);
if (!$product_info_result->RecordCount()) {
// product not found
header('HTTP/1.0 404 Not Found');
$aLang['text_information'] = $aLang['text_product_not_found'];
$aTemplate['page'] = $sTheme . '/page/info.html';
$nPageType = OOS_PAGE_TYPE_MAINPAGE;
$sPagetitle = '404 Not Found ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['products_new']));
$sCanonical = oos_href_link($aContents['product_info'], 'products_id='. $nProductsID, FALSE, TRUE);
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['text_product_not_found'],
'robots' => 'noindex,follow,noodp,noydir',
'canonical' => $sCanonical
)
);
} else {
$products_descriptiontable = $oostable['products_description'];
$query = "UPDATE $products_descriptiontable"
. " SET products_viewed = products_viewed+1"
. " WHERE products_id = ?"
. " AND products_languages_id = ?";
$result = $dbconn->Execute($query, array((int)$nProductsID, (int)$nLanguageID));
$product_info = $product_info_result->fields;
// Meta Tags
$sPagetitle = (empty($product_info['products_title']) ? $product_info['products_name'] : $product_info['products_title']);
$sDescription = $product_info['products_description_meta'];
$aTemplate['page'] = $sTheme . '/page/product_info.html';
$aTemplate['also_purchased_products'] = $sTheme . '/products/_also_purchased_products.html';
$aTemplate['xsell_products'] = $sTheme . '/products/xsell_products.html';
$aTemplate['up_sell_products'] = $sTheme . '/products/up_sell_products.html';
$aTemplate['page_heading'] = $sTheme . '/products/product_heading.html';
$aTemplate['slavery_products'] = $sTheme . '/products/_slavery_product_listing.html';
$aTemplate['slavery_page_navigation'] = $sTheme . '/system/_pagination.htm';
$nPageType = OOS_PAGE_TYPE_PRODUCTS;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// breadcrumb
$oBreadcrumb->add($product_info['products_name']);
$sCanonical = oos_href_link($aContents['product_info'], 'products_id='. $nProductsID, FALSE, TRUE);
// products history
if (isset($_SESSION)) {
$_SESSION['products_history']->add_current_products($nProductsID);
}
$info_product_price = NULL;
$info_product_special_price = NULL;
$info_base_product_price = NULL;
$info_product_price_list = 0;
$schema_product_price = NULL;
$base_product_price = $product_info['products_price'];
$info_product_price = $oCurrencies->display_price($product_info['products_price'], oos_get_tax_rate($product_info['products_tax_class_id']));
$schema_product_price = $oCurrencies->schema_price($product_info['products_price'], oos_get_tax_rate($product_info['products_tax_class_id']), 1, FALSE);
if ($info_special_price = oos_get_products_special_price($product_info['products_id'])) {
$base_product_price = $info_special_price;
$info_product_special_price = $oCurrencies->display_price($info_special_price, oos_get_tax_rate($product_info['products_tax_class_id']));
}
$discounts_price = FALSE;
if ( (oos_empty($info_special_price)) && ( ($product_info['products_discount4_qty'] > 0
|| $product_info['products_discount3_qty'] > 0
|| $product_info['products_discount2_qty'] > 0
|| $product_info['products_discount1_qty'] > 0 )) ) {
if ( ($aUser['show_price'] == 1 ) && ($aUser['qty_discounts'] == 1) ) {
$discounts_price = TRUE;
require_once MYOOS_INCLUDE_PATH . '/includes/modules/discounts_price.php';
if ( $product_info['products_discount4'] > 0 ) {
$price_discount = $product_info['products_discount4'];
} elseif ( $product_info['products_discount3'] > 0 ) {
$price_discount = $product_info['products_discount3'];
} elseif ( $product_info['products_discount2'] > 0 ) {
$price_discount = $product_info['products_discount2'];
} elseif ( $product_info['products_discount1'] > 0 ) {
$price_discount = $product_info['products_discount1'];
}
if (isset($price_discount)) {
$base_product_price = $price_discount;
$smarty->assign('price_discount', $oCurrencies->display_price($price_discount, oos_get_tax_rate($product_info['products_tax_class_id'])));
}
}
}
if ($product_info['products_base_price'] != 1) {
$info_base_product_price = $oCurrencies->display_price($base_product_price * $product_info['products_base_price'], oos_get_tax_rate($product_info['products_tax_class_id']));
}
// assign Smarty variables;
$smarty->assign(
array(
'info_product_price' => $info_product_price,
'schema_product_price' => $schema_product_price,
'info_product_special_price' => $info_product_special_price,
'info_base_product_price' => $info_base_product_price,
'discounts_price' => $discounts_price
)
);
$info_product_price_list = $oCurrencies->display_price($product_info['products_price_list'], oos_get_tax_rate($product_info['products_tax_class_id']));
$smarty->assign('info_product_price_list', $info_product_price_list);
if ($oEvent->installed_plugin('manufacturers')) {
$manufacturerstable = $oostable['manufacturers'];
$manufacturers_infotable = $oostable['manufacturers_info'];
$query = "SELECT m.manufacturers_id, m.manufacturers_name, m.manufacturers_image, mi.manufacturers_url
FROM $manufacturerstable m,
$manufacturers_infotable mi
WHERE m.manufacturers_id = '" . intval($product_info['manufacturers_id']) . "'
AND mi.manufacturers_id = m.manufacturers_id
AND mi.manufacturers_languages_id = '" . intval($nLanguageID) . "'";
$manufacturers_result = $dbconn->Execute($query);
$manufacturers_info = $manufacturers_result->fields;
$smarty->assign('manufacturers_info', $manufacturers_info);
}
if ($oEvent->installed_plugin('reviews')) {
$reviewstable = $oostable['reviews'];
$reviews_sql = "SELECT COUNT(*) AS total FROM $reviewstable WHERE products_id = '" . intval($nProductsID) . "' AND reviews_status = '1'";
$reviews = $dbconn->Execute($reviews_sql);
$reviews_total = $reviews->fields['total'];
$smarty->assign('reviews_total', $reviews_total);
if ($reviews->RecordCount()) {
$reviews_average_result = $dbconn->Execute("SELECT avg(reviews_rating) as average_rating FROM $reviewstable WHERE products_id = '" . intval($nProductsId) . "'");
$reviews_average = $reviews_average_result->fields;
$smarty->assign('average_rating', $reviews_average);
}
}
// more products images
$products_imagestable = $oostable['products_images'];
$products_images_sql = "SELECT image_name, sort_order
FROM $products_imagestable
WHERE products_id = '" . intval($nProductsID) . "'
ORDER BY sort_order";
$products_images_result = $dbconn->Execute($products_images_sql);
if ($products_images_result->RecordCount()) {
$aProductsImages = array();
while ($products_images = $products_images_result->fields) {
$aProductsImages[] = array('image' => $products_images['image_name']);
// Move that ADOdb pointer!
$products_images_result->MoveNext();
}
$smarty->assign('products_images', $aProductsImages);
}
require_once MYOOS_INCLUDE_PATH . '/includes/modules/products_options.php';
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'canonical' => $sCanonical
)
);
if (!isset($block_get_parameters)) {
$block_get_parameters = oos_get_all_get_parameters(array('action'));
$block_get_parameters = oos_remove_trailing($block_get_parameters);
$smarty->assign('get_params', $block_get_parameters);
}
$today = date("Y-m-d H:i:s");
$smarty->assign('today', $today);
$smarty->assign('product_info', $product_info);
$smarty->assign('heading_title', $product_info['products_name']);
$smarty->assign('options', $options);
$smarty->assign('redirect', oos_href_link($aContents['redirect'], 'action=url&amp;goto=' . urlencode($product_info['products_url']), FALSE, FALSE));
$notifications_block = FALSE;
if ($oEvent->installed_plugin('notify')) {
$notifications_block = TRUE;
if (isset($_SESSION['customer_id'])) {
$products_notificationstable = $oostable['products_notifications'];
$query = "SELECT COUNT(*) AS total
FROM $products_notificationstable
WHERE products_id = '" . intval($nProductsID) . "'
AND customers_id = '" . intval($_SESSION['customer_id']) . "'";
$check = $dbconn->Execute($query);
$notification_exists = (($check->fields['total'] > 0) ? TRUE : FALSE);
} else {
$notification_exists = FALSE;
}
$smarty->assign('notification_exists', $notification_exists);
}
$smarty->assign('notifications_block', $notifications_block);
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
if (!$smarty->isCached($aTemplate['slavery_products'], $sProductsInfoCacheID)) {
require_once MYOOS_INCLUDE_PATH . '/includes/modules/slavery_products.php';
}
$smarty->assign('slavery_products', $smarty->fetch($aTemplate['slavery_products'], $sProductsInfoCacheID));
// also purchased products
if (!$smarty->isCached($aTemplate['also_purchased_products'], $sProductsInfoCacheID)) {
require_once MYOOS_INCLUDE_PATH . '/includes/modules/also_purchased_products.php';
$smarty->assign('also_purchased', $aPurchased);
}
$smarty->assign('also_purchased_products', $smarty->fetch($aTemplate['also_purchased_products'], $sProductsInfoCacheID));
$smarty->setCaching(false);
}
// display the template
$smarty->display($aTemplate['page']);

132
msd2/myoos/includes/content/product_notifications.php Normal file
View File

@ -0,0 +1,132 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: product_notifications.php,v 1.7 2003/02/14 05:51:27 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (!$oEvent->installed_plugin('notify')) {
oos_redirect(oos_href_link($aContents['home']));
}
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
oos_redirect(oos_href_link($aContents['login']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/user_product_notifications.php';
if ( isset($_POST['action']) && ($_POST['action'] == 'update_notifications') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
(array)$products = $_POST['products'];
$aRemove = array();
for ($i=0, $n=count($products); $i<$n; $i++) {
if (is_numeric($products[$i])) {
$aRemove[] = $products[$i];
}
}
if (oos_is_not_null($aRemove)) {
$products_notificationstable = $oostable['products_notifications'];
$dbconn->Execute("DELETE FROM $products_notificationstable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "' AND
products_id IN (" . implode(',', $aRemove) . ")");
}
oos_redirect(oos_href_link($aContents['product_notifications']));
} elseif ( isset($_POST['action']) && ($_POST['action'] == 'global_notify') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) ){
if (isset($_POST['global']) && ($_POST['global'] == 'enable')) {
$customers_infotable = $oostable['customers_info'];
$dbconn->Execute("UPDATE $customers_infotable
SET global_product_notifications = '1'
WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'");
} else {
$customers_infotable = $oostable['customers_info'];
$sql = "SELECT COUNT(*) AS total
FROM $customers_infotable
WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'
AND global_product_notifications = '1'";
$check_result = $dbconn->Execute($sql);
if ($check_result->fields['total'] > 0) {
$customers_infotable = $oostable['customers_info'];
$dbconn->Execute("UPDATE $customers_infotable
SET global_product_notifications = '0'
WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'");
}
}
oos_redirect(oos_href_link($aContents['product_notifications']));
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title_1'], oos_href_link($aContents['account']));
$oBreadcrumb->add($aLang['navbar_title_2'], oos_href_link($aContents['product_notifications']));
$aTemplate['page'] = $sTheme . '/page/user_product_notifications.html';
$nPageType = OOS_PAGE_TYPE_ACCOUNT;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,nofollow,noodp,noydir'
)
);
$customers_infotable = $oostable['customers_info'];
$sql = "SELECT global_product_notifications
FROM $customers_infotable
WHERE customers_info_id = '" . intval($_SESSION['customer_id']) . "'";
$global_status_result = $dbconn->Execute($sql);
$global_status = $global_status_result->fields;
$smarty->assign('global_status', $global_status);
$products_descriptionstable = $oostable['products_description'];
$products_notificationstable = $oostable['products_notifications'];
$sql = "SELECT pd.products_id, pd.products_name
FROM $products_descriptionstable pd,
$products_notificationstable pn
WHERE pn.customers_id = '" . intval($_SESSION['customer_id']) . "'
AND pn.products_id = pd.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'
ORDER BY pd.products_name";
$smarty->assign('products_array', $dbconn->GetAll($sql));
// display the template
$smarty->display($aTemplate['page']);

128
msd2/myoos/includes/content/product_reviews.php Normal file
View File

@ -0,0 +1,128 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: product_reviews.php,v 1.47 2003/02/13 03:53:19 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (!$oEvent->installed_plugin('reviews')) {
oos_redirect(oos_href_link($aContents['home']));
}
if (isset($_GET['products_id'])) {
if (!isset($nProductsID)) $nProductsID = oos_get_product_id($_GET['products_id']);
} else {
oos_redirect(oos_href_link($aContents['reviews']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_split_page_results.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/reviews_product.php';
// lets retrieve all $_GET keys and values..
$get_params = oos_get_all_get_parameters(array('reviews_id'));
$get_params = oos_remove_trailing($get_params);
$nPage = isset($_GET[page]) ? $_GET[page]+0 : 1;
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$sql = "SELECT p.products_id, p.products_model, p.products_replacement_product_id, p.products_image, pd.products_name
FROM $productstable p,
$products_descriptiontable pd
WHERE pd.products_languages_id = '" . intval($nLanguageID) . "'
AND p.products_setting = '2'
AND p.products_id = pd.products_id
AND pd.products_id = '" . intval($nProductsID) . "'";
$product_info_result = $dbconn->Execute($sql);
if (!$product_info_result->RecordCount()) {
oos_redirect(oos_href_link($aContents['reviews']));
}
$product_info = $product_info_result->fields;
$reviewstable = $oostable['reviews'];
$reviews_descriptiontable = $oostable['reviews_description'];
$reviews_result_raw = "SELECT r.reviews_id, left(rd.reviews_text, 100) AS reviews_text, r.verified, r.reviews_rating, r.date_added, r.customers_name, r.reviews_read
FROM $reviewstable r,
$reviews_descriptiontable rd
WHERE r.products_id = '" . intval($nProductsID) . "'
AND r.reviews_id = rd.reviews_id
AND rd.reviews_languages_id = '" . intval($nLanguageID) . "'
AND r.reviews_status = 1
ORDER BY r.reviews_id DESC";
$reviews_split = new splitPageResults($reviews_result_raw, MAX_DISPLAY_NEW_REVIEWS);
$reviews_result = $dbconn->Execute($reviews_split->sql_query);
$aReviews = array();
while ($reviews = $reviews_result->fields) {
$aReviews[] = array('rating' => $reviews['reviews_rating'],
'id' => $reviews['reviews_id'],
'reviews_text' => $reviews['reviews_text'],
'customers_name' => $reviews['customers_name'],
'date_added' => oos_date_short($reviews['date_added']),
'read' => $reviews['reviews_read']);
$reviews_result->MoveNext();
}
// add the products model or products_name to the breadcrumb trail
// links breadcrumb
$oBreadcrumb->add($product_info['products_name'], oos_href_link($aContents['product_info'], 'category=' . $sCategory . '&amp;products_id=' . $nProductsID));
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['product_reviews'], $get_params));
$sCanonical = oos_href_link($aContents['product_reviews'], $get_params, FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/product_reviews.html';
$aTemplate['pagination'] = $sTheme . '/system/_pagination.html';
$nPageType = OOS_PAGE_TYPE_REVIEWS;
$sPagetitle = sprintf($aLang['heading_title'], $product_info['products_name']) . ' ' . OOS_META_TITLE;
if ($oMessage->size('reviews') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('reviews') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => sprintf($aLang['heading_title'], $product_info['products_name']),
'canonical' => $sCanonical,
'page_split' => $reviews_split->display_count($aLang['text_display_number_of_reviews']),
'display_links' => $reviews_split->display_links(MAX_DISPLAY_PAGE_LINKS, oos_get_all_get_parameters(array('page', 'info'))),
'numrows' => $reviews_split->number_of_rows,
'numpages' => $reviews_split->number_of_pages,
'reviews' => $aReviews
)
);
$smarty->assign('pagination', $smarty->fetch($aTemplate['pagination']));
// display the template
$smarty->display($aTemplate['page']);

95
msd2/myoos/includes/content/product_reviews_info.php Normal file
View File

@ -0,0 +1,95 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: product_reviews_info.php,v 1.47 2003/02/13 04:23:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (!$oEvent->installed_plugin('reviews')) {
oos_redirect(oos_href_link($aContents['home']));
}
if (!isset($_GET['reviews_id'])) {
oos_redirect(oos_href_link($aContents['reviews']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/reviews_product_info.php';
$reviewstable = $oostable['reviews'];
$productstable = $oostable['products'];
$reviews_descriptiontable = $oostable['reviews_description'];
$products_descriptiontable = $oostable['products_description'];
$sql = "SELECT rd.reviews_headline, rd.reviews_text, r.reviews_rating, r.reviews_id, r.products_id,
r.customers_name, r.verified, r.date_added, r.last_modified, r.reviews_read,
p.products_id, pd.products_name, p.products_model, p.products_replacement_product_id, p.products_image
FROM $reviewstable r,
$reviews_descriptiontable rd,
$productstable p,
$products_descriptiontable pd
WHERE r.reviews_id = '" . intval($_GET['reviews_id']) . "'
AND r.reviews_id = rd.reviews_id
AND rd.reviews_languages_id = '" . intval($nLanguageID) . "'
AND r.products_id = p.products_id
AND p.products_setting = '2'
AND p.products_id = pd.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'";
$reviews_result = $dbconn->Execute($sql);
if (!$reviews_result->RecordCount()){
// product reviews not found
oos_redirect(oos_href_link($aContents['reviews']));
}
$reviews = $reviews_result->fields;
$dbconn->Execute("UPDATE " . $oostable['reviews'] . "
SET reviews_read = reviews_read+1
WHERE reviews_id = '" . $reviews['reviews_id'] . "'");
// add the products model or products_name to the breadcrumb trail
// links breadcrumb
$oBreadcrumb->add($reviews['products_name'], oos_href_link($aContents['product_info'], 'category=' . $sCategory . '&amp;products_id=' . $reviews['products_id']));
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['product_reviews']));
$sCanonical = oos_href_link($aContents['product_reviews'], $get_parameters, FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/product_reviews_info.html';
$nPageType = OOS_PAGE_TYPE_REVIEWS;
$sPagetitle = sprintf($aLang['heading_title'], $reviews['products_name']) . ' ' . OOS_META_TITLE;
if ($oMessage->size('reviews') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('reviews') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => sprintf($aLang['heading_title'], $reviews['products_name']),
'canonical' => $sCanonical,
'reviews' => $reviews
)
);
// display the template
$smarty->display($aTemplate['page']);

226
msd2/myoos/includes/content/product_reviews_write.php Normal file
View File

@ -0,0 +1,226 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: product_reviews_write.php,v 1.51 2003/02/13 04:23:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (!$oEvent->installed_plugin('reviews')) {
oos_redirect(oos_href_link($aContents['home']));
}
if (isset($_GET['products_id'])) {
if (!isset($nProductsID)) $nProductsID = oos_get_product_id($_GET['products_id']);
} elseif (isset($_POST['products_id'])) {
if (!isset($nProductsID)) $nProductsID = oos_get_product_id($_POST['products_id']);
} else {
oos_redirect(oos_href_link($aContents['home']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/reviews_product_write.php';
// start the session
if ( $session->hasStarted() === FALSE ) $session->start();
if (!isset($_SESSION['customer_id'])) {
// navigation history
if (!isset($_SESSION['navigation'])) {
$_SESSION['navigation'] = new navigationHistory();
}
$_SESSION['navigation']->set_snapshot();
$oMessage->add_session('login', $aLang['error_login_for_rating'], 'danger');
oos_redirect(oos_href_link($aContents['login']));
}
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$sql = "SELECT p.products_id, pd.products_name, p.products_image
FROM $productstable p,
$products_descriptiontable pd
WHERE p.products_id = '" . intval($nProductsID) . "'
AND pd.products_id = p.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'
AND p.products_setting = '2'";
$product_result = $dbconn->Execute($sql);
$valid_product = ($product_result->RecordCount() > 0);
$product_info = $product_result->fields;
if ( isset($_POST['action']) && ($_POST['action'] == 'reviews-write-process') &&
( isset($_SESSION['formid']) && ($_SESSION['formid'] == $_POST['formid'])) &&
( $valid_product == TRUE ) ) {
$review = oos_prepare_input($_POST['review']);
$rating = oos_prepare_input($_POST['rating']);
$headline = oos_prepare_input($_POST['headline']);
$bError = FALSE;
if (strlen($review) < REVIEW_TEXT_MIN_LENGTH) {
$oMessage->add('product_reviews_write', $aLang['review_text']);
$bError = TRUE;
}
if (!isset($_POST['rating'])) {
$oMessage->add('product_reviews_write', $aLang['review_rating']);
$bError = TRUE;
}
if (strlen($headline) < 10) {
$oMessage->add('product_reviews_write', $aLang['review_headline']);
$bError = TRUE;
}
if ($bError === FALSE) {
$customerstable = $oostable['customers'];
$sql = "SELECT customers_firstname, customers_lastname
FROM $customerstable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'";
$customer_info_result = $dbconn->Execute($sql);
$customer_info = $customer_info_result->fields;
$firstname = ltrim($customer_info['customers_firstname']);
$firstname = substr($firstname, 0, 1);
$lastname = ltrim($customer_info['customers_lastname']);
$lastname = substr($lastname, 0, 1);
$customers_name = $firstname . '. ' . $lastname . '. ';
$orderstable = $oostable['orders'];
$orders_productstable = $oostable['orders_products'];
$query = "SELECT o.orders_id, op.products_id
FROM $orderstable o,
$orders_productstable op
WHERE o.customers_id = '" . intval($_SESSION['customer_id']) . "'
AND o.orders_id = op.orders_id
AND op.products_id = '" . intval($nProductsId) . "'";
$orders_result = $dbconn->Execute($query);
if ($orders_result->RecordCount()) {
$nValidReviews = 1;
} else {
$nValidReviews = 0;
}
$date_now = date('Ymd');
$reviewstable = $oostable['reviews'];
$dbconn->Execute("INSERT INTO $reviewstable
(products_id,
customers_id,
customers_name,
verified,
reviews_rating,
date_added,
reviews_read,
reviews_status) VALUES ('" . intval($nProductsID) . "',
'" . intval($_SESSION['customer_id']) . "',
'" . oos_db_input($customers_name) . "',
'" . intval($nValidReviews) . "',
'" . oos_db_input($rating) . "',
now(),
'0',
'0')");
$insert_id = $dbconn->Insert_ID();
$reviews_descriptiontable = $oostable['reviews_description'];
$dbconn->Execute("INSERT INTO $reviews_descriptiontable
(reviews_id,
reviews_languages_id,
reviews_headline,
reviews_text) VALUES ('" . intval($insert_id) . "',
'" . intval($nLanguageID) . "',
'" . oos_db_input($headline) . "',
'" . oos_db_input($review) . "')");
$email_subject = 'Review: ' . $product_info['products_name'];
$email_text = "\n";
$email_text .= "Firstname: ". $customer_values['customers_firstname'] . "\n";
$email_text .= "Lastname: ". $customer_values['customers_lastname'] . "\n";
$email_text .= "E-Mail: ". $customer_values['customers_email_address'] . "\n";
$email_text .= "\n";
$email_text .= "Text: ". $review . "\n";
oos_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $email_subject, nl2br($email_text), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, '');
// clear cache
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_template.php';
$smarty = new myOOS_Smarty();
$smarty->clearCache(NULL, $sTheme.'|products|reviews');
$oMessage->add_session('reviews', $aLang['info_review_waiting'], 'success');
oos_redirect(oos_href_link($aContents['product_reviews'], 'products_id=' . intval($nProductsID)));
}
}
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['product_reviews'], 'products_id=' . intval($nProductsID)));
$sCanonical = oos_href_link($aContents['product_reviews_write'], 'products_id=' . intval($nProductsID), FALSE, TRUE);
$customerstable = $oostable['customers'];
$sql = "SELECT customers_firstname, customers_lastname
FROM $customerstable
WHERE customers_id = '" . intval($_SESSION['customer_id']) . "'";
$customer_info_result = $dbconn->Execute($sql);
$customer_info = $customer_info_result->fields;
$firstname = ltrim($customer_info['customers_firstname']);
$firstname = substr($firstname, 0, 1);
$lastname = ltrim($customer_info['customers_lastname']);
$lastname = substr($lastname, 0, 1);
$customers_name = $firstname . '. ' . $lastname . '. ';
$aTemplate['page'] = $sTheme . '/page/product_reviews_write.html';
$aTemplate['javascript'] = $sTheme . '/js/product_reviews_write.html';
$nPageType = OOS_PAGE_TYPE_REVIEWS;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
if ($oMessage->size('product_reviews_write') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('product_reviews_write') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'canonical' => $sCanonical,
'valid_product' => $valid_product,
'product_info' => $product_info,
'customers_name' => $customers_name
)
);
$smarty->assign('javascript', $smarty->fetch($aTemplate['javascript']));
// display the template
$smarty->display($aTemplate['page']);

142
msd2/myoos/includes/content/products_new.php Normal file
View File

@ -0,0 +1,142 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: products_new.php,v 1.2 2003/01/09 09:40:07 elarifr
orig: products_new.php,v 1.24 2003/02/13 04:23:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
// split-page-results
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_split_page_results.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/products_new.php';
$aTemplate['page'] = $sTheme . '/page/products_new.html';
$aTemplate['pagination'] = $sTheme . '/system/_pagination.html';
$nPageType = OOS_PAGE_TYPE_CATALOG;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
$nPage = isset($_GET['page']) ? intval( $_GET['page'] ) : 1;
$sGroup = trim($aUser['text']);
$nContentCacheID = $sTheme . '|products_new|' . $nPage. '|' . $sGroup . '|' . $sLanguage;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
if (!$smarty->isCached($aTemplate['page'], $nContentCacheID)) {
$productstable = $oostable['products'];
$specialsstable = $oostable['specials'];
$manufacturersstable = $oostable['manufacturers'];
$products_descriptiontable = $oostable['products_description'];
$products_new_result_raw = "SELECT p.products_id, pd.products_name, p.products_image, p.products_price,
p.products_base_price, p.products_base_unit, p.products_units_id,
p.products_product_quantity, p.products_quantity_order_min,
p.products_quantity_order_max, p.products_quantity_order_units,
p.products_tax_class_id, pd.products_short_description,
IF(s.status, s.specials_new_products_price, NULL) AS specials_new_products_price,
p.products_date_added, p.manufacturers_id, m.manufacturers_name
FROM $productstable p LEFT JOIN
$manufacturersstable m ON p.manufacturers_id = m.manufacturers_id LEFT JOIN
$products_descriptiontable pd ON p.products_id = pd.products_id AND
pd.products_languages_id = '" . intval($nLanguageID) . "' LEFT JOIN
$specialsstable s ON p.products_id = s.products_id
WHERE p.products_setting = '2'
ORDER BY p.products_date_added DESC, pd.products_name";
$products_new_split = new splitPageResults($products_new_result_raw, MAX_DISPLAY_PRODUCTS_NEW);
$products_new_result = $dbconn->Execute($products_new_split->sql_query);
$products_new_array = array();
while ($products_new = $products_new_result->fields) {
$new_product_price = '';
$new_product_special_price = '';
$new_product_discount_price = '';
$new_base_product_price = '';
$base_product_price = $products_new['products_price'];
$new_product_price = $oCurrencies->display_price($products_new['products_price'], oos_get_tax_rate($products_new['products_tax_class_id']));
if (isset($products_new['specials_new_products_price'])) {
$base_product_price = $products_new['specials_new_products_price'];
$new_product_special_price = $oCurrencies->display_price($products_new['specials_new_products_price'], oos_get_tax_rate($products_new['products_tax_class_id']));
}
if ($products_new['products_base_price'] != 1) {
$new_base_product_price = $oCurrencies->display_price($base_product_price * $products_new['products_base_price'], oos_get_tax_rate($products_new['products_tax_class_id']));
}
$order_min = number_format($listing['products_quantity_order_min']);
$order_max = number_format($listing['products_quantity_order_max']);
$products_new_array[] = array(
'id' => $products_new['products_id'],
'name' => $products_new['products_name'],
'image' => $products_new['products_image'],
'products_short_description' => $products_new['products_short_description'],
'new_product_price' => $new_product_price,
'new_product_units' => $products_new['products_units_id'],
'new_product_quantity' => $products_new['products_product_quantity'],
'order_min' => $order_min,
'order_max' => $order_max,
'new_product_special_price' => $new_product_special_price,
'new_product_discount_price' => $new_product_discount_price,
'new_base_product_price' => $new_base_product_price,
'products_base_price' => $products_new['products_base_price'],
'new_products_base_unit' => $products_new['products_base_unit'],
'date_added' => $products_new['products_date_added'],
'manufacturers_id' => $products_new['manufacturers_id'],
'manufacturer' => $products_new['manufacturers_name']);
$products_new_result->MoveNext();
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['products_new']));
$sCanonical = oos_href_link($aContents['products_new'], 'page='. $nPage, FALSE, TRUE);
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,follow,noodp,noydir',
'canonical' => $sCanonical,
'page_split' => $products_new_split->display_count($aLang['text_display_number_of_products_new']),
'display_links' => $products_new_split->display_links(MAX_DISPLAY_PAGE_LINKS, oos_get_all_get_parameters(array('page', 'info'))),
'numrows' => $products_new_split->number_of_rows,
'numpages' => $products_new_split->number_of_pages,
'page' => $nPage,
'products_new' => $products_new_array
)
);
}
$smarty->assign('pagination', $smarty->fetch($aTemplate['pagination'], $nContentCacheID));
// display the template
$smarty->display($aTemplate['page']);

82
msd2/myoos/includes/content/redirect.php Normal file
View File

@ -0,0 +1,82 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: redirect.php,v 1.9 2003/02/13 04:23:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
switch ($_GET['action']) {
case 'url':
if (isset($_GET['goto']) && oos_is_not_null($_GET['goto'])) {
$products_descriptiontable = $oostable['products_description'];
$check_sql = "SELECT products_url FROM $products_descriptiontable WHERE products_url = '" . oos_db_input($_GET['goto']) . "'";
$check_result = $dbconn->Execute($check_sql);
if ($check_result->RecordCount() >= 1) {
oos_redirect('http://' . $_GET['goto']);
}
}
break;
case 'manufacturer' :
if (isset($_GET['manufacturers_id']) && is_numeric($_GET['manufacturers_id'])) {
$manufacturers_id = intval($_GET['manufacturers_id']);
$manufacturers_infotable = $oostable['manufacturers_info'];
$sql = "SELECT manufacturers_url
FROM $manufacturers_infotable
WHERE manufacturers_id = '" . intval($manufacturers_id) . "'
AND manufacturers_languages_id = '" . intval($nLanguageID) . "'";
$manufacturer_result = $dbconn->Execute($sql);
if (!$manufacturer_result->RecordCount()) {
// no url exists for the selected language, lets use the default language then
$manufacturers_infotable = $oostable['manufacturers_info'];
$languagestable = $oostable['languages'];
$sql = "SELECT mi.manufacturers_languages_id, mi.manufacturers_url
FROM $manufacturers_infotable mi,
$languagestable l
WHERE mi.manufacturers_id = '" . intval($manufacturers_id) . "'
AND mi.manufacturers_languages_id = l.iso_639_2
AND l.iso_639_2 = '" . DEFAULT_LANGUAGE . "'";
$manufacturer_result = $dbconn->Execute($sql);
if (!$manufacturer_result->RecordCount()) {
// no url exists, return to the site
oos_redirect(oos_href_link($aContents['home']));
} else {
$manufacturer = $manufacturer_result->fields;
$manufacturers_infotable = $oostable['manufacturers_info'];
$dbconn->Execute("UPDATE $manufacturers_infotable SET url_clicked = url_clicked+1, date_last_click = now() WHERE manufacturers_id = '" . intval($manufacturers_id) . "' AND manufacturers_languages_id = '" . intval($manufacturer['manufacturers_languages_id']) . "'");
}
} else {
// url exists in selected language
$manufacturer = $manufacturer_result->fields;
$manufacturers_infotable = $oostable['manufacturers_info'];
$dbconn->Execute("UPDATE $manufacturers_infotable SET url_clicked = url_clicked+1, date_last_click = now() WHERE manufacturers_id = '" . intval($manufacturers_id) . "' AND manufacturers_languages_id = '" . intval($nLanguageID) . "'");
}
oos_redirect($manufacturer['manufacturers_url']);
}
break;
}
oos_redirect(oos_href_link($aContents['home']));

131
msd2/myoos/includes/content/reviews.php Normal file
View File

@ -0,0 +1,131 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: reviews.php,v 1.47 2003/02/13 04:23:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (!$oEvent->installed_plugin('reviews')) {
oos_redirect(oos_href_link($aContents['home']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_split_page_results.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/reviews.php';
/**
* Get the number of times a word/character is present in a string
*
* @param $sStr
* @param $sNeedle
* @return number
*/
function oosWordCount($sStr, $sNeedle = ' ') {
$aTemp = explode($sNeedle, $sStr);
return count($aTemp);
}
$aTemplate['page'] = $sTheme . '/page/reviews.html';
$aTemplate['pagination'] = $sTheme . '/system/_pagination.html';
$nPageType = OOS_PAGE_TYPE_CATALOG;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
$nPage = isset($_GET['page']) ? intval( $_GET['page'] ) : 1;
$sGroup = trim($aUser['text']);
$nContentCacheID = $sTheme . '|products|reviews|' . $nPage. '|' . $sGroup . '|' . $sLanguage;
if ($oMessage->size('reviews') > 0) {
$aInfoMessage = array_merge ($aInfoMessage, $oMessage->output('reviews') );
}
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
if (!$smarty->isCached($aTemplate['page'], $nContentCacheID)) {
$reviewstable = $oostable['reviews'];
$productstable = $oostable['products'];
$reviews_descriptiontable = $oostable['reviews_description'];
$products_descriptiontable = $oostable['products_description'];
$reviews_result_raw = "SELECT r.reviews_id, rd.reviews_headline, rd.reviews_text,
r.reviews_rating, r.date_added, p.products_id,
pd.products_name, p.products_image, r.customers_name
FROM $reviewstable r, $reviews_descriptiontable rd,
$productstable p, $products_descriptiontable pd
WHERE p.products_setting = '2'
AND p.products_id = r.products_id
AND r.reviews_id = rd.reviews_id
AND p.products_id = pd.products_id
AND r.reviews_status = 1
AND pd.products_languages_id = '" . intval($nLanguageID) . "'
AND rd.reviews_languages_id = '" . intval($nLanguageID) . "'
ORDER BY r.reviews_id DESC";
$reviews_split = new splitPageResults($reviews_result_raw, MAX_DISPLAY_NEW_REVIEWS);
$reviews_result = $dbconn->Execute($reviews_split->sql_query);
$aReviews = array();
while ($reviews = $reviews_result->fields) {
$aReviews[] = array('id' => $reviews['reviews_id'],
'products_id' => $reviews['products_id'],
'reviews_id' => $reviews['reviews_id'],
'products_name' => $reviews['products_name'],
'products_image' => $reviews['products_image'],
'authors_name' => $reviews['customers_name'],
'reviews_headline' => $reviews['reviews_headline'],
'review' => htmlspecialchars(substr($reviews['reviews_text'], 0, 250)) . '..',
'rating' => $reviews['reviews_rating'],
'word_count' => oosWordCount($reviews['reviews_text'], ' '),
'date_added' => oos_date_long($reviews['date_added']));
$reviews_result->MoveNext();
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['reviews']));
$sCanonical = oos_href_link($aContents['reviews'], 'page=' . $nPage, FALSE, TRUE);
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'canonical' => $sCanonical,
'page_split' => $reviews_split->display_count($aLang['text_display_number_of_reviews']),
'display_links' => $reviews_split->display_links(MAX_DISPLAY_PAGE_LINKS, oos_get_all_get_parameters(array('page', 'info'))),
'numrows' => $reviews_split->number_of_rows,
'numpages' => $reviews_split->number_of_pages,
'page' => $nPage,
'reviews' => $aReviews
)
);
}
$smarty->assign('pagination', $smarty->fetch($aTemplate['pagination'], $nContentCacheID));
// display the template
$smarty->display($aTemplate['page']);

547
msd2/myoos/includes/content/shop.php Normal file
View File

@ -0,0 +1,547 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: default.php,v 1.2 2003/01/09 09:40:07 elarifr
orig: default.php,v 1.81 2003/02/13 04:23:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being required by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/shop.php';
require_once MYOOS_INCLUDE_PATH . '/includes/functions/function_default.php';
// the following cPath references come from main.php
$category_depth = 'top';
$aLang['heading_title'] = $aLang['heading_title_top'];
if (isset($sCategory) && oos_is_not_null($sCategory)) {
$products_to_categoriestable = $oostable['products_to_categories'];
$sql = "SELECT COUNT(*) AS total
FROM $products_to_categoriestable
WHERE categories_id = '" . intval($nCurrentCategoryID) . "'";
$categories_products = $dbconn->Execute($sql);
if ($categories_products->fields['total'] > 0) {
$category_depth = 'products'; // display products
$aLang['heading_title'] = $aLang['heading_title_products'];
} else {
$categoriestable = $oostable['categories'];
$sql = "SELECT COUNT(*) AS total
FROM $categoriestable
WHERE parent_id = '" . intval($nCurrentCategoryID) . "'";
$category_parent = $dbconn->Execute($sql);
if ($category_parent->fields['total'] > 0) {
$category_depth = 'nested'; // navigate through the categories
$aLang['heading_title'] = $aLang['heading_title_nested'];
} else {
$category_depth = 'products'; // category has no products, but display the 'no products' message
$aLang['heading_title'] = $aLang['heading_title_products'];
}
}
}
if ($category_depth == 'nested') {
$categoriestable = $oostable['categories'];
$categories_descriptiontable = $oostable['categories_description'];
$sql = "SELECT cd.categories_name, cd.categories_page_title, cd.categories_heading_title, cd.categories_description,
cd.categories_description_meta, c.categories_image
FROM $categoriestable c,
$categories_descriptiontable cd
WHERE c.categories_id = '" . intval($nCurrentCategoryID) . "'
AND cd.categories_id = '" . intval($nCurrentCategoryID) . "'
AND cd.categories_languages_id = '" . intval($nLanguageID) . "'";
$category = $dbconn->GetRow($sql);
$aTemplate['page'] = $sTheme . '/page/shop_nested.html';
$aTemplate['new_products'] = $sTheme . '/products/_new_products.html';
$nPageType = OOS_PAGE_TYPE_CATALOG;
$sPagetitle = (empty($category['categories_page_title']) ? $category['categories_heading_title'] : $category['categories_page_title']);
$sGroup = trim($aUser['text']);
$sContentCacheID = $sTheme . '|shop|nested|' . intval($nCurrentCategoryID) . '|' . $sCategory . '|' . $sGroup . '|' . $sLanguage;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
$smarty->assign('meta_description', $category['categories_description_meta']);
$smarty->assign('breadcrumb', $oBreadcrumb->trail());
$smarty->assign('canonical', $sCanonical);
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
if (!$smarty->isCached($aTemplate['page'], $sContentCacheID)) {
if (isset($sCategory) && strpos('_', $sCategory)) {
// check to see if there are deeper categories within the current category
$aCategoryLinks = array_reverse($aCategoryPath);
$n = count($aCategoryLinks);
for ($i = 0, $n; $i < $n; $i++) {
$categoriestable = $oostable['categories'];
$categories_descriptiontable = $oostable['categories_description'];
$sql = "SELECT c.categories_id, c.categories_image, c.parent_id, c.categories_status, cd.categories_name, p.parent_id as gparent_id
FROM $categoriestable c,
$categoriestable p,
$categories_descriptiontable cd
WHERE c.categories_status = '2'
AND c.parent_id = '" . intval($aCategoryLinks[$i]) . "'
AND c.categories_id = cd.categories_id
AND cd.categories_languages_id = '" . intval($nLanguageID) . "'
AND p.categories_id = '" . intval($aCategoryLinks[$i]) . "'
ORDER BY c.sort_order, cd.categories_name";
$categories_result = $dbconn->Execute($sql);
if ($categories_result->RecordCount() < 1) {
// do nothing, go through the loop
} else {
break; // we've found the deepest category the customer is in
}
}
} else {
$categoriestable = $oostable['categories'];
$categories_descriptiontable = $oostable['categories_description'];
$sql = "SELECT c.categories_id, cd.categories_name, cd.categories_description,
c.categories_image, c.parent_id, c.categories_status, p.parent_id as gparent_id
FROM $categoriestable c,
$categoriestable p,
$categories_descriptiontable cd
WHERE c.categories_status = '2'
AND c.parent_id = '" . intval($nCurrentCategoryID) . "'
AND c.categories_id = cd.categories_id
AND cd.categories_languages_id = '" . intval($nLanguageID) . "'
AND p.categories_id = '" . intval($nCurrentCategoryID) . "'
ORDER BY c.sort_order, cd.categories_name";
$categories_result = $dbconn->Execute($sql);
}
$aCategoriesBoxs = array();
while ($categories = $categories_result->fields) {
$sCategoryNew = oos_get_path($categories['categories_id'], $categories['parent_id'], $categories['gparent_id']);
$aCategoriesBoxs[] = array(
'image' => $categories['categories_image'],
'name' => $categories['categories_name'],
'path' => $sCategoryNew
);
// Move that ADOdb pointer!
$categories_result->MoveNext();
}
if (!$smarty->isCached($aTemplate['new_products'], $sContentCacheID)) {
$smarty->assign('cpath', $sCategory);
require_once MYOOS_INCLUDE_PATH . '/includes/modules/new_products.php';
}
$smarty->assign('new_products', $smarty->fetch($aTemplate['new_products'], $sContentCacheID));
$smarty->assign('heading_title', $category['categories_name']);
if (!empty($category['categories_heading_title'])) {
$smarty->assign('heading_title', $category['categories_heading_title']);
}
$smarty->assign(
array(
'category' => $category,
'categories' => $aCategoriesBoxs
)
);
}
$smarty->setCaching(false);
} elseif ($category_depth == 'products' || (isset($_GET['manufacturers_id']) && !empty($_GET['manufacturers_id']))) {
$categoriestable = $oostable['categories'];
$categories_descriptiontable = $oostable['categories_description'];
$sql = "SELECT cd.categories_name, cd.categories_heading_title, cd.categories_description,
cd.categories_description_meta, c.categories_image
FROM $categoriestable c,
$categories_descriptiontable cd
WHERE c.categories_id = '" . intval($nCurrentCategoryID) . "'
AND cd.categories_id = '" . intval($nCurrentCategoryID) . "'
AND cd.categories_languages_id = '" . intval($nLanguageID) . "'";
$category = $dbconn->GetRow($sql);
$categories_imagestable = $oostable['categories_images'];
$sql = "SELECT categories_image
FROM $categories_imagestable
WHERE categories_id = '" . intval($nCurrentCategoryID) . "'";
$category_slider = $dbconn->Execute($sql);
if ($category_slider->RecordCount()) {
$aCategorySlider = array();
while ($slider = $category_slider->fields) {
$aCategorySlider[] = array(
'image' => $slider['categories_image']
);
// Move that ADOdb pointer!
$category_slider->MoveNext();
}
}
$aTemplate['page'] = $sTheme . '/page/shop_products.html';
$aTemplate['pagination'] = $sTheme . '/system/_pagination.html';
$nPageType = OOS_PAGE_TYPE_CATALOG;
if (empty($category['categories_heading_title'])) {
$sPagetitle = $category['categories_name']. ' ' . OOS_META_TITLE;
} else {
$sPagetitle = $category['categories_heading_title'] . ' ' . OOS_META_TITLE;
}
$sDescription = $category['categories_description_meta'];
$nManufacturersID = isset($_GET['manufacturers_id']) ? $_GET['manufacturers_id']+0 : 0;
$nPage = isset($_GET['page']) ? intval( $_GET['page'] ) : 1;
$nFilterID = intval($_GET['filter_id']) ? $_GET['filter_id']+0 : 0;
$sSort = oos_var_prep_for_os($_GET['sort']);
$sGroup = trim($aUser['text']);
$sContentCacheID = $sTheme . '|shop|products|' . intval($nCurrentCategoryID) . '|' . $sCategory . '|' . $nManufacturersID . '|' . $nPage . '|' . $nFilterID . '|' . $sGroup . '|' . $sLanguage;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $category['categories_name'],
'canonical' => $sCanonical
)
);
if (!$smarty->isCached($aTemplate['page'], $sContentCacheID)) {
// create column list
$aDefineList = array();
$aDefineList = array('PRODUCT_LIST_MODEL' => '1',
'PRODUCT_LIST_NAME' => '2',
'PRODUCT_LIST_MANUFACTURER' => '3',
'PRODUCT_LIST_PRICE' => '4',
'PRODUCT_LIST_QUANTITY' => '5',
'PRODUCT_LIST_WEIGHT' => '6',
'PRODUCT_LIST_IMAGE' => '7',
'PRODUCT_LIST_BUY_NOW' => '8',
'PRODUCT_LIST_SORT_ORDER' => '9');
asort($aDefineList);
$aColumnList = array();
foreach($aDefineList as $key => $value) {
if ($value > 0) $aColumnList[] = $key;
}
$select_column_list = '';
$n = count($aColumnList);
for ($col = 0, $n; $col < $n; $col++) {
if ( $aColumnList[$col] == 'PRODUCT_LIST_PRICE') {
continue;
}
switch ($aColumnList[$col]) {
case 'PRODUCT_LIST_MODEL':
$select_column_list .= 'p.products_model, ';
break;
case 'PRODUCT_LIST_NAME':
$select_column_list .= 'pd.products_name, ';
break;
case 'PRODUCT_LIST_MANUFACTURER':
$select_column_list .= 'm.manufacturers_name, ';
break;
case 'PRODUCT_LIST_QUANTITY':
$select_column_list .= 'p.products_quantity, ';
break;
case 'PRODUCT_LIST_IMAGE':
$select_column_list .= 'p.products_image, ';
break;
case 'PRODUCT_LIST_WEIGHT':
$select_column_list .= 'p.products_weight, ';
break;
case 'PRODUCT_LIST_SORT_ORDER':
$select_column_list .= 'p.products_sort_order, ';
break;
}
}
// show the products of a specified manufacturer
if (isset($_GET['manufacturers_id']) && !empty($_GET['manufacturers_id'])) {
$nManufacturersID = intval($_GET['manufacturers_id']);
if (isset($_GET['filter_id'])) {
// We are asked to show only a specific category
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$manufacturerstable = $oostable['manufacturers'];
$products_to_categoriestable = $oostable['products_to_categories'];
$specialstable = $oostable['specials'];
$listing_sql = "SELECT " . $select_column_list . " p.products_id, p.products_replacement_product_id, p.manufacturers_id,
p.products_price, p.products_price_list, p.products_base_price, p.products_base_unit,
p.products_quantity_order_min, p.products_quantity_order_max, p.products_product_quantity,
p.products_discount1, p.products_discount2, p.products_discount3,
p.products_discount4, p.products_discount1_qty, p.products_discount2_qty, p.products_discount3_qty,
p.products_discount4_qty, p.products_tax_class_id, p.products_units_id, p.products_sort_order,
IF(s.status, s.specials_new_products_price, NULL) AS specials_new_products_price,
IF(s.status, s.specials_new_products_price, p.products_price) AS final_price
FROM $productstable p LEFT JOIN
$specialstable s ON p.products_id = s.products_id,
$products_descriptiontable pd,
$manufacturerstable m,
$products_to_categoriestable p2c
WHERE p.products_setting = '2'
AND p.manufacturers_id = m.manufacturers_id
AND m.manufacturers_id = '" . intval($nManufacturersID) . "'
AND p.products_id = p2c.products_id
AND pd.products_id = p2c.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'
AND p2c.categories_id = '" . intval($nFilterID) . "'";
} else {
// We show them all
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$manufacturerstable = $oostable['manufacturers'];
$specialstable = $oostable['specials'];
$listing_sql = "SELECT " . $select_column_list . " p.products_id, p.products_replacement_product_id, p.manufacturers_id,
p.products_price, p.products_price_list, p.products_base_price, p.products_base_unit, p.products_quantity_order_min,
p.products_quantity_order_max, p.products_product_quantity,
p.products_discount1, p.products_discount2, p.products_discount3,
p.products_discount4, p.products_discount1_qty, p.products_discount2_qty, p.products_discount3_qty,
p.products_discount4_qty, p.products_tax_class_id, p.products_units_id, p.products_sort_order,
IF(s.status, s.specials_new_products_price, NULL) AS specials_new_products_price,
IF(s.status, s.specials_new_products_price, p.products_price) AS final_price
FROM $productstable p LEFT JOIN
$specialstable s ON p.products_id = s.products_id,
$products_descriptiontable pd,
$manufacturerstable m
WHERE p.products_setting = '2'
AND pd.products_id = p.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'
AND p.manufacturers_id = m.manufacturers_id
AND m.manufacturers_id = '" . intval($nManufacturersID) . "'";
}
// We build the categories-dropdown
$productstable = $oostable['products'];
$products_to_categoriestable = $oostable['products_to_categories'];
$categoriestable = $oostable['categories'];
$categories_descriptiontable = $oostable['categories_description'];
$filterlist_sql = "SELECT DISTINCT c.categories_id AS id, cd.categories_name AS name
FROM $productstable p,
$products_to_categoriestable p2c,
$categoriestable c,
$categories_descriptiontable cd
WHERE p.products_setting = '2'
AND p.products_id = p2c.products_id
AND p2c.categories_id = c.categories_id
AND p2c.categories_id = cd.categories_id
AND cd.categories_languages_id = '" . intval($nLanguageID) . "'
AND p.manufacturers_id = '" . intval($nManufacturersID) . "'
ORDER BY cd.categories_name";
} else {
// show the products in a given categorie
if ((isset($_GET['filter_id'])) && oos_is_not_null($_GET['filter_id'])) {
// We are asked to show only specific catgeory
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$manufacturerstable = $oostable['manufacturers'];
$products_to_categoriestable = $oostable['products_to_categories'];
$specialstable = $oostable['specials'];
$listing_sql = "SELECT " . $select_column_list . " p.products_id, p.manufacturers_id,
p.products_price, p.products_price_list, p.products_base_price, p.products_base_unit, p.products_quantity_order_min,
p.products_quantity_order_max, p.products_product_quantity,
p.products_discount1, p.products_discount2, p.products_discount3,
p.products_discount4, p.products_discount1_qty, p.products_discount2_qty, p.products_discount3_qty,
p.products_discount4_qty, p.products_tax_class_id, p.products_units_id, p.products_sort_order,
IF(s.status, s.specials_new_products_price, NULL) AS specials_new_products_price,
IF(s.status, s.specials_new_products_price, p.products_price) AS final_price
FROM $productstable p LEFT JOIN
$specialstable s on p.products_id = s.products_id,
$products_descriptiontable pd,
$manufacturerstable m,
$products_to_categoriestable p2c
WHERE p.products_setting = '2'
AND p.manufacturers_id = m.manufacturers_id
AND m.manufacturers_id = '" . intval($_GET['filter_id']) . "'
AND p.products_id = p2c.products_id
AND pd.products_id = p2c.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'
AND p2c.categories_id = '" . intval($nCurrentCategoryID) . "'";
} else {
// We show them all
$productstable = $oostable['products'];
$products_descriptiontable = $oostable['products_description'];
$manufacturerstable = $oostable['manufacturers'];
$products_to_categoriestable = $oostable['products_to_categories'];
$specialstable = $oostable['specials'];
$listing_sql = "SELECT " . $select_column_list . " p.products_id, p.manufacturers_id,
p.products_price, p.products_price_list, p.products_base_price, p.products_base_unit, p.products_quantity_order_min,
p.products_quantity_order_max, p.products_product_quantity,
p.products_discount1, p.products_discount2, p.products_discount3,
p.products_discount4, p.products_discount1_qty, p.products_discount2_qty, p.products_discount3_qty,
p.products_discount4_qty, p.products_tax_class_id, p.products_units_id, p.products_sort_order,
IF(s.status, s.specials_new_products_price, NULL) AS specials_new_products_price,
IF(s.status, s.specials_new_products_price, p.products_price) AS final_price
FROM $products_descriptiontable pd,
$productstable p LEFT JOIN
$manufacturerstable m ON p.manufacturers_id = m.manufacturers_id LEFT JOIN
$specialstable s ON p.products_id = s.products_id,
$products_to_categoriestable p2c
WHERE p.products_setting = '2'
AND p.products_id = p2c.products_id
AND pd.products_id = p2c.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'
AND p2c.categories_id = '" . intval($nCurrentCategoryID) . "'";
}
// We build the manufacturers Dropdown
$productstable = $oostable['products'];
$manufacturerstable = $oostable['manufacturers'];
$products_to_categoriestable = $oostable['products_to_categories'];
$filterlist_sql = "SELECT DISTINCT m.manufacturers_id AS id, m.manufacturers_name AS name
FROM $productstable p,
$products_to_categoriestable p2c,
$manufacturerstable m
WHERE p.products_setting = '2'
AND p.manufacturers_id = m.manufacturers_id
AND p.products_id = p2c.products_id
AND p2c.categories_id = '" . intval($nCurrentCategoryID) . "'
ORDER BY m.manufacturers_name";
}
if ( (!isset($_GET['sort'])) || (!preg_match('/^[1-8][ad]$/', $_GET['sort'])) || (substr($_GET['sort'], 0, 1) > count($aColumnList)) ) {
$n = count($aColumnList);
for ($col = 0, $n; $col < $n; $col++) {
if ($aColumnList[$col] == 'PRODUCT_LIST_NAME') {
$_GET['sort'] = $i+1 . 'a';
// $_GET['sort'] = 'products_sort_order';
$listing_sql .= " ORDER BY p.products_sort_order asc";
break;
}
}
} else {
$sort_col = substr($_GET['sort'], 0 , 1);
$sort_order = substr($_GET['sort'], 1);
switch ($aColumnList[$sort_col-1]) {
case 'PRODUCT_LIST_MODEL':
$listing_sql .= " ORDER BY p.products_model " . ($sort_order == 'd' ? 'desc' : '') . ", pd.products_name";
break;
case 'PRODUCT_LIST_NAME':
$listing_sql .= " ORDER BY pd.products_name " . ($sort_order == 'd' ? 'desc' : '');
break;
case 'PRODUCT_LIST_MANUFACTURER':
$listing_sql .= " ORDER BY m.manufacturers_name " . ($sort_order == 'd' ? 'desc' : '') . ", pd.products_name";
break;
case 'PRODUCT_LIST_QUANTITY':
$listing_sql .= " ORDER BY p.products_quantity " . ($sort_order == 'd' ? 'desc' : '') . ", pd.products_name";
break;
case 'PRODUCT_LIST_IMAGE':
$listing_sql .= " ORDER BY pd.products_name";
break;
case 'PRODUCT_LIST_WEIGHT':
$listing_sql .= " ORDER BY p.products_weight " . ($sort_order == 'd' ? 'desc' : '') . ", pd.products_name";
break;
case 'PRODUCT_LIST_PRICE':
$listing_sql .= " ORDER BY final_price " . ($sort_order == 'd' ? 'desc' : '') . ", pd.products_name";
break;
case 'PRODUCT_LIST_SORT_ORDER':
$listing_sql .= " ORDER BY p.products_sort_order " . ($sort_order == 'd' ? "desc" : '') . ", pd.products_name";
break;
}
}
// optional Product List Filter
$product_filter_select = '';
$filterlist_result = $dbconn->Execute($filterlist_sql);
if ($filterlist_result->RecordCount() > 1) {
$product_filter_select .= '<form><div class="justify-content-center">' . $aLang['text_show'] . '<select size="1" onChange="if(options[selectedIndex].value) window.location.href=(options[selectedIndex].value)">';
if (isset($_GET['manufacturers_id']) && !empty($_GET['manufacturers_id'])) {
$manufacturers_id = intval($_GET['manufacturers_id']);
$arguments = 'manufacturers_id=' . intval($manufacturers_id);
} else {
$arguments = 'category=' . $sCategory;
}
$arguments .= '&amp;sort=' . oos_db_prepare_input($_GET['sort']);
$option_url = oos_href_link($aContents['shop'], $arguments);
if (!isset($_GET['filter_id'])) {
$product_filter_select .= '<option value="' . $option_url . '" selected="selected">' . $aLang['text_all'] . '</option>';
} else {
$product_filter_select .= '<option value="' . $option_url . '">' . $aLang['text_all'] . '</option>';
}
$product_filter_select .= '<option value="">---------------</option>';
while ($filterlist = $filterlist_result->fields) {
$option_url = oos_href_link($aContents['shop'], $arguments . '&amp;filter_id=' . $filterlist['id']);
if (isset($_GET['filter_id']) && ($_GET['filter_id'] == $filterlist['id'])) {
$product_filter_select .= '<option value="' . $option_url . '" selected="selected">' . $filterlist['name'] . '</option>';
} else {
$product_filter_select .= '<option value="' . $option_url . '">' . $filterlist['name'] . '</option>';
}
$filterlist_result->MoveNext();
}
$product_filter_select .= '</select></div></form>' . "\n";
}
// assign Smarty variables;
$smarty->assign(
array(
'product_filter_select' => $product_filter_select,
'category' => $category
)
);
if (isset($aCategorySlider) && is_array($aCategorySlider)) {
$smarty->assign('slider', $aCategorySlider);
}
if ( (isset($_GET['manufacturers_id'])) || (oos_total_products_in_category($nCurrentCategoryID) >= 1) ) {
require_once MYOOS_INCLUDE_PATH . '/includes/modules/product_listing.php';
}
}
$smarty->assign('pagination', $smarty->fetch($aTemplate['pagination'], $sContentCacheID));
$smarty->setCaching(false);
} else {
// $category_depth = 'top';
oos_redirect(oos_href_link($aContents['home']));
}
// display the template
$smarty->display($aTemplate['page']);

148
msd2/myoos/includes/content/shopping_cart.php Normal file
View File

@ -0,0 +1,148 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: shopping_cart.php,v 1.71 2003/02/14 05:51:28 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/shopping_cart.php';
$hidden_field = '';
$any_out_of_stock = 0;
if (isset($_SESSION)) {
if (is_object($_SESSION['cart'])) {
if ($_SESSION['cart']->count_contents() > 0) {
$products = $_SESSION['cart']->get_products();
$n = count($products);
for ($i=0, $n; $i<$n; $i++) {
// (oos_get_products_quantity_order_min($products[$i]['id']) > 1 ? $aLang['products_order_qty_min_text_cart_short'] . oos_get_products_quantity_order_min($products[$i]['id']) : '') . (oos_get_products_quantity_order_units($products[$i]['id']) > 1 ? $aLang['products_order_qty_unit_text_cart_short'] . oos_get_products_quantity_order_units($products[$i]['id']) : "")
$hidden_field .= oos_draw_hidden_field('products_id[]', $products[$i]['id']);
// Display marker if stock quantity insufficient
if (STOCK_CHECK == 'true') {
$stock_left = $products[$i]['stock'] - $products[$i]['quantity'];
if ($stock_left < 0) {
$any_out_of_stock = 1;
}
}
// Wishlist names
if (oos_is_not_null($products[$i]['towlid'])) {
$hidden_field .= oos_draw_hidden_field('to_wl_id[]', $products[$i]['towlid']);
}
// Push all attributes information in an array
if (isset($products[$i]['attributes']) && is_array($products[$i]['attributes'])) {
foreach($products[$i]['attributes'] as $option => $value) {
$products_id = oos_get_product_id($products[$i]['id']);
$products_optionstable = $oostable['products_options'];
$products_options_valuestable = $oostable['products_options_values'];
$products_attributestable = $oostable['products_attributes'];
if ($value == PRODUCTS_OPTIONS_VALUE_TEXT_ID) {
$sql = "SELECT popt.products_options_name,
pa.options_values_price, pa.price_prefix
FROM $products_optionstable popt,
$products_attributestable pa
WHERE pa.products_id = '" . intval($products_id) . "'
AND pa.options_id = popt.products_options_id
AND pa.options_id = '" . oos_db_input($option) . "'
AND popt.products_options_languages_id = '" . intval($nLanguageID) . "'";
} else {
$sql = "SELECT popt.products_options_name,
poval.products_options_values_name,
pa.options_values_price, pa.price_prefix
FROM $products_optionstable popt,
$products_options_valuestable poval,
$products_attributestable pa
WHERE pa.products_id = '" . intval($products_id) . "'
AND pa.options_id = '" . oos_db_input($option) . "'
AND pa.options_id = popt.products_options_id
AND pa.options_values_id = '" . oos_db_input($value) . "'
AND pa.options_values_id = poval.products_options_values_id
AND popt.products_options_languages_id = '" . intval($nLanguageID) . "'
AND poval.products_options_values_languages_id = '" . intval($nLanguageID) . "'";
}
$attributes_values = $dbconn->GetRow($sql);
if ($value == PRODUCTS_OPTIONS_VALUE_TEXT_ID) {
$hidden_field .= oos_draw_hidden_field('id[' . $products[$i]['id'] . '][' . TEXT_PREFIX . $option . ']', $products[$i]['attributes_values'][$option]);
$attr_value = $products[$i]['attributes_values'][$option];
} else {
$hidden_field .= oos_draw_hidden_field('id[' . $products[$i]['id'] . '][' . $option . ']', $value);
$attr_value = $attributes_values['products_options_values_name'];
}
$attr_price = $attributes_values['options_values_price'];
$products[$i][$option]['products_options_name'] = $attributes_values['products_options_name'];
$products[$i][$option]['options_values_id'] = $value;
$products[$i][$option]['products_options_values_name'] = $attr_value;
$products[$i][$option]['options_values_price'] = $attr_price;
$products[$i][$option]['price_prefix'] = $attributes_values['price_prefix'];
}
}
}
}
}
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['shopping_cart']));
$sCanonical = oos_href_link($aContents['shopping_cart'], '', FALSE, TRUE);
$aTemplate['page'] = $sTheme . '/page/shopping_cart.html';
$nPageType = OOS_PAGE_TYPE_CATALOG;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'robots' => 'noindex,follow,noodp,noydir',
'cart_active' => 1,
'canonical' => $sCanonical,
'hidden_field' => $hidden_field,
'products' => $products,
'any_out_of_stock' => $any_out_of_stock
)
);
// display the template
$smarty->display($aTemplate['page']);

66
msd2/myoos/includes/content/sitemap.php Normal file
View File

@ -0,0 +1,66 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: sitemap.php,v 1.1 2004/02/16 07:13:17 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2001 - 2004 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/sitemap.php';
$aTemplate['page'] = $sTheme . '/page/sitemap.html';
$nPageType = OOS_PAGE_TYPE_MAINPAGE;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
$sGroup = trim($aUser['text']);
$nContentCacheID = $sTheme . '|info|' . $sGroup . '|sitemap|' . $sLanguage;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
if (!$smarty->isCached($aTemplate['page'], $nContentCacheID)) {
$oSitemap = new oosCategoryTree;
$oSitemap->setShowCategoryProductCount(false);
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['sitemap']));
$sCanonical = oos_href_link($aContents['sitemap'], '', FALSE, TRUE);
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'canonical' => $sCanonical
)
);
$smarty->assign('sitemap', $oSitemap->buildTree());
}
// display the template
$smarty->display($aTemplate['page']);

124
msd2/myoos/includes/content/specials.php Normal file
View File

@ -0,0 +1,124 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: specials.php,v 1.46 2003/02/13 04:23:23 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
if (!$oEvent->installed_plugin('spezials')) {
oos_redirect(oos_href_link($aContents['home']));
}
require_once MYOOS_INCLUDE_PATH . '/includes/classes/class_split_page_results.php';
require_once MYOOS_INCLUDE_PATH . '/includes/languages/' . $sLanguage . '/products_specials.php';
$aTemplate['page'] = $sTheme . '/page/specials.html';
$aTemplate['pagination'] = $sTheme . '/system/_pagination.html';
$nPageType = OOS_PAGE_TYPE_CATALOG;
$sPagetitle = $aLang['heading_title'] . ' ' . OOS_META_TITLE;
$sGroup = trim($aUser['text']);
$nPage = isset($_GET[page]) ? $_GET[page]+0 : 1;
$nContentCacheID = $sTheme . '|info|' . $sGroup . '|spezials|' . $nPage . '|' . $sLanguage;
require_once MYOOS_INCLUDE_PATH . '/includes/system.php';
if (!isset($option)) {
require_once MYOOS_INCLUDE_PATH . '/includes/message.php';
require_once MYOOS_INCLUDE_PATH . '/includes/blocks.php';
}
if ( (USE_CACHE == 'true') && (!isset($_SESSION)) ) {
$smarty->setCaching(Smarty::CACHING_LIFETIME_CURRENT);
}
if (!$smarty->isCached($aTemplate['page'], $nContentCacheID)) {
$productstable = $oostable['products'];
$specialstable = $oostable['specials'];
$products_descriptiontable = $oostable['products_description'];
$specials_result_raw = "SELECT p.products_id, pd.products_name, pd.products_short_description, p.products_image, p.products_price,
p.products_base_price, p.products_base_unit, p.products_tax_class_id,
p.products_units_id, p.products_image, s.specials_new_products_price
FROM $productstable p,
$products_descriptiontable pd,
$specialstable s
WHERE p.products_setting = '2'
AND s.products_id = p.products_id
AND p.products_id = pd.products_id
AND pd.products_languages_id = '" . intval($nLanguageID) . "'
AND s.status = '1'
ORDER BY s.specials_date_added DESC";
$specials_split = new splitPageResults($specials_result_raw, MAX_DISPLAY_SPECIAL_PRODUCTS);
$specials_result = $dbconn->Execute($specials_split->sql_query);
$aSpecials = array();
while ($specials = $specials_result->fields) {
$specials_base_product_price = '';
$specials_base_product_special_price = '';
$specials_product_price = $oCurrencies->display_price($specials['products_price'], oos_get_tax_rate($specials['products_tax_class_id']));
$specials_product_special_price = $oCurrencies->display_price($specials['specials_new_products_price'], oos_get_tax_rate($specials['products_tax_class_id']));
if ($specials['products_base_price'] != 1) {
$specials_base_product_price = $oCurrencies->display_price($specials['products_price'] * $specials['products_base_price'], oos_get_tax_rate($specials['products_tax_class_id']));
$specials_base_product_special_price = $oCurrencies->display_price($specials['specials_new_products_price'] * $specials['products_base_price'], oos_get_tax_rate($specials['products_tax_class_id']));
}
$aSpecials[] = array(
'products_id' => $specials['products_id'],
'products_image' => $specials['products_image'],
'products_name' => $specials['products_name'],
'products_description' => $specials['products_description'],
'products_base_unit' => $specials['products_base_unit'],
'products_base_price' => $specials['products_base_price'],
'products_price' => $specials_product_price,
'products_special_price' => $specials_product_special_price,
'base_product_price' => $specials_base_product_price,
'base_product_special_price' => $specials_base_product_special_price
);
$specials_result->MoveNext();
}
// links breadcrumb
$oBreadcrumb->add($aLang['navbar_title'], oos_href_link($aContents['specials']));
$sCanonical = oos_href_link($aContents['specials'], 'page='. $nPage, FALSE, TRUE);
// assign Smarty variables;
$smarty->assign(
array(
'breadcrumb' => $oBreadcrumb->trail(),
'heading_title' => $aLang['heading_title'],
'canonical' => $sCanonical,
'page_split' => $specials_split->display_count($aLang['text_display_number_of_specials']),
'display_links' => $specials_split->display_links(MAX_DISPLAY_PAGE_LINKS, oos_get_all_get_parameters(array('page', 'info'))),
'numrows' => $specials_split->number_of_rows,
'numpages' => $specials_split->number_of_pages,
'page' => $nPage,
'specials' => $aSpecials
)
);
}
$smarty->assign('pagination', $smarty->fetch($aTemplate['pagination'], $nContentCacheID));
// display the template
$smarty->display($aTemplate['page']);

90
msd2/myoos/includes/debug.php Normal file
View File

@ -0,0 +1,90 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
/**
* For debugging purposes
*
* @package core
* @access public
*
* @author r23 <info@r23.de>
* @since OOS 1.3.1
*/
set_error_handler('oos_error_log_handler');
if (function_exists('ini_set')) {
ini_set('allow_call_time_pass_reference',1);
ini_set('track_errors',1);
ini_set('error_reporting',E_ALL & ~E_NOTICE);
ini_set('display_errors',1);
ini_set('log_errors',0);
}
/**
* Error log handler
*
* @access public
* @param string
* @param string
* @param string
* @param string
* @param string
* @return boolean
*
* @author r23 <info@r23.de>
* @since OOS 1.3.1
*/
function oos_error_log_handler($sErrNo, $sErrMsg, $sErrFile, $sErrLine, $sErrVars) {
if (substr($sErrMsg, 0, 4) == 'stat') {
return true;
}
// define an assoc array of error string
// in reality the only entries we should
// consider are 2,8,256,512 and 1024
$errortype = array ( 1 => 'Error',
2 => 'Warning',
4 => 'Parsing Error',
8 => 'Notice',
16 => 'Core Error',
32 => 'Core Warning',
64 => 'Compile Error',
128 => 'Compile Warning',
256 => 'User Error',
512 => 'User Warning',
1024=> 'User Notice');
// $aErrUser = array(E_USER_ERROR, E_USER_WARNING, E_USER_NOTICE);
$aErrUser = array(E_USER_ERROR);
if (in_array($sErrNo, $aErrUser)) {
$sUserIP = oos_server_get_remote();
$sErr = '[' . date('D M j G:i:s Y') . ']'
.' [error]'
.' [client ' . $sUserIP . '] ';
$sErr .= '(' . OOS_FULL_NAME . ')'
.' '. $errortype[$sErrNo]
.' '. $sErrMsg
.' in file '.$sErrFile
.' line '.$sErrLine . "\n";
@error_log($sErr, 3, OOS_TEMP_PATH . 'logs/php_error.log');
}
}

31
msd2/myoos/includes/define.php Normal file
View File

@ -0,0 +1,31 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
define('WARN_INSTALL_EXISTENCE', 'false');
define('WARN_CONFIG_WRITEABLE', 'false');
define('WARN_DOWNLOAD_DIRECTORY_NOT_READABLE', 'false');
define('ACCOUNT_COMPANY_VAT_ID_CHECK', 'true');
define('OOS_PAGE_TYPE_MAINPAGE', 1);
define('OOS_PAGE_TYPE_CATALOG', 2);
define('OOS_PAGE_TYPE_PRODUCTS', 3);
define('OOS_PAGE_TYPE_SERVICE', 4);
define('OOS_PAGE_TYPE_CHECKOUT', 5);
define('OOS_PAGE_TYPE_ACCOUNT', 6);
define('OOS_PAGE_TYPE_REVIEWS', 7);
define('LOGIN_FOR_PRICE', 'false');

90
msd2/myoos/includes/filename.php Normal file
View File

@ -0,0 +1,90 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: application_top.php,v 1.264 2003/02/17 16:37:52 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
$prefix_filename = '';
if (!$prefix_filename == '') $prefix_filename = $prefix_filename . '_';
$aContents = array();
$aContents = [
'conditions_download' => $prefix_filename . 'conditions.pdf',
//account
'account_history' => $prefix_filename . 'account_history',
'account_history_info' => $prefix_filename . 'account_history_info',
'account_address_book' => $prefix_filename . 'account_address_book',
'account_address_book_process' => $prefix_filename . 'account_address_book_process',
'account_wishlist' => $prefix_filename . 'account_wishlist',
'account_order_history' => $prefix_filename . 'account_order_history',
//admin
'admin_login' => $prefix_filename . 'admin_login',
//gv
'gv_faq' => $prefix_filename . 'gv_faq',
'gv_redeem' => $prefix_filename . 'gv_redeem',
// 'popup_coupon_help' => $prefix_filename . 'popup_coupon_help',
//info
'info_down_for_maintenance' => $prefix_filename . 'info_down_for_maintenance',
'info_max_order' => $prefix_filename . 'info_max_order',
'sitemap' => $prefix_filename . 'sitemap',
'information' => $prefix_filename . 'information',
'403' => $prefix_filename . 'error403',
'404' => $prefix_filename . 'error404',
//main
'home' => $prefix_filename . 'home',
'shop' => $prefix_filename . 'shop',
'redirect' => $prefix_filename . 'redirect',
'shopping_cart' => $prefix_filename . 'shopping_cart',
'contact_us' => $prefix_filename . 'contact_us',
//newsletter
'newsletter' => $prefix_filename . 'newsletter',
//products
'product_info' => $prefix_filename . 'product_info',
'products_new' => $prefix_filename . 'products_new',
'specials' => $prefix_filename . 'specials',
//pub
'download' => $prefix_filename . 'download',
//reviews
'reviews' => $prefix_filename . 'reviews',
'product_reviews' => $prefix_filename . 'product_reviews',
'product_reviews_info' => $prefix_filename . 'product_reviews_info',
'product_reviews_write' => $prefix_filename . 'product_reviews_write',
//search
'advanced_search' => $prefix_filename . 'advanced_search',
'advanced_search_result' => $prefix_filename . 'advanced_search_result',
//user
'account' => $prefix_filename . 'account',
'account_edit' => $prefix_filename . 'account_edit',
'create_account' => $prefix_filename . 'create_account',
'create_account_success' => $prefix_filename . 'create_account_success',
'login' => $prefix_filename . 'login',
'logoff' => $prefix_filename . 'logoff',
'password_forgotten' => $prefix_filename . 'password_forgotten',
'product_notifications' => $prefix_filename . 'product_notifications',
//checkout
'checkout_confirmation' => $prefix_filename . 'checkout_confirmation',
'checkout_payment' => $prefix_filename . 'checkout_payment',
'checkout_payment_address' => $prefix_filename . 'checkout_payment_address',
'checkout_process' => $prefix_filename . 'checkout_process',
'checkout_shipping' => $prefix_filename . 'checkout_shipping',
'checkout_shipping_address' => $prefix_filename . 'checkout_shipping_address',
'checkout_success' => $prefix_filename . 'checkout_success',
];

218
msd2/myoos/includes/functions/function_address.php Normal file
View File

@ -0,0 +1,218 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: general.php,v 1.212 2003/02/17 07:55:54 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/**
* address
*
* @link https://www.oos-shop.de
* @package oos_address
* @version $Revision: 1.1 $ - changed by $Author: r23 $ on $Date: 2007/06/12 16:49:27 $
*/
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
/**
* Returns the zone (State/Province) code
*
* @param $country_id
* @param $zone_id
* @param $default_zone
* @return string
*/
function oos_get_zone_code($country_id, $zone_id, $default_zone) {
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$zonestable = $oostable['zones'];
$zone = $dbconn->Execute("SELECT zone_code FROM $zonestable WHERE zone_country_id = '" . intval($country_id) . "' AND zone_id = '" . intval($zone_id) . "'");
if ($zone->RecordCount() > 0) {
return $zone->fields['zone_code'];
} else {
return $default_zone;
}
}
/**
* Returns the address_format_id for the given country
*
* @param $country_id
* @return string
*/
function oos_get_address_format_id($country_id) {
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$countriestable = $oostable['countries'];
$address_format = $dbconn->Execute("SELECT address_format_id AS format_id FROM $countriestable WHERE countries_id = '" . intval($country_id) . "'");
if ($address_format->RecordCount() > 0) {
return $address_format->fields['format_id'];
} else {
return '1';
}
}
/**
* Return a formatted address
*
* @param $address_format_id
* @param $address
* @param $html
* @param $boln
* @param $eoln
* @return string
*/
function oos_address_format($address_format_id, $address, $html, $boln, $eoln) {
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$address_formattable = $oostable['address_format'];
$address_format_result = $dbconn->Execute("SELECT address_format AS format FROM $address_formattable WHERE address_format_id = '" . intval($address_format_id) . "'");
$address_format = $address_format_result->fields;
$company = addslashes($address['company']);
$firstname = addslashes($address['firstname']);
$lastname = addslashes($address['lastname']);
$street = addslashes($address['street_address']);
$city = addslashes($address['city']);
$state = addslashes($address['state']);
$country_id = $address['country_id'];
$zone_id = $address['zone_id'];
$postcode = addslashes($address['postcode']);
$zip = $postcode;
$country = oos_get_country_name($country_id);
$state = oos_get_zone_code($country_id, $zone_id, $state);
if ($html) {
// HTML Mode
$HR = '<hr>';
$hr = '<hr>';
if ( ($boln == '') && ($eoln == "\n") ) { // Values not specified, use rational defaults
$CR = '<br />';
$cr = '<br />';
$eoln = $cr;
} else { // Use values supplied
$CR = $eoln . $boln;
$cr = $CR;
}
} else {
// Text Mode
$CR = $eoln;
$cr = $CR;
$HR = '----------------------------------------';
$hr = '----------------------------------------';
}
$statecomma = '';
$streets = $street;
if ($firstname == '') $firstname = addslashes($address['name']);
if ($country == '') $country = addslashes($address['country']);
if ($state != '') $statecomma = $state . ', ';
$fmt = $address_format['format'];
eval("\$address = \"$fmt\";");
$address = stripslashes($address);
if ( (ACCOUNT_COMPANY == 'true') && (oos_is_not_null($company)) ) {
$address = $company . $cr . $address;
}
return $boln . $address . $eoln;
}
/**
* Return a formatted address
*
* @param $customers_id
* @param $address_id
* @param $html
* @param $boln
* @param $eoln
* @param $address
* @param $html
* @param $boln
* @param $eoln
*/
function oos_address_label($customers_id, $address_id = 1, $html = FALSE, $boln = '', $eoln = "\n") {
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$address_booktable = $oostable['address_book'];
$query = "SELECT entry_firstname AS firstname, entry_lastname AS lastname, entry_company AS company,
entry_street_address AS street_address, entry_city AS city,
entry_postcode AS postcode, entry_state AS state, entry_zone_id AS zone_id,
entry_country_id AS country_id
FROM $address_booktable
WHERE customers_id = '" . intval($customers_id) . "' AND
address_book_id = '" . intval($address_id) . "'";
$address = $dbconn->GetRow($query);
$format_id = oos_get_address_format_id($address['country_id']);
return oos_address_format($format_id, $address, $html, $boln, $eoln);
}
/**
* Counts the customer address book entries
*
* @param string $id
* @param bool $check_session
* @return int
*/
function oos_count_customer_address_book_entries($id = '', $check_session = TRUE) {
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
if (is_numeric($id) == FALSE) {
if ($_SESSION['customer_id']) {
$id = $_SESSION['customer_id'];
} else {
return 0;
}
}
if ($check_session == TRUE) {
if ( ($_SESSION['customer_id'] == FALSE) || ($id != $_SESSION['customer_id']) ) {
return 0;
}
}
$address_booktable = $oostable['address_book'];
$addresses_query = "SELECT COUNT(*) AS total
FROM $address_booktable
WHERE customers_id = " . intval($id);
$addresses = $dbconn->Execute($addresses_query);
return $addresses->fields['total'];
}

221
msd2/myoos/includes/functions/function_compatibility.php Normal file
View File

@ -0,0 +1,221 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: compatibility.php,v 1.22 2004/07/22 16:36:22 hpdl
compatibility.php,v 1.18 2003/02/11 01:31:01 hpdl
compatibility.php 1498 2007-03-29 14:04:50Z hpdl $
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2007 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/**
* For compatibility
*
* @package core
* @access public
*
* @author r23 <info@r23.de>
* @since OOS 1.3.1
*/
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
/**
* Forcefully disable register_globals if enabled
*
* Based from work by Richard Heyes (http://www.phpguru.org)
*/
if ((int)ini_get('register_globals') > 0) {
if (isset($_REQUEST['GLOBALS'])) {
die('GLOBALS overwrite attempt detected');
}
$noUnset = array('GLOBALS', '_GET', '_POST', '_COOKIE', '_REQUEST', '_SERVER', '_ENV', '_FILES');
$input = array_merge($_GET, $_POST, $_COOKIE, $_SERVER, $_ENV, $_FILES, isset($_SESSION) && is_array($_SESSION) ? $_SESSION : array());
foreach ($input as $k => $v) {
if (!in_array($k, $noUnset) && isset($GLOBALS[$k])) {
$GLOBALS[$k] = NULL;
unset($GLOBALS[$k]);
}
}
unset($noUnset);
unset($input);
unset($k);
unset($v);
}
/**
* Forcefully disable magic_quotes_gpc if enabled
*
* @link https://www.oos-shop.dedoc/php_manual_de/html/security.magicquotes.disabling.html
*/
if (get_magic_quotes_gpc()) {
function stripslashes_deep($value)
{
$value = is_array($value) ?
array_map('stripslashes_deep', $value) :
stripslashes($value);
return $value;
}
$_POST = array_map('stripslashes_deep', $_POST);
$_GET = array_map('stripslashes_deep', $_GET);
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
$_REQUEST = array_map('stripslashes_deep', $_REQUEST);
}
/**
* Fix for PHP as CGI hosts that set SCRIPT_FILENAME to
* something ending in php.cgi for all requests
*/
if (strpos(php_sapi_name(), 'cgi') !== FALSE) {
// $_SERVER['SCRIPT_FILENAME'] = $_SERVER['PATH_TRANSLATED'];
}
/**
* Fix for Dreamhost and other PHP as CGI hosts
*/
if (strpos($_SERVER['SCRIPT_NAME'], 'php.cgi') !== FALSE) {
unset($_SERVER['PATH_INFO']);
}
/**
* Replace file_get_contents()
*
* @category PHP
* @package PHP_Compat
* @link http://php.net/function.file_get_contents
* @author Aidan Lister <aidan - php - net>
* @version $Revision: 1.12 $
* @internal resource_context is not supported
* @since PHP 5
*/
if (!function_exists('file_get_contents')) {
function file_get_contents($filename, $incategory = FALSE, $resource_context = null) {
if (false === $fh = fopen($filename, 'rb', $incategory)) {
user_error('file_get_contents() failed to open stream: No such file or directory', E_USER_WARNING);
return FALSE;
}
clearstatcache();
if ($fsize = @filesize($filename)) {
$data = fread($fh, $fsize);
} else {
$data = '';
while (!feof($fh)) {
$data .= fread($fh, 8192);
}
}
fclose($fh);
return $data;
}
}
/**
* checkdnsrr() not implemented on Microsoft Windows platforms
*/
if (!function_exists('checkdnsrr')) {
function checkdnsrr($host, $type) {
if(!empty($host) && !empty($type)) {
@exec('nslookup -type=' . escapeshellarg($type) . ' ' . escapeshellarg($host), $output);
foreach ($output as $k => $line) {
if(preg_match('/^' . $host . '/i', $line)) {
return TRUE;
}
}
}
return FALSE;
}
}
if (!function_exists('http_response_code')) {
function http_response_code($code = NULL) {
if ($code !== NULL) {
switch ($code) {
case 100: $text = 'Continue'; break;
case 101: $text = 'Switching Protocols'; break;
case 200: $text = 'OK'; break;
case 201: $text = 'Created'; break;
case 202: $text = 'Accepted'; break;
case 203: $text = 'Non-Authoritative Information'; break;
case 204: $text = 'No Content'; break;
case 205: $text = 'Reset Content'; break;
case 206: $text = 'Partial Content'; break;
case 300: $text = 'Multiple Choices'; break;
case 301: $text = 'Moved Permanently'; break;
case 302: $text = 'Moved Temporarily'; break;
case 303: $text = 'See Other'; break;
case 304: $text = 'Not Modified'; break;
case 305: $text = 'Use Proxy'; break;
case 400: $text = 'Bad Request'; break;
case 401: $text = 'Unauthorized'; break;
case 402: $text = 'Payment Required'; break;
case 403: $text = 'Forbidden'; break;
case 404: $text = 'Not Found'; break;
case 405: $text = 'Method Not Allowed'; break;
case 406: $text = 'Not Acceptable'; break;
case 407: $text = 'Proxy Authentication Required'; break;
case 408: $text = 'Request Time-out'; break;
case 409: $text = 'Conflict'; break;
case 410: $text = 'Gone'; break;
case 411: $text = 'Length Required'; break;
case 412: $text = 'Precondition Failed'; break;
case 413: $text = 'Request Entity Too Large'; break;
case 414: $text = 'Request-URI Too Large'; break;
case 415: $text = 'Unsupported Media Type'; break;
case 500: $text = 'Internal Server Error'; break;
case 501: $text = 'Not Implemented'; break;
case 502: $text = 'Bad Gateway'; break;
case 503: $text = 'Service Unavailable'; break;
case 504: $text = 'Gateway Time-out'; break;
case 505: $text = 'HTTP Version not supported'; break;
default:
exit('Unknown http status code "' . htmlentities($code) . '"');
break;
}
$protocol = (isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : 'HTTP/1.0');
header($protocol . ' ' . $code . ' ' . $text);
$GLOBALS['http_response_code'] = $code;
} else {
$code = (isset($GLOBALS['http_response_code']) ? $GLOBALS['http_response_code'] : 200);
}
return $code;
}
}

130
msd2/myoos/includes/functions/function_coupon.php Normal file
View File

@ -0,0 +1,130 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: gv_sent.php,v 1.1 2003/02/18 00:18:50 wilt
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2002 - 2003 osCommerce
Credit Class GV/Discount Coupon v5.03
Copyright (c) 2001 - 2003 Ian C Wilson
http://www.phesis.org
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/**
* Credit Class GV/Discount Coupon
*
* @link https://www.oos-shop.de
* @package Credit Class GV/Discount Coupon
* @version $Revision: 1.1 $ - changed by $Author: r23 $ on $Date: 2007/06/12 16:49:27 $
*/
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
/**
* Create a Coupon Code. length may be between 1 and 16 Characters
*
* @param $salt
* @param $length
* @return string
*/
function oos_create_coupon_code($salt="secret", $length = SECURITY_CODE_LENGTH) {
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$ccid = md5(uniqid("","salt"));
$ccid .= md5(uniqid("","salt"));
$ccid .= md5(uniqid("","salt"));
$ccid .= md5(uniqid("","salt"));
srand((double)microtime()*1000000); // seed the random number generator
$random_start = @rand(0, (128-$length));
$good_result = 0;
while ($good_result == 0) {
$id1 = substr($ccid, $random_start,$length);
$couponstable = $oostable['coupons'];
$sql = "SELECT coupon_code
FROM $couponstable
WHERE coupon_code = '" . oos_db_input($id1) . "'";
$query = $dbconn->Execute($sql);
if ($query->RecordCount() == 0) $good_result = 1;
}
return $id1;
}
/**
* Update the Customers GV account
*
* @param $customer_id
* @param $gv_id
*/
function oos_gv_account_update($customer_id, $gv_id) {
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$coupon_gv_customertable = $oostable['coupon_gv_customer'];
$sql = "SELECT amount
FROM $coupon_gv_customertable
WHERE customer_id = '" . intval($customer_id) . "'";
$customer_gv_result = $dbconn->Execute($sql);
$couponstable = $oostable['coupons'];
$sql = "SELECT coupon_amount
FROM $couponstable
WHERE coupon_id = '" . oos_db_input($gv_id) . "'";
$coupon_amount = $dbconn->GetOne($sql);
if ($customer_gv_result->RecordCount() > 0) {
$customer_gv = $customer_gv_result->fields;
$new_gv_amount = $customer_gv['amount'] + $coupon_amount;
$coupon_gv_customertable = $oostable['coupon_gv_customer'];
$gv_result = $dbconn->Execute("UPDATE $coupon_gv_customertable
SET amount = '" . oos_db_input($new_gv_amount) . "'");
} else {
$coupon_gv_customertable = $oostable['coupon_gv_customer'];
$gv_result = $dbconn->Execute("INSERT INTO $coupon_gv_customertable
(customer_id,
amount) VALUES ('" . intval($customer_id) . "',
'" . oos_db_input($coupon_amount) . "')");
}
}
/**
* Get tax rate from tax description
*
* @param $tax_desc
* @return string
*/
function oos_get_tax_rate_from_desc($tax_desc) {
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$tax_ratestable = $oostable['tax_rates'];
$sql = "SELECT tax_rate
FROM $tax_ratestable
WHERE tax_description = '" . oos_db_input($tax_desc) . "'";
$tax = $dbconn->Execute($sql);
return $tax->fields['tax_rate'];
}

252
msd2/myoos/includes/functions/function_db.php Normal file
View File

@ -0,0 +1,252 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: pnAPI.php,v 1.81.2.14 2002/05/17 16:50:12 byronmhome
----------------------------------------------------------------------
POST-NUKE Content Management System
Copyright (C) 2001 by the Post-Nuke Development Team.
http://www.postnuke.com/
----------------------------------------------------------------------
Based on:
PHP-NUKE Web Portal System - http://phpnuke.org/
Thatware - http://thatware.org/
----------------------------------------------------------------------
File: database.php,v 1.21 2002/06/05 11:16:25 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Original Author of file: Jim McDonald
Purpose of file: The PostNuke API
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
/**
* ADODB Database Abstraction Layer API Helpers
*
* @package database
* @copyright (C) 2013 by the MyOOS Development Team.
* @license GPL <http://www.gnu.org/licenses/gpl.html>
* @link https://www.oos-shop.de
* @subpackage adodb
*/
/**
* Initializes the database connection.
*
* This function loads up ADODB and starts the database
* connection using the required parameters then it sets
* the table prefixes and xartables up and returns true
*
* @access protected
* @global object db database connection object
* @global integer ADODB_FETCH_MODE array fectching by associative or numeric keyed arrays
* @global array oosDB_tables database tables used by MyOOS [Shopsystem]
* @return bool true on success, false on failure
*/
function oosDBInit() {
// Get database parameters
$dbtype = OOS_DB_TYPE;
$dbhost = OOS_DB_SERVER;
$dbname = OOS_DB_DATABASE;
// Decode encoded DB parameters
if (OOS_ENCODED == '1') {
$dbuname = base64_decode(OOS_DB_USERNAME);
$dbpass = base64_decode(OOS_DB_PASSWORD);
} else {
$dbuname = OOS_DB_USERNAME;
$dbpass = OOS_DB_PASSWORD;
}
// Start connection
global $ADODB_CACHE_DIR;
$ADODB_CACHE_DIR = oos_get_local_path(OOS_TEMP_PATH . 'adodb_cache/');
$dbconn = ADONewConnection($dbtype);
if (!$dbconn->Connect($dbhost, $dbuname, $dbpass, $dbname)) {
$dbpass = "****";
$dbuname = "****";
die("$dbtype://$dbuname:$dbpass@$dbhost/$dbname failed to connect " . $dbconn->ErrorMsg());
}
global $ADODB_FETCH_MODE;
$ADODB_FETCH_MODE = ADODB_FETCH_ASSOC;
$GLOBALS['oosDB_connections'][0] = $dbconn;
$GLOBALS['oosDB_tables'] = array();
return TRUE;
}
/**
* Get a list of database connections
*
* @access public
* @global array xarDB_connections array of database connection objects
* @return array array of database connection objects
*/
function &oosDBGetConn() {
// we only want to return the first connection here
// perhaps we'll add linked list capabilities to this soon
return $GLOBALS['oosDB_connections'][0];
}
/**
* Get an array of database tables
*
* @access public
* @global array oosDB_tables array of database tables
* @return array array of database tables
*/
function &oosDBGetTables() {
return $GLOBALS['oosDB_tables'];
}
/**
* Import module tables in the array of known tables
*
* @access protected
* @global oostable array
*/
function oosDB_importTables($tables) {
// assert('is_array($tables)');
$GLOBALS['oosDB_tables'] = array_merge($GLOBALS['oosDB_tables'], $tables);
}
function oos_db_input($sStr) {
if (function_exists('mysqli::escape_string ')) {
return mysqli::escape_string ($sStr);
}
return addslashes($sStr);
}
function oos_db_perform($table, $data, $action = 'INSERT', $parameters = '') {
// Get database information
$dbconn =& oosDBGetConn();
reset($data);
if ($action == 'INSERT') {
$query = 'INSERT INTO ' . $table . ' (';
foreach ( array_keys($data) as $columns ) {
$query .= $columns . ', ';
}
$query = substr($query, 0, -2) . ') values (';
reset($data);
foreach ($data as $value) {
switch ((string)$value) {
case 'now()':
$query .= 'now(), ';
break;
case 'null':
$query .= 'null, ';
break;
default:
$query .= '\'' . oos_db_input($value) . '\', ';
break;
}
}
$query = substr($query, 0, -2) . ')';
} elseif ($action == 'UPDATE') {
$query = 'UPDATE ' . $table . ' set ';
foreach($data as $columns => $value) {
switch ((string)$value) {
case 'now()':
$query .= $columns . ' = now(), ';
break;
case 'null':
$query .= $columns .= ' = null, ';
break;
default:
$query .= $columns . ' = \'' . oos_db_input($value) . '\', ';
break;
}
}
$query = substr($query, 0, -2) . ' where ' . $parameters;
}
return $dbconn->Execute($query);
}
function oos_db_prepare_input($sStr) {
if (is_string($sStr)) {
return trim(stripslashes($sStr));
} elseif (is_array($sStr)) {
reset($sStr);
foreach($sStr as $key => $value) {
$sStr[$key] = oos_db_prepare_input($value);
}
return $sStr;
} else {
return $sStr;
}
}
function oosDBOutput($sStr) {
if (get_magic_quotes_gpc()) {
return mysqli::escape_string (stripslashes($sStr));
} else {
return mysqli::escape_string ($sStr);
}
}
function dosql($table, $flds) {
// Get database information
$dbconn =& oosDBGetConn();
$dict = NewDataDictionary($dbconn);
$taboptarray = array('mysql' => 'ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;', 'REPLACE');
$sqlarray = $dict->createTableSQL($table, $flds, $taboptarray);
$dict->executeSqlArray($sqlarray);
}
function idxsql($idxname, $table, $idxflds) {
// Get database information
$dbconn =& oosDBGetConn();
$dict = NewDataDictionary($dbconn);
$sqlarray = $dict->CreateIndexSQL($idxname, $table, $idxflds);
$dict->executeSqlArray($sqlarray);
}

103
msd2/myoos/includes/functions/function_default.php Normal file
View File

@ -0,0 +1,103 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: general.php,v 1.212 2003/02/17 07:55:54 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
/**
* Generate a path to categories
*
* @param $current_category_id
* @return string
*/
function oos_get_path($current_category_id = '', $parent_id = '', $gparent_id = '') {
global $aCategoryPath;
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
if (!empty($current_category_id)) {
$cp_size = count($aCategoryPath);
if ($cp_size == 0) {
$sCategoryNew = $current_category_id;
} else {
$sCategoryNew = '';
if (oos_empty($parent_id) || oos_empty($gparent_id) ) {
$categoriestable = $oostable['categories'];
$query = "SELECT c.parent_id, p.parent_id as gparent_id
FROM $categoriestable AS c,
$categoriestable AS p
WHERE c.categories_id = '" . intval($aCategoryPath[($cp_size-1)]) . "'
AND p.categories_id = '" . intval($current_category_id) . "'";
$parent_categories = $dbconn->GetRow($query);
$gparent_id = $parent_categories['gparent_id'];
$parent_id = $parent_categories['parent_id'];
}
if ($parent_id == $gparent_id) {
for ($i=0; $i < ($cp_size - 1); $i++) {
$sCategoryNew .= '_' . $aCategoryPath[$i];
}
} else {
for ($i=0; $i < $cp_size; $i++) {
$sCategoryNew .= '_' . $aCategoryPath[$i];
}
}
$sCategoryNew .= '_' . $current_category_id;
if (substr($sCategoryNew, 0, 1) == '_') {
$sCategoryNew = substr($sCategoryNew, 1);
}
}
} else {
$sCategoryNew = implode('_', $aCategoryPath);
}
return $sCategoryNew;
}
/**
* Return the number of products in a category
*
* @param $category_id
* @param $include_inactive
* @return string
*/
function oos_total_products_in_category($category_id) {
$products_count = 0;
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$productstable = $oostable['products'];
$products_to_categoriestable = $oostable['products_to_categories'];
$products = $dbconn->Execute("SELECT COUNT(*) AS total FROM $productstable p, $products_to_categoriestable p2c WHERE p.products_id = p2c.products_id AND p.products_setting = '2' AND p2c.categories_id = '" . intval($category_id) . "'");
$products_count += $products->fields['total'];
return $products_count;
}

225
msd2/myoos/includes/functions/function_encoded.php Normal file
View File

@ -0,0 +1,225 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
/**
* Decode string encoded with htmlspecialchars()
*
* @param $sStr
* @return string
*/
function oos_decode_special_chars($sStr){
$sStr = str_replace('&gt;', '>', $sStr);
$sStr = str_replace('&lt;', '<', $sStr);
$sStr = str_replace('&#039;', "'", $sStr);
$sStr = str_replace('&quot;', "\"", $sStr);
$sStr = str_replace('&amp;', '&', $sStr);
return $sStr;
}
/**
* string encoded
*
* @param $sStr
* @return string
*/
function oos_make_filename($sStr) {
static $aFrom = array(
' ',
'Ä',
'ä',
'Ö',
'ö',
'Ü',
'ü',
'ß',
'é',
'è',
'ê',
'í',
'ì',
'î',
'á',
'à',
'â',
'å',
'ó',
'ò',
'ô',
'õ',
'ú',
'ù',
'û',
'ç',
'Ç',
'ñ',
'ý');
static $aTo = array(
'-',
'AE',
'ae',
'OE',
'oe',
'UE',
'ue',
'ss',
'e',
'e',
'e',
'i',
'i',
'i',
'a',
'a',
'a',
'a',
'o',
'o',
'o',
'o',
'u',
'u',
'u',
'c',
'C',
'n',
'y');
// Replace international chars not detected by every locale
$sStr = str_replace($aFrom, $aTo, $sStr);
$special_chars = array("?",
"[",
"]",
"/",
"\\",
"=",
"<",
">",
":",
";",
",",
"'",
"\"",
"&",
"$",
"#",
"*",
"(",
")",
"|",
"~",
"`",
"!",
"{",
"}",
"%",
"+",
chr(0));
//strip html tags from text
$sStr = strip_tags($sStr);
// Nuke chars not allowed in our URI
$sStr = preg_replace('#[^0-9a-z\.\_!;,\+\-]#i', '', $sStr);
// Recover delimiters as spaces
$sStr = str_replace("\x01", " ", $sStr);
$sStr = preg_replace( "#\x{00a0}#siu", '', $sStr );
$sStr = str_replace( $special_chars, '', $sStr );
$sStr = str_replace( array( '%20', '+' ), '-', $sStr );
$sStr = preg_replace( '/[\r\n\t -]+/', '-', $sStr );
$sStr = trim( $sStr, '.-_' );
$sStr = strtolower($sStr);
return $sStr;
}
/**
* string encoded
*
* @param $sStr
* @return string
*/
function oos_html_to_xml($sStr) {
//Taken from Reverend's Jim feedparser
//http://revjim.net/code/feedParser/feedParser-0.5.phps
static $aEntities = array(
'&nbsp' => "&#160;", '&iexcl' => "&#161;", '&cent' => "&#162;",
'&pound' => "&#163;", '&curren' => "&#164;", '&yen' => "&#165;",
'&brvbar' => "&#166;", '&sect' => "&#167;", '&uml' => "&#168;",
'&copy' => "&#169;", '&ordf' => "&#170;", '&laquo' => "&#171;",
'&not' => "&#172;", '&shy' => "&#173;", '&reg' => "&#174;",
'&macr' => "&#175;", '&deg' => "&#176;", '&plusmn' => "&#177;",
'&sup2' => "&#178;", '&sup3' => "&#179;", '&acute' => "&#180;",
'&micro' => "&#181;", '&para' => "&#182;", '&middot' => "&#183;",
'&cedil' => "&#184;", '&sup1' => "&#185;", '&ordm' => "&#186;",
'&raquo' => "&#187;", '&frac14' => "&#188;", '&frac12' => "&#189;",
'&frac34' => "&#190;", '&iquest' => "&#191;", '&Agrave' => "&#192;",
'&Aacute' => "&#193;", '&Acirc' => "&#194;", '&Atilde' => "&#195;",
'&Auml' => "&#196;", '&Aring' => "&#197;", '&AElig' => "&#198;",
'&Ccedil' => "&#199;", '&Egrave' => "&#200;", '&Eacute' => "&#201;",
'&Ecirc' => "&#202;", '&Euml' => "&#203;", '&Igrave' => "&#204;",
'&Iacute' => "&#205;", '&Icirc' => "&#206;", '&Iuml' => "&#207;",
'&ETH' => "&#208;", '&Ntilde' => "&#209;", '&Ograve' => "&#210;",
'&Oacute' => "&#211;", '&Ocirc' => "&#212;", '&Otilde' => "&#213;",
'&Ouml' => "&#214;", '&times' => "&#215;", '&Oslash' => "&#216;",
'&Ugrave' => "&#217;", '&Uacute' => "&#218;", '&Ucirc' => "&#219;",
'&Uuml' => "&#220;", '&Yacute' => "&#221;", '&THORN' => "&#222;",
'&szlig' => "&#223;", '&agrave' => "&#224;", '&aacute' => "&#225;",
'&acirc' => "&#226;", '&atilde' => "&#227;", '&auml' => "&#228;",
'&aring' => "&#229;", '&aelig' => "&#230;", '&ccedil' => "&#231;",
'&egrave' => "&#232;", '&eacute' => "&#233;", '&ecirc' => "&#234;",
'&euml' => "&#235;", '&igrave' => "&#236;", '&iacute' => "&#237;",
'&icirc' => "&#238;", '&iuml' => "&#239;", '&eth' => "&#240;",
'&ntilde' => "&#241;", '&ograve' => "&#242;", '&oacute' => "&#243;",
'&ocirc' => "&#244;", '&otilde' => "&#245;", '&ouml' => "&#246;",
'&divide' => "&#247;", '&oslash' => "&#248;", '&ugrave' => "&#249;",
'&uacute' => "&#250;", '&ucirc' => "&#251;", '&uuml' => "&#252;",
'&yacute' => "&#253;", '&thorn' => "&#254;", '&yuml' => "&#255;"
);
$sStr = strtr($sStr, $aEntities);
return $sStr;
}

70
msd2/myoos/includes/functions/function_featured.php Normal file
View File

@ -0,0 +1,70 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
/**
* Sets the status of a featured product
*/
function oos_set_featured_status($nFeaturedId, $status) {
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$featuredtable = $oostable['featured'];
return $dbconn->Execute("UPDATE $featuredtable
SET status = '" . oos_db_input($status) . "',
date_status_change = now()
WHERE featured_id = '" . intval($nFeaturedId) . "'");
}
/**
* Auto expire featured products
*/
function oos_expire_featured() {
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$featuredtable = $oostable['featured'];
$sql = "SELECT featured_id
FROM $featuredtable
WHERE status = '1'
AND now() >= expires_date
AND expires_date > 0";
if (USE_CACHE == 'true') {
$featured_result = $dbconn->CacheExecute(15, $sql);
} else {
$featured_result = $dbconn->Execute($sql);
}
if (!$featured_result) {return;}
if ($featured_result->RecordCount() > 0) {
while ($featured = $featured_result->fields) {
oos_set_featured_status($featured['featured_id'], '0');
// Move that ADOdb pointer!
$featured_result->MoveNext();
}
}
}

190
msd2/myoos/includes/functions/function_global.php Normal file
View File

@ -0,0 +1,190 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/**
* global
*
* @package global
* @copyright (C) 2016 by the MyOOS Development Team.
* @license GPL <http://www.gnu.org/licenses/gpl.html>
* @link https://www.oos-shop.de
*/
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
/**
* Output a raw date string in the selected locale date format
* $raw_date needs to be in this format: YYYY-MM-DD HH:MM:SS
*
* @param $raw_date
* @return string
*/
function oos_date_long($raw_date) {
if ( ($raw_date == '0000-00-00 00:00:00') || ($raw_date == '') ) return FALSE;
$year = intval(substr($raw_date, 0, 4));
$month = intval(substr($raw_date, 5, 2));
$day = intval(substr($raw_date, 8, 2));
$hour = intval(substr($raw_date, 11, 2));
$minute = intval(substr($raw_date, 14, 2));
$second = intval(substr($raw_date, 17, 2));
return strftime(DATE_FORMAT_LONG, mktime($hour,$minute,$second,$month,$day,$year));
}
/**
* Output a raw date string in the selected locale date format
* $raw_date needs to be in this format: YYYY-MM-DD HH:MM:SS
*
* @param $raw_date
* @return string
*/
function oos_date_short($raw_date) {
if ( ($raw_date == '0000-00-00 00:00:00') || ($raw_date == '') ) return FALSE;
$year = substr($raw_date, 0, 4);
$month = intval(substr($raw_date, 5, 2));
$day = intval(substr($raw_date, 8, 2));
$hour = intval(substr($raw_date, 11, 2));
$minute = intval(substr($raw_date, 14, 2));
$second = intval(substr($raw_date, 17, 2));
if (@date('Y', mktime($hour, $minute, $second, $month, $day, $year)) == $year) {
return date(DATE_FORMAT, mktime($hour, $minute, $second, $month, $day, $year));
} else {
return preg_match('/2037' . '$/', $year, date(DATE_FORMAT, mktime($hour, $minute, $second, $month, $day, 2037)));
}
}
/**
* Return a local directory path (without trailing slash)
*
* @param $sPath
* @return string
*/
function oos_get_local_path($sPath) {
if (substr($sPath, -1) == '/') $sPath = substr($sPath, 0, -1);
return $sPath;
}
/**
* Return a product ID from a product ID with attributes
*
* @param $uprid
* @return string
*/
function oos_get_product_id($uprid) {
$pieces = explode('{', $uprid);
if (is_numeric($pieces[0])) {
return $pieces[0];
} else {
return FALSE;
}
}
function oos_is_not_null($value) {
if (is_array($value)) {
if (!empty($value)) {
return TRUE;
} else {
return FALSE;
}
} else {
if (($value != '') && (strtolower($value) != 'null') && (strlen(trim($value)) > 0)) {
return TRUE;
} else {
return FALSE;
}
}
}
function oos_empty($value) {
if (is_array($value)) {
if (sizeof($value) > 0) {
return FALSE;
} else {
return TRUE;
}
} else {
if ((strtolower($value) != 'null') && (strlen(trim($value)) > 0)) {
return FALSE;
} else {
return TRUE;
}
}
}
/**
* Return a random value
*
* @param $min
* @param $max
* @return string
*/
function oos_rand($min = null, $max = null) {
static $seeded;
if (!isset($seeded)) {
mt_srand((double)microtime()*1000000);
$seeded = TRUE;
}
if (isset($min) && isset($max)) {
if ($min >= $max) {
return $min;
} else {
return mt_rand($min, $max);
}
} else {
return mt_rand();
}
}
function oos_create_random_value($length, $type = 'mixed') {
if ( ($type != 'mixed') && ($type != 'chars') && ($type != 'digits')) return FALSE;
$rand_value = '';
while (strlen($rand_value) < $length) {
if ($type == 'digits') {
$char = oos_rand(0,9);
} else {
$char = chr(oos_rand(0,255));
}
if ($type == 'mixed') {
if (preg_match('!^[a-z0-9]$!', $char)) $rand_value .= $char;
} elseif ($type == 'chars') {
if (preg_match('!^[a-z]$!', $char)) $rand_value .= $char;
} elseif ($type == 'digits') {
if (preg_match('!^[0-9]$!', $char)) $rand_value .= $char;
}
}
return $rand_value;
}

141
msd2/myoos/includes/functions/function_input.php Normal file
View File

@ -0,0 +1,141 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
Id: pnAPI.php,v 1.41 2003/07/12 21:44:40 markwest Exp
----------------------------------------------------------------------
PostNuke Content Management System
Copyright (C) 2001 by the Post-Nuke Development Team.
http://www.postnuke.com/
----------------------------------------------------------------------
LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Original Author of file: Jim McDonald
Purpose of file: The PostNuke API
----------------------------------------------------------------------
/**
* security
*
* @link http://www.postnuke.com/
* @package security
* @version $Revision: 1.2 $ - changed by $Author: r23 $ on $Date: 2008/08/15 16:28:30 $
*/
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
/**
* Protects better diverse attempts of Cross-Site Scripting
* attacks, thanks to webmedic, Timax, larsneo.
*
* Lets validate the current php version and set globals
* accordingly.
* Do not change this value unless you know what you are
* doing you have been warned!
*/
function oos_secure_input() {
$aContents = oos_get_content();
# Cross-Site Scripting attack defense - Sent by larsneo
# some syntax checking against injected javascript
# extended by Neo
/**
* Lets now sanitize the GET vars
*/
if (count($_GET) > 0) {
foreach ($_GET as $secvalue) {
if (!is_array($secvalue)) {
if ((preg_match("/<[^>]*script*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/.*[[:space:]](or|and)[[:space:]].*(=|like).*/i", $secvalue)) ||
(preg_match("/<[^>]*object*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*iframe*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*applet*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*meta*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*style*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*form*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*window.*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*alert*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*img*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*document.*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*cookie*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/\"/i", $secvalue))
) {
oos_redirect(oos_href_link($aContents['home']));
}
}
}
}
/**
* Lets now sanitize the POST vars
*/
if (count($_POST) > 0) {
foreach ($_POST as $secvalue) {
if (!is_array($secvalue)) {
if ((preg_match("/<[^>]*script*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*object*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*iframe*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*applet*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*window.*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*alert*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*document.*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*cookie*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*meta*\"?[^>]*>/i", $secvalue))
) {
oos_redirect(oos_href_link($aContents['home']));
}
}
}
}
/**
* Lets now sanitize the COOKIE vars
*/
if (count($_COOKIE) > 0) {
foreach ($_COOKIE as $secvalue) {
if (!is_array($secvalue)) {
if ((preg_match("/<[^>]*script*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/.*[[:space:]](or|and)[[:space:]].*(=|like).*/i", $secvalue)) ||
(preg_match("/<[^>]*object*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*iframe*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*applet*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*meta*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*style*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*form*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*window.*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*alert*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*document.*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*cookie*\"?[^>]*>/i", $secvalue)) ||
(preg_match("/<[^>]*img*\"?[^>]*>/i", $secvalue))
) {
oos_redirect(oos_href_link($aContents['home']));
}
}
}
}
}

1345
msd2/myoos/includes/functions/function_kernel.php Normal file
View File

File diff suppressed because it is too large Load Diff

48
msd2/myoos/includes/functions/function_key_generate.php Normal file
View File

@ -0,0 +1,48 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: key_generate.php
----------------------------------------------------------------------
osCommerce Shipping Management Module
Copyright (c) 2002 - Oliver Baelde
http://www.francecontacts.com
dev@francecontacts.com
- eCommerce Solutions development and integration -
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2002 - 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
function RandomPassword( $passwordLength ) {
$newkey2 = "";
for ($index = 1; $index <= $passwordLength; $index++) {
// Pick random number between 1 and 62
$randomNumber = rand(1, 62);
// Select random character based on mapping.
if ($randomNumber < 11)
$newkey2 .= chr($randomNumber + 48 - 1); // [ 1,10] => [0,9]
elseif ($randomNumber < 37)
$newkey2 .= chr($randomNumber + 65 - 10); // [11,36] => [A,Z]
else
$newkey2 .= chr($randomNumber + 97 - 36); // [37,62] => [a,z]
}
return $newkey2;
}

54
msd2/myoos/includes/functions/function_listing.php Normal file
View File

@ -0,0 +1,54 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: general.php,v 1.212 2003/02/17 07:55:54 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/**
* listing
*
* @link https://www.oos-shop.de
* @package listing
* @version $Revision: 1.1 $ - changed by $Author: r23 $ on $Date: 2007/06/12 16:49:27 $
*/
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
/**
* Return table heading with sorting capabilities
*
* @param $sortby
* @param $colnum,
* @param $heading
* @return string
*/
function oos_create_sort_heading($sortby, $colnum, $heading) {
global $sContent, $aLang;
$sort_prefix = '';
$sort_suffix = '';
if ($sortby) {
$sort_prefix = '<a href="' . oos_href_link($sContent, oos_get_all_get_parameters(array('page', 'info', 'sort')) . 'page=1&amp;sort=' . $colnum . ($sortby == $colnum . 'a' ? 'd' : 'a')) . '" title="' . $aLang['text_sort_products'] . ($sortby == $colnum . 'd' || substr($sortby, 0, 1) != $colnum ? $aLang['text_ascendingly'] : $aLang['text_descendingly']) . $aLang['text_by'] . $heading . '">' ;
$sort_suffix = (substr($sortby, 0, 1) == $colnum ? (substr($sortby, 1, 1) == 'a' ? '+' : '-') : '') . '</a>';
}
return $sort_prefix . $heading . $sort_suffix;
}

305
msd2/myoos/includes/functions/function_output.php Normal file
View File

@ -0,0 +1,305 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: html_output.php,v 1.49 2003/02/11 01:31:02 hpdl
html_output.php 1498 2007-03-29 14:04:50Z hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/**
* html output
*
* @link https://www.oos-shop.de
* @package html output
* @version $Revision: 1.3 $ - changed by $Author: r23 $ on $Date: 2008/08/14 10:24:05 $
*/
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
/**
* The HTML href link wrapper function
*
* @param $modul
* @param $page
* @param $parameters
* @param $add_session_id
* @param $search_engine_safe
* @return string
*/
function oos_href_link($page = '', $parameters = '', $add_session_id = TRUE, $search_engine_safe = TRUE) {
global $session, $oEvent, $spider_flag;
$page = oos_output_string($page);
$link = OOS_HTTPS_SERVER . OOS_SHOP;
if (oos_is_not_null($parameters)) {
$link .= 'index.php?content=' . $page . '&amp;' . oos_output_string($parameters);
} else {
$link .= 'index.php?content=' . $page;
}
$separator = '&amp;';
while ( (substr($link, -5) == '&amp;') || (substr($link, -1) == '?') ) {
if (substr($link, -1) == '?') {
$link = substr($link, 0, -1);
} else {
$link = substr($link, 0, -5);
}
}
if (isset($_SESSION)) {
// Add the session ID when moving from HTTP and HTTPS servers or when SID is defined
if ($add_session_id == TRUE) {
$_sid = $session->getName() . '=' . $session->getId();
}
if ( $spider_flag === FALSE) $_sid = NULL;
}
if ( ($search_engine_safe == TRUE) && $oEvent->installed_plugin('sefu') ) {
$link = str_replace(array('?', '&amp;', '='), '/', $link);
$separator = '?';
$pos = strpos ($link, 'action');
if ($pos === FALSE) {
$url_rewrite = new url_rewrite;
$link = $url_rewrite->transform_uri($link);
}
}
if (isset($_sid)) {
$link .= $separator . oos_output_string($_sid);
}
return $link;
}
/**
* The HTML image wrapper function
*
* @param $src
* @param $title
* @param $width
* @param $height
* @param $parameters
* @return string
*/
function oos_image($src, $title = null, $width = 0, $height = 0, $parameters = null) {
if (empty($src) || ($src == OOS_IMAGES)) {
return FALSE;
}
$image = '<img class="img-fluid" src="' . oos_output_string($src) . '" border="0" alt="' . oos_output_string($title) . '"';
if (!empty($title)) {
$image .= ' title="' . oos_output_string($title) . '"';
}
if (!empty($parameters)) {
$image .= ' ' . oos_output_string($parameters);
}
$image .= ' />';
return $image;
}
/**
* Output a form input field
*
* @param $name
* @param $value
* @param $parameters
* @param $type
* @param $reinsert_value
* @return string
*/
function oos_draw_input_field($name, $value = '', $parameters = '', $type = 'text', $reinsert_value = TRUE) {
$field = '<input type="' . oos_output_string($type) . '" name="' . oos_output_string($name) . '"';
if ( ($reinsert_value == TRUE) && ( (isset($_GET[$name]) && is_string($_GET[$name])) || (isset($_POST[$name]) && is_string($_POST[$name])) ) ) {
if (isset($_GET[$name]) && is_string($_GET[$name])) {
$value = stripslashes($_GET[$name]);
} elseif (isset($_POST[$name]) && is_string($_POST[$name])) {
$value = stripslashes($_POST[$name]);
}
}
if (oos_is_not_null($value)) {
$field .= ' value="' . oos_output_string($value) . '"';
}
if (oos_is_not_null($parameters)) {
$field .= ' ' . $parameters;
}
$field .= ' />';
return $field;
}
/**
* Output a selection field - alias function for oos_draw_checkbox_field() and oos_draw_radio_field()
*
* @param $name
* @param $type
* @param $value
* @param $checked
* @param $parameters
* @return string
*/
function oos_draw_select_field($name, $type, $value = null, $checked = FALSE, $parameters = null)
{
$selection = '<input type="' . oos_output_string($type) . '" name="' . oos_output_string($name) . '"';
if (!empty( $value )) $selection .= ' value="' . oos_output_string($value) . '"';
if ( ($checked == TRUE) || (isset($_GET[$name]) && is_string($_GET[$name]) && (($_GET[$name] == 'on') || (stripslashes($_GET[$name]) == $value)))
|| (isset($_POST[$name]) && is_string($_POST[$name]) && (($_POST[$name] == 'on') || (stripslashes($_POST[$name]) == $value)))
) {
$selection .= ' checked="checked"';
}
if (!empty( $parameters ) && is_string( $parameters ) ) {
$selection .= ' ' . $parameters;
}
$selection .= ' />';
return $selection;
}
/**
* Output a form checkbox field
*
* @param $name
* @param $value
* @param $checked
* @param $parameters
*/
function oos_draw_checkbox_field($name, $value = '', $checked = FALSE, $parameters = '') {
return oos_draw_select_field($name, 'checkbox', $value, $checked, $parameters);
}
/**
* Output a form radio field
*
* @param $name
* @param $value
* @param $checked
* @param $parameters
*/
function oos_draw_radio_field($name, $value = '', $checked = FALSE, $parameters = '') {
return oos_draw_select_field($name, 'radio', $value, $checked, $parameters);
}
/**
* Output a form hidden field
*
* @param $name
* @param $value
* @param $parameters
*/
function oos_draw_hidden_field($name, $value = '', $parameters = '')
{
$field = '<input type="hidden" name="' . oos_output_string($name) . '"';
if (strlen($value) > 0) {
$field .= ' value="' . oos_output_string($value) . '"';
} elseif ( (isset($_GET[$name]) && is_string($_GET[$name])) || (isset($_POST[$name]) && is_string($_POST[$name])) ) {
if ( (isset($_GET[$name]) && is_string($_GET[$name])) ) {
$field .= ' value="' . oos_output_string(stripslashes($_GET[$name])) . '"';
} elseif ( (isset($_POST[$name]) && is_string($_POST[$name])) ) {
$field .= ' value="' . oos_output_string(stripslashes($_POST[$name])) . '"';
}
}
if (!empty($parameters)) {
$field .= ' ' . $parameters;
}
$field .= ' />';
return $field;
}
/**
* Output a form pull down menu
*
* @param $$name
* @param $values
* @param $default
* @param $parameters
* @param $required
*/
function oos_draw_pull_down_menu($name, $values, $default = null, $parameters = null, $required = FALSE)
{
$field = '<select name="' . oos_output_string($name) . '"';
if (!empty( $parameters ) && is_string( $parameters ) ) $field .= ' ' . $parameters;
$field .= '>';
if (empty($default) && ( (isset($_GET[$name]) && is_string($_GET[$name])) || (isset($_POST[$name]) && is_string($_POST[$name])) ) ) {
if (isset($_GET[$name]) && is_string($_GET[$name])) {
$default = stripslashes($_GET[$name]);
} elseif (isset($_POST[$name]) && is_string($_POST[$name])) {
$default = stripslashes($_POST[$name]);
}
}
for ($i=0, $n=count($values); $i<$n; $i++) {
$field .= '<option value="' . oos_output_string($values[$i]['id']) . '"';
if ($default == $values[$i]['id']) {
$field .= ' selected="selected"';
}
$field .= '>' . oos_output_string($values[$i]['text']) . '</option>';
}
$field .= '</select>';
if ($required == TRUE) $field .= TEXT_FIELD_REQUIRED;
return $field;
}

63
msd2/myoos/includes/functions/function_password.php Normal file
View File

@ -0,0 +1,63 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: password_funcs.php,v 1.10 2003/02/11 01:31:02 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
/**
* This funstion validates a plain text password with an
* encrpyted password
*
* @param $sPlain
* @param $sEncrypted
* @return boolean
*/
function oos_validate_password($sPlain, $sEncrypted) {
if (oos_is_not_null($sPlain) && oos_is_not_null($sEncrypted)) {
if (!class_exists('PasswordHash')) {
require_once MYOOS_INCLUDE_PATH . '/includes/lib/phpass/PasswordHash.php';
}
$oHasher = new PasswordHash( 8, TRUE );
return $oHasher->CheckPassword($sPlain, $sEncrypted);
}
return FALSE;
}
/**
* This function makes a new password from a plaintext password.
*
* @param $sPlain
* @return string
*/
function oos_encrypt_password($sPlain) {
if (!class_exists('PasswordHash')) {
require_once MYOOS_INCLUDE_PATH . '/includes/lib/phpass/PasswordHash.php';
}
$oHasher = new PasswordHash( 8, TRUE );
return $oHasher->HashPassword($sPlain);
}

347
msd2/myoos/includes/functions/function_search.php Normal file
View File

@ -0,0 +1,347 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: general.php,v 1.212 2003/02/17 07:55:54 hpdl
----------------------------------------------------------------------
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2003 osCommerce
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
/**
* Return all subcategory IDs
*
* @param $aSubcategories
* @param $nParentId
*/
function oos_get_subcategories(&$aSubcategories, $nParentId = 0) {
// Get database information
$dbconn =& oosDBGetConn();
$oostable =& oosDBGetTables();
$categoriestable = $oostable['categories'];
$query = "SELECT categories_id
FROM $categoriestable
WHERE parent_id = '" . intval($nParentId) . "'";
$result = $dbconn->Execute($query);
while ($subcategories = $result->fields) {
$aSubcategories[count($aSubcategories)] = $subcategories['categories_id'];
if ($subcategories['categories_id'] != $nParentId) {
oos_get_subcategories($aSubcategories, $subcategories['categories_id']);
}
// Move that ADOdb pointer!
$result->MoveNext();
}
}
/**
* Parse search string into indivual objects
*
* @param $search_str
* @return boolean
*/
function oos_parse_search_string($sSearch = '', &$objects) {
$sSearch = trim(strtolower($sSearch));
// Break up $sSearch on whitespace; quoted string will be reconstructed later
$pieces = preg_split('/[[:space:]]+/', $sSearch);
$objects = array();
$tmpstring = '';
$flag = '';
for ($k=0; $k<count($pieces); $k++) {
while (substr($pieces[$k], 0, 1) == '(') {
$objects[] = '(';
if (strlen($pieces[$k]) > 1) {
$pieces[$k] = substr($pieces[$k], 1);
} else {
$pieces[$k] = '';
}
}
$post_objects = array();
while (substr($pieces[$k], -1) == ')') {
$post_objects[] = ')';
if (strlen($pieces[$k]) > 1) {
$pieces[$k] = substr($pieces[$k], 0, -1);
} else {
$pieces[$k] = '';
}
}
// Check individual words
if ( (substr($pieces[$k], -1) != '"') && (substr($pieces[$k], 0, 1) != '"') ) {
$objects[] = trim($pieces[$k]);
for ($j=0; $j<count($post_objects); $j++) {
$objects[] = $post_objects[$j];
}
} else {
/*
This means that the $piece is either the beginning or the end of a string.
So, we'll slurp up the $pieces and stick them together until we get to the
end of the string or run out of pieces.
*/
// Add this word to the $tmpstring, starting the $tmpstring
$tmpstring = trim(preg_match('/"/', ' ', $pieces[$k]));
// Check for one possible exception to the rule. That there is a single quoted word.
if (substr($pieces[$k], -1 ) == '"') {
// Turn the flag off for future iterations
$flag = 'off';
$objects[] = trim($pieces[$k]);
for ($j=0; $j<count($post_objects); $j++) {
$objects[] = $post_objects[$j];
}
unset($tmpstring);
// Stop looking for the end of the string and move onto the next word.
continue;
}
// Otherwise, turn on the flag to indicate no quotes have been found attached to this word in the string.
$flag = 'on';
// Move on to the next word
$k++;
// Keep reading until the end of the string as long as the $flag is on
while ( ($flag == 'on') && ($k < count($pieces)) ) {
while (substr($pieces[$k], -1) == ')') {
$post_objects[] = ')';
if (strlen($pieces[$k]) > 1) {
$pieces[$k] = substr($pieces[$k], 0, -1);
} else {
$pieces[$k] = '';
}
}
// If the word doesn't end in double quotes, append it to the $tmpstring.
if (substr($pieces[$k], -1) != '"') {
// Tack this word onto the current string entity
$tmpstring .= ' ' . $pieces[$k];
// Move on to the next word
$k++;
continue;
} else {
/*
If the $piece ends in double quotes, strip the double quotes, tack the
$piece onto the tail of the string, push the $tmpstring onto the $haves,
kill the $tmpstring, turn the $flag "off", and return.
*/
$sTmp = preg_replace('/"/', ' ', $pieces[$k]);
$tmpstring .= ' ' . trim($sTmp);
// Push the $tmpstring onto the array of stuff to search for
$objects[] = trim($tmpstring);
for ($j=0; $j<count($post_objects); $j++) {
$objects[] = $post_objects[$j];
}
unset($tmpstring);
// Turn off the flag to exit the loop
$flag = 'off';
}
}
}
}
// add default logical operators if needed
$temp = array();
for($i=0; $i<(count($objects)-1); $i++) {
$temp[count($temp)] = $objects[$i];
if ( ($objects[$i] != 'and') &&
($objects[$i] != 'or') &&
($objects[$i] != '(') &&
($objects[$i] != ')') &&
($objects[$i+1] != 'and') &&
($objects[$i+1] != 'or') &&
($objects[$i+1] != '(') &&
($objects[$i+1] != ')') ) {
$temp[count($temp)] = ADVANCED_SEARCH_DEFAULT_OPERATOR;
}
}
$temp[count($temp)] = $objects[$i];
$objects = $temp;
$keyword_count = 0;
$operator_count = 0;
$balance = 0;
for($i=0; $i<count($objects); $i++) {
if ($objects[$i] == '(') $balance --;
if ($objects[$i] == ')') $balance ++;
if ( ($objects[$i] == 'and') || ($objects[$i] == 'or') ) {
$operator_count ++;
} elseif ( ($objects[$i]) && ($objects[$i] != '(') && ($objects[$i] != ')') ) {
$keyword_count ++;
}
}
if ( ($operator_count < $keyword_count) && ($balance == 0) ) {
return TRUE;
} else {
return FALSE;
}
}
/**
* Check date
*
* @param $date_to_check
* @param $format_string
* @param $date_array
* @return boolean
*/
function oos_checkdate($date_to_check, $format_string, &$date_array) {
$separator_idx = -1;
$separators = array('-', ' ', '/', '.');
$month_abbr = array('jan','feb','mar','apr','may','jun','jul','aug','sep','oct','nov','dec');
$no_of_days = array(31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31);
$format_string = strtolower($format_string);
if (strlen($date_to_check) != strlen($format_string)) {
return FALSE;
}
$size = count($separators);
for ($i=0; $i<$size; $i++) {
$pos_separator = strpos($date_to_check, $separators[$i]);
if ($pos_separator != FALSE) {
$date_separator_idx = $i;
break;
}
}
for ($i=0; $i<$size; $i++) {
$pos_separator = strpos($format_string, $separators[$i]);
if ($pos_separator != FALSE) {
$format_separator_idx = $i;
break;
}
}
if ($date_separator_idx != $format_separator_idx) {
return FALSE;
}
if ($date_separator_idx != -1) {
$format_string_array = explode( $separators[$date_separator_idx], $format_string );
if (count($format_string_array) != 3) {
return FALSE;
}
$date_to_check_array = explode( $separators[$date_separator_idx], $date_to_check );
if (count($date_to_check_array) != 3) {
return FALSE;
}
$size = count($format_string_array);
for ($i=0; $i<$size; $i++) {
if ($format_string_array[$i] == 'mm' || $format_string_array[$i] == 'mmm') $month = $date_to_check_array[$i];
if ($format_string_array[$i] == 'dd') $day = $date_to_check_array[$i];
if ( ($format_string_array[$i] == 'yyyy') || ($format_string_array[$i] == 'aaaa') ) $year = $date_to_check_array[$i];
}
} else {
if (strlen($format_string) == 8 || strlen($format_string) == 9) {
$pos_month = strpos($format_string, 'mmm');
if ($pos_month != FALSE) {
$month = substr( $date_to_check, $pos_month, 3 );
$size = count($month_abbr);
for ($i=0; $i<$size; $i++) {
if ($month == $month_abbr[$i]) {
$month = $i;
break;
}
}
} else {
$month = substr($date_to_check, strpos($format_string, 'mm'), 2);
}
} else {
return FALSE;
}
$day = substr($date_to_check, strpos($format_string, 'dd'), 2);
$year = substr($date_to_check, strpos($format_string, 'yyyy'), 4);
}
if (strlen($year) != 4) {
return FALSE;
}
if (!settype($year, 'integer') || !settype($month, 'integer') || !settype($day, 'integer')) {
return FALSE;
}
if ($month > 12 || $month < 1) {
return FALSE;
}
if ($day < 1) {
return FALSE;
}
if (oos_is_leap_year($year)) {
$no_of_days[1] = 29;
}
if ($day > $no_of_days[$month - 1]) {
return FALSE;
}
$date_array = array($year, $month, $day);
return TRUE;
}
/**
* Check if year is a leap year
*
* @param $year
* @return boolean
*/
function oos_is_leap_year($year) {
if ($year % 100 == 0) {
if ($year % 400 == 0) return TRUE;
} else {
if (($year % 4) == 0) return TRUE;
}
return FALSE;
}

239
msd2/myoos/includes/functions/function_server.php Normal file
View File

@ -0,0 +1,239 @@
<?php
/* ----------------------------------------------------------------------
MyOOS [Shopsystem]
https://www.oos-shop.de
Copyright (c) 2003 - 2019 by the MyOOS Development Team.
----------------------------------------------------------------------
Based on:
File: xarServer.php 1.62 03/10/28 19:11:18+01:00 mikespub
----------------------------------------------------------------------
Released under the GNU General Public License
---------------------------------------------------------------------- */
/**
* HTTP Protocol Server/Request/Response utilities
*
* @package server
* @copyright (C) 2002 by the Xaraya Development Team.
* @license GPL <http://www.gnu.org/licenses/gpl.html>
* @link http://www.xaraya.com
* @author Marco Canini <marco@xaraya.com>
*/
/** ensure this file is being included by a parent file */
defined( 'OOS_VALID_MOD' ) OR die( 'Direct Access to this location is not allowed.' );
/**
* Gets a server variable
*
* Returns the value of $name server variable.
* Accepted values for $name are exactly the ones described by the
* {@link http://www.php.net/manual/en/reserved.variables.html#reserved.variables.server PHP manual}.
* If the server variable doesn't exist void is returned.
*
* Last Editor: Author: r23
* @author Marco Canini <marco@xaraya.com>, Michel Dalle
* @access public
* @param name string the name of the variable
* @return mixed value of the variable
*/
function oos_server_get_var($sKey) {
if (isset($_SERVER[$sKey])) {
return $_SERVER[$sKey];
}
if (isset($_ENV[$sKey])) {
return $_ENV[$sKey];
}
if ($val = getenv($sKey)) {
return $val;
}
return; // we found nothing here
}
/**
* Has a server variable
*
* @author r23 <info@r23.de>
* @access public
* @param string
* @return mixed
*/
function oos_server_has_var($sKey) {
if (isset($_SERVER[$sKey])) {
return TRUE;
}
return (bool)getenv($sKey);
}
/**
* Gets the host name
*
* Returns the server host name fetched from HTTP headers when possible.
* The host name is in the canonical form (host + : + port) when the port is different than 80.
*
* Last Editor: Author: r23
* @author Marco Canini <marco@xaraya.com>
* @access public
* @return string HTTP host name
*/
function oos_server_get_host() {
$sServer = oos_server_get_var('HTTP_HOST');
if (empty($sServer)) {
// HTTP_HOST is reliable only for HTTP 1.1
$sServer = oos_server_get_var('SERVER_NAME');
$port = oos_server_get_var('SERVER_PORT');
if ($port != '80') $sServer .= ":$port";
}
return $sServer;
}
/**
* Gets the current protocol
*
* Returns the HTTP protocol used by current connection, it could be 'http' or 'https'.
*
* Last Editor: Author: r23
* @author Marco Canini <marco@xaraya.com>
* @access public
* @return string current HTTP protocol
*/
function oos_server_get_protocol() {
$sProtocol = 'http';
if (strtolower(oos_server_has_var('HTTPS')) == 'on'
|| oos_server_has_var('SSL_PROTOCOL')) {
$sProtocol = 'https';
}
return $sProtocol . '://';
}
/**
* Get base URI for oos
*
* @access public
* @return string base URI for oos
*/
function oos_server_get_base_uri() {
// Get the name of this URI
$sPath = oos_server_get_var('REQUEST_URI');
if (empty($sPath)) {
// REQUEST_URI was empty or pointed to a path
// adapted patch from Chris van de Steeg for IIS
// Try SCRIPT_NAME
$sPath = oos_server_get_var('SCRIPT_NAME');
if (empty($sPath)) {
// No luck there either
// Try looking at PATH_INFO
$sPath = oos_server_get_var('PATH_INFO');
}
}
$sPath = preg_replace('/[#\?].*/', '', $sPath);
$sPath = preg_replace('/\.php\/.*$/', '', $sPath);
if (substr($sPath, -1, 1) == '/') {
$sPath .= 'dummy';
}
$sPath = dirname($sPath);
if (preg_match('!^[/\\\]*$!', $sPath)) {
$sPath = '';
}
return $sPath;
}
/**
* get base URL for OOS
*
* @access public
* @return string base URL for OOS
*/
function oos_server_get_base_url() {
static $sBaseurl = null;
if (isset($sBaseurl)) return $sBaseurl;
$sServer = oos_server_get_host();
$sProtocol = oos_server_get_protocol();
$sPath = oos_server_get_base_uri();
$sBaseurl = trim($sProtocol . $sServer . $sPath . '/');
return $sBaseurl;
}
/**
* get top level domain
*
* @copyright (C) 2003 by osCommerce.
* @license GPL <http://www.gnu.org/licenses/gpl.html>
* @link http://www.oscommerce.com
* @access public
* @param $sUrl
* @return mixed
*/
function oos_server_get_top_level_domain($sUrl) {
if (strpos($sUrl, '://')) {
$sUrl = parse_url($sUrl);
$sUrl = $sUrl['host'];
}
$aDomain = explode('.', $sUrl);
$nDomainSize = count($aDomain);
if ($nDomainSize > 1) {
if (is_numeric($aDomain[$nDomainSize-2]) && is_numeric($aDomain[$nDomainSize-1])) {
return FALSE;
} else {
return $aDomain[$nDomainSize-2] . '.' . $aDomain[$nDomainSize-1];
}
} else {
return FALSE;
}
}
/**
* get client ip
*
* @copyright (C) 2003 by osCommerce.
* @license GPL <http://www.gnu.org/licenses/gpl.html>
* @link http://www.oscommerce.com
* @access public
* @return string client ip
*/
function oos_server_get_remote() {
if (isset($_SERVER)) {
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
} else {
if (getenv('HTTP_X_FORWARDED_FOR')) {
$ip = getenv('HTTP_X_FORWARDED_FOR');
} elseif (getenv('HTTP_CLIENT_IP')) {
$ip = getenv('HTTP_CLIENT_IP');
} else {
$ip = getenv('REMOTE_ADDR');
}
}
return $ip;
}

Some files were not shown because too many files have changed in this diff Show More